search

StackExchange / dnscontrol

Infrastructure as code for DNS!
https://dnscontrol.org/
MIT License
3.14k stars 400 forks source link

[Feature Request] Add HTTPS/SVCB Records #1660

Closed IzumiSenaSora closed 5 months ago

IzumiSenaSora commented 2 years ago

[Feature Request] Add HTTPS/SVCB Records Here Info About This Record Type

tlimoncelli commented 2 years ago

FYI: The steps to add a new record type are here: https://stackexchange.github.io/dnscontrol/adding-new-rtypes

IzumiSenaSora commented 2 years ago

FYI: The steps to add a new record type are here: https://stackexchange.github.io/dnscontrol/adding-new-rtypes

I Have No Idea About Coding 😅

IzumiSenaSora commented 2 years ago

@tlimoncelli any news? About this request!

tlimoncelli commented 2 years ago

Hi Izumi,

dnscontrol is a community-driven open source project. That means new features are added by the community; not the maintainer.

I have tagged this request "Needs volunteer" and emailed the dnscontrol-discuss email list asking for a volunteer.

Which DNS provider do you use?

Tom

IzumiSenaSora commented 2 years ago

Which DNS provider do you use?

Cloudflare as a Main deSEC as a Backup

Both support HTTPS/SVCB Record!

tlimoncelli commented 2 years ago

CC @tresni and @D3luxee

juliusrickert commented 1 year ago

FYI: The steps to add a new record type are here: https://stackexchange.github.io/dnscontrol/adding-new-rtypes

Link is outdated. Currently available at https://docs.dnscontrol.org/developer-info/adding-new-rtypes.

christianbur commented 7 months ago

After reading an article in c't from Heise.de, I wanted to test the HTTPS record. I think this record is very important because it offers many new and important functions. This record really doesn't deserve the priority "low".

My provider already supports the record: https://kb.inwx.com/de-de/3-nameserver/109-welche-record-typen-konnen-genutzt-werden https://developers.cloudflare.com/api/operations/dns-records-for-a-zone-list-dns-records#Query-Parameters:~:text=any-,type,-string

The current browsers (Chrome, Edge, Firefox) also already support the HTTPS Reccord.

Unfortunately DNScontrol is currently missing this RR, could someone please add this new record.

Links: https://www.heise.de/ratgeber/Wie-der-HTTPS-Eintrag-das-DNS-erweitert-und-warum-er-so-nuetzlich-ist-9658803.html https://blog.cloudflare.com/speeding-up-https-and-http-3-negotiation-with-dns

juliusrickert commented 7 months ago

This record really doesn't deserve the priority "low".

Please feel free to prioritise getting your PR in if it holds a higher priority for you.

tlimoncelli commented 7 months ago

FYI: I only implement that features that my employer needs. Everything else comes from the community.

fritterhoff commented 6 months ago

Hello! @tlimoncelli just merged the required changes for this record types. Feel free to test and evaluate if I missed something :)

tlimoncelli commented 6 months ago

I can't close this yet. The PR seems to be breaking cloudflare:

$ go test -timeout 999h -v -verbose -provider CLOUDFLAREAPI -start 15 -end 16
=== RUN   TestDNSProviders
=== RUN   TestDNSProviders/dnscontroltest-cf.com
=== RUN   TestDNSProviders/dnscontroltest-cf.com/Clean_Slate:Empty
=== RUN   TestDNSProviders/dnscontroltest-cf.com/15:HTTPS:Create_a_HTTPS_record
    integration_test.go:236: 
        + CREATE dnscontroltest-cf.com HTTPS 1 test.com. port="80" ttl=1
    integration_test.go:241: DNS Validation Error (1004)
=== RUN   TestDNSProviders/dnscontroltest-cf.com/Clean_Slate:Empty#01
=== RUN   TestDNSProviders/dnscontroltest-cf.com/16:SVCB:Create_a_HTTPS_record
    integration_test.go:236: 
        + CREATE dnscontroltest-cf.com HTTPS 1 test.com. port="80" ttl=1
    integration_test.go:241: DNS Validation Error (1004)
--- FAIL: TestDNSProviders (11.76s)
    --- FAIL: TestDNSProviders/dnscontroltest-cf.com (10.11s)
        --- PASS: TestDNSProviders/dnscontroltest-cf.com/Clean_Slate:Empty (1.72s)
        --- FAIL: TestDNSProviders/dnscontroltest-cf.com/15:HTTPS:Create_a_HTTPS_record (3.26s)
        --- PASS: TestDNSProviders/dnscontroltest-cf.com/Clean_Slate:Empty#01 (1.80s)
        --- FAIL: TestDNSProviders/dnscontroltest-cf.com/16:SVCB:Create_a_HTTPS_record (2.84s)
=== RUN   TestDualProviders
    integration_test.go:337: Skipping.  DocDualHost == Cannot
--- SKIP: TestDualProviders (1.83s)
=== RUN   TestNameserverDots
    integration_test.go:401: Skipping.  DocDualHost == Cannot
--- SKIP: TestNameserverDots (1.76s)
FAIL
exit status 1
FAIL    github.com/StackExchange/dnscontrol/v4/integrationTest  15.967s

Is cloudflare being picky about seeing port="80" instead of port=80 ?

fritterhoff commented 6 months ago

Uff... Will check that tomorrow.

fritterhoff commented 6 months ago

But I'm wondering what causes the extra quotes? I can reproduce the effect using bind but from my point of view that actually could be an upstream bug in miekg/dns?

image
fritterhoff commented 6 months ago
image
tlimoncelli commented 6 months ago

Or maybe a bug in Clouldflare's validation code?

That said, this PR disables the tests for Cloudflare and fixes other issues: https://github.com/StackExchange/dnscontrol/pull/2926

tlimoncelli commented 5 months ago

I'm going to close this. The feature is shipping. Providers that don't have it can add it in their own PR.

Thanks to everyone that contributed to this! I think this DNS records are going to be very popular!