From 3b8608761b53fb6fce3991012e4cbf82109ab653 Mon Sep 17 00:00:00 2001 From: "Kirill A. Korinsky" Date: Sun, 17 Nov 2024 20:58:06 +0100 Subject: [PATCH 01/37] Fix syntax for OpenBSD sh --- dnsapi/dns_netcup.sh | 6 +++--- notify/aws_ses.sh | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/dnsapi/dns_netcup.sh b/dnsapi/dns_netcup.sh index 687b99bc..8609adf6 100644 --- a/dnsapi/dns_netcup.sh +++ b/dnsapi/dns_netcup.sh @@ -19,7 +19,7 @@ client="" dns_netcup_add() { _debug NC_Apikey "$NC_Apikey" - login + _login if [ "$NC_Apikey" = "" ] || [ "$NC_Apipw" = "" ] || [ "$NC_CID" = "" ]; then _err "No Credentials given" return 1 @@ -61,7 +61,7 @@ dns_netcup_add() { } dns_netcup_rm() { - login + _login fulldomain=$1 txtvalue=$2 @@ -125,7 +125,7 @@ dns_netcup_rm() { logout } -login() { +_login() { tmp=$(_post "{\"action\": \"login\", \"param\": {\"apikey\": \"$NC_Apikey\", \"apipassword\": \"$NC_Apipw\", \"customernumber\": \"$NC_CID\"}}" "$end" "" "POST") sid=$(echo "$tmp" | tr '{}' '\n' | grep apisessionid | cut -d '"' -f 4) _debug "$tmp" diff --git a/notify/aws_ses.sh b/notify/aws_ses.sh index 30db45ad..07e0c48c 100644 --- a/notify/aws_ses.sh +++ b/notify/aws_ses.sh @@ -89,7 +89,7 @@ _use_metadata() { _normalizeJson | tr '{,}' '\n' | while read -r _line; do - _key="$(echo "${_line%%:*}" | tr -d '"')" + _key="$(echo "${_line%%:*}" | tr -d \")" _value="${_line#*:}" _debug3 "_key" "$_key" _secure_debug3 "_value" "$_value" From 03e9c612b9138a8174aaf8a3a9c81b7866fdbccf Mon Sep 17 00:00:00 2001 From: Alex Date: Fri, 20 Dec 2024 10:34:51 +0100 Subject: [PATCH 02/37] Correct file ownership according to keystore directory --- deploy/unifi.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/deploy/unifi.sh b/deploy/unifi.sh index 4d8c058e..9ee7114c 100644 --- a/deploy/unifi.sh +++ b/deploy/unifi.sh @@ -135,6 +135,15 @@ unifi_deploy() { cp -f "$_import_pkcs12" "$_unifi_keystore" fi + # correct file ownership according to the directory, the keystore is placed in + _unifi_keystore_dir=$(dirname "${_unifi_keystore}") + _unifi_keystore_dir_owner=$(ls -ld "${_unifi_keystore_dir}" | awk '{print $3}') + _unifi_keystore_owner=$(ls -l "${_unifi_keystore}" | awk '{print $3}') + if ! [ "${_unifi_keystore_owner}" = "${_unifi_keystore_dir_owner}" ] ; then + _debug "Changing keystore owner to ${_unifi_keystore_dir_owner}" + chown $_unifi_keystore_dir_owner "${_unifi_keystore}" >/dev/null 2>&1 # fail quietly if we're not running as root + fi + # Update unifi service for certificate cipher compatibility if ${ACME_OPENSSL_BIN:-openssl} pkcs12 \ -in "$_import_pkcs12" \ From 0e1d90dd0c6eb8ce2c57a9e71ba79b41283b4b07 Mon Sep 17 00:00:00 2001 From: Alex Date: Fri, 20 Dec 2024 10:36:45 +0100 Subject: [PATCH 03/37] Properly guess system.properties location --- deploy/unifi.sh | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/deploy/unifi.sh b/deploy/unifi.sh index 9ee7114c..9ae54f2b 100644 --- a/deploy/unifi.sh +++ b/deploy/unifi.sh @@ -150,14 +150,21 @@ unifi_deploy() { -password pass:aircontrolenterprise \ -nokeys | ${ACME_OPENSSL_BIN:-openssl} x509 -text \ -noout | grep -i "signature" | grep -iq ecdsa >/dev/null 2>&1; then - cp -f /usr/lib/unifi/data/system.properties /usr/lib/unifi/data/system.properties_original - _info "Updating system configuration for cipher compatibility." - _info "Saved original system config to /usr/lib/unifi/data/system.properties_original" - sed -i '/unifi\.https\.ciphers/d' /usr/lib/unifi/data/system.properties - echo "unifi.https.ciphers=ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES128-GCM-SHA256" >>/usr/lib/unifi/data/system.properties - sed -i '/unifi\.https\.sslEnabledProtocols/d' /usr/lib/unifi/data/system.properties - echo "unifi.https.sslEnabledProtocols=TLSv1.3,TLSv1.2" >>/usr/lib/unifi/data/system.properties - _info "System configuration updated." + if [ -f "$(dirname ${DEPLOY_UNIFI_KEYSTORE})/system.properties" ] ; then + _unifi_system_properties="$(dirname ${DEPLOY_UNIFI_KEYSTORE})/system.properties" + else + _unifi_system_properties="/usr/lib/unifi/data/system.properties" + fi + if [ -f "${_unifi_system_properties}" ] ; then + cp -f "${_unifi_system_properties}" "${_unifi_system_properties}"_original + _info "Updating system configuration for cipher compatibility." + _info "Saved original system config to ${_unifi_system_properties}_original" + sed -i '/unifi\.https\.ciphers/d' "${_unifi_system_properties}" + echo "unifi.https.ciphers=ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES128-GCM-SHA256" >>"${_unifi_system_properties}" + sed -i '/unifi\.https\.sslEnabledProtocols/d' "${_unifi_system_properties}" + echo "unifi.https.sslEnabledProtocols=TLSv1.3,TLSv1.2" >>"${_unifi_system_properties}" + _info "System configuration updated." + fi fi rm "$_import_pkcs12" From d75077c6f905c30caf983e076cf66b640d260967 Mon Sep 17 00:00:00 2001 From: neil Date: Sun, 22 Dec 2024 13:36:43 +0100 Subject: [PATCH 04/37] fix format --- deploy/unifi.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy/unifi.sh b/deploy/unifi.sh index 9ae54f2b..23784099 100644 --- a/deploy/unifi.sh +++ b/deploy/unifi.sh @@ -139,7 +139,7 @@ unifi_deploy() { _unifi_keystore_dir=$(dirname "${_unifi_keystore}") _unifi_keystore_dir_owner=$(ls -ld "${_unifi_keystore_dir}" | awk '{print $3}') _unifi_keystore_owner=$(ls -l "${_unifi_keystore}" | awk '{print $3}') - if ! [ "${_unifi_keystore_owner}" = "${_unifi_keystore_dir_owner}" ] ; then + if ! [ "${_unifi_keystore_owner}" = "${_unifi_keystore_dir_owner}" ]; then _debug "Changing keystore owner to ${_unifi_keystore_dir_owner}" chown $_unifi_keystore_dir_owner "${_unifi_keystore}" >/dev/null 2>&1 # fail quietly if we're not running as root fi @@ -150,12 +150,12 @@ unifi_deploy() { -password pass:aircontrolenterprise \ -nokeys | ${ACME_OPENSSL_BIN:-openssl} x509 -text \ -noout | grep -i "signature" | grep -iq ecdsa >/dev/null 2>&1; then - if [ -f "$(dirname ${DEPLOY_UNIFI_KEYSTORE})/system.properties" ] ; then + if [ -f "$(dirname ${DEPLOY_UNIFI_KEYSTORE})/system.properties" ]; then _unifi_system_properties="$(dirname ${DEPLOY_UNIFI_KEYSTORE})/system.properties" else _unifi_system_properties="/usr/lib/unifi/data/system.properties" fi - if [ -f "${_unifi_system_properties}" ] ; then + if [ -f "${_unifi_system_properties}" ]; then cp -f "${_unifi_system_properties}" "${_unifi_system_properties}"_original _info "Updating system configuration for cipher compatibility." _info "Saved original system config to ${_unifi_system_properties}_original" From a9f97e1fe2a914acb7bfa2fd04c9829b2e40957a Mon Sep 17 00:00:00 2001 From: neil Date: Sun, 22 Dec 2024 14:17:33 +0100 Subject: [PATCH 05/37] fix format --- deploy/unifi.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy/unifi.sh b/deploy/unifi.sh index 23784099..a50b06ff 100644 --- a/deploy/unifi.sh +++ b/deploy/unifi.sh @@ -141,7 +141,7 @@ unifi_deploy() { _unifi_keystore_owner=$(ls -l "${_unifi_keystore}" | awk '{print $3}') if ! [ "${_unifi_keystore_owner}" = "${_unifi_keystore_dir_owner}" ]; then _debug "Changing keystore owner to ${_unifi_keystore_dir_owner}" - chown $_unifi_keystore_dir_owner "${_unifi_keystore}" >/dev/null 2>&1 # fail quietly if we're not running as root + chown "$_unifi_keystore_dir_owner" "${_unifi_keystore}" >/dev/null 2>&1 # fail quietly if we're not running as root fi # Update unifi service for certificate cipher compatibility @@ -150,8 +150,8 @@ unifi_deploy() { -password pass:aircontrolenterprise \ -nokeys | ${ACME_OPENSSL_BIN:-openssl} x509 -text \ -noout | grep -i "signature" | grep -iq ecdsa >/dev/null 2>&1; then - if [ -f "$(dirname ${DEPLOY_UNIFI_KEYSTORE})/system.properties" ]; then - _unifi_system_properties="$(dirname ${DEPLOY_UNIFI_KEYSTORE})/system.properties" + if [ -f "$(dirname "${DEPLOY_UNIFI_KEYSTORE}")/system.properties" ]; then + _unifi_system_properties="$(dirname "${DEPLOY_UNIFI_KEYSTORE}")/system.properties" else _unifi_system_properties="/usr/lib/unifi/data/system.properties" fi From 02da1700e0ff5bff4bb8f72e60f5e4394f13e8b9 Mon Sep 17 00:00:00 2001 From: neil Date: Sun, 22 Dec 2024 14:19:58 +0100 Subject: [PATCH 06/37] fix format --- deploy/unifi.