diff options
author | Indrajit Raychaudhuri <irc@indrajit.com> | 2023-12-25 00:13:07 -0600 |
---|---|---|
committer | Indrajit Raychaudhuri <irc@indrajit.com> | 2023-12-26 15:22:55 -0600 |
commit | be7c56cbc6d0b28f6e85e35a2dc5303bd663754b (patch) | |
tree | a4ce74838ce03578ce6cf8b5ca8b50bdada33238 | |
parent | 3d9f381964e53fe0ce6456724660727283802f48 (diff) | |
download | vyos-1x-be7c56cbc6d0b28f6e85e35a2dc5303bd663754b.tar.gz vyos-1x-be7c56cbc6d0b28f6e85e35a2dc5303bd663754b.zip |
ddclient: T5144: Migrate web-options url to stricter format
Legacy ddclient allowed arbitrary URLs in web-options, but the new
has stricter validations. Apply migration to the old URLs.
Also migrate checkip.dyndns.org to https://domains.google.com/checkip
for better TLS support.
-rwxr-xr-x | src/migration-scripts/dns-dynamic/0-to-1 | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/migration-scripts/dns-dynamic/0-to-1 b/src/migration-scripts/dns-dynamic/0-to-1 index 4f6083eab..b7674a9c8 100755 --- a/src/migration-scripts/dns-dynamic/0-to-1 +++ b/src/migration-scripts/dns-dynamic/0-to-1 @@ -25,8 +25,10 @@ # to "service dns dynamic address <address> service <config> username ..." # - apply global 'ipv6-enable' to per <config> 'ip-version: ipv6' # - apply service protocol mapping upfront, they are not 'auto-detected' anymore +# - migrate web-options url to stricter format import sys +import re from vyos.configtree import ConfigTree service_protocol_mapping = { @@ -104,8 +106,17 @@ for address in config.list_nodes(new_base_path): new_base_path + ['web', svc_type, f'{svc_cfg}-{address}']) # Multiple web-options were not supported, so copy only the first one + # Also, migrate web-options url to stricter format and transition + # checkip.dyndns.org to https://domains.google.com/checkip for better + # TLS support (see: https://github.com/ddclient/ddclient/issues/597) if not config.exists(new_base_path + ['web', 'web-options']): config.copy(new_base_path + [address, 'use-web'], new_base_path + ['web', 'web-options']) + if config.exists(new_base_path + ['web', 'web-options', 'url']): + url = config.return_value(new_base_path + ['web', 'web-options', 'url']) + if re.search("^(https?://)?checkip\.dyndns\.org", url): + config.set(new_base_path + ['web', 'web-options', 'url'], 'https://domains.google.com/checkip') + if not url.startswith(('http://', 'https://')): + config.set(new_base_path + ['web', 'web-options', 'url'], f'https://{url}') config.delete(new_base_path + [address]) |