Add support for multiple zones

README.md

@@ -6,19 +6,28 @@ koala is a simple browser frontend for editing zonefiles and applying the change
 koala requires Go 1.16 and NodeJS 12.X or newer.
 
 ## Configuration
-KEY                         | TYPE             | DEFAULT                  | REQUIRED    | DESCRIPTION
-----------------------------|------------------|--------------------------|-------------|----------------------------------------------------
-KOALA_ADDR                  | String           | :8080                    |             | Address the server will be listening on
-KOALA_ZONEFILE              | String           |                          | true        | Zonefile to be edited
-KOALA_ORIGIN                | String           | .                        |             | Zone to be edited
-KOALA_TTL                   | Integer          | 3600                     |             | Default TTL for records
-KOALA_APPLYCMD              | String           | sleep 1                  |             | Command executed after applying zonefile changes
-KOALA_DEBUG                 | True or False    | false                    |             | Enable debug logging
-KOALA_CORS                  | True or False    | false                    |             | Enable support for CORS
-KOALA_SECURITY              | String           | none                     |             | Security guard to use [none|oidc|jwt]
-KOALA_OIDCCLIENTID          | String           |                          |             | OpenID Connect Client ID
-KOALA_OIDCIDENTITYSERVER    | String           |                          |             | URL of identity provider
-KOALA_JWTSECRET             | String           |                          |             | Auth secret for JWT tokens
+```toml
+addr = ":8081"          # address the server will be listening on
+debug = true            # debug mode
+cors = false            # enable cors
+apply_cmd = "sleep 1"   # command to execute after zonefile change
+api_root = "/api"       # path to use for api
+
+[[zones]]
+path = "zone"           # zonefile to be edited
+origin = "home.arpa."   # zone to be edited
+ttl = 3600              # default TTL
+
+[security]
+mode = "none"           # guard to use, either 'none', 'oidc' or 'jwt'
+
+[security.oidc]
+client_id = ""          # OpenID connect client ID
+identity_server = ""    # URL of identity provider
+
+[security.jwt]
+secret = ""             # Auth secret for JWT tokens
+```
 
 ## Installation
 **Step 1:** Download one of the binary packages from the release site
@@ -36,7 +45,14 @@ curl -O -L https://github.com/lnsp/koala/releases/latest/download/koala_darwin_a
 cp koala_* /usr/local/bin/
 ```
 
-**Step 3:** Install a startup script, you should customize it though. Please remember to
+**Step 3:** Create configuration folder and customize configuration
+```bash
+mkdir -p /etc/koala
+cp config.toml /etc/koala/config.toml
+nano config.toml
+```
+
+**Step 4:** Install a startup script, you should customize it though. Please remember to
 protect yourself from unauthorized access.
 ```bash
 cat > /etc/systemd/system/koala.service << EOF
@@ -47,11 +63,8 @@ After=network.target
 [Service]
 Type=simple
 User=root
-Environment=KOALA_ADDR=localhost:8000
-Environment=KOALA_ZONEFILE=/etc/coredns/home.db
-Environment=KOALA_APPLYCMD=echo
-WorkingDirectory=/root/
-ExecStart=/usr/local/bin/koala
+WorkingDirectory=/etc/koala/
+ExecStart=/usr/local/bin/koala -config config.toml
 Restart=on-abort
 
 [Install]

config.toml

@@ -0,0 +1,21 @@
+addr = ":8081"          # address the server will be listening on
+debug = true            # debug mode
+cors = true             # enable cors
+apply_cmd = "sleep 1"   # command to execute after zonefile change
+api_root = "/api"       # path to use for api
+
+[[zones]]
+path = "sample-zone"    # zonefile to be edited
+name = "Default"
+origin = "home.arpa."   # zone to be edited
+ttl = 3600              # default TTL
+
+[security]
+mode = "none"           # guard to use, either 'none', 'oidc' or 'jwt'
+
+[security.oidc]
+client_id = ""          # OpenID connect client ID
+identity_server = ""    # URL of identity provider
+
+[security.jwt]
+secret = ""             # Auth secret for JWT tokens

