i#!/bin/bash #========================================= # Author : colben # Create : 2022-04-04 10:12 #========================================= set -euo pipefail export LANG=en_US.UTF-8 trap Quit EXIT SECRET_ID='tencent secret id' SECRET_KEY='tencent secret key' DOMAIN=$CERTBOT_DOMAIN SUB_DOMAIN=_acme-challenge RECORD_ID= RECORD_VA=$CERTBOT_VALIDATION PID_FILE=/tmp/$(basename ${0%.sh}).pid if [ -t 0 ]; then function Print { echo -e "\033[32;1m$(date +'[%F %T]') $*\033[0m"; } function Warn { echo -e "\033[33;1m$(date +'[%F %T]') $*\033[0m"; } function Error { echo -e "\033[31;1m$(date +'[%F %T]') $*\033[0m"; exit 1; } else #exec &> ${0%.sh}.out function Print { echo -e "$(date +'[%F %T] INFO') $*"; } function Warn { echo -e "$(date +'[%F %T] WARN') $*"; } function Error { echo -e "$(date +'[%F %T] ERROR') $*"; exit 1; } fi function Quit { local exitCode=$? [ 0 -ne $exitCode ] && Error Failed to request tencent api! [ -z "${END:-}" ] && echo && Error Interrupted manually! Print Succeeded to request tencent api and wait 30 seconds. sleep 30 } function GetSignature { local sha1Str=$(echo -n "GET$1" | openssl dgst -sha1 -hmac "$SECRET_KEY" -binary) echo -n "$sha1Str" | base64 | sed -e 's/=/%3D/g' -e 's/+/%2B/g' } function ListRecord { Warn Get request url ... local sign= local resp= local url='cns.api.qcloud.com/v2/index.php' url="${url}?Action=RecordList" url="${url}&Nonce=$RANDOM" url="${url}&SecretId=$SECRET_ID" url="${url}&Timestamp=$(date +%s)" url="${url}&Version=2018-08-08" url="${url}&domain=$DOMAIN" sign=$(GetSignature "$url") Warn List record ... resp=$(curl -sSL -XGET "https://$url&Signature=$sign" | jq -eM .) [ '0' != "$(echo $resp | jq -crM .code)" ] && echo "$resp" && exit 1 RECORD_ID=$(echo $resp | jq -crM ".data.records[] | select(.name == \"$SUB_DOMAIN\") | .id") } function CreateRecord { Warn Get request url ... local sign= local resp= local url='cns.api.qcloud.com/v2/index.php' url="${url}?Action=RecordCreate" url="${url}&Nonce=$RANDOM" url="${url}&SecretId=$SECRET_ID" url="${url}&Timestamp=$(date +%s)" url="${url}&Version=2018-08-08" url="${url}&domain=$DOMAIN" url="${url}&recordLine=默认" url="${url}&recordType=TXT" url="${url}&subDomain=$SUB_DOMAIN" url="${url}&value=$RECORD_VA" sign=$(GetSignature "$url") Warn Create sub_domain: $SUB_DOMAIN with value: $RECORD_VA ... resp=$(curl -sSL -XGET "https://$url&Signature=$sign" | jq -eM .) [ '0' != "$(echo $resp | jq -crM .code)" ] && echo "$resp" && exit 1 return 0 } function ModifyRecord { Warn Get request url ... local sign= local resp= local url='cns.api.qcloud.com/v2/index.php' url="${url}?Action=RecordModify" url="${url}&Nonce=$RANDOM" url="${url}&SecretId=$SECRET_ID" url="${url}&Timestamp=$(date +%s)" url="${url}&Version=2018-08-08" url="${url}&domain=$CERTBOT_DOMAIN" url="${url}&recordId=$RECORD_ID" url="${url}&recordLine=默认" url="${url}&recordType=TXT" url="${url}&subDomain=$SUB_DOMAIN" url="${url}&value=$RECORD_VA" sign=$(GetSignature "$url") Warn Modify record: $RECORD_ID with value: $RECORD_VA ... resp=$(curl -sSL -XGET "https://$url&Signature=$sign" | jq -eM .) [ '0' != "$(echo $resp | jq -crM .code)" ] && echo "$resp" && exit 1 return 0 } function DeleteRecord { Warn Get request url ... local sign= local resp= local url='cns.api.qcloud.com/v2/index.php' url="${url}?Action=RecordDelete" url="${url}&Nonce=$RANDOM" url="${url}&SecretId=$SECRET_ID" url="${url}&Timestamp=$(date +%s)" url="${url}&Version=2018-08-08" url="${url}&domain=$DOMAIN" url="${url}&recordId=$RECORD_ID" sign=$(GetSignature "$url") Warn Delete record $RECORD_ID ... resp=$(curl -sSL -XGET "https://$url&Signature=$sign" | jq -eM .) [ '0' != "$(echo $resp | jq -crM .code)" ] && echo "$resp" && exit 1 return 0 } function Main { [ -e "$PID_FILE" ] && Error Pid file $PID_FILE already exists, quit! echo $$ > $PID_FILE ListRecord [ -z "$RECORD_ID" ] && CreateRecord [ -n "$RECORD_ID" ] && ModifyRecord END=1 } # Start here Main