informatic
/
local-letsencrypt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rename remove to delete, allow arbitrary record type and name

master
informatic 2017-04-07 00:25:47 +02:00
parent 2a217b5a82
commit 47045e3e9a
5 changed files with 59 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
client/cleanup-hook.sh
View File

@ -2,4 +2,4 @@
. $(dirname $(realpath $0))/hook-config
curl "$API_URL/api/1/remove?token=$API_TOKEN&record=$CERTBOT_DOMAIN"
curl "$API_URL/api/1/delete?token=$API_TOKEN&record=_acme-challenge.$CERTBOT_DOMAIN&type=TXT"

8
client/install-hook.sh
View File

@ -2,10 +2,4 @@
. $(dirname $(realpath $0))/hook-config
curl "$API_URL/api/1/add?token=$API_TOKEN&record=$CERTBOT_DOMAIN&value=$CERTBOT_VALIDATION"
# FIXME: ovh is shit
while [ "$(dig _acme-challenge.$CERTBOT_DOMAIN TXT +short | wc -l)" -lt 1 ]; do
echo 'still waiting...' >&2
sleep 5;
done
curl "$API_URL/api/1/add?token=$API_TOKEN&record=_acme-challenge.$CERTBOT_DOMAIN&value=$CERTBOT_VALIDATION&type=TXT"

50
server/backends.py
View File

@ -1,11 +1,15 @@
import requests
import json
class Backend(object):
def __init__(self, config):
self.config = config
def add(self, name, value):
def add(self, name, value, type_):
raise NotImplemented
def remove(self, name):
def delete(self, name, type_):
raise NotImplemented
@ -27,19 +31,53 @@ class OVHBackend(Backend):
])
print(req)
def add(self, name, value):
def add(self, name, value, type_):
if not name.endswith(self.config['OVH_ZONE']):
raise Exception()
v = self.client.post('/domain/zone/%s/record' % (self.config['OVH_ZONE'],),
fieldType='TXT', subDomain=name+'.', target=value)
fieldType=type_, subDomain=name+'.', target=value)
print(v)
self.client.post('/domain/zone/%s/refresh' % (self.config['OVH_ZONE'],))
def remove(self, name):
def delete(self, name, type_):
ids = self.client.get(
'/domain/zone/%s/record' % (self.config['OVH_ZONE'],), fieldType='TXT', subDomain=name+'.')
'/domain/zone/%s/record' % (self.config['OVH_ZONE'],), fieldType=type_, subDomain=name+'.')
for i in ids:
print('Removing', i)
self.client.delete('/domain/zone/%s/record/%d' % (self.config['OVH_ZONE'], i))
self.client.post('/domain/zone/%s/refresh' % (self.config['OVH_ZONE'],))
class PowerDNSBackend(Backend):
def do_patch(self, reqdata):
api_url = '%s/api/v1/servers/localhost/zones/%s.' % (
self.config.get('PDNS_URL', 'http://127.0.0.1:8081'),
self.config['PDNS_ZONE'],
)
return requests.patch(api_url, data=json.dumps(reqdata), headers={
'X-API-Key': self.config['PDNS_TOKEN']
}).json()
def add(self, name, value, type_):
self.do_patch({
"rrsets": [{
"name": name + ".",
"type": "A",
"ttl": 86400,
"changetype": "REPLACE",
"records": [{
"content": value,
"disabled": False
}]
}]
})
def delete(self, name, type_):
self.do_patch({
"rrsets": [{
"name": name + ".",
"type": type_,
"changetype": "DELETE",
}]
})

6
server/config.cfg.dist
View File

@ -1,7 +1,11 @@
# Global configuration
TOKENS = {
'testing3.waw.inf.re': 'testtoken',
'testing3.waw.inf.re:TXT': 'testtoken',
}
# OVH-specific backend configuration
OVH_ZONE = 'inf.re'
# PowerDNS-specific backend configuration
PDNS_ZONE = 'inf.re'
PDNS_TOKEN = 'changeme'

14
server/master.py
View File

@ -1,24 +1,26 @@
import flask
from flask import request
from backends import OVHBackend
from backends import PowerDNSBackend
from utils import verify_token
app = flask.Flask(__name__)
app.config.from_pyfile('config.cfg')
app.backend = OVHBackend(app.config)
app.backend = PowerDNSBackend(app.config)
@app.route('/api/1/add')
@verify_token
def add():
app.backend.add('_acme-challenge.'+request.args['record'], request.args['value'])
name, type_ = request.args['record'].rsplit(':', 1)
app.backend.add(name, request.args['value'], type_)
return 'ok'
@app.route('/api/1/remove')
@app.route('/api/1/delete')
@verify_token
def remove():
app.backend.remove('_acme-challenge.'+request.args['record'])
def delete():
name, type_ = request.args['record'].rsplit(':', 1)
app.backend.delete(name, type_)
return 'ok'