pending-dns 1.2.0 → 1.2.2

package/.github/workflows/deploy.yml

@@ -0,0 +1,37 @@
+on:
+    push:
+        branches:
+            - master
+
+name: Deploy instance
+
+jobs:
+    deploy:
+        name: Deploy
+        runs-on: ubuntu-latest
+
+        steps:
+            - name: Checkout
+              uses: actions/checkout@v2
+
+            - name: Install SSH key
+              uses: shimataro/ssh-key-action@v2
+              with:
+                  key: ${{ secrets.SSH_KEY }}
+                  known_hosts: ${{ secrets.KNOWN_HOSTS }}
+
+            - name: Deploy to server
+              env:
+                  TARGET_HOST_01: dns-01.emailengine.app
+                  TARGET_HOST_02: dns-02.emailengine.app
+                  NODE_ENV: production
+                  SERVICE_NAME: pending-dns
+              id: deploy
+              run: |
+                  echo $GITHUB_SHA > commit.txt
+                  npm install --production
+                  tar czf /tmp/${SERVICE_NAME}.tar.gz --exclude .git .
+                  scp /tmp/${SERVICE_NAME}.tar.gz deploy@${TARGET_HOST_01}:
+                  scp /tmp/${SERVICE_NAME}.tar.gz deploy@${TARGET_HOST_02}:
+                  ssh deploy@$TARGET_HOST_01 "/opt/deploy.sh ${SERVICE_NAME}"
+                  ssh deploy@$TARGET_HOST_02 "/opt/deploy.sh ${SERVICE_NAME}"

package/LICENSE.txt

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2020 Andris Reinman
+Copyright (c) 2020-2023 Andris Reinman
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package/bin/pending-dns.js

@@ -0,0 +1,49 @@
+#!/usr/bin/env node
+/* eslint global-require: 0 */
+'use strict';
+
+const packageData = require('../package.json');
+const fs = require('fs');
+const pathlib = require('path');
+const argv = require('minimist')(process.argv.slice(2));
+
+function run() {
+    let cmd = ((argv._ && argv._[0]) || '').toLowerCase();
+    if (!cmd) {
+        if (argv.version || argv.v) {
+            cmd = 'version';
+        }
+
+        if (argv.help || argv.h) {
+            cmd = 'help';
+        }
+    }
+
+    switch (cmd) {
+        case 'help':
+            // Show version
+            fs.readFile(pathlib.join(__dirname, '..', 'help.txt'), (err, helpText) => {
+                if (err) {
+                    console.error('Failed to load help information');
+                    console.error(err);
+                    return process.exit(1);
+                }
+                console.error(helpText.toString().trim());
+                console.error('');
+                process.exit();
+            });
+            break;
+
+        case 'version':
+            // Show version
+            console.log(`EmailEngine v${packageData.version} (${packageData.license})`);
+            return process.exit();
+
+        default:
+            // run normally
+            require('../server');
+            break;
+    }
+}
+
+run();

package/config/default.toml

@@ -1,143 +1,143 @@
 
 [log]
-    level = "trace"
+level = "trace"
 
 [dbs]
 
-    # By default all redis commands are sent against the same instance
-    redis = "redis://127.0.0.1:6379/2"
+# By default all redis commands are sent against the same instance
+redis = "redis://127.0.0.1:6379/2"
 
-    # Alternatively you can separate write and read tasks
-    # by writing to master and reading from a closer replica
+# Alternatively you can separate write and read tasks
+# by writing to master and reading from a closer replica
 
-    # Redis master
-    #redisRead = "redis://127.0.0.1:6379/2"
+# Redis master
+#redisRead = "redis://127.0.0.1:6379/2"
 
-    # Redis replica, preferrably localhost for fastest responses
-    #redisWrite = "redis://127.0.0.1:6379/2"
+# Redis replica, preferrably localhost for fastest responses
+#redisWrite = "redis://127.0.0.1:6379/2"
 
