General improvement for special-use TLD / ynh dyndns domains

data/hooks/diagnosis/12-dnsrecords.py

@@ -8,13 +8,11 @@ from publicsuffix import PublicSuffixList
 
 from moulinette.utils.process import check_output
 
-from yunohost.utils.dns import dig, YNH_DYNDNS_DOMAINS
+from yunohost.utils.dns import dig, YNH_DYNDNS_DOMAINS, is_yunohost_dyndns_domain, is_special_use_tld
 from yunohost.diagnosis import Diagnoser
 from yunohost.domain import domain_list, _get_maindomain
 from yunohost.dns import _build_dns_conf, _get_dns_zone_for_domain
 
-SPECIAL_USE_TLDS = ["local", "localhost", "onion", "test"]
-
 
 class DNSRecordsDiagnoser(Diagnoser):
 
@@ -29,13 +27,10 @@ class DNSRecordsDiagnoser(Diagnoser):
         all_domains = domain_list(exclude_subdomains=True)["domains"]
         for domain in all_domains:
             self.logger_debug("Diagnosing DNS conf for %s" % domain)
-            is_specialusedomain = any(
-                domain.endswith("." + tld) for tld in SPECIAL_USE_TLDS
-            )
+
             for report in self.check_domain(
                 domain,
                 domain == main_domain,
-                is_specialusedomain=is_specialusedomain,
             ):
                 yield report
 
@@ -53,7 +48,7 @@ class DNSRecordsDiagnoser(Diagnoser):
         for report in self.check_expiration_date(domains_from_registrar):
             yield report
 
-    def check_domain(self, domain, is_main_domain, is_specialusedomain):
+    def check_domain(self, domain, is_main_domain):
 
         base_dns_zone = _get_dns_zone_for_domain(domain)
         basename = domain.replace(base_dns_zone, "").rstrip(".") or "@"
@@ -64,7 +59,7 @@ class DNSRecordsDiagnoser(Diagnoser):
 
         categories = ["basic", "mail", "xmpp", "extra"]
 
-        if is_specialusedomain:
+        if is_special_use_tld(domain):
             categories = []
             yield dict(
                 meta={"domain": domain},
@@ -140,10 +135,7 @@ class DNSRecordsDiagnoser(Diagnoser):
 
             if discrepancies:
                 # For ynh-managed domains (nohost.me etc...), tell people to try to "yunohost dyndns update --force"
-                if any(
-                    domain.endswith(ynh_dyndns_domain)
-                    for ynh_dyndns_domain in YNH_DYNDNS_DOMAINS
-                ):
+                if is_yunohost_dyndns_domain(domain):
                     output["details"] = ["diagnosis_dns_try_dyndns_update_force"]
                 # Otherwise point to the documentation
                 else:

data/hooks/diagnosis/21-web.py

@@ -8,6 +8,7 @@ from moulinette.utils.filesystem import read_file
 
 from yunohost.diagnosis import Diagnoser
 from yunohost.domain import domain_list
+from yunohost.utils.dns import is_special_use_tld
 
 DIAGNOSIS_SERVER = "diagnosis.yunohost.org"
 
@@ -34,11 +35,11 @@ class WebDiagnoser(Diagnoser):
                     summary="diagnosis_http_nginx_conf_not_up_to_date",
                     details=["diagnosis_http_nginx_conf_not_up_to_date_details"],
                 )
-            elif domain.endswith(".local"):
+            elif is_special_use_tld(domain):
                 yield dict(
                     meta={"domain": domain},
                     status="INFO",
-                    summary="diagnosis_http_localdomain",
+                    summary="diagnosis_http_special_use_tld",
                 )
             else:
                 domains_to_check.append(domain)

