From 4e71ecac60e5f334c4360e73742b519dcb12b163 Mon Sep 17 00:00:00 2001
From: Tony Mountifield <tony@mountifield.org>
Date: Mon, 1 Jan 2024 23:02:19 +0000
Subject: [PATCH] Improve matching for domain ID

---
 dns_scripts/dns_add_linode | 28 ++++++++++++++++++++--------
 dns_scripts/dns_del_linode | 29 ++++++++++++++++++++---------
 2 files changed, 40 insertions(+), 17 deletions(-)

diff --git a/dns_scripts/dns_add_linode b/dns_scripts/dns_add_linode
index 8174f97..4567d6b 100755
--- a/dns_scripts/dns_add_linode
+++ b/dns_scripts/dns_add_linode
@@ -19,25 +19,37 @@ if [[ -z "$LINODE_KEY" ]]; then
   exit 1
 fi
 
-domain_root=${fulldomain#*.}
-domain=${fulldomain%.$domain_root}
-txtname="_acme-challenge.$domain"
-
-# Get Domain ID
+# Get Domain List
 response=$(curl --silent ${api_url}/domains \
   -H "User-Agent: getssl/0.1" -H "Authorization: Bearer ${api_key}")
-domain_id=$(echo "$response" |  jq ".data[] | select (.domain==\"$domain_root\") | .id")
-if [[ $domain_id == "" ]]; then
+
+# Get Domain ID for longest match
+domain_root="$fulldomain"
+domain=""
+
+while [[ "$domain_root" == *.* ]] ; do
+	domain_id=$(echo "$response" | jq ".data[]? | select (.domain==\"$domain_root\") | .id")
+	if [[ "$domain_id" != "" ]] ; then
+		break
+	fi
+	domain_root=${domain_root#*.}
+	domain=${fulldomain%.$domain_root}
+done
+
+if [[ "$domain_id" == "" ]]; then
   echo "Failed to fetch DomainID"
   exit 1
 fi
 
+txtname="_acme-challenge${domain:+.$domain}"
+
 # Create TXT record
+
 response=$(curl --silent -X POST ${api_url}/domains/${domain_id}/records \
   -H "Content-Type: application/json" -H "User-Agent: getssl/0.1" -H "Authorization: Bearer ${api_key}" \
   -d '{"type": "TXT", "name": "'${txtname}'", "target": "'$token'", "ttl_sec": 30}')
 errors=$(echo "$response" | jq ".errors[]?.reason")
-if [[ $errors != "" ]]; then
+if [[ "$errors" != "" ]]; then
     echo "Something went wrong: $errors"
     exit 1
 fi
diff --git a/dns_scripts/dns_del_linode b/dns_scripts/dns_del_linode
index d731dfe..e712564 100755
--- a/dns_scripts/dns_del_linode
+++ b/dns_scripts/dns_del_linode
@@ -14,24 +14,35 @@ if [[ -z "$LINODE_KEY" ]]; then
   exit 1
 fi
 
-domain_root=${fulldomain#*.}
-domain=${fulldomain%.$domain_root}
-txtname="_acme-challenge.$domain"
-
-# Get Domain ID
+# Get Domain List
 response=$(curl --silent ${api_url}/domains \
   -H "User-Agent: getssl/0.1" -H "Authorization: Bearer ${api_key}")
-domain_id=$(echo "$response" |  jq ".data[] | select (.domain==\"$domain_root\") | .id")
-if [[ $domain_id == "" ]]; then
+
+# Get Domain ID for longest match
+domain_root="$fulldomain"
+domain=""
+
+while [[ "$domain_root" == *.* ]] ; do
+	domain_id=$(echo "$response" | jq ".data[]? | select (.domain==\"$domain_root\") | .id")
+	if [[ "$domain_id" != "" ]] ; then
+		break
+	fi
+	domain_root=${domain_root#*.}
+	domain=${fulldomain%.$domain_root}
+done
+
+if [[ "$domain_id" == "" ]]; then
   echo "Failed to fetch DomainID"
   exit 1
 fi
 
+txtname="_acme-challenge${domain:+.$domain}"
+
 # Get Resource ID
 response=$(curl --silent ${api_url}/domains/${domain_id}/records \
   -H "User-Agent: getssl/0.1" -H "Authorization: Bearer ${api_key}")
 resource_id=$(echo "$response" |  jq ".data[] | select (.name==\"$txtname\") | .id")
-if [[ $resource_id == "" ]]; then
+if [[ "$resource_id" == "" ]]; then
   echo "Failed to fetch ResourceID"
   exit 1
 fi
@@ -40,7 +51,7 @@ fi
 response=$(curl --silent -X DELETE ${api_url}/domains/${domain_id}/records/${resource_id} \
   -H "User-Agent: getssl/0.1" -H "Authorization: Bearer ${api_key}")
 errors=$(echo "$response" | jq ".errors[]?.reason")
-if [[ $errors != "" ]]; then
+if [[ "$errors" != "" ]]; then
     echo "Something went wrong: $errors"
     exit 1
 fi