Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: fix alias validation in LE DNS models

Browse source
This commit is contained in:
Théophile Diot 2024-11-21 08:41:07 +01:00
parent 82deac2ef9
commit 313edb4df3
No known key found for this signature in database
GPG key ID: FA995104A0BA376A
1 changed files with 146 additions and 268 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

414
src/common/core/letsencrypt/jobs/models.py
View file

@ -3,7 +3,7 @@ from pathlib import Path
from sys import path as sys_path
from typing import Dict, List, Literal, Optional
from pydantic import AliasChoices, BaseModel, ConfigDict, Field
from pydantic import BaseModel, ConfigDict, model_validator
# Define paths
LIB_PATH = Path("/var/lib/bunkerweb/letsencrypt")
@ -15,10 +15,24 @@ if python_path_str not in sys_path:
sys_path.append(python_path_str)
def alias_model_validator(field_map: dict):
"""Factory function for creating a `model_validator` for alias mapping."""
def validator(cls, values):
for field, aliases in field_map.items():
for alias in aliases:
if alias in values:
values[field] = values[alias]
break
return values
return model_validator(mode="before")(validator)
class Provider(BaseModel):
"""Base class for DNS providers."""
model_config = ConfigDict(extra="allow")
model_config = ConfigDict(extra="ignore")
def get_formatted_credentials(self) -> bytes:
"""Return the formatted credentials to be written to a file."""
@ -33,153 +47,94 @@ class Provider(BaseModel):
class CloudflareProvider(Provider):
"""Cloudflare DNS provider."""
dns_cloudflare_api_token: str = Field(
validation_alias=AliasChoices(
"dns_cloudflare_api_token",
"cloudflare_api_key",
"api_key",
)
dns_cloudflare_api_token: str
_validate_aliases = alias_model_validator(
{
"dns_cloudflare_api_token": ("dns_cloudflare_api_token", "cloudflare_api_key", "api_key"),
}
)
class DigitalOceanProvider(Provider):
"""DigitalOcean DNS provider."""
dns_digitalocean_token: str = Field(
validation_alias=AliasChoices(
"dns_digitalocean_token",
"digitalocean_token",
"token",
)
dns_digitalocean_token: str
_validate_aliases = alias_model_validator(
{
"dns_digitalocean_token": ("dns_digitalocean_token", "digitalocean_token", "token"),
}
)
class DnsimpleProvider(Provider):
"""DNSimple DNS provider."""
dns_dnsimple_token: str = Field(
validation_alias=AliasChoices(
"dns_dnsimple_token",
"dnsimple_token",
"token",
)
dns_dnsimple_token: str
_validate_aliases = alias_model_validator(
{
"dns_dnsimple_token": ("dns_dnsimple_token", "dnsimple_token", "token"),
}
)
class DnsMadeEasyProvider(Provider):
"""DNS Made Easy DNS provider."""
dns_dnsmadeeasy_api_key: str = Field(
validation_alias=AliasChoices(
"dns_dnsmadeeasy_api_key",
"dnsmadeeasy_api_key",
"api_key",
)
)
dns_dnsmadeeasy_secret_key: str = Field(
validation_alias=AliasChoices(
"dns_dnsmadeeasy_secret_key",
"dnsmadeeasy_secret_key",
"secret_key",
)
dns_dnsmadeeasy_api_key: str
dns_dnsmadeeasy_secret_key: str
_validate_aliases = alias_model_validator(
{
"dns_dnsmadeeasy_api_key": ("dns_dnsmadeeasy_api_key", "dnsmadeeasy_api_key", "api_key"),
"dns_dnsmadeeasy_secret_key": ("dns_dnsmadeeasy_secret_key", "dnsmadeeasy_secret_key", "secret_key"),
}
)
class GehirnProvider(Provider):
"""Gehirn DNS provider."""