locales/en.json

@@ -192,7 +192,7 @@
     "diagnosis_dns_good_conf": "DNS records are correctly configured for domain {domain} (category {category})",
     "diagnosis_dns_missing_record": "According to the recommended DNS configuration, you should add a DNS record with the following info.<br>Type: <code>{type}</code><br>Name: <code>{name}</code><br>Value: <code>{value}</code>",
     "diagnosis_dns_point_to_doc": "Please check the documentation at <a href='https://yunohost.org/dns_config'>https://yunohost.org/dns_config</a> if you need help about configuring DNS records.",
-    "diagnosis_dns_specialusedomain": "Domain {domain} is based on a special-use top-level domain (TLD) and is therefore not expected to have actual DNS records.",
+    "diagnosis_dns_specialusedomain": "Domain {domain} is based on a special-use top-level domain (TLD) such as .local or .test and is therefore not expected to have actual DNS records.",
     "diagnosis_dns_try_dyndns_update_force": "This domain's DNS configuration should automatically be managed by YunoHost. If that's not the case, you can try to force an update using <cmd>yunohost dyndns update --force</cmd>.",
     "diagnosis_domain_expiration_error": "Some domains will expire VERY SOON!",
     "diagnosis_domain_expiration_not_found": "Unable to check the expiration date for some domains",
@@ -214,7 +214,7 @@
     "diagnosis_http_could_not_diagnose_details": "Error: {error}",
     "diagnosis_http_hairpinning_issue": "Your local network does not seem to have hairpinning enabled.",
     "diagnosis_http_hairpinning_issue_details": "This is probably because of your ISP box / router. As a result, people from outside your local network will be able to access your server as expected, but not people from inside the local network (like you, probably?) when using the domain name or global IP. You may be able to improve the situation by having a look at <a href='https://yunohost.org/dns_local_network'>https://yunohost.org/dns_local_network</a>",
-    "diagnosis_http_localdomain": "Domain {domain}, with a .local TLD, is not expected to be exposed outside the local network.",
+    "diagnosis_http_special_use_tld": "Domain {domain} is based on a special-use top-level domain (TLD) such as .local or .test and is therefore not expected to be exposed outside the local network.",
     "diagnosis_http_nginx_conf_not_up_to_date": "This domain's nginx configuration appears to have been modified manually, and prevents YunoHost from diagnosing if it's reachable on HTTP.",
     "diagnosis_http_nginx_conf_not_up_to_date_details": "To fix the situation, inspect the difference with the command line using <cmd>yunohost tools regen-conf nginx --dry-run --with-diff</cmd> and if you're ok, apply the changes with <cmd>yunohost tools regen-conf nginx --force</cmd>.",
     "diagnosis_http_ok": "Domain {domain} is reachable through HTTP from outside the local network.",
@@ -308,6 +308,7 @@
     "domain_deleted": "Domain deleted",
     "domain_deletion_failed": "Unable to delete domain {domain}: {error}",
     "domain_dns_conf_is_just_a_recommendation": "This command shows you the *recommended* configuration. It does not actually set up the DNS configuration for you. It is your responsability to configure your DNS zone in your registrar according to this recommendation.",
+    "domain_dns_conf_special_use_tld": "This domain is based on a special-use top-level domain (TLD) such as .local or .test and is therefore not expected to have actual DNS records.",
     "domain_dyndns_already_subscribed": "You have already subscribed to a DynDNS domain",
     "domain_dyndns_root_unknown": "Unknown DynDNS root domain",
     "domain_exists": "The domain already exists",

src/yunohost/dns.py

@@ -41,7 +41,7 @@ from yunohost.domain import (
     _get_domain_settings,
     _set_domain_settings,
 )
-from yunohost.utils.dns import dig, YNH_DYNDNS_DOMAINS
+from yunohost.utils.dns import dig, is_yunohost_dyndns_domain, is_special_use_tld
 from yunohost.utils.error import YunohostValidationError, YunohostError
 from yunohost.utils.network import get_public_ip
 from yunohost.log import is_unit_operation
@@ -61,6 +61,9 @@ def domain_dns_suggest(domain):
 
     """
 
+    if is_special_use_tld(domain):
+        return m18n.n("domain_dns_conf_special_use_tld")
+
     _assert_domain_exists(domain)
 
