From 5c9a7e1069ede3af270145b86695bf1cbeb8ed24 Mon Sep 17 00:00:00 2001 From: Anatoli Babenia Date: Wed, 18 Mar 2020 09:33:12 +0300 Subject: [PATCH 1/5] hw3ep1: Add Cloudflare DNS --- abitrolly/3/01resolv.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 abitrolly/3/01resolv.sh diff --git a/abitrolly/3/01resolv.sh b/abitrolly/3/01resolv.sh new file mode 100644 index 0000000..99f8543 --- /dev/null +++ b/abitrolly/3/01resolv.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +set -x +set -o errexit +set -o nounset + +echo "[x] Add Cloudflare DNS to /etc/resolv.conf" +grep -q "ns.cloudflare.com" /etc/resolv.conf || \ + (echo "arya.ns.cloudflare.com" >> /etc/resolv.conf; \ + echo "chance.ns.cloudflare.com" >> /etc/resolv.conf) From 11bfa8473cdf836ab44c14b0b1ce8d1bc1e412b0 Mon Sep 17 00:00:00 2001 From: Anatoli Babenia Date: Fri, 20 Mar 2020 18:33:09 +0300 Subject: [PATCH 2/5] Register to Cloudflare DNS. TODO: check IP is the same and update if different CLOUDFLARE_API_TOKEN=... ./02register.sh --- abitrolly/3/02register.sh | 62 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100755 abitrolly/3/02register.sh diff --git a/abitrolly/3/02register.sh b/abitrolly/3/02register.sh new file mode 100755 index 0000000..8d6f641 --- /dev/null +++ b/abitrolly/3/02register.sh @@ -0,0 +1,62 @@ +#!/bin/bash + +set -x +set -o errexit +set -o nounset + + +TOKEN="$CLOUDFLARE_API_TOKEN" +ZONEID="4f70d62b382c30c7f83942a758ed9eac" +FQDN="abitrolly.lab.zadeploy.com" +APIURL="https://api.cloudflare.com/client/v4/zones/$ZONEID/dns_records" + +IPADDR="$(ip route get 8.8.8.8 | cut -f 7 -d' ')" + +noname () { + # Returns 1 if name is not present + echo "[x] Checking if ${FQDN} is already registered.." + + RET=0 + curl -sS -H "Content-Type: application/json" \ + -H "Authorization: Bearer ${TOKEN}" \ + "$APIURL" \ + | jq . | grep -q "$FQDN" `# returns 1 if no matches` \ + && RET=$? || RET=$? + + # doesn't distinguish between no record and error making request + return $RET +} + +register () { + echo "[x] Creating record for ${FQDN}.." + + JSON='{ + "type": "A", + "name":"'"$FQDN"'", + "content":"'"$IPADDR"'", + "ttl": 120 + }' + + # It is very very cryptic trying to get status code, output and return + # code from the same request. Therefore just analysing JSON response + # for expected results as a success. + # https://superuser.com/questions/590099/can-i-make-curl-fail-with-an-exitcode-different-than-0-if-the-http-status-code-i + RES=$(curl -sS -H "Content-Type: application/json" \ + -H "Authorization: Bearer ${TOKEN}" \ + -d "$JSON" "$APIURL") + if [[ $RES == *'"success":true"'* ]]; then + echo -e "Registered ${FQDN} A ${IPADDR}" + elif [[ $RES == *'"The record already exists."'* ]]; then + echo -e "The record for ${FQDN} already exist" + else + echo "Error registering ${FQDN}" + fi +} + + +if [[ noname ]]; then + register +else + echo "${FQDN} is already present in DNS records" +fi + From 3bafb5ffa448e1f56a2ca9a915f771d374546497 Mon Sep 17 00:00:00 2001 From: Anatoli Babenia Date: Sat, 21 Mar 2020 11:28:58 +0300 Subject: [PATCH 3/5] If IP is the same - skip registration, if not - update --- abitrolly/3/02register.sh | 63 +++++++++++++++++++++++++++++---------- 1 file changed, 47 insertions(+), 16 deletions(-) diff --git a/abitrolly/3/02register.sh b/abitrolly/3/02register.sh index 8d6f641..cade3f7 100755 --- a/abitrolly/3/02register.sh +++ b/abitrolly/3/02register.