6b7b5caf54
Instead of using comments declare info in a special variable.
Then the variable can be used to print the DNS API provider usage.
The usage can be parsed on UI and show all needed inputs for options.
The info is stored in plain string that it's both human-readable and easy to parse:
dns_example_info='API name
An extended description.
Multiline.
Domains: list of alternative domains to find
Site: the dns provider website e.g. example.com
Docs: Link to ACME.sh wiki for the provider
Options:
VARIABLE1 Title for the option1.
VARIABLE2 Title for the option2. Default "default value".
VARIABLE3 Title for the option3. Description to show on UI. Optional.
Issues: Link to a support ticket on https://github.com/acmesh-official/acme.sh
Author: First Lastname <authoremail@example.com>, Another Author <https://github.com/example>;
'
Here:
VARIABLE1 will be required.
VARIABLE2 will be required too but will be populated with a "default value".
VARIABLE3 is optional and can be empty.
A DNS provider may have alternative options like CloudFlare may use API KEY or API Token.
You can use a second section OptionsAlt: section.
Some providers may have alternative names or domains e.g. Aliyun and AlibabaCloud.
Add them to Domains: section.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
206 lines
5.3 KiB
Bash
206 lines
5.3 KiB
Bash
#!/usr/bin/env sh
|
|
# shellcheck disable=SC2034
|
|
dns_websupport_info='Websupport.sk
|
|
Site: Websupport.sk
|
|
Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_websupport
|
|
Options:
|
|
WS_ApiKey API Key. Called "Identifier" in the WS Admin
|
|
WS_ApiSecret API Secret. Called "Secret key" in the WS Admin
|
|
Issues: github.com/acmesh-official/acme.sh/issues/3486
|
|
Author: trgo.sk <https://github.com/trgosk>, akulumbeg <https://github.com/akulumbeg>
|
|
'
|
|
|
|
# Requirements: API Key and Secret from https://admin.websupport.sk/en/auth/apiKey
|
|
|
|
WS_Api="https://rest.websupport.sk"
|
|
|
|
######## Public functions #####################
|
|
|
|
dns_websupport_add() {
|
|
fulldomain=$1
|
|
txtvalue=$2
|
|
|
|
WS_ApiKey="${WS_ApiKey:-$(_readaccountconf_mutable WS_ApiKey)}"
|
|
WS_ApiSecret="${WS_ApiSecret:-$(_readaccountconf_mutable WS_ApiSecret)}"
|
|
|
|
if [ "$WS_ApiKey" ] && [ "$WS_ApiSecret" ]; then
|
|
_saveaccountconf_mutable WS_ApiKey "$WS_ApiKey"
|
|
_saveaccountconf_mutable WS_ApiSecret "$WS_ApiSecret"
|
|
else
|
|
WS_ApiKey=""
|
|
WS_ApiSecret=""
|
|
_err "You did not specify the API Key and/or API Secret"
|
|
_err "You can get the API login credentials from https://admin.websupport.sk/en/auth/apiKey"
|
|
return 1
|
|
fi
|
|
|
|
_debug "First detect the root zone"
|
|
if ! _get_root "$fulldomain"; then
|
|
_err "invalid domain"
|
|
return 1
|
|
fi
|
|
_debug _sub_domain "$_sub_domain"
|
|
_debug _domain "$_domain"
|
|
|
|
# For wildcard cert, the main root domain and the wildcard domain have the same txt subdomain name, so
|
|
# we can not use updating anymore.
|
|
# count=$(printf "%s\n" "$response" | _egrep_o "\"count\":[^,]*" | cut -d : -f 2)
|
|
# _debug count "$count"
|
|
# if [ "$count" = "0" ]; then
|
|
_info "Adding record"
|
|
if _ws_rest POST "/v1/user/self/zone/$_domain/record" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then
|
|
if _contains "$response" "$txtvalue"; then
|
|
_info "Added, OK"
|
|
return 0
|
|
elif _contains "$response" "The record already exists"; then
|
|
_info "Already exists, OK"
|
|
return 0
|
|
else
|
|
_err "Add txt record error."
|
|
return 1
|
|
fi
|
|
fi
|
|
_err "Add txt record error."
|
|
return 1
|
|
|
|
}
|
|
|
|
dns_websupport_rm() {
|
|
fulldomain=$1
|
|
txtvalue=$2
|
|
|
|
_debug2 fulldomain "$fulldomain"
|
|
_debug2 txtvalue "$txtvalue"
|
|
|
|
_debug "First detect the root zone"
|
|
if ! _get_root "$fulldomain"; then
|
|
_err "invalid domain"
|
|
return 1
|
|
fi
|
|
|
|
_debug _sub_domain "$_sub_domain"
|
|
_debug _domain "$_domain"
|
|
|
|
_debug "Getting txt records"
|
|
_ws_rest GET "/v1/user/self/zone/$_domain/record"
|
|
|
|
if [ "$(printf "%s" "$response" | tr -d " " | grep -c \"items\")" -lt "1" ]; then
|
|
_err "Error: $response"
|
|
return 1
|
|
fi
|
|
|
|
record_line="$(_get_from_array "$response" "$txtvalue")"
|
|
_debug record_line "$record_line"
|
|
if [ -z "$record_line" ]; then
|
|
_info "Don't need to remove."
