summaryrefslogtreecommitdiff
path: root/src/migration-scripts/dns-dynamic
diff options
context:
space:
mode:
authorIndrajit Raychaudhuri <irc@indrajit.com>2023-12-25 00:13:07 -0600
committerIndrajit Raychaudhuri <irc@indrajit.com>2023-12-26 15:22:55 -0600
commitbe7c56cbc6d0b28f6e85e35a2dc5303bd663754b (patch)
treea4ce74838ce03578ce6cf8b5ca8b50bdada33238 /src/migration-scripts/dns-dynamic
parent3d9f381964e53fe0ce6456724660727283802f48 (diff)
downloadvyos-1x-be7c56cbc6d0b28f6e85e35a2dc5303bd663754b.tar.gz
vyos-1x-be7c56cbc6d0b28f6e85e35a2dc5303bd663754b.zip
ddclient: T5144: Migrate web-options url to stricter format
Legacy ddclient allowed arbitrary URLs in web-options, but the new has stricter validations. Apply migration to the old URLs. Also migrate checkip.dyndns.org to https://domains.google.com/checkip for better TLS support.
Diffstat (limited to 'src/migration-scripts/dns-dynamic')
-rwxr-xr-xsrc/migration-scripts/dns-dynamic/0-to-111
1 files changed, 11 insertions, 0 deletions
diff --git a/src/migration-scripts/dns-dynamic/0-to-1 b/src/migration-scripts/dns-dynamic/0-to-1
index 4f6083eab..b7674a9c8 100755
--- a/src/migration-scripts/dns-dynamic/0-to-1
+++ b/src/migration-scripts/dns-dynamic/0-to-1
@@ -25,8 +25,10 @@
# to "service dns dynamic address <address> service <config> username ..."
# - apply global 'ipv6-enable' to per <config> 'ip-version: ipv6'
# - apply service protocol mapping upfront, they are not 'auto-detected' anymore
+# - migrate web-options url to stricter format
import sys
+import re
from vyos.configtree import ConfigTree
service_protocol_mapping = {
@@ -104,8 +106,17 @@ for address in config.list_nodes(new_base_path):
new_base_path + ['web', svc_type, f'{svc_cfg}-{address}'])
# Multiple web-options were not supported, so copy only the first one
+ # Also, migrate web-options url to stricter format and transition
+ # checkip.dyndns.org to https://domains.google.com/checkip for better
+ # TLS support (see: https://github.com/ddclient/ddclient/issues/597)
if not config.exists(new_base_path + ['web', 'web-options']):
config.copy(new_base_path + [address, 'use-web'], new_base_path + ['web', 'web-options'])
+ if config.exists(new_base_path + ['web', 'web-options', 'url']):
+ url = config.return_value(new_base_path + ['web', 'web-options', 'url'])
+ if re.search("^(https?://)?checkip\.dyndns\.org", url):
+ config.set(new_base_path + ['web', 'web-options', 'url'], 'https://domains.google.com/checkip')
+ if not url.startswith(('http://', 'https://')):
+ config.set(new_base_path + ['web', 'web-options', 'url'], f'https://{url}')
config.delete(new_base_path + [address])