From 9305442c4b60d9188d106e37b9ab140552434831 Mon Sep 17 00:00:00 2001
From: Nathan Woodburn <github@nathan.woodburn.au>
Date: Fri, 22 Dec 2023 15:07:24 +1100
Subject: [PATCH] feat: Add acme server for HNSDoH

---
 requirements.txt |  3 ++-
 server.py        | 34 ++++++++++++++++++++++++++++++++++
 2 files changed, 36 insertions(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index f640785..3cd9925 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,5 @@
 flask
 python-dotenv
 gunicorn
-requests
\ No newline at end of file
+requests
+cloudflare
\ No newline at end of file
diff --git a/server.py b/server.py
index 104d3e2..9a18a9c 100644
--- a/server.py
+++ b/server.py
@@ -2,6 +2,7 @@ from flask import Flask, make_response, redirect, request, jsonify, render_templ
 import os
 import dotenv
 import requests
+import CloudFlare
 
 app = Flask(__name__)
 dotenv.load_dotenv()
@@ -152,6 +153,39 @@ def getAddress():
     return address
 
 
+@app.route('/hnsdoh-acme', methods=['POST'])
+def hnsdoh_acme():
+    # Get the TXT record from the request
+    if not request.json:
+        return jsonify({'status': 'error', 'error': 'No JSON data provided'})
+    if 'txt' not in request.json or 'auth' not in request.json:
+        return jsonify({'status': 'error', 'error': 'Missing required data'})
+
+    txt = request.json['txt']
+    auth = request.json['auth']
+    if auth != os.getenv('CF_AUTH'):
+        return jsonify({'status': 'error', 'error': 'Invalid auth'})
+
+    cf = CloudFlare.CloudFlare(token=os.getenv('CF_TOKEN'))
+    zone = cf.zones.get(params={'name': 'hnsdoh.com'})
+    zone_id = zone[0]['id']
+    existing_records = cf.zones.dns_records.get(zone_id, params={'type': 'TXT', 'name': '_acme-challenge.hnsdoh.com'})
+    
+    # Delete existing TXT records
+    for record in existing_records:
+        print(record)
+        record_id = record['id']
+        cf.zones.dns_records.delete(zone_id, record_id)
+        
+
+
+
+    record = cf.zones.dns_records.post(zone_id, data={'type': 'TXT', 'name': '_acme-challenge', 'content': txt})
+    print(record)
+    return jsonify({'status': 'success'})
+
+
+
 # 404 catch all
 @app.errorhandler(404)
 def not_found(e):