summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xclient/cleanup-hook.sh2
-rwxr-xr-xclient/install-hook.sh8
-rw-r--r--server/backends.py50
-rw-r--r--server/config.cfg.dist6
-rw-r--r--server/master.py14
5 files changed, 59 insertions, 21 deletions
diff --git a/client/cleanup-hook.sh b/client/cleanup-hook.sh
index 23fe60a..73bf40f 100755
--- a/client/cleanup-hook.sh
+++ b/client/cleanup-hook.sh
@@ -2,4 +2,4 @@
. $(dirname $(realpath $0))/hook-config
-curl "$API_URL/api/1/remove?token=$API_TOKEN&record=$CERTBOT_DOMAIN"
+curl "$API_URL/api/1/delete?token=$API_TOKEN&record=_acme-challenge.$CERTBOT_DOMAIN&type=TXT"
diff --git a/client/install-hook.sh b/client/install-hook.sh
index 08576dd..fb78b26 100755
--- a/client/install-hook.sh
+++ b/client/install-hook.sh
@@ -2,10 +2,4 @@
. $(dirname $(realpath $0))/hook-config
-curl "$API_URL/api/1/add?token=$API_TOKEN&record=$CERTBOT_DOMAIN&value=$CERTBOT_VALIDATION"
-
-# FIXME: ovh is shit
-while [ "$(dig _acme-challenge.$CERTBOT_DOMAIN TXT +short | wc -l)" -lt 1 ]; do
- echo 'still waiting...' >&2
- sleep 5;
-done
+curl "$API_URL/api/1/add?token=$API_TOKEN&record=_acme-challenge.$CERTBOT_DOMAIN&value=$CERTBOT_VALIDATION&type=TXT"
diff --git a/server/backends.py b/server/backends.py
index be95f8c..4546807 100644
--- a/server/backends.py
+++ b/server/backends.py
@@ -1,11 +1,15 @@
+import requests
+import json
+
+
class Backend(object):
def __init__(self, config):
self.config = config
- def add(self, name, value):
+ def add(self, name, value, type_):
raise NotImplemented
- def remove(self, name):
+ def delete(self, name, type_):
raise NotImplemented
@@ -27,19 +31,53 @@ class OVHBackend(Backend):
])
print(req)
- def add(self, name, value):
+ def add(self, name, value, type_):
if not name.endswith(self.config['OVH_ZONE']):
raise Exception()
v = self.client.post('/domain/zone/%s/record' % (self.config['OVH_ZONE'],),
- fieldType='TXT', subDomain=name+'.', target=value)
+ fieldType=type_, subDomain=name+'.', target=value)
print(v)
self.client.post('/domain/zone/%s/refresh' % (self.config['OVH_ZONE'],))
- def remove(self, name):
+ def delete(self, name, type_):
ids = self.client.get(
- '/domain/zone/%s/record' % (self.config['OVH_ZONE'],), fieldType='TXT', subDomain=name+'.')
+ '/domain/zone/%s/record' % (self.config['OVH_ZONE'],), fieldType=type_, subDomain=name+'.')
for i in ids:
print('Removing', i)
self.client.delete('/domain/zone/%s/record/%d' % (self.config['OVH_ZONE'], i))
self.client.post('/domain/zone/%s/refresh' % (self.config['OVH_ZONE'],))
+
+
+class PowerDNSBackend(Backend):
+ def do_patch(self, reqdata):
+ api_url = '%s/api/v1/servers/localhost/zones/%s.' % (
+ self.config.get('PDNS_URL', 'http://127.0.0.1:8081'),
+ self.config['PDNS_ZONE'],
+ )
+ return requests.patch(api_url, data=json.dumps(reqdata), headers={
+ 'X-API-Key': self.config['PDNS_TOKEN']
+ }).json()
+
+ def add(self, name, value, type_):
+ self.do_patch({
+ "rrsets": [{
+ "name": name + ".",
+ "type": "A",
+ "ttl": 86400,
+ "changetype": "REPLACE",
+ "records": [{
+ "content": value,
+ "disabled": False
+ }]
+ }]
+ })
+
+ def delete(self, name, type_):
+ self.do_patch({
+ "rrsets": [{
+ "name": name + ".",
+ "type": type_,
+ "changetype": "DELETE",
+ }]
+ })
diff --git a/server/config.cfg.dist b/server/config.cfg.dist
index 964eb19..88d1225 100644
--- a/server/config.cfg.dist
+++ b/server/config.cfg.dist
@@ -1,7 +1,11 @@
# Global configuration
TOKENS = {
- 'testing3.waw.inf.re': 'testtoken',
+ 'testing3.waw.inf.re:TXT': 'testtoken',
}
# OVH-specific backend configuration
OVH_ZONE = 'inf.re'
+
+# PowerDNS-specific backend configuration
+PDNS_ZONE = 'inf.re'
+PDNS_TOKEN = 'changeme'
diff --git a/server/master.py b/server/master.py
index bcb3076..e9be8b1 100644
--- a/server/master.py
+++ b/server/master.py
@@ -1,24 +1,26 @@
import flask
from flask import request
-from backends import OVHBackend
+from backends import PowerDNSBackend
from utils import verify_token
app = flask.Flask(__name__)
app.config.from_pyfile('config.cfg')
-app.backend = OVHBackend(app.config)
+app.backend = PowerDNSBackend(app.config)
@app.route('/api/1/add')
@verify_token
def add():
- app.backend.add('_acme-challenge.'+request.args['record'], request.args['value'])
+ name, type_ = request.args['record'].rsplit(':', 1)
+ app.backend.add(name, request.args['value'], type_)
return 'ok'
-@app.route('/api/1/remove')
+@app.route('/api/1/delete')
@verify_token
-def remove():
- app.backend.remove('_acme-challenge.'+request.args['record'])
+def delete():
+ name, type_ = request.args['record'].rsplit(':', 1)
+ app.backend.delete(name, type_)
return 'ok'