DNSAPI per-domain conf wrapper funcs
Update to https://github.com/acmesh-official/acme.sh/issues/799 for per-domain auth conf storage. _readdnsapiconf() <Item Key> - Prefers the values stored in the domainconf over the accountconf[_mutable] if it exists in both places. - After first new/update save with _savednsapiconf() it will be stored in the domainconf (and the original acctconf* location if applicable) that's where this function will find the value and the entry in the accountconf* will be obsolete/unused. _savednsapiconf() <Item Key> <Item Value> - "Migrate"/save the auth provided by env var or from accountconf[_mutable] to domainconf for future use. Update it in the original account location for backward compatibility if necessary. 1. These wrappers don't update the environment variable like the _getdeployconf(), they read from arg, emit text. 2. The keys saved through the save wrapper are named in mutable form with "SAVED_" prefix. 3. The DNS API Dev Guide (https://github.com/acmesh-official/acme.sh/wiki/DNS-API-Dev-Guide) will need to be updated for the new functions dns_cf.sh dnsapi script for cloudflare updated as an example.
This commit is contained in:
Chris
parent
3df276c25e
commit
716b9b8aad
36
acme.sh
36
acme.sh
@ -2229,7 +2229,41 @@ _readaccountconf_mutable() {
|
||||
_clearaccountconf() {
|
||||
_clear_conf "$ACCOUNT_CONF_PATH" "$1"
|
||||
}
|
||||
|
||||
#_readdnsapiconf key
|
||||
_readdnsapiconf() {
|
||||
local acctmutcnf=$(_readaccountconf_mutable $1)
|
||||
local acctcnf=$(_readaccountconf $1)
|
||||
local domcnf=$(_readdomainconf "SAVED_$1")
|
||||
if [ -n "$domcnf" ]; then
|
||||
dnsapi_auth_conf_loc=domainconf
|
||||
echo -ne "$domcnf"
|
||||
elif [ -n "$acctmutcnf" ]; then
|
||||
dnsapi_auth_conf_loc=accountconf_mutable
|
||||
echo -ne "$acctmutcnf"
|
||||
elif [ -n "$acctcnf" ]; then
|
||||
dnsapi_auth_conf_loc=accountconf
|
||||
echo -ne "$acctcnf"
|
||||
else
|
||||
return 1
|
||||
fi
|
||||
_debug "Read dnsapi conf <$1> from ${dnsapi_auth_conf_loc}"
|
||||
}
|
||||
#_savednsapiconf key value base64encode
|
||||
_savednsapiconf() {
|
||||
_readdnsapiconf $1 >/dev/null
|
||||
#update the original save location if existed for backward compat
|
||||
case "${dnsapi_auth_conf_loc}" in
|
||||
accountconf_mutable)
|
||||
_saveaccountconf_mutable $1 "$2" $3
|
||||
;;
|
||||
accountconf)
|
||||
_saveaccountconf $1 "$2" $3
|
||||
;;
|
||||
esac
|
||||
#we'll use this value on automation
|
||||
_savedomainconf "SAVED_$1" "$2" $3
|
||||
unset dnsapi_auth_conf_loc
|
||||
}
|
||||
#_savecaconf key value
|
||||
_savecaconf() {
|
||||
_save_conf "$CA_CONF" "$1" "$2"
|
||||
|
||||
@ -18,16 +18,16 @@ dns_cf_add() {
|
||||
fulldomain=$1
|
||||
txtvalue=$2
|
||||
|
||||
CF_Token="${CF_Token:-$(_readaccountconf_mutable CF_Token)}"
|
||||
CF_Account_ID="${CF_Account_ID:-$(_readaccountconf_mutable CF_Account_ID)}"
|
||||
CF_Zone_ID="${CF_Zone_ID:-$(_readaccountconf_mutable CF_Zone_ID)}"
|
||||
CF_Key="${CF_Key:-$(_readaccountconf_mutable CF_Key)}"
|
||||
CF_Email="${CF_Email:-$(_readaccountconf_mutable CF_Email)}"
|
||||
CF_Token="${CF_Token:-$(_readdnsapiconf CF_Token)}"
|
||||
CF_Account_ID="${CF_Account_ID:-$(_readdnsapiconf CF_Account_ID)}"
|
||||
CF_Zone_ID="${CF_Zone_ID:-$(_readdnsapiconf CF_Zone_ID)}"
|
||||
CF_Key="${CF_Key:-$(_readdnsapiconf CF_Key)}"
|
||||
CF_Email="${CF_Email:-$(_readdnsapiconf CF_Email)}"
|
||||
|
||||
if [ "$CF_Token" ]; then
|
||||
_saveaccountconf_mutable CF_Token "$CF_Token"
|
||||
_saveaccountconf_mutable CF_Account_ID "$CF_Account_ID"
|
||||
_saveaccountconf_mutable CF_Zone_ID "$CF_Zone_ID"
|
||||
_savednsapiconf CF_Token "$CF_Token"
|
||||
_savednsapiconf CF_Account_ID "$CF_Account_ID"
|
||||
_savednsapiconf CF_Zone_ID "$CF_Zone_ID"
|
||||
else
|
||||
if [ -z "$CF_Key" ] || [ -z "$CF_Email" ]; then
|
||||
CF_Key=""
|
||||
@ -43,8 +43,8 @@ dns_cf_add() {
|
||||
return 1
|
||||
fi
|
||||
#save the api key and email to the account conf file.
|
||||
_saveaccountconf_mutable CF_Key "$CF_Key"
|
||||
_saveaccountconf_mutable CF_Email "$CF_Email"
|
||||
_savednsapiconf CF_Key "$CF_Key"
|
||||
_savednsapiconf CF_Email "$CF_Email"
|
||||
fi
|
||||
|
||||
_debug "First detect the root zone"
|
||||
@ -92,11 +92,11 @@ dns_cf_rm() {
|
||||
fulldomain=$1
|
||||
txtvalue=$2
|
||||
|
||||
CF_Token="${CF_Token:-$(_readaccountconf_mutable CF_Token)}"
|
||||
CF_Account_ID="${CF_Account_ID:-$(_readaccountconf_mutable CF_Account_ID)}"
|
||||
CF_Zone_ID="${CF_Zone_ID:-$(_readaccountconf_mutable CF_Zone_ID)}"
|
||||
CF_Key="${CF_Key:-$(_readaccountconf_mutable CF_Key)}"
|
||||
CF_Email="${CF_Email:-$(_readaccountconf_mutable CF_Email)}"
|
||||
CF_Token="${CF_Token:-$(_readdnsapiconf CF_Token)}"
|
||||
CF_Account_ID="${CF_Account_ID:-$(_readdnsapiconf CF_Account_ID)}"
|
||||
CF_Zone_ID="${CF_Zone_ID:-$(_readdnsapiconf CF_Zone_ID)}"
|
||||
CF_Key="${CF_Key:-$(_readdnsapiconf CF_Key)}"
|
||||
CF_Email="${CF_Email:-$(_readdnsapiconf CF_Email)}"
|
||||
|
||||
_debug "First detect the root zone"
|
||||
if ! _get_root "$fulldomain"; then
|
||||
|
||||
Loading…
Reference in New Issue
Block a user