Merge branch 'acmesh-official:master' into master

2025-12-24 03:52:10 +08:00 · 2024-12-23 14:51:57 +10:00
parent e42ad9be24 f981c782bb
commit b29cb08956
16 changed files with 746 additions and 230 deletions
--- a/dnsapi/dns_alviy.sh
+++ b/dnsapi/dns_alviy.sh
@@ -1,11 +1,12 @@
 #!/usr/bin/env sh
-# Alviy domain api
-#
-# Get API key and secret from https://cloud.alviy.com/token
-#
-# Alviy_token="some-secret-key"
-#
-# Ex.: acme.sh --issue --staging --dns dns_alviy -d "*.s.example.com" -d "s.example.com"
+# shellcheck disable=SC2034
+dns_alviy_info='Alviy.com
+Site: Alviy.com
+Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_alviy
+Options:
+ Alviy_token API token. Get it from the https://cloud.alviy.com/token
+Issues: github.com/acmesh-official/acme.sh/issues/5115
+'

 Alviy_Api="https://cloud.alviy.com/api/v1"

--- a/dnsapi/dns_azure.sh
+++ b/dnsapi/dns_azure.sh
@@ -9,6 +9,7 @@ Options:
 AZUREDNS_APPID App ID. App ID of the service principal
 AZUREDNS_CLIENTSECRET Client Secret. Secret from creating the service principal
 AZUREDNS_MANAGEDIDENTITY Use Managed Identity. Use Managed Identity assigned to a resource instead of a service principal. "true"/"false"
+ AZUREDNS_BEARERTOKEN Optional Bearer Token. Used instead of service principal credentials or managed identity
 '

 wiki=https://github.com/acmesh-official/acme.sh/wiki/How-to-use-Azure-DNS
@@ -31,6 +32,7 @@ dns_azure_add() {
    AZUREDNS_TENANTID=""
    AZUREDNS_APPID=""
    AZUREDNS_CLIENTSECRET=""
+    AZUREDNS_BEARERTOKEN=""
    _err "You didn't specify the Azure Subscription ID"
    return 1
  fi
@@ -45,37 +47,45 @@ dns_azure_add() {
    _saveaccountconf_mutable AZUREDNS_TENANTID ""
    _saveaccountconf_mutable AZUREDNS_APPID ""
    _saveaccountconf_mutable AZUREDNS_CLIENTSECRET ""
+    _saveaccountconf_mutable AZUREDNS_BEARERTOKEN ""
  else
-    _info "You didn't ask to use Azure managed identity, checking service principal credentials"
+    _info "You didn't ask to use Azure managed identity, checking service principal credentials or provided bearer token"
    AZUREDNS_TENANTID="${AZUREDNS_TENANTID:-$(_readaccountconf_mutable AZUREDNS_TENANTID)}"
    AZUREDNS_APPID="${AZUREDNS_APPID:-$(_readaccountconf_mutable AZUREDNS_APPID)}"
    AZUREDNS_CLIENTSECRET="${AZUREDNS_CLIENTSECRET:-$(_readaccountconf_mutable AZUREDNS_CLIENTSECRET)}"
+    AZUREDNS_BEARERTOKEN="${AZUREDNS_BEARERTOKEN:-$(_readaccountconf_mutable AZUREDNS_BEARERTOKEN)}"
+    if [ -z "$AZUREDNS_BEARERTOKEN" ]; then
+      if [ -z "$AZUREDNS_TENANTID" ]; then
+        AZUREDNS_SUBSCRIPTIONID=""
+        AZUREDNS_TENANTID=""
+        AZUREDNS_APPID=""
+        AZUREDNS_CLIENTSECRET=""
+        AZUREDNS_BEARERTOKEN=""
+        _err "You didn't specify the Azure Tenant ID "
+        return 1
+      fi

-    if [ -z "$AZUREDNS_TENANTID" ]; then
-      AZUREDNS_SUBSCRIPTIONID=""
-      AZUREDNS_TENANTID=""
-      AZUREDNS_APPID=""
-      AZUREDNS_CLIENTSECRET=""
-      _err "You didn't specify the Azure Tenant ID "
-      return 1
-    fi
+      if [ -z "$AZUREDNS_APPID" ]; then
+        AZUREDNS_SUBSCRIPTIONID=""
+        AZUREDNS_TENANTID=""
+        AZUREDNS_APPID=""
+        AZUREDNS_CLIENTSECRET=""
+        AZUREDNS_BEARERTOKEN=""
+        _err "You didn't specify the Azure App ID"
+        return 1
+      fi

