From 3798611a117ea4542493f923713ac1ac92081b45 Mon Sep 17 00:00:00 2001 From: sjau Date: Sun, 20 Nov 2016 17:21:03 +0100 Subject: [PATCH 01/39] Added dnsapi script for ISPConfig --- dnsapi/dns_ispconfig.sh | 126 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 126 insertions(+) create mode 100755 dnsapi/dns_ispconfig.sh diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh new file mode 100755 index 00000000..2816ec0e --- /dev/null +++ b/dnsapi/dns_ispconfig.sh @@ -0,0 +1,126 @@ +#!/usr/bin/env sh + +#ISPConfig 3.1 API - Add remote user and give him access to at least the "DNS txt functions" + +ISPC_User="" +ISPC_Password="" +ISPC_Api="https://ispc.domain.tld:8080/remote/json.php" # Provider proper URL and port for your ISPC Installation + + +######## Public functions ##################### + +#Usage: dns_myapi_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" +dns_ispconfig_add() { + fulldomain="${1}" + txtvalue="${2}" + _ISPC_login + if [ $? -eq 0 ]; then + _ISPC_getZoneInfo + fi + if [ $? -eq 0 ]; then + _ISPC_addTxt + fi + if [ $? -ne 0 ]; then + return 1 + fi +} + +#Usage: dns_myapi_rm _acme-challenge.www.domain.com +dns_ispconfig_rm() { + fulldomain="${1}" + _ISPC_login + if [ $? -eq 0 ]; then + _ISPC_rmTxt + fi + if [ $? -ne 0 ]; then + return 1 + fi +} + +#################### Private functions bellow ################################## + +_ISPC_login() { + _info "Getting Session ID" + curData="{\"username\":\"${ISPC_User}\",\"password\":\"${ISPC_Password}\",\"client_login\":false}" + curResult=$(curl -k --data "${curData}" "${ISPC_Api}?login") + if _contains "${curResult}" '"code":"ok"'; then + sessionID=$(echo $curResult | _egrep_o "response.*" | cut -d ':' -f 2) + sessionID=${sessionID:1:-2} + _info "Successfully retrieved Session ID." + else + _err "Couldn't retrieve the Session ID. Aborting."; + fi +} + +_ISPC_getZoneInfo () { + _info "Getting Zoneinfo" + zoneEnd=false + curZone="${fulldomain}" + while [ ${zoneEnd} = false ]; do + curZone="${curZone#*.}" # we can strip the first part of the fulldomain, since it's just the _acme-challenge string + curData="{\"session_id\":\"${sessionID}\",\"primary_id\":[{\"origin\":\"${curZone}.\"}]}" # suffix . needed for zone -> domain.tld. + curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_zone_get") + if _contains "${curResult}" '"id":"'; then + zoneFound=true + zoneEnd=true + _info "Successfully retrieved zone data." + fi + if [ "${curZone#*.}" != "$curZone" ]; then + _debug2 "$curZone still contains a '.' - so we can check next higher level" + else + zoneEnd=true + _err "Couldn't retrieve zone info. Aborting." + fi + done + if [ ${zoneFound} ]; then + server_id=$(echo $curResult | _egrep_o "server_id.*" | cut -d ':' -f 2) + server_id=${server_id:1:-10} + case ${server_id} in + ''|*[!0-9]*) _err "Server ID is not numeric. Aborting" ;; + *) _info "Successfully retrieved Server ID" ;; + esac + zone=$(echo $curResult | _egrep_o "\"id.*" | cut -d ':' -f 2) + zone=${zone:1:-14} + case ${zone} in + ''|*[!0-9]*) _err "Zone ID is not numeric. Aborting" ;; + *) _info "Successfully retrieved Zone ID" ;; + esac + client_id=$(echo $curResult | _egrep_o "sys_userid.*" | cut -d ':' -f 2) + client_id=${client_id:1:-15} + case ${client_id} in + ''|*[!0-9]*) _err "Client ID is not numeric. Aborting" ;; + *) _info "Successfully retrieved Client ID" ;; + esac + unset zoneFound + unset zoneEnd + fi +} + +_ISPC_addTxt () { + curSerial="$(date +%s)" + curStamp="$(date +'%F %T')" + params="\"server_id\":\"${server_id}\",\"zone\":\"${zone}\",\"name\":\"${fulldomain}\",\"type\":\"txt\",\"data\":\"${txtvalue}\",\"aux\":\"0\",\"ttl\":\"3600\",\"active\":\"y\",\"stamp\":\"${curStamp}\",\"serial\":\"${curSerial}\"" + curData="{\"session_id\":\"${sessionID}\",\"client_id\":\"${client_id}\",\"params\":{${params}}}" + curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_txt_add") + record_id=$(echo $curResult | _egrep_o "\"response.*" | cut -d ':' -f 2) + record_id=${record_id:1:-2} + case ${record_id} in = false + ''|*[!0-9]*) _err "Record ID is not numeric. Aborting" ;; + *) _info "Successfully retrieved Record ID"; + record_data="$record_data $record_id" ;; # Make space seperated string of record IDs for later removal. + esac +} + +_ISPC_rmTxt () { + IFS=" " + for i in $record_data; do + curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${i}\"}" + curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_txt_delete") + echo $curResult; + if _contains "${curResult}" '"code":"ok"'; then + _info "Successfully removed ACME challenge txt record." + else + _debug "Couldn't remove ACME challenge txt record"; # Setting it to debug only because there's no harm if the txt remains + fi + done +} From 96452835a4f9f80096804ba230abf6c5a01dbfc7 Mon Sep 17 00:00:00 2001 From: sjau Date: Sun, 20 Nov 2016 17:53:53 +0100 Subject: [PATCH 02/39] Accidentally pasted something into the code --- dnsapi/dns_ispconfig.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 2816ec0e..512771d6 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -104,7 +104,7 @@ _ISPC_addTxt () { curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_txt_add") record_id=$(echo $curResult | _egrep_o "\"response.*" | cut -d ':' -f 2) record_id=${record_id:1:-2} - case ${record_id} in = false + case ${record_id} in ''|*[!0-9]*) _err "Record ID is not numeric. Aborting" ;; *) _info "Successfully retrieved Record ID"; record_data="$record_data $record_id" ;; # Make space seperated string of record IDs for later removal. From d5c417a3ddfb01b3bc46a648c2188fb7a6c01324 Mon Sep 17 00:00:00 2001 From: sjau Date: Mon, 21 Nov 2016 04:23:14 +0100 Subject: [PATCH 03/39] Adjusting indents to 2 spaces from 4 spaces... --- dnsapi/dns_ispconfig.sh | 186 ++++++++++++++++++++-------------------- 1 file changed, 93 insertions(+), 93 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 512771d6..84f091d5 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -11,116 +11,116 @@ ISPC_Api="https://ispc.domain.tld:8080/remote/json.php" # Provider proper URL a #Usage: dns_myapi_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" dns_ispconfig_add() { - fulldomain="${1}" - txtvalue="${2}" - _ISPC_login - if [ $? -eq 0 ]; then - _ISPC_getZoneInfo - fi - if [ $? -eq 0 ]; then - _ISPC_addTxt - fi - if [ $? -ne 0 ]; then - return 1 - fi + fulldomain="${1}" + txtvalue="${2}" + _ISPC_login + if [ $? -eq 0 ]; then + _ISPC_getZoneInfo + fi + if [ $? -eq 0 ]; then + _ISPC_addTxt + fi + if [ $? -ne 0 ]; then + return 1 + fi } #Usage: dns_myapi_rm _acme-challenge.www.domain.com dns_ispconfig_rm() { - fulldomain="${1}" - _ISPC_login - if [ $? -eq 0 ]; then - _ISPC_rmTxt - fi - if [ $? -ne 0 ]; then - return 1 - fi + fulldomain="${1}" + _ISPC_login + if [ $? -eq 0 ]; then + _ISPC_rmTxt + fi + if [ $? -ne 0 ]; then + return 1 + fi } #################### Private functions bellow ################################## _ISPC_login() { - _info "Getting Session ID" - curData="{\"username\":\"${ISPC_User}\",\"password\":\"${ISPC_Password}\",\"client_login\":false}" - curResult=$(curl -k --data "${curData}" "${ISPC_Api}?login") - if _contains "${curResult}" '"code":"ok"'; then - sessionID=$(echo $curResult | _egrep_o "response.*" | cut -d ':' -f 2) - sessionID=${sessionID:1:-2} - _info "Successfully retrieved Session ID." - else - _err "Couldn't retrieve the Session ID. Aborting."; - fi + _info "Getting Session ID" + curData="{\"username\":\"${ISPC_User}\",\"password\":\"${ISPC_Password}\",\"client_login\":false}" + curResult=$(curl -k --data "${curData}" "${ISPC_Api}?login") + if _contains "${curResult}" '"code":"ok"'; then + sessionID=$(echo $curResult | _egrep_o "response.*" | cut -d ':' -f 2) + sessionID=${sessionID:1:-2} + _info "Successfully retrieved Session ID." + else + _err "Couldn't retrieve the Session ID. Aborting."; + fi } _ISPC_getZoneInfo () { - _info "Getting Zoneinfo" - zoneEnd=false - curZone="${fulldomain}" - while [ ${zoneEnd} = false ]; do - curZone="${curZone#*.}" # we can strip the first part of the fulldomain, since it's just the _acme-challenge string - curData="{\"session_id\":\"${sessionID}\",\"primary_id\":[{\"origin\":\"${curZone}.\"}]}" # suffix . needed for zone -> domain.tld. - curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_zone_get") - if _contains "${curResult}" '"id":"'; then - zoneFound=true - zoneEnd=true - _info "Successfully retrieved zone data." - fi - if [ "${curZone#*.