Initial commit

Generic SRV records checker for happyDomain.

For each SRV record attached to an svcs.UnknownSRV service, the checker
resolves every target and probes reachability:

  - DNS resolution (A/AAAA), CNAME detection (RFC 2782 violation),
    null-target detection (RFC 2782 "service explicitly unavailable")
  - TCP connect to target:port for _tcp SRVs
  - UDP probe for _udp SRVs, using ICMP port-unreachable detection

The checker also publishes TLS endpoints (host, port, SNI) for every
SRV target hitting a well-known direct-TLS port (443, 465, 636, 853,
993, 995, 5061, 5223, …) via the EndpointDiscoverer SDK interface, so
a downstream TLS checker can pick them up.

The HTML report groups records as cards and surfaces the most common
failure scenarios (DNS failure, CNAME target, TCP unreachable,
null-target) at the top with remediation guidance.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

.gitignore

@@ -0,0 +1,2 @@
+checker-srv
+*.so

Dockerfile

@@ -0,0 +1,14 @@
+FROM golang:1.25-alpine AS builder
+
+ARG CHECKER_VERSION=custom-build
+
+WORKDIR /src
+COPY go.mod go.sum ./
+RUN go mod download
+COPY . .
+RUN CGO_ENABLED=0 go build -ldflags "-X main.Version=${CHECKER_VERSION}" -o /checker-srv .
+
+FROM scratch
+COPY --from=builder /checker-srv /checker-srv
+EXPOSE 8080
+ENTRYPOINT ["/checker-srv"]

Makefile

@@ -0,0 +1,25 @@
+CHECKER_NAME := checker-srv
+CHECKER_IMAGE := happydomain/$(CHECKER_NAME)
+CHECKER_VERSION ?= custom-build
+
+CHECKER_SOURCES := main.go $(wildcard checker/*.go)
+
+GO_LDFLAGS := -X main.Version=$(CHECKER_VERSION)
+
+.PHONY: all plugin docker clean
+
+all: $(CHECKER_NAME)
+
+$(CHECKER_NAME): $(CHECKER_SOURCES)
+	go build -ldflags "$(GO_LDFLAGS)" -o $@ .
+
+plugin: $(CHECKER_NAME).so
+
+$(CHECKER_NAME).so: $(CHECKER_SOURCES) $(wildcard plugin/*.go)
+	go build -buildmode=plugin -ldflags "$(GO_LDFLAGS)" -o $@ ./plugin/
+
+docker:
+	docker build --build-arg CHECKER_VERSION=$(CHECKER_VERSION) -t $(CHECKER_IMAGE) .
+
+clean:
+	rm -f $(CHECKER_NAME) $(CHECKER_NAME).so

README.md

@@ -0,0 +1,154 @@
+# checker-srv
+
+Generic SRV records checker for [happyDomain](https://www.happydomain.org/).
+
+For every SRV record attached to a service, verifies:
+
+- DNS resolution of each target (A/AAAA)
+- RFC 2782 compliance: target is not `"."` (null), target is not a CNAME
+- TCP reachability on `target:port` (for `_tcp` SRVs)
+- UDP reachability on `target:port` (for `_udp` SRVs), via ICMP port-unreachable detection
+
+TLS/certificate testing is intentionally out of scope — it belongs to a dedicated TLS checker.
+
+The HTML report surfaces the most common failure scenarios at the top with actionable remediation guidance (DNS failure, CNAME-as-target, TCP unreachable, explicit null-target).
+
+## Usage
+
+### Standalone HTTP server
+
+```bash
+# Build and run
+make
+./checker-srv -listen :8080
+```
+
+The server exposes:
+
+- `GET /health` — health check
+- `GET /definition` — checker definition (options, rules, availability)
+- `POST /collect` — collect SRV observations (happyDomain external checker protocol)
+- `POST /evaluate` — evaluate observations against the rules
+- `POST /report` — render the HTML report
+
+### Docker
+
+```bash
+make docker
+docker run -p 8080:8080 happydomain/checker-srv
+```
+
+### happyDomain plugin
+
+```bash
+make plugin
+# produces checker-srv.so, loadable by happyDomain as a Go plugin
+```
+
+The plugin exposes a `NewCheckerPlugin` symbol returning the checker
+definition and observation provider, which happyDomain registers in its
+global registries at load time.
+
+### Versioning
+
+The binary, plugin, and Docker image embed a version string overridable
+at build time:
+
+```bash
+make CHECKER_VERSION=1.2.3
+make plugin CHECKER_VERSION=1.2.3
+make docker CHECKER_VERSION=1.2.3
+```
+
+### happyDomain remote endpoint
+
+Set the `endpoint` admin option for the SRV checker to the URL of the running checker-srv server (e.g., `http://checker-srv:8080`). happyDomain will delegate observation collection to this endpoint.
+
+## Protocol
+
+### POST /collect
+
+Request:
+```json
+{
+  "key": "srv_records",
+  "target": {"userId": "...", "domainId": "...", "serviceId": "..."},
+  "options": {
+    "service": {"_svctype": "svcs.UnknownSRV", "Service": {"srv": [ /* dns.SRV records */ ]}},
+    "subdomain": "_sip._tcp",
+    "domain": "example.com",
+    "tcpTimeout": 3000,
+    "udpTimeout": 2000
+  }
+}
+```
+
+Response:
+```json
+{
+  "data": {
+    "serviceDomain": "_sip._tcp.example.com",
+    "records": [
+      {
+        "service": "sip",
+        "proto": "tcp",
+        "owner": "_sip._tcp.example.com",
+        "target": "sip1.example.com",
+        "port": 5061,
+        "priority": 10,
+        "weight": 20,
+        "addresses": ["203.0.113.5"],
+        "probes": [
+          {
+            "address": "203.0.113.5:5061",
+            "proto": "tcp",
+            "connected": true,
+            "latencyMs": 12.4
+          }
+        ]
+      }
+    ]
+  }
+}
+```
+
+## Rules
+
+| Name | Description |
+|---|---|
+| `srv_records_present` | At least one SRV record is published. |
+| `srv_null_target` | Detects `"."` targets (RFC 2782 — service intentionally unavailable). |
+| `srv_target_not_cname` | Warns when an SRV target is a CNAME (RFC 2782 violation). |
+| `srv_targets_resolve` | Every target resolves to at least one A/AAAA. |
+| `srv_tcp_reachable` | Every `_tcp` SRV `target:port` accepts a TCP connection. |
+| `srv_udp_reachable` | UDP targets do not return ICMP port-unreachable. |
+| `srv_redundancy` | At least two distinct targets exist (no single point of failure). |
+
+## License & licensing roadmap
+
+This project is currently licensed under the **GNU Affero General Public
+License v3.0** (see `LICENSE`), because it still imports
+`happydns.ServiceMessage` from the happyDomain server module
+(`git.happydns.org/happyDomain/model`), which is itself distributed under
+AGPL-3.0 and a commercial license.
+
+The core checker types (`CheckerOptions`, `CheckerDefinition`,
+`ObservationProvider`, `CheckRule`, …) have already been migrated to
+[`checker-sdk-go`](https://git.happydns.org/checker-sdk-go); only the
+service-message types remain on the AGPL side.
+
+**Planned relicensing:** as soon as the remaining `ServiceMessage`
+dependency has been removed (moved into a dedicated permissively licensed
+module), this project will be relicensed under the **MIT License**, in
+line with the rest of the happyDomain checker ecosystem (see
+`checker-dummy` for the target shape).
+
+**Contributors notice:** by submitting a contribution to this repository,
+you accept that your contribution will be relicensed from AGPL-3.0 to MIT
+at the time of the relicensing described above. If you do not agree with
+this, please do not submit contributions until the relicensing has taken
+place.
+
+The third-party Apache-2.0 attributions for `checker-sdk-go` are recorded
+in `NOTICE` and must accompany any binary or source redistribution of this
+project.

