mirror of
https://github.com/cunnie/sslip.io.git
synced 2025-10-06 08:06:53 +08:00
6b6549b70a
...because, hey, I have a Mac, and native is about 10x faster than amd64 emulation. Also because it's cool. I had to compile my own version of Concourse's [`registry-image`](https://github.com/concourse/registry-image-resource) container image because the one shipped with Concourse 7.8.3 is old and doesn't have the multi-platform feature: ``` docker build --build-arg base_image=ubuntu -t cunnie/registry-image -f dockerfiles/ubuntu/Dockerfile ``` Switch Alpine → Fedora to address weird connection issue: ``` > [linux/arm64 3/3] RUN wget https://github.com/cunnie/sslip.io/releases/download/2.6.0/sslip.io-dns-server-linux-arm64 -O /usr/sbin/sslip.io-dns-server; chmod 755 /usr/sbin/sslip.io-dns-server: Connecting to github.com (192.30.255.113:443) wget: error getting response: Connection reset by peer ``` [#21]
sslip.io
| Test Type | Status |
|---|---|
| Production Nameservers | |
| DNS Server Unit Tests |
sslip.io is a DNS server that maps specially-crafted DNS A records to IP addresses (e.g. "127-0-0-1.sslip.io" maps to 127.0.0.1). It is similar to, and inspired by, xip.io.
If you'd like to use sslip.io as a service, refer to the website (sslip.io) for more information. This README targets developers; the website targets users.
Quick Start
git clone https://github.com/cunnie/sslip.io.git
cd sslip.io/src/sslip.io-dns-server/
sudo go run main.go
# sudo is required on Linux, but not on macOS, to bind to privileged port 53
In another window:
dig @localhost 192.168.0.1.sslip.io +short
# should return "192.168.0.1"
Quick Start Tests
go install github.com/onsi/ginkgo/v2/ginkgo@latest
go get github.com/onsi/gomega/...
~/go/bin/ginkgo -r -p .
Directory Structure
src/contains the source code to the DNS serverci/contains the Concourse continuous integration (CI) pipeline and taskspec/contains the tests for the production nameservers. To run the tests locally:DOMAIN=sslip.io rspec --format documentation --color spec/k8s/document_root_sslip.io/contains the HTML content of the sslip.io website. Please runtidy -im -w 120 k8s/document_root_sslip.io/index.htmlbefore submitting pull requestsbosh-release/[deprecated] contains the BOSH release. BOSH is the mechanism we previously used to deploy the servers, and the sslip.io BOSH release is a packaging of the DNS server (analogous to a.msi,.pkg,.debor.rpm)
DNS Server
The DNS server is written in Golang and is not configurable without modifying the source:
- it binds to port 53, but can be overridden on the command line with the
-port, e.g.go run main.go -port 9553 - it only binds to UDP (no TCP, sorry)
- The SOA record is hard-coded except the MNAME (primary master name server)
record, which is set to the queried hostname (e.g.
dig big.apple.com @ns-aws.nono.iowould return an SOA with an MNAME record ofbig.apple.com. - The NS records default to
ns-aws.sslip.io,ns-azure.sslip.io,ns-gce.sslip.io; however, they can be overridden via the-nameserversflag, e.g.go run main.go -nameservers ns1.example.com,ns2.example.com). If you override the name servers, don't forget to set address records for the new name servers. Exception:_acme-challengerecords are handled differently to accommodate the procurement of Let's Encrypt wildcard certificates; you can read more about that procedure here - The MX records are hard-coded to the queried hostname with a preference of 0,
except
sslip.ioitself, which has custom MX records to enable email delivery to ProtonMail - There are no SRV records
Acknowledgements
- Sam Stephenson (xip.io), Roopinder Singh (nip.io), and the other DNS developers out there
- The contributors (@normanr, @jpambrun come to mind) who improved sslip.io
- Jenessa Petersen of Let's Encrypt who bumped the rate limits
- Natalia Ershova of JetBrains who provided a free license for open source development