nathanwoodburn/hns_doh_loadbalancer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Update to add regions
All checks were successful
Build Docker / Build_Docker (push) Successful in 35s
Details

Browse Source
This commit is contained in:
Nathan Woodburn 2024-10-09 20:21:07 +11:00
parent 307b748590
commit d393e01a91
Signed by: nathanwoodburn
GPG Key ID: 203B000478AD0EF1
6 changed files with 198 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.venv/

4
cert.py
View File

@ -7,7 +7,7 @@ import time
AUTH = ""
# Check if token file exists
if os.path.isfile("/root/hns_doh_loadbalancer/token"):
if not os.path.isfile("/root/hns_doh_loadbalancer/token"):
print("ERROR: Token file not found")
# Read token from file
@ -24,7 +24,7 @@ if len(AUTH) == 0:
# URL to acme-dns instance
ACMEDNS_URL = "https://nathan.woodburn.au/hnsdoh-acme"
ACMEDNS_URL = "https://nathan.c.woodburn.au/hnsdoh-acme"
# Path for acme-dns credential storage
STORAGE_PATH = "/etc/letsencrypt/acmedns.json"
# Whitelist for address ranges to allow the updates from

15
create_wireform.py Normal file
View File

@ -0,0 +1,15 @@
import base64
import dns.message
# Generate custom request
domain = "woodburn"
message = dns.message.make_query(domain, dns.rdatatype.A,id=0)
wireBytes = message.to_wire()
wire = base64.b64encode(wireBytes)
print(wire.decode("utf-8"))
# Read
message = dns.message.from_wire(wireBytes)
print(str(message))

4
install.sh
View File

@ -20,7 +20,6 @@ sudo apt-get install -y dnsdist
sudo apt install snapd -y
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot certonly --manual --manual-auth-hook /root/hns_doh_loadbalancer/cert.py --preferred-challenges dns -d hnsdoh.com --deploy-hook /root/hns_doh_loadbalancer/cert.sh
sudo cp /root/hns_doh_loadbalancer/resolved.conf /etc/systemd/resolved.conf
sudo systemctl restart systemd-resolved
@ -32,7 +31,6 @@ sudo systemctl daemon-reload
# Restart dnsdist
sudo systemctl restart dnsdist
# Install caddy
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
@ -45,6 +43,8 @@ sudo cp /root/hns_doh_loadbalancer/Caddyfile /etc/caddy/Caddyfile
# Restart caddy
sudo systemctl restart caddy
sudo certbot certonly --manual --manual-auth-hook /root/hns_doh_loadbalancer/cert.py --preferred-challenges dns -d hnsdoh.com -d *.hnsdoh.com --deploy-hook /root/hns_doh_loadbalancer/cert.sh
# Install NVM
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash

131
public/index.html
View File

@ -73,13 +73,15 @@
<li class="list-group-item">
<div>
<h5 class="display-5">DNS over HTTPS</h5>
<p>DNS over HTTPS is supported by most browsers. To add HNSDoH to your revolvers add this URL to your Secure DNS setting<br><code>https://hnsdoh.com/dns-query</code></p>
<p>DNS over HTTPS is supported by most browsers. To add HNSDoH to your revolvers add this URL to your Secure DNS setting<br><code style="display: block;">https://hnsdoh.com/dns-query</code></p>
<p>You can also specify a specific region to have faster resolution with a lower number of servers for redundancy.<br><code style="display: block;">https://{region}.hnsdoh.com/dns-query</code><span>For example the AU region can be set using:&nbsp;</span><code style="display: inline;">https://au.hnsdoh.com/dns-query</code></p>
</div>
</li>
<li class="list-group-item">
<div>
<h5 class="display-5">DNS over TLS</h5>
<p>DNS over TLS is the best option for mobile phones. Simply set Private DNS to the hostname&nbsp;<br><code>hnsdoh.com</code></p>
<p>You can also specify a specific region to have faster resolution with a lower number of servers for redundancy.<br><code style="display: block;">{region}.hnsdoh.com</code><span>For example the AU region can be set using:&nbsp;</span><code style="display: inline;">au.hnsdoh.com</code></p>
</div>
</li>
<li class="list-group-item">
@ -175,7 +177,116 @@
</div>
</div>
</section>
<section id="providers" style="margin-top: 10vh;margin-right: 10%;margin-left: 10%;">
<section id="regions" style="margin-top: 10vh;margin-right: 10%;margin-left: 10%;">
<div style="text-align: center;">
<h1>Regions</h1>
<div>
<div class="table-responsive">
<table class="table table-striped">
<thead>
<tr>
<th>Region</th>
<th>Region ID</th>
<th># of nodes</th>
<th>Latency</th>
</tr>
</thead>
<tbody>
<tr>
<td>Australia</td>
<td>au</td>
<td>1</td>
<td><span id="au-ping">Pinging...</span></td>
</tr>
<tr>
<td>Europe</td>
<td>eu</td>
<td>2</td>
<td><span id="eu-ping">Pinging...</span></td>
</tr>
<tr>
<td>North America</td>
<td>na</td>
<td>2</td>
<td><span id="na-ping">Pinging...</span></td>
</tr>
<tr>
<td>Asia</td>
<td>as</td>
<td>1</td>
<td><span id="as-ping">Pinging...</span></td>
</tr>
<tr>
<td>Asia Pacific</td>
<td>ap</td>
<td>2</td>
<td><span id="ap-ping">Pinging...</span></td>
</tr>
</tbody>
</table>
</div>
<script>
function pingServer(id) {
return new Promise((resolve) => { // Always resolve the promise
if (!id) {
resolve({ id, pingTime: null, error: "Error: Invalid server ID" });
return;
}
console.log("Pinging server for " + id);
const startTime = performance.now(); // Record the start time
const serverUrl = `https://${id}.hnsdoh.com/dns-query?dns=CagBAAABAAAAAAAACHdvb2RidXJuAAABAAE=`;
// Use fetch with no-cors mode
fetch(serverUrl, {
method: 'GET',
mode: 'no-cors',
headers: { 'Content-Type': 'application/dns-message' },
cache: "no-store"
})
.then(response => {
const endTime = performance.now(); // Record the end time
const pingTime = endTime - startTime; // Calculate ping time
// Resolve with the ID and ping time
resolve({ id, pingTime, error: null });
})
.catch(error => {
// Resolve with an error message instead of rejecting
resolve({ id, pingTime: null, error: `Error pinging server` });
});
});
}
const regions = ["au","eu", "na", "as", "ap"];
const pingPromises = regions.map(region => pingServer(region));
Promise.all(pingPromises)
.then(results => {
console.log("Ping results:", results);
// Update the corresponding span elements with ping results
results.forEach(result => {
const spanId = `${result.id}-ping`;
const spanElement = document.getElementById(spanId);
if (spanElement) {
if (result.pingTime !== null) {
spanElement.textContent = `${result.pingTime} ms`;
} else {
spanElement.textContent = result.error; // Display error message
}
}
});
})
.catch(error => {
console.error("Error pinging servers:", error);
});
</script>
</div>
</div>
</section>
<section id="nodes" style="margin-top: 10vh;margin-right: 10%;margin-left: 10%;">
<div style="text-align: center;">
<h1>Nodes</h1>
<div>
@ -186,6 +297,7 @@
<th>Provider</th>
<th>Location</th>
<th>IPv4</th>
<th>Regions</th>
</tr>
</thead>
<tbody>
@ -193,30 +305,41 @@
<td><a href="https://nathan.woodburn.au" style="color: rgb(255,255,255);" target="_blank">Nathan.Woodburn/</a></td>
<td>Australia</td>
<td>194.50.5.27</td>
<td>AU, AP</td>
</tr>
<tr>
<td><a data-bs-toggle="tooltip" data-bss-tooltip="" href="https://hnscanada.ca/" style="color: rgb(255,255,255);" target="_blank" title="This node is managed by Nathan.Woodburn/">HNS Canada*</a></td>
<td>Canada</td>
<td>139.177.195.185</td>
<td>NA</td>
</tr>
<tr>
<td><a data-bs-toggle="tooltip" data-bss-tooltip="" href="https://ezdomains.io/" style="color: rgb(255,255,255);" target="_blank" title="This node is managed by Nathan.Woodburn/">EZ Domains*</a></td>
<td>Netherlands</td>
<td>172.233.46.92</td>
<td>EU</td>
</tr>
<tr>
<td><a data-bs-toggle="tooltip" data-bss-tooltip="" href="https://ezdomains.io/" style="color: rgb(255,255,255);" target="_blank" title="This node is managed by Nathan.Woodburn/">EZ Domains*</a></td>
<td>Singapore</td>
<td>172.105.120.203</td>
<td>AS, AP</td>
</tr>
<tr>
<td><a href="https://easyhns.com" style="color: rgb(255,255,255);" target="_blank" title="This node is managed by Nathan.Woodburn/">Easy HNS</a></td>
<td><a href="https://easyhns.com" style="color: rgb(255,255,255);" target="_blank">Easy HNS</a></td>
<td>England</td>
<td>18.169.98.42</td>
<td>EU</td>
</tr>
<tr>
<td><a href="about:blank" style="color: rgb(255,255,255);" target="_blank">Zorro</a></td>
<td>United States</td>
<td>173.233.72.88</td>
<td>NA</td>
</tr>
</tbody>
</table>
</div>
</div><span>Note: Some nodes are in multiple regions to allow selecting larger regions.</span>
</div>
</div>
</section>

51
test_region.sh Executable file
View File

@ -0,0 +1,51 @@
#!/bin/bash
REGION_IDS=("au" "eu" "na" "as" "ap")
if [ -z "$1" ]; then
for REGION_ID in "${REGION_IDS[@]}"
do
echo "--------------------------------------------"
echo "Running test for $REGION_ID"
echo "--------------------------------------------"
./test_region.sh $REGION_ID
echo "Completed test for $REGION_ID"
echo "--------------------------------------------"
done
exit 0
else
REGION_ID=$1
fi
# Check if IP is specified
if [ -z "$2" ]; then
RESOLVED_IPS=$(dig +short $REGION_ID.hnsdoh.com)
NODE_IPS=($RESOLVED_IPS)
if [ ${#NODE_IPS[@]} -eq 0 ]; then
echo "No IP addresses resolved for $REGION_ID.hnsdoh.com. Exiting."
exit 1
fi
else
NODE_IPS=("$2")
fi
# Define the domain and host for kdig commands
TLS_HOST="$REGION_ID.hnsdoh.com"
DOH_URL="https://$REGION_ID.hnsdoh.com/dns-query"
# Loop over each IP and run the kdig commands
for NODE_IP in "${NODE_IPS[@]}"
do
echo "Running kdig commands for NODE_IP=$NODE_IP"
# Run the kdig commands
kdig +tls +tls-host=$TLS_HOST @$NODE_IP 1.wdbrn TXT +short
kdig +tls-ca +https=@$DOH_URL @$NODE_IP 2.wdbrn TXT +short
kdig @$NODE_IP 3.wdbrn TXT +short
echo "Completed kdig commands for NODE_IP=$NODE_IP"
echo "--------------------------------------------"
done