Handle many domain cert with many accounts

My solution is to use dynamic variables and append the domain with the dot replaced by an underscore to the variable so you can export a set for each domain. Better yet would be to make use of the json file "/etc/letsencrypt/acmedns.json" that contains the accounts. Similar to how it is used here: https://github.com/joohoi/acme-dns-certbot-joohoi/blob/master/acme-dns-auth.py
2025-05-08 09:42:44 +00:00 · 2022-03-30 13:50:10 -04:00 · 2022-03-30 13:50:10 -04:00 · 41ba9b15ca
commit 41ba9b15ca
parent 6145465823
1 changed files with 37 additions and 27 deletions
--- a/dnsapi/dns_acmedns.sh
+++ b/dnsapi/dns_acmedns.sh
@ -9,9 +9,10 @@
 #
 # You can optionally define an already existing account:
 #
-# export ACMEDNS_USERNAME="<username>"
+# replace . in domain with _
-# export ACMEDNS_PASSWORD="<password>"
+# export ACMEDNS_USERNAME_$domain="<username>"
-# export ACMEDNS_SUBDOMAIN="<subdomain>"
+# export ACMEDNS_PASSWORD_$domain="<password>"
 # export ACMEDNS_SUBDOMAIN_$domain="<subdomain>"
 #
 ########  Public functions #####################
@ -19,23 +20,31 @@
 # Used to add txt record
 dns_acmedns_add() {
  fulldomain=$1
  i=2
  d=$(printf "%s" "$fulldomain" | cut -d . -f $i-100)
  h="${d/./_}"
  txtvalue=$2
  _info "Using acme-dns"
  _debug "fulldomain $fulldomain"
  _debug "domain $d"
  _debug "$h"
  _debug "txtvalue $txtvalue"
  #for compatiblity from account conf
-  ACMEDNS_USERNAME="${ACMEDNS_USERNAME:-$(_readaccountconf_mutable ACMEDNS_USERNAME)}"
+  ACMEDNS_USERNAME="ACMEDNS_USERNAME_$h"
-  _clearaccountconf_mutable ACMEDNS_USERNAME
+  export ACMEDNS_USERNAME_$h="${!ACMEDNS_USERNAME:-$(_readaccountconf_mutable ACMEDNS_USERNAME)}"
-  ACMEDNS_PASSWORD="${ACMEDNS_PASSWORD:-$(_readaccountconf_mutable ACMEDNS_PASSWORD)}"
+  _clearaccountconf_mutable $ACMEDNS_USERNAME
-  _clearaccountconf_mutable ACMEDNS_PASSWORD
+  ACMEDNS_PASSWORD="ACMEDNS_PASSWORD_$h"
-  ACMEDNS_SUBDOMAIN="${ACMEDNS_SUBDOMAIN:-$(_readaccountconf_mutable ACMEDNS_SUBDOMAIN)}"
+  export ACMEDNS_PASSWORD_$h="${!ACMEDNS_PASSWORD:-$(_readaccountconf_mutable ACMEDNS_PASSWORD)}"
-  _clearaccountconf_mutable ACMEDNS_SUBDOMAIN
+  _clearaccountconf_mutable $ACMEDNS_PASSWORD
  ACMEDNS_SUBDOMAIN="ACMEDNS_SUBDOMAIN_$h"
  export ACMEDNS_SUBDOMAIN_$h="${!ACMEDNS_SUBDOMAIN:-$(_readaccountconf_mutable ACMEDNS_SUBDOMAIN)}"
  _clearaccountconf_mutable $ACMEDNS_SUBDOMAIN
  ACMEDNS_BASE_URL="${ACMEDNS_BASE_URL:-$(_readdomainconf ACMEDNS_BASE_URL)}"
-  ACMEDNS_USERNAME="${ACMEDNS_USERNAME:-$(_readdomainconf ACMEDNS_USERNAME)}"
+  export ACMEDNS_USERNAME_$h="${!ACMEDNS_USERNAME:-$(_readdomainconf ACMEDNS_USERNAME)}"
-  ACMEDNS_PASSWORD="${ACMEDNS_PASSWORD:-$(_readdomainconf ACMEDNS_PASSWORD)}"
+  export ACMEDNS_PASSWORD_$h="${!ACMEDNS_PASSWORD:-$(_readdomainconf ACMEDNS_PASSWORD)}"
-  ACMEDNS_SUBDOMAIN="${ACMEDNS_SUBDOMAIN:-$(_readdomainconf ACMEDNS_SUBDOMAIN)}"
+  export ACMEDNS_SUBDOMAIN_$h="${!ACMEDNS_SUBDOMAIN:-$(_readdomainconf ACMEDNS_SUBDOMAIN)}"
  if [ "$ACMEDNS_BASE_URL" = "" ]; then
    ACMEDNS_BASE_URL="https://auth.acme-dns.io"
@ -44,31 +53,32 @@ dns_acmedns_add() {
  ACMEDNS_UPDATE_URL="$ACMEDNS_BASE_URL/update"
  ACMEDNS_REGISTER_URL="$ACMEDNS_BASE_URL/register"
-  if [ -z "$ACMEDNS_USERNAME" ] || [ -z "$ACMEDNS_PASSWORD" ]; then
+  if [ -z "${!ACMEDNS_USERNAME}" ] || [ -z "${!ACMEDNS_PASSWORD}" ]; then
    response="$(_post "" "$ACMEDNS_REGISTER_URL" "" "POST")"
    _debug response "$response"
-    ACMEDNS_USERNAME=$(echo "$response" | sed -n 's/^{.*\"username\":[ ]*\"\([^\"]*\)\".*}/\1/p')
+    export ACMEDNS_USERNAME_$h=$(echo "$response" | sed -n 's/^{.*\"username\":[ ]*\"\([^\"]*\)\".*}/\1/p')
-    _debug "received username: $ACMEDNS_USERNAME"
+    _debug "received username: ${!ACMEDNS_USERNAME}"
-    ACMEDNS_PASSWORD=$(echo "$response" | sed -n 's/^{.*\"password\":[ ]*\"\([^\"]*\)\".*}/\1/p')
+    export ACMEDNS_PASSWORD_$h=$(echo "$response" | sed -n 's/^{.*\"password\":[ ]*\"\([^\"]*\)\".*}/\1/p')
-    _debug "received password: $ACMEDNS_PASSWORD"
+    _debug "received password: ${!ACMEDNS_PASSWORD}"
-    ACMEDNS_SUBDOMAIN=$(echo "$response" | sed -n 's/^{.*\"subdomain\":[ ]*\"\([^\"]*\)\".*}/\1/p')
+    export ACMEDNS_SUBDOMAIN_$h=$(echo "$response" | sed -n 's/^{.*\"subdomain\":[ ]*\"\([^\"]*\)\".*}/\1/p')
-    _debug "received subdomain: $ACMEDNS_SUBDOMAIN"
+    _debug "received subdomain: ${!ACMEDNS_SUBDOMAIN}"
-    ACMEDNS_FULLDOMAIN=$(echo "$response" | sed -n 's/^{.*\"fulldomain\":[ ]*\"\([^\"]*\)\".*}/\1/p')
+    ACMEDNS_FULLDOMAIN="ACMEDNS_FULLDOMAIN_$h"
    export ACMEDNS_FULLDOMAIN_$h=$(echo "$response" | sed -n 's/^{.*\"fulldomain\":[ ]*\"\([^\"]*\)\".*}/\1/p')
    _info "##########################################################"
-    _info "# Create $fulldomain CNAME $ACMEDNS_FULLDOMAIN DNS entry #"
+    _info "# Create $fulldomain CNAME ${!ACMEDNS_FULLDOMAIN} DNS entry #"
    _info "##########################################################"
    _info "Press enter to continue... "
    read -r _
  fi
  _savedomainconf ACMEDNS_BASE_URL "$ACMEDNS_BASE_URL"
-  _savedomainconf ACMEDNS_USERNAME "$ACMEDNS_USERNAME"
+  _savedomainconf $ACMEDNS_USERNAME "${!ACMEDNS_USERNAME}"
-  _savedomainconf ACMEDNS_PASSWORD "$ACMEDNS_PASSWORD"
+  _savedomainconf $ACMEDNS_PASSWORD "${!ACMEDNS_PASSWORD}"
-  _savedomainconf ACMEDNS_SUBDOMAIN "$ACMEDNS_SUBDOMAIN"
+  _savedomainconf $ACMEDNS_SUBDOMAIN "${!ACMEDNS_SUBDOMAIN}"
-  export _H1="X-Api-User: $ACMEDNS_USERNAME"
+  export _H1="X-Api-User: ${!ACMEDNS_USERNAME}"
-  export _H2="X-Api-Key: $ACMEDNS_PASSWORD"
+  export _H2="X-Api-Key: ${!ACMEDNS_PASSWORD}"
-  data="{\"subdomain\":\"$ACMEDNS_SUBDOMAIN\", \"txt\": \"$txtvalue\"}"
+  data="{\"subdomain\":\"${!ACMEDNS_SUBDOMAIN}\", \"txt\": \"$txtvalue\"}"
  _debug data "$data"
  response="$(_post "$data" "$ACMEDNS_UPDATE_URL" "" "POST")"