Used e_grep_o instead grep -Po, dns_pdns_rm() now deletes only entry with matching txt value

2025-10-31 10:27:22 +00:00 · 2018-03-24 18:46:04 +01:00 · 2018-03-24 18:46:04 +01:00 · a3f7ff90e3
commit a3f7ff90e3
parent 1f3f8a5073
1 changed files with 47 additions and 11 deletions
--- a/dnsapi/dns_pdns.sh
+++ b/dnsapi/dns_pdns.sh
@ -69,15 +69,21 @@ dns_pdns_add() {
 #fulldomain
 dns_pdns_rm() {
  fulldomain=$1
+  txtvalue=$2
+
+  if [ -z "$PDNS_Ttl" ]; then
+    PDNS_Ttl="$DEFAULT_PDNS_TTL"
+  fi

  _debug "Detect root zone"
  if ! _get_root "$fulldomain"; then
    _err "invalid domain"
    return 1
  fi
+
  _debug _domain "$_domain"

-  if ! rm_record "$_domain" "$fulldomain"; then
+  if ! rm_record "$_domain" "$fulldomain" "$txtvalue"; then
    return 1
  fi

@ -90,12 +96,10 @@ set_record() {
  full=$2
  new_challenge=$3

-  _pdns_rest "GET" "/api/v1/servers/$PDNS_ServerId/zones/$root"
  _record_string=""
  _build_record_string "$new_challenge"
-  _existing_challenges=$(echo "$response" | _normalizeJson | grep -Po "\"name\":\"$fulldomain\\K.*?}]" | grep -Po 'content\":\"\\"\K[^\\]*')
+  _list_existingchallenges
  for oldchallenge in $_existing_challenges; do
-    _record_string="${_record_string}, "
    _build_record_string "$oldchallenge"
  done

@ -104,6 +108,10 @@ set_record() {
    return 1
  fi

+  if ! notify_slaves "$root"; then
+    return 1
+  fi
+
  return 0
 }

@ -111,15 +119,38 @@ rm_record() {
  _info "Remove record"
  root=$1
  full=$2
+  txtvalue=$3

+  #Enumerate existing acme challenges
+  _list_existingchallenges
+
+  if _contains "$_existing_challenges" "$txtvalue"; then
+    #Delete all challenges (PowerDNS API does not allow to delete content)
    if ! _pdns_rest "PATCH" "/api/v1/servers/$PDNS_ServerId/zones/$root" "{\"rrsets\": [{\"changetype\": \"DELETE\", \"name\": \"$full.\", \"type\": \"TXT\"}]}"; then
      _err "Delete txt record error."
      return 1
    fi
-
+    _record_string=""
+    #If the only existing challenge was the challenge to delete: nothing to do
+    if ! [ "$_existing_challenges" = "$txtvalue" ]; then
+      for oldchallenge in $_existing_challenges; do
+        #Build up the challenges to re-add, ommitting the one what should be deleted
+        if ! [ "$oldchallenge" = "$txtvalue" ]; then
+          _build_record_string "$oldchallenge"
+        fi
+      done
+      #Recreate the existing challenges
+      if ! _pdns_rest "PATCH" "/api/v1/servers/$PDNS_ServerId/zones/$root" "{\"rrsets\": [{\"changetype\": \"REPLACE\", \"name\": \"$full.\", \"type\": \"TXT\", \"ttl\": $PDNS_Ttl, \"records\": [$_record_string]}]}"; then
+        _err "Set txt record error."
+        return 1
+      fi
+    fi
    if ! notify_slaves "$root"; then
      return 1
    fi
+  else
+    _info "Record not found, nothing to remove"
+  fi

  return 0
 }
@ -192,5 +223,10 @@ _pdns_rest() {
 }

 _build_record_string() {
-  _record_string="${_record_string}{\"content\": \"\\\"$1\\\"\", \"disabled\": false}"
+  _record_string="${_record_string:+${_record_string}, }{\"content\": \"\\\"${1}\\\"\", \"disabled\": false}"
+}
+
+_list_existingchallenges() {
+  _pdns_rest "GET" "/api/v1/servers/$PDNS_ServerId/zones/$root"
+  _existing_challenges=$(echo "$response" | _normalizeJson | _egrep_o "\"name\":\"${fulldomain}[^]]*}" | _egrep_o 'content\":\"\\"[^\\]*' | sed -n 's/^content":"\\"//p')
 }