Mercurial > prosody-modules
changeset 4762:ba312cd7907f
mod_dnsupdate: Use with nsupdate to update DNS records from config
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sat, 06 Nov 2021 14:48:35 +0100 |
parents | ea1ecbc1d04d |
children | 91077c928c57 |
files | mod_dnsupdate/README.markdown mod_dnsupdate/mod_dnsupdate.lua |
diffstat | 2 files changed, 134 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_dnsupdate/README.markdown Sat Nov 06 14:48:35 2021 +0100 @@ -0,0 +1,14 @@ +Generate a DNS UPDATE order in format suitable for `nsupdate` based on +current port configuration. + +Example output: + +``` +$ prosodyctl mod_dnsupdate -d example.com -t xmpp.example.com example.com +zone example.com +server ns1.example.com +ttl 3600 +add _xmpp-client._tcp.example.com IN SRV 1 1 5222 +add _xmpp-server._tcp.example.com IN SRV 1 1 5269 +``` +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_dnsupdate/mod_dnsupdate.lua Sat Nov 06 14:48:35 2021 +0100 @@ -0,0 +1,120 @@ +module:set_global(); + +local config = require "core.configmanager"; +local argparse = require "util.argparse"; +local dns = require"net.adns".resolver(); +local async = require "util.async"; +local set = require "util.set"; +local nameprep = require"util.encodings".stringprep.nameprep; +local idna_to_ascii = require"util.encodings".idna.to_ascii; + +local services = { "xmpp-client"; "xmpps-client"; "xmpp-server"; "xmpps-server" } + +local function validate_dnsname_option(options, option_name, default) + local host = options[option_name]; + if host == nil then return default end + local normalized = nameprep(host); + if not normalized then + module:log("error", "--%s %q fails normalization"); + return; + end + local alabel = idna_to_ascii(normalized); + if not alabel then + module:log("error", "--%s %q fails IDNA"); + return; + end + return alabel; +end + +function module.command(arg) + local opts = argparse.parse(arg, { + short_params = { d = "domain"; p = "primary"; t = "target"; l = "ttl"; h = "help"; ["?"] = "help" }; + value_params = { domain = true; primary = true; target = true; ttl = true }; + }); + + if not arg[1] or arg[2] or not opts or opts.help or not opts.domain then + local out = opts.help and io.stdout or io.stderr; + out:write("prosodyctl mod_dnsupdate [options] virtualhost\n"); + out:write("\t-d --domain\tbase domain name *required*\n"); + out:write("\t-p --primary\tprimary DNS name server\n"); + out:write("\t-t --target\ttarget hostname for SRV\n"); + out:write("\t-l --ttl\tTTL to use\n"); + out:write("\t--each\tremove and replace individual SRV records\n"); + out:write("\t--reset\tremove and replace all SRV records\n"); + return opts and opts.help and 0 or 1; + end + + local vhost = nameprep(arg[1]); -- TODO loop over arg[]? + if not vhost then + module:log("error", "Host %q fails normalization", arg[1]); + return 1; + end + local ihost = idna_to_ascii(vhost); + if not ihost then + module:log("error", "Host %q falis IDNA", vhost); + return 1; + end + if not config.get(vhost, "defined") then + module:log("error", "Host %q is not defined in the config", vhost); + return 1; + end + + local domain = validate_dnsname_option(opts, "domain"); + if not domain then + module:log("error", "--domain is required"); + return 1; + end + local primary = validate_dnsname_option(opts, "primary") + or async.wait_for(dns:lookup_promise(domain, "SOA"):next(function(ret) return ret[1].soa.mname; end)); + if not primary then + module:log("error", "Could not discover primary name server, specify it with --primary"); + return 1; + end + local target = validate_dnsname_option(opts, "target", module:context(vhost):get_option_string("xmpp_host", ihost)); + -- TODO validate that target has A/AAAA + + local configured_ports = { + ["xmpp-client"] = module:get_option_array("c2s_ports", { 5222 }); + ["xmpp-server"] = module:get_option_array("c2s_ports", { 5269 }); + ["xmpps-client"] = module:get_option_array("c2s_direct_tls_ports", {}); + ["xmpps-server"] = module:get_option_array("c2s_ports", {}); + }; + + if opts.multiplex then + for opt, ports in pairs(configured_ports) do + ports:append(module:get_option_array(opt:sub(1, 5) == "xmpps" and "ssl_ports" or "ports", {})); + end + end + + local existing_srv = {}; + for _, service in ipairs(services) do + existing_srv[service] = dns:lookup_promise(("_%s._tcp.%s"):format(service, ihost), "SRV"); + end + + print("zone", domain); + print("server", primary); + print("ttl " .. tostring(opts.ttl or 60 * 60)); + + for _, service in ipairs(services) do + local ports = set.new(configured_ports[service]); + local records = (async.wait_for(existing_srv[service])); + local replace = opts.reset; + for _, rr in ipairs(records) do + if not ports:contains(rr.srv.port) or target ~= nameprep(rr.srv.target):gsub("%.$", "") then + if not opts.each then + replace = true; + break + end + print(("del _%s._tcp.%s IN SRV %s"):format(service, ihost, rr)); + end + end + if replace then + print(("del _%s._tcp.%s IN SRV"):format(service, ihost)); + for port in ports do print(("add _%s._tcp.%s IN SRV 1 1 %d %s"):format(service, ihost, port, target)); end + end + end + + print("show"); + print("send"); + print("answer"); +end