diff --git a/src/migration-scripts/dns-dynamic/0-to-1 b/src/migration-scripts/dns-dynamic/0-to-1
index 4f6083eab..b7674a9c8 100755
--- a/src/migration-scripts/dns-dynamic/0-to-1
+++ b/src/migration-scripts/dns-dynamic/0-to-1
@@ -1,117 +1,128 @@
#!/usr/bin/env python3
# Copyright (C) 2023 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# T5144:
# - migrate "service dns dynamic interface ..."
# to "service dns dynamic address ..."
# - migrate "service dns dynamic interface <interface> use-web ..."
# to "service dns dynamic address <address> web-options ..."
# - migrate "service dns dynamic interface <interface> rfc2136 <config> record ..."
# to "service dns dynamic address <address> rfc2136 <config> host-name ..."
# - migrate "service dns dynamic interface <interface> service <config> login ..."
# to "service dns dynamic address <address> service <config> username ..."
# - apply global 'ipv6-enable' to per <config> 'ip-version: ipv6'
# - apply service protocol mapping upfront, they are not 'auto-detected' anymore
+# - migrate web-options url to stricter format
import sys
+import re
from vyos.configtree import ConfigTree
service_protocol_mapping = {
'afraid': 'freedns',
'changeip': 'changeip',
'cloudflare': 'cloudflare',
'dnspark': 'dnspark',
'dslreports': 'dslreports1',
'dyndns': 'dyndns2',
'easydns': 'easydns',
'namecheap': 'namecheap',
'noip': 'noip',
'sitelutions': 'sitelutions',
'zoneedit': 'zoneedit1'
}
if len(sys.argv) < 2:
print("Must specify file name!")
sys.exit(1)
file_name = sys.argv[1]
with open(file_name, 'r') as f:
config_file = f.read()
config = ConfigTree(config_file)
old_base_path = ['service', 'dns', 'dynamic', 'interface']
new_base_path = ['service', 'dns', 'dynamic', 'address']
if not config.exists(old_base_path):
# Nothing to do
sys.exit(0)
# Migrate "service dns dynamic interface"
# to "service dns dynamic address"
config.rename(old_base_path, new_base_path[-1])
for address in config.list_nodes(new_base_path):
# Migrate "service dns dynamic interface <interface> rfc2136 <config> record"
# to "service dns dynamic address <address> rfc2136 <config> host-name"
if config.exists(new_base_path + [address, 'rfc2136']):
for rfc_cfg in config.list_nodes(new_base_path + [address, 'rfc2136']):
if config.exists(new_base_path + [address, 'rfc2136', rfc_cfg, 'record']):
config.rename(new_base_path + [address, 'rfc2136', rfc_cfg, 'record'], 'host-name')
# Migrate "service dns dynamic interface <interface> service <config> login"
# to "service dns dynamic address <address> service <config> username"
if config.exists(new_base_path + [address, 'service']):
for svc_cfg in config.list_nodes(new_base_path + [address, 'service']):
if config.exists(new_base_path + [address, 'service', svc_cfg, 'login']):
config.rename(new_base_path + [address, 'service', svc_cfg, 'login'], 'username')
# Apply global 'ipv6-enable' to per <config> 'ip-version: ipv6'
if config.exists(new_base_path + [address, 'ipv6-enable']):
config.set(new_base_path + [address, 'service', svc_cfg, 'ip-version'], 'ipv6')
config.delete(new_base_path + [address, 'ipv6-enable'])
# Apply service protocol mapping upfront, they are not 'auto-detected' anymore
if svc_cfg in service_protocol_mapping:
config.set(new_base_path + [address, 'service', svc_cfg, 'protocol'],
service_protocol_mapping.get(svc_cfg))
