technitium-dns-mcp 0.27.0__tar.gz

technitium_dns_mcp-0.27.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Knuckles Team
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

technitium_dns_mcp-0.27.0/PKG-INFO

@@ -0,0 +1,122 @@
+Metadata-Version: 2.4
+Name: technitium-dns-mcp
+Version: 0.27.0
+Summary: Technitium DNS Server MCP Server and Agent for Agentic AI!
+Author-email: Audel Rouhi <knucklessg1@gmail.com>
+License: MIT
+Classifier: Development Status :: 4 - Beta
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Environment :: Console
+Classifier: Operating System :: POSIX :: Linux
+Classifier: Programming Language :: Python :: 3
+Requires-Python: <3.14,>=3.11
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: agent-utilities>=0.41.0
+Provides-Extra: mcp
+Requires-Dist: agent-utilities[mcp]>=0.41.0; extra == "mcp"
+Provides-Extra: agent
+Requires-Dist: agent-utilities[agent,logfire]>=0.41.0; extra == "agent"
+Provides-Extra: all
+Requires-Dist: agent-utilities[agent,logfire,mcp]>=0.41.0; extra == "all"
+Provides-Extra: test
+Requires-Dist: pytest-xdist>=3.6.0; extra == "test"
+Requires-Dist: pytest; extra == "test"
+Requires-Dist: pytest-asyncio; extra == "test"
+Requires-Dist: pytest-cov; extra == "test"
+Dynamic: license-file
+
+# Technitium DNS MCP Server & Agent
+
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)
+[![Python Version](https://img.shields.io/badge/python-3.11%20%7C%203.12-blue)](pyproject.toml)
+
+An ultra-premium, production-grade Model Context Protocol (MCP) server and graph-based Pydantic AI agent integration for **Technitium DNS Server**. Exposes comprehensive, 100% covered REST API endpoints for user SSO, analytics metrics, authoritative zones, DNSSEC, and dynamic DNS record operations.
+
+---
+
+## 🚀 Key Features
+
+- **100% API Coverage**: Complete mapping of Technitium User/SSO, Dashboard Analytics, Zone Management, DNSSEC, and Record Actions.
+- **FastMCP Protocol Integration**: Dynamically registers stdio and streamable-http endpoints for large-scale AI tool discovery.
+- **Autonomous Agent Layer**: Bundled with a Pydantic AI Agent that operates natively using advanced instruction graphs and local toolchains.
+- **Strict Compliance**: Designed in accordance with standard codebase-wide architectural patterns (`agent-packages`).
+
+---
+
+## 🛠️ Installation & Setup
+
+Install package in editable mode with all optional dependencies:
+
+```bash
+pip install -e .[all]
+```
+
+### Environment Variables
+
+Configure `.env` using `.env.example` as a template:
+
+```bash
+# Server Endpoint & TLS
+TECHNITIUM_DNS_URL=http://localhost:5380
+TECHNITIUM_DNS_SSL_VERIFY=True
+
+# Credentials / API Tokens
+TECHNITIUM_DNS_TOKEN=your-secure-token
+```
+
+---
+
+## ⚙️ Dynamic Tool Selection & Visibility
+
+This MCP server supports dynamic toolset selection and visibility filtering at runtime. This allows you to restrict the set of exposed tools in order to prevent blowing up the LLM's context window.
+
+You can configure tool filtering via multiple input channels:
+
+- **CLI Arguments:** Pass `--tools` or `--toolsets` (or their disabled counterparts `--disabled-tools` and `--disabled-toolsets`) during startup.
+- **Environment Variables:** Define standard environment variables:
+  - `MCP_ENABLED_TOOLS` / `MCP_DISABLED_TOOLS`
+  - `MCP_ENABLED_TAGS` / `MCP_DISABLED_TAGS`
+- **HTTP SSE Request Headers:** Pass custom headers during transport initialization:
+  - `x-mcp-enabled-tools` / `x-mcp-disabled-tools`
+  - `x-mcp-enabled-tags` / `x-mcp-disabled-tags`
+- **HTTP SSE Request Query Parameters:** Append query parameters directly to your transport connection URL:
+  - `?tools=tool1,tool2`
+  - `?tags=tag1`
+
+When query strings or parameters are supplied, an LLM-free **Knowledge Graph resolution layer** (using `DynamicToolOrchestrator`) matches query intents against known tool tags, names, or descriptions, with safe fallback and automated 24-hour background cache refreshing.
+
+
+---
+
+## 🖥️ Running the Servers
+
+### Run MCP Server (stdio by default)
+
+```bash
+technitium-dns-mcp
+```
+
+Or start a streamable HTTP server:
+
+```bash
+TRANSPORT=streamable-http HOST=0.0.0.0 PORT=8000 technitium-dns-mcp
+```
+
+### Run Pydantic AI Agent
+
+```bash
+technitium-dns-agent --mcp-url http://localhost:8000
+```
+
+---
+
+## 🧪 Running Tests
+
+Ensure high reliability across all components with standard test suites:
+
+```bash
+pytest -v tests/
+```
+
+Version: 0.27.0

