5 # HUAWEICLOUD_ProjectID
7 iam_api
="https://iam.myhuaweicloud.com"
8 dns_api
="https://dns.ap-southeast-1.myhuaweicloud.com" # Should work
10 ######## Public functions #####################
12 # Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
13 # Used to add txt record
15 # Ref: https://support.huaweicloud.com/intl/zh-cn/api-dns/zh-cn_topic_0132421999.html
18 dns_huaweicloud_add
() {
22 HUAWEICLOUD_Username
="${HUAWEICLOUD_Username:-$(_readaccountconf_mutable HUAWEICLOUD_Username)}"
23 HUAWEICLOUD_Password
="${HUAWEICLOUD_Password:-$(_readaccountconf_mutable HUAWEICLOUD_Password)}"
24 HUAWEICLOUD_ProjectID
="${HUAWEICLOUD_ProjectID:-$(_readaccountconf_mutable HUAWEICLOUD_ProjectID)}"
27 if [ -z "${HUAWEICLOUD_Username}" ] || [ -z "${HUAWEICLOUD_Password}" ] || [ -z "${HUAWEICLOUD_ProjectID}" ]; then
28 _err
"Not enough information provided to dns_huaweicloud!"
32 unset token
# Clear token
33 token
="$(_get_token "${HUAWEICLOUD_Username}" "${HUAWEICLOUD_Password}" "${HUAWEICLOUD_ProjectID}")"
34 if [ -z "${token}" ]; then # Check token
35 _err
"dns_api(dns_huaweicloud): Error getting token."
38 _secure_debug
"Access token is:" "${token}"
41 zoneid
="$(_get_zoneid "${token}" "${fulldomain}")"
42 if [ -z "${zoneid}" ]; then
43 _err
"dns_api(dns_huaweicloud): Error getting zone id."
46 _debug
"Zone ID is:" "${zoneid}"
48 _debug
"Adding Record"
49 _add_record
"${token}" "${fulldomain}" "${txtvalue}"
51 if [ "${ret}" != "0" ]; then
52 _err
"dns_api(dns_huaweicloud): Error adding record."
56 # Do saving work if all succeeded
57 _saveaccountconf_mutable HUAWEICLOUD_Username
"${HUAWEICLOUD_Username}"
58 _saveaccountconf_mutable HUAWEICLOUD_Password
"${HUAWEICLOUD_Password}"
59 _saveaccountconf_mutable HUAWEICLOUD_ProjectID
"${HUAWEICLOUD_ProjectID}"
63 # Usage: fulldomain txtvalue
64 # Used to remove the txt record after validation
66 # Ref: https://support.huaweicloud.com/intl/zh-cn/api-dns/dns_api_64005.html
69 dns_huaweicloud_rm
() {
73 HUAWEICLOUD_Username
="${HUAWEICLOUD_Username:-$(_readaccountconf_mutable HUAWEICLOUD_Username)}"
74 HUAWEICLOUD_Password
="${HUAWEICLOUD_Password:-$(_readaccountconf_mutable HUAWEICLOUD_Password)}"
75 HUAWEICLOUD_ProjectID
="${HUAWEICLOUD_ProjectID:-$(_readaccountconf_mutable HUAWEICLOUD_ProjectID)}"
78 if [ -z "${HUAWEICLOUD_Username}" ] || [ -z "${HUAWEICLOUD_Password}" ] || [ -z "${HUAWEICLOUD_ProjectID}" ]; then
79 _err
"Not enough information provided to dns_huaweicloud!"
83 unset token
# Clear token
84 token
="$(_get_token "${HUAWEICLOUD_Username}" "${HUAWEICLOUD_Password}" "${HUAWEICLOUD_ProjectID}")"
85 if [ -z "${token}" ]; then # Check token
86 _err
"dns_api(dns_huaweicloud): Error getting token."
89 _secure_debug
"Access token is:" "${token}"
92 zoneid
="$(_get_zoneid "${token}" "${fulldomain}")"
93 if [ -z "${zoneid}" ]; then
94 _err
"dns_api(dns_huaweicloud): Error getting zone id."
97 _debug
"Zone ID is:" "${zoneid}"
100 # Therotically HuaweiCloud does not allow more than one record set
101 # But remove them recurringly to increase robusty
102 while [ "${record_id}" != "0" ]; do
103 _debug
"Removing Record"
104 _rm_record
"${token}" "${zoneid}" "${record_id}"
105 record_id
="$(_get_recordset_id "${token}" "${fulldomain}" "${zoneid}")"
110 ################### Private functions below ##################################
117 # printf "%s" "${_zoneid}"
121 export _H1
="X-Auth-Token: ${_token}"
125 h
=$
(printf "%s" "${_domain_string}" | cut
-d .