}" != "$curZone" ]; then - _debug2 "$curZone still contains a '.' - so we can check next higher level" - else - zoneEnd=true - _err "Couldn't retrieve zone info. Aborting." - fi - done - if [ ${zoneFound} ]; then - server_id=$(echo $curResult | _egrep_o "server_id.*" | cut -d ':' -f 2) - server_id=${server_id:1:-10} - case ${server_id} in - ''|*[!0-9]*) _err "Server ID is not numeric. Aborting" ;; - *) _info "Successfully retrieved Server ID" ;; - esac - zone=$(echo $curResult | _egrep_o "\"id.*" | cut -d ':' -f 2) - zone=${zone:1:-14} - case ${zone} in - ''|*[!0-9]*) _err "Zone ID is not numeric. Aborting" ;; - *) _info "Successfully retrieved Zone ID" ;; - esac - client_id=$(echo $curResult | _egrep_o "sys_userid.*" | cut -d ':' -f 2) - client_id=${client_id:1:-15} - case ${client_id} in - ''|*[!0-9]*) _err "Client ID is not numeric. Aborting" ;; - *) _info "Successfully retrieved Client ID" ;; - esac - unset zoneFound - unset zoneEnd + _info "Getting Zoneinfo" + zoneEnd=false + curZone="${fulldomain}" + while [ ${zoneEnd} = false ]; do + curZone="${curZone#*.}" # we can strip the first part of the fulldomain, since it's just the _acme-challenge string + curData="{\"session_id\":\"${sessionID}\",\"primary_id\":[{\"origin\":\"${curZone}.\"}]}" # suffix . needed for zone -> domain.tld. + curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_zone_get") + if _contains "${curResult}" '"id":"'; then + zoneFound=true + zoneEnd=true + _info "Successfully retrieved zone data." fi + if [ "${curZone#*.}" != "$curZone" ]; then + _debug2 "$curZone still contains a '.' - so we can check next higher level" + else + zoneEnd=true + _err "Couldn't retrieve zone info. Aborting." + fi + done + if [ ${zoneFound} ]; then + server_id=$(echo $curResult | _egrep_o "server_id.*" | cut -d ':' -f 2) + server_id=${server_id:1:-10} + case ${server_id} in + ''|*[!0-9]*) _err "Server ID is not numeric. Aborting" ;; + *) _info "Successfully retrieved Server ID" ;; + esac + zone=$(echo $curResult | _egrep_o "\"id.*" | cut -d ':' -f 2) + zone=${zone:1:-14} + case ${zone} in + ''|*[!0-9]*) _err "Zone ID is not numeric. Aborting" ;; + *) _info "Successfully retrieved Zone ID" ;; + esac + client_id=$(echo $curResult | _egrep_o "sys_userid.*" | cut -d ':' -f 2) + client_id=${client_id:1:-15} + case ${client_id} in + ''|*[!0-9]*) _err "Client ID is not numeric. Aborting" ;; + *) _info "Successfully retrieved Client ID" ;; + esac + unset zoneFound + unset zoneEnd + fi } _ISPC_addTxt () { - curSerial="$(date +%s)" - curStamp="$(date +'%F %T')" - params="\"server_id\":\"${server_id}\",\"zone\":\"${zone}\",\"name\":\"${fulldomain}\",\"type\":\"txt\",\"data\":\"${txtvalue}\",\"aux\":\"0\",\"ttl\":\"3600\",\"active\":\"y\",\"stamp\":\"${curStamp}\",\"serial\":\"${curSerial}\"" - curData="{\"session_id\":\"${sessionID}\",\"client_id\":\"${client_id}\",\"params\":{${params}}}" - curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_txt_add") - record_id=$(echo $curResult | _egrep_o "\"response.*" | cut -d ':' -f 2) - record_id=${record_id:1:-2} - case ${record_id} in - ''|*[!0-9]*) _err "Record ID is not numeric. Aborting" ;; - *) _info "Successfully retrieved Record ID"; - record_data="$record_data $record_id" ;; # Make space seperated string of record IDs for later removal. - esac + curSerial="$(date +%s)" + curStamp="$(date +'%F %T')" + params="\"server_id\":\"${server_id}\",\"zone\":\"${zone}\",\"name\":\"${fulldomain}\",\"type\":\"txt\",\"data\":\"${txtvalue}\",\"aux\":\"0\",\"ttl\":\"3600\",\"active\":\"y\",\"stamp\":\"${curStamp}\",\"serial\":\"${curSerial}\"" + curData="{\"session_id\":\"${sessionID}\",\"client_id\":\"${client_id}\",\"params\":{${params}}}" + curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_txt_add") + record_id=$(echo $curResult | _egrep_o "\"response.*" | cut -d ':' -f 2) + record_id=${record_id:1:-2} + case ${record_id} in + ''|*[!0-9]*) _err "Record ID is not numeric. Aborting" ;; + *) _info "Successfully retrieved Record ID"; + record_data="$record_data $record_id" ;; # Make space seperated string of record IDs for later removal. + esac } _ISPC_rmTxt () { - IFS=" " - for i in $record_data; do - curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${i}\"}" - curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_txt_delete") - echo $curResult; - if _contains "${curResult}" '"code":"ok"'; then - _info "Successfully removed ACME challenge txt record." - else - _debug "Couldn't remove ACME challenge txt record"; # Setting it to debug only because there's no harm if the txt remains - fi - done + IFS=" " + for i in $record_data; do + curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${i}\"}" + curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_txt_delete") + echo $curResult; + if _contains "${curResult}" '"code":"ok"'; then + _info "Successfully removed ACME challenge txt record." + else + _debug "Couldn't remove ACME challenge txt record"; # Setting it to debug only because there's no harm if the txt remains + fi + done } From 220e1ccef9cbbb53041a30a21785fc549d4e7dba Mon Sep 17 00:00:00 2001 From: hyper Date: Mon, 21 Nov 2016 08:59:48 +0100 Subject: [PATCH 04/39] Fixing double empty line --- dnsapi/dns_ispconfig.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 84f091d5..e2672257 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -4,8 +4,7 @@ ISPC_User="" ISPC_Password="" -ISPC_Api="https://ispc.domain.tld:8080/remote/json.php" # Provider proper URL and port for your ISPC Installation - +ISPC_Api="https://ispc.domain.tld:8080/remote/json.php" # Provide proper URL and port for your ISPC Installation ######## Public functions ##################### @@ -67,7 +66,7 @@ _ISPC_getZoneInfo () { fi if [ "${curZone#*.}" != "$curZone" ]; then _debug2 "$curZone still contains a '.' - so we can check next higher level" - else + else zoneEnd=true _err "Couldn't retrieve zone info. Aborting." fi From 43162cce547cf208f6906bbf275096ac9aa18eba Mon Sep 17 00:00:00 2001 From: hyper Date: Mon, 21 Nov 2016 09:14:09 +0100 Subject: [PATCH 05/39] Quoting the vars --- dnsapi/dns_ispconfig.sh | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index e2672257..2f4605bf 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -43,7 +43,7 @@ _ISPC_login() { curData="{\"username\":\"${ISPC_User}\",\"password\":\"${ISPC_Password}\",\"client_login\":false}" curResult=$(curl -k --data "${curData}" "${ISPC_Api}?login") if _contains "${curResult}" '"code":"ok"'; then - sessionID=$(echo $curResult | _egrep_o "response.*" | cut -d ':' -f 2) + sessionID=$(echo "${curResult}" | _egrep_o "response.*" | cut -d ':' -f 2) sessionID=${sessionID:1:-2} _info "Successfully retrieved Session ID." else @@ -72,19 +72,19 @@ _ISPC_getZoneInfo () { fi done if [ ${zoneFound} ]; then - server_id=$(echo $curResult | _egrep_o "server_id.*" | cut -d ':' -f 2) + server_id=$(echo "${curResult}" | _egrep_o "server_id.*" | cut -d ':' -f 2) server_id=${server_id:1:-10} case ${server_id} in ''|*[!0-9]*) _err "Server ID is not numeric. Aborting" ;; *) _info "Successfully retrieved Server ID" ;; esac - zone=$(echo $curResult | _egrep_o "\"id.*" | cut -d ':' -f 2) + zone=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2) zone=${zone:1:-14} case ${zone} in ''|*[!0-9]*) _err "Zone ID is not numeric. Aborting" ;; *) _info "Successfully retrieved Zone ID" ;; esac - client_id=$(echo $curResult | _egrep_o "sys_userid.*" | cut -d ':' -f 2) + client_id=$(echo "${curResult}" | _egrep_o "sys_userid.*" | cut -d ':' -f 2) client_id=${client_id:1:-15} case ${client_id} in ''|*[!0-9]*) _err "Client ID is not numeric. Aborting" ;; @@ -101,7 +101,7 @@ _ISPC_addTxt () { params="\"server_id\":\"${server_id}\",\"zone\":\"${zone}\",\"name\":\"${fulldomain}\",\"type\":\"txt\",\"data\":\"${txtvalue}\",\"aux\":\"0\",\"ttl\":\"3600\",\"active\":\"y\",\"stamp\":\"${curStamp}\",\"serial\":\"${curSerial}\"" curData="{\"session_id\":\"${sessionID}\",\"client_id\":\"${client_id}\",\"params\":{${params}}}" curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_txt_add") - record_id=$(echo $curResult | _egrep_o "\"response.*" | cut -d ':' -f 2) + record_id=$(echo "${curResult}" | _egrep_o "\"response.*" | cut -d ':' -f 2) record_id=${record_id:1:-2} case ${record_id} in ''|*[!0-9]*) _err "Record ID is not numeric. Aborting" ;; @@ -115,7 +115,6 @@ _ISPC_rmTxt () { for i in $record_data; do curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${i}\"}" curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_txt_delete") - echo $curResult; if _contains "${curResult}" '"code":"ok"'; then _info "Successfully removed ACME challenge txt record." else From 762712b7fe3df68b1ff6046d41019c9673db7d05 Mon Sep 17 00:00:00 2001 From: hyper Date: Mon, 21 Nov 2016 09:59:01 +0100 Subject: [PATCH 06/39] Removing double spaces between code and comments --- dnsapi/dns_ispconfig.