-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathmain.go
407 lines (346 loc) · 11.9 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
package main
import (
"context"
"encoding/json"
"flag"
"fmt"
"io"
"log"
"net/http"
"os"
"strings"
"github.com/docker/docker/api/types"
"github.com/docker/docker/api/types/container"
"github.com/docker/docker/api/types/events"
"github.com/docker/docker/api/types/filters"
"github.com/docker/docker/client"
)
const targetKey = "docker-pihole-customdns.domain"
type Action = string
const (
CreateAction Action = "create"
RemoveAction Action = "remove"
)
type APIResponse struct {
Success bool `json:"success"`
Message string `json:"message"`
}
type ExistingDNSResponse struct {
Data [][]string `json:"data"`
}
var defaultTargetIP string
var defaultTargetDomain string
var authCode string
var pihole_url string
var authCode2 string
var pihole_url2 string
func main() {
loadArguments()
ctx := context.Background()
cli, err := client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation())
if err != nil {
log.Fatal(err)
}
testPiholeConnection()
reconcileExistingDNS(cli)
watchContainers(ctx, cli)
}
func loadArguments() {
flag.StringVar(&defaultTargetIP, "targetip", "", "Default target IP address for the Docker host")
flag.StringVar(&defaultTargetDomain, "targetdomain", "", "Default target domain address for the Docker host")
flag.StringVar(&authCode, "apitoken", "", "Pi-hole API token")
flag.StringVar(&pihole_url, "piholeurl", "", "Pi-hole URL (e.g. http://pi.hole)")
flag.StringVar(&authCode2, "apitoken2", "", "Second Pi-hole API token (Optional)")
flag.StringVar(&pihole_url2, "piholeurl2", "", "Second Pi-hole URL (Optional e.g. http://pi.hole)")
flag.Parse()
if defaultTargetIP == "" {
defaultTargetIP = os.Getenv("DPC_DEFAULT_TARGET_IP")
}
if defaultTargetDomain == "" {
defaultTargetDomain = os.Getenv("DPC_DEFAULT_TARGET_DOMAIN")
}
if authCode == "" {
authCode = os.Getenv("DPC_PIHOLE_API_TOKEN")
}
if pihole_url == "" {
pihole_url = os.Getenv("DPC_PIHOLE_URL")
}
if authCode2 == "" {
authCode2 = os.Getenv("DPC_PIHOLE_API_TOKEN_2")
}
if pihole_url2 == "" {
pihole_url2 = os.Getenv("DPC_PIHOLE_URL_2")
}
if defaultTargetIP == "" && defaultTargetDomain == "" {
log.Fatal("Default Docker host target IP or target domain are not provided. Set either using the -targetip flag (DPC_DEFAULT_TARGET_IP) or -targetdomain (DPC_DEFAULT_TARGET_DOMAIN).")
} else if defaultTargetIP != "" && defaultTargetDomain != "" {
log.Fatal("Both default target IP and target domain are set. Only one default can be used.")
}
if authCode == "" {
log.Fatal("Pi-hole API token is not provided. Set it using the -apitoken flag or DPC_PIHOLE_API_TOKEN environment variable.")
}
if pihole_url == "" {
log.Fatal("Pi-hole URL is not provided. Set it using the -piholeurl flag or DPC_PIHOLE_URL environment variable.")
}
pihole_url += "/admin/api.php"
if pihole_url2 != "" {
pihole_url2 += "/admin/api.php"
if authCode2 == "" {
log.Fatal("Pi-hole API token is not provided. Set it using the -apitoken2 flag or DPC_PIHOLE_API_TOKEN_2 environment variable.")