 [api]
-    # If enabled=false then API server is not started and configuration is not used
-    enabled = true
-    workers = 2
+# If enabled=false then API server is not started and configuration is not used
+enabled = true
+workers = 1
 
-    # You want to keep this local or firewalled otherwise anyone would be able to change DNS records
-    # Do not use ports 80 or 443 as these are needed for the redirect interface
-    port = 5080
-    host = "127.0.0.1"
+# You want to keep this local or firewalled otherwise anyone would be able to change DNS records
+# Do not use ports 80 or 443 as these are needed for the redirect interface
+port = 5080
+host = "127.0.0.1"
 
 [dns]
-    # If enabled=false then DNS server is not started and configuration is not used
-    enabled = true
-    workers = 2
+# If enabled=false then DNS server is not started and configuration is not used
+enabled = true
+workers = 2
 
-    # Default TTL value for all records
-    ttl = 300 # 5 min
+# Default TTL value for all records
+ttl = 300 # 5 min
 
-    # Use 53 on production.
-    # This port is used both for TCP and UDP so make sure both are allowed by the firewall
-    #    ufw allow 53/tcp
-    #    ufw allow 53/udp
-    port = 5053
+# Use 53 on production.
+# This port is used both for TCP and UDP so make sure both are allowed by the firewall
+#    ufw allow 53/tcp
+#    ufw allow 53/udp
+port = 5053
 
-    # In most cases you have to set actual interface IP address here
-    # instead of using 0.0.0.0 as there might be already some other DNS
-    # handlers running (eg. SystemD stub resolver) on some local address
-    host = "127.0.0.1"
+# In most cases you have to set actual interface IP address here
+# instead of using 0.0.0.0 as there might be already some other DNS
+# handlers running (eg. SystemD stub resolver) on some local address
+host = "127.0.0.1"
 
 # List of Name Servers running this system
 # 1) ACME certificates are created only for domains that have NS records set to these values
 # 2) These values are reported as NS records for all domains
 [[ns]]
-    # First NS in the list is also reported as the master in SOA record
-    domain = "testdns01.pendingdns.com"
-    ip = "188.165.168.22"
+# First NS in the list is also reported as the master in SOA record
+domain = "testdns01.pendingdns.com"
+ip = "188.165.168.22"
 [[ns]]
-    domain = "testdns02.pendingdns.com"
-    ip = "51.38.177.242"
+domain = "testdns02.pendingdns.com"
+ip = "51.38.177.242"
 
 # SOA info
 # 1) This is reported as the SOA record for all domains
 [soa]
-    admin = "hostmaster.pendingdns.com"
-    serial = 2020050501
-    refresh = 3600
-    retry = 600
-    expiration = 604800
-    minimum = 60
+admin = "hostmaster.pendingdns.com"
+serial = 2020050501
+refresh = 3600
+retry = 600
+expiration = 604800
+minimum = 60
 
 # Resolver for external DNS queries, set ns=false to use system default
 # Mostly used for ANAME resolving
 [resolver]
-    ns = ["8.8.8.8", "1.1.1.1"]
+ns = ["8.8.8.8", "1.1.1.1"]
 
 # Settings for Let's Encrypt certificate generation
 [acme]
-    # Local identifier for the ACME account
-    key = "staging"
-    # Defaults to Let's Encrypt staging environment
-    directoryUrl = "https://acme-staging-v02.api.letsencrypt.org/directory"
-    
-    #key = "production"
-    #directoryUrl = "https://acme-v02.api.letsencrypt.org/directory"
-    
-    # Email address to recive account related notifications
-    # This value must be set as this is the person who agrees to LE TOS
-    #email = "hostmaster@example.com"
-    email = ""
+# Local identifier for the ACME account
+key = "staging"
+# Defaults to Let's Encrypt staging environment
+directoryUrl = "https://acme-staging-v02.api.letsencrypt.org/directory"
+
+#key = "production"
+#directoryUrl = "https://acme-v02.api.letsencrypt.org/directory"
+
+# Email address to recive account related notifications
+# This value must be set as this is the person who agrees to LE TOS
+#email = "hostmaster@example.com"
+email = ""
 
