ConfigLMM 0.2.0 → 0.4.0

data/Plugins/OS/Linux/WireGuard/WireGuard.lmm.rb

@@ -0,0 +1,137 @@
+
+module ConfigLMM
+    module LMM
+        class WireGuard < Framework::LinuxApp
+
+            WIREGUARD_PACKAGE = 'WireGuard'
+            SERVICE_NAME = 'wg-quick@wg0'
+            CONFIG_FILE = '/etc/wireguard/wg0.conf'
+            PORT = '51820'
+            SUBNET = '172.20.0.0/20'
+
+            persistBuildDir
+
+            def actionWireGuardDeploy(id, target, activeState, context, options)
+                self.prepareConfig(target)
+                if target['Location'] && target['Location'] != '@me'
+                    uri = Addressable::URI.parse(target['Location'])
+                    raise Framework::PluginProcessError.new("#{id}: Unknown Protocol: #{uri.scheme}!") if uri.scheme != 'ssh'
+                    self.class.sshStart(uri) do |ssh|
+                        self.class.sshExec!(ssh, "firewall-cmd -q --permanent --add-port='#{PORT}/udp'")
+                        self.class.sshExec!(ssh, "firewall-cmd -q --add-port='#{PORT}/udp'")
+                        self.class.sshExec!(ssh, "firewall-cmd -q --permanent --zone=trusted --add-source=#{SUBNET}")
+                        self.class.sshExec!(ssh, "firewall-cmd -q --zone=trusted --add-source=#{SUBNET}")
+                        self.class.sshExec!(ssh, "firewall-cmd -q --permanent --direct --add-rule ipv4 nat POSTROUTING 0 -s #{SUBNET} ! -d #{SUBNET} -j MASQUERADE")
+                        self.class.sshExec!(ssh, "firewall-cmd -q --direct --add-rule ipv4 nat POSTROUTING 0 -s #{SUBNET} ! -d #{SUBNET} -j MASQUERADE")
+
+                        self.class.ensurePackages([WIREGUARD_PACKAGE], ssh)
+                        self.class.ensureServiceAutoStartOverSSH(SERVICE_NAME, ssh)
+
+                        dir = options['output'] + '/' + id + '/etc/wireguard/'
+                        mkdir(dir, false)
+                        template = ERB.new(File.read(__dir__ + '/wg0.conf.erb'))
+
+                        if self.class.remoteFilePresent?(CONFIG_FILE, ssh)
+                            # TODO Implement adding and removing peers
+                        else
+                            if !target['PrivateKey']
+                                target['PrivateKey'] = ENV['WIREGUARD_PRIVATEKEY_' + id]
+                                if !target['PrivateKey']
+                                    target['PrivateKey'] = genkeyOverSSH(ssh)
+                                end
+                            end
+                            publicKey = pubkeyOverSSH(target['PrivateKey'], ssh)
+                            self.class.sshExec!(ssh, "echo '#{publicKey}' > /etc/wireguard/pubkey")
+                            target['Peers'].each do |name, data|
+                                if !data['PublicKey']
+                                    data['PrivateKey'] = genkeyOverSSH(ssh)
+                                    data['PublicKey'] = pubkeyOverSSH(data['PrivateKey'], ssh)
+                                end
+                                if !data['PresharedKey']
+                                    data['PresharedKey'] = ENV['WIREGUARD_PRESHAREDKEY_' + id + '_' + name]
+                                    if !data['PresharedKey']
+                                        data['PresharedKey'] = genpskOverSSH(ssh)
+                                    end
+                                end
+                            end
+
+                            target['Peers'].each do |name, data|
+                                templateData = {}
+                                templateData['Address'] = target['Address']
+                                templateData['PrivateKey'] = data['PrivateKey']
+                                templateData['Peers'] = {}
+                                templateData['Peers'][id] = { 'PublicKey' => publicKey, 'PresharedKey' => data['PresharedKey'] }
+                                target['Peers'].each do |otherName, otherData|
+                                    next if name == otherName
+                                    pskIdB = 'PresharedKey_' + otherName + '_' + name
+                                    if otherData.key?(pskIdB)
+                                        psk = otherData[pskIdB]
+                                    else
+                                        pskIdA = 'PresharedKey_' + name + '_' + otherName
+                                        data[pskIdA] = genpskOverSSH(ssh)
+                                        psk = data[pskIdA]
+                                    end
+                                    templateData['Peers'][otherName] = { 'PublicKey' => otherData['PublicKey'], 'PresharedKey' => psk }
+                                end
+
+                                renderTemplate(template, templateData, dir + name + '.conf', options)
+                            end
+
+                            renderTemplate(template, target, dir + 'wg0.conf', options)
+                            ssh.scp.upload!(dir + 'wg0.conf', CONFIG_FILE)
+                        end
+
+                    end
+                else
+                    # TODO
+                end
+                self.startService(SERVICE_NAME, target['Location'])
+
+                activeState['Status'] = State::STATUS_DEPLOYED
+            end
+
+            def cleanup(configs, state, context, options)
+                cleanupType(:WireGuard, configs, state, context, options) do |item, id, state, context, options, ssh|
+                    Framework::LinuxApp.stopService(SERVICE_NAME, ssh, options[:dry])
+                    Framework::LinuxApp.disableService(SERVICE_NAME, ssh, options[:dry])
+                    Framework::LinuxApp.removePackage(WIREGUARD_PACKAGE, ssh, options[:dry])
+
+                    self.class.exec("firewall-cmd -q --permanent --remove-port='#{PORT}/udp'", ssh, false, options[:dry])
+                    self.class.exec("firewall-cmd -q --remove-port='#{PORT}/udp'", ssh, false, options[:dry])
+                    self.class.exec("firewall-cmd -q --permanent --zone=trusted --remove-source=#{SUBNET}", ssh, false, options[:dry])
+                    self.class.exec("firewall-cmd -q --zone=trusted --remove-source=#{SUBNET}", ssh, false, options[:dry])
+                    self.class.exec("firewall-cmd -q --permanent --direct --remove-rule ipv4 nat POSTROUTING 0 -s #{SUBNET} ! -d #{SUBNET} -j MASQUERADE", ssh, false, options[:dry])
+                    self.class.exec("firewall-cmd -q --direct --remove-rule ipv4 nat POSTROUTING 0 -s #{SUBNET} ! -d #{SUBNET} -j MASQUERADE", ssh, false, options[:dry])
+
+                    state.item(id)['Status'] = State::STATUS_DELETED unless options[:dry]
+
+                    if options[:destroy]
+                        rm('/etc/wireguard', options[:dry], ssh)
+
+                        state.item(id)['Status'] = State::STATUS_DESTROYED unless options[:dry]
+                    end
+                end
+            end
+
+            def genkeyOverSSH(ssh)
+              self.class.sshExec!(ssh, 'wg genkey')
+            end
+
+            def genpskOverSSH(ssh)
+              self.class.sshExec!(ssh, 'wg genpsk')
+            end
+
+            def pubkeyOverSSH(privateKey, ssh)
+              self.class.sshExec!(ssh, " echo '#{privateKey}' | wg pubkey")
+            end
+
+            def prepareConfig(target)
+                target['Address'] = '172.20.0.1' unless target['Address']
+                target['Peers'].each do |name, data|
+                    target['Peers'][name] ||= {}
+                    target['Peers'][name]['AllowedIPs'] = SUBNET unless target['Peers'][name]['AllowedIPs']
+                end
+            end
+        end
+    end
+end

