Adds dnsapi support for Simply.com

World4You Bugfix unable to parse paketnr

.github/workflows/DNS.yml

@@ -1,6 +1,8 @@
 name: DNS
 on:
   push:
+    branches:
+      - 'dev'
     paths:
       - 'dnsapi/*.sh'
       - '.github/workflows/DNS.yml'
@@ -36,10 +38,10 @@ jobs:
     steps:
     - name: "Read this:   https://github.com/acmesh-official/acme.sh/wiki/DNS-API-Test"
       run: |
-        echo "Read this:   https://github.com/acmesh-official/acme.sh/wiki/DNS-API-Test"
+        echo "Plese see this page to fix the error: https://github.com/acmesh-official/acme.sh/wiki/DNS-API-Test"
-        if [ "${{github.actor}}" != "Neilpang" ]; then
+    - name: Fail
-          false
+      if: "github.actor != 'Neilpang'"
-        fi
+      run: false
 
   Docker:
     runs-on: ubuntu-latest
@@ -149,64 +151,25 @@ jobs:
     - name: Clone acmetest
       run: cd .. && git clone https://github.com/acmesh-official/acmetest.git  && cp -r acme.sh acmetest/
     - name: Run acmetest
-      shell: bash
+      shell: cmd
       run: |
         if [ "${{ secrets.TokenName1}}" ] ; then
-          export ${{ secrets.TokenName1}}=${{ secrets.TokenValue1}}
+          set ${{ secrets.TokenName1}}=${{ secrets.TokenValue1}}
         fi
         if [ "${{ secrets.TokenName2}}" ] ; then
-          export ${{ secrets.TokenName2}}=${{ secrets.TokenValue2}}
+          set ${{ secrets.TokenName2}}=${{ secrets.TokenValue2}}
         fi
         if [ "${{ secrets.TokenName3}}" ] ; then
-          export ${{ secrets.TokenName3}}=${{ secrets.TokenValue3}}
+          set ${{ secrets.TokenName3}}=${{ secrets.TokenValue3}}
         fi
         if [ "${{ secrets.TokenName4}}" ] ; then
-          export ${{ secrets.TokenName4}}=${{ secrets.TokenValue4}}
+          set ${{ secrets.TokenName4}}=${{ secrets.TokenValue4}}
         fi
         if [ "${{ secrets.TokenName5}}" ] ; then
-          export ${{ secrets.TokenName5}}=${{ secrets.TokenValue5}}
+          set ${{ secrets.TokenName5}}=${{ secrets.TokenValue5}}
         fi
         cd ../acmetest
-        ./letest.sh
+        bash.exe -c ./letest.sh
-
-  FreeBSD:
-    runs-on: macos-latest
-    needs: Windows
-    env:
-      TEST_DNS : ${{ secrets.TEST_DNS }}
-      TestingDomain: ${{ secrets.TestingDomain }}
-      TEST_DNS_NO_WILDCARD: ${{ secrets.TEST_DNS_NO_WILDCARD }}
-      TEST_DNS_SLEEP: ${{ secrets.TEST_DNS_SLEEP }}
-      CASE: le_test_dnsapi
-      TEST_LOCAL: 1
-      DEBUG: 1
-    steps:
-    - uses: actions/checkout@v2
-    - name: Clone acmetest
-      run: cd .. && git clone https://github.com/acmesh-official/acmetest.git  && cp -r acme.sh acmetest/
-    - uses: vmactions/freebsd-vm@v0.0.7
-      with:
-        envs: 'TEST_DNS TestingDomain TEST_DNS_NO_WILDCARD TEST_DNS_SLEEP CASE TEST_LOCAL DEBUG ${{ secrets.TokenName1}} ${{ secrets.TokenName2}} ${{ secrets.TokenName3}} ${{ secrets.TokenName4}} ${{ secrets.TokenName5}}'
-        prepare: pkg install -y socat curl
-        usesh: true
-        run: |
-          if [ "${{ secrets.TokenName1}}" ] ; then
-            export ${{ secrets.TokenName1}}=${{ secrets.TokenValue1}}
-          fi
-          if [ "${{ secrets.TokenName2}}" ] ; then
-            export ${{ secrets.TokenName2}}=${{ secrets.TokenValue2}}
-          fi
-          if [ "${{ secrets.TokenName3}}" ] ; then
-            export ${{ secrets.TokenName3}}=${{ secrets.TokenValue3}}
-          fi
-          if [ "${{ secrets.TokenName4}}" ] ; then
-            export ${{ secrets.TokenName4}}=${{ secrets.TokenValue4}}
-          fi
-          if [ "${{ secrets.TokenName5}}" ] ; then
-            export ${{ secrets.TokenName5}}=${{ secrets.TokenValue5}}
-          fi
-          cd ../acmetest
-          ./letest.sh
 
   Solaris:
     runs-on: macos-latest
@@ -246,4 +209,3 @@ jobs:
           cd ../acmetest
           ./letest.sh
 
-        

.github/workflows/LetsEncrypt.yml

@@ -58,7 +58,7 @@ jobs:
     steps:
     - uses: actions/checkout@v2
     - name: Install tools
-      run:  brew install socat
+      run:  brew update && brew install socat;
     - name: Clone acmetest
       run: cd .. && git clone https://github.com/acmesh-official/acmetest.git  && cp -r acme.sh acmetest/
     - name: Run acmetest
@@ -111,11 +111,10 @@ jobs:
     - uses: actions/checkout@v2
     - name: Clone acmetest
       run: cd .. && git clone https://github.com/acmesh-official/acmetest.git  && cp -r acme.sh acmetest/
-    - uses: vmactions/freebsd-vm@v0.0.7
+    - uses: vmactions/freebsd@main
       with:
         envs: 'NGROK_TOKEN TEST_LOCAL'
-        prepare: pkg install -y socat curl
+        prepare: pkg install -y socat
-        usesh: true
         run: |
           cd ../acmetest && ./letest.sh
 

acme.sh

@@ -1,6 +1,6 @@
 #!/usr/bin/env sh
 
-VER=2.8.8
+VER=2.8.9
 
 PROJECT_NAME="acme.sh"
 
@@ -160,6 +160,8 @@ _SERVER_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Server"
 
 _PREFERRED_CHAIN_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Preferred-Chain"
 
+_DNSCHECK_WIKI="https://github.com/acmesh-official/acme.sh/wiki/dnscheck"
+
 _DNS_MANUAL_ERR="The dns manual mode can not renew automatically, you must issue it again manually. You'd better use the other modes instead."
 
