Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add DNS provider for Core-Networks #2101

Merged
merged 6 commits into from
Oct 25, 2024
Merged

Conversation

ldez
Copy link
Member

@ldez ldez commented Feb 6, 2024

  • add a description to your PR
  • have a homogeneous design with the other providers
  • add tests (units)
  • add tests ("live")
  • add a provider descriptor
  • generate CLI help, documentation, and readme.
  • be able to do: (and put the output of this command to a comment)
    make build
    rm -rf .lego
    
    CORENETWORKS_LOGIN="xxxx" \
    CORENETWORKS_PASSWORD="yyyy" \
    ./dist/lego -m [email protected] --dns corenetworks -d *.example.com -d example.com -s https://acme-staging-v02.api.letsencrypt.org/directory run
    Note the wildcard domain is important.
  • pass the linter
  • do go mod tidy

Ping @renne, can you run the command (with your domain, email, and credentials)?

Closes #1989

@ldez

This comment was marked as outdated.

@ldez ldez force-pushed the feat/corenetworks branch from 1e38975 to d6a0520 Compare August 28, 2024 13:18
@ldez ldez force-pushed the feat/corenetworks branch from d6a0520 to ecef4c3 Compare September 9, 2024 23:21
@ldez ldez force-pushed the feat/corenetworks branch from ecef4c3 to da54a93 Compare October 14, 2024 13:31
@heliax01

This comment was marked as outdated.

@ldez

This comment was marked as outdated.

@heliax01

This comment was marked as outdated.

@ldez

This comment was marked as outdated.

@ldez
Copy link
Member Author

ldez commented Oct 24, 2024

I updated the PR, I think the problem was related to a missing /.

I also change the "mode" of the provider because, based on the translated doc, the provider doesn't support multiple records for the same domain at the same time.

Beim Hinzufügen eines bereits existierenden Records, wird kein zweiter erstellt, aber auch kein Fehler gemeldet.

When adding an existing record, no second one is created and no error is reported.

Also, note that the wildcard is important:

make build
rm -rf .lego

CORENETWORKS_LOGIN="xxxx" \
CORENETWORKS_PASSWORD="yyyy" \
./dist/lego -m [email protected] --dns corenetworks -d *.example.com -d example.com -s https://acme-staging-v02.api.letsencrypt.org/directory run

@ldez ldez added contrib/waiting-for-feedback and removed state/need-user-tests Need users to test functionality labels Oct 24, 2024
@ldez ldez force-pushed the feat/corenetworks branch from 9b32d94 to bed2ba1 Compare October 24, 2024 22:45
@heliax01

This comment was marked as outdated.

@ldez

This comment was marked as outdated.

@heliax01

This comment was marked as outdated.

@ldez

This comment was marked as outdated.

@ldez

This comment was marked as outdated.

@heliax01
Copy link

Looks good this time

root@cachehost ~/lego # gh pr checkout 2101
remote: Enumerating objects: 61, done.
remote: Counting objects: 100% (54/54), done.
remote: Compressing objects: 100% (18/18), done.
remote: Total 61 (delta 35), reused 53 (delta 35), pack-reused 7 (from 1)
Unpacking objects: 100% (61/61), 9.80 KiB | 557.00 KiB/s, done.
From https://github.com/go-acme/lego
 * [new ref]           refs/pull/2101/head -> feat/corenetworks
Switched to branch 'feat/corenetworks'
root@cachehost ~/lego # make build
BIN_OUTPUT: dist/lego
rm -rf dist/ builds/ cover.out
Version: de7e82bcf01fef8b7058936a1022367e2757428d
go build -trimpath -ldflags '-X "main.version=de7e82bcf01fef8b7058936a1022367e2757428d"' -o  dist/lego ./cmd/lego/
root@cachehost ~/lego # rm -rf .lego
root@cachehost ~/lego # LEGO_DEBUG_CLIENT_VERBOSE_ERROR=true CORENETWORKS_LOGIN="apiexample" CORENETWORKS_PASSWORD="xxxxxxx" ./dist/lego -m [email protected] --dns corenetworks -d testdomain.example.de -d example.de -s https://acme-staging-v02.api.letsencrypt.org/directory run
2024/10/25 10:48:53 No key found for account [email protected]. Generating a P256 key.
2024/10/25 10:48:53 Saved key to /root/lego/.lego/accounts/acme-staging-v02.api.letsencrypt.org/[email protected]/keys/[email protected]
2024/10/25 10:48:53 Please review the TOS at https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf
Do you accept the TOS? Y/n
Y
2024/10/25 10:48:55 [INFO] acme: Registering account for [email protected]
!!!! HEADS UP !!!!