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 2f4605bf..850bc5ff 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -4,7 +4,7 @@ ISPC_User="" ISPC_Password="" -ISPC_Api="https://ispc.domain.tld:8080/remote/json.php" # Provide proper URL and port for your ISPC Installation +ISPC_Api="https://ispc.domain.tld:8080/remote/json.php" # Provide proper URL and port for your ISPC Installation ######## Public functions ##################### @@ -42,7 +42,7 @@ _ISPC_login() { _info "Getting Session ID" curData="{\"username\":\"${ISPC_User}\",\"password\":\"${ISPC_Password}\",\"client_login\":false}" curResult=$(curl -k --data "${curData}" "${ISPC_Api}?login") - if _contains "${curResult}" '"code":"ok"'; then + if _contains "${curResult}" '"code":"ok"'; then sessionID=$(echo "${curResult}" | _egrep_o "response.*" | cut -d ':' -f 2) sessionID=${sessionID:1:-2} _info "Successfully retrieved Session ID." @@ -56,8 +56,8 @@ _ISPC_getZoneInfo () { zoneEnd=false curZone="${fulldomain}" while [ ${zoneEnd} = false ]; do - curZone="${curZone#*.}" # we can strip the first part of the fulldomain, since it's just the _acme-challenge string - curData="{\"session_id\":\"${sessionID}\",\"primary_id\":[{\"origin\":\"${curZone}.\"}]}" # suffix . needed for zone -> domain.tld. + curZone="${curZone#*.}" # we can strip the first part of the fulldomain, since it's just the _acme-challenge string + curData="{\"session_id\":\"${sessionID}\",\"primary_id\":[{\"origin\":\"${curZone}.\"}]}" # suffix . needed for zone -> domain.tld. curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_zone_get") if _contains "${curResult}" '"id":"'; then zoneFound=true @@ -105,8 +105,8 @@ _ISPC_addTxt () { record_id=${record_id:1:-2} case ${record_id} in ''|*[!0-9]*) _err "Record ID is not numeric. Aborting" ;; - *) _info "Successfully retrieved Record ID"; - record_data="$record_data $record_id" ;; # Make space seperated string of record IDs for later removal. + *) _info "Successfully retrieved Record ID"; + record_data="$record_data $record_id" ;; # Make space seperated string of record IDs for later removal. esac } @@ -118,7 +118,7 @@ _ISPC_rmTxt () { if _contains "${curResult}" '"code":"ok"'; then _info "Successfully removed ACME challenge txt record." else - _debug "Couldn't remove ACME challenge txt record"; # Setting it to debug only because there's no harm if the txt remains + _debug "Couldn't remove ACME challenge txt record"; # Setting it to debug only because there's no harm if the txt remains fi done } From d3ee50d501482d08276a850a8db74e7c9410c98e Mon Sep 17 00:00:00 2001 From: hyper Date: Mon, 21 Nov 2016 10:10:58 +0100 Subject: [PATCH 07/39] some minor corrections --- dnsapi/dns_ispconfig.sh | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 850bc5ff..6409827c 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -47,11 +47,11 @@ _ISPC_login() { sessionID=${sessionID:1:-2} _info "Successfully retrieved Session ID." else - _err "Couldn't retrieve the Session ID. Aborting."; + _err "Couldn't retrieve the Session ID." fi } -_ISPC_getZoneInfo () { +_ISPC_getZoneInfo() { _info "Getting Zoneinfo" zoneEnd=false curZone="${fulldomain}" @@ -68,26 +68,26 @@ _ISPC_getZoneInfo () { _debug2 "$curZone still contains a '.' - so we can check next higher level" else zoneEnd=true - _err "Couldn't retrieve zone info. Aborting." + _err "Couldn't retrieve zone info." fi done if [ ${zoneFound} ]; then server_id=$(echo "${curResult}" | _egrep_o "server_id.*" | cut -d ':' -f 2) server_id=${server_id:1:-10} case ${server_id} in - ''|*[!0-9]*) _err "Server ID is not numeric. Aborting" ;; + ''|*[!0-9]*) _err "Server ID is not numeric." ;; *) _info "Successfully retrieved Server ID" ;; esac zone=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2) zone=${zone:1:-14} case ${zone} in - ''|*[!0-9]*) _err "Zone ID is not numeric. Aborting" ;; + ''|*[!0-9]*) _err "Zone ID is not numeric." ;; *) _info "Successfully retrieved Zone ID" ;; esac client_id=$(echo "${curResult}" | _egrep_o "sys_userid.*" | cut -d ':' -f 2) client_id=${client_id:1:-15} case ${client_id} in - ''|*[!0-9]*) _err "Client ID is not numeric. Aborting" ;; + ''|*[!0-9]*) _err "Client ID is not numeric." ;; *) _info "Successfully retrieved Client ID" ;; esac unset zoneFound @@ -95,7 +95,7 @@ _ISPC_getZoneInfo () { fi } -_ISPC_addTxt () { +_ISPC_addTxt() { curSerial="$(date +%s)" curStamp="$(date +'%F %T')" params="\"server_id\":\"${server_id}\",\"zone\":\"${zone}\",\"name\":\"${fulldomain}\",\"type\":\"txt\",\"data\":\"${txtvalue}\",\"aux\":\"0\",\"ttl\":\"3600\",\"active\":\"y\",\"stamp\":\"${curStamp}\",\"serial\":\"${curSerial}\"" @@ -104,18 +104,18 @@ _ISPC_addTxt () { record_id=$(echo "${curResult}" | _egrep_o "\"response.*" | cut -d ':' -f 2) record_id=${record_id:1:-2} case ${record_id} in - ''|*[!0-9]*) _err "Record ID is not numeric. Aborting" ;; + ''|*[!0-9]*) _err "Record ID is not numeric." ;; *) _info "Successfully retrieved Record ID"; record_data="$record_data $record_id" ;; # Make space seperated string of record IDs for later removal. esac } -_ISPC_rmTxt () { +_ISPC_rmTxt() { IFS=" " for i in $record_data; do curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${i}\"}" curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_txt_delete") - if _contains "${curResult}" '"code":"ok"'; then + if _contains "${curResult}" '"code":"ok"'; then _info "Successfully removed ACME challenge txt record." else _debug "Couldn't remove ACME challenge txt record"; # Setting it to debug only because there's no harm if the txt remains From b1e6109d4320c01c5df5e0247dbc98413e901dbe Mon Sep 17 00:00:00 2001 From: hyper Date: Mon, 21 Nov 2016 10:17:18 +0100 Subject: [PATCH 08/39] more beautifying --- dnsapi/dns_ispconfig.sh | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 6409827c..15931a82 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -4,7 +4,8 @@ ISPC_User="" ISPC_Password="" -ISPC_Api="https://ispc.domain.tld:8080/remote/json.php" # Provide proper URL and port for your ISPC Installation +# Provide proper URL and port for your ISPC Installation +ISPC_Api="https://ispc.domain.tld:8080/remote/json.php" ######## Public functions ##################### @@ -56,8 +57,10 @@ _ISPC_getZoneInfo() { zoneEnd=false curZone="${fulldomain}" while [ ${zoneEnd} = false ]; do - curZone="${curZone#*.}" # we can strip the first part of the fulldomain, since it's just the _acme-challenge string - curData="{\"session_id\":\"${sessionID}\",\"primary_id\":[{\"origin\":\"${curZone}.\"}]}" # suffix . needed for zone -> domain.tld. + # we can strip the first part of the fulldomain, since it's just the _acme-challenge string + curZone="${curZone#*.}" + # suffix . needed for zone -> domain.tld. + curData="{\"session_id\":\"${sessionID}\",\"primary_id\":[{\"origin\":\"${curZone}.\"}]}" curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_zone_get") if _contains "${curResult}" '"id":"'; then zoneFound=true @@ -76,19 +79,19 @@ _ISPC_getZoneInfo() { server_id=${server_id:1:-10} case ${server_id} in ''|*[!0-9]*) _err "Server ID is not numeric." ;; - *) _info "Successfully retrieved Server ID" ;; + *) _info "Successfully retrieved Server ID" ;; esac zone=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2) zone=${zone:1:-14} - case ${zone} in - ''|*[!0-9]*) _err "Zone ID is not numeric." ;; - *) _info "Successfully retrieved Zone ID" ;; + case ${zone} in + ''|*[!0-9]*) _err "Zone ID is not numeric." ;; + *) _info "Successfully retrieved Zone ID" ;; esac client_id=$(echo "${curResult}" | _egrep_o "sys_userid.*" | cut -d ':' -f 2) client_id=${client_id:1:-15} case ${client_id} in ''|*[!0-9]*) _err "Client ID is not numeric." ;; - *) _info "Successfully retrieved Client ID" ;; + *) _info "Successfully retrieved Client ID" ;; esac unset zoneFound unset zoneEnd @@ -105,8 +108,10 @@ _ISPC_addTxt() { record_id=${record_id:1:-2} case ${record_id} in ''|*[!0-9]*) _err "Record ID is not numeric." ;; - *) _info "Successfully retrieved Record ID"; - record_data="$record_data $record_id" ;; # Make space seperated string of record IDs for later removal. + *) + _info "Successfully retrieved Record ID"; + # Make space seperated string of record IDs for later removal. + record_data="$record_data $record_id" ;; esac } @@ -118,7 +123,8 @@ _ISPC_rmTxt() { if _contains "${curResult}" '"code":"ok"'; then _info "Successfully removed ACME challenge txt record." else - _debug "Couldn't remove ACME challenge txt record"; # Setting it to debug only because there's no harm if the txt remains + # Setting it to debug only because there's no harm if the txt remains + _debug "Couldn't remove ACME challenge txt record." fi done } From 5cb2660d9f9609236a7c54313b4465b7e1774827 Mon Sep 17 00:00:00 2001 From: hyper Date: Mon, 21 Nov 2016 10:49:58 +0100 Subject: [PATCH 09/39] even more beautifying --- dnsapi/dns_ispconfig.sh | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 15931a82..8fb8b657 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -78,19 +78,19 @@ _ISPC_getZoneInfo() { server_id=$(echo "${curResult}" | _egrep_o "server_id.