Commit Graph

76 Commits (45ea2f82ba98cc837f067f43947c3cad23606b9b)

Author SHA1 Message Date
neil 2d282597ca fix format 2024-09-15 14:30:12 +02:00
neil 11aef82993
Merge pull request #5139 from scruel/scruel-patch-1
feat: guide user to run script as root to create temp admin user
2024-07-19 11:16:44 +08:00
Scruel Tao 60569fdd83
fix(deploy): respect api path with synology Auth API
fix #5184
2024-07-14 15:04:43 +08:00
Scruel Tao 1dbc58d4e0
chore: optimize more msgs 2024-05-08 14:01:43 +08:00
Scruel Tao 47ccb28482
chore: typo 2024-05-08 04:46:51 +08:00
Scruel Tao 744dea00ca
feat: guide user to run script as root to create temp admin user
Message text and comment optimized
2024-05-08 02:56:21 +08:00
Scruel Tao cd01104de9
fix(deploy_dsm): ensure grep get the error code
Added grep -o option to ensure the script won't get other digits as the error code result
2024-04-25 13:39:05 +08:00
Scruel Tao 9ff89b570f
fix(deploy_dsm): missing gerp -P option on busybox
Fixes:  #5105
2024-04-25 04:02:49 +08:00
Scruel Tao 6af5293315 doc: adjust 2024-02-28 02:00:07 +08:00
Scruel Tao ff090d2f74 fix lint 2024-02-26 23:45:19 +08:00
Scruel Tao 68e3a12a91 feat: improve robustness of the usage of DSM tool `synogroup` 2024-02-26 23:38:44 +08:00
Scruel Tao 50eda6b678 fix: lint 2024-02-26 21:07:15 +08:00
Scruel Tao 192ec598a3 feat: add `SYNO_LOCAL_HOSTNAME` to prevent remote deploy via temp admin method 2024-02-26 21:03:26 +08:00
Scruel Tao 5b449999a5 refactor: unify variable naming convention again (revert some changes) 2024-02-26 20:55:49 +08:00
Scruel Tao afed62f6de fix: should save `SYNO_UseTempAdmin` only after login success. 2024-02-26 07:05:00 +08:00
Scruel Tao 59d1e16f9c feat: bypass enforce temp admin 2FA 2024-02-26 06:23:47 +08:00
Scruel Tao dbe0d477d6 feat: more user-friendly logic & error messages. 2024-02-26 06:23:46 +08:00
Scruel Tao 7248560169 feat: support DSM 6.x 2024-02-26 06:23:45 +08:00
Scruel Tao f840f7d75b refactor: unify variable naming convention 2024-02-26 06:23:42 +08:00
Scruel Tao cf3839ecec
doc(deploy): update usage doc 2024-02-22 12:38:51 +08:00
neil aa8cf76fb1
Merge pull request #4706 from scruel/syno-patch
Add SYNO_USE_TEMP_ADMIN variable & Fix broken logic
2024-02-13 09:57:51 +08:00
LordDarkneo 6992659ba9
Update synology_dsm.sh 2023-12-22 14:36:52 -05:00
LordDarkneo 05696d443a
Update synology_dsm.sh
#2727 issue when logging out on older version - using variables to unlog only for CERT user
2023-12-22 14:34:35 -05:00
LordDarkneo f59a925897
Update synology_dsm.sh
Issue for lougout
2023-12-22 09:09:29 -05:00
Romeo Dumitrescu 87a7bde618 fix: Synology DSM API path regex
Fix the regex for looking up the API path value from the Synology API query.
2023-09-25 18:43:01 +03:00
Scruel Tao 29b2960805
Optimze comment & remove tail space 2023-09-07 15:01:37 +08:00
Scruel Tao f7f3a0bf0d
Merge branch 'dev' into syno-patch 2023-09-07 14:57:53 +08:00
Martin Arndt b793dbf977
Fix device ID property name for DSM 6 2023-08-11 17:55:45 +02:00
Martin Arndt d52b38777a
Fix Auth API access for DSM 6 2023-08-09 19:52:37 +02:00
Scruel Tao ba468bb5e4
Fix for shfmt check 2023-07-20 13:38:36 +08:00
Scruel Tao cf86d57a9f
Fix for shfmt check 2023-07-20 13:34:57 +08:00
Scruel Tao 9e958f4e32
Fix shellcheck 2023-07-20 13:09:21 +08:00
Scruel Tao c7f6f20c9d
Add SYNO_USE_TEMP_ADMIN variable & Fix broken logic
1. Fix the broken logic in (Sorry for including fix commit in same PR, I'm feeling quite tired and would like to go to sleep right away...)
2. Provides new method to obtain credential info for authentication, it will create a temp admin user if SYNO_USE_TEMP_ADMIN is set, instead of requiring the user's own credentials which will be saved in disk.

