v2: ID verification by state, 15 photos/5 albums, 20 quick replies, logo, mobile polish
This commit is contained in:
149
deploy/godaddy-delegate-now.py
Normal file
149
deploy/godaddy-delegate-now.py
Normal file
@@ -0,0 +1,149 @@
|
||||
#!/usr/bin/env python3
|
||||
"""Point GoDaddy NS at Cloudflare (account default NS) + set CF DNS when zone exists."""
|
||||
import json
|
||||
import re
|
||||
import time
|
||||
import urllib.error
|
||||
import urllib.request
|
||||
import paramiko
|
||||
|
||||
PASS = "Bbt9115xty9176!"
|
||||
DOMAIN = "exposedgays.com"
|
||||
ACCOUNT = "2599c23bbb1255dbb73e8d34b4115fda"
|
||||
TUNNEL_CNAME = "03079a26-f14c-4622-b463-ba54a24f7472.cfargotunnel.com"
|
||||
# Same NS pair used by justtworoommates.com, thepinkpulse.com, freerangefruit.com on this CF account
|
||||
CF_NS = ["annabel.ns.cloudflare.com", "mitchell.ns.cloudflare.com"]
|
||||
CF = "https://api.cloudflare.com/client/v4"
|
||||
GD = "https://api.godaddy.com/v1"
|
||||
GODADDY_KEY = "2wYVpc3VT4_Gi9AsNqzJ6BtSfNz6nLDuo"
|
||||
GODADDY_SECRET = "NvC3qexGAU7Rd5QExUTH6z"
|
||||
|
||||
|
||||
def load_cf_token():
|
||||
c = paramiko.SSHClient()
|
||||
c.set_missing_host_key_policy(paramiko.AutoAddPolicy())
|
||||
c.connect("10.10.0.1", username="admin", password=PASS, timeout=15)
|
||||
_, o, e = c.exec_command("cat /usr/local/etc/wan-dns-failover.env", timeout=30)
|
||||
o.channel.recv_exit_status()
|
||||
text = (o.read() + e.read()).decode()
|
||||
c.close()
|
||||
return re.search(r"CLOUDFLARE_API_TOKEN=([^\s\"']+)", text).group(1)
|
||||
|
||||
|
||||
def cf(tok, path, method="GET", body=None):
|
||||
req = urllib.request.Request(
|
||||
CF + path,
|
||||
data=json.dumps(body).encode() if body is not None else None,
|
||||
method=method,
|
||||
headers={"Authorization": f"Bearer {tok}", "Content-Type": "application/json"},
|
||||
)
|
||||
try:
|
||||
with urllib.request.urlopen(req, timeout=45) as r:
|
||||
return json.load(r)
|
||||
except urllib.error.HTTPError as e:
|
||||
return json.loads(e.read().decode())
|
||||
|
||||
|
||||
def gd(path, method="GET", body=None):
|
||||
req = urllib.request.Request(
|
||||
GD + path,
|
||||
data=json.dumps(body).encode() if body is not None else None,
|
||||
method=method,
|
||||
headers={
|
||||
"Authorization": f"sso-key {GODADDY_KEY}:{GODADDY_SECRET}",
|
||||
"Content-Type": "application/json",
|
||||
"Accept": "application/json",
|
||||
},
|
||||
)
|
||||
try:
|
||||
with urllib.request.urlopen(req, timeout=45) as r:
|
||||
raw = r.read().decode()
|
||||
return r.status, json.loads(raw) if raw else {}
|
||||
except urllib.error.HTTPError as e:
|
||||
raw = e.read().decode()
|
||||
try:
|
||||
return e.code, json.loads(raw)
|
||||
except Exception:
|
||||
return e.code, {"raw": raw[:800]}
|
||||
|
||||
|
||||
def find_zone(tok):
|
||||
res = cf(tok, f"/zones?name={DOMAIN}")
|
||||
return res["result"][0] if res.get("result") else None
