From dea655a9909eacaec0abb7cfb017332f9b524d2e Mon Sep 17 00:00:00 2001
From: Brian Cunnie <brian.cunnie@gmail.com>
Date: Tue, 8 Oct 2024 18:08:59 -0700
Subject: [PATCH] TXT record attests ownership for the Public Suffix List

We want to place sslip.io on the Public Suffix List so we don't need to
pester Let's Encrypt for rate limit increases.

According to https://publicsuffix.org/submit/:

> owners of privately-registered domains who themselves issue subdomains
to mutually-untrusting parties may wish to be added to the PRIVATE
section of the list.

References:

- https://publicsuffix.org/
- https://github.com/publicsuffix/list/pull/2206

[Fixes #57]
---
 integration_test.go | 4 ++++
 xip/xip.go          | 9 +++++++++
 2 files changed, 13 insertions(+)

diff --git a/integration_test.go b/integration_test.go
index 2a86c56..aac1332 100644
--- a/integration_test.go
+++ b/integration_test.go
@@ -174,6 +174,10 @@ var _ = Describe("sslip.io-dns-server", func() {
 				"@localhost sslip.io +short +vc",
 				`\A78.46.204.247\n\z`,
 				`TypeA sslip.io. \? 78.46.204.247\n`),
+			Entry(`TXT for _psl sslip.io is a link to the pull request for putting sslip.io on the Public Suffix List`,
+				"@localhost _psl.sslip.io txt +short",
+				`\A"https://github.com/publicsuffix/list/pull/2206"\n\z`,
+				`TypeTXT _psl.sslip.io. \? \["https://github.com/publicsuffix/list/pull/2206"\]`),
 		)
 	})
 	Describe("for more complex assertions", func() {
diff --git a/xip/xip.go b/xip/xip.go
index 0bcff14..c90550e 100644
--- a/xip/xip.go
+++ b/xip/xip.go
@@ -147,6 +147,15 @@ var (
 				}, nil
 			},
 		},
+		"_psl.sslip.io.": { // avoid Let's Encrypt rate limits by joining https://publicsuffix.org
+			TXT: func(x *Xip, _ net.IP) ([]dnsmessage.TXTResource, error) {
+				x.Metrics.AnsweredTXTVersionQueries++
+				return []dnsmessage.TXTResource{
+					{TXT: []string{"https://github.com/publicsuffix/list/pull/2206"}},
+				}, nil
+			},
+		},
+
 		"metrics.status.sslip.io.": {
 			TXT: TXTMetrics,
 		},