Add Abion.com DNS API#6885
Conversation
|
Welcome |
There was a problem hiding this comment.
Pull request overview
Adds a new acme.sh DNS API hook for managing DNS-01 TXT records via Abion.com’s API.
Changes:
- Introduces
dnsapi/dns_abion.shwith an Abion API endpoint constant and request helper. - Implements
dns_abion_addplus root-zone discovery logic (_get_root) and REST wrapper (_abion_rest).
| _debug "First detect the root zone" | ||
| if ! _get_root "$fulldomain"; then | ||
| _err "invalid domain" | ||
| return 1 | ||
| fi | ||
|
|
||
| _debug _sub_domain "$_sub_domain" | ||
| _debug _domain "$_domain" | ||
|
|
||
| ABION_API_KEY="${ABION_API_KEY:-$(_readaccountconf_mutable ABION_API_KEY)}" | ||
|
|
||
| if [ -z "$ABION_API_KEY" ]; then | ||
| ABION_API_KEY="" | ||
| _err "You need to spesify ABION_API_KEY." | ||
| return 1 |
There was a problem hiding this comment.
dns_abion_add calls _get_root before loading ABION_API_KEY, but _get_root immediately performs an authenticated API call (_abion_rest GET zones). With an unset key, root detection will fail (likely 401/parse failure) even when the domain is valid. Load/read the API key (and validate it) before any API request/root detection.
| dns_abion_add() { | ||
| fulldomain=$1 |
There was a problem hiding this comment.
This provider file only defines dns_abion_add, but acme.sh cleanup requires a matching ${provider}_rm function (see acme.sh _clearupdns calling ${_currentRoot}_rm). Without dns_abion_rm, renew/cleanup will error and TXT records will be left behind.
| return 1 | ||
| fi | ||
|
|
||
| zones=$(echo "$response" | jq -r ".data | map(.id) | .[]") |
There was a problem hiding this comment.
_get_root parses the zones list using jq, which introduces a non-standard runtime dependency; most acme.sh environments (and other dnsapi hooks) avoid requiring jq. Please replace this with shell parsing using existing helpers (e.g., _normalizeJson, _egrep_o, sed) or ensure parsing works without external dependencies.
| zones=$(echo "$response" | jq -r ".data | map(.id) | .[]") | |
| zones=$(echo "$response" | _normalizeJson | sed 's/},{/}\ | |
| {/g' | _egrep_o '"id":"[^"]*"' | sed 's/^"id":"//; s/"$//') |
| if [ "$method" == "GET" ]; then | ||
| response="$(_get "$ABION_Api_Endpoint/$endpoint")" | ||
| else | ||
| response="$(_post "$data" "$ABION_Api_Endpoint/$endpoint" "" "$method")" | ||
| fi |
There was a problem hiding this comment.
[ "$method" == "GET" ] is a bashism; POSIX sh only guarantees = for string comparison. Using == can cause syntax/logic failures on some platforms, breaking all requests. Use = here (and keep the script strictly sh-compatible).
|
|
||
| if [ -z "$ABION_API_KEY" ]; then | ||
| ABION_API_KEY="" | ||
| _err "You need to spesify ABION_API_KEY." |
There was a problem hiding this comment.
Typo in error message: "spesify" should be "specify".
| _err "You need to spesify ABION_API_KEY." | |
| _err "You need to specify ABION_API_KEY." |
| _abion_rest PATCH "zones/$_domain" "{\"data\":{\"type\":\"zone\",\"id\":\"$_domain\",\"attributes\":{\"records\":{\"$_sub_domain\":{\"TXT\":[{\"rdata\":\"$txtvalue\",\"ttl\":300}]}}}}}" | ||
| } |
There was a problem hiding this comment.
dns_abion_add doesn't verify that the PATCH request succeeded at the application level (e.g., checking the JSON response for expected fields/success) and _abion_rest only checks the transport exit code. Since _post can return 0 even on HTTP 4xx (e.g., wget handling), this can report success while the API rejected the change. Please add response validation and surface the response body (or an extracted error message) on failure.
|
|
||
| zones=$(echo "$response" | jq -r ".data | map(.id) | .[]") | ||
|
|
||
| num_labels=$(echo "$domain" | tr '.' '\n' | wc -l) |
There was a problem hiding this comment.
num_labels=$(... | wc -l) may include leading spaces (per POSIX wc), and those can break numeric comparisons in [ "$i" -le "$num_labels" ] on some shells. Strip whitespace (e.g., tr -d ' ') or extract digits before using it in test arithmetic comparisons.
| num_labels=$(echo "$domain" | tr '.' '\n' | wc -l) | |
| num_labels=$(echo "$domain" | tr '.' '\n' | wc -l | tr -d '[:space:]') |
|
|
||
| zones=$(echo "$response" | jq -r ".data | map(.id) | .[]") | ||
|
|
||
| num_labels=$(echo "$domain" | tr '.' '\n' | wc -l) |
There was a problem hiding this comment.
This code depends on jq to parse the API response. jq is not a guaranteed dependency in acme.sh environments and is discouraged in dnsapi hooks; parse using shell tools/helpers instead so the hook remains portable.
|
|
||
| if [ "$method" == "GET" ]; then | ||
| response="$(_get "$ABION_Api_Endpoint/$endpoint")" | ||
| else | ||
| response="$(_post "$data" "$ABION_Api_Endpoint/$endpoint" "" "$method")" | ||
| fi |
There was a problem hiding this comment.
[ "$method" == "GET" ] is a bashism; POSIX sh only supports = for string comparison. Using == can fail on some shells (e.g., dash).
| num_labels=$(echo "$domain" | tr '.' '\n' | wc -l) | ||
| i=2 | ||
| while [ "$i" -le "$num_labels" ]; do | ||
| candidate=$(echo "$domain" | cut -d'.' -f${i}-) |
There was a problem hiding this comment.
In _get_root(), the label loop counter starts at 2. Per acme.sh DNS API conventions this should start from 1 to support DNS alias mode; otherwise some domains can’t be resolved to the correct root zone.
| _sub_domain=$(echo "$domain" | cut -d'.' -f1-$((i - 1))) | ||
| _domain="$candidate" | ||
| return 0 | ||
| fi | ||
| done | ||
|
|
||
| i=$((i + 1)) |
There was a problem hiding this comment.
Avoid $(( ... )) arithmetic in dnsapi hooks; the project provides _math for portability. Replace the arithmetic expansions used to compute the subdomain slice and loop increment with _math (and adjust surrounding logic accordingly).
| Options: | ||
| ABION_API_KEY key |
There was a problem hiding this comment.
dns_abion_info block is missing a Docs/wiki link and the option description is vague ("ABION_API_KEY key"). Consider aligning with other dnsapi hooks by adding a Docs line and clarifying what the key is / where to obtain it.
| Options: | |
| ABION_API_KEY key | |
| Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_abion | |
| Options: | |
| ABION_API_KEY API key for abion.com; obtain it from your Abion account/API settings |
|
1. 2. Run the DNS-API-Test on your fork — it has to pass before this can be merged. There are no Actions runs on your fork at all right now. 3. shfmt is failing — run Minor: |
No description provided.