Skip to content

Commit f422a60

Browse files
stgraberstgraber
authored
Merge pull request #1753 from accuser/use-lego-binary-for-dns-01-challenge
Use lego binary for DNS-01 challenge
2 parents 67d9414 + 1cede63 commit f422a60

File tree

7 files changed

+66
-2031
lines changed

7 files changed

+66
-2031
lines changed

cmd/incusd/acme.go

+1-19
Original file line numberDiff line numberDiff line change
@@ -97,26 +97,8 @@ func autoRenewCertificate(ctx context.Context, d *Daemon, force bool) error {
9797
}
9898
}
9999

100-
var challengeProvider acme.ChallengeProvider
101-
102-
if challengeType == "DNS-01" {
103-
provider, env, resolvers := s.GlobalConfig.ACMEDNS()
104-
105-
if provider == "" {
106-
logger.Error("DNS-01 challenge type requires acme.dns.provider configuration key to be set", nil)
107-
return nil
108-
}
109-
110-
challengeProvider = acme.NewDNS01Provider(provider, env, resolvers)
111-
if challengeProvider == nil {
112-
return nil
113-
}
114-
} else {
115-
challengeProvider = d.http01Provider
116-
}
117-
118100
opRun := func(op *operations.Operation) error {
119-
newCert, err := acme.UpdateCertificate(s, challengeProvider, s.ServerClustered, domain, email, caURL, force)
101+
newCert, err := acme.UpdateCertificate(s, challengeType, d.http01Provider, s.ServerClustered, domain, email, caURL, force)
120102
if err != nil {
121103
return err
122104
}

cmd/incusd/api_1.0.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -799,7 +799,7 @@ func doApi10UpdateTriggers(d *Daemon, nodeChanged, clusterChanged map[string]str
799799

800800
for key := range clusterChanged {
801801
switch key {
802-
case "acme.ca_url", "acme.domain":
802+
case "acme.agree_tos", "acme.ca_url", "acme.challenge", "acme.domain", "acme.email", "acme.provider", "acme.provider.environment", "acme.provider.resolvers":
803803
acmeChanged = true
804804

805805
case "cluster.images_minimal_replica":

go.mod

+2-148
Original file line numberDiff line numberDiff line change
@@ -69,222 +69,76 @@ require (
6969
)
7070

