class LetsencryptDynectUpdater (object):
customer_name = os.environ['CERTBOT_CUSTOMER_NAME']
api_key = os.environ['CERTBOT_API_KEY']
api_pass = os.environ['CERTBOT_API_PASS']
challengeSubdomain = '_acme-challenge'
rest_client = DynectRest()
fqdn = None
domain = None
validation = None
def __init__(self, domain, validation):
self.domain = self.parseTld(domain)
self.validation = validation
# use the passed domain param here, self.domain only contains the main domain at this point
self.fqdn = '{}.{}'.format(self.challengeSubdomain, domain)
def parseTld(self, domain):
splitted = domain.split('.')
return '.'.join(splitted[-2:])
def login(self):
arguments = {
'customer_name': self.customer_name,
'user_name': self.api_key,
'password': self.api_pass,
}
response = self.rest_client.execute('/Session/', 'POST', arguments)
if response['status'] != 'success':
print("Incorrect credentials")
sys.exit(1)
def deleteValidationRecord(self):
response = self.rest_client.execute(
'/TXTRecord/{}/{}/'.format(
self.domain,
self.fqdn
), 'DELETE'
)
if response['status'] != 'success':
print('No entries found to delete')
return True
records = response['data']
for record in records:
record_id = record.split('/').pop()
return True
def addValidationRecord(self):
arguments = {
'rdata': {'txtdata': self.validation},
'ttl': 5
}
response = self.rest_client.execute(
'/TXTRecord/{}/{}/'.format(
self.domain,
self.fqdn
), 'POST', arguments)
if response['status'] != 'success':
print('Adding txt record failed')
sys.exit(1)
def publish(self):
arguments = {
'publish': 1
}
response = self.rest_client.execute(
'/Zone/{}/'.format(
self.domain
), 'PUT', arguments)
if response['status'] != 'success':
print('Adding txt record failed')
sys.exit(1)
def logout(self):
self.rest_client.execute('/Session/', 'DELETE')
def point_dns_to_stack(region, stack_type, name):
import sys
import os
import json
import boto.ec2.elb
from dynect.DynectDNS import DynectRest # sudo pip install https://github.com/dyninc/Dynect-API-Python-Library/zipball/master
if stack_type == 'stage':
elbs = {
'firefoxos.anosrep.org': 'w-anosrep-org',
'login.anosrep.org': 'w-anosrep-org',
'www.anosrep.org': 'w-anosrep-org',
'static.login.anosrep.org': 'w-login-anosrep-org',
'verifier.login.anosrep.org': 'w-login-anosrep-org',
'gmail.login.anosrep.org': 'gmail-login-anosrep-org',
'yahoo.login.anosrep.org': 'yahoo-login-anosrep-org'
}
zone = 'anosrep.org'
elif stack_type == 'prod':
elbs = {
'login.persona.org': 'persona-org',
'www.persona.org': 'persona-org',
'gmail.login.persona.org': 'gmail-login-persona-org',
'yahoo.login.persona.org': 'yahoo-login-persona-org'
}
zone = 'persona.org'
new_names = {}
# TODO : This doesn't work for prod because we need to inject multiple regions into traffic mangement
conn_elb = boto.ec2.elb.connect_to_region(region)
load_balancers = conn_elb.get_all_load_balancers(
load_balancer_names=['%s-%s' % (x, name) for x in set(elbs.values())])
for load_balancer in load_balancers:
new_names['-'.join(
load_balancer.name.split('-')[:-1])] = load_balancer.dns_name
rest_iface = DynectRest()
if 'AWS_CONFIG_DIR' in os.environ:
user_data_filename = os.path.join(os.environ['AWS_CONFIG_DIR'],
'dynect.json')
else:
user_data_filename = 'config/dynect.json'
with open(user_data_filename, 'r') as f:
dynect_credentials = json.load(f)
# Log in
response = rest_iface.execute('/Session/', 'POST', dynect_credentials)
if response['status'] != 'success':
sys.exit("Incorrect credentials")
for record in elbs.keys():
# Get record_id
uri = '/CNAMERecord/%s/%s/' % (zone, record)
response = rest_iface.execute(uri, 'GET')
record_id = response['data'][0].split('/')[-1]
uri = uri + record_id + '/'
# Get current record
response = rest_iface.execute(uri, 'GET')
old_name = response['data']['rdata']['cname']
# Set new record
new_name = new_names[elbs[record]] + '.'
