Commit graph

903 commits

Author SHA1 Message Date
SALLEYRON Julien
ad34a85dad refactor: rename Alibaba DNS env var. (#636) 2018-09-13 16:15:26 +02:00
NicoMen
839b137761 Update iij version to remove CRLF (#635) 2018-09-13 09:54:16 +02:00
mattn
088c707d4c Use path/filepath instead of path (#633) 2018-09-12 00:41:30 +02:00
NicoMen
035c27cdb7 Check error to avoid panic due to nil client (#631) 2018-09-10 09:52:43 +02:00
Sten Spans
cd5479a6b1 Panic on generating a certificate (#627) 2018-09-09 12:37:30 +02:00
yuexiaoyun
c22f8d841f Add DNS Provider for ALIYUN DNS (#620) 2018-09-08 15:17:23 +02:00
Silas Rech
89eff6fc7b Add filename parameter (#612) 2018-09-08 14:58:17 +02:00
Laurendus
5a1c3d2134 Add DNS Provider for netcup (#610) 2018-09-08 14:08:07 +02:00
Conor Mongey
ef7cd04002 Route53: Make it possible to configure from the env (#603) 2018-09-08 13:49:24 +02:00
keisuk-t
725b6b816a Add DNS Provider for IIJ (#606) 2018-09-08 12:52:36 +02:00
Yoan Blanc
f3cfe4a24a dnsprovider: upgrade egoscale to v0.11.1 (#617) 2018-09-08 12:09:59 +02:00
Craig Peterson
de3accf531 Submit all dns records up front, then validate serially (#607) 2018-09-08 11:56:51 +02:00
Ludovic Fernandez
6588bc6fa5 fix: for dep v0.5.0. (#609) 2018-08-01 14:41:40 +00:00
Conor Mongey
8b6701514c Route53: make provider timeouts configurable (#588) 2018-07-18 17:37:35 +02:00
Bill Shupp
baad3dea99 Add EXEC_MODE=RAW support to DNS Provider exec (#586) 2018-07-18 01:19:48 +02:00
fl1pfl0p
6edbd1572e DuckDNS: fix TXT record update url (#601) 2018-07-18 00:17:51 +02:00
Ludovic Fernandez
dd85f25cb3
Exclude TLS ALPN for some CLI arguments (#599) 2018-07-16 22:50:51 +02:00
Steve Coursen
771679fe3d NS1: use the authoritative zone and not the domain name (#463) 2018-07-14 12:31:57 +02:00
JP Phillips
255296ec82 gcloud: update findTxtRecords to use Name=fqdn and Type=TXT, use in Present and Cleanup (#594) 2018-07-14 12:02:03 +02:00
Daniel McCarney
04e2d74406 DNS Providers: Add ACME-DNS provider. (#591)
This commit adds a new DNS provider for
[acme-dns](https://github.com/joohoi/acme-dns) to allow Lego to set
DNS-01 challenge response TXT with an ACME-DNS server automatically.
ACME-DNS allows ceding minimal zone editing permissions to the ACME
client and can be useful when the primary DNS provider for the zone does
not allow scripting/API access but can set a CNAME to an ACME-DNS
server.

Lower level ACME-DNS API calls & account loading/storing is handled by
the `github.com/cpu/goacmedns` library.

The provider loads existing ACME-DNS accounts from the specified JSON
file on disk. Any accounts the provider registers on behalf of the user
will also be saved to this JSON file.