checker/collect.go

@@ -0,0 +1,210 @@
+package checker
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"net"
+	"strconv"
+	"strings"
+	"time"
+
+	sdk "git.happydns.org/checker-sdk-go/checker"
+	happydns "git.happydns.org/happyDomain/model"
+)
+
+// unknownSRVPayload mirrors svcs.UnknownSRV for JSON-decoding the service body.
+// We decode SRV records by hand (instead of importing miekg/dns) so the
+// checker stays light and its build surface minimal.
+type unknownSRVPayload struct {
+	Records []struct {
+		Hdr struct {
+			Name string `json:"Name"`
+		} `json:"Hdr"`
+		Priority uint16 `json:"Priority"`
+		Weight   uint16 `json:"Weight"`
+		Port     uint16 `json:"Port"`
+		Target   string `json:"Target"`
+	} `json:"srv"`
+}
+
+func (p *srvProvider) Collect(ctx context.Context, opts sdk.CheckerOptions) (any, error) {
+	svcMsg, ok := sdk.GetOption[happydns.ServiceMessage](opts, "service")
+	if !ok {
+		return nil, fmt.Errorf("service not provided")
+	}
+	if svcMsg.Type != "svcs.UnknownSRV" {
+		return nil, fmt.Errorf("service type is %q, expected svcs.UnknownSRV", svcMsg.Type)
+	}
+
+	var payload unknownSRVPayload
+	if err := json.Unmarshal(svcMsg.Service, &payload); err != nil {
+		return nil, fmt.Errorf("failed to decode UnknownSRV: %w", err)
+	}
+	if len(payload.Records) == 0 {
+		return nil, fmt.Errorf("service contains no SRV records")
+	}
+
+	subdomain, _ := opts["subdomain"].(string)
+	domain, _ := opts["domain"].(string)
+
+	// The service "address" (e.g. _sip._tcp.example.com) — used for reporting.
+	serviceDomain := strings.TrimSuffix(subdomain, ".")
+	if domain != "" {
+		if serviceDomain != "" {
+			serviceDomain += "." + strings.TrimSuffix(domain, ".")
+		} else {
+			serviceDomain = strings.TrimSuffix(domain, ".")
+		}
+	}
+
+	tcpTimeout := durationOpt(opts, "tcpTimeout", 3000)
+	udpTimeout := durationOpt(opts, "udpTimeout", 2000)
+
+	data := &SRVData{ServiceDomain: serviceDomain}
+
+	for _, r := range payload.Records {
+		owner := strings.TrimSuffix(r.Hdr.Name, ".")
+		svc, proto := parseOwner(owner, serviceDomain)
+
+		rec := SRVRecord{
+			Service:  svc,
+			Proto:    proto,
+			Owner:    owner,
+			Target:   strings.TrimSuffix(r.Target, "."),
+			Port:     r.Port,
+			Priority: r.Priority,
+			Weight:   r.Weight,
+		}
+
+		// RFC 2782: "." target means "service decidedly not available".
+		if rec.Target == "" || rec.Target == "." {
+			rec.IsNullTarget = true
+			data.Records = append(data.Records, rec)
+			continue
+		}
+
+		// CNAME detection (RFC 2782 §"Usage rules": target MUST be a name that
+		// resolves to A/AAAA records directly, not a CNAME).
+		if cname, err := net.DefaultResolver.LookupCNAME(ctx, rec.Target); err == nil {
+			canon := strings.TrimSuffix(cname, ".")
+			if canon != "" && !strings.EqualFold(canon, rec.Target) {
+				rec.IsCNAME = true
+				rec.CNAMEChain = []string{rec.Target, canon}
+			}
+		}
+
+		ips, err := net.DefaultResolver.LookupIPAddr(ctx, rec.Target)
+		if err != nil {
+			rec.ResolveError = err.Error()
+			data.Records = append(data.Records, rec)
+			continue
+		}
+		for _, ip := range ips {
+			rec.Addresses = append(rec.Addresses, ip.IP.String())
+		}
+
+		// Probe each resolved address.
+		for _, addr := range rec.Addresses {
+			hostport := net.JoinHostPort(addr, strconv.Itoa(int(rec.Port)))
+			switch proto {
+			case "udp":
+				rec.Probes = append(rec.Probes, probeUDP(ctx, hostport, udpTimeout))
+			default: // tcp (and anything else)
+				rec.Probes = append(rec.Probes, probeTCP(ctx, hostport, tcpTimeout))
+			}
+		}
+
+		data.Records = append(data.Records, rec)
+	}
+
+	return data, nil
+}
+
+func parseOwner(owner, serviceDomain string) (svc, proto string) {
+	// Owner of form _service._proto[.domain]
+	s := strings.TrimSuffix(owner, "."+serviceDomain)
+	parts := strings.Split(s, ".")
+	if len(parts) >= 2 && strings.HasPrefix(parts[0], "_") && strings.HasPrefix(parts[1], "_") {
+		return strings.TrimPrefix(parts[0], "_"), strings.TrimPrefix(parts[1], "_")
+	}
+	return "", "tcp"
+}
+
+func durationOpt(opts sdk.CheckerOptions, key string, defMs int) time.Duration {
+	ms := defMs
+	if v, ok := opts[key]; ok {
+		switch n := v.(type) {
+		case float64:
+			ms = int(n)
+		case int:
+			ms = n
+		}
+	}
+	if ms < 100 {
+		ms = 100
+	}
+	if ms > 60000 {
+		ms = 60000
+	}
+	return time.Duration(ms) * time.Millisecond
+}
+
+func probeTCP(ctx context.Context, hostport string, timeout time.Duration) ProbeResult {
+	pr := ProbeResult{Address: hostport, Proto: "tcp"}
+	dialer := net.Dialer{Timeout: timeout}
+	start := time.Now()
+	ctx, cancel := context.WithTimeout(ctx, timeout)
+	defer cancel()
+	conn, err := dialer.DialContext(ctx, "tcp", hostport)
+	pr.LatencyMs = float64(time.Since(start).Microseconds()) / 1000.0
+	if err != nil {
+		pr.Error = err.Error()
+		return pr
+	}
+	_ = conn.Close()
+	pr.Connected = true
+	return pr
+}
+
+func probeUDP(ctx context.Context, hostport string, timeout time.Duration) ProbeResult {
+	pr := ProbeResult{Address: hostport, Proto: "udp"}
+	dialer := net.Dialer{Timeout: timeout}
+	ctx2, cancel := context.WithTimeout(ctx, timeout)
+	defer cancel()
+	conn, err := dialer.DialContext(ctx2, "udp", hostport)
+	if err != nil {
+		pr.Error = err.Error()
+		return pr
+	}
+	defer conn.Close()
+
+	// Send a single zero byte. If the host has nothing listening and returns
+	// ICMP port-unreachable, a subsequent Read will fail with "connection
+	// refused". Silent drops (firewalled) remain indistinguishable from a
+	// working service — report as "reachable (no response)".
+	_ = conn.SetDeadline(time.Now().Add(timeout))
+	if _, err := conn.Write([]byte{0}); err != nil {
+		pr.Error = err.Error()
+		return pr
+	}
+	buf := make([]byte, 1)
+	_, err = conn.Read(buf)
+	if err != nil {
+		if ne, ok := err.(net.Error); ok && ne.Timeout() {
+			// No ICMP unreachable came back: host probably accepts UDP,
+			// or packets are silently dropped. Treat as "reachable".
+			pr.Connected = true
+			pr.Error = "no UDP response (host may still be reachable)"
+			return pr
+		}
+		if strings.Contains(err.Error(), "refused") {
+			pr.Error = err.Error()
+			return pr
+		}
+		pr.Error = err.Error()
+		return pr
+	}
+	pr.Connected = true
+	return pr
+}