data/Plugins/OS/Linux/WireGuard/wg0.conf.erb

@@ -0,0 +1,15 @@
+[Interface]
+Address = <%= config['Address'] %>
+ListenPort = 51820
+PrivateKey = <%= config['PrivateKey'] %>
+
+<% config['Peers'].to_h.each do |name, peer| %>
+# <%= name %>
+[Peer]
+PublicKey = <%= peer['PublicKey'] %>
+PresharedKey = <%= peer['PresharedKey'] %>
+AllowedIPs = <%= peer['AllowedIPs'] %>
+<% if peer['Endpoint'] %>
+Endpoint = <%= peer['Endpoint'] %>:51820
+<% end %>
+<% end %>

data/Plugins/OS/Linux/systemd/systemd.lmm.rb

@@ -0,0 +1,28 @@
+
+module ConfigLMM
+    module LMM
+        class Systemd < Framework::LinuxApp
+
+            SYSTEMD_CONFIG_PATH = '/etc/systemd/system/'
+            USER_SERVICE_DIR = '/etc/systemd/system/user@.service.d/'
+
+            def actionSystemdDeploy(id, target, activeState, context, options)
+                if target['Location'] && target['Location'] != '@me'
+                    if target['UserCgroups']
+                        uri = Addressable::URI.parse(target['Location'])
+                        raise Framework::PluginProcessError.new("#{id}: Unknown Protocol: #{uri.scheme}!") if uri.scheme != 'ssh'
+                        self.class.sshStart(uri) do |ssh|
+                            self.class.sshExec!(ssh, "mkdir -p #{USER_SERVICE_DIR}")
+                            ssh.scp.upload!(__dir__ + '/user-0.slice', SYSTEMD_CONFIG_PATH)
+                            ssh.scp.upload!(__dir__ + '/user@.service.d/delegate.conf', USER_SERVICE_DIR)
+                        end
+                    end
+                else
+                    # TODO
+                end
+
+            end
+
+        end
+    end
+end