 _DNS_MANUAL_WARN="It seems that you are using dns manual mode. please take care: $_DNS_MANUAL_ERR"
@@ -3958,6 +3960,8 @@ _check_dns_entries() {
   _end_time="$(_math "$_end_time" + 1200)" #let's check no more than 20 minutes.
 
   while [ "$(_time)" -le "$_end_time" ]; do
+    _info "You can use '--dnssleep' to disable public dns checks."
+    _info "See: $_DNSCHECK_WIKI"
     _left=""
     for entry in $dns_entries; do
       d=$(_getfield "$entry" 1)
@@ -4148,20 +4152,32 @@ issue() {
     _debug "_saved_account_key_hash is not changed, skip register account."
   fi
 
+  export Le_Pre_Generated_Key="$CERT_KEY_PATH.prekey"
   if [ -f "$CSR_PATH" ] && [ ! -f "$CERT_KEY_PATH" ]; then
     _info "Signing from existing CSR."
   else
     _key=$(_readdomainconf Le_Keylength)
     _debug "Read key length:$_key"
     if [ ! -f "$CERT_KEY_PATH" ] || [ "$_key_length" != "$_key" ] || [ "$Le_ForceNewDomainKey" = "1" ]; then
-      if ! createDomainKey "$_main_domain" "$_key_length"; then
+      if [ "$Le_ForceNewDomainKey" = "1" ] && [ -f "$Le_Pre_Generated_Key" ]; then
-        _err "Create domain key error."
+        _info "Using pre generated key: $Le_Pre_Generated_Key"
-        _clearup
+        cat "$Le_Pre_Generated_Key" >"$CERT_KEY_PATH" && rm -f "$Le_Pre_Generated_Key"
-        _on_issue_err "$_post_hook"
+      else
+        if ! createDomainKey "$_main_domain" "$_key_length"; then
+          _err "Create domain key error."
+          _clearup
+          _on_issue_err "$_post_hook"
+          return 1
+        fi
+      fi
+    fi
+    if [ "$Le_ForceNewDomainKey" ]; then
+      _info "Generate next pre-generate key."
+      if ! _createkey "$_key_length" "$Le_Pre_Generated_Key"; then
+        _err "Can not pre generate domain key"
         return 1
       fi
     fi
-
     if ! _createcsr "$_main_domain" "$_alt_domains" "$CERT_KEY_PATH" "$CSR_PATH" "$DOMAIN_SSL_CONF"; then
       _err "Create CSR error."
       _clearup
@@ -5433,7 +5449,8 @@ installcert() {
   _savedomainconf "Le_RealKeyPath" "$_real_key"
   _savedomainconf "Le_ReloadCmd" "$_reload_cmd" "base64"
   _savedomainconf "Le_RealFullChainPath" "$_real_fullchain"
-
+  export Le_ForceNewDomainKey="$(_readdomainconf Le_ForceNewDomainKey)"
+  export Le_Pre_Generated_Key="$CERT_KEY_PATH.prekey"
   _installcert "$_main_domain" "$_real_cert" "$_real_key" "$_real_ca" "$_real_fullchain" "$_reload_cmd"
 }
 
@@ -5516,6 +5533,8 @@ _installcert() {
       export CA_CERT_PATH
       export CERT_FULLCHAIN_PATH
       export Le_Domain="$_main_domain"
+      export Le_ForceNewDomainKey
+      export Le_Pre_Generated_Key
       cd "$DOMAIN_PATH" && eval "$_reload_cmd"
     ); then
       _info "$(__green "Reload success")"

deploy/docker.sh

@@ -275,6 +275,7 @@ _check_curl_version() {
 
   if [ "$_major$_minor" -lt "740" ]; then
     _err "curl v$_cversion doesn't support unit socket"
+    _err "Please upgrade to curl 7.40 or later."
     return 1
   fi
   if [ "$_major$_minor" -lt "750" ]; then

deploy/mailcow.sh

@@ -27,26 +27,43 @@ mailcow_deploy() {
     return 1
   fi
 
-  _ssl_path="${_mailcow_path}/data/assets/ssl/"
+  #Tests if _ssl_path is the mailcow root directory.
+  if [ -f "${_mailcow_path}/generate_config.sh" ]; then
+    _ssl_path="${_mailcow_path}/data/assets/ssl/"
+  else
+    _ssl_path="${_mailcow_path}"
+  fi
+
   if [ ! -d "$_ssl_path" ]; then
     _err "Cannot find mailcow ssl path: $_ssl_path"
     return 1
   fi
 
+  # ECC or RSA
+  if [ -z "${Le_Keylength}" ]; then
+    Le_Keylength=""
+  fi
+  if _isEccKey "${Le_Keylength}"; then
+    _info "ECC key type detected"
+    _cert_name_prefix="ecdsa-"
+  else
+    _info "RSA key type detected"
+    _cert_name_prefix=""
+  fi
   _info "Copying key and cert"
-  _real_key="$_ssl_path/key.pem"
+  _real_key="$_ssl_path/${_cert_name_prefix}key.pem"
   if ! cat "$_ckey" >"$_real_key"; then
     _err "Error: write key file to: $_real_key"
     return 1
   fi
 
-  _real_fullchain="$_ssl_path/cert.pem"
+  _real_fullchain="$_ssl_path/${_cert_name_prefix}cert.pem"
   if ! cat "$_cfullchain" >"$_real_fullchain"; then
     _err "Error: write cert file to: $_real_fullchain"
     return 1
   fi
 
-  DEFAULT_MAILCOW_RELOAD="cd ${_mailcow_path} && docker-compose restart postfix-mailcow dovecot-mailcow nginx-mailcow"
+  DEFAULT_MAILCOW_RELOAD="docker restart $(docker ps -qaf name=postfix-mailcow); docker restart $(docker ps -qaf name=nginx-mailcow); docker restart $(docker ps -qaf name=dovecot-mailcow)"
   _reload="${DEPLOY_MAILCOW_RELOAD:-$DEFAULT_MAILCOW_RELOAD}"
 
