Documentation
¶
Index ¶
- Variables
- func Expand(zone *entities.Zone) error
- func ExpandVar(env string) string
- func IsTLD(tld string) bool
- func LoadTLDs(logger *logging.Logger, tldData []byte) error
- func NewAAAARecord(name, value string, ttl uint32) *entities.AAAARecord
- func NewARecord(name, value string, ttl uint32) *entities.ARecord
- func NewCNAMERecord(name, target string, ttl uint32) *entities.CNAMERecord
- func NewDNSKEYRecord(name, key string, flags uint16, protocol, algorithm uint8, ttl uint32) *entities.DNSKEYRecord
- func NewDSRecord(name string, keyTag uint16, algorithm, digestType uint8, digest string, ...) *entities.DSRecord
- func NewMXRecord(name, value string, priority uint16, ttl uint32) *entities.MXRecord
- func NewNSRecord(name, value string, ttl uint32) *entities.NSRecord
- func NewRRSIGRecord(name, typeCovered string, algorithm, labels uint8, originalTTL uint32, ...) *entities.RRSIGRecord
- func NewSOARecord(name, mname, rname string, ...) *entities.SOARecord
- func NewSRVRecord(name, target string, port, priority, weight uint16, ttl uint32) *entities.SRVRecord
- func NewTXTRecord(name, value string, ttl uint32) *entities.TXTRecord
- func ParseDomainName(fqdn string) (hostname, subdomains, rootDomain, tld string, err error)
- func Run(appName, appVersion string, logger *logging.Logger, config *Config)
- func Save(zone *entities.Zone) error
- type Config
- type Datastore
- type InternalServer
- type Params
- type PublicServer
- type RecordParserFunc
- type SecurityLogEntry
- type Service
- func (s *Service) Delete(zone *entities.Zone) error
- func (s *Service) InternalDomain() string
- func (s *Service) InternalZone() (*entities.Zone, error)
- func (s *Service) PublicDomain() string
- func (s *Service) PublicZone() (*entities.Zone, error)
- func (s *Service) Register(fqdn, ip string) (*entities.Zone, error)
- func (s *Service) Resolver() *net.Resolver
- func (s *Service) Save(zone *entities.Zone) error
- func (s *Service) Zone(zoneName string) (*entities.Zone, error)
- type TrustedPlatformPlugin
Constants ¶
This section is empty.
Variables ¶
View Source
var ( DatastorePartition = "dns/zones" Configuration *Config DefaultConfig = Config{ Datastore: &datastore.Config{ Backend: "AFERO_FS", ConsistencyLevel: "local", RootDir: "trusted-data/datastore", ReadBufferSize: 50, Serializer: "json", }, PublicServer: &PublicServer{ Port: 8053, Forwarders: []string{"4.4.4.4", "8.8.8.8"}, Zone: entities.Zone{ ID: 1, Name: "trusted-platform.io.", TTL: 3600, Description: "Public zone for trusted-platform.io", Internal: false, RecordSet: entities.RecordSet{ SOARecord: entities.SOARecord{ Name: "trusted-platform.io.", MName: "ns1.trusted-platform.io.", RName: "hostmaster.trusted-platform.io.", Serial: 1, Refresh: 86400, Retry: 7200, Expire: 86400, MinimumTTL: 3600, TTL: 3600, }, NSRecords: []*entities.NSRecord{ {Name: "trusted-platform.io.", Value: "ns1.trusted-platform.io.", TTL: 3600}, {Name: "trusted-platform.io.", Value: "ns2.trusted-platform.io.", TTL: 3600}, {Name: "trusted-platform.io.", Value: "ns3.trusted-platform.io.", TTL: 3600}, }, ARecords: []*entities.ARecord{ {Name: "ns1", Value: "${PUBLIC_IPv4}", TTL: 3600}, {Name: "ns2", Value: "${PUBLIC_IPv4}", TTL: 3600}, {Name: "ns3", Value: "${PUBLIC_IPv4}", TTL: 3600}, {Name: "www", Value: "${PUBLIC_IPv4}", TTL: 3600}, }, CNAMERecords: []*entities.CNAMERecord{ {Name: "www", Value: "trusted-platform.io.", TTL: 3600}, }, MXRecords: []*entities.MXRecord{ {Name: "trusted-platform.io.", Value: "mail.trusted-platform.io.", Priority: 10, TTL: 3600}, }, TXTRecords: []*entities.TXTRecord{ {Name: "trusted-platform.io.", Value: "v=spf1 include:_spf.google.com ~all", TTL: 3600}, }, }, }, }, InternalServer: &InternalServer{ Port: 8054, Forwarders: []string{"192.168.1.1", "192.168.2.1", "192.168.3.1"}, Zone: entities.Zone{ ID: 2, Name: "trusted-platform.internal.", TTL: 3600, Description: "Internal zone for trusted-platform.internal", Internal: true, RecordSet: entities.RecordSet{ SOARecord: entities.SOARecord{ Name: "trusted-platform.internal.", MName: "ns1.trusted-platform.internal.", RName: "hostmaster.trusted-platform.internal.", Serial: 1, Refresh: 86400, Retry: 7200, Expire: 86400, MinimumTTL: 3600, TTL: 3600, }, NSRecords: []*entities.NSRecord{ {Name: "trusted-platform.internal.", Value: "ns1.trusted-platform.internal.", TTL: 3600}, {Name: "trusted-platform.internal.", Value: "ns2.trusted-platform.internal.", TTL: 3600}, {Name: "trusted-platform.internal.", Value: "ns3.trusted-platform.internal.", TTL: 3600}, }, ARecords: []*entities.ARecord{ {Name: "ns1", Value: "${LOCAL_IPv4}", TTL: 3600}, {Name: "ns2", Value: "192.168.2.1", TTL: 3600}, {Name: "ns3", Value: "192.168.3.1", TTL: 3600}, {Name: "${HOSTNAME}", Value: "${LOCAL_IPv4}", TTL: 3600}, }, CNAMERecords: []*entities.CNAMERecord{ {Name: "www", Value: "trusted-platform.internal.", TTL: 3600}, }, }, }, }, } )
View Source
var ( ErrZoneAlreadyExists = errors.New("zone already exists") ErrParsingDomainName = errors.New("failed to parse FQDN or domain name") ErrInvalidIPAddress = errors.New("invalid IP address") ErrZoneNotFound = errors.New("zone not found") ErrInvalidPrivateIP = errors.New("invalid private IP address") ErrInvalidPublicIP = errors.New("invalid public IP address") ErrInvalidPrivateTLD = errors.New("invalid private TLD") ErrInvalidPublicTLD = errors.New("invalid public TLD") ErrRegistrationDisabled = errors.New("zone registration is disallowed") ErrExternalRegistrationDisabled = errors.New("external zone registration disallowed") ErrInternalRegistrationDisabled = errors.New("internal zone registration disallowed") )
View Source
var (
ErrInternalZoneQueryViolation = errors.New("received public query for internal zone")
)
Define log to be a logger with the plugin name in it.
View Source
var (
ErrMacroNotFound = errors.New("dns: macro not found")
)
View Source
var ErrRecordTypeNotSupported = errors.New("dns: record type not supported")
Error for unsupported record types
Functions ¶
func LoadTLDs ¶
Loads and processes the provided tldData as a plain text file with each TLD on it's own line. If the tldData is not provided, the TLD list from data.iana.org will be used as a default.
func NewAAAARecord ¶
func NewAAAARecord( name, value string, ttl uint32) *entities.AAAARecord
NewAAAARecord creates a new AAAA record.
func NewARecord ¶
NewARecord creates a new A record.
func NewCNAMERecord ¶
func NewCNAMERecord( name, target string, ttl uint32) *entities.CNAMERecord
NewCNAMERecord creates a new CNAME record.
func NewDNSKEYRecord ¶
func NewDNSKEYRecord( name, key string, flags uint16, protocol, algorithm uint8, ttl uint32) *entities.DNSKEYRecord
NewDNSKEYRecord creates a new DNSKEY record.
func NewDSRecord ¶
func NewDSRecord( name string, keyTag uint16, algorithm, digestType uint8, digest string, ttl uint32) *entities.DSRecord
NewDSRecord creates a new DS record.
