feat: Replace HTTP01 by DNS01
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
This commit is contained in:
@@ -18,7 +18,7 @@ import (
|
||||
"git.polynom.me/rio/internal/server"
|
||||
|
||||
"code.gitea.io/sdk/gitea"
|
||||
"github.com/go-acme/lego/v4/challenge/http01"
|
||||
legodns "github.com/go-acme/lego/v4/providers/dns"
|
||||
log "github.com/sirupsen/logrus"
|
||||
"github.com/urfave/cli/v2"
|
||||
)
|
||||
@@ -84,8 +84,7 @@ func runServer(ctx *cli.Context) error {
|
||||
acmeEmail := ctx.String("acme-email")
|
||||
acmeServer := ctx.String("acme-server")
|
||||
acmeFile := ctx.String("acme-file")
|
||||
acmeHost := ctx.String("acme-host")
|
||||
acmePort := ctx.String("acme-port")
|
||||
acmeDnsProvider := ctx.String("acme-dns-provider")
|
||||
acmeDisable := ctx.Bool("acme-disable")
|
||||
defaultCsp := ctx.String("default-csp")
|
||||
|
||||
@@ -119,8 +118,8 @@ func runServer(ctx *cli.Context) error {
|
||||
}
|
||||
|
||||
if !acmeDisable {
|
||||
if acmeEmail == "" || acmeFile == "" || certsFile == "" {
|
||||
return errors.New("The options acme-file, acme-email, and certs-file are required")
|
||||
if acmeEmail == "" || acmeFile == "" || certsFile == "" || acmeDnsProvider == "" {
|
||||
return errors.New("The options acme-dns-provider, acme-file, acme-email, and certs-file are required")
|
||||
}
|
||||
|
||||
cache, err := certificates.CertificateCacheFromFile(certsFile)
|
||||
@@ -154,12 +153,15 @@ func runServer(ctx *cli.Context) error {
|
||||
log.Info("ACME client data read from disk")
|
||||
}
|
||||
|
||||
// Set up the HTTP01 listener
|
||||
err = acmeClient.Challenge.SetHTTP01Provider(
|
||||
http01.NewProviderServer(acmeHost, acmePort),
|
||||
)
|
||||
// Set up the DNS01 challenge solver
|
||||
provider, err := legodns.NewDNSChallengeProviderByName(acmeDnsProvider)
|
||||
if err != nil {
|
||||
log.Fatalf("Failed to setup HTTP01 challenge listener: %v", err)
|
||||
log.Fatalf("Failed to create DNS01 challenge provider: %v", err)
|
||||
return err
|
||||
}
|
||||
err = acmeClient.Challenge.SetDNS01Provider(provider)
|
||||
if err != nil {
|
||||
log.Fatalf("Failed to setup DNS01 challenge solver: %v", err)
|
||||
return err
|
||||
}
|
||||
|
||||
@@ -204,17 +206,11 @@ func main() {
|
||||
Value: "8888",
|
||||
},
|
||||
&cli.StringFlag{
|
||||
Name: "acme-host",
|
||||
Usage: "The host to bind to for ACME challenges",
|
||||
EnvVars: []string{"ACME_HOST"},
|
||||
Name: "acme-dns-provider",
|
||||
Usage: "The provider to use for DNS01 challenge solving",
|
||||
EnvVars: []string{"ACME_DNS_PROVIDER"},
|
||||
Value: "",
|
||||
},
|
||||
&cli.StringFlag{
|
||||
Name: "acme-port",
|
||||
Usage: "The port to listen on for ACME challenges",
|
||||
EnvVars: []string{"ACME_PORT"},
|
||||
Value: "8889",
|
||||
},
|
||||
&cli.StringFlag{
|
||||
Name: "pages-domain",
|
||||
Usage: "The domain on which the server is reachable",
|
||||
|
||||
Reference in New Issue
Block a user