We use cookies to ensure you get the best experience on our website
首頁 探索 說明
註冊 登入
0ct0pu5
/
desec-stack
1
0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
目錄樹: 8d0d6935d7
分支列表 標籤列表
desec-stack
/
api
/
desecapi
/
pdns.py

pdns.py 4.3 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145 
  1. import requests
    2. 

  2. import json
    3. 

  3. import random
    4. 

  4. from api import settings
    5. 

  5. from desecapi.exceptions import PdnsException
    6. 

  6. 

  7. 

  8. headers_nslord = {
    9. 

  9.     'Accept': 'application/json',
    10. 

  10.     'User-Agent': 'desecapi',
    11. 

  11.     'X-API-Key': settings.NSLORD_PDNS_API_TOKEN,
    12. 

  12. }
    13. 

  13. 

  14. headers_nsmaster = {
    15. 

  15.     'User-Agent': 'desecapi',
    16. 

  16.     'X-API-Key': settings.NSMASTER_PDNS_API_TOKEN,
    17. 

  17. }
    18. 

  18. 

  19. 

  20. def _pdns_delete(url):
    21. 

  21.     # We first delete the zone from nslord, the main authoritative source of our DNS data.
    22. 

  22.     # However, we do not want to wait for the zone to expire on the slave ("nsmaster").
    23. 

  23.     # We thus issue a second delete request on nsmaster to delete the zone there immediately.
    24. 

  24.     r1 = requests.delete(settings.NSLORD_PDNS_API + url, headers=headers_nslord)
    25. 

  25.     if r1.status_code < 200 or r1.status_code >= 300:
    26. 

  26.         # Deletion technically does not fail if the zone didn't exist in the first place
    27. 

  27.         if r1.status_code == 422 and 'Could not find domain' in r1.text:
    28. 

  28.             pass
    29. 

  29.         else:
    30. 

  30.             raise PdnsException(r1)
    31. 

  31. 

  32.     # Delete from nsmaster as well
    33. 

  33.     r2 = requests.delete(settings.NSMASTER_PDNS_API + url, headers=headers_nsmaster)
    34. 

  34.     if r2.status_code < 200 or r2.status_code >= 300:
    35. 

  35.         # Deletion technically does not fail if the zone didn't exist in the first place
    36. 

  36.         if r2.status_code == 422 and 'Could not find domain' in r2.text:
    37. 

  37.             pass
    38. 

  38.         else:
    39. 

  39.             raise PdnsException(r2)
    40. 

  40. 

  41.     return (r1, r2)
    42. 

  42. 

  43. 

  44. def _pdns_post(url, body):
    45. 

  45.     r = requests.post(settings.NSLORD_PDNS_API + url, data=json.dumps(body), headers=headers_nslord)
    46. 

  46.     if r.status_code < 200 or r.status_code >= 300:
    47. 

  47.         raise PdnsException(r)
    48. 

  48.     return r
    49. 

  49. 

  50. 

  51. def _pdns_patch(url, body):
    52. 

  52.     r = requests.patch(settings.NSLORD_PDNS_API + url, data=json.dumps(body), headers=headers_nslord)
    53. 

  53.     if r.status_code < 200 or r.status_code >= 300:
    54. 

  54.         raise PdnsException(r)
    55. 

  55.     return r
    56. 

  56. 

  57. 

  58. def _pdns_get(url):
    59. 

  59.     r = requests.get(settings.NSLORD_PDNS_API + url, headers=headers_nslord)
    60. 

  60.     if r.status_code < 200 or r.status_code >= 400:
    61. 

  61.         raise PdnsException(r)
    62. 

  62.     return r
    63. 

  63. 

  64. 

  65. def _pdns_put(url):
    66. 

  66.     r = requests.put(settings.NSLORD_PDNS_API + url, headers=headers_nslord)
    67. 

  67.     if r.status_code < 200 or r.status_code >= 500:
    68. 

  68.         raise PdnsException(r)
    69. 

  69.     return r
    70. 

  70. 

  71. 

  72. def create_zone(domain, nameservers):
    73. 

  73.     """
    74. 

  74.     Commands pdns to create a zone with the given name and nameservers.
    75. 

  75.     """
    76. 

  76.     name = domain.name
    77. 

  77.     if not name.endswith('.'):
    78. 

  78.         name += '.'
    79. 

  79. 

  80.     salt = '%016x' % random.randrange(16**16)
    81. 

  81.     payload = {'name': name, 'kind': 'MASTER', 'dnssec': True,
    82. 

  82.                'nsec3param': '1 0 127 %s' % salt, 'nameservers': nameservers}
    83. 

  83.     _pdns_post('/zones', payload)
    84. 

  84. 

  85.     notify_zone(domain)
    86. 

  86. 

  87. 

  88. def delete_zone(domain):
    89. 

  89.     """
    90. 

  90.     Commands pdns to delete a zone with the given name.
    91. 

  91.     """
    92. 

  92.     _pdns_delete('/zones/' + domain.pdns_id)
    93. 

  93. 

  94. 

  95. def get_keys(domain):
    96. 

  96.     """
    97. 

  97.     Retrieves a dict representation of the DNSSEC key information
    98. 

  98.     """
    99. 

  99.     r = _pdns_get('/zones/%s/cryptokeys' % domain.pdns_id)
    100. 

  100.     return [{k: key[k] for k in ('dnskey', 'ds', 'flags', 'keytype')}
    101. 

  101.             for key in r.json()
    102. 

  102.             if key['active'] and key['keytype'] in ['csk', 'ksk']]
    103. 

  103. 

  104. 

  105. def get_zone(domain):
    106. 

  106.     """
    107. 

  107.     Retrieves a dict representation of the zone from pdns
    108. 

  108.     """
    109. 

  109.     r = _pdns_get('/zones/' + domain.pdns_id)
    110. 

  110. 

  111.     return r.json()
    112. 

  112. 

  113. 

  114. def get_rrset_datas(domain):
    115. 

  115.     """
    116. 

  116.     Retrieves a dict representation of the RRsets in a given zone
    117. 

  117.     """
    118. 

  118.     return [{'domain': domain,
    119. 

  119.              'subname': rrset['name'][:-(len(domain.name) + 2)],
    120. 

  120.              'type': rrset['type'],
    121. 

  121.              'records': [record['content'] for record in rrset['records']],
    122. 

  122.              'ttl': rrset['ttl']}
    123. 

  123.             for rrset in get_zone(domain)['rrsets']]
    124. 

  124. 

  125. 

  126. def set_rrsets(domain, rrsets, notify=True):
    127. 

  127.     data = {'rrsets':
    128. 

  128.         [{'name': rrset.name, 'type': rrset.type, 'ttl': rrset.ttl,
    129. 

  129.           'changetype': 'REPLACE',
    130. 

  130.           'records': [{'content': record.content, 'disabled': False}
    131. 

  131.                       for record in rrset.records.all()]
    132. 

  132.           }
    133. 

  133.          for rrset in rrsets]
    134. 

  134.     }
    135. 

  135.     _pdns_patch('/zones/' + domain.pdns_id, data)
    136. 

  136. 

  137.     if notify:
    138. 

  138.         notify_zone(domain)
    139. 

  139. 

  140. 

  141. def notify_zone(domain):
    142. 

  142.     """
    143. 

  143.     Commands pdns to notify the zone to the pdns slaves.
    144. 

  144.     """
    145. 

  145.     _pdns_put('/zones/%s/notify' % domain.pdns_id)
    146.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5