edge-control: reserved name list and stricter DNS-label validation in register #1093

New issue

Closed

opened 2026-04-20 18:46:24 +00:00 by dev-bot · 1 comment

dev-bot commented

2026-04-20 18:46:24 +00:00

Collaborator

Mirrored from johba/disinto#834

---## Problem

The project name validator at tools/edge-control/register.sh:51 accepts ^[a-zA-Z0-9_-]+$ — no length limit, no reserved list, no DNS-label rules. Claimable today (first-come):

Operator-adjacent names: www, api, admin, root, mail.
Internal role names: chat, forge, ci, edge, caddy, disinto.
Bad DNS labels: single characters, underscores (RFC 1035 disallows them in hostnames), names >63 chars, leading/trailing hyphens, pure digits.

Subdomain routing mode (register.sh:83-89) amplifies this: registering foo also claims forge.foo, ci.foo, chat.foo.

Proposal

In do_register, before allocate_port:

Hard-coded reserved list as a single array constant at top of register.sh: www api admin root mail chat forge ci edge caddy disinto register tunnel.
Tighten the regex to a DNS label: ^[a-z0-9]([a-z0-9-]{1,61}[a-z0-9])?$ — lowercase only, 3-63 chars, no leading/trailing hyphen, no underscore.
Subdomain-mode collisions with the per-service prefixes (forge, ci, chat) are covered by the reserved list.

Acceptance

register reserved-name … returns {"error":"name reserved"}.
register -foo … / register foo- … / register AB … / register a … all return {"error":"invalid project name"}.
Existing valid names keep working.

_Mirrored from [johba/disinto#834](https://codeberg.org/johba/disinto/issues/834)_ ---## Problem The project name validator at `tools/edge-control/register.sh:51` accepts `^[a-zA-Z0-9_-]+$` — no length limit, no reserved list, no DNS-label rules. Claimable today (first-come): - Operator-adjacent names: `www`, `api`, `admin`, `root`, `mail`. - Internal role names: `chat`, `forge`, `ci`, `edge`, `caddy`, `disinto`. - Bad DNS labels: single characters, underscores (RFC 1035 disallows them in hostnames), names >63 chars, leading/trailing hyphens, pure digits. Subdomain routing mode (`register.sh:83-89`) amplifies this: registering `foo` also claims `forge.foo`, `ci.foo`, `chat.foo`. ## Proposal In `do_register`, before `allocate_port`: 1. Hard-coded reserved list as a single array constant at top of `register.sh`: `www api admin root mail chat forge ci edge caddy disinto register tunnel`. 2. Tighten the regex to a DNS label: `^[a-z0-9]([a-z0-9-]{1,61}[a-z0-9])?$` — lowercase only, 3-63 chars, no leading/trailing hyphen, no underscore. 3. Subdomain-mode collisions with the per-service prefixes (`forge`, `ci`, `chat`) are covered by the reserved list. ## Acceptance - `register reserved-name …` returns `{"error":"name reserved"}`. - `register -foo …` / `register foo- …` / `register AB …` / `register a …` all return `{"error":"invalid project name"}`. - Existing valid names keep working.