311 lines
13 KiB
JavaScript
311 lines
13 KiB
JavaScript
'use strict';
|
|
|
|
exports = module.exports = {
|
|
removePrivateFields: removePrivateFields,
|
|
injectPrivateFields: injectPrivateFields,
|
|
upsert: upsert,
|
|
get: get,
|
|
del: del,
|
|
wait: wait,
|
|
verifyDnsConfig: verifyDnsConfig
|
|
};
|
|
|
|
let async = require('async'),
|
|
assert = require('assert'),
|
|
constants = require('../constants.js'),
|
|
BoxError = require('../boxerror.js'),
|
|
debug = require('debug')('box:dns/linode'),
|
|
dns = require('../native-dns.js'),
|
|
domains = require('../domains.js'),
|
|
superagent = require('superagent'),
|
|
util = require('util'),
|
|
waitForDns = require('./waitfordns.js');
|
|
|
|
const LINODE_ENDPOINT = 'https://api.linode.com/v4';
|
|
|
|
function formatError(response) {
|
|
return util.format('Linode DNS error [%s] %j', response.statusCode, response.body);
|
|
}
|
|
|
|
function removePrivateFields(domainObject) {
|
|
domainObject.config.token = constants.SECRET_PLACEHOLDER;
|
|
return domainObject;
|
|
}
|
|
|
|
function injectPrivateFields(newConfig, currentConfig) {
|
|
if (newConfig.token === constants.SECRET_PLACEHOLDER) newConfig.token = currentConfig.token;
|
|
}
|
|
|
|
function getZoneId(dnsConfig, zoneName, callback) {
|
|
assert.strictEqual(typeof dnsConfig, 'object');
|
|
assert.strictEqual(typeof zoneName, 'string');
|
|
assert.strictEqual(typeof callback, 'function');
|
|
|
|
// returns 100 at a time
|
|
superagent.get(`${LINODE_ENDPOINT}/domains`)
|
|
.set('Authorization', 'Bearer ' + dnsConfig.token)
|
|
.timeout(30 * 1000)
|
|
.retry(5)
|
|
.end(function (error, result) {
|
|
if (error && !error.response) return callback(new BoxError(BoxError.NETWORK_ERROR, error.message));
|
|
if (result.statusCode === 403 || result.statusCode === 401) return callback(new BoxError(BoxError.ACCESS_DENIED, formatError(result)));
|
|
if (result.statusCode !== 200) return callback(new BoxError(BoxError.EXTERNAL_ERROR, formatError(result)));
|
|
|
|
if (!Array.isArray(result.body.data)) return callback(new BoxError(BoxError.EXTERNAL_ERROR, 'Invalid response'));
|
|
|
|
const zone = result.body.data.find(d => d.domain === zoneName);
|
|
|
|
if (!zone || !zone.id) return callback(new BoxError(BoxError.NOT_FOUND, 'Zone not found'));
|
|
|
|
debug(`getZoneId: zone id of ${zoneName} is ${zone.id}`);
|
|
|
|
callback(null, zone.id);
|
|
});
|
|
}
|
|
|
|
function getZoneRecords(dnsConfig, zoneName, name, type, callback) {
|
|
assert.strictEqual(typeof dnsConfig, 'object');
|
|
assert.strictEqual(typeof zoneName, 'string');
|
|
assert.strictEqual(typeof name, 'string');
|
|
assert.strictEqual(typeof type, 'string');
|
|
assert.strictEqual(typeof callback, 'function');
|
|
|
|
debug(`getInternal: getting dns records of ${zoneName} with ${name} and type ${type}`);
|
|
|
|
getZoneId(dnsConfig, zoneName, function (error, zoneId) {
|
|
if (error) return callback(error);
|
|
|
|
let page = 0, more = false;
|
|
let records = [];
|
|
|
|
async.doWhilst(function (iteratorDone) {
|
|
const url = `${LINODE_ENDPOINT}/domains/${zoneId}/records?page=${++page}`;
|
|
|
|
superagent.get(url)
|
|
.set('Authorization', 'Bearer ' + dnsConfig.token)
|
|
.timeout(30 * 1000)
|
|
.retry(5)
|
|
.end(function (error, result) {
|
|
if (error && !error.response) return iteratorDone(new BoxError(BoxError.NETWORK_ERROR, error.message));
|
|
if (result.statusCode === 404) return iteratorDone(new BoxError(BoxError.NOT_FOUND, formatError(result)));
|
|
if (result.statusCode === 403 || result.statusCode === 401) return iteratorDone(new BoxError(BoxError.ACCESS_DENIED, formatError(result)));
|
|
if (result.statusCode !== 200) return iteratorDone(new BoxError(BoxError.EXTERNAL_ERROR, formatError(result)));
|
|
|
|
records = records.concat(result.body.data.filter(function (record) {
|
|
return (record.type === type && record.name === name);
|
|
}));
|
|
|
|
more = result.body.page !== result.body.pages;
|
|
|
|
iteratorDone();
|
|
});
|
|
}, function () { return more; }, function (error) {
