try building

Add license
Merge pull request '7-api-sequencing' (#8 ) from 7-api-sequencing into main
2025-06-21 15:36:59 +01:00 · 2023-09-02 15:12:21 +01:00 · 2023-09-02 14:06:54 +00:00 · 2023-09-02 14:59:10 +01:00 · 2023-09-02 14:55:35 +01:00 · 2023-09-02 14:54:39 +01:00
4 changed files with 127 additions and 32 deletions
--- a/.gitea/workflows/build.yml
+++ b/.gitea/workflows/build.yml
@@ -0,0 +1,17 @@
+name: Build image
+run-name: ${{ gitea.actor }} is building an image
+on: [push]
+
+jobs:
+  runs-on: alpine
+  steps:
+    - uses: https://github.com/actions/checkout@v4
+    - name: Set up Docker Buildx
+        uses: https://github.com/docker/setup-buildx-action@v3            
+    - name: Build and push Docker image
+      uses: https://github.com/docker/build-push-action@v5
+      with:
+        context: .
+        file: ./Dockerfile
+        push: true
+        tags: "hal.mafoo.org.uk/mafoo.org.uk/mythic-dns:${{gitea.sha}},hal.mafoo.org.uk/mafoo.org.uk/mythic-dns:latest"
--- a/19
+++ b/19
@@ -0,0 +1,19 @@
+Copyright (c) 2023 Matthew Slowe (foo@mafoo.org.uk)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
--- a/README.md
+++ b/README.md
@@ -65,15 +65,29 @@ zones:
        - 10 mta2.example.com
 ```

+## Aliases virtual type
+There is a virtual record type `aliases` which is a list of names to CNAME to this record.
+
+For example:
+
+```yaml
+zones:
+  example.com:
+    "@":
+      A: 10.54.22.9
+      aliases:
+        - www
+        - ftp
+```
 # Running
 Invoke the docker container with the input yaml file:
 ```bash
-docker run --rm -ti -v "${PWD}:/a" -w /a fooflington/mythic-beasts-dns mafoo.org.uk.yml
+docker run --rm -ti -v "${PWD}:/a" -w /a fooflington/mythic-dns mafoo.org.uk.yml
 ```

 ## Dry run
 Pass the environment variable `DRY_RUN` to prevent any changes:

 ```bash
-docker run --rm -ti -v "${PWD}:/a" -w /a -e DRY_RUN=1 fooflington/mythic-beasts-dns mafoo.org.uk.yml
-```
+docker run --rm -ti -v "${PWD}:/a" -w /a -e DRY_RUN=1 fooflington/mythic-dns mafoo.org.uk.yml
+```
--- a/manage-dns.pl
+++ b/manage-dns.pl
@@ -15,6 +15,10 @@ my $ua = LWP::UserAgent->new;
 my %seen;
 my $DRY_RUN = $ENV{DRY_RUN};

+my @to_create;
+my @to_delete;
+my @to_update;
+
 sub _debug {
    print STDERR ("=== DEBUG ===\n", Dumper(@_), "=== END ===\n") if $ENV{DEBUG} or $in->[0]->{debug};
 }
@@ -40,9 +44,9 @@ my %supported_types = (
    MX => "yes",
    NS => "yes",
    PTR => "yes",
-    SSHFP => "not yet implemented",
+    SSHFP => "yes",
    SRV => "yes",
-    TLSA => "not yet implemented",
+    TLSA => "yes",
    TXT => "yes",
 );
 sub is_unsupported($) {
@@ -136,6 +140,17 @@ sub format_record($$$$) {
        $record->{caa_property} = $property;
        $record->{caa_tag} = $property;
        $record->{data} = $data;
+    } elsif ($type eq 'SSHFP') {
+        my ($algo, $keytype, $data) = split(/\s+/, $value);
+        $record->{sshfp_type} = $keytype;
+        $record->{sshfp_algorithm} = $algo;
+        $record->{data} = $data;
+    } elsif ($type eq 'TLSA') {
+        my ($usage, $selector, $matching, $data) = split(/\s+/, $value);
+        $record->{tlsa_usage} = $usage;
+        $record->{tlsa_selector} = $selector;
+        $record->{tlsa_matching} = $matching;
+        $record->{data} = $data;
    }

    return $record;
@@ -158,6 +173,19 @@ sub reformat_data($$) {
            $data->{caa_property} || $data->{caa_tag},
            $data->{data}
        );
+    } elsif($type eq 'SSHFP') {
+        return sprintf('%d %d %s',
+            $data->{sshfp_algorithm},
+            $data->{sshfp_type},
+            $data->{data},
+        );
+    } elsif($type eq 'TLSA') {
+        return sprintf('%d %d %d %s',
+            $data->{tlsa_usage},
+            $data->{tlsa_selector},
+            $data->{tlsa_matching},
+            $data->{data},
+        );
    }

