Name: sandcats
Owner: Sandstorm.io
Description: Services for Sandstorm self-hosters: Dynamic DNS & HTTPS certificates
Created: 2015-02-24 18:40:58.0
Updated: 2018-01-31 14:23:56.0
Pushed: 2016-08-04 22:56:46.0
Size: 368
Language: JavaScript
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
This is an open source (Apache License 2.0) software package that can be installed on a Linux server that creates a dynamic DNS zone. It speaks an API that the Sandstorm server will implement support for, so that when people install the Sandstorm personal server platform, they can have a DNS zone with dynamic updates.
It uses the following technologies:
Meteor, to access MongoDB and eventually provide a web interface;
node's dgram support, to allow servers to check in periodically and for us to reply to them to tell them if their IP address has changed;
PowerDNS and MySQL, to update a DNS zone with the new IP address of a user.
If you want a general-purpose dynamic DNS service to use with your own non-Sandstorm server, check out the list below.
Similarly, if you want to run a dynamic DNS service for the Internet, you might prefer the software in the list below. The Sandcats software has very few features.
Other software/services:
NSUpdate.info: free of cost public service; open source backend.
duckdns.org: free of cost public service; very responsive maintainers; backend unavailable.
In production, the following are true:
We download the latest version of Sandcats from git master and use “meteor build” to package that up into a tidy little directory.
We use a particular version of nodejs that we download from the nice node people.
When we want to upgrade, we run make action-deploy-app
, which
means you don't get to enjoy the fun of Meteor auto-reload.
You can simulate production-style by using Vagrant and doing the following:
grant up
ter vagrant up, you should set up nginx on port 80 & 443
thin the VM.
u can access it as port 8080 & 8443 on the host.
grant reload
lariously, the Vagrant basebox we're using doesn't have
stemd by default, so we must reboot into systemd.
grant ssh
g in, so you can pick up where it left off.
/vagrant
ke stage-provision
eat! Now surf to localhost:8080 and/or https://localhost:8443/.
If you want, you can run some automated tests:
grant ssh
/vagrant
ke action-run-tests
Do something very like the above, but then:
do service sandcats stop
/vagrant/sandcats
teor run --settings=dev-settings.json
This will work, but since there are a lot of dependencies, you'll be mostly on your own. Here's the overview:
To run this in development mode, install the dependency packages as follows:
ke
This will use the Makefile at the top level of this repository to make sure your system has all the needed dependencies. Read that file if you are curious what the package needs.
Here's a manual process you can do:
"CREATE DATABASE sandcats_pdns;" | mysql -uroot
ILE="$(mktemp /tmp/sandcats.XXXXXX)"
n -s 16 > "$TMPFILE"
"CREATE USER sandcats_pdns IDENTIFIED BY '$(cat $TMPFILE)';" | mysql -uroot
"GRANT ALL on sandcats_pdns.* TO 'sandcats_pdns'@'localhost';" | mysql -uroot
The sandcats/dev-settings.json
file should contain approximately the following:
1_HOSTNAME": "ns1.sandcatz.io",
2_HOSTNAME": "ns2.sandcatz.io",
SE_DOMAIN": "sandcatz.io",
WERDNS_USER": "sandcats_pdns",
WERDNS_DB": "sandcats_pdns",
WERDNS_PASSWORD": "3Rb4k4BQqKr59Ewj",
P_PING_PORT": 8080
If you chose a different database name or password etc., then by all means adjust the configuration accordingly.
sandcats
teor run --settings dev-settings.json
The Sandstorm installer should be able to register a domain using
against the Sandcats software. The Sandstorm installer needs to be
able to generate a client certificate. If the openssl
command is
not installed, and /usr/bin/apt-get exists, ask if the user wants to
install it.
Version 1 stores email addresses, but it does not verify them for now.
The Sandcats web app has no meaningful web interface.
The Sandstorm shell will offer a user interface that asks people to confirm their email address so they can recover their domain name if they lose the private key they use to do updates. The shell will have a button that says, “Click here to confirm your Sandcats account,” and when they click it, the shell will generate a random number and tell them to wait for a confirmation email that the Sandcats server will send them, and then once they click that confirmation email, the Sandcats server will prompt them to enter the number, and when they do, Sandcats will believe that they confirmed their email address. (Question: How will the Sandstorm shell know that the user actually did the email confirmation?)
The Sandstorm installer can offer users the ability to use a name they already registered. This will use an email confirmation-based flow to let them recover control of the name.