Bump version

.travis.yml

@@ -3,6 +3,7 @@ language: ruby
 rvm:
   - 2.0.0
   - 1.9.3
+  - 1.8.7
 
 gemfile:
   - Gemfile

README.md

@@ -4,6 +4,122 @@
 
 A small, lightweight and extensible DynDNS server written with Ruby and Rack.
 
+## Description
+
+dyndnsd.rb is aimed to implement a small [DynDNS-compliant](http://dyn.com/support/developers/api/) server in Ruby. It has an integrated user and hostname database in it's configuration file that is used for authentication and authorization. Besides talking the DynDNS protocol it is able to invoke an so-called *updater*, a small Ruby module that takes care of supplying the current host => ip mapping to a DNS server.
+
+The is currently one updater shipped with dyndnsd.rb `command_with_bind_zone` that writes out a zone file in BIND syntax onto the current system and invokes a user-supplied command afterwards that is assumed to trigger the DNS server (not necessarily BIND since it's zone files are read by other DNS servers too) to reload it's zone configuration.
+
+Because of the mechanisms used dyndnsd.rb is known to work only on *nix systems.
+
+## General Usage
+
+Install the gem:
+
+	gem install dyndnsd
+
+Create a configuration file in YAML format somewhere:
+
+```yaml
+# listen address and port
+host: "0.0.0.0"
+port: "80"
+# optional: drop priviliges in case you want to but you may need sudo for external commands
+user: "nobody"
+group: "nogroup"
+# logfile is optional, logs to STDOUT else
+logfile: "dyndnsd.log"
+# interal database file
+db: "db.json"
+# all hostnames are required to be cool-name.example.org
+domain: "example.org"
+# configure the updater, here we use command_with_bind_zone, params are updater-specific
+updater:
+  name: "command_with_bind_zone"
+  params:
+    zone_file: "dyn.zone"
+    command: "echo 'Hello'"
+    ttl: "5m"
+    dns: "dns.example.org."
+    email_addr: "admin.example.org."
+# user database with hostnames a user is allowed to update
+users:
+  # 'foo' is username, 'secret' the password
+  foo:
+    password: "secret"
+    hosts:
+      - foo.example.org
+      - bar.example.org
+  test:
+    password: "ihavenohosts"
+```
+
+Run dyndnsd.rb by:
+
+	dyndnsd /path/to/config.yaml
+
+## Using dyndnsd.rb with [NSD](https://www.nlnetlabs.nl/nsd/)
+
+NSD is a nice opensource, authoritative-only, low-memory DNS server that reads BIND-style zone files (and converts them into it's own database) and has a simple config file.
+
+A feature NSD is lacking is the [Dynamic DNS update](https://tools.ietf.org/html/rfc2136) functionality BIND offers but one can fake it using the following dyndnsd.rb config:
+
+```yaml
+host: "0.0.0.0"
+port: "8245" # the DynDNS.com alternative HTTP port
+db: "/opt/dyndnsd/db.json"
+domain: "dyn.example.org"
+updater:
+  name: "command_with_bind_zone"
+  params:
+    # make sure to register zone file in your nsd.conf
+    zone_file: "/etc/nsd3/dyn.example.org.zone"
+    # fake DNS update (discards NSD stats)
+    command: "nsdc rebuild; nsdc reload"
+    ttl: "5m"
+    dns: "dns.example.org."
+    email_addr: "admin.example.org."
+    # specify additional raw BIND-style zone content
+    # here: an A record for dyn.example.org itself
+    additional_zone_content: "@ IN A 1.2.3.4"
+users:
+  foo:
+    password: "secret"
+    hosts:
+      - foo.example.org  
+```
+
+Start dyndnsd.rb before NSD to make sure the zone file exists else NSD complains.
+
+## Using dyndnsd.rb with X
+
+Please provide ideas if you are using dyndnsd.rb with other DNS servers :)
+
+## Advanced topics
+
+### Update URL
+
+The update URL you want to tell your clients (humans or scripts ^^) consists of the following
+
+	http[s]://[USER]:[PASSWORD]@[DOMAIN]:[PORT]/nic/update?hostname=[HOSTNAMES]&myip=[MYIP]
+
+where:
+
+* the protocol depends on your (webserver/proxy) settings
+* USER and PASSWORD are needed for HTTP Basic Auth and valid combinations are defined in your config.yaml
+* DOMAIN should match what you defined in your config.yaml as domain but may be anything else when using a webserver as proxy
+* PORT depends on your (webserver/proxy) settings
+* HOSTNAMES is a required list of comma separated FQDNs (they all have to end with your config.yaml domain) the user wants to update
+* MYIP is optional and the HTTP client's address will be used if missing
+
+### SSL, multiple listen ports
+
+Use a webserver as a proxy to handle SSL and/or multiple listen addresses and ports. DynDNS.com provides HTTP on port 80 and 8245 and HTTPS on port 443.
+
+### Init scripts
+
+The [Debian 6 init.d script](init.d/debian-6-dyndnsd) assumes that dyndnsd.rb is installed into the system ruby (no RVM support) and the config.yaml is at /opt/dyndnsd/config.yaml. Modify to your needs.
+
 ## License
 