I do really don't like to have plaintext credentials be saved in disk, and I noticed that you've spent a lot of time fighting with 2FA related stuffs, so why not just get rid of the whole old way. :)
2023-07-20 02:48:29 +08:00
Martin Arndt 0d7b831661
Fix variable initialization 2023-07-04 16:58:14 +02:00
Martin Arndt 0c9e4f67a8
Update synology_dsm.sh
Split "[ && ]" into "[ ] && [ ]" to make ShellCheck happy
2023-07-04 15:55:44 +02:00
Martin Arndt db3f131dfc
Re-add deprecated SYNO_TOTP_SECRET part for legacy compatibility
As requested in acmesh-official/acme.sh/pull/4646 by Neil Pang
2023-07-04 15:47:19 +02:00
Martin Arndt 0548ad2fc6
Fix debug output of session ID 2023-05-28 22:33:15 +02:00
Martin Arndt 623d615cd7
Remove external OTP dependency from synology_dsm.sh
Also adapt to DSM 7's API improvements.
2023-05-28 21:42:53 +02:00
Markus Lippert a7dd86de71
fix(deploy-synology_dsm): support DID with DSM 7 2022-09-29 12:22:45 +02:00
John Elliott 3a99a77104 Update return statement 2022-02-07 21:55:12 -08:00
John Elliott 5ce8050e46 Update missing oathtool check 2022-02-07 11:58:14 -08:00
John Elliott 5ae3a020bd Add err log for missing oathtool in Synology
Alerts the user that the oathtool is missing and the TOTP can't be
generated.
2022-02-07 11:53:24 -08:00
Nasser Alansari 4635dacf7f Add SYNO_TOTP_SECRET for user with two-factor authentication 2021-11-13 13:01:38 +03:00
Miguel Angelo a31ed4a723 Notify user about a possible problem when using synology_dsm.sh with 2fa enabled user account 2021-11-01 01:40:14 -03:00
Brian Hartvigsen dcb51683c5
shellcheck cleanup
shellcheck sees '\\' as trying to escape the trailing quote (see
koalaman/shellcheck#1548 ).
2021-05-26 15:25:58 -06:00
Brian Hartvigsen 74a4a788b1
Make certificate descriptions sed safe
This escapes special characters used in POSIX sed to prevent mismatches.
e.g. `SYNO_Certficiate=*.example.com` would not match a description of
"*.example.com" and would look to match any number of double quotes (the
last character in the sed regex prior to certificate description),
followed by any single character, followed by "example", followed by any
character, followed by "com".

After this change, it will properly match `*.example.com` and not
`""zexamplefcom`.

Additionally we now store the certificate description as base64 encoded
to prevent issues with single quotes.

Tested on DSM 7.0-41222 (VDSM) and DSM 6.2.4-25556 (DS1515+).
2021-05-26 15:25:58 -06:00
Brian Hartvigsen 5ab9ca1c0d
Better fix for Synology DSM setting wrong default
As noted by @buxm, previous fix didn't work for all versions of DSM 6.
The better fix appears to be simply not outputting the "as_default"
parameter unless we are doing something with the default certificate.
2021-05-19 13:21:34 -06:00
Brian Hartvigsen 1a4a180e8c
FIX: Synology sets "default" on wrong certificate
For some DSM installs, it appears that setting the "default" flag to the
string "false" actually sets it to true.  This causes Synology to set
the last updated certificate to be the default certificate.  Using an
empty string appears to still be accepted as a false-y value for DSMs
where this isn't happening and corrects the behavior in the cases that
it was.

Credit to @Run-King for identifying the fix and @buxm for reporting.
2021-05-02 13:37:59 -06:00
Brian Hartvigsen 2635dfef96
Shellcheck linting
Also removed unused code
2020-12-09 21:01:44 -07:00
Brian Hartvigsen 7d7789ae96
Support DSM 6 and 7
Small changes for DSM 6:

All fields (except enable_syno_token as explained below) must either be in the GET params or the POST params, you can't mix GET and POST params
enable_syno_token=yes must be in both the GET and POST params.
If enable_syno_token=yes is only in the POST fields, then DSM6 returns a synotoken of --------. If enable_syno_token=yes is only in the GET params, then it returns no synotoken at all. It must be in both to work.
Need to use /webapi/auth.cgi instead of /webapi/entry.cgi
Verified with DSM 6.2.3-25426 Update 2 and DSM 7.0-40850
2020-12-09 20:35:50 -07:00