*" | cut -d ':' -f 2) server_id=${server_id:1:-10} case ${server_id} in - ''|*[!0-9]*) _err "Server ID is not numeric." ;; + '' | *[!0-9]*) _err "Server ID is not numeric." ;; *) _info "Successfully retrieved Server ID" ;; esac - zone=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2) - zone=${zone:1:-14} + zone=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2) + zone=${zone:1:-14} case ${zone} in - ''|*[!0-9]*) _err "Zone ID is not numeric." ;; + '' | *[!0-9]*) _err "Zone ID is not numeric." ;; *) _info "Successfully retrieved Zone ID" ;; esac client_id=$(echo "${curResult}" | _egrep_o "sys_userid.*" | cut -d ':' -f 2) client_id=${client_id:1:-15} case ${client_id} in - ''|*[!0-9]*) _err "Client ID is not numeric." ;; + '' | *[!0-9]*) _err "Client ID is not numeric." ;; *) _info "Successfully retrieved Client ID" ;; esac unset zoneFound @@ -107,11 +107,12 @@ _ISPC_addTxt() { record_id=$(echo "${curResult}" | _egrep_o "\"response.*" | cut -d ':' -f 2) record_id=${record_id:1:-2} case ${record_id} in - ''|*[!0-9]*) _err "Record ID is not numeric." ;; + '' | *[!0-9]*) _err "Record ID is not numeric." ;; *) - _info "Successfully retrieved Record ID"; + _info "Successfully retrieved Record ID" # Make space seperated string of record IDs for later removal. - record_data="$record_data $record_id" ;; + record_data="$record_data $record_id" + ;; esac } @@ -128,3 +129,4 @@ _ISPC_rmTxt() { fi done } + From 87e7da1c0dcbe1f028f9bd4e376480107121c71e Mon Sep 17 00:00:00 2001 From: hyper Date: Mon, 21 Nov 2016 10:53:08 +0100 Subject: [PATCH 10/39] even more beautifying - a new beginning --- dnsapi/dns_ispconfig.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 8fb8b657..50a80880 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -93,8 +93,8 @@ _ISPC_getZoneInfo() { '' | *[!0-9]*) _err "Client ID is not numeric." ;; *) _info "Successfully retrieved Client ID" ;; esac - unset zoneFound - unset zoneEnd + unset zoneFound + unset zoneEnd fi } From 495d5e569b59393c348aa96c864398452463ecf8 Mon Sep 17 00:00:00 2001 From: hyper Date: Mon, 21 Nov 2016 10:53:24 +0100 Subject: [PATCH 11/39] even more beautifying --- dnsapi/dns_ispconfig.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 50a80880..42a0034b 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -129,4 +129,3 @@ _ISPC_rmTxt() { fi done } - From dd29104f388217ec0d515816e7ec9d96c49fd4fb Mon Sep 17 00:00:00 2001 From: hyper Date: Mon, 21 Nov 2016 11:30:31 +0100 Subject: [PATCH 12/39] Commented ISPC remote user credentials --- dnsapi/dns_ispconfig.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 42a0034b..30085cae 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -2,10 +2,12 @@ #ISPConfig 3.1 API - Add remote user and give him access to at least the "DNS txt functions" -ISPC_User="" -ISPC_Password="" -# Provide proper URL and port for your ISPC Installation -ISPC_Api="https://ispc.domain.tld:8080/remote/json.php" +# User must provide login data and URL to the ISPConfig installation incl. port. The remote user in ISPConfig must have access to the dns_txt_function +# Values to export: + +# export ISPC_User="remoteUser" +# export ISPC_Password="remotePasword" +# export ISPC_Api="https://ispc.domain.tld:8080/remote/json.php" ######## Public functions ##################### From caeb2301f5d53c5bfa01bb80888c3e6214c31a6a Mon Sep 17 00:00:00 2001 From: hyper Date: Mon, 21 Nov 2016 11:32:30 +0100 Subject: [PATCH 13/39] Put all the ISPC functions into one check --- dnsapi/dns_ispconfig.sh | 19 ++----------------- 1 file changed, 2 insertions(+), 17 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 30085cae..a012d4c7 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -15,28 +15,13 @@ dns_ispconfig_add() { fulldomain="${1}" txtvalue="${2}" - _ISPC_login - if [ $? -eq 0 ]; then - _ISPC_getZoneInfo - fi - if [ $? -eq 0 ]; then - _ISPC_addTxt - fi - if [ $? -ne 0 ]; then - return 1 - fi + _ISPC_login && _ISPC_getZoneInfo && _ISPC_addTxt || return 1 } #Usage: dns_myapi_rm _acme-challenge.www.domain.com dns_ispconfig_rm() { fulldomain="${1}" - _ISPC_login - if [ $? -eq 0 ]; then - _ISPC_rmTxt - fi - if [ $? -ne 0 ]; then - return 1 - fi + _ISPC_login && _ISPC_rmTxt || return 1 } #################### Private functions bellow ################################## From 104f90dad4ec2fa56eb21dfde10a968c2eb1b106 Mon Sep 17 00:00:00 2001 From: hyper Date: Mon, 21 Nov 2016 11:33:15 +0100 Subject: [PATCH 14/39] Replaced unsetting of vars with empty values --- dnsapi/dns_ispconfig.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index a012d4c7..298c0d78 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -80,8 +80,8 @@ _ISPC_getZoneInfo() { '' | *[!0-9]*) _err "Client ID is not numeric." ;; *) _info "Successfully retrieved Client ID" ;; esac - unset zoneFound - unset zoneEnd + zoneFound="" + zoneEnd="" fi } From 63089357831022ab5f00c998af608251cc1fc62e Mon Sep 17 00:00:00 2001 From: hyper Date: Mon, 21 Nov 2016 13:24:32 +0100 Subject: [PATCH 15/39] Added credentials check and saving --- dnsapi/dns_ispconfig.sh | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 298c0d78..c4b1a472 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -15,7 +15,7 @@ dns_ispconfig_add() { fulldomain="${1}" txtvalue="${2}" - _ISPC_login && _ISPC_getZoneInfo && _ISPC_addTxt || return 1 + _ISPC_Credentials && _ISPC_login && _ISPC_getZoneInfo && _ISPC_addTxt || return 1 } #Usage: dns_myapi_rm _acme-challenge.www.domain.com @@ -26,6 +26,20 @@ dns_ispconfig_rm() { #################### Private functions bellow ################################## +_ISPC_credentials() { + if [ -z "$ISPC_User" ] || [ -z "$ISPC_Password" ] || [ -z "$ISPC_Api" ]; then + ISPC_User="" + ISPC_Password="" + ISPC_Api="" + _err "You haven't specified the ISPConfig Login data and the URL. Please try again." + return 1 + else + _saveaccountconf ISPC_User "${ISPC_User}" + _saveaccountconf ISPC_Password "${ISPC_Password}" + _saveaccountconf ISPC_Api "${ISPC_Api}" + fi +} + _ISPC_login() { _info "Getting Session ID" curData="{\"username\":\"${ISPC_User}\",\"password\":\"${ISPC_Password}\",\"client_login\":false}" From 477ac7398044116ab0782f24e46c480e2d8f2bc6 Mon Sep 17 00:00:00 2001 From: hyper Date: Mon, 21 Nov 2016 13:25:37 +0100 Subject: [PATCH 16/39] Fixed spelling --- dnsapi/dns_ispconfig.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index c4b1a472..62d14824 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -15,7 +15,7 @@ dns_ispconfig_add() { fulldomain="${1}" txtvalue="${2}" - _ISPC_Credentials && _ISPC_login && _ISPC_getZoneInfo && _ISPC_addTxt || return 1 + _ISPC_credentials && _ISPC_login && _ISPC_getZoneInfo && _ISPC_addTxt || return 1 } #Usage: dns_myapi_rm _acme-challenge.www.domain.com From 972ae9a1a4a44fdf0ef6fccfd9bf604df75fbc8e Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 07:09:39 +0100 Subject: [PATCH 17/39] listed required ISPC Remote User access rights and fixed some Bashisms --- dnsapi/dns_ispconfig.sh | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 62d14824..290f6d4d 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -2,9 +2,11 @@ #ISPConfig 3.1 API - Add remote user and give him access to at least the "DNS txt functions" -# User must provide login data and URL to the ISPConfig installation incl. port. The remote user in ISPConfig must have access to the dns_txt_function -# Values to export: +# User must provide login data and URL to the ISPConfig installation incl. port. The remote user in ISPConfig must have access to: +# - DNS zone Functions +# - DNS txt Functions +# Values to export: # export ISPC_User="remoteUser" # export ISPC_Password="remotePasword" # export ISPC_Api="https://ispc.domain.tld:8080/remote/json.php" @@ -45,8 +47,7 @@ _ISPC_login() { curData="{\"username\":\"${ISPC_User}\",\"password\":\"${ISPC_Password}\",\"client_login\":false}" curResult=$(curl -k --data "${curData}" "${ISPC_Api}?login") if _contains "${curResult}" '"code":"ok"'; then - sessionID=$(echo "${curResult}" | _egrep_o "response.