diff options
| author | Indrajit Raychaudhuri <irc@indrajit.com> | 2023-12-25 00:13:07 -0600 | 
|---|---|---|
| committer | Indrajit Raychaudhuri <irc@indrajit.com> | 2023-12-25 00:42:15 -0600 | 
| commit | c8bcc4ad2a82ec95f2f4005fd89ba94264040a68 (patch) | |
| tree | 67b442040885ab4db8b6a641117c3d5d9cc756da | |
| parent | 8331a573f1354940ec3744699dd88a3ca1323d7f (diff) | |
| download | vyos-1x-c8bcc4ad2a82ec95f2f4005fd89ba94264040a68.tar.gz vyos-1x-c8bcc4ad2a82ec95f2f4005fd89ba94264040a68.zip | |
ddclient: T5144: Migrate web-options url to stricter format
Legacy ddclient allowed arbitrary URLs in web-options, but the new
has stricter validations. Apply migration to the old URLs.
Also migrate checkip.dyndns.org to https://domains.google.com/checkip
for better TLS support.
| -rwxr-xr-x | src/migration-scripts/dns-dynamic/0-to-1 | 11 | 
1 files changed, 11 insertions, 0 deletions
| diff --git a/src/migration-scripts/dns-dynamic/0-to-1 b/src/migration-scripts/dns-dynamic/0-to-1 index 4f6083eab..b7674a9c8 100755 --- a/src/migration-scripts/dns-dynamic/0-to-1 +++ b/src/migration-scripts/dns-dynamic/0-to-1 @@ -25,8 +25,10 @@  #        to "service dns dynamic address <address> service <config> username ..."  # - apply global 'ipv6-enable' to per <config> 'ip-version: ipv6'  # - apply service protocol mapping upfront, they are not 'auto-detected' anymore +# - migrate web-options url to stricter format  import sys +import re  from vyos.configtree import ConfigTree  service_protocol_mapping = { @@ -104,8 +106,17 @@ for address in config.list_nodes(new_base_path):                                  new_base_path + ['web', svc_type, f'{svc_cfg}-{address}'])          # Multiple web-options were not supported, so copy only the first one +        # Also, migrate web-options url to stricter format and transition +        # checkip.dyndns.org to https://domains.google.com/checkip for better +        # TLS support (see: https://github.com/ddclient/ddclient/issues/597)          if not config.exists(new_base_path + ['web', 'web-options']):              config.copy(new_base_path + [address, 'use-web'], new_base_path + ['web', 'web-options']) +            if config.exists(new_base_path + ['web', 'web-options', 'url']): +                url = config.return_value(new_base_path + ['web', 'web-options', 'url']) +                if re.search("^(https?://)?checkip\.dyndns\.org", url): +                    config.set(new_base_path + ['web', 'web-options', 'url'], 'https://domains.google.com/checkip') +                if not url.startswith(('http://', 'https://')): +                    config.set(new_base_path + ['web', 'web-options', 'url'], f'https://{url}')          config.delete(new_base_path + [address]) | 
