admin/deploy-felhom-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a47cf964e54c10be2f21ea7a661c778084d9f9d0
deploy-felhom-compose/controller/internal/cloudflare/zone.go
T
admin 8b8c04a487 fix: P0+P1 critical bug fixes across controller (24 files) 
Concurrency fixes:
- Deep-copy stacks in GetStack/GetStacks to prevent shared state mutation (C04)
- Add per-state mutex to watchdog pathProbeState (C05)
- Guard MetricsCollector.Start() with sync.Once against double-start (C06)
- Hold diskJobMu across entire raw mount operation (C07)
- Add mutex to SetEncryptionKey (C08), MigrateEncryption write lock (H03)
- Use sync.Once for sync.Stop() channel close (H08)
- Set syncing=true before releasing lock in TriggerSync (H09)
- Deep-copy lastDBDump/lastBackup in GetFullStatus (H11)
- Add WaitGroup for stderr goroutine in MigrateDrive (H19)
- Add mutex to SetBackupRunningCheck (M18)

Security fixes:
- Validate Bearer token against Hub API key in CSRF middleware (H16)
- Validate backup paths start with expected prefix in RemoveStack (M12)
- Guard uuid[:8] slice with length check (H20)
- Parse fstab fields exactly for mount target matching (H21)

Bug fixes:
- Use decrypted env vars for compose deploy (C01)
- Log decrypt failures in DecryptMap instead of swallowing (C02)
- Move Deployed=false inside lock in runComposeDeploy (C03)
- Fix activeDrives() to skip disconnected drives (H02)
- Fix Snapshot() stderr extraction from exec.ExitError (H01)
- Check unlockCmd.Run() error in restic (H01)
- Buffer template rendering via bytes.Buffer (H07)
- Thread context.Context through cloudflare client (H10)
- Fix leaf-name collision detection in cross-drive backup (H15)
- Add nil check for crossDriveRunner (H17)
- Use strings.TrimSpace instead of slice on command output (H18)
- Make SaveAppConfig atomic with write-to-tmp+rename (H04)
- Pass encKey on deploy failure SaveAppConfig (H05)
- Fix IPv6 address format in TCP health probe

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-25 13:39:45 +01:00

68 lines
1.5 KiB
Go
Raw Blame History

package cloudflare
import (
"context"
"encoding/json"
"fmt"
"net/url"
)
// zone represents a Cloudflare zone (minimal fields).
type zone struct {
ID string `json:"id"`
Name string `json:"name"`
}
// GetZoneID resolves the Cloudflare zone ID for a domain.
// It tries the exact domain first, then strips subdomains progressively.
func (c *Client) GetZoneID(ctx context.Context, domain string) (string, error) {
// Try exact domain first (e.g., "demo-felhom.eu")
id, err := c.lookupZone(ctx, domain)
if err != nil {
return "", err
}
if id != "" {
return id, nil
}
// Try parent domains (e.g., "felhom.eu" from "demo.felhom.eu")
for i := 0; i < len(domain); i++ {
if domain[i] == '.' {
parent := domain[i+1:]
if parent == "" {
break
}
id, err = c.lookupZone(ctx, parent)
if err != nil {
return "", err
}
if id != "" {
return id, nil
}
}
}
return "", fmt.Errorf("no Cloudflare zone found for domain %q", domain)
}
// lookupZone queries the CF API for a zone by name.
func (c *Client) lookupZone(ctx context.Context, name string) (string, error) {
path := "/zones?name=" + url.QueryEscape(name) + "&status=active"
resp, err := c.do(ctx, "GET", path, nil)
if err != nil {
return "", fmt.Errorf("lookup zone %q: %w", name, err)
}
var zones []zone
if err := json.Unmarshal(resp.Result, &zones); err != nil {
return "", fmt.Errorf("decode zones: %w", err)
}
if len(zones) == 0 {
return "", nil
}
c.logger.Printf("[CF] Resolved zone %q → %s", name, zones[0].ID)
return zones[0].ID, nil
}
Reference in New Issue View Git Blame Copy Permalink