#!/usr/bin/env bash # vim: set filetype=sh set -euo pipefail api_host="https://api.dnsimple.com/v2" sleep_interval=${SLEEP_INTERVAL:-300} record_ttl=${RECORD_TTL:-600} destructive=${DESTRUCTIVE:-false} # Only services with ipv6 supported are listed here. # And are not using cloudflare or similar services # that may block requests from this script. services=( "ifconfig.io" ) log::debug() { echo "level=DEBUG $1" } log::info() { echo "level=INFO $1" } log::warn() { echo "level=WARN $1" } log:error() { echo "level=ERROR $1" exit 1 } test -z "${DNSIMPLE_TOKEN}" && log:error "DNSIMPLE_TOKEN not set!" test -z "${DNSIMPLE_ACCOUNT_ID}" && log:error "DNSIMPLE_ACCOUNT_ID not set!" test -z "${DOMAIN}" && log:error "DOMAIN not set!" test -z "${CLOUD_REGION}" && log:error "CLOUD_REGION not set!" base_zone_url="$api_host/$DNSIMPLE_ACCOUNT_ID/zones/$DOMAIN/records" dnsimple::record::list() { curl -s -X GET \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $DNSIMPLE_TOKEN" \ "$base_zone_url" } dnsimple::record::create() { local data="$1" curl -s -X POST \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $DNSIMPLE_TOKEN" \ -d "$data" \ "$base_zone_url" } dnsimple::record::update() { local record="$1" local data="$2" curl -s -X PATCH \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $DNSIMPLE_TOKEN" \ -d "$data" \ "$base_zone_url/$record" &>/dev/null } dnsimple::record::delete() { local record="$1" if [[ "$destructive" == "false" ]]; then log::warn "record=$record Record deletion is disabled. Set DESTRUCTIVE=true to enable." return fi curl -s -X DELETE \ -H "Content-Type: application/json" \ -H "Authorization: Bearer $DNSIMPLE_TOKEN" \ "$base_zone_url/$record" &>/dev/null } configure::single() { # disable glob expansion set -f domain_records=$1 domain=$2 ip=$3 type=$4 record_id=$(echo "$domain_records" | jq ".data[] | select(.type == \"$type\" and .name == \"$domain\") | .id") record_data=$(echo "$domain_records" | jq -r ".data[] | select(.type == \"$type\" and .name == \"$domain\") | .content") if [ "$(echo "$record_id" | wc -l)" -ge 2 ]; then log::warn "domain=$domain type=$type Domain name has duplicate DNS records, removing duplicates." record_id_to_delete=$(echo "$record_id" | tail -n +2) record_id=$(echo "$record_id" | head -1) record_data=$(echo "$record_data" | head -1) while IFS= read -r line; do log::warn "domain=$domain type=$type record=$line Deleting record" dnsimple::record::delete "$line" done <<<"$record_id_to_delete" fi # re-enable glob expansion set +f data="{\"type\": \"$type\", \"name\": \"$domain\", \"content\": \"$ip\", \"ttl\": $record_ttl}" if [[ -z $record_id ]]; then log::info "domain=$domain type=$type No record found. Creating record." dnsimple::record::create "$data" elif [[ "$ip" != "$record_data" ]]; then log::info "domain=$domain type=$type Existing DNS record address ($record_data) doesn't match current IP ($ip)" dnsimple::record::update "$record_id" "$data" else log::info "domain=$domain type=$type Existing DNS record address ($record_data) did not need updating" fi } configure::many() { domain_records=$1 domain=$2 ip=$3 type=$4 record_id=$(echo "$domain_records" | jq ".data[] | select(.type == \"$type\" and .name == \"$domain\" and .content == \"$ip\") | .id") record_data=$(echo "$domain_records" | jq ".data[] | select(.type == \"$type\" and .name == \"$domain\" and .content == \"$ip\") | .content") data="{\"type\": \"$type\", \"name\": \"$domain\", \"content\": \"$ip\", \"ttl\": $record_ttl}" if [[ -z $record_id ]]; then log::info "domain=$domain type=$type No record found. Creating record." dnsimple::record::create "$data" else log::info "domain=$domain type=$type Existing DNS record address ($record_data) did not need updating." fi } healthcheck() { local ip="$1" code=$(curl -s -o /dev/null -I -w '%{http_code}' "http://$ip:1337/healthz" || echo "") if [[ "$code" != "200" ]]; then log::warn "ip=$ip code=$code Healthcheck failed." return 1 fi log::info "ip=$ip code=$code Healthcheck passed." return 0 } while (true); do domain_records=$(dnsimple::record::list) log::debug "domain_records=$domain_records" for service in "${services[@]}"; do log::info "service=$service Discovering public IP address..." ipv4="$(curl -4 -s -f --connect-timeout 2 "$service" || echo "")" ipv6="$(curl -6 -s -f --connect-timeout 2 "$service" || echo "")" if [[ -n "$ipv4$ipv6" ]]; then break else log::warn "service=$service Failed to retrieve IP address." fi done if [[ -z $ipv4 ]]; then log::warn "type=A IPv4 address wasn't found." else log::info "type=A ip=$ipv4 Found IPv4 address." if healthcheck "$ipv4"; then configure::single "$domain_records" "$CLOUD_REGION" "$ipv4" "A" configure::many "$domain_records" "any" "$ipv4" "A" fi fi if [[ -z $ipv6 ]]; then log::warn "type=AAAA IPv6 address wasn't found." else log::info "type=AAAA ip=$ipv6 Found IPv6 address" if healthcheck "[$ipv6]"; then configure::single "$domain_records" "$CLOUD_REGION" "$ipv6" "AAAA" configure::many "$domain_records" "any" "$ipv6" "AAAA" fi fi log::info "type=A Checking for stale records..." echo "$domain_records" | jq -r ".data[] | select(.type == \"A\" and .name != \"$CLOUD_REGION\") | .id" | while read -r record_id; do record_name=$(echo "$domain_records" | jq -r ".data[] | select(.id == \"$record_id\") | .name") record_ip=$(echo "$domain_records" | jq -r ".data[] | select(.id == \"$record_id\") | .content") log::info "type=A domain=$record_name ip=$record_ip Checking..." if ! healthcheck "$record_ip"; then log::warn "type=A domain=$record_name ip=$record_ip Unhealthy..." dnsimple::record::delete "$record_id" else log::info "type=A domain=$record_name ip=$record_ip Healthy..." fi done log::info "type=AAAA Checking for stale records..." echo "$domain_records" | jq -r ".data[] | select(.type == \"AAAA\" and .name != \"$CLOUD_REGION\") | .id" | while read -r record_id; do record_name=$(echo "$domain_records" | jq -r ".data[] | select(.id == \"$record_id\") | .name") record_ip=$(echo "$domain_records" | jq -r ".data[] | select(.id == \"$record_id\") | .content") log::info "type=AAAA domain=$record_name ip=$record_ip Checking..." if ! healthcheck "[$record_ip]"; then log::warn "type=AAAA domain=$record_name ip=$record_ip Unhealthy..." dnsimple::record::delete "$record_id" else log::info "type=AAAA domain=$record_name ip=$record_ip Healthy..." fi done log::info "Sleeping for $sleep_interval seconds..." sleep "$sleep_interval" done