Browse Source
These are the pros and cons of dns_he_dyntxt, compared to dns_he: Pros: - No need to store a dns.he.net account password on your server - Uses a very simple write-only API Cons: - You must manually create placeholder _acme-challenge TXT records, and generate/copy the same DDNS key across all records. - This script WILL FAIL to issue both a domain and its wildcard, because '-d example.com -d *.example.com' requires multiple TXT records. Switch to 'dns_he' if you need this feature.pull/4318/head
Paul Marks
2 years ago
1 changed files with 86 additions and 0 deletions
@ -0,0 +1,86 @@
|
||||
#!/usr/bin/env sh |
||||
|
||||
######################################################################## |
||||
# Hurricane Electric hook script for acme.sh (dynamic TXT API) |
||||
# |
||||
# These are the pros and cons of dns_he_dyntxt, compared to dns_he: |
||||
# Pros: |
||||
# - No need to store a dns.he.net account password on your server |
||||
# - Uses a very simple write-only API |
||||
# Cons: |
||||
# - You must manually create placeholder _acme-challenge TXT records, |
||||
# and generate/copy the same DDNS key across all records. |
||||
# - This script WILL FAIL to issue both a domain and its wildcard, because |
||||
# '-d example.com -d *.example.com' requires multiple TXT records. |
||||
# Switch to 'dns_he' if you need this feature. |
||||
# |
||||
# Environment variable: |
||||
# HE_DynTXT_Key - DDNS key for all _acme-challenge TXT records |
||||
######################################################################## |
||||
|
||||
# Cheat sheet for passing the DNS.yml API test: |
||||
# - Set TEST_DNS_NO_WILDCARD=1 |
||||
# - Create placeholder TXT records for the following domain names: |
||||
# - _acme-challenge.$TestingDomain |
||||
# - acmetestXyzRandomName.$TestingDomain |
||||
|
||||
HE_DynTXT_Api="https://dyn.dns.he.net/nic/update" |
||||
|
||||
######## Public functions ##################### |
||||
|
||||
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
||||
dns_he_dyntxt_add() { |
||||
fulldomain=$1 |
||||
txtvalue=$2 |
||||
|
||||
HE_DynTXT_Key="${HE_DynTXT_Key:-$(_readaccountconf_mutable HE_DynTXT_Key)}" |
||||
|
||||
if [ -z "$HE_DynTXT_Key" ]; then |
||||
HE_DynTXT_Key="" |
||||
_err "Missing HE_DynTXT_Key. See dnsapi/dns_he_dyntxt.sh for instructions." |
||||
return 1 |
||||
fi |
||||
|
||||
#save the DDNS key to the account conf file. |
||||
_saveaccountconf_mutable HE_DynTXT_Key "$HE_DynTXT_Key" |
||||
|
||||
_info "Updating record $fulldomain" |
||||
_he_dyntxt_post "$fulldomain" "$txtvalue" |
||||
return "$?" |
||||
} |
||||
|
||||
dns_he_dyntxt_rm() { |
||||
fulldomain=$1 |
||||
txtvalue='""' # The record is just cleared, not removed. |
||||
|
||||
HE_DynTXT_Key="${HE_DynTXT_Key:-$(_readaccountconf_mutable HE_DynTXT_Key)}" |
||||
|
||||
_info "Clearing record $fulldomain" |
||||
_he_dyntxt_post "$fulldomain" "$txtvalue" |
||||
return "$?" |
||||
} |
||||
|
||||
##################### Private functions below ################################## |
||||
|
||||
_he_dyntxt_post() { |
||||
hostname=$1 |
||||
txt=$2 |
||||
response="$(_post "hostname=$hostname&password=$HE_DynTXT_Key&txt=$txt" "$HE_DynTXT_Api")" |
||||
|
||||
if [ "$?" != "0" ]; then |
||||
_err "POST failed" |
||||
return 1 |
||||
fi |
||||
_debug2 response "$response" |
||||
|
||||
if _contains "$response" "good" || _contains "$response" "nochg"; then |
||||
_info "Updated, OK" |
||||
return 0 |
||||
elif _contains "$response" "badauth"; then |
||||
_err "'$hostname' missing placeholder TXT record, or DDNS key incorrect" |
||||
return 1 |
||||
else |
||||
_err "Unknown POST response: $response" |
||||
return 1 |
||||
fi |
||||
} |
||||
Loading…
Reference in new issue