Mark Henderson
d6c87a052e
Adds end-to-end custom apex domain support: workspace-scoped
registration via OpenSRS (Tucows), authoritative DNS via Google
Cloud DNS, and one-call attach that wires registrar nameservers,
DNS records, and Coolify app routing in a single transactional
flow.
Schema (additive, idempotent — run /api/admin/migrate after deploy)
- vibn_workspaces.dns_provider TEXT DEFAULT 'cloud_dns'
Per-workspace DNS backend choice. Future: 'cira_dzone' for
strict CA-only residency on .ca.
- vibn_domains
One row per registered/intended apex. Tracks status
(pending|active|failed|expired), registrar order id, encrypted
registrar manage-user creds (AES-256-GCM, VIBN_SECRETS_KEY),
period, dates, dns_provider/zone_id/nameservers, and a
created_by audit field.
- vibn_domain_events
Append-only lifecycle audit (register.attempt/success/fail,
attach.success, ns.update, lock.toggle, etc).
- vibn_billing_ledger
Workspace-scoped money ledger (CAD by default) with
ref_type/ref_id back to the originating row.
OpenSRS XML client (lib/opensrs.ts)
- Mode-gated host/key (OPENSRS_MODE=test → horizon sandbox,
rejectUnauthorized:false; live → rr-n1-tor, strict TLS).
- MD5 double-hash signature.
- Pure Node https module (no undici dep).
- Verbs: lookupDomain, getDomainPrice, checkDomain, registerDomain,
updateDomainNameservers, setDomainLock, getResellerBalance.
- TLD policy: minPeriodFor() bumps .ai to 2y; CPR/legalType
plumbed through for .ca; registrations default to UNLOCKED so
immediate NS updates succeed without a lock toggle.
DNS provider abstraction (lib/dns/{provider,cloud-dns}.ts)
- DnsProvider interface (createZone/getZone/setRecords/deleteZone)
so the workspace residency knob can swap backends later.
- cloudDnsProvider implementation against Google Cloud DNS using
the existing vibn-workspace-provisioner SA (roles/dns.admin).
- Idempotent zone creation, additions+deletions diff for rrsets.
Shared GCP auth (lib/gcp-auth.ts)
- Single getGcpAccessToken() helper used by Cloud DNS today and
future GCP integrations. Prefers GOOGLE_SERVICE_ACCOUNT_KEY_B64,
falls back to ADC.
Workspace-scoped helpers (lib/domains.ts)
- listDomainsForWorkspace, getDomainForWorkspace, createDomainIntent,
markDomainRegistered, markDomainFailed, markDomainAttached,
recordDomainEvent, recordLedgerEntry.
Attach orchestrator (lib/domain-attach.ts)
Single function attachDomain() reused by REST + MCP. For one
apex it:
1. Resolves target → Coolify app uuid OR raw IP OR CNAME.
2. Ensures Cloud DNS managed zone exists.
3. Writes A / CNAME records (apex + requested subdomains).
4. Updates registrar nameservers, with auto unlock-retry-relock
fallback for TLDs that reject NS changes while locked.
5. PATCHes the Coolify application's domain list so Traefik
routes the new hostname.
6. Persists dns_provider/zone_id/nameservers and emits an
attach.success domain_event.
AttachError carries a stable .tag + http status so the caller
can map registrar/dns/coolify failures cleanly.
REST endpoints
- POST /api/workspaces/[slug]/domains/search
- GET /api/workspaces/[slug]/domains
- POST /api/workspaces/[slug]/domains
- GET /api/workspaces/[slug]/domains/[domain]
- POST /api/workspaces/[slug]/domains/[domain]/attach
All routes go through requireWorkspacePrincipal (session OR
Authorization: Bearer vibn_sk_...). Register is idempotent:
re-issuing for an existing intent re-attempts at OpenSRS without
duplicating the row or charging twice.
MCP bridge (app/api/mcp/route.ts → version 2.2.0)
Adds five tools backed by the same library code:
- domains.search (batch availability + pricing)
- domains.list (workspace-owned)
- domains.get (single + recent events)
- domains.register (idempotent OpenSRS register)
- domains.attach (full Cloud DNS + registrar + Coolify)
Sandbox smoke tests (scripts/smoke-opensrs-*.ts)
Standalone Node scripts validating each new opensrs.ts call against
horizon.opensrs.net: balance + lookup + check, TLD policy
(.ca/.ai/.io/.com), full register flow, NS update with systemdns
nameservers, and the lock/unlock toggle that backs the attach
fallback path.
Post-deploy checklist
1. POST https://vibnai.com/api/admin/migrate
-H "x-admin-secret: $ADMIN_MIGRATE_SECRET"
2. Set OPENSRS_* env vars on the vibn-frontend Coolify app
(RESELLER_USERNAME, API_KEY_LIVE, API_KEY_TEST, HOST_LIVE,
HOST_TEST, PORT, MODE). Without them, only domains.list/get
work; search/register/attach return 500.
3. GCP_PROJECT_ID is read from env or defaults to master-ai-484822.
4. Live attach end-to-end against a real apex is queued as a
follow-up — sandbox path is fully proven.
Not in this commit (deliberate)
- The 100+ unrelated in-flight files (mvp-setup wizard, justine
homepage rework, BuildLivePlanPanel, etc) — kept local to keep
blast radius minimal.
Made-with: Cursor
145 lines
4.4 KiB
TypeScript
145 lines
4.4 KiB
TypeScript
/**
|
|
* Google Cloud DNS driver.
|
|
*
|
|
* Auth uses the shared vibn-workspace-provisioner SA (which we granted
|
|
* roles/dns.admin). Zones are created as PUBLIC managed zones in the
|
|
* configured GCP project. Visibility is global (anycast) — see
|
|
* `AI_CAPABILITIES_ROADMAP.md#P5.1` for the residency note.
|
|
*
|
|
* Every read/write goes through https://dns.googleapis.com/dns/v1.
|
|
*/
|
|
|
|
import { getGcpAccessToken, GCP_PROJECT_ID } from '@/lib/gcp-auth';
|
|
import type { DnsProvider, DnsRecord, DnsZone } from './provider';
|
|
|
|
const API = `https://dns.googleapis.com/dns/v1/projects/${GCP_PROJECT_ID}`;
|
|
|
|
function zoneName(apex: string): string {
|
|
// Cloud DNS managed-zone names must match [a-z0-9-]+ and start with a letter.
|
|
const slug = apex.toLowerCase().replace(/[^a-z0-9-]/g, '-');
|
|
return `vibn-${slug}`;
|
|
}
|
|
|
|
async function authedFetch(
|
|
method: 'GET' | 'POST' | 'DELETE' | 'PATCH',
|
|
path: string,
|
|
body?: unknown,
|
|
): Promise<Response> {
|
|
const token = await getGcpAccessToken();
|
|
const headers: Record<string, string> = {
|
|
Authorization: `Bearer ${token}`,
|
|
Accept: 'application/json',
|
|
};
|
|
if (body) headers['Content-Type'] = 'application/json';
|
|
return fetch(`${API}${path}`, {
|
|
method,
|
|
headers,
|
|
body: body ? JSON.stringify(body) : undefined,
|
|
});
|
|
}
|
|
|
|
async function parseOrThrow<T>(res: Response, context: string): Promise<T> {
|
|
const text = await res.text();
|
|
if (!res.ok) {
|
|
throw new Error(`[cloud-dns ${context} ${res.status}] ${text.slice(0, 500)}`);
|
|
}
|
|
return text ? JSON.parse(text) : ({} as T);
|
|
}
|
|
|
|
interface CloudDnsManagedZone {
|
|
name: string;
|
|
dnsName: string;
|
|
nameServers?: string[];
|
|
creationTime?: string;
|
|
visibility?: string;
|
|
}
|
|
|
|
interface CloudDnsRrSet {
|
|
name: string;
|
|
type: string;
|
|
ttl?: number;
|
|
rrdatas: string[];
|
|
}
|
|
|
|
interface CloudDnsChange {
|
|
additions?: CloudDnsRrSet[];
|
|
deletions?: CloudDnsRrSet[];
|
|
kind: 'dns#change';
|
|
}
|
|
|
|
export const cloudDnsProvider: DnsProvider = {
|
|
id: 'cloud_dns',
|
|
|
|
async createZone(apex) {
|
|
const name = zoneName(apex);
|
|
const dnsName = apex.endsWith('.') ? apex : `${apex}.`;
|
|
// Idempotent: if the zone already exists, return it unchanged.
|
|
const existing = await cloudDnsProvider.getZone(apex);
|
|
if (existing) return existing;
|
|
|
|
const res = await authedFetch('POST', `/managedZones`, {
|
|
name,
|
|
dnsName,
|
|
description: `Vibn-managed zone for ${apex}`,
|
|
visibility: 'public',
|
|
});
|
|
const zone = await parseOrThrow<CloudDnsManagedZone>(res, 'createZone');
|
|
return {
|
|
apex,
|
|
zoneId: zone.name,
|
|
nameservers: zone.nameServers ?? [],
|
|
createdAt: zone.creationTime,
|
|
};
|
|
},
|
|
|
|
async getZone(apex) {
|
|
const name = zoneName(apex);
|
|
const res = await authedFetch('GET', `/managedZones/${name}`);
|
|
if (res.status === 404) return null;
|
|
const zone = await parseOrThrow<CloudDnsManagedZone>(res, 'getZone');
|
|
return {
|
|
apex,
|
|
zoneId: zone.name,
|
|
nameservers: zone.nameServers ?? [],
|
|
createdAt: zone.creationTime,
|
|
};
|
|
},
|
|
|
|
/**
|
|
* Replaces the record set for each (name,type) pair in `records`. Other
|
|
* record sets on the zone are untouched.
|
|
*/
|
|
async setRecords(apex, records) {
|
|
const name = zoneName(apex);
|
|
const dnsName = apex.endsWith('.') ? apex : `${apex}.`;
|
|
// Fetch existing rrsets for these (name,type) pairs so we can delete
|
|
// them as part of the atomic change.
|
|
const existingRes = await authedFetch('GET', `/managedZones/${name}/rrsets`);
|
|
const existingJson = await parseOrThrow<{ rrsets?: CloudDnsRrSet[] }>(existingRes, 'listRrsets');
|
|
const existing = existingJson.rrsets ?? [];
|
|
|
|
const rel = (nm: string) => (nm === '@' ? dnsName : `${nm}.${dnsName}`);
|
|
|
|
const additions: CloudDnsRrSet[] = records.map(r => ({
|
|
name: rel(r.name),
|
|
type: r.type,
|
|
ttl: r.ttl ?? 300,
|
|
rrdatas: r.rrdatas,
|
|
}));
|
|
|
|
const wantPairs = new Set(additions.map(a => `${a.name}|${a.type}`));
|
|
const deletions = existing.filter(e => wantPairs.has(`${e.name}|${e.type}`));
|
|
|
|
const change: CloudDnsChange = { kind: 'dns#change', additions, deletions };
|
|
const res = await authedFetch('POST', `/managedZones/${name}/changes`, change);
|
|
await parseOrThrow(res, 'setRecords');
|
|
},
|
|
|
|
async deleteZone(apex) {
|
|
const name = zoneName(apex);
|
|
const res = await authedFetch('DELETE', `/managedZones/${name}`);
|
|
if (res.status === 404) return;
|
|
await parseOrThrow(res, 'deleteZone');
|
|
},
|
|
};
|