diff --git a/README.MD b/README.MD index 55245e4..be4a638 100644 --- a/README.MD +++ b/README.MD @@ -29,7 +29,6 @@ optional arguments: --ca-cert-file CA_CERT_FILE A file containing root CA(s) for TLS verification -d, --debug increase output verbosity - --dry-run don't make changes, only print ``` ## Running @@ -38,30 +37,127 @@ optional arguments: export PDNS_API_KEY="somekey" export PDNS_SERVER_URL="https://pdns-api.example.org/" pdns-umanager --file tests/test.yaml -d -2019-01-18 11:15:02,432 main+82: DEBUG [8774] PDNS_SERVER_URL: https://pdns-api.example.org/ -2019-01-18 11:15:02,432 main+83: DEBUG [8774] PDNS_API_KEY: **** -2019-01-18 11:15:02,432 main+84: DEBUG [8774] CA_CERT_FILE: /etc/ssl/certs/ca-certificates.crt -2019-01-18 11:15:02,436 main+102: DEBUG [8774] Loaded zone content from file -2019-01-18 11:15:02,436 main+103: DEBUG [8774] {'example.org': {'wwww': {'records': ['web.frontend.example.org']}, 'monitoring': {'type': 'cNaMe', 'records': ['web.monitoring.example.org']}, 'hello': {'type': 'A', 'records': ['172.162.3.5', '172.162.3.6']}, 'web': {'type': 'A', 'records': ['']}}} -2019-01-18 11:15:02,436 config+58: DEBUG [8774] Setting up config for PDNSJanitor -2019-01-18 11:15:02,436 setup_api+230: DEBUG [8774] API Host set to 'https://pdns-api.example.org' -2019-01-18 11:15:02,436 setup_api+234: DEBUG [8774] Full URL API set to 'https://pdns-api.example.org/api/v1/servers/localhost/' -2019-01-18 11:15:02,436 zone_order+69: DEBUG [8774] Found the following declared zones: +2019-01-18 11:25:45,726 main+82: DEBUG [8981] PDNS_SERVER_URL: https://pdns-api.example.org/ +2019-01-18 11:25:45,726 main+83: DEBUG [8981] PDNS_API_KEY: **** +2019-01-18 11:25:45,726 main+84: DEBUG [8981] CA_CERT_FILE: /etc/ssl/certs/ca-certificates.crt +2019-01-18 11:25:45,730 main+102: DEBUG [8981] Loaded zone content from file +2019-01-18 11:25:45,730 main+103: DEBUG [8981] {'example.org': {'wwww': {'records': ['web.frontend.example.org']}, 'graphs': {'type': 'cNaMe', 'records': ['web.frontend.monitoring.example.org']}, 'hello': {'type': 'A', 'records': ['10.235.2.21', '10.235.2.22']}, 'web': {'type': 'A', 'records': ['']}}, 'it.example.org': {'wwww': {'records': ['web.frontend.it.example.org']}}} +2019-01-18 11:25:45,731 config+58: DEBUG [8981] Setting up config for PDNSJanitor +2019-01-18 11:25:45,731 setup_api+230: DEBUG [8981] API Host set to 'https://pdns-api.example.org' +2019-01-18 11:25:45,731 setup_api+234: DEBUG [8981] Full URL API set to 'https://pdns-api.example.org/api/v1/servers/localhost/' +2019-01-18 11:25:45,731 zone_order+69: DEBUG [8981] Found the following declared zones: example.org -2019-01-18 11:15:02,436 zone_order+75: DEBUG [8774] Sorted zones: +it.example.org +2019-01-18 11:25:45,731 zone_order+75: DEBUG [8981] Sorted zones: example.org -2019-01-18 11:15:02,436 run+81: INFO [8774] * ZONE: 'example.org' -2019-01-18 11:15:02,436 query_zone+193: DEBUG [8774] Check if the zone 'example.org.' exists and is readable -2019-01-18 11:15:02,450 _new_conn+813: DEBUG [8774] Starting new HTTPS connection (1): pdns-api.example.org:443 -2019-01-18 11:15:02,698 _make_request+393: DEBUG [8774] https://pdns-api.example.org:443 "GET /api/v1/servers/localhost/zones/example.org. HTTP/1.1" 403 None -2019-01-18 11:15:02,704 query_zone+205: ERROR [8774] Unable to read zone 'example.org.'. -2019-01-18 11:15:02,705 query_zone+207: INFO [8774] Not enough rights to list 'example.org.' -2019-01-18 11:15:02,705 query_zone+208: DEBUG [8774] Server returned status '403': 'Not authorized for zone "example.org."