222 lines
6.8 KiB
Bash
Executable file
222 lines
6.8 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
# vim: set filetype=sh
|
|
set -euo pipefail
|
|
|
|
api_host="https://api.dnsimple.com/v2"
|
|
sleep_interval=${SLEEP_INTERVAL:-300}
|
|
record_ttl=${RECORD_TTL:-600}
|
|
destructive=${DESTRUCTIVE:-false}
|
|
|
|
# Only services with ipv6 supported are listed here.
|
|
# And are not using cloudflare or similar services
|
|
# that may block requests from this script.
|
|
services=(
|
|
"ifconfig.io"
|
|
)
|
|
|
|
log::debug() {
|
|
echo "level=DEBUG $1"
|
|
}
|
|
|
|
log::info() {
|
|
echo "level=INFO $1"
|
|
}
|
|
|
|
log::warn() {
|
|
echo "level=WARN $1"
|
|
}
|
|
|
|
log:error() {
|
|
echo "level=ERROR $1"
|
|
exit 1
|
|
}
|
|
|
|
test -z "${DNSIMPLE_TOKEN}" && log:error "DNSIMPLE_TOKEN not set!"
|
|
test -z "${DNSIMPLE_ACCOUNT_ID}" && log:error "DNSIMPLE_ACCOUNT_ID not set!"
|
|
test -z "${DOMAIN}" && log:error "DOMAIN not set!"
|
|
test -z "${CLOUD_REGION}" && log:error "CLOUD_REGION not set!"
|
|
|
|
base_zone_url="$api_host/$DNSIMPLE_ACCOUNT_ID/zones/$DOMAIN/records"
|
|
|
|
dnsimple::record::list() {
|
|
curl -s -X GET \
|
|
-H "Content-Type: application/json" \
|
|
-H "Authorization: Bearer $DNSIMPLE_TOKEN" \
|
|
"$base_zone_url"
|
|
}
|
|
|
|
dnsimple::record::create() {
|
|
local data="$1"
|
|
|
|
curl -s -X POST \
|
|
-H "Content-Type: application/json" \
|
|
-H "Authorization: Bearer $DNSIMPLE_TOKEN" \
|
|
-d "$data" \
|
|
"$base_zone_url"
|
|
}
|
|
|
|
dnsimple::record::update() {
|
|
local record="$1"
|
|
local data="$2"
|
|
|
|
curl -s -X PATCH \
|
|
-H "Content-Type: application/json" \
|
|
-H "Authorization: Bearer $DNSIMPLE_TOKEN" \
|
|
-d "$data" \
|
|
"$base_zone_url/$record" &>/dev/null
|
|
}
|
|
|
|
dnsimple::record::delete() {
|
|
local record="$1"
|
|
|
|
if [[ "$destructive" == "false" ]]; then
|
|
log::warn "record=$record Record deletion is disabled. Set DESTRUCTIVE=true to enable."
|
|
return
|
|
fi
|
|
|
|
curl -s -X DELETE \
|
|
-H "Content-Type: application/json" \
|
|
-H "Authorization: Bearer $DNSIMPLE_TOKEN" \
|
|
"$base_zone_url/$record" &>/dev/null
|
|
|
|
}
|
|
|
|
configure::single() {
|
|
# disable glob expansion
|
|
set -f
|
|
|
|
domain_records=$1
|
|
domain=$2
|
|
ip=$3
|
|
type=$4
|
|
|
|
record_id=$(echo "$domain_records" | jq ".data[] | select(.type == \"$type\" and .name == \"$domain\") | .id")
|
|
record_data=$(echo "$domain_records" | jq -r ".data[] | select(.type == \"$type\" and .name == \"$domain\") | .content")
|
|
|
|
if [ "$(echo "$record_id" | wc -l)" -ge 2 ]; then
|
|
log::warn "domain=$domain type=$type Domain name has duplicate DNS records, removing duplicates."
|
|
record_id_to_delete=$(echo "$record_id" | tail -n +2)
|
|
record_id=$(echo "$record_id" | head -1)
|
|
record_data=$(echo "$record_data" | head -1)
|
|
|
|
while IFS= read -r line; do
|
|
log::warn "domain=$domain type=$type record=$line Deleting record"
|
|
dnsimple::record::delete "$line"
|
|
done <<<"$record_id_to_delete"
|
|
fi
|
|
|
|
# re-enable glob expansion
|
|
set +f
|
|
|
|
data="{\"type\": \"$type\", \"name\": \"$domain\", \"content\": \"$ip\", \"ttl\": $record_ttl}"
|
|
|
|
if [[ -z $record_id ]]; then
|
|
log::info "domain=$domain type=$type No record found. Creating record."
