98 lines
3.2 KiB

8 years ago
8 years ago
  1. #!/usr/bin/env sh
  2. ######## Public functions #####################
  3. #Usage: dns_nsupdate_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
  4. dns_nsupdate_add() {
  5. fulldomain=$1
  6. txtvalue=$2
  7. NSUPDATE_SERVER="${NSUPDATE_SERVER:-$(_readaccountconf_mutable NSUPDATE_SERVER)}"
  8. NSUPDATE_SERVER_PORT="${NSUPDATE_SERVER_PORT:-$(_readaccountconf_mutable NSUPDATE_SERVER_PORT)}"
  9. NSUPDATE_KEY="${NSUPDATE_KEY:-$(_readaccountconf_mutable NSUPDATE_KEY)}"
  10. NSUPDATE_ZONE="${NSUPDATE_ZONE:-$(_readaccountconf_mutable NSUPDATE_ZONE)}"
  11. _checkKeyFile || return 1
  12. # save the dns server and key to the account conf file.
  13. _saveaccountconf_mutable NSUPDATE_SERVER "${NSUPDATE_SERVER}"
  14. _saveaccountconf_mutable NSUPDATE_SERVER_PORT "${NSUPDATE_SERVER_PORT}"
  15. _saveaccountconf_mutable NSUPDATE_KEY "${NSUPDATE_KEY}"
  16. _saveaccountconf_mutable NSUPDATE_ZONE "${NSUPDATE_ZONE}"
  17. [ -n "${NSUPDATE_SERVER}" ] || NSUPDATE_SERVER="localhost"
  18. [ -n "${NSUPDATE_SERVER_PORT}" ] || NSUPDATE_SERVER_PORT=53
  19. _info "adding ${fulldomain}. 60 in txt \"${txtvalue}\""
  20. [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_1" ] && nsdebug="-d"
  21. [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_2" ] && nsdebug="-D"
  22. if [ -z "${NSUPDATE_ZONE}" ]; then
  23. nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
  24. server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
  25. update add ${fulldomain}. 60 in txt "${txtvalue}"
  26. send
  27. EOF
  28. else
  29. nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
  30. server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
  31. zone ${NSUPDATE_ZONE}.
  32. update add ${fulldomain}. 60 in txt "${txtvalue}"
  33. send
  34. EOF
  35. fi
  36. if [ $? -ne 0 ]; then
  37. _err "error updating domain"
  38. return 1
  39. fi
  40. return 0
  41. }
  42. #Usage: dns_nsupdate_rm _acme-challenge.www.domain.com
  43. dns_nsupdate_rm() {
  44. fulldomain=$1
  45. NSUPDATE_SERVER="${NSUPDATE_SERVER:-$(_readaccountconf_mutable NSUPDATE_SERVER)}"
  46. NSUPDATE_SERVER_PORT="${NSUPDATE_SERVER_PORT:-$(_readaccountconf_mutable NSUPDATE_SERVER_PORT)}"
  47. NSUPDATE_KEY="${NSUPDATE_KEY:-$(_readaccountconf_mutable NSUPDATE_KEY)}"
  48. NSUPDATE_ZONE="${NSUPDATE_ZONE:-$(_readaccountconf_mutable NSUPDATE_ZONE)}"
  49. _checkKeyFile || return 1
  50. [ -n "${NSUPDATE_SERVER}" ] || NSUPDATE_SERVER="localhost"
  51. [ -n "${NSUPDATE_SERVER_PORT}" ] || NSUPDATE_SERVER_PORT=53
  52. _info "removing ${fulldomain}. txt"
  53. [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_1" ] && nsdebug="-d"
  54. [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_2" ] && nsdebug="-D"
  55. if [ -z "${NSUPDATE_ZONE}" ]; then
  56. nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
  57. server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
  58. update delete ${fulldomain}. txt
  59. send
  60. EOF
  61. else
  62. nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
  63. server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
  64. zone ${NSUPDATE_ZONE}.
  65. update delete ${fulldomain}. txt
  66. send
  67. EOF
  68. fi
  69. if [ $? -ne 0 ]; then
  70. _err "error updating domain"
  71. return 1
  72. fi
  73. return 0
  74. }
  75. #################### Private functions below ##################################
  76. _checkKeyFile() {
  77. if [ -z "${NSUPDATE_KEY}" ]; then
  78. _err "you must specify a path to the nsupdate key file"
  79. return 1
  80. fi
  81. if [ ! -r "${NSUPDATE_KEY}" ]; then
  82. _err "key ${NSUPDATE_KEY} is unreadable"
  83. return 1
  84. fi
  85. }