From b3e1fb80fd156b6fa3d73792fc3e50df8cb10d5a Mon Sep 17 00:00:00 2001 From: taishan69 Date: Tue, 21 Feb 2017 09:04:11 -0600 Subject: [PATCH 01/21] Add Infoblox DNS API support Written in concert with one of my colleagues, this script adds Infoblox API support to acme.sh --- dns_infoblox.sh | 78 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) create mode 100644 dns_infoblox.sh diff --git a/dns_infoblox.sh b/dns_infoblox.sh new file mode 100644 index 00000000..a91f2127 --- /dev/null +++ b/dns_infoblox.sh @@ -0,0 +1,78 @@ + +#!/usr/bin/env sh + +dns_infoblox_add() { + + fulldomain=$1 + txtvalue=$2 + baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue" + _info "Using Infoblox API" + _debug fulldomain "$fulldomain" + _debug txtvalue "$txtvalue" + #_err "Not implemented!" + + if [ -z "$Infoblox_Creds" ] || [ -z "$Infoblox_Server" ]; then + Infoblox_Creds="" + Infoblox_Server="" + _err "You didn't specify the credentials or server yet (Infoblox_Creds and Infoblox_Server)." + _err "Please set them via EXPORT ([username:password] and [ip or hostname]) and try again." + return 1 + fi + + #save the login info to the account conf file. + _saveaccountconf Infoblox_Creds "$Infoblox_Creds" + _saveaccountconf Infoblox_Server "$Infoblox_Server" + +result=`curl -k -u $Infoblox_Creds -X POST $baseurlnObject` + +if [[ $result =~ record:txt/.*:.*/default ]]; then + echo "Successfully created the txt record" + return 0 +else + echo "Error encountered during record addition" + echo $result + _err $result + return 1 +fi + +} + +dns_infoblox_rm() { + + fulldomain=$1 + txtvalue=$2 + _info "Using Infoblox API" + _debug fulldomain "$fulldomain" + _debug txtvalue "$txtvalue" + + # Does the record exist? +baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue&_return_type=xml-pretty" +echo $baseurlnObject + +result=`curl -k -u $Infoblox_Creds -X GET $baseurlnObject` + +if [[ $result =~ record:txt/.*:.*/default ]]; then + # Extract object ref + objRef=`grep -Po 'record:txt/.*:.*/default' <<< $result` + objRmUrl="https://$Infoblox_Server/wapi/v2.2.2/$objRef" + rmResult=`curl -k -u $Infoblox_Creds -X DELETE $objRmUrl` + # Check if rm succeeded + if [[ $rmResult =~ record:txt/.*:.*/default ]]; then + echo "Successfully deleted $objRef" + return 0 + else + echo "Error occurred during txt record delete" + echo $rmResult + _err $rmResult + return 1 + fi +else + echo "Record to delete didn't match an existing record" + echo $result + _err $result + return 1 +fi + +} + +#################### Private functions below ################################## From aa2a5134ab04947f55b1b95e86e91709ba892582 Mon Sep 17 00:00:00 2001 From: Jason Keller Date: Tue, 21 Feb 2017 09:38:01 -0600 Subject: [PATCH 02/21] Removed first empty line per request @Neilpang --- dns_infoblox.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/dns_infoblox.sh b/dns_infoblox.sh index a91f2127..0bfa82e6 100644 --- a/dns_infoblox.sh +++ b/dns_infoblox.sh @@ -1,4 +1,3 @@ - #!/usr/bin/env sh dns_infoblox_add() { From 24cbf3de37b6eb0085388e8d42ffe938779159ec Mon Sep 17 00:00:00 2001 From: Jason Date: Tue, 14 Mar 2017 17:06:23 -0500 Subject: [PATCH 03/21] Update dns_infoblox.sh --- dns_infoblox.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dns_infoblox.sh b/dns_infoblox.sh index 0bfa82e6..d3490017 100644 --- a/dns_infoblox.sh +++ b/dns_infoblox.sh @@ -24,7 +24,7 @@ dns_infoblox_add() { result=`curl -k -u $Infoblox_Creds -X POST $baseurlnObject` -if [[ $result =~ record:txt/.*:.*/default ]]; then +if [ $result =~ record:txt/.*:.*/default ]; then echo "Successfully created the txt record" return 0 else @@ -50,13 +50,13 @@ echo $baseurlnObject result=`curl -k -u $Infoblox_Creds -X GET $baseurlnObject` -if [[ $result =~ record:txt/.*:.*/default ]]; then +if [ $result =~ record:txt/.*:.*/default ]; then # Extract object ref objRef=`grep -Po 'record:txt/.*:.*/default' <<< $result` objRmUrl="https://$Infoblox_Server/wapi/v2.2.2/$objRef" rmResult=`curl -k -u $Infoblox_Creds -X DELETE $objRmUrl` # Check if rm succeeded - if [[ $rmResult =~ record:txt/.*:.*/default ]]; then + if [ $rmResult =~ record:txt/.*:.