forked from Github/acme.sh
Browse Source
Merge branch 'dev' of https://github.com/Neilpang/acme.sh into dev
Merge branch 'dev' of https://github.com/Neilpang/acme.sh into dev
# Conflicts: # README.md # dnsapi/README.mddnsconf
Ne-Lexa
6 years ago
19 changed files with 986 additions and 240 deletions
-
50README.md
-
103acme.sh
-
49deploy/README.md
-
92deploy/qiniu.sh
-
54dnsapi/README.md
-
141dnsapi/dns_active24.sh
-
39dnsapi/dns_cf.sh
-
73dnsapi/dns_dgon.sh
-
2dnsapi/dns_dnsimple.sh
-
59dnsapi/dns_doapi.sh
-
2dnsapi/dns_dp.sh
-
26dnsapi/dns_dynu.sh
-
62dnsapi/dns_gandi_livedns.sh
-
46dnsapi/dns_hostingde.sh
-
3dnsapi/dns_inwx.sh
-
4dnsapi/dns_linode_v4.sh
-
77dnsapi/dns_loopia.sh
-
96dnsapi/dns_namecheap.sh
-
164dnsapi/dns_pointhq.sh
@ -0,0 +1,92 @@ |
|||
#!/usr/bin/env sh |
|||
|
|||
# Script to create certificate to qiniu.com |
|||
# |
|||
# This deployment required following variables |
|||
# export QINIU_AK="QINIUACCESSKEY" |
|||
# export QINIU_SK="QINIUSECRETKEY" |
|||
# export QINIU_CDN_DOMAIN="cdn.example.com" |
|||
|
|||
QINIU_API_BASE="https://api.qiniu.com" |
|||
|
|||
qiniu_deploy() { |
|||
_cdomain="$1" |
|||
_ckey="$2" |
|||
_ccert="$3" |
|||
_cca="$4" |
|||
_cfullchain="$5" |
|||
|
|||
_debug _cdomain "$_cdomain" |
|||
_debug _ckey "$_ckey" |
|||
_debug _ccert "$_ccert" |
|||
_debug _cca "$_cca" |
|||
_debug _cfullchain "$_cfullchain" |
|||
|
|||
if [ -z "$QINIU_AK" ]; then |
|||
_err "QINIU_AK is not defined." |
|||
return 1 |
|||
else |
|||
_savedomainconf QINIU_AK "$QINIU_AK" |
|||
fi |
|||
|
|||
if [ -z "$QINIU_SK" ]; then |
|||
_err "QINIU_SK is not defined." |
|||
return 1 |
|||
else |
|||
_savedomainconf QINIU_SK "$QINIU_SK" |
|||
fi |
|||
|
|||
if [ "$QINIU_CDN_DOMAIN" ]; then |
|||
_savedomainconf QINIU_CDN_DOMAIN "$QINIU_CDN_DOMAIN" |
|||
else |
|||
QINIU_CDN_DOMAIN="$_cdomain" |
|||
fi |
|||
|
|||
## upload certificate |
|||
string_fullchain=$(sed 's/$/\\n/' "$_cfullchain" | tr -d '\n') |
|||
string_key=$(sed 's/$/\\n/' "$_ckey" | tr -d '\n') |
|||
|
|||
sslcert_path="/sslcert" |
|||
sslcerl_body="{\"name\":\"$_cdomain\",\"common_name\":\"$QINIU_CDN_DOMAIN\",\"ca\":\"$string_fullchain\",\"pri\":\"$string_key\"}" |
|||
sslcert_access_token="$(_make_access_token "$sslcert_path")" |
|||
_debug sslcert_access_token "$sslcert_access_token" |
|||
export _H1="Authorization: QBox $sslcert_access_token" |
|||
sslcert_response=$(_post "$sslcerl_body" "$QINIU_API_BASE$sslcert_path" 0 "POST" "application/json" | _dbase64 "multiline") |
|||
|
|||
if ! _contains "$sslcert_response" "certID"; then |
|||
_err "Error in creating certificate:" |
|||
_err "$sslcert_response" |
|||
return 1 |
|||
fi |
|||
|
|||
_debug sslcert_response "$sslcert_response" |
|||
_info "Certificate successfully uploaded, updating domain $_cdomain" |
|||
|
|||
## extract certId |
|||