checker/definition.go

@@ -0,0 +1,75 @@
+package checker
+
+import (
+	"time"
+
+	sdk "git.happydns.org/checker-sdk-go/checker"
+)
+
+var Version = "built-in"
+
+func Definition() *sdk.CheckerDefinition {
+	return &sdk.CheckerDefinition{
+		ID:      "srv",
+		Name:    "SRV Records Tester",
+		Version: Version,
+		Availability: sdk.CheckerAvailability{
+			ApplyToService:  true,
+			LimitToServices: []string{"svcs.UnknownSRV"},
+		},
+		HasHTMLReport:   true,
+		ObservationKeys: []sdk.ObservationKey{ObservationKeySRV},
+		Options: sdk.CheckerOptionsDocumentation{
+			UserOpts: []sdk.CheckerOptionDocumentation{
+				{
+					Id:          "tcpTimeout",
+					Type:        "number",
+					Label:       "TCP connect timeout (ms)",
+					Default:     float64(3000),
+					Description: "Max time to wait for a TCP handshake on each target.",
+				},
+				{
+					Id:          "udpTimeout",
+					Type:        "number",
+					Label:       "UDP probe timeout (ms)",
+					Default:     float64(2000),
+					Description: "Max time to wait for a UDP response or ICMP unreachable.",
+				},
+			},
+			ServiceOpts: []sdk.CheckerOptionDocumentation{
+				{
+					Id:       "service",
+					Label:    "Service",
+					AutoFill: sdk.AutoFillService,
+					Hide:     true,
+				},
+				{
+					Id:       "subdomain",
+					Label:    "Subdomain",
+					AutoFill: sdk.AutoFillSubdomain,
+					Hide:     true,
+				},
+				{
+					Id:       "domain",
+					Label:    "Domain",
+					AutoFill: sdk.AutoFillDomainName,
+					Hide:     true,
+				},
+			},
+		},
+		Rules: []sdk.CheckRule{
+			RulePresent(),
+			RuleNullTarget(),
+			RuleTargetNotCNAME(),
+			RuleTargetsResolve(),
+			RuleTCPReachable(),
+			RuleUDPReachable(),
+			RuleRedundancy(),
+		},
+		Interval: &sdk.CheckIntervalSpec{
+			Min:     5 * time.Minute,
+			Max:     7 * 24 * time.Hour,
+			Default: 6 * time.Hour,
+		},
+	}
+}

checker/provider.go

@@ -0,0 +1,72 @@
+package checker
+
+import (
+	"fmt"
+
+	sdk "git.happydns.org/checker-sdk-go/checker"
+)
+
+func Provider() sdk.ObservationProvider {
+	return &srvProvider{}
+}
+
+type srvProvider struct{}
+
+func (p *srvProvider) Key() sdk.ObservationKey {
+	return ObservationKeySRV
+}
+
+func (p *srvProvider) Definition() *sdk.CheckerDefinition {
+	return Definition()
+}
+
+// directTLSPorts lists TCP ports where clients speak TLS immediately upon
+// connection (as opposed to STARTTLS upgrades). A dedicated TLS checker
+// consumes these endpoints to validate certificates.
+var directTLSPorts = map[uint16]bool{
+	443:  true, // HTTPS
+	465:  true, // SMTPS
+	563:  true, // NNTPS
+	636:  true, // LDAPS
+	853:  true, // DoT
+	989:  true, // FTPS data
+	990:  true, // FTPS control
+	992:  true, // Telnet/TLS
+	993:  true, // IMAPS
+	995:  true, // POP3S
+	5061: true, // SIPS
+	5223: true, // XMPP client TLS
+	5349: true, // STUN/TURN/TLS
+	6697: true, // IRCS
+	8443: true, // HTTPS alt
+}
+
+// DiscoverEndpoints is invoked by the host right after Collect. It declares
+// (host, port) pairs worth testing by other checkers — here: TLS endpoints
+// whose SRV target points at a well-known direct-TLS port.
+//
+// STARTTLS SRVs (e.g. _xmpp-server._tcp on 5269, _sips._tcp notwithstanding)
+// are intentionally not emitted yet: a dedicated "smtp-starttls" / "xmpp-starttls"
+// endpoint type will be defined when the TLS checker grows that capability.
+func (p *srvProvider) DiscoverEndpoints(data any) ([]sdk.DiscoveredEndpoint, error) {
+	d, ok := data.(*SRVData)
+	if !ok {
+		return nil, fmt.Errorf("unexpected data type %T", data)
+	}
+	var out []sdk.DiscoveredEndpoint
+	for _, r := range d.Records {
+		if r.IsNullTarget || r.Target == "" {
+			continue
+		}
+		if !directTLSPorts[r.Port] {
+			continue
+		}
+		out = append(out, sdk.DiscoveredEndpoint{
+			Type: "tls",
+			Host: r.Target,
+			Port: r.Port,
+			SNI:  r.Target,
+		})
+	}
+	return out, nil
+}