# If use-web is set, then:
# Move "service dns dynamic address <address> <service|rfc2136> <service> ..."
# to "service dns dynamic address web <service|rfc2136> <service>-<address> ..."
# Move "service dns dynamic address web use-web ..."
# to "service dns dynamic address web web-options ..."
# Note: The config is named <service>-<address> to avoid name conflict with old entries
if config.exists(new_base_path + [address, 'use-web']):
for svc_type in ['rfc2136', 'service']:
if config.exists(new_base_path + [address, svc_type]):
config.set(new_base_path + ['web', svc_type])
config.set_tag(new_base_path + ['web', svc_type])
for svc_cfg in config.list_nodes(new_base_path + [address, svc_type]):
config.copy(new_base_path + [address, svc_type, svc_cfg],
new_base_path + ['web', svc_type, f'{svc_cfg}-{address}'])
# Multiple web-options were not supported, so copy only the first one
+ # Also, migrate web-options url to stricter format and transition
+ # checkip.dyndns.org to https://domains.google.com/checkip for better
+ # TLS support (see: https://github.com/ddclient/ddclient/issues/597)
if not config.exists(new_base_path + ['web', 'web-options']):
config.copy(new_base_path + [address, 'use-web'], new_base_path + ['web', 'web-options'])
+ if config.exists(new_base_path + ['web', 'web-options', 'url']):
+ url = config.return_value(new_base_path + ['web', 'web-options', 'url'])
+ if re.search("^(https?://)?checkip\.dyndns\.org", url):
+ config.set(new_base_path + ['web', 'web-options', 'url'], 'https://domains.google.com/checkip')
+ if not url.startswith(('http://', 'https://')):
+ config.set(new_base_path + ['web', 'web-options', 'url'], f'https://{url}')
config.delete(new_base_path + [address])
try:
with open(file_name, 'w') as f:
f.write(config.to_string())
except OSError as e:
print("Failed to save the modified config: {}".format(e))
sys.exit(1)
diff --git a/src/migration-scripts/dns-dynamic/2-to-3 b/src/migration-scripts/dns-dynamic/2-to-3
index e5910f7b4..4e0aa37d5 100755
--- a/src/migration-scripts/dns-dynamic/2-to-3
+++ b/src/migration-scripts/dns-dynamic/2-to-3
@@ -1,119 +1,119 @@
#!/usr/bin/env python3
# Copyright (C) 2023 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# T5791:
# - migrate "service dns dynamic address web web-options ..."
# to "service dns dynamic name <service> address web ..." (per service)
# - migrate "service dns dynamic address <address> rfc2136 <service> ..."
# to "service dns dynamic name <service> address <interface> protocol 'nsupdate'"
# - migrate "service dns dynamic address <interface> service <service> ..."
# to "service dns dynamic name <service> address <interface> ..."
# - normalize the all service names to conform with name constraints
import sys
import re
from unicodedata import normalize
from vyos.configtree import ConfigTree
def normalize_name(name):
"""Normalize service names to conform with name constraints.
This is necessary as part of migration because there were no constraints in
the old name format.
"""
# Normalize unicode characters to ASCII (NFKD)
# Replace all separators with hypens, strip leading and trailing hyphens
name = normalize('NFKD', name).encode('ascii', 'ignore').decode()
- name = re.sub(r'(\s|\W)+', '-', name).strip('-')
+ name = re.sub(r'(\s|_|\W)+', '-', name).strip('-')
return name
if len(sys.argv) < 2:
print("Must specify file name!")
sys.exit(1)
file_name = sys.argv[1]
with open(file_name, 'r') as f:
config_file = f.read()
config = ConfigTree(config_file)
base_path = ['service', 'dns', 'dynamic']
address_path = base_path + ['address']
name_path = base_path + ['name']
if not config.exists(address_path):
# Nothing to do
sys.exit(0)
# config.copy does not recursively create a path, so initialize the name path as tagged node
if not config.exists(name_path):
config.set(name_path)
config.set_tag(name_path)
for address in config.list_nodes(address_path):
address_path_tag = address_path + [address]
# Move web-option as a configuration in each service instead of top level web-option
if config.exists(address_path_tag + ['web-options']) and address == 'web':
for svc_type in ['service', 'rfc2136']:
if config.exists(address_path_tag + [svc_type]):
for svc_cfg in config.list_nodes(address_path_tag + [svc_type]):
config.copy(address_path_tag + ['web-options'],
address_path_tag + [svc_type, svc_cfg, 'web-options'])
config.delete(address_path_tag + ['web-options'])
for svc_type in ['service', 'rfc2136']:
if config.exists(address_path_tag + [svc_type]):
# Set protocol to 'nsupdate' for RFC2136 configuration
if svc_type == 'rfc2136':
for rfc_cfg in config.list_nodes(address_path_tag + ['rfc2136']):
config.set(address_path_tag + ['rfc2136', rfc_cfg, 'protocol'], 'nsupdate')
# Add address as config value in each service before moving the service path
# And then copy the services from 'address <interface> service <service>'
# to 'name (service|rfc2136)-<service>-<address>'
# Note: The new service is named (service|rfc2136)-<service>-<address>
# to avoid name conflict with old entries
for svc_cfg in config.list_nodes(address_path_tag + [svc_type]):
config.set(address_path_tag + [svc_type, svc_cfg, 'address'], address)
config.copy(address_path_tag + [svc_type, svc_cfg],
name_path + ['-'.join([svc_type, svc_cfg, address])])
# Finally cleanup the old address path
config.delete(address_path)
# Normalize the all service names to conform with name constraints
index = 1
for name in config.list_nodes(name_path):
new_name = normalize_name(name)
if new_name != name:
# Append index if there is still a name conflicts after normalization
# For example, "foo-?(" and "foo-!)" both normalize to "foo-"
if config.exists(name_path + [new_name]):
new_name = f'{new_name}-{index}'
index += 1
config.rename(name_path + [name], new_name)
try:
with open(file_name, 'w') as f:
f.write(config.to_string())
except OSError as e:
print("Failed to save the modified config: {}".format(e))
sys.exit(1)