From 69fc825c48e9013c5a30fd6ce47d4bcef3648718 Mon Sep 17 00:00:00 2001
From: Tony Mountifield <tony@mountifield.org>
Date: Mon, 1 Jan 2024 18:22:27 +0000
Subject: [PATCH 1/2] Updated to V4 of Linode API

---
 dns_scripts/dns_add_linode | 21 ++++++++++-----------
 dns_scripts/dns_del_linode | 27 ++++++++++++---------------
 2 files changed, 22 insertions(+), 26 deletions(-)

diff --git a/dns_scripts/dns_add_linode b/dns_scripts/dns_add_linode
index 7e3297b7..8174f970 100755
--- a/dns_scripts/dns_add_linode
+++ b/dns_scripts/dns_add_linode
@@ -2,7 +2,7 @@
 
 fulldomain="${1}"
 token="${2}"
-api_url="https://api.linode.com/api/"
+api_url="https://api.linode.com/v4"
 api_key=${LINODE_KEY:-''}
 
 # Verify that required parameters are set
@@ -19,26 +19,25 @@ if [[ -z "$LINODE_KEY" ]]; then
   exit 1
 fi
 
-domain_root=$(echo "$fulldomain" | awk -F\. '{print $(NF-1) FS $NF}')
+domain_root=${fulldomain#*.}
 domain=${fulldomain%.$domain_root}
 txtname="_acme-challenge.$domain"
 
 # Get Domain ID
-response=$(curl --silent -X POST "$api_url" \
-  -H "Accept: application/json" -H "User-Agent: getssl/0.1" -H "application/x-www-form-urlencoded" \
-  -d "api_key=${api_key}&api_action=domain.list" )
-domain_id=$(echo "$response" | egrep -o "{\"DOMAIN\":\"$domain_root\".*\"DOMAINID\":([0-9]+)" | egrep -o "[0-9]+$")
+response=$(curl --silent ${api_url}/domains \
+  -H "User-Agent: getssl/0.1" -H "Authorization: Bearer ${api_key}")
+domain_id=$(echo "$response" |  jq ".data[] | select (.domain==\"$domain_root\") | .id")
 if [[ $domain_id == "" ]]; then
   echo "Failed to fetch DomainID"
   exit 1
 fi
 
 # Create TXT record
-response=$(curl --silent -X POST "$api_url" \
-  -H "Accept: application/json" -H "User-Agent: getssl/0.1" -H "application/x-www-form-urlencoded" \
-  -d "api_key=$api_key&api_action=domain.resource.create&DomainID=$domain_id&Type=TXT&Name=$txtname&Target=$token" )
-errors=$(echo "$response" | egrep -o "\"ERRORARRAY\":\[.*\]")
-if [[ $errors != "\"ERRORARRAY\":[]" ]]; then
+response=$(curl --silent -X POST ${api_url}/domains/${domain_id}/records \
+  -H "Content-Type: application/json" -H "User-Agent: getssl/0.1" -H "Authorization: Bearer ${api_key}" \
+  -d '{"type": "TXT", "name": "'${txtname}'", "target": "'$token'", "ttl_sec": 30}')
+errors=$(echo "$response" | jq ".errors[]?.reason")
+if [[ $errors != "" ]]; then
     echo "Something went wrong: $errors"
     exit 1
 fi
diff --git a/dns_scripts/dns_del_linode b/dns_scripts/dns_del_linode
index ef403af5..d731dfea 100755
--- a/dns_scripts/dns_del_linode
+++ b/dns_scripts/dns_del_linode
@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 
 fulldomain="${1}"
-api_url="https://api.linode.com/api/"
+api_url="https://api.linode.com/v4"
 api_key=${LINODE_KEY:-''}
 
 # Verify that required parameters are set
@@ -14,36 +14,33 @@ if [[ -z "$LINODE_KEY" ]]; then
   exit 1
 fi
 
-domain_root=$(echo "$fulldomain" | awk -F\. '{print $(NF-1) FS $NF}')
+domain_root=${fulldomain#*.}
 domain=${fulldomain%.$domain_root}
 txtname="_acme-challenge.$domain"
 
