]> git.proxmox.com Git - mirror_acme.sh.git/blob - dnsapi/dns_huaweicloud.sh
projects / mirror_acme.sh.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
fix: fix adding record before removing
[mirror_acme.sh.git] / dnsapi / dns_huaweicloud.sh
1 #!/usr/bin/env sh
2
3 # HUAWEICLOUD_Username
4 # HUAWEICLOUD_Password
5 # HUAWEICLOUD_ProjectID
6
7 iam_api="https://iam.myhuaweicloud.com"
8 dns_api="https://dns.ap-southeast-1.myhuaweicloud.com"
9
10 ######## Public functions #####################
11
12 # Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
13 # Used to add txt record
14 #
15 # Ref: https://support.huaweicloud.com/intl/zh-cn/api-dns/zh-cn_topic_0132421999.html
16 #
17
18 dns_huaweicloud_add() {
19 fulldomain=$1
20 txtvalue=$2
21
22 HUAWEICLOUD_Username="${HUAWEICLOUD_Username:-$(_readaccountconf_mutable HUAWEICLOUD_Username)}"
23 HUAWEICLOUD_Password="${HUAWEICLOUD_Password:-$(_readaccountconf_mutable HUAWEICLOUD_Password)}"
24 HUAWEICLOUD_ProjectID="${HUAWEICLOUD_ProjectID:-$(_readaccountconf_mutable HUAWEICLOUD_ProjectID)}"
25
26 if [ -z "${HUAWEICLOUD_Username}" ] || [ -z "${HUAWEICLOUD_Username}" ] || [ -z "${HUAWEICLOUD_Username}" ]; then
27 _err "Not enough info provided to dns_huaweicloud!"
28 return 1
29 fi
30
31 token="$(_get_token "${HUAWEICLOUD_Username}" "${HUAWEICLOUD_Password}" "${HUAWEICLOUD_ProjectID}")"
32 _debug2 "${token}"
33 zoneid="$(_get_zoneid "${token}" "${fulldomain}")"
34 _debug "${zoneid}"
35
36 _debug "Adding Record"
37 _add_record "${token}" "${fulldomain}" "${txtvalue}"
38 ret="$?"
39 if [ "${ret}" != "0" ]; then
40 _err "dns_huaweicloud: Error adding record."
41 return 1
42 fi
43
44 # Do saving work if all succeeded
45 _saveaccountconf_mutable HUAWEICLOUD_Username "${HUAWEICLOUD_Username}"
46 _saveaccountconf_mutable HUAWEICLOUD_Password "${HUAWEICLOUD_Password}"
47 _saveaccountconf_mutable HUAWEICLOUD_ProjectID "${HUAWEICLOUD_ProjectID}"
48 return 0
49 }
50
51 # Usage: fulldomain txtvalue
52 # Used to remove the txt record after validation
53 #
54 # Ref: https://support.huaweicloud.com/intl/zh-cn/api-dns/dns_api_64005.html
55 #
56
57 dns_huaweicloud_rm() {
58 fulldomain=$1
59 txtvalue=$2
60
61 HUAWEICLOUD_Username="${HUAWEICLOUD_Username:-$(_readaccountconf_mutable HUAWEICLOUD_Username)}"
62 HUAWEICLOUD_Password="${HUAWEICLOUD_Password:-$(_readaccountconf_mutable HUAWEICLOUD_Password)}"
63 HUAWEICLOUD_ProjectID="${HUAWEICLOUD_ProjectID:-$(_readaccountconf_mutable HUAWEICLOUD_ProjectID)}"
64
65 if [ -z "${HUAWEICLOUD_Username}" ] || [ -z "${HUAWEICLOUD_Username}" ] || [ -z "${HUAWEICLOUD_Username}" ]; then
66 _err "Please provide enough information"
67 return 1
68 fi
69
70 token="$(_get_token "${HUAWEICLOUD_Username}" "${HUAWEICLOUD_Password}" "${HUAWEICLOUD_ProjectID}")"
71 _debug2 "${token}"
72 zoneid="$(_get_zoneid "${token}" "${fulldomain}")"
73 _debug "${zoneid}"
74 record_id="$(_get_recordset_id "${token}" "${fulldomain}" "${zoneid}")"
75 _debug "Record Set ID is: ${record_id}"
76
77 # Remove all records
78 while [ "${record_id}" != "0" ]; do
79 _debug "Removing Record"
80 _rm_record "${token}" "${zoneid}" "${record_id}"
81 record_id="$(_get_recordset_id "${token}" "${fulldomain}" "${zoneid}")"
82 done
83 return 0
84 }
85
86 ################### Private functions below ##################################
87
88 # _get_zoneid
89 #
90 # _token=$1
91 # _domain_string=$2
92 #
93 # printf "%s" "${_zoneid}"
94 _get_zoneid() {
95 _token=$1
96 _domain_string=$2
97 export _H1="X-Auth-Token: ${_token}"
98
99 i=1
100 while true; do
101 h=$(printf "%s" "${_domain_string}" | cut -d . -f $i-100)
102 if [ -z "$h" ]; then
103 #not valid
104 return 1
105 fi
106 _debug "$h"
107 response=$(_get "${dns_api}/v2/zones?name=${h}")
108
109 if _contains "${response}" "id"; then
110 _debug "Get Zone ID Success."