data/Plugins/OS/Linux/systemd/user-0.slice

@@ -0,0 +1,9 @@
+
+[Unit]
+Before=systemd-logind.service
+
+[Slice]
+Slice=user.slice
+
+[Install]
+WantedBy=multi-user.target

data/Plugins/OS/Linux/systemd/user@.service.d/delegate.conf

@@ -0,0 +1,3 @@
+
+[Service]
+Delegate=memory pids

data/Plugins/Platforms/GoDaddy/GoDaddy.lmm.rb

@@ -21,13 +21,17 @@ module ConfigLMM
 
                 template = ERB.new(File.read(__dir__ + '/zone.txt.erb'))
 
-                target['DNS'].each do |domain, data|
+                target['DNS'].to_h.each do |domain, data|
                     config = { 'Domain' => domain, 'Records' => '' }
                     data.each do |name, data|
                         self.processDNS(domain, data).each do |type, records|
                             records.each do |record|
-                                shortName = Addressable::IDNA.to_ascii(name)
-                                record[:content] = Addressable::IDNA.to_ascii(record[:content]) if record[:type] == 'CNAME'
+                                shortName = Addressable::IDNA.to_ascii(name) + '.' if type == 'CNAME' || type == 'ALIAS'
+                                if record[:type] == 'MX'
+                                    priority, name = record[:content].split(' ')
+                                    name = Addressable::IDNA.to_ascii(name) + '.'
+                                    record[:content] = [priority, name].join(' ')
+                                end
                                 config['Records'] += [shortName, record[:ttl], ' IN ', record[:type], record[:content]].join("\t") + "\n"
                             end
                         end

data/Plugins/Platforms/libvirt/libvirt.lmm.rb

@@ -37,7 +37,7 @@ module ConfigLMM
                 server = compute.servers.all.find { |server| server.name == serverName }
                 if server
                     server.start
-                    return
+                    return false
                 end
                 settings = {
                     name: serverName,
@@ -77,9 +77,10 @@ module ConfigLMM
                     server.iso_file = File.basename(iso)
                 end
                 server.save
-                activeState['Status'] = 'CREATED'
+                activeState['Status'] = State::STATUS_CREATED
                 state.save
                 server.start
+                true
             end
 
             def dirPoolXML(name, path)

data/Plugins/Services/DNS/PowerDNS.lmm.rb

@@ -4,6 +4,7 @@ require 'uri'
 require 'addressable/uri'
 require 'addressable/idna'
 require 'fog/powerdns'
+require 'http'
 
 module ConfigLMM
     module LMM
@@ -13,6 +14,9 @@ module ConfigLMM
             DEFAULT_HOST = 'localhost'
             DEFAULT_PORT = 8081
             SSH_TIMEOUT = 10
+            PACKAGE_NAME = 'PowerDNS'
+            SERVICE_NAME = 'pdns'
+            USER = 'pdns'
 
             # TODO
             # def actionPowerDNSValidate(id, target, activeState, context, options)
@@ -21,6 +25,7 @@ module ConfigLMM
 
             def actionPowerDNSBuild(id, target, activeState, context, options)
                 if target['Settings']
+                    prepareSettings(target)
                     targetDir = options['output'] + CONFIG_DIR + '/'
                     mkdir(targetDir, options['dry'])
                     content = ''
@@ -44,11 +49,38 @@ module ConfigLMM
             def actionPowerDNSDeploy(id, target, activeState, context, options)
                 #actionPowerDNSDiff(id, target, activeState, context, options)
 