*/default ]; then echo "Successfully deleted $objRef" return 0 else From 4ee8d383df5c92f6a3055e4883ff2bfebc0d3927 Mon Sep 17 00:00:00 2001 From: Jason Date: Wed, 15 Mar 2017 08:59:13 -0500 Subject: [PATCH 04/21] Removed [[ ]] regex bash-isms Tested in RHEL7 accessing an Infoblox Trinzic appliance --- dns_infoblox.sh | 89 +++++++++++++++++++++++++++---------------------- 1 file changed, 49 insertions(+), 40 deletions(-) diff --git a/dns_infoblox.sh b/dns_infoblox.sh index d3490017..c16367b8 100644 --- a/dns_infoblox.sh +++ b/dns_infoblox.sh @@ -4,10 +4,15 @@ dns_infoblox_add() { fulldomain=$1 txtvalue=$2 + baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue" + _info "Using Infoblox API" + _debug fulldomain "$fulldomain" + _debug txtvalue "$txtvalue" + #_err "Not implemented!" if [ -z "$Infoblox_Creds" ] || [ -z "$Infoblox_Server" ]; then @@ -24,54 +29,58 @@ dns_infoblox_add() { result=`curl -k -u $Infoblox_Creds -X POST $baseurlnObject` -if [ $result =~ record:txt/.*:.*/default ]; then +if echo "$result" | grep -Eq 'record:txt/.*:.*/default'; then echo "Successfully created the txt record" return 0 -else +else echo "Error encountered during record addition" echo $result _err $result return 1 -fi - -} - -dns_infoblox_rm() { - - fulldomain=$1 - txtvalue=$2 - _info "Using Infoblox API" - _debug fulldomain "$fulldomain" - _debug txtvalue "$txtvalue" - - # Does the record exist? -baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue&_return_type=xml-pretty" -echo $baseurlnObject - -result=`curl -k -u $Infoblox_Creds -X GET $baseurlnObject` - -if [ $result =~ record:txt/.*:.*/default ]; then - # Extract object ref - objRef=`grep -Po 'record:txt/.*:.*/default' <<< $result` - objRmUrl="https://$Infoblox_Server/wapi/v2.2.2/$objRef" - rmResult=`curl -k -u $Infoblox_Creds -X DELETE $objRmUrl` - # Check if rm succeeded - if [ $rmResult =~ record:txt/.*:.*/default ]; then - echo "Successfully deleted $objRef" - return 0 - else - echo "Error occurred during txt record delete" - echo $rmResult - _err $rmResult - return 1 - fi -else - echo "Record to delete didn't match an existing record" - echo $result - _err $result - return 1 fi } +dns_infoblox_rm() { + + fulldomain=$1 + txtvalue=$2 + + _info "Using Infoblox API" + + _debug fulldomain "$fulldomain" + + _debug txtvalue "$txtvalue" + + # Does the record exist? + +baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue&_return_type=xml-pretty" + +echo $baseurlnObject + +result=`curl -k -u $Infoblox_Creds -X GET $baseurlnObject` + +if echo $result | grep -Eq 'record:txt/.*:.*/default'; then + # Extract object ref + objRef=`grep -Po 'record:txt/.*:.*/default' <<< $result` + objRmUrl="https://$Infoblox_Server/wapi/v2.2.2/$objRef" + rmResult=`curl -k -u $Infoblox_Creds -X DELETE $objRmUrl` + # Check if rm succeeded + if echo "$rmResult" | grep -Eq 'record:txt/.*:.*/default'; then + echo "Successfully deleted $objRef" + return 0 + else + echo "Error occurred during txt record delete" + echo $rmResult + _err $rmResult + return 1 + fi +else + echo "Record to delete didn't match an existing record" + echo $result + _err $result + return 1 +fi +} + #################### Private functions below ################################## From 53dac094f4d10b92925393b949a160f4db2a71e4 Mon Sep 17 00:00:00 2001 From: Jason Date: Wed, 15 Mar 2017 10:07:16 -0500 Subject: [PATCH 05/21] Changed 'echo' to '_info' Changed 'echo' to '_info' Touched up quoting variable on upper 'if' statement in the dns_infoblox_rm() function --- dns_infoblox.sh | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/dns_infoblox.sh b/dns_infoblox.sh index c16367b8..0bb71d28 100644 --- a/dns_infoblox.sh +++ b/dns_infoblox.sh @@ -29,12 +29,12 @@ dns_infoblox_add() { result=`curl -k -u $Infoblox_Creds -X POST $baseurlnObject` -if echo "$result" | grep -Eq 'record:txt/.*:.*/default'; then - echo "Successfully created the txt record" +if _info "$result" | grep -Eq 'record:txt/.*:.*/default'; then + _info "Successfully created the txt record" return 0 else - echo "Error encountered during record addition" - echo $result + _info "Error encountered during record addition" + _info $result _err $result return 1 fi @@ -56,28 +56,28 @@ dns_infoblox_rm() { baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue&_return_type=xml-pretty" -echo $baseurlnObject +_info $baseurlnObject result=`curl -k -u $Infoblox_Creds -X GET $baseurlnObject` -if echo $result | grep -Eq 'record:txt/.*:.*/default'; then +if _info "$result" | grep -Eq 'record:txt/.*:.*/default'; then # Extract object ref objRef=`grep -Po 'record:txt/.*:.*/default' <<< $result` objRmUrl="https://$Infoblox_Server/wapi/v2.2.2/$objRef" rmResult=`curl -k -u $Infoblox_Creds -X DELETE $objRmUrl` # Check if rm succeeded - if echo "$rmResult" | grep -Eq 'record:txt/.