*" | cut -d ':' -f 2) - sessionID=${sessionID:1:-2} + sessionID=$(echo "${curResult}" | _egrep_o "response.*" | cut -d ':' -f 2 | cut -d '"' -f 2) _info "Successfully retrieved Session ID." else _err "Couldn't retrieve the Session ID." @@ -76,20 +77,17 @@ _ISPC_getZoneInfo() { fi done if [ ${zoneFound} ]; then - server_id=$(echo "${curResult}" | _egrep_o "server_id.*" | cut -d ':' -f 2) - server_id=${server_id:1:-10} + server_id=$(echo "${curResult}" | _egrep_o "server_id.*" | cut -d ':' -f 2 | cut -d '"' -f 2) case ${server_id} in '' | *[!0-9]*) _err "Server ID is not numeric." ;; *) _info "Successfully retrieved Server ID" ;; esac - zone=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2) - zone=${zone:1:-14} + zone=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2) case ${zone} in '' | *[!0-9]*) _err "Zone ID is not numeric." ;; *) _info "Successfully retrieved Zone ID" ;; esac - client_id=$(echo "${curResult}" | _egrep_o "sys_userid.*" | cut -d ':' -f 2) - client_id=${client_id:1:-15} + client_id=$(echo "${curResult}" | _egrep_o "sys_userid.*" | cut -d ':' -f 2 | cut -d '"' -f 2) case ${client_id} in '' | *[!0-9]*) _err "Client ID is not numeric." ;; *) _info "Successfully retrieved Client ID" ;; @@ -105,8 +103,7 @@ _ISPC_addTxt() { params="\"server_id\":\"${server_id}\",\"zone\":\"${zone}\",\"name\":\"${fulldomain}\",\"type\":\"txt\",\"data\":\"${txtvalue}\",\"aux\":\"0\",\"ttl\":\"3600\",\"active\":\"y\",\"stamp\":\"${curStamp}\",\"serial\":\"${curSerial}\"" curData="{\"session_id\":\"${sessionID}\",\"client_id\":\"${client_id}\",\"params\":{${params}}}" curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_txt_add") - record_id=$(echo "${curResult}" | _egrep_o "\"response.*" | cut -d ':' -f 2) - record_id=${record_id:1:-2} + record_id=$(echo "${curResult}" | _egrep_o "\"response.*" | cut -d ':' -f 2 | cut -d '"' -f 2) case ${record_id} in '' | *[!0-9]*) _err "Record ID is not numeric." ;; *) From 97b72cced848e2274035f3298b464669b6e8514b Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 07:30:21 +0100 Subject: [PATCH 18/39] Replace curl calls with _post() --- dnsapi/dns_ispconfig.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 290f6d4d..4ee43d2c 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -45,7 +45,7 @@ _ISPC_credentials() { _ISPC_login() { _info "Getting Session ID" curData="{\"username\":\"${ISPC_User}\",\"password\":\"${ISPC_Password}\",\"client_login\":false}" - curResult=$(curl -k --data "${curData}" "${ISPC_Api}?login") + curResult=$(_post "${curData}" "${ISPC_Api}?login") if _contains "${curResult}" '"code":"ok"'; then sessionID=$(echo "${curResult}" | _egrep_o "response.*" | cut -d ':' -f 2 | cut -d '"' -f 2) _info "Successfully retrieved Session ID." @@ -63,7 +63,7 @@ _ISPC_getZoneInfo() { curZone="${curZone#*.}" # suffix . needed for zone -> domain.tld. curData="{\"session_id\":\"${sessionID}\",\"primary_id\":[{\"origin\":\"${curZone}.\"}]}" - curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_zone_get") + curResult=$(_post "${curData}" "${ISPC_Api}?dns_zone_get") if _contains "${curResult}" '"id":"'; then zoneFound=true zoneEnd=true @@ -102,7 +102,7 @@ _ISPC_addTxt() { curStamp="$(date +'%F %T')" params="\"server_id\":\"${server_id}\",\"zone\":\"${zone}\",\"name\":\"${fulldomain}\",\"type\":\"txt\",\"data\":\"${txtvalue}\",\"aux\":\"0\",\"ttl\":\"3600\",\"active\":\"y\",\"stamp\":\"${curStamp}\",\"serial\":\"${curSerial}\"" curData="{\"session_id\":\"${sessionID}\",\"client_id\":\"${client_id}\",\"params\":{${params}}}" - curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_txt_add") + curResult=$(_post "${curData}" "${ISPC_Api}?dns_txt_add") record_id=$(echo "${curResult}" | _egrep_o "\"response.*" | cut -d ':' -f 2 | cut -d '"' -f 2) case ${record_id} in '' | *[!0-9]*) _err "Record ID is not numeric." ;; @@ -118,7 +118,7 @@ _ISPC_rmTxt() { IFS=" " for i in $record_data; do curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${i}\"}" - curResult=$(curl -k --data "${curData}" "${ISPC_Api}?dns_txt_delete") + curResult=$(_post "${curData}" "${ISPC_Api}?dns_txt_delete") if _contains "${curResult}" '"code":"ok"'; then _info "Successfully removed ACME challenge txt record." else From 25d76797c4e2f1f05ce9e54169d12e2a447d126d Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 07:32:48 +0100 Subject: [PATCH 19/39] Removed double space --- dnsapi/dns_ispconfig.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 4ee43d2c..baee5385 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -29,7 +29,7 @@ dns_ispconfig_rm() { #################### Private functions bellow ################################## _ISPC_credentials() { - if [ -z "$ISPC_User" ] || [ -z "$ISPC_Password" ] || [ -z "$ISPC_Api" ]; then + if [ -z "$ISPC_User" ] || [ -z "$ISPC_Password" ] || [ -z "$ISPC_Api" ]; then ISPC_User="" ISPC_Password="" ISPC_Api="" From bc284bfdc2e66112f3a5d4551f9b9de40dfde594 Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 08:36:36 +0100 Subject: [PATCH 20/39] Added HTTPS_INSECURE=1 to the two public functions --- dnsapi/dns_ispconfig.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index baee5385..f38bfd5e 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -15,6 +15,7 @@ #Usage: dns_myapi_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" dns_ispconfig_add() { + HTTPS_INSECURE=1 fulldomain="${1}" txtvalue="${2}" _ISPC_credentials && _ISPC_login && _ISPC_getZoneInfo && _ISPC_addTxt || return 1 @@ -22,6 +23,7 @@ dns_ispconfig_add() { #Usage: dns_myapi_rm _acme-challenge.www.domain.com dns_ispconfig_rm() { + HTTPS_INSECURE=1 fulldomain="${1}" _ISPC_login && _ISPC_rmTxt || return 1 } From 6778572f04c54c262a8d7ac0bee129c7ba649ca6 Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 08:37:08 +0100 Subject: [PATCH 21/39] Remove || return 1 from the two public functions --- dnsapi/dns_ispconfig.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index f38bfd5e..613631ca 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -18,14 +18,14 @@ dns_ispconfig_add() { HTTPS_INSECURE=1 fulldomain="${1}" txtvalue="${2}" - _ISPC_credentials && _ISPC_login && _ISPC_getZoneInfo && _ISPC_addTxt || return 1 + _ISPC_credentials && _ISPC_login && _ISPC_getZoneInfo && _ISPC_addTxt } #Usage: dns_myapi_rm _acme-challenge.www.domain.com dns_ispconfig_rm() { HTTPS_INSECURE=1 fulldomain="${1}" - _ISPC_login && _ISPC_rmTxt || return 1 + _ISPC_login && _ISPC_rmTxt } #################### Private functions bellow ################################## From 573cf462964771f753e90d6b29b376b0db846290 Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 08:44:15 +0100 Subject: [PATCH 22/39] Removed info from header and added URL for bug reports --- dnsapi/dns_ispconfig.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 613631ca..5692454a 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -1,11 +1,12 @@ #!/usr/bin/env sh -#ISPConfig 3.1 API - Add remote user and give him access to at least the "DNS txt functions" - +# ISPConfig 3.1 API # User must provide login data and URL to the ISPConfig installation incl. port. The remote user in ISPConfig must have access to: # - DNS zone Functions # - DNS txt Functions +# Report bugs to https://github.com/sjau/acme.sh + # Values to export: # export ISPC_User="remoteUser" # export ISPC_Password="remotePasword" From 6c22c68bf6d309e43c042e8571272f395b1ab4f5 Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 08:56:57 +0100 Subject: [PATCH 23/39] Added missing return 1 --- dnsapi/dns_ispconfig.sh | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 5692454a..f6b590eb 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -54,6 +54,7 @@ _ISPC_login() { _info "Successfully retrieved Session ID." else _err "Couldn't retrieve the Session ID." + return 1 fi } @@ -77,22 +78,32 @@ _ISPC_getZoneInfo() { else zoneEnd=true _err "Couldn't retrieve zone info." + return 1 fi done if [ ${zoneFound} ]; then server_id=$(echo "${curResult}" | _egrep_o "server_id.*" | cut -d ':' -f 2 | cut -d '"' -f 2) case ${server_id} in - '' | *[!0-9]*) _err "Server ID is not numeric." ;; + '' | *[!0-9]*) + _err "Server ID is not numeric." + return 1 + ;; *) _info "Successfully retrieved Server ID" ;; esac zone=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2) case ${zone} in - '' | *[!0-9]*) _err "Zone ID is not numeric." ;; + '' | *[!0-9]*) + _err "Zone ID is not numeric." + return 1 + ;; *) _info "Successfully retrieved Zone ID" ;; esac client_id=$(echo "${curResult}" | _egrep_o "sys_userid.