-                deploySettings(target)
-                if target['DNS']
-                    connect(id, target, activeState, context, options) do |host, port, key|
+                deploySettings(target, activeState, options)
+                connect(id, target, activeState, context, options) do |host, port, key|
+                    if target['TSIG']
+                        updateTSIG(host, port, key, target['TSIG'])
+                    end
+                    if target['DNS']
                         updateDNS(host, port, key, target['DNS'])
                     end
+                    if target['Metadata']
+                        updateMetadata(host, port, key, target['Metadata'])
+                    end
+                end
+            end
+
+            def cleanup(configs, state, context, options)
+                cleanupType(:PowerDNS, configs, state, context, options) do |item, id, state, context, options, ssh|
+                    if item['Deploy']
+                        Framework::LinuxApp.stopService(SERVICE_NAME, ssh, options[:dry])
+                        Framework::LinuxApp.firewallRemoveService('dns', ssh, options[:dry])
+                        Framework::LinuxApp.removePackage(PACKAGE_NAME, ssh, options[:dry])
+
+                        state.item(id)['Status'] = State::STATUS_DELETED unless options[:dry]
+
+                        if options[:destroy]
+                            item['Database'] ||= {}
+                            PostgreSQL.dropUserAndDB(item['Database'], USER, ssh, options[:dry])
+                            rm('/etc/pdns', options[:dry], ssh)
+                            state.item(id)['Status'] = State::STATUS_DESTROYED unless options[:dry]
+                        end
+                    else
+                        # TODO
+                    end
                 end
             end
 
@@ -95,7 +127,10 @@ module ConfigLMM
                     canonicalDomain = domain + '.'
 
                     if !dns.list_zones(server).map { |zone| zone['name'].downcase }.include?(canonicalDomain.downcase)
-                        dns.create_zone(server, canonicalDomain, [], { kind: 'Native' })
+                        dns.create_zone(server, canonicalDomain, [], { kind: 'Native' }.update(info['!'].to_h))
+                    elsif !info['!'].to_h.empty?
+                        puts ({ kind: 'Native' }.update(info['!'].to_h).inspect)
+                        dns.update_zone(server, canonicalDomain, { kind: 'Native' }.update(info['!'].to_h))
                     end
 
                     zone = dns.get_zone(server, canonicalDomain)
@@ -103,8 +138,9 @@ module ConfigLMM
                     rrsets = []
                     remove = []
                     info.each do |name, data|
-                        fullName = name + '.' + domain + '.'
-                        fullName = domain + '.' if name == '@'
+                        next if name == '!'
+                        fullName = Addressable::IDNA.to_ascii(name) + '.' + Addressable::IDNA.to_ascii(domain) + '.'
+                        fullName = Addressable::IDNA.to_ascii(domain) + '.' if name == '@'
                         self.processDNS(domain, data).each do |type, records|
                             #remove += removeConflicting(zone, fullName, type)
                             rrset = {
@@ -115,6 +151,21 @@ module ConfigLMM
                                 records: []
                             }
                             records.each do |record|
+                                record[:content] = Addressable::IDNA.to_ascii(record[:content]) + '.' if type == 'CNAME' || type == 'ALIAS'
+                                if type == 'MX'
+                                    priority, name = record[:content].split(' ')
+                                    name = Addressable::IDNA.to_ascii(name) + '.'
+                                    record[:content] = [priority, name].join(' ')
+                                elsif type == 'SOA'
+                                    ns, email, serial, refresh, again, expire, ttl = record[:content].split(' ')
+                                    record[:content] = [Addressable::IDNA.to_ascii(ns) + '.',
+                                                        Addressable::IDNA.to_ascii(email) + '.',
+                                                        serial.to_s,
+                                                        refresh.to_s,
+                                                        again.to_s,
+                                                        expire.to_s,
+                                                        ttl.to_s].join(' ')
+                                end
                                 rrset[:records] << { content: record[:content], disabled: false }
                             end
                             rrsets << rrset
@@ -129,12 +180,111 @@ module ConfigLMM
 