|
||||
|
||||
|
||||
def upsert_tunnel_cnames(tok, zid):
|
||||
records = cf(tok, f"/zones/{zid}/dns_records?per_page=100").get("result", [])
|
||||
for name in [DOMAIN, f"www.{DOMAIN}"]:
|
||||
body = {"type": "CNAME", "name": name, "content": TUNNEL_CNAME, "ttl": 1, "proxied": True}
|
||||
existing = next(
|
||||
(r for r in records if r["name"] == name and r["type"] in ("A", "CNAME", "AAAA")),
|
||||
None,
|
||||
)
|
||||
if existing:
|
||||
res = cf(tok, f"/zones/{zid}/dns_records/{existing['id']}", "PATCH", body)
|
||||
action = "PATCH"
|
||||
else:
|
||||
res = cf(tok, f"/zones/{zid}/dns_records", "POST", body)
|
||||
action = "POST"
|
||||
print(f" CF {action} {name}: success={res.get('success')} errors={res.get('errors')}")
|
||||
|
||||
|
||||
def verify():
|
||||
c = paramiko.SSHClient()
|
||||
c.set_missing_host_key_policy(paramiko.AutoAddPolicy())
|
||||
c.connect("10.10.0.10", username="localadministrator", password=PASS, timeout=30)
|
||||
for cmd in [
|
||||
f"dig @1.1.1.1 {DOMAIN} NS +short",
|
||||
f"dig @1.1.1.1 www.{DOMAIN} A +short",
|
||||
f"curl -sSI https://www.{DOMAIN}/ | head -8",
|
||||
f"curl -sSL https://www.{DOMAIN}/ | head -c 200",
|
||||
]:
|
||||
print(f"\n$ {cmd}")
|
||||
_, o, e = c.exec_command(cmd, timeout=30)
|
||||
o.channel.recv_exit_status()
|
||||
print((o.read() + e.read()).decode(errors="replace"))
|
||||
c.close()
|
||||
|
||||
|
||||
def main():
|
||||
print("=== GoDaddy before ===")
|
||||
code, before = gd(f"/domains/{DOMAIN}")
|
||||
print(f"HTTP {code} NS={before.get('nameServers') if code == 200 else before}")
|
||||
|
||||
print(f"\n=== GoDaddy PATCH NS -> {CF_NS} ===")
|
||||
code, res = gd(f"/domains/{DOMAIN}", "PATCH", {"nameServers": CF_NS})
|
||||
print(f"HTTP {code}: {json.dumps(res, indent=2) if res else '{}'}")
|
||||
|
||||
code, after = gd(f"/domains/{DOMAIN}")
|
||||
if code == 200:
|
||||
print(f"GoDaddy after NS={after.get('nameServers')}")
|
||||
|
||||
tok = load_cf_token()
|
||||
zone = find_zone(tok)
|
||||
if not zone:
|
||||
created = cf(
|
||||
tok,
|
||||
"/zones",
|
||||
"POST",
|
||||
{"name": DOMAIN, "account": {"id": ACCOUNT}, "type": "full", "jump_start": False},
|
||||
)
|
||||
if created.get("success"):
|
||||
zone = created["result"]
|
||||
print("\nCreated CF zone via API")
|
||||
else:
|
||||
print("\nCF zone not in account yet (API create still denied).")
|
||||
print("Add exposedgays.com at https://dash.cloudflare.com — NS already points at CF.")
|
||||
print("Then re-run: python exposedgays/deploy/delegate-godaddy-to-cf.py")
|
||||
else:
|
||||
print(f"\nCF zone found: {zone['id']} status={zone['status']}")
|
||||
print("Setting tunnel CNAME records...")
|
||||
upsert_tunnel_cnames(tok, zone["id"])
|
||||
|
||||
print("\nWaiting 20s...")
|
||||
time.sleep(20)
|
||||
verify()
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
main()
|
||||
Reference in New Issue
Block a user