mirror of https://github.com/Daniel15/dnstools synced 2024-11-23 16:21:31 +00:00

Go to file

Daniel Lo Nigro 56a0d69547 Remove Austria and Poland now that HostHatch are no longer operating in those regions.		2024-05-12 19:10:12 -07:00
ansible	Remove cleanup from Ansible now that all servers are running the .NET 8 version.	2024-02-12 19:32:35 -08:00
src	Remove Austria and Poland now that HostHatch are no longer operating in those regions.	2024-05-12 19:10:12 -07:00
.dockerignore	Fix GitInfo in Docker build	2024-05-12 19:09:31 -07:00
.editorconfig	Add Ansible playbook for worker deployment	2019-12-04 23:51:14 -08:00
.gitignore	Serve dev site directly from create-react-app server rather than proxying via ASP.NET server	2020-04-19 19:13:08 -07:00
.gitmodules	Tweak Sentry:	2023-11-23 14:53:04 -08:00
DnsTools.sln	Send request to multiple workers	2019-10-30 22:08:34 -07:00
LICENSE	Add README and license	2020-01-05 19:24:42 -08:00
README.md	[README] All workers are Bullseye now	2024-02-22 10:20:13 -08:00

README.md

dnstools.ws

This is the source code for dnstools.ws.

Architecture

DNSTools is split into two pieces:

Website

The website is a C# ASP .NET Core 8.0 website, built using React and SignalR.

Worker

The "worker" (or "agent") is a small app that runs on multiple servers around the world. It's a gRPC service written in C# using .NET Core 8.0 and compiled to a single executable using Native AoT. In production, the workers are a mix of KVM and OpenVZ7 VPSes running Debian Bookworm (12).

Some workers (such as pings and traceroutes) use the standard ping and traceroute command-line utilities. Pings can only be sent by root, and reusing existing well-tested code is more secure than creating our own setuid binaries. Other tools (like DNS lookups) are all performed using C# code.

Development

The DnsTools.sln Visual Studio 2022 solution contains both the website and the worker.

Website

The website consists of two parts: A frontend app built using Create React App, and a backend app built using C#. To run the development version of the website, you need to start both:

Frontend: Run yarn start in the src/DnsTools.Web/ClientApp directory
Backend: Run DnsTools.Web from Visual Studio, or via dotnet run at the command-line

You can then hit the site at http://localhost:31429/. The C# backend is running on https://localhost:5001/ but this is only used for API requests - All webpages are loaded via the Webpack dev server.

Worker

The worker requires a few Linux utilities (like ping and traceroute) to be available. On Windows, you can run the worker using Docker. VS2019's built-in Docker support is sufficient for this - Just start the project in Visual Studio and it'll automatically spin up the Docker container.

Deploying to Production

Website

Build and deploy the site using the publish script:

cd src/DnsTools.web
./publish.ps1

Workers

The workers are all configured and deployed using Ansible.

Some manual configuration is required before running Ansible:

Generate a random password and store it in ./ansible/vault-password
Store servers' sudo password in an encrypted Ansible Vault file:

cd ansible
ansible-vault create passwd.yml
ansible-vault edit passwd.yml --vault-password-file=vault-password

In the file, add:

sudo_pass: put_the_password_here

Start ssh-agent and load the Ansible SSH key:

eval `ssh-agent`
ssh-add ~/.ssh/id_ed25519_ansible

Running the deploy-workers.sh script will run the playbook to deploy all the workers. Be sure to publish the worker app first:

dotnet publish --no-self-contained -r linux-x64 -c Release

For new workers, some manual configuration is required after the first time it's deployed using Ansible:

Create a TLS certificate for the worker:

sudo certbot certonly --manual --manual-auth-hook /etc/letsencrypt/acme-dns-auth.py --preferred-challenges dns --debug-challenges --server https://acme-v02.api.letsencrypt.org/directory --cert-name dnstools-worker -d xx.worker.dns.tg

(where xx is some identifier for the worker, like fr for France or us-ny for New York)