1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
#!/usr/bin/env python3
# Copyright 2019 vg
# SPDX-License-Identifier: MIT
'''\
Takes json in stdin to modify a challenge in a zone txt record.
Usage: update-acme-challenge --zones=ZONES
Options:
--zones comma separated list of authorized zones to be changed
Json format:
{
"action": "add|delete",
"zone": "zone_name_to_modify",
"challenge": "mandatory only with add action: challenge",
}
'''
import sys
import json
import subprocess
import docopt
def nsupdate(zone, challenge):
content = f'''
server ::1
del {zone} TXT
add {zone} TXT "{challenge}"
send
'''
subprocess.run(['nsupdate'], check=True, input=content)
def main():
args = docopt.docopt(__doc__)
jsonmap = json.load(sys.stdin.read())
zones = [x.strip() for x in args['--zones'].split(',')]
zone = jsonmap.get('zone', '')
if zone not in zones:
raise ValueError(f'not permitted to modify zone {zone}')
action = jsonmap.get('action', '')
if action not in ('add', 'delete'):
raise ValueError(f'bad value for action content: {action}')
challenge = jsonmap.get('challenge', '')
if not all(x.isalnum() or x in ('+', '/') for x in challenge):
raise ValueError('bad format for challenge content')
nsupdate(zone, challenge if action == 'add' else '')
main()
|