     dns_conf = _build_dns_conf(domain)
@@ -169,10 +172,7 @@ def _build_dns_conf(base_domain, include_empty_AAAA_if_no_ipv6=False):
     # If this is a ynh_dyndns_domain, we're not gonna include all the subdomains in the conf
     # Because dynette only accept a specific list of name/type
     # And the wildcard */A already covers the bulk of use cases
-    if any(
-        base_domain.endswith("." + ynh_dyndns_domain)
-        for ynh_dyndns_domain in YNH_DYNDNS_DOMAINS
-    ):
+    if is_yunohost_dyndns_domain(base_domain):
         subdomains = []
     else:
         subdomains = _list_subdomains_of(base_domain)
@@ -426,10 +426,14 @@ def _get_dns_zone_for_domain(domain):
     # First, check if domain is a nohost.me / noho.st / ynh.fr
     # This is mainly meant to speed up things for "dyndns update"
     # ... otherwise we end up constantly doing a bunch of dig requests
-    for ynh_dyndns_domain in YNH_DYNDNS_DOMAINS:
-        if domain.endswith("." + ynh_dyndns_domain):
-            # Keep only foo.nohost.me even if we have subsub.sub.foo.nohost.me
-            return ".".join(domain.rsplit(".", 3)[-3:])
+    if is_yunohost_dyndns_domain(domain):
+        # Keep only foo.nohost.me even if we have subsub.sub.foo.nohost.me
+        return ".".join(domain.rsplit(".", 3)[-3:])
+
+    # Same thing with .local, .test, ... domains
+    if is_special_use_tld(domain):
+        # Keep only foo.local even if we have subsub.sub.foo.local
+        return ".".join(domain.rsplit(".", 2)[-2:])
 
     # Check cache
     cache_folder = "/var/cache/yunohost/dns_zones"
@@ -521,10 +525,7 @@ def _get_registrar_config_section(domain):
 
     # TODO big project, integrate yunohost's dynette as a registrar-like provider
     # TODO big project, integrate other dyndns providers such as netlib.re, or cf the list of dyndns providers supported by cloudron...
-    if any(
-        dns_zone.endswith("." + ynh_dyndns_domain)
-        for ynh_dyndns_domain in YNH_DYNDNS_DOMAINS
-    ):
+    if is_yunohost_dyndns_domain(dns_zone):
         registrar_infos["registrar"] = OrderedDict(
             {
                 "type": "alert",
@@ -534,6 +535,15 @@ def _get_registrar_config_section(domain):
             }
         )
         return OrderedDict(registrar_infos)
+    elif is_special_use_tld(dns_zone):
+        registrar_infos["registrar"] = OrderedDict(
+            {
+                "type": "alert",
+                "style": "info",
+                "ask": m18n.n("domain_dns_conf_special_use_tld"),
+                "value": None,
+            }
+        )
 
     try:
         registrar = _relevant_provider_for_domain(dns_zone)[0]
@@ -607,6 +617,10 @@ def domain_dns_push(operation_logger, domain, dry_run=False, force=False, purge=
 
     _assert_domain_exists(domain)
 
+    if is_special_use_tld(domain):
+        logger.info(m18n.n("domain_dns_conf_special_use_tld"))
+        return {}
+
     if not registrar or registrar == "None":  # yes it's None as a string
         raise YunohostValidationError("domain_dns_push_not_applicable", domain=domain)
 

src/yunohost/tests/test_dns.py

@@ -38,6 +38,9 @@ def test_get_dns_zone_from_domain_existing():
     assert _get_dns_zone_for_domain("foo.yolo.nohost.me") == "yolo.nohost.me"
     assert _get_dns_zone_for_domain("bar.foo.yolo.nohost.me") == "yolo.nohost.me"
 
+    assert _get_dns_zone_for_domain("yolo.test") == "yolo.test"
+    assert _get_dns_zone_for_domain("foo.yolo.test") == "yolo.test"
+
     assert _get_dns_zone_for_domain("yolo.tld") == "yolo.tld"
     assert _get_dns_zone_for_domain("foo.yolo.tld") == "yolo.tld"
 

src/yunohost/utils/dns.py

@@ -23,6 +23,8 @@ from typing import List
 
 from moulinette.utils.filesystem import read_file
 
+SPECIAL_USE_TLDS = ["local", "localhost", "onion", "test"]
+
 YNH_DYNDNS_DOMAINS = ["nohost.me", "noho.st", "ynh.fr"]
 
 # Lazy dev caching to avoid re-reading the file multiple time when calling
@@ -30,6 +32,16 @@ YNH_DYNDNS_DOMAINS = ["nohost.me", "noho.st", "ynh.fr"]
 external_resolvers_: List[str] = []
 
 
+def is_yunohost_dyndns_domain(domain):
+
+    return any(domain.endswith(f".{dyndns_domain}") for dyndns_domain in YNH_DYNDNS_DOMAINS)
+
+
+def is_special_use_tld(domain):
+
+    return any(domain.endswith(f".{tld}") for tld in SPECIAL_USE_TLDS)
+
+
 def external_resolvers():
 
     global external_resolvers_