#!/bin/bash

# Get your TOKEN https://yandex.ru/dev/api360/doc/concepts/access.html
# Need access level for app "directory:manage_dns"
YANDEX_TOKEN="<paste your yandex token>"
ORG_ID="<paste your org id>"

# Strip only the top domain to get the zone id
DOMAIN=$(expr match "$CERTBOT_DOMAIN" '.*\.\(.*\..*\)')
SUBDOMAIN=$(expr match "$CERTBOT_DOMAIN" '\(.*\)\..*\..*')
echo $DOMAIN
echo $SUBDOMAIN

# Create TXT record
CREATE_DOMAIN="_acme-challenge.$SUBDOMAIN"
echo $CREATE_DOMAIN
echo $CERTBOT_VALIDATION

RECORD_ID=$(curl -s -X POST "https://api360.yandex.net/directory/v1/org/$ORG_ID/domains/$DOMAIN/dns" \
    -H "Authorization: OAuth $YANDEX_TOKEN" \
    -H "Content-Type: application/json" \
    -d "{
        \"type\": \"TXT\",
        \"name\": \"$CREATE_DOMAIN\",
        \"text\": \"$CERTBOT_VALIDATION\",
        \"ttl\": 120
    }" \
    | python -c "import sys,json;print(json.load(sys.stdin)['recordId'])")

# Save info for cleanup
if [ ! -d /tmp/CERTBOT_$CERTBOT_DOMAIN ];then
        mkdir -m 0700 /tmp/CERTBOT_$CERTBOT_DOMAIN
fi

echo $RECORD_ID > /tmp/CERTBOT_$CERTBOT_DOMAIN/RECORD_ID

# Sleep to make sure the change has time to propagate over to DNS
sleep 300