*:.*/default'; then - echo "Successfully deleted $objRef" + if _info "$rmResult" | grep -Eq 'record:txt/.*:.*/default'; then + _info "Successfully deleted $objRef" return 0 else - echo "Error occurred during txt record delete" - echo $rmResult + _info "Error occurred during txt record delete" + _info $rmResult _err $rmResult return 1 fi else - echo "Record to delete didn't match an existing record" - echo $result + _info "Record to delete didn't match an existing record" + _info $result _err $result return 1 fi From bf0f5507ad44a7f6d4c3805dba4464a7181aba45 Mon Sep 17 00:00:00 2001 From: Jason Date: Wed, 15 Mar 2017 10:19:34 -0500 Subject: [PATCH 06/21] Replaced 'grep -Eq' with 'egrep' --- dns_infoblox.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dns_infoblox.sh b/dns_infoblox.sh index 0bb71d28..76a46e95 100644 --- a/dns_infoblox.sh +++ b/dns_infoblox.sh @@ -29,7 +29,7 @@ dns_infoblox_add() { result=`curl -k -u $Infoblox_Creds -X POST $baseurlnObject` -if _info "$result" | grep -Eq 'record:txt/.*:.*/default'; then +if _info "$result" | egrep 'record:txt/.*:.*/default'; then _info "Successfully created the txt record" return 0 else @@ -60,13 +60,13 @@ _info $baseurlnObject result=`curl -k -u $Infoblox_Creds -X GET $baseurlnObject` -if _info "$result" | grep -Eq 'record:txt/.*:.*/default'; then +if _info "$result" | egrep 'record:txt/.*:.*/default'; then # Extract object ref objRef=`grep -Po 'record:txt/.*:.*/default' <<< $result` objRmUrl="https://$Infoblox_Server/wapi/v2.2.2/$objRef" rmResult=`curl -k -u $Infoblox_Creds -X DELETE $objRmUrl` # Check if rm succeeded - if _info "$rmResult" | grep -Eq 'record:txt/.*:.*/default'; then + if _info "$rmResult" | egrep 'record:txt/.*:.*/default'; then _info "Successfully deleted $objRef" return 0 else From 4f759172f8717caf83d35fc0f9b5905d3ba0ffef Mon Sep 17 00:00:00 2001 From: Jason Date: Wed, 15 Mar 2017 10:43:37 -0500 Subject: [PATCH 07/21] Quotes added @Neilpang tested and committed --- dns_infoblox.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/dns_infoblox.sh b/dns_infoblox.sh index 76a46e95..e06c2888 100644 --- a/dns_infoblox.sh +++ b/dns_infoblox.sh @@ -34,8 +34,8 @@ if _info "$result" | egrep 'record:txt/.*:.*/default'; then return 0 else _info "Error encountered during record addition" - _info $result - _err $result + _info "$result" + _err "$result" return 1 fi @@ -56,7 +56,7 @@ dns_infoblox_rm() { baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue&_return_type=xml-pretty" -_info $baseurlnObject +_info "$baseurlnObject" result=`curl -k -u $Infoblox_Creds -X GET $baseurlnObject` @@ -71,14 +71,14 @@ if _info "$result" | egrep 'record:txt/.*:.*/default'; then return 0 else _info "Error occurred during txt record delete" - _info $rmResult - _err $rmResult + _info "$rmResult" + _err "$rmResult" return 1 fi else _info "Record to delete didn't match an existing record" - _info $result - _err $result + _info "$result" + _err "$result" return 1 fi } From 8fab63689e752d0566ed33a84ae1d0d960b01c45 Mon Sep 17 00:00:00 2001 From: Jason Date: Thu, 16 Mar 2017 08:32:35 -0500 Subject: [PATCH 08/21] Formatting @Neilpang, I believe I have fixed up the formatting. FYI you have write permissions to this branch, and I can test as needed. --- dns_infoblox.sh | 62 ++++++++++++++++++++++++------------------------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/dns_infoblox.sh b/dns_infoblox.sh index e06c2888..9714b1bf 100644 --- a/dns_infoblox.sh +++ b/dns_infoblox.sh @@ -15,7 +15,7 @@ dns_infoblox_add() { #_err "Not implemented!" - if [ -z "$Infoblox_Creds" ] || [ -z "$Infoblox_Server" ]; then + if [ -z "$Infoblox_Creds" ] || [ -z "$Infoblox_Server" ]; then Infoblox_Creds="" Infoblox_Server="" _err "You didn't specify the credentials or server yet (Infoblox_Creds and Infoblox_Server)." @@ -27,17 +27,17 @@ dns_infoblox_add() { _saveaccountconf Infoblox_Creds "$Infoblox_Creds" _saveaccountconf Infoblox_Server "$Infoblox_Server" -result=`curl -k -u $Infoblox_Creds -X POST $baseurlnObject` + result=$(curl -k -u $Infoblox_Creds -X POST $baseurlnObject) -if _info "$result" | egrep 'record:txt/.*:.*/default'; then - _info "Successfully created the txt record" - return 0 -else - _info "Error encountered during record addition" - _info "$result" - _err "$result" - return 1 -fi + if _info "$result" | egrep 'record:txt/.