 [public]
-    # If enabled=false then URL redirect server is not started and configuration is not used
-    enabled = true
-    server = "PendingDNS/1.0"
-    workers = 2
-    
-    # path to error files, you can use your own error pages instead of the default ones
-    # make sure though that the service user is able to read these
-    # 1) All paths are relative to working directory, eg. /opt/pending-dns
-    [public.errors]
-        error404 = "./views/errors/404.hbs"
-        error500 = "./views/errors/500.hbs"
-
-    [public.http]
-        # URL record handling over HTTP
-        # Set to 80 in production
-        port = 6080
-        host = "0.0.0.0"
-
-    [public.https]
-        # URL record handling over HTTPS/HTTP2
-        # Set to 443 in production
-        port = 6443
-        host = "0.0.0.0"
-
-        # Path to default certificate files
-        # These are used only for unknown domains, so can leave as is to use self-signed certs
-        #key = "/path/to/default-privkey.pem"
-        #cert = "/path/to/default-cert.pem"
-        
-        # Path to dhparam file
-        # Generate using: openssl dhparam -out /path/to/dhparam.pem 4096
-        #dhParam = "/path/to/dhparam.pem"
-
-        # Allowed ciphers list. Leave empty for Node.js default set of ciphers
-        ciphers = "ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384"
-
-    # List redirect server IP addresses here
-    # These are returned as A/AAAA query responses for the URL domain
-    # It should include the IP addresses for all servers where you have PendingDNS installed and "public.enabled=true"
-    [public.hosts]
-        A = ["127.0.0.1", "127.0.0.2"]
-        AAAA = []
+# If enabled=false then URL redirect server is not started and configuration is not used
+enabled = true
+server = "PendingDNS/1.0"
+workers = 2
+
+# path to error files, you can use your own error pages instead of the default ones
+# make sure though that the service user is able to read these
+# 1) All paths are relative to working directory, eg. /opt/pending-dns
+[public.errors]
+error404 = "./views/errors/404.hbs"
+error500 = "./views/errors/500.hbs"
+
+[public.http]
+# URL record handling over HTTP
+# Set to 80 in production
+port = 6080
+host = "0.0.0.0"
+
+[public.https]
+# URL record handling over HTTPS/HTTP2
+# Set to 443 in production
+port = 6443
+host = "0.0.0.0"
+
+# Path to default certificate files
+# These are used only for unknown domains, so can leave as is to use self-signed certs
+#key = "/path/to/default-privkey.pem"
+#cert = "/path/to/default-cert.pem"
+
+# Path to dhparam file
+# Generate using: openssl dhparam -out /path/to/dhparam.pem 4096
+#dhParam = "/path/to/dhparam.pem"
+
+# Allowed ciphers list. Leave empty for Node.js default set of ciphers
+ciphers = "ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384"
+
+# List redirect server IP addresses here
+# These are returned as A/AAAA query responses for the URL domain
+# It should include the IP addresses for all servers where you have PendingDNS installed and "public.enabled=true"
+[public.hosts]
+A = ["127.0.0.1", "127.0.0.2"]
+AAAA = []
 
 [process]
-    # Change user for child processes once privileged ports have been bound
-    #user="www-data"
-    #group="www-data"
+# Change user for child processes once privileged ports have been bound
+#user="www-data"
+#group="www-data"
 
 [health]
-    enabled = true # If enabled=false then health checks are not performed
-    workers = 1
-    handlers = 1 # How many health checks to run in parallel
-    ttl = 30000 # Time in milliseconds until pending health check is considered failing
-    delay = 60000 # Time in milliseconds between health checks against same target
+enabled = true # If enabled=false then health checks are not performed
+workers = 1
+handlers = 1   # How many health checks to run in parallel
+ttl = 30000    # Time in milliseconds until pending health check is considered failing
+delay = 60000  # Time in milliseconds between health checks against same target

