diff --git a/locales/en.json b/locales/en.json index 2b2f10179..d7179cd7e 100644 --- a/locales/en.json +++ b/locales/en.json @@ -356,6 +356,8 @@ "dyndns_key_generating": "Generating DNS key... It may take a while.", "dyndns_key_not_found": "DNS key not found for the domain", "dyndns_no_domain_registered": "No domain registered with DynDNS", + "dyndns_no_recovery_password": "No recovery password specified! In case you loose control of this domain, you will need to contact an administrator in the YunoHost team!", + "dyndns_added_password": "Remember your recovery password, you can use it to delete this domain record.", "dyndns_provider_unreachable": "Unable to reach DynDNS provider {provider}: either your YunoHost is not correctly connected to the internet or the dynette server is down.", "dyndns_registered": "DynDNS domain registered", "dyndns_registration_failed": "Could not register DynDNS domain: {error}", @@ -685,4 +687,4 @@ "yunohost_installing": "Installing YunoHost...", "yunohost_not_installed": "YunoHost is not correctly installed. Please run 'yunohost tools postinstall'", "yunohost_postinstall_end_tip": "The post-install completed! To finalize your setup, please consider:\n - adding a first user through the 'Users' section of the webadmin (or 'yunohost user create ' in command-line);\n - diagnose potential issues through the 'Diagnosis' section of the webadmin (or 'yunohost diagnosis run' in command-line);\n - reading the 'Finalizing your setup' and 'Getting to know YunoHost' parts in the admin documentation: https://yunohost.org/admindoc." -} \ No newline at end of file +} diff --git a/share/actionsmap.yml b/share/actionsmap.yml index 89c6e914d..bf2f53371 100644 --- a/share/actionsmap.yml +++ b/share/actionsmap.yml @@ -1406,6 +1406,12 @@ dyndns: -k: full: --key help: Public DNS key + -p: + full: --password + help: Password used to later delete the domain + extra: + pattern: *pattern_password + comment: dyndns_added_password ### dyndns_update() update: diff --git a/src/dyndns.py b/src/dyndns.py index 34f3dd5dc..39e8a7213 100644 --- a/src/dyndns.py +++ b/src/dyndns.py @@ -29,6 +29,7 @@ import json import glob import base64 import subprocess +import hashlib from moulinette import m18n from moulinette.core import MoulinetteError @@ -75,15 +76,19 @@ def _dyndns_available(domain): @is_unit_operation() -def dyndns_subscribe(operation_logger, domain=None, key=None): +def dyndns_subscribe(operation_logger, domain=None, key=None, password=None): """ Subscribe to a DynDNS service Keyword argument: domain -- Full domain to subscribe with key -- Public DNS key + password -- Password that will be used to delete the domain """ + if password is None: + logger.warning(m18n.n('dyndns_no_recovery_password')) + if _guess_current_dyndns_domain() != (None, None): raise YunohostValidationError("domain_dyndns_already_subscribed") @@ -138,9 +143,12 @@ def dyndns_subscribe(operation_logger, domain=None, key=None): try: # Yeah the secret is already a base64-encoded but we double-bas64-encode it, whatever... b64encoded_key = base64.b64encode(secret.encode()).decode() + data = {"subdomain": domain} + if password: + data["recovery_password"]=hashlib.sha256((domain+":"+password.strip()).encode('utf-8')).hexdigest() r = requests.post( f"https://{DYNDNS_PROVIDER}/key/{b64encoded_key}?key_algo=hmac-sha512", - data={"subdomain": domain}, + data=data, timeout=30, ) except Exception as e: