]> git.proxmox.com Git - mirror_acme.sh.git/commitdiff
feat: Add huaweicloud intl dnsapi
authorEaston Man <easton@techminer.org>
Sun, 22 Nov 2020 14:34:21 +0000 (22:34 +0800)
committerEaston Man <easton@techminer.org>
Sun, 22 Nov 2020 16:20:57 +0000 (00:20 +0800)
dnsapi/dns_huaweicloud.sh [new file with mode: 0644]

diff --git a/dnsapi/dns_huaweicloud.sh b/dnsapi/dns_huaweicloud.sh
new file mode 100644 (file)
index 0000000..69ab14b
--- /dev/null
@@ -0,0 +1,199 @@
+#!/usr/bin/env sh
+
+# HUAWEICLOUD_Username
+# HUAWEICLOUD_Password
+# HUAWEICLOUD_ProjectID
+
+iam_api="https://iam.myhuaweicloud.com"
+dns_api="https://dns.ap-southeast-1.myhuaweicloud.com"
+
+########  Public functions #####################
+
+# Usage: add  _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
+# Used to add txt record
+#
+# Ref: https://support.huaweicloud.com/intl/zh-cn/api-dns/zh-cn_topic_0132421999.html
+#
+
+dns_huaweicloud_add() {
+  fulldomain=$1
+  txtvalue=$2
+
+  HUAWEICLOUD_Username="${HUAWEICLOUD_Username:-$(_readaccountconf_mutable HUAWEICLOUD_Username)}"
+  HUAWEICLOUD_Password="${HUAWEICLOUD_Password:-$(_readaccountconf_mutable HUAWEICLOUD_Password)}"
+  HUAWEICLOUD_ProjectID="${HUAWEICLOUD_ProjectID:-$(_readaccountconf_mutable HUAWEICLOUD_ProjectID)}"
+
+  token="$(_get_token "${HUAWEICLOUD_Username}" "${HUAWEICLOUD_Password}" "${HUAWEICLOUD_ProjectID}")"
+  _debug2 "${token}"
+  zoneid="$(_get_zoneid "${token}" "${fulldomain}")"
+  _debug "${zoneid}"
+
+  _debug "Adding Record"
+  _add_record "${token}" "${fulldomain}" "${txtvalue}"
+  ret="$?"
+  if [ "${ret}" != "0" ]; then
+    _err "dns_huaweicloud: Error adding record."
+    return 1
+  fi
+
+  # Do saving work if all succeeded
+  _saveaccountconf_mutable HUAWEICLOUD_Username "${HUAWEICLOUD_Username}"
+  _saveaccountconf_mutable HUAWEICLOUD_Password "${HUAWEICLOUD_Password}"
+  _saveaccountconf_mutable HUAWEICLOUD_ProjectID "${HUAWEICLOUD_ProjectID}"
+  return 0
+}
+
+# Usage: fulldomain txtvalue
+# Used to remove the txt record after validation
+#
+# Ref: https://support.huaweicloud.com/intl/zh-cn/api-dns/dns_api_64005.html
+#
+
+dns_huaweicloud_rm() {
+  fulldomain=$1
+  txtvalue=$2
+
+  HUAWEICLOUD_Username="${HUAWEICLOUD_Username:-$(_readaccountconf_mutable HUAWEICLOUD_Username)}"
+  HUAWEICLOUD_Password="${HUAWEICLOUD_Password:-$(_readaccountconf_mutable HUAWEICLOUD_Password)}"
+  HUAWEICLOUD_ProjectID="${HUAWEICLOUD_ProjectID:-$(_readaccountconf_mutable HUAWEICLOUD_ProjectID)}"
+
+  token="$(_get_token "${HUAWEICLOUD_Username}" "${HUAWEICLOUD_Password}" "${HUAWEICLOUD_ProjectID}")"
+  _debug2 "${token}"
+  zoneid="$(_get_zoneid "${token}" "${fulldomain}")"
+  _debug "${zoneid}"
+  record_id="$(_get_recordset_id "${token}" "${fulldomain}" "${zoneid}")"
+  _debug "Record Set ID is: ${record_id}"
+  while [ "${record_id}" != "0" ]; do
+    _debug "Adding Record"
+    _rm_record "${token}" "${zoneid}" "${record_id}"
+    record_id="$(_get_recordset_id "${token}" "${fulldomain}" "${zoneid}")"
+  done
+  return 0
+}
+
+###################  Private functions below ##################################
+
+# _get_zoneid
+#
+# _token=$1
+# _domain_string=$2
+#
+# printf "%s" "${_zoneid}"
+_get_zoneid() {
+  _token=$1
+  _domain_string=$2
+  export _H1="X-Auth-Token: ${_token}"
+
+  i=1
+  while true; do
+    h=$(printf "%s" "${_domain_string}" | cut -d . -f $i-100)
+    if [ -z "$h" ]; then
+      #not valid
+      return 1
+    fi
+    _debug "$h"
+    response=$(_get "${dns_api}/v2/zones?name=${h}")
+
+    if _contains "${response}" "id"; then
+      _debug "Get Zone ID Success."
