diff --git a/certbot-dns-auth.py b/certbot-dns-auth.py index 316ed94..2a2a647 100755 --- a/certbot-dns-auth.py +++ b/certbot-dns-auth.py @@ -27,7 +27,7 @@ # end if dirName = os.path.dirname(os.path.abspath(sys.argv[0])) - cmd = dirName + "/update-record.py -c " + dirName + "/conf.cfg" + " -t 300 -r TXT _acme-challenge." + d + " " + v; + cmd = dirName + "/update-record.py -m create -c " + dirName + "/conf.cfg" + " -t 300 -r TXT _acme-challenge." + d + " " + v; os.system(cmd) # sleep to make sure the change has time to propagate over to DNS diff --git a/certbot-dns-clean.py b/certbot-dns-clean.py index 864190d..9d9441c 100755 --- a/certbot-dns-clean.py +++ b/certbot-dns-clean.py @@ -27,7 +27,7 @@ # end if dirName = os.path.dirname(os.path.abspath(sys.argv[0])) - cmd = dirName + "/update-record.py -c " + dirName + "/conf.cfg" + " -r TXT --delete _acme-challenge." + d; + cmd = dirName + "/update-record.py -m delete -c " + dirName + "/conf.cfg" + " -r TXT _acme-challenge." + d; os.system(cmd) # end main diff --git a/update-record.py b/update-record.py index 73abf0f..d688f0c 100755 --- a/update-record.py +++ b/update-record.py @@ -18,27 +18,10 @@ # end errorCheck -def main(args): - verbose = args.verbose - domain = args.domain - - # split domain - h = domain.split('.') - if (len(h) < 3): - raise ValueError("invalid subdomain") - sub = h[0] - for i in range(1, len(h)-2): - sub += '.' + h[i] - domain = h[-2] + '.' + h[-1] - - if (args.debug): - print(args) - - # get config and login - username, password, shared_secret = get_account_data(True, config_file=args.config_file, config_section=args.config_section) +def updateRecord(mode, username, password, domain, sub, record_type, ttl, content=None, config_section="live", verbose=False): debug_mode = False api_url = ApiClient.API_LIVE_URL - if (args.config_section == "ote"): + if (config_section == "ote"): debug_mode = True api_url = ApiClient.API_OTE_URL api_client = ApiClient(api_url=api_url, debug_mode=debug_mode) @@ -59,17 +42,16 @@ ret = errorCheck(api_client.call_api(api_method='nameserver.info', method_params={'domain': domain})) records = ret['resData']['record'] - content = str(args.content) - if (args.delete or args.update): + if (mode == "delete" or mode == "update"): recordFound = False for r in records: - if (r['name'] == args.domain and r['type'] == args.record_type): + if (r['name'] == args.domain and r['type'] == record_type): recordFound = True if (verbose): print('entry:', r) # delete entry - if (args.delete): + if (mode == "delete"): # if content is not none: delete only entry with given content. if (args.content != None and r['content'] != content): continue @@ -79,23 +61,58 @@ print('delete:', ret) # update entry elif (args.update): - ret = errorCheck(api_client.call_api(api_method='nameserver.updateRecord', method_params={'id': r['id'], 'type': args.record_type, 'content': content, 'ttl': args.ttl})) + ret = errorCheck(api_client.call_api(api_method='nameserver.updateRecord', method_params={'id': r['id'], 'type': record_type, 'content': content, 'ttl': ttl})) if (verbose): print('update:', ret) # end if # end if # end for - if (not recordFound): - raise RuntimeError('No entry available for updating or deleting.') - else: - ret = errorCheck(api_client.call_api(api_method='nameserver.createRecord', method_params={'domain': domain, 'name': sub, 'type': args.record_type, 'content': content, 'ttl': args.ttl})) + if (mode == "delete" and not recordFound): + raise RuntimeError('can not delete entry.') + # end if + + if (mode == "create" or (mode == "update" and not recordFound)): + ret = errorCheck(api_client.call_api(api_method='nameserver.createRecord', method_params={'domain': domain, 'name': sub, 'type': record_type, 'content': content, 'ttl': ttl})) if (verbose): print('create:', ret) # end if api_client.logout() +# end updateRecord + + +def main(args): + domain = args.domain + + # split domain + h = domain.split('.') + if (len(h) < 3): + raise ValueError("invalid subdomain") + sub = h[0] + for i in range(1, len(h)-2): + sub += '.' + h[i] + domain = h[-2] + '.' + h[-1] + + if (args.debug): + print(args) + + # get config and login + username, password, shared_secret = get_account_data(True, config_file=args.config_file, config_section=args.config_section) + + updateRecord( + mode=args.mode, + username=username, + password=password, + domain=domain, + sub=sub, + content=args.content, + record_type=args.record_type, + ttl=args.ttl, + config_section=args.config_section, + verbose=args.verbose + ) # end main @@ -105,8 +122,8 @@ parser.add_argument('domain', metavar='domain', help='full domain like subdomain.example.com') parser.add_argument('content', metavar='content', nargs='?', default=None, help='ip or string to fill/update into subdomain domain entry') parser.add_argument('-r', '--record-type', metavar='type', required=True, choices=['A', 'AAAA', 'TXT', 'CNAME', 'TLSA'], help='record type (A, AAAA, TXT, CNAME, TLSA)') - parser.add_argument('--delete', action='store_true', required=False, help='delete existing record with given content, or delete all records if no content is given') - parser.add_argument('-u', '--update', action='store_true', required=False, help='update all existing records if one exists, otherwise fails') + parser.add_argument('-m', '--mode', metavar='mode', required=True, choices=['create', 'update', 'delete'], help='operation mode (create, update, delete)\nupdate:update all existing records if one exists, or create if not existing\ndelete: delete existing record with given content, or delete all records if no content is given') + parser.add_argument('-p', '--public-ip', action='store_true', required=False, help='insert public ip. Use A for ip4 an AAAA for ipv6') parser.add_argument('-c', '--config_file', metavar='path', default='./conf.cfg', help='path to configuration file') parser.add_argument('-t', '--ttl', default=3600, type=int, help='TTL (time to live) of the nameserver record in seconds (default 3600)') @@ -118,7 +135,7 @@ # do some checks - if (not args.delete and not args.content): + if (args.mode != 'delete' and not args.content): raise ValueError("Missing content for domain entry.") # end if