7171
require (
72-
cloud.google.com/go/auth v0.15.0 // indirect
73-
cloud.google.com/go/auth/oauth2adapt v0.2.7 // indirect
74-
cloud.google.com/go/compute/metadata v0.6.0 // indirect
75-
github.com/AdamSLevy/jsonrpc2/v14 v14.1.0 // indirect
76-
github.com/Azure/azure-sdk-for-go v68.0.0+incompatible // indirect
77-
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.0 // indirect
78-
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2 // indirect
79-
github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
80-
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdns v1.2.0 // indirect
81-
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.3.0 // indirect
82-
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resourcegraph/armresourcegraph v0.9.0 // indirect
83-
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
84-
github.com/Azure/go-autorest/autorest v0.11.30 // indirect
85-
github.com/Azure/go-autorest/autorest/adal v0.9.24 // indirect
86-
github.com/Azure/go-autorest/autorest/azure/auth v0.5.13 // indirect
87-
github.com/Azure/go-autorest/autorest/azure/cli v0.4.7 // indirect
88-
github.com/Azure/go-autorest/autorest/date v0.3.1 // indirect
89-
github.com/Azure/go-autorest/autorest/to v0.4.1 // indirect
90-
github.com/Azure/go-autorest/logger v0.2.2 // indirect
91-
github.com/Azure/go-autorest/tracing v0.6.1 // indirect
92-
github.com/AzureAD/microsoft-authentication-library-for-go v1.4.1 // indirect
93-
github.com/OpenDNS/vegadns2client v0.0.0-20180418235048-a3fa4a771d87 // indirect
94-
github.com/akamai/AkamaiOPEN-edgegrid-golang v1.2.2 // indirect
95-
github.com/aliyun/alibaba-cloud-sdk-go v1.63.89 // indirect
96-
github.com/aws/aws-sdk-go-v2 v1.36.3 // indirect
97-
github.com/aws/aws-sdk-go-v2/config v1.29.8 // indirect
98-
github.com/aws/aws-sdk-go-v2/credentials v1.17.61 // indirect
99-
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.30 // indirect
100-
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 // indirect
101-
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 // indirect
102-
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 // indirect
103-
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3 // indirect
104-
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.15 // indirect
105-
github.com/aws/aws-sdk-go-v2/service/lightsail v1.43.0 // indirect
106-
github.com/aws/aws-sdk-go-v2/service/route53 v1.49.0 // indirect
107-
github.com/aws/aws-sdk-go-v2/service/sso v1.25.0 // indirect
108-
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.29.0 // indirect
109-
github.com/aws/aws-sdk-go-v2/service/sts v1.33.16 // indirect
110-
github.com/aws/smithy-go v1.22.3 // indirect
111-
github.com/benbjohnson/clock v1.3.5 // indirect
11272
github.com/beorn7/perks v1.0.1 // indirect
11373
github.com/bmatcuk/doublestar/v4 v4.8.1 // indirect
114-
github.com/boombuler/barcode v1.0.2 // indirect
11574
github.com/cenkalti/hub v1.0.2 // indirect
11675
github.com/cenkalti/rpc2 v1.0.4 // indirect
11776
github.com/cespare/xxhash/v2 v2.3.0 // indirect
118-
github.com/civo/civogo v0.3.94 // indirect
119-
github.com/cloudflare/cloudflare-go v0.115.0 // indirect
12077
github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect
12178
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
12279
github.com/dgryski/go-farm v0.0.0-20240924180020-3414d57e47da // indirect
12380
github.com/digitalocean/go-libvirt v0.0.0-20250226181018-4d5f24afb7c2 // indirect
124-
github.com/dimchansky/utfbom v1.1.1 // indirect
125-
github.com/dnsimple/dnsimple-go v1.7.0 // indirect
12681
github.com/dustin/go-humanize v1.0.1 // indirect
12782
github.com/eapache/channels v1.1.0 // indirect
12883
github.com/eapache/queue v1.1.0 // indirect
129-
github.com/exoscale/egoscale/v3 v3.1.10 // indirect
130-
github.com/fatih/structs v1.1.0 // indirect
131-
github.com/felixge/httpsnoop v1.0.4 // indirect
13284
github.com/fsnotify/fsnotify v1.8.0 // indirect
133-
github.com/fxamacker/cbor/v2 v2.7.0 // indirect
134-
github.com/gabriel-vasile/mimetype v1.4.8 // indirect
135-
github.com/ghodss/yaml v1.0.0 // indirect
136-
github.com/go-errors/errors v1.5.1 // indirect
13785
github.com/go-ini/ini v1.67.0 // indirect
13886
github.com/go-logr/stdr v1.2.2 // indirect
139-
github.com/go-playground/locales v0.14.1 // indirect
140-
github.com/go-playground/universal-translator v0.18.1 // indirect
141-
github.com/go-playground/validator/v10 v10.25.0 // indirect
142-
github.com/go-resty/resty/v2 v2.16.5 // indirect
143-
github.com/go-viper/mapstructure/v2 v2.2.1 // indirect
14487
github.com/goccy/go-json v0.10.5 // indirect
145-
github.com/gofrs/flock v0.12.1 // indirect
146-
github.com/gogo/protobuf v1.3.2 // indirect
147-
github.com/golang-jwt/jwt/v4 v4.5.1 // indirect
148-
github.com/google/go-querystring v1.1.0 // indirect
149-
github.com/google/gofuzz v1.2.0 // indirect
88+
github.com/google/go-cmp v0.7.0 // indirect
15089
github.com/google/renameio v1.0.1 // indirect
151-
github.com/google/s2a-go v0.1.9 // indirect
152-
github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
153-
github.com/googleapis/gax-go/v2 v2.14.1 // indirect
154-
github.com/gophercloud/gophercloud v1.14.1 // indirect
155-
github.com/gophercloud/utils v0.0.0-20231010081019-80377eca5d56 // indirect
15690
github.com/gorilla/securecookie v1.1.2 // indirect
157-
github.com/hashicorp/errwrap v1.1.0 // indirect
158-
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
159-
github.com/hashicorp/go-multierror v1.1.1 // indirect
160-
github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
161-
github.com/hashicorp/go-uuid v1.0.3 // indirect
16291
github.com/hashicorp/hcl v1.0.0 // indirect
163-
github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.138 // indirect
164-
github.com/iij/doapi v0.0.0-20190504054126-0bbf12d6d7df // indirect
16592
github.com/inconshreveable/mousetrap v1.1.0 // indirect
166-
github.com/infobloxopen/infoblox-go-client v1.1.1 // indirect
16793
github.com/jkeiser/iter v0.0.0-20200628201005-c8aa0ae784d1 // indirect
168-
github.com/jmespath/go-jmespath v0.4.0 // indirect
16994
github.com/josharian/native v1.1.0 // indirect
170-
github.com/json-iterator/go v1.1.12 // indirect
17195
github.com/k-sone/critbitgo v1.4.0 // indirect
172-
github.com/k0kubun/go-ansi v0.0.0-20180517002512-3bf9e2903213 // indirect
17396
github.com/klauspost/compress v1.18.0 // indirect
17497
github.com/klauspost/cpuid/v2 v2.2.10 // indirect
175-
github.com/kolo/xmlrpc v0.0.0-20220921171641-a4b6fa1dd06b // indirect
17698
github.com/kr/fs v0.1.0 // indirect
177-
github.com/kylelemons/godebug v1.1.0 // indirect
178-
github.com/labbsr0x/bindman-dns-webhook v1.0.2 // indirect
179-
github.com/labbsr0x/goh v1.0.1 // indirect
180-
github.com/leodido/go-urn v1.4.0 // indirect
181-
github.com/linode/linodego v1.47.0 // indirect
182-
github.com/liquidweb/liquidweb-cli v0.7.0 // indirect
183-
github.com/liquidweb/liquidweb-go v1.6.4 // indirect
18499
github.com/magiconair/properties v1.8.9 // indirect
185100
github.com/mattn/go-isatty v0.0.20 // indirect
186101
github.com/mattn/go-runewidth v0.0.16 // indirect
187102
github.com/mdlayher/packet v1.1.2 // indirect
188103
github.com/mdlayher/socket v0.5.1 // indirect
189-
github.com/mimuret/golang-iij-dpf v0.9.1 // indirect
190104
github.com/minio/crc64nvme v1.0.1 // indirect
191105
github.com/minio/md5-simd v1.1.2 // indirect
192106
github.com/mitchellh/go-homedir v1.1.0 // indirect
193-
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
194-
github.com/modern-go/reflect2 v1.0.2 // indirect
195107
github.com/muhlemmer/gu v0.3.1 // indirect
196108
github.com/muhlemmer/httpforwarded v0.1.0 // indirect
197109
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
198-
github.com/namedotcom/go v0.0.0-20180403034216-08470befbe04 // indirect
199-
github.com/nrdcg/auroradns v1.1.0 // indirect
200-
github.com/nrdcg/bunny-go v0.0.0-20240207213615-dde5bf4577a3 // indirect
201-
github.com/nrdcg/desec v0.10.0 // indirect
202-
github.com/nrdcg/dnspod-go v0.4.0 // indirect
203-
github.com/nrdcg/freemyip v0.3.0 // indirect
204-
github.com/nrdcg/goacmedns v0.2.0 // indirect
205-
github.com/nrdcg/goinwx v0.10.0 // indirect
206-
github.com/nrdcg/mailinabox v0.2.0 // indirect
207-
github.com/nrdcg/namesilo v0.2.1 // indirect
208-
github.com/nrdcg/nodion v0.1.0 // indirect
209-
github.com/nrdcg/porkbun v0.4.0 // indirect
210-
github.com/nzdjb/go-metaname v1.0.0 // indirect
211-
github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b // indirect
212-
github.com/oracle/oci-go-sdk/v65 v65.84.0 // indirect
213-
github.com/ovh/go-ovh v1.7.0 // indirect
214-
github.com/patrickmn/go-cache v2.1.0+incompatible // indirect
215110
github.com/pelletier/go-toml/v2 v2.2.3 // indirect