*" | cut -d ':' -f 2 | cut -d '"' -f 2) case ${client_id} in - '' | *[!0-9]*) _err "Client ID is not numeric." ;; + '' | *[!0-9]*) + _err "Client ID is not numeric." + return 1 + ;; *) _info "Successfully retrieved Client ID" ;; esac zoneFound="" @@ -108,7 +119,10 @@ _ISPC_addTxt() { curResult=$(_post "${curData}" "${ISPC_Api}?dns_txt_add") record_id=$(echo "${curResult}" | _egrep_o "\"response.*" | cut -d ':' -f 2 | cut -d '"' -f 2) case ${record_id} in - '' | *[!0-9]*) _err "Record ID is not numeric." ;; + '' | *[!0-9]*) + _err "Record ID is not numeric." + return 1 + ;; *) _info "Successfully retrieved Record ID" # Make space seperated string of record IDs for later removal. From 5b64c2a1922cb41d204ca733e7bb475bfd63c525 Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 09:12:54 +0100 Subject: [PATCH 24/39] Made HTTPS_INSECURE an option for the user --- dnsapi/dns_ispconfig.sh | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index f6b590eb..992fd284 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -11,12 +11,12 @@ # export ISPC_User="remoteUser" # export ISPC_Password="remotePasword" # export ISPC_Api="https://ispc.domain.tld:8080/remote/json.php" +# export ISPC_Api_Insecure=1 # Set 1 for insecure and 0 for secure -> difference is whether ssl cert is checked for validity (0) or whether it is just accepted (1) ######## Public functions ##################### #Usage: dns_myapi_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" dns_ispconfig_add() { - HTTPS_INSECURE=1 fulldomain="${1}" txtvalue="${2}" _ISPC_credentials && _ISPC_login && _ISPC_getZoneInfo && _ISPC_addTxt @@ -24,24 +24,27 @@ dns_ispconfig_add() { #Usage: dns_myapi_rm _acme-challenge.www.domain.com dns_ispconfig_rm() { - HTTPS_INSECURE=1 fulldomain="${1}" - _ISPC_login && _ISPC_rmTxt + _ISPC_credentials && _ISPC_login && _ISPC_rmTxt } #################### Private functions bellow ################################## _ISPC_credentials() { - if [ -z "$ISPC_User" ] || [ -z "$ISPC_Password" ] || [ -z "$ISPC_Api" ]; then + if [ -z "${ISPC_User}" ] || [ -z "$ISPC_Password" ] || [ -z "${ISPC_Api}" ] || [ -z "${ISPC_Api_Insecure}" ] ; then ISPC_User="" ISPC_Password="" ISPC_Api="" - _err "You haven't specified the ISPConfig Login data and the URL. Please try again." + ISPC_Api_Insecure="" + _err "You haven't specified the ISPConfig Login data, URL and whether you want check the ISPC SSL cert. Please try again." return 1 else _saveaccountconf ISPC_User "${ISPC_User}" _saveaccountconf ISPC_Password "${ISPC_Password}" _saveaccountconf ISPC_Api "${ISPC_Api}" + _saveaccountconf ISPC_Api_Insecure "${ISPC_Api_Insecure}" + # Set whether curl should use secure or insecure mode + HTTPS_INSECURE="${ISPC_Api_Insecure}" fi } From bacc637905b4f5117ecc741467ac40834b8f159c Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 09:50:24 +0100 Subject: [PATCH 25/39] Removed space --- dnsapi/dns_ispconfig.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 992fd284..57e8acd3 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -31,7 +31,7 @@ dns_ispconfig_rm() { #################### Private functions bellow ################################## _ISPC_credentials() { - if [ -z "${ISPC_User}" ] || [ -z "$ISPC_Password" ] || [ -z "${ISPC_Api}" ] || [ -z "${ISPC_Api_Insecure}" ] ; then + if [ -z "${ISPC_User}" ] || [ -z "$ISPC_Password" ] || [ -z "${ISPC_Api}" ] || [ -z "${ISPC_Api_Insecure}" ]; then ISPC_User="" ISPC_Password="" ISPC_Api="" From 4b974ccfde284221d9f0d2325085a0d31f3e34c8 Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 12:07:34 +0100 Subject: [PATCH 26/39] Added missing trailing . for the TXT name --- dnsapi/dns_ispconfig.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 57e8acd3..ceb42193 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -117,7 +117,7 @@ _ISPC_getZoneInfo() { _ISPC_addTxt() { curSerial="$(date +%s)" curStamp="$(date +'%F %T')" - params="\"server_id\":\"${server_id}\",\"zone\":\"${zone}\",\"name\":\"${fulldomain}\",\"type\":\"txt\",\"data\":\"${txtvalue}\",\"aux\":\"0\",\"ttl\":\"3600\",\"active\":\"y\",\"stamp\":\"${curStamp}\",\"serial\":\"${curSerial}\"" + params="\"server_id\":\"${server_id}\",\"zone\":\"${zone}\",\"name\":\"${fulldomain}.\",\"type\":\"txt\",\"data\":\"${txtvalue}\",\"aux\":\"0\",\"ttl\":\"3600\",\"active\":\"y\",\"stamp\":\"${curStamp}\",\"serial\":\"${curSerial}\"" curData="{\"session_id\":\"${sessionID}\",\"client_id\":\"${client_id}\",\"params\":{${params}}}" curResult=$(_post "${curData}" "${ISPC_Api}?dns_txt_add") record_id=$(echo "${curResult}" | _egrep_o "\"response.*" | cut -d ':' -f 2 | cut -d '"' -f 2) From 6000b79be465e98d6a94308f77619aecf52b6b0c Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 14:05:54 +0100 Subject: [PATCH 27/39] Refactored the _ISPC_rmTXT() function --- dnsapi/dns_ispconfig.sh | 43 ++++++++++++++++++++++++++++++++--------- 1 file changed, 34 insertions(+), 9 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index ceb42193..381ebda6 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -135,15 +135,40 @@ _ISPC_addTxt() { } _ISPC_rmTxt() { - IFS=" " - for i in $record_data; do - curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${i}\"}" - curResult=$(_post "${curData}" "${ISPC_Api}?dns_txt_delete") - if _contains "${curResult}" '"code":"ok"'; then - _info "Successfully removed ACME challenge txt record." - else - # Setting it to debug only because there's no harm if the txt remains - _debug "Couldn't remove ACME challenge txt record." + # Need to get the record ID. + curData="{\"session_id\":\"${sessionID}\",\"primary_id\":[{\"name\":\"${fulldomain}.\"}]}" + curResult=$(_post "${curData}" "${ISPC_Api}?dns_txt_get") + # The array search doesn't work properly... so we loop through all retrieved records and check if it contains $fulldomain + IFS='{' + for i in ${curResult}; do + if _contains "${i}" "${fulldomain}"; then + _info "Successfully found ACME challenge txt record." + record_id=$(echo "${i}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2) + case ${record_id} in + '' | *[!0-9]*) + # Setting to debug only becase there's no harm if the txt record remains + _debug "Record ID is not numeric." + return 1 + ;; + *) _info "Successfully retrieved Record ID" ;; + esac fi done + # Check if a record id was found + if [ -z "${record_id}" ]; then + _debug "No Record ID found for '${fulldomain}'" + return 1 + fi + # Delete the record + curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${record_id}\"}" + echo $curData; + curResult=$(_post "${curData}" "${ISPC_Api}?dns_txt_delete") + echo $curResult; exit; + if _contains "${curResult}" '"code":"ok"'; then + _info "Successfully removed ACME challenge txt record." + else + # Setting it to debug only because there's no harm if the txt record remains + _debug "Couldn't remove ACME challenge txt record." + return 1 + fi } From e4b89a81c10e27dbc4a5db0fd984e404a2c273f7 Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 14:18:30 +0100 Subject: [PATCH 28/39] Added more quotes --- dnsapi/dns_ispconfig.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 381ebda6..d535020f 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -65,7 +65,7 @@ _ISPC_getZoneInfo() { _info "Getting Zoneinfo" zoneEnd=false curZone="${fulldomain}" - while [ ${zoneEnd} = false ]; do + while [ "${zoneEnd}" = false ]; do # we can strip the first part of the fulldomain, since it's just the _acme-challenge string curZone="${curZone#*.}" # suffix . needed for zone -> domain.tld. @@ -84,9 +84,9 @@ _ISPC_getZoneInfo() { return 1 fi done - if [ ${zoneFound} ]; then + if [ "${zoneFound}" ]; then server_id=$(echo "${curResult}" | _egrep_o "server_id.*" | cut -d ':' -f 2 | cut -d '"' -f 2) - case ${server_id} in + case "${server_id}" in '' | *[!0-9]*) _err "Server ID is not numeric." return 1 @@ -94,7 +94,7 @@ _ISPC_getZoneInfo() { *) _info "Successfully retrieved Server ID" ;; esac zone=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2) - case ${zone} in + case "${zone}" in '' | *[!0-9]*) _err "Zone ID is not numeric." return 1 @@ -102,7 +102,7 @@ _ISPC_getZoneInfo() { *) _info "Successfully retrieved Zone ID" ;; esac client_id=$(echo "${curResult}" | _egrep_o "sys_userid.