    return $data->{data};
@@ -180,41 +208,22 @@ sub check_and_update_record($$$$$) {
        if($record->{ttl} ne $in->[0]->{defaults}->{ttl}->{$zone}) {
            # Update the record
            $record->{ttl} = $in->[0]->{defaults}->{ttl}->{$zone};
-            _debug("Update ", $url, $record, to_json($record));
-            unless ($DRY_RUN) {
-                my $res = $ua->put(
-                    $url,
-                    "Content-Type" => "application/json",
-                    "Content" => to_json({ records => [ $record ] }),
-                );
-                warn "Failed to update $url: " . $res->status_line unless $res->is_success;
-            }
+            _debug("Will update ", $url, $record, to_json($record));
+            push(@to_update, [$url,$record]);
        }
    } else {
        # Create new record
        my $new = format_record($zone, $type, $host, $value);
-        _notice("Created new record: %s %s %s", $host, $type, $value);
-        _debug($new);
-        unless ($DRY_RUN) {
-            my $res = $ua->post(
-                $url,
-                "Content-Type" => "application/json",
-                Content => to_json({
-                    records => [ $new ]
-                })
-            );
-            warn "Failed to create $url: " . $res->status_line . "\n" . $res->content unless $res->is_success;
-        }
+        _notice("Will create new record: %s %s %s", $host, $type, $value);
+        push(@to_create, [$url,$new]);
    }
 }

 sub delete_record($$) {
    my ($zone, $record) = @_;
-    return if $DRY_RUN;
-
    my $url = $in->[0]->{defaults}->{api} . "/$zone/records/$record->{host}/$record->{type}?host=$record->{host}&data=$record->{data}";
-    my $res = $ua->delete($url);
-    warn "Failed to delete $url: " . $res->status_line . "\n" . $res->content unless $res->is_success;
+    _notice("Will delete: %s %s %s", $record->{host}, $record->{type}, $record->{data});
+    push(@to_delete, $url);
 }

 foreach my $z (keys %{$in->[0]->{zones}}) {
@@ -268,10 +277,46 @@ foreach my $z (keys %{$in->[0]->{zones}}) {
                }
            }
            unless ($skip) {
-                _notice("Delete %s %s %s", $record->{host}, $record->{type}, $record->{data});
+                # _notice("Will delete %s %s %s", $record->{host}, $record->{type}, $record->{data});
                delete_record($z, $record);
            }
        }
    }
-    _info("Finished processing %s", $z);
+    _info("Finished pre-processing %s", $z);
+}
+
+unless($DRY_RUN) {
+    _info("Applying changes (%d creates, %d updates, %d deletes)", scalar @to_create, scalar @to_update, scalar @to_delete);
+
+    # Delete
+    foreach my $url (@to_delete) {
+        my $res = $ua->delete($url);
+        warn "Failed to delete $url: " . $res->status_line . "\n" . $res->content unless $res->is_success;
+    }
+
+    # Create
+    foreach my $record (@to_create) {
+        my $res = $ua->post(
+            $record->[0],
+            "Content-Type" => "application/json",
+            Content => to_json({
+                records => [ $record->[1] ]
+            })
+        );
+        warn "Failed to create $record->[0]: " . $res->status_line . "\n" . $res->content unless $res->is_success;
+    }
+
+    # Update
+    foreach my $record (@to_update) {
+        my $res = $ua->put(
+            $record->[0],
+            "Content-Type" => "application/json",
+            "Content" => to_json({ records => [ $record->[1] ] }),
+        );
+        warn "Failed to update $record->[0]: " . $res->status_line unless $res->is_success;
+    }
+
+    _info("Finished applying changes")
+} else {
+    _info("DRY RUN: Skipped applying changes (%d creates, %d updates, %d deletes)", scalar @to_create, scalar @to_update, scalar @to_delete);
 }
Author	SHA1	Message	Date
Matthew Slowe	3c37c1909b	try building	2025-06-21 15:36:59 +01:00
Matthew Slowe	c27ca17ad4	Add license	2023-09-02 15:12:21 +01:00
foo	1f66bdca65	Merge pull request '7-api-sequencing' (#8 ) from 7-api-sequencing into main Reviewed-on: #8	2023-09-02 14:06:54 +00:00
Matthew Slowe	b1767bdaae	Extraneous logging	2023-09-02 14:59:10 +01:00
Matthew Slowe	cb62c68633	and messaging	2023-09-02 14:55:35 +01:00
Matthew Slowe	d43ef34abc	Dereference record	2023-09-02 14:54:39 +01:00
Matthew Slowe	f1617977a9	Pass url through to create and update	2023-09-02 14:52:53 +01:00
Matthew Slowe	a7031753d2	abstract to delete, create, update queues	2023-09-02 14:48:49 +01:00
Matthew Slowe	12879324c6	Add aliases to readme	2021-06-19 15:58:35 +01:00
Matthew Slowe	fc2031eb7c	Support TLSA records Closes: #4	2021-06-19 15:49:54 +01:00
Matthew Slowe	17ff01d066	Handle SSHFP records Closes #2	2021-06-19 15:42:11 +01:00
Matthew Slowe	7a3e5e472a	fix readme	2021-06-16 17:03:15 +01:00