package/entitlements.mac.plist

@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+  <dict>
+    <key>com.apple.security.cs.allow-jit</key>
+    <true/>
+    <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
+    <true/>
+    <key>com.apple.security.cs.allow-dyld-environment-variables</key>
+    <true/>
+    <key>com.apple.security.cs.disable-library-validation</key>
+    <true/>
+    <key>com.apple.security.network.client</key>
+    <true/>
+    <key>com.apple.security.network.server</key>
+    <true/>
+  </dict>
+</plist>

package/help.txt

@@ -0,0 +1,23 @@
+pending-dns [command] [options]
+
+Lightweight API driven Authoritative DNS server.
+
+Commands:
+  pending-dns                   Run the application
+  pending-dns help              Show this information
+
+Options:
+  -h, --help     Show help 
+  
+  General options:
+  --dbs.redis               Database connection URL                      [string]
+  --log.level               Log level                 [string] [default: "trace"]
+
+  API options:
+  --api.host                Host to bind to       [string] [default: "127.0.0.1"]
+  --api.port                Port to bind to              [number] [default: 5080]
+
+  DNS options:
+  --dns.host                Host to bind to       [string] [default: "127.0.0.1"]
+  --dns.port                Port to bind to              [number] [default: 5053]
+

package/lib/dns-tcp-server.js

@@ -46,7 +46,9 @@ class DNSTcpServer extends EventEmitter {
                     } catch (err) {
                         // ignore
                     }
+                    return;
                 }
+
                 request.source = {
                     type: 'tcp',
                     port: socket.remotePort,

package/lib/dns-udp-server.js

@@ -27,7 +27,9 @@ class DNSUdpServer extends EventEmitter {
             request = Packet.parse(buffer);
         } catch (err) {
             logger.error({ msg: 'Failed to parse DNS package', type: 'udp', err, buffer, port: rinfo.port, address: rinfo.address });
+            return;
         }
+
         request.source = {
             type: 'udp',
             port: rinfo.port,

package/package.json

@@ -1,12 +1,15 @@
 {
     "name": "pending-dns",
-    "version": "1.2.0",
+    "version": "1.2.2",
     "description": "Lightweight API driven DNS server",
     "main": "index.js",
     "scripts": {
         "start": "node server.js",
         "test": "grunt",
-        "licenses": "npm-license-crawler --production --csv ./licenses.csv"
+        "build-source": "rm -rf node_modules package-lock.json && npm install && npm run licenses && rm -rf node_modules package-lock.json && npm install --production && rm -rf package-lock.json",
+        "build-dist-fast": "npx pkg --debug package.json && rm -rf package-lock.json && npm install",
+        "build-dist": "npx pkg --compress Brotli package.json && rm -rf package-lock.json && npm install",
+        "licenses": "license-report --only=prod --output=table --config license-report-config.json > licenses.txt"
     },
     "repository": {
         "type": "git",
@@ -25,36 +28,56 @@
     },
     "homepage": "https://github.com/postalsys/pending-dns#readme",
     "devDependencies": {
-        "eslint": "8.18.0",
+        "eslint": "8.47.0",
         "eslint-config-nodemailer": "1.2.0",
-        "eslint-config-prettier": "8.5.0",
-        "grunt": "1.5.3",
+        "eslint-config-prettier": "9.0.0",
+        "grunt": "1.6.1",
         "grunt-cli": "1.4.3",
-        "grunt-eslint": "24.0.0",
-        "npm-license-crawler": "0.2.1"
+        "grunt-eslint": "24.3.0",
+        "license-report": "6.4.0"
     },
     "dependencies": {
+        "@bugsnag/js": "7.21.0",
         "@fidm/x509": "1.2.1",
-        "@hapi/boom": "10.0.0",
-        "@hapi/hapi": "20.2.2",
-        "@hapi/inert": "6.0.5",
+        "@hapi/boom": "10.0.1",
+        "@hapi/hapi": "21.3.2",
+        "@hapi/inert": "7.1.0",
         "@hapi/joi": "17.1.1",
-        "@hapi/vision": "6.1.0",
+        "@hapi/vision": "7.0.3",
         "@root/acme": "3.1.0",
         "@root/csr": "0.8.1",
-        "dns2": "2.0.2",
-        "hapi-pino": "10.1.0",
-        "hapi-swagger": "14.5.5",
+        "dns2": "2.1.0",
+        "handlebars": "4.7.8",
+        "hapi-pino": "12.1.0",
+        "hapi-swagger": "17.1.0",
         "http-proxy": "1.18.1",
-        "ioredfour": "1.2.0-ioredis-06",
-        "ioredis": "5.0.6",
-        "ipaddr.js": "2.0.1",
+        "ioredfour": "1.2.0-ioredis-07",
+        "ioredis": "5.3.2",
+        "ipaddr.js": "2.1.0",
+        "minimist": "1.2.8",
         "node-rsa": "1.1.1",
         "pem-jwk": "2.0.0",
-        "pino": "8.1.0",
-        "punycode": "^2.1.1",
+        "pino": "8.15.0",
+        "punycode": "2.3.0",
         "shortid": "2.2.16",
-        "uuid": "^8.3.2",
-        "wild-config": "1.6.1"
+        "uuid": "9.0.0",
+        "wild-config": "1.7.0"
+    },
+    "bin": {
+        "pending-dns": "bin/pending-dns.js"
+    },
+    "pkg": {
+        "assets": [
+            "licenses.txt",
+            "LICENSE.txt",
+            "help.txt"
+        ],
+        "targets": [
+            "node18-linux-x64",
+            "node18-macos-x64",
+            "node18-macos-arm64",
+            "node18-win-x64"
+        ],
+        "outputPath": "ee-dist"
     }
 }

package/server.js

@@ -7,6 +7,7 @@ const argv = process.argv.slice(2);
 const config = require('wild-config');
 const logger = require('./lib/logger').child({ component: 'server' });
 const pathlib = require('path');
+const packageData = require('./package.json');
 const { Worker, SHARE_ENV } = require('worker_threads');
 const { isemail } = require('./lib/tools');
 
@@ -15,6 +16,29 @@ if (!config.acme || !isemail(config.acme.email)) {
     process.exit(51);
 }
 
+const Bugsnag = require('@bugsnag/js');
+if (process.env.BUGSNAG_API_KEY) {
+    Bugsnag.start({
+        apiKey: process.env.BUGSNAG_API_KEY,
+        appVersion: packageData.version,
+        logger: {
+            debug(...args) {
+                logger.debug({ msg: args.shift(), worker: 'main', source: 'bugsnag', args: args.length ? args : undefined });
+            },
+            info(...args) {
+                logger.debug({ msg: args.shift(), worker: 'main', source: 'bugsnag', args: args.length ? args : undefined });
+            },
+            warn(...args) {
+                logger.warn({ msg: args.shift(), worker: 'main', source: 'bugsnag', args: args.length ? args : undefined });
+            },
+            error(...args) {
+                logger.error({ msg: args.shift(), worker: 'main', source: 'bugsnag', args: args.length ? args : undefined });
+            }
+        }
+    });
+    logger.notifyError = Bugsnag.notify.bind(Bugsnag);
+}
+
 let closing = false;
 
 let workers = new Map();
@@ -67,17 +91,30 @@ if (config.health.enabled) {
     spawnWorker('health');
 }
 
-const closeProcess = code => {
+const closeProcess = (code, errType, err) => {
     if (closing) {
         return;
     }
     closing = true;
-    setTimeout(() => {
-        process.exit(code);
-    }, 10);
+
+    if (!code) {
+        return setTimeout(() => {
+            process.exit(code);
+        }, 10);
+    }
+
+    logger.fatal({
+        msg: errType,
+        _msg: errType,
+        err
+    });
+
+    if (!logger.notifyError) {
+        setTimeout(() => process.exit(code), 10);
+    }
 };
 
