diff options
author | Indrajit Raychaudhuri <irc@indrajit.com> | 2023-12-25 00:13:07 -0600 |
---|---|---|
committer | Indrajit Raychaudhuri <irc@indrajit.com> | 2023-12-25 00:42:15 -0600 |
commit | c8bcc4ad2a82ec95f2f4005fd89ba94264040a68 (patch) | |
tree | 67b442040885ab4db8b6a641117c3d5d9cc756da /src/migration-scripts/dns-dynamic | |
parent | 8331a573f1354940ec3744699dd88a3ca1323d7f (diff) | |
download | vyos-1x-c8bcc4ad2a82ec95f2f4005fd89ba94264040a68.tar.gz vyos-1x-c8bcc4ad2a82ec95f2f4005fd89ba94264040a68.zip |
ddclient: T5144: Migrate web-options url to stricter format
Legacy ddclient allowed arbitrary URLs in web-options, but the new
has stricter validations. Apply migration to the old URLs.
Also migrate checkip.dyndns.org to https://domains.google.com/checkip
for better TLS support.
Diffstat (limited to 'src/migration-scripts/dns-dynamic')
-rwxr-xr-x | src/migration-scripts/dns-dynamic/0-to-1 | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/migration-scripts/dns-dynamic/0-to-1 b/src/migration-scripts/dns-dynamic/0-to-1 index 4f6083eab..b7674a9c8 100755 --- a/src/migration-scripts/dns-dynamic/0-to-1 +++ b/src/migration-scripts/dns-dynamic/0-to-1 @@ -25,8 +25,10 @@ # to "service dns dynamic address <address> service <config> username ..." # - apply global 'ipv6-enable' to per <config> 'ip-version: ipv6' # - apply service protocol mapping upfront, they are not 'auto-detected' anymore +# - migrate web-options url to stricter format import sys +import re from vyos.configtree import ConfigTree service_protocol_mapping = { @@ -104,8 +106,17 @@ for address in config.list_nodes(new_base_path): new_base_path + ['web', svc_type, f'{svc_cfg}-{address}']) # Multiple web-options were not supported, so copy only the first one + # Also, migrate web-options url to stricter format and transition + # checkip.dyndns.org to https://domains.google.com/checkip for better + # TLS support (see: https://github.com/ddclient/ddclient/issues/597) if not config.exists(new_base_path + ['web', 'web-options']): config.copy(new_base_path + [address, 'use-web'], new_base_path + ['web', 'web-options']) + if config.exists(new_base_path + ['web', 'web-options', 'url']): + url = config.return_value(new_base_path + ['web', 'web-options', 'url']) + if re.search("^(https?://)?checkip\.dyndns\.org", url): + config.set(new_base_path + ['web', 'web-options', 'url'], 'https://domains.google.com/checkip') + if not url.startswith(('http://', 'https://')): + config.set(new_base_path + ['web', 'web-options', 'url'], f'https://{url}') config.delete(new_base_path + [address]) |