5 # HUAWEICLOUD_DomainName
7 iam_api
="https://iam.myhuaweicloud.com"
8 dns_api
="https://dns.ap-southeast-1.myhuaweicloud.com" # Should work
10 ######## Public functions #####################
12 # Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
13 # Used to add txt record
15 # Ref: https://support.huaweicloud.com/intl/zh-cn/api-dns/zh-cn_topic_0132421999.html
17 # About "DomainName" parameters see: https://support.huaweicloud.com/api-iam/iam_01_0006.html
20 dns_huaweicloud_add
() {
24 HUAWEICLOUD_Username
="${HUAWEICLOUD_Username:-$(_readaccountconf_mutable HUAWEICLOUD_Username)}"
25 HUAWEICLOUD_Password
="${HUAWEICLOUD_Password:-$(_readaccountconf_mutable HUAWEICLOUD_Password)}"
26 HUAWEICLOUD_DomainName
="${HUAWEICLOUD_DomainName:-$(_readaccountconf_mutable HUAWEICLOUD_Username)}"
29 if [ -z "${HUAWEICLOUD_Username}" ] || [ -z "${HUAWEICLOUD_Password}" ] || [ -z "${HUAWEICLOUD_DomainName}" ]; then
30 _err
"Not enough information provided to dns_huaweicloud!"
34 unset token
# Clear token
35 token
="$(_get_token "${HUAWEICLOUD_Username}" "${HUAWEICLOUD_Password}" "${HUAWEICLOUD_DomainName}")"
36 if [ -z "${token}" ]; then # Check token
37 _err
"dns_api(dns_huaweicloud): Error getting token."
40 _secure_debug
"Access token is:" "${token}"
43 zoneid
="$(_get_zoneid "${token}" "${fulldomain}")"
44 if [ -z "${zoneid}" ]; then
45 _err
"dns_api(dns_huaweicloud): Error getting zone id."
48 _debug
"Zone ID is:" "${zoneid}"
50 _debug
"Adding Record"
51 _add_record
"${token}" "${fulldomain}" "${txtvalue}"
53 if [ "${ret}" != "0" ]; then
54 _err
"dns_api(dns_huaweicloud): Error adding record."
58 # Do saving work if all succeeded
59 _saveaccountconf_mutable HUAWEICLOUD_Username
"${HUAWEICLOUD_Username}"
60 _saveaccountconf_mutable HUAWEICLOUD_Password
"${HUAWEICLOUD_Password}"
61 _saveaccountconf_mutable HUAWEICLOUD_DomainName
"${HUAWEICLOUD_DomainName}"
65 # Usage: fulldomain txtvalue
66 # Used to remove the txt record after validation
68 # Ref: https://support.huaweicloud.com/intl/zh-cn/api-dns/dns_api_64005.html
71 dns_huaweicloud_rm
() {
75 HUAWEICLOUD_Username
="${HUAWEICLOUD_Username:-$(_readaccountconf_mutable HUAWEICLOUD_Username)}"
76 HUAWEICLOUD_Password
="${HUAWEICLOUD_Password:-$(_readaccountconf_mutable HUAWEICLOUD_Password)}"
77 HUAWEICLOUD_DomainName
="${HUAWEICLOUD_DomainName:-$(_readaccountconf_mutable HUAWEICLOUD_Username)}"
80 if [ -z "${HUAWEICLOUD_Username}" ] || [ -z "${HUAWEICLOUD_Password}" ] || [ -z "${HUAWEICLOUD_DomainName}" ]; then
81 _err
"Not enough information provided to dns_huaweicloud!"
85 unset token
# Clear token
86 token
="$(_get_token "${HUAWEICLOUD_Username}" "${HUAWEICLOUD_Password}" "${HUAWEICLOUD_DomainName}")"
87 if [ -z "${token}" ]; then # Check token
88 _err
"dns_api(dns_huaweicloud): Error getting token."
91 _secure_debug
"Access token is:" "${token}"
94 zoneid
="$(_get_zoneid "${token}" "${fulldomain}")"
95 if [ -z "${zoneid}" ]; then
96 _err
"dns_api(dns_huaweicloud): Error getting zone id."
99 _debug
"Zone ID is:" "${zoneid}"
101 record_id
="$(_get_recordset_id "${token}" "${fulldomain}" "${zoneid}")"
102 _recursive_rm_record
"${token}" "${fulldomain}" "${zoneid}" "${record_id}"
104 if [ "${ret}" != "0" ]; then
105 _err
"dns_api(dns_huaweicloud): Error removing record."
112 ################### Private functions below ##################################
115 # _recursive_rm_record
116 # remove all records from the record set
123 # Returns 0 on success
124 _recursive_rm_record
() {
130 # Most likely to have problems will huaweicloud side if more than 50 attempts but still cannot fully remove the record set
131 # Maybe can be removed manually in the dashboard
135 # Therotically HuaweiCloud does not allow more than one record set
136 # But remove them recurringly to increase robusty
138 while [ "${_record_id}" != "0" ] && [ "${_retry_cnt}" != "0" ]; do
139 _debug
"Removing Record"
140 _retry_cnt
=$
((_retry_cnt
- 1))
141 _rm_record
"${_token}" "${_zoneid}" "${_record_id}"
142 _record_id
="$(_get_recordset_id "${_token}" "${_domain}" "${_zoneid}")"
143 _debug2
"Checking record exists: record_id=${_record_id}"
146 # Check if retry count is reached
147 if [ "${_retry_cnt}" = "0" ]; then
148 _debug
"Failed to remove record after 50 attempts, please try removing it manually in the dashboard"
160 # printf "%s" "${_zoneid}"
164 export _H1
="X-Auth-Token: ${_token}"
168 h
=$
(printf "%s" "${_domain_string}" | cut
-d .