checker/report.go

@@ -0,0 +1,287 @@
+package checker
+
+import (
+	"encoding/json"
+	"fmt"
+	"html/template"
+	"strings"
+)
+
+// reportData is the view-model fed to the HTML template.
+type reportData struct {
+	ServiceDomain string
+	Records       []reportRecord
+	// Top-level alerts: the most common / most actionable failure scenarios,
+	// surfaced at the top of the report with remediation guidance.
+	Alerts []reportAlert
+	Totals reportTotals
+}
+
+type reportRecord struct {
+	Owner        string
+	Service      string
+	Proto        string
+	Target       string
+	Port         uint16
+	Priority     uint16
+	Weight       uint16
+	IsNullTarget bool
+	IsCNAME      bool
+	CNAMEChain   string
+	Addresses    []string
+	ResolveError string
+	Probes       []reportProbe
+}
+
+type reportProbe struct {
+	Address     string
+	Proto       string
+	Connected   bool
+	LatencyMs   float64
+	Error       string
+	StatusClass string
+	StatusLabel string
+}
+
+type reportAlert struct {
+	Severity string // "crit", "warn", "info"
+	Title    string
+	Body     template.HTML
+}
+
+type reportTotals struct {
+	Records   int
+	OKProbes  int
+	BadProbes int
+}
+
+var htmlTpl = template.Must(template.New("srv").Parse(`<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>SRV Records Report</title>
+<style>
+*,*::before,*::after{box-sizing:border-box}
+:root{font-family:system-ui,-apple-system,BlinkMacSystemFont,"Segoe UI",sans-serif;font-size:14px;line-height:1.5;color:#1f2937;background:#f3f4f6}
+body{margin:0;padding:1rem}
+code{font-family:ui-monospace,monospace;font-size:.9em}
+h1{margin:0 0 .4rem;font-size:1.15rem}
+h2{font-size:1rem;margin:0 0 .6rem}
+h3{font-size:.9rem;font-weight:600;margin:0 0 .4rem}
+.hd,.section{background:#fff;border-radius:10px;padding:1rem 1.25rem;margin-bottom:.75rem;box-shadow:0 1px 3px rgba(0,0,0,.08)}
+.section{border-radius:8px;padding:.85rem 1rem;margin-bottom:.6rem}
+.badge{display:inline-flex;align-items:center;padding:.2em .65em;border-radius:9999px;font-size:.78rem;font-weight:700}
+.ok{background:#d1fae5;color:#065f46}
+.warn{background:#fef3c7;color:#92400e}
+.crit{background:#fee2e2;color:#991b1b}
+.info{background:#dbeafe;color:#1e40af}
+.alert{border-left:4px solid #d1d5db;padding:.6rem .85rem;margin-bottom:.55rem;background:#fff;border-radius:6px;box-shadow:0 1px 3px rgba(0,0,0,.05)}
+.alert.crit{border-left-color:#dc2626}
+.alert.warn{border-left-color:#d97706}
+.alert.info{border-left-color:#2563eb}
+.alert .title{font-weight:600;margin-bottom:.2rem}
+.alert .body{font-size:.88rem;color:#374151}
+.alert .body code{background:#f3f4f6;padding:.05rem .3rem;border-radius:3px}
+.rec{border:1px solid #e5e7eb;border-radius:8px;padding:.7rem .85rem;margin-bottom:.55rem;background:#fff}
+.rec-hd{display:flex;flex-wrap:wrap;align-items:center;gap:.5rem;margin-bottom:.4rem}
+.rec-hd .target{font-family:ui-monospace,monospace;font-weight:600}
+.rec-hd .meta{color:#6b7280;font-size:.82rem}
+table{border-collapse:collapse;width:100%;font-size:.85rem;margin-top:.25rem}
+th,td{text-align:left;padding:.3rem .5rem;border-bottom:1px solid #f3f4f6}
+th{font-weight:600;color:#6b7280;background:#f9fafb}
+.errmsg{color:#b91c1c}
+.note{color:#6b7280;font-size:.85rem}
+.totals{display:flex;flex-wrap:wrap;gap:.5rem;margin-top:.25rem}
+.tot{background:#f3f4f6;border-radius:6px;padding:.25rem .6rem;font-size:.8rem}
+</style>
+</head>
+<body>
+
+<div class="hd">
+  <h1>SRV Records &mdash; {{if .ServiceDomain}}<code>{{.ServiceDomain}}</code>{{else}}service{{end}}</h1>
+  <div class="totals">
+    <span class="tot">{{.Totals.Records}} record(s)</span>
+    <span class="tot">{{.Totals.OKProbes}} reachable probe(s)</span>
+    {{if .Totals.BadProbes}}<span class="tot" style="background:#fee2e2;color:#991b1b">{{.Totals.BadProbes}} failed probe(s)</span>{{end}}
+  </div>
+</div>
+
+{{if .Alerts}}
+<div class="section">
+  <h2>What needs attention</h2>
+  {{range .Alerts}}
+  <div class="alert {{.Severity}}">
+    <div class="title">{{.Title}}</div>
+    <div class="body">{{.Body}}</div>
+  </div>
+  {{end}}
+</div>
+{{end}}
+
+<div class="section">
+  <h2>Records</h2>
+  {{range .Records}}
+  <div class="rec">
+    <div class="rec-hd">
+      <span class="target">{{if .IsNullTarget}}<em>(null target)</em>{{else}}{{.Target}}{{end}}:{{.Port}}</span>
+      <span class="meta">prio {{.Priority}} &middot; weight {{.Weight}}</span>
+      {{if .Service}}<span class="meta">_{{.Service}}._{{.Proto}}</span>{{end}}
+      {{if .IsNullTarget}}<span class="badge warn">null target</span>{{end}}
+      {{if .IsCNAME}}<span class="badge warn">target is CNAME</span>{{end}}
+      {{if .ResolveError}}<span class="badge crit">DNS error</span>{{end}}
+    </div>
+
+    {{if .CNAMEChain}}
+    <p class="note">CNAME chain: <code>{{.CNAMEChain}}</code> &mdash; RFC 2782 forbids a CNAME as SRV target.</p>
+    {{end}}
+
+    {{if .ResolveError}}
+    <p class="errmsg">Resolution failed: {{.ResolveError}}</p>
+    {{end}}
+
+    {{if .Addresses}}
+    <p class="note">Resolves to: {{range .Addresses}}<code>{{.}}</code> {{end}}</p>
+    {{end}}
+
+    {{if .Probes}}
+    <table>
+      <tr>
+        <th>Address</th><th>Proto</th><th>Status</th><th>Latency</th><th>Details</th>
+      </tr>
+      {{range .Probes}}
+      <tr>
+        <td><code>{{.Address}}</code></td>
+        <td>{{.Proto}}</td>
+        <td><span class="badge {{.StatusClass}}">{{.StatusLabel}}</span></td>
+        <td>{{if .LatencyMs}}{{printf "%.1f ms" .LatencyMs}}{{end}}</td>
+        <td>{{if .Error}}<span class="errmsg">{{.Error}}</span>{{end}}</td>
+      </tr>
+      {{end}}
+    </table>
+    {{end}}
+  </div>
+  {{end}}
+</div>
+
+</body>
+</html>`))
+
+func (p *srvProvider) GetHTMLReport(raw json.RawMessage) (string, error) {
+	var d SRVData
+	if err := json.Unmarshal(raw, &d); err != nil {
+		return "", fmt.Errorf("failed to unmarshal SRV report: %w", err)
+	}
+
+	rd := reportData{ServiceDomain: d.ServiceDomain}
+	rd.Totals.Records = len(d.Records)
+
+	var resolveFails, cnames, nulls []string
+	tcpDown := map[string]string{} // addr → err
+
+	for _, r := range d.Records {
+		rec := reportRecord{
+			Owner:        r.Owner,
+			Service:      r.Service,
+			Proto:        r.Proto,
+			Target:       r.Target,
+			Port:         r.Port,
+			Priority:     r.Priority,
+			Weight:       r.Weight,
+			IsNullTarget: r.IsNullTarget,
+			IsCNAME:      r.IsCNAME,
+			Addresses:    r.Addresses,
+			ResolveError: r.ResolveError,
+		}
+		if len(r.CNAMEChain) > 0 {
+			rec.CNAMEChain = strings.Join(r.CNAMEChain, " → ")
+		}
+
+		if r.IsNullTarget {
+			nulls = append(nulls, r.Owner)
+		}
+		if r.IsCNAME {
+			cnames = append(cnames, r.Target)
+		}
+		if r.ResolveError != "" {
+			resolveFails = append(resolveFails, fmt.Sprintf("%s (%s)", r.Target, r.ResolveError))
+		}
+
+		for _, pr := range r.Probes {
+			rp := reportProbe{
+				Address:   pr.Address,
+				Proto:     pr.Proto,
+				Connected: pr.Connected,
+				LatencyMs: pr.LatencyMs,
+				Error:     pr.Error,
+			}
+			switch {
+			case pr.Connected:
+				rp.StatusClass = "ok"
+				rp.StatusLabel = "reachable"
+				rd.Totals.OKProbes++
+			default:
+				rp.StatusClass = "crit"
+				rp.StatusLabel = "unreachable"
+				rd.Totals.BadProbes++
+				if pr.Proto == "tcp" {
+					tcpDown[pr.Address] = pr.Error
+				}
+			}
+			rec.Probes = append(rec.Probes, rp)
+		}
+		rd.Records = append(rd.Records, rec)
+	}
+
+	// ── Build actionable alerts for common failure scenarios ─────────────
+	if len(resolveFails) > 0 {
+		rd.Alerts = append(rd.Alerts, reportAlert{
+			Severity: "crit",
+			Title:    fmt.Sprintf("DNS resolution failed for %d SRV target(s)", len(resolveFails)),
+			Body: template.HTML(fmt.Sprintf(
+				"%s<br>Clients will not be able to reach the service. Fix: either publish A/AAAA records for the target(s), or remove the broken SRV record.",
+				strings.Join(resolveFails, "<br>"))),
+		})
+	}
+	if len(cnames) > 0 {
+		rd.Alerts = append(rd.Alerts, reportAlert{
+			Severity: "warn",
+			Title:    "SRV target is a CNAME (RFC 2782 violation)",
+			Body: template.HTML(fmt.Sprintf(
+				"Target(s): %s<br>RFC 2782 requires SRV targets to resolve directly to A/AAAA. "+
+					"Some clients will refuse to follow the CNAME. Fix: point the SRV record to a hostname with A/AAAA records, "+
+					"or replace the CNAME with an ALIAS/ANAME at the DNS provider.",
+				"<code>"+strings.Join(cnames, "</code>, <code>")+"</code>")),
+		})
+	}
+	if len(tcpDown) > 0 {
+		var items []string
+		for a, e := range tcpDown {
+			items = append(items, fmt.Sprintf("<code>%s</code>: %s", a, e))
+		}
+		rd.Alerts = append(rd.Alerts, reportAlert{
+			Severity: "crit",
+			Title:    fmt.Sprintf("%d target(s) unreachable on their advertised TCP port", len(tcpDown)),
+			Body: template.HTML(strings.Join(items, "<br>") +
+				"<br>Check: (1) the server is running and bound to the right port; " +
+				"(2) firewall/security-group allows inbound TCP to that port; " +
+				"(3) the SRV record is not pointing at an old IP."),
+		})
+	}
+	if len(nulls) > 0 && len(nulls) == len(d.Records) {
+		rd.Alerts = append(rd.Alerts, reportAlert{
+			Severity: "warn",
+			Title:    "All SRV records use the null target (\".\"): service is explicitly disabled",
+			Body: template.HTML(
+				"RFC 2782 defines a single SRV record with target <code>\".\"</code> to signal that the service is " +
+					"intentionally not available. If this is what you want, the configuration is correct. " +
+					"If you expected clients to reach this service, replace the null target with a real hostname."),
+		})
+	}
+
+	var buf strings.Builder
+	if err := htmlTpl.Execute(&buf, rd); err != nil {
+		return "", fmt.Errorf("failed to render SRV HTML report: %w", err)
+	}
+	return buf.String(), nil
+}

checker/rule.go

@@ -0,0 +1,270 @@
+package checker
+
+import (
+	"context"
+	"fmt"
+	"strings"
+
+	sdk "git.happydns.org/checker-sdk-go/checker"
+)
+
+// getData is shared by every rule to pull the observation out of the store.
+// Any error is surfaced as a StatusError CheckState with a uniform code.
+func getData(ctx context.Context, obs sdk.ObservationGetter) (*SRVData, *sdk.CheckState) {
+	var d SRVData
+	if err := obs.Get(ctx, ObservationKeySRV, &d); err != nil {
+		return nil, &sdk.CheckState{
+			Status:  sdk.StatusError,
+			Message: fmt.Sprintf("Failed to load SRV observation: %v", err),
+			Code:    "srv_obs_error",
+		}
+	}
+	return &d, nil
+}
+
+// ── Rule: SRV records are present ─────────────────────────────────────────────
+
+type rulePresent struct{}
+
+func RulePresent() sdk.CheckRule { return &rulePresent{} }
+func (rulePresent) Name() string { return "srv_records_present" }
+func (rulePresent) Description() string {
+	return "At least one SRV record is published for this service."
+}
+func (rulePresent) Evaluate(ctx context.Context, obs sdk.ObservationGetter, _ sdk.CheckerOptions) sdk.CheckState {
+	d, cs := getData(ctx, obs)
+	if cs != nil {
+		return *cs
+	}
+	if len(d.Records) == 0 {
+		return sdk.CheckState{Status: sdk.StatusCrit, Code: "srv_missing",
+			Message: "No SRV records published."}
+	}
+	return sdk.CheckState{Status: sdk.StatusOK, Code: "srv_present",
+		Message: fmt.Sprintf("%d SRV record(s) published.", len(d.Records))}
+}
+
+// ── Rule: Null target ("." means service explicitly unavailable) ──────────────
+
+type ruleNullTarget struct{}
+
+func RuleNullTarget() sdk.CheckRule { return &ruleNullTarget{} }
+func (ruleNullTarget) Name() string { return "srv_null_target" }
+func (ruleNullTarget) Description() string {
+	return "Detects SRV records with target \".\", which signals the service is intentionally not available."
+}
+func (ruleNullTarget) Evaluate(ctx context.Context, obs sdk.ObservationGetter, _ sdk.CheckerOptions) sdk.CheckState {
+	d, cs := getData(ctx, obs)
+	if cs != nil {
+		return *cs
+	}
+	var nulls []string
+	for _, r := range d.Records {
+		if r.IsNullTarget {
+			nulls = append(nulls, r.Owner)
+		}
+	}
+	if len(nulls) == 0 {
+		return sdk.CheckState{Status: sdk.StatusOK, Code: "srv_no_null",
+			Message: "No null-target SRV records."}
+	}
+	if len(nulls) == len(d.Records) {
+		return sdk.CheckState{Status: sdk.StatusWarn, Code: "srv_all_null",
+			Message: fmt.Sprintf("All %d SRV records use null target (\".\"): service explicitly disabled.", len(nulls))}
+	}
+	return sdk.CheckState{Status: sdk.StatusInfo, Code: "srv_some_null",
+		Message: fmt.Sprintf("%d record(s) have null target: %s", len(nulls), strings.Join(nulls, ", "))}
+}
+
+// ── Rule: SRV target must not be a CNAME (RFC 2782) ───────────────────────────
+
+type ruleTargetNotCNAME struct{}
+
+func RuleTargetNotCNAME() sdk.CheckRule { return &ruleTargetNotCNAME{} }
+func (ruleTargetNotCNAME) Name() string { return "srv_target_not_cname" }
+func (ruleTargetNotCNAME) Description() string {
+	return "RFC 2782: SRV targets must resolve directly to A/AAAA, not through a CNAME."
+}
+func (ruleTargetNotCNAME) Evaluate(ctx context.Context, obs sdk.ObservationGetter, _ sdk.CheckerOptions) sdk.CheckState {
+	d, cs := getData(ctx, obs)
+	if cs != nil {
+		return *cs
+	}
+	var bad []string
+	for _, r := range d.Records {
+		if r.IsNullTarget {
+			continue
+		}
+		if r.IsCNAME {
+			bad = append(bad, r.Target)
+		}
+	}
+	if len(bad) == 0 {
+		return sdk.CheckState{Status: sdk.StatusOK, Code: "srv_targets_not_cname",
+			Message: "All SRV targets resolve directly (no CNAME)."}
+	}
+	return sdk.CheckState{Status: sdk.StatusWarn, Code: "srv_targets_are_cname",
+		Message: fmt.Sprintf("RFC 2782 violation — SRV target(s) are CNAMEs: %s", strings.Join(bad, ", "))}
+}
+
+// ── Rule: targets resolve to at least one IP ──────────────────────────────────
+
+type ruleTargetsResolve struct{}
+
+func RuleTargetsResolve() sdk.CheckRule { return &ruleTargetsResolve{} }
+func (ruleTargetsResolve) Name() string { return "srv_targets_resolve" }
+func (ruleTargetsResolve) Description() string {
+	return "Every SRV target resolves to at least one A/AAAA address."
+}
+func (ruleTargetsResolve) Evaluate(ctx context.Context, obs sdk.ObservationGetter, _ sdk.CheckerOptions) sdk.CheckState {
+	d, cs := getData(ctx, obs)
+	if cs != nil {
+		return *cs
+	}
+	var failed []string
+	var checked int
+	for _, r := range d.Records {
+		if r.IsNullTarget {
+			continue
+		}
+		checked++
+		if len(r.Addresses) == 0 {
+			failed = append(failed, fmt.Sprintf("%s (%s)", r.Target, r.ResolveError))
+		}
+	}
+	if checked == 0 {
+		return sdk.CheckState{Status: sdk.StatusInfo, Code: "srv_no_targets",
+			Message: "No resolvable targets to test."}
+	}
+	if len(failed) == 0 {
+		return sdk.CheckState{Status: sdk.StatusOK, Code: "srv_all_resolve",
+			Message: fmt.Sprintf("All %d target(s) resolve.", checked)}
+	}
+	return sdk.CheckState{Status: sdk.StatusCrit, Code: "srv_resolve_fail",
+		Message: fmt.Sprintf("Target(s) failed DNS resolution: %s", strings.Join(failed, "; "))}
+}
+
+// ── Rule: TCP reachable ───────────────────────────────────────────────────────
+
+type ruleTCPReachable struct{}
+
+func RuleTCPReachable() sdk.CheckRule { return &ruleTCPReachable{} }
+func (ruleTCPReachable) Name() string { return "srv_tcp_reachable" }
+func (ruleTCPReachable) Description() string {
+	return "Every TCP SRV target:port accepts a TCP connection."
+}
+func (ruleTCPReachable) Evaluate(ctx context.Context, obs sdk.ObservationGetter, _ sdk.CheckerOptions) sdk.CheckState {
+	d, cs := getData(ctx, obs)
+	if cs != nil {
+		return *cs
+	}
+	var total, ok int
+	var failed []string
+	for _, r := range d.Records {
+		if r.IsNullTarget || r.Proto != "tcp" {
+			continue
+		}
+		for _, pr := range r.Probes {
+			if pr.Proto != "tcp" {
+				continue
+			}
+			total++
+			if pr.Connected {
+				ok++
+			} else {
+				failed = append(failed, fmt.Sprintf("%s: %s", pr.Address, pr.Error))
+			}
+		}
+	}
+	if total == 0 {
+		return sdk.CheckState{Status: sdk.StatusInfo, Code: "srv_tcp_na",
+			Message: "No TCP targets to test."}
+	}
+	if ok == total {
+		return sdk.CheckState{Status: sdk.StatusOK, Code: "srv_tcp_ok",
+			Message: fmt.Sprintf("All %d TCP target(s) reachable.", total)}
+	}
+	if ok == 0 {
+		return sdk.CheckState{Status: sdk.StatusCrit, Code: "srv_tcp_all_down",
+			Message: fmt.Sprintf("All %d TCP target(s) unreachable: %s", total, strings.Join(failed, "; "))}
+	}
+	return sdk.CheckState{Status: sdk.StatusWarn, Code: "srv_tcp_partial",
+		Message: fmt.Sprintf("%d/%d TCP target(s) unreachable: %s", total-ok, total, strings.Join(failed, "; "))}
+}
+
+// ── Rule: UDP reachable (best-effort) ─────────────────────────────────────────
+
+type ruleUDPReachable struct{}
+
+func RuleUDPReachable() sdk.CheckRule { return &ruleUDPReachable{} }
+func (ruleUDPReachable) Name() string { return "srv_udp_reachable" }
+func (ruleUDPReachable) Description() string {
+	return "UDP SRV targets do not return ICMP port-unreachable."
+}
+func (ruleUDPReachable) Evaluate(ctx context.Context, obs sdk.ObservationGetter, _ sdk.CheckerOptions) sdk.CheckState {
+	d, cs := getData(ctx, obs)
+	if cs != nil {
+		return *cs
+	}
+	var total, ok int
+	var failed []string
+	for _, r := range d.Records {
+		if r.IsNullTarget || r.Proto != "udp" {
+			continue
+		}
+		for _, pr := range r.Probes {
+			if pr.Proto != "udp" {
+				continue
+			}
+			total++
+			if pr.Connected {
+				ok++
+			} else {
+				failed = append(failed, fmt.Sprintf("%s: %s", pr.Address, pr.Error))
+			}
+		}
+	}
+	if total == 0 {
+		return sdk.CheckState{Status: sdk.StatusInfo, Code: "srv_udp_na",
+			Message: "No UDP targets to test."}
+	}
+	if ok == total {
+		return sdk.CheckState{Status: sdk.StatusOK, Code: "srv_udp_ok",
+			Message: fmt.Sprintf("All %d UDP target(s) reachable.", total)}
+	}
+	return sdk.CheckState{Status: sdk.StatusWarn, Code: "srv_udp_issue",
+		Message: fmt.Sprintf("%d/%d UDP target(s) reported port unreachable: %s", total-ok, total, strings.Join(failed, "; "))}
+}
+
+// ── Rule: redundancy (more than one usable target) ────────────────────────────
+
+type ruleRedundancy struct{}
+
+func RuleRedundancy() sdk.CheckRule { return &ruleRedundancy{} }
+func (ruleRedundancy) Name() string { return "srv_redundancy" }
+func (ruleRedundancy) Description() string {
+	return "At least two distinct SRV targets exist (avoids single point of failure)."
+}
+func (ruleRedundancy) Evaluate(ctx context.Context, obs sdk.ObservationGetter, _ sdk.CheckerOptions) sdk.CheckState {
+	d, cs := getData(ctx, obs)
+	if cs != nil {
+		return *cs
+	}
+	targets := map[string]bool{}
+	for _, r := range d.Records {
+		if r.IsNullTarget {
+			continue
+		}
+		targets[r.Target] = true
+	}
+	if len(targets) >= 2 {
+		return sdk.CheckState{Status: sdk.StatusOK, Code: "srv_redundant",
+			Message: fmt.Sprintf("%d distinct targets.", len(targets))}
+	}
+	if len(targets) == 1 {
+		return sdk.CheckState{Status: sdk.StatusInfo, Code: "srv_single_target",
+			Message: "Single SRV target: no redundancy at DNS level."}
+	}
+	return sdk.CheckState{Status: sdk.StatusInfo, Code: "srv_no_targets_redundancy",
+		Message: "No usable SRV targets."}
+}

checker/types.go

@@ -0,0 +1,54 @@
+// Package checker implements the generic SRV records checker for happyDomain.
+//
+// For each SRV record attached to the target service it performs:
+//
+//   - DNS resolution of every SRV target (A/AAAA, CNAME detection)
+//   - TCP connectivity test on target:port (_tcp SRVs)
+//   - UDP probe on target:port (_udp SRVs)
+//
+// TLS/certificate testing is intentionally out of scope: it is handled by a
+// dedicated TLS checker.
+//
+// Checks are performed natively using the Go standard library (no external
+// testsuite).
+package checker
+
+import (
+	sdk "git.happydns.org/checker-sdk-go/checker"
+)
+
+const ObservationKeySRV sdk.ObservationKey = "srv_records"
+
+type SRVRecord struct {
+	Service  string `json:"service"`
+	Proto    string `json:"proto"`
+	Owner    string `json:"owner"`
+	Target   string `json:"target"`
+	Port     uint16 `json:"port"`
+	Priority uint16 `json:"priority"`
+	Weight   uint16 `json:"weight"`
+
+	// DNS resolution results
+	IsNullTarget bool     `json:"isNullTarget,omitempty"` // target == "." means "no service"
+	IsCNAME      bool     `json:"isCNAME,omitempty"`      // RFC 2782: MUST NOT be CNAME
+	CNAMEChain   []string `json:"cnameChain,omitempty"`
+	Addresses    []string `json:"addresses,omitempty"`
+	ResolveError string   `json:"resolveError,omitempty"`
+
+	// Reachability checks per address
+	Probes []ProbeResult `json:"probes,omitempty"`
+}
+
+type ProbeResult struct {
+	Address   string  `json:"address"`
+	Proto     string  `json:"proto"` // "tcp" or "udp"
+	Connected bool    `json:"connected"`
+	LatencyMs float64 `json:"latencyMs,omitempty"`
+	Error     string  `json:"error,omitempty"`
+}
+
+type SRVData struct {
+	ServiceDomain string      `json:"serviceDomain"` // e.g. _sip._tcp.example.com
+	Records       []SRVRecord `json:"records"`
+	CollectError  string      `json:"collectError,omitempty"`
+}

go.mod

@@ -0,0 +1,45 @@
+module git.happydns.org/checker-srv
+
+go 1.25.0
+
+require (
+	git.happydns.org/checker-sdk-go v0.0.1
+	git.happydns.org/happyDomain v0.7.0
+)
+
+require (
+	github.com/bytedance/gopkg v0.1.3 // indirect
+	github.com/bytedance/sonic v1.15.0 // indirect
+	github.com/bytedance/sonic/loader v0.5.0 // indirect
+	github.com/cloudwego/base64x v0.1.6 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.13 // indirect
+	github.com/gin-contrib/sse v1.1.0 // indirect
+	github.com/gin-gonic/gin v1.12.0 // indirect
+	github.com/go-playground/locales v0.14.1 // indirect
+	github.com/go-playground/universal-translator v0.18.1 // indirect
+	github.com/go-playground/validator/v10 v10.30.1 // indirect
+	github.com/goccy/go-json v0.10.5 // indirect
+	github.com/goccy/go-yaml v1.19.2 // indirect
+	github.com/json-iterator/go v1.1.13-0.20220915233716-71ac16282d12 // indirect
+	github.com/klauspost/cpuid/v2 v2.3.0 // indirect
+	github.com/leodido/go-urn v1.4.0 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/miekg/dns v1.1.72 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/pelletier/go-toml/v2 v2.2.4 // indirect
+	github.com/quic-go/qpack v0.6.0 // indirect
+	github.com/quic-go/quic-go v0.59.0 // indirect
+	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
+	github.com/ugorji/go/codec v1.3.1 // indirect
+	go.mongodb.org/mongo-driver/v2 v2.5.0 // indirect
+	golang.org/x/arch v0.24.0 // indirect
+	golang.org/x/crypto v0.49.0 // indirect
+	golang.org/x/mod v0.33.0 // indirect
+	golang.org/x/net v0.51.0 // indirect
+	golang.org/x/sync v0.20.0 // indirect
+	golang.org/x/sys v0.42.0 // indirect
+	golang.org/x/text v0.35.0 // indirect
+	golang.org/x/tools v0.42.0 // indirect
+	google.golang.org/protobuf v1.36.11 // indirect
+)

go.sum

@@ -0,0 +1,102 @@
+git.happydns.org/checker-sdk-go v0.0.1 h1:4RxCJr73HWKxjOyU/6NJMO8lXJmH0gMLA68EzTqLbQI=
+git.happydns.org/checker-sdk-go v0.0.1/go.mod h1:aNAcfYFfbhvH9kJhE0Njp5GX0dQbxdRB0rJ0KvSC5nI=
+git.happydns.org/happyDomain v0.7.0 h1:NV82/NbcSeRm0+IUZqaK3Vu9Ovl5+vv4AigUJZMdwws=
+git.happydns.org/happyDomain v0.7.0/go.mod h1:5tgkmqFE65kK359rY49V++49wgZ0gco+Gh9X6tbL+bY=
+github.com/bytedance/gopkg v0.1.3 h1:TPBSwH8RsouGCBcMBktLt1AymVo2TVsBVCY4b6TnZ/M=
+github.com/bytedance/gopkg v0.1.3/go.mod h1:576VvJ+eJgyCzdjS+c4+77QF3p7ubbtiKARP3TxducM=
+github.com/bytedance/sonic v1.15.0 h1:/PXeWFaR5ElNcVE84U0dOHjiMHQOwNIx3K4ymzh/uSE=
+github.com/bytedance/sonic v1.15.0/go.mod h1:tFkWrPz0/CUCLEF4ri4UkHekCIcdnkqXw9VduqpJh0k=
+github.com/bytedance/sonic/loader v0.5.0 h1:gXH3KVnatgY7loH5/TkeVyXPfESoqSBSBEiDd5VjlgE=
+github.com/bytedance/sonic/loader v0.5.0/go.mod h1:AR4NYCk5DdzZizZ5djGqQ92eEhCCcdf5x77udYiSJRo=
+github.com/cloudwego/base64x v0.1.6 h1:t11wG9AECkCDk5fMSoxmufanudBtJ+/HemLstXDLI2M=
+github.com/cloudwego/base64x v0.1.6/go.mod h1:OFcloc187FXDaYHvrNIjxSe8ncn0OOM8gEHfghB2IPU=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
+github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/gabriel-vasile/mimetype v1.4.13 h1:46nXokslUBsAJE/wMsp5gtO500a4F3Nkz9Ufpk2AcUM=
+github.com/gabriel-vasile/mimetype v1.4.13/go.mod h1:d+9Oxyo1wTzWdyVUPMmXFvp4F9tea18J8ufA774AB3s=
+github.com/gin-contrib/sse v1.1.0 h1:n0w2GMuUpWDVp7qSpvze6fAu9iRxJY4Hmj6AmBOU05w=
+github.com/gin-contrib/sse v1.1.0/go.mod h1:hxRZ5gVpWMT7Z0B0gSNYqqsSCNIJMjzvm6fqCz9vjwM=
+github.com/gin-gonic/gin v1.12.0 h1:b3YAbrZtnf8N//yjKeU2+MQsh2mY5htkZidOM7O0wG8=
+github.com/gin-gonic/gin v1.12.0/go.mod h1:VxccKfsSllpKshkBWgVgRniFFAzFb9csfngsqANjnLc=
+github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
+github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
+github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
+github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
+github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
+github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
+github.com/go-playground/validator/v10 v10.30.1 h1:f3zDSN/zOma+w6+1Wswgd9fLkdwy06ntQJp0BBvFG0w=
+github.com/go-playground/validator/v10 v10.30.1/go.mod h1:oSuBIQzuJxL//3MelwSLD5hc2Tu889bF0Idm9Dg26cM=
+github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4=
+github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
+github.com/goccy/go-yaml v1.19.2 h1:PmFC1S6h8ljIz6gMRBopkjP1TVT7xuwrButHID66PoM=
+github.com/goccy/go-yaml v1.19.2/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA=
+github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
+github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
+github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/json-iterator/go v1.1.13-0.20220915233716-71ac16282d12 h1:9Nu54bhS/H/Kgo2/7xNSUuC5G28VR8ljfrLKU2G4IjU=
+github.com/json-iterator/go v1.1.13-0.20220915233716-71ac16282d12/go.mod h1:TBzl5BIHNXfS9+C35ZyJaklL7mLDbgUkcgXzSLa8Tk0=
+github.com/klauspost/cpuid/v2 v2.3.0 h1:S4CRMLnYUhGeDFDqkGriYKdfoFlDnMtqTiI/sFzhA9Y=
+github.com/klauspost/cpuid/v2 v2.3.0/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0=
+github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
+github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
+github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
+github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/miekg/dns v1.1.72 h1:vhmr+TF2A3tuoGNkLDFK9zi36F2LS+hKTRW0Uf8kbzI=
+github.com/miekg/dns v1.1.72/go.mod h1:+EuEPhdHOsfk6Wk5TT2CzssZdqkmFhf8r+aVyDEToIs=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
+github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
+github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
+github.com/pelletier/go-toml/v2 v2.2.4 h1:mye9XuhQ6gvn5h28+VilKrrPoQVanw5PMw/TB0t5Ec4=
+github.com/pelletier/go-toml/v2 v2.2.4/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
+github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/quic-go/qpack v0.6.0 h1:g7W+BMYynC1LbYLSqRt8PBg5Tgwxn214ZZR34VIOjz8=
+github.com/quic-go/qpack v0.6.0/go.mod h1:lUpLKChi8njB4ty2bFLX2x4gzDqXwUpaO1DP9qMDZII=
+github.com/quic-go/quic-go v0.59.0 h1:OLJkp1Mlm/aS7dpKgTc6cnpynnD2Xg7C1pwL6vy/SAw=
+github.com/quic-go/quic-go v0.59.0/go.mod h1:upnsH4Ju1YkqpLXC305eW3yDZ4NfnNbmQRCMWS58IKU=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
+github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
+github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI=
+github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
+github.com/ugorji/go/codec v1.3.1 h1:waO7eEiFDwidsBN6agj1vJQ4AG7lh2yqXyOXqhgQuyY=
+github.com/ugorji/go/codec v1.3.1/go.mod h1:pRBVtBSKl77K30Bv8R2P+cLSGaTtex6fsA2Wjqmfxj4=
+go.mongodb.org/mongo-driver/v2 v2.5.0 h1:yXUhImUjjAInNcpTcAlPHiT7bIXhshCTL3jVBkF3xaE=
+go.mongodb.org/mongo-driver/v2 v2.5.0/go.mod h1:yOI9kBsufol30iFsl1slpdq1I0eHPzybRWdyYUs8K/0=
+go.uber.org/mock v0.6.0 h1:hyF9dfmbgIX5EfOdasqLsWD6xqpNZlXblLB/Dbnwv3Y=
+go.uber.org/mock v0.6.0/go.mod h1:KiVJ4BqZJaMj4svdfmHM0AUx4NJYO8ZNpPnZn1Z+BBU=
+golang.org/x/arch v0.24.0 h1:qlJ3M9upxvFfwRM51tTg3Yl+8CP9vCC1E7vlFpgv99Y=
+golang.org/x/arch v0.24.0/go.mod h1:dNHoOeKiyja7GTvF9NJS1l3Z2yntpQNzgrjh1cU103A=
+golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4=
+golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA=
+golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8=
+golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w=
+golang.org/x/net v0.51.0 h1:94R/GTO7mt3/4wIKpcR5gkGmRLOuE/2hNGeWq/GBIFo=
+golang.org/x/net v0.51.0/go.mod h1:aamm+2QF5ogm02fjy5Bb7CQ0WMt1/WVM7FtyaTLlA9Y=
+golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4=
+golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo=
+golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
+golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8=
+golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA=
+golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k=
+golang.org/x/tools v0.42.0/go.mod h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0=
+google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
+google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

main.go

@@ -0,0 +1,24 @@
+// Command checker-srv is the standalone binary for the SRV checker.
+package main
+
+import (
+	"flag"
+	"log"
+
+	sdk "git.happydns.org/checker-sdk-go/checker"
+	srv "git.happydns.org/checker-srv/checker"
+)
+
+var Version = "custom-build"
+
+var listenAddr = flag.String("listen", ":8080", "HTTP listen address")
+
+func main() {
+	flag.Parse()
+	srv.Version = Version
+
+	server := sdk.NewServer(srv.Provider())
+	if err := server.ListenAndServe(*listenAddr); err != nil {
+		log.Fatalf("server error: %v", err)
+	}
+}

plugin/plugin.go

@@ -0,0 +1,14 @@
+// Command plugin is the happyDomain plugin entrypoint for the SRV checker.
+package main
+
+import (
+	sdk "git.happydns.org/checker-sdk-go/checker"
+	srv "git.happydns.org/checker-srv/checker"
+)
+
+var Version = "custom-build"
+
+func NewCheckerPlugin() (*sdk.CheckerDefinition, sdk.ObservationProvider, error) {
+	srv.Version = Version
+	return srv.Definition(), srv.Provider(), nil
+}