pdns_dnssec/main.py

from decouple import config
import sys
import urllib3
import requests
import json
from datetime import datetime


apikey = ""
server = ""


def apicall(args="", method="GET", new_data={}):
    if method == 'PATCH':
        response = requests.patch(f"{server}/api/v1/{args}?api-key={apikey}", new_data)
        print(f"{response=}")
    else:
        response = urllib3.request(method=method, url=f"{server}/api/v1/{args}?api-key={apikey}")
        # print(f"{response.headers=}")
        # print(f"{response.data=}")
    return response


def status(domain="no_arg"):
    # print(f"check if domain {domain} exists")
    # print(f"{apikey=}")
    # print(f"{server=}")
    response = apicall(f"servers/localhost/zones/{domain}")
    # print(f"{response.data=}")
    resp_obj = json.loads(response.data)
    # print(f"{resp_obj=}")
    if resp_obj['dnssec']:
        print("DNSSEC: ON")
        for n in resp_obj['rrsets']:
            if n['type'] == 'SOA':
                for r in n['records']:
                    print(f"SOA: {r['content']}")
        # print(f"SOA: '{resp_obj['']}'")
    else:
        print("DNSSEC: OFF")


def push(domain="no_arg"):
    print(f"push domain {domain}")
    r = apicall(f"servers/localhost/zones/{domain}")
    res = json.loads(r.data)
    print(f"{res=}")
    old_serial = res['edited_serial']
    print(f"serial number is {old_serial}")
    now = datetime.now()
    new_serial = int(now.strftime('%Y%m%d') + "01")
    if new_serial - old_serial < 100:
        while (new_serial <= old_serial):
            new_serial += 1
    print(f"serial number is {new_serial}")
    res['edited_serial'] = new_serial
    mod = json.dumps(res)
    r = apicall(method="PATCH", args=f"servers/localhost/zones/{domain}/SOA", new_data={'edited_serial': new_serial})


def main():
    global apikey, server
    apikey = config("PDNS_APIKEY", default='no_apikey_found')
    server = config("PDNS_SERVER", default='no_server_found')
    if len(sys.argv) < 2:
        print("usage:")
        print()
        print(f"  {sys.argv[0]} [domainname] -on     -- switch on DNSSEC for the given domain")
        print(f"  {sys.argv[0]} [domainname] -off    -- switch off DNSSEC for the given domain")
        print(f"  {sys.argv[0]} [domainname] -status -- show DNSSEC status for the given domain")
        print(f"  {sys.argv[0]} [domainname] -push   -- update serial number and push the given domain")
        print(f"  {sys.argv[0]} -makeds              -- make DS records based on CDS records")
        sys.exit(1)
    if sys.argv[2] == '-status':
        status(sys.argv[1])
    if sys.argv[2] == '-push':
        push(sys.argv[1])


if __name__ == "__main__":
    main()