Using Cloudflare for Dynamic DNS on Unifi

I have recently been revisiting my home server setup and moving more “core” tools onto Raspberry Pis as opposed to my ageing HP MicroServer. As part of this, I had been checking if the way I had things set up was still a good way to go.

Up until last week I was using ddclient for updating a DNS record in Cloudflare with my home IP address for the (now rare) cases where I need remote access back into my home network. I had always found it strange that the Dynamic DNS options in Unifi did not support Cloudflare.

Now there is the Cloudflare DDNS for UniFi OS project.

Cloudflare Worker script that exposes a UniFi-compatible DDNS API to dynamically update the IP address of a DNS A record.

With this I can deploy a (free) Cloudflare worker that the Unifi OS can call to update my DNS record without requiring to run additional service containers on my local network.

I did initially have some problems setting this up (which have now fixed by a PR), and this blog post was very helpful in providing commands that could be ran from the USG-3P to force Dynamic DNS updates while I was testing changes: Configuring Ubiquiti UniFi USG to use Namecheap DDNS.


Extracting a Maven Artifact Version from the Command Line

As part of ongoing maintenance and releases to application servers, I needed a quick way to determine the versions of various components to check if they were up to date or not.

Ideally what I was after was a shell command I could run against one or more components to extract version information, as ultimately this check would likely be run via an SSH session from a central management host.

This one-liner can do what I needed:

$ unzip -p component.jar 'META-INF/maven/*/pom.properties' | grep '^version=' | cut -d '=' -f 2
0.1.5-SNAPSHOT

Note that this may return more than one version number if the component is a fat or shaded jar file. If you at least know some of the groupId you can be more specific in the file path to extract the version from. The pom.properties file is always located in META-INF/maven/<groupId>/<artifactId>/pom.properties.

unzip -p component.jar 'META-INF/maven/com.devwithimagination*/*/pom.properties'

Introducing sonar-alloweddependencies-plugin

Around a year ago I published part 2 of this series, providing an approach for restricting the dependencies which could be downloaded through a Nexus repository server.

One struggle that became obvious when trying to implement this approach at scale is that you are required to approve all the transitive dependencies down the chain too. NPM projects especially become unreasonable to maintain quickly. As an example one of my pretty basic Homebridge plugins has a total of 15 dependencies between dependencies and devDependencies - after deduplication the dependency tree has more than 800 items. That is not maintainable through Nexus content selectors.

A different approach, which does not prevent downloading, is to integrate checks into the code quality analysis performed by SonarQube. There are no rules built in to do this though, so a custom plugin was required.

» Continue reading


Revisiting Selective Code Generation from OpenAPI Specifications

I have now moved fully to using the openapi-generator for generating code from OpenAPI specifications, instead of the “official” swagger-codegen. This fork, by some of the original maintainers, has a much more active community & development pace over the original project. My PR to improve tag support in swagger-codegen is still sitting with no activity more than 6 months on.

Using tags as part of generation has been supported for all JAX-RS based generators as of version 5 of openapi-generator. I am using this through through the maven plugin, which correctly integrates with maven to add generated sources to the sources paths. We use this with the generate goal linked to the maven lifecycle so code generation is performed in every build of the project, so we can be sure that the code in the produced artefact reflects the specification in the repository.

The maven plugin has very detailed documentation with all the configuration options available for it, but going into this it is worth noting that some of the terminology is different between the two forks of the plugin. This is reflected in the documentation. Individual generators are documented here.

» Continue reading