fallthrough documentation and confi

dougbw · dougbw · commit f543aa60fe0e · 2026-02-22T23:41:16.000Z
diff --git a/Corefile b/Corefile
@@ -7,6 +7,7 @@
         password {$OMADA_PASSWORD}
         refresh_minutes 1
         ignore_startup_errors {$OMADA_IGNORE_STARTUP_ERRORS}
+        fallthrough ${FALLTHROUGH_ZONES}
     }
     forward . {$UPSTREAM_DNS}
 }
diff --git a/Dockerfile b/Dockerfile
@@ -43,4 +43,5 @@ COPY --from=builder /coredns/coredns /coredns
 COPY Corefile /Corefile
 EXPOSE 53 53/udp
 ENV OMADA_IGNORE_STARTUP_ERRORS=FALSE
+ENV FALLTHROUGH_ZONES="disabled"
 ENTRYPOINT ["/coredns"]
diff --git a/config.go b/config.go
@@ -21,7 +21,7 @@ type config struct {
 	resolve_dhcp_reservations bool          // resolve static 'dhcp reservations'
 	stale_record_duration     time.Duration // duration to keep serving stale records for clients no longer present in the controller)
 	ignore_startup_errors     bool          // ignore any errors during the initial zone refresh
-	fall                      *[]string     // fallthrough to the next plugin if no records found for a query
+	fallthrough_zones         *[]string     // list of fallthrough zones
 }
 
 func parse(c *caddy.Controller) (config config, err error) {
@@ -129,7 +129,7 @@ func parse(c *caddy.Controller) (config config, err error) {
 
 			case "fallthrough":
 				fallthroughZones := c.RemainingArgs()
-				config.fall = &fallthroughZones
+				config.fallthrough_zones = &fallthroughZones
 				if err != nil {
 					return config, c.ArgErr()
 				}
diff --git a/corefile-examples/fallthrough/Corefile b/corefile-examples/fallthrough/Corefile
@@ -0,0 +1,12 @@
+. {
+    health :8080
+    omada {
+        controller_url https://10.0.0.2
+        site Home
+        username coredns-omada
+        password coredns-omada
+        refresh_minutes 1
+        fallthrough
+    }
+    forward . 10.0.0.1
+}
diff --git a/docs/configuration.md b/docs/configuration.md
@@ -7,20 +7,20 @@ Example corefiles are located [here](../corefile-examples)
 
 ## Omada plugin configuration syntax
 
-| Name                      | Required | Type     | Notes                                                                                                                                                        |
-|---------------------------|----------|----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| controller_url            | ✅        | string   | address of the Omada controller. Include `https://` prefix                                                                                                   |
-| site                      | ✅        | string   | name of the site from the Omada controller (note this is a regex pattern)                                                                                    |
-| username                  | ✅        | string   | Omada controller username                                                                                                                                    |
-| password                  | ✅        | string   | Omada controller password                                                                                                                                    |
-| refresh_minutes           | ❌        | int      | How often to refresh the zones (default 1 minute)                                                                                                            |
-| refresh_login_hours       | ❌        | int      | How often to refresh the login token (default 24 hours)                                                                                                      |
-| resolve_clients           | ❌        | bool     | Whether to resolve client addresses (default true)                                                                                                                        |
-| resolve_devices           | ❌        | bool     | Whether to resolve device addresses (default true)                                                                                                              |
-| resolve_dhcp_reservations | ❌        | bool     | Whether to resolve device addresses (default true)                                                                                                                        |
+| Name                      | Required | Type     | Notes                                                                                                                                                                                         |
+| ------------------------- | -------- | -------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| controller_url            | ✅        | string   | address of the Omada controller. Include `https://` prefix                                                                                                                                    |
+| site                      | ✅        | string   | name of the site from the Omada controller (note this is a regex pattern)                                                                                                                     |
+| username                  | ✅        | string   | Omada controller username                                                                                                                                                                     |
+| password                  | ✅        | string   | Omada controller password                                                                                                                                                                     |
+| refresh_minutes           | ❌        | int      | How often to refresh the zones (default 1 minute)                                                                                                                                             |
+| refresh_login_hours       | ❌        | int      | How often to refresh the login token (default 24 hours)                                                                                                                                       |
+| resolve_clients           | ❌        | bool     | Whether to resolve client addresses (default true)                                                                                                                                            |
+| resolve_devices           | ❌        | bool     | Whether to resolve device addresses (default true)                                                                                                                                            |
+| resolve_dhcp_reservations | ❌        | bool     | Whether to resolve device addresses (default true)                                                                                                                                            |
 | stale_record_duration     | ❌        | duration | How long to keep serving stale records for clients/devices which are no longer present in the Omada controller. Specified in Go time [duration](https://pkg.go.dev/time#ParseDuration) format |
-| ignore_startup_errors | ❌        | bool     | ignore connection/configuration errors to the omada controller on startup. Set this to true if you want coredns to startup even if unable to connect to omada (default false)                                                                   |
-
+| ignore_startup_errors     | ❌        | bool     | ignore connection/configuration errors to the omada controller on startup. Set this to true if you want coredns to startup even if unable to connect to omada (default false)                 |
+| fallthrough [ZONES...]    | ❌        | []string | Whether to enable fallthrough. If fallthrough statement is present but no zone is specified then defaults to all zones, equivilent to:<br> `fallthrough .`                                                                       |
 