dns_gehirn_api_token: str = Field(
validation_alias=AliasChoices(
"dns_gehirn_api_token",
"gehirn_api_token",
"api_token",
)
)
dns_gehirn_api_secret: str = Field(
validation_alias=AliasChoices(
"dns_gehirn_api_secret",
"gehirn_api_secret",
"api_secret",
)
dns_gehirn_api_token: str
dns_gehirn_api_secret: str
_validate_aliases = alias_model_validator(
{
"dns_gehirn_api_token": ("dns_gehirn_api_token", "gehirn_api_token", "api_token"),
"dns_gehirn_api_secret": ("dns_gehirn_api_secret", "gehirn_api_secret", "api_secret"),
}
)
class GoogleProvider(Provider):
"""Google Cloud DNS provider."""
type: str = Field(
"service_account",
validation_alias=AliasChoices(
"type",
"google_type",
"dns_google_type",
),
)
project_id: str = Field(
validation_alias=AliasChoices(
"project_id",
"google_project_id",
"dns_google_project_id",
)
)
private_key_id: str = Field(
validation_alias=AliasChoices(
"private_key_id",
"google_private_key_id",
"dns_google_private_key_id",
)
)
private_key: str = Field(
validation_alias=AliasChoices(
"private_key",
"google_private_key",
"dns_google_private_key",
)
)
client_email: str = Field(
validation_alias=AliasChoices(
"client_email",
"google_client_email",
"dns_google_client_email",
)
)
client_id: str = Field(
validation_alias=AliasChoices(
"client_id",
"google_client_id",
"dns_google_client_id",
)
)
auth_uri: str = Field(
"https://accounts.google.com/o/oauth2/auth",
validation_alias=AliasChoices(
"auth_uri",
"google_auth_uri",
"dns_google_auth_uri",
),
)
token_uri: str = Field(
"https://accounts.google.com/o/oauth2/token",
validation_alias=AliasChoices(
"token_uri",
"google_token_uri",
"dns_google_token_uri",
),
)
auth_provider_x509_cert_url: str = Field(
"https://www.googleapis.com/oauth2/v1/certs",
validation_alias=AliasChoices(
"auth_provider_x509_cert_url",
"google_auth_provider_x509_cert_url",
"dns_google_auth_provider_x509_cert_url",
),
)
client_x509_cert_url: str = Field(
validation_alias=AliasChoices(
"client_x509_cert_url",
"google_client_x509_cert_url",
"dns_google_client_x509_cert_url",
),
type: str = "service_account"
project_id: str
private_key_id: str
private_key: str
client_email: str
client_id: str
auth_uri: str = "https://accounts.google.com/o/oauth2/auth"
token_uri: str = "https://accounts.google.com/o/oauth2/token"
auth_provider_x509_cert_url: str = "https://www.googleapis.com/oauth2/v1/certs"
client_x509_cert_url: str
_validate_aliases = alias_model_validator(
{
"type": ("type", "google_type", "dns_google_type"),
"project_id": ("project_id", "google_project_id", "dns_google_project_id"),
"private_key_id": ("private_key_id", "google_private_key_id", "dns_google_private_key_id"),
"private_key": ("private_key", "google_private_key", "dns_google_private_key"),
"client_email": ("client_email", "google_client_email", "dns_google_client_email"),
"client_id": ("client_id", "google_client_id", "dns_google_client_id"),
"auth_uri": ("auth_uri", "google_auth_uri", "dns_google_auth_uri"),
"token_uri": ("token_uri", "google_token_uri", "dns_google_token_uri"),
"auth_provider_x509_cert_url": ("auth_provider_x509_cert_url", "google_auth_provider_x509_cert_url", "dns_google_auth_provider_x509_cert_url"),
"client_x509_cert_url": ("client_x509_cert_url", "google_client_x509_cert_url", "dns_google_client_x509_cert_url"),
}
)
def get_formatted_credentials(self) -> bytes:
@ -195,135 +150,80 @@ class GoogleProvider(Provider):
class LinodeProvider(Provider):
"""Linode DNS provider."""
