Commit graph

27 commits

Author SHA1 Message Date
Ludovic Fernandez
820c2b7531
gcloud: fix for wildcard (#740) 2018-12-22 00:53:05 +01:00
Ludovic Fernandez
42941ccea6
Refactor the core of the lib (#700)
- Packages
- Isolate code used by the CLI into the package `cmd`
- (experimental) Add e2e tests for HTTP01, TLS-ALPN-01 and DNS-01, use [Pebble](https://github.com/letsencrypt/pebble) and [challtestsrv](https://github.com/letsencrypt/boulder/tree/master/test/challtestsrv) 
- Support non-ascii domain name (punnycode)
- Check all challenges in a predictable order
- No more global exported variables
- Archive revoked certificates
- Fixes revocation for subdomains and non-ascii domains
- Disable pending authorizations
- use pointer for RemoteError/ProblemDetails
- Poll authz URL instead of challenge URL
- The ability for a DNS provider to solve the challenge sequentially
- Check all nameservers in a predictable order
- Option to disable the complete propagation Requirement
- CLI, support for renew with CSR
- CLI, add SAN on renew
- Add command to list certificates.
- Logs every iteration of waiting for the propagation
- update DNSimple client
- update github.com/miekg/dns
2018-12-06 22:50:17 +01:00
Ludovic Fernandez
4d21f8eec1
Add a test helper to manage env vars. (#675) 2018-10-16 17:52:57 +02:00
Ludovic Fernandez
122c354163
Homogenization of the DNS provider tests (#671)
* refactor: min TTL
* refactor: sandbox.
* refactor: tests homogenization.
* refactor: missing require.
2018-10-12 19:29:18 +02:00
Ludovic Fernandez
20d50a559f
route53: fix challenge. (#665) 2018-10-09 19:03:07 +02:00
Matt Farmer
fa455bc037 Add support for reading DNS provider setup from files (#535) 2018-10-06 15:33:15 +02:00
Ludovic Fernandez
ad20bf90ff Migrate to golangci-lint (#644)
* refactor: linting.

- errcheck
- govet
- golint
- goconst
- spellcheck
- ...

* refactor: migrate from gometalinter to golangci-lint.
2018-09-24 19:07:20 +00:00
Ludovic Fernandez
bba134ce87
Allow to configure TTL, interval and timeout (#634)
* feat: add GetOrDefaultXXX methods.
* refactor: configuration (alidns).
* refactor: configuration (azure).
* refactor: configuration (auroradns).
* refactor: configuration (bluecat).
* refactor: configuration (cloudflare).
* refactor: configuration (digitalocean).
* refactor: configuration (dnsimple).
* refactor: configuration (dnmadeeasy).
* refactor: configuration (dnspod).
* refactor: configuration (duckdns).
* refactor: configuration (dyn).
* refactor: configuration (exoscale).
* refactor: configuration (fastdns).
* refactor: configuration (gandi).
* refactor: configuration (gandiv5).
* refactor: configuration (gcloud).
* refactor: configuration (glesys).
* refactor: configuration (godaddy).
* refactor: configuration (iij).
* refactor: configuration (lightsail).
* refactor: configuration (linode).
* refactor: configuration (namecheap).
* refactor: configuration (namedotcom).
* refactor: configuration (netcup).
* refactor: configuration (nifcloud).
* refactor: configuration (ns1).
* refactor: configuration (otc).
* refactor: configuration (ovh).
* refactor: configuration (pdns).
* refactor: configuration (rackspace).
* refactor: configuration (rfc2136).
* refactor: configuration (route53).
* refactor: configuration (sakuracloud).
* refactor: configuration (vegadns).
* refactor: configuration (vultr).
2018-09-15 19:07:24 +02:00
NicoMen
035c27cdb7 Check error to avoid panic due to nil client (#631) 2018-09-10 09:52:43 +02:00
Conor Mongey
ef7cd04002 Route53: Make it possible to configure from the env (#603) 2018-09-08 13:49:24 +02:00
Conor Mongey
8b6701514c Route53: make provider timeouts configurable (#588) 2018-07-18 17:37:35 +02:00
Ludovic Fernandez
c4bbb4b819
Review DNS providers. (#565)
* refactor: review DNS providers.
2018-06-11 17:32:50 +02:00
Ludovic Fernandez
e7fd871a9c
ACME V2 support (#555) 2018-05-30 19:53:04 +02:00
Johannes Ebke
b2c4f3c84e route53: Use NewSessionWithOptions instead of deprecated New. Fixes #458. (#528) 2018-04-12 07:08:23 -06:00
James Nugent
b2aab0377c dns/route53: Allow specifying hosted zone ID (#345)
* dns/route53: Allow specifying hosted zone ID

This commit adds support for specifying hosted zone ID via the
environment variable AWS_HOSTED_ZONE_ID. If this is not specified, the
previous discovery process is used.

This is useful in environments where multiple hosted zones for the same
domain name are present in an account.

* dns/route53: Fix up getHostedZoneID method params

Now that getHostedZoneID is a method on the DNSProvider struct, there is
no reason for it to take the Route53 client as a parameter - we can
simply use the reference stored in the struct.
2017-07-17 21:50:53 +02:00
Chris Marchesi
64f8e0d225 providers/dns/route53: Adjust DNS challenge TTL to 10 seconds
While more than likely never to come up in a real-world situation,
during renewal integration testing a value of 120 seconds has
proven to be too high (the old challenge record has not expired
by the time the new one is created).
2016-06-17 16:07:37 -07:00
JanB
4d9e4f1487 Make sure we don't provision to a private hosted zone
Route 53 allows multiple zones with the same name to co-exist in an
account. The most common use case for this is a split-view DNS with one
private and one public zone for the same domain name. This patch makes
sure we don’t ever provision the authorization record to the private
zone.
The other case where a user has multiple public zones with the same
name is not covered here since this would require a bigger change in
code in order to determine which of the zones is active from the
viewpoint of the internet. Also this is probably an edge use case that
can be addressed once it comes up in the issues.
2016-04-21 15:47:43 +02:00
LukeHandle
dbad97ebc6 Retry logic for dnsQuery
Added a slice of NS to be used when retrying queries. Also used with FindZoneByFqdn()
Adjusted 2 error messages given to better differentiate the returned error string
2016-04-12 00:24:11 +01:00
xenolf
74c6bbee86
Fix a couple of lint and fmt issues. 2016-04-08 01:21:01 +02:00
Jan Broer
9f1b9e39af Switch route53 provider to the official AWS SDK
Fully backwards compatible in terms of credential mechanisms
(environment variables, shared credentials file, EC2 metadata). If a
custom AWS IAM policy is in use it needs to be updated with permissions
for the route53:ListHostedZonesByName action.
2016-03-27 20:22:09 +02:00
xenolf
8512faba3b Merge pull request #142 from LukeHandle/patch-dns-providers
Use zone name when talking to DNS APIs
2016-03-24 09:32:06 +01:00
LukeHandle
20ab8300eb Use zone name when talking to DNS APIs
This should handle multiple zones more efficiently
2016-03-21 00:18:49 +00:00
Brett Vickers
47219adc00 Make DNS provider credential-handling more consistent.
Different DNS providers were handling credentials in different ways.
Some were reading credential environment variables in cli_handlers.go
and then passing them into the NewDNSProvider function, while others
were reading the environment variables within their NewDNSProvider
functions.

This change replaces each DNS challenge's NewDNSProvider function with
two new functions: (1) a NewDNSProvider function that takes no
parameters and uses the environment to read credentials, and (2) a
NewDNSProviderCredentials that takes credentials as parameters.
2016-03-20 11:40:30 -07:00
xenolf
3252b0bcb9 Fix WaitFor calls 2016-03-11 04:52:59 +01:00
xenolf
2ae35a755d Rename provider types as provider names are already in the package name. Added package level comments and fixed the name of the interface the providers are importing. 2016-03-11 03:46:09 +01:00
xenolf
9008ec6949 Move functions from dns package back into ACME. 2016-03-11 03:40:28 +01:00
xenolf
b412c67aa6 Move providers out of ACME package. 2016-03-03 01:14:32 +01:00