!' -2019-01-18 11:15:02,705 run+90: WARNING [8774] Skipping zone 'example.org'... +it.example.org +2019-01-18 11:25:45,731 run+81: INFO [8981] * ZONE: 'example.org' +2019-01-18 11:25:45,731 query_zone+193: DEBUG [8981] Check if the zone 'example.org.' exists and is readable +2019-01-18 11:25:45,743 _new_conn+813: DEBUG [8981] Starting new HTTPS connection (1): pdns-api.example.org:443 +2019-01-18 11:25:45,995 _make_request+393: DEBUG [8981] https://pdns-api.example.org:443 "GET /api/v1/servers/localhost/zones/example.org. HTTP/1.1" 200 1457 +2019-01-18 11:25:46,002 query_zone+202: DEBUG [8981] Content of zone 'example.org.: { + "account": "", + "api_rectify": false, + "dnssec": false, + "id": "example.org.", + "kind": "Master", + "last_check": 0, + "masters": [], + "name": "example.org.", + "notified_serial": 2019011848, + "nsec3narrow": false, + "nsec3param": "", + "rrsets": [ + { + "comments": [], + "name": "example.org.", + "records": [ + { + "content": "hostmaster.example.org. 0. 2019011848 10800 3600 604800 3600", + "disabled": false + } + ], + "ttl": 3600, + "type": "SOA" + }, + { + "comments": [], + "name": "example.org.", + "records": [ + { + "content": "ns1.example.org.", + "disabled": false + }, + { + "content": "ns2.example.org.", + "disabled": false + } + ], + "ttl": 3600, + "type": "NS" + } + ], + "serial": 2019011848, + "soa_edit": "", + "soa_edit_api": "DEFAULT", + "url": "/api/v1/servers/localhost/zones/example.org." +} +2019-01-18 11:25:46,002 run+85: INFO [8981] Zone 'example.org' exists and is readable +2019-01-18 11:25:46,002 run+93: INFO [8981] Applying updates for zone 'example.org' +2019-01-18 11:25:46,002 add_record+107: DEBUG [8981] RRSET_NAME: wwww +2019-01-18 11:25:46,002 add_record+115: WARNING [8981] Missing 'type' for record 'wwww' in zone 'example.org', using 'CNAME' +2019-01-18 11:25:46,002 add_record+120: WARNING [8981] Missing 'ttl' for record 'wwww' in zone 'example.org', using '150' +2019-01-18 11:25:46,003 add_record+126: DEBUG [8981] RRSET_TYPE: CNAME +2019-01-18 11:25:46,003 add_record+127: DEBUG [8981] RRSET_TTL: 150 +2019-01-18 11:25:46,003 add_record+128: DEBUG [8981] RRSET_RECORDS: ['web.frontend.example.org'] +2019-01-18 11:25:46,003 add_record+144: DEBUG [8981] RECORD_PAYLOAD: [{'content': 'web.frontend.example.org.', 'disabled': False, 'set-ptr': False}] +2019-01-18 11:25:46,003 add_record+158: DEBUG [8981] Patching zone 'example.org' with payload {'rrsets': [{'name': 'wwww.example.org.', 'type': 'cname', 'ttl': '150', 'records': [{'content': 'web.frontend.example.org.', 'disabled': False, 'set-ptr': False}], 'changetype': 'REPLACE'}]} +2019-01-18 11:25:46,006 _new_conn+813: DEBUG [8981] Starting new HTTPS connection (1): pdns-api.example.org:443 +2019-01-18 11:25:46,291 _make_request+393: DEBUG [8981] https://pdns-api.example.org:443 "PATCH /api/v1/servers/localhost/zones/example.org. HTTP/1.1" 204 0 +2019-01-18 11:25:46,298 add_record+174: INFO [8981] OK: Done updating zone 'example.org' with rrset 'wwww'. +2019-01-18 11:25:46,299 add_record+107: DEBUG [8981] RRSET_NAME: graphs +2019-01-18 11:25:46,299 add_record+120: WARNING [8981] Missing 'ttl' for record 'graphs' in zone 'example.org', using '150' +2019-01-18 11:25:46,299 add_record+126: DEBUG [8981] RRSET_TYPE: cNaMe +2019-01-18 11:25:46,299 add_record+127: DEBUG [8981] RRSET_TTL: 150 +2019-01-18 11:25:46,300 add_record+128: DEBUG [8981] RRSET_RECORDS: ['web.frontend.monitoring.example.org'] +2019-01-18 11:25:46,302 add_record+144: DEBUG [8981] RECORD_PAYLOAD: [{'content': 'web.frontend.monitoring.example.org.', 'disabled': False, 'set-ptr': False}] +2019-01-18 11:25:46,302 add_record+158: DEBUG [8981] Patching zone 'example.org' with payload {'rrsets': [{'name': 'graphs.example.org.', 'type': 'cname', 'ttl': '150', 'records': [{'content': 'web.frontend.monitoring.example.org.', 'disabled': False, 'set-ptr': False}], 'changetype': 'REPLACE'}]} +2019-01-18 11:25:46,306 _new_conn+813: DEBUG [8981] Starting new HTTPS connection (1): pdns-api.example.org:443 +2019-01-18 11:25:49,602 _make_request+393: DEBUG [8981] https://pdns-api.example.org:443 "PATCH /api/v1/servers/localhost/zones/example.org. HTTP/1.1" 204 0 +2019-01-18 11:25:49,605 add_record+174: INFO [8981] OK: Done updating zone 'example.org' with rrset 'graphs'. +2019-01-18 11:25:49,605 add_record+107: DEBUG [8981] RRSET_NAME: hello +2019-01-18 11:25:49,605 add_record+120: WARNING [8981] Missing 'ttl' for record 'hello' in zone 'example.org', using '150' +2019-01-18 11:25:49,605 add_record+126: DEBUG [8981] RRSET_TYPE: A +2019-01-18 11:25:49,605 add_record+127: DEBUG [8981] RRSET_TTL: 150 +2019-01-18 11:25:49,605 add_record+128: DEBUG [8981] RRSET_RECORDS: ['10.235.2.21', '10.235.2.22'] +2019-01-18 11:25:49,605 add_record+144: DEBUG [8981] RECORD_PAYLOAD: [{'content': '10.235.2.21', 'disabled': False, 'set-ptr': False}, {'content': '10.235.2.22', 'disabled': False, 'set-ptr': False}] +2019-01-18 11:25:49,605 add_record+158: DEBUG [8981] Patching zone 'example.org' with payload {'rrsets': [{'name': 'hello.example.org.', 'type': 'a', 'ttl': '150', 'records': [{'content': '10.235.2.21', 'disabled': False, 'set-ptr': False}, {'content': '10.235.2.22', 'disabled': False, 'set-ptr': False}], 'changetype': 'REPLACE'}]} +2019-01-18 11:25:49,607 _new_conn+813: DEBUG [8981] Starting new HTTPS connection (1): pdns-api.example.org:443 +2019-01-18 11:25:50,758 _make_request+393: DEBUG [8981] https://pdns-api.example.org:443 "PATCH /api/v1/servers/localhost/zones/example.org. HTTP/1.1" 204 0 +2019-01-18 11:25:50,764 add_record+174: INFO [8981] OK: Done updating zone 'example.org' with rrset 'hello'. +2019-01-18 11:25:50,764 add_record+107: DEBUG [8981] RRSET_NAME: web +2019-01-18 11:25:50,764 add_record+120: WARNING [8981] Missing 'ttl' for record 'web' in zone 'example.org', using '150' +2019-01-18 11:25:50,764 add_record+126: DEBUG [8981] RRSET_TYPE: A +2019-01-18 11:25:50,764 add_record+127: DEBUG [8981] RRSET_TTL: 150 +2019-01-18 11:25:50,765 add_record+128: DEBUG [8981] RRSET_RECORDS: [''] +2019-01-18 11:25:50,765 add_record+144: DEBUG [8981] RECORD_PAYLOAD: [] +2019-01-18 11:25:50,765 add_record+158: DEBUG [8981] Patching zone 'example.org' with payload {'rrsets': [{'name': 'web.example.org.', 'type': 'a', 'ttl': '150', 'records': [], 'changetype': 'REPLACE'}]} +2019-01-18 11:25:50,767 _new_conn+813: DEBUG [8981] Starting new HTTPS connection (1): pdns-api.example.org:443 +2019-01-18 11:25:51,069 _make_request+393: DEBUG [8981] https://pdns-api.example.org:443 "PATCH /api/v1/servers/localhost/zones/example.org. HTTP/1.1" 204 0 +2019-01-18 11:25:51,072 add_record+174: INFO [8981] OK: Done updating zone 'example.org' with rrset 'web'. +2019-01-18 11:25:51,072 run+81: INFO [8981] * ZONE: 'it.example.org' +2019-01-18 11:25:51,072 query_zone+193: DEBUG [8981] Check if the zone 'it.example.org.' exists and is readable +2019-01-18 11:25:51,074 _new_conn+813: DEBUG [8981] Starting new HTTPS connection (1): pdns-api.example.org:443 +2019-01-18 11:25:51,346 _make_request+393: DEBUG [8981] https://pdns-api.example.org:443 "GET /api/v1/servers/localhost/zones/it.example.org. HTTP/1.1" 403 None +2019-01-18 11:25:51,352 query_zone+205: ERROR [8981] Unable to read zone 'it.example.org.'. +2019-01-18 11:25:51,352 query_zone+207: INFO [8981] Not enough rights to list 'it.example.org.' +2019-01-18 11:25:51,352 query_zone+208: DEBUG [8981] Server returned status '403': 'Not authorized for zone "it.example.org."!' +2019-01-18 11:25:51,352 run+90: WARNING [8981] Skipping zone 'it.example.org'... ``` -## File format - yaml +## File Examples +Files must be in yaml format. Here is an example with inline comments on what to expect. ``` # the data structure should be read as: diff --git a/pdnsumanager/pdnsumanager.py b/pdnsumanager/pdnsumanager.py index 48d0585..0246515 100644 --- a/pdnsumanager/pdnsumanager.py +++ b/pdnsumanager/pdnsumanager.py @@ -55,8 +55,10 @@ def main(): parser.add_argument("-d", "--debug", help="increase output verbosity", action="store_true") - parser.add_argument("--dry-run", help="don't make changes, only print", - action="store_true") + + # TODO. + # parser.add_argument("--dry-run", help="don't make changes, only print", + # action="store_true") args = parser.parse_args() config = vars(args)