When required, the provider handles registering accounts with the
ACME-DNS server domains that do not already have an ACME-DNS account.
This will halt issuance with an error prompting the user to set the
one-time manual CNAME required to delegate the DNS-01 challenge record
to the ACME-DNS server. Subsequent runs will use the account from disk
and assume the CNAME is in-place.
2018-07-09 19:28:01 +02:00
Area128
d30c293647 SOA-API-EDIT should be SOA-EDIT-API (#593)
according to https://doc.powerdns.com/authoritative/domainmetadata.html#soa-edit-api
2018-07-03 16:14:43 +02:00
Daniel McCarney
8c82824a83 README: Change staging URL example for ACME v2. (#592) 2018-07-01 23:54:35 +02:00
Bill Shupp
e0d512138c Fix missing issuer certificates from Let's Encrypt (#587) 2018-07-01 02:35:39 +02:00
Derek Chen
3a1c6202f6 Lightsail: Fix Domain does not exist error (#512) 2018-07-01 02:24:20 +02:00
fuku
f9c0fbd298 Add DNS Provider for NIFCLOUD DNS (#532) 2018-07-01 02:13:22 +02:00
Bill Shupp
3f09ecc0b1 Add DNS Provider for VegaDNS (#553) 2018-07-01 01:45:24 +02:00
Ludovic Fernandez
9bb5589e17
feat: CA Server Name. (#590) 2018-07-01 01:12:36 +02:00
Ludovic Fernandez
a2543a2fde
Don't trust identifiers order. (#589)
ACME draft Section 7.4 "Applying for Certificate Issuance"
https://tools.ietf.org/html/draft-ietf-acme-acme-12#section-7.4
says:
	Clients SHOULD NOT make any assumptions about the sort order of
	"identifiers" or "authorizations" elements in the returned order
	object.
2018-07-01 01:06:46 +02:00
Ludovic Fernandez
94e14328ab
refactor: replace Dial by DialContext. (#585) 2018-07-01 00:55:57 +02:00
Robert Kästel
54422ab226 Order polling wait (#581) 2018-06-25 23:22:42 +02:00
Kazumichi Yamamoto
05921d9810 Add DNS Provider for SAKURA Cloud (#456) 2018-06-21 21:24:45 +02:00
Ludovic Fernandez
a1585a7b9a
Review DNS providers (#580)
* refactor: create log.Infof and log.Warnf
* refactor: review DNS providers.
    - use one `http.Client` by provider instead of one client by request
    - use the same receiver name `d` for all `DNSProvider`
    - use `http.MethodXXX`
* refactor: logger init.
2018-06-21 19:06:16 +02:00
Ludovic Fernandez
57782ac3c1
tls-alpn: add a function to return PEM blocks. (#579)
* feature(tls-alpn): add function to return PEM blocks.
2018-06-18 15:44:18 +02:00
Wyatt Johnson
d457f70ae0 TLS-ALPN-01 Challenge (#572)
* feat: implemented TLS-ALPN-01 challenge
2018-06-14 01:20:56 +02:00
Ludovic Fernandez
c4bbb4b819
Review DNS providers. (#565)
* refactor: review DNS providers.
2018-06-11 17:32:50 +02:00
Daniel McCarney
8f9e90b2a0 ACME HTTP: Allow customizing HTTP client x509.CertPool (#571)
This commit updates `acme/http.go` to allow customizing the
`*x509.CertPool` used by the `HTTPClient` by specifying the filepath of
a custom CA certificate via the `CA_CERTIFICATE` environment variable.

This allows developers to easily trust a non-standard CA when
interacting with an ACME test server (e.g. Pebble):

```
CA_CERTIFICATE=~/go/src/github.com/letsencrypt/pebble/test/certs/pebble.minica.pem \
lego \
  --server https://localhost:14000/dir \
  --email foo@bar.com \
  -d example.com \
  run
```
2018-06-11 15:45:59 +02:00
AndreKR
5005315fff dns/exec: Allow passing the program to the provider directly (#573)
This adds a function NewDNSProviderProgram() to the exec provider that allows to set the program to run directly instead of via the environment variable. This is similar to how other providers allow to set their credentials.
2018-06-10 13:51:01 -06:00
Ludovic Fernandez
7fedfd1388 fix: user-agent string order. (#566) 2018-06-03 12:23:01 -06:00
xenolf
27e0f97c9d
Fix wrong repository URL (#563) 2018-05-31 19:39:33 +02:00
nelsonkram
f17b1ce516 Added 'processing' status as valid challenge status (#561) 2018-05-31 17:22:37 +02:00
Wyatt Johnson
fefeb24353
Prepare release v1.0.0 (#559)
* Prepare release v1.0.0

* review: remove infrastructure items from CHANGELOG.md

* review: updated CHANGELOG.md message

* review: added ACME v1 reference in README.md

* review: README.md updates

* review: removed experimental note
2018-05-30 18:03:08 -06:00
Ludovic Fernandez
6004e599ed Manage vendor (#557)
* feat: add dep configuration files.

* chore: add vendor folder.

* refactor: update Dockerfile.

* review: remove git from Dockerfile.

* review: remove RUN apk.

* review: dep status.

* feat: added .dockerignore
2018-05-30 16:28:41 -06:00
Ludovic Fernandez
1b12c25e43 Add linters (#556)
* feat: add linters.
* fix: lint.
2018-05-30 16:03:55 -06:00
NicoMen
517f442fa3 Add details to the cloudflare error message (#452) 2018-05-30 20:26:07 +02:00
Dan Lüdtke
0593b64674 Fix gcloud naming inconsistency; parse projectID (#425)
This commit fixes the naming inconsistency of Google Cloud DNS being
named `googlecloud` in the source and `gcloud` in the user interface.
Furthermore, improving my previous commit, I realized that the project ID
is stored in the service account file. We can save one environment variable
when using service account file (e.g. in automation applications).
2018-05-30 20:20:21 +02:00
Ludovic Fernandez
e7fd871a9c
ACME V2 support (#555) 2018-05-30 19:53:04 +02:00
Pall Valmundsson
1d9b0906b1 Update Dockerfile (#484)
This updates the Dockerfile to use multi-stage builds and enables a build argument to specify which version or SHA is built.
2018-05-30 14:01:23 +02:00
Ludovic Fernandez
86f1721281
chore: ignore gitcookies. (#554) 2018-05-30 10:02:14 +02:00
Ludovic Fernandez
084e280934
Prepare release v0.5.0 (#552) 2018-05-30 02:58:11 +02:00
Ludovic Fernandez
3cc9a19a1c Add a release system. (#550)
* feat: add release system.
* feat: goreleaser.
* review: minor changes.
2018-05-29 11:40:00 -06:00