I don't know how to integrate the following with your Python script, but certbot uses the options --manual-auth-hook and --manual-cleanup-hook to point to a script which would put the TXT record into the zonefile (auth hook) and a script which would cleanup the TXT records after the challenge has been performed. See the certbot documentation about hooks for more info.
Also I'd like to add that using renew-by-default is NOT recommended for production use. I would also like to remind you to the staging environment, where testing like this should be done!