*" | cut -d ':' -f 2 | cut -d '"' -f 2) - case ${client_id} in + case "${client_id}" in '' | *[!0-9]*) _err "Client ID is not numeric." return 1 @@ -121,7 +121,7 @@ _ISPC_addTxt() { curData="{\"session_id\":\"${sessionID}\",\"client_id\":\"${client_id}\",\"params\":{${params}}}" curResult=$(_post "${curData}" "${ISPC_Api}?dns_txt_add") record_id=$(echo "${curResult}" | _egrep_o "\"response.*" | cut -d ':' -f 2 | cut -d '"' -f 2) - case ${record_id} in + case "${record_id}" in '' | *[!0-9]*) _err "Record ID is not numeric." return 1 @@ -144,7 +144,7 @@ _ISPC_rmTxt() { if _contains "${i}" "${fulldomain}"; then _info "Successfully found ACME challenge txt record." record_id=$(echo "${i}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2) - case ${record_id} in + case "${record_id}" in '' | *[!0-9]*) # Setting to debug only becase there's no harm if the txt record remains _debug "Record ID is not numeric." From 81bdd9ba7c5954bc888e69c356b5314d0c7823f2 Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 14:21:33 +0100 Subject: [PATCH 29/39] also quoted to _post queries --- dnsapi/dns_ispconfig.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index d535020f..08429c42 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -51,7 +51,7 @@ _ISPC_credentials() { _ISPC_login() { _info "Getting Session ID" curData="{\"username\":\"${ISPC_User}\",\"password\":\"${ISPC_Password}\",\"client_login\":false}" - curResult=$(_post "${curData}" "${ISPC_Api}?login") + curResult="$(_post "${curData}" "${ISPC_Api}?login")" if _contains "${curResult}" '"code":"ok"'; then sessionID=$(echo "${curResult}" | _egrep_o "response.*" | cut -d ':' -f 2 | cut -d '"' -f 2) _info "Successfully retrieved Session ID." @@ -70,7 +70,7 @@ _ISPC_getZoneInfo() { curZone="${curZone#*.}" # suffix . needed for zone -> domain.tld. curData="{\"session_id\":\"${sessionID}\",\"primary_id\":[{\"origin\":\"${curZone}.\"}]}" - curResult=$(_post "${curData}" "${ISPC_Api}?dns_zone_get") + curResult="$(_post "${curData}" "${ISPC_Api}?dns_zone_get")" if _contains "${curResult}" '"id":"'; then zoneFound=true zoneEnd=true @@ -119,7 +119,7 @@ _ISPC_addTxt() { curStamp="$(date +'%F %T')" params="\"server_id\":\"${server_id}\",\"zone\":\"${zone}\",\"name\":\"${fulldomain}.\",\"type\":\"txt\",\"data\":\"${txtvalue}\",\"aux\":\"0\",\"ttl\":\"3600\",\"active\":\"y\",\"stamp\":\"${curStamp}\",\"serial\":\"${curSerial}\"" curData="{\"session_id\":\"${sessionID}\",\"client_id\":\"${client_id}\",\"params\":{${params}}}" - curResult=$(_post "${curData}" "${ISPC_Api}?dns_txt_add") + curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_add")" record_id=$(echo "${curResult}" | _egrep_o "\"response.*" | cut -d ':' -f 2 | cut -d '"' -f 2) case "${record_id}" in '' | *[!0-9]*) @@ -137,7 +137,7 @@ _ISPC_addTxt() { _ISPC_rmTxt() { # Need to get the record ID. curData="{\"session_id\":\"${sessionID}\",\"primary_id\":[{\"name\":\"${fulldomain}.\"}]}" - curResult=$(_post "${curData}" "${ISPC_Api}?dns_txt_get") + curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_get")" # The array search doesn't work properly... so we loop through all retrieved records and check if it contains $fulldomain IFS='{' for i in ${curResult}; do @@ -162,7 +162,7 @@ _ISPC_rmTxt() { # Delete the record curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${record_id}\"}" echo $curData; - curResult=$(_post "${curData}" "${ISPC_Api}?dns_txt_delete") + curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_delete")" echo $curResult; exit; if _contains "${curResult}" '"code":"ok"'; then _info "Successfully removed ACME challenge txt record." From 060da2eface3d731375cac7e7c8630e369f4769d Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 14:25:28 +0100 Subject: [PATCH 30/39] Removed testing echos and exit --- dnsapi/dns_ispconfig.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 08429c42..95c39643 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -161,9 +161,7 @@ _ISPC_rmTxt() { fi # Delete the record curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${record_id}\"}" - echo $curData; curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_delete")" - echo $curResult; exit; if _contains "${curResult}" '"code":"ok"'; then _info "Successfully removed ACME challenge txt record." else From 2ac17121d286831ceecd682804443261cfe60406 Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 14:29:08 +0100 Subject: [PATCH 31/39] Refactored the _ISPC_rmTxt() function --- dnsapi/dns_ispconfig.sh | 28 ++++++++++++---------------- 1 file changed, 12 insertions(+), 16 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 95c39643..768d9fe3 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -150,23 +150,19 @@ _ISPC_rmTxt() { _debug "Record ID is not numeric." return 1 ;; - *) _info "Successfully retrieved Record ID" ;; + *) + _info "Successfully retrieved Record ID" + curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${record_id}\"}" + curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_delete")" + if _contains "${curResult}" '"code":"ok"'; then + _info "Successfully removed ACME challenge txt record." + else + # Setting it to debug only because there's no harm if the txt record remains + _debug "Couldn't remove ACME challenge txt record." + return 1 + fi + ;; esac fi done - # Check if a record id was found - if [ -z "${record_id}" ]; then - _debug "No Record ID found for '${fulldomain}'" - return 1 - fi - # Delete the record - curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${record_id}\"}" - curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_delete")" - if _contains "${curResult}" '"code":"ok"'; then - _info "Successfully removed ACME challenge txt record." - else - # Setting it to debug only because there's no harm if the txt record remains - _debug "Couldn't remove ACME challenge txt record." - return 1 - fi } From a7476315d7df64be105dda6fbe292fb8ea0ebe64 Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 18:28:03 +0100 Subject: [PATCH 32/39] Data submission failed because IFS was still set - fixed by unsetting IFS --- dnsapi/dns_ispconfig.sh | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 768d9fe3..9705db41 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -146,19 +146,18 @@ _ISPC_rmTxt() { record_id=$(echo "${i}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2) case "${record_id}" in '' | *[!0-9]*) - # Setting to debug only becase there's no harm if the txt record remains - _debug "Record ID is not numeric." + _err "Record ID is not numeric." return 1 ;; *) + unset IFS _info "Successfully retrieved Record ID" curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${record_id}\"}" curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_delete")" if _contains "${curResult}" '"code":"ok"'; then _info "Successfully removed ACME challenge txt record." else - # Setting it to debug only because there's no harm if the txt record remains - _debug "Couldn't remove ACME challenge txt record." + _err "Couldn't remove ACME challenge txt record." return 1 fi ;; From a1ca2f3f70f4005a237a1ab071875b562a15cd7e Mon Sep 17 00:00:00 2001 From: sjau Date: Tue, 22 Nov 2016 20:16:33 +0100 Subject: [PATCH 33/39] Rebasing original source --- .README.md.kate-swp | Bin 0 -> 375 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 .README.md.kate-swp diff --git a/.README.md.kate-swp b/.README.md.kate-swp new file mode 100644 index 0000000000000000000000000000000000000000..cf3bf73857dd9866a5eb67b50f244f7526fa4527 GIT binary patch literal 375 zcmYk%I|{-;6a~;X{{M-ww3!7+{M8l`MhG^-6xJ!C21F$YcCNyOxECRf%WwncR(Ga5 zT;6+gMI_iJ_f*?Qa?_jaoa#k56A}M3$)E4M_yphS__r!vb}yppW#SoYY+RyI0#D6p z1&4G6)^rt)=^E_p!vVEpjvFeXoA8xx!56v>ALtI8(OvjR_h9FLeR#=y06Tp=*y-!T Q&ioKwb3TBbJ|j3be Date: Tue, 22 Nov 2016 20:17:19 +0100 Subject: [PATCH 34/39] Rebasing original source --- .README.md.kate-swp | Bin 375 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 .README.md.kate-swp diff --git a/.README.md.kate-swp b/.README.md.kate-swp deleted file mode 100644 index cf3bf73857dd9866a5eb67b50f244f7526fa4527..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 375 zcmYk%I|{-;6a~;X{{M-ww3!7+{M8l`MhG^-6xJ!C21F$YcCNyOxECRf%WwncR(Ga5 zT;6+gMI_iJ_f*?Qa?_jaoa#k56A}M3$)E4M_yphS__r!vb}yppW#SoYY+RyI0#D6p z1&4G6)^rt)=^E_p!vVEpjvFeXoA8xx!56v>ALtI8(OvjR_h9FLeR#=y06Tp=*y-!T Q&ioKwb3TBbJ|j3be Date: Tue, 22 Nov 2016 20:27:18 +0100 Subject: [PATCH 35/39] Update Documentation for ISPConfig API --- README.md | 1 + dnsapi/README.md | 26 ++++++++++++++++++++++++-- 2 files changed, 25 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 69348bf9..cd277984 100644 --- a/README.md +++ b/README.md @@ -260,6 +260,7 @@ You don't have to do anything manually! 