Initial commit: DDNS service with NIC V2 protocol support

Features: - Token-based subdomain claiming - NIC V2 (DynDNS2) protocol implementation - Technitium DNS integration - Rate limiting (10 req/min IP, 1 req/min token) - Web UI for space claiming - Docker/Docker Compose support - Compatible with UniFi, pfSense, EdgeRouter Module: git.dws.rip/DWS/dyn
2026-02-01 16:37:09 -05:00
commit 2470f121e2
16 changed files with 1835 additions and 0 deletions
--- a/internal/dns/technitium.go
+++ b/internal/dns/technitium.go
@@ -0,0 +1,184 @@
+package dns
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"time"
+)
+
+type Client struct {
+	baseURL    string
+	token      string
+	username   string
+	password   string
+	httpClient *http.Client
+}
+
+type AddRecordRequest struct {
+	Domain    string `json:"domain"`
+	Type      string `json:"type"`
+	IPAddress string `json:"ipAddress,omitempty"`
+	Overwrite bool   `json:"overwrite"`
+	TTL       int    `json:"ttl,omitempty"`
+}
+
+type AddRecordResponse struct {
+	Status    string `json:"status"`
+	ErrorCode string `json:"errorCode,omitempty"`
+	Error     string `json:"errorMessage,omitempty"`
+}
+
+type APIResponse struct {
+	Status   string          `json:"status"`
+	Response json.RawMessage `json:"response"`
+	Error    *APIError       `json:"error,omitempty"`
+}
+
+type APIError struct {
+	Code    string `json:"code"`
+	Message string `json:"message"`
+}
+
+func NewClient(baseURL, token, username, password string) *Client {
+	return &Client{
+		baseURL:  baseURL,
+		token:    token,
+		username: username,
+		password: password,
+		httpClient: &http.Client{
+			Timeout: 30 * time.Second,
+		},
+	}
+}
+
+func (c *Client) AddARecord(zone, hostname, ip string, ttl int) error {
+	domain := fmt.Sprintf("%s.%s", hostname, zone)
+
+	reqBody := AddRecordRequest{
+		Domain:    domain,
+		Type:      "A",
+		IPAddress: ip,
+		Overwrite: true,
+	}
+
+	if ttl > 0 {
+		reqBody.TTL = ttl
+	}
+
+	return c.addRecord(reqBody)
+}
+
+func (c *Client) AddWildcardARecord(zone, hostname, ip string, ttl int) error {
+	domain := fmt.Sprintf("*.%s.%s", hostname, zone)
+
+	reqBody := AddRecordRequest{
+		Domain:    domain,
+		Type:      "A",
+		IPAddress: ip,
+		Overwrite: true,
+	}
+
+	if ttl > 0 {
+		reqBody.TTL = ttl
+	}
+
+	return c.addRecord(reqBody)
+}
+
+func (c *Client) addRecord(req AddRecordRequest) error {
+	endpoint := fmt.Sprintf("%s/api/dns/records/add", c.baseURL)
+
+	formData := url.Values{}
+	formData.Set("domain", req.Domain)
+	formData.Set("type", req.Type)
+	formData.Set("ipAddress", req.IPAddress)
+	formData.Set("overwrite", fmt.Sprintf("%t", req.Overwrite))
+	if req.TTL > 0 {
+		formData.Set("ttl", fmt.Sprintf("%d", req.TTL))
+	}
+
+	httpReq, err := http.NewRequest("POST", endpoint, bytes.NewBufferString(formData.Encode()))
+	if err != nil {
+		return fmt.Errorf("failed to create request: %w", err)
+	}
+
+	httpReq.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+
+	if c.token != "" {
+		httpReq.Header.Set("Authorization", "Basic "+c.token)
+	} else if c.username != "" && c.password != "" {
+		httpReq.SetBasicAuth(c.username, c.password)
+	}
+
+	resp, err := c.httpClient.Do(httpReq)
+	if err != nil {
+		return fmt.Errorf("failed to execute request: %w", err)
+	}
+	defer resp.Body.Close()
+
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return fmt.Errorf("failed to read response body: %w", err)
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		return fmt.Errorf("HTTP error %d: %s", resp.StatusCode, string(body))
+	}
+
+	var apiResp APIResponse
+	if err := json.Unmarshal(body, &apiResp); err != nil {
+		return fmt.Errorf("failed to parse response: %w", err)
+	}
+
+	if apiResp.Status != "ok" {
+		if apiResp.Error != nil {
+			return fmt.Errorf("API error: %s - %s", apiResp.Error.Code, apiResp.Error.Message)
+		}
+		return fmt.Errorf("API error: status not ok")
+	}
+
+	return nil
+}
+
+func (c *Client) DeleteRecord(zone, hostname, recordType string) error {
+	endpoint := fmt.Sprintf("%s/api/dns/records/delete", c.baseURL)
+
+	domain := fmt.Sprintf("%s.%s", hostname, zone)
+	if hostname == "" || hostname == "@" {
+		domain = zone
+	}
+
+	formData := url.Values{}
+	formData.Set("domain", domain)
+	formData.Set("type", recordType)
+
+	httpReq, err := http.NewRequest("POST", endpoint, bytes.NewBufferString(formData.Encode()))
+	if err != nil {
+		return fmt.Errorf("failed to create request: %w", err)
+	}
+
+	httpReq.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+
+	if c.token != "" {
+		httpReq.Header.Set("Authorization", "Basic "+c.token)
+	} else if c.username != "" && c.password != "" {
+		httpReq.SetBasicAuth(c.username, c.password)
+	}
+
+	resp, err := c.httpClient.Do(httpReq)
+	if err != nil {
+		return fmt.Errorf("failed to execute request: %w", err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		body, _ := io.ReadAll(resp.Body)
+		return fmt.Errorf("HTTP error %d: %s", resp.StatusCode, string(body))
+	}
+
+	return nil
+}