fix: txt records for too long values

Janik-Haag · May 3, 2024 · 7b71970 · 7b71970
1 parent 1cf30ea
commit 7b71970
Show file tree

Hide file tree

Showing 4 changed files with 73 additions and 2 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -29,4 +29,7 @@ jobs:
         run: nix build .#docs
 
       - name: "Try building example"
-        run: nix build ./example#octodns
+        run: nix build --override-input nixos-dns $(pwd)/ ./example#octodns
+
+      - name: "Check zonefile with bind"
+        run: nix build --override-input nixos-dns $(pwd)/ ./example#zoneFiles && nix shell nixpkgs#bind --command named-checkzone example.com result/example.com
diff --git a/example/dns.nix b/example/dns.nix
@@ -3,14 +3,32 @@
   zones = {
     "example.com" = {
       "" = {
+        soa = {
+          data = {
+            rname = "admin.example.invalid";
+            mname = "ns.example.invalid";
+            serial = 1970010100;
+            refresh = 7200;
+            retry = 3600;
+            ttl = 60;
+            expire = 1209600;
+          };
+        };
         ns = {
           data = [
             "ns1.invalid"
             "ns2.invalid"
             "ns3.invalid"
           ];
         };
+        txt = {
+          data = [
+            "meow"
+            "v=spf1 a:mail.example.com -all"
+          ];
+        };
       };
+      "mail._domainkey".txt.data = "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WJ46bl9UqBY9ZxqkVCBdSiysIJMUbWS3BK10Lupe4T5+jWAcdzJraznWeaVF/mR/9TyiB7lE79ZB6WxHxTwwJ5UZjURwImKAKqSGPXPACIj+LHyx5j2nHN4CawC6bkCmpGT99B7I/5bCelekoAHV9U/4pE2YEjgA0VxvlSKHB2Y7cPWL303DInYGaTrvMczuwLYoEwIiBirffYNqHyrOJE9A+ZQRdLjM8DFOxegAOV9mcHb3MwneJuu86Czz45UIrQ7AxkMUNKgHitqTSnXzLWd4BF6Kf3XUh/lED7WPdviBLJo/1H0Cgch8RRlinTeDVliHDQ6/zLWpk6+k3iKkQIDAQAB; s=*;";
     };
     "example.net" = {
       "" = {

diff --git a/utils/tests/zonefiles.nix b/utils/tests/zonefiles.nix
@@ -4,6 +4,14 @@
   utils,
 }:
 {
+  testFormatTxtRecordShorter255 = {
+    expr = utils.zonefiles.formatTxtRecord "meow";
+    expected = "\"meow\"";
+  };
+  testFormatTxtRecordLonger255 = {
+    expr = utils.zonefiles.formatTxtRecord "v=DKIM1; k=rsa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc";
+    expected = "\"v=DKIM1; k=rsa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\" \"aaaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb\" \"bbbbbbbbbbbbbbbcccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc\" \"ccccccccccccccc\"";
+  };
   testWriteZoneFile = {
     expr = builtins.readFile (
       utils.zonefiles.write "example.com" {

diff --git a/utils/zonefiles.nix b/utils/zonefiles.nix
@@ -1,6 +1,41 @@
 { lib, utils }:
 {
   /*
+    Converts a string into a valid txt record so it's compliant with RFC 4408
+    This means it splits the string every 255 chars and surrounds it with quotation marks
+
+    Type:
+      utils.zonefiles.formatTxtRecord :: String -> String
+  */
+  formatTxtRecord =
+    # The String of a txt resource record
+    txtString:
+    let
+      format =
+        {
+          acc ? [ ],
+          chars,
+        }:
+        let
+          rest = [ (lib.concatStrings (lib.take 255 chars)) ];
+        in
+        if (lib.length chars) > 255 then
+          format {
+            acc = acc ++ rest;
+            chars = lib.drop 255 chars;
+          }
+        else if acc != [ ] then
+          acc ++ rest
+        else
+          rest;
+      resolve = lib.concatStringsSep "\" \"" (format {
+        chars = lib.stringToCharacters txtString;
+      });
+    in
+    "\"${resolve}\"";
+
+  /*
+    attributeset
     Takes any record from the module and converts it to a fitting zonefile string
 
     Type:
@@ -24,10 +59,17 @@
     else if record == "soa" then
       "SOA ${value.mname}. ${value.rname}. ( ${builtins.toString value.serial} ${builtins.toString value.refresh} ${builtins.toString value.retry} ${builtins.toString value.expire} ${builtins.toString value.ttl} )"
     else if record == "txt" then
-      "TXT \"${value}\""
+      "TXT ${utils.zonefiles.formatTxtRecord value}"
     else
       "${lib.toUpper record} ${value}";
+  /*
+    Converts a zone attributeset into a zonefile and returns a multiline string
+
+    Type:
+      utils.zonefiles.mkZoneString :: Attr -> String
+  */
   mkZoneString =
+    # Takes dnsConfig."your-domain.invalid"
     entries:
     ''${lib.concatLines (
       lib.flatten (