*:.*/default'; then + _info "Successfully created the txt record" + return 0 + else + _info "Error encountered during record addition" + _info "$result" + _err "$result" + return 1 + fi } @@ -52,35 +52,35 @@ dns_infoblox_rm() { _debug txtvalue "$txtvalue" - # Does the record exist? + # Does the record exist? -baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue&_return_type=xml-pretty" + baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue&_return_type=xml-pretty" -_info "$baseurlnObject" + _info "$baseurlnObject" -result=`curl -k -u $Infoblox_Creds -X GET $baseurlnObject` + result=$(curl -k -u $Infoblox_Creds -X GET $baseurlnObject) -if _info "$result" | egrep 'record:txt/.*:.*/default'; then + if _info "$result" | egrep 'record:txt/.*:.*/default'; then # Extract object ref objRef=`grep -Po 'record:txt/.*:.*/default' <<< $result` objRmUrl="https://$Infoblox_Server/wapi/v2.2.2/$objRef" rmResult=`curl -k -u $Infoblox_Creds -X DELETE $objRmUrl` # Check if rm succeeded - if _info "$rmResult" | egrep 'record:txt/.*:.*/default'; then - _info "Successfully deleted $objRef" - return 0 - else - _info "Error occurred during txt record delete" - _info "$rmResult" - _err "$rmResult" - return 1 - fi -else - _info "Record to delete didn't match an existing record" - _info "$result" - _err "$result" - return 1 -fi + if _info "$rmResult" | egrep 'record:txt/.*:.*/default'; then + _info "Successfully deleted $objRef" + return 0 + else + _info "Error occurred during txt record delete" + _info "$rmResult" + _err "$rmResult" + return 1 + fi + else + _info "Record to delete didn't match an existing record" + _info "$result" + _err "$result" + return 1 + fi } #################### Private functions below ################################## From b30f5c0be70c7a11b29f25d2fed73fd37d63922e Mon Sep 17 00:00:00 2001 From: Jason Date: Thu, 16 Mar 2017 08:52:32 -0500 Subject: [PATCH 09/21] More formatting --- dns_infoblox.sh | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/dns_infoblox.sh b/dns_infoblox.sh index 9714b1bf..e279fd1b 100644 --- a/dns_infoblox.sh +++ b/dns_infoblox.sh @@ -36,7 +36,7 @@ dns_infoblox_add() { _info "Error encountered during record addition" _info "$result" _err "$result" - return 1 + return 1 fi } @@ -62,19 +62,19 @@ dns_infoblox_rm() { if _info "$result" | egrep 'record:txt/.*:.*/default'; then # Extract object ref - objRef=`grep -Po 'record:txt/.*:.*/default' <<< $result` + objRef=$(grep -Po 'record:txt/.*:.*/default' <<< $result) objRmUrl="https://$Infoblox_Server/wapi/v2.2.2/$objRef" - rmResult=`curl -k -u $Infoblox_Creds -X DELETE $objRmUrl` + rmResult=$(curl -k -u $Infoblox_Creds -X DELETE $objRmUrl) # Check if rm succeeded - if _info "$rmResult" | egrep 'record:txt/.*:.*/default'; then - _info "Successfully deleted $objRef" - return 0 - else - _info "Error occurred during txt record delete" - _info "$rmResult" - _err "$rmResult" - return 1 - fi + if _info "$rmResult" | egrep 'record:txt/.*:.*/default'; then + _info "Successfully deleted $objRef" + return 0 + else + _info "Error occurred during txt record delete" + _info "$rmResult" + _err "$rmResult" + return 1 + fi else _info "Record to delete didn't match an existing record" _info "$result" From 95ef2a1e602f7fad82ce72a75dd7bd27d2e10456 Mon Sep 17 00:00:00 2001 From: Jason Date: Thu, 16 Mar 2017 08:55:50 -0500 Subject: [PATCH 10/21] Even more formatting --- dns_infoblox.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dns_infoblox.sh b/dns_infoblox.sh index e279fd1b..106fe7e9 100644 --- a/dns_infoblox.sh +++ b/dns_infoblox.sh @@ -62,7 +62,7 @@ dns_infoblox_rm() { if _info "$result" | egrep 'record:txt/.*:.*/default'; then # Extract object ref - objRef=$(grep -Po 'record:txt/.*:.*/default' <<< $result) + objRef=$(grep -Po 'record:txt/.*:.