go.mod

@@ -6,6 +6,8 @@ require (
 	github.com/gorilla/mux v1.8.0 // indirect
 	github.com/kelseyhightower/envconfig v1.3.0
 	github.com/miekg/dns v1.1.27
+	github.com/pelletier/go-toml v1.9.4 // indirect
+	github.com/pelletier/go-toml/v2 v2.0.0-beta.6 // indirect
 	github.com/pkg/errors v0.8.0
 	github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 // indirect
 	github.com/sirupsen/logrus v1.1.1

go.sum

@@ -2,6 +2,7 @@ cloud.google.com/go v0.34.0 h1:eOI3/cP2VTU6uZLDYAoic+eyzzB9YyGmJ7eIjl8rOPg=
 cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 github.com/coreos/go-oidc v2.2.1+incompatible h1:mh48q/BqXqgjVHpy2ZY7WnWAbenxRjsz9N1i1YxjHAk=
 github.com/coreos/go-oidc v2.2.1+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
@@ -17,6 +18,10 @@ github.com/konsorten/go-windows-terminal-sequences v0.0.0-20180402223658-b729f26
 github.com/lnsp/koala v0.6.0 h1:ASJtVK/2pIxuGgyEOukO8r2sZa/lsnn2xobRe8JXfB4=
 github.com/miekg/dns v1.1.27 h1:aEH/kqUzUxGJ/UHcEKdJY+ugH6WEzsEBBSPa8zuy1aM=
 github.com/miekg/dns v1.1.27/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
+github.com/pelletier/go-toml v1.9.4 h1:tjENF6MfZAg8e4ZmZTeWaWiT2vXtsoO6+iuOjFhECwM=
+github.com/pelletier/go-toml v1.9.4/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c=
+github.com/pelletier/go-toml/v2 v2.0.0-beta.6 h1:JFNqj2afbbhCqTiyN16D7Tudc/aaDzE2FBDk+VlBQnE=
+github.com/pelletier/go-toml/v2 v2.0.0-beta.6/go.mod h1:ke6xncR3W76Ba8xnVxkrZG0js6Rd2BsQEAYrfgJ6eQA=
 github.com/pkg/errors v0.8.0 h1:WdK/asTD0HN+q6hsWO3/vpuAkAr+tw6aNJNDFFf0+qw=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
@@ -25,8 +30,10 @@ github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 h1:J9b7z+QKAm
 github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA=
 github.com/sirupsen/logrus v1.1.1 h1:VzGj7lhU7KEB9e9gMpAV/v5XT2NVSvLJhJLCWbnkgXg=
 github.com/sirupsen/logrus v1.1.1/go.mod h1:zrgwTnHtNr00buQ1vSptGe8m1f/BbgsPukg8qsT7A+A=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.7.1-0.20210427113832-6241f9ab9942/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/wpalmer/gozone v0.0.0-20180608130547-4c2e215d1f9a h1:+nDjio1+YrjQp9sN3tOp47BgCHG+XD3Xzvr66uGoDpg=
 github.com/wpalmer/gozone v0.0.0-20180608130547-4c2e215d1f9a/go.mod h1:E+Ks2sS5zxneDHeAP7Ep9S67LqCOHcwh9reMz+7nDXA=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793 h1:u+LnwYTOOW7Ukr/fppxEb1Nwz0AtPflrblfvUudpo+I=
@@ -61,5 +68,7 @@ golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898 h1:/atklqdjdhuosWIl6AIbO
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/appengine v1.4.0 h1:/wp5JvzpHIxhs/dumFmF7BXTf3Z+dd4uXta4kVyO508=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/square/go-jose.v2 v2.4.1 h1:H0TmLt7/KmzlrDOpa1F+zr0Tk90PbJYBfsVUmRLrf9Y=
 gopkg.in/square/go-jose.v2 v2.4.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

main.go

@@ -1,74 +1,108 @@
 package main
 
 import (
+	"flag"
 	"net/http"
+	"os"
 	"strings"
+	"time"
 
+	"github.com/pelletier/go-toml/v2"
 	"github.com/sirupsen/logrus"
 
-	"github.com/kelseyhightower/envconfig"
 	"github.com/lnsp/koala/router"
 	"github.com/lnsp/koala/security"
 	"github.com/lnsp/koala/webui"
 )
 
 var version = "dev"
 
