From 808ee63def451939390d16860f2a89f7ba0fe858 Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Wed, 20 Jun 2018 23:33:17 +0200 Subject: [PATCH] finish cleanup; fix some small bugs with authenticator script --- authenticator.py | 5 +--- cleanup.py | 70 ++++++++++++++++++++++++++++++++---------------- 2 files changed, 48 insertions(+), 27 deletions(-) diff --git a/authenticator.py b/authenticator.py index f6ac682..5cc9d5c 100755 --- a/authenticator.py +++ b/authenticator.py @@ -206,12 +206,9 @@ def main(): # add txt record logger.info("Try to set TXT record for dns challenge") z_record = set_record(config, logger) - logger.info("Set TXT record successful") - # commit changes - logger.info("Try to commit dns changes to nameservers") z_commit = dns_commit(config, logger) - logger.info("Commit successful") + logger.info("Set TXT record successful") if __name__ == "__main__": diff --git a/cleanup.py b/cleanup.py index 0a9b4da..cfbf2f8 100755 --- a/cleanup.py +++ b/cleanup.py @@ -90,7 +90,7 @@ def get_record(config, logger): url = urlparse.urljoin( host, os.path.join("dnszones", zone, "records", "?type=TXT&name=%s&data=%s") % - (data['name'], data['data']) + (data["name"], data['data']) ) headers = {"Authorization": "Bearer %s" % (token)} @@ -100,9 +100,6 @@ def get_record(config, logger): except requests.exceptions.HTTPError, e: logger.error(e) sys.exit(1) - print url - print r.json() - sys.exit(1) return r @@ -116,33 +113,38 @@ def delete_record(config, logger): logger.error("Config error: %s" % (e)) sys.exit(1) - url = urlparse.urljoin(host, os.path.join("dnszones", zone, "records/")) + url = urlparse.urljoin(host, os.path.join("dnszones", zone, "records", "delete")) headers = {"Authorization": "Bearer %s" % (token)} + data = {} + data["name"] = config.get('DNS', 'RECORD') + data["data"] = config.get('DNS', 'DATA') + json_data = json.dumps(data) + try: - custom_cache_extract = tldextract.TLDExtract( - cache_file=os.path.join(os.path.expanduser("~"), "tld_set")) - subdomain = custom_cache_extract(os.environ['CERTBOT_DOMAIN']).subdomain - if subdomain: - certbot_domain = "_acme-challenge.%s" % (subdomain) - else: - certbot_domain = "_acme-challenge" - certbot_validation = os.environ['CERTBOT_VALIDATION'] - except KeyError, e: - logger.error("Environment Variable %s not set" % (e)) + r = requests.post(url, headers=headers, data=json_data) + r.raise_for_status() + except requests.exceptions.HTTPError, e: + logger.error(e) sys.exit(1) - write_backup(os.environ['CERTBOT_DOMAIN'], certbot_validation, logger) + return r - data = {} - data["name"] = certbot_domain - data["ttl"] = 120 - data["type"] = "TXT" - data["data"] = certbot_validation - json_data = json.dumps(data) +def dns_commit(config, logger): try: - r = requests.post(url, headers=headers, data=json_data) + host = config.get('API', 'HOST') + zone = config.get('DNS', 'ZONE') + token = config.get('API', 'TOKEN') + except (configparser.NoSectionError, configparser.NoOptionError) as e: + logger.error("Config error: %s" % (e)) + sys.exit(1) + + url = urlparse.urljoin(host, os.path.join("dnszones", zone, "records", "commit")) + headers = {"Authorization": "Bearer %s" % (token)} + + try: + r = requests.post(url, headers=headers) r.raise_for_status() except requests.exceptions.HTTPError, e: logger.error(e) @@ -166,6 +168,28 @@ def main(): # get txt record logger.info("Verify TXT record") z_record = get_record(config, logger) + records = z_record.json() + if not records: + logger.error("No records found") + sys.exit(1) + elif len(records) > 1: + logger.error("Too many records found") + sys.exit(1) + else: + if records[0].get("name") and records[0].get("data"): + config.set('DNS', 'RECORD', records[0]["name"]) + config.set('DNS', 'DATA', records[0]["data"]) + else: + logger.error("Not enough data available") + sys.exit(1) + + # delete record + logger.info("Try to delete TXT record") + z_delete = delete_record(config, logger) + # commit changes + z_commit = dns_commit(config, logger) + os.remove('/tmp/CERTBOT_%s.json' % (os.environ['CERTBOT_DOMAIN'])) + logger.info("Delete TXT record successful") if __name__ == "__main__":