arguments = {'rdata': {'cname': new_name}}
logging.info('calling "%s" to change the record from "%s" to "%s"' %
(uri, old_name, new_name))
response = rest_iface.execute(uri, 'PUT', arguments)
logging.info(json.dumps(response['msgs']))
# Publish the new zone
response = rest_iface.execute('/Zone/%s' % zone, 'PUT', {'publish': 1})
logging.info('new zone published with updates at serial number %s' %
response['data']['serial'])
# Log out, to be polite
rest_iface.execute('/Session/', 'DELETE')
from dynect.DynectDNS import DynectRest
from pprint import PrettyPrinter
# TODO Break ouf of two additional loops for the DR verification block
# TODO where it says saving back up file, add file name and path
zone_list = []
current_time = time.strftime("%d%m%Y-%H%M%S")
# parameter / file name configuration
args = sys.argv
help_list = ["/?", "?", "help", "-h", "-he4lp"]
print(args)
# Login to API
api = DynectRest()
print("Log in DYN API")
pargs = {
'customer_name': 'Infinata',
'user_name': input('Enter your Dynect username: '******'password': getpass.getpass(prompt='Password:'******'/REST/Session/', 'POST', pargs)
if response['status'] != 'success':
pretty = PrettyPrinter()
msg = "** Login to API failed: %s" % pretty.pformat(response)
sys.exit(msg)
def queryDynect(self):
LOG.info('Query DynECT to get the state of GSLBs')
try:
rest_iface = DynectRest()
if CONF.debug and CONF.use_stderr:
rest_iface.verbose = True
# login
credentials = {
'customer_name': CONF.dynect_customer,
'user_name': CONF.dynect_username,
'password': CONF.dynect_password,
}
LOG.debug('credentials = %s', credentials)
response = rest_iface.execute('/Session/', 'POST', credentials)
if response['status'] != 'success':
LOG.error('Failed to create API session: %s',
response['msgs'][0]['INFO'])
self.updating = False
return
# Discover all the Zones in DynECT
response = rest_iface.execute('/Zone/', 'GET')
LOG.debug('/Zone/ => %s', json.dumps(response, indent=4))
zone_resources = response['data']
# Discover all the LoadBalancers
for resource in zone_resources:
zone = resource.split('/')[
3] # eg. /REST/Zone/guardiannews.com/
response = rest_iface.execute('/LoadBalance/' + zone + '/',
'GET')
LOG.debug('/LoadBalance/%s/ => %s', zone,
json.dumps(response, indent=4))
gslb = response['data']
# Discover LoadBalancer pool information.
for lb in gslb:
fqdn = lb.split(
'/'
)[4] # eg. /REST/LoadBalance/guardiannews.com/id.guardiannews.com/
response = rest_iface.execute(
'/LoadBalance/' + zone + '/' + fqdn + '/', 'GET')
LOG.debug('/LoadBalance/%s/%s/ => %s', zone, fqdn,
json.dumps(response, indent=4))
status = response['data']['status']
monitor = response['data']['monitor']
self.info['gslb-' + fqdn] = {
'status': status,
'gslb': fqdn,
'rawData': monitor
}
for pool in response['data']['pool']:
name = '%s-%s' % (fqdn, pool['label'].replace(
' ', '-'))
status = '%s:%s:%s' % (
pool['status'], pool['serve_mode'], pool['weight'])
self.info['pool-' + name] = {
'status': status,
'gslb': fqdn,
'rawData': pool
}
LOG.info('Finished object discovery query.')
LOG.debug('GSLBs and Pools: %s', json.dumps(self.info, indent=4))
# logout
rest_iface.execute('/Session/', 'DELETE')
except Exception, e:
LOG.error('Failed to discover GSLBs: %s', e)
self.updating = False
