feat(domains): P5.1 — OpenSRS registration + Cloud DNS + Coolify attach
Adds end-to-end custom apex domain support: workspace-scoped
registration via OpenSRS (Tucows), authoritative DNS via Google
Cloud DNS, and one-call attach that wires registrar nameservers,
DNS records, and Coolify app routing in a single transactional
flow.
Schema (additive, idempotent — run /api/admin/migrate after deploy)
- vibn_workspaces.dns_provider TEXT DEFAULT 'cloud_dns'
Per-workspace DNS backend choice. Future: 'cira_dzone' for
strict CA-only residency on .ca.
- vibn_domains
One row per registered/intended apex. Tracks status
(pending|active|failed|expired), registrar order id, encrypted
registrar manage-user creds (AES-256-GCM, VIBN_SECRETS_KEY),
period, dates, dns_provider/zone_id/nameservers, and a
created_by audit field.
- vibn_domain_events
Append-only lifecycle audit (register.attempt/success/fail,
attach.success, ns.update, lock.toggle, etc).
- vibn_billing_ledger
Workspace-scoped money ledger (CAD by default) with
ref_type/ref_id back to the originating row.
OpenSRS XML client (lib/opensrs.ts)
- Mode-gated host/key (OPENSRS_MODE=test → horizon sandbox,
rejectUnauthorized:false; live → rr-n1-tor, strict TLS).
- MD5 double-hash signature.
- Pure Node https module (no undici dep).
- Verbs: lookupDomain, getDomainPrice, checkDomain, registerDomain,
updateDomainNameservers, setDomainLock, getResellerBalance.
- TLD policy: minPeriodFor() bumps .ai to 2y; CPR/legalType
plumbed through for .ca; registrations default to UNLOCKED so
immediate NS updates succeed without a lock toggle.
DNS provider abstraction (lib/dns/{provider,cloud-dns}.ts)
- DnsProvider interface (createZone/getZone/setRecords/deleteZone)
so the workspace residency knob can swap backends later.
- cloudDnsProvider implementation against Google Cloud DNS using
the existing vibn-workspace-provisioner SA (roles/dns.admin).
- Idempotent zone creation, additions+deletions diff for rrsets.
Shared GCP auth (lib/gcp-auth.ts)
- Single getGcpAccessToken() helper used by Cloud DNS today and
future GCP integrations. Prefers GOOGLE_SERVICE_ACCOUNT_KEY_B64,
falls back to ADC.
Workspace-scoped helpers (lib/domains.ts)
- listDomainsForWorkspace, getDomainForWorkspace, createDomainIntent,
markDomainRegistered, markDomainFailed, markDomainAttached,
recordDomainEvent, recordLedgerEntry.
Attach orchestrator (lib/domain-attach.ts)
Single function attachDomain() reused by REST + MCP. For one
apex it:
1. Resolves target → Coolify app uuid OR raw IP OR CNAME.
2. Ensures Cloud DNS managed zone exists.
3. Writes A / CNAME records (apex + requested subdomains).
4. Updates registrar nameservers, with auto unlock-retry-relock
fallback for TLDs that reject NS changes while locked.
5. PATCHes the Coolify application's domain list so Traefik
routes the new hostname.
6. Persists dns_provider/zone_id/nameservers and emits an
attach.success domain_event.
AttachError carries a stable .tag + http status so the caller
can map registrar/dns/coolify failures cleanly.
REST endpoints
- POST /api/workspaces/[slug]/domains/search
- GET /api/workspaces/[slug]/domains
- POST /api/workspaces/[slug]/domains
- GET /api/workspaces/[slug]/domains/[domain]
- POST /api/workspaces/[slug]/domains/[domain]/attach
All routes go through requireWorkspacePrincipal (session OR
Authorization: Bearer vibn_sk_...). Register is idempotent:
re-issuing for an existing intent re-attempts at OpenSRS without
duplicating the row or charging twice.