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy/unifi.sh b/deploy/unifi.sh index a50b06ff..1c9dfb44 100644 --- a/deploy/unifi.sh +++ b/deploy/unifi.sh @@ -137,8 +137,8 @@ unifi_deploy() { # correct file ownership according to the directory, the keystore is placed in _unifi_keystore_dir=$(dirname "${_unifi_keystore}") - _unifi_keystore_dir_owner=$(ls -ld "${_unifi_keystore_dir}" | awk '{print $3}') - _unifi_keystore_owner=$(ls -l "${_unifi_keystore}" | awk '{print $3}') + _unifi_keystore_dir_owner=$(find "${_unifi_keystore_dir}" -maxdepth 0 -printf '%u\n') + _unifi_keystore_owner=$(find "${_unifi_keystore}" -maxdepth 0 -printf '%u\n') if ! [ "${_unifi_keystore_owner}" = "${_unifi_keystore_dir_owner}" ]; then _debug "Changing keystore owner to ${_unifi_keystore_dir_owner}" chown "$_unifi_keystore_dir_owner" "${_unifi_keystore}" >/dev/null 2>&1 # fail quietly if we're not running as root From 4cc460be642d1fd9f3bddf82e953e1d783fd1def Mon Sep 17 00:00:00 2001 From: Peter Vos Date: Tue, 24 Dec 2024 13:33:15 +0100 Subject: [PATCH 07/37] Added dns challenge for mijn.host --- dnsapi/dns_mijn_host.sh | 145 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 145 insertions(+) create mode 100644 dnsapi/dns_mijn_host.sh diff --git a/dnsapi/dns_mijn_host.sh b/dnsapi/dns_mijn_host.sh new file mode 100644 index 00000000..5caf5a22 --- /dev/null +++ b/dnsapi/dns_mijn_host.sh @@ -0,0 +1,145 @@ +#!/usr/bin/env sh +# shellcheck disable=SC2034 +dns_mijnhost_info='mijn.host +Domains: mijn.host +Site: mijn.host +Docs: https://mijn.host/api/doc/api-3563900 +Options: + MIJN_HOST_API_KEY API Key +' + +######## Public functions ###################### Constants for your mijn-host API +MIJN_HOST_API="https://mijn.host/api/v2" + +# Add TXT record for domain verification +dns_mijn_host_add() { + fulldomain=$1 + txtvalue=$2 + + MIJN_HOST_API_KEY="${MIJN_HOST_API_KEY:-$(_readaccountconf_mutable MIJN_HOST_API_KEY)}" + if [ -z "$MIJN_HOST_API_KEY" ]; then + MIJN_HOST_API_KEY="" + _err "You haven't specified mijn-host API key yet." + _err "Please set it and try again." + return 1 + fi + + # Save the API key for future use + _saveaccountconf_mutable MIJN_HOST_API_KEY "$MIJN_HOST_API_KEY" + + _debug "First detect the root zone" + if ! _get_root "$fulldomain"; then + _err "Invalid domain" + return 1 + fi + + _debug "Add TXT record" + + # Build the payload for the API + data="{\"type\":\"TXT\",\"name\":\"$subdomain\",\"value\":\"$txtvalue\",\"ttl\":120}" + + export _H1="API-Key: $MIJN_HOST_API_KEY" + export _H2="Content-Type: application/json" + + extracted_domain="${fulldomain#*_acme-challenge.}" + + # Construct the API URL + api_url="$MIJN_HOST_API/domains/$extracted_domain/dns" + + # Getting preivous records + get_response="$(_get "$api_url")" + records=$(echo "$get_response" | jq -r '.data.records') + + # Updating the records + updated_records=$(echo "$records" | jq --argjson data "$data" '. += [$data]') + + # data + data="{\"records\": $updated_records}" + + # Use the _post method to make the API request + response="$(_post "$data" "$api_url" "" "PUT")" + + if _contains "$response" "error"; then + _err "Error adding TXT record: $response" + return 1 + fi + + _info "TXT record added successfully" + return 0 +} + +# Remove TXT record after verification +dns_mijn_host_rm() { + fulldomain=$1 + txtvalue=$2 + + MIJN_HOST_API_KEY="${MIJN_HOST_API_KEY:-$(_readaccountconf_mutable MIJN_HOST_API_KEY)}" + if [ -z "$MIJN_HOST_API_KEY" ]; then + MIJN_HOST_API_KEY="" + _err "You haven't specified mijn-host API key yet." + return 1 + fi + + _debug "First detect the root zone" + if ! _get_root "$fulldomain"; then + _err "Invalid domain" + return 1 + fi + + _debug "Removing TXT record" + + # Build the payload for the API + export _H1="API-Key: $MIJN_HOST_API_KEY" + export _H2="Content-Type: application/json" + + extracted_domain="${fulldomain#*_acme-challenge.}" + + # Construct the API URL + api_url="$MIJN_HOST_API/domains/$extracted_domain/dns" + + # Get current records + response="$(_get "$api_url")" + + updated_records=$(echo "$response" | jq '.data.records') + + updated_records=$(echo "$updated_records" | jq --arg value "$txtvalue" 'map(select(.value != $value))') + + # Build the new payload + data="{\"records\": $updated_records}" + + # Use the _put method to update the records + response="$(_post "$data" "$api_url" "" "PUT")" + + if _contains "$response" "error"; then + _err "Error updating TXT record: $response" + return 1 + fi + + _info "TXT record removed successfully" + return 0 +} + +# Helper function to detect the root zone +_get_root() { + domain=$1 + i=2 + p=1 + + while true; do + h=$(printf "%s" "$domain" | cut -d . -f "$i"-) + if [ -z "$h" ]; then + return 1 + fi + + if _contains "$(dig ns "$h")" "mijn.host"; then + root_zone="$h" + subdomain=$(printf "%s" "$domain" | cut -d . -f 1-"$p") + return 0 + fi + + p=$i + i=$(_math "$i" + 1) + done + + return 1 +} From 5e9a067e8754a180b37f718154b33acde3651c80 Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Tue, 24 Dec 2024 16:55:26 +0100 Subject: [PATCH 08/37] Fixed root domain detection and processing. --- dnsapi/dns_mijn_host.sh | 61 ++++++++++++++++++++++++----------------- 1 file changed, 36 insertions(+), 25 deletions(-) diff --git a/dnsapi/dns_mijn_host.sh b/dnsapi/dns_mijn_host.sh index 5caf5a22..e8ad398d 100644 --- a/dnsapi/dns_mijn_host.sh +++ b/dnsapi/dns_mijn_host.sh @@ -3,7 +3,7 @@ dns_mijnhost_info='mijn.host Domains: mijn.host Site: mijn.host -Docs: https://mijn.host/api/doc/api-3563900 +Docs: https://mijn.host/api/doc/ Options: MIJN_HOST_API_KEY API Key ' @@ -33,23 +33,26 @@ dns_mijn_host_add() { return 1 fi + _debug _sub_domain "$_sub_domain" + _debug _domain "$_domain" + _debug "Add TXT record" # Build the payload for the API - data="{\"type\":\"TXT\",\"name\":\"$subdomain\",\"value\":\"$txtvalue\",\"ttl\":120}" + data="{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"value\":\"$txtvalue\",\"ttl\":120}" export _H1="API-Key: $MIJN_HOST_API_KEY" export _H2="Content-Type: application/json" - extracted_domain="${fulldomain#*_acme-challenge.}" - # Construct the API URL - api_url="$MIJN_HOST_API/domains/$extracted_domain/dns" + api_url="$MIJN_HOST_API/domains/$_domain/dns" - # Getting preivous records + # Getting previous records get_response="$(_get "$api_url")" records=$(echo "$get_response" | jq -r '.data.records') + _debug2 "previous records" "$records" + # Updating the records updated_records=$(echo "$records" | jq --argjson data "$data" '. += [$data]') @@ -59,7 +62,9 @@ dns_mijn_host_add() { # Use the _post method to make the API request response="$(_post "$data" "$api_url" "" "PUT")" - if _contains "$response" "error"; then + _debug2 "Response" "$response" + + if ! _contains "$response" "200"; then _err "Error adding TXT record: $response" return 1 fi @@ -92,10 +97,8 @@ dns_mijn_host_rm() { export _H1="API-Key: $MIJN_HOST_API_KEY" export _H2="Content-Type: application/json" - extracted_domain="${fulldomain#*_acme-challenge.