_certId="$(printf "%s" "$sslcert_response" | _normalizeJson | _egrep_o "certID\": *\"[^\"]*\"" | cut -d : -f 2)" |
|||
_debug certId "$_certId" |
|||
|
|||
## update domain ssl config |
|||
update_path="/domain/$QINIU_CDN_DOMAIN/httpsconf" |
|||
update_body="{\"certid\":$_certId,\"forceHttps\":false}" |
|||
update_access_token="$(_make_access_token "$update_path")" |
|||
_debug update_access_token "$update_access_token" |
|||
export _H1="Authorization: QBox $update_access_token" |
|||
update_response=$(_post "$update_body" "$QINIU_API_BASE$update_path" 0 "PUT" "application/json" | _dbase64 "multiline") |
|||
|
|||
if _contains "$update_response" "error"; then |
|||
_err "Error in updating domain httpsconf:" |
|||
_err "$update_response" |
|||
return 1 |
|||
fi |
|||
|
|||
_debug update_response "$update_response" |
|||
_info "Certificate successfully deployed" |
|||
|
|||
return 0 |
|||
} |
|||
|
|||
_make_access_token() { |
|||
_token="$(printf "%s\n" "$1" | _hmac "sha1" "$(printf "%s" "$QINIU_SK" | _hex_dump | tr -d " ")" | _base64)" |
|||
echo "$QINIU_AK:$_token" |
|||
} |
@ -0,0 +1,141 @@ |
|||
#!/usr/bin/env sh |
|||
|
|||
#ACTIVE24_Token="sdfsdfsdfljlbjkljlkjsdfoiwje" |
|||
|
|||
ACTIVE24_Api="https://api.active24.com" |
|||
|
|||
######## Public functions ##################### |
|||
|
|||
# Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
|||
# Used to add txt record |
|||
dns_active24_add() { |
|||
fulldomain=$1 |
|||
txtvalue=$2 |
|||
|
|||
_active24_init |
|||
|
|||
_info "Adding txt record" |
|||
if _active24_rest POST "dns/$_domain/txt/v1" "{\"name\":\"$_sub_domain\",\"text\":\"$txtvalue\",\"ttl\":0}"; then |
|||
if _contains "$response" "errors"; then |
|||
_err "Add txt record error." |
|||
return 1 |
|||
else |
|||
_info "Added, OK" |
|||
return 0 |
|||
fi |
|||
fi |
|||
_err "Add txt record error." |
|||
return 1 |
|||
} |
|||
|
|||
# Usage: fulldomain txtvalue |
|||
# Used to remove the txt record after validation |
|||
dns_active24_rm() { |
|||
fulldomain=$1 |
|||
txtvalue=$2 |
|||
|
|||
_active24_init |
|||
|
|||
_debug "Getting txt records" |
|||
_active24_rest GET "dns/$_domain/records/v1" |
|||
|
|||
if _contains "$response" "errors"; then |
|||
_err "Error" |
|||
return 1 |
|||
fi |
|||
|
|||
hash_ids=$(echo "$response" | _egrep_o "[^{]+${txtvalue}[^}]+" | _egrep_o "hashId\":\"[^\"]+" | cut -c10-) |
|||
|
|||
for hash_id in $hash_ids; do |
|||
_debug "Removing hash_id" "$hash_id" |
|||
if _active24_rest DELETE "dns/$_domain/$hash_id/v1" ""; then |
|||
if _contains "$response" "errors"; then |
|||
_err "Unable to remove txt record." |
|||
return 1 |
|||
else |
|||
_info "Removed txt record." |
|||
return 0 |
|||
fi |
|||
fi |
|||
done |
|||
|
|||
_err "No txt records found." |
|||
return 1 |
|||
} |
|||
|
|||
#################### Private functions below ################################## |
|||
#_acme-challenge.www.domain.com |
|||
#returns |
|||
# _sub_domain=_acme-challenge.www |
|||
# _domain=domain.com |
|||
# _domain_id=sdjkglgdfewsdfg |
|||
_get_root() { |
|||
domain=$1 |
|||
|
|||
if ! _active24_rest GET "dns/domains/v1"; then |
|||
return 1 |
|||
fi |
|||
|
|||
i=2 |
|||
p=1 |
|||
while true; do |
|||
h=$(printf "%s" "$domain" | cut -d . -f $i-100) |
|||
_debug "h" "$h" |
|||
if [ -z "$h" ]; then |
|||
#not valid |
|||
return 1 |
|||
fi |
|||
|
|||
if _contains "$response" "\"$h\"" >/dev/null; then |
|||
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) |
|||
_domain=$h |
|||
return 0 |
|||
fi |
|||
p=$i |
|||
i=$(_math "$i" + 1) |
|||
done |
|||
return 1 |
|||
} |
|||
|
|||
_active24_rest() { |
|||
m=$1 |
|||
ep="$2" |
|||
data="$3" |
|||
_debug "$ep" |
|||
|
|||
export _H1="Authorization: Bearer $ACTIVE24_Token" |
|||
|
|||
if [ "$m" != "GET" ]; then |
|||
_debug "data" "$data" |
|||
response="$(_post "$data" "$ACTIVE24_Api/$ep" "" "$m" "application/json")" |
|||
else |
|||
response="$(_get "$ACTIVE24_Api/$ep")" |
|||
fi |
|||
|
|||
if [ "$?" != "0" ]; then |
|||
_err "error $ep" |
|||
return 1 |
|||
fi |
|||
_debug2 response "$response" |
|||
return 0 |
|||
} |
|||
|
|||
_active24_init() { |
|||
ACTIVE24_Token="${ACTIVE24_Token:-$(_readaccountconf_mutable ACTIVE24_Token)}" |
|||
if [ -z "$ACTIVE24_Token" ]; then |
|||
ACTIVE24_Token="" |
|||
_err "You didn't specify a Active24 api token yet." |
|||
_err "Please create the token and try again." |
|||
return 1 |
|||
fi |
|||
|
|||
_saveaccountconf_mutable ACTIVE24_Token "ACTIVE24_Token" |
|||
|
|||
_debug "First detect the root zone" |
|||
if ! _get_root "$fulldomain"; then |
|||
_err "invalid domain" |
|||
return 1 |
|||
fi |
|||
_debug _sub_domain "$_sub_domain" |
|||
_debug _domain "$_domain" |
|||
} |
@ -0,0 +1,59 @@ |
|||
#!/usr/bin/env sh |
|||
|
|||
# Official Let's Encrypt API for do.de / Domain-Offensive |
|||
# |
|||
# This is different from the dns_do adapter, because dns_do is only usable for enterprise customers |
|||
# This API is also available to private customers/individuals |
|||
# |
|||
# Provide the required LetsEncrypt token like this: |
|||
# DO_LETOKEN="FmD408PdqT1E269gUK57" |
|||
|
|||
DO_API="https://www.do.de/api/letsencrypt" |
|||
|
|||
######## Public functions ##################### |
|||
|
|||
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
|||
dns_doapi_add() { |
|||
fulldomain=$1 |
|||
txtvalue=$2 |
|||
|
|||
DO_LETOKEN="${DO_LETOKEN:-$(_readaccountconf_mutable DO_LETOKEN)}" |
|||
if [ -z "$DO_LETOKEN" ]; then |
|||
DO_LETOKEN="" |
|||
_err "You didn't configure a do.de API token yet." |
|||
_err "Please set DO_LETOKEN and try again." |
|||
return 1 |
|||
fi |
|||
_saveaccountconf_mutable DO_LETOKEN "$DO_LETOKEN" |
|||
|
|||
_info "Adding TXT record to ${fulldomain}" |
|||
response="$(_get "$DO_API?token=$DO_LETOKEN&domain=${fulldomain}&value=${txtvalue}")" |