1. LuaDNS.com API 1. DNSMadeEasy.com API 1. nsupdate API +1. ISPConfig 3.1 API **More APIs coming soon...** diff --git a/dnsapi/README.md b/dnsapi/README.md index 9a8730c9..6d830b15 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -201,7 +201,29 @@ acme.sh --issue --dns dns_aws -d example.com -d www.example.com The `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. -# 11. Use custom API +## 11. Use ISPConfig 3.1 API + +This only works for ISPConfig 3.1 (and newer). + +Create a Remote User in the ISPConfig Control Panel. The Remote User must have access to at least `DNS zone functions` and `DNS txt functions`. + +``` +export ISPC_User="xxx" +export ISPC_Password="xxx" +export ISPC_Api="https://ispc.domain.tld:8080/remote/json.php" +export ISPC_Api_Insecure=1 +``` +If you have installed ISPConfig on a different port, then alter the 8080 accordingly. +Leaver ISPC_Api_Insecure set to 1 if you have not a valid ssl cert for your installation. Change it to 0 if you have a valid ssl cert. + +To issue a cert: +``` +acme.sh --issue --dns dns_ispconfig -d example.com -d www.example.com +``` + +The `ISPC_User`, `ISPC_Password`, `ISPC_Api`and `ISPC_Api_Insecure` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. + +# 12. Use custom API If your API is not supported yet, you can write your own DNS API. @@ -218,6 +240,6 @@ acme.sh --issue --dns dns_myapi -d example.com -d www.example.com For more details, please check our sample script: [dns_myapi.sh](dns_myapi.sh) -## 12. Use lexicon DNS API +## 13. Use lexicon DNS API https://github.com/Neilpang/acme.sh/wiki/How-to-use-lexicon-dns-api From b64b4f8ea7e98c42f8806f4d7a72247d27effc65 Mon Sep 17 00:00:00 2001 From: hyper Date: Wed, 23 Nov 2016 09:32:16 +0100 Subject: [PATCH 36/39] Updated info, debug and error texts --- dnsapi/dns_ispconfig.sh | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 9705db41..e0fe50ca 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -54,7 +54,7 @@ _ISPC_login() { curResult="$(_post "${curData}" "${ISPC_Api}?login")" if _contains "${curResult}" '"code":"ok"'; then sessionID=$(echo "${curResult}" | _egrep_o "response.*" | cut -d ':' -f 2 | cut -d '"' -f 2) - _info "Successfully retrieved Session ID." + _info "Retrieved Session ID." else _err "Couldn't retrieve the Session ID." return 1 @@ -74,13 +74,13 @@ _ISPC_getZoneInfo() { if _contains "${curResult}" '"id":"'; then zoneFound=true zoneEnd=true - _info "Successfully retrieved zone data." + _info "Retrieved zone data." fi if [ "${curZone#*.}" != "$curZone" ]; then _debug2 "$curZone still contains a '.' - so we can check next higher level" else zoneEnd=true - _err "Couldn't retrieve zone info." + _err "Couldn't retrieve zone data." return 1 fi done @@ -91,7 +91,7 @@ _ISPC_getZoneInfo() { _err "Server ID is not numeric." return 1 ;; - *) _info "Successfully retrieved Server ID" ;; + *) _info "Retrieved Server ID" ;; esac zone=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2) case "${zone}" in @@ -99,7 +99,7 @@ _ISPC_getZoneInfo() { _err "Zone ID is not numeric." return 1 ;; - *) _info "Successfully retrieved Zone ID" ;; + *) _info "Retrieved Zone ID" ;; esac client_id=$(echo "${curResult}" | _egrep_o "sys_userid.*" | cut -d ':' -f 2 | cut -d '"' -f 2) case "${client_id}" in @@ -107,7 +107,7 @@ _ISPC_getZoneInfo() { _err "Client ID is not numeric." return 1 ;; - *) _info "Successfully retrieved Client ID" ;; + *) _info "Retrieved Client ID." ;; esac zoneFound="" zoneEnd="" @@ -123,11 +123,11 @@ _ISPC_addTxt() { record_id=$(echo "${curResult}" | _egrep_o "\"response.*" | cut -d ':' -f 2 | cut -d '"' -f 2) case "${record_id}" in '' | *[!0-9]*) - _err "Record ID is not numeric." + _err "Couldn't add ACME Challenge TXT record to zone." return 1 ;; *) - _info "Successfully retrieved Record ID" + _info "Added ACME Challenge TXT record to zone." # Make space seperated string of record IDs for later removal. record_data="$record_data $record_id" ;; @@ -142,7 +142,7 @@ _ISPC_rmTxt() { IFS='{' for i in ${curResult}; do if _contains "${i}" "${fulldomain}"; then - _info "Successfully found ACME challenge txt record." + _info "Retrieved ACME Challenge TXT record." record_id=$(echo "${i}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2) case "${record_id}" in '' | *[!0-9]*) @@ -151,13 +151,13 @@ _ISPC_rmTxt() { ;; *) unset IFS - _info "Successfully retrieved Record ID" + _info "Retrieved Record ID" curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${record_id}\"}" curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_delete")" if _contains "${curResult}" '"code":"ok"'; then - _info "Successfully removed ACME challenge txt record." + _info "Removed ACME Challenge TXT record from zone." else - _err "Couldn't remove ACME challenge txt record." + _err "Couldn't remove ACME Challenge TXT record from zone." return 1 fi ;; From c32a62a4c48b41346c7896d0ff654d93d5b10f9e Mon Sep 17 00:00:00 2001 From: hyper Date: Wed, 23 Nov 2016 09:33:20 +0100 Subject: [PATCH 37/39] Removed record_id string upon adding a record --- dnsapi/dns_ispconfig.sh | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index e0fe50ca..5a80e6fb 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -126,11 +126,7 @@ _ISPC_addTxt() { _err "Couldn't add ACME Challenge TXT record to zone." return 1 ;; - *) - _info "Added ACME Challenge TXT record to zone." - # Make space seperated string of record IDs for later removal. - record_data="$record_data $record_id" - ;; + *) _info "Added ACME Challenge TXT record to zone." ;; esac } From d072b2c9f83fe4054ba773fbca2c9b06f706e883 Mon Sep 17 00:00:00 2001 From: hyper Date: Wed, 23 Nov 2016 17:06:24 +0100 Subject: [PATCH 38/39] Record ID for removal can be accessed directly now --- dnsapi/dns_ispconfig.sh | 48 +++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 26 deletions(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index 5a80e6fb..a00e0428 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -132,32 +132,28 @@ _ISPC_addTxt() { _ISPC_rmTxt() { # Need to get the record ID. - curData="{\"session_id\":\"${sessionID}\",\"primary_id\":[{\"name\":\"${fulldomain}.\"}]}" + primary="\"primary_id\":{\"name\":\"${fulldomain}.\",\"type\":\"TXT\"}" + curData="{\"session_id\":\"${sessionID}\",\"primary_id\":{\"name\":\"${fulldomain}.\",\"type\":\"TXT\"}}" curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_get")" - # The array search doesn't work properly... so we loop through all retrieved records and check if it contains $fulldomain - IFS='{' - for i in ${curResult}; do - if _contains "${i}" "${fulldomain}"; then - _info "Retrieved ACME Challenge TXT record." - record_id=$(echo "${i}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2) - case "${record_id}" in - '' | *[!0-9]*) - _err "Record ID is not numeric." + if _contains "${curResult}" '"code":"ok"'; then + record_id=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2) + case "${record_id}" in + '' | *[!0-9]*) + _err "Record ID is not numeric." + return 1 + ;; + *) + unset IFS + _info "Retrieved Record ID." + curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${record_id}\"}" + curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_delete")" + if _contains "${curResult}" '"code":"ok"'; then + _info "Removed ACME Challenge TXT record from zone." + else + _err "Couldn't remove ACME Challenge TXT record from zone." return 1 - ;; - *) - unset IFS - _info "Retrieved Record ID" - curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${record_id}\"}" - curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_delete")" - if _contains "${curResult}" '"code":"ok"'; then - _info "Removed ACME Challenge TXT record from zone." - else - _err "Couldn't remove ACME Challenge TXT record from zone." - return 1 - fi - ;; - esac - fi - done + fi + ;; + esac + fi } From 81a902d0f0cd63b8616d60608c71359c9ed53125 Mon Sep 17 00:00:00 2001 From: hyper Date: Wed, 23 Nov 2016 17:07:45 +0100 Subject: [PATCH 39/39] Removed testing var --- dnsapi/dns_ispconfig.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/dnsapi/dns_ispconfig.sh b/dnsapi/dns_ispconfig.sh index a00e0428..eb55d356 100755 --- a/dnsapi/dns_ispconfig.sh +++ b/dnsapi/dns_ispconfig.sh @@ -132,7 +132,6 @@ _ISPC_addTxt() { _ISPC_rmTxt() { # Need to get the record ID. - primary="\"primary_id\":{\"name\":\"${fulldomain}.\",\"type\":\"TXT\"}" curData="{\"session_id\":\"${sessionID}\",\"primary_id\":{\"name\":\"${fulldomain}.\",\"type\":\"TXT\"}}" curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_get")" if _contains "${curResult}" '"code":"ok"'; then