mirror of
https://github.com/cmur2/dyndnsd.git
synced 2024-09-28 23:02:17 +02:00
Compare commits
No commits in common. "master" and "v3.4.7" have entirely different histories.
17
.github/actionlint-matcher.json
vendored
17
.github/actionlint-matcher.json
vendored
@ -1,17 +0,0 @@
|
|||||||
{
|
|
||||||
"problemMatcher": [
|
|
||||||
{
|
|
||||||
"owner": "actionlint",
|
|
||||||
"pattern": [
|
|
||||||
{
|
|
||||||
"regexp": "^(?:\\x1b\\[\\d+m)?(.+?)(?:\\x1b\\[\\d+m)*:(?:\\x1b\\[\\d+m)*(\\d+)(?:\\x1b\\[\\d+m)*:(?:\\x1b\\[\\d+m)*(\\d+)(?:\\x1b\\[\\d+m)*: (?:\\x1b\\[\\d+m)*(.+?)(?:\\x1b\\[\\d+m)* \\[(.+?)\\]$",
|
|
||||||
"file": 1,
|
|
||||||
"line": 2,
|
|
||||||
"column": 3,
|
|
||||||
"message": 4,
|
|
||||||
"code": 5
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
13
.github/dependabot.yml
vendored
13
.github/dependabot.yml
vendored
@ -1,13 +0,0 @@
|
|||||||
---
|
|
||||||
version: 2
|
|
||||||
updates:
|
|
||||||
- package-ecosystem: "bundler"
|
|
||||||
directory: "/"
|
|
||||||
schedule:
|
|
||||||
interval: "weekly"
|
|
||||||
commit-message:
|
|
||||||
prefix: "gems"
|
|
||||||
labels: ["dependabot"]
|
|
||||||
open-pull-requests-limit: 10
|
|
||||||
pull-request-branch-name:
|
|
||||||
separator: "-"
|
|
13
.github/renovate.json5
vendored
13
.github/renovate.json5
vendored
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
extends: [
|
extends: [
|
||||||
"config:recommended",
|
"config:base",
|
||||||
":dependencyDashboard",
|
":dependencyDashboard",
|
||||||
":prHourlyLimitNone",
|
":prHourlyLimitNone",
|
||||||
":prConcurrentLimitNone",
|
":prConcurrentLimitNone",
|
||||||
@ -20,19 +20,24 @@
|
|||||||
matchManagers: ["bundler"],
|
matchManagers: ["bundler"],
|
||||||
enabled: false,
|
enabled: false,
|
||||||
},
|
},
|
||||||
|
// prevent minor updates to Alpine 3.14 due to https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.14.0#faccessat2
|
||||||
|
{
|
||||||
|
matchManagers: ["dockerfile"],
|
||||||
|
matchUpdateTypes: ["minor"],
|
||||||
|
enabled: false,
|
||||||
|
},
|
||||||
// Commit message formats
|
// Commit message formats
|
||||||
{
|
{
|
||||||
matchDatasources: ["docker"],
|
matchDatasources: ["docker"],
|
||||||
commitMessagePrefix: "docker: ",
|
commitMessagePrefix: "docker: ",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
matchManagers: ["github-actions"],
|
matchDatasources: ["github-actions"],
|
||||||
commitMessagePrefix: "ci: ",
|
commitMessagePrefix: "ci: ",
|
||||||
},
|
},
|
||||||
],
|
],
|
||||||
customManagers: [
|
regexManagers: [
|
||||||
{
|
{
|
||||||
customType: "regex",
|
|
||||||
fileMatch: ["\.rb$", "^Rakefile$"],
|
fileMatch: ["\.rb$", "^Rakefile$"],
|
||||||
matchStrings: [
|
matchStrings: [
|
||||||
"renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s.*_version = '(?<currentValue>.*)'\\s"
|
"renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s.*_version = '(?<currentValue>.*)'\\s"
|
||||||
|
12
.github/workflows/cd.yml
vendored
12
.github/workflows/cd.yml
vendored
@ -1,4 +1,3 @@
|
|||||||
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
|
|
||||||
---
|
---
|
||||||
name: cd
|
name: cd
|
||||||
|
|
||||||
@ -11,11 +10,11 @@ jobs:
|
|||||||
release-dockerimage:
|
release-dockerimage:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v2
|
||||||
|
|
||||||
- name: Extract dyndnsd version from tag name
|
- name: Extract dyndnsd version from tag name
|
||||||
run: |
|
run: |
|
||||||
echo "DYNDNSD_VERSION=${GITHUB_REF#refs/*/v}" >> "$GITHUB_ENV"
|
echo "DYNDNSD_VERSION=${GITHUB_REF#refs/*/v}" >> $GITHUB_ENV
|
||||||
|
|
||||||
- name: Wait for dyndnsd ${{ env.DYNDNSD_VERSION }} gem to be available
|
- name: Wait for dyndnsd ${{ env.DYNDNSD_VERSION }} gem to be available
|
||||||
run: |
|
run: |
|
||||||
@ -23,7 +22,6 @@ jobs:
|
|||||||
for retry in $(seq 1 5); do
|
for retry in $(seq 1 5); do
|
||||||
echo "Checking if dyndnsd $DYNDNSD_VERSION gem is retrievable from rubygems.org (try #$retry)..."