 dyndnsd.rb is licensed under the Apache License, Version 2.0. See LICENSE for more information.

dyndnsd.gemspec

@@ -21,6 +21,8 @@ Gem::Specification.new do |s|
   s.executables = ['dyndnsd']
 
   s.add_runtime_dependency 'rack'
+  s.add_runtime_dependency 'json'
+  s.add_runtime_dependency 'metriks'
 
   s.add_development_dependency 'bundler', '~> 1.3'
   s.add_development_dependency 'rake'

init.d/debian-6-dyndnsd

@@ -0,0 +1,43 @@
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides:          dyndnsd
+# Required-Start:    $remote_fs $syslog
+# Required-Stop:     $remote_fs $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Handle dyndnsd.rb gem
+### END INIT INFO
+
+# using the system ruby's gem binaries directory
+DAEMON="/var/lib/gems/1.8/bin/dyndnsd"
+
+CONFIG_FILE="/opt/dyndnsd/config.yaml"
+
+DAEMON_OPTS="$CONFIG_FILE"
+
+test -x $DAEMON || exit 0
+
+. /lib/lsb/init-functions
+
+case "$1" in
+  start)
+    log_daemon_msg "Starting dyndnsd.rb" "dyndnsd"
+    start-stop-daemon --start --quiet --oknodo --make-pidfile --pidfile "/var/run/dyndnsd.pid" --background --exec $DAEMON -- $DAEMON_OPTS
+    log_end_msg $?
+    ;;
+  stop)
+    log_daemon_msg "Stopping dyndnsd.rb" "dyndnsd"
+    start-stop-daemon --stop --quiet --oknodo --pidfile "/var/run/dyndnsd.pid"
+    log_end_msg $?
+    ;;
+  restart|force-reload)
+    log_daemon_msg "Restarting dyndnsd.rb" "dyndnsd"
+    start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile "/var/run/dyndsd.pid"
+    start-stop-daemon --start --quiet --oknodo --make-pidfile --pidfile "/var/run/dyndnsd.pid" --background --exec $DAEMON -- $DAEMON_OPTS
+    log_end_msg $?
+    ;;
+  *)
+    log_action_msg "Usage: $0 {start|stop|restart|force-reload}"
+    exit 2
+    ;;
+esac

lib/dyndnsd.rb

@@ -1,10 +1,13 @@
 #!/usr/bin/env ruby
 
+require 'etc'
 require 'logger'
 require 'ipaddr'
 require 'json'
 require 'yaml'
 require 'rack'
+require 'metriks'
+require 'metriks/reporter/graphite'
 
 require 'dyndnsd/generator/bind'
 require 'dyndnsd/updater/command_with_bind_zone'
@@ -24,7 +27,7 @@ module Dyndnsd
 
   class LogFormatter
     def call(lvl, time, progname, msg)
-      "%s: %s\n" % [lvl, msg.to_s]
+      "[%s] %-5s %s\n" % [Time.now.strftime('%Y-%m-%d %H:%M:%S'), lvl, msg.to_s]
     end
   end
 
@@ -74,7 +77,7 @@ module Dyndnsd
       hostnames.each do |hostname|
         return @responder.response_for_error(:host_forbidden) if not @users[user]['hosts'].include? hostname
       end
-      
+
       # no myip?
       if not params["myip"]
         params["myip"] = env["REMOTE_ADDR"]
@@ -89,29 +92,33 @@ module Dyndnsd
       
       myip = params["myip"]
       