 # Get Domain ID
-response=$(curl --silent -X POST "$api_url" \
-  -H "Accept: application/json" -H "User-Agent: getssl/0.1" -H "application/x-www-form-urlencoded" \
-  -d "api_key=${api_key}&api_action=domain.list" )
-domain_id=$(echo "$response" | egrep -o "{\"DOMAIN\":\"$domain_root\".*\"DOMAINID\":([0-9]+)" | egrep -o "[0-9]+$")
+response=$(curl --silent ${api_url}/domains \
+  -H "User-Agent: getssl/0.1" -H "Authorization: Bearer ${api_key}")
+domain_id=$(echo "$response" |  jq ".data[] | select (.domain==\"$domain_root\") | .id")
 if [[ $domain_id == "" ]]; then
   echo "Failed to fetch DomainID"
   exit 1
 fi
 
 # Get Resource ID
-response=$(curl --silent -X POST "$api_url" \
-  -H "Accept: application/json" -H "User-Agent: getssl/0.1" -H "application/x-www-form-urlencoded" \
-  -d "api_key=${api_key}&api_action=domain.resource.list&DomainID=$domain_id" )
-resource_id=$(echo "$response" | egrep -o "\"RESOURCEID\":[0-9]+,\"TYPE\":\"TXT\",\"NAME\":\"$txtname\"" | egrep -o "\"RESOURCEID\":[0-9]+" | egrep -o "[0-9]+$")
+response=$(curl --silent ${api_url}/domains/${domain_id}/records \
+  -H "User-Agent: getssl/0.1" -H "Authorization: Bearer ${api_key}")
+resource_id=$(echo "$response" |  jq ".data[] | select (.name==\"$txtname\") | .id")
 if [[ $resource_id == "" ]]; then
   echo "Failed to fetch ResourceID"
   exit 1
 fi
 
 # Delete TXT record
-response=$(curl --silent -X POST "$api_url" \
-  -H "Accept: application/json" -H "User-Agent: getssl/0.1" -H "application/x-www-form-urlencoded" \
-  -d "api_key=$api_key&api_action=domain.resource.delete&DomainID=$domain_id&ResourceID=$resource_id" )
-errors=$(echo "$response" | egrep -o "\"ERRORARRAY\":\[.*\]")
-if [[ $errors != "\"ERRORARRAY\":[]" ]]; then
+response=$(curl --silent -X DELETE ${api_url}/domains/${domain_id}/records/${resource_id} \
+  -H "User-Agent: getssl/0.1" -H "Authorization: Bearer ${api_key}")
+errors=$(echo "$response" | jq ".errors[]?.reason")
+if [[ $errors != "" ]]; then
     echo "Something went wrong: $errors"
     exit 1
 fi

From 4e71ecac60e5f334c4360e73742b519dcb12b163 Mon Sep 17 00:00:00 2001
From: Tony Mountifield <tony@mountifield.org>
Date: Mon, 1 Jan 2024 23:02:19 +0000
Subject: [PATCH 2/2] Improve matching for domain ID

---
 dns_scripts/dns_add_linode | 28 ++++++++++++++++++++--------
 dns_scripts/dns_del_linode | 29 ++++++++++++++++++++---------
 2 files changed, 40 insertions(+), 17 deletions(-)

diff --git a/dns_scripts/dns_add_linode b/dns_scripts/dns_add_linode
index 8174f970..4567d6b6 100755
--- a/dns_scripts/dns_add_linode
+++ b/dns_scripts/dns_add_linode
@@ -19,25 +19,37 @@ if [[ -z "$LINODE_KEY" ]]; then
   exit 1
 fi
 