}" - # Construct the API URL - api_url="$MIJN_HOST_API/domains/$extracted_domain/dns" + api_url="$MIJN_HOST_API/domains/$_domain/dns" # Get current records response="$(_get "$api_url")" @@ -110,7 +113,7 @@ dns_mijn_host_rm() { # Use the _put method to update the records response="$(_post "$data" "$api_url" "" "PUT")" - if _contains "$response" "error"; then + if ! _contains "$response" "200"; then _err "Error updating TXT record: $response" return 1 fi @@ -122,24 +125,32 @@ dns_mijn_host_rm() { # Helper function to detect the root zone _get_root() { domain=$1 - i=2 - p=1 - while true; do - h=$(printf "%s" "$domain" | cut -d . -f "$i"-) - if [ -z "$h" ]; then - return 1 - fi + # Get all domains + export _H1="API-Key: $MIJN_HOST_API_KEY" + export _H2="Content-Type: application/json" - if _contains "$(dig ns "$h")" "mijn.host"; then - root_zone="$h" - subdomain=$(printf "%s" "$domain" | cut -d . -f 1-"$p") + # Construct the API URL + api_url="$MIJN_HOST_API/domains" + + # Get current records + response="$(_get "$api_url")" + + if ! _contains "$response" "200"; then + _err "Error listing domains: $response" + return 1 + fi + + # Extract root oomains from response + rootDomains=$(echo "$response" | jq -r '.data.domains[].domain') + + for rootDomain in $rootDomains; do + if _contains "$domain" "$rootDomain"; then + _domain="$rootDomain" + _sub_domain=$(printf '%s\n' "${domain//."$rootDomain"/}") return 0 fi - - p=$i - i=$(_math "$i" + 1) done - return 1 + return 1 } From ab1a2045d9e5c1cca112a037d3b44d9e4174e834 Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Tue, 24 Dec 2024 17:10:30 +0100 Subject: [PATCH 09/37] Made string removal in root domain detection posix compliant --- dnsapi/dns_mijn_host.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/dnsapi/dns_mijn_host.sh b/dnsapi/dns_mijn_host.sh index e8ad398d..55cd49a2 100644 --- a/dnsapi/dns_mijn_host.sh +++ b/dnsapi/dns_mijn_host.sh @@ -126,7 +126,7 @@ dns_mijn_host_rm() { _get_root() { domain=$1 - # Get all domains + # Get all domains export _H1="API-Key: $MIJN_HOST_API_KEY" export _H2="Content-Type: application/json" @@ -140,17 +140,17 @@ _get_root() { _err "Error listing domains: $response" return 1 fi - + # Extract root oomains from response rootDomains=$(echo "$response" | jq -r '.data.domains[].domain') for rootDomain in $rootDomains; do if _contains "$domain" "$rootDomain"; then _domain="$rootDomain" - _sub_domain=$(printf '%s\n' "${domain//."$rootDomain"/}") + _sub_domain=$(echo "$domain" | sed "s/$rootDomain//g") return 0 fi done - return 1 + return 1 } From c7cecd5b4fec49d9f4a67dbd04fe33fd21681de3 Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Tue, 24 Dec 2024 17:30:50 +0100 Subject: [PATCH 10/37] Removed "." from _sub_domain to create a valid domain. --- dnsapi/dns_mijn_host.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_mijn_host.sh b/dnsapi/dns_mijn_host.sh index 55cd49a2..0e279a98 100644 --- a/dnsapi/dns_mijn_host.sh +++ b/dnsapi/dns_mijn_host.sh @@ -147,7 +147,7 @@ _get_root() { for rootDomain in $rootDomains; do if _contains "$domain" "$rootDomain"; then _domain="$rootDomain" - _sub_domain=$(echo "$domain" | sed "s/$rootDomain//g") + _sub_domain=$(echo "$domain" | sed "s/.$rootDomain//g") return 0 fi done From 07220a324d53a3275659a0280a5d79932223a5d0 Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Tue, 24 Dec 2024 23:21:50 +0100 Subject: [PATCH 11/37] Removed all jq references --- dnsapi/dns_mijn_host.sh | 32 ++++++++++++++++++++++++-------- 1 file changed, 24 insertions(+), 8 deletions(-) diff --git a/dnsapi/dns_mijn_host.sh b/dnsapi/dns_mijn_host.sh index 0e279a98..16d652b7 100644 --- a/dnsapi/dns_mijn_host.sh +++ b/dnsapi/dns_mijn_host.sh @@ -49,20 +49,24 @@ dns_mijn_host_add() { # Getting previous records get_response="$(_get "$api_url")" - records=$(echo "$get_response" | jq -r '.data.records') + records=$(echo "$get_response" | _egrep_o '"records":\[.*\]' | sed 's/"records"://') - _debug2 "previous records" "$records" + _debug "Current records" "$records" # Updating the records - updated_records=$(echo "$records" | jq --argjson data "$data" '. += [$data]') + updated_records=$(echo "$records" | sed -E "s/\]( *$)/,$data\]/") + + _debug "Updated records" "$updatedrecords" # data data="{\"records\": $updated_records}" + _debug "json data add_dns PUT call:" "$data" + # Use the _post method to make the API request response="$(_post "$data" "$api_url" "" "PUT")" - _debug2 "Response" "$response" + _debug "Response to PUT dns_add" "$response" if ! _contains "$response" "200"; then _err "Error adding TXT record: $response" @@ -102,17 +106,27 @@ dns_mijn_host_rm() { # Get current records response="$(_get "$api_url")" + + _debug "Get current records response:" "$response" - updated_records=$(echo "$response" | jq '.data.records') + records=$(echo "$get_response" | _egrep_o '"records":\[.*\]' | sed 's/"records"://') + + _debug "Current records:" "$records" - updated_records=$(echo "$updated_records" | jq --arg value "$txtvalue" 'map(select(.value != $value))') + updated_records=$(echo "$updated_records" | sed -E "s/\{[^}]*\"value\":\"$txtvalue\"[^}]*\},?//g" | sed 's/,]/]/g') + + _debug "Updated records:" "$updated_records" # Build the new payload data="{\"records\": $updated_records}" + + _debug "Payload:" "$data" # Use the _put method to update the records response="$(_post "$data" "$api_url" "" "PUT")" + _debug "Response:" "$response" + if ! _contains "$response" "200"; then _err "Error updating TXT record: $response" return 1 @@ -141,8 +155,10 @@ _get_root() { return 1 fi - # Extract root oomains from response - rootDomains=$(echo "$response" | jq -r '.data.domains[].domain') + # Extract root domains from response + rootDomains=$(echo "$response" | _egrep_o '"domain":"[^"]*"' | sed -E 's/"domain":"([^"]*)"/\1/') + + _debug "Root domains:" "$rootDomains" for rootDomain in $rootDomains; do if _contains "$domain" "$rootDomain"; then From 35f3b7088d4b50ccd14a3cd7e63036562cb65f11 Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Wed, 25 Dec 2024 00:00:19 +0100 Subject: [PATCH 12/37] Updated PUT request to hold only fqdn domain name values# --- dnsapi/dns_mijn_host.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/dnsapi/dns_mijn_host.sh b/dnsapi/dns_mijn_host.sh index 16d652b7..62b0c144 100644 --- a/dnsapi/dns_mijn_host.sh +++ b/dnsapi/dns_mijn_host.sh @@ -39,7 +39,7 @@ dns_mijn_host_add() { _debug "Add TXT record" # Build the payload for the API - data="{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"value\":\"$txtvalue\",\"ttl\":120}" + data="{\"type\":\"TXT\",\"name\":\"$fulldomain.\",\"value\":\"$txtvalue\",\"ttl\":120}" export _H1="API-Key: $MIJN_HOST_API_KEY" export _H2="Content-Type: application/json" @@ -55,8 +55,8 @@ dns_mijn_host_add() { # Updating the records updated_records=$(echo "$records" | sed -E "s/\]( *$)/,$data\]/") - - _debug "Updated records" "$updatedrecords" + + _debug "Updated records" "$updated_records" # data data="{\"records\": $updated_records}" @@ -106,20 +106,20 @@ dns_mijn_host_rm() { # Get current records response="$(_get "$api_url")" - + _debug "Get current records response:" "$response" records=$(echo "$get_response" | _egrep_o '"records":\[.*\]' | sed 's/"records"://') - + _debug "Current records:" "$records" updated_records=$(echo "$updated_records" | sed -E "s/\{[^}]*\"value\":\"$txtvalue\"[^}]*\},?//g" | sed 's/,]/]/g') - + _debug "Updated records:" "$updated_records" # Build the new payload data="{\"records\": $updated_records}" - + _debug "Payload:" "$data" # Use the _put method to update the records From 3cfa882fe1d88d49b99d55ab6c919e79957944f7 Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Wed, 25 Dec 2024 08:52:09 +0100 Subject: [PATCH 13/37] Fixed error in dns_mijn_host_rm --- dnsapi/dns_mijn_host.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dnsapi/dns_mijn_host.sh b/dnsapi/dns_mijn_host.sh index 62b0c144..e3f5bb60 100644 --- a/dnsapi/dns_mijn_host.sh +++ b/dnsapi/dns_mijn_host.sh @@ -39,7 +39,7 @@ dns_mijn_host_add() { _debug "Add TXT record" # Build the payload for the API - data="{\"type\":\"TXT\",\"name\":\"$fulldomain.\",\"value\":\"$txtvalue\",\"ttl\":120}" + data="{\"type\":\"TXT\",\"name\":\"$fulldomain.