Your account credentials have been saved in your Let's Encrypt
configuration directory at "/root/lego/.lego/accounts".

You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from Let's Encrypt so making regular
backups of this folder is ideal.
2024/10/25 10:48:56 [INFO] [testdomain.example.de, example.de] acme: Obtaining bundled SAN certificate
2024/10/25 10:48:56 [INFO] [testdomain.example.de] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/14587035213
2024/10/25 10:48:56 [INFO] [example.de] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/14587035223
2024/10/25 10:48:56 [INFO] [testdomain.example.de] acme: Could not find solver for: tls-alpn-01
2024/10/25 10:48:56 [INFO] [testdomain.example.de] acme: Could not find solver for: http-01
2024/10/25 10:48:56 [INFO] [testdomain.example.de] acme: use dns-01 solver
2024/10/25 10:48:56 [INFO] [example.de] acme: Could not find solver for: tls-alpn-01
2024/10/25 10:48:56 [INFO] [example.de] acme: Could not find solver for: http-01
2024/10/25 10:48:56 [INFO] [example.de] acme: use dns-01 solver
2024/10/25 10:48:56 [INFO] [testdomain.example.de] acme: Preparing to solve DNS-01
2024/10/25 10:48:57 [INFO] [testdomain.example.de] acme: Trying to solve DNS-01
2024/10/25 10:48:57 [INFO] [testdomain.example.de] acme: Checking DNS record propagation. [nameservers=185.12.64.1:53,[2a01:4ff:ff00::add:2]:53,185.12.64.2:53]
2024/10/25 10:48:59 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
2024/10/25 10:49:04 [INFO] [testdomain.example.de] The server validated our request
2024/10/25 10:49:04 [INFO] [testdomain.example.de] acme: Cleaning DNS-01 challenge
2024/10/25 10:49:05 [INFO] sequence: wait for 1m0s
2024/10/25 10:50:05 [INFO] [example.de] acme: Preparing to solve DNS-01
2024/10/25 10:50:05 [INFO] [example.de] acme: Trying to solve DNS-01
2024/10/25 10:50:05 [INFO] [example.de] acme: Checking DNS record propagation. [nameservers=185.12.64.1:53,[2a01:4ff:ff00::add:2]:53,185.12.64.2:53]
2024/10/25 10:50:07 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
2024/10/25 10:50:11 [INFO] [example.de] The server validated our request
2024/10/25 10:50:11 [INFO] [example.de] acme: Cleaning DNS-01 challenge
2024/10/25 10:50:11 [INFO] [testdomain.example.de, example.de] acme: Validations succeeded; requesting certificates
2024/10/25 10:50:11 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
2024/10/25 10:50:14 [INFO] [testdomain.example.de] Server responded with a certificate.

@ldez
Copy link
Member Author

ldez commented Oct 25, 2024

I need a run with a wildcard (not a subdomain) + domain for the same root domain.

-d *.example.de -d example.de

@heliax01
Copy link

No problem, here you go

root@cachehost ~/lego # LEGO_DEBUG_CLIENT_VERBOSE_ERROR=true CORENETWORKS_LOGIN="apiexample" CORENETWORKS_PASSWORD="xxxxxxx" ./dist/lego -m [email protected] --dns corenetworks -d *.example.de -d example.de -s https://acme-staging-v02.api.letsencrypt.org/directory run
2024/10/25 11:23:41 [INFO] [*.example.de, example.de] acme: Obtaining bundled SAN certificate
2024/10/25 11:23:42 [INFO] [*.example.de] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/14587035223
2024/10/25 11:23:42 [INFO] [example.de] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/14587436183
2024/10/25 11:23:42 [INFO] [example.de] acme: authorization already valid; skipping challenge
2024/10/25 11:23:42 [INFO] [*.example.de] acme: use dns-01 solver
2024/10/25 11:23:42 [INFO] [*.example.de] acme: Preparing to solve DNS-01
2024/10/25 11:23:42 [INFO] [*.example.de] acme: Trying to solve DNS-01
2024/10/25 11:23:42 [INFO] [*.example.de] acme: Checking DNS record propagation. [nameservers=185.12.64.1:53,[2a01:4ff:ff00::add:2]:53,185.12.64.2:53]
2024/10/25 11:23:44 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
2024/10/25 11:23:50 [INFO] [*.example.de] The server validated our request
2024/10/25 11:23:50 [INFO] [*.example.de] acme: Cleaning DNS-01 challenge
2024/10/25 11:23:50 [INFO] [*.example.de, example.de] acme: Validations succeeded; requesting certificates
2024/10/25 11:23:51 [INFO] Wait for certificate [timeout: 30s, interval: 500ms]
2024/10/25 11:23:52 [INFO] [*.example.de] Server responded with a certificate.

@ldez ldez added this to the v4.20 milestone Oct 25, 2024
@ldez ldez requested a review from dmke October 25, 2024 11:29
@ldez ldez marked this pull request as ready for review October 25, 2024 11:31
@ldez ldez force-pushed the feat/corenetworks branch from de7e82b to aa77a57 Compare October 25, 2024 12:00
Copy link
Member

@dmke dmke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ldez ldez merged commit 008c817 into go-acme:master Oct 25, 2024
7 checks passed
@ldez ldez deleted the feat/corenetworks branch October 25, 2024 20:52
usarise added a commit to usarise/lego that referenced this pull request Nov 12, 2024
* volcengine: set API information within the default configuration (go-acme#2308)

Co-authored-by: Fernandez Ludovic <[email protected]>

* limacity: fix error message (go-acme#2310)

* Add DNS provider for Core-Networks (go-acme#2101)

* chore: update readme generator (go-acme#2311)

* chore: fix readme generator (go-acme#2312)

* chore: embed templates for internal commands (go-acme#2314)

* chore: improve internal release command (go-acme#2315)

* fix: parse printf verbs in log line output (go-acme#2317)

* Add DNS provider for Regfish (go-acme#2320)

* chore: update dependencies (go-acme#2321)

* selectelv2: fix non-ASCII domain (go-acme#2322)

Co-authored-by: Fernandez Ludovic <[email protected]>

* brandit: provider deprecation (go-acme#2116)

* cloudxns: provider deprecation (go-acme#2324)

* chore: update issue templates

* docs: use homogenous examples (go-acme#2328)

* regru: update authentication method (go-acme#2325)

* rfc2136: add support for tsig-keygen generated file (go-acme#2330)

Co-authored-by: Dominik Menke <[email protected]>

* Add DNS provider for Technitium (go-acme#2332)

* feat: skip the TLS verification of the ACME server (go-acme#2335)

* docs: add documentation for env var only options (go-acme#2337)

* docs: update least privilege instructions for Cloudflare (go-acme#2339)

* feat: attempt to check ARI unless explicitly disabled (go-acme#2298)

Co-authored-by: Fernandez Ludovic <[email protected]>

* chore: domain merge simplification (go-acme#2340)

* chore: update linter (go-acme#2341)

* Prepare release v4.20.0

* Detach v4.20.0

* Prepare release v4.20.1

* Detach v4.20.1

* Prepare release v4.20.2

* Detach v4.20.2

* fix: HTTP server IPv6 matching (go-acme#2345)

* docs: improve changelog style (go-acme#2346)

* docs: fix typos

---------

Co-authored-by: 刘瑞斌 <[email protected]>
Co-authored-by: Fernandez Ludovic <[email protected]>
Co-authored-by: Dominik Menke <[email protected]>
Co-authored-by: Frederic Hemberger <[email protected]>
Co-authored-by: Artem Chirkov <[email protected]>
Co-authored-by: Maksim Kamanin <[email protected]>
Co-authored-by: Dominik Menke <[email protected]>
Co-authored-by: Josh McKinney <[email protected]>
Co-authored-by: Samantha Frank <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

Successfully merging this pull request may close these issues.

Support for provider: Core-Networks
3 participants