228 lines
6.5 KiB
Bash
Executable file
228 lines
6.5 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
# vim: set filetype=sh
|
|
set -euo pipefail
|
|
|
|
api_host="https://api.dnsimple.com/v2"
|
|
sleep_interval=${SLEEP_INTERVAL:-300}
|
|
record_ttl=${RECORD_TTL:-600}
|
|
destructive=${DESTRUCTIVE:-false}
|
|
|
|
# Only services with ipv6 supported are listed here.
|
|
# And are not using cloudflare or similar services
|
|
# that may block requests from this script.
|
|
services=(
|
|
"ifconfig.io"
|
|
)
|
|
|
|
debug() {
|
|
echo "DEBUG: $1"
|
|
}
|
|
|
|
info() {
|
|
echo "INFO: $1"
|
|
}
|
|
|
|
warn() {
|
|
echo "WARN: $1"
|
|
}
|
|
|
|
error() {
|
|
warn "$1"
|
|
exit 1
|
|
}
|
|
|
|
test -z "${DNSIMPLE_TOKEN}" && error "DNSIMPLE_TOKEN not set!"
|
|
test -z "${DNSIMPLE_ACCOUNT_ID}" && error "DNSIMPLE_ACCOUNT_ID not set!"
|
|
test -z "${DOMAIN}" && error "DOMAIN not set!"
|
|
test -z "${CLOUD_REGION}" && error "CLOUD_REGION not set!"
|
|
|
|
base_zone_url="$api_host/$DNSIMPLE_ACCOUNT_ID/zones/$DOMAIN/records"
|
|
|
|
dnsimple_list_record() {
|
|
curl -s -X GET \
|
|
-H "Content-Type: application/json" \
|
|
-H "Authorization: Bearer $DNSIMPLE_TOKEN" \
|
|
"$base_zone_url"
|
|
}
|
|
|
|
dnsimple_create_record() {
|
|
local data="$1"
|
|
|
|
curl -s -X POST \
|
|
-H "Content-Type: application/json" \
|
|
-H "Authorization: Bearer $DNSIMPLE_TOKEN" \
|
|
-d "$data" \
|
|
"$base_zone_url"
|
|
}
|
|
|
|
dnsimple_update_record() {
|
|
local record="$1"
|
|
local data="$2"
|
|
|
|
curl -s -X PATCH \
|
|
-H "Content-Type: application/json" \
|
|
-H "Authorization: Bearer $DNSIMPLE_TOKEN" \
|
|
-d "$data" \
|
|
"$base_zone_url/$record" &>/dev/null
|
|
}
|
|
|
|
dnsimeple_delete_record() {
|
|
local record="$1"
|
|
|
|
if [[ "$destructive" == "false" ]]; then
|
|
warn "record=$record Record deletion is disabled. Set DESTRUCTIVE=true to enable."
|
|
return
|
|
fi
|
|
|
|
curl -s -X DELETE \
|
|
-H "Content-Type: application/json" \
|
|
-H "Authorization: Bearer $DNSIMPLE_TOKEN" \
|
|
"$base_zone_url/$record" &>/dev/null
|
|
|
|
}
|
|
|
|
configure_single() {
|
|
# disable glob expansion
|
|
set -f
|
|
|
|
domain_records=$1
|
|
domain=$2
|
|
ip=$3
|
|
type=$4
|
|
|
|
record_id=$(echo "$domain_records" | jq ".data[] | select(.type == \"$type\" and .name == \"$domain\") | .id")
|
|
record_data=$(echo "$domain_records" | jq -r ".data[] | select(.type == \"$type\" and .name == \"$domain\") | .content")
|
|
|
|
if [ "$(echo "$record_id" | wc -l)" -ge 2 ]; then
|
|
warn "domain=$domain type=$type Domain name has duplicate DNS records, removing duplicates."
|
|
record_id_to_delete=$(echo "$record_id" | tail -n +2)
|
|
record_id=$(echo "$record_id" | head -1)
|
|
record_data=$(echo "$record_data" | head -1)
|
|
|
|
while IFS= read -r line; do
|
|
warn "domain=$domain type=$type record=$line Deleting record"
|
|
dnsimeple_delete_record "$line"
|
|
done <<<"$record_id_to_delete"
|
|
fi
|
|
|
|
# re-enable glob expansion
|
|
set +f
|
|
|
|
data="{\"type\": \"$type\", \"name\": \"$domain\", \"content\": \"$ip\", \"ttl\": $record_ttl}"
|
|
|
|
if [[ -z $record_id ]]; then
|
|
info "domain=$domain type=$type No record found. Creating record."