-process.on('uncaughtException', () => closeProcess(1));
-process.on('unhandledRejection', () => closeProcess(2));
+process.on('uncaughtException', err => closeProcess(1, 'uncaughtException', err));
+process.on('unhandledRejection', err => closeProcess(2, 'unhandledRejection', err));
 process.on('SIGTERM', () => closeProcess(0));
 process.on('SIGINT', () => closeProcess(0));

package/workers/api.js

@@ -9,18 +9,31 @@ const config = require('wild-config');
 const workerName = 'api';
 
 let closing = false;
-const closeProcess = code => {
+const closeProcess = (code, errType, err) => {
     if (closing) {
         return;
     }
     closing = true;
-    setTimeout(() => {
-        process.exit(code);
-    }, 10);
+
+    if (!code) {
+        return setTimeout(() => {
+            process.exit(code);
+        }, 10);
+    }
+
+    logger.fatal({
+        msg: errType,
+        _msg: errType,
+        err
+    });
+
+    if (!logger.notifyError) {
+        setTimeout(() => process.exit(code), 10);
+    }
 };
 
-process.on('uncaughtException', () => closeProcess(1));
-process.on('unhandledRejection', () => closeProcess(2));
+process.on('uncaughtException', err => closeProcess(1, 'uncaughtException', err));
+process.on('unhandledRejection', err => closeProcess(2, 'unhandledRejection', err));
 process.on('SIGTERM', () => closeProcess(0));
 process.on('SIGINT', () => closeProcess(0));
 

package/workers/dns.js

@@ -9,21 +9,58 @@ const config = require('wild-config');
 const workerName = 'dns';
 
 let closing = false;
-const closeProcess = code => {
+const closeProcess = (code, errType, err) => {
     if (closing) {
         return;
     }
     closing = true;
-    setTimeout(() => {
-        process.exit(code);
-    }, 10);
+
+    if (!code) {
+        return setTimeout(() => {
+            process.exit(code);
+        }, 10);
+    }
+
+    logger.fatal({
+        msg: errType,
+        _msg: errType,
+        err
+    });
+
+    if (!logger.notifyError) {
+        setTimeout(() => process.exit(code), 10);
+    }
 };
 
-process.on('uncaughtException', () => closeProcess(1));
-process.on('unhandledRejection', () => closeProcess(2));
+process.on('uncaughtException', err => closeProcess(1, 'uncaughtException', err));
+process.on('unhandledRejection', err => closeProcess(2, 'unhandledRejection', err));
 process.on('SIGTERM', () => closeProcess(0));
 process.on('SIGINT', () => closeProcess(0));
 
+const packageData = require('../package.json');
+const Bugsnag = require('@bugsnag/js');
+if (process.env.BUGSNAG_API_KEY) {
+    Bugsnag.start({
+        apiKey: process.env.BUGSNAG_API_KEY,
+        appVersion: packageData.version,
+        logger: {
+            debug(...args) {
+                logger.debug({ msg: args.shift(), worker: workerName, source: 'bugsnag', args: args.length ? args : undefined });
+            },
+            info(...args) {
+                logger.debug({ msg: args.shift(), worker: workerName, source: 'bugsnag', args: args.length ? args : undefined });
+            },
+            warn(...args) {
+                logger.warn({ msg: args.shift(), worker: workerName, source: 'bugsnag', args: args.length ? args : undefined });
+            },
+            error(...args) {
+                logger.error({ msg: args.shift(), worker: workerName, source: 'bugsnag', args: args.length ? args : undefined });
+            }
+        }
+    });
+    logger.notifyError = Bugsnag.notify.bind(Bugsnag);
+}
+
 const run = () => {
     require(`../lib/${workerName}-server.js`)()
         .then(() => {

package/workers/health.js

@@ -9,21 +9,59 @@ const config = require('wild-config');
 const workerName = 'health';
 
 let closing = false;
-const closeProcess = code => {
+const closeProcess = (code, errType, err) => {
     if (closing) {
         return;
     }
     closing = true;
-    setTimeout(() => {
-        process.exit(code);
-    }, 10);
+
+    if (!code) {
+        return setTimeout(() => {
+            process.exit(code);
+        }, 10);
+    }
+
+    logger.fatal({
+        msg: errType,
+        _msg: errType,
+        err
+    });
+
+    if (!logger.notifyError) {
+        setTimeout(() => process.exit(code), 10);
+    }
 };
 