-f $i-100)
131 response
=$
(_get
"${dns_api}/v2/zones?name=${h}")
133 if _contains
"${response}" '"id"'; then
134 zoneidlist
=$
(echo "${response}" | _egrep_o
"\"id\": *\"[^\"]*\"" | cut
-d : -f 2 |
tr -d \" |
tr -d " ")
135 zonenamelist
=$
(echo "${response}" | _egrep_o
"\"name\": *\"[^\"]*\"" | cut
-d : -f 2 |
tr -d \" |
tr -d " ")
136 _debug2
"Return Zone ID(s):" "${zoneidlist}"
137 _debug2
"Return Zone Name(s):" "${zonenamelist}"
139 echo "${zonenamelist}" |
while read -r zonename
; do
140 zoneidnum
=$
(_math
"$zoneidnum" + 1)
141 _debug
"Check Zone Name" "${zonename}"
142 if [ "${zonename}" = "${h}." ]; then
143 _debug
"Get Zone ID Success."
144 _zoneid
=$
(echo "${zoneidlist}" |
sed -n "${zoneidnum}p")
145 _debug2
"ZoneID:" "${_zoneid}"
146 printf "%s" "${_zoneid}"
156 _get_recordset_id
() {
160 export _H1
="X-Auth-Token: ${_token}"
162 response
=$
(_get
"${dns_api}/v2/zones/${_zoneid}/recordsets?name=${_domain}")
163 if _contains
"${response}" '"id"'; then
164 _id
="$(echo "${response}" | _egrep_o "\"id
\": *\"[^
\"]*\"" | cut -d : -f 2 | tr -d \" | tr -d " ")"
177 # Get Existing Records
178 export _H1
="X-Auth-Token: ${_token}"
179 response
=$
(_get
"${dns_api}/v2/zones/${zoneid}/recordsets?name=${_domain}")
181 _debug2
"${response}"
182 _exist_record
=$
(echo "${response}" | _egrep_o
'"records":[^]]*' |
sed 's/\"records\"\:\[//g')
183 _debug
"${_exist_record}"
185 # Check if record exist
187 if [ -z "${_exist_record}" ]; then
189 \"name\": \"${_domain}.\",
190 \"description\": \"ACME Challenge\",
194 \"\\\"${_txtvalue}\\\"\"
199 \"name\": \"${_domain}.\",
200 \"description\": \"ACME Challenge\",
205 \"\\\"${_txtvalue}\\\"\"
210 _record_id
="$(_get_recordset_id "${_token}" "${_domain}" "${zoneid}")"
211 _debug
"Record Set ID is:" "${_record_id}"
214 while [ "${_record_id}" != "0" ]; do
215 _debug
"Removing Record"
216 _rm_record
"${_token}" "${zoneid}" "${_record_id}"
217 _record_id
="$(_get_recordset_id "${_token}" "${_domain}" "${zoneid}")"
220 # Add brand new records with all old and new records
221 export _H2
="Content-Type: application/json"
222 export _H1
="X-Auth-Token: ${_token}"
224 _debug2
"${_post_body}"
225 _post
"${_post_body}" "${dns_api}/v2/zones/${zoneid}/recordsets" >/dev
/null
226 _code
="$(grep "^HTTP
" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\\r
\\n
")"
227 if [ "$_code" != "202" ]; then
228 _err
"dns_huaweicloud: http code ${_code}"
234 # _rm_record $token $zoneid $recordid
235 # assume ${dns_api} exist
243 export _H2
="Content-Type: application/json"
244 export _H1
="X-Auth-Token: ${_token}"
246 _post
"" "${dns_api}/v2/zones/${_zone_id}/recordsets/${_record_id}" false
"DELETE" >/dev
/null
255 _debug
"Getting Token"
264 \"name\": \"${_username}\",
265 \"password\": \"${_password}\",
267 \"name\": \"${_username}\"
274 \"id\": \"${_project}\"
279 export _H1
="Content-Type: application/json;charset=utf8"
280 _post
"${body}" "${iam_api}/v3/auth/tokens" >/dev
/null
281 _code
=$
(grep "^HTTP" "$HTTP_HEADER" | _tail_n
1 | cut
-d " " -f 2 |
tr -d "\\r\\n")
282 _token
=$
(grep "^X-Subject-Token" "$HTTP_HEADER" | cut
-d " " -f 2-)
283 _secure_debug
"${_code}"
284 printf "%s" "${_token}"