From 80892323c9b5732b9e93babca3aa36ed3f07e3ff Mon Sep 17 00:00:00 2001 From: pengshiyu <1940607002@qq.com> Date: Sun, 23 Jun 2024 23:01:52 +0800 Subject: [PATCH] =?UTF-8?q?=E6=94=AF=E6=8C=81DNS=E8=B4=A6=E5=8F=B7?= =?UTF-8?q?=E9=83=A8=E7=BD=B2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- domain_admin/api/dns_api.py | 31 ---------------- domain_admin/api/issue_certificate_api.py | 36 +++++++++++++++++++ domain_admin/router/api_map.py | 1 + .../service/issue_certificate_service.py | 1 + .../utils/open_api/aliyun_domain_api.py | 10 ++++++ 5 files changed, 48 insertions(+), 31 deletions(-) diff --git a/domain_admin/api/dns_api.py b/domain_admin/api/dns_api.py index 363a463830..8c07f6f38f 100644 --- a/domain_admin/api/dns_api.py +++ b/domain_admin/api/dns_api.py @@ -116,34 +116,3 @@ def get_dns_list(): 'total': total, } - -def add_dns_domain_record(): - """ - 添加dns记录 - :return: - """ - dns_id = request.json['dns_id'] - issue_certificate_id = request.json['issue_certificate_id'] - - dns_row = DnsModel.get_by_id(dns_id) - - # 获取验证方式 - challenge_list = issue_certificate_service.get_certificate_challenges(issue_certificate_id) - - for challenge_row in challenge_list: - challenge_json = challenge_row['challenge'].to_json() - if challenge_json['type'] == ChallengeType.DNS01: - - if challenge_row['sub_domain'] and challenge_row['sub_domain'] != 'www': - record_key = '_acme-challenge.' + challenge_row['sub_domain'] - else: - record_key = '_acme-challenge' - - aliyun_domain_api.add_domain_record( - access_key_id=dns_row.access_key, - access_key_secret=dns_row.secret_key, - domain_name=challenge_row['domain'], - record_type=RecordTypeEnum.TXT, - record_key=record_key, - record_value=challenge_row['validation'] - ) diff --git a/domain_admin/api/issue_certificate_api.py b/domain_admin/api/issue_certificate_api.py index cf72d0c3ff..c3d554320b 100644 --- a/domain_admin/api/issue_certificate_api.py +++ b/domain_admin/api/issue_certificate_api.py @@ -7,6 +7,7 @@ from flask import g, request from playhouse.shortcuts import model_to_dict, chunked +from domain_admin.model.dns_model import DnsModel from domain_admin.model.domain_model import DomainModel from domain_admin.model.host_model import HostModel from domain_admin.model.issue_certificate_model import IssueCertificateModel @@ -14,6 +15,8 @@ from domain_admin.utils import ip_util, domain_util, fabric_util, datetime_util, validate_util from domain_admin.utils.acme_util.challenge_type import ChallengeType from domain_admin.utils.flask_ext.app_exception import AppException +from domain_admin.utils.open_api import aliyun_domain_api +from domain_admin.utils.open_api.aliyun_domain_api import RecordTypeEnum def issue_certificate(): @@ -349,3 +352,36 @@ def notify_web_hook(): raise res.raise_for_status() return res.text + + +def add_dns_domain_record(): + """ + 添加dns记录 + :return: + """ + dns_id = request.json['dns_id'] + issue_certificate_id = request.json['issue_certificate_id'] + print(dns_id, ' ', issue_certificate_id) + + dns_row = DnsModel.get_by_id(dns_id) + + # 获取验证方式 + challenge_list = issue_certificate_service.get_certificate_challenges(issue_certificate_id) + + for challenge_row in challenge_list: + challenge_json = challenge_row['challenge'].to_json() + if challenge_json['type'] == ChallengeType.DNS01: + + if challenge_row['sub_domain']: + record_key = '_acme-challenge.' + challenge_row['sub_domain'] + else: + record_key = '_acme-challenge' + + aliyun_domain_api.add_domain_record( + access_key_id=dns_row.access_key, + access_key_secret=dns_row.secret_key, + domain_name=challenge_row['root_domain'], + record_type=RecordTypeEnum.TXT, + record_key=record_key, + record_value=challenge_row['validation'] + ) diff --git a/domain_admin/router/api_map.py b/domain_admin/router/api_map.py index 477f3f3f82..8d64f7db28 100644 --- a/domain_admin/router/api_map.py +++ b/domain_admin/router/api_map.py @@ -178,6 +178,7 @@ '/api/deleteCertificateByBatch': issue_certificate_api.delete_certificate_by_batch, '/api/getAllowCommands': issue_certificate_api.get_allow_commands, '/api/notifyWebHook': issue_certificate_api.notify_web_hook, + '/api/addDnsDomainRecord': issue_certificate_api.add_dns_domain_record, # 主机管理 '/api/addHost': host_api.add_host, diff --git a/domain_admin/service/issue_certificate_service.py b/domain_admin/service/issue_certificate_service.py index 5fc301ce55..5c3ce9dd36 100644 --- a/domain_admin/service/issue_certificate_service.py +++ b/domain_admin/service/issue_certificate_service.py @@ -71,6 +71,7 @@ def get_certificate_challenges(issue_certificate_id): data = { 'domain': domain, 'sub_domain': domain_util.get_subdomain(domain), + 'root_domain': domain_util.get_root_domain(domain), 'validation': validation, 'challenge': challenge } diff --git a/domain_admin/utils/open_api/aliyun_domain_api.py b/domain_admin/utils/open_api/aliyun_domain_api.py index 38d9b8de60..27a6d900ad 100644 --- a/domain_admin/utils/open_api/aliyun_domain_api.py +++ b/domain_admin/utils/open_api/aliyun_domain_api.py @@ -8,6 +8,8 @@ from aliyunsdkcore.auth.credentials import AccessKeyCredential from aliyunsdkcore.client import AcsClient +from domain_admin.log import logger + class RecordTypeEnum: """ @@ -37,6 +39,14 @@ def add_domain_record( :param record_value: 记录值 :return: """ + logger.info("%s", { + 'access_key_id': access_key_id, + 'access_key_secret': access_key_secret, + 'domain_name': domain_name, + 'record_key': record_key, + 'record_type': record_type, + 'record_value': record_value, + }) # Please ensure that the environment variables ALIBABA_CLOUD_ACCESS_KEY_ID and ALIBABA_CLOUD_ACCESS_KEY_SECRET are set. credentials = AccessKeyCredential(