   _info "Run reload: $_reload"

deploy/synology_dsm.sh

@@ -21,10 +21,6 @@
 
 ########  Public functions #####################
 
-_syno_get_cookie_data() {
-  grep -i "\W$1=" | grep -i "^Set-Cookie:" | _tail_n 1 | _egrep_o "$1=[^;]*;" | tr -d ';'
-}
-
 #domain keyfile certfile cafile fullchain
 synology_dsm_deploy() {
 
@@ -73,13 +69,25 @@ synology_dsm_deploy() {
   _base_url="$SYNO_Scheme://$SYNO_Hostname:$SYNO_Port"
   _debug _base_url "$_base_url"
 
+  _debug "Getting API version"
+  response=$(_get "$_base_url/webapi/query.cgi?api=SYNO.API.Info&version=1&method=query&query=SYNO.API.Auth")
+  api_version=$(echo "$response" | grep "SYNO.API.Auth" | sed -n 's/.*"maxVersion" *: *\([0-9]*\).*/\1/p')
+  _debug3 response "$response"
+  _debug3 api_version "$api_version"
+
   # Login, get the token from JSON and session id from cookie
   _info "Logging into $SYNO_Hostname:$SYNO_Port"
   encoded_username="$(printf "%s" "$SYNO_Username" | _url_encode)"
   encoded_password="$(printf "%s" "$SYNO_Password" | _url_encode)"
-  encoded_did="$(printf "%s" "$SYNO_DID" | _url_encode)"
+
-  response=$(_get "$_base_url/webman/login.cgi?username=$encoded_username&passwd=$encoded_password&enable_syno_token=yes&device_id=$encoded_did" 1)
+  if [ -n "$SYNO_DID" ]; then
-  token=$(echo "$response" | grep -i "X-SYNO-TOKEN:" | sed -n 's/^X-SYNO-TOKEN: \(.*\)$/\1/pI' | tr -d "\r\n")
+    _H1="Cookie: did=$SYNO_DID"
+    export _H1
+    _debug3 H1 "${_H1}"
+  fi
+
+  response=$(_post "method=login&account=$encoded_username&passwd=$encoded_password&api=SYNO.API.Auth&version=$api_version&enable_syno_token=yes" "$_base_url/webapi/auth.cgi?enable_syno_token=yes")
+  token=$(echo "$response" | grep "synotoken" | sed -n 's/.*"synotoken" *: *"\([^"]*\).*/\1/p')
   _debug3 response "$response"
   _debug token "$token"
 
@@ -88,13 +96,11 @@ synology_dsm_deploy() {
     _err "Check your username and password."
     return 1
   fi
+  sid=$(echo "$response" | grep "sid" | sed -n 's/.*"sid" *: *"\([^"]*\).*/\1/p')
 
-  _H1="Cookie: $(echo "$response" | _syno_get_cookie_data "id"); $(echo "$response" | _syno_get_cookie_data "smid")"
+  _H1="X-SYNO-TOKEN: $token"
-  _H2="X-SYNO-TOKEN: $token"
   export _H1
-  export _H2
   _debug2 H1 "${_H1}"
-  _debug2 H2 "${_H2}"
 
   # Now that we know the username and password are good, save them
   _savedeployconf SYNO_Username "$SYNO_Username"
@@ -102,7 +108,7 @@ synology_dsm_deploy() {
   _savedeployconf SYNO_DID "$SYNO_DID"
 
   _info "Getting certificates in Synology DSM"
-  response=$(_post "api=SYNO.Core.Certificate.CRT&method=list&version=1" "$_base_url/webapi/entry.cgi")
+  response=$(_post "api=SYNO.Core.Certificate.CRT&method=list&version=1&_sid=$sid" "$_base_url/webapi/entry.cgi")
   _debug3 response "$response"
   id=$(echo "$response" | sed -n "s/.*\"desc\":\"$SYNO_Certificate\",\"id\":\"\([^\"]*\).*/\1/p")
   _debug2 id "$id"
@@ -135,7 +141,7 @@ synology_dsm_deploy() {
   content="${content%_}" # protect trailing \n
 
   _info "Upload certificate to the Synology DSM"
-  response=$(_post "$content" "$_base_url/webapi/entry.cgi?api=SYNO.Core.Certificate&method=import&version=1&SynoToken=$token" "" "POST" "multipart/form-data; boundary=${delim}")
+  response=$(_post "$content" "$_base_url/webapi/entry.cgi?api=SYNO.Core.Certificate&method=import&version=1&SynoToken=$token&_sid=$sid" "" "POST" "multipart/form-data; boundary=${delim}")
   _debug3 response "$response"
 
   if ! echo "$response" | grep '"error":' >/dev/null; then

dnsapi/dns_duckdns.sh

@@ -96,7 +96,7 @@ dns_duckdns_rm() {
 _duckdns_get_domain() {
 
   # We'll extract the domain/username from full domain
-  _duckdns_domain="$(printf "%s" "$fulldomain" | _lower_case | _egrep_o '^(_acme-challenge\.)?[a-z0-9-]*\.duckdns\.org' | sed 's/^\(_acme-challenge\.\)\?\([a-z0-9-]*\)\.duckdns\.org/\2/')"
+  _duckdns_domain="$(printf "%s" "$fulldomain" | _lower_case | _egrep_o '^(_acme-challenge\.)?[a-z0-9-]*\.duckdns\.org' | sed 's/^\(_acme-challenge\.\)\{0,1\}\([a-z0-9-]*\)\.duckdns\.org/\2/')"
 
   if [ -z "$_duckdns_domain" ]; then
     _err "Error extracting the domain."

