From 80c5651573565bb82b9314c69278fe3b992ca8a4 Mon Sep 17 00:00:00 2001
From: missytake <missytake@systemli.org>
Date: Tue, 7 Jan 2025 18:35:14 +0100
Subject: [PATCH] DNS: recommend DKIM record without space in between for some
 DNS web interfaces

---
 cmdeploy/src/cmdeploy/dns.py         | 3 +++
 cmdeploy/src/cmdeploy/remote/rdns.py | 8 ++++++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/cmdeploy/src/cmdeploy/dns.py b/cmdeploy/src/cmdeploy/dns.py
index 663ae66c..dc5bb722 100644
--- a/cmdeploy/src/cmdeploy/dns.py
+++ b/cmdeploy/src/cmdeploy/dns.py
@@ -56,6 +56,9 @@ def check_full_zone(sshexec, remote_data, out, zonefile) -> int:
             out(line)
         out("")
         returncode = 1
+    if remote_data.get("dkim_entry") in required_diff:
+        out("If the DKIM entry above does not work with your DNS provider, you can try this one:\n")
+        out(remote_data.get("web_dkim_entry") + "\n")
     if recommended_diff:
         out("WARNING: these recommended DNS entries are not set:\n")
         for line in recommended_diff:
diff --git a/cmdeploy/src/cmdeploy/remote/rdns.py b/cmdeploy/src/cmdeploy/remote/rdns.py
index 77093503..f3b91278 100644
--- a/cmdeploy/src/cmdeploy/remote/rdns.py
+++ b/cmdeploy/src/cmdeploy/remote/rdns.py
@@ -27,7 +27,7 @@ def perform_initial_checks(mail_domain):
 
     res = dict(mail_domain=mail_domain, A=A, AAAA=AAAA, MTA_STS=MTA_STS, WWW=WWW)
     res["acme_account_url"] = shell("acmetool account-url", fail_ok=True)
-    res["dkim_entry"] = get_dkim_entry(mail_domain, dkim_selector="opendkim")
+    res["dkim_entry"], res["web_dkim_entry"] = get_dkim_entry(mail_domain, dkim_selector="opendkim")
 
     if not MTA_STS or not WWW or (not A and not AAAA):
         return res
@@ -48,7 +48,11 @@ def get_dkim_entry(mail_domain, dkim_selector):
         return
     dkim_value_raw = f"v=DKIM1;k=rsa;p={dkim_pubkey};s=email;t=s"
     dkim_value = '" "'.join(re.findall(".{1,255}", dkim_value_raw))
-    return f'{dkim_selector}._domainkey.{mail_domain}. TXT "{dkim_value}"'
+    web_dkim_value = ''.join(re.findall(".{1,255}", dkim_value_raw))
+    return (
+        f'{dkim_selector}._domainkey.{mail_domain}. TXT "{dkim_value}"',
+        f'{dkim_selector}._domainkey.{mail_domain}. TXT "{web_dkim_value}"',
+    )
 
 
 def query_dns(typ, domain):