|
|
debug('getZoneRecords:', error, JSON.stringify(records));
|
|
|
|
if (error) return callback(error);
|
|
|
|
callback(null, { zoneId, records });
|
|
});
|
|
});
|
|
}
|
|
|
|
function get(domainObject, location, type, callback) {
|
|
assert.strictEqual(typeof domainObject, 'object');
|
|
assert.strictEqual(typeof location, 'string');
|
|
assert.strictEqual(typeof type, 'string');
|
|
assert.strictEqual(typeof callback, 'function');
|
|
|
|
const dnsConfig = domainObject.config,
|
|
zoneName = domainObject.zoneName,
|
|
name = domains.getName(domainObject, location, type) || '';
|
|
|
|
getZoneRecords(dnsConfig, zoneName, name, type, function (error, { records }) {
|
|
if (error) return callback(error);
|
|
|
|
var tmp = records.map(function (record) { return record.target; });
|
|
|
|
debug('get: %j', tmp);
|
|
|
|
return callback(null, tmp);
|
|
});
|
|
}
|
|
|
|
function upsert(domainObject, location, type, values, callback) {
|
|
assert.strictEqual(typeof domainObject, 'object');
|
|
assert.strictEqual(typeof location, 'string');
|
|
assert.strictEqual(typeof type, 'string');
|
|
assert(util.isArray(values));
|
|
assert.strictEqual(typeof callback, 'function');
|
|
|
|
const dnsConfig = domainObject.config,
|
|
zoneName = domainObject.zoneName,
|
|
name = domains.getName(domainObject, location, type) || '';
|
|
|
|
debug('upsert: %s for zone %s of type %s with values %j', name, zoneName, type, values);
|
|
|
|
getZoneRecords(dnsConfig, zoneName, name, type, function (error, { zoneId, records }) {
|
|
if (error) return callback(error);
|
|
|
|
let i = 0, recordIds = []; // used to track available records to update instead of create
|
|
|
|
async.eachSeries(values, function (value, iteratorCallback) {
|
|
let data = {
|
|
type: type,
|
|
ttl_sec: 300 // lowest
|
|
};
|
|
|
|
if (type === 'MX') {
|
|
data.priority = parseInt(value.split(' ')[0], 10);
|
|
data.target = value.split(' ')[1];
|
|
} else if (type === 'TXT') {
|
|
data.target = value.replace(/^"(.*)"$/, '$1'); // strip any double quotes
|
|
} else {
|
|
data.target = value;
|
|
}
|
|
|
|
if (i >= records.length) {
|
|
data.name = name; // only set for new records
|
|
|
|
superagent.post(`${LINODE_ENDPOINT}/domains/${zoneId}/records`)
|
|
.set('Authorization', 'Bearer ' + dnsConfig.token)
|
|
.send(data)
|
|
.timeout(30 * 1000)
|
|
.retry(5)
|
|
.end(function (error, result) {
|
|
if (error && !error.response) return iteratorCallback(new BoxError(BoxError.NETWORK_ERROR, error.message));
|
|
if (result.statusCode === 400) return iteratorCallback(new BoxError(BoxError.BAD_FIELD, formatError(result)));
|
|
if (result.statusCode === 403 || result.statusCode === 401) return iteratorCallback(new BoxError(BoxError.ACCESS_DENIED, formatError(result)));
|
|
if (result.statusCode !== 200) return iteratorCallback(new BoxError(BoxError.EXTERNAL_ERROR, formatError(result)));
|
|
|
|
recordIds.push(result.body.id);
|
|
|
|
return iteratorCallback(null);
|
|
});
|
|
} else {
|
|
superagent.put(`${LINODE_ENDPOINT}/domains/${zoneId}/records/${records[i].id}`)
|
|
.set('Authorization', 'Bearer ' + dnsConfig.token)
|
|
.send(data)
|
|
.timeout(30 * 1000)
|
|
.retry(5)
|
|
.end(function (error, result) {
|
|
// increment, as we have consumed the record
|
|
++i;
|
|
|
|
if (error && !error.response) return iteratorCallback(new BoxError(BoxError.NETWORK_ERROR, error.message));
|
|
if (result.statusCode === 400) return iteratorCallback(new BoxError(BoxError.BAD_FIELD, formatError(result)));
|
|
if (result.statusCode === 403 || result.statusCode === 401) return iteratorCallback(new BoxError(BoxError.ACCESS_DENIED, formatError(result)));
|
|
if (result.statusCode !== 200) return iteratorCallback(new BoxError(BoxError.EXTERNAL_ERROR, formatError(result)));
|
|
|
|
recordIds.push(result.body.id);
|
|
|
|
return iteratorCallback(null);
|
|
});
|
|
}
|
|
}, function (error) {
|
|
if (error) return callback(error);
|
|
|
|
debug('upsert: completed with recordIds:%j', recordIds);
|
|
|
|
callback();