}
}
}
func testPiholeConnection() {
pihole_urls := []string{pihole_url}
if pihole_url2 != "" { pihole_urls = append(pihole_urls, pihole_url2) }
for _, url := range pihole_urls {
testURL := url
testURL += "?summaryRaw&auth="
testURL += authCode
resp, err := http.Get(testURL)
if err != nil {
log.Fatalf("Error connecting to Pi-hole %s: %v", url, err)
}
defer resp.Body.Close()
if resp.StatusCode == http.StatusOK {
bodyBytes, err := io.ReadAll(resp.Body)
if err != nil {
log.Fatal(err)
}
bodyString := string(bodyBytes)
if bodyString == "[]" {
log.Fatalf("Error connecting to Pi-hole %s. Check API token.", url)
} else {
log.Printf("Connected to Pi-hole %s successfully", url)
}
} else {
log.Fatalf("Error connecting to Pi-hole %s. Check API token.", url)
}
}
}
func reconcileExistingDNS(cli *client.Client){
// Fetch existing DNS entries from Pi-hole
existingDNS, err := getExistingDNS(pihole_url)
if err != nil {
log.Fatalf("Error fetching existing DNS entries from %s: %v", pihole_url, err)
}
// Check existing containers for the target key and create DNS records if needed
checkExistingContainers(pihole_url, cli, existingDNS)
if pihole_url2 != "" {
// Fetch existing DNS entries from Pi-hole2
existingDNS, err := getExistingDNS(pihole_url2)
if err != nil {
log.Fatalf("Error fetching existing DNS entries from %s: %v", pihole_url2, err)
}
// Check existing containers for the target key and create DNS records if needed
checkExistingContainers(pihole_url2, cli, existingDNS)
}
}
func getExistingDNS(pihole_url string) ([][]string, error) {
// Make the API request to get existing DNS entries
apiURL := pihole_url + "?customdns"
if defaultTargetIP == "" {
apiURL = pihole_url + "?customcname"
}
apiURL += "&auth=" + authCode
apiURL += "&action=get"
resp, err := http.Get(apiURL)
if err != nil {
return nil, err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return nil, fmt.Errorf("failed to fetch existing DNS entries. Status code: %d", resp.StatusCode)
}
// Decode the JSON response
var existingDNSResponse ExistingDNSResponse
if err := json.NewDecoder(resp.Body).Decode(&existingDNSResponse); err != nil {
return nil, err
}
return existingDNSResponse.Data, nil
}
func checkExistingContainers(pihole_url string, cli *client.Client, existingDNS [][]string) {
// Fetch all existing containers
containers, err := cli.ContainerList(context.Background(), container.ListOptions{All: true})
if err != nil {
log.Fatalf("Error fetching existing containers: %v", err)
}
// Iterate over containers and check for the target key
for _, container := range containers {
labelValue, found := container.Labels[targetKey]
if found && isDNSMissing(labelValue, existingDNS) {
// Strip off the "/" prefix from the container name
containerName := strings.TrimPrefix(container.Names[0], "/")
createDNSRecord(pihole_url, containerName, labelValue)
}
}
}
func isDNSMissing(labelValue string, existingDNS [][]string) bool {
// Check if the DNS entry already exists
searchRecord := defaultTargetIP
if defaultTargetIP == "" {
searchRecord = defaultTargetDomain
}
for _, existing := range existingDNS {
if len(existing) == 2 && existing[0] == labelValue && existing[1] == searchRecord {
return false
}
}
return true
}
func watchContainers(ctx context.Context, cli *client.Client) {
options := types.EventsOptions{}
options.Filters = filters.NewArgs()
options.Filters.Add("type", string(events.ContainerEventType))
options.Filters.Add("event", CreateAction)
options.Filters.Add("event", RemoveAction)
events, errs := cli.Events(ctx, options)
for {
select {
case event := <-events:
relevant, action, label := isRelevantEvent(event)
if relevant {
if action == CreateAction {
createDNSRecord(pihole_url, event.Actor.Attributes["name"], label)
if pihole_url2 != "" {
createDNSRecord(pihole_url2, event.Actor.Attributes["name"], label)
}
} else if action == RemoveAction {
removeDNSRecord(pihole_url, event.Actor.Attributes["name"], label)
if pihole_url2 != "" {
removeDNSRecord(pihole_url2, event.Actor.Attributes["name"], label)
}
}
}
case err := <-errs:
log.Fatalf("Error watching events: %v", err)
}
}
}
func isRelevantEvent(event events.Message) (bool, Action, string) {
// Check if the container has the target key
for key, value := range event.Actor.Attributes {
if strings.ToLower(key) == targetKey {
return true, string(event.Action), strings.ToLower(value)
}
}
return false, "", ""
}
