Initial commit

1 files changed, 59 insertions, 0 deletions

diff --git a/doc/ssh_api_example/update-acme-challenge b/doc/ssh_api_example/update-acme-challenge
new file mode 100755
index 0000000..39b90d0
--- /dev/null
+++ b/doc/ssh_api_example/update-acme-challenge
@@ -0,0 +1,59 @@
+#!/usr/bin/env python3
+# Copyright 2019 vg
+# SPDX-License-Identifier: MIT
+
+'''\
+Takes json in stdin to modify a challenge in a zone txt record.
+
+Usage: update-acme-challenge --zones=ZONES
+
+Options:
+ --zones  comma separated list of authorized zones to be changed
+
+Json format:
+{
+    "action": "add|delete",
+    "zone": "zone_name_to_modify",
+    "challenge": "mandatory only with add action: challenge",
+}
+'''
+
+
+import sys
+import json
+import subprocess
+import docopt
+
+
+def nsupdate(zone, challenge):
+    content = f'''
+        server ::1
+        del {zone} TXT
+        add {zone} TXT "{challenge}"
+        send
+    '''
+    subprocess.run(['nsupdate'], check=True, input=content)
+
+
+def main():
+    args = docopt.docopt(__doc__)
+
+    jsonmap = json.load(sys.stdin.read())
+
+    zones = [x.strip() for x in args['--zones'].split(',')]
+    zone = jsonmap.get('zone', '')
+    if zone not in zones:
+        raise ValueError(f'not permitted to modify zone {zone}')
+
+    action = jsonmap.get('action', '')
+    if action not in ('add', 'delete'):
+        raise ValueError(f'bad value for action content: {action}')
+
+    challenge = jsonmap.get('challenge', '')
+    if not all(x.isalnum() or x in ('+', '/') for x in challenge):
+        raise ValueError('bad format for challenge content')
+
+    nsupdate(zone, challenge if action == 'add' else '')
+
+
+main()