|
echo "Checking if dyndnsd $DYNDNSD_VERSION gem is retrievable from rubygems.org (try #$retry)..."
|
||||||
sudo gem install dyndnsd -v "$DYNDNSD_VERSION"
|
sudo gem install dyndnsd -v "$DYNDNSD_VERSION"
|
||||||
# shellcheck disable=SC2181
|
|
||||||
if [ $? -eq 0 ]; then
|
if [ $? -eq 0 ]; then
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
@ -33,16 +31,16 @@ jobs:
|
|||||||
|
|
||||||
# https://github.com/marketplace/actions/build-and-push-docker-images
|
# https://github.com/marketplace/actions/build-and-push-docker-images
|
||||||
- name: Set up Docker Buildx
|
- name: Set up Docker Buildx
|
||||||
uses: docker/setup-buildx-action@v3
|
uses: docker/setup-buildx-action@v1
|
||||||
|
|
||||||
- name: Login to Docker Hub
|
- name: Login to Docker Hub
|
||||||
uses: docker/login-action@v3
|
uses: docker/login-action@v1
|
||||||
with:
|
with:
|
||||||
username: cmur2
|
username: cmur2
|
||||||
password: ${{ secrets.DOCKER_TOKEN }}
|
password: ${{ secrets.DOCKER_TOKEN }}
|
||||||
|
|
||||||
- name: Build and push Docker image for dyndnsd ${{ env.DYNDNSD_VERSION }}
|
- name: Build and push Docker image for dyndnsd ${{ env.DYNDNSD_VERSION }}
|
||||||
uses: docker/build-push-action@v6
|
uses: docker/build-push-action@v2
|
||||||
with:
|
with:
|
||||||
context: docker
|
context: docker
|
||||||
build-args: |
|
build-args: |
|
||||||
|
36
.github/workflows/ci.yml
vendored
36
.github/workflows/ci.yml
vendored
@ -1,4 +1,3 @@
|
|||||||
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
|
|
||||||
---
|
---
|
||||||
name: ci
|
name: ci
|
||||||
|
|
||||||
@ -15,15 +14,14 @@ jobs:
|
|||||||
build:
|
build:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
strategy:
|
strategy:
|
||||||
fail-fast: false
|
|
||||||
matrix:
|
matrix:
|
||||||
ruby-version:
|
ruby-version:
|
||||||
|
- '2.5'
|
||||||
|
- '2.6'
|
||||||
|
- '2.7'
|
||||||
- '3.0'
|
- '3.0'
|
||||||
- '3.1'
|
|
||||||
- '3.2'
|
|
||||||
- '3.3'
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v2
|
||||||
- name: Set up Ruby ${{ matrix.ruby-version }}
|
- name: Set up Ruby ${{ matrix.ruby-version }}
|
||||||
uses: ruby/setup-ruby@v1
|
uses: ruby/setup-ruby@v1
|
||||||
with:
|
with:
|
||||||
@ -34,22 +32,12 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
bundle exec rake ci
|
bundle exec rake ci
|
||||||
|
|
||||||
actionlint:
|
# https://github.com/marketplace/actions/build-and-push-docker-images
|
||||||
runs-on: ubuntu-latest
|
- name: Set up Docker Buildx
|
||||||
steps:
|
uses: docker/setup-buildx-action@v1
|
||||||
- uses: actions/checkout@v4
|
|
||||||
- name: Check workflow files
|
|
||||||
run: |
|
|
||||||
echo "::add-matcher::.github/actionlint-matcher.json"
|
|
||||||
bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
|
|
||||||
./actionlint
|
|
||||||
|
|
||||||
renovate-config-validator:
|
- name: Test building Docker image for dyndnsd
|
||||||
runs-on: ubuntu-latest
|
uses: docker/build-push-action@v2
|
||||||
container:
|
with:
|
||||||
image: ghcr.io/renovatebot/renovate
|
context: .