\",\"value\":\"$txtvalue\",\"ttl\":300}" export _H1="API-Key: $MIJN_HOST_API_KEY" export _H2="Content-Type: application/json" @@ -95,7 +95,7 @@ dns_mijn_host_rm() { return 1 fi - _debug "Removing TXT record" + _debug "Removing TXT record" "$txtvalue" # Build the payload for the API export _H1="API-Key: $MIJN_HOST_API_KEY" @@ -105,7 +105,7 @@ dns_mijn_host_rm() { api_url="$MIJN_HOST_API/domains/$_domain/dns" # Get current records - response="$(_get "$api_url")" + get_response="$(_get "$api_url")" _debug "Get current records response:" "$response" From 7512dbffbbc0b7a9e2cd7cb55fc3c6a74c289df3 Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Wed, 25 Dec 2024 09:50:27 +0100 Subject: [PATCH 14/37] Fixed yet another error in dns_rm --- dnsapi/dns_mijn_host.sh | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/dnsapi/dns_mijn_host.sh b/dnsapi/dns_mijn_host.sh index e3f5bb60..5a5634dd 100644 --- a/dnsapi/dns_mijn_host.sh +++ b/dnsapi/dns_mijn_host.sh @@ -107,25 +107,23 @@ dns_mijn_host_rm() { # Get current records get_response="$(_get "$api_url")" - _debug "Get current records response:" "$response" + _debug "Get current records response:" "$get_response" records=$(echo "$get_response" | _egrep_o '"records":\[.*\]' | sed 's/"records"://') _debug "Current records:" "$records" - updated_records=$(echo "$updated_records" | sed -E "s/\{[^}]*\"value\":\"$txtvalue\"[^}]*\},?//g" | sed 's/,]/]/g') + updated_records=$(echo "$records" | sed -E "s/\{[^}]*\"value\":\"$txtvalue\"[^}]*\},?//g" | sed 's/,]/]/g') _debug "Updated records:" "$updated_records" # Build the new payload data="{\"records\": $updated_records}" - _debug "Payload:" "$data" - # Use the _put method to update the records response="$(_post "$data" "$api_url" "" "PUT")" - _debug "Response:" "$response" + _debug "Response to PUT dns_rm:" "$response" if ! _contains "$response" "200"; then _err "Error updating TXT record: $response" From 150c708726248e2dda8e2691e2e2211feac0fe5a Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Wed, 25 Dec 2024 14:11:52 +0100 Subject: [PATCH 15/37] Better debug messages for root domain detection --- dnsapi/dns_mijn_host.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/dnsapi/dns_mijn_host.sh b/dnsapi/dns_mijn_host.sh index 5a5634dd..2cd9a865 100644 --- a/dnsapi/dns_mijn_host.sh +++ b/dnsapi/dns_mijn_host.sh @@ -162,6 +162,9 @@ _get_root() { if _contains "$domain" "$rootDomain"; then _domain="$rootDomain" _sub_domain=$(echo "$domain" | sed "s/.$rootDomain//g") + + _debug "Found root domain" "$_domain" "and subdomain" "$_sub_domain" "for" "$domain" + return 0 fi done From b0f566a80dc9ac0913d2acbe254e592aca023d67 Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Thu, 26 Dec 2024 23:36:55 +0100 Subject: [PATCH 16/37] Name change to be in line with other API scripts Added time-out to _get calls at 120s to fix API timeouts --- dnsapi/{dns_mijn_host.sh => dns_mijnhost.sh} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename dnsapi/{dns_mijn_host.sh => dns_mijnhost.sh} (100%) diff --git a/dnsapi/dns_mijn_host.sh b/dnsapi/dns_mijnhost.sh similarity index 100% rename from dnsapi/dns_mijn_host.sh rename to dnsapi/dns_mijnhost.sh From 9ad794f2cc9fa1d74b18cf81ca6b61d42a820fff Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Fri, 27 Dec 2024 08:56:16 +0100 Subject: [PATCH 17/37] Name change, function name change to mijnhost --- dnsapi/dns_mijnhost.sh | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/dnsapi/dns_mijnhost.sh b/dnsapi/dns_mijnhost.sh index 2cd9a865..760602c3 100644 --- a/dnsapi/dns_mijnhost.sh +++ b/dnsapi/dns_mijnhost.sh @@ -5,27 +5,27 @@ Domains: mijn.host Site: mijn.host Docs: https://mijn.host/api/doc/ Options: - MIJN_HOST_API_KEY API Key + MIJNHOST_API_KEY API Key ' ######## Public functions ###################### Constants for your mijn-host API -MIJN_HOST_API="https://mijn.host/api/v2" +MIJNHOST_API="https://mijn.host/api/v2" # Add TXT record for domain verification -dns_mijn_host_add() { +dns_mijnhost_add() { fulldomain=$1 txtvalue=$2 - MIJN_HOST_API_KEY="${MIJN_HOST_API_KEY:-$(_readaccountconf_mutable MIJN_HOST_API_KEY)}" - if [ -z "$MIJN_HOST_API_KEY" ]; then - MIJN_HOST_API_KEY="" + MIJNHOST_API_KEY="${MIJNHOST_API_KEY:-$(_readaccountconf_mutable MIJNHOST_API_KEY)}" + if [ -z "$MIJNHOST_API_KEY" ]; then + MIJNHOST_API_KEY="" _err "You haven't specified mijn-host API key yet." _err "Please set it and try again." return 1 fi # Save the API key for future use - _saveaccountconf_mutable MIJN_HOST_API_KEY "$MIJN_HOST_API_KEY" + _saveaccountconf_mutable MIJNHOST_API_KEY "$MIJNHOST_API_KEY" _debug "First detect the root zone" if ! _get_root "$fulldomain"; then @@ -41,14 +41,14 @@ dns_mijn_host_add() { # Build the payload for the API data="{\"type\":\"TXT\",\"name\":\"$fulldomain.\",\"value\":\"$txtvalue\",\"ttl\":300}" - export _H1="API-Key: $MIJN_HOST_API_KEY" + export _H1="API-Key: $MIJNHOST_API_KEY" export _H2="Content-Type: application/json" # Construct the API URL - api_url="$MIJN_HOST_API/domains/$_domain/dns" + api_url="$MIJNHOST_API/domains/$_domain/dns" # Getting previous records - get_response="$(_get "$api_url")" + get_response="$(_get "$api_url" "" "120")" records=$(echo "$get_response" | _egrep_o '"records":\[.*\]' | sed 's/"records"://') _debug "Current records" "$records" @@ -78,13 +78,13 @@ dns_mijn_host_add() { } # Remove TXT record after verification -dns_mijn_host_rm() { +dns_mijnhost_rm() { fulldomain=$1 txtvalue=$2 - MIJN_HOST_API_KEY="${MIJN_HOST_API_KEY:-$(_readaccountconf_mutable MIJN_HOST_API_KEY)}" - if [ -z "$MIJN_HOST_API_KEY" ]; then - MIJN_HOST_API_KEY="" + MIJNHOST_API_KEY="${MIJNHOST_API_KEY:-$(_readaccountconf_mutable MIJNHOST_API_KEY)}" + if [ -z "$MIJNHOST_API_KEY" ]; then + MIJNHOST_API_KEY="" _err "You haven't specified mijn-host API key yet." return 1 fi @@ -98,14 +98,14 @@ dns_mijn_host_rm() { _debug "Removing TXT record" "$txtvalue" # Build the payload for the API - export _H1="API-Key: $MIJN_HOST_API_KEY" + export _H1="API-Key: $MIJNHOST_API_KEY" export _H2="Content-Type: application/json" # Construct the API URL - api_url="$MIJN_HOST_API/domains/$_domain/dns" + api_url="$MIJNHOST_API/domains/$_domain/dns" # Get current records - get_response="$(_get "$api_url")" + get_response="$(_get "$api_url" "" "120")" _debug "Get current records response:" "$get_response" @@ -139,14 +139,14 @@ _get_root() { domain=$1 # Get all domains - export _H1="API-Key: $MIJN_HOST_API_KEY" + export _H1="API-Key: $MIJNHOST_API_KEY" export _H2="Content-Type: application/json" # Construct the API URL - api_url="$MIJN_HOST_API/domains" + api_url="$MIJNHOST_API/domains" # Get current records - response="$(_get "$api_url")" + response="$(_get "$api_url" "" "120")" if ! _contains "$response" "200"; then _err "Error listing domains: $response" From d093476da5ab6241e78dfe170e973f71f8dc2155 Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Fri, 27 Dec 2024 12:55:12 +0100 Subject: [PATCH 18/37] Refactored REST calls to add generic retries, as mijn.host API times out at times. --- dnsapi/dns_mijnhost.sh | 151 +++++++++++++++++++++++++---------------- 1 file changed, 94 insertions(+), 57 deletions(-) diff --git a/dnsapi/dns_mijnhost.sh b/dnsapi/dns_mijnhost.sh index 760602c3..3b0fc3f5 100644 --- a/dnsapi/dns_mijnhost.sh +++ b/dnsapi/dns_mijnhost.sh @@ -33,48 +33,47 @@ dns_mijnhost_add() { return 1 fi - _debug _sub_domain "$_sub_domain" - _debug _domain "$_domain" - - _debug "Add TXT record" - - # Build the payload for the API - data="{\"type\":\"TXT\",\"name\":\"$fulldomain.\",\"value\":\"$txtvalue\",\"ttl\":300}" - - export _H1="API-Key: $MIJNHOST_API_KEY" - export _H2="Content-Type: application/json" + _debug2 _sub_domain "$_sub_domain" + _debug2 _domain "$_domain" + _debug "Adding TXT record" # Construct the API URL api_url="$MIJNHOST_API/domains/$_domain/dns" # Getting previous records - get_response="$(_get "$api_url" "" "120")" - records=$(echo "$get_response" | _egrep_o '"records":\[.