*/default' <<<$result) objRmUrl="https://$Infoblox_Server/wapi/v2.2.2/$objRef" rmResult=$(curl -k -u $Infoblox_Creds -X DELETE $objRmUrl) # Check if rm succeeded @@ -71,7 +71,7 @@ dns_infoblox_rm() { return 0 else _info "Error occurred during txt record delete" - _info "$rmResult" + _info "$rmResult" _err "$rmResult" return 1 fi From 360089623bcb78a647f247deef3cd03a95591914 Mon Sep 17 00:00:00 2001 From: Jason Date: Fri, 17 Mar 2017 13:14:10 -0500 Subject: [PATCH 11/21] Rewrite with more comments, custom functions Using _get and _post --- dns_infoblox.sh | 54 ++++++++++++++++++++++++++++--------------------- 1 file changed, 31 insertions(+), 23 deletions(-) diff --git a/dns_infoblox.sh b/dns_infoblox.sh index 106fe7e9..20a3d849 100644 --- a/dns_infoblox.sh +++ b/dns_infoblox.sh @@ -2,19 +2,16 @@ dns_infoblox_add() { + ## Nothing to see here, just some housekeeping fulldomain=$1 txtvalue=$2 - baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue" _info "Using Infoblox API" - _debug fulldomain "$fulldomain" - _debug txtvalue "$txtvalue" - #_err "Not implemented!" - + ## Check for the credentials if [ -z "$Infoblox_Creds" ] || [ -z "$Infoblox_Server" ]; then Infoblox_Creds="" Infoblox_Server="" @@ -23,13 +20,21 @@ dns_infoblox_add() { return 1 fi - #save the login info to the account conf file. + ## Save the credentials to the account file _saveaccountconf Infoblox_Creds "$Infoblox_Creds" _saveaccountconf Infoblox_Server "$Infoblox_Server" + + ## Base64 encode the credentials + Infoblox_CredsEncoded=$(echo -n "$Infoblox_Creds" | base64) + + ## Construct the HTTP Authorization header + export _H2="Authorization: Basic $Infoblox_CredsEncoded" + + ## Add the challenge record to the Infoblox grid member + result=$(_post "" "$baseurlnObject" "" "POST") - result=$(curl -k -u $Infoblox_Creds -X POST $baseurlnObject) - - if _info "$result" | egrep 'record:txt/.*:.*/default'; then + ## Let's see if we get something intelligible back from the unit + if echo "$result" | egrep 'record:txt/.*:.*/default'; then _info "Successfully created the txt record" return 0 else @@ -43,30 +48,33 @@ dns_infoblox_add() { dns_infoblox_rm() { + ## Nothing to see here, just some housekeeping fulldomain=$1 txtvalue=$2 _info "Using Infoblox API" - _debug fulldomain "$fulldomain" - _debug txtvalue "$txtvalue" - # Does the record exist? - + ## Base64 encode the credentials + Infoblox_CredsEncoded=$(echo -n "$Infoblox_Creds" | base64) + + ## Construct the HTTP Authorization header + export _H2="Authorization: Basic $Infoblox_CredsEncoded" + + ## Does the record exist? Let's check. baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue&_return_type=xml-pretty" + result=$(_get "$baseurlnObject") - _info "$baseurlnObject" - - result=$(curl -k -u $Infoblox_Creds -X GET $baseurlnObject) - - if _info "$result" | egrep 'record:txt/.*:.*/default'; then - # Extract object ref - objRef=$(grep -Po 'record:txt/.*:.*/default' <<<$result) + ## Let's see if we get something intelligible back from the grid + if echo "$result" | egrep 'record:txt/.*:.*/default'; then + ## Extract the object reference + objRef=$(egrep -o 'record:txt/.*:.*/default' <<<$result) objRmUrl="https://$Infoblox_Server/wapi/v2.2.2/$objRef" - rmResult=$(curl -k -u $Infoblox_Creds -X DELETE $objRmUrl) - # Check if rm succeeded - if _info "$rmResult" | egrep 'record:txt/.*:.*/default'; then + ## Delete them! All the stale records! + rmResult=$(_post "" "$objRmUrl" "" "DELETE") + ## Let's see if that worked + if echo "$rmResult" | egrep 'record:txt/.*:.*/default'; then _info "Successfully deleted $objRef" return 0 else From 73e4539793dc7943d3bd106bb7334d1b26458044 Mon Sep 17 00:00:00 2001 From: Jason Date: Fri, 17 Mar 2017 13:19:42 -0500 Subject: [PATCH 12/21] Formatting, redux --- dns_infoblox.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/dns_infoblox.sh b/dns_infoblox.sh index 20a3d849..9375403e 100644 --- a/dns_infoblox.sh +++ b/dns_infoblox.sh @@ -26,10 +26,10 @@ dns_infoblox_add() { ## Base64 encode the credentials Infoblox_CredsEncoded=$(echo -n "$Infoblox_Creds" | base64) - + ## Construct the HTTP Authorization header export _H2="Authorization: Basic $Infoblox_CredsEncoded" - + ## Add the challenge record to the Infoblox grid member result=$(_post "" "$baseurlnObject" "" "POST") @@ -58,10 +58,10 @@ dns_infoblox_rm() { ## Base64 encode the credentials Infoblox_CredsEncoded=$(echo -n "$Infoblox_Creds" | base64) - + ## Construct the HTTP Authorization header export _H2="Authorization: Basic $Infoblox_CredsEncoded" - + ## Does the record exist? Let's check. baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue&_return_type=xml-pretty" result=$(_get "$baseurlnObject") @@ -72,7 +72,7 @@ dns_infoblox_rm() { objRef=$(egrep -o 'record:txt/.*:.*/default' <<<$result) objRmUrl="https://$Infoblox_Server/wapi/v2.2.2/$objRef" ## Delete them! All the stale records! - rmResult=$(_post "" "$objRmUrl" "" "DELETE") + rmResult=$(_post "" "$objRmUrl" "" "DELETE") ## Let's see if that worked if echo "$rmResult" | egrep 'record:txt/.