From 777ffa4fb26efc092c130d57de0848814a5d6a2f Mon Sep 17 00:00:00 2001
From: Dmitrii Iurco <dmitrii.iurco@gmail.com>
Date: Tue, 26 May 2026 13:06:44 -0400
Subject: [PATCH] fix: use DDNS_URL env var for availability check; default to
 port 8080

_check_pic_ngo_available was hardcoding https://ddns.pic.ngo, ignoring
DDNS_URL. Now imports DDNS_API_BASE from setup_manager so both the
availability check and DDNS registration use the same configured URL.

API container now receives DDNS_URL and DDNS_TOTP_SECRET from env.
Default DDNS_URL points to http://ddns.pic.ngo:8080/api/v1 (the
FastAPI service runs on port 8080 without TLS termination in front).

Also returns 503 (not 500) when the DDNS service is unreachable.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 api/routes/setup.py | 15 ++++++++++-----
 docker-compose.yml  |  3 +++
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/api/routes/setup.py b/api/routes/setup.py
index 6b8e160..da8722a 100644
--- a/api/routes/setup.py
+++ b/api/routes/setup.py
@@ -4,6 +4,7 @@ import urllib.request
 import urllib.error
 import json as _json
 from flask import Blueprint, request, jsonify
+from setup_manager import DDNS_API_BASE
 
 logger = logging.getLogger('picell')
 
@@ -54,8 +55,11 @@ def validate_setup_step():
         errors = sm.validate_cell_name(name)
         if errors:
             return jsonify({'available': False, 'errors': errors})
-        available = _check_pic_ngo_available(name)
-        return jsonify({'available': available})
+        try:
+            available = _check_pic_ngo_available(name)
+            return jsonify({'available': available})
+        except Exception:
+            return jsonify({'available': False, 'error': 'DDNS service unreachable'}), 503
 
     if step == 'cloudflare_token':
         token = data.get('token', '').strip()
@@ -92,12 +96,13 @@ def complete_setup():
 
 def _check_pic_ngo_available(name: str) -> bool:
     try:
-        url = f'https://ddns.pic.ngo/api/v1/check/{name}'
+        url = f'{DDNS_API_BASE}/api/v1/check/{name}'
         with urllib.request.urlopen(url, timeout=8) as resp:
             body = _json.loads(resp.read())
             return bool(body.get('available'))
-    except Exception:
-        return True  # assume available if check fails — don't block the wizard
+    except Exception as exc:
+        logger.warning(f'DDNS availability check failed for {name!r}: {exc}')
+        raise
 
 
 def _verify_cloudflare_token(token: str) -> bool:
diff --git a/docker-compose.yml b/docker-compose.yml
index c657b9c..6e28a27 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -204,6 +204,9 @@ services:
     profiles: ["core", "full"]
     ports:
       - "127.0.0.1:${API_PORT:-3000}:3000"
+    environment:
+      - DDNS_URL=${DDNS_URL:-http://ddns.pic.ngo:8080/api/v1}
+      - DDNS_TOTP_SECRET=${DDNS_TOTP_SECRET:-}
     volumes:
       - ./data/api:/app/data
       - ./data/dns:/app/data/dns