-domain_root=${fulldomain#*.}
-domain=${fulldomain%.$domain_root}
-txtname="_acme-challenge.$domain"
-
-# Get Domain ID
+# Get Domain List
 response=$(curl --silent ${api_url}/domains \
   -H "User-Agent: getssl/0.1" -H "Authorization: Bearer ${api_key}")
-domain_id=$(echo "$response" |  jq ".data[] | select (.domain==\"$domain_root\") | .id")
-if [[ $domain_id == "" ]]; then
+
+# Get Domain ID for longest match
+domain_root="$fulldomain"
+domain=""
+
+while [[ "$domain_root" == *.* ]] ; do
+	domain_id=$(echo "$response" | jq ".data[]? | select (.domain==\"$domain_root\") | .id")
+	if [[ "$domain_id" != "" ]] ; then
+		break
+	fi
+	domain_root=${domain_root#*.}
+	domain=${fulldomain%.$domain_root}
+done
+
+if [[ "$domain_id" == "" ]]; then
   echo "Failed to fetch DomainID"
   exit 1
 fi
 
+txtname="_acme-challenge${domain:+.$domain}"
+
 # Create TXT record
+
 response=$(curl --silent -X POST ${api_url}/domains/${domain_id}/records \
   -H "Content-Type: application/json" -H "User-Agent: getssl/0.1" -H "Authorization: Bearer ${api_key}" \
   -d '{"type": "TXT", "name": "'${txtname}'", "target": "'$token'", "ttl_sec": 30}')
 errors=$(echo "$response" | jq ".errors[]?.reason")
-if [[ $errors != "" ]]; then
+if [[ "$errors" != "" ]]; then
     echo "Something went wrong: $errors"
     exit 1
 fi
diff --git a/dns_scripts/dns_del_linode b/dns_scripts/dns_del_linode
index d731dfea..e7125646 100755
--- a/dns_scripts/dns_del_linode
+++ b/dns_scripts/dns_del_linode
@@ -14,24 +14,35 @@ if [[ -z "$LINODE_KEY" ]]; then
   exit 1
 fi
 
-domain_root=${fulldomain#*.}
-domain=${fulldomain%.$domain_root}
-txtname="_acme-challenge.$domain"
-
-# Get Domain ID
+# Get Domain List
 response=$(curl --silent ${api_url}/domains \
   -H "User-Agent: getssl/0.1" -H "Authorization: Bearer ${api_key}")
-domain_id=$(echo "$response" |  jq ".data[] | select (.domain==\"$domain_root\") | .id")
-if [[ $domain_id == "" ]]; then
+
+# Get Domain ID for longest match
+domain_root="$fulldomain"
+domain=""
+
+while [[ "$domain_root" == *.* ]] ; do
+	domain_id=$(echo "$response" | jq ".data[]? | select (.domain==\"$domain_root\") | .id")
+	if [[ "$domain_id" != "" ]] ; then
+		break
+	fi
+	domain_root=${domain_root#*.}
+	domain=${fulldomain%.$domain_root}
+done
+
+if [[ "$domain_id" == "" ]]; then
   echo "Failed to fetch DomainID"
   exit 1
 fi
 
+txtname="_acme-challenge${domain:+.$domain}"
+
 # Get Resource ID
 response=$(curl --silent ${api_url}/domains/${domain_id}/records \
   -H "User-Agent: getssl/0.1" -H "Authorization: Bearer ${api_key}")
 resource_id=$(echo "$response" |  jq ".data[] | select (.name==\"$txtname\") | .id")
-if [[ $resource_id == "" ]]; then
+if [[ "$resource_id" == "" ]]; then
   echo "Failed to fetch ResourceID"
   exit 1
 fi
@@ -40,7 +51,7 @@ fi
 response=$(curl --silent -X DELETE ${api_url}/domains/${domain_id}/records/${resource_id} \
   -H "User-Agent: getssl/0.1" -H "Authorization: Bearer ${api_key}")
 errors=$(echo "$response" | jq ".errors[]?.reason")
-if [[ $errors != "" ]]; then
+if [[ "$errors" != "" ]]; then
     echo "Something went wrong: $errors"
     exit 1
 fi