From 7ab9b4c482d9c2dbd6e7cbac42d83bf5fad7b51c Mon Sep 17 00:00:00 2001
From: Derek Smith <derek@farscapian.com>
Date: Fri, 22 Apr 2022 16:15:40 -0400
Subject: [PATCH] Various DDNS updates.

Signed-off-by: Derek Smith <derek@farscapian.com>
---
 deploy.sh        |  9 +++++++++
 go_www.sh        |  1 -
 provision_lxc.sh | 37 +++++++++++++++++++++++++++++++++----
 run_ddns.sh      | 36 ++++++++++--------------------------
 4 files changed, 52 insertions(+), 31 deletions(-)

diff --git a/deploy.sh b/deploy.sh
index 0b7b302..f3a0dc4 100755
--- a/deploy.sh
+++ b/deploy.sh
@@ -102,6 +102,15 @@ export MACVLAN_INTERFACE="$MACVLAN_INTERFACE"
 # shellcheck disable=SC1091
 source ./defaults.sh
 
+# if there's a ./env file here, let's execute it. Admins can put various deployment-specific things there.
+if [ -f $(pwd)/env ]; then
+    source $(pwd)/env;
+else
+    touch "$(pwd)/env"
+    echo "We stubbed out a '$(pwd)/env' file for you. Put any LXD-remote specific information in there."
+    exit 1
+fi
+
 # iterate over all our server endpoints and provision them if needed.
 # www
 VPS_HOSTNAME=
diff --git a/go_www.sh b/go_www.sh
index 72c6eb9..74a1708 100755
--- a/go_www.sh
+++ b/go_www.sh
@@ -35,7 +35,6 @@ if [ "$VPS_HOSTING_TARGET" != lxd ]; then
         ./generate_certs.sh
     fi
 else
-    
     # restore the certs. If they don't exist in a backup we restore from SITE_PATH
     if [ -f "$SITE_PATH/certs.tar.gz" ]; then
         scp "$SITE_PATH/certs.tar.gz" "ubuntu@$FQDN:$REMOTE_HOME/certs.tar.gz"
diff --git a/provision_lxc.sh b/provision_lxc.sh
index fa95220..4d8eb2e 100755
--- a/provision_lxc.sh
+++ b/provision_lxc.sh
@@ -1,10 +1,10 @@
 #!/bin/bash
 
-set -eu
+set -eux
 
 # check to ensure the admin has specified a MACVLAN interface
-if [ -z "$DEV_MACVLAN_INTERFACE" ]; then
-    echo "ERROR: DEV_MACVLAN_INTERFACE not defined in project."
+if [ -z "$MACVLAN_INTERFACE" ]; then
+    echo "ERROR: MACVLAN_INTERFACE not defined in project."
     exit 1
 fi
 
@@ -26,12 +26,13 @@ envsubst < ./lxc_profile.yml > "$SITE_PATH/cloud-init.yml"
 # configure the profile with our generated cloud-init.yml file.
 cat "$SITE_PATH/cloud-init.yml" | lxc profile edit "$LXD_VM_NAME"
 
-wait_for_lxc_ip () {
+function wait_for_lxc_ip {
 
 LXC_INSTANCE_NAME="$1"
 IP_V4_ADDRESS=
 while true; do
     IP_V4_ADDRESS="$(lxc list "$LXC_INSTANCE_NAME" --format csv --columns=4 | grep enp5s0 | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')" || true
+    export IP_V4_ADDRESS="$IP_V4_ADDRESS"
     if [ -n "$IP_V4_ADDRESS" ]; then
         # give the machine extra time to spin up.
         wait-for-it -t 300 "$IP_V4_ADDRESS:22"
@@ -44,6 +45,34 @@ done
 