*\]' | sed 's/"records"://') + _mijnhost_rest GET "$api_url" "" - _debug "Current records" "$records" + if [ "$_code" != "200" ]; then + _err "Error getting current DNS enties ($_code)" + return 1 + fi + + records=$(echo "$response" | _egrep_o '"records":\[.*\]' | sed 's/"records"://') + + _debug2 "Current records" "$records" + + # Build the payload for the API + data="{\"type\":\"TXT\",\"name\":\"$fulldomain.\",\"value\":\"$txtvalue\",\"ttl\":300}" + + _debug2 "Record to add: " "$data" # Updating the records updated_records=$(echo "$records" | sed -E "s/\]( *$)/,$data\]/") - _debug "Updated records" "$updated_records" + _debug2 "Updated records" "$updated_records" # data data="{\"records\": $updated_records}" - _debug "json data add_dns PUT call:" "$data" + _mijnhost_rest PUT "$api_url" "$data" - # Use the _post method to make the API request - response="$(_post "$data" "$api_url" "" "PUT")" - - _debug "Response to PUT dns_add" "$response" - - if ! _contains "$response" "200"; then - _err "Error adding TXT record: $response" + if [ "$_code" = "200" ]; then + _info "DNS record succesfully added" + return 0 + else + _err "Error adding DNS record ($_code)" return 1 fi - - _info "TXT record added successfully" - return 0 } # Remove TXT record after verification @@ -95,79 +94,117 @@ dns_mijnhost_rm() { return 1 fi - _debug "Removing TXT record" "$txtvalue" - - # Build the payload for the API - export _H1="API-Key: $MIJNHOST_API_KEY" - export _H2="Content-Type: application/json" + _debug "Removing TXT record" "$txtvalue" "for" "$fulldomain" # Construct the API URL api_url="$MIJNHOST_API/domains/$_domain/dns" # Get current records - get_response="$(_get "$api_url" "" "120")" + _mijnhost_rest GET "$api_url" "" - _debug "Get current records response:" "$get_response" + if [ "$_code" != "200" ]; then + _err "Error getting current DNS enties ($_code)" + return 1 + fi - records=$(echo "$get_response" | _egrep_o '"records":\[.*\]' | sed 's/"records"://') + _debug2 "Get current records response:" "$response" - _debug "Current records:" "$records" + records=$(echo "$response" | _egrep_o '"records":\[.*\]' | sed 's/"records"://') + + _debug2 "Current records:" "$records" updated_records=$(echo "$records" | sed -E "s/\{[^}]*\"value\":\"$txtvalue\"[^}]*\},?//g" | sed 's/,]/]/g') - _debug "Updated records:" "$updated_records" + _debug2 "Updated records:" "$updated_records" # Build the new payload data="{\"records\": $updated_records}" # Use the _put method to update the records - response="$(_post "$data" "$api_url" "" "PUT")" + _mijnhost_rest PUT "$api_url" "$data" - _debug "Response to PUT dns_rm:" "$response" - - if ! _contains "$response" "200"; then - _err "Error updating TXT record: $response" + if [ "$_code" = "200" ]; then + _info "DNS record removed successfully" + return 0 + else + _err "Error removing DNS record ($_code)" return 1 fi - - _info "TXT record removed successfully" - return 0 } # Helper function to detect the root zone _get_root() { domain=$1 - # Get all domains - export _H1="API-Key: $MIJNHOST_API_KEY" - export _H2="Content-Type: application/json" - - # Construct the API URL - api_url="$MIJNHOST_API/domains" - # Get current records - response="$(_get "$api_url" "" "120")" + _debug "Getting current domains" + _mijnhost_rest GET "$MIJNHOST_API/domains" "" - if ! _contains "$response" "200"; then - _err "Error listing domains: $response" + if [ "$_code" != "200" ]; then + _err "error getting current domains ($_code)" return 1 fi # Extract root domains from response rootDomains=$(echo "$response" | _egrep_o '"domain":"[^"]*"' | sed -E 's/"domain":"([^"]*)"/\1/') - _debug "Root domains:" "$rootDomains" for rootDomain in $rootDomains; do if _contains "$domain" "$rootDomain"; then _domain="$rootDomain" _sub_domain=$(echo "$domain" | sed "s/.$rootDomain//g") - _debug "Found root domain" "$_domain" "and subdomain" "$_sub_domain" "for" "$domain" - return 0 fi done - return 1 } + +# Helper function for rest calls +_mijnhost_rest() { + m=$1 + ep="$2" + data="$3" + + MAX_REQUEST_RETRY_TIMES=5 + _request_retry_times=0 + while [ "${_request_retry_times}" -lt "$MAX_REQUEST_RETRY_TIMES" ]; do + _debug3 _request_retry_times "$_request_retry_times" + export _H1="API-Key: $MIJNHOST_API_KEY" + export _H2="Content-Type: application/json" + # clear headers from previous request to avoid getting wrong http code on timeouts + : >"$HTTP_HEADER" + _debug "$ep" + if [ "$m" != "GET" ]; then + _debug2 "data $data" + response="$(_post "$data" "$ep" "" "$m")" + else + response="$(_get "$ep")" + fi + _ret="$?" + _debug2 "response $response" + _code="$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\\r\\n")" + _debug "http response code $_code" + if [ "$_code" = "401" ]; then + # we have an invalid API token, maybe it is expired? + _err "Access denied. Invalid API token." + return 1 + fi + + if [ "$_ret" != "0" ] || [ -z "$_code" ]; then + _request_retry_times="$(_math "$_request_retry_times" + 1)" + _info "REST call error $_code retrying $ep in $_request_retry_times s" + # Sleep 10 times the number of retries in seconds, to increase backoff time + _sleep "$(_math "$_request_retry_times" \* 10)" + continue + fi + break + done + if [ "$_request_retry_times" = "$MAX_REQUEST_RETRY_TIMES" ]; then + _err "Error mijn.host API call was retried $MAX_REQUEST_RETRY_TIMES times." + _err "Calling $ep failed." + return 1 + fi + response="$(echo "$response" | _normalizeJson)" + return 0 +} From ac9852f9df6c904719e6241f8e9b049db06b21e4 Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Fri, 27 Dec 2024 16:47:02 +0100 Subject: [PATCH 19/37] Added fix for specific API error that mijn.host sometimes throws. --- dnsapi/dns_mijnhost.sh | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/dnsapi/dns_mijnhost.sh b/dnsapi/dns_mijnhost.sh index 3b0fc3f5..ea204353 100644 --- a/dnsapi/dns_mijnhost.sh +++ b/dnsapi/dns_mijnhost.sh @@ -19,8 +19,8 @@ dns_mijnhost_add() { MIJNHOST_API_KEY="${MIJNHOST_API_KEY:-$(_readaccountconf_mutable MIJNHOST_API_KEY)}" if [ -z "$MIJNHOST_API_KEY" ]; then MIJNHOST_API_KEY="" - _err "You haven't specified mijn-host API key yet." - _err "Please set it and try again." + _err "You haven't specified your mijn-host API key yet." + _err "Please add MIJNHOST_API_KEY to the env." return 1 fi @@ -35,7 +35,7 @@ dns_mijnhost_add() { _debug2 _sub_domain "$_sub_domain" _debug2 _domain "$_domain" - _debug "Adding TXT record" + _debug "Adding DNS record" "${fulldomain}." # Construct the API URL api_url="$MIJNHOST_API/domains/$_domain/dns" @@ -55,7 +55,7 @@ dns_mijnhost_add() { # Build the payload for the API data="{\"type\":\"TXT\",\"name\":\"$fulldomain.\",\"value\":\"$txtvalue\",\"ttl\":300}" - _debug2 "Record to add: " "$data" + _debug2 "Record to add" "$data" # Updating the records updated_records=$(echo "$records" | sed -E "s/\]( *$)/,$data\]/") @@ -68,10 +68,10 @@ dns_mijnhost_add() { _mijnhost_rest PUT "$api_url" "$data" if [ "$_code" = "200" ]; then - _info "DNS record succesfully added" + _info "DNS record succesfully added." return 0 else - _err "Error adding DNS record ($_code)" + _err "Error adding DNS record ($_code)." return 1 fi } @@ -84,17 +84,18 @@ dns_mijnhost_rm() { MIJNHOST_API_KEY="${MIJNHOST_API_KEY:-$(_readaccountconf_mutable MIJNHOST_API_KEY)}" if [ -z "$MIJNHOST_API_KEY" ]; then MIJNHOST_API_KEY="" - _err "You haven't specified mijn-host API key yet." + _err "You haven't specified your mijn-host API key yet." + _err "Please add MIJNHOST_API_KEY to the env." return 1 fi - _debug "First detect the root zone" + _debug "Detecting root zone for" "${fulldomain}." if ! _get_root "$fulldomain"; then _err "Invalid domain" return 1 fi - _debug "Removing TXT record" "$txtvalue" "for" "$fulldomain" + _debug "Removing DNS record for TXT value" "${txtvalue}." # Construct the API URL api_url="$MIJNHOST_API/domains/$_domain/dns" @@ -124,10 +125,10 @@ dns_mijnhost_rm() { _mijnhost_rest PUT "$api_url" "$data" if [ "$_code" = "200" ]; then - _info "DNS record removed successfully" + _info "DNS record removed successfully." return 0 else - _err "Error removing DNS record ($_code)" + _err "Error removing DNS record ($_code)." return 1 fi } @@ -191,7 +192,7 @@ _mijnhost_rest() { return 1 fi - if [ "$_ret" != "0" ] || [ -z "$_code" ]; then + if [ "$_ret" != "0" ] || [ -z "$_code" ] || [ "$_code" = "400" ] || _contains "$response" "DNS records not managed by mijn.host"; then #Sometimes API errors out _request_retry_times="$(_math "$_request_retry_times" + 1)" _info "REST call error $_code retrying $ep in $_request_retry_times s" # Sleep 10 times the number of retries in seconds, to increase backoff time From 588123ed117de0dfddeeea4d85a8d9b3a1f8d458 Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Fri, 27 Dec 2024 23:56:13 +0100 Subject: [PATCH 20/37] Updated backoff algorithm --- dnsapi/dns_mijnhost.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/dnsapi/dns_mijnhost.sh b/dnsapi/dns_mijnhost.sh index ea204353..5fe43d93 100644 --- a/dnsapi/dns_mijnhost.sh +++ b/dnsapi/dns_mijnhost.sh @@ -169,6 +169,8 @@ _mijnhost_rest() { MAX_REQUEST_RETRY_TIMES=5 _request_retry_times=0 + _retry_sleep=5 #Initial sleep time in seconds. + while [ "${_request_retry_times}" -lt "$MAX_REQUEST_RETRY_TIMES" ]; do _debug3 _request_retry_times "$_request_retry_times" export _H1="API-Key: $MIJNHOST_API_KEY" @@ -195,8 +197,8 @@ _mijnhost_rest() { if [ "$_ret" != "0" ] || [ -z "$_code" ] || [ "$_code" = "400" ] || _contains "$response" "DNS records not managed by mijn.host"; then #Sometimes API errors out _request_retry_times="$(_math "$_request_retry_times" + 1)" _info "REST call error $_code retrying $ep in $_request_retry_times s" - # Sleep 10 times the number of retries in seconds, to increase backoff time - _sleep "$(_math "$_request_retry_times" \* 10)" + _sleep "$_retry_sleep" + _retry_sleep="$(_math "$_retry_sleep" \* 2)" continue fi break From 7a6101c4175efbfb0b781fb4543a25ce3b92a171 Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Fri, 27 Dec 2024 23:56:13 +0100 Subject: [PATCH 21/37] Corrected sleep time message --- dnsapi/dns_mijnhost.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/dnsapi/dns_mijnhost.sh b/dnsapi/dns_mijnhost.sh index ea204353..5fe43d93 100644 --- a/dnsapi/dns_mijnhost.sh +++ b/dnsapi/dns_mijnhost.sh @@ -169,6 +169,8 @@ _mijnhost_rest() { MAX_REQUEST_RETRY_TIMES=5 _request_retry_times=0 + _retry_sleep=5 #Initial sleep time in seconds. + while [ "${_request_retry_times}" -lt "$MAX_REQUEST_RETRY_TIMES" ]; do _debug3 _request_retry_times "$_request_retry_times" export _H1="API-Key: $MIJNHOST_API_KEY" @@ -195,8 +197,8 @@ _mijnhost_rest() { if [ "$_ret" != "0" ] || [ -z "$_code" ] || [ "$_code" = "400" ] || _contains "$response" "DNS records not managed by mijn.host"; then #Sometimes API errors out _request_retry_times="$(_math "$_request_retry_times" + 1)" _info "REST call error $_code retrying $ep in $_request_retry_times s" - # Sleep 10 times the number of retries in seconds, to increase backoff time - _sleep "$(_math "$_request_retry_times" \* 10)" + _sleep "$_retry_sleep" + _retry_sleep="$(_math "$_retry_sleep" \* 2)" continue fi break From 42862852b81e2b8071a3e3515f6f30f000e5d100 Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Sat, 28 Dec 2024 12:41:26 +0100 Subject: [PATCH 22/37] Corrected sleep message --- dnsapi/dns_mijnhost.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_mijnhost.sh b/dnsapi/dns_mijnhost.sh index 5fe43d93..6dc9b8e0 100644 --- a/dnsapi/dns_mijnhost.sh +++ b/dnsapi/dns_mijnhost.sh @@ -196,7 +196,7 @@ _mijnhost_rest() { if [ "$_ret" != "0" ] || [ -z "$_code" ] || [ "$_code" = "400" ] || _contains "$response" "DNS records not managed by mijn.host"; then #Sometimes API errors out _request_retry_times="$(_math "$_request_retry_times" + 1)" - _info "REST call error $_code retrying $ep in $_request_retry_times s" + _info "REST call error $_code retrying $ep in $_retry_sleep s" _sleep "$_retry_sleep" _retry_sleep="$(_math "$_retry_sleep" \* 2)" continue From 234bc93ddbbe701348e9838014c7ec97cc1ef9a9 Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Sat, 28 Dec 2024 12:42:50 +0100 Subject: [PATCH 23/37] Removed superfluous debug message --- dnsapi/dns_mijnhost.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_mijnhost.sh b/dnsapi/dns_mijnhost.sh index 6dc9b8e0..c1f74389 100644 --- a/dnsapi/dns_mijnhost.sh +++ b/dnsapi/dns_mijnhost.sh @@ -172,7 +172,7 @@ _mijnhost_rest() { _retry_sleep=5 #Initial sleep time in seconds. while [ "${_request_retry_times}" -lt "$MAX_REQUEST_RETRY_TIMES" ]; do - _debug3 _request_retry_times "$_request_retry_times" + _debug2 _request_retry_times "$_request_retry_times" export _H1="API-Key: $MIJNHOST_API_KEY" export _H2="Content-Type: application/json" # clear headers from previous request to avoid getting wrong http code on timeouts From 6ad469c6379636fc822f344235ee4341d5f1e5ac Mon Sep 17 00:00:00 2001 From: Sergey Ponomarev Date: Sat, 28 Dec 2024 17:38:22 +0200 Subject: [PATCH 24/37] dnsapi: Fix structured info Signed-off-by: Sergey Ponomarev --- dnsapi/dns_azure.sh | 2 +- dnsapi/dns_technitium.sh | 7 +++---- dnsapi/dns_zoneedit.sh | 20 ++++++++++++-------- 3 files changed, 16 insertions(+), 13 deletions(-) diff --git a/dnsapi/dns_azure.sh b/dnsapi/dns_azure.sh index 3f0dfa3d..03feaf63 100644 --- a/dnsapi/dns_azure.sh +++ b/dnsapi/dns_azure.sh @@ -9,7 +9,7 @@ Options: AZUREDNS_APPID App ID. App ID of the service principal AZUREDNS_CLIENTSECRET Client Secret. Secret from creating the service principal AZUREDNS_MANAGEDIDENTITY Use Managed Identity. Use Managed Identity assigned to a resource instead of a service principal. "true"/"false" - AZUREDNS_BEARERTOKEN Optional Bearer Token. Used instead of service principal credentials or managed identity + AZUREDNS_BEARERTOKEN Bearer Token. Used instead of service principal credentials or managed identity. Optional. ' wiki=https://github.com/acmesh-official/acme.sh/wiki/How-to-use-Azure-DNS diff --git a/dnsapi/dns_technitium.sh b/dnsapi/dns_technitium.sh index a50db97c..7bc0dd48 100755 --- a/dnsapi/dns_technitium.sh +++ b/dnsapi/dns_technitium.sh @@ -1,13 +1,12 @@ #!/usr/bin/env sh # shellcheck disable=SC2034 -dns_Technitium_info='Technitium DNS Server - -Site: https://technitium.com/dns/ +dns_technitium_info='Technitium DNS Server +Site: Technitium.com/dns/ Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_technitium Options: Technitium_Server Server Address Technitium_Token API Token -Issues:https://github.com/acmesh-official/acme.sh/issues/6116 +Issues: github.com/acmesh-official/acme.sh/issues/6116 Author: Henning Reich ' diff --git a/dnsapi/dns_zoneedit.sh b/dnsapi/dns_zoneedit.sh index df01d8cf..77553f3c 100644 --- a/dnsapi/dns_zoneedit.sh +++ b/dnsapi/dns_zoneedit.sh @@ -1,19 +1,23 @@ #!/usr/bin/env sh +# shellcheck disable=SC2034 +dns_zoneedit_info='ZoneEdit.com +Site: ZoneEdit.com +Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_zoneedit +Options: + ZONEEDIT_ID ID + ZONEEDIT_Token API Token +Issues: github.com/acmesh-official/acme.sh/issues/6135 +' # https://github.com/blueslow/sslcertzoneedit -# Only need to export the credentials once, acme.sh will save for automatic renewal. -# export ZONEEDIT_ID="Your id" -# export ZONEEDIT_Token="Your token" -# acme.sh --issue --dns dns_zoneedit -d example.com -d www.example.com - ######## Public functions ##################### # Usage: dns_zoneedit_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" dns_zoneedit_add() { fulldomain=$1 txtvalue=$2 - _info "Using Zoneedit" + _info "Using ZoneEdit" _debug fulldomain "$fulldomain" _debug txtvalue "$txtvalue" @@ -45,7 +49,7 @@ dns_zoneedit_add() { dns_zoneedit_rm() { fulldomain=$1 txtvalue=$2 - _info "Using Zoneedit" + _info "Using ZoneEdit" _debug fulldomain "$fulldomain" _debug txtvalue "$txtvalue" @@ -114,7 +118,7 @@ _zoneedit_api() { if [ "$ze_sleep" ]; then _sleep "$ze_sleep"; fi return 0 elif _contains "$response" "ERROR.*Minimum.*seconds"; then - _info "Zoneedit responded with a rate limit of..." + _info "ZoneEdit responded with a rate limit of..." ze_ratelimit=$(echo "$response" | sed -n 's/.*Minimum \([0-9]\+\) seconds.*/\1/p') if [ "$ze_ratelimit" ] && [ ! "$(echo "$ze_ratelimit" | tr -d '0-9')" ]; then _info "$ze_ratelimit seconds." From 9526dbadad48811f39bdc566dd99336aaa71e04c Mon Sep 17 00:00:00 2001 From: peterv99 <_hidden_> Date: Sat, 28 Dec 2024 17:26:52 +0100 Subject: [PATCH 25/37] mijn.host API unreliable, upped retry times to 15 --- dnsapi/dns_mijnhost.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_mijnhost.sh b/dnsapi/dns_mijnhost.sh index 699436ef..b52d65d9 100644 --- a/dnsapi/dns_mijnhost.sh +++ b/dnsapi/dns_mijnhost.sh @@ -167,7 +167,7 @@ _mijnhost_rest() { ep="$2" data="$3" - MAX_REQUEST_RETRY_TIMES=5 + MAX_REQUEST_RETRY_TIMES=15 _request_retry_times=0 _retry_sleep=5 #Initial sleep time in seconds. From a3250fac6dd20734941acd5b3dddae2b80a7ea20 Mon Sep 17 00:00:00 2001 From: Sergey Ponomarev Date: Sat, 28 Dec 2024 22:31:24 +0200 Subject: [PATCH 26/37] dnsapi: Add structured info for lima-city and west.cn Signed-off-by: Sergey Ponomarev --- dnsapi/dns_limacity.sh | 18 +++++++++--------- dnsapi/dns_west_cn.sh | 14 +++++++++----- 2 files changed, 18 insertions(+), 14 deletions(-) diff --git a/dnsapi/dns_limacity.sh b/dnsapi/dns_limacity.sh index fb12f8c6..96bae77f 100644 --- a/dnsapi/dns_limacity.sh +++ b/dnsapi/dns_limacity.sh @@ -1,13 +1,13 @@ #!/usr/bin/env sh - -# Created by Laraveluser -# -# Pass credentials before "acme.sh --issue --dns dns_limacity ..." -# -- -# export LIMACITY_APIKEY="" -# -- -# -# Pleas note: APIKEY must have following roles: dns.admin, domains.reader +# shellcheck disable=SC2034 +dns_limacity_info='lima-city.de +Site: www.lima-city.de/ +Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_limacity +Options: + LIMACITY_APIKEY API Key. Note: The API Key must have following roles: dns.admin, domains.reader +Issues: github.com/acmesh-official/acme.sh/issues/4758 +Author: @Laraveluser +' ######## Public functions ##################### diff --git a/dnsapi/dns_west_cn.sh b/dnsapi/dns_west_cn.sh index d0bb7d49..b873bfc0 100644 --- a/dnsapi/dns_west_cn.sh +++ b/dnsapi/dns_west_cn.sh @@ -1,9 +1,13 @@ #!/usr/bin/env sh - -# West.cn Domain api -#WEST_Username="username" -#WEST_Key="sADDsdasdgdsf" -#Set key at https://www.west.cn/manager/API/APIconfig.asp +# shellcheck disable=SC2034 +dns_west_cn_info='West.cn +Site: West.cn +Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_west_cn +Options: + WEST_Username API username + WEST_Key API Key. Set at https://www.west.cn/manager/API/APIconfig.asp +Issues: github.com/acmesh-official/acme.sh/issues/4894 +' REST_API="https://api.west.cn/API/v2" From 1ae7dd9b113513a24a6dcc7ef71ef6aa3943fa72 Mon Sep 17 00:00:00 2001 From: peterv99 <145142820+peterv99@users.noreply.github.com> Date: Sun, 29 Dec 2024 09:30:48 +0100 Subject: [PATCH 27/37] Updated info block --- dnsapi/dns_mijnhost.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/dnsapi/dns_mijnhost.sh b/dnsapi/dns_mijnhost.sh index b52d65d9..9dafc702 100644 --- a/dnsapi/dns_mijnhost.sh +++ b/dnsapi/dns_mijnhost.sh @@ -4,6 +4,8 @@ dns_mijnhost_info='mijn.host Domains: mijn.host Site: mijn.host Docs: https://mijn.host/api/doc/ +Issues: https://github.com/acmesh-official/acme.sh/issues/6177 +Author: peterv99 Options: MIJNHOST_API_KEY API Key ' From 11de3aed51b42dcbbaeb64b099ce6f4930593b1a Mon Sep 17 00:00:00 2001 From: Sergey Ponomarev Date: Sun, 29 Dec 2024 13:59:08 +0200 Subject: [PATCH 28/37] dnsapi: structured info minor fixes Extend dns_myapi.sh info with samples. omglol: Split Address option by a dot to avoid incorrect parsing with a dot from omg.lol Signed-off-by: Sergey Ponomarev --- dnsapi/dns_limacity.sh | 2 +- dnsapi/dns_myapi.sh | 10 ++++++---- dnsapi/dns_omglol.sh | 4 ++-- dnsapi/dns_openprovider.sh | 1 + dnsapi/dns_pdns.sh | 2 +- dnsapi/dns_yandex360.sh | 2 +- 6 files changed, 12 insertions(+), 9 deletions(-) diff --git a/dnsapi/dns_limacity.sh b/dnsapi/dns_limacity.sh index 96bae77f..5734be9e 100644 --- a/dnsapi/dns_limacity.sh +++ b/dnsapi/dns_limacity.sh @@ -1,7 +1,7 @@ #!/usr/bin/env sh # shellcheck disable=SC2034 dns_limacity_info='lima-city.de -Site: www.lima-city.de/ +Site: www.lima-city.de Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_limacity Options: LIMACITY_APIKEY API Key. Note: The API Key must have following roles: dns.admin, domains.reader diff --git a/dnsapi/dns_myapi.sh b/dnsapi/dns_myapi.sh index c9f5eb9f..101854d5 100755 --- a/dnsapi/dns_myapi.sh +++ b/dnsapi/dns_myapi.sh @@ -1,12 +1,14 @@ #!/usr/bin/env sh # shellcheck disable=SC2034 dns_myapi_info='Custom API Example - A sample custom DNS API script. -Domains: example.com + A sample custom DNS API script description. +Domains: example.com example.net Site: github.com/acmesh-official/acme.sh/wiki/DNS-API-Dev-Guide -Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_duckdns +Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_myapi Options: - MYAPI_Token API Token. Get API Token from https://example.com/api/. Optional. + MYAPI_Token API Token. Get API Token from https://example.com/api/ + MYAPI_Variable2 Option 2. Default "default value". + MYAPI_Variable2 Option 3. Optional. Issues: github.com/acmesh-official/acme.sh Author: Neil Pang ' diff --git a/dnsapi/dns_omglol.sh b/dnsapi/dns_omglol.sh index 5c137c3f..df080bcf 100644 --- a/dnsapi/dns_omglol.sh +++ b/dnsapi/dns_omglol.sh @@ -4,8 +4,8 @@ dns_omglol_info='omg.lol Site: omg.lol Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_omglol Options: - OMG_ApiKey API Key from omg.lol. This is accessible from the bottom of the account page at https://home.omg.lol/account - OMG_Address This is your omg.lol address, without the preceding @ - you can see your list on your dashboard at https://home.omg.lol/dashboard + OMG_ApiKey API Key. This is accessible from the bottom of the account page at https://home.omg.lol/account + OMG_Address Address. This is your omg.lol address, without the preceding @ - you can see your list on your dashboard at https://home.omg.lol/dashboard Issues: github.com/acmesh-official/acme.sh/issues/5299 Author: @Kholin ' diff --git a/dnsapi/dns_openprovider.sh b/dnsapi/dns_openprovider.sh index b584fad2..2dec9934 100755 --- a/dnsapi/dns_openprovider.sh +++ b/dnsapi/dns_openprovider.sh @@ -2,6 +2,7 @@ # shellcheck disable=SC2034 dns_openprovider_info='OpenProvider.eu Site: OpenProvider.eu +Domains: OpenProvider.com Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_openprovider Options: OPENPROVIDER_USER Username diff --git a/dnsapi/dns_pdns.sh b/dnsapi/dns_pdns.sh index 2478e19f..ec19ad25 100755 --- a/dnsapi/dns_pdns.sh +++ b/dnsapi/dns_pdns.sh @@ -7,7 +7,7 @@ Options: PDNS_Url API URL. E.g. "http://ns.example.com:8081" PDNS_ServerId Server ID. E.g. "localhost" PDNS_Token API Token - PDNS_Ttl=60 Domain TTL. Default: "60". + PDNS_Ttl Domain TTL. Default: "60". ' DEFAULT_PDNS_TTL=60 diff --git a/dnsapi/dns_yandex360.sh b/dnsapi/dns_yandex360.sh index c6b6053d..18d01361 100644 --- a/dnsapi/dns_yandex360.sh +++ b/dnsapi/dns_yandex360.sh @@ -1,7 +1,7 @@ #!/usr/bin/env sh # shellcheck disable=SC2034 dns_yandex360_info='Yandex 360 for Business DNS API. -Yandex 360 for Business is a digital environment for effective collaboration. + Yandex 360 for Business is a digital environment for effective collaboration. Site: https://360.yandex.com/ Docs: https://github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_yandex360 Options: From d37553e7b88e154ee2a72c5991397eb26d3a9972 Mon Sep 17 00:00:00 2001 From: Ludovic Ortega Date: Tue, 31 Dec 2024 18:04:39 +0100 Subject: [PATCH 29/37] fix: remove control characters Signed-off-by: Ludovic Ortega --- deploy/truenas.