#!/bin/sh

set -e

HOOK="$(basename "${0}")"
HOOK_ACTION="$(echo "${HOOK}" | awk -F. '{ print $1 }')"

# set nsupdate action
case "${HOOK}" in
	clean_challenge.*)
		HOOK_ACTION="delete"
		;;

	deploy_challenge.*)
		HOOK_ACTION="add"
		;;

	*)
		echo "'${HOOK}': no such hook action '${HOOK_ACTION}'" >&2
		echo "'${HOOK}': use 'clean_challenge.' or 'deploy_challenge.' as prefix in your symlink" >&2
		exit 1
		;;
esac

# alternatives handling for dig
if command -v kdig > /dev/null 2>&1
then
	# knot-dnsutils
	DIG="kdig"
elif command -v dig > /dev/null 2>&1
then
	# bind-dnsutils
	DIG="dig"
else
	echo "'${HOOK}': need dig from bind-dnsutils or knot-dnsutils" >&2
	exit 1
fi

# alternatives handling for nsupdate
if command -v knsupdate > /dev/null 2>&1
then
	# knot-dnsutils
	NSUPDATE="knsupdate"
elif command -v nsupdate > /dev/null 2>&1
then
	# bind-dnsutils
	NSUPDATE="nsupdate"
else
	echo "'${HOOK}': need nsupdate from bind-dnsutils or knot-dnsutils" >&2
	exit 1
fi

# config
for FILE in /etc/default/dehydrated-nsupdate /etc/default/dehydrated-nsupdate.d/*
do
	if [ -e "${FILE}" ]
	then
		. "${FILE}"
	fi
done

# find txt record to update
CNAME="$(${DIG} "_acme-challenge.${DOMAIN}" 2>&1 | awk '/CNAME/ { print $5 }' | tail -n1)"

if [ -n "${CNAME}" ]
then
	UPDATE_DOMAIN="${CNAME}"
else
	UPDATE_DOMAIN="_acme-challenge.${DOMAIN}"
fi

# find nameservers to update
ZONE="${UPDATE_DOMAIN}"

while true
do
	NAMESERVERS="$(${DIG} NS "${ZONE}" 2>&1 | awk '/NS/ { print $5 }' | tail -n1)"

	if [ -n "${NAMESERVERS}" ]
	then
		break
	else
		ZONE="$(echo "${ZONE}" | cut -d '.' -f 2-)"
	fi
done

NAMESERVERS="$(${DIG} +short NS "${ZONE}")"

# update nameservers
for NAMESERVER in ${NAMESERVERS}
do
	echo -n " + Adding TXT record (${UPDATE_DOMAIN})..."

echo "server ${NAMESERVER}
zone ${ZONE}
ttl 0
update ${HOOK_ACTION} ${UPDATE_DOMAIN} 0 TXT ${TOKEN_VALUE}
send" | "${NSUPDATE}"

	echo " done."
done