|||
if _contains "${response}" 'success'; then |
|||
return 0 |
|||
fi |
|||
_err "Could not create resource record, check logs" |
|||
_err "${response}" |
|||
return 1 |
|||
} |
|||
|
|||
dns_doapi_rm() { |
|||
fulldomain=$1 |
|||
|
|||
DO_LETOKEN="${DO_LETOKEN:-$(_readaccountconf_mutable DO_LETOKEN)}" |
|||
if [ -z "$DO_LETOKEN" ]; then |
|||
DO_LETOKEN="" |
|||
_err "You didn't configure a do.de API token yet." |
|||
_err "Please set DO_LETOKEN and try again." |
|||
return 1 |
|||
fi |
|||
_saveaccountconf_mutable DO_LETOKEN "$DO_LETOKEN" |
|||
|
|||
_info "Deleting resource record $fulldomain" |
|||
response="$(_get "$DO_API?token=$DO_LETOKEN&domain=${fulldomain}&action=delete")" |
|||
if _contains "${response}" 'success'; then |
|||
return 0 |
|||
fi |
|||
_err "Could not delete resource record, check logs" |
|||
_err "${response}" |
|||
return 1 |
|||
} |
@ -0,0 +1,164 @@ |
|||
#!/usr/bin/env sh |
|||
|
|||
# |
|||
#PointHQ_Key="sdfsdfsdfljlbjkljlkjsdfoiwje" |
|||
# |
|||
#PointHQ_Email="xxxx@sss.com" |
|||
|
|||
PointHQ_Api="https://api.pointhq.com" |
|||
|
|||
######## Public functions ##################### |
|||
|
|||
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
|||
dns_pointhq_add() { |
|||
fulldomain=$1 |
|||
txtvalue=$2 |
|||
|
|||
PointHQ_Key="${PointHQ_Key:-$(_readaccountconf_mutable PointHQ_Key)}" |
|||
PointHQ_Email="${PointHQ_Email:-$(_readaccountconf_mutable PointHQ_Email)}" |
|||
if [ -z "$PointHQ_Key" ] || [ -z "$PointHQ_Email" ]; then |
|||
PointHQ_Key="" |
|||
PointHQ_Email="" |
|||
_err "You didn't specify a PointHQ API key and email yet." |
|||
_err "Please create the key and try again." |
|||
return 1 |
|||
fi |
|||
|
|||
if ! _contains "$PointHQ_Email" "@"; then |
|||
_err "It seems that the PointHQ_Email=$PointHQ_Email is not a valid email address." |
|||
_err "Please check and retry." |
|||
return 1 |
|||
fi |
|||
|
|||
#save the api key and email to the account conf file. |
|||
_saveaccountconf_mutable PointHQ_Key "$PointHQ_Key" |
|||
_saveaccountconf_mutable PointHQ_Email "$PointHQ_Email" |
|||
|
|||
_debug "First detect the root zone" |
|||
if ! _get_root "$fulldomain"; then |
|||
_err "invalid domain" |
|||
return 1 |
|||
fi |
|||
_debug _sub_domain "$_sub_domain" |
|||
_debug _domain "$_domain" |
|||
|
|||
_info "Adding record" |
|||
if _pointhq_rest POST "zones/$_domain/records" "{\"zone_record\": {\"name\":\"$_sub_domain\",\"record_type\":\"TXT\",\"data\":\"$txtvalue\",\"ttl\":3600}}"; then |
|||
if printf -- "%s" "$response" | grep "$fulldomain" >/dev/null; then |
|||
_info "Added, OK" |
|||
return 0 |
|||
else |
|||
_err "Add txt record error." |
|||
return 1 |
|||
fi |
|||
fi |
|||
_err "Add txt record error." |
|||
return 1 |
|||
} |
|||
|
|||
#fulldomain txtvalue |
|||
dns_pointhq_rm() { |
|||
fulldomain=$1 |
|||
txtvalue=$2 |
|||
|
|||