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -x +#set -x set -o errexit set -o nounset @@ -12,19 +12,36 @@ APIURL="https://api.cloudflare.com/client/v4/zones/$ZONEID/dns_records" IPADDR="$(ip route get 8.8.8.8 | cut -f 7 -d' ')" -noname () { - # Returns 1 if name is not present - echo "[x] Checking if ${FQDN} is already registered.." - RET=0 - curl -sS -H "Content-Type: application/json" \ +RECORDID= + +registered () { + # Returns 1 if registered, 0 if not. + # Returns 2 if IP is wrong and sets RECORDID. + echo -e "[x] Checking if ${FQDN} is already registered.." + + OUT=$(curl -sS -H "Content-Type: application/json" \ -H "Authorization: Bearer ${TOKEN}" \ - "$APIURL" \ - | jq . | grep -q "$FQDN" `# returns 1 if no matches` \ - && RET=$? || RET=$? + "$APIURL") - # doesn't distinguish between no record and error making request - return $RET + if [[ $OUT == *"$FQDN"* ]]; then + REGIP=$(grep -Po "\"${FQDN}\",\"content\":\"\K.*?(?=\")" <<< "$OUT") + if [[ "$REGIP" == "$IPADDR" ]]; then + return 1 + else + echo "IP ${REGIP} doesn't match local ${IPADDR}" + ID=$(grep -Po '"id":"\K.*?(?=","type":"A","name":"'"${FQDN}"'")' <<< "$OUT") + # there could be more than one record, return only the first + if [[ "$ID" =~ [[:space:]]+ ]]; then + ARRID=($ID) + RECORDID=${ARRID[0]} + else + RECORDID=$ID + fi + return 2 + fi + fi + return 0 } register () { @@ -44,19 +61,33 @@ register () { RES=$(curl -sS -H "Content-Type: application/json" \ -H "Authorization: Bearer ${TOKEN}" \ -d "$JSON" "$APIURL") - if [[ $RES == *'"success":true"'* ]]; then + echo "$RES" + if [[ $RES == *'"success":true,'* ]]; then echo -e "Registered ${FQDN} A ${IPADDR}" elif [[ $RES == *'"The record already exists."'* ]]; then - echo -e "The record for ${FQDN} already exist" + echo -e "The record ${FQDN} A ${IPADDR} already exists." else echo "Error registering ${FQDN}" fi } +remove () { + echo "[x] Removing record for ${FQDN} with ID ${RECORDID}.." -if [[ noname ]]; then - register + RES=$(curl -sS -H "Content-Type: application/json" \ + -H "Authorization: Bearer ${TOKEN}" \ + -X DELETE "$APIURL"/"$RECORDID") + echo $RES +} + + +registered && REGD=$? || REGD=$? +if [[ $REGD == 1 ]]; then + echo "${FQDN} A ${IPADDR} is already in DNS records" else - echo "${FQDN} is already present in DNS records" + if [[ $REGD == 2 ]]; then + remove + fi + register fi From a024bb0d70b3a8238996538c4f8f426333f64af0 Mon Sep 17 00:00:00 2001 From: Anatoli Babenia Date: Sat, 21 Mar 2020 11:40:56 +0300 Subject: [PATCH 4/5] hw3ep3: register_pi_name function --- abitrolly/3/02register.sh | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/abitrolly/3/02register.sh b/abitrolly/3/02register.sh index cade3f7..d2b90da 100755 --- a/abitrolly/3/02register.sh +++ b/abitrolly/3/02register.sh @@ -44,12 +44,14 @@ registered () { return 0 } -register () { - echo "[x] Creating record for ${FQDN}.." +register_pi_name () { + local _FQDN=$1 + + echo "[x] Creating record for ${_FQDN}.." JSON='{ "type": "A", - "name":"'"$FQDN"'", + "name":"'"$_FQDN"'", "content":"'"$IPADDR"'", "ttl": 120 }' @@ -63,11 +65,11 @@ register () { -d "$JSON" "$APIURL") echo "$RES" if [[ $RES == *'"success":true,'* ]]; then - echo -e "Registered ${FQDN} A ${IPADDR}" + echo -e "Registered ${_FQDN} A ${IPADDR}" elif [[ $RES == *'"The record already exists."'* ]]; then - echo -e "The record ${FQDN} A ${IPADDR} already exists." + echo -e "The record ${_FQDN} A ${IPADDR} already exists." else - echo "Error registering ${FQDN}" + echo "Error registering ${_FQDN}" fi } @@ -88,6 +90,6 @@ else if [[ $REGD == 2 ]]; then remove fi - register + register_pi_name "$FQDN" fi From 12da692b28090ae36bc4dea5ff7654870df07e9e Mon Sep 17 00:00:00 2001 From: Anatoli Babenia Date: Sat, 21 Mar 2020 11:51:09 +0300 Subject: [PATCH 5/5] hw3ep4: Add systemd service file --- abitrolly/3/02register.service | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 abitrolly/3/02register.service diff --git a/abitrolly/3/02register.service b/abitrolly/3/02register.service new file mode 100644 index 0000000..f6ab6e1 --- /dev/null +++ b/abitrolly/3/02register.service @@ -0,0 +1,10 @@ +[Unit] +Description=Register RPi to Cloudflare DNS + +[Service] +ExecStart=/root/02register.sh +Type=oneshot +#RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target