forked from TrueCloudLab/lego
route53: avoid unexpected records deletion (#1976)
Co-authored-by: David King <king.c.david@googlemail.com>
This commit is contained in:
parent
d21706420a
commit
f582d12f65
1 changed files with 21 additions and 4 deletions
|
@ -176,26 +176,43 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
|
||||||
return fmt.Errorf("failed to determine Route 53 hosted zone ID: %w", err)
|
return fmt.Errorf("failed to determine Route 53 hosted zone ID: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
records, err := d.getExistingRecordSets(ctx, hostedZoneID, info.EffectiveFQDN)
|
existingRecords, err := d.getExistingRecordSets(ctx, hostedZoneID, info.EffectiveFQDN)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("route53: %w", err)
|
return fmt.Errorf("route53: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(records) == 0 {
|
if len(existingRecords) == 0 {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var nonLegoRecords []awstypes.ResourceRecord
|
||||||
|
for _, record := range existingRecords {
|
||||||
|
if deref(record.Value) != `"`+info.Value+`"` {
|
||||||
|
nonLegoRecords = append(nonLegoRecords, record)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
action := awstypes.ChangeActionUpsert
|
||||||
|
|
||||||
recordSet := &awstypes.ResourceRecordSet{
|
recordSet := &awstypes.ResourceRecordSet{
|
||||||
Name: aws.String(info.EffectiveFQDN),
|
Name: aws.String(info.EffectiveFQDN),
|
||||||
Type: "TXT",
|
Type: "TXT",
|
||||||
TTL: aws.Int64(int64(d.config.TTL)),
|
TTL: aws.Int64(int64(d.config.TTL)),
|
||||||
ResourceRecords: records,
|
ResourceRecords: nonLegoRecords,
|
||||||
}
|
}
|
||||||
|
|
||||||
err = d.changeRecord(ctx, awstypes.ChangeActionDelete, hostedZoneID, recordSet)
|
// If the records are only records created by lego.
|
||||||
|
if len(nonLegoRecords) == 0 {
|
||||||
|
action = awstypes.ChangeActionDelete
|
||||||
|
|
||||||
|
recordSet.ResourceRecords = existingRecords
|
||||||
|
}
|
||||||
|
|
||||||
|
err = d.changeRecord(ctx, action, hostedZoneID, recordSet)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("route53: %w", err)
|
return fmt.Errorf("route53: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue