Make sure config lower case, allow DNS records to be deleted and perform actions based on request methods
This commit is contained in:
parent
34ffc81772
commit
dc08b528a1
49
bind-api.py
49
bind-api.py
@ -9,21 +9,11 @@ import dns.zone
|
|||||||
|
|
||||||
from dns.rdatatype import *
|
from dns.rdatatype import *
|
||||||
|
|
||||||
from flask import Flask, jsonify
|
from flask import Flask, jsonify, request
|
||||||
from werkzeug.routing import BaseConverter
|
|
||||||
|
|
||||||
app = Flask(__name__)
|
app = Flask(__name__)
|
||||||
|
|
||||||
|
|
||||||
class RegexConverter(BaseConverter):
|
|
||||||
def __init__(self, url_map, *items):
|
|
||||||
super(RegexConverter, self).__init__(url_map)
|
|
||||||
self.regex = items[0]
|
|
||||||
|
|
||||||
|
|
||||||
app.url_map.converters['regex'] = RegexConverter
|
|
||||||
|
|
||||||
|
|
||||||
def parse_config(config):
|
def parse_config(config):
|
||||||
"""
|
"""
|
||||||
Parse the user config and retreieve the nameserver, username and
|
Parse the user config and retreieve the nameserver, username and
|
||||||
@ -33,11 +23,11 @@ def parse_config(config):
|
|||||||
parser = ConfigParser.ConfigParser()
|
parser = ConfigParser.ConfigParser()
|
||||||
parser.read(config)
|
parser.read(config)
|
||||||
|
|
||||||
options['nameserver'] = parser.get('Nameserver', 'nameserver')
|
options['nameserver'] = parser.get('nameserver', 'server')
|
||||||
options['username'] = parser.get('Auth', 'username')
|
options['username'] = parser.get('auth', 'username')
|
||||||
options['password'] = parser.get('Auth', 'password')
|
options['password'] = parser.get('auth', 'password')
|
||||||
|
|
||||||
options['zones'] = [i + '.' for i in parser.get('Zones', 'valid').split(",")]
|
options['zones'] = [i + '.' for i in parser.get('zones', 'valid').split(",")]
|
||||||
|
|
||||||
return options
|
return options
|
||||||
|
|
||||||
@ -108,8 +98,8 @@ def get_record(domain):
|
|||||||
return jsonify({'error': 'zone not permitted'})
|
return jsonify({'error': 'zone not permitted'})
|
||||||
|
|
||||||
|
|
||||||
@app.route('/dns/record/<regex("update|create"):action>/<string:domain>/<int:ttl>/<string:record_type>/<string:response>', methods=['PUT', 'POST'])
|
@app.route('/dns/record/<string:domain>/<int:ttl>/<string:record_type>/<string:response>', methods=['PUT', 'POST', 'DELETE'])
|
||||||
def dns_mgmt(action, domain, ttl, record_type, response):
|
def dns_mgmt(domain, ttl, record_type, response):
|
||||||
"""
|
"""
|
||||||
Allow users to update existing records
|
Allow users to update existing records
|
||||||
"""
|
"""
|
||||||
@ -131,26 +121,33 @@ def dns_mgmt(action, domain, ttl, record_type, response):
|
|||||||
If the user is only updating make sure the record exists before
|
If the user is only updating make sure the record exists before
|
||||||
attempting to perform a dynamic update. This will
|
attempting to perform a dynamic update. This will
|
||||||
"""
|
"""
|
||||||
if action == 'update':
|
if request.method == 'PUT' or request.method == 'DELETE':
|
||||||
|
resolver = dns.resolver.Resolver()
|
||||||
|
|
||||||
|
resolver.nameservers = [config['nameserver']]
|
||||||
try:
|
try:
|
||||||
answer = dns.resolver.query('.'.join([domain, zone]), record_type)
|
answer = resolver.query(domain, record_type)
|
||||||
except dns.resolver.NXDOMAIN:
|
except dns.resolver.NXDOMAIN:
|
||||||
return jsonify({'error': 'does not exist'})
|
return jsonify({'error': 'domain does not exist'})
|
||||||
|
|
||||||
tsig = dns.tsigkeyring.from_text({config['username']: config['password']})
|
tsig = dns.tsigkeyring.from_text({config['username']: config['password']})
|
||||||
|
|
||||||
update = dns.update.Update(zone, keyring=tsig)
|
action = dns.update.Update(zone, keyring=tsig)
|
||||||
update.replace(dns.name.from_text(domain).labels[0], ttl, str(record_type), str(response))
|
|
||||||
|
if request.method == 'DELETE':
|
||||||
|
action.delete(dns.name.from_text(domain).labels[0])
|
||||||
|
elif request.method == 'PUT' or request.method == 'POST':
|
||||||
|
action.replace(dns.name.from_text(domain).labels[0], ttl, str(record_type), str(response))
|
||||||
|
|
||||||
try:
|
try:
|
||||||
response = dns.query.tcp(update, config['nameserver'])
|
response = dns.query.tcp(action, config['nameserver'])
|
||||||
except:
|
except:
|
||||||
return jsonify({'error': 'unable to update domain'})
|
return jsonify({'error': 'DNS transaction failed'})
|
||||||
|
|
||||||
if response.rcode() == 0:
|
if response.rcode() == 0:
|
||||||
return jsonify({domain: 'successfully updated'})
|
return jsonify({domain: 'DNS request successful'})
|
||||||
else:
|
else:
|
||||||
return jsonify({domain: 'failed to update'})
|
return jsonify({domain: 'DNS request failed'})
|
||||||
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
|
10
config.ini
10
config.ini
@ -1,9 +1,9 @@
|
|||||||
[Nameserver]
|
[nameserver]
|
||||||
nameserver = 172.16.33.135
|
server = 172.16.33.135
|
||||||
|
|
||||||
[Auth]
|
[auth]
|
||||||
username = TRANSFER
|
username = TRANSFER
|
||||||
password = /h9xIk0tbF3A0lOzy6BYAQ==
|
password = /h9xIk0tbF3A0lOzy6BYAQ==
|
||||||
|
|
||||||
[Zones]
|
[zones]
|
||||||
valid = ops.zone.org,eng.zone.net
|
valid = ops.sfdc.net,eng.sfdc.net
|
||||||
|
Loading…
Reference in New Issue
Block a user