|
||||||
options: --user root
|
file: docker/ci/Dockerfile
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v4
|
|
||||||
- name: Check Renovate config
|
|
||||||
run: renovate-config-validator --strict
|
|
||||||
|
1
.github/workflows/dockerhub.yml
vendored
1
.github/workflows/dockerhub.yml
vendored
@ -1,4 +1,3 @@
|
|||||||
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
|
|
||||||
---
|
---
|
||||||
name: dockerhub
|
name: dockerhub
|
||||||
|
|
||||||
|
8
.github/workflows/vulnscan.yml
vendored
8
.github/workflows/vulnscan.yml
vendored
@ -1,4 +1,3 @@
|
|||||||
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
|
|
||||||
---
|
---
|
||||||
name: vulnscan
|
name: vulnscan
|
||||||
|
|
||||||
@ -11,14 +10,15 @@ jobs:
|
|||||||
scan-released-dockerimages:
|
scan-released-dockerimages:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
env:
|
env:
|
||||||
|
TRIVY_LIGHT: 'true'
|
||||||
TRIVY_IGNORE_UNFIXED: 'true'
|
TRIVY_IGNORE_UNFIXED: 'true'
|
||||||
TRIVY_REMOVED_PKGS: 'true'
|
TRIVY_REMOVED_PKGS: 'true'
|
||||||
steps:
|
steps:
|
||||||
- name: Install Trivy
|
- name: Install Trivy
|
||||||
run: |
|
run: |
|
||||||
mkdir -p "$GITHUB_WORKSPACE/bin"
|
mkdir -p $GITHUB_WORKSPACE/bin
|
||||||
echo "$GITHUB_WORKSPACE/bin" >> "$GITHUB_PATH"
|
echo "$GITHUB_WORKSPACE/bin" >> "$GITHUB_PATH"
|
||||||
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/install.sh | sh -s -- -b "$GITHUB_WORKSPACE/bin"
|
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/install.sh | sh -s -- -b $GITHUB_WORKSPACE/bin
|
||||||
- name: Download Trivy DB
|
- name: Download Trivy DB
|
||||||
run: |
|
run: |
|
||||||
trivy image --download-db-only
|
trivy image --download-db-only
|
||||||
@ -36,7 +36,7 @@ jobs:
|
|||||||
for image in $ALL_IMAGES; do
|
for image in $ALL_IMAGES; do
|
||||||
if [[ "$image" = cmur2/dyndnsd:v$major_version.* ]]; then
|
if [[ "$image" = cmur2/dyndnsd:v$major_version.* ]]; then
|
||||||
echo -e "\nScanning newest patch release $image of major v$major_version...\n"
|
echo -e "\nScanning newest patch release $image of major v$major_version...\n"
|
||||||
if ! trivy image --skip-db-update --scanners vuln --exit-code 1 "$image"; then
|
if ! trivy image --skip-update --exit-code 1 "$image"; then
|
||||||
EXIT_CODE=1
|
EXIT_CODE=1
|
||||||
fi
|
fi
|
||||||
break
|
break
|
||||||
|
1
.gitignore
vendored
1
.gitignore
vendored
@ -3,4 +3,3 @@
|
|||||||
pkg/*
|
pkg/*
|
||||||
.yardoc
|
.yardoc
|
||||||
hadolint
|
hadolint
|
||||||
trivy
|
|
||||||
|
@ -3,12 +3,9 @@ require:
|
|||||||
- rubocop-rspec
|
- rubocop-rspec
|
||||||
|
|
||||||
AllCops:
|
AllCops:
|
||||||
TargetRubyVersion: '3.0'
|
TargetRubyVersion: '2.5'
|
||||||
NewCops: enable
|
NewCops: enable
|
||||||
|
|
||||||
Gemspec/DevelopmentDependencies:
|
|
||||||
EnforcedStyle: gemspec
|
|
||||||
|
|
||||||
Gemspec/RequireMFA:
|
Gemspec/RequireMFA:
|
||||||
Enabled: false
|
Enabled: false
|
||||||
|
|
||||||
|
130
CHANGELOG.md
130
CHANGELOG.md
@ -1,135 +1,5 @@
|
|||||||
# Changelog
|
# Changelog
|
||||||
|
|
||||||
## 3.10.0
|
|
||||||