func NewMXRecord ¶
NewMXRecord creates a new MX record.
func NewNSRecord ¶
NewNSRecord creates a new NS record.
func NewRRSIGRecord ¶
func NewRRSIGRecord( name, typeCovered string, algorithm, labels uint8, originalTTL uint32, expiration, inception string, keyTag uint16, signerName, signature string) *entities.RRSIGRecord
NewRRSIGRecord creates a new signed RRset
func NewSOARecord ¶
func NewSOARecord( name, mname, rname string, serial, refresh, retry, expire, minimumTTL, ttl uint32) *entities.SOARecord
NewSOARecord creates a new SOA record.
func NewSRVRecord ¶
func NewSRVRecord( name, target string, port, priority, weight uint16, ttl uint32) *entities.SRVRecord
NewSRVRecord creates a new SRV record.
func NewTXTRecord ¶
NewTXTRecord creates a new TXT record.
func ParseDomainName ¶
ParseDomainName parses a fully qualified domain name (FQDN) into its hostname, subdomains, root domain, and TLD. Any trailing dot in the FQDN is removed and each of the domain components are returned in their normalized form (ie: no trailing dots).
Types ¶
type Config ¶
type Config struct {
AllowRegistration bool `yaml:"allow-registration" json:"allow_registration" mapstructure:"allow-registration"`
AllowExternalRegistration bool `yaml:"allow-external-registration" json:"allow_external_registration" mapstructure:"allow-external-registration"`
AllowInternalRegistration bool `yaml:"allow-internal-registration" json:"allow_internal_registration" mapstructure:"allow-internal-registration"`
Datastore *datastore.Config `yaml:"datastore" json:"datastore" mapstructure:"datastore"`
DefaultTTL int `yaml:"default-ttl" json:"default_ttl" mapstructure:"default-ttl"`
InternalServer *InternalServer `yaml:"internal" json:"internal" mapstructure:"internal"`
Logger *logging.Logger `yaml:"-" json:"-" mapstructure:"-"`
PublicServer *PublicServer `yaml:"public" json:"public" mapstructure:"public"`
PrivateIPv4 string `yaml:"-" json:"-" mapstructure:"-"`
PrivateIPv6 string `yaml:"-" json:"-" mapstructure:"-"`
PublicIPv4 string `yaml:"-" json:"-" mapstructure:"-"`
PublicIPv6 string `yaml:"-" json:"-" mapstructure:"-"`
}
type Datastore ¶
type Datastore struct {
// contains filtered or unexported fields
}
func NewDatastore ¶
type InternalServer ¶
type PublicServer ¶
type RecordParserFunc ¶
RecordParserFunc defines a function type for parsing DNS records
type SecurityLogEntry ¶
type SecurityLogEntry struct {
Timestamp time.Time `json:"timestamp"`
Severity string `json:"severity"`
Category string `json:"category"`
Description string `json:"description"`
Details string `json:"details,omitempty"`
Source string `json:"source,omitempty"`
OffenderAddress string `json:"offender_address,omitempty"`
OffenderID string `json:"offender_id,omitempty"`
}
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
DNSService handles zone and record operations.
func NewService ¶
NewService creates a new DNSService instance.
func (*Service) InternalDomain ¶
func (*Service) PublicDomain ¶
func (*Service) Register ¶
Register creates a new DNS record or zone based on the provided FQDN and platform configuration. If the the FQDN does not match the DNS server's public or private zone, and the platform configuration permits, a new zone will be created with an initial A record so the host is resolvable. If the FQDN matches the DNS server's public or private zone, a new A record will be added to the existing zone for the host. If the provided IP address belongs to a private subnet, the record will be created as an internal zone, otherwise it will be created as a public zone.
func (*Service) Resolver ¶
Returns a new net.Resolver instance that uses the internal DNS server. The internal DNS service allows queries for both internal and public zones and forwards unknown queries to the forwarders specified in the platform configuration.
type TrustedPlatformPlugin ¶
TrustedPlatformPlugin is the struct implementing the plugin.Handler interface.
func (TrustedPlatformPlugin) Name ¶
func (cp TrustedPlatformPlugin) Name() string
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.