technitium_dns_mcp-0.27.0/README.md

@@ -0,0 +1,94 @@
+# Technitium DNS MCP Server & Agent
+
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](LICENSE)
+[![Python Version](https://img.shields.io/badge/python-3.11%20%7C%203.12-blue)](pyproject.toml)
+
+An ultra-premium, production-grade Model Context Protocol (MCP) server and graph-based Pydantic AI agent integration for **Technitium DNS Server**. Exposes comprehensive, 100% covered REST API endpoints for user SSO, analytics metrics, authoritative zones, DNSSEC, and dynamic DNS record operations.
+
+---
+
+## 🚀 Key Features
+
+- **100% API Coverage**: Complete mapping of Technitium User/SSO, Dashboard Analytics, Zone Management, DNSSEC, and Record Actions.
+- **FastMCP Protocol Integration**: Dynamically registers stdio and streamable-http endpoints for large-scale AI tool discovery.
+- **Autonomous Agent Layer**: Bundled with a Pydantic AI Agent that operates natively using advanced instruction graphs and local toolchains.
+- **Strict Compliance**: Designed in accordance with standard codebase-wide architectural patterns (`agent-packages`).
+
+---
+
+## 🛠️ Installation & Setup
+
+Install package in editable mode with all optional dependencies:
+
+```bash
+pip install -e .[all]
+```
+
+### Environment Variables
+
+Configure `.env` using `.env.example` as a template:
+
+```bash
+# Server Endpoint & TLS
+TECHNITIUM_DNS_URL=http://localhost:5380
+TECHNITIUM_DNS_SSL_VERIFY=True
+
+# Credentials / API Tokens
+TECHNITIUM_DNS_TOKEN=your-secure-token
+```
+
+---
+
+## ⚙️ Dynamic Tool Selection & Visibility
+
+This MCP server supports dynamic toolset selection and visibility filtering at runtime. This allows you to restrict the set of exposed tools in order to prevent blowing up the LLM's context window.
+
+You can configure tool filtering via multiple input channels:
+
+- **CLI Arguments:** Pass `--tools` or `--toolsets` (or their disabled counterparts `--disabled-tools` and `--disabled-toolsets`) during startup.
+- **Environment Variables:** Define standard environment variables:
+  - `MCP_ENABLED_TOOLS` / `MCP_DISABLED_TOOLS`
+  - `MCP_ENABLED_TAGS` / `MCP_DISABLED_TAGS`
+- **HTTP SSE Request Headers:** Pass custom headers during transport initialization:
+  - `x-mcp-enabled-tools` / `x-mcp-disabled-tools`
+  - `x-mcp-enabled-tags` / `x-mcp-disabled-tags`
+- **HTTP SSE Request Query Parameters:** Append query parameters directly to your transport connection URL:
+  - `?tools=tool1,tool2`
+  - `?tags=tag1`
+
+When query strings or parameters are supplied, an LLM-free **Knowledge Graph resolution layer** (using `DynamicToolOrchestrator`) matches query intents against known tool tags, names, or descriptions, with safe fallback and automated 24-hour background cache refreshing.
+
+
+---
+
+## 🖥️ Running the Servers
+
+### Run MCP Server (stdio by default)
+
+```bash
+technitium-dns-mcp
+```
+
+Or start a streamable HTTP server:
+
+```bash
+TRANSPORT=streamable-http HOST=0.0.0.0 PORT=8000 technitium-dns-mcp
+```
+
+### Run Pydantic AI Agent
+
+```bash
+technitium-dns-agent --mcp-url http://localhost:8000
+```
+
+---
+
+## 🧪 Running Tests
+
+Ensure high reliability across all components with standard test suites:
+
+```bash
+pytest -v tests/
+```
+
+Version: 0.27.0

technitium_dns_mcp-0.27.0/pyproject.toml

@@ -0,0 +1,61 @@
+[build-system]
+requires = [ "setuptools>=80.9.0", "wheel",]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "technitium-dns-mcp"
+version = "0.27.0"
+description = "Technitium DNS Server MCP Server and Agent for Agentic AI!"
+readme = "README.md"
+classifiers = [
+    "Development Status :: 4 - Beta",
+    "License :: OSI Approved :: MIT License",
+    "Environment :: Console",
+    "Operating System :: POSIX :: Linux",
+    "Programming Language :: Python :: 3",
+]
+requires-python = ">=3.11, <3.14"
+dependencies = [
+    "agent-utilities>=0.41.0",
+]
+[[project.authors]]
+name = "Audel Rouhi"
+email = "knucklessg1@gmail.com"
+
+[project.license]
+text = "MIT"
+
+[project.optional-dependencies]
+mcp = [ "agent-utilities[mcp]>=0.41.0", ]
+agent = [ "agent-utilities[agent,logfire]>=0.41.0", ]
+all = [ "agent-utilities[mcp,agent,logfire]>=0.41.0", ]
+test = [ "pytest-xdist>=3.6.0", "pytest", "pytest-asyncio", "pytest-cov", ]
+
+[project.scripts]
+technitium-dns-mcp = "technitium_dns_mcp.mcp_server:mcp_server"
+technitium-dns-agent = "technitium_dns_mcp.agent_server:agent_server"
+
+[tool.setuptools]
+include-package-data = true
+
+[tool.ruff]
+line-length = 88
+target-version = "py310"
+
+[tool.mypy]
+python_version = "3.10"
+ignore_missing_imports = true
+check_untyped_defs = true
+
+[dependency-groups]
+dev = [ "pytest-timeout>=2.4.0", ]
+
+[tool.setuptools.package-data]
+technitium_dns_mcp = [ "mcp_config.json", "agent_data/**", ]
+
+[tool.ruff.lint]
+select = [ "E", "F", "I", "UP", "B", ]
+ignore = [ "E402", "E501", "B008", ]
+
+[tool.setuptools.packages.find]
+where = [ ".", ]

technitium_dns_mcp-0.27.0/scripts/security_sanitizer.py

@@ -0,0 +1,246 @@
+#!/usr/bin/env python3
+import os
+import re
+import subprocess
+import sys
+from pathlib import Path
+
+# Config
+ALLOWED_TXT_NAMES = {"requirements.txt", "requirements-dev.txt"}
+TRANSIENT_PY_PATTERNS = [
+    re.compile(r"^test_.*\.py$"),
+    re.compile(r"^fix_.*\.py$"),
+    re.compile(r"^debug_.*\.py$"),
+    re.compile(r"^scratch_.*\.py$"),
+    re.compile(r"^temp_.*\.py$"),
+]
+
+SECRET_PATTERNS = [
+    ("GitHub PAT", re.compile(r"ghp_[A-Za-z0-9_]{36,255}")),
+    ("GitHub Fine-grained PAT", re.compile(r"github_pat_[A-Za-z0-9_]{82,255}")),
+    ("GitLab PAT", re.compile(r"glpat-[A-Za-z0-9\-]{20,255}")),
+    (
+        "Generic Secret Assignment",
+        re.compile(
+            r"secret[A-Za-z0-9_]*\s*[:=]\s*['\"][A-Za-z0-9_\-\.\~\*]{16,255}['\"]",
+            re.IGNORECASE,
+        ),
+    ),
+    (
+        "Generic Token Assignment",
+        re.compile(
+            r"token\s*[:=]\s*['\"][A-Za-z0-9_\-\.\~\*]{16,255}['\"]", re.IGNORECASE
+        ),
+    ),
+]
+
+EXCLUDED_DIRS = {
+    ".git",
+    ".venv",
+    "venv",
+    "node_modules",
+    "build",
+    "dist",
+    "__pycache__",
+    ".tox",
+    ".specify",
+}
+EXCLUDED_EXTENSIONS = {
+    ".png",
+    ".jpg",
+    ".jpeg",
+    ".gif",
+    ".webp",
+    ".ico",
+    ".pyc",
+    ".db",
+    ".kuzu",
+    ".sqlite",
+    ".sqlite3",
+    ".zip",
+    ".tar.gz",
+    ".tgz",
+    ".bz2",
+    ".xz",
+    ".pdf",
+    ".bin",
+    ".exe",
+    ".dll",
+    ".so",
+    ".dylib",
+    ".woff",
+    ".woff2",
+    ".eot",
+    ".ttf",
+    ".mp4",
+    ".mp3",
+    ".wav",
+    ".lock",
+    ".svg",
+}
+
+# Placeholder / Mock indicators
+PLACEHOLDER_SUBSTRINGS = [
+    "1234567890",
+    "abcdef12345",
+    "abc123youandme",
+    "askdfalskdvjas",
+    "your_",
+    "YOUR_",
+    "your-",
+    "dummy",
+    "DUMMY",
+    "example",
+    "EXAMPLE",
+    "mock",
+    "MOCK",
+    "test_token",
+    "test_secret",
+    "glpat-askdfalskdvjas",
+    "github_pat_12345",
+    "glpat-abc123youandme",
+    "github_pat_...",
+    "glpat-*************",
+    "ghp_*************",
+    "github_pat_*************",
+    "token_*************",
+    "secret_*************",
+    "glpat-abc",
+    "ghp_abc",
+    "github_pat_abc",
+    "${env:",
+]
+
+
+def is_placeholder(match_str: str) -> bool:
+    match_lower = match_str.lower()
+    for placeholder in PLACEHOLDER_SUBSTRINGS:
+        if placeholder in match_lower:
+            return True
+
+    # Check if match is mostly asterisks or single repeated char
+    cleaned = match_str.replace("'", "").replace('"', "").strip()
+    if not cleaned:
+        return True
+
+    # Check if there are sequences of asterisks indicating masked values
+    if "*" in cleaned:
+        # e.g., glpat-*************
+        return True
+
+    return False
+
+
+def get_repo_files(repo_path: Path):
+    try:
+        result = subprocess.run(
+            ["git", "ls-files", "--cached", "--others", "--exclude-standard"],
+            cwd=str(repo_path),
+            capture_output=True,
+            text=True,
+            check=True,
+        )
+        files = []
+        for line in result.stdout.splitlines():
+            if line.strip():
+                # Avoid files inside excluded directories
+                parts = Path(line.strip()).parts
+                if not any(part in EXCLUDED_DIRS for part in parts):
+                    files.append(repo_path / line.strip())
+        return files
+    except Exception:
+        # Fallback to manual recursive scan
+        files = []
+        for root, dirs, walk_files in os.walk(str(repo_path)):
+            dirs[:] = [
+                d for d in dirs if d not in EXCLUDED_DIRS and not d.startswith(".")
+            ]
+            for file in walk_files:
+                files.append(Path(root) / file)
+        return files
+
+
+def scan_repository(repo_path: Path):
+    violations = []
+    files_to_scan = get_repo_files(repo_path)
+
+    for file_path in files_to_scan:
+        if not file_path.is_file():
+            continue
+
+        # 1. Check root level naming constraints
+        if file_path.parent == repo_path:
+            # Check txt files
+            if file_path.suffix == ".txt":
+                if file_path.name.lower() not in ALLOWED_TXT_NAMES:
+                    violations.append(
+                        f"Non-standard root-level text file detected: '{file_path.name}'. Only 'requirements.txt' and 'requirements-dev.txt' are allowed."
+                    )
+            # Check transient py files
+            elif file_path.suffix == ".py":
+                for pattern in TRANSIENT_PY_PATTERNS:
+                    if pattern.match(file_path.name):
+                        violations.append(
+                            f"Transient/temporary script detected in root: '{file_path.name}'. Please move it to a subfolder or delete it."
+                        )
+                        break
+
+        # 2. Check for secrets
+        if file_path.suffix.lower() in EXCLUDED_EXTENSIONS:
+            continue
+
+        if file_path.name == "security_sanitizer.py":
+            continue
+
+        try:
+            content = file_path.read_text(encoding="utf-8", errors="ignore")
+            lines = content.splitlines()
+
+            for idx, line in enumerate(lines, 1):
+                if any(
+                    bypass in line
+                    for bypass in [
+                        "# sanitizer:ignore",
+                        "# sanitizer-ignore",
+                        "# nosec",
+                    ]
+                ):
+                    continue
+
+                for label, pattern in SECRET_PATTERNS:
+                    for match in pattern.findall(line):
+                        match_str = match[0] if isinstance(match, tuple) else match
+                        if not is_placeholder(match_str):
+                            rel_path = file_path.relative_to(repo_path)
+                            violations.append(
+                                f"Potential unmasked secret ({label}) detected in {rel_path}:{idx}\n"
+                                f"  Line: {line.strip()}"
+                            )
+        except Exception:
+            pass
+
+    return violations
+
+
+def main():
+    repo_path = Path.cwd()
+
+    print("🔒 Running Security and Garbage Sanitizer...")
+    violations = scan_repository(repo_path)
+
+    if violations:
+        print("\n❌ SECURITY AND GARBAGE VALIDATION FAILED!")
+        print("Please correct the following issues before committing:")
+        for idx, violation in enumerate(violations, 1):
+            print(f"\n[{idx}] {violation}")
+        print(
+            "\nNote: To bypass secret checks on specific lines, append '# sanitizer:ignore' to the end of the line."
+        )
+        sys.exit(1)
+
+    print("✅ All checks passed! No root garbage or unmasked secrets detected.")
+    sys.exit(0)
+
+
+if __name__ == "__main__":
+    main()