dnsapi/dns_dynv6.sh

@@ -1,41 +1,39 @@
 #!/usr/bin/env sh
 #Author StefanAbl
 #Usage specify a private keyfile to use with dynv6 'export KEY="path/to/keyfile"'
-#or use the HTTP REST API by by specifying a token 'export DYNV6_TOKEN="value"
 #if no keyfile is specified, you will be asked if you want to create one in /home/$USER/.ssh/dynv6 and /home/$USER/.ssh/dynv6.pub
-
-dynv6_api="https://dynv6.com/api/v2"
 ########  Public functions #####################
 # Please Read this guide first: https://github.com/Neilpang/acme.sh/wiki/DNS-API-Dev-Guide
-#Usage: dns_dynv6_add  _acme-challenge.www.domain.com  "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
+#Usage: dns_myapi_add  _acme-challenge.www.domain.com  "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
 dns_dynv6_add() {
   fulldomain=$1
   txtvalue=$2
   _info "Using dynv6 api"
   _debug fulldomain "$fulldomain"
   _debug txtvalue "$txtvalue"
-  _get_authentication
+  _get_keyfile
-  if [ "$dynv6_token" ]; then
+  _info "using keyfile $dynv6_keyfile"
-    _dns_dynv6_add_http
+  _your_hosts="$(ssh -i "$dynv6_keyfile" api@dynv6.com hosts)"
-    return $?
+
+  if ! _get_domain "$fulldomain" "$_your_hosts"; then
+  	_err "Host not found on your account"
+  	return 1
+  fi
+#  if ! _contains "$_your_hosts" "$_host"; then
+#    _debug "The host is $_host and the record $_record"
+#    _debug "Dynv6 returned $_your_hosts"
+#    _err "The host $_host does not exists on your dynv6 account"
+#    return 1
+#  fi
+  _debug "found host on your account"
+  returnval="$(ssh -i "$dynv6_keyfile" api@dynv6.com hosts \""$_host"\" records set \""$_record"\" txt data \""$txtvalue"\")"
+  _debug "Dynv6 returend this after record was added: $returnval"
+  if _contains "$returnval" "created"; then
+    return 0
+  elif _contains "$returnval" "updated"; then
+    return 0
   else
-    _info "using key file $dynv6_keyfile"
+    _err "Something went wrong! it does not seem like the record was added succesfully"
-    _your_hosts="$(ssh -i "$dynv6_keyfile" api@dynv6.com hosts)"
-    if ! _get_domain "$fulldomain" "$_your_hosts"; then
-      _err "Host not found on your account"
-      return 1
-    fi
-    _debug "found host on your account"
-    returnval="$(ssh -i "$dynv6_keyfile" api@dynv6.com hosts \""$_host"\" records set \""$_record"\" txt data \""$txtvalue"\")"
-    _debug "Dynv6 returned this after record was added: $returnval"
-    if _contains "$returnval" "created"; then
-      return 0
-    elif _contains "$returnval" "updated"; then
-      return 0
-    else
-      _err "Something went wrong! it does not seem like the record was added successfully"
-      return 1
-    fi
     return 1
   fi
   return 1
@@ -45,29 +43,31 @@ dns_dynv6_add() {
 dns_dynv6_rm() {
   fulldomain=$1
   txtvalue=$2
-  _info "Using dynv6 API"
+  _info "Using dynv6 api"
   _debug fulldomain "$fulldomain"
   _debug txtvalue "$txtvalue"
-  _get_authentication
+  _get_keyfile
-  if [ "$dynv6_token" ]; then
+  _info "using keyfile $dynv6_keyfile"
-    _dns_dynv6_rm_http
+  _your_hosts="$(ssh -i "$dynv6_keyfile" api@dynv6.com hosts)"
-    return $?
+  if ! _get_domain "$fulldomain" "$_your_hosts"; then
-  else
+  	_err "Host not found on your account"
-    _info "using key file $dynv6_keyfile"
+  	return 1
-    _your_hosts="$(ssh -i "$dynv6_keyfile" api@dynv6.com hosts)"
-    if ! _get_domain "$fulldomain" "$_your_hosts"; then
-      _err "Host not found on your account"
-      return 1
-    fi
-    _debug "found host on your account"
-    _info "$(ssh -i "$dynv6_keyfile" api@dynv6.com hosts "\"$_host\"" records del "\"$_record\"" txt)"
-    return 0
   fi
+#  if ! _contains "$_your_hosts" "$_host"; then
+#    _debug "The host is $_host and the record $_record"
+#   _debug "Dynv6 returned $_your_hosts"
+#    _err "The host $_host does not exists on your dynv6 account"
+#    return 1
+#  fi
+  _debug "found host on your account"
+  _info "$(ssh -i "$dynv6_keyfile" api@dynv6.com hosts "\"$_host\"" records del "\"$_record\"" txt)"
+  return 0
+
 }
 #################### Private functions below ##################################
 #Usage: No Input required
 #returns
-#dynv6_keyfile the path to the new key file that has been generated
+#dynv6_keyfile the path to the new keyfile that has been generated
 _generate_new_key() {
   dynv6_keyfile="$(eval echo ~"$USER")/.ssh/dynv6"
   _info "Path to key file used: $dynv6_keyfile"
@@ -93,13 +93,13 @@ _get_domain() {
 
   _your_hosts="$(echo "$_your_hosts" | awk '/\./ {print $1}')"
   for l in $_your_hosts; do
-    #echo "host: $l"
+  	#echo "host: $l"
-    if test "${_full_domain#*$l}" != "$_full_domain"; then
+  	if test "${_full_domain#*$l}" != "$_full_domain"; then
-      _record="${_full_domain%.$l}"
+  	  _record="${_full_domain%.$l}"
-      _host=$l
+  	  _host=$l
-      _debug "The host is $_host and the record $_record"
+  	  _debug "The host is $_host and the record $_record"
-      return 0
+  	  return 0
-    fi
+  	fi
   done
   _err "Either their is no such host on your dnyv6 account or it cannot be accessed with this key"
   return 1
@@ -108,178 +108,22 @@ _get_domain() {
 # Usage: No input required
 #returns
 #dynv6_keyfile path to the key that will be used
-_get_authentication() {
+_get_keyfile() {
-  dynv6_token="${DYNV6_TOKEN:-$(_readaccountconf_mutable dynv6_token)}"
+  _debug "get keyfile method called"
-  if [ "$dynv6_token" ]; then
+  dynv6_keyfile="${dynv6_keyfile:-$(_readaccountconf_mutable dynv6_keyfile)}"
-    _debug "Found HTTP Token. Going to use the HTTP API and not the SSH API"
+  _debug "Your key is $dynv6_keyfile"
-    if [ "$DYNV6_TOKEN" ]; then
+  if [ -z "$dynv6_keyfile" ]; then
-      _saveaccountconf_mutable dynv6_token "$dynv6_token"
+    if [ -z "$KEY" ]; then
-    fi
+      _err "You did not specify a key to use with dynv6"
-  else
+      _info "Creating new dynv6 api key to add to dynv6.com"
-    _debug "no HTTP token found. Looking for an SSH key"
+      _generate_new_key
-    dynv6_keyfile="${dynv6_keyfile:-$(_readaccountconf_mutable dynv6_keyfile)}"
+      _info "Please add this key to dynv6.com $(cat "$dynv6_keyfile.pub")"
-    _debug "Your key is $dynv6_keyfile"
+      _info "Hit Enter to contiue"
-    if [ -z "$dynv6_keyfile" ]; then
+      read -r _
-      if [ -z "$KEY" ]; then
+      #save the credentials to the account conf file.
-        _err "You did not specify a key to use with dynv6"
+    else
-        _info "Creating new dynv6 API key to add to dynv6.com"
+      dynv6_keyfile="$KEY"
-        _generate_new_key
-        _info "Please add this key to dynv6.com $(cat "$dynv6_keyfile.pub")"
-        _info "Hit Enter to continue"
-        read -r _
-        #save the credentials to the account conf file.
-      else
-        dynv6_keyfile="$KEY"
-      fi
-      _saveaccountconf_mutable dynv6_keyfile "$dynv6_keyfile"
     fi
+    _saveaccountconf_mutable dynv6_keyfile "$dynv6_keyfile"
   fi
 }
-
-_dns_dynv6_add_http() {
-  _debug "Got HTTP token form _get_authentication method. Going to use the HTTP API"
-  if ! _get_zone_id "$fulldomain"; then
-    _err "Could not find a matching zone for $fulldomain. Maybe your HTTP Token is not authorized to access the zone"
-    return 1
-  fi
-  _get_zone_name "$_zone_id"
-  record="${fulldomain%%.$_zone_name}"
-  _set_record TXT "$record" "$txtvalue"
-  if _contains "$response" "$txtvalue"; then
-    _info "Successfully added record"
-    return 0
-  else
-    _err "Something went wrong while adding the record"
-    return 1
-  fi
-}
-
-_dns_dynv6_rm_http() {
-  _debug "Got HTTP token form _get_authentication method. Going to use the HTTP API"
-  if ! _get_zone_id "$fulldomain"; then
-    _err "Could not find a matching zone for $fulldomain. Maybe your HTTP Token is not authorized to access the zone"
-    return 1
-  fi
-  _get_zone_name "$_zone_id"
-  record="${fulldomain%%.$_zone_name}"
-  _get_record_id "$_zone_id" "$record" "$txtvalue"
-  _del_record "$_zone_id" "$_record_id"
-  if [ -z "$response" ]; then
-    _info "Successfully deleted record"
-    return 0
-  else
-    _err "Something went wrong while deleting the record"
-    return 1
-  fi
-}
-
-#get the zoneid for a specifc record or zone
-#usage: _get_zone_id §record
-#where $record is the record to get the id for
-#returns _zone_id the id of the zone
-_get_zone_id() {
-  record="$1"
-  _debug "getting zone id for $record"
-  _dynv6_rest GET zones
-
-  zones="$(echo "$response" | tr '}' '\n' | tr ',' '\n' | grep name | sed 's/\[//g' | tr -d '{' | tr -d '"')"
-  #echo $zones
-
-  selected=""
-  for z in $zones; do
-    z="${z#name:}"
-    _debug zone: "$z"
-    if _contains "$record" "$z"; then
-      _debug "$z found in $record"
-      selected="$z"
-    fi
-  done
-  if [ -z "$selected" ]; then
-    _err "no zone found"
-    return 1
-  fi
-
-  zone_id="$(echo "$response" | tr '}' '\n' | grep "$selected" | tr ',' '\n' | grep id | tr -d '"')"
-  _zone_id="${zone_id#id:}"
-  _debug "zone id: $_zone_id"
-}
-
-_get_zone_name() {
-  _zone_id="$1"
-  _dynv6_rest GET zones/"$_zone_id"
-  _zone_name="$(echo "$response" | tr ',' '\n' | tr -d '{' | grep name | tr -d '"')"
-  _zone_name="${_zone_name#name:}"
-}
-
-#usaage _get_record_id $zone_id $record
-# where zone_id is thevalue returned by _get_zone_id
-# and record ist in the form _acme.www for an fqdn of _acme.www.example.com
-# returns _record_id
-_get_record_id() {
-  _zone_id="$1"
-  record="$2"
-  value="$3"
-  _dynv6_rest GET "zones/$_zone_id/records"
-  if ! _get_record_id_from_response "$response"; then
-    _err "no such record $record found in zone $_zone_id"
-    return 1
-  fi
-}
-
-_get_record_id_from_response() {
-  response="$1"
-  _record_id="$(echo "$response" | tr '}' '\n' | grep "\"name\":\"$record\"" | grep "\"data\":\"$value\"" | tr ',' '\n' | grep id | tr -d '"' | tr -d 'id:')"
-  #_record_id="${_record_id#id:}"
-  if [ -z "$_record_id" ]; then
-    _err "no such record: $record found in zone $_zone_id"
-    return 1
-  fi
-  _debug "record id: $_record_id"
-  return 0
-}
-#usage: _set_record TXT _acme_challenge.www longvalue 12345678
-#zone id is optional can also be set as vairable bevor calling this method
-_set_record() {
-  type="$1"
-  record="$2"
-  value="$3"
-  if [ "$4" ]; then
-    _zone_id="$4"
-  fi
-  data="{\"name\": \"$record\", \"data\": \"$value\", \"type\": \"$type\"}"
-  #data='{ "name": "acme.test.thorn.dynv6.net", "type": "A", "data": "192.168.0.1"}'
-  echo "$data"
-  #"{\"type\":\"TXT\",\"name\":\"$fulldomain\",\"content\":\"$txtvalue\",\"ttl\":120}"
-  _dynv6_rest POST "zones/$_zone_id/records" "$data"
-}
-_del_record() {
-  _zone_id=$1
-  _record_id=$2
-  _dynv6_rest DELETE zones/"$_zone_id"/records/"$_record_id"
-}
-
-_dynv6_rest() {
-  m=$1    #method GET,POST,DELETE or PUT
-  ep="$2" #the endpoint
-  data="$3"
-  _debug "$ep"
-
-  token_trimmed=$(echo "$dynv6_token" | tr -d '"')
-
-  export _H1="Authorization: Bearer $token_trimmed"
-  export _H2="Content-Type: application/json"
-
-  if [ "$m" != "GET" ]; then
-    _debug data "$data"
-    response="$(_post "$data" "$dynv6_api/$ep" "" "$m")"
-  else
-    response="$(_get "$dynv6_api/$ep")"
-  fi
-
-  if [ "$?" != "0" ]; then
-    _err "error $ep"
-    return 1
-  fi
-  _debug2 response "$response"
-  return 0
-}

