feat: Allow usage for top-level domains

cmd/rio/main.go

@@ -24,26 +24,14 @@ import (
 	"github.com/urfave/cli/v2"
 )
 
-// Extract the username from the domain name @domain that we're processing
-// at the moment.
-func extractUsername(pagesDomain, domain string) string {
-	suffixlessDomain := strings.TrimSuffix(domain, "."+pagesDomain)
-	usernameParts := strings.Split(suffixlessDomain, ".")
-	if len(usernameParts) == 1 {
-		return usernameParts[0]
-	}
-
-	return strings.Join(usernameParts, ".")
-}
-
 func handleSubdomain(pagesDomain, domain, cname, path, giteaUrl, defaultCsp string, giteaClient *repo.GiteaClient, w http.ResponseWriter) {
 	username := ""
 	if cname != "" {
 		// If we are accessed via a CNAME, then CNAME contains our <user>.<pages domain> value.
-		username = extractUsername(pagesDomain, cname)
+		username = dns.ExtractUsername(pagesDomain, cname)
 	} else {
 		// If we are directly accessed, then domain contains our <user>.<pages domain> value.
-		username = extractUsername(pagesDomain, domain)
+		username = dns.ExtractUsername(pagesDomain, domain)
 	}
 
 	// Strip the leading /

internal/dns/dns.go

@@ -2,6 +2,7 @@ package dns
 
 import (
 	"net"
+	"errors"
 	"strings"
 	"time"
 
@@ -15,6 +16,10 @@ const (
 	// The key that the TXT record will have to start with, e.g.
 	// "repo=some-random-repo".
 	TxtRepoKey = "repo="
+
+	TxtCNAMERecord = "_rio-cname."
+
+	TxtCNAMEKey = "cname="
 )
 
 var (
@@ -61,14 +66,53 @@ func LookupCNAME(domain string) (string, error) {
 		return cname.(string), nil
 	}
 
+	cname, err := lookupCNAME(domain)
+	if err == nil {
+		cnameCache.Set(domain, cname, cache.DefaultExpiration)
+		return cname.(string), nil
+	}
+
+	altCname, err := lookupCNAMETxt(domain)
+	if err == nil {
+		cnameCache.Set(domain, altCname, cache.DefaultExpiration)
+		return altCname, nil
+	}
+
+	return "", err
+}
+
+// Lookup the CNAME by trying to find a CNAME RR. Contrary to net.LookupCNAME,
+// this method fails if we find no CNAME RR.
+func lookupCNAME(domain string) (string, error) {
 	query, err := net.LookupCNAME(domain)
 	if err == nil {
 		if query[len(query)-1] == '.' {
 			query = query[:len(query)-1]
 		}
-		cnameCache.Set(domain, query, cache.DefaultExpiration)
+
+		// Fail if we have no CNAME RR.
+		if query == domain {
+			return "", errors.New("CNAME is equal to domain")
+		}
+
 		return query, nil
 	}
 
 	return "", err
 }
+
+// Performs an alternative CNAME lookup by looking for a special TXT record.
+func lookupCNAMETxt(domain string) (string, error) {
+	txts, err := net.LookupTXT(TxtCNAMERecord+domain)
+	if err == nil {
+		for _, txt := range txts {
+			if !strings.HasPrefix(txt, TxtCNAMEKey) {
+				continue
+			}
+
+			return strings.TrimPrefix(txt, TxtCNAMEKey), nil
+		}
+	}
+	
+	return "", err
+}

internal/dns/dns_test.go

@@ -0,0 +1,32 @@
+package dns
+
+import "testing"
+
+func cleanCache() {
+	cnameCache.Flush()
+	txtRepoCache.Flush()
+}
+
+func TestAltCNAME(t *testing.T) {
+	defer cleanCache()
+
+	res, err := lookupCNAMETxt("moxxy.org")
+	if err != nil {
+		t.Fatalf("Unexpected error: %v", err)
+	}
+	if res != "moxxy.pages.polynom.me" {
+		t.Fatalf("Unexpected alt CNAME: %s", res)
+	}
+}
+
+func TestLookupCNAMEWithAlt(t *testing.T) {
+	defer cleanCache()
+
+	res, err := LookupCNAME("moxxy.org")
+	if err != nil {
+		t.Fatalf("Unexpected error: %v", err)
+	}
+	if res != "moxxy.pages.polynom.me" {
+		t.Fatalf("Unexpected alt CNAME: %s", res)
+	}
+}

internal/dns/username.go

@@ -0,0 +1,15 @@
+package dns
+
+import "strings"
+
+// Extract the username from the domain name @domain that we're processing
+// at the moment.
+func ExtractUsername(pagesDomain, domain string) string {
+	suffixlessDomain := strings.TrimSuffix(domain, "."+pagesDomain)
+	usernameParts := strings.Split(suffixlessDomain, ".")
+	if len(usernameParts) == 1 {
+		return usernameParts[0]
+	}
+
+	return strings.Join(usernameParts, ".")
+}

internal/dns/username_test.go

@@ -1,9 +1,9 @@
-package main
+package dns
 
 import "testing"
 
 func TestExtractUsernameSimple(t *testing.T) {
-	username := extractUsername(
+	username := ExtractUsername(
 		"pages.local",
 		"papatutuwawa.pages.local",
 	)
@@ -13,7 +13,7 @@ func TestExtractUsernameSimple(t *testing.T) {
 }
 
 func TestExtractUsernameDot(t *testing.T) {
-	username := extractUsername(
+	username := ExtractUsername(
 		"pages.local",
 		"polynom.me.pages.local",
 	)

internal/server/tls.go

@@ -44,7 +44,6 @@ func unlockDomain(domain string) {
 }
 
 func buildDomainList(domain, pagesDomain string) []string {
-	// TODO: For wildcards, we MUST use DNS01
 	if domain == pagesDomain || strings.HasSuffix(domain, pagesDomain) {
 		return []string{
 			pagesDomain,
@@ -56,7 +55,6 @@ func buildDomainList(domain, pagesDomain string) []string {
 }
 
 func getDomainKey(domain, pagesDomain string) string {
-	// TODO: For wildcards, we MUST use DNS01
 	if domain == pagesDomain || strings.HasSuffix(domain, pagesDomain) {
 		return "*." + pagesDomain
 	}
@@ -64,10 +62,6 @@ func getDomainKey(domain, pagesDomain string) string {
 	return domain
 }
 
-func usernameFromDomain(domain string) string {
-	return strings.Split(domain, ".")[0]
-}
-
 func getUsername(sni, pagesDomain string) (string, error) {
 	if !strings.HasSuffix(sni, pagesDomain) {
 		log.Debugf("'%s' is not a subdomain of '%s'", sni, pagesDomain)
@@ -81,10 +75,10 @@ func getUsername(sni, pagesDomain string) (string, error) {
 			return "", errors.New("CNAME does not resolve to subdomain of pages domain")
 		}
 
-		return usernameFromDomain(query), nil
+		return dns.ExtractUsername(pagesDomain, query), nil
 	}
 
-	return usernameFromDomain(sni), nil
+	return dns.ExtractUsername(pagesDomain, sni), nil
 }
 
 func MakeTlsConfig(pagesDomain, cachePath string, cache *certificates.CertificatesCache, acmeClient *lego.Client, giteaClient *repo.GiteaClient) *tls.Config {