lordwelch/router7
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
374 Commits 4 Branches 24 Tags
master
Commit Graph

374 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Timmy Welch
1d2eba42cd TODO 2026-02-15 15:14:45 -08:00
Timmy Welch
45708f545c Handle multiple domains 2026-02-15 15:14:45 -08:00
Timmy Welch
fae95466a4 Fix crash on invalid dhcp hostname 2026-02-15 15:14:45 -08:00
Timmy Welch
7d4bdc4016 Create host aliases 2026-02-15 15:14:45 -08:00
Timmy Welch
b6a1ef0eb1 Load dns upstreams from disk 2026-02-15 15:14:45 -08:00
Timmy Welch
087845eb8a Add static overrides and more dynamic dns 2026-02-15 15:14:45 -08:00
Timmy Welch
605a0e7692 IPv6 DNS Support 2026-02-15 15:14:45 -08:00
Timmy Welch
ef5ff27ed0 Add DoH client 2026-02-15 15:14:45 -08:00
Timmy Welch
8dd2d343ca Consolidate mustParseCIDR 2026-02-15 15:14:45 -08:00
Timmy Welch
51e836cc3d Log dyndns requests 2026-02-15 15:14:45 -08:00
Timmy Welch
6540f1cab0 Convert ioutil calls to io 
go fix ./...
 2026-02-15 15:14:45 -08:00
lordwelch
62a07066b6 Add time and vendor information to leases 2026-02-15 15:06:08 -08:00
Timmy Welch
aac342c895 Use router7 namespaced tables 2026-02-15 15:06:08 -08:00
Timmy Welch
268c3841a6 Add custom exclusions to backup 2026-02-08 23:29:22 -08:00
lordwelch
5ce11880c9 Set the recursion available flag. Needed when blocking external dns 2026-02-08 23:29:22 -08:00
lordwelch
5004f54f88 Add custom domain 2026-02-08 22:42:39 -08:00
Michael Stapelberg
acdc5313ee netconfig: create bridge with future MAC address to avoid temporary 
On one of my router7 installations, I’m using a bridge for uplink0
(so that I can use the built-in SFP interface, or fall back
to an external media converter in case of trouble without reconfig).

On that installation, I have observed the following bug:

  1. System boots, netconfig creates uplink0.
  2. The Linux kernel assigns a MAC address (e.g. ce:fa:ba:3c:66:84).
  3. Netconfig cannot add the interfaces to the bridge yet,
     presumably because they are not created yet.
  4. The dhcp4 program starts and reads the MAC address.
  5. Netconfig adds the interfaces to the bridge, the MAC changes.
  6. dhcp4 still has the old (incorrect) MAC address.
  7. dhcp4 never obtains a lease, the router never becomes healthy,
     you’re stuck in this state.

This will be prevented by not letting the kernel assign a MAC address,
but instead determining the future MAC address (in our case:
we just use the first configured MAC address) and creating the bridge
interface correctly configured to begin with, thereby eliminating
the race condition entirely.
 2025-12-14 08:19:36 +01:00
dependabot[bot]
16933dd2ca build(deps): bump github.com/eclipse/paho.mqtt.golang (#94) 
Bumps [github.com/eclipse/paho.mqtt.golang](https://github.com/eclipse/paho.mqtt.golang) from 1.4.1 to 1.5.1.
- [Release notes](https://github.com/eclipse/paho.mqtt.golang/releases)
- [Commits](https://github.com/eclipse/paho.mqtt.golang/compare/v1.4.1...v1.5.1)

---
updated-dependencies:
- dependency-name: github.com/eclipse/paho.mqtt.golang
  dependency-version: 1.5.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-03 08:29:53 +01:00
dependabot[bot]
5603d88134 build(deps): bump golang.org/x/crypto from 0.36.0 to 0.45.0 (#93) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.36.0 to 0.45.0.
- [Commits](https://github.com/golang/crypto/compare/v0.36.0...v0.45.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.45.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-20 07:37:23 +01:00
Michael Stapelberg
2189376204 dhcp: clone hardware addresses throughout 
I still noticed DHCP requests with incorrect MAC source addresses.
Turns out there were still a number of incorrect HardwareAddr usages.
 2025-10-16 11:23:58 +02:00
Michael Stapelberg
e2d4de4768 diagd: log error message when reporting unhealthy 
I noticed that there seem to be transient periods of unhealthiness,
so let’s figure out which particular check is failing.
 2025-09-14 11:48:36 +02:00
Michael Stapelberg
128a7e98ef diagd: export healthiness as prometheus metric (for monitoring) 2025-09-11 08:21:10 +02:00
Michael Stapelberg
0b9afc9273 dhcp4: clone HardwareAddr bytes defensively 
I suspect that Go’s net package reuses its buffers and these bytes don’t remain
valid forever (perhaps only if the network interfaces of the machine change?).

