153 lines
4.6 KiB
Bash
Executable file
153 lines
4.6 KiB
Bash
Executable file
#!/bin/bash
|
|
### author : Dryusdan
|
|
### date : 23/10/2023
|
|
### description : A setter and getter for DS key ovh
|
|
|
|
## Bash strict mode ####################################
|
|
set -o errexit # abort on nonzero exitstatus
|
|
set -o pipefail # don't hide errors within pipes
|
|
|
|
##set -o nounset # abort on unbound variable
|
|
|
|
### Logs ################################################
|
|
readonly SCRIPTNAME="$(basename "$0")"
|
|
info() { echo -e "[INFO] $* " ; }
|
|
warning() { echo -e "[WARNING] $* " ; }
|
|
error() { echo -e "[ERROR] $* " ; }
|
|
fatal() { echo -e "[FATAL] $* " ; exit 1 ; }
|
|
#########################################################
|
|
|
|
source secret.cfg
|
|
|
|
CONTENT_TYPE='Content-Type:application/json;charset=utf-8'
|
|
OVH_APP="X-Ovh-Application:${OVH_APP_KEY}"
|
|
OVH_CONSUMER="X-Ovh-Consumer:${OVH_CONSUMER_KEY}"
|
|
|
|
function _API_REQUEST()
|
|
{
|
|
|
|
# Brain Ovh Api Player
|
|
#
|
|
# Author: Christophe Casalegno / Brain 0verride
|
|
# Contact: brain@christophe-casalegno.com
|
|
# Version 1.0.1
|
|
#
|
|
# Copyright (c) 2021 Christophe Casalegno
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
#
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
#
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <https://www.gnu.org/licenses/>
|
|
#
|
|
#
|
|
# The license is available on this server here:
|
|
# https://www.christophe-casalegno.com/licences/gpl-3.0.txt
|
|
|
|
REQ_TYPE="$1"
|
|
ENDPOINT="$2"
|
|
DATA="$3"
|
|
API_URL="https://api.ovh.com/1.0"
|
|
TIMESTAMP=$(curl -s https://api.ovh.com/1.0/auth/time)
|
|
OVH_TIMESTAMP="X-Ovh-Timestamp:${TIMESTAMP}"
|
|
SIG_KEY="${OVH_APP_SECRET}+${OVH_CONSUMER_KEY}+${REQ_TYPE}+${API_URL}${ENDPOINT}+${DATA}+${TIMESTAMP}"
|
|
THE_SIG=$(echo "\$1\$$(echo -n "${SIG_KEY}" |sha1sum - | cut -d' ' -f1)")
|
|
OVH_SIG="X-Ovh-Signature:$THE_SIG"
|
|
|
|
curl -s -X "${REQ_TYPE}" --header "${CONTENT_TYPE}" --header "${OVH_TIMESTAMP}" --header "${OVH_APP}" --header "${OVH_SIG}" --header "${OVH_CONSUMER}" --data "${DATA}" "${API_URL}${ENDPOINT}"
|
|
}
|
|
|
|
function _USAGE
|
|
{
|
|
cat << EOF
|
|
Usage :
|
|
${SCRIPTNAME} [OPTIONS]
|
|
|
|
Options :
|
|
--set
|
|
--help Display this help
|
|
EOF
|
|
exit 1
|
|
}
|
|
|
|
function _GET_OPTS
|
|
{
|
|
_SHORT_OPTS="s:g:h";
|
|
_LONG_OPTS="set,get,help";
|
|
_OPTS=$(getopt \
|
|
-o "${_SHORT_OPTS}" \
|
|
-l "${_LONG_OPTS}" \
|
|
-n "${SCRIPTNAME}" -- "${@}")
|
|
if [ "${?}" -ne 0 ]
|
|
then
|
|
_USAGE
|
|
fi
|
|
|
|
eval set -- "${_OPTS}"
|
|
|
|
while true ; do
|
|
case "${1}" in
|
|
--set)
|
|
_SET
|
|
shift
|
|
;;
|
|
--get)
|
|
_GET
|
|
shift
|
|
;;
|
|
--help)
|
|
_USAGE
|
|
shift
|
|
;;
|
|
*) echo "getopt Internal error!" ; exit 1 ;;
|
|
esac
|
|
done
|
|
}
|
|
|
|
function _SET() {
|
|
for domain in $(_API_REQUEST "GET" "/domain/" | jq -r '.[]')
|
|
do
|
|
info "Process ${domain}"
|
|
if [ "${domain}" == "getignecanoekayak.fr" ] || [ "${domain}" == "gitedeterbin.fr" ]; then
|
|
info "Domain ${domain} not managed by us"
|
|
elif [ "${domain}" == "dryusdan.im" ]; then
|
|
info "DNSSEC can't be configured for ${domain}"
|
|
else
|
|
info "Get first line of ${domain} key"
|
|
ksk=$(tail -n 1 /etc/nsd/zones/K${domain}.ksk.key)
|
|
algorithm=$(echo "${ksk}" | awk '{print $6}')
|
|
flag=$(echo "${ksk}" | awk '{print $4}')
|
|
public_key=$(echo "${ksk}" | awk '{print $7}')
|
|
tag=$(echo "${ksk}" | awk '{print $10}')
|
|
json='{
|
|
"keys": [
|
|
{
|
|
"algorithm": "'"${algorithm}"'",
|
|
"flags": "'"${flag}"'",
|
|
"publicKey": "'"${public_key}"'",
|
|
"tag": '${tag}'
|
|
}
|
|
]
|
|
}'
|
|
_API_REQUEST "POST" "/domain/${domain}/dsRecord" "$(echo "${json}" | jq)"
|
|
sleep 10
|
|
fi
|
|
done
|
|
}
|
|
|
|
_GET_OPTS "${@}"
|