Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
DigitalOcean DNS Worker
#!/bin/bash
## Configure DigitalOcean DNS via API requests
## set -x ## uncomment for debugging
export DO_PAT=${DO_PAT:=""}
PARAMS=""
domain=""
returned_record_id=""
ip_addr=""
record_name=""
record_type="A"
record_priority="null"
record_port="null"
record_weight="null"
record_ttl="3600"
force_overwrite='false'
force_add='false'
function print_help() {
echo -e "\n=== Configure and set DNS on DigitalOcean via the API.\n"
echo -e "=== Usage:\n\nexport DO_PAT=\"<your_digital_ocean_personal_access_token_here>\" # do this once\n"
echo -e "./config_dns.sh [ -d|--domain 'example.com' ] [ -i|--ip '12.12.12.12' ] [ -r|--record 'k8s' ] [ -t|--type 'A' ] [ -f|--force ] [ -l|--ttl 3600 ]"
echo -e "\n=== -t defaults to 'A', all other parameters except -f|--force are required.\n"
exit
}
if [[ "$#" -gt 0 ]]; then
while (( "$#" )); do
case "$1" in
-f|--force)
force_overwrite="true"
shift
;;
-a|--force-add)
force_add="true"
shift
;;
-d|--domain)
domain="$2"
shift 2
;;
-i|--ip)
ip_addr="$2"
shift 2
;;
-t|--type)
record_type="$2"
shift 2
;;
-p|--priority)
record_priority="$2"
shift 2
;;
-o|--port)
record_port="$2"
shift 2
;;
-w|--weight)
record_weight="$2"
shift 2
;;
-r|--record)
record_name="$2"
shift 2
;;
-l|--ttl)
record_ttl="$2"
shift 2
;;
-h|--help)
print_help
shift
;;
-*|--*=) # unsupported flags
echo "Error: Unsupported flag $1" >&2
print_help
;;
*) # preserve positional arguments
PARAMS="$PARAMS $1"
shift
;;
esac
done
else
echo -e "\n=== MISSING PARAMETERS!!!"
print_help
fi
# set positional arguments in their proper place
eval set -- "$PARAMS"
if [ -z "$domain" ]; then
echo "Domain is required!".
exit 1
else
echo "Domain - check..."
fi
if [ -z "$ip_addr" ]; then
echo "IP Address is required!".
exit 1
else
echo "IP Address - check..."
fi
if [ -z "$record_name" ]; then
echo "Record Name is required!".
exit 1
else
echo "Record Name - check..."
fi
function checkForProgram() {
command -v $1
if [[ $? -eq 0 ]]; then
printf '%-72s %-7s\n' $1 "PASSED!";
else
printf '%-72s %-7s\n' $1 "FAILED!";
exit 1
fi
}
echo -e "\nChecking prerequisites...\n"
checkForProgram curl
checkForProgram jq
## check for the DNS zone
function checkDomain() {
request=$(curl -sS -X GET -H "Content-Type: application/json" -H "Authorization: Bearer ${DO_PAT}" "https://api.digitalocean.com/v2/domains/$domain")
if [ "$request" != "null" ]; then
filter=$(echo $request | jq '.domain')
if [ "$filter" != "null" ]; then
echo -e "\nDomain [${domain}] DNS Zone exists...\n"
return 0
else
echo "Domain [${domain}] DNS Zone does not exist!"
return 1
fi
else
echo "Domain [${domain}] DNS Zone does not exist!"