-process.on('uncaughtException', () => closeProcess(1));
-process.on('unhandledRejection', () => closeProcess(2));
+process.on('uncaughtException', err => closeProcess(1, 'uncaughtException', err));
+process.on('unhandledRejection', err => closeProcess(2, 'unhandledRejection', err));
 process.on('SIGTERM', () => closeProcess(0));
 process.on('SIGINT', () => closeProcess(0));
 
+const packageData = require('../package.json');
+const Bugsnag = require('@bugsnag/js');
+
+if (process.env.BUGSNAG_API_KEY) {
+    Bugsnag.start({
+        apiKey: process.env.BUGSNAG_API_KEY,
+        appVersion: packageData.version,
+        logger: {
+            debug(...args) {
+                logger.debug({ msg: args.shift(), worker: workerName, source: 'bugsnag', args: args.length ? args : undefined });
+            },
+            info(...args) {
+                logger.debug({ msg: args.shift(), worker: workerName, source: 'bugsnag', args: args.length ? args : undefined });
+            },
+            warn(...args) {
+                logger.warn({ msg: args.shift(), worker: workerName, source: 'bugsnag', args: args.length ? args : undefined });
+            },
+            error(...args) {
+                logger.error({ msg: args.shift(), worker: workerName, source: 'bugsnag', args: args.length ? args : undefined });
+            }
+        }
+    });
+    logger.notifyError = Bugsnag.notify.bind(Bugsnag);
+}
+
 const run = () => {
     require(`../lib/${workerName}-worker.js`)()
         .then(() => {

package/workers/public.js

@@ -9,21 +9,58 @@ const config = require('wild-config');
 const workerName = 'public';
 
 let closing = false;
-const closeProcess = code => {
+const closeProcess = (code, errType, err) => {
     if (closing) {
         return;
     }
     closing = true;
-    setTimeout(() => {
-        process.exit(code);
-    }, 10);
+
+    if (!code) {
+        return setTimeout(() => {
+            process.exit(code);
+        }, 10);
+    }
+
+    logger.fatal({
+        msg: errType,
+        _msg: errType,
+        err
+    });
+
+    if (!logger.notifyError) {
+        setTimeout(() => process.exit(code), 10);
+    }
 };
 
-process.on('uncaughtException', () => closeProcess(1));
-process.on('unhandledRejection', () => closeProcess(2));
+process.on('uncaughtException', err => closeProcess(1, 'uncaughtException', err));
+process.on('unhandledRejection', err => closeProcess(2, 'unhandledRejection', err));
 process.on('SIGTERM', () => closeProcess(0));
 process.on('SIGINT', () => closeProcess(0));
 
+const packageData = require('../package.json');
+const Bugsnag = require('@bugsnag/js');
+if (process.env.BUGSNAG_API_KEY) {
+    Bugsnag.start({
+        apiKey: process.env.BUGSNAG_API_KEY,
+        appVersion: packageData.version,
+        logger: {
+            debug(...args) {
+                logger.debug({ msg: args.shift(), worker: workerName, source: 'bugsnag', args: args.length ? args : undefined });
+            },
+            info(...args) {
+                logger.debug({ msg: args.shift(), worker: workerName, source: 'bugsnag', args: args.length ? args : undefined });
+            },
+            warn(...args) {
+                logger.warn({ msg: args.shift(), worker: workerName, source: 'bugsnag', args: args.length ? args : undefined });
+            },
+            error(...args) {
+                logger.error({ msg: args.shift(), worker: workerName, source: 'bugsnag', args: args.length ? args : undefined });
+            }
+        }
+    });
+    logger.notifyError = Bugsnag.notify.bind(Bugsnag);
+}
+
 const run = () => {
     require(`../lib/${workerName}-server.js`)()
         .then(() => {