Dryusdan/ovh-ds-set
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
ovh-ds-set/domain.sh

153 lines
4.6 KiB
Bash
Executable file
Raw Permalink Blame History

#!/bin/bash
### author : Dryusdan
### date : 23/10/2023
### description : A setter and getter for DS key ovh
## Bash strict mode ####################################
set -o errexit # abort on nonzero exitstatus
set -o pipefail # don't hide errors within pipes
##set -o nounset # abort on unbound variable
### Logs ################################################
readonly SCRIPTNAME="$(basename "$0")"
info() { echo -e "[INFO] $* " ; }
warning() { echo -e "[WARNING] $* " ; }
error() { echo -e "[ERROR] $* " ; }
fatal() { echo -e "[FATAL] $* " ; exit 1 ; }
#########################################################
source secret.cfg
CONTENT_TYPE='Content-Type:application/json;charset=utf-8'
OVH_APP="X-Ovh-Application:${OVH_APP_KEY}"
OVH_CONSUMER="X-Ovh-Consumer:${OVH_CONSUMER_KEY}"
function _API_REQUEST()
{
# Brain Ovh Api Player
#
# Author: Christophe Casalegno / Brain 0verride
# Contact: brain@christophe-casalegno.com
# Version 1.0.1
#
# Copyright (c) 2021 Christophe Casalegno
#
# This program is free software: you can redistribute it and/or modify
#
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
#
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>
#
#
# The license is available on this server here:
# https://www.christophe-casalegno.com/licences/gpl-3.0.txt
REQ_TYPE="$1"
ENDPOINT="$2"
DATA="$3"
API_URL="https://api.ovh.com/1.0"
TIMESTAMP=$(curl -s https://api.ovh.com/1.0/auth/time)
OVH_TIMESTAMP="X-Ovh-Timestamp:${TIMESTAMP}"
SIG_KEY="${OVH_APP_SECRET}+${OVH_CONSUMER_KEY}+${REQ_TYPE}+${API_URL}${ENDPOINT}+${DATA}+${TIMESTAMP}"
THE_SIG=$(echo "\$1\$$(echo -n "${SIG_KEY}" |sha1sum - | cut -d' ' -f1)")
OVH_SIG="X-Ovh-Signature:$THE_SIG"
curl -s -X "${REQ_TYPE}" --header "${CONTENT_TYPE}" --header "${OVH_TIMESTAMP}" --header "${OVH_APP}" --header "${OVH_SIG}" --header "${OVH_CONSUMER}" --data "${DATA}" "${API_URL}${ENDPOINT}"
}
function _USAGE
{
cat << EOF
Usage :
${SCRIPTNAME} [OPTIONS]
Options :
--set
--help Display this help
EOF
exit 1
}
function _GET_OPTS
{
_SHORT_OPTS="s:g:h";
_LONG_OPTS="set,get,help";
_OPTS=$(getopt \
-o "${_SHORT_OPTS}" \
-l "${_LONG_OPTS}" \
-n "${SCRIPTNAME}" -- "${@}")
if [ "${?}" -ne 0 ]
then
_USAGE
fi
eval set -- "${_OPTS}"
while true ; do
case "${1}" in
--set)
_SET
shift
;;
--get)
_GET
shift
;;
--help)
_USAGE
shift
;;
*) echo "getopt Internal error!" ; exit 1 ;;
esac
done
}
function _SET() {
for domain in $(_API_REQUEST "GET" "/domain/" | jq -r '.[]')
do
info "Process ${domain}"
if [ "${domain}" == "getignecanoekayak.fr" ] || [ "${domain}" == "gitedeterbin.fr" ]; then
info "Domain ${domain} not managed by us"
elif [ "${domain}" == "dryusdan.im" ]; then
info "DNSSEC can't be configured for ${domain}"
else
info "Get first line of ${domain} key"
ksk=$(tail -n 1 /etc/nsd/zones/K${domain}.ksk.key)
algorithm=$(echo "${ksk}" | awk '{print $6}')
flag=$(echo "${ksk}" | awk '{print $4}')
public_key=$(echo "${ksk}" | awk '{print $7}')
tag=$(echo "${ksk}" | awk '{print $10}')
json='{
"keys": [
{
"algorithm": "'"${algorithm}"'",
"flags": "'"${flag}"'",
"publicKey": "'"${public_key}"'",
"tag": '${tag}'
}
]
}'
_API_REQUEST "POST" "/domain/${domain}/dsRecord" "$(echo "${json}" | jq)"
sleep 10
fi
done
}
_GET_OPTS "${@}"
Reference in a new issue View git blame Copy permalink