DNSAPI per-domain conf wrapper funcs

Update to #799 for per-domain auth conf storage. _readdnsapiconf() <Item Key> - Prefers the values stored in the domainconf over the accountconf[_mutable] if it exists in both places. - After first new/update save with _savednsapiconf() it will be stored in the domainconf (and the original acctconf* location if applicable) that's where this function will find the value and the entry in the accountconf* will be obsolete/unused. _savednsapiconf() <Item Key> <Item Value> - "Migrate"/save the auth provided by env var or from accountconf[_mutable] to domainconf for future use. Update it in the original account location for backward compatibility if necessary. 1. These wrappers don't update the environment variable like the _getdeployconf(), they read from arg, emit text. 2. The keys saved through the save wrapper are named in mutable form with "SAVED_" prefix. 3. The DNS API Dev Guide (https://github.com/acmesh-official/acme.sh/wiki/DNS-API-Dev-Guide) will need to be updated for the new functions dns_cf.sh dnsapi script for cloudflare updated as an example.
acmesh-official · Aug 4, 2020 · 716b9b8 · 716b9b8
1 parent 3df276c
commit 716b9b8
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 16 deletions.
diff --git a/acme.sh b/acme.sh
@@ -2229,7 +2229,41 @@ _readaccountconf_mutable() {
 _clearaccountconf() {
   _clear_conf "$ACCOUNT_CONF_PATH" "$1"
 }
-
+#_readdnsapiconf key
+_readdnsapiconf() {
+  local acctmutcnf=$(_readaccountconf_mutable $1)
+  local acctcnf=$(_readaccountconf $1)
+  local domcnf=$(_readdomainconf "SAVED_$1")
+  if [ -n "$domcnf" ]; then
+    dnsapi_auth_conf_loc=domainconf
+    echo -ne "$domcnf"
+  elif [ -n "$acctmutcnf" ]; then
+    dnsapi_auth_conf_loc=accountconf_mutable
+    echo -ne "$acctmutcnf"
+  elif [ -n "$acctcnf" ]; then
+    dnsapi_auth_conf_loc=accountconf
+    echo -ne "$acctcnf"
+  else 
+    return 1
+  fi
+  _debug "Read dnsapi conf <$1> from ${dnsapi_auth_conf_loc}"
+}
+#_savednsapiconf key value base64encode
+_savednsapiconf() {
+  _readdnsapiconf $1 >/dev/null
+  #update the original save location if existed for backward compat
+  case "${dnsapi_auth_conf_loc}" in 
+  accountconf_mutable)
+    _saveaccountconf_mutable $1 "$2" $3
+  ;;
+  accountconf)
+    _saveaccountconf $1 "$2" $3
+  ;;
+  esac
+  #we'll use this value on automation
+  _savedomainconf "SAVED_$1" "$2" $3
+  unset dnsapi_auth_conf_loc
+}
 #_savecaconf  key  value
 _savecaconf() {
   _save_conf "$CA_CONF" "$1" "$2"

diff --git a/dnsapi/dns_cf.sh b/dnsapi/dns_cf.sh
@@ -18,16 +18,16 @@ dns_cf_add() {
   fulldomain=$1
   txtvalue=$2
 
-  CF_Token="${CF_Token:-$(_readaccountconf_mutable CF_Token)}"
-  CF_Account_ID="${CF_Account_ID:-$(_readaccountconf_mutable CF_Account_ID)}"
-  CF_Zone_ID="${CF_Zone_ID:-$(_readaccountconf_mutable CF_Zone_ID)}"
-  CF_Key="${CF_Key:-$(_readaccountconf_mutable CF_Key)}"
-  CF_Email="${CF_Email:-$(_readaccountconf_mutable CF_Email)}"
+  CF_Token="${CF_Token:-$(_readdnsapiconf CF_Token)}"
+  CF_Account_ID="${CF_Account_ID:-$(_readdnsapiconf CF_Account_ID)}"
+  CF_Zone_ID="${CF_Zone_ID:-$(_readdnsapiconf CF_Zone_ID)}"
+  CF_Key="${CF_Key:-$(_readdnsapiconf CF_Key)}"
+  CF_Email="${CF_Email:-$(_readdnsapiconf CF_Email)}"
 
   if [ "$CF_Token" ]; then
-    _saveaccountconf_mutable CF_Token "$CF_Token"
-    _saveaccountconf_mutable CF_Account_ID "$CF_Account_ID"
-    _saveaccountconf_mutable CF_Zone_ID "$CF_Zone_ID"
+    _savednsapiconf CF_Token "$CF_Token"
+    _savednsapiconf CF_Account_ID "$CF_Account_ID"
+    _savednsapiconf CF_Zone_ID "$CF_Zone_ID"
   else
     if [ -z "$CF_Key" ] || [ -z "$CF_Email" ]; then
       CF_Key=""
@@ -43,8 +43,8 @@ dns_cf_add() {
       return 1
     fi
     #save the api key and email to the account conf file.
-    _saveaccountconf_mutable CF_Key "$CF_Key"
-    _saveaccountconf_mutable CF_Email "$CF_Email"
+    _savednsapiconf CF_Key "$CF_Key"
+    _savednsapiconf CF_Email "$CF_Email"
   fi
 
   _debug "First detect the root zone"
@@ -92,11 +92,11 @@ dns_cf_rm() {
   fulldomain=$1
   txtvalue=$2
 
-  CF_Token="${CF_Token:-$(_readaccountconf_mutable CF_Token)}"
-  CF_Account_ID="${CF_Account_ID:-$(_readaccountconf_mutable CF_Account_ID)}"
-  CF_Zone_ID="${CF_Zone_ID:-$(_readaccountconf_mutable CF_Zone_ID)}"
-  CF_Key="${CF_Key:-$(_readaccountconf_mutable CF_Key)}"
-  CF_Email="${CF_Email:-$(_readaccountconf_mutable CF_Email)}"
+  CF_Token="${CF_Token:-$(_readdnsapiconf CF_Token)}"
+  CF_Account_ID="${CF_Account_ID:-$(_readdnsapiconf CF_Account_ID)}"
+  CF_Zone_ID="${CF_Zone_ID:-$(_readdnsapiconf CF_Zone_ID)}"
+  CF_Key="${CF_Key:-$(_readdnsapiconf CF_Key)}"
+  CF_Email="${CF_Email:-$(_readdnsapiconf CF_Email)}"
 
   _debug "First detect the root zone"
   if ! _get_root "$fulldomain"; then