JnAlu
March 16, 2022, 4:53pm
1
I would like to use GitHