From 9b9ec51ff5f10bbca82878d7793c60e8fbb9d517 Mon Sep 17 00:00:00 2001
From: Evgeni Golov <evgeni@golov.de>
Date: Thu, 19 Sep 2024 10:24:53 +0200
Subject: [PATCH] explicitly resolve A/AAAA when pulling external IP from
 icanhazip

ipv4.icanhazip.com has an AAAA record, and ipv6 has an A record, which
leads to both facts returning v6 addresses.

while this is a missconfiguration on the side of icanhazip.com, we can
prevent it from happening by forcing things at the resolver level.
---
 .../modules/profiles/lib/facter/external_ips.rb | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/puppet/modules/profiles/lib/facter/external_ips.rb b/puppet/modules/profiles/lib/facter/external_ips.rb
index f5b81bafd..1936adf4c 100644
--- a/puppet/modules/profiles/lib/facter/external_ips.rb
+++ b/puppet/modules/profiles/lib/facter/external_ips.rb
@@ -1,9 +1,15 @@
-require 'open-uri'
+require 'net/http'
+require 'resolv'
 
 Facter.add(:external_ip4) do
   setcode do
     begin
-      URI.parse('http://ipv4.icanhazip.com/').read.chomp
+      Resolv::DNS.open do |dns|
+        addr = dns.getresource("ipv4.icanhazip.com", Resolv::DNS::Resource::IN::A).address.to_s
+        Net::HTTP.start(addr) do |http|
+          http.get('http://ipv4.icanhazip.com/').body.chomp
+        end
+      end
     rescue
       nil
     end
@@ -13,7 +19,12 @@
 Facter.add(:external_ip6) do
   setcode do
     begin
-      URI.parse('http://ipv6.icanhazip.com/').read.chomp
+      Resolv::DNS.open do |dns|
+        addr = dns.getresource("ipv6.icanhazip.com", Resolv::DNS::Resource::IN::AAAA).address.to_s
+        Net::HTTP.start(addr) do |http|
+          http.get('http://ipv6.icanhazip.com/').body.chomp
+        end
+      end
     rescue
       nil
     end