|
|
||||||
IMPROVEMENTS:
|
|
||||||
|
|
||||||
- add Ruby 3.3 support
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- update base of Docker image to Alpine 3.19.0 (from 3.18.3 before)
|
|
||||||
|
|
||||||
## 3.9.2 (August 10th, 2023)
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- update base of Docker image to Alpine 3.18.3 (from 3.18.2 before)
|
|
||||||
|
|
||||||
## 3.9.1 (July 6, 2023)
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- update base of Docker image to Alpine 3.18.2 (from 3.18.0 before)
|
|
||||||
|
|
||||||
## 3.9.0 (June 8, 2023)
|
|
||||||
|
|
||||||
IMPROVEMENTS:
|
|
||||||
|
|
||||||
- Drop EOL Ruby 2.7 support, now minimum version supported is Ruby 3.0
|
|
||||||
|
|
||||||
## 3.8.2 (April 1st, 2023)
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- update base of Docker image to Alpine 3.17.3 (from 3.17.2 before)
|
|
||||||
|
|
||||||
## 3.8.1 (March 2nd, 2023)
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- update base of Docker image to Alpine 3.17.2 (from 3.17.1 before)
|
|
||||||
|
|
||||||
## 3.8.0 (January 13th, 2023)
|
|
||||||
|
|
||||||
IMPROVEMENTS:
|
|
||||||
|
|
||||||
- add Ruby 3.2 support
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- update base of Docker image to Alpine 3.17.1 (from 3.17.0 before)
|
|
||||||
|
|
||||||
## 3.7.3 (December 29th, 2022)
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- update base of Docker image to Alpine 3.17.0 (from 3.16.2 before)
|
|
||||||
|
|
||||||
## 3.7.2 (November 10th, 2022)
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- re-release 3.7.1 to rebuild Docker image with security vulnerabilities fixes
|
|
||||||
|
|
||||||
## 3.7.1 (September 20th, 2022)
|
|
||||||
|
|
||||||
IMPROVEMENTS:
|
|
||||||
|
|
||||||
- fix [TypeError](https://github.com/cmur2/dyndnsd/issues/205) when user has no hosts configured
|
|
||||||
|
|
||||||
## 3.7.0 (September 16th, 2022)
|
|
||||||
|
|
||||||
IMPROVEMENTS:
|
|
||||||
|
|
||||||
- Update to Rack 3
|
|
||||||
|
|
||||||
## 3.6.2 (August 11th, 2022)
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- update base of Docker image to Alpine 3.16.2 (from 3.16.1 before)
|
|
||||||
|
|
||||||
## 3.6.1 (July 21st, 2022)
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- update base of Docker image to Alpine 3.16.1 (from 3.16.0 before)
|
|
||||||
|
|
||||||
## 3.6.0 (June 2nd, 2022)
|
|
||||||
|
|
||||||
IMPROVEMENTS:
|
|
||||||
|
|
||||||
- Drop EOL Ruby 2.6 and lower support, now minimum version supported is Ruby 2.7
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- update base of Docker image to Alpine 3.16 (from 3.15.7 before)
|
|
||||||
|
|
||||||
## 3.5.3 (May 5th, 2022)
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- re-release 3.5.2 to rebuild Docker image with security vulnerabilities fixes
|
|
||||||
|
|
||||||
## 3.5.2 (April 7th, 2022)
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- re-release 3.5.1 to rebuild Docker image with security vulnerabilities fixes
|
|
||||||
|
|
||||||