 }
 
+function run_ddns {
+    # now that the VM has an IP, we can update the DNS record. TODO add additional DNS providers here; namecheap only atm.
+    DDNS_STRING="$VPS_HOSTNAME"
+    if [ "$VPS_HOSTNAME" = www ]; then
+        # next update our DDNS record. TODO enable local/remote name provider. 
+        DDNS_STRING="@"
+    fi
+
+    # if the DNS record is incorrect, we run DDNS to get it corrected yo.
+    if "$(getent hosts "$FQDN" | awk '{ print $1 }')" != "$IP_V4_ADDRESS"; then
+        curl "https://dynamicdns.park-your-domain.com/update?host=$DDNS_STRING&domain=$DOMAIN_NAME&password=$DDNS_PASSWORD&ip=$IP_V4_ADDRESS"
+
+        DDNS_SLEEP_SECONDS=60
+        while true; do
+            # we test the www CNAME here so we can be assured the underlying has corrected.
+            if [[ "$(getent hosts "$FQDN" | awk '{ print $1 }')" == "$IP_V4_ADDRESS" ]]; then
+                echo ""
+                echo "SUCCESS: The DNS appears to be configured correctly."
+
+                echo "INFO: Waiting $DDNS_SLEEP_SECONDS seconds to allow stale DNS records to expire."
+                sleep "$DDNS_SLEEP_SECONDS";
+                break;
+            fi
+
+            printf "." && sleep 2;
+        done
+    fi
+}
 
 # create the default storage pool if necessary
 if ! lxc storage list --format csv | grep -q default; then
diff --git a/run_ddns.sh b/run_ddns.sh
index fab9cfb..9d3b391 100755
--- a/run_ddns.sh
+++ b/run_ddns.sh
@@ -1,18 +1,8 @@
 #!/bin/bash
 
-set -eu
+set -eux
 
-# create the ddclient.conf file
-cat >/tmp/ddclient.conf <<EOL
-### ddclient.conf
-### namecheap
-##################
-use=web, web=checkip.dyndns.com/, web-skip='IP Address'
-protocol=namecheap
-server=dynamicdns.park-your-domain.com
-login=${DOMAIN_NAME}
-password=${DDNS_PASSWORD}
-EOL
+DDNS_STRING=
 
 # for the www stack, we register only the domain name so our URLs look like https://$DOMAIN_NAME
 if [ "$APP_TO_DEPLOY" = www ] || [ "$APP_TO_DEPLOY" = certonly ]; then
@@ -21,22 +11,16 @@ else
     DDNS_STRING="$DDNS_HOST"
 fi
 
-# append the correct DDNS string to ddclient.conf
-echo "$DDNS_STRING" >> /tmp/ddclient.conf
-
-cat /tmp/ddclient.conf
-
-# send the ddclient.conf file to the remote vps.
-docker-machine scp /tmp/ddclient.conf "$FQDN:$REMOTE_HOME/ddclient.conf"
-docker-machine ssh "$FQDN" sudo cp "$REMOTE_HOME/ddclient.conf" /etc/ddclient.conf
-docker-machine ssh "$FQDN" sudo chown root:root /etc/ddclient.conf
-docker-machine ssh "$FQDN" sudo chmod 0600 /etc/ddclient.conf
-docker-machine ssh "$FQDN" sudo apt-get -qq install -y ddclient wait-for-it git rsync duplicity sshfs
-docker-machine ssh "$FQDN" sudo ddclient
-
 # wait for DNS to get setup. Pass in the IP address of the actual VPS.
-echo "INFO: Verifying correct DNS configuration. This may take a while."
 MACHINE_IP="$(docker-machine ip "$FQDN")"
+if [ "$VPS_HOSTING_TARGET" = aws ]; then
+
+    # wire DNS entries using namecheap DDNS API (via HTTPS rather than ddclient)
+    curl "https://dynamicdns.park-your-domain.com/update?host=$DDNS_STRING&domain=$DOMAIN_NAME&password=$DDNS_PASSWORD&ip=$MACHINE_IP"
+
+    #install dependencies.
+    docker-machine ssh "$FQDN" sudo apt-get -qq install -y wait-for-it git rsync duplicity sshfs
+fi
 
 DDNS_SLEEP_SECONDS=60
 while true; do