toolshed/organising
toolshed/organising
8
1
Fork 0
Code Issues 120 Pull Requests Releases Activity

(Optionally?) Check that DNS records are in place before running a deploy #227

New Issue
Closed
opened 2021-11-01 09:41:17 +00:00 by 3wordchant · 4 comments
3wordchant commented 2021-11-01 09:41:17 +00:00
Owner
Copy Link

Describe the problem to be solved

I'm deploying an app, I typo the domain, or I mess up the DNS config. Then when I deploy the app, Traefik can't generate SSL certificates. If I do this enough times (> 4 in an hour?) then LetsEncrypt rate-limits me and I have to wait for the timeout before continuing with the deployment.

Describe the solution you would like

Before deploying, abra could look up if there's an A record pointing to the relevant swarm server (ping it to get its IP?), or a CNAME record pointing to its hostname, and throw up a GIGANTIC WARNING.

For maximum bonus points, this would use whatever "unbound" system LetsEncrypt itself uses, to account for propagation /caching differences.

## Describe the problem to be solved I'm deploying an app, I typo the domain, or I mess up the DNS config. Then when I deploy the app, Traefik can't generate SSL certificates. If I do this enough times (> 4 in an hour?) then LetsEncrypt rate-limits me and I have to wait for the timeout before continuing with the deployment. ## Describe the solution you would like Before deploying, abra could look up if there's an A record pointing to the relevant swarm server (ping it to get its IP?), or a CNAME record pointing to its hostname, and throw up a GIGANTIC WARNING. For maximum bonus points, this would use whatever "unbound" system LetsEncrypt itself uses, to account for propagation /caching differences.
3wordchant added the
enhancement
abra
 labels 2021-11-01 09:41:17 +00:00
decentral1se commented 2021-11-03 05:38:06 +00:00
Owner
Copy Link

Good idea! Idk if its as robust as you have described but we have logic to do a DNS lookup (you could add more DNS servers to make it better maybe?) over in 08aca28d9d/cli/server/add.go (L269-L291). You could just run that on the server before a deploy alright.

Good idea! Idk if its as robust as you have described but we have logic to do a DNS lookup (you could add more DNS servers to make it better maybe?) over in https://git.coopcloud.tech/coop-cloud/abra/src/commit/08aca28d9df8fcdf4140e7183055c5b2741fbcf4/cli/server/add.go#L269-L291. You could just run that on the server before a deploy alright.
❤️ 1
decentral1se commented 2021-11-13 22:15:11 +00:00
Owner
Copy Link

I've just pushed 85ff04202f and tested that it does indeed bail out, whatcha reckon?

➜  abra (main) ✔ ./abra app deploy foo_nowhere_zone 
...overview...
? continue with deployment? Yes
FATA[0002] could not find an IP address assigned to foo.nowhere.zone?
I've just pushed https://git.coopcloud.tech/coop-cloud/abra/commit/85ff04202fc374511d7d350b0f602cc420f65683 and tested that it does indeed bail out, whatcha reckon? ``` ➜ abra (main) ✔ ./abra app deploy foo_nowhere_zone ...overview... ? continue with deployment? Yes FATA[0002] could not find an IP address assigned to foo.nowhere.zone? ```
🎉 1
decentral1se added the
awaiting-feedback
 label 2021-11-13 22:17:45 +00:00
3wordchant commented 2021-11-14 11:18:06 +00:00
Author
Owner
Copy Link

This looks amazing! 😍

Maybe let's close this, open a separate ticket for "check if $DOMAIN resolves to the same IP address as $SERVER"?

This looks amazing! 😍 Maybe let's close this, open a separate ticket for "check if $DOMAIN resolves to the same IP address as $SERVER"?
🎉 1
decentral1se commented 2021-11-14 21:47:59 +00:00
Owner
Copy Link

OK, gave that a stab in 9122c0a9b8. Will close.

OK, gave that a stab in https://git.coopcloud.tech/coop-cloud/abra/commit/9122c0a9b8bdc7a28db47e787a7c54a8181ebf8b. Will close.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
abra
Everything to do with abra
abra-gandi
Abra Gandi plugin
awaiting-feedback
Ping/pong on comms
backups
bug
Something is not working
build
Go build related issues
ci/cd
Getting the robots into the mix
community organising
Opening this thing up
contributing
Contributors stuff
coopcloud.tech
Our main website
democracy
Democratic decision making
design
Design thinking required
documentation
Let's write things together
duplicate
This issue or pull request already exists
enhancement
New feature
finance
Money things
funding
Anything related to grant funding
good first issue
Easy start with development
help wanted
Need some help
installer
Installation related issues
kadabra
performance
Performance related
proposal
Large change which requires feedback & decisin making
question
More information is needed
recipes.coopcloud.tech
Our recipes catalogue
security
Securing our shit
test
Unit or integration test suite
wontfix
This won't be fixed
No Label
abra
awaiting-feedback
enhancement
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
3wordchant abra-bot ammaratef45 Apfelwurm carla cas decentral1se fauno kawaiipunk knoflook lambdabundesverband moritz p4u1 simon trav val yksflip
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: toolshed/organising#227
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?