## 3.5.1 (February 17th, 2022)
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- re-release 3.5.0 to rebuild Docker image with security vulnerabilities fixes
|
|
||||||
|
|
||||||
## 3.5.0 (January 8th, 2022)
|
|
||||||
|
|
||||||
IMPROVEMENTS:
|
|
||||||
|
|
||||||
- add Ruby 3.1 support
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- update base of Docker image to Alpine 3.15 (from 3.13.7 before, **Note:** please be aware of the quirks around [Alpine 3.14](https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.14.0#faccessat2))
|
|
||||||
|
|
||||||
## 3.4.8 (December 11th, 2021)
|
|
||||||
|
|
||||||
OTHER:
|
|
||||||
|
|
||||||
- re-release 3.4.7 to rebuild Docker image with security vulnerabilities fixes
|
|
||||||
|
|
||||||
## 3.4.7 (November 19th, 2021)
|
## 3.4.7 (November 19th, 2021)
|
||||||
|
|
||||||
OTHER:
|
OTHER:
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
# dyndnsd.rb
|
# dyndnsd.rb
|
||||||
|
|
||||||
![ci](https://github.com/cmur2/dyndnsd/workflows/ci/badge.svg)
|
![ci](https://github.com/cmur2/dyndnsd/workflows/ci/badge.svg) [![Dependencies](https://badges.depfu.com/badges/4f25da8493f7a29f652ac892fbf9227b/overview.svg)](https://depfu.com/github/cmur2/dyndnsd)
|
||||||
|
|
||||||
A small, lightweight and extensible DynDNS server written with Ruby and Rack.
|
A small, lightweight and extensible DynDNS server written with Ruby and Rack.
|
||||||
|
|
||||||
|
65
Rakefile
65
Rakefile
@ -14,61 +14,24 @@ task :solargraph do
|
|||||||
sh 'solargraph typecheck'
|
sh 'solargraph typecheck'
|
||||||
end
|
end
|
||||||
|
|
||||||
|
namespace :solargraph do
|
||||||
|
desc 'Should be run by developer once to prepare initial solargraph usage (fill caches etc.)'
|
||||||
|
task :init do
|
||||||
|
sh 'solargraph download-core'
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
# renovate: datasource=github-tags depName=hadolint/hadolint
|
# renovate: datasource=github-tags depName=hadolint/hadolint
|
||||||
hadolint_version = 'v2.12.0'
|
hadolint_version = 'v2.8.0'
|
||||||
|
|
||||||
# renovate: datasource=github-tags depName=aquasecurity/trivy
|
desc 'Run hadolint for Dockerfile linting'
|
||||||
trivy_version = 'v0.54.1'
|
task :hadolint do
|
||||||
|
sh "wget -q -O ./hadolint https://github.com/hadolint/hadolint/releases/download/#{hadolint_version}/hadolint-Linux-x86_64"
|
||||||
namespace :docker do
|
sh 'chmod a+x ./hadolint'
|
||||||
ci_image = 'cmur2/dyndnsd:ci'
|
sh './hadolint --ignore DL3018 docker/Dockerfile'
|
||||||
|
|
||||||
desc 'Lint Dockerfile'
|
|
||||||
task :lint do
|
|
||||||
sh "if [ ! -e ./hadolint ]; then wget -q -O ./hadolint https://github.com/hadolint/hadolint/releases/download/#{hadolint_version}/hadolint-Linux-x86_64; fi"
|
|
||||||
sh 'chmod a+x ./hadolint'
|
|
||||||
sh './hadolint --ignore DL3018 docker/Dockerfile'
|
|
||||||
sh './hadolint --ignore DL3018 --ignore DL3028 docker/ci/Dockerfile'
|
|
||||||
end
|
|
||||||
|
|
||||||
desc 'Build CI Docker image'
|
|
||||||
task :build do
|
|
||||||
sh 'docker build -t cmur2/dyndnsd:ci -f docker/ci/Dockerfile .'