-f "$i"-100)
174 response
=$
(_get
"${dns_api}/v2/zones?name=${h}")
176 if _contains
"${response}" '"id"'; then
177 zoneidlist
=$
(echo "${response}" | _egrep_o
"\"id\": *\"[^\"]*\"" | cut
-d : -f 2 |
tr -d \" |
tr -d " ")
178 zonenamelist
=$
(echo "${response}" | _egrep_o
"\"name\": *\"[^\"]*\"" | cut
-d : -f 2 |
tr -d \" |
tr -d " ")
179 _debug2
"Return Zone ID(s):" "${zoneidlist}"
180 _debug2
"Return Zone Name(s):" "${zonenamelist}"
182 zoneidcount
=$
(echo "${zoneidlist}" |
grep -c '^')
183 _debug
"Retund Zone ID(s) Count:" "${zoneidcount}"
184 while [ "${zoneidnum}" -lt "${zoneidcount}" ]; do
185 zoneidnum
=$
(_math
"$zoneidnum" + 1)
186 _zoneid
=$
(echo "${zoneidlist}" |
sed -n "${zoneidnum}p")
187 zonename
=$
(echo "${zonenamelist}" |
sed -n "${zoneidnum}p")
188 _debug
"Check Zone Name" "${zonename}"
189 if [ "${zonename}" = "${h}." ]; then
190 _debug
"Get Zone ID Success."
191 _debug
"ZoneID:" "${_zoneid}"
192 printf "%s" "${_zoneid}"
202 _get_recordset_id
() {
206 export _H1
="X-Auth-Token: ${_token}"
208 response
=$
(_get
"${dns_api}/v2/zones/${_zoneid}/recordsets?name=${_domain}")
209 if _contains
"${response}" '"id"'; then
210 _id
="$(echo "${response}" | _egrep_o "\"id
\": *\"[^
\"]*\"" | cut -d : -f 2 | tr -d \" | tr -d " ")"
223 # Get Existing Records
224 export _H1
="X-Auth-Token: ${_token}"
225 response
=$
(_get
"${dns_api}/v2/zones/${zoneid}/recordsets?name=${_domain}")
227 _debug2
"${response}"
228 _exist_record
=$
(echo "${response}" | _egrep_o
'"records":[^]]*' |
sed 's/\"records\"\:\[//g')
229 _debug
"${_exist_record}"
231 # Check if record exist
233 if [ -z "${_exist_record}" ]; then
235 \"name\": \"${_domain}.\",
236 \"description\": \"ACME Challenge\",
240 \"\\\"${_txtvalue}\\\"\"
245 \"name\": \"${_domain}.\",
246 \"description\": \"ACME Challenge\",
251 \"\\\"${_txtvalue}\\\"\"
256 _record_id
="$(_get_recordset_id "${_token}" "${_domain}" "${zoneid}")"
257 _debug
"Record Set ID is:" "${_record_id}"
260 _recursive_rm_record
"${token}" "${_domain}" "${_zoneid}" "${_record_id}"
262 if [ "${ret}" != "0" ]; then
266 # Add brand new records with all old and new records
267 export _H2
="Content-Type: application/json"
268 export _H1
="X-Auth-Token: ${_token}"
270 _debug2
"${_post_body}"
271 _post
"${_post_body}" "${dns_api}/v2/zones/${zoneid}/recordsets" >/dev
/null
272 _code
="$(grep "^HTTP
" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\\r
\\n
")"
273 if [ "$_code" != "202" ]; then
274 _err
"dns_huaweicloud: http code ${_code}"
280 # _rm_record $token $zoneid $recordid
281 # assume ${dns_api} exist
289 export _H2
="Content-Type: application/json"
290 export _H1
="X-Auth-Token: ${_token}"
292 _post
"" "${dns_api}/v2/zones/${_zone_id}/recordsets/${_record_id}" false
"DELETE" >/dev
/null
301 _debug
"Getting Token"
310 \"name\": \"${_username}\",
311 \"password\": \"${_password}\",
313 \"name\": \"${_domain_name}\"
320 \"name\": \"ap-southeast-1\"
325 export _H1
="Content-Type: application/json;charset=utf8"
326 _post
"${body}" "${iam_api}/v3/auth/tokens" >/dev
/null
327 _code
=$
(grep "^HTTP" "$HTTP_HEADER" | _tail_n
1 | cut
-d " " -f 2 |
tr -d "\\r\\n")
328 _token
=$
(grep "^X-Subject-Token" "$HTTP_HEADER" | cut
-d " " -f 2-)
329 _secure_debug
"${_code}"
330 printf "%s" "${_token}"