43e426ab9f
This reverts commit fdcc5d68a2.
Unfortunately, this requires us to move exports to the bottom.
This in turn causes circular dep issues and also access of
exports.GLOBAL_VAR in the global context
221 lines
8.9 KiB
JavaScript
221 lines
8.9 KiB
JavaScript
'use strict';
|
|
|
|
exports = module.exports = {
|
|
removePrivateFields,
|
|
injectPrivateFields,
|
|
upsert,
|
|
get,
|
|
del,
|
|
wait,
|
|
verifyDomainConfig
|
|
};
|
|
|
|
const { ApiClient, Language } = require('domrobot-client'),
|
|
assert = require('node:assert'),
|
|
BoxError = require('../boxerror.js'),
|
|
constants = require('../constants.js'),
|
|
debug = require('debug')('box:dns/inwx'),
|
|
dig = require('../dig.js'),
|
|
dns = require('../dns.js'),
|
|
safe = require('safetydance'),
|
|
waitForDns = require('./waitfordns.js');
|
|
|
|
function formatError(response) {
|
|
return `INWX Api error error [Code: [${response.code}] Message: ${response.msg}`;
|
|
}
|
|
|
|
function removePrivateFields(domainObject) {
|
|
delete domainObject.config.password;
|
|
return domainObject;
|
|
}
|
|
|
|
function injectPrivateFields(newConfig, currentConfig) {
|
|
if (!Object.hasOwn(newConfig, 'password')) newConfig.password = currentConfig.password;
|
|
}
|
|
|
|
// https://www.inwx.com/en/help/apidoc/f/ch04.html
|
|
function translateError(response) {
|
|
if (response.code === 2200 || response.code === 2201 || response.code === 2202) throw new BoxError(BoxError.ACCESS_DENIED, formatError(response));
|
|
if (response.code === 2003 || response.code === 2004 || response.code === 2005) throw new BoxError(BoxError.BAD_FIELD, formatError(response));
|
|
if (response.code !== 1000) throw new BoxError(BoxError.EXTERNAL_ERROR, formatError(response));
|
|
}
|
|
|
|
async function login(domainConfig) {
|
|
const apiClient = new ApiClient(ApiClient.API_URL_LIVE, Language.EN, false /* debug mode */);
|
|
|
|
const sharedSecret = ''; // 2FA
|
|
const [error, response] = await safe(apiClient.login(domainConfig.username, domainConfig.password, sharedSecret));
|
|
if (error) throw new BoxError(BoxError.NETWORK_ERROR, error);
|
|
if (response.code !== 1000) throw new BoxError(BoxError. ACCESS_DENIED, `Api login error. Code: ${response.code} Message: ${response.msg}`);
|
|
|
|
return apiClient;
|
|
}
|
|
|
|
async function getDnsRecords(domainConfig, apiClient, zoneName, fqdn, type) {
|
|
assert.strictEqual(typeof domainConfig, 'object');
|
|
assert.strictEqual(typeof apiClient, 'object');
|
|
assert.strictEqual(typeof zoneName, 'string');
|
|
assert.strictEqual(typeof fqdn, 'string');
|
|
assert.strictEqual(typeof type, 'string');
|
|
|
|
debug(`getDnsRecords: ${fqdn} in zone ${zoneName} of type ${type}`);
|
|
|
|
const [error, response] = await safe(apiClient.callApi('nameserver.info', { domain: zoneName, name: fqdn, type }));
|
|
if (error) throw new BoxError(BoxError.NETWORK_ERROR, error);
|
|
if (response.code !== 1000) throw translateError(response);
|
|
|
|
return response.resData.record || []; // 'record' property will be missing if no records
|
|
}
|
|
|
|
async function upsert(domainObject, location, type, values) {
|
|
assert.strictEqual(typeof domainObject, 'object');
|
|
assert.strictEqual(typeof location, 'string');
|
|
assert.strictEqual(typeof type, 'string');
|
|
assert(Array.isArray(values));
|
|
|
|
const domainConfig = domainObject.config,
|
|
zoneName = domainObject.zoneName;
|
|
|
|
debug(`upsert: ${location} in zone ${zoneName} of type ${type} with values ${JSON.stringify(values)}`);
|
|
|
|
const apiClient = await login(domainConfig);
|
|
const fqdn = dns.fqdn(location, domainObject.domain);
|
|
const records = await getDnsRecords(domainConfig, apiClient, zoneName, fqdn, type);
|
|
|
|
let i = 0; // // used to track available records to update instead of create
|
|
|
|
for (let value of values) {
|
|
let priority = 0;
|
|
|
|
if (type === 'MX') {
|
|
priority = parseInt(value.split(' ')[0], 10);
|
|
value = value.split(' ')[1];
|
|
}
|
|
|
|
if (i >= records.length) { // create a new record
|
|
const data = {
|
|
type,
|
|
name: fqdn,
|
|
domain: zoneName,
|
|
content: value,
|
|
prio: priority,
|
|
ttl: 300 // 300 to 2764800
|
|
};
|
|
const [error, response] = await safe(apiClient.callApi('nameserver.createRecord', data));
|
|
if (error) throw new BoxError(BoxError.NETWORK_ERROR, error);
|
|
if (response.code !== 1000) throw translateError(response);
|
|
} else { // replace existing record
|
|
const data = {
|
|
id: records[i].id,
|
|
type,
|
|
name: fqdn,
|
|
content: value,
|
|
};
|
|
const [error, response] = await safe(apiClient.callApi('nameserver.updateRecord', data));
|
|
if (error) throw new BoxError(BoxError.NETWORK_ERROR, error);
|
|
if (response.code !== 1000) throw translateError(response);
|
|
++i; // increment, as we have consumed the record
|
|
}
|
|
}
|
|
|
|
for (let j = values.length + 1; j < records.length; j++) {
|
|
const [error, response] = await safe(apiClient.callApi('nameserver.deleteRecord', { id: records[j].id }));
|
|
if (error) throw new BoxError(BoxError.NETWORK_ERROR, error);
|
|
if (response.code !== 1000) throw translateError(response);
|
|
}
|
|
}
|
|
|
|
async function get(domainObject, location, type) {
|
|
assert.strictEqual(typeof domainObject, 'object');
|
|
assert.strictEqual(typeof location, 'string');
|
|
assert.strictEqual(typeof type, 'string');
|
|
|
|
const domainConfig = domainObject.config,
|
|
zoneName = domainObject.zoneName;
|
|
|
|
const apiClient = await login(domainConfig);
|
|
const fqdn = dns.fqdn(location, domainObject.domain);
|
|
const result = await getDnsRecords(domainConfig, apiClient, zoneName, fqdn, type);
|
|
const tmp = result.map(function (record) { return record.content; });
|
|
return tmp;
|
|
}
|
|
|
|
async function del(domainObject, location, type, values) {
|
|
assert.strictEqual(typeof domainObject, 'object');
|
|
assert.strictEqual(typeof location, 'string');
|
|
assert.strictEqual(typeof type, 'string');
|
|
assert(Array.isArray(values));
|
|
|
|
const domainConfig = domainObject.config,
|
|
zoneName = domainObject.zoneName;
|
|
|
|
debug(`del: ${location} in zone ${zoneName} of type ${type} with values ${JSON.stringify(values)}`);
|
|
|
|
const apiClient = await login(domainConfig);
|
|
const fqdn = dns.fqdn(location, domainObject.domain);
|
|
const result = await getDnsRecords(domainConfig, apiClient, zoneName, fqdn, type);
|
|
if (result.length === 0) return;
|
|
|
|
const tmp = result.filter(function (record) { return values.some(function (value) { return value === record.content; }); });
|
|
debug('del: %j', tmp);
|
|
|
|
for (const r of tmp) {
|
|
const [error, response] = await safe(apiClient.callApi('nameserver.deleteRecord', { id: r.id }));
|
|
if (error) throw new BoxError(BoxError.NETWORK_ERROR, error);
|
|
if (response.code !== 1000) throw translateError(response);
|
|
}
|
|
}
|
|
|
|
async function wait(domainObject, subdomain, type, value, options) {
|
|
assert.strictEqual(typeof domainObject, 'object');
|
|
assert.strictEqual(typeof subdomain, 'string');
|
|
assert.strictEqual(typeof type, 'string');
|
|
assert.strictEqual(typeof value, 'string');
|
|
assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 }
|
|
|
|
const fqdn = dns.fqdn(subdomain, domainObject.domain);
|
|
|
|
await waitForDns(fqdn, domainObject.zoneName, type, value, options);
|
|
}
|
|
|
|
async function verifyDomainConfig(domainObject) {
|
|
assert.strictEqual(typeof domainObject, 'object');
|
|
|
|
const domainConfig = domainObject.config,
|
|
zoneName = domainObject.zoneName;
|
|
|
|
if (typeof domainConfig.username !== 'string') throw new BoxError(BoxError.BAD_FIELD, 'username must be a string');
|
|
if (typeof domainConfig.password !== 'string') throw new BoxError(BoxError.BAD_FIELD, 'password must be a string');
|
|
if ('customNameservers' in domainConfig && typeof domainConfig.customNameservers !== 'boolean') throw new BoxError(BoxError.BAD_FIELD, 'customNameservers must be a boolean');
|
|
|
|
const credentials = {
|
|
username: domainConfig.username,
|
|
password: domainConfig.password,
|
|
customNameservers: !!domainConfig.customNameservers
|
|
};
|
|
|
|
const ip = '127.0.0.1';
|
|
|
|
if (constants.TEST) return credentials; // this shouldn't be here
|
|
|
|
const [error, nameservers] = await safe(dig.resolve(zoneName, 'NS', { timeout: 5000 }));
|
|
if (error && error.code === 'ENOTFOUND') throw new BoxError(BoxError.BAD_FIELD, 'Unable to resolve nameservers for this domain');
|
|
if (error || !nameservers) throw new BoxError(BoxError.BAD_FIELD, error ? error.message : 'Unable to get nameservers');
|
|
|
|
if (!nameservers.every(function (n) { return n.toLowerCase().search(/inwx|xnameserver|domrobot/) !== -1; })) {
|
|
debug('verifyDomainConfig: %j does not contain INWX NS', nameservers);
|
|
if (!domainConfig.customNameservers) throw new BoxError(BoxError.BAD_FIELD, 'Domain nameservers are not set to INWX');
|
|
}
|
|
|
|
const location = 'cloudrontestdns';
|
|
|
|
await upsert(domainObject, location, 'A', [ ip ]);
|
|
debug('verifyDomainConfig: Test A record added');
|
|
|
|
await del(domainObject, location, 'A', [ ip ]);
|
|
debug('verifyDomainConfig: Test A record removed again');
|
|
|
|
return credentials;
|
|
}
|
|
|