-type spec struct {
-	Addr     string `default:":8080" desc:"Address the server will be listening on"`
-	Zonefile string `required:"true" desc:"Zonefile to be edited"`
-	Origin   string `default:"." desc:"Zone to be edited"`
-	TTL      int64  `default:"3600" desc:"Default TTL for records"`
-	ApplyCmd string `default:"sleep 1" desc:"Command executed after applying zonefile changes"`
-	APIRoot  string `default:"/api" desc:"Path to use for API"`
+type Configuration struct {
+	Addr     string
+	Debug    bool
+	CORS     bool
+	ApplyCmd string `toml:"apply_cmd"`
+	APIRoot  string `toml:"api_root"`
 
-	Debug bool `default:"false" desc:"Enable debug logging" envconfig:"debug"`
-	CORS  bool `default:"false" desc:"Enable support for CORS"`
+	Zones []struct {
+		Name   string
+		Path   string
+		Origin string
+		TTL    int64
+	}
 
-	Security           string `default:"none" desc:"Security guard to use [none|oidc|jwt]"`
-	OIDCClientID       string `default:"" desc:"OpenID Connect Client ID"`
-	OIDCIdentityServer string `default:"" desc:"URL of identity provider"`
-	JWTSecret          string `default:"" desc:"Auth secret for JWT tokens"`
+	Security struct {
+		Mode string
+		OIDC struct {
+			ClientID       string `toml:"client_id"`
+			IdentityServer string `toml:"identity_server"`
+		}
+		JWT struct {
+			Secret string
+		}
+	}
 }
 
+var (
+	configPath = flag.String("config", "config.toml", "path to configuration")
+)
+
 func main() {
-	var s spec
-	if err := envconfig.Process("koala", &s); err != nil {
-		envconfig.Usage("koala", &s)
-		return
+	flag.Parse()
+
+	// Read config data
+	configData, err := os.ReadFile(*configPath)
+	if err != nil {
+		logrus.Fatal("read config file:", err)
+	}
+	// ... and unmarshal
+	var s Configuration
+	if err := toml.Unmarshal(configData, &s); err != nil {
+		logrus.Fatal("unmarshal config:", err)
 	}
+	// Configure debug level
 	if s.Debug {
 		logrus.SetLevel(logrus.DebugLevel)
+		logrus.Debugf("with configuration %+v", s)
 	}
 	// Set up security guard
 	var guard security.Guard
-	switch s.Security {
+	switch s.Security.Mode {
 	case "none":
 		guard = security.None()
 	case "jwt":
-		guard = security.JWT(s.JWTSecret)
+		guard = security.JWT(s.Security.JWT.Secret)
 	case "oidc":
-		guard = security.OIDC(s.OIDCClientID, s.OIDCIdentityServer)
+		guard = security.OIDC(s.Security.OIDC.ClientID, s.Security.OIDC.IdentityServer)
 	default:
 		logrus.Fatal("unknown security guard:", s.Security)
 	}
+	// Generate zone list
+	routerZones := make([]router.Zone, len(s.Zones))
+	for i, zone := range s.Zones {
+		routerZones[i] = router.Zone(zone)
+	}
+	rtr, err := router.New(router.Config{
+		Zones:    routerZones,
+		ApplyCmd: strings.Split(s.ApplyCmd, " "),
+		CORS:     s.CORS,
+		Security: guard,
+		UI:       webui.FS,
+		APIRoot:  s.APIRoot,
+	})
+	if err != nil {
+		logrus.Fatal("setup router:", err)
+	}
 	srv := &http.Server{
-		Addr: s.Addr,
-		Handler: router.New(router.Config{
-			Zonefile: s.Zonefile,
-			Origin:   s.Origin,
-			TTL:      s.TTL,
-			ApplyCmd: strings.Split(s.ApplyCmd, " "),
-			CORS:     s.CORS,
-			Security: guard,
-			UI:       webui.FS,
-			APIRoot:  s.APIRoot,
-		}),
+		Addr:         s.Addr,
+		Handler:      rtr,
+		ReadTimeout:  10 * time.Second,
+		WriteTimeout: 10 * time.Second,
 	}
 	logrus.WithFields(logrus.Fields{
 		"version": version,
-	}).Info("Up and running")
+	}).Info("up and running")
 	if err := srv.ListenAndServe(); err != nil {
-		logrus.WithError(err).Fatal("Could not serve")
+		logrus.WithError(err).Fatal("could not serve")
 	}
 }