|
|
||||||
end
|
|
||||||
|
|
||||||
desc 'Scan CI Docker image for vulnerabilities'
|
|
||||||
task :scan do
|
|
||||||
ver = trivy_version.gsub('v', '')
|
|
||||||
sh "if [ ! -e ./trivy ]; then wget -q -O - https://github.com/aquasecurity/trivy/releases/download/v#{ver}/trivy_#{ver}_Linux-64bit.tar.gz | tar -xzf - trivy; fi"
|
|
||||||
sh "./trivy image #{ci_image}"
|
|
||||||
end
|
|
||||||
|
|
||||||
desc 'End-to-end test the CI Docker image'
|
|
||||||
task :e2e do
|
|
||||||
sh <<~SCRIPT
|
|
||||||
echo -n '{}' > e2e/db.json
|
|
||||||
chmod a+w e2e/db.json
|
|
||||||
SCRIPT
|
|
||||||
sh "docker run -d --name=dyndnsd-ci -v $(pwd)/e2e:/etc/dyndnsd -p 8080:8080 -p 5353:5353 #{ci_image}"
|
|
||||||
sh 'sleep 5'
|
|
||||||
puts '----------------------------------------'
|
|
||||||
# `dig` needs `sudo apt-get install -y -q dnsutils`
|
|
||||||
sh <<~SCRIPT
|
|
||||||
curl -s -o /dev/null -w '%{http_code}' 'http://localhost:8080/' | grep -q '401'
|
|
||||||
curl -s 'http://foo:secret@localhost:8080/nic/update?hostname=foo.dyn.example.org&myip=1.2.3.4' | grep -q 'good'
|
|
||||||
curl -s 'http://foo:secret@localhost:8080/nic/update?hostname=foo.dyn.example.org&myip=1.2.3.4' | grep -q 'nochg'
|
|
||||||
dig +short AXFR 'dyn.example.org' @127.0.0.1 -p 5353 | grep -q '1.2.3.4'
|
|
||||||
SCRIPT
|
|
||||||
puts '----------------------------------------'
|
|
||||||
sh <<~SCRIPT
|
|
||||||
docker logs dyndnsd-ci
|
|
||||||
docker container rm -f -v dyndnsd-ci
|
|
||||||
rm e2e/db.json
|
|
||||||
SCRIPT
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
||||||
task default: [:rubocop, :spec, 'bundle:audit', :solargraph]
|
task default: [:rubocop, :spec, 'bundle:audit', :solargraph]
|
||||||
|
|
||||||
desc 'Run all tasks desired for CI'
|
desc 'Run all tasks desired for CI'
|
||||||
task ci: [:default, 'docker:lint', :build, 'docker:build', 'docker:e2e']
|
task ci: ['solargraph:init', :default, :hadolint, :build]
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
FROM alpine:3.20.3
|
FROM alpine:3.13.7
|
||||||
|
|
||||||
EXPOSE 5353 8080
|
EXPOSE 5353 8080
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
FROM alpine:3.20.3
|
FROM alpine:3.13.7
|
||||||
|
|
||||||
EXPOSE 5353 8080
|
EXPOSE 5353 8080
|
||||||
|
|
||||||
|
@ -25,25 +25,23 @@ Gem::Specification.new do |s|
|
|||||||
s.executables = ['dyndnsd']
|
s.executables = ['dyndnsd']
|
||||||
s.extra_rdoc_files = Dir['README.md', 'CHANGELOG.md', 'LICENSE']
|
s.extra_rdoc_files = Dir['README.md', 'CHANGELOG.md', 'LICENSE']
|
||||||
|
|
||||||
s.required_ruby_version = '>= 3.0'
|
s.required_ruby_version = '>= 2.5'
|
||||||
|
|
||||||
s.add_dependency 'async', '~> 1.31.0'
|
s.add_runtime_dependency 'async-dns', '~> 1.3.0'
|
||||||
s.add_dependency 'async-dns', '~> 1.3.0'
|
s.add_runtime_dependency 'metriks'
|
||||||
s.add_dependency 'metriks'
|
s.add_runtime_dependency 'opentelemetry-exporter-jaeger', '~> 0.20.0'
|
||||||
s.add_dependency 'opentelemetry-exporter-jaeger', '~> 0.22.0'
|
s.add_runtime_dependency 'opentelemetry-instrumentation-rack', '~> 0.20.0'
|
||||||
s.add_dependency 'opentelemetry-instrumentation-rack', '~> 0.22.0'
|
s.add_runtime_dependency 'opentelemetry-sdk', '~> 1.0.0.rc2'
|
||||||
