DNSAPI per-domain conf wrapper funcs
Update to https://github.com/acmesh-official/acme.sh/issues/799 for per-domain auth conf storage. _readdnsapiconf() <Item Key> - Prefers the values stored in the domainconf over the accountconf[_mutable] if it exists in both places. - After first new/update save with _savednsapiconf() it will be stored in the domainconf (and the original acctconf* location if applicable) that's where this function will find the value and the entry in the accountconf* will be obsolete/unused. _savednsapiconf() <Item Key> <Item Value> - "Migrate"/save the auth provided by env var or from accountconf[_mutable] to domainconf for future use. Update it in the original account location for backward compatibility if necessary. 1. These wrappers don't update the environment variable like the _getdeployconf(), they read from arg, emit text. 2. The keys saved through the save wrapper are named in mutable form with "SAVED_" prefix. 3. The DNS API Dev Guide (https://github.com/acmesh-official/acme.sh/wiki/DNS-API-Dev-Guide) will need to be updated for the new functions dns_cf.sh dnsapi script for cloudflare updated as an example.
This commit is contained in:
Chris
parent
3df276c25e
commit
716b9b8aad
36
acme.sh
36
acme.sh
@ -2229,7 +2229,41 @@ _readaccountconf_mutable() {
|
|||||||
_clearaccountconf() {
|
_clearaccountconf() {
|
||||||
_clear_conf "$ACCOUNT_CONF_PATH" "$1"
|
_clear_conf "$ACCOUNT_CONF_PATH" "$1"
|
||||||
}
|
}
|
||||||
|
#_readdnsapiconf key
|
||||||
|
_readdnsapiconf() {
|
||||||
|
local acctmutcnf=$(_readaccountconf_mutable $1)
|
||||||
|
local acctcnf=$(_readaccountconf $1)
|
||||||
|
local domcnf=$(_readdomainconf "SAVED_$1")
|
||||||
|
if [ -n "$domcnf" ]; then
|
||||||
|
dnsapi_auth_conf_loc=domainconf
|
||||||
|
echo -ne "$domcnf"
|
||||||
|
elif [ -n "$acctmutcnf" ]; then
|
||||||
|
dnsapi_auth_conf_loc=accountconf_mutable
|
||||||
|
echo -ne "$acctmutcnf"
|
||||||
|
elif [ -n "$acctcnf" ]; then
|
||||||
|
dnsapi_auth_conf_loc=accountconf
|
||||||
|
echo -ne "$acctcnf"
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug "Read dnsapi conf <$1> from ${dnsapi_auth_conf_loc}"
|
||||||
|
}
|
||||||
|
#_savednsapiconf key value base64encode
|
||||||
|
_savednsapiconf() {
|
||||||
|
_readdnsapiconf $1 >/dev/null
|
||||||
|
#update the original save location if existed for backward compat
|
||||||
|
case "${dnsapi_auth_conf_loc}" in
|
||||||
|
accountconf_mutable)
|
||||||
|
_saveaccountconf_mutable $1 "$2" $3
|
||||||
|
;;
|
||||||
|
accountconf)
|
||||||
|
_saveaccountconf $1 "$2" $3
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
#we'll use this value on automation
|
||||||
|
_savedomainconf "SAVED_$1" "$2" $3
|
||||||
|
unset dnsapi_auth_conf_loc
|
||||||
|
}
|
||||||
#_savecaconf key value
|
#_savecaconf key value
|
||||||
_savecaconf() {
|
_savecaconf() {
|
||||||
_save_conf "$CA_CONF" "$1" "$2"
|
