flywithu/acme.sh
1
0
Fork 0
mirror of https://github.com/hiskang/acme.sh synced 2025-06-15 11:56:24 +00:00
Code Issues Releases Wiki Activity

Merge branch 'dev' into dnsapi/dns_dnsever

Browse Source
This commit is contained in:
hiska 2018-01-15 15:09:18 +09:00 committed by GitHub
commit 2cdd9948e9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 183 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -339,7 +339,11 @@ You don't have to do anything manually!
1. Dyn Managed DNS API 1. Dyn Managed DNS API
1. Yandex PDD API (https://pdd.yandex.ru) 1. Yandex PDD API (https://pdd.yandex.ru)
1. Hurricane Electric DNS service (https://dns.he.net) 1. Hurricane Electric DNS service (https://dns.he.net)
1. UnoEuro API (https://www.unoeuro.com/)
1. INWX (https://www.inwx.de/)
1. Servercow (https://servercow.de)
1. Namesilo (https://www.namesilo.com)
1. DNSEver(https://www.dnsever.com)
And: And:

31
deploy/strongswan.sh
View File

@ -16,17 +16,38 @@ strongswan_deploy() {
_cca="$4" _cca="$4"
_cfullchain="$5" _cfullchain="$5"
_info "Using strongswan"
if [ -x /usr/sbin/ipsec ]; then
_ipsec=/usr/sbin/ipsec
elif [ -x /usr/sbin/strongswan ]; then
_ipsec=/usr/sbin/strongswan
else
_err "no strongswan or ipsec command is detected"
return 1
fi
_info _ipsec "$_ipsec"
_confdir=$($_ipsec --confdir)
if [ $? -ne 0 ] || [ -z "$_confdir" ]; then
_err "no strongswan --confdir is detected"
return 1
fi
_info _confdir "$_confdir"
_debug _cdomain "$_cdomain" _debug _cdomain "$_cdomain"
_debug _ckey "$_ckey" _debug _ckey "$_ckey"
_debug _ccert "$_ccert" _debug _ccert "$_ccert"
_debug _cca "$_cca" _debug _cca "$_cca"
_debug _cfullchain "$_cfullchain" _debug _cfullchain "$_cfullchain"
cat "$_ckey" >"/etc/ipsec.d/private/$(basename "$_ckey")" cat "$_ckey" >"${_confdir}/ipsec.d/private/$(basename "$_ckey")"
cat "$_ccert" >"/etc/ipsec.d/certs/$(basename "$_ccert")" cat "$_ccert" >"${_confdir}/ipsec.d/certs/$(basename "$_ccert")"
cat "$_cca" >"/etc/ipsec.d/cacerts/$(basename "$_cca")" cat "$_cca" >"${_confdir}/ipsec.d/cacerts/$(basename "$_cca")"
cat "$_cfullchain" >"/etc/ipsec.d/cacerts/$(basename "$_cfullchain")" cat "$_cfullchain" >"${_confdir}/ipsec.d/cacerts/$(basename "$_cfullchain")"
ipsec reload $_ipsec reload
} }

16
dnsapi/README.md
View File

@ -651,7 +651,21 @@ acme.sh --issue --dns dns_servercow -d example.com -d www.example.com
``` ```
Both, `SERVERCOW_API_Username` and `SERVERCOW_API_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. Both, `SERVERCOW_API_Username` and `SERVERCOW_API_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
##35. Use DNSEver (https://www.dnsever.com/) ## 35. Use Namesilo.com API
You'll need to generate an API key at https://www.namesilo.com/account_api.php
Optionally you may restrict the access to an IP range there.
```
export Namesilo_Key="xxxxxxxxxxxxxxxxxxxxxxxx"
```
And now you can issue certs with:
```
acme.sh --issue --dns dns_namesilo --dnssleep 900 -d example.com -d www.example.com
```
## 36. Use DNSEver (https://www.dnsever.com/)
You will need your login credentials (ID+PW) to the DNSEver, and export them before you run acme.sh: You will need your login credentials (ID+PW) to the DNSEver, and export them before you run acme.sh:
``` ```

