forked from juanfont/headscale
-
Notifications
You must be signed in to change notification settings - Fork 2
/
console_api_dns.go
133 lines (127 loc) · 4.04 KB
/
console_api_dns.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
package headscale
import (
_ "embed"
"encoding/json"
"net/http"
"strings"
)
type DNSData struct {
Warning []string `json:"warnings"` // TODO:未实现
Resolvers []string `json:"resolvers"` //域名服务器列表(覆写本地时)
Domains []string `json:"domains"` //分离DNS设置的域名
Routes map[string][]string `json:"routes"` //分离DNS设置的映射关系
FallbackResolvers []string `json:"fallbackResolvers"` //域名服务器列表(不覆写本地时)
MagicDNS bool `json:"magicDNS"` //是否启用幻域
HasNextDNS bool `json:"hasNextDNS"` // TODO:未实现
MagicDNSDomains []string `json:"magicDNSDomains"` //幻域域列表
}
// 接受/admin/api/dns的Get请求,用于查询DNS
func (h *Headscale) CAPIGetDNS(
w http.ResponseWriter,
r *http.Request,
) {
userName := h.verifyTokenIDandGetUser(w, r)
if userName == "" {
h.doAPIResponse(w, "用户信息核对失败", nil)
return
}
user, err := h.GetUser(userName)
if err != nil {
h.doAPIResponse(w, "查询用户失败:"+err.Error(), nil)
return
}
userDNSCfg, userBaseDomain := user.GetDNSConfig(h.cfg.IPPrefixes)
dnsData := DNSData{
Domains: make([]string, 0),
Resolvers: make([]string, 0),
FallbackResolvers: make([]string, 0),
Routes: make(map[string][]string, 0),
MagicDNS: userDNSCfg.Proxied,
}
for _, domain := range userDNSCfg.Domains {
if strings.HasSuffix(domain, "in-addr.arpa") || strings.HasSuffix(domain, "ip6.arpa") {
continue
}
dnsData.Domains = append(dnsData.Domains, domain)
}
if len(userDNSCfg.Resolvers) > 0 {
for _, ns := range userDNSCfg.Resolvers {
dnsData.Resolvers = append(dnsData.Resolvers, ns.Addr)
}
} else if len(userDNSCfg.FallbackResolvers) > 0 {
for _, ns := range userDNSCfg.FallbackResolvers {
dnsData.FallbackResolvers = append(dnsData.FallbackResolvers, ns.Addr)
}
}
dnsData.MagicDNSDomains = make([]string, 0)
dnsData.MagicDNSDomains = append(dnsData.MagicDNSDomains, userBaseDomain)
if len(userDNSCfg.Routes) > 0 {
for domain, nsl := range userDNSCfg.Routes {
if strings.HasSuffix(domain, "in-addr.arpa") || strings.HasSuffix(domain, "ip6.arpa") {
continue
}
dnsData.Routes[domain] = make([]string, 0)
for _, ns := range nsl {
dnsData.Routes[domain] = append(dnsData.Routes[domain], ns.Addr)
}
}
}
h.doAPIResponse(w, "", dnsData)
}
// 请求报文:同DNSData查询报文
// 接受/admin/api/dns的Post请求,用于修改DNS设置
func (h *Headscale) CAPIPostDNS(
w http.ResponseWriter,
r *http.Request,
) {
userName := h.verifyTokenIDandGetUser(w, r)
if userName == "" {
h.doAPIResponse(w, "用户信息核对失败", nil)
return
}
err := r.ParseForm()
if err != nil {
h.doAPIResponse(w, "用户请求解析失败:"+err.Error(), nil)
return
}
reqData := DNSData{}
json.NewDecoder(r.Body).Decode(&reqData)
err = h.UpdateDNSConfig(userName, reqData)
if err != nil {
h.doAPIResponse(w, "更新用户DNS设置失败", nil)
return
}
h.CAPIGetDNS(w, r)
}
// 注销Key执行DELETE方法api/keys/:Id
func (h *Headscale) CAPIDelDNS(
w http.ResponseWriter,
r *http.Request,
) {
userName := h.verifyTokenIDandGetUser(w, r)
targetKeyID := strings.TrimPrefix(r.URL.Path, "/admin/api/keys/")
allKeys, err := h.ListPreAuthKeys(userName)
if err != nil {
h.doAPIResponse(w, "查询用户密钥信息失败", nil)
return
}
toDelKeys := make([]PreAuthKey, 0)
for _, key := range allKeys {
if key.Key[:12] == targetKeyID {
toDelKeys = append(toDelKeys, key)
}
}
if len(toDelKeys) == 0 {
h.doAPIResponse(w, "该密钥不存在", nil)
return
} else if len(toDelKeys) > 1 {
h.doAPIResponse(w, "存在多个密钥具备相同短形式(ID),请联系工作人员", nil)
return
}
err = h.DestroyPreAuthKey(toDelKeys[0])
if err != nil {
h.doAPIResponse(w, "执行密钥删除失败", nil)
return
}
h.doAPIResponse(w, "", targetKeyID)
}