[pve-devel] RFC for ACME DNS Challenge
Wolfgang Link
w.link at proxmox.com
Wed Oct 23 09:41:42 CEST 2019
On 10/23/19 9:37 AM, Fabian Grünbichler wrote:
> LGTM in general, comments inline
>
> On October 23, 2019 8:38 am, Wolfgang Link wrote:
>> Files:
>>
>> ./src/PVE/.. --> /usr/share/perl5/PVE/..
>> ./src/PVE/ACME.pm
>> ./src/PVE/ACME/Challenge.pm
>> ./src/PVE/ACME/Standalone.pm
>> ./src/PVE/ACME/DNS.pm
>>
>> ./src/pve-acme/dnsapi/dns*.sh --> /usr/share/pve-acme/dnsapi/*
>> ./src/pve-acme/pve-acme --> /usr/share/pve-acme/...
> might make sense to get an additional ACK for this from Thomas
>
>> Config:
>>
>> Plugin Config
>> path: /etc/pve/priv/plugins.cfg
>>
>> standalone: http80
>> port 80
>>
>> dns: ovh1
>> api ovh
>> data encode_text("KEY1=foobar\nKEY2=foobaz")
>> nodes node1
>>
>> dns: ovh2
>> api ovh
>> data encode_text("KEY1=barfoo\nKEY2=foobaz")
>> nodes node2
>>
>> Node Domain Config
>> path: /etc/pve/nodes/<nodename>/config
>>
>> acme: account=default
>> acme_domain0: domain.com,plugin=plugin_id1,alias=alias1
>> acme_domain1: domain2.com
> as well as for this. it might also be nicer to have
>
> acme: account=default,domain=example.com,plugin=plugin_id1,alias=alias.com
> acme_additional_domain1: another-example.com,plugin=plugin_id2
> acme_additional_domain2: www.example.com,plugin=plugin_id1,alias=alias.com
>
> that way the default case (1 domain, default standalone plugin, no
> alias):
>
> acme: account=default,domain=example.com
>
> remains short and simple. either way is okay for me though.
>
>> ACME Account Conf
>> path: /etc/pve/priv/acme/default
>>
>>
>> ACME interface for setup and teardown
>>
>> acme --setup --plugin-conf $plugin_conf_string --plugin foo --domain $domain --txtvalue $txtvalue
>> acme --teardown --plugin-conf $plugin_conf_string --plugin foo --domain $domain --txtvalue $txtvalue
>>
More information about the pve-devel
mailing list