+      _zoneid=$(echo "${response}" | _egrep_o "\"id\": *\"[^\"]*\"" | cut -d : -f 2 | tr -d \" | tr -d " ")
+      printf "%s" "${_zoneid}"
+      return 0
+    fi
+
+    i=$(_math "$i" + 1)
+  done
+  return 1
+}
+
+_get_recordset_id() {
+  _token=$1
+  _domain=$2
+  _zoneid=$3
+  export _H1="X-Auth-Token: ${_token}"
+
+  response=$(_get "${dns_api}/v2/zones/${_zoneid}/recordsets?name=${_domain}")
+  if _contains "${response}" "id"; then
+    _id="$(echo "${response}" | _egrep_o "\"id\": *\"[^\"]*\"" | cut -d : -f 2 | tr -d \" | tr -d " ")"
+    printf "%s" "${_id}"
+    return 0
+  fi
+  printf "%s" "0"
+  return 1
+}
+
+_add_record() {
+  _token=$1
+  _domain=$2
+  _txtvalue=$3
+  body="{
+    \"name\": \"${_domain}.\",
+    \"description\": \"ACME Challenge\",
+    \"type\": \"TXT\",
+    \"ttl\": 1,
+    \"records\": [
+        \"\\\"${_txtvalue}\\\"\"
+    ]
+  }"
+  _debug2 "${body}"
+  export _H2="Content-Type: application/json"
+  export _H1="X-Auth-Token: ${_token}"
+
+  _post "${body}" "${dns_api}/v2/zones/${zoneid}/recordsets" >/dev/null
+  _code="$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\\r\\n")"
+  if [ "$_code" != "202" ]; then
+    _err "dns_huaweicloud: http code ${_code}"
+    return 1
+  fi
+  return 0
+}
+
+_rm_record() {
+  _token=$1
+  _zone_id=$2
+  _record_id=$3
+
+  export _H2="Content-Type: application/json"
+  export _H1="X-Auth-Token: ${_token}"
+
+  _post "${body}" "${dns_api}/v2/zones/${_zone_id}/recordsets/${_record_id}" false "DELETE"
+  return 0
+}
+
+_get_token() {
+  _username=$1
+  _password=$2
+  _project=$3
+
+  _debug "Getting Token"
+  body="{
+    \"auth\": {
+      \"identity\": {
+        \"methods\": [
+          \"password\"
+        ],
+        \"password\": {
+          \"user\": {
+            \"name\": \"${_username}\",
+            \"password\": \"${_password}\",
+            \"domain\": {
+              \"name\": \"${_username}\"
+            }
+          }
+        }
+      },
+      \"scope\": {
+        \"project\": {
+          \"id\": \"${_project}\"
+        }
+      }
+    }
+  }"
+  export _H1="Content-Type: application/json;charset=utf8"
+  _post "${body}" "${iam_api}/v3/auth/tokens" >/dev/null
+  _code=$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\\r\\n")
+  _token=$(grep "^X-Subject-Token" "$HTTP_HEADER" | cut -d " " -f 2-)
+  _debug2 "${_code}"
+  printf "%s" "${_token}"
+  return 0
+}