At least that would explain why my DHCP client sent requests with a wrong address.
 2025-08-15 08:29:33 +02:00
Michael Stapelberg
35fcfc15c8 GitHub Actions: run tests in nix-shell, not Docker 
For some reason, the MAC address reported by dnsmasq in Docker on GitHub Actions
no longer matches the address expected by the test. With Nix, it works.
 2025-07-20 22:57:13 +02:00
Michael Stapelberg
2e5277d689 internal/dns: retry over TCP upon truncated response 
This fixes resolving login.tailscale.com as of the time of writing,
the first DNS name for which I noticed an error in 7 years of router7.
 2025-07-20 18:31:45 +02:00
dependabot[bot]
52826d6011 build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 (#92) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.37.0 to 0.38.0.
- [Commits](https://github.com/golang/net/compare/v0.37.0...v0.38.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.38.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-17 16:27:12 +02:00
Michael Stapelberg
6e73981e36 add push script to publish self-hosted website (from docs/) 2025-03-20 08:48:57 +01:00
Michael Stapelberg
58fa19ba32 go.{mod,sum}: pull in latest x/ packages 2025-03-13 08:42:32 +01:00
Michael Stapelberg
ea317e0e7a go.{mod,sum}: pull in latest gokrazy/rsync 2025-03-13 08:42:10 +01:00
Michael Stapelberg
e9cfa01d4a dyndns: fix updating the root record of a zone 
(Required for self-hosting gokrazy.org.)
 2025-03-07 17:47:26 +01:00
dependabot[bot]
9f55a9f5dc build(deps): bump golang.org/x/net from 0.23.0 to 0.33.0 (#89) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.23.0 to 0.33.0.
- [Commits](https://github.com/golang/net/compare/v0.23.0...v0.33.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-24 06:54:42 +01:00
Michael Stapelberg
4ca26a5a32 GitHub Actions: update action versions 2025-02-24 06:50:25 +01:00
Michael Stapelberg
3fbc5260b3 Dockerfile: dnsutils is now bind9-dnsutils (for dig) 2025-02-24 06:47:27 +01:00
Michael Stapelberg
20840d4904 fix example: func Example() must be niladic 2025-02-24 06:42:48 +01:00
Michael Stapelberg
07b85b9624 backupd: serve /perm via rsync, too 
This allows for more efficient incremental backup.
 2025-02-23 22:28:01 +01:00
Michael Stapelberg
fe43422499 go.mod: bump language version to 1.24 2025-02-23 22:27:37 +01:00
Michael Stapelberg
13e1c1bbb4 netconfig: move /tmp/resolv.conf symlink out of the way 
Commit 0f75b1cbef was incomplete.
 2025-01-27 08:26:03 +01:00
Michael Stapelberg
0f75b1cbef netconfigd: write /tmp/resolv.conf only once, do not clobber 
This fixes tailscale name resolution breaking again and again.
 2025-01-26 10:16:38 +01:00
Michael Stapelberg
07325dde93 netconfigd: do not hardcode 10.0.0.0/24 netmask for hairpinning 
related to https://github.com/rtr7/router7/issues/53
 2025-01-12 10:29:42 +01:00
Michael Stapelberg
af27264a03 dhcp4: drop expired lease on server error (faster time to recovery) 
netconfigd still keeps the address configured for as long as possible,
but dhcp4 now more quickly returns to a from-scratch DHCP exchange.
 2024-12-21 16:07:56 +01:00
dependabot[bot]
ed7523c311 build(deps): bump golang.org/x/crypto from 0.21.0 to 0.31.0 (#88) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.21.0 to 0.31.0.
- [Commits](https://github.com/golang/crypto/compare/v0.21.0...v0.31.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-12-12 08:24:06 +01:00
Michael Stapelberg
fe0c57fc09 dhcp4: fix drop-lease-and-restart logic 
The code should immediately attempt obtaining a lease from scratch instead of
remaining stuck in the wait-until-renew loop.
 2024-09-27 17:11:50 +02:00
Michael Stapelberg
f835cdf1d6 netconfig: do not re-create nftables ruleset from scratch 
The current behavior stomps on the rules that programs like
podman or tailscale set up for port forwarding.

With this change, we split port forwardings into a separate chain,
which allows us to create the ruleset once at startup and then only
update the port forwardings specifically (the only dynamic part
of router7’s nftables ruleset).
 2024-05-09 10:06:23 +02:00
Michael Stapelberg
ac71701d8c update go.{mod,sum} 2024-05-09 09:55:27 +02:00
dependabot[bot]
07f1eb855e build(deps): bump golang.org/x/net from 0.17.0 to 0.23.0 (#86) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.17.0 to 0.23.0.
- [Commits](https://github.com/golang/net/compare/v0.17.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-19 19:16:42 +02:00
dependabot[bot]
8a9aa00289 build(deps): bump google.golang.org/protobuf from 1.28.1 to 1.33.0 (#85) 
Bumps google.golang.org/protobuf from 1.28.1 to 1.33.0.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-14 08:54:37 +01:00
dependabot[bot]
95fc74327d build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#82) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.14.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-19 08:52:41 +01:00
dependabot[bot]
c3e79d839f build(deps): bump golang.org/x/net from 0.7.0 to 0.17.0 (#80) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.7.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.7.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-12 08:11:39 +02:00
Michael Stapelberg
05a7b11ba6 diagd: allow disabling ipv6 connectivity check in health.json 
This makes rtr7-safe-update work in environments without IPv6.
 2023-08-12 16:14:13 +02:00
Michael Stapelberg
681ccd815c go.mod: bump to go1.20 2023-03-12 09:06:35 +01:00