From 1ea74a08e09b9c6b4bebf7aa5701f1cb77ba522f Mon Sep 17 00:00:00 2001 From: kazet Date: Tue, 9 Jul 2024 09:58:27 +0200 Subject: [PATCH] Fallback resolver (#88) --- app/src/resolver.py | 8 +++++++- common/config.py | 10 ++++++---- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/app/src/resolver.py b/app/src/resolver.py index 8413f01..591137b 100644 --- a/app/src/resolver.py +++ b/app/src/resolver.py @@ -1,5 +1,7 @@ import dns.resolver +from common.config import Config + from .logging import build_logger @@ -12,8 +14,12 @@ def resolve(self, *args, **kwargs): # type: ignore last_exception = None num_exceptions = 0 - for _ in range(self.num_retries): + for i in range(self.num_retries): try: + if i < self.num_retries - 1: + self.nameservers = Config.Network.NAMESERVERS + else: + self.nameservers = Config.Network.FALLBACK_NAMESERVERS result = super().resolve(*args, **kwargs) break except Exception as e: diff --git a/common/config.py b/common/config.py index e42e454..6885d13 100644 --- a/common/config.py +++ b/common/config.py @@ -43,11 +43,13 @@ class Network: APP_DOMAIN: Annotated[str, "The domain the site is running on."] = get_config("APP_DOMAIN") NAMESERVERS: Annotated[ List[str], - "A comma-separated list of nameservers that will be used to resolve domains. If you want " - "to provide custom ones, remember to modify the ones provided to the Docker containers as well. " - "At CERT PL we use a separate ``docker-compose.yml`` file with additional configuration specific " - "to our instance.", + "A comma-separated list of nameservers that will be used to resolve domains.", ] = get_config("NAMESERVERS", default=gethostbyname("bind9"), cast=decouple.Csv(str)) + FALLBACK_NAMESERVERS: Annotated[ + List[str], + "A comma-separated list of nameservers that will be used to resolve domains if NAMESERVERS fail. This can " + "be used e.g. to use recursive nameservers as NAMESERVERS and nameservers such as e.g. 8.8.8.8 as FALLBACK_NAMESERVERS.", + ] = get_config("FALLBACK_NAMESERVERS", default="8.8.8.8", cast=decouple.Csv(str)) SSL_PRIVATE_KEY_PATH: Annotated[ str, "SSL private key path. Please refer to ``SSL_CERTIFICATE_PATH`` variable documentation to "