-    if [ -z "$AZUREDNS_APPID" ]; then
-      AZUREDNS_SUBSCRIPTIONID=""
-      AZUREDNS_TENANTID=""
-      AZUREDNS_APPID=""
-      AZUREDNS_CLIENTSECRET=""
-      _err "You didn't specify the Azure App ID"
-      return 1
-    fi
-
-    if [ -z "$AZUREDNS_CLIENTSECRET" ]; then
-      AZUREDNS_SUBSCRIPTIONID=""
-      AZUREDNS_TENANTID=""
-      AZUREDNS_APPID=""
-      AZUREDNS_CLIENTSECRET=""
-      _err "You didn't specify the Azure Client Secret"
-      return 1
+      if [ -z "$AZUREDNS_CLIENTSECRET" ]; then
+        AZUREDNS_SUBSCRIPTIONID=""
+        AZUREDNS_TENANTID=""
+        AZUREDNS_APPID=""
+        AZUREDNS_CLIENTSECRET=""
+        AZUREDNS_BEARERTOKEN=""
+        _err "You didn't specify the Azure Client Secret"
+        return 1
+      fi
+    else
+      _info "Using provided bearer token"
    fi

    #save account details to account conf file, don't opt in for azure manages identity check.
@@ -83,9 +93,14 @@ dns_azure_add() {
    _saveaccountconf_mutable AZUREDNS_TENANTID "$AZUREDNS_TENANTID"
    _saveaccountconf_mutable AZUREDNS_APPID "$AZUREDNS_APPID"
    _saveaccountconf_mutable AZUREDNS_CLIENTSECRET "$AZUREDNS_CLIENTSECRET"
+    _saveaccountconf_mutable AZUREDNS_BEARERTOKEN "$AZUREDNS_BEARERTOKEN"
  fi

-  accesstoken=$(_azure_getaccess_token "$AZUREDNS_MANAGEDIDENTITY" "$AZUREDNS_TENANTID" "$AZUREDNS_APPID" "$AZUREDNS_CLIENTSECRET")
+  if [ -z "$AZUREDNS_BEARERTOKEN" ]; then
+    accesstoken=$(_azure_getaccess_token "$AZUREDNS_MANAGEDIDENTITY" "$AZUREDNS_TENANTID" "$AZUREDNS_APPID" "$AZUREDNS_CLIENTSECRET")
+  else
+    accesstoken=$(echo "$AZUREDNS_BEARERTOKEN" | sed "s/Bearer //g")
+  fi

  if ! _get_root "$fulldomain" "$AZUREDNS_SUBSCRIPTIONID" "$accesstoken"; then
    _err "invalid domain"
@@ -147,6 +162,7 @@ dns_azure_rm() {
    AZUREDNS_TENANTID=""
    AZUREDNS_APPID=""
    AZUREDNS_CLIENTSECRET=""
+    AZUREDNS_BEARERTOKEN=""
    _err "You didn't specify the Azure Subscription ID "
    return 1
  fi
@@ -155,40 +171,51 @@ dns_azure_rm() {
  if [ "$AZUREDNS_MANAGEDIDENTITY" = true ]; then
    _info "Using Azure managed identity"
  else
-    _info "You didn't ask to use Azure managed identity, checking service principal credentials"
+    _info "You didn't ask to use Azure managed identity, checking service principal credentials or provided bearer token"
    AZUREDNS_TENANTID="${AZUREDNS_TENANTID:-$(_readaccountconf_mutable AZUREDNS_TENANTID)}"
    AZUREDNS_APPID="${AZUREDNS_APPID:-$(_readaccountconf_mutable AZUREDNS_APPID)}"
    AZUREDNS_CLIENTSECRET="${AZUREDNS_CLIENTSECRET:-$(_readaccountconf_mutable AZUREDNS_CLIENTSECRET)}"
+    AZUREDNS_BEARERTOKEN="${AZUREDNS_BEARERTOKEN:-$(_readaccountconf_mutable AZUREDNS_BEARERTOKEN)}"
+    if [ -z "$AZUREDNS_BEARERTOKEN" ]; then
+      if [ -z "$AZUREDNS_TENANTID" ]; then
+        AZUREDNS_SUBSCRIPTIONID=""
+        AZUREDNS_TENANTID=""
+        AZUREDNS_APPID=""
+        AZUREDNS_CLIENTSECRET=""
+        AZUREDNS_BEARERTOKEN=""
+        _err "You didn't specify the Azure Tenant ID "
+        return 1
+      fi