 ## Credentials
 
@@ -30,6 +30,14 @@ For this service you should create a new user in the `Admin` page of the control
 
 A single Omada controller can support multiple network sites. This plugin can be configured to use multiple sites via the `site` configuration property (regex). Multiple sites can be specified using the `|` separator like this `SiteA|SiteB|SiteC` or all sites can be selected by setting it to `.*`
 
+## Fallthrough behaviour
+
+The `fallthrough` option controls the behaviour for records which are not found. If fallthrough is enabled then requests for records which are not found are passed to the next plugin in the chain. If fallthrough is disabled then records which are not found are returned an `NXDOMAIN` response by the coredns_omada plugin and processing stops without being passed down the plugin chain.
+
+The use case for using fallthrough is to use other plugins to handle queries for the same zone as `coredns_omada` such as the [file](https://coredns.io/plugins/file/) plugin.
+
+Note: prior to the fallthrough option being implemented, the default behaviour enabled fallthrough.
+
 ## HTTPS Verification
 
 This will depend on your network and configuration, but due to the lack of a suitable internal DNS resolution you may need to disable HTTPS verification to the controller, as even if you have a valid certificate on your controller you need a valid DNS record pointing to your controller where coredns is running.
diff --git a/docs/getting-started.md b/docs/getting-started.md
@@ -27,9 +27,9 @@ CoreDNS plugins need to be compiled into CoreDNS, you can follow the [build](bui
 
 This guide provides three options on how to run CoreDNS:
 
-- [CoreDNS binary](#coredns-binary)
-- [Docker container](#docker)
-- [Kubernetes](#kubernetes)
+    - [CoreDNS binary](#coredns-binary)
+    - [Docker](#docker)
+    - [Kubernetes](#kubernetes)
 
 ### CoreDNS binary
 
@@ -52,8 +52,13 @@ Note: If you do not have a valid https certificate on your controller then set t
 * `OMADA_PASSWORD`
 * `UPSTREAM_DNS`
 
+The pre-built images support these optional environment variables:
+* `OMADA_IGNORE_STARTUP_ERRORS` = `true` | `false`
+* `FALLTHROUGH_ZONES` - defaults to a fake zone `disabled` to disable it. Set to `.` to enable fallthrough for all zones.
+
 Note: If you do not have a valid https certificate on your controller then set the `OMADA_DISABLE_HTTPS_VERIFICATION` environment variable to true
 
+
 Example docker run command:
 ```
 docker run \
diff --git a/omada.go b/omada.go
@@ -49,7 +49,7 @@ func (o *Omada) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg)
 	qtype := state.QType()
 	log.Debugf("query; type: %d, name: %s\n", qtype, qname)
 
-	// this plugin can only handle 'A' and 'PTR' queries
+	// this plugin can only handle 'A', 'PTR' and 'SOA' queries
 	var qzone string
 	switch qtype {
 	case 1: // A
@@ -92,19 +92,19 @@ func (o *Omada) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg)
 	case file.Success:
 	case file.NoData:
 	case file.NameError:
+		log.Debugf("--  RcodeNameError")
 		m.Rcode = dns.RcodeNameError
 	case file.Delegation:
 		m.Authoritative = false
 	case file.ServerFailure:
-		log.Debugf("RcodeServerFailure")
+		log.Debugf("--  RcodeServerFailure")
 		return dns.RcodeServerFailure, nil
 	}
 	err := w.WriteMsg(m)
 	if err != nil {
-		log.Debugf("-- error writing message: %v\n", err)
+		log.Debugf("--  error writing message: %v\n", err)
 		return dns.RcodeServerFailure, err
 	}
-	log.Debugf("-- message written successfully\n")
 	return dns.RcodeSuccess, nil
 }
 
diff --git a/setup.go b/setup.go
@@ -35,8 +35,8 @@ func setup(c *caddy.Controller) error {
 	var fall fall.F
 
 	// check if fallthrough pointer is nil
-	if o.config.fall != nil {
-		fall.SetZonesFromArgs(*o.config.fall)
+	if o.config.fallthrough_zones != nil {
+		fall.SetZonesFromArgs(*o.config.fallthrough_zones)
 		o.Fall = fall
 	}
 
@@ -77,10 +77,10 @@ func (o *Omada) login() error {
 func (o *Omada) controllerInit(ctx context.Context) error {
 
 	log.Info("starting initial omada setup...")
-	if o.config.fall == nil {
+	if o.config.fallthrough_zones == nil {
 		log.Debug("fallthrough disabled")
 	} else {
-		log.Debug("fallthrough zones are enabled: ", o.Fall.Zones)
+		log.Debug("fallthrough zones: ", o.Fall.Zones)
 	}
 
 	const retrySeconds = 15

Original file line number	Diff line number	Diff line change
`@@ -7,6 +7,7 @@`
`7`	`7`	`password {$OMADA_PASSWORD}`
`8`	`8`	`refresh_minutes 1`
`9`	`9`	`ignore_startup_errors {$OMADA_IGNORE_STARTUP_ERRORS}`
	`10`	`+ fallthrough ${FALLTHROUGH_ZONES}`
`10`	`11`	`}`
`11`	`12`	`forward . {$UPSTREAM_DNS}`
`12`	`13`	`}`