             end
 
-            def deploySettings(target)
-                if target['Settings']
+            def updateTSIG(host, port, key, targetTSIG)
+                server = 'localhost'
+                url = "http://#{host}:#{port}/api/v1/servers/#{server}/tsigkeys"
+                headers = { 'X-Api-Key' => key }
+                targetTSIG.each do |name, info|
+                    data = { name: name, algorithm: info['Algorithm'] }
+                    response = HTTP.headers(headers).post(url, json: data)
+                    if response.status == 201
+                        result = response.parse(:json)
+                        prompt.say("TSIG #{result['name']} key: #{result['key']}", :color => :magenta)
+                    elsif response.status != 409
+                        prompt.say(response.body.to_s, :color => :red)
+                        raise 'Failed to create TSIG key!'
+                    end
+                end
+            end
+
+            def updateMetadata(host, port, key, targetMetadata)
+                server = 'localhost'
+                headers = { 'X-Api-Key' => key }
+                targetMetadata.each do |zone, info|
+                    info.each do |kind, metadata|
+                        url = "http://#{host}:#{port}/api/v1/servers/#{server}/zones/#{Addressable::IDNA.to_ascii(zone)}/metadata/#{kind}"
+                        metadata = [metadata] unless metadata.is_a?(Array)
+                        data = { kind: kind, metadata: metadata }
+                        response = HTTP.headers(headers).put(url, json: data)
+                        if response.status != 200
+                            prompt.say(response.body.to_s, :color => :red)
+                            raise "Failed to update Metadata for #{zone}!"
+                        end
+                    end
+                end
+            end
+
+            def prepareSettings(target)
+                if !target['Settings'].key?('api')
+                    target['Settings']['api'] = 'yes'
+                end
+                if !target['Settings'].key?('expand-alias')
+                    target['Settings']['expand-alias'] = 'yes'
+                end
+                if !target['Settings'].key?('launch')
+                    target['Settings']['launch'] = 'gpgsql'
+                    target['Settings']['gpgsql-host'] = '/run/postgresql'
+                    target['Settings']['gpgsql-user'] = USER
+                    target['Settings']['gpgsql-dbname'] = USER
+                end
+            end
+
+            def deploySettings(target, activeState, options)
+                if target['Location']
+                    uri = Addressable::URI.parse(target['Location'])
+                    params = {}
+                    params = CGI.parse(uri.query) if uri.query
+                    if uri.scheme == 'ssh' && !params.key?('host')
+                        self.class.sshStart(uri) do |ssh|
+                            target['Deploy'] = !!target['Settings'] unless target.key?('Deploy')
+                            activeState['Deploy'] = target['Deploy']
+                            if target['Deploy']
+                                Framework::LinuxApp.ensurePackages([PACKAGE_NAME], ssh)
+                                Framework::LinuxApp.ensureServiceAutoStartOverSSH(SERVICE_NAME, ssh)
+                            end
+                            if target['Settings']
+                                prepareSettings(target)
+                                self.class.sshExec!(ssh, "mkdir -p #{CONFIG_DIR}")
+                                self.class.sshExec!(ssh, "sed -i 's|# include-dir=|include-dir=#{CONFIG_DIR}|' /etc/pdns/pdns.conf")
+                                ssh.scp.upload!(options['output'] + CONFIG_DIR + '/configlmm.conf', CONFIG_DIR + '/configlmm.conf')
+                                apiKeyFile = CONFIG_DIR + '/apiKey.conf'
+                                if !self.class.remoteFilePresent?(apiKeyFile, ssh)
+                                    apiKey = ENV['POWERDNS_API_KEY']
+                                    apiKey = SecureRandom.urlsafe_base64(60) unless apiKey
+                                    self.class.sshExec!(ssh, " echo 'api-key=#{apiKey}' > #{apiKeyFile}")
+                                    self.class.sshExec!(ssh, " chown #{USER}:#{USER} #{apiKeyFile}")
+                                    self.class.sshExec!(ssh, " chmod 400 #{apiKeyFile}")
+                                    prompt.say("PowerDNS API Key: #{apiKey}", )
+                                end
+                                self.configurePostgreSQL(target['Settings'], ssh)
+                            end
+                            if target['Deploy']
+                                Framework::LinuxApp.firewallAddServiceOverSSH('dns', ssh)
+                                Framework::LinuxApp.startServiceOverSSH(SERVICE_NAME, ssh)
+                                activeState['Status'] = State::STATUS_DEPLOYED
+                            end
+                        end
+                    end
+                else
                     # TODO
                 end
             end
 
+            def configurePostgreSQL(settings, ssh)
+                password = SecureRandom.alphanumeric(20)
+                if settings['gpgsql-host'] == 'localhost' || settings['gpgsql-host'].start_with?('/')
+                    PostgreSQL.createUserAndDBOverSSH(USER, password, ssh)
+                    PostgreSQL.importSQL(USER, USER, '/usr/share/doc/packages/pdns/schema.pgsql.sql', ssh)
+                    PostgreSQL.updateOwner(USER, USER, ssh)
+                else
+                    self.class.sshStart("ssh://#{settings['gpgsql-host']}/") do |ssh|
+                        PostgreSQL.createUserAndDBOverSSH(USER, password, ssh)
+                        PostgreSQL.importSQL(USER, USER, '/usr/share/doc/packages/pdns/schema.pgsql.sql', ssh)
+                        PostgreSQL.updateOwner(USER, USER, ssh)
+                    end
+                end
+                password
+            end
 
             def connect(id, target, activeState, context, options)
                 host = DEFAULT_HOST

data/README.md

@@ -221,6 +221,12 @@ First you need to have Ruby and RubyGems. Then you can install it with:
 