|
|
dnsimple_create_record "$data"
|
|
elif [[ "$ip" != "$record_data" ]]; then
|
|
info "domain=$domain type=$type Existing DNS record address ($record_data) doesn't match current IP ($ip)"
|
|
dnsimple_update_record "$record_id" "$data"
|
|
else
|
|
info "domain=$domain type=$type Existing DNS record address ($record_data) did not need updating"
|
|
fi
|
|
}
|
|
|
|
configure_many() {
|
|
# disable glob expansion
|
|
set -f
|
|
|
|
domain_records=$1
|
|
domain=$2
|
|
ip=$3
|
|
type=$4
|
|
|
|
record_id=$(echo "$domain_records" | jq ".data[] | select(.type == \"$type\" and .name == \"$domain\" and .content == \"$ip\") | .id")
|
|
record_data=$(echo "$domain_records" | jq ".data[] | select(.type == \"$type\" and .name == \"$domain\" and .content == \"$ip\") | .content")
|
|
|
|
# re-enable glob expansion
|
|
set +f
|
|
|
|
data="{\"type\": \"$type\", \"name\": \"$domain\", \"content\": \"$ip\", \"ttl\": $record_ttl}"
|
|
|
|
if [[ -z $record_id ]]; then
|
|
info "domain=$domain type=$type No record found. Creating record."
|
|
dnsimple_create_record "$data"
|
|
else
|
|
info "domain=$domain type=$type Existing DNS record address ($record_data) did not need updating."
|
|
fi
|
|
}
|
|
|
|
healthcheck() {
|
|
local ip="$1"
|
|
|
|
code=$(curl -s -o /dev/null -I -w '%{http_code}' "http://$ip:1337/healthz" || echo "")
|
|
|
|
if [[ "$code" != "200" ]]; then
|
|
warn "ip=$ip code=$code Healthcheck failed."
|
|
return 1
|
|
fi
|
|
|
|
info "ip=$ip code=$code Healthcheck passed."
|
|
return 0
|
|
}
|
|
|
|
while (true); do
|
|
domain_records=$(dnsimple_list_record)
|
|
debug "domain_records=$domain_records"
|
|
|
|
for service in "${services[@]}"; do
|
|
info "service=$service Discovering public IP address..."
|
|
|
|
ipv4="$(curl -4 -s -f --connect-timeout 2 "$service" || echo "")"
|
|
ipv6="$(curl -6 -s -f --connect-timeout 2 "$service" || echo "")"
|
|
|
|
if [[ -n "$ipv4$ipv6" ]]; then
|
|
break
|
|
else
|
|
warn "service=$service Failed to retrieve IP address."
|
|
fi
|
|
done
|
|
|
|
if [[ -z $ipv4 ]]; then
|
|
warn "IPv4 address wasn't found."
|
|
else
|
|
info "Found IPv4 address $ipv4"
|
|
if healthcheck "$ipv4"; then
|
|
configure_single "$domain_records" "$CLOUD_REGION" "$ipv4" "A"
|
|
configure_many "$domain_records" "any" "$ipv4" "A"
|
|
fi
|
|
fi
|
|
|
|
if [[ -z $ipv6 ]]; then
|
|
warn "IPv6 address wasn't found."
|
|
else
|
|
info "Found IPv6 address $ipv6"
|
|
if healthcheck "[$ipv6]"; then
|
|
configure_single "$domain_records" "$CLOUD_REGION" "$ipv6" "AAAA"
|
|
configure_many "$domain_records" "any" "$ipv6" "AAAA"
|
|
fi
|
|
fi
|
|
|
|
info "type=A Checking for stale records..."
|
|
for domain in $(echo "$domain_records" | jq -r ".data[] | select(.type == "A" and .name != "$CLOUD_REGION") | .name"); do
|
|
info "type=A domain=$domain Checking..."
|
|
record_id=$(echo "$domain_records" | jq -r ".data[] | select(.name == \"$domain\") | .id")
|
|
record_ip=$(echo "$domain_records" | jq -r ".data[] | select(.name == \"$domain\") | .content")
|
|
if ! healthcheck "$record_ip"; then
|
|
warn "type=A domain=$domain Unhealthy..."
|
|
dnsimeple_delete_record "$record_id"
|
|
else
|
|
info "type=A domain=$domain Healthy..."
|
|
fi
|
|
done
|
|
|
|
info "type=AAAA Checking for stale records..."
|
|
for domain in $(echo "$domain_records" | jq -r ".data[] | select(.type == "AAAA" and .name != "$CLOUD_REGION") | .name"); do
|
|
info "type=AAAA domain=$domain Checking..."
|
|
record_id=$(echo "$domain_records" | jq -r ".data[] | select(.name == \"$domain\") | .id")
|
|
record_ip=$(echo "$domain_records" | jq -r ".data[] | select(.name == \"$domain\") | .content")
|
|
if ! healthcheck "$record_ip"; then
|
|
warn "type=AAAA domain=$domain Unhealthy."
|
|
dnsimeple_delete_record "[$record_id]"
|
|
else
|
|
info "type=AAAA domain=$domain Healthy."
|
|
fi
|
|
done
|
|
|
|
info "Sleeping for $sleep_interval seconds..."
|
|
sleep "$sleep_interval"
|
|
done
|