From 4ebcb1d07720f39961b898d21f0c23a9de8f6ca1 Mon Sep 17 00:00:00 2001 From: Dmitrii Iurco Date: Sun, 7 Jun 2026 04:56:41 -0400 Subject: [PATCH] fix: don't overwrite split-horizon Corefile from _bootstrap_dns The apply_all_dns_rules() call at the end of _bootstrap_dns() was added to force reload 30s into the Corefile on startup. Now that reload 30s is removed (it broke CoreDNS zone serving), the call is unnecessary in LAN mode and actively harmful in DDNS mode: update_split_horizon_zone() already writes the correct Corefile with the split-horizon block; the subsequent apply_all_dns_rules() call would overwrite it without the split-horizon zones, causing all service subdomain lookups to return NXDOMAIN. Co-Authored-By: Claude Sonnet 4.6 --- api/app.py | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/api/app.py b/api/app.py index 6f59d75..fbc7618 100644 --- a/api/app.py +++ b/api/app.py @@ -414,13 +414,11 @@ def _bootstrap_dns(): if effective_domain and effective_domain != domain: import ip_utils caddy_ip = ip_utils.get_service_ips(ip_range).get('caddy', '172.20.0.2') + # update_split_horizon_zone writes both the zone file and the Corefile + # (with the split-horizon block included). No separate apply_all_dns_rules + # call needed — that would overwrite the Corefile and drop the split-horizon block. network_manager.update_split_horizon_zone( effective_domain, caddy_ip, primary_domain=domain) - # Regenerate the Corefile so any new zone blocks or reload options take - # effect immediately without waiting for the next peer modification. - firewall_manager.apply_all_dns_rules( - peer_registry.list_peers(), COREFILE_PATH, domain, - cell_links=cell_link_manager.list_connections()) except Exception as e: logger.warning(f"DNS bootstrap failed (non-fatal): {e}")