MCP bridge (app/api/mcp/route.ts → version 2.2.0)
Adds five tools backed by the same library code:
- domains.search (batch availability + pricing)
- domains.list (workspace-owned)
- domains.get (single + recent events)
- domains.register (idempotent OpenSRS register)
- domains.attach (full Cloud DNS + registrar + Coolify)
Sandbox smoke tests (scripts/smoke-opensrs-*.ts)
Standalone Node scripts validating each new opensrs.ts call against
horizon.opensrs.net: balance + lookup + check, TLD policy
(.ca/.ai/.io/.com), full register flow, NS update with systemdns
nameservers, and the lock/unlock toggle that backs the attach
fallback path.
Post-deploy checklist
1. POST https://vibnai.com/api/admin/migrate
-H "x-admin-secret: $ADMIN_MIGRATE_SECRET"
2. Set OPENSRS_* env vars on the vibn-frontend Coolify app
(RESELLER_USERNAME, API_KEY_LIVE, API_KEY_TEST, HOST_LIVE,
HOST_TEST, PORT, MODE). Without them, only domains.list/get
work; search/register/attach return 500.
3. GCP_PROJECT_ID is read from env or defaults to master-ai-484822.
4. Live attach end-to-end against a real apex is queued as a
follow-up — sandbox path is fully proven.
Not in this commit (deliberate)
- The 100+ unrelated in-flight files (mvp-setup wizard, justine
homepage rework, BuildLivePlanPanel, etc) — kept local to keep
blast radius minimal.
Made-with: Cursor
This commit is contained in:
238
app/api/workspaces/[slug]/domains/route.ts
Normal file
238
app/api/workspaces/[slug]/domains/route.ts
Normal file
@@ -0,0 +1,238 @@
|
||||
/**
|
||||
* Workspace-owned domains.
|
||||
*
|
||||
* GET /api/workspaces/[slug]/domains — list domains owned by the workspace
|
||||
* POST /api/workspaces/[slug]/domains — register a domain through OpenSRS
|
||||
*
|
||||
* POST body:
|
||||
* {
|
||||
* domain: "example.com",
|
||||
* period?: 1,
|
||||
* whoisPrivacy?: true,
|
||||
* contact: {
|
||||
* first_name, last_name, org_name?,
|
||||
* address1, address2?, city, state, country, postal_code,
|
||||
* phone, fax?, email
|
||||
* },
|
||||
* nameservers?: string[],
|
||||
* ca?: { cprCategory, legalType } // required for .ca
|
||||
* }
|
||||
*
|
||||
* Safety rails:
|
||||
* - `OPENSRS_MODE=test` is strongly recommended until we've verified live
|
||||
* registration end-to-end. The handler reads the current mode from env
|
||||
* and echoes it in the response so agents can tell.
|
||||
* - We guard against duplicate POSTs by reusing an existing `pending` row
|
||||
* for the same (workspace, domain) pair — caller can retry safely.