     $ gem install ConfigLMM
 
+If that doesn't work (eg. your Ruby is too old) then install with (it will install [RVM](https://rvm.io/))
+
+```
+$ curl -sS https://raw.githubusercontent.com/ConfigLMM/ConfigLMM/master/bootstrap.sh | sh
+```
+
 ## Usage
 
 Create yaml file with desired config, eg.

data/bootstrap.sh

@@ -0,0 +1,92 @@
+#!/usr/bin/sh
+
+distro=$(cat /etc/os-release | grep ^ID= |  cut -d '=' -f 2 | cut -d '"' -f 2)
+
+function admin {
+    if [ "$EUID" -eq "0" ]; then
+        "$@"
+    else
+        sudo "$@"
+    fi
+}
+
+if [ "$EUID" -ne "0" ]; then
+    if ! command -v sudo &> /dev/null; then
+        case $distro in
+
+        opensuse-leap)
+            echo "You don't have sudo! Enter root password to install it"
+            su root -c "zypper install --no-confirm sudo"
+            ;;
+
+        arch)
+            echo "You don't have sudo! Enter root password to install it"
+            admin pacman -S --noconfirm --needed sudo
+            ;;
+
+        *)
+            echo "Sudo not found but is needed!" >&2
+            echo "Don't know how to install it for your $distro distribution!" >&2
+            echo "Submit a PR :)" >&2
+            exit 3
+            ;;
+        esac
+    fi
+fi
+
+case $distro in
+
+opensuse-leap)
+    admin zypper install --no-confirm ruby libvirt-devel
+    ;;
+
+arch)
+    admin pacman -S --noconfirm --needed ruby rubygems
+    ;;
+
+*)
+    if ! command -v ruby &> /dev/null
+    then
+        echo "Ruby not found!" >&2
+        echo "Don't know how to install it for your $distro distribution!" >&2
+        echo "Submit a PR :)" >&2
+        exit 1
+    fi
+    ;;
+esac
+
+if ! command -v gem &> /dev/null; then
+    echo "RubyGems not found!" >&2
+    exit 2
+fi
+
+rubyTooOld=$(ruby -e 'puts RUBY_VERSION.to_f < 3.3 ? 1 : 0')
+
+if [ "$rubyTooOld" -eq "1" ]; then
+    echo "Ruby is too old! Will install RVM" >&2
+    gpg2 --keyserver hkp://keyserver.ubuntu.com --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB >/dev/null
+    curl -sSL https://get.rvm.io | bash -s stable --ruby=3.3.4
+
+    if [ "$EUID" -eq "0" ]; then
+        source /etc/profile.d/rvm.sh
+    else
+        source ~/.rvm/scripts/rvm
+    fi
+
+    if [ "$SHELL" = "/usr/bin/fish" ]; then
+        curl -sSL --create-dirs -o ~/.config/fish/functions/rvm.fish https://raw.github.com/lunks/fish-nuggets/master/functions/rvm.fish
+        sed -i "/rvm default/d" ~/.config/fish/config.fish
+        echo "rvm default" >> ~/.config/fish/config.fish
+    fi
+fi
+
+if [ "$EUID" -eq "0" ]; then
+    # This shouldn't be needed but without it doesn't work
+    export PATH=/usr/local/rvm/gems/ruby-3.3.4/bin:/usr/local/rvm/rubies/ruby-3.3.4/bin:$PATH
+    export GEM_HOME=/usr/local/rvm/gems/ruby-3.3.4
+    export GEM_PATH=/usr/local/rvm/gems/ruby-3.3.4
+fi
+
+bash -lc 'gem install ConfigLMM'
+
+echo "You need to close and reopen your shell" >&2

data/lib/ConfigLMM/Framework/plugins/dns.rb

@@ -23,8 +23,7 @@ module ConfigLMM
 
                 items.each do |item|
                     type, content = item.strip.split('=')
-                    content += '.' if type == 'CNAME' || type == 'ALIAS'
-                    content = domain + '.' if content == '@' || content == '@.'
+                    content = domain if content == '@'
                     content = self.class.externalIp if content == '@me'
                     records[type] ||= []
                     records[type] << { type: type, content: content, ttl: DEFAULT_TTL }