-    if [ -z "$AZUREDNS_TENANTID" ]; then
-      AZUREDNS_SUBSCRIPTIONID=""
-      AZUREDNS_TENANTID=""
-      AZUREDNS_APPID=""
-      AZUREDNS_CLIENTSECRET=""
-      _err "You didn't specify the Azure Tenant ID "
-      return 1
-    fi
+      if [ -z "$AZUREDNS_APPID" ]; then
+        AZUREDNS_SUBSCRIPTIONID=""
+        AZUREDNS_TENANTID=""
+        AZUREDNS_APPID=""
+        AZUREDNS_CLIENTSECRET=""
+        AZUREDNS_BEARERTOKEN=""
+        _err "You didn't specify the Azure App ID"
+        return 1
+      fi

-    if [ -z "$AZUREDNS_APPID" ]; then
-      AZUREDNS_SUBSCRIPTIONID=""
-      AZUREDNS_TENANTID=""
-      AZUREDNS_APPID=""
-      AZUREDNS_CLIENTSECRET=""
-      _err "You didn't specify the Azure App ID"
-      return 1
-    fi
-
-    if [ -z "$AZUREDNS_CLIENTSECRET" ]; then
-      AZUREDNS_SUBSCRIPTIONID=""
-      AZUREDNS_TENANTID=""
-      AZUREDNS_APPID=""
-      AZUREDNS_CLIENTSECRET=""
-      _err "You didn't specify the Azure Client Secret"
-      return 1
+      if [ -z "$AZUREDNS_CLIENTSECRET" ]; then
+        AZUREDNS_SUBSCRIPTIONID=""
+        AZUREDNS_TENANTID=""
+        AZUREDNS_APPID=""
+        AZUREDNS_CLIENTSECRET=""
+        AZUREDNS_BEARERTOKEN=""
+        _err "You didn't specify the Azure Client Secret"
+        return 1
+      fi
+    else
+      _info "Using provided bearer token"
    fi
  fi

-  accesstoken=$(_azure_getaccess_token "$AZUREDNS_MANAGEDIDENTITY" "$AZUREDNS_TENANTID" "$AZUREDNS_APPID" "$AZUREDNS_CLIENTSECRET")
+  if [ -z "$AZUREDNS_BEARERTOKEN" ]; then
+    accesstoken=$(_azure_getaccess_token "$AZUREDNS_MANAGEDIDENTITY" "$AZUREDNS_TENANTID" "$AZUREDNS_APPID" "$AZUREDNS_CLIENTSECRET")
+  else
+    accesstoken=$(echo "$AZUREDNS_BEARERTOKEN" | sed "s/Bearer //g")
+  fi

  if ! _get_root "$fulldomain" "$AZUREDNS_SUBSCRIPTIONID" "$accesstoken"; then
    _err "invalid domain"
@@ -295,7 +322,7 @@ _azure_getaccess_token() {
  clientID=$3
  clientSecret=$4

-  accesstoken="${AZUREDNS_BEARERTOKEN:-$(_readaccountconf_mutable AZUREDNS_BEARERTOKEN)}"
+  accesstoken="${AZUREDNS_ACCESSTOKEN:-$(_readaccountconf_mutable AZUREDNS_ACCESSTOKEN)}"
  expires_on="${AZUREDNS_TOKENVALIDTO:-$(_readaccountconf_mutable AZUREDNS_TOKENVALIDTO)}"

  # can we reuse the bearer token?
@@ -339,7 +366,7 @@ _azure_getaccess_token() {
    _err "error $response"
    return 1
  fi
-  _saveaccountconf_mutable AZUREDNS_BEARERTOKEN "$accesstoken"
+  _saveaccountconf_mutable AZUREDNS_ACCESSTOKEN "$accesstoken"
  _saveaccountconf_mutable AZUREDNS_TOKENVALIDTO "$expires_on"
  printf "%s" "$accesstoken"
  return 0
--- a/dnsapi/dns_fornex.sh
+++ b/dnsapi/dns_fornex.sh
@@ -9,7 +9,7 @@ Issues: github.com/acmesh-official/acme.sh/issues/3998
 Author: Timur Umarov <inbox@tumarov.com>
 '

-FORNEX_API_URL="https://fornex.com/api/dns/v0.1"
+FORNEX_API_URL="https://fornex.com/api"