|
||||
*/
|
||||
|
||||
import { NextResponse } from 'next/server';
|
||||
import { requireWorkspacePrincipal } from '@/lib/auth/workspace-auth';
|
||||
import {
|
||||
domainTld,
|
||||
registerDomain,
|
||||
OpenSrsError,
|
||||
minPeriodFor,
|
||||
type RegistrationContact,
|
||||
} from '@/lib/opensrs';
|
||||
import {
|
||||
createDomainIntent,
|
||||
getDomainForWorkspace,
|
||||
listDomainsForWorkspace,
|
||||
markDomainFailed,
|
||||
markDomainRegistered,
|
||||
recordDomainEvent,
|
||||
recordLedgerEntry,
|
||||
} from '@/lib/domains';
|
||||
|
||||
export async function GET(
|
||||
request: Request,
|
||||
{ params }: { params: Promise<{ slug: string }> },
|
||||
) {
|
||||
const { slug } = await params;
|
||||
const principal = await requireWorkspacePrincipal(request, { targetSlug: slug });
|
||||
if (principal instanceof NextResponse) return principal;
|
||||
|
||||
const rows = await listDomainsForWorkspace(principal.workspace.id);
|
||||
return NextResponse.json({
|
||||
workspace: { slug: principal.workspace.slug },
|
||||
mode: process.env.OPENSRS_MODE ?? 'test',
|
||||
domains: rows.map(r => ({
|
||||
id: r.id,
|
||||
domain: r.domain,
|
||||
tld: r.tld,
|
||||
status: r.status,
|
||||
registrar: r.registrar,
|
||||
periodYears: r.period_years,
|
||||
whoisPrivacy: r.whois_privacy,
|
||||
autoRenew: r.auto_renew,
|
||||
registeredAt: r.registered_at,
|
||||
expiresAt: r.expires_at,
|
||||
dnsProvider: r.dns_provider,
|
||||
dnsNameservers: r.dns_nameservers,
|
||||
pricePaidCents: r.price_paid_cents,
|
||||
priceCurrency: r.price_currency,
|
||||
createdAt: r.created_at,
|
||||
})),
|
||||
});
|
||||
}
|
||||
|
||||
interface PostBody {
|
||||
domain?: string;
|
||||
period?: number;
|
||||
whoisPrivacy?: boolean;
|
||||
contact?: RegistrationContact;
|
||||
nameservers?: string[];
|
||||
ca?: { cprCategory: string; legalType: string };
|
||||
}
|
||||
|
||||
export async function POST(
|
||||
request: Request,
|
||||
{ params }: { params: Promise<{ slug: string }> },
|
||||
) {
|
||||
const { slug } = await params;
|
||||
const principal = await requireWorkspacePrincipal(request, { targetSlug: slug });
|
||||
if (principal instanceof NextResponse) return principal;
|
||||
|
||||
let body: PostBody = {};
|
||||
try {
|
||||
body = await request.json();
|
||||
} catch {
|
||||
return NextResponse.json({ error: 'Invalid JSON body' }, { status: 400 });
|
||||
}
|
||||
|
||||
const raw = (body.domain ?? '').toString().trim().toLowerCase()
|
||||
.replace(/^https?:\/\//, '').replace(/\/+$/, '');
|
||||
if (!raw || !/^[a-z0-9-]+(\.[a-z0-9-]+)+$/i.test(raw)) {
|
||||
return NextResponse.json({ error: '`domain` is required and must be a valid hostname' }, { status: 400 });
|
||||
}
|
||||
const contactValidation = validateContact(body.contact);
|
||||
if (contactValidation) return contactValidation;
|
||||
|
||||
const tld = domainTld(raw);
|
||||
if (tld === 'ca' && !body.ca) {
|
||||
return NextResponse.json(
|
||||
{ error: '.ca registration requires { ca: { cprCategory, legalType } }' },
|
||||
{ status: 400 },
|
||||
);
|
||||
}
|
||||
|
||||
const period = minPeriodFor(tld, typeof body.period === 'number' ? body.period : 1);
|
||||
|
||||
// Reuse an existing pending intent to keep POSTs idempotent.