*:.*/default'; then _info "Successfully deleted $objRef" From d2bf6c53eda974fd37c041993304230a912c64e2 Mon Sep 17 00:00:00 2001 From: Jason Date: Fri, 17 Mar 2017 15:03:14 -0500 Subject: [PATCH 13/21] Even more formatting (redux) --- dns_infoblox.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dns_infoblox.sh b/dns_infoblox.sh index 9375403e..4f1cb13c 100644 --- a/dns_infoblox.sh +++ b/dns_infoblox.sh @@ -23,7 +23,7 @@ dns_infoblox_add() { ## Save the credentials to the account file _saveaccountconf Infoblox_Creds "$Infoblox_Creds" _saveaccountconf Infoblox_Server "$Infoblox_Server" - + ## Base64 encode the credentials Infoblox_CredsEncoded=$(echo -n "$Infoblox_Creds" | base64) From a4728f5f58ce3030bc12cf168b9a32575223b187 Mon Sep 17 00:00:00 2001 From: Jason Date: Tue, 21 Mar 2017 08:13:44 -0500 Subject: [PATCH 14/21] Moved file into dnsapi folder --- dnsapi/dns_infoblox | 94 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 dnsapi/dns_infoblox diff --git a/dnsapi/dns_infoblox b/dnsapi/dns_infoblox new file mode 100644 index 00000000..4f1cb13c --- /dev/null +++ b/dnsapi/dns_infoblox @@ -0,0 +1,94 @@ +#!/usr/bin/env sh + +dns_infoblox_add() { + + ## Nothing to see here, just some housekeeping + fulldomain=$1 + txtvalue=$2 + baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue" + + _info "Using Infoblox API" + _debug fulldomain "$fulldomain" + _debug txtvalue "$txtvalue" + + ## Check for the credentials + if [ -z "$Infoblox_Creds" ] || [ -z "$Infoblox_Server" ]; then + Infoblox_Creds="" + Infoblox_Server="" + _err "You didn't specify the credentials or server yet (Infoblox_Creds and Infoblox_Server)." + _err "Please set them via EXPORT ([username:password] and [ip or hostname]) and try again." + return 1 + fi + + ## Save the credentials to the account file + _saveaccountconf Infoblox_Creds "$Infoblox_Creds" + _saveaccountconf Infoblox_Server "$Infoblox_Server" + + ## Base64 encode the credentials + Infoblox_CredsEncoded=$(echo -n "$Infoblox_Creds" | base64) + + ## Construct the HTTP Authorization header + export _H2="Authorization: Basic $Infoblox_CredsEncoded" + + ## Add the challenge record to the Infoblox grid member + result=$(_post "" "$baseurlnObject" "" "POST") + + ## Let's see if we get something intelligible back from the unit + if echo "$result" | egrep 'record:txt/.*:.*/default'; then + _info "Successfully created the txt record" + return 0 + else + _info "Error encountered during record addition" + _info "$result" + _err "$result" + return 1 + fi + +} + +dns_infoblox_rm() { + + ## Nothing to see here, just some housekeeping + fulldomain=$1 + txtvalue=$2 + + _info "Using Infoblox API" + _debug fulldomain "$fulldomain" + _debug txtvalue "$txtvalue" + + ## Base64 encode the credentials + Infoblox_CredsEncoded=$(echo -n "$Infoblox_Creds" | base64) + + ## Construct the HTTP Authorization header + export _H2="Authorization: Basic $Infoblox_CredsEncoded" + + ## Does the record exist? Let's check. + baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue&_return_type=xml-pretty" + result=$(_get "$baseurlnObject") + + ## Let's see if we get something intelligible back from the grid + if echo "$result" | egrep 'record:txt/.*:.*/default'; then + ## Extract the object reference + objRef=$(egrep -o 'record:txt/.*:.*/default' <<<$result) + objRmUrl="https://$Infoblox_Server/wapi/v2.2.2/$objRef" + ## Delete them! All the stale records! + rmResult=$(_post "" "$objRmUrl" "" "DELETE") + ## Let's see if that worked + if echo "$rmResult" | egrep 'record:txt/.*:.*/default'; then + _info "Successfully deleted $objRef" + return 0 + else + _info "Error occurred during txt record delete" + _info "$rmResult" + _err "$rmResult" + return 1 + fi + else + _info "Record to delete didn't match an existing record" + _info "$result" + _err "$result" + return 1 + fi +} + +#################### Private functions below ################################## From 2b58c243b26e731a02fb648d28369c10be256965 Mon Sep 17 00:00:00 2001 From: Jason Date: Tue, 21 Mar 2017 08:15:11 -0500 Subject: [PATCH 15/21] Remove from root folder --- dns_infoblox.sh | 94 ------------------------------------------------- 1 file changed, 94 deletions(-) delete mode 100644 dns_infoblox.sh diff --git a/dns_infoblox.sh b/dns_infoblox.sh deleted file mode 100644 index 4f1cb13c..00000000 --- a/dns_infoblox.sh +++ /dev/null @@ -1,94 +0,0 @@ -#!