forked from TrueCloudLab/lego
Add DNS01 support to the CLI
This commit is contained in:
xenolf
parent
815d8bba0c
commit
2bcf74c1c4
2 changed files with 46 additions and 0 deletions
13
cli.go
13
cli.go
|
|
@ -108,6 +108,19 @@ func main() {
|
||||||
Name: "tls",
|
Name: "tls",
|
||||||
Usage: "Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port",
|
Usage: "Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port",
|
||||||
},
|
},
|
||||||
|
cli.StringFlag{
|
||||||
|
Name: "dns",
|
||||||
|
Usage: "Enable the DNS challenge for solving using a provider." +
|
||||||
|
"\n\tCredentials for providers have to be passed through environment variables." +
|
||||||
|
"\n\tFor a more detailed explanation of the parameters, please see the online docs." +
|
||||||
|
"\n\tValid providers:" +
|
||||||
|
"\n\tcloudflare: CLOUDFLARE_EMAIL, CLOUDFLARE_API_KEY" +
|
||||||
|
"\n\tdigitalocean: DO_AUTH_TOKEN" +
|
||||||
|
"\n\tdnsimple: DNSIMPLE_EMAIL, DNSIMPLE_API_KEY" +
|
||||||
|
"\n\troute53: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION_NAME" +
|
||||||
|
"\n\trfc2136: RFC2136_TSIG_KEY, RFC2136_TSIG_SECRET, RFC2136_NAMESERVER, RFC2136_ZONE" +
|
||||||
|
"\n\tmanual: none",
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
app.Run(os.Args)
|
app.Run(os.Args)
|
||||||
|
|
|
||||||
|
|
@ -51,6 +51,39 @@ func setup(c *cli.Context) (*Configuration, *Account, *acme.Client) {
|
||||||
client.SetTLSAddress(c.GlobalString("tls"))
|
client.SetTLSAddress(c.GlobalString("tls"))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if c.GlobalIsSet("dns") {
|
||||||
|
var err error
|
||||||
|
var provider acme.ChallengeProvider
|
||||||
|
switch c.GlobalString("dns") {
|
||||||
|
case "cloudflare":
|
||||||
|
provider, err = acme.NewDNSProviderCloudFlare("", "")
|
||||||
|
case "digitalocean":
|
||||||
|
authToken := os.Getenv("DO_AUTH_TOKEN")
|
||||||
|
|
||||||
|
provider, err = acme.NewDNSProviderDigitalOcean(authToken)
|
||||||
|
case "dnsimple":
|
||||||
|
provider, err = acme.NewDNSProviderDNSimple("", "")
|
||||||
|
case "route53":
|
||||||
|
awsRegion := os.Getenv("AWS_REGION")
|
||||||
|
provider, err = acme.NewDNSProviderRoute53("", "", awsRegion)
|
||||||
|
case "rfc2136":
|
||||||
|
nameserver := os.Getenv("RFC2136_NAMESERVER")
|
||||||
|
zone := os.Getenv("RFC2136_ZONE")
|
||||||
|
tsigKey := os.Getenv("RFC2136_TSIG_KEY")
|
||||||
|
tsigSecret := os.Getenv("RFC2136_TSIG_SECRET")
|
||||||
|
|
||||||
|
provider, err = acme.NewDNSProviderRFC2136(nameserver, zone, tsigKey, tsigSecret)
|
||||||
|
case "manual":
|
||||||
|
provider, err = acme.NewDNSProviderManual()
|
||||||
|
}
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
logger().Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
client.SetChallengeProvider(acme.DNS01, provider)
|
||||||
|
}
|
||||||
|
|
||||||
return conf, acc, client
|
return conf, acc, client
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue