mirror of
https://github.com/cunnie/sslip.io.git
synced 2025-10-05 07:36:54 +08:00
e5450f579a
We replace `ns-ovh-sg` with `ns-do-sg`; this is a purely financial decision: `ns-ovh-sg` costs $60/month, $720/year. `ns-do-sg` (Digital Ocean), is also a Singapore-based DNS server. It's a basic-regular-2vcpu-4GiB RAM-80GB SSD-4TiB bandwidth for $24/month, $288/year. That's a yearly savings of $432. I had originally overspec'ed the Singapore server because I suspected that there was a ton of traffic in Asia; I was wrong. It's not even 20% the traffic of Europe or North America. I am confident the Digital Ocean server will be able to handle it. I also reintroduce `ns-gce` as the second server in North America, backing up `ns-hetzner`. My hope is that `ns-hetzner` carries most of the load, and `ns-gce` carries the rest, but not so much as to trigger Google Cloud Platform's (GCP's) expensive bandwidth billing. | DNS server | Queries / second | |:-----------|-----------------:| | ns-hetzner | 10706.4 | | ns-ovh | 10802.0 | | ns-ovh-sg | 1677.7 |
4.9 KiB
4.9 KiB
Release Procedure
These instructions are meant primarily for me when deploying a new release; they might not make sense unless you're on my workstation.
export OLD_VERSION=3.2.7
export VERSION=3.2.8
cd ~/workspace/sslip.io
git pull -r --autostash
# update the version number for the TXT record for version.status.sslip.io
sed -i '' "s/$OLD_VERSION/$VERSION/g" \
bin/make_all \
spec/check-dns_spec.rb
# update the download instructions on the website
sed -i '' "s~/$OLD_VERSION/~/$VERSION/~g" \
Docker/sslip.io-dns-server/Dockerfile
Optional: Update the version for the ns-gce, ns-hetzner, and ns-ovh install scripts
pushd ~/bin
sed -i '' "s~/$OLD_VERSION/~/$VERSION/~g" \
~/bin/install_ns-{gce,hetzner,ovh}.sh ~/bin/install_common.sh
git add -p
git ci -m"Update sslip.io DNS server $OLD_VERSION → $VERSION"
git push
popd
Build & start the new executables:
bin/make_all
# Start the server, assuming macOS M1. Adjust path for GOOS, GOARCH. Linux requires `sudo`
bin/sslip.io-dns-server-darwin-arm64
Test from another window:
export DNS_SERVER_IP=127.0.0.1
export VERSION=3.2.8
# quick sanity test
dig +short 127.0.0.1.example.com @$DNS_SERVER_IP
echo 127.0.0.1
# NS ordering might be rotated
dig +short ns example.com @$DNS_SERVER_IP
printf "ns-do-sg.sslip.io.\nns-gce.sslip.io.\nns-hetzner.sslip.io.\nns-ovh.sslip.io.\n"
dig +short mx example.com @$DNS_SERVER_IP
echo "0 example.com."
dig +short mx sslip.io @$DNS_SERVER_IP
printf "10 mail.protonmail.ch.\n20 mailsec.protonmail.ch.\n"
dig +short txt sslip.io @$DNS_SERVER_IP
printf "\"protonmail-verification=ce0ca3f5010aa7a2cf8bcc693778338ffde73e26\"\n\"v=spf1 include:_spf.protonmail.ch mx ~all\"\n"
dig +short txt 127.0.0.1.sslip.io @$DNS_SERVER_IP # no records
dig +short cname sslip.io @$DNS_SERVER_IP # no records
dig +short cname protonmail._domainkey.sslip.io @$DNS_SERVER_IP
echo protonmail.domainkey.dw4gykv5i2brtkjglrf34wf6kbxpa5hgtmg2xqopinhgxn5axo73a.domains.proton.ch.
dig a _Acme-ChallengE.127-0-0-1.sslip.io @$DNS_SERVER_IP | grep "^127"
echo "127-0-0-1.sslip.io. 604800 IN A 127.0.0.1"
dig +short sSlIp.Io
echo 78.46.204.247
dig @$DNS_SERVER_IP txt ip.sslip.io +short | tr -d '"'
echo 127.0.0.1
dig @$DNS_SERVER_IP txt version.status.sslip.io +short | grep $VERSION
echo "\"$VERSION\""
echo " ===" # separator because the results are too similar
dig @$DNS_SERVER_IP 1.0.0.127.in-addr.arpa ptr +short
echo "127-0-0-1.sslip.io."
dig @$DNS_SERVER_IP _psl.sslip.io txt +short
echo "\"https://github.com/publicsuffix/list/pull/2206\""
dig @$DNS_SERVER_IP metrics.status.sslip.io txt +short | grep '"Queries: '
echo '"Queries: 13 (?.?/s)"'
Review the output then close the second window. Stop the server in the original window. Commit our changes:
git add -p
git ci -vm"$VERSION: -ns-azure, ns-aws → \"blocked\""
git tag $VERSION
git push
git push --tags
scp bin/sslip.io-dns-server-linux-amd64 ns-do-sg:
scp bin/sslip.io-dns-server-linux-amd64 ns-gce:
scp bin/sslip.io-dns-server-linux-amd64 ns-hetzner:
scp bin/sslip.io-dns-server-linux-amd64 ns-ovh:
ssh ns-do-sg sudo install sslip.io-dns-server-linux-amd64 /usr/bin/sslip.io-dns-server
ssh ns-do-sg sudo shutdown -r now
# check version number:
sleep 10; while ! dig txt @ns-do-sg.sslip.io version.status.sslip.io +short; do sleep 5; done
ssh ns-gce sudo install sslip.io-dns-server-linux-amd64 /usr/bin/sslip.io-dns-server
ssh ns-gce sudo shutdown -r now
# check version number:
sleep 10; while ! dig txt @ns-gce.sslip.io version.status.sslip.io +short; do sleep 5; done # wait until it's back up before rebooting ns-hetzner
ssh ns-hetzner sudo install sslip.io-dns-server-linux-amd64 /usr/bin/sslip.io-dns-server
ssh ns-hetzner sudo shutdown -r now
# check version number:
sleep 10; while ! dig txt @ns-hetzner.sslip.io version.status.sslip.io +short; do sleep 5; done # wait until it's back up before rebooting ns-ovh
ssh ns-ovh sudo install sslip.io-dns-server-linux-amd64 /usr/bin/sslip.io-dns-server
ssh ns-ovh sudo shutdown -r now
# check version number:
sleep 10; while ! dig txt @ns-ovh.sslip.io version.status.sslip.io +short; do sleep 5; done
- Browse to https://github.com/cunnie/sslip.io/releases/new to draft a new release
- Drag and drop the executables in
bin/to the Attach binaries... section. - Click "Publish release"
fly -t nono trigger-job -j sslip.io/build-and-push-sslip.io-dns-server
Update the webservers with the HTML with new versions:
ssh nono.io curl -L -o /www/sslip.io/document_root/index.html https://raw.githubusercontent.com/cunnie/sslip.io/main/k8s/document_root_sslip.io/index.html
for HOST in {blocked,ns-gce,ns-hetzner,ns-ovh,ns-ovh-sg}.sslip.io; do
ssh $HOST curl -L -o /var/nginx/sslip.io/index.html https://raw.githubusercontent.com/cunnie/sslip.io/main/k8s/document_root_sslip.io/index.html
done
Browse to https://ci.nono.io/teams/main/pipelines/sslip.io and check that everything is green.