fix: suppress pip root warnings and prioritize DoH resolution over system DNS to bypass sinkholing
Browse files- Dockerfile +2 -1
- dns-fix.js +11 -21
Dockerfile
CHANGED
|
@@ -5,7 +5,8 @@ ARG N8N_VERSION=latest
|
|
| 5 |
ENV DEBIAN_FRONTEND=noninteractive \
|
| 6 |
N8N_PORT=5678 \
|
| 7 |
HF_HUB_DISABLE_PROGRESS_BARS=1 \
|
| 8 |
-
PYTHONUNBUFFERED=1
|
|
|
|
| 9 |
|
| 10 |
RUN apt-get update && apt-get install -y -q --no-install-recommends \
|
| 11 |
ca-certificates \
|
|
|
|
| 5 |
ENV DEBIAN_FRONTEND=noninteractive \
|
| 6 |
N8N_PORT=5678 \
|
| 7 |
HF_HUB_DISABLE_PROGRESS_BARS=1 \
|
| 8 |
+
PYTHONUNBUFFERED=1 \
|
| 9 |
+
PIP_ROOT_USER_ACTION=ignore
|
| 10 |
|
| 11 |
RUN apt-get update && apt-get install -y -q --no-install-recommends \
|
| 12 |
ca-certificates \
|
dns-fix.js
CHANGED
|
@@ -2,8 +2,8 @@
|
|
| 2 |
* DNS fix preload script for HF Spaces.
|
| 3 |
*
|
| 4 |
* Patches Node.js dns.lookup to:
|
| 5 |
-
* 1. Try
|
| 6 |
-
* 2. Fall back to DNS
|
| 7 |
* (This is needed because HF Spaces intercepts/blocks some domains like
|
| 8 |
* WhatsApp web or Telegram API via standard UDP DNS).
|
| 9 |
*
|
|
@@ -83,26 +83,16 @@ dns.lookup = function patchedLookup(hostname, options, callback) {
|
|
| 83 |
return origLookup.call(dns, hostname, options, callback);
|
| 84 |
}
|
| 85 |
|
| 86 |
-
// 1) Try
|
| 87 |
-
|
| 88 |
-
if (!
|
| 89 |
-
|
|
|
|
|
|
|
|
|
|
| 90 |
}
|
| 91 |
|
| 92 |
-
// 2)
|
| 93 |
-
|
| 94 |
-
dohResolve(hostname, (dohErr, ip) => {
|
| 95 |
-
if (dohErr || !ip) {
|
| 96 |
-
return callback(err); // Return original error
|
| 97 |
-
}
|
| 98 |
-
if (options.all) {
|
| 99 |
-
return callback(null, [{ address: ip, family: 4 }]);
|
| 100 |
-
}
|
| 101 |
-
callback(null, ip, 4);
|
| 102 |
-
});
|
| 103 |
-
} else {
|
| 104 |
-
// Other DNS errors — pass through
|
| 105 |
-
callback(err, address, family);
|
| 106 |
-
}
|
| 107 |
});
|
| 108 |
};
|
|
|
|
| 2 |
* DNS fix preload script for HF Spaces.
|
| 3 |
*
|
| 4 |
* Patches Node.js dns.lookup to:
|
| 5 |
+
* 1. Try DNS-over-HTTPS (Cloudflare) first to bypass DNS sinkholing
|
| 6 |
+
* 2. Fall back to system DNS if DoH fails
|
| 7 |
* (This is needed because HF Spaces intercepts/blocks some domains like
|
| 8 |
* WhatsApp web or Telegram API via standard UDP DNS).
|
| 9 |
*
|
|
|
|
| 83 |
return origLookup.call(dns, hostname, options, callback);
|
| 84 |
}
|
| 85 |
|
| 86 |
+
// 1) Try DoH first to bypass HF DNS sinkholing (which returns fake IPs instead of ENOTFOUND)
|
| 87 |
+
dohResolve(hostname, (dohErr, ip) => {
|
| 88 |
+
if (!dohErr && ip) {
|
| 89 |
+
if (options.all) {
|
| 90 |
+
return callback(null, [{ address: ip, family: 4 }]);
|
| 91 |
+
}
|
| 92 |
+
return callback(null, ip, 4);
|
| 93 |
}
|
| 94 |
|
| 95 |
+
// 2) Fall back to system DNS if DoH fails
|
| 96 |
+
origLookup.call(dns, hostname, options, callback);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 97 |
});
|
| 98 |
};
|