-
Notifications
You must be signed in to change notification settings - Fork 4
/
bind.py
57 lines (49 loc) · 1.79 KB
/
bind.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
#!/usr/bin/env python3
from sys import argv
from os import remove
from subprocess import call
# CONFIGURATION START
nameservers = ["dns1.iancaling.com"]
zone_name = "iancaling.com."
nsupdate_keyfile = "/home/ianl/iancaling.com.key"
nsupdate_path = "/usr/bin/nsupdate"
# CONFIGURATION END
"""
possible commands:
1 - deploy_challenge -- deploy the challenge records
2 - clean_challenge -- clean up the challenge records
3 - deploy_cert -- do nothing! you have to do this manually!
"""
command = argv[1]
domain = argv[2]
token = argv[4]
if command == "deploy_challenge":
for nameserver in nameservers:
print(f" + Deploying challenge record to {nameserver}...")
batch_file_path = f"/tmp/{nameserver}_{domain}_nsupdate.tmp"
with open(batch_file_path, "w") as nsupdate_batch_file:
nsupdate_batch_file.write(f"""server {nameserver}
zone {zone_name}
update add _acme-challenge.{domain} 60 TXT {token}
send
""")
nsupdate_command = f"{nsupdate_path} -k {nsupdate_keyfile} {batch_file_path}"
call(nsupdate_command, shell=True)
remove(batch_file_path)
print(" + Challenge deployed!")
elif command == "clean_challenge":
for nameserver in nameservers:
print(f" + Cleaning up challenge record on {nameserver}...")
batch_file_path = f"/tmp/{nameserver}_{domain}_nsupdate.clean.tmp"
with open(batch_file_path, "w") as nsupdate_batch_file:
nsupdate_batch_file.write(f"""server {nameserver}
zone {zone_name}
update delete _acme-challenge.{domain} TXT
send
""")
nsupdate_command = f"{nsupdate_path} -k {nsupdate_keyfile} {batch_file_path}"
call(nsupdate_command, shell=True)
remove(batch_file_path)
print(" + Cleanup complete!")
elif command == "deploy_cert":
pass # deploy your cert manually