Skip to content

Commit 5d4d0ee

Browse files
kubaxkubax
committed
dns_acmedns: add optional JSON storage support and dual persistence mode
This commit introduces ACMEDNS_STORAGE for JSON-based account storage, along with backward-compatible logic to persist either credentials (ACMEDNS_USERNAME/PASSWORD/SUBDOMAIN) or a JSON storage file depending on user configuration.
1 parent 7780508 commit 5d4d0ee

File tree

1 file changed

+54
-8
lines changed

1 file changed

+54
-8
lines changed

dnsapi/dns_acmedns.sh

Lines changed: 54 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -8,12 +8,13 @@ Options:
88
ACMEDNS_USERNAME Username. Optional.
99
ACMEDNS_PASSWORD Password. Optional.
1010
ACMEDNS_SUBDOMAIN Subdomain. Optional.
11+
ACMEDNS_STORAGE JSON config. Optional.
1112
ACMEDNS_BASE_URL API endpoint. Default: "https://auth.acme-dns.io".
1213
Issues: github.com/dampfklon/acme.sh
1314
Author: Wolfgang Ebner, Sven Neubuaer
1415
'
1516

16-
######## Public functions #####################
17+
########## Public functions ##########
1718

1819
#Usage: dns_acmedns_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
1920
# Used to add txt record
@@ -32,15 +33,25 @@ dns_acmedns_add() {
3233
ACMEDNS_SUBDOMAIN="${ACMEDNS_SUBDOMAIN:-$(_readaccountconf_mutable ACMEDNS_SUBDOMAIN)}"
3334
_clearaccountconf_mutable ACMEDNS_SUBDOMAIN
3435

36+
# Load per-domain config
3537
ACMEDNS_BASE_URL="${ACMEDNS_BASE_URL:-$(_readdomainconf ACMEDNS_BASE_URL)}"
3638
ACMEDNS_USERNAME="${ACMEDNS_USERNAME:-$(_readdomainconf ACMEDNS_USERNAME)}"
3739
ACMEDNS_PASSWORD="${ACMEDNS_PASSWORD:-$(_readdomainconf ACMEDNS_PASSWORD)}"
3840
ACMEDNS_SUBDOMAIN="${ACMEDNS_SUBDOMAIN:-$(_readdomainconf ACMEDNS_SUBDOMAIN)}"
41+
ACMEDNS_STORAGE="${ACMEDNS_STORAGE:-$(_readdomainconf ACMEDNS_STORAGE)}"
3942

40-
if [ "$ACMEDNS_BASE_URL" = "" ]; then
41-
ACMEDNS_BASE_URL="https://auth.acme-dns.io"
43+
# Detect if user explicitly configured JSON storage
44+
_use_storage_conf=""
45+
[ -n "$ACMEDNS_STORAGE" ] && _use_storage_conf=1
46+
47+
# Load from JSON storage if credentials are incomplete
48+
if [ -z "$ACMEDNS_USERNAME" ] || [ -z "$ACMEDNS_PASSWORD" ] || [ -z "$ACMEDNS_SUBDOMAIN" ]; then
49+
_acmedns_lookup_from_json "$fulldomain"
4250
fi
4351

52+
# Default acme-dns endpoint
53+
[ -z "$ACMEDNS_BASE_URL" ] && ACMEDNS_BASE_URL="https://auth.acme-dns.io"
54+
4455
ACMEDNS_UPDATE_URL="$ACMEDNS_BASE_URL/update"
4556
ACMEDNS_REGISTER_URL="$ACMEDNS_BASE_URL/register"
4657

@@ -61,10 +72,21 @@ dns_acmedns_add() {
6172
read -r _
6273
fi
6374

75+
# Save per-domain config
6476
_savedomainconf ACMEDNS_BASE_URL "$ACMEDNS_BASE_URL"
65-
_savedomainconf ACMEDNS_USERNAME "$ACMEDNS_USERNAME"
66-
_savedomainconf ACMEDNS_PASSWORD "$ACMEDNS_PASSWORD"
67-
_savedomainconf ACMEDNS_SUBDOMAIN "$ACMEDNS_SUBDOMAIN"
77+
78+
# Save either JSON storage or credentials (mutually exclusive)
79+
if [ "$_use_storage_conf" = "1" ]; then
80+
_savedomainconf ACMEDNS_STORAGE "$ACMEDNS_STORAGE"
81+
_cleardomainconf ACMEDNS_USERNAME
82+
_cleardomainconf ACMEDNS_PASSWORD
83+
_cleardomainconf ACMEDNS_SUBDOMAIN
84+
else
85+
_savedomainconf ACMEDNS_USERNAME "$ACMEDNS_USERNAME"
86+
_savedomainconf ACMEDNS_PASSWORD "$ACMEDNS_PASSWORD"
87+
_savedomainconf ACMEDNS_SUBDOMAIN "$ACMEDNS_SUBDOMAIN"
88+
_cleardomainconf ACMEDNS_STORAGE
89+
fi
6890

6991
export _H1="X-Api-User: $ACMEDNS_USERNAME"
7092
export _H2="X-Api-Key: $ACMEDNS_PASSWORD"
@@ -78,7 +100,6 @@ dns_acmedns_add() {
78100
_err "invalid response of acme-dns"
79101
return 1
80102
fi
81-
82103
}
83104

84105
#Usage: fulldomain txtvalue
@@ -91,4 +112,29 @@ dns_acmedns_rm() {
91112
_debug "txtvalue $txtvalue"
92113
}
93114

94-
#################### Private functions below ##################################
115+
########## Private functions ##########
116+
117+
_acmedns_lookup_from_json() {
118+
_fulldomain="$1"
119+
_domain="${_fulldomain#_acme-challenge.}"
120+
121+
_storage="$ACMEDNS_STORAGE"
122+
[ -z "$_storage" ] && _storage="$HOME/.acme-dns.json"
123+
[ ! -f "$_storage" ] && return 1
124+
125+
_entry="$(sed -n "/\"${_domain//./\\.}\"[[:space:]]*:/,/}/p" "$_storage")"
126+
[ -z "$_entry" ] && return 1
127+
128+
_server_url="$(echo "$_entry" | sed -n 's/.*"server_url":[ ]*"\([^"]*\)".*/\1/p')"
129+
_username="$(echo "$_entry" | sed -n 's/.*"username":[ ]*"\([^"]*\)".*/\1/p')"
130+
_password="$(echo "$_entry" | sed -n 's/.*"password":[ ]*"\([^"]*\)".*/\1/p')"
131+
_subdomain="$(echo "$_entry" | sed -n 's/.*"subdomain":[ ]*"\([^"]*\)".*/\1/p')"
132+
133+
[ -n "$_server_url" ] && ACMEDNS_BASE_URL="$_server_url"
134+
[ -n "$_username" ] && ACMEDNS_USERNAME="$_username"
135+
[ -n "$_password" ] && ACMEDNS_PASSWORD="$_password"
136+
[ -n "$_subdomain" ] && ACMEDNS_SUBDOMAIN="$_subdomain"
137+
138+
ACMEDNS_STORAGE="$_storage"
139+
return 0
140+
}

0 commit comments

Comments
 (0)