/usr/bin/env sh - -dns_infoblox_add() { - - ## Nothing to see here, just some housekeeping - fulldomain=$1 - txtvalue=$2 - baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue" - - _info "Using Infoblox API" - _debug fulldomain "$fulldomain" - _debug txtvalue "$txtvalue" - - ## Check for the credentials - if [ -z "$Infoblox_Creds" ] || [ -z "$Infoblox_Server" ]; then - Infoblox_Creds="" - Infoblox_Server="" - _err "You didn't specify the credentials or server yet (Infoblox_Creds and Infoblox_Server)." - _err "Please set them via EXPORT ([username:password] and [ip or hostname]) and try again." - return 1 - fi - - ## Save the credentials to the account file - _saveaccountconf Infoblox_Creds "$Infoblox_Creds" - _saveaccountconf Infoblox_Server "$Infoblox_Server" - - ## Base64 encode the credentials - Infoblox_CredsEncoded=$(echo -n "$Infoblox_Creds" | base64) - - ## Construct the HTTP Authorization header - export _H2="Authorization: Basic $Infoblox_CredsEncoded" - - ## Add the challenge record to the Infoblox grid member - result=$(_post "" "$baseurlnObject" "" "POST") - - ## Let's see if we get something intelligible back from the unit - if echo "$result" | egrep 'record:txt/.*:.*/default'; then - _info "Successfully created the txt record" - return 0 - else - _info "Error encountered during record addition" - _info "$result" - _err "$result" - return 1 - fi - -} - -dns_infoblox_rm() { - - ## Nothing to see here, just some housekeeping - fulldomain=$1 - txtvalue=$2 - - _info "Using Infoblox API" - _debug fulldomain "$fulldomain" - _debug txtvalue "$txtvalue" - - ## Base64 encode the credentials - Infoblox_CredsEncoded=$(echo -n "$Infoblox_Creds" | base64) - - ## Construct the HTTP Authorization header - export _H2="Authorization: Basic $Infoblox_CredsEncoded" - - ## Does the record exist? Let's check. - baseurlnObject="https://$Infoblox_Server/wapi/v2.2.2/record:txt?name=$fulldomain&text=$txtvalue&_return_type=xml-pretty" - result=$(_get "$baseurlnObject") - - ## Let's see if we get something intelligible back from the grid - if echo "$result" | egrep 'record:txt/.*:.*/default'; then - ## Extract the object reference - objRef=$(egrep -o 'record:txt/.*:.*/default' <<<$result) - objRmUrl="https://$Infoblox_Server/wapi/v2.2.2/$objRef" - ## Delete them! All the stale records! - rmResult=$(_post "" "$objRmUrl" "" "DELETE") - ## Let's see if that worked - if echo "$rmResult" | egrep 'record:txt/.*:.*/default'; then - _info "Successfully deleted $objRef" - return 0 - else - _info "Error occurred during txt record delete" - _info "$rmResult" - _err "$rmResult" - return 1 - fi - else - _info "Record to delete didn't match an existing record" - _info "$result" - _err "$result" - return 1 - fi -} - -#################### Private functions below ################################## From fc627746c7455d6b3cbdfd7b9f48b74d3192e3a5 Mon Sep 17 00:00:00 2001 From: Jason Date: Tue, 21 Mar 2017 08:38:59 -0500 Subject: [PATCH 16/21] Waded through more undocumented source Implemented _base64 instead of base64 --- dnsapi/dns_infoblox | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dnsapi/dns_infoblox b/dnsapi/dns_infoblox index 4f1cb13c..f6fd0b5f 100644 --- a/dnsapi/dns_infoblox +++ b/dnsapi/dns_infoblox @@ -25,7 +25,7 @@ dns_infoblox_add() { _saveaccountconf Infoblox_Server "$Infoblox_Server" ## Base64 encode the credentials - Infoblox_CredsEncoded=$(echo -n "$Infoblox_Creds" | base64) + Infoblox_CredsEncoded=$(printf "$Infoblox_Creds" | _base64) ## Construct the HTTP Authorization header export _H2="Authorization: Basic $Infoblox_CredsEncoded" @@ -57,7 +57,7 @@ dns_infoblox_rm() { _debug txtvalue "$txtvalue" ## Base64 encode the credentials - Infoblox_CredsEncoded=$(echo -n "$Infoblox_Creds" | base64) + Infoblox_CredsEncoded=$(printf "$Infoblox_Creds" | _base64) ## Construct the HTTP Authorization header export _H2="Authorization: Basic $Infoblox_CredsEncoded" From 4111a786e190e3d22eed7f72edd596019ab81db9 Mon Sep 17 00:00:00 2001 From: Jason Date: Tue, 21 Mar 2017 10:56:26 -0500 Subject: [PATCH 17/21] _H1, _egrep_o and extraneous --- dnsapi/dns_infoblox | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/dnsapi/dns_infoblox b/dnsapi/dns_infoblox index f6fd0b5f..ab849e7b 100644 --- a/dnsapi/dns_infoblox +++ b/dnsapi/dns_infoblox @@ -28,6 +28,7 @@ dns_infoblox_add() { Infoblox_CredsEncoded=$(printf "$Infoblox_Creds" | _base64) ## Construct