query dns directly in inventory

.gitignore

@@ -113,6 +113,6 @@ dist
 /build
 
 *.retry
-*-setconf.conf.j2
+wgfrp-setconf.conf.j2
 
 __pycache__

ansible/protocols/wg/wg-setconf.conf.j2

+[Interface]
+PrivateKey = {{key}}
+ListenPort = {{conn.localPort}}
+{% if conn.localGatewayMark != 0 %}
+FwMark = {{conn.localGatewayMark}}
+{% endif %}
+
+
+[Peer]
+PublicKey = {{conn.wgPublicKey}}
+AllowedIPs = 0.0.0.0/0, ::/0
+{% if conn.remoteAddress is defined %}
+Endpoint = {{conn.remoteAddress}}:{{conn.remotePort}}
+PersistentKeepalive = 1
+{% endif %}
+
+# forced change 12.12
+

src/inventory.ts

@@ -7,12 +7,46 @@ import _ from 'lodash';
 import child_process from 'child_process';
 import assert from 'assert';
 import ip from "ip";
+import { promises as dns } from "dns";
 
 class InventoryBuilder {
   hosts: { [key: string]: any };
   gateways: any;
   connections: string[];
   routeLists: any;
+  resolveCache: Map<string, string>;
+  resolver: dns.Resolver;
+
+  async resolve(domain: string) {
+    if (domain.match(/(\d{1,3}\.){3}\d{1,3}/)) {
+      return domain;
+    }
+    if (this.resolveCache.has(domain)) {
+      return this.resolveCache.get(domain);
+    }
+    const rrtype = domain.includes("-v6") ? "AAAA" : "A";
+    let resolvedIP: string;
+    while (true) {
+      try {
+        [ resolvedIP ] = (await this.resolver.resolve(domain, rrtype)) as string[];
+        break;
+      } catch (e) {
+        console.log(`${domain} => FAIL: ${e.toString()}`);
+      }
+    }
+    if (rrtype === "AAAA") {
+      resolvedIP = `[${resolvedIP}]`;
+    }
+    console.log(`${domain} => ${resolvedIP}`);
+    this.resolveCache.set(domain, resolvedIP);
+    return resolvedIP;
+  }
+
+  constructor() {
+    this.resolveCache = new Map();
+    this.resolver = new dns.Resolver();
+    this.resolver.setServers(['114.114.114.114', '223.5.5.5']);
+  }
 
   async load(sheetName) {
     const data = await fs.promises.readFile(path.join('data', `内网互联计划 - ${sheetName}.csv`));
@@ -44,7 +78,7 @@ class InventoryBuilder {
       host.wgPublickey = await this.wgPublickey(host.wgPrivateKey);
     }
     // console.log(Object.values(this.hosts));
-    const rawHosts = Object.values(this.hosts).map(h => [h.name, this.host_vars(h)]);
+    const rawHosts = await Promise.all(Object.values(this.hosts).map(async(h) => [h.name, await this.host_vars(h)]));
     const hosts = Object.fromEntries(rawHosts);
     // console.log(hosts);
     const vars = await this.loadUtilities();
@@ -84,7 +118,7 @@ class InventoryBuilder {
 
     return vars;
   }
-  host_vars(host) {
+  async host_vars(host) {
     const connections = [];
     host.dockerServices = {
       version: '2.4',
@@ -108,17 +142,17 @@ class InventoryBuilder {
         const from = this.hosts[h][host.name]; // 其他主机的这个主机的条目
         if (from && to) {
           // 非对称连接
-          connections.push(this.parse_connection(host, this.hosts[h], to, false, true, false));
-          connections.push(this.parse_connection(host, this.hosts[h], from, true, false, true));
+          connections.push(await this.parse_connection(host, this.hosts[h], to, false, true, false));
+          connections.push(await this.parse_connection(host, this.hosts[h], from, true, false, true));
         } else if (from || to) {
           // 对称连接
           const connectionString = from || to;
-          connections.push(this.parse_connection(host, this.hosts[h], connectionString, true, true, connectionString === from));
-          connections.push(this.parse_connection(host, this.hosts[h], null_connection, false, false, false));
+          connections.push(await this.parse_connection(host, this.hosts[h], connectionString, true, true, connectionString === from));
+          connections.push(await this.parse_connection(host, this.hosts[h], null_connection, false, false, false));
         } else {
           // 不连接
-          connections.push(this.parse_connection(host, this.hosts[h], null_connection, true, false, false));
-          connections.push(this.parse_connection(host, this.hosts[h], null_connection, false, true, false));
+          connections.push(await this.parse_connection(host, this.hosts[h], null_connection, true, false, false));
+          connections.push(await this.parse_connection(host, this.hosts[h], null_connection, false, true, false));
         }
         routePlans.push({
           name: h.replace(/-/g, "_"),
@@ -146,7 +180,7 @@ class InventoryBuilder {
     };
   }
 
-  parse_connection(local: any, remote: any, connstr: string, inbound: boolean, outbound: boolean, reverse: boolean) {
+  async parse_connection(local: any, remote: any, connstr: string, inbound: boolean, outbound: boolean, reverse: boolean) {
     const leftbottom = local.id > remote.id; // true 条目位于左下，false 条目位于右上
     const cis = !reverse; // true 无需翻转，false 需要翻转。
     const primary = leftbottom ? outbound : inbound; // true 使用 peerAddress、port, false 使用peerAddress2、port2
@@ -165,6 +199,7 @@ class InventoryBuilder {
     //const remoteGatewayMark = remoteGatewayName ? remoteGateway.mark : undefined;
     //console.log(remoteGateway.name);
     const remoteAddress = remoteGateway.address;
+    const resolvedRemoteAddress = await this.resolve(remoteAddress);
     const remoteLocalAddress = remote.address;
     const remoteNextMark = remote.nextMark;
     const remoteDestMark = remote.destMark;
@@ -215,6 +250,7 @@ class InventoryBuilder {
       remoteNextMark,
       remoteDestMark,
       remoteAddress,
+      resolvedRemoteAddress,
       remoteLocalAddress,
       localPort,
       remotePort,

update.sh

@@ -8,11 +8,12 @@ set -e
 
 
 mkdir -p result
+npm run build
 npm start
 
-#cd lists
-#./run.sh
-#cd ..
+cd lists
+./run.sh
+cd ..
 
 cd ansible || exit