dnsapi/dns_infomaniak.sh

@@ -85,7 +85,7 @@ dns_infomaniak_add() {
 
   # API call
   response=$(_post "$data" "${INFOMANIAK_API_URL}/1/domain/$domain_id/dns/record")
-  if [ -n "$response" ] && echo "$response" | _contains '"result":"success"'; then
+  if [ -n "$response" ] && echo "$response" | grep -qF '"result":"success"'; then
     _info "Record added"
     _debug "Response: $response"
     return 0
@@ -165,7 +165,7 @@ dns_infomaniak_rm() {
 
   # API call
   response=$(_post "" "${INFOMANIAK_API_URL}/1/domain/$domain_id/dns/record/$record_id" "" DELETE)
-  if [ -n "$response" ] && echo "$response" | _contains '"result":"success"'; then
+  if [ -n "$response" ] && echo "$response" | grep -qF '"result":"success"'; then
     _info "Record deleted"
     return 0
   fi
@@ -187,7 +187,7 @@ _find_zone() {
   zone="$1"
 
   # find domain in list, removing . parts sequentialy
-  while _contains "$zone" '\.'; do
+  while echo "$zone" | grep -q '\.'; do
     _debug "testing $zone"
     id=$(_get_domain_id "$zone")
     if [ -n "$id" ]; then

dnsapi/dns_scaleway.sh

@@ -0,0 +1,176 @@
+#!/usr/bin/env sh
+
+# Scaleway API
+# https://developers.scaleway.com/en/products/domain/dns/api/
+#
+# Requires Scaleway API token set in SCALEWAY_API_TOKEN
+
+########  Public functions #####################
+
+SCALEWAY_API="https://api.scaleway.com/domain/v2beta1"
+
+#Usage: add  _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
+dns_scaleway_add() {
+  fulldomain=$1
+  txtvalue=$2
+
+  if ! _scaleway_check_config; then
+    return 1
+  fi
+
+  _debug "First detect the root zone"
+  if ! _get_root "$fulldomain"; then
+    _err "invalid domain"
+    return 1
+  fi
+
+  _debug _sub_domain "$_sub_domain"
+  _debug _domain "$_domain"
+
+  _info "Adding record"
+  _scaleway_create_TXT_record "$_domain" "$_sub_domain" "$txtvalue"
+  if _contains "$response" "records"; then
+    return 0
+  else
+    _err error "$response"
+    return 1
+  fi
+  _info "Record added."
+
+  return 0
+}
+
+dns_scaleway_rm() {
+  fulldomain=$1
+  txtvalue=$2
+
+  if ! _scaleway_check_config; then
+    return 1
+  fi
+
+  _debug "First detect the root zone"
+  if ! _get_root "$fulldomain"; then
+    _err "invalid domain"
+    return 1
+  fi
+
+  _debug _sub_domain "$_sub_domain"
+  _debug _domain "$_domain"
+
+  _info "Deleting record"
+  _scaleway_delete_TXT_record "$_domain" "$_sub_domain" "$txtvalue"
+  if _contains "$response" "records"; then
+    return 0
+  else
+    _err error "$response"
+    return 1
+  fi
+  _info "Record deleted."
+
+  return 0
+}
+
+####################  Private functions below ##################################
+
+_scaleway_check_config() {
+  SCALEWAY_API_TOKEN="${SCALEWAY_API_TOKEN:-$(_readaccountconf_mutable SCALEWAY_API_TOKEN)}"
+  if [ -z "$SCALEWAY_API_TOKEN" ]; then
+    _err "No API key specified for Scaleway API."
+    _err "Create your key and export it as SCALEWAY_API_TOKEN"
+    return 1
+  fi
+  if ! _scaleway_rest GET "dns-zones"; then
+    _err "Invalid API key specified for Scaleway API."
+    return 1
+  fi
+
+  _saveaccountconf_mutable SCALEWAY_API_TOKEN "$SCALEWAY_API_TOKEN"
+
+  return 0
+}
+
+#_acme-challenge.www.domain.com
+#returns
+# _sub_domain=_acme-challenge.www
+# _domain=domain.com
+_get_root() {
+  domain=$1
+  i=1
+  p=1
+  while true; do
+    h=$(printf "%s" "$domain" | cut -d . -f $i-100)
+    if [ -z "$h" ]; then
+      #not valid
+      return 1
+    fi
+
+    _scaleway_rest GET "dns-zones/$h/records"
+
+    if ! _contains "$response" "subdomain not found" >/dev/null; then
+      _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
+      _domain="$h"
+      return 0
+    fi
+    p=$i
+    i=$(_math "$i" + 1)
+  done
+  _err "Unable to retrive DNS zone matching this domain"
+  return 1
+}
+
+# this function add a TXT record
+_scaleway_create_TXT_record() {
+  txt_zone=$1
+  txt_name=$2
+  txt_value=$3
+
+  _scaleway_rest PATCH "dns-zones/$txt_zone/records" "{\"return_all_records\":false,\"changes\":[{\"add\":{\"records\":[{\"name\":\"$txt_name\",\"data\":\"$txt_value\",\"type\":\"TXT\",\"ttl\":60}]}}]}"
+
+  if _contains "$response" "records"; then
+    return 0
+  else
+    _err "error1 $response"
+    return 1
+  fi
+}
+
+# this function delete a TXT record based on name and content
+_scaleway_delete_TXT_record() {
+  txt_zone=$1
+  txt_name=$2
+  txt_value=$3
+
+  _scaleway_rest PATCH "dns-zones/$txt_zone/records" "{\"return_all_records\":false,\"changes\":[{\"delete\":{\"id_fields\":{\"name\":\"$txt_name\",\"data\":\"$txt_value\",\"type\":\"TXT\"}}}]}"
+
+  if _contains "$response" "records"; then
+    return 0
+  else
+    _err "error2 $response"
+    return 1
+  fi
+}
+
+_scaleway_rest() {
+  m=$1
+  ep="$2"
+  data="$3"
+  _debug "$ep"
+  _scaleway_url="$SCALEWAY_API/$ep"
+  _debug2 _scaleway_url "$_scaleway_url"
+  export _H1="x-auth-token: $SCALEWAY_API_TOKEN"
+  export _H2="Accept: application/json"
+  export _H3="Content-Type: application/json"
+
+  if [ "$data" ] || [ "$m" != "GET" ]; then
+    _debug data "$data"
+    response="$(_post "$data" "$_scaleway_url" "" "$m")"
+  else
+    response="$(_get "$_scaleway_url")"
+  fi
+  if [ "$?" != "0" ] || _contains "$response" "denied_authentication" || _contains "$response" "Method not allowed" || _contains "$response" "json parse error: unexpected EOF"; then
+    _err "error $response"
+    return 1
+  fi
+  _debug2 response "$response"
+  return 0
+}

