Namecheap and BIG-IP Integration via API

The script below will be attached to an EAV monitor, which is linked to a dummy pool. The script is designed to monitor F5XC DNSaaS (which is the current Authoritative DNS) and check if it can resolve DNS queries. If it cannot, the script will trigger an API call to Namecheap (our domain registrar) to change the nameservers back to Primary BIG-IP DNS. Simultaneously, the script will update the domain's NS records from F5XC to BIG-IP.

#!/bin/sh

# Define variables
pidfile="/var/run/$MONITOR_NAME.$1.$2.pid"
statusfile="/var/run/dns_status"
check_string="RESPONSE-OK"

# NAMECHEAP API USER
API_USER="sampleapiuser"
# NAMECHEAP APIKEY
API_KEY="<apikey>"
# NAMECHEAP ACCOUNT USERNAME
USERNAME="namecheapuser1"
# NAMECHEAP COMMAND TO CHANGE THE NAMESERVER
COMMAND="namecheap.domains.dns.setCustom"
# NAMECHEAP ALLOWED API CLIENT IP, WE SET IT TO BIG-IP IP
CLIENT_IP="13.213.88.106"
# SECOND LEVEL DOMAIN
SLD="f5sg"
# TOP LEVEL DOMAIN
TLD="com"
F5XC_NAMESERVERS="ns1.f5clouddns.com,ns2.f5clouddns.com"
BIGIP_NAMESERVERS="gtm1.f5sg.com,gtm2.f5sg.com"
# BIGIP ADMIN PASSWORD
ADMIN_PASS="XXXXXXX"

# Function to update DNS to F5XC nameservers
sendapi_xc() {
    #tmsh modify ltm virtual VS_APP2 enabled
    F5XC_API_URL="https://api.namecheap.com/xml.response?ApiUser=$API_USER&ApiKey=$API_KEY&UserName=$USERNAME&Command=$COMMAND&ClientIp=$CLIENT_IP&SLD=$SLD&TLD=$TLD&NameServers=$F5XC_NAMESERVERS"
    curl -X GET "$F5XC_API_URL" >/dev/null 2>&1
}

# Function to update DNS to BIGIP nameservers
sendapi_bigip() {
    #tmsh modify ltm virtual VS_APP2 disabled
    BIGIP_API_URL="https://api.namecheap.com/xml.response?ApiUser=$API_USER&ApiKey=$API_KEY&UserName=$USERNAME&Command=$COMMAND&ClientIp=$CLIENT_IP&SLD=$SLD&TLD=$TLD&NameServers=$BIGIP_NAMESERVERS"
    curl -X GET "$BIGIP_API_URL" >/dev/null 2>&1
}

# Functions to manage zone records using F5 iControl REST API
addzr_xc() {
    curl -sku admin:$ADMIN_PASS "https://127.0.0.1:8443/mgmt/tm/util/bash" -X POST -H "Content-Type: application/json" -d "{\"command\":\"run\",\"utilCmdArgs\":\"-c 'echo arr external f5sg.com. f5sg.com. 50 NS ns1.f5clouddns.com. | zrsh'\"}" >/dev/null 2>&1
    curl -sku admin:$ADMIN_PASS "https://127.0.0.1:8443/mgmt/tm/util/bash" -X POST -H "Content-Type: application/json" -d "{\"command\":\"run\",\"utilCmdArgs\":\"-c 'echo arr external f5sg.com. f5sg.com. 50 NS ns2.f5clouddns.com. | zrsh'\"}" >/dev/null 2>&1
}

delzr_bip() {
    curl -sku admin:$ADMIN_PASS "https://127.0.0.1:8443/mgmt/tm/util/bash" -X POST -H "Content-Type: application/json" -d "{\"command\":\"run\",\"utilCmdArgs\":\"-c 'echo drr external f5sg.com. f5sg.com. 50 NS gtm1.f5sg.com. | zrsh'\"}" >/dev/null 2>&1
    curl -sku admin:$ADMIN_PASS "https://127.0.0.1:8443/mgmt/tm/util/bash" -X POST -H "Content-Type: application/json" -d "{\"command\":\"run\",\"utilCmdArgs\":\"-c 'echo drr external f5sg.com. f5sg.com. 50 NS gtm2.f5sg.com. | zrsh'\"}" >/dev/null 2>&1
}

addzr_bip() {
    curl -sku admin:$ADMIN_PASS "https://127.0.0.1:8443/mgmt/tm/util/bash" -X POST -H "Content-Type: application/json" -d "{\"command\":\"run\",\"utilCmdArgs\":\"-c 'echo arr external f5sg.com. f5sg.com. 50 NS gtm1.f5sg.com. | zrsh'\"}" >/dev/null 2>&1
    curl -sku admin:$ADMIN_PASS "https://127.0.0.1:8443/mgmt/tm/util/bash" -X POST -H "Content-Type: application/json" -d "{\"command\":\"run\",\"utilCmdArgs\":\"-c 'echo arr external f5sg.com. f5sg.com. 50 NS gtm2.f5sg.com. | zrsh'\"}" >/dev/null 2>&1
}

delzr_xc() {
    curl -sku admin:$ADMIN_PASS "https://127.0.0.1:8443/mgmt/tm/util/bash" -X POST -H "Content-Type: application/json" -d "{\"command\":\"run\",\"utilCmdArgs\":\"-c 'echo drr external f5sg.com. f5sg.com. 50 NS ns1.f5clouddns.com. | zrsh'\"}" >/dev/null 2>&1
    curl -sku admin:$ADMIN_PASS "https://127.0.0.1:8443/mgmt/tm/util/bash" -X POST -H "Content-Type: application/json" -d "{\"command\":\"run\",\"utilCmdArgs\":\"-c 'echo drr external f5sg.com. f5sg.com. 50 NS ns2.f5clouddns.com. | zrsh'\"}" >/dev/null 2>&1
}

# Manage the PID file to ensure only one instance of the script runs
if [ -f $pidfile ]; then
    kill -9 -`cat $pidfile` > /dev/null 2>&1
fi

echo "$$" > $pidfile

# Run dig command and store the output in a variable
response=$(dig @ns1.f5clouddns.com f5sg.com TXT +short)

# Compare response and take action
if echo "$response" | grep -q "$check_string"; then
    previous_status=$(cat "$statusfile" 2>/dev/null)
    if [ "$response" != "$previous_status" ]; then
        sendapi_xc
        addzr_xc
        delzr_bip
    fi
    echo "up"
    echo "$response" > "$statusfile"
else
    previous_status=$(cat "$statusfile" 2>/dev/null)
    if [ "$response" != "$previous_status" ]; then
        sendapi_bigip
        addzr_bip
        delzr_xc
    fi
    echo "$response" > "$statusfile"
fi

rm -f "$pidfile"
Published May 30, 2024
Version 1.0
automation
No CommentsBe the first to comment