 ########  Public functions #####################

@@ -30,12 +30,10 @@ dns_fornex_add() {
  fi

  _info "Adding record"
-  if _rest POST "$_domain/entry_set/add/" "host=$fulldomain&type=TXT&value=$txtvalue&apikey=$FORNEX_API_KEY"; then
+  if _rest POST "dns/domain/$_domain/entry_set/" "{\"host\" : \"${fulldomain}\" , \"type\" : \"TXT\" , \"value\" : \"${txtvalue}\" , \"ttl\" : null}"; then
    _debug _response "$response"
-    if _contains "$response" '"ok": true' || _contains "$response" 'Такая запись уже существует.'; then
-      _info "Added, OK"
-      return 0
-    fi
+    _info "Added, OK"
+    return 0
  fi
  _err "Add txt record error."
  return 1
@@ -58,21 +56,21 @@ dns_fornex_rm() {
  fi

  _debug "Getting txt records"
-  _rest GET "$_domain/entry_set.json?apikey=$FORNEX_API_KEY"
+  _rest GET "dns/domain/$_domain/entry_set?type=TXT&q=$fulldomain"

  if ! _contains "$response" "$txtvalue"; then
    _err "Txt record not found"
    return 1
  fi

-  _record_id="$(echo "$response" | _egrep_o "{[^{]*\"value\"*:*\"$txtvalue\"[^}]*}" | sed -n -e 's#.*"id": \([0-9]*\).*#\1#p')"
+  _record_id="$(echo "$response" | _egrep_o "\{[^\{]*\"value\"*:*\"$txtvalue\"[^\}]*\}" | sed -n -e 's#.*"id":\([0-9]*\).*#\1#p')"
  _debug "_record_id" "$_record_id"
  if [ -z "$_record_id" ]; then
    _err "can not find _record_id"
    return 1
  fi

-  if ! _rest POST "$_domain/entry_set/$_record_id/delete/" "apikey=$FORNEX_API_KEY"; then
+  if ! _rest DELETE "dns/domain/$_domain/entry_set/$_record_id/"; then
    _err "Delete record error."
    return 1
  fi
@@ -97,11 +95,11 @@ _get_root() {
      return 1
    fi

-    if ! _rest GET "domain_list.json?q=$h&apikey=$FORNEX_API_KEY"; then
+    if ! _rest GET "dns/domain/"; then
      return 1
    fi

-    if _contains "$response" "\"$h\"" >/dev/null; then
+    if _contains "$response" "\"name\":\"$h\"" >/dev/null; then
      _domain=$h
      return 0
    else
@@ -134,7 +132,9 @@ _rest() {
  data="$3"
  _debug "$ep"

-  export _H1="Accept: application/json"
+  export _H1="Authorization: Api-Key $FORNEX_API_KEY"
+  export _H2="Content-Type: application/json"
+  export _H3="Accept: application/json"

  if [ "$m" != "GET" ]; then
    _debug data "$data"
--- a/dnsapi/dns_ionos_cloud.sh
+++ b/dnsapi/dns_ionos_cloud.sh
@@ -1,12 +1,14 @@
 #!/usr/bin/env sh
+# shellcheck disable=SC2034
+dns_ionos_cloud_info='IONOS Cloud DNS
+Site: ionos.com
+Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_ionos_cloud
+Options:
+ IONOS_TOKEN API Token.
+Issues: github.com/acmesh-official/acme.sh/issues/5243
+'

 # Supports IONOS Cloud DNS API v1.15.4
-#
-# Usage:
-#   Export IONOS_TOKEN before calling acme.sh:
-#   $ export IONOS_TOKEN="..."
-#
-#   $ acme.sh --issue --dns dns_ionos_cloud ...

 IONOS_CLOUD_API="https://dns.de-fra.ionos.com"
 IONOS_CLOUD_ROUTE_ZONES="/zones"
--- a/dnsapi/dns_linode_v4.sh
+++ b/dnsapi/dns_linode_v4.sh
@@ -76,7 +76,7 @@ dns_linode_v4_rm() {
  _debug _sub_domain "$_sub_domain"
  _debug _domain "$_domain"

-  if _rest GET "/$_domain_id/records" && [ -n "$response" ]; then
+  if _H4="X-Filter: { \"type\": \"TXT\", \"name\": \"$_sub_domain\" }" _rest GET "/$_domain_id/records" && [ -n "$response" ]; then
    response="$(echo "$response" | tr -d "\n" | tr '{' "|" | sed 's/|/&{/g' | tr "|" "\n")"

    resource="$(echo "$response" | _egrep_o "\{.*\"name\": *\"$_sub_domain\".*}")"
@@ -131,34 +131,42 @@ _Linode_API() {
 # _domain=domain.com
 # _domain_id=12345
 _get_root() {
-  domain=$1
+  full_host_str="$1"
+
  i=2
  p=1
+  while true; do
+    # loop through the received string (e.g.  _acme-challenge.sub3.sub2.sub1.domain.tld),
+    # starting from the lowest subdomain, and check if it's a hosted domain
+    tst_hosted_domain=$(printf "%s" "$full_host_str" | cut -d . -f "$i"-100)
+    _debug tst_hosted_domain "$tst_hosted_domain"
+    if [ -z "$tst_hosted_domain" ]; then
+      #not valid
+      _err "Couldn't get domain from string '$full_host_str'."
+      return 1
+    fi

