From 9ef6fc35f5c145162e6cd919075f56baa94d67d9 Mon Sep 17 00:00:00 2001 From: m5r Date: Tue, 12 Dec 2023 22:25:39 +0100 Subject: [PATCH] housekeeping --- Dockerfile | 6 +++--- certs/account.go | 10 +++++++++- certs/certs.go | 2 +- certs/config.go | 10 ++++++---- fly.toml | 52 ++++++++++++++++++++++++++++++++++-------------- go.mod | 20 ++++++++++--------- go.sum | 14 +++++++++++++ main.go | 4 ++-- xip/xip.go | 14 ++++++------- 9 files changed, 90 insertions(+), 42 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0a7f76d..3d6c462 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.19-alpine AS build +FROM golang:1.21-alpine AS build WORKDIR /app COPY . . @@ -6,7 +6,7 @@ COPY . . RUN go mod download RUN CGO_ENABLED=0 go build -o /app/local-ip -FROM gcr.io/distroless/base-debian11 +FROM gcr.io/distroless/base-debian12:latest ENV PORT 53 @@ -18,4 +18,4 @@ COPY ./.lego /.lego EXPOSE $PORT USER root -CMD ["/local-ip"] \ No newline at end of file +CMD ["/local-ip"] diff --git a/certs/account.go b/certs/account.go index 40af6c6..ecb5942 100644 --- a/certs/account.go +++ b/certs/account.go @@ -18,17 +18,19 @@ import ( ) type Account struct { - Email string Registration *registration.Resource key *ecdsa.PrivateKey + Email string } func (u *Account) GetEmail() string { return u.Email } + func (u *Account) GetRegistration() *registration.Resource { return u.Registration } + func (u *Account) GetPrivateKey() crypto.PrivateKey { return u.key } @@ -71,8 +73,14 @@ func RegisterAccount() { config := lego.NewConfig(account) config.CADirURL = caDirUrl legoClient, err := lego.NewClient(config) + if err != nil { + log.Fatal(err) + } reg, err := legoClient.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true}) + if err != nil { + log.Fatal(err) + } if reg.Body.Status != "valid" { log.Fatalf("registration failed with status %s", reg.Body.Status) } diff --git a/certs/certs.go b/certs/certs.go index e14e126..4aeca48 100644 --- a/certs/certs.go +++ b/certs/certs.go @@ -105,7 +105,7 @@ func getLastCertificate(legoClient *lego.Client) *certificate.Resource { return nil } - var lastCertificate = &certificate.Resource{} + lastCertificate := &certificate.Resource{} err = json.Unmarshal(jsonBytes, lastCertificate) if err != nil { log.Println(err) diff --git a/certs/config.go b/certs/config.go index ebba381..ab4033d 100644 --- a/certs/config.go +++ b/certs/config.go @@ -12,7 +12,9 @@ const ( caDirUrl = lego.LEDirectoryProduction ) -var parsedCaDirUrl, _ = url.Parse(caDirUrl) -var caDirHostname = parsedCaDirUrl.Hostname() -var accountFilePath = fmt.Sprintf("./.lego/accounts/%s/%s/account.json", caDirHostname, email) -var keyFilePath = fmt.Sprintf("./.lego/accounts/%s/%s/keys/%s.key", caDirHostname, email, email) +var ( + parsedCaDirUrl, _ = url.Parse(caDirUrl) + caDirHostname = parsedCaDirUrl.Hostname() + accountFilePath = fmt.Sprintf("./.lego/accounts/%s/%s/account.json", caDirHostname, email) + keyFilePath = fmt.Sprintf("./.lego/accounts/%s/%s/keys/%s.key", caDirHostname, email, email) +) diff --git a/fly.toml b/fly.toml index 3f33db2..d6380e8 100644 --- a/fly.toml +++ b/fly.toml @@ -1,22 +1,44 @@ -app = "local-ip" -kill_signal = "SIGINT" -kill_timeout = 5 -processes = [] +# fly.toml app configuration file generated for local-ip-ancient-glade-4376 on 2023-11-29T11:43:10+01:00 +# +# See https://fly.io/docs/reference/configuration/ for information about how to use this file. +# -[env] - PORT = "53" +app = "local-ip" +primary_region = "ams" +kill_signal = "SIGINT" +kill_timeout = "5s" [experimental] - allowed_public_ports = [] - auto_rollback = true +auto_rollback = true -[[services]] - internal_port = 53 - protocol = "udp" +[build] - [[services.ports]] - port = "53" +[env] +PORT = "53" [mounts] - source="certs" - destination="/certs" \ No newline at end of file +source = "certs" +destination = "/certs" + +[http_service] +internal_port = 53 +force_https = true +auto_stop_machines = false +auto_start_machines = true +min_machines_running = 0 +processes = ["app"] + +[[services]] +protocol = "udp" +internal_port = 53 +auto_stop_machines = false +auto_start_machines = true +min_machines_running = 0 + +[[services.ports]] +port = 53 + +[[vm]] +cpu_kind = "shared" +cpus = 1 +memory_mb = 256 diff --git a/go.mod b/go.mod index 3a023eb..9204736 100644 --- a/go.mod +++ b/go.mod @@ -1,18 +1,20 @@ module local-ip.sh -go 1.19 +go 1.21 -require github.com/miekg/dns v1.1.50 +require ( + github.com/go-acme/lego/v4 v4.10.1 + github.com/miekg/dns v1.1.57 +) require ( github.com/cenkalti/backoff/v4 v4.2.0 // indirect - github.com/go-acme/lego/v4 v4.10.1 // indirect github.com/go-jose/go-jose/v3 v3.0.0 // indirect - golang.org/x/crypto v0.5.0 // indirect - golang.org/x/mod v0.8.0 // indirect - golang.org/x/net v0.7.0 // indirect - golang.org/x/sys v0.5.0 // indirect - golang.org/x/text v0.7.0 // indirect - golang.org/x/tools v0.6.0 // indirect + golang.org/x/crypto v0.14.0 // indirect + golang.org/x/mod v0.12.0 // indirect + golang.org/x/net v0.17.0 // indirect + golang.org/x/sys v0.13.0 // indirect + golang.org/x/text v0.13.0 // indirect + golang.org/x/tools v0.13.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect ) diff --git a/go.sum b/go.sum index c241300..af696d9 100644 --- a/go.sum +++ b/go.sum @@ -8,6 +8,8 @@ github.com/go-jose/go-jose/v3 v3.0.0/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxF github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/miekg/dns v1.1.50 h1:DQUfb9uc6smULcREF09Uc+/Gd46YWqJd5DbpPE9xkcA= github.com/miekg/dns v1.1.50/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= +github.com/miekg/dns v1.1.57 h1:Jzi7ApEIzwEPLHWRcafCN9LZSBbqQpxjt/wpgvg7wcM= +github.com/miekg/dns v1.1.57/go.mod h1:uqRjCRUuEAA6qsOiJvDd+CFo/vW+y5WR6SNmHE55hZk= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= @@ -17,10 +19,14 @@ golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.5.0 h1:U/0M97KRkSFvyD/3FSmdP5W5swImpNgle/EHFhOsQPE= golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU= +golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= +golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.8.0 h1:LUYupSeNrTNCGzR/hVBk2NHZO4hXcVaW1k4Qx7rjPx8= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= +golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= @@ -28,6 +34,8 @@ golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985 h1:4CSI6oo7cOjJKajidEljs9h+u golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -40,12 +48,16 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c h1:F1jZWGFhYfh0Ci55sIpILtKKK golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2 h1:BonxutuHCTL0rBDnZlKjpGIQFTjyUVTexFOdWkB6Fg0= @@ -54,6 +66,8 @@ golang.org/x/tools v0.1.12 h1:VveCTK38A2rkS8ZqFY25HIDFscX5X9OoEhJd3quQmXU= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= +golang.org/x/tools v0.13.0 h1:Iey4qkscZuv0VvIt8E0neZjtPVQFSc870HQ448QgEmQ= +golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/main.go b/main.go index c48de34..a495d97 100644 --- a/main.go +++ b/main.go @@ -28,8 +28,8 @@ func main() { certsClient.RequestCertificate() for { - // renew certificate every month - time.Sleep(30 * 24 * time.Hour) + // try to renew certificate every day + time.Sleep(24 * time.Hour) certsClient.RequestCertificate() } }() diff --git a/xip/xip.go b/xip/xip.go index 5811185..f81bc6d 100644 --- a/xip/xip.go +++ b/xip/xip.go @@ -1,11 +1,11 @@ package xip import ( + "fmt" "log" "net" "os" "regexp" - "strconv" "strings" "time" @@ -14,8 +14,8 @@ import ( type Xip struct { server dns.Server - nameServers []*dns.NS zone string + nameServers []*dns.NS } type HardcodedRecord struct { @@ -34,18 +34,18 @@ var ( "ns.local-ip.sh.": { // record holding ip addresses of ns1 and ns2 A: []*dns.A{ - {A: net.IPv4(137, 66, 38, 214)}, - {A: net.IPv4(213, 188, 206, 3)}, + {A: net.IPv4(137, 66, 25, 53)}, + {A: net.IPv4(188, 93, 146, 54)}, }, }, "ns1.local-ip.sh.": { A: []*dns.A{ - {A: net.IPv4(137, 66, 38, 214)}, // fly.io global ip address + {A: net.IPv4(137, 66, 25, 53)}, // fly.io global ip address }, }, "ns2.local-ip.sh.": { A: []*dns.A{ - {A: net.IPv4(213, 188, 206, 3)}, // fly.io singaporean ip address + {A: net.IPv4(188, 93, 146, 54)}, // fly.io global ip address #2 }, }, "local-ip.sh.": { @@ -397,7 +397,7 @@ func NewXip(zone string, nameservers []string, port int) (xip *Xip) { } xip.server = dns.Server{ - Addr: ":" + strconv.Itoa(port), + Addr: fmt.Sprintf("fly-global-services:%d", port), Net: "udp", }