dnsapi/dns_simply.sh

@@ -0,0 +1,240 @@
+#!/usr/bin/env sh
+
+#
+#SIMPLY_AccountName="accountname"
+#
+#SIMPLY_ApiKey="apikey"
+#
+#SIMPLY_Api="https://api.simply.com/1/[ACCOUNTNAME]/[APIKEY]"
+
+SIMPLY_Api="https://api.simply.com/1"
+########  Public functions #####################
+
+#Usage: add  _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
+dns_simply_add() {
+  fulldomain=$1
+  txtvalue=$2
+
+  if ! _simply_load_config; then
+    return 1
+  fi
+
+  _simply_save_config
+
+  _debug "First detect the root zone"
+  if ! _get_root "$fulldomain"; then
+    _err "invalid domain"
+    return 1
+  fi
+  
+  _debug _sub_domain "$_sub_domain"
+  _debug _domain "$_domain"
+
+  _info "Adding record"
+
+  if ! _simply_add_record "$_domain" "$_sub_domain" "$txtvalue"; then  
+    _err "Could not add DNS record"
+    return 1
+  fi
+  
+  return 0
+}
+
+dns_simply_rm() {
+  fulldomain=$1
+  txtvalue=$2
+  
+  if ! _simply_load_config; then
+    return 1
+  fi
+
+  _simply_save_config
+
+  _debug "First detect the root zone"
+  
+  if ! _get_root "$fulldomain"; then
+    _err "invalid domain"
+    return 1
+  fi
+
+  _debug _sub_domain "$_sub_domain"
+  _debug _domain "$_domain"
+  _debug "$txtvalue"
+
+  _debug "Getting existing records"
+  
+  if ! _simply_get_all_records "$_domain"; then
+    _err "invalid domain"
+    return 1
+  fi
+  
+  records=$(echo "$response" | tr '{' "\n" | grep 'record_id\|type\|data\|\name' | sed 's/\"record_id/;\"record_id/')
+  record_array=(`echo $records |tr -d ' ' | tr ';' ' '`)
+  nr_of_deleted_records=0
+
+  for (( i=0; i<=${#record_array[@]}; i++ )); do
+  
+  record="${record_array[$i]}"
+  
+  if [[ "$record" == *"$txtvalue"* && "$record" == *"TXT"* ]]; then
+  
+    _info "Deleting record: $record"
+    
+    record_id=`echo $record | cut -d "," -f 1 | grep "record_id" | cut -d ":" -f 2`
+    
+    if [[ $record_id -gt 0 ]]; then
+      
+      if ! _simply_delete_record "$_domain" "$_sub_domain" "$record_id"; then
+        _err "Record with id $record_id could not be deleted"
+        return 1
+      fi
+      
+      nr_of_deleted_records=1
+      break
+    else  
+      _err "Fetching record_id could not be done, this should not happen, exiting function. Failing record is $record"
+      break
+    fi
+  fi
+  
+  done
+
+  if [[ $nr_of_deleted_records -eq 0 ]]; then
+    _err "No record deleted, the DNS record needs to be removed manually." 
+  else
+    _info "Deleted $nr_of_deleted_records record"
+  fi
+  
+  return 0
+}
+
+####################  Private functions below ##################################
+
+_simply_load_config() {
+  SIMPLY_Api="${SIMPLY_Api:-$(_readaccountconf_mutable SIMPLY_Api)}"
+  SIMPLY_AccountName="${SIMPLY_AccountName:-$(_readaccountconf_mutable SIMPLY_AccountName)}"
+  SIMPLY_ApiKey="${SIMPLY_ApiKey:-$(_readaccountconf_mutable SIMPLY_ApiKey)}"
+
+  if [ -z "$SIMPLY_Api" ]; then
+    SIMPLY_Api="$SIMPLY_Api_Default"
+  fi
+  
+  if [ -z "$SIMPLY_AccountName" ] || [ -z "$SIMPLY_ApiKey" ]; then
+    SIMPLY_AccountName=""
+    SIMPLY_ApiKey=""
+
+    _err "A valid Simply API account and apikey not provided."
+    _err "Please provide a valid API user and try again."
+
+    return 1
+  fi
+
+  return 0
+}
+
+_simply_save_config() {
+  if [ "$SIMPLY_Api" != "$SIMPLY_Api_Default" ]; then
+    _saveaccountconf_mutable SIMPLY_Api "$SIMPLY_Api"
+  fi
+  _saveaccountconf_mutable SIMPLY_AccountName "$SIMPLY_AccountName"
+  _saveaccountconf_mutable SIMPLY_ApiKey "$SIMPLY_ApiKey"
+}
+
+_simply_get_all_records() {
+  domain=$1  
+      
+  if ! _simply_rest GET "my/products/$domain/dns/records"; then
+    return 1
+  fi
+
+  return 0
+}
+
+_get_root() {
+  domain=$1
+  i=2
+  p=1
+  while true; do
+    h=$(printf "%s" "$domain" | cut -d . -f $i-100)
+    if [ -z "$h" ]; then
+      #not valid
+      return 1
+    fi
+
+    if ! _simply_rest GET "my/products/$h/dns"; then
+      return 1
+    fi
+
+    if _contains "$response" '"code":"NOT_FOUND"'; then
+      _debug "$h not found"
+    else
+      _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
+      _domain="$h"
+      return 0
+    fi
+    p="$i"
+    i=$(_math "$i" + 1)
+  done
+  return 1
+}
+
+_simply_add_record() {
+  domain=$1
+  sub_domain=$2
+  txtval=$3
+  
+  data="{\"name\": \"$sub_domain\", \"type\":\"TXT\", \"data\": \"$txtval\", \"priority\":0, \"ttl\": 3600}"
+
+  if ! _simply_rest POST "my/products/$domain/dns/records" "$data"; then
+    _err "Adding record not successfull!"
+    return 1
+  fi
+  
+  return 0
+}
+
+_simply_delete_record() {
+  domain=$1
+  sub_domain=$2
+  record_id=$3
+  
+  _debug "Delete record with id $record_id"
+  
+  if ! _simply_rest DELETE "my/products/$domain/dns/records/$record_id"; then
+    _err "Deleting record not successfull!"
+    return 1
+  fi
+  
+  return 0
+}
+
+_simply_rest() {
+  m=$1
+  ep="$2"
+  data="$3"
+    
+  _debug "Data: $data"
+  _debug "Methodcall: $ep"
+  _debug "Call type: $m"
+
+  export _H1="Content-Type: application/json"
+
+  if [ "$m" != "GET" ]; then
+    response="$(_post "$data" "$SIMPLY_Api/$SIMPLY_AccountName/$SIMPLY_ApiKey/$ep" "" "$m")"
+  else
+    response="$(_get "$SIMPLY_Api/$SIMPLY_AccountName/$SIMPLY_ApiKey/$ep")"
+  fi
+
+  if [ "$?" != "0" ]; then
+    _err "error $ep"
+    return 1
+  fi
+  
+  _debug2 response "$response"
+  
+  if _contains "$response" "Invalid account authorization"; then
+    _err "It seems that your api key or accountnumber is not correct."
+    return 1
+  fi
+  return 0
+}