-  if _rest GET; then
-    response="$(echo "$response" | tr -d "\n" | tr '{' "|" | sed 's/|/&{/g' | tr "|" "\n")"
-    while true; do
-      h=$(printf "%s" "$domain" | cut -d . -f "$i"-100)
-      _debug h "$h"
-      if [ -z "$h" ]; then
-        #not valid
-        return 1
-      fi
-
-      hostedzone="$(echo "$response" | _egrep_o "\{.*\"domain\": *\"$h\".*}")"
+    _debug "Querying Linode APIv4 for hosted zone: $tst_hosted_domain"
+    if _H4="X-Filter: {\"domain\":\"$tst_hosted_domain\"}" _rest GET; then
+      _debug "Got response from API: $response"
+      response="$(echo "$response" | tr -d "\n" | tr '{' "|" | sed 's/|/&{/g' | tr "|" "\n")"
+      hostedzone="$(echo "$response" | _egrep_o "\{.*\"domain\": *\"$tst_hosted_domain\".*}")"
      if [ "$hostedzone" ]; then
        _domain_id=$(printf "%s\n" "$hostedzone" | _egrep_o "\"id\": *[0-9]+" | _head_n 1 | cut -d : -f 2 | tr -d \ )
+        _debug "Found domain hosted on Linode DNS. Zone: $tst_hosted_domain, id: $_domain_id"
        if [ "$_domain_id" ]; then
-          _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-"$p")
-          _domain=$h
+          _sub_domain=$(printf "%s" "$full_host_str" | cut -d . -f 1-"$p")
+          _domain=$tst_hosted_domain
          return 0
        fi
        return 1
      fi
+
      p=$i
      i=$(_math "$i" + 1)
-    done
-  fi
+    fi
+  done
+
  return 1
 }

--- a/dnsapi/dns_omglol.sh
+++ b/dnsapi/dns_omglol.sh
@@ -1,23 +1,19 @@
 #!/usr/bin/env sh
 # shellcheck disable=SC2034
-dns_myapi_info='omg.lol
- Based on the omg.lol API, defined at https://api.omg.lol/
-Domains: omg.lol
-Site: github.com/acmesh-official/acme.sh/wiki/DNS-API-Dev-Guide
-Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_duckdns
+dns_omglol_info='omg.lol
+Site: omg.lol
+Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_omglol
 Options:
- OMG_ApiKey API Key from omg.lol.  This is accesible from the bottom of the account page at https://home.omg.lol/account
+ OMG_ApiKey API Key from omg.lol. This is accessible from the bottom of the account page at https://home.omg.lol/account
 OMG_Address This is your omg.lol address, without the preceding @ - you can see your list on your dashboard at https://home.omg.lol/dashboard
-Issues: github.com/acmesh-official/acme.sh
+Issues: github.com/acmesh-official/acme.sh/issues/5299
 Author: @Kholin <kholin+acme.omglolapi@omg.lol>
 '

-#returns 0 means success, otherwise error.
+# See API Docs https://api.omg.lol/

 ########  Public functions #####################

-# Please Read this guide first: https://github.com/acmesh-official/acme.sh/wiki/DNS-API-Dev-Guide
-
 #Usage: dns_myapi_add   _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
 dns_omglol_add() {
  fulldomain=$1
@@ -244,8 +240,8 @@ omg_delete() {
  omg_validate_delete "$output"
 }

-# Validate the response on request to delete.  Confirm stastus is success and
-# Message indicates deletion was successful
+# Validate the response on request to delete.
+# Confirm status is success and message indicates deletion was successful.
 # Input: Response - HTTP response received from delete request
 omg_validate_delete() {
  response=$1
--- a/dnsapi/dns_pdns.sh
+++ b/dnsapi/dns_pdns.sh
@@ -20,6 +20,11 @@ dns_pdns_add() {
  fulldomain=$1
  txtvalue=$2

+  PDNS_Url="${PDNS_Url:-$(_readaccountconf_mutable PDNS_Url)}"
+  PDNS_ServerId="${PDNS_ServerId:-$(_readaccountconf_mutable PDNS_ServerId)}"
+  PDNS_Token="${PDNS_Token:-$(_readaccountconf_mutable PDNS_Token)}"
+  PDNS_Ttl="${PDNS_Ttl:-$(_readaccountconf_mutable PDNS_Ttl)}"
+
  if [ -z "$PDNS_Url" ]; then
    PDNS_Url=""
    _err "You don't specify PowerDNS address."
@@ -46,12 +51,12 @@ dns_pdns_add() {
  fi