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/truenas.sh b/deploy/truenas.sh index 407395a3..6a008bd7 100644 --- a/deploy/truenas.sh +++ b/deploy/truenas.sh @@ -217,7 +217,7 @@ truenas_deploy() { _app_id=$(echo "$_app_id_list" | sed -n "${i}p") _app_config="$(_post "\"$_app_id\"" "$_api_url/app/config" "" "POST" "application/json")" # Check if the app use the same certificate TrueNAS web UI - _app_active_cert_config=$(echo "$_app_config" | _json_decode | jq -r ".ix_certificates[\"$_active_cert_id\"]") + _app_active_cert_config=$(echo "$_app_config" | tr -d '\000-\037' | _json_decode | jq -r ".ix_certificates[\"$_active_cert_id\"]") if [ "$_app_active_cert_config" != "null" ]; then _info "Updating certificate from $_active_cert_id to $_cert_id for app: $_app_id" #Replace the old certificate id with the new one in path From 0241552c0d5475d10e8e1a4f455d3c247b25c0c3 Mon Sep 17 00:00:00 2001 From: Markus Schenk Date: Thu, 2 Jan 2025 00:26:47 +0100 Subject: [PATCH 30/37] update dns_cyon for updated field names and add validation --- dnsapi/dns_cyon.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/dnsapi/dns_cyon.sh b/dnsapi/dns_cyon.sh index 04a515aa..b5ab8369 100644 --- a/dnsapi/dns_cyon.sh +++ b/dnsapi/dns_cyon.sh @@ -232,7 +232,7 @@ _cyon_add_txt() { _info " - Adding DNS TXT entry..." add_txt_url="https://my.cyon.ch/domain/dnseditor/add-record-async" - add_txt_data="zone=${fulldomain_idn}.&ttl=900&type=TXT&value=${txtvalue}" + add_txt_data="name=${fulldomain_idn}.&ttl=900&type=TXT&dnscontent=${txtvalue}" add_txt_response="$(_post "$add_txt_data" "$add_txt_url")" _debug add_txt_response "${add_txt_response}" @@ -241,9 +241,10 @@ _cyon_add_txt() { add_txt_message="$(printf "%s" "${add_txt_response}" | _cyon_get_response_message)" add_txt_status="$(printf "%s" "${add_txt_response}" | _cyon_get_response_status)" + add_txt_validation="$(printf "%s" "${add_txt_response}" | _cyon_get_validation_status)" # Bail if adding TXT entry fails. - if [ "${add_txt_status}" != "true" ]; then + if [ "${add_txt_status}" != "true" ] || [ "${add_txt_validation}" != "true" ] ; then _err " ${add_txt_message}" _err "" return 1 @@ -308,6 +309,10 @@ _cyon_get_response_status() { _egrep_o '"status":\w*' | cut -d : -f 2 } +_cyon_get_validation_status() { + _egrep_o '"valid":\w*' | cut -d : -f 2 +} + _cyon_get_response_success() { _egrep_o '"onSuccess":"[^"]*"' | cut -d : -f 2 | tr -d '"' } From 524b40b75ff46f875ddd754d4bdd0715b212b752 Mon Sep 17 00:00:00 2001 From: Markus Schenk Date: Thu, 2 Jan 2025 00:36:28 +0100 Subject: [PATCH 31/37] adhere to shell formatting --- dnsapi/dns_cyon.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_cyon.sh b/dnsapi/dns_cyon.sh index b5ab8369..9a95d317 100644 --- a/dnsapi/dns_cyon.sh +++ b/dnsapi/dns_cyon.sh @@ -244,7 +244,7 @@ _cyon_add_txt() { add_txt_validation="$(printf "%s" "${add_txt_response}" | _cyon_get_validation_status)" # Bail if adding TXT entry fails. - if [ "${add_txt_status}" != "true" ] || [ "${add_txt_validation}" != "true" ] ; then + if [ "${add_txt_status}" != "true" ] || [ "${add_txt_validation}" != "true" ]; then _err " ${add_txt_message}" _err "" return 1 From 6328496bfb13716cd44b4371d1309fa71c49a452 Mon Sep 17 00:00:00 2001 From: Markus Schenk Date: Thu, 2 Jan 2025 00:41:59 +0100 Subject: [PATCH 32/37] run tests --- dnsapi/dns_cyon.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/dnsapi/dns_cyon.sh b/dnsapi/dns_cyon.sh index 9a95d317..5510bfc2 100644 --- a/dnsapi/dns_cyon.sh +++ b/dnsapi/dns_cyon.sh @@ -228,6 +228,7 @@ _cyon_change_domain_env() { _info "" } + _cyon_add_txt() { _info " - Adding DNS TXT entry..." From 0e4fd5269b4b25ade954ce0648069e2c317f611c Mon Sep 17 00:00:00 2001 From: Markus Schenk Date: Thu, 2 Jan 2025 00:49:20 +0100 Subject: [PATCH 33/37] run tests --- dnsapi/dns_cyon.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/dnsapi/dns_cyon.sh b/dnsapi/dns_cyon.sh index 5510bfc2..9a95d317 100644 --- a/dnsapi/dns_cyon.sh +++ b/dnsapi/dns_cyon.sh @@ -228,7 +228,6 @@ _cyon_change_domain_env() { _info "" } - _cyon_add_txt() { _info " - Adding DNS TXT entry..." From 04aefbf28da6ceb27a3cece5484fc0b2ecca9988 Mon Sep 17 00:00:00 2001 From: Markus Schenk Date: Fri, 3 Jan 2025 00:31:27 +0100 Subject: [PATCH 34/37] moved the env change check to its own function --- dnsapi/dns_cyon.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/dnsapi/dns_cyon.sh b/dnsapi/dns_cyon.sh index 9a95d317..175877c6 100644 --- a/dnsapi/dns_cyon.sh +++ b/dnsapi/dns_cyon.sh @@ -215,10 +215,8 @@ _cyon_change_domain_env() { if ! _cyon_check_if_2fa_missed "${domain_env_response}"; then return 1; fi - domain_env_success="$(printf "%s" "${domain_env_response}" | _egrep_o '"authenticated":\w*' | cut -d : -f 2)" - # Bail if domain environment change fails. - if [ "${domain_env_success}" != "true" ]; then + if [ "$(printf "%s" "${domain_env_response}" | _cyon_get_envchange_success)" != "true" ]; then _err " $(printf "%s" "${domain_env_response}" | _cyon_get_response_message)" _err "" return 1 @@ -317,6 +315,10 @@ _cyon_get_response_success() { _egrep_o '"onSuccess":"[^"]*"' | cut -d : -f 2 | tr -d '"' } +_cyon_get_envchange_success() { + _egrep_o '"authenticated":\w*' | cut -d : -f 2 +} + _cyon_check_if_2fa_missed() { # Did we miss the 2FA? if test "${1#*multi_factor_form}" != "${1}"; then From b29d17f5228b15d1fae005adcf326a25b46c974d Mon Sep 17 00:00:00 2001 From: Markus Schenk Date: Fri, 3 Jan 2025 13:04:04 +0100 Subject: [PATCH 35/37] changed char class for compatibility with openbsd --- dnsapi/dns_cyon.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dnsapi/dns_cyon.sh b/dnsapi/dns_cyon.sh index 175877c6..4b0dbfc0 100644 --- a/dnsapi/dns_cyon.sh +++ b/dnsapi/dns_cyon.sh @@ -216,7 +216,7 @@ _cyon_change_domain_env() { if ! _cyon_check_if_2fa_missed "${domain_env_response}"; then return 1; fi # Bail if domain environment change fails. - if [ "$(printf "%s" "${domain_env_response}" | _cyon_get_envchange_success)" != "true" ]; then + if [ "$(printf "%s" "${domain_env_response}" | _cyon_get_environment_change_status)" != "true" ]; then _err " $(printf "%s" "${domain_env_response}" | _cyon_get_response_message)" _err "" return 1 @@ -315,8 +315,8 @@ _cyon_get_response_success() { _egrep_o '"onSuccess":"[^"]*"' | cut -d : -f 2 | tr -d '"' } -_cyon_get_envchange_success() { - _egrep_o '"authenticated":\w*' | cut -d : -f 2 +_cyon_get_environment_change_status() { + _egrep_o '"authenticated":[a-zA-z0-9]*' | cut -d : -f 2 } _cyon_check_if_2fa_missed() { From 1b123054b36fe3acdad6f871ec6f9f8b30caba17 Mon Sep 17 00:00:00 2001 From: Markus Schenk Date: Fri, 3 Jan 2025 13:08:18 +0100 Subject: [PATCH 36/37] also updated the other validation functions --- dnsapi/dns_cyon.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dnsapi/dns_cyon.sh b/dnsapi/dns_cyon.sh index 4b0dbfc0..a585e772 100644 --- a/dnsapi/dns_cyon.sh +++ b/dnsapi/dns_cyon.sh @@ -304,11 +304,11 @@ _cyon_get_response_message() { } _cyon_get_response_status() { - _egrep_o '"status":\w*' | cut -d : -f 2 + _egrep_o '"status":[a-zA-z0-9]*' | cut -d : -f 2 } _cyon_get_validation_status() { - _egrep_o '"valid":\w*' | cut -d : -f 2 + _egrep_o '"valid":[a-zA-z0-9]*' | cut -d : -f 2 } _cyon_get_response_success() { From 5610d4782fe0954d884943f3e1f205923344bc47 Mon Sep 17 00:00:00 2001 From: Jan-Piet Mens Date: Tue, 7 Jan 2025 13:13:27 +0100 Subject: [PATCH 37/37] Correct typo in acme.sh --- acme.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/acme.sh b/acme.sh index 9842e3f1..bcd6b928 100755 --- a/acme.sh +++ b/acme.sh @@ -6061,7 +6061,7 @@ installcronjob() { _script="$(_readlink "$_SCRIPT_")" _debug _script "$_script" if [ -f "$_script" ]; then - _info "Usinging the current script from: $_script" + _info "Using the current script from: $_script" lesh="$_script" else _err "Cannot install cronjob, $PROJECT_ENTRY not found."