1
dnsapi/dns_ispconfig.sh
View File

@ -2,7 +2,6 @@
# ISPConfig 3.1 API # ISPConfig 3.1 API
# User must provide login data and URL to the ISPConfig installation incl. port. The remote user in ISPConfig must have access to: # User must provide login data and URL to the ISPConfig installation incl. port. The remote user in ISPConfig must have access to:
# - DNS zone Functions
# - DNS txt Functions # - DNS txt Functions
# Report bugs to https://github.com/sjau/acme.sh # Report bugs to https://github.com/sjau/acme.sh

137
dnsapi/dns_namesilo.sh Executable file
View File

@ -0,0 +1,137 @@
#!/usr/bin/env sh
#Author: meowthink
#Created 01/14/2017
#Utilize namesilo.com API to finish dns-01 verifications.
Namesilo_API="https://www.namesilo.com/api"
######## Public functions #####################
#Usage: dns_myapi_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
dns_namesilo_add() {
fulldomain=$1
txtvalue=$2
if [ -z "$Namesilo_Key" ]; then
Namesilo_Key=""
_err "API token for namesilo.com is missing."
_err "Please specify that in your environment variable."
return 1
fi
#save the api key and email to the account conf file.
_saveaccountconf Namesilo_Key "$Namesilo_Key"
if ! _get_root "$fulldomain"; then
_err "Unable to find domain specified."
return 1
fi
_debug _sub_domain "$_sub_domain"
_debug _domain "$_domain"
_debug txtvalue "$txtvalue"
if _namesilo_rest GET "dnsAddRecord?version=1&type=xml&key=$Namesilo_Key&domain=$_domain&rrtype=TXT&rrhost=$_sub_domain&rrvalue=$txtvalue"; then
retcode=$(printf "%s\n" "$response" | _egrep_o "<code>300")
if [ "$retcode" ]; then
_info "Successfully added TXT record, ready for validation."
return 0
else
_err "Unable to add the DNS record."
return 1
fi
fi
}
#Usage: fulldomain txtvalue
#Remove the txt record after validation.
dns_namesilo_rm() {
fulldomain=$1
txtvalue=$2
if ! _get_root "$fulldomain"; then
_err "Unable to find domain specified."
return 1
fi
# Get the record id.
if _namesilo_rest GET "dnsListRecords?version=1&type=xml&key=$Namesilo_Key&domain=$_domain"; then
retcode=$(printf "%s\n" "$response" | _egrep_o "<code>300")
if [ "$retcode" ]; then
_record_id=$(printf "%s\n" "$response" | _egrep_o "<record_id>([^<]*)</record_id><type>TXT</type><host>$fulldomain</host>" | _egrep_o "<record_id>([^<]*)</record_id>" | sed -r "s/<record_id>([^<]*)<\/record_id>/\1/" | tail -n 1)
_debug record_id "$_record_id"
_info "Successfully retrieved the record id for ACME challenge."
else
_err "Unable to retrieve the record id."
return 1
fi
fi
# Remove the DNS record using record id.
if _namesilo_rest GET "dnsDeleteRecord?version=1&type=xml&key=$Namesilo_Key&domain=$_domain&rrid=$_record_id"; then
retcode=$(printf "%s\n" "$response" | _egrep_o "<code>300")
if [ "$retcode" ]; then
_info "Successfully removed the TXT record."
return 0
else
_err "Unable to remove the DNS record."
return 1
fi
fi
}
#################### Private functions below ##################################
# _acme-challenge.www.domain.com
# returns
# _sub_domain=_acme-challenge.www
# _domain=domain.com
_get_root() {
domain=$1
i=2
p=1
if ! _namesilo_rest GET "listDomains?version=1&type=xml&key=$Namesilo_Key"; then
return 1
fi
# Need to exclude the last field (tld)
numfields=$(echo "$domain" | _egrep_o "\." | wc -l)
while [ $i -le "$numfields" ]; do
host=$(printf "%s" "$domain" | cut -d . -f $i-100)
_debug host "$host"
if [ -z "$host" ]; then
return 1
fi
if _contains "$response" "$host"; then
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
_domain="$host"
return 0
fi
p=$i
i=$(_math "$i" + 1)
done
return 1
}
_namesilo_rest() {
method=$1
param=$2
data=$3
if [ "$method" != "GET" ]; then
response="$(_post "$data" "$Namesilo_API/$param" "" "$method")"
else
response="$(_get "$Namesilo_API/$param")"
fi
if [ "$?" != "0" ]; then
_err "error $param"
return 1
fi
_debug2 response "$response"
return 0
}