dns_linode_key: str = Field(
validation_alias=AliasChoices(
"dns_linode_key",
"linode_key",
"key",
)
)
dns_linode_version: str = Field(
"4",
validation_alias=AliasChoices(
"dns_linode_version",
"linode_version",
"version",
),
dns_linode_key: str
dns_linode_version: str = "4"
_validate_aliases = alias_model_validator(
{
"dns_linode_key": ("dns_linode_key", "linode_key", "key"),
"dns_linode_version": ("dns_linode_version", "linode_version", "version"),
}
)
class LuaDnsProvider(Provider):
"""LuaDns DNS provider."""
dns_luadns_email: str = Field(
validation_alias=AliasChoices(
"dns_luadns_email",
"luadns_email",
"email",
)
)
dns_luadns_token: str = Field(
validation_alias=AliasChoices(
"dns_luadns_token",
"luadns_token",
"token",
)
dns_luadns_email: str
dns_luadns_token: str
_validate_aliases = alias_model_validator(
{
"dns_luadns_email": ("dns_luadns_email", "luadns_email", "email"),
"dns_luadns_token": ("dns_luadns_token", "luadns_token", "token"),
}
)
class NSOneProvider(Provider):
"""NS1 DNS provider."""
dns_nsone_api_key: str = Field(
validation_alias=AliasChoices(
"dns_nsone_api_key",
"nsone_api_key",
"api_key",
)
dns_nsone_api_key: str
_validate_aliases = alias_model_validator(
{
"dns_nsone_api_key": ("dns_nsone_api_key", "nsone_api_key", "api_key"),
}
)
class OvhProvider(Provider):
"""OVH DNS provider."""
dns_ovh_endpoint: str = Field(
"ovh-eu",
validation_alias=AliasChoices(
"dns_ovh_endpoint",
"ovh_endpoint",
"endpoint",
),
)
dns_ovh_application_key: str = Field(
validation_alias=AliasChoices(
"dns_ovh_application_key",
"ovh_application_key",
"application_key",
)
)
dns_ovh_application_secret: str = Field(
validation_alias=AliasChoices(
"dns_ovh_application_secret",
"ovh_application_secret",
"application_secret",
)
)
dns_ovh_consumer_key: str = Field(
validation_alias=AliasChoices(
"dns_ovh_consumer_key",
"ovh_consumer_key",
"consumer_key",
)
dns_ovh_endpoint: str = "ovh-eu"
dns_ovh_application_key: str
dns_ovh_application_secret: str
dns_ovh_consumer_key: str
_validate_aliases = alias_model_validator(
{
"dns_ovh_endpoint": ("dns_ovh_endpoint", "ovh_endpoint", "endpoint"),
"dns_ovh_application_key": ("dns_ovh_application_key", "ovh_application_key", "application_key"),
"dns_ovh_application_secret": ("dns_ovh_application_secret", "ovh_application_secret", "application_secret"),
"dns_ovh_consumer_key": ("dns_ovh_consumer_key", "ovh_consumer_key", "consumer_key"),
}
)
class Rfc2136Provider(Provider):
"""RFC 2136 DNS provider."""