|
|
else
|
|
record_id=$(echo "$record_line" | _egrep_o "\"id\": *[^,]*" | _head_n 1 | cut -d : -f 2 | tr -d \" | tr -d " ")
|
|
_debug "record_id" "$record_id"
|
|
if [ -z "$record_id" ]; then
|
|
_err "Can not get record id to remove."
|
|
return 1
|
|
fi
|
|
if ! _ws_rest DELETE "/v1/user/self/zone/$_domain/record/$record_id"; then
|
|
_err "Delete record error."
|
|
return 1
|
|
fi
|
|
if [ "$(printf "%s" "$response" | tr -d " " | grep -c \"success\")" -lt "1" ]; then
|
|
return 1
|
|
else
|
|
return 0
|
|
fi
|
|
fi
|
|
|
|
}
|
|
|
|
#################### Private Functions ##################################
|
|
|
|
_get_root() {
|
|
domain=$1
|
|
i=1
|
|
p=1
|
|
|
|
while true; do
|
|
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
|
|
_debug h "$h"
|
|
if [ -z "$h" ]; then
|
|
#not valid
|
|
return 1
|
|
fi
|
|
|
|
if ! _ws_rest GET "/v1/user/self/zone"; then
|
|
return 1
|
|
fi
|
|
|
|
if _contains "$response" "\"name\":\"$h\""; then
|
|
_domain_id=$(echo "$response" | _egrep_o "\[.\"id\": *[^,]*" | _head_n 1 | cut -d : -f 2 | tr -d \" | tr -d " ")
|
|
if [ "$_domain_id" ]; then
|
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
|
_domain=$h
|
|
return 0
|
|
fi
|
|
return 1
|
|
fi
|
|
p=$i
|
|
i=$(_math "$i" + 1)
|
|
done
|
|
return 1
|
|
}
|
|
|
|
_ws_rest() {
|
|
me=$1
|
|
pa="$2"
|
|
da="$3"
|
|
|
|
_debug2 api_key "$WS_ApiKey"
|
|
_debug2 api_secret "$WS_ApiSecret"
|
|
|
|
timestamp=$(_time)
|
|
datez="$(_utc_date | sed "s/ /T/" | sed "s/$/+0000/")"
|
|
canonical_request="${me} ${pa} ${timestamp}"
|
|
signature_hash=$(printf "%s" "$canonical_request" | _hmac sha1 "$(printf "%s" "$WS_ApiSecret" | _hex_dump | tr -d " ")" hex)
|
|
basicauth="$(printf "%s:%s" "$WS_ApiKey" "$signature_hash" | _base64)"
|
|
|
|
_debug2 method "$me"
|
|
_debug2 path "$pa"
|
|
_debug2 data "$da"
|
|
_debug2 timestamp "$timestamp"
|
|
_debug2 datez "$datez"
|
|
_debug2 canonical_request "$canonical_request"
|
|
_debug2 signature_hash "$signature_hash"
|
|
_debug2 basicauth "$basicauth"
|
|
|
|
export _H1="Accept: application/json"
|
|
export _H2="Content-Type: application/json"
|
|
export _H3="Authorization: Basic ${basicauth}"
|
|
export _H4="Date: ${datez}"
|
|
|
|
_debug2 H1 "$_H1"
|
|
_debug2 H2 "$_H2"
|
|
_debug2 H3 "$_H3"
|
|
_debug2 H4 "$_H4"
|
|
|
|
if [ "$me" != "GET" ]; then
|
|
_debug2 "${me} $WS_Api${pa}"
|
|
_debug data "$da"
|
|
response="$(_post "$da" "${WS_Api}${pa}" "" "$me")"
|
|
else
|
|
_debug2 "GET $WS_Api${pa}"
|
|
response="$(_get "$WS_Api${pa}")"
|
|
fi
|
|
|
|
_debug2 response "$response"
|
|
return "$?"
|
|
}
|
|
|
|
_get_from_array() {
|
|
va="$1"
|
|
fi="$2"
|
|
for i in $(echo "$va" | sed "s/{/ /g"); do
|
|
if _contains "$i" "$fi"; then
|
|
echo "$i"
|
|
break
|
|
fi
|
|
done
|
|
}
|