  #save the api addr and key to the account conf file.
-  _saveaccountconf PDNS_Url "$PDNS_Url"
-  _saveaccountconf PDNS_ServerId "$PDNS_ServerId"
-  _saveaccountconf PDNS_Token "$PDNS_Token"
+  _saveaccountconf_mutable PDNS_Url "$PDNS_Url"
+  _saveaccountconf_mutable PDNS_ServerId "$PDNS_ServerId"
+  _saveaccountconf_mutable PDNS_Token "$PDNS_Token"

  if [ "$PDNS_Ttl" != "$DEFAULT_PDNS_TTL" ]; then
-    _saveaccountconf PDNS_Ttl "$PDNS_Ttl"
+    _saveaccountconf_mutable PDNS_Ttl "$PDNS_Ttl"
  fi

  _debug "Detect root zone"
@@ -73,6 +78,11 @@ dns_pdns_rm() {
  fulldomain=$1
  txtvalue=$2

+  PDNS_Url="${PDNS_Url:-$(_readaccountconf_mutable PDNS_Url)}"
+  PDNS_ServerId="${PDNS_ServerId:-$(_readaccountconf_mutable PDNS_ServerId)}"
+  PDNS_Token="${PDNS_Token:-$(_readaccountconf_mutable PDNS_Token)}"
+  PDNS_Ttl="${PDNS_Ttl:-$(_readaccountconf_mutable PDNS_Ttl)}"
+
  if [ -z "$PDNS_Ttl" ]; then
    PDNS_Ttl="$DEFAULT_PDNS_TTL"
  fi
--- a/dnsapi/dns_technitium.sh
+++ b/dnsapi/dns_technitium.sh
@@ -0,0 +1,56 @@
+#!/usr/bin/env sh
+# shellcheck disable=SC2034
+dns_Technitium_info='Technitium DNS Server
+
+Site: https://technitium.com/dns/
+Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_technitium
+Options:
+ Technitium_Server Server Address
+ Technitium_Token API Token
+Issues:https://github.com/acmesh-official/acme.sh/issues/6116
+Author: Henning Reich <acmesh@qupfer.de>
+'
+
+dns_technitium_add() {
+  _info "add txt Record using Technitium"
+  _Technitium_account
+  fulldomain=$1
+  txtvalue=$2
+  response="$(_get "$Technitium_Server/api/zones/records/add?token=$Technitium_Token&domain=$fulldomain&type=TXT&text=${txtvalue}")"
+  if _contains "$response" '"status":"ok"'; then
+    return 0
+  fi
+  _err "Could not add txt record."
+  return 1
+}
+
+dns_technitium_rm() {
+  _info "remove txt record using Technitium"
+  _Technitium_account
+  fulldomain=$1
+  txtvalue=$2
+  response="$(_get "$Technitium_Server/api/zones/records/delete?token=$Technitium_Token&domain=$fulldomain&type=TXT&text=${txtvalue}")"
+  if _contains "$response" '"status":"ok"'; then
+    return 0
+  fi
+  _err "Could not remove txt record"
+  return 1
+}
+
+####################  Private functions below ##################################
+
+_Technitium_account() {
+  Technitium_Server="${Technitium_Server:-$(_readaccountconf_mutable Technitium_Server)}"
+  Technitium_Token="${Technitium_Token:-$(_readaccountconf_mutable Technitium_Token)}"
+  if [ -z "$Technitium_Server" ] || [ -z "$Technitium_Token" ]; then
+    Technitium_Server=""
+    Technitium_Token=""
+    _err "You don't specify Technitium Server and Token yet."
+    _err "Please create your Token and add server address and try again."
+    return 1
+  fi
+
+  #save the credentials to the account conf file.
+  _saveaccountconf_mutable Technitium_Server "$Technitium_Server"
+  _saveaccountconf_mutable Technitium_Token "$Technitium_Token"
+}
--- a/dnsapi/dns_timeweb.sh
+++ b/dnsapi/dns_timeweb.sh
@@ -1,16 +1,13 @@
 #!/usr/bin/env sh
-
-# acme.sh DNS API for Timeweb Cloud provider (https://timeweb.cloud).
-#
-# Author: https://github.com/nikolaypronchev.
-#
-# Prerequisites:
-# Timeweb Cloud API JWT token. Obtain one from the Timeweb Cloud control panel
-# ("API and Terraform" section: https://timeweb.cloud/my/api-keys). The JWT token
-# must be provided to this script in one of two ways:
-# 1.  As the "TW_Token" variable, for example: "export TW_Token=eyJhbG...zUxMiIs";
-# 2.  As a "TW_Token" config entry in acme.sh account config file
-#     (usually located at ~/.acme.sh/account.conf by default).
+# shellcheck disable=SC2034
+dns_timeweb_info='Timeweb.Cloud
+Site: Timeweb.Cloud
+Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_timeweb
+Options:
+ TW_Token API JWT token. Get it from the control panel at https://timeweb.cloud/my/api-keys
+Issues: github.com/acmesh-official/acme.sh/issues/5140
+Author: Nikolay Pronchev <https://github.com/nikolaypronchev>
+'