_save_conf "$CA_CONF" "$1" "$2"
|
||||||
|
|||||||
@ -18,16 +18,16 @@ dns_cf_add() {
|
|||||||
fulldomain=$1
|
fulldomain=$1
|
||||||
txtvalue=$2
|
txtvalue=$2
|
||||||
|
|
||||||
CF_Token="${CF_Token:-$(_readaccountconf_mutable CF_Token)}"
|
CF_Token="${CF_Token:-$(_readdnsapiconf CF_Token)}"
|
||||||
CF_Account_ID="${CF_Account_ID:-$(_readaccountconf_mutable CF_Account_ID)}"
|
CF_Account_ID="${CF_Account_ID:-$(_readdnsapiconf CF_Account_ID)}"
|
||||||
CF_Zone_ID="${CF_Zone_ID:-$(_readaccountconf_mutable CF_Zone_ID)}"
|
CF_Zone_ID="${CF_Zone_ID:-$(_readdnsapiconf CF_Zone_ID)}"
|
||||||
CF_Key="${CF_Key:-$(_readaccountconf_mutable CF_Key)}"
|
CF_Key="${CF_Key:-$(_readdnsapiconf CF_Key)}"
|
||||||
CF_Email="${CF_Email:-$(_readaccountconf_mutable CF_Email)}"
|
CF_Email="${CF_Email:-$(_readdnsapiconf CF_Email)}"
|
||||||
|
|
||||||
if [ "$CF_Token" ]; then
|
if [ "$CF_Token" ]; then
|
||||||
_saveaccountconf_mutable CF_Token "$CF_Token"
|
_savednsapiconf CF_Token "$CF_Token"
|
||||||
_saveaccountconf_mutable CF_Account_ID "$CF_Account_ID"
|
_savednsapiconf CF_Account_ID "$CF_Account_ID"
|
||||||
_saveaccountconf_mutable CF_Zone_ID "$CF_Zone_ID"
|
_savednsapiconf CF_Zone_ID "$CF_Zone_ID"
|
||||||
else
|
else
|
||||||
if [ -z "$CF_Key" ] || [ -z "$CF_Email" ]; then
|
if [ -z "$CF_Key" ] || [ -z "$CF_Email" ]; then
|
||||||
CF_Key=""
|
CF_Key=""
|
||||||
@ -43,8 +43,8 @@ dns_cf_add() {
|
|||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
#save the api key and email to the account conf file.
|
#save the api key and email to the account conf file.
|
||||||
_saveaccountconf_mutable CF_Key "$CF_Key"
|
_savednsapiconf CF_Key "$CF_Key"
|
||||||
_saveaccountconf_mutable CF_Email "$CF_Email"
|
_savednsapiconf CF_Email "$CF_Email"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
_debug "First detect the root zone"
|
_debug "First detect the root zone"
|
||||||
@ -92,11 +92,11 @@ dns_cf_rm() {
|
|||||||
fulldomain=$1
|
fulldomain=$1
|
||||||
txtvalue=$2
|
txtvalue=$2
|
||||||
|
|
||||||
CF_Token="${CF_Token:-$(_readaccountconf_mutable CF_Token)}"
|
CF_Token="${CF_Token:-$(_readdnsapiconf CF_Token)}"
|
||||||
CF_Account_ID="${CF_Account_ID:-$(_readaccountconf_mutable CF_Account_ID)}"
|
CF_Account_ID="${CF_Account_ID:-$(_readdnsapiconf CF_Account_ID)}"
|
||||||
CF_Zone_ID="${CF_Zone_ID:-$(_readaccountconf_mutable CF_Zone_ID)}"
|
CF_Zone_ID="${CF_Zone_ID:-$(_readdnsapiconf CF_Zone_ID)}"
|
||||||
CF_Key="${CF_Key:-$(_readaccountconf_mutable CF_Key)}"
|
CF_Key="${CF_Key:-$(_readdnsapiconf CF_Key)}"
|
||||||
CF_Email="${CF_Email:-$(_readaccountconf_mutable CF_Email)}"
|
CF_Email="${CF_Email:-$(_readdnsapiconf CF_Email)}"
|
||||||
|
|
||||||
_debug "First detect the root zone"
|
_debug "First detect the root zone"
|
||||||
if ! _get_root "$fulldomain"; then
|
if ! _get_root "$fulldomain"; then
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user