dnsapi/dns_world4you.sh

@@ -52,17 +52,26 @@ AddDnsRecordForm[uniqueFormIdTTL]=$formidttl&AddDnsRecordForm[_token]=$form_toke
   ret=$(_post "$body" "$WORLD4YOU_API/$paketnr/dns" '' POST 'application/x-www-form-urlencoded')
   _resethttp
 
-  if grep '302' >/dev/null <"$HTTP_HEADER"; then
+  if _contains "$(_head_n 3 <"$HTTP_HEADER")" '302'; then
     res=$(_get "$WORLD4YOU_API/$paketnr/dns")
     if _contains "$res" "successfully"; then
       return 0
     else
       msg=$(echo "$res" | tr '\n' '\t' | sed 's/.*<h3 class="mb-5">[^\t]*\t *\([^\t]*\)\t.*/\1/')
+      if _contains "$msg" '^<\!DOCTYPE html>'; then
+        msg='Unknown error'
+      fi
       _err "Unable to add record: $msg"
+      if _contains "$msg" '^<\!DOCTYPE html>'; then
+        echo "$ret" >'error-01.html'
+        echo "$res" >'error-02.html'
+        _err "View error-01.html and error-02.html for debugging"
+      fi
       return 1
     fi
   else
-    _err "$(_head_n 1 <"$HTTP_HEADER")"
+    _err "$(_head_n 3 <"$HTTP_HEADER")"
+    _err "View $HTTP_HEADER for debugging"
     return 1
   fi
 }
@@ -111,17 +120,26 @@ DeleteDnsRecordForm[_token]=$form_token"
   ret=$(_post "$body" "$WORLD4YOU_API/$paketnr/deleteRecord" '' POST 'application/x-www-form-urlencoded')
   _resethttp
 
-  if grep '302' >/dev/null <"$HTTP_HEADER"; then
+  if _contains "$(_head_n 3 <"$HTTP_HEADER")" '302'; then
     res=$(_get "$WORLD4YOU_API/$paketnr/dns")
     if _contains "$res" "successfully"; then
       return 0
     else
       msg=$(echo "$res" | tr '\n' '\t' | sed 's/.*<h3 class="mb-5">[^\t]*\t *\([^\t]*\)\t.*/\1/')
+      if _contains "$msg" '^<\!DOCTYPE html>'; then
+        msg='Unknown error'
+      fi
       _err "Unable to remove record: $msg"
+      if _contains "$msg" '^<\!DOCTYPE html>'; then
+        echo "$ret" >'error-01.html'
+        echo "$res" >'error-02.html'
+        _err "View error-01.html and error-02.html for debugging"
+      fi
       return 1
     fi
   else
-    _err "$(_head_n 1 <"$HTTP_HEADER")"
+    _err "$(_head_n 3 <"$HTTP_HEADER")"
+    _err "View $HTTP_HEADER for debugging"
     return 1
   fi
 }
@@ -175,7 +193,7 @@ _get_paketnr() {
   domains=$(echo "$form" | grep '^ *[A-Za-z0-9_\.-]*\.[A-Za-z0-9_-]*$' | sed 's/^\s*\(\S*\)$/\1/')
   domain=''
   for domain in $domains; do
-    if echo "$fqdn" | grep "$domain\$" >/dev/null; then
+    if _contains "$fqdn" "$domain\$"; then
       break
     fi
     domain=''
@@ -185,7 +203,8 @@ _get_paketnr() {
   fi
 
   TLD="$domain"
+  _debug domain "$domain"
   RECORD=$(echo "$fqdn" | cut -c"1-$((${#fqdn} - ${#TLD} - 1))")
-  PAKETNR=$(echo "$form" | grep "data-textfilter=\" $domain " | _head_n 1 | sed 's/^.* \([0-9]*\) .*$/\1/')
+  PAKETNR=$(echo "$form" | grep "data-textfilter=\".* $domain " | _head_n 1 | sed 's/^.* \([0-9]*\) .*$/\1/')
   return 0
 }