 TW_Api="https://api.timeweb.cloud/api/v1"

--- a/dnsapi/dns_world4you.sh
+++ b/dnsapi/dns_world4you.sh
@@ -115,7 +115,7 @@ dns_world4you_rm() {

  _resethttp
  export ACME_HTTP_NO_REDIRECTS=1
-  body="DeleteDnsRecordForm[recordId]=$recordid&DeleteDnsRecordForm[uniqueFormIdDP]=$formiddp&DeleteDnsRecordForm[_token]=$form_token"
+  body="DeleteDnsRecordForm[id]=$recordid&DeleteDnsRecordForm[uniqueFormIdDP]=$formiddp&DeleteDnsRecordForm[_token]=$form_token"
  _info "Removing record..."
  ret=$(_post "$body" "$WORLD4YOU_API/$paketnr/dns/record/delete" '' POST 'application/x-www-form-urlencoded')
  _resethttp
@@ -203,6 +203,7 @@ _get_paketnr() {
  form="$2"

  domains=$(echo "$form" | grep '<ul class="nav header-paket-list">' | sed 's/<li/\n<li/g' | sed 's/<[^>]*>/ /g' | sed 's/^.*>\([^>]*\)$/\1/')
+  _debug domains "$domains"
  domain=''
  for domain in $domains; do
    if _contains "$fqdn" "$domain\$"; then
@@ -217,7 +218,7 @@ _get_paketnr() {
  TLD="$domain"
  _debug domain "$domain"
  RECORD=$(echo "$fqdn" | cut -c"1-$((${#fqdn} - ${#TLD} - 1))")
-  PAKETNR=$(echo "$domains" | grep "$domain" | sed 's/^[^,]*, *\([0-9]*\).*$/\1/')
+  PAKETNR=$(echo "$domains" | grep -o " $domain.*" | sed 's/^[^,]*, *\([0-9]*\).*$/\1/')
  return 0
 }