|
|
dnsimple::record::create "$data"
|
|
elif [[ "$ip" != "$record_data" ]]; then
|
|
log::info "domain=$domain type=$type Existing DNS record address ($record_data) doesn't match current IP ($ip)"
|
|
dnsimple::record::update "$record_id" "$data"
|
|
else
|
|
log::info "domain=$domain type=$type Existing DNS record address ($record_data) did not need updating"
|
|
fi
|
|
}
|
|
|
|
configure::many() {
|
|
domain_records=$1
|
|
domain=$2
|
|
ip=$3
|
|
type=$4
|
|
|
|
record_id=$(echo "$domain_records" | jq ".data[] | select(.type == \"$type\" and .name == \"$domain\" and .content == \"$ip\") | .id")
|
|
record_data=$(echo "$domain_records" | jq ".data[] | select(.type == \"$type\" and .name == \"$domain\" and .content == \"$ip\") | .content")
|
|
|
|
data="{\"type\": \"$type\", \"name\": \"$domain\", \"content\": \"$ip\", \"ttl\": $record_ttl}"
|
|
|
|
if [[ -z $record_id ]]; then
|
|
log::info "domain=$domain type=$type No record found. Creating record."
|
|
dnsimple::record::create "$data"
|
|
else
|
|
log::info "domain=$domain type=$type Existing DNS record address ($record_data) did not need updating."
|
|
fi
|
|
}
|
|
|
|
healthcheck() {
|
|
local ip="$1"
|
|
|
|
code=$(curl -s -o /dev/null -I -w '%{http_code}' "http://$ip:1337/healthz" || echo "")
|
|
|
|
if [[ "$code" != "200" ]]; then
|
|
log::warn "ip=$ip code=$code Healthcheck failed."
|
|
return 1
|
|
fi
|
|
|
|
log::info "ip=$ip code=$code Healthcheck passed."
|
|
return 0
|
|
}
|
|
|
|
while (true); do
|
|
domain_records=$(dnsimple::record::list)
|
|
log::debug "domain_records=$domain_records"
|
|
|
|
for service in "${services[@]}"; do
|
|
log::info "service=$service Discovering public IP address..."
|
|
|
|
ipv4="$(curl -4 -s -f --connect-timeout 2 "$service" || echo "")"
|
|
ipv6="$(curl -6 -s -f --connect-timeout 2 "$service" || echo "")"
|
|
|
|
if [[ -n "$ipv4$ipv6" ]]; then
|
|
break
|
|
else
|
|
log::warn "service=$service Failed to retrieve IP address."
|
|
fi
|
|
done
|
|
|
|
if [[ -z $ipv4 ]]; then
|
|
log::warn "type=A IPv4 address wasn't found."
|
|
else
|
|
log::info "type=A ip=$ipv4 Found IPv4 address."
|
|
if healthcheck "$ipv4"; then
|
|
configure::single "$domain_records" "$CLOUD_REGION" "$ipv4" "A"
|
|
configure::many "$domain_records" "any" "$ipv4" "A"
|
|
fi
|
|
fi
|
|
|
|
if [[ -z $ipv6 ]]; then
|
|
log::warn "type=AAAA IPv6 address wasn't found."
|
|
else
|
|
log::info "type=AAAA ip=$ipv6 Found IPv6 address"
|
|
if healthcheck "[$ipv6]"; then
|
|
configure::single "$domain_records" "$CLOUD_REGION" "$ipv6" "AAAA"
|
|
configure::many "$domain_records" "any" "$ipv6" "AAAA"
|
|
fi
|
|
fi
|
|
|
|
log::info "type=A Checking for stale records..."
|
|
echo "$domain_records" | jq -r ".data[] | select(.type == \"A\" and .name != \"$CLOUD_REGION\") | .id" | while read -r record_id; do
|
|
record_name=$(echo "$domain_records" | jq -r ".data[] | select(.id == \"$record_id\") | .name")
|
|
record_ip=$(echo "$domain_records" | jq -r ".data[] | select(.id == \"$record_id\") | .content")
|
|
log::info "type=A domain=$record_name ip=$record_ip Checking..."
|
|
if ! healthcheck "$record_ip"; then
|
|
log::warn "type=A domain=$record_name ip=$record_ip Unhealthy..."
|
|
dnsimple::record::delete "$record_id"
|
|
else
|
|
log::info "type=A domain=$record_name ip=$record_ip Healthy..."
|
|
fi
|
|
done
|
|
|
|
log::info "type=AAAA Checking for stale records..."
|
|
echo "$domain_records" | jq -r ".data[] | select(.type == \"AAAA\" and .name != \"$CLOUD_REGION\") | .id" | while read -r record_id; do
|
|
record_name=$(echo "$domain_records" | jq -r ".data[] | select(.id == \"$record_id\") | .name")
|
|
record_ip=$(echo "$domain_records" | jq -r ".data[] | select(.id == \"$record_id\") | .content")
|
|
log::info "type=AAAA domain=$record_name ip=$record_ip Checking..."
|
|
if ! healthcheck "[$record_ip]"; then
|
|
log::warn "type=AAAA domain=$record_name ip=$record_ip Unhealthy..."
|
|
dnsimple::record::delete "$record_id"
|
|
else
|
|
log::info "type=AAAA domain=$record_name ip=$record_ip Healthy..."
|
|
fi
|
|
done
|
|
|
|
log::info "Sleeping for $sleep_interval seconds..."
|
|
sleep "$sleep_interval"
|
|
done
|