111 _zoneid=$(echo "${response}" | _egrep_o "\"id\": *\"[^\"]*\"" | cut -d : -f 2 | tr -d \" | tr -d " ")
112 printf "%s" "${_zoneid}"
113 return 0
114 fi
115
116 i=$(_math "$i" + 1)
117 done
118 return 1
119 }
120
121 _get_recordset_id() {
122 _token=$1
123 _domain=$2
124 _zoneid=$3
125 export _H1="X-Auth-Token: ${_token}"
126
127 response=$(_get "${dns_api}/v2/zones/${_zoneid}/recordsets?name=${_domain}")
128 if _contains "${response}" "id"; then
129 _id="$(echo "${response}" | _egrep_o "\"id\": *\"[^\"]*\"" | cut -d : -f 2 | tr -d \" | tr -d " ")"
130 printf "%s" "${_id}"
131 return 0
132 fi
133 printf "%s" "0"
134 return 1
135 }
136
137 _add_record() {
138 _token=$1
139 _domain=$2
140 _txtvalue=$3
141
142 # Get Existing Records
143 export _H1="X-Auth-Token: ${_token}"
144 response=$(_get "${dns_api}/v2/zones/${zoneid}/recordsets?name=${_domain}")
145
146 _debug "${response}"
147 _exist_record=$(echo "${response}" | sed ':a;N;$!ba;s/\n/ /g' | grep -o '"records":[^]]*' | sed 's/\"records\"\:\[//g')
148 _debug "${_exist_record}"
149
150 # Check if record exist
151 # Generate body data
152 _post_body="{
153 \"name\": \"${_domain}.\",
154 \"description\": \"ACME Challenge\",
155 \"type\": \"TXT\",
156 \"ttl\": 1,
157 \"records\": [
158 ${_exist_record},
159 \"\\\"${_txtvalue}\\\"\"
160 ]
161 }"
162 if [ -z "${_exist_record}" ]; then
163 _post_body="{
164 \"name\": \"${_domain}.\",
165 \"description\": \"ACME Challenge\",
166 \"type\": \"TXT\",
167 \"ttl\": 1,
168 \"records\": [
169 \"\\\"${_txtvalue}\\\"\"
170 ]
171 }"
172 fi
173
174 _record_id="$(_get_recordset_id "${_token}" "${_domain}" "${zoneid}")"
175 _debug "Record Set ID is: ${_record_id}"
176
177 # Remove all records
178 while [ "${_record_id}" != "0" ]; do
179 _debug "Removing Record"
180 _rm_record "${_token}" "${zoneid}" "${_record_id}"
181 _record_id="$(_get_recordset_id "${_token}" "${_domain}" "${zoneid}")"
182 _debug "${_record_id}"
183 done
184
185 # Add brand new records with all old and new records
186 export _H2="Content-Type: application/json"
187 export _H1="X-Auth-Token: ${_token}"
188
189 _debug "${_post_body}"
190 sleep 2
191 _post "${_post_body}" "${dns_api}/v2/zones/${zoneid}/recordsets" >/dev/null
192 _code="$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\\r\\n")"
193 if [ "$_code" != "202" ]; then
194 _err "dns_huaweicloud: http code ${_code}"
195 sleep 60
196 return 1
197 fi
198 return 0
199 }
200
201 # _rm_record $token $zoneid $recordid
202 # assume ${dns_api} exist
203 # no output
204 # return 0
205 _rm_record() {
206 _token=$1
207 _zone_id=$2
208 _record_id=$3
209
210 export _H2="Content-Type: application/json"
211 export _H1="X-Auth-Token: ${_token}"
212
213 _post "" "${dns_api}/v2/zones/${_zone_id}/recordsets/${_record_id}" false "DELETE" >/dev/null
214 return $?
215 }
216
217 _get_token() {
218 _username=$1
219 _password=$2
220 _project=$3
221
222 _debug "Getting Token"
223 body="{
224 \"auth\": {
225 \"identity\": {
226 \"methods\": [
227 \"password\"
228 ],
229 \"password\": {
230 \"user\": {
231 \"name\": \"${_username}\",
232 \"password\": \"${_password}\",
233 \"domain\": {
234 \"name\": \"${_username}\"
235 }
236 }
237 }
238 },
239 \"scope\": {
240 \"project\": {
241 \"id\": \"${_project}\"
242 }
243 }
244 }
245 }"
246 export _H1="Content-Type: application/json;charset=utf8"
247 _post "${body}" "${iam_api}/v3/auth/tokens" >/dev/null
248 _code=$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\\r\\n")
249 _token=$(grep "^X-Subject-Token" "$HTTP_HEADER" | cut -d " " -f 2-)
250 _debug2 "${_code}"
251 printf "%s" "${_token}"
252 return 0
253 }
acme.sh DNS challenge mirror