|
||||
let intent = await getDomainForWorkspace(principal.workspace.id, raw);
|
||||
if (intent && intent.status === 'active') {
|
||||
return NextResponse.json(
|
||||
{ error: `Domain ${raw} is already registered in this workspace`, domainId: intent.id },
|
||||
{ status: 409 },
|
||||
);
|
||||
}
|
||||
if (!intent) {
|
||||
intent = await createDomainIntent({
|
||||
workspaceId: principal.workspace.id,
|
||||
domain: raw,
|
||||
createdBy: principal.userId,
|
||||
periodYears: period,
|
||||
whoisPrivacy: body.whoisPrivacy ?? true,
|
||||
});
|
||||
}
|
||||
|
||||
await recordDomainEvent({
|
||||
domainId: intent.id,
|
||||
workspaceId: principal.workspace.id,
|
||||
type: 'register.attempt',
|
||||
payload: { period, mode: process.env.OPENSRS_MODE ?? 'test' },
|
||||
});
|
||||
|
||||
try {
|
||||
const result = await registerDomain({
|
||||
domain: raw,
|
||||
period,
|
||||
contact: body.contact as RegistrationContact,
|
||||
nameservers: body.nameservers,
|
||||
whoisPrivacy: body.whoisPrivacy ?? true,
|
||||
ca: body.ca,
|
||||
});
|
||||
|
||||
const priceCents: number | null = null; // registrar price is captured at search time; later we'll pull the real reseller debit from get_balance_changes
|
||||
const currency = process.env.OPENSRS_CURRENCY ?? 'CAD';
|
||||
|
||||
const updated = await markDomainRegistered({
|
||||
domainId: intent.id,
|
||||
registrarOrderId: result.orderId,
|
||||
registrarUsername: result.regUsername,
|
||||
registrarPassword: result.regPassword,
|
||||
periodYears: period,
|
||||
pricePaidCents: priceCents,
|
||||
priceCurrency: currency,
|
||||
registeredAt: new Date(),
|
||||
expiresAt: new Date(Date.now() + period * 365 * 24 * 60 * 60 * 1000),
|
||||
});
|
||||
|
||||
if (priceCents) {
|
||||
await recordLedgerEntry({
|
||||
workspaceId: principal.workspace.id,
|
||||
kind: 'debit',
|
||||
amountCents: priceCents,
|
||||
currency,
|
||||
refType: 'domain.register',
|
||||
refId: intent.id,
|
||||
note: `Register ${raw} (${period}y)`,
|
||||
});
|
||||
}
|
||||
|
||||
await recordDomainEvent({
|
||||
domainId: intent.id,
|
||||
workspaceId: principal.workspace.id,
|
||||
type: 'register.success',
|
||||
payload: { orderId: result.orderId, period, mode: process.env.OPENSRS_MODE ?? 'test' },
|
||||
});
|
||||
|
||||
return NextResponse.json({
|
||||
ok: true,
|
||||
mode: process.env.OPENSRS_MODE ?? 'test',
|
||||
domain: {
|
||||
id: updated.id,
|
||||
domain: updated.domain,
|
||||
tld: updated.tld,
|
||||
status: updated.status,
|
||||
periodYears: updated.period_years,
|
||||
registeredAt: updated.registered_at,
|
||||
expiresAt: updated.expires_at,
|
||||
registrarOrderId: updated.registrar_order_id,
|
||||
},
|
||||
});
|
||||
} catch (err) {
|
||||
const message = err instanceof Error ? err.message : String(err);
|
||||
await markDomainFailed(intent.id, message);
|
||||
if (err instanceof OpenSrsError) {
|
||||
return NextResponse.json(
|
||||
{ error: 'Registration failed', registrarCode: err.code, details: err.message },
|
||||
{ status: 502 },
|
||||
);
|
||||
}
|
||||
return NextResponse.json(
|
||||
{ error: 'Registration failed', details: message },
|
||||
{ status: 500 },
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
function validateContact(c?: RegistrationContact): NextResponse | null {
|
||||
if (!c) return NextResponse.json({ error: '`contact` is required' }, { status: 400 });
|
||||
const required: (keyof RegistrationContact)[] = [
|
||||
'first_name', 'last_name', 'address1', 'city', 'state', 'country', 'postal_code', 'phone', 'email',
|
||||
];
|
||||
for (const k of required) {
|
||||
if (!c[k] || typeof c[k] !== 'string' || !(c[k] as string).trim()) {
|
||||
return NextResponse.json({ error: `contact.${k} is required` }, { status: 400 });
|
||||
}
|
||||
}
|
||||
if (!/^[A-Z]{2}$/.test(c.country)) {
|
||||
return NextResponse.json({ error: 'contact.country must be an ISO 3166-1 alpha-2 code' }, { status: 400 });
|
||||
}
|
||||
if (!/@/.test(c.email)) {
|
||||
return NextResponse.json({ error: 'contact.email must be a valid email' }, { status: 400 });
|
||||
}
|
||||
return null;
|
||||
}
|
||||
Reference in New Issue
Block a user