+      Metriks.meter('requests.valid').mark
+      Dyndnsd.logger.info "Request to update #{hostnames} to #{myip} for user #{user}"
+      
       changes = []
       hostnames.each do |hostname|
         if (not @db['hosts'].include? hostname) or (@db['hosts'][hostname] != myip)
           changes << :good
           @db['hosts'][hostname] = myip
+          Metriks.meter('requests.good').mark
         else
           changes << :nochg
+          Metriks.meter('requests.nochg').mark
         end
       end
       
       if @db.changed?
         @db['serial'] += 1
+        Dyndnsd.logger.info "Committing update ##{@db['serial']}"
         @db.save
         update
+        Metriks.meter('updates.committed').mark
       end
       
       @responder.response_for_changes(changes, myip)
     end
 
     def self.run!
-      Dyndnsd.logger = Logger.new(STDOUT)
-      Dyndnsd.logger.formatter = LogFormatter.new
-
       if ARGV.length != 1
         puts "Usage: dyndnsd config_file"
         exit 1
@@ -120,25 +127,67 @@ module Dyndnsd
       config_file = ARGV[0]
 
       if not File.file?(config_file)
-        Dyndnsd.logger.fatal "Config file not found!"
+        puts "Config file not found!"
         exit 1
       end
-
-      Dyndnsd.logger.info "DynDNSd version #{Dyndnsd::VERSION}"
-      Dyndnsd.logger.info "Using config file #{config_file}"
+      
+      puts "DynDNSd version #{Dyndnsd::VERSION}"
+      puts "Using config file #{config_file}"
 
       config = YAML::load(File.open(config_file, 'r') { |f| f.read })
+      
+      if config['logfile']
+        Dyndnsd.logger = Logger.new(config['logfile'])
+      else
+        Dyndnsd.logger = Logger.new(STDOUT)
+      end
+      
+      Dyndnsd.logger.progname = "dyndnsd"
+      Dyndnsd.logger.formatter = LogFormatter.new
 
+      Dyndnsd.logger.info "Starting..."
+      
+      # drop privs (first change group than user)
+      Process::Sys.setgid(Etc.getgrnam(config['group']).gid) if config['group']
+      Process::Sys.setuid(Etc.getpwnam(config['user']).uid) if config['user']
+
+      # configure metriks
+      if config['graphite']
+        host = config['graphite']['host'] || 'localhost'
+        port = config['graphite']['port'] || 2003
+        options = {}
+        options[:prefix] = config['graphite']['prefix'] if config['graphite']['prefix']
+        reporter = Metriks::Reporter::Graphite.new(host, port, options)
+        reporter.start
+      else
+        reporter = Metriks::Reporter::ProcTitle.new
+        reporter.add 'good', 'sec' do
+          Metriks.meter('requests.good').mean_rate
+        end
+        reporter.add 'nochg', 'sec' do
+          Metriks.meter('requests.nochg').mean_rate
+        end
+        reporter.start
+      end
+
+      # configure daemon
       db = Database.new(config['db'])
       updater = Updater::CommandWithBindZone.new(config['domain'], config['updater']['params']) if config['updater']['name'] == 'command_with_bind_zone'
       responder = Responder::DynDNSStyle.new
       
+      # configure rack
       app = Daemon.new(config, db, updater, responder)
       app = Rack::Auth::Basic.new(app, "DynDNS") do |user,pass|
-        (config['users'].has_key? user) and (config['users'][user]['password'] == pass)
+        allow = (config['users'].has_key? user) and (config['users'][user]['password'] == pass)
+        if not allow
+          Dyndnsd.logger.warn "Login failed for #{user}"
+          Metriks.meter('requests.auth_failed').mark
+        end
+        allow
       end
 
       Signal.trap('INT') do
+        Dyndnsd.logger.info "Quitting..."
         Rack::Handler::WEBrick.shutdown
       end
 

lib/dyndnsd/updater/command_with_bind_zone.rb

@@ -15,6 +15,8 @@ module Dyndnsd
         pid = fork do
           exec @command
         end
+        # detach so children don't become zombies
+        Process.detach(pid)
       end
     end
   end

lib/dyndnsd/version.rb

@@ -1,4 +1,4 @@
 
 module Dyndnsd
-  VERSION = "0.0.3"
+  VERSION = "1.2.2"
 end

spec/daemon_spec.rb

@@ -4,6 +4,9 @@ describe Dyndnsd::Daemon do
   include Rack::Test::Methods
   
   def app
+    Dyndnsd.logger = Logger.new(STDOUT)
+    Dyndnsd.logger.level = Logger::UNKNOWN
+    
     config = {
       'domain' => 'example.org',
       'users' => {