PointHQ_Key="${PointHQ_Key:-$(_readaccountconf_mutable PointHQ_Key)}" |
|||
PointHQ_Email="${PointHQ_Email:-$(_readaccountconf_mutable PointHQ_Email)}" |
|||
if [ -z "$PointHQ_Key" ] || [ -z "$PointHQ_Email" ]; then |
|||
PointHQ_Key="" |
|||
PointHQ_Email="" |
|||
_err "You didn't specify a PointHQ API key and email yet." |
|||
_err "Please create the key and try again." |
|||
return 1 |
|||
fi |
|||
|
|||
_debug "First detect the root zone" |
|||
if ! _get_root "$fulldomain"; then |
|||
_err "invalid domain" |
|||
return 1 |
|||
fi |
|||
_debug _sub_domain "$_sub_domain" |
|||
_debug _domain "$_domain" |
|||
|
|||
_debug "Getting txt records" |
|||
_pointhq_rest GET "zones/${_domain}/records?record_type=TXT&name=$_sub_domain" |
|||
|
|||
if ! printf "%s" "$response" | grep "^\[" >/dev/null; then |
|||
_err "Error" |
|||
return 1 |
|||
fi |
|||
|
|||
if [ "$response" = "[]" ]; then |
|||
_info "No records to remove." |
|||
else |
|||
record_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":[^,]*" | cut -d : -f 2 | tr -d \" | head -n 1) |
|||
_debug "record_id" "$record_id" |
|||
if [ -z "$record_id" ]; then |
|||
_err "Can not get record id to remove." |
|||
return 1 |
|||
fi |
|||
if ! _pointhq_rest DELETE "zones/$_domain/records/$record_id"; then |
|||
_err "Delete record error." |
|||
return 1 |
|||
fi |
|||
_contains "$response" '"status":"OK"' |
|||
fi |
|||
} |
|||
|
|||
#################### Private functions below ################################## |
|||
#_acme-challenge.www.domain.com |
|||
#returns |
|||
# _sub_domain=_acme-challenge.www |
|||
# _domain=domain.com |
|||
_get_root() { |
|||
domain=$1 |
|||
i=2 |
|||
p=1 |
|||
while true; do |
|||
h=$(printf "%s" "$domain" | cut -d . -f $i-100) |
|||
_debug h "$h" |
|||
if [ -z "$h" ]; then |
|||
#not valid |
|||
return 1 |
|||
fi |
|||
|
|||
if ! _pointhq_rest GET "zones"; then |
|||
return 1 |
|||
fi |
|||
|
|||
if _contains "$response" "\"name\":\"$h\"" >/dev/null; then |
|||
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) |
|||
_domain=$h |
|||
return 0 |
|||
fi |
|||
p=$i |
|||
i=$(_math "$i" + 1) |
|||
done |
|||
return 1 |
|||
} |
|||
|
|||
_pointhq_rest() { |
|||
m=$1 |
|||
ep="$2" |
|||
data="$3" |
|||
_debug "$ep" |
|||
|
|||
_pointhq_auth=$(printf "%s:%s" "$PointHQ_Email" "$PointHQ_Key" | _base64) |
|||
|
|||
export _H1="Authorization: Basic $_pointhq_auth" |
|||
export _H2="Content-Type: application/json" |
|||
export _H3="Accept: application/json" |
|||
|
|||
if [ "$m" != "GET" ]; then |
|||
_debug data "$data" |
|||
response="$(_post "$data" "$PointHQ_Api/$ep" "" "$m")" |
|||
else |
|||
response="$(_get "$PointHQ_Api/$ep")" |
|||
fi |
|||
|
|||
if [ "$?" != "0" ]; then |
|||
_err "error $ep" |
|||
return 1 |
|||
fi |
|||
_debug2 response "$response" |
|||
return 0 |
|||
} |
Write
Preview
Loading…
Cancel
Save
Reference in new issue