216-
github.com/peterhellberg/link v1.2.0 // indirect
217-
github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
218111
github.com/pkg/errors v0.9.1 // indirect
219112
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
220-
github.com/pquerna/otp v1.4.0 // indirect
221113
github.com/prometheus/client_golang v1.21.0 // indirect
222114
github.com/prometheus/client_model v0.6.1 // indirect
223115
github.com/prometheus/common v0.62.0 // indirect
224116
github.com/prometheus/procfs v0.15.1 // indirect
225-
github.com/regfish/regfish-dnsapi-go v0.1.1 // indirect
226117
github.com/rivo/uniseg v0.4.7 // indirect
227118
github.com/rs/cors v1.11.1 // indirect
228119
github.com/rs/xid v1.6.0 // indirect
229120
github.com/russross/blackfriday/v2 v2.1.0 // indirect
230-
github.com/sacloud/api-client-go v0.2.10 // indirect
231-
github.com/sacloud/go-http v0.1.9 // indirect
232-
github.com/sacloud/iaas-api-go v1.14.0 // indirect
233-
github.com/sacloud/packages-go v0.0.11 // indirect
234121
github.com/sagikazarmark/locafero v0.7.0 // indirect
235122
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
236-
github.com/scaleway/scaleway-sdk-go v1.0.0-beta.32 // indirect
237-
github.com/selectel/domains-go v1.1.0 // indirect
238-
github.com/selectel/go-selvpcclient/v3 v3.2.1 // indirect
239-
github.com/shopspring/decimal v1.4.0 // indirect
240-
github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9 // indirect
241-
github.com/softlayer/softlayer-go v1.1.7 // indirect
242-
github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e // indirect
243-
github.com/sony/gobreaker v1.0.0 // indirect
244123
github.com/sourcegraph/conc v0.3.0 // indirect
245124
github.com/spf13/afero v1.12.0 // indirect
246125
github.com/spf13/cast v1.7.1 // indirect
247126
github.com/spf13/viper v1.19.0 // indirect
248127
github.com/subosito/gotenv v1.6.0 // indirect
249-
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1108 // indirect
250-
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1108 // indirect
251-
github.com/tjfoc/gmsm v1.4.1 // indirect
252-
github.com/transip/gotransip/v6 v6.26.0 // indirect
253128
github.com/u-root/uio v0.0.0-20240224005618-d2acac8f3701 // indirect
254-
github.com/ultradns/ultradns-go-sdk v1.8.0-20241010134910-243eeec // indirect
255-
github.com/vinyldns/go-vinyldns v0.9.16 // indirect
256129
github.com/vishvananda/netns v0.0.5 // indirect
257-
github.com/volcengine/volc-sdk-golang v1.0.197 // indirect
258-
github.com/vultr/govultr/v3 v3.14.1 // indirect
259-
github.com/x448/float16 v0.8.4 // indirect
260-
github.com/yandex-cloud/go-genproto v0.0.0-20250227104522-20525f72be7d // indirect
261-
github.com/yandex-cloud/go-sdk v0.0.0-20250227104620-68cb3d5eea41 // indirect
262130
github.com/zitadel/logging v0.6.1 // indirect
263131
github.com/zitadel/schema v1.3.0 // indirect
264-
go.mongodb.org/mongo-driver v1.17.3 // indirect
265132
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
266-
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.59.0 // indirect
267133
go.opentelemetry.io/otel v1.34.0 // indirect
268134
go.opentelemetry.io/otel/metric v1.34.0 // indirect
135+
go.opentelemetry.io/otel/sdk v1.34.0 // indirect
269136
go.opentelemetry.io/otel/trace v1.34.0 // indirect
270137
go.uber.org/multierr v1.11.0 // indirect
271-
go.uber.org/ratelimit v0.3.1 // indirect
272138
golang.org/x/mod v0.23.0 // indirect
273139
golang.org/x/net v0.35.0 // indirect
274-
golang.org/x/time v0.10.0 // indirect
275-
google.golang.org/api v0.223.0 // indirect
276-
google.golang.org/genproto v0.0.0-20250224174004-546df14abb99 // indirect
277-
google.golang.org/genproto/googleapis/api v0.0.0-20250224174004-546df14abb99 // indirect
278140
google.golang.org/genproto/googleapis/rpc v0.0.0-20250224174004-546df14abb99 // indirect
279141
google.golang.org/grpc v1.70.0 // indirect
280-
gopkg.in/inf.v0 v0.9.1 // indirect
281142
gopkg.in/ini.v1 v1.67.0 // indirect
282-
gopkg.in/ns1/ns1-go.v2 v2.13.0 // indirect
283143
gopkg.in/yaml.v3 v3.0.1 // indirect
284-
k8s.io/api v0.32.2 // indirect
285-
k8s.io/apimachinery v0.32.2 // indirect
286-
k8s.io/klog/v2 v2.130.1 // indirect
287-
sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect
288-
sigs.k8s.io/structured-merge-diff/v4 v4.5.0 // indirect
289-
sigs.k8s.io/yaml v1.4.0 // indirect
290144
)

0 commit comments

Comments
 (0)