|
|
});
|
|
});
|
|
}
|
|
|
|
function del(domainObject, location, type, values, callback) {
|
|
assert.strictEqual(typeof domainObject, 'object');
|
|
assert.strictEqual(typeof location, 'string');
|
|
assert.strictEqual(typeof type, 'string');
|
|
assert(util.isArray(values));
|
|
assert.strictEqual(typeof callback, 'function');
|
|
|
|
const dnsConfig = domainObject.config,
|
|
zoneName = domainObject.zoneName,
|
|
name = domains.getName(domainObject, location, type) || '';
|
|
|
|
getZoneRecords(dnsConfig, zoneName, name, type, function (error, { zoneId, records }) {
|
|
if (error) return callback(error);
|
|
|
|
if (records.length === 0) return callback(null);
|
|
|
|
var tmp = records.filter(function (record) { return values.some(function (value) { return value === record.target; }); });
|
|
|
|
debug('del: %j', tmp);
|
|
|
|
if (tmp.length === 0) return callback(null);
|
|
|
|
// FIXME we only handle the first one currently
|
|
|
|
superagent.del(`${LINODE_ENDPOINT}/domains/${zoneId}/records/${tmp[0].id}`)
|
|
.set('Authorization', 'Bearer ' + dnsConfig.token)
|
|
.timeout(30 * 1000)
|
|
.retry(5)
|
|
.end(function (error, result) {
|
|
if (error && !error.response) return callback(new BoxError(BoxError.NETWORK_ERROR, error.message));
|
|
if (result.statusCode === 404) return callback(null);
|
|
if (result.statusCode === 403 || result.statusCode === 401) return callback(new BoxError(BoxError.ACCESS_DENIED, formatError(result)));
|
|
if (result.statusCode !== 200) return callback(new BoxError(BoxError.EXTERNAL_ERROR, formatError(result)));
|
|
|
|
debug('del: done');
|
|
|
|
return callback(null);
|
|
});
|
|
});
|
|
}
|
|
|
|
function wait(domainObject, location, type, value, options, callback) {
|
|
assert.strictEqual(typeof domainObject, 'object');
|
|
assert.strictEqual(typeof location, 'string');
|
|
assert.strictEqual(typeof type, 'string');
|
|
assert.strictEqual(typeof value, 'string');
|
|
assert(options && typeof options === 'object'); // { interval: 5000, times: 50000 }
|
|
assert.strictEqual(typeof callback, 'function');
|
|
|
|
const fqdn = domains.fqdn(location, domainObject);
|
|
|
|
waitForDns(fqdn, domainObject.zoneName, type, value, options, callback);
|
|
}
|
|
|
|
function verifyDnsConfig(domainObject, callback) {
|
|
assert.strictEqual(typeof domainObject, 'object');
|
|
assert.strictEqual(typeof callback, 'function');
|
|
|
|
const dnsConfig = domainObject.config,
|
|
zoneName = domainObject.zoneName;
|
|
|
|
if (!dnsConfig.token || typeof dnsConfig.token !== 'string') return callback(new BoxError(BoxError.BAD_FIELD, 'token must be a non-empty string', { field: 'token' }));
|
|
|
|
const ip = '127.0.0.1';
|
|
|
|
var credentials = {
|
|
token: dnsConfig.token
|
|
};
|
|
|
|
if (process.env.BOX_ENV === 'test') return callback(null, credentials); // this shouldn't be here
|
|
|
|
dns.resolve(zoneName, 'NS', { timeout: 5000 }, function (error, nameservers) {
|
|
if (error && error.code === 'ENOTFOUND') return callback(new BoxError(BoxError.BAD_FIELD, 'Unable to resolve nameservers for this domain', { field: 'nameservers' }));
|
|
if (error || !nameservers) return callback(new BoxError(BoxError.BAD_FIELD, error ? error.message : 'Unable to get nameservers', { field: 'nameservers' }));
|
|
|
|
if (nameservers.map(function (n) { return n.toLowerCase(); }).indexOf('ns1.linode.com') === -1) {
|
|
debug('verifyDnsConfig: %j does not contains DO NS', nameservers);
|
|
return callback(new BoxError(BoxError.BAD_FIELD, 'Domain nameservers are not set to Linode', { field: 'nameservers' }));
|
|
}
|
|
|
|
const location = 'cloudrontestdns';
|
|
|
|
upsert(domainObject, location, 'A', [ ip ], function (error) {
|
|
if (error) return callback(error);
|
|
|
|
debug('verifyDnsConfig: Test A record added');
|
|
|
|
del(domainObject, location, 'A', [ ip ], function (error) {
|
|
if (error) return callback(error);
|
|
|
|
debug('verifyDnsConfig: Test A record removed again');
|
|
|
|
callback(null, credentials);
|
|
});
|
|
});
|
|
});
|
|
}
|