s.add_dependency 'opentelemetry-sdk', '~> 1.2.0'
|
s.add_runtime_dependency 'rack', '~> 2.0'
|
||||||
s.add_dependency 'rack', '~> 3.0'
|
s.add_runtime_dependency 'webrick', '>= 1.6.1'
|
||||||
s.add_dependency 'rackup', '~> 2'
|
|
||||||
s.add_dependency 'webrick', '>= 1.6.1'
|
|
||||||
|
|
||||||
s.add_development_dependency 'bundler'
|
s.add_development_dependency 'bundler'
|
||||||
s.add_development_dependency 'bundler-audit', '~> 0.9.0'
|
s.add_development_dependency 'bundler-audit', '~> 0.9.0'
|
||||||
s.add_development_dependency 'rack-test'
|
s.add_development_dependency 'rack-test'
|
||||||
s.add_development_dependency 'rake'
|
s.add_development_dependency 'rake'
|
||||||
s.add_development_dependency 'rspec'
|
s.add_development_dependency 'rspec'
|
||||||
s.add_development_dependency 'rubocop', '~> 1.66.0'
|
s.add_development_dependency 'rubocop', '~> 1.23.0'
|
||||||
s.add_development_dependency 'rubocop-rake', '~> 0.6.0'
|
s.add_development_dependency 'rubocop-rake', '~> 0.6.0'
|
||||||
s.add_development_dependency 'rubocop-rspec', '~> 3.0.1'
|
s.add_development_dependency 'rubocop-rspec', '~> 2.6.0'
|
||||||
s.add_development_dependency 'solargraph', '~> 0.49.0'
|
s.add_development_dependency 'solargraph', '~> 0.44.0'
|
||||||
end
|
end
|
||||||
|
@ -1,31 +0,0 @@
|
|||||||
---
|
|
||||||
host: "0.0.0.0"
|
|
||||||
port: 8080
|
|
||||||
|
|
||||||
db: /etc/dyndnsd/db.json
|
|
||||||
debug: false
|
|
||||||
domain: dyn.example.org
|
|
||||||
#responder: RestStyle
|
|
||||||
|
|
||||||
updater:
|
|
||||||
name: zone_transfer_server
|
|
||||||
params:
|
|
||||||
server_listens:
|
|
||||||
- 0.0.0.0@5353
|
|
||||||
#send_notifies:
|
|
||||||
#- 10.0.2.15@53
|
|
||||||
zone_ttl: 300 # 5m
|
|
||||||
zone_nameservers:
|
|
||||||
- dns1.example.org.
|
|
||||||
- dns2.example.org.
|
|
||||||
zone_email_address: admin.example.org.
|
|
||||||
zone_additional_ips:
|
|
||||||
- "127.0.0.1"
|
|
||||||
- "::1"
|
|
||||||
|
|
||||||
users:
|
|
||||||
foo:
|
|
||||||
password: "secret"
|
|
||||||
hosts:
|
|
||||||
- foo.dyn.example.org
|
|
||||||
- bar.dyn.example.org
|
|
@ -7,7 +7,6 @@ require 'ipaddr'
|
|||||||
require 'json'
|
require 'json'
|
||||||
require 'yaml'
|
require 'yaml'
|
||||||
require 'rack'
|
require 'rack'
|
||||||
require 'rackup'
|
|
||||||
require 'metriks'
|
require 'metriks'
|
||||||
require 'opentelemetry/instrumentation/rack'
|
require 'opentelemetry/instrumentation/rack'
|
||||||
require 'opentelemetry/sdk'
|
require 'opentelemetry/sdk'
|
||||||
@ -107,7 +106,7 @@ module Dyndnsd
|
|||||||
puts "DynDNSd version #{Dyndnsd::VERSION}"
|
puts "DynDNSd version #{Dyndnsd::VERSION}"
|
||||||
puts "Using config file #{config_file}"
|
puts "Using config file #{config_file}"
|
||||||
|
|
||||||
config = YAML.safe_load_file(config_file)
|
config = YAML.safe_load(File.open(config_file, 'r', &:read))
|
||||||
|
|
||||||
setup_logger(config)
|
setup_logger(config)
|
||||||
|
|
||||||
@ -215,11 +214,10 @@ module Dyndnsd
|
|||||||
invalid_hostnames = hostnames.select { |h| !Helper.fqdn_valid?(h, @domain) }
|
invalid_hostnames = hostnames.select { |h| !Helper.fqdn_valid?(h, @domain) }
|
||||||
return [422, {'X-DynDNS-Response' => 'hostname_malformed'}, []] if invalid_hostnames.any?