dns_rfc2136_server: str = Field(
validation_alias=AliasChoices(
"dns_rfc2136_server",
"rfc2136_server",
"server",
)
)
dns_rfc2136_port: Optional[str] = Field(
None,
validation_alias=AliasChoices(
"dns_rfc2136_port",
"rfc2136_port",
"port",
),
)
dns_rfc2136_name: str = Field(
validation_alias=AliasChoices(
"dns_rfc2136_name",
"rfc2136_name",
"name",
)
)
dns_rfc2136_secret: str = Field(
validation_alias=AliasChoices(
"dns_rfc2136_secret",
"rfc2136_secret",
"secret",
)
)
dns_rfc2136_algorithm: str = Field(
"HMAC-MD5",
validation_alias=AliasChoices(
"dns_rfc2136_algorithm",
"rfc2136_algorithm",
"algorithm",
),
)
dns_rfc2136_sign_query: str = Field(
"false",
validation_alias=AliasChoices(
"dns_rfc2136_sign_query",
"rfc2136_sign_query",
"sign_query",
),
dns_rfc2136_server: str
dns_rfc2136_port: Optional[str] = None
dns_rfc2136_name: str
dns_rfc2136_secret: str
dns_rfc2136_algorithm: str = "HMAC-MD5"
dns_rfc2136_sign_query: str = "false"
_validate_aliases = alias_model_validator(
{
"dns_rfc2136_server": ("dns_rfc2136_server", "rfc2136_server", "server"),
"dns_rfc2136_port": ("dns_rfc2136_port", "rfc2136_port", "port"),
"dns_rfc2136_name": ("dns_rfc2136_name", "rfc2136_name", "name"),
"dns_rfc2136_secret": ("dns_rfc2136_secret", "rfc2136_secret", "secret"),
"dns_rfc2136_algorithm": ("dns_rfc2136_algorithm", "rfc2136_algorithm", "algorithm"),
"dns_rfc2136_sign_query": ("dns_rfc2136_sign_query", "rfc2136_sign_query", "sign_query"),
}
)
def get_formatted_credentials(self) -> bytes:
@ -334,19 +234,14 @@ class Rfc2136Provider(Provider):
class Route53Provider(Provider):
"""AWS Route 53 DNS provider."""
aws_access_key_id: str = Field(
validation_alias=AliasChoices(
"aws_access_key_id",
"dns_aws_access_key_id",
"access_key_id",
)
)
aws_secret_access_key: str = Field(
validation_alias=AliasChoices(
"aws_secret_access_key",
"dns_aws_secret_access_key",
"secret_access_key",
)
aws_access_key_id: str
aws_secret_access_key: str
_validate_aliases = alias_model_validator(
{
"aws_access_key_id": ("aws_access_key_id", "dns_aws_access_key_id", "access_key_id"),
"aws_secret_access_key": ("aws_secret_access_key", "dns_aws_secret_access_key", "secret_access_key"),
}
)
def get_formatted_credentials(self) -> bytes:
@ -362,31 +257,26 @@ class Route53Provider(Provider):
class SakuraCloudProvider(Provider):
"""Sakura Cloud DNS provider."""
dns_sakuracloud_api_token: str = Field(
validation_alias=AliasChoices(
"dns_sakuracloud_api_token",
"sakuracloud_api_token",
"api_token",
)
)
dns_sakuracloud_api_secret: str = Field(
validation_alias=AliasChoices(
"dns_sakuracloud_api_secret",
"sakuracloud_api_secret",
"api_secret",
)
dns_sakuracloud_api_token: str
dns_sakuracloud_api_secret: str
_validate_aliases = alias_model_validator(
{
"dns_sakuracloud_api_token": ("dns_sakuracloud_api_token", "sakuracloud_api_token", "api_token"),
"dns_sakuracloud_api_secret": ("dns_sakuracloud_api_secret", "sakuracloud_api_secret", "api_secret"),
}
)
class ScalewayProvider(Provider):
"""Scaleway DNS provider."""
dns_scaleway_application_token: str = Field(
validation_alias=AliasChoices(
"dns_scaleway_application_token",
"scaleway_application_token",
"application_token",
)
dns_scaleway_application_token: str
_validate_aliases = alias_model_validator(
{
"dns_scaleway_application_token": ("dns_scaleway_application_token", "scaleway_application_token", "application_token"),
}
)
@ -452,15 +342,3 @@ class WildcardGenerator:
# ? Add the raw domain to the wildcards
wildcards.add(domain)
return sorted(wildcards, key=lambda x: x[0] != "*")
__all__ = (
"CloudflareProvider",
"DigitalOceanProvider",
"GoogleProvider",
"LinodeProvider",
"OvhProvider",
"Rfc2136Provider",
"Route53Provider",
"ScalewayProvider",
)