Skip to content

Minor fixes to the dns server for the pool. #563

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
davidv1992 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Minor fixes to the dns server for the pool. #563

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
74 changes: 70 additions & 4 deletions nts-pool-dns/src/geo_handler.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,10 @@ impl GeoHandlerInner {
let mut regions = HashMap::new();

for server in &servers {
if !(server.ipv4_capable.unwrap_or(true) || server.ipv6_capable.unwrap_or(true))
Copy link
Copy Markdown
Member

@squell squell May 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd prefer this to read

Suggested change
if !(server.ipv4_capable.unwrap_or(true) || server.ipv6_capable.unwrap_or(true))
if !server.ipv4_capable.unwrap_or(true) && !server.ipv6_capable.unwrap_or(true)

The DeMorganization that needs to happen to understand the original formula in combination with 'unwrap_or(true)' gives a kind of double-negation shortcircuit in my brain.

Or perhaps even more clear, this could read:

            if server.ipv4_capable == Some(false) && server.ipv6_capable == Some(false)

{
continue;
}
Self::add_to_region(&mut regions, GLOBAL, server, serial, config)?;
for region in &server.regions {
Self::add_to_region(&mut regions, region, server, serial, config)?;
Expand All @@ -155,7 +159,7 @@ impl GeoHandlerInner {
// Convert the records to catalogs and sign them
let signing_key = config.load_key().await?;

let regions = regions
let mut regions = regions
.into_iter()
.map(|(k, v)| {
let public_key = signing_key
Expand Down Expand Up @@ -213,6 +217,58 @@ impl GeoHandlerInner {
})
.collect::<eyre::Result<HashMap<_, _>>>()?;

// Ensure we always at least have a global region, even if its empty
if !regions.contains_key(GLOBAL) {
let public_key = signing_key
.to_public_key()
.wrap_err("Failed to get public key")?;
let signer = DnssecSigner::new(
DNSKEY::from_key(&public_key),
Box::new(signing_key.clone()),
config.zone_name.clone(),
config.sign_duration,
);

let mut authority: InMemoryZoneHandler = InMemoryZoneHandler::empty(
config.zone_name.clone(),
hickory_server::zone_handler::ZoneType::Primary,
hickory_server::zone_handler::AxfrPolicy::Deny,
None,
);

let ttl_secs = config
.ttl
.as_secs()
.try_into()
.wrap_err("TTL value too large")?;

let soa = RData::SOA(SOA::new(
config.dns_server_name.clone(),
config.responsible_name.clone(),
serial,
3600,
600,
86400,
ttl_secs,
));
let soa_record = Record::from_rdata(config.zone_name.clone(), ttl_secs, soa);
authority.upsert_mut(soa_record, serial);
let ns = RData::NS(NS(config.dns_server_name.clone()));
let ns_record = Record::from_rdata(config.zone_name.clone(), ttl_secs, ns);
authority.upsert_mut(ns_record, serial);

authority
.add_zone_signing_key_mut(signer)
.wrap_err("Failed to add zone signing key")?;
authority
.secure_zone_mut()
.wrap_err("Failed to sign zone")?;

let mut catalog = Catalog::new();
catalog.upsert(config.zone_name.clone().into(), vec![Arc::new(authority)]);
regions.insert(GLOBAL.to_owned(), catalog);
}

let geodb = maxminddb::Reader::from_source(
tokio::fs::read(config.geolocation_db_path.as_path())
.await
Expand All @@ -230,9 +286,19 @@ impl GeoHandlerInner {
serial: u32,
config: &GeoHandlerConfig,
) -> eyre::Result<()> {
let region_lookup = regions
.entry(regionname.to_owned())
.or_insert_with(|| RecordSet::new(config.zone_name.clone(), RecordType::SRV, serial));
let region_lookup = regions.entry(regionname.to_owned()).or_insert_with(|| {
RecordSet::new(
config
.zone_name
.clone()
.prepend_label("_tcp")
.unwrap()
.prepend_label("_ntske")
.unwrap(),
RecordType::SRV,
serial,
)
});
let record = SRV::new(
0,
0,
Expand Down
Loading