network-dns-slice (part 1/2): DNS Clean-Arch slice + single injection point#26
Merged
Merged
Conversation
…e (PR A) Introduce org.iiab.controller.network slice (domain + data + JVM tests) and wire it as the SINGLE DNS injection point: - domain: DnsConfig (mixed primary/secondary, each IPv4 or IPv6), DnsValidator (fail-closed), ports DnsConfigRepository + ResolvConfWriter, use cases Get/Save/ApplyDns. Pure JVM, unit-tested. - data: PrefsDnsConfigRepository (new prefs keys; custom-vs-defaults for the 'Setup DNS' toggle) + FileResolvConfWriter (overwrites resolv.conf so the UI can change DNS dynamically; guards etc/). - wiring: PRootEngine.executeInContainer applies the effective DNS into the rootfs before every proot launch, so the scattered hardcoded writes in DeployFragment (fast-install, restore, bootstrap) + its helper are removed. MainActivity reset/clean-base uses libproot directly and keeps its inline write for now (the one documented exception). UI (Setup DNS panel) is PR B.
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
There was a problem hiding this comment.
Claude Code Review
This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.
Tip: disable this comment in your organization's Code Review settings.
luisguzman-adfa
changed the title
A DNS server can't be the guest itself: 127.0.0.0/8 and ::1 (loopback) and 0.0.0.0 / :: (unspecified) are now rejected by DnsValidator with a clear reason, so the UI shows 'invalid' instead of silently failing/'jumping' when the user enters 127.0.0.1 (it never reaches the probe or gets applied). Unit-tested.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Part 1 of 2 of the DNS feature (sequential, layered). Part 2 (UX) builds on this branch -- see
feat/network-dns-slice-part2-ux.What this does
Introduces the
org.iiab.controller.networkClean-Architecture slice and makes it the single DNS injection point, replacing the three scattered hardcodedresolv.confwrites.DnsConfig(primary/secondary, each a single IPv4 or IPv6 -- mixed allowed),DnsValidator(fail-closed), portsDnsConfigRepository+ResolvConfWriter, use casesGet/Save/ApplyDns.PrefsDnsConfigRepository(new prefs keys; custom-vs-defaults semantics for the future 'Setup DNS' toggle) +FileResolvConfWriter(overwrites resolv.conf so the UI can change DNS dynamically; guardsetc/).PRootEngine.executeInContainernow writes the effective DNS into the rootfs before every proot launch (boot/bootstrap/install/maps). The hardcoded writes +ensureRuntimeNetworkConfighelper inDeployFragmentare removed.Behavior
Equivalent for default DNS (1.1.1.1 / 8.8.8.8), now applied from one place and ready to honor a user-configured value (Part 2). resolv.conf is overwritten each launch (idempotent).
Layering note (if ever reverting)
Strangler refactor in parts. Reverting part 1 alone breaks part 2; reverting part 2 alone leaves backend on defaults with no UI. Sequence, not independent toggles.
Not in this PR
Domain unit-tested.