let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Gateway: wide-area Bonjour via clawdis.internal

Browse Source
This commit is contained in:
Peter Steinberger
2025-12-17 17:01:10 +01:00
parent a1940418fb
commit e9ae10e569
13 changed files with 673 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/cli/dns-cli.test.ts Normal file
View File

@@ -0,0 +1,12 @@
import { describe, expect, it, vi } from "vitest";
const { buildProgram } = await import("./program.js");
describe("dns cli", () => {
it("prints setup info (no apply)", async () => {
const log = vi.spyOn(console, "log").mockImplementation(() => {});
const program = buildProgram();
await program.parseAsync(["dns", "setup"], { from: "user" });
expect(log).toHaveBeenCalledWith(expect.stringContaining("Domain:"));
});
});

169
src/cli/dns-cli.ts Normal file
View File

@@ -0,0 +1,169 @@
import { spawnSync } from "node:child_process";
import fs from "node:fs";
import path from "node:path";
import type { Command } from "commander";
import { loadConfig } from "../config/config.js";
import {
pickPrimaryTailnetIPv4,
pickPrimaryTailnetIPv6,
} from "../infra/tailnet.js";
import {
getWideAreaZonePath,
WIDE_AREA_DISCOVERY_DOMAIN,
} from "../infra/widearea-dns.js";
type RunOpts = { allowFailure?: boolean; inherit?: boolean };
function run(cmd: string, args: string[], opts?: RunOpts): string {
const res = spawnSync(cmd, args, {
encoding: "utf-8",
stdio: opts?.inherit ? "inherit" : "pipe",
});
if (res.error) throw res.error;
if (!opts?.allowFailure && res.status !== 0) {
const errText =
typeof res.stderr === "string" && res.stderr.trim()
? res.stderr.trim()
: `exit ${res.status ?? "unknown"}`;
throw new Error(`${cmd} ${args.join(" ")} failed: ${errText}`);
}
return typeof res.stdout === "string" ? res.stdout : "";
}
function detectBrewPrefix(): string {
const out = run("brew", ["--prefix"]);
const prefix = out.trim();
if (!prefix) throw new Error("failed to resolve Homebrew prefix");
return prefix;
}
function ensureImportLine(corefilePath: string, importGlob: string): boolean {
const existing = fs.readFileSync(corefilePath, "utf-8");
if (existing.includes(importGlob)) return false;
const next = `${existing.replace(/\s*$/, "")}\n\nimport ${importGlob}\n`;
fs.writeFileSync(corefilePath, next, "utf-8");
return true;
}
export function registerDnsCli(program: Command) {
const dns = program
.command("dns")
.description("DNS helpers for wide-area discovery (Tailscale + CoreDNS)");
dns
.command("setup")
.description(
"Set up CoreDNS to serve clawdis.internal for unicast DNS-SD (Wide-Area Bonjour)",
)
.option(
"--apply",
"Install/update CoreDNS config and (re)start the service (requires sudo)",
false,
)
.action(async (opts) => {
const cfg = loadConfig();
const tailnetIPv4 = pickPrimaryTailnetIPv4();
const tailnetIPv6 = pickPrimaryTailnetIPv6();
const zonePath = getWideAreaZonePath();
console.log(`Domain: ${WIDE_AREA_DISCOVERY_DOMAIN}`);
console.log(`Zone file (gateway-owned): ${zonePath}`);
console.log(
`Detected tailnet IP: ${tailnetIPv4 ?? "—"}${tailnetIPv6 ? ` (v6 ${tailnetIPv6})` : ""}`,
);
console.log("");
console.log("Recommended ~/.clawdis/clawdis.json:");
console.log(
JSON.stringify(
{
bridge: { bind: "tailnet" },
discovery: { wideArea: { enabled: true } },
},
null,
2,
),
);
console.log("");
console.log("Tailscale admin (DNS → Nameservers):");
console.log(
`- Add nameserver: ${tailnetIPv4 ?? "<this machine's tailnet IPv4>"}`,
);
console.log(`- Restrict to domain (Split DNS): clawdis.internal`);
if (!opts.apply) {
console.log("");
console.log("Run with --apply to install CoreDNS and configure it.");
return;
}
if (process.platform !== "darwin") {
throw new Error("dns setup is currently supported on macOS only");
}
if (!tailnetIPv4 && !tailnetIPv6) {
throw new Error(
"no tailnet IP detected; ensure Tailscale is running on this machine",
);
}
const prefix = detectBrewPrefix();
const etcDir = path.join(prefix, "etc", "coredns");
const corefilePath = path.join(etcDir, "Corefile");
const confDir = path.join(etcDir, "conf.d");
const importGlob = path.join(confDir, "*.server");
const serverPath = path.join(confDir, "clawdis.internal.server");
run("brew", ["list", "coredns"], { allowFailure: true });
run("brew", ["install", "coredns"], {
inherit: true,
allowFailure: true,
});
await fs.promises.mkdir(confDir, { recursive: true });
if (fs.existsSync(corefilePath)) {
ensureImportLine(corefilePath, importGlob);
}
const bindArgs = [tailnetIPv4, tailnetIPv6].filter((v): v is string =>
Boolean(v?.trim()),
);
const server = [
`${WIDE_AREA_DISCOVERY_DOMAIN.replace(/\.$/, "")}:53 {`,
` bind ${bindArgs.join(" ")}`,
` file ${zonePath} {`,
` reload 10s`,
` }`,
` errors`,
` log`,
`}`,
``,
].join("\n");
fs.writeFileSync(serverPath, server, "utf-8");
// Ensure the gateway can write its zone file path.
await fs.promises.mkdir(path.dirname(zonePath), { recursive: true });
if (!fs.existsSync(zonePath)) {
fs.writeFileSync(
zonePath,
`; created by clawdis dns setup\n$ORIGIN ${WIDE_AREA_DISCOVERY_DOMAIN}\n$TTL 60\n`,
"utf-8",
);
}
console.log("");
console.log("Starting CoreDNS (sudo)…");
run("sudo", ["brew", "services", "restart", "coredns"], {
inherit: true,
});
if (cfg.discovery?.wideArea?.enabled !== true) {
console.log("");
console.log(
"Note: enable discovery.wideArea.enabled in ~/.clawdis/clawdis.json on the gateway and restart the gateway so it writes the DNS-SD zone.",
);
}
});
}

2
src/cli/program.ts
View File

@@ -29,6 +29,7 @@ import { VERSION } from "../version.js";
import { startWebChatServer } from "../webchat/server.js";
import { registerCronCli } from "./cron-cli.js";
import { createDefaultDeps } from "./deps.js";
import { registerDnsCli } from "./dns-cli.js";
import { registerGatewayCli } from "./gateway-cli.js";
import { registerNodesCli } from "./nodes-cli.js";
import { forceFreePort } from "./ports.js";
@@ -248,6 +249,7 @@ Examples:
registerGatewayCli(program);
registerNodesCli(program);
registerCronCli(program);
registerDnsCli(program);
program
.command("status")