func createDNSRecord(pihole_url string, containerName string, domainName string) {
if defaultTargetIP != "" {
createARecord(pihole_url, containerName, domainName, defaultTargetIP)
} else {
createCNAMERecord(pihole_url, containerName, domainName, defaultTargetDomain)
}
}
func removeDNSRecord(pihole_url string, containerName string, domainName string) {
if defaultTargetIP != "" {
removeARecord(pihole_url, containerName, domainName, defaultTargetIP)
} else {
removeCNAMERecord(pihole_url, containerName, domainName, defaultTargetDomain)
}
}
func createARecord(pihole_url string, containerName string, domainName string, ipAddress string) {
// Make the API request with the required parameters
apiURL := pihole_url + "?customdns"
apiURL += "&auth=" + authCode
apiURL += "&action=add"
apiURL += "&ip=" + ipAddress
apiURL += "&domain=" + domainName
resp, err := http.Get(apiURL)
if err != nil {
log.Printf("Error making API request: %v", err)
return
}
defer resp.Body.Close()
// Decode the JSON response
var apiResponse APIResponse
if err := json.NewDecoder(resp.Body).Decode(&apiResponse); err != nil {
log.Printf("Error decoding JSON response: %v", err)
return
}
// Check the "success" attribute in the response
if apiResponse.Success {
log.Printf("API for %s add request successful for container %s - %s", pihole_url, containerName, domainName)
} else {
log.Printf("API for %s add request failed for container %s - %s: %s", pihole_url, containerName, domainName, apiResponse.Message)
}
}
func removeARecord(pihole_url string, containerName string, domainName string, ipAddress string) {
// Make the API request with the required parameters
apiURL := pihole_url + "?customdns"
apiURL += "&auth=" + authCode
apiURL += "&action=delete"
apiURL += "&ip=" + ipAddress
apiURL += "&domain=" + domainName
resp, err := http.Get(apiURL)
if err != nil {
log.Printf("Error making API request: %v", err)
return
}
defer resp.Body.Close()
// Decode the JSON response
var apiResponse APIResponse
if err := json.NewDecoder(resp.Body).Decode(&apiResponse); err != nil {
log.Printf("Error decoding JSON response: %v", err)
return
}
// Check the "success" attribute in the response
if apiResponse.Success {
log.Printf("API for %s delete request successful for container %s - %s", pihole_url, containerName, domainName)
} else {
log.Printf("API for %s delete request failed for container %s - %s: %s", pihole_url, containerName, domainName, apiResponse.Message)
}
}
func createCNAMERecord(pihole_url string, containerName string, domainName string, targetName string) {
// Make the API request with the required parameters
apiURL := pihole_url + "?customcname"
apiURL += "&auth=" + authCode
apiURL += "&action=add"
apiURL += "&target=" + targetName
apiURL += "&domain=" + domainName
resp, err := http.Get(apiURL)
if err != nil {
log.Printf("Error making API request: %v", err)
return
}
defer resp.Body.Close()
// Decode the JSON response
var apiResponse APIResponse
if err := json.NewDecoder(resp.Body).Decode(&apiResponse); err != nil {
log.Printf("Error decoding JSON response: %v", err)
return
}
// Check the "success" attribute in the response
if apiResponse.Success {
log.Printf("API for %s add request successful for container %s - %s", pihole_url, containerName, domainName)
} else {
log.Printf("API for %s add request failed for container %s - %s: %s", pihole_url, containerName, domainName, apiResponse.Message)
}
}
func removeCNAMERecord(pihole_url string, containerName string, domainName string, targetName string) {
// Make the API request with the required parameters
apiURL := pihole_url + "?customcname"
apiURL += "&auth=" + authCode
apiURL += "&action=delete"
apiURL += "&target=" + targetName
apiURL += "&domain=" + domainName
resp, err := http.Get(apiURL)
if err != nil {
log.Printf("Error making API request: %v", err)
return
}
defer resp.Body.Close()
// Decode the JSON response
var apiResponse APIResponse
if err := json.NewDecoder(resp.Body).Decode(&apiResponse); err != nil {
log.Printf("Error decoding JSON response: %v", err)
return
}
// Check the "success" attribute in the response
if apiResponse.Success {
log.Printf("API for %s delete request successful for container %s - %s", pihole_url, containerName, domainName)
} else {
log.Printf("API for %s delete request failed for container %s - %s: %s", pihole_url, containerName, domainName, apiResponse.Message)
}
}