certbot.plugins.dns_common

Common code for DNS Authenticator Plugins.

class certbot.plugins.dns_common.DNSAuthenticator(config, name)[source]

Bases: certbot.plugins.common.Plugin

Base class for DNS Authenticators

_setup_credentials()[source]

Establish credentials, prompting if necessary.

_perform(domain, validation_domain_name, validation)[source]

Performs a dns-01 challenge by creating a DNS TXT record.

Parameters:
  • domain (str) – The domain being validated.
  • validation_domain_name (str) – The validation record domain name.
  • validation (str) – The validation record content.
Raises:

errors.PluginError – If the challenge cannot be performed

_cleanup(domain, validation_domain_name, validation)[source]

Deletes the DNS TXT record which would have been created by _perform_achall.

Fails gracefully if no such record exists.

Parameters:
  • domain (str) – The domain being validated.
  • validation_domain_name (str) – The validation record domain name.
  • validation (str) – The validation record content.
_configure(key, label)[source]

Ensure that a configuration value is available.

If necessary, prompts the user and stores the result.

Parameters:
  • key (str) – The configuration key.
  • label (str) – The user-friendly label for this piece of information.
_configure_file(key, label, validator=None)[source]

Ensure that a configuration value is available for a path.

If necessary, prompts the user and stores the result.

Parameters:
  • key (str) – The configuration key.
  • label (str) – The user-friendly label for this piece of information.
_configure_credentials(key, label, required_variables=None, validator=None)[source]

As _configure_file, but for a credential configuration file.

If necessary, prompts the user and stores the result.

Always stores absolute paths to avoid issues during renewal.

Parameters:
  • key (str) – The configuration key.
  • label (str) – The user-friendly label for this piece of information.
  • required_variables (dict) – Map of variable which must be present to error to display.
  • validator (callable) – A method which will be called to validate the CredentialsConfiguration resulting from the supplied input after it has been validated to contain the required_variables. Should throw a PluginError to indicate any issue.
static _prompt_for_data(label)[source]

Prompt the user for a piece of information.

Parameters:label (str) – The user-friendly label for this piece of information.
Returns:The user’s response (guaranteed non-empty).
Return type:str
static _prompt_for_file(label, validator=None)[source]

Prompt the user for a path.

Parameters:
  • label (str) – The user-friendly label for the file.
  • validator (callable) – A method which will be called to validate the supplied input after it has been validated to be a non-empty path to an existing file. Should throw a PluginError to indicate any issue.
Returns:

The user’s response (guaranteed to exist).

Return type:

str

class certbot.plugins.dns_common.CredentialsConfiguration(filename, mapper=<function <lambda>>)[source]

Bases: object

Represents a user-supplied filed which stores API credentials.

require(required_variables)[source]

Ensures that the supplied set of variables are all present in the file.

Parameters:required_variables (dict) – Map of variable which must be present to error to display.
Raises:errors.PluginError – If one or more are missing.
conf(var)[source]

Find a configuration value for variable var, as transformed by mapper.

Parameters:var (str) – The variable to get.
Returns:The value of the variable.
Return type:str
certbot.plugins.dns_common.validate_file(filename)[source]

Ensure that the specified file exists.

certbot.plugins.dns_common.validate_file_permissions(filename)[source]

Ensure that the specified file exists and warn about unsafe permissions.

certbot.plugins.dns_common.base_domain_name_guesses(domain)[source]

Return a list of progressively less-specific domain names.

One of these will probably be the domain name known to the DNS provider.

Example:
>>> base_domain_name_guesses('foo.bar.baz.example.com')
['foo.bar.baz.example.com', 'bar.baz.example.com', 'baz.example.com', 'example.com', 'com']
Parameters:domain (str) – The domain for which to return guesses.
Returns:The a list of less specific domain names.
Return type:list