|
return [422, {'X-DynDNS-Response' => 'hostname_malformed'}, []] if invalid_hostnames.any?
|
||||||
|
|
||||||
# we can trust this information since user was authorized by middleware
|
|
||||||
user = env['REMOTE_USER']
|
user = env['REMOTE_USER']
|
||||||
|
|
||||||
# check for hostnames that the user does not own
|
# check for hostnames that the user does not own
|
||||||
forbidden_hostnames = hostnames - @users[user].fetch('hosts', [])
|
forbidden_hostnames = hostnames - @users[user]['hosts']
|
||||||
return [422, {'X-DynDNS-Response' => 'host_forbidden'}, []] if forbidden_hostnames.any?
|
return [422, {'X-DynDNS-Response' => 'host_forbidden'}, []] if forbidden_hostnames.any?
|
||||||
|
|
||||||
if params['offline'] == 'YES'
|
if params['offline'] == 'YES'
|
||||||
@ -261,10 +259,10 @@ module Dyndnsd
|
|||||||
# @return [void]
|
# @return [void]
|
||||||
private_class_method def self.setup_traps
|
private_class_method def self.setup_traps
|
||||||
Signal.trap('INT') do
|
Signal.trap('INT') do
|
||||||
Rackup::Handler::WEBrick.shutdown
|
Rack::Handler::WEBrick.shutdown
|
||||||
end
|
end
|
||||||
Signal.trap('TERM') do
|
Signal.trap('TERM') do
|
||||||
Rackup::Handler::WEBrick.shutdown
|
Rack::Handler::WEBrick.shutdown
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
@ -352,7 +350,7 @@ module Dyndnsd
|
|||||||
|
|
||||||
app = OpenTelemetry::Instrumentation::Rack::Middlewares::TracerMiddleware.new(app)
|
app = OpenTelemetry::Instrumentation::Rack::Middlewares::TracerMiddleware.new(app)
|
||||||
|
|
||||||
Rackup::Handler::WEBrick.run app, Host: config['host'], Port: config['port']
|
Rack::Handler::WEBrick.run app, Host: config['host'], Port: config['port']
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -21,7 +21,7 @@ module Dyndnsd
|
|||||||
span.set_attribute('dyndnsd.updater.name', self.class.name&.split('::')&.last || 'None')
|
span.set_attribute('dyndnsd.updater.name', self.class.name&.split('::')&.last || 'None')
|
||||||
|
|
||||||
# write zone file in bind syntax
|
# write zone file in bind syntax
|
||||||
File.write(@zone_file, @generator.generate(db))
|
File.open(@zone_file, 'w') { |f| f.write(@generator.generate(db)) }
|
||||||
# call user-defined command
|
# call user-defined command
|
||||||
pid = fork do
|
pid = fork do
|
||||||
exec @command
|
exec @command
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
|
|
||||||
module Dyndnsd
|
module Dyndnsd
|
||||||
VERSION = '3.9.2'
|
VERSION = '3.4.7'
|
||||||
end
|
end
|
||||||
|
@ -15,9 +15,6 @@ describe Dyndnsd::Daemon do
|
|||||||
'test' => {
|
'test' => {
|
||||||
'password' => 'secret',
|
'password' => 'secret',
|
||||||
'hosts' => ['foo.example.org', 'bar.example.org']
|
'hosts' => ['foo.example.org', 'bar.example.org']
|
||||||
},
|
|
||||||
'test2' => {
|
|
||||||
'password' => 'ihavenohosts'
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -102,14 +99,6 @@ describe Dyndnsd::Daemon do
|
|||||||
expect(last_response.body).to eq('notfqdn')
|
expect(last_response.body).to eq('notfqdn')
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'rejects request if user does not own any hostnames' do
|
|
||||||
authorize 'test2', 'ihavenohosts'
|
|
||||||
|
|
||||||
get '/nic/update?hostname=doesnotexisthost.example.org'
|
|
||||||
expect(last_response).to be_ok
|
|
||||||
expect(last_response.body).to eq('nohost')
|
|
||||||
end
|
|
||||||
|
|
||||||
it 'rejects request if user does not own one hostname' do
|
it 'rejects request if user does not own one hostname' do
|
||||||
authorize 'test', 'secret'
|
authorize 'test', 'secret'
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user