return 1
fi
}
## check to see if a record exists
function checkRecord() {
request=$(curl -sS -X GET -H "Content-Type: application/json" -H "Authorization: Bearer ${DO_PAT}" "https://api.digitalocean.com/v2/domains/${domain}/records")
filter=$(echo $request | jq '.domain_records[] | select((.name | contains("'"${record_name}"'")) and (.type == "'"${record_type}"'"))')
FILTER_NO_EXTERNAL_SPACE="$(echo -e "${filter}" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//' | tr -d '\n')"
if [ -z "$FILTER_NO_EXTERNAL_SPACE" ]; then
echo -e "Record [A - ${record_name}.${domain}.] does not exist!\n"
return 1
else
IP_FILTER="$(echo "${FILTER_NO_EXTERNAL_SPACE}" | jq '.data')"
returned_record_id="$(echo "${FILTER_NO_EXTERNAL_SPACE}" | jq '.id')"
echo -e "Record [A - ${record_name}.${domain}.] exists at ${IP_FILTER}...\n"
return 0
fi
}
function deleteRecord() {
request=$(curl -sS -X DELETE -H "Content-Type: application/json" -H "Authorization: Bearer ${DO_PAT}" "https://api.digitalocean.com/v2/domains/${1}/records/${2}")
echo $request
}
## write a DNS record for the supplied arguments (domain, ip, type, record)
function writeDNS() {
request=$(curl -sS -X POST -H "Content-Type: application/json" -H "Authorization: Bearer ${DO_PAT}" -d '{"type":"'"${record_type}"'","name":"'"${record_name}"'","data":"'"${ip_addr}"'","priority":'"${record_priority}"',"port":'"${record_port}"',"ttl":'"${record_ttl}"',"weight":'"${record_weight}"',"flags":null,"tag":null}' "https://api.digitalocean.com/v2/domains/${domain}/records")
echo $request
}
checkDomain $domain
if [ $? -eq 0 ]; then
checkRecord $domain "@"
if [ $? -eq 0 ]; then
if [ "$force_overwrite" == "true" ]; then
echo -e "Record exists at ID(s):\n ${returned_record_id}\n\nCommand run with -f, overwriting records now...\n"
for recid in $returned_record_id; do
deleteRecord $domain $recid
done
writeDNS $domain
elif [ "$force_add" == "true" ]; then
echo -e "Record exists at ID(s):\n ${returned_record_id}\n\nCommand run with -a, adding additional records now...\n"
writeDNS $domain
else
echo -e "Record exists at ID(s):\n ${returned_record_id}\n\nRun with -f to overwrite.\n"
exit 1
fi
else
writeDNS $domain
fi
else
echo -e "Domain does not exist in DigitalOcean DNS, exiting...\n"
exit 1
fi
#/bin/bash
DO_DOMAINS=("example.com" "example.net" "example.org" "example.us")
export DO_PAT="asdfasdfsdfasdf"
for d in ${DO_DOMAINS[@]}; do
echo "Now processing domain: $d"
SLUG=$(echo "$d" | iconv -t ascii//TRANSLIT | sed -r s/[^a-zA-Z0-9]+/-/g | sed -r s/^-+\|-+$//g | tr A-Z a-z)
./do_dns_worker.sh -d $d -t "MX" -r "@" --ip "$SLUG.mail.protection.outlook.com." --priority 0 --force-add
./do_dns_worker.sh -d $d -t "TXT" -r "@" --ip "v=spf1 include:spf.protection.outlook.com -all" --force
./do_dns_worker.sh -d $d -t "CNAME" -r "autodiscover" --ip "autodiscover.outlook.com." --force
./do_dns_worker.sh -d $d -t "CNAME" -r "sip" --ip "sipdir.online.lync.com." --force
./do_dns_worker.sh -d $d -t "CNAME" -r "lyncdiscover" --ip "webdir.online.lync.com." --force
./do_dns_worker.sh -d $d -t "CNAME" -r "enterpriseregistration" --ip "enterpriseregistration.windows.net." --force
./do_dns_worker.sh -d $d -t "CNAME" -r "enterpriseenrollment" --ip "enterpriseenrollment.manage.microsoft.com." --force
./do_dns_worker.sh -d $d -t "SRV" -r "_sip._tls" --ip "sipdir.online.lync.com." --priority 100 --weight 1 --port 443 --force
./do_dns_worker.sh -d $d -t "SRV" -r "_sipfederationtls._tcp" --ip "sipfed.online.lync.com." --priority 100 --weight 1 --port 5061 --force
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.