--- a/dnsapi/dns_zoneedit.sh
+++ b/dnsapi/dns_zoneedit.sh
@@ -0,0 +1,145 @@
+#!/usr/bin/env sh
+
+# https://github.com/blueslow/sslcertzoneedit
+
+# Only need to export the credentials once, acme.sh will save for automatic renewal.
+# export ZONEEDIT_ID="Your id"
+# export ZONEEDIT_Token="Your token"
+# acme.sh --issue --dns dns_zoneedit -d example.com -d www.example.com
+
+########  Public functions #####################
+
+# Usage: dns_zoneedit_add   _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
+dns_zoneedit_add() {
+  fulldomain=$1
+  txtvalue=$2
+  _info "Using Zoneedit"
+  _debug fulldomain "$fulldomain"
+  _debug txtvalue "$txtvalue"
+
+  # Load the credentials from the account conf file
+  ZONEEDIT_ID="${ZONEEDIT_ID:-$(_readaccountconf_mutable ZONEEDIT_ID)}"
+  ZONEEDIT_Token="${ZONEEDIT_Token:-$(_readaccountconf_mutable ZONEEDIT_Token)}"
+  if [ -z "$ZONEEDIT_ID" ] || [ -z "$ZONEEDIT_Token" ]; then
+    ZONEEDIT_ID=""
+    ZONEEDIT_Token=""
+    _err "Please specify ZONEEDIT_ID and _Token."
+    _err "Please export as ZONEEDIT_ID and ZONEEDIT_Token then try again."
+    return 1
+  fi
+
+  # Save the credentials to the account conf file
+  _saveaccountconf_mutable ZONEEDIT_ID "$ZONEEDIT_ID"
+  _saveaccountconf_mutable ZONEEDIT_Token "$ZONEEDIT_Token"
+
+  if _zoneedit_api "CREATE" "$fulldomain" "$txtvalue"; then
+    _info "Added, OK"
+    return 0
+  else
+    _err "Add txt record error."
+    return 1
+  fi
+}
+
+# Usage: dns_zoneedit_rm   fulldomain   txtvalue
+dns_zoneedit_rm() {
+  fulldomain=$1
+  txtvalue=$2
+  _info "Using Zoneedit"
+  _debug fulldomain "$fulldomain"
+  _debug txtvalue "$txtvalue"
+
+  # Load the credentials from the account conf file
+  ZONEEDIT_ID="${ZONEEDIT_ID:-$(_readaccountconf_mutable ZONEEDIT_ID)}"
+  ZONEEDIT_Token="${ZONEEDIT_Token:-$(_readaccountconf_mutable ZONEEDIT_Token)}"
+  if [ -z "$ZONEEDIT_ID" ] || [ -z "$ZONEEDIT_Token" ]; then
+    ZONEEDIT_ID=""
+    ZONEEDIT_Token=""
+    _err "Please specify ZONEEDIT_ID and _Token."
+    _err "Please export as ZONEEDIT_ID and ZONEEDIT_Token then try again."
+    return 1
+  fi
+
+  if _zoneedit_api "DELETE" "$fulldomain" "$txtvalue"; then
+    _info "Deleted, OK"
+    return 0
+  else
+    _err "Delete txt record error."
+    return 1
+  fi
+}
+
+####################  Private functions below ##################################
+
+#Usage: _zoneedit_api   <CREATE|DELETE>   fulldomain   txtvalue
+_zoneedit_api() {
+  cmd=$1
+  fulldomain=$2
+  txtvalue=$3
+
+  # Construct basic authorization header
+  credentials=$(printf "%s:%s" "$ZONEEDIT_ID" "$ZONEEDIT_Token" | _base64)
+  export _H1="Authorization: Basic ${credentials}"
+
+  # Generate request URL
+  case "$cmd" in
+  "CREATE")
+    # https://dynamic.zoneedit.com/txt-create.php?host=_acme-challenge.example.com&rdata=depE1VF_xshMm1IVY1Y56Kk9Zb_7jA2VFkP65WuNgu8W
+    geturl="https://dynamic.zoneedit.com/txt-create.php?host=${fulldomain}&rdata=${txtvalue}"
+    ;;
+  "DELETE")
+    # https://dynamic.zoneedit.com/txt-delete.php?host=_acme-challenge.example.com&rdata=depE1VF_xshMm1IVY1Y56Kk9Zb_7jA2VFkP65WuNgu8W
+    geturl="https://dynamic.zoneedit.com/txt-delete.php?host=${fulldomain}&rdata=${txtvalue}"
+    ze_sleep=2
+    ;;
+  *)
+    _err "Unknown parameter : $cmd"
+    return 1
+    ;;
+  esac
+
+  # Execute request
+  i=3 # Tries
+  while [ "$i" -gt 0 ]; do
+    i=$(_math "$i" - 1)
+
+    if ! response=$(_get "$geturl"); then
+      _err "_get() failed ($response)"
+      return 1
+    fi
+    _debug2 response "$response"
+    if _contains "$response" "SUCCESS.*200"; then
+      # Sleep (when needed) to work around a Zonedit API bug
+      # https://forum.zoneedit.com/threads/automating-changes-of-txt-records-in-dns.7394/page-2#post-23855
+      if [ "$ze_sleep" ]; then _sleep "$ze_sleep"; fi
+      return 0
+    elif _contains "$response" "ERROR.*Minimum.*seconds"; then
+      _info "Zoneedit responded with a rate limit of..."
+      ze_ratelimit=$(echo "$response" | sed -n 's/.*Minimum \([0-9]\+\) seconds.*/\1/p')
+      if [ "$ze_ratelimit" ] && [ ! "$(echo "$ze_ratelimit" | tr -d '0-9')" ]; then
+        _info "$ze_ratelimit seconds."
+      else
+        _err "$response"
+        _err "not a number, or blank ($ze_ratelimit), API change?"
+        unset ze_ratelimit
+      fi
+    else
+      _err "$response"
+      _err "Unknown response, API change?"
+    fi
+
+    # Retry
+    if [ "$i" -lt 1 ]; then
+      _err "Tries exceeded, giving up."
+      return 1
+    fi
+    if [ "$ze_ratelimit" ]; then
+      _info "Waiting $ze_ratelimit seconds..."
+      _sleep "$ze_ratelimit"
+    else
+      _err "Going to retry after 10 seconds..."
+      _sleep 10
+    fi
+  done
+  return 1
+}