Webhook-provider for Domeneshop to be used by external-dns
Tommy
5eb07e6046
All checks were successful
Release / build-image (push) Successful in 43s
Reviewed-on: #2 |
||
|---|---|---|
| .forgejo | ||
| ci | ||
| src | ||
| .gitignore | ||
| Dockerfile | ||
| LICENSE | ||
| README.md | ||
| renovate.json | ||
Domeneshop Webhook for ExternalDNS
A lightweight webhook that integrates Domeneshop DNS with Kubernetes ExternalDNS, enabling automated DNS management.
🚀 Key Features
- Automatic DNS record management for Kubernetes services
- Support for multiple record types (A, AAAA, CNAME, TXT)
- Simple deployment as a sidecar container
- Health and readiness probes
- Configurable TLS support
- CORS support for API access
📋 Quick Start
Prerequisites
- Kubernetes cluster with ExternalDNS
- Domeneshop API credentials (get yours here)
Deployment
- Create a secret with your Domeneshop credentials:
kubectl create secret generic external-dns-domeneshop-webhook \
--from-literal=DOMENESHOP_API_TOKEN=your_api_token \
--from-literal=DOMENESHOP_API_SECRET=your_api_secret
- Create a values file for the ExternalDNS Helm chart:
# external-dns-domeneshop-values.yaml
fullnameOverride: external-dns-domeneshop
extraArgs:
- --gateway-label-filter=app.kubernetes.io/name in (gateway-external)
- --ignore-hostname-annotation
- --fqdn-template=external.example.com
- --webhook-provider-url=http://localhost:8080
provider:
name: webhook
webhook:
image:
repository: code.252.no/pub/external-dns-domeneshop-webhook
tag: v0.1.0
env:
# - name: LOG_LEVEL
# value: debug
- name: PORT
value: "8080"
- name: TOKEN
valueFrom:
secretKeyRef:
name: external-dns-domeneshop-webhook
key: DOMENESHOP_API_TOKEN
- name: SECRET
valueFrom:
secretKeyRef:
name: external-dns-domeneshop-webhook
key: DOMENESHOP_API_SECRET
ports:
- containerPort: 8080
name: http
livenessProbe:
httpGet:
path: /healthz
port: http
initialDelaySeconds: 10
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /readyz
port: http
initialDelaySeconds: 10
timeoutSeconds: 5
triggerLoopOnEvent: true
policy: sync
sources:
- gateway-httproute
txtOwnerId: k8s
txtPrefix: kube.
domainFilters:
- "example.com"
- Install ExternalDNS with the webhook:
helm upgrade my-release external-dns/external-dns \
-f external-dns-domeneshop-values.yaml
⚙️ Configuration
The webhook supports configuration via environment variables:
| Variable | Description | Default |
|---|---|---|
TOKEN |
Domeneshop API token | Required |
SECRET |
Domeneshop API secret | Required |
PORT |
Server port | 8080 |
TLS_CERT_FILE |
Path to TLS certificate | |
TLS_KEY_FILE |
Path to TLS key | |
ALLOWED_ORIGINS |
CORS allowed origins (comma-separated) | * |
🔍 Implementation Details
Architecture
┌─────────────────┐ ┌─────────────────┐ ┌─────────────────┐
│ ExternalDNS │────▶│ Webhook │────▶│ Domeneshop API │
└─────────────────┘ └─────────────────┘ └─────────────────┘
Components
- main.go: Core application with HTTP server and route configuration
- webhook: Implements HTTP endpoints required by ExternalDNS
- internal/client: Domeneshop API client implementation
- internal/provider: Methods for DNS record management
Note on CNAME Records
Domeneshop strictly enforces RFC compliance (RFC 1034, 1912) which prevents CNAME records from coexisting with any other records. Using the --txt-prefix option in ExternalDNS can help work around this limitation.
🧪 Development
For local development:
- Run the webhook locally
- Deploy ExternalDNS pointing to your local instance:
helm upgrade my-release external-dns/external-dns \
--set provider=webhook \
--set webhook.url=http://host.docker.internal:8080
Alternatively, use the Docker gateway IP (172.17.0.1):
--webhook-provider-url=http://172.17.0.1:8080