the HTTP Authorization header + export _H1="Accept-Language:en-US" export _H2="Authorization: Basic $Infoblox_CredsEncoded" ## Add the challenge record to the Infoblox grid member @@ -39,7 +40,6 @@ dns_infoblox_add() { return 0 else _info "Error encountered during record addition" - _info "$result" _err "$result" return 1 fi @@ -60,6 +60,7 @@ dns_infoblox_rm() { Infoblox_CredsEncoded=$(printf "$Infoblox_Creds" | _base64) ## Construct the HTTP Authorization header + export _H1="Accept-Language:en-US" export _H2="Authorization: Basic $Infoblox_CredsEncoded" ## Does the record exist? Let's check. @@ -69,7 +70,7 @@ dns_infoblox_rm() { ## Let's see if we get something intelligible back from the grid if echo "$result" | egrep 'record:txt/.*:.*/default'; then ## Extract the object reference - objRef=$(egrep -o 'record:txt/.*:.*/default' <<<$result) + objRef=$(_egrep_o 'record:txt/.*:.*/default' <<<$result) objRmUrl="https://$Infoblox_Server/wapi/v2.2.2/$objRef" ## Delete them! All the stale records! rmResult=$(_post "" "$objRmUrl" "" "DELETE") @@ -79,13 +80,11 @@ dns_infoblox_rm() { return 0 else _info "Error occurred during txt record delete" - _info "$rmResult" _err "$rmResult" return 1 fi else _info "Record to delete didn't match an existing record" - _info "$result" _err "$result" return 1 fi From 7bcf49265fa22cd1ae922f3b627c24b8aa1aa057 Mon Sep 17 00:00:00 2001 From: Jason Date: Wed, 22 Mar 2017 13:06:12 -0500 Subject: [PATCH 18/21] Added infoblox to supported list Added Infoblox API to list of supported DNS APIs --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index b33f8636..c33c7fb1 100644 --- a/README.md +++ b/README.md @@ -293,6 +293,7 @@ You don't have to do anything manually! 1. Linode.com API 1. FreeDNS (https://freedns.afraid.org/) 1. cyon.ch +1. Infoblox API **More APIs coming soon...** From 98e83ba1a2b7a00401b142090b27051cbb477f1c Mon Sep 17 00:00:00 2001 From: Jason Date: Wed, 22 Mar 2017 13:08:16 -0500 Subject: [PATCH 19/21] Touched up Infoblox reference with URL --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c33c7fb1..228c93c4 100644 --- a/README.md +++ b/README.md @@ -293,7 +293,7 @@ You don't have to do anything manually! 1. Linode.com API 1. FreeDNS (https://freedns.afraid.org/) 1. cyon.ch -1. Infoblox API +1. Infoblox NIOS API (https://www.infoblox.com/) **More APIs coming soon...** From 82f49d3653a0bb62e1693603a936f75e8e0d295d Mon Sep 17 00:00:00 2001 From: Jason Date: Wed, 22 Mar 2017 13:17:17 -0500 Subject: [PATCH 20/21] Added Infoblox references --- dnsapi/README.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/dnsapi/README.md b/dnsapi/README.md index fd88d579..f326efa8 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -316,6 +316,26 @@ export CY_Password="your_cyon_password" export CY_OTP_Secret="your_otp_secret" # Only required if using 2FA ``` + +## 17. Use Infoblox API + +First you need to create/obtain API credentials on your Infoblox appliance. + +``` +export Infoblox_Creds="username:password" +export Infoblox_Server="ip or fqdn of infoblox appliance" +``` + +Ok, let's issue a cert now: +``` +acme.sh --issue --dns dns_infoblox -d example.com -d www.example.com +``` + +Note: This script will automatically create and delete the ephemeral txt record. +The `Infoblox_Creds` and `Infoblox_Server` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. + + + To issue a cert: ``` acme.sh --issue --dns dns_cyon -d example.com -d www.example.com From 8be5ebec6c4564c1eca34557dc1d7f4e21c4dbc3 Mon Sep 17 00:00:00 2001 From: Jason Date: Wed, 22 Mar 2017 13:21:37 -0500 Subject: [PATCH 21/21] Changed some _info to _err --- dnsapi/dns_infoblox | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dnsapi/dns_infoblox b/dnsapi/dns_infoblox index ab849e7b..e71c90c9 100644 --- a/dnsapi/dns_infoblox +++ b/dnsapi/dns_infoblox @@ -39,7 +39,7 @@ dns_infoblox_add() { _info "Successfully created the txt record" return 0 else - _info "Error encountered during record addition" + _err "Error encountered during record addition" _err "$result" return 1 fi @@ -79,12 +79,12 @@ dns_infoblox_rm() { _info "Successfully deleted $objRef" return 0 else - _info "Error occurred during txt record delete" + _err "Error occurred during txt record delete" _err "$rmResult" return 1 fi else - _info "Record to delete didn't match an existing record" + _err "Record to delete didn't match an existing record" _err "$result" return 1 fi