efficientip: add insecure skip verify option (#2052)
Co-authored-by: Fernandez Ludovic <ldez@users.noreply.github.com>
This commit is contained in:
parent
5af3c6c042
commit
7186ebb6f1
4 changed files with 13 additions and 0 deletions
|
@ -964,6 +964,7 @@ func displayDNSHelp(w io.Writer, name string) error {
|
||||||
|
|
||||||
ew.writeln(`Additional Configuration:`)
|
ew.writeln(`Additional Configuration:`)
|
||||||
ew.writeln(` - "EFFICIENTIP_HTTP_TIMEOUT": API request timeout`)
|
ew.writeln(` - "EFFICIENTIP_HTTP_TIMEOUT": API request timeout`)
|
||||||
|
ew.writeln(` - "EFFICIENTIP_INSECURE_SKIP_VERIFY": Whether or not to verify EfficientIP API certificate`)
|
||||||
ew.writeln(` - "EFFICIENTIP_POLLING_INTERVAL": Time between DNS propagation check`)
|
ew.writeln(` - "EFFICIENTIP_POLLING_INTERVAL": Time between DNS propagation check`)
|
||||||
ew.writeln(` - "EFFICIENTIP_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`)
|
ew.writeln(` - "EFFICIENTIP_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`)
|
||||||
ew.writeln(` - "EFFICIENTIP_TTL": The TTL of the TXT record used for the DNS challenge`)
|
ew.writeln(` - "EFFICIENTIP_TTL": The TTL of the TXT record used for the DNS challenge`)
|
||||||
|
|
|
@ -54,6 +54,7 @@ More information [here]({{< ref "dns#configuration-and-credentials" >}}).
|
||||||
| Environment Variable Name | Description |
|
| Environment Variable Name | Description |
|
||||||
|--------------------------------|-------------|
|
|--------------------------------|-------------|
|
||||||
| `EFFICIENTIP_HTTP_TIMEOUT` | API request timeout |
|
| `EFFICIENTIP_HTTP_TIMEOUT` | API request timeout |
|
||||||
|
| `EFFICIENTIP_INSECURE_SKIP_VERIFY` | Whether or not to verify EfficientIP API certificate |
|
||||||
| `EFFICIENTIP_POLLING_INTERVAL` | Time between DNS propagation check |
|
| `EFFICIENTIP_POLLING_INTERVAL` | Time between DNS propagation check |
|
||||||
| `EFFICIENTIP_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
|
| `EFFICIENTIP_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
|
||||||
| `EFFICIENTIP_TTL` | The TTL of the TXT record used for the DNS challenge |
|
| `EFFICIENTIP_TTL` | The TTL of the TXT record used for the DNS challenge |
|
||||||
|
|
|
@ -3,6 +3,7 @@ package efficientip
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/tls"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
@ -26,6 +27,7 @@ const (
|
||||||
EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
|
EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
|
||||||
EnvPollingInterval = envNamespace + "POLLING_INTERVAL"
|
EnvPollingInterval = envNamespace + "POLLING_INTERVAL"
|
||||||
EnvHTTPTimeout = envNamespace + "HTTP_TIMEOUT"
|
EnvHTTPTimeout = envNamespace + "HTTP_TIMEOUT"
|
||||||
|
EnvInsecureSkipVerify = envNamespace + "INSECURE_SKIP_VERIFY"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Config is used to configure the creation of the DNSProvider.
|
// Config is used to configure the creation of the DNSProvider.
|
||||||
|
@ -35,6 +37,7 @@ type Config struct {
|
||||||
Hostname string
|
Hostname string
|
||||||
DNSName string
|
DNSName string
|
||||||
ViewName string
|
ViewName string
|
||||||
|
InsecureSkipVerify bool
|
||||||
PropagationTimeout time.Duration
|
PropagationTimeout time.Duration
|
||||||
PollingInterval time.Duration
|
PollingInterval time.Duration
|
||||||
HTTPClient *http.Client
|
HTTPClient *http.Client
|
||||||
|
@ -71,6 +74,7 @@ func NewDNSProvider() (*DNSProvider, error) {
|
||||||
config.Hostname = values[EnvHostname]
|
config.Hostname = values[EnvHostname]
|
||||||
config.DNSName = values[EnvDNSName]
|
config.DNSName = values[EnvDNSName]
|
||||||
config.ViewName = env.GetOrDefaultString(EnvViewName, "")
|
config.ViewName = env.GetOrDefaultString(EnvViewName, "")
|
||||||
|
config.InsecureSkipVerify = env.GetOrDefaultBool(EnvInsecureSkipVerify, false)
|
||||||
|
|
||||||
return NewDNSProviderConfig(config)
|
return NewDNSProviderConfig(config)
|
||||||
}
|
}
|
||||||
|
@ -100,6 +104,12 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
||||||
client.HTTPClient = config.HTTPClient
|
client.HTTPClient = config.HTTPClient
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if config.InsecureSkipVerify {
|
||||||
|
client.HTTPClient.Transport = &http.Transport{
|
||||||
|
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return &DNSProvider{config: config, client: client}, nil
|
return &DNSProvider{config: config, client: client}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -19,6 +19,7 @@ lego --email you@example.com --dns efficientip --domains my.example.org run
|
||||||
EFFICIENTIP_HOSTNAME = "Hostname (ex: foo.example.com)"
|
EFFICIENTIP_HOSTNAME = "Hostname (ex: foo.example.com)"
|
||||||
EFFICIENTIP_DNS_NAME = "DNS name (ex: dns.smart)"
|
EFFICIENTIP_DNS_NAME = "DNS name (ex: dns.smart)"
|
||||||
[Configuration.Additional]
|
[Configuration.Additional]
|
||||||
|
EFFICIENTIP_INSECURE_SKIP_VERIFY = "Whether or not to verify EfficientIP API certificate"
|
||||||
EFFICIENTIP_VIEW_NAME = "View name (ex: external)"
|
EFFICIENTIP_VIEW_NAME = "View name (ex: external)"
|
||||||
EFFICIENTIP_POLLING_INTERVAL = "Time between DNS propagation check"
|
EFFICIENTIP_POLLING_INTERVAL = "Time between DNS propagation check"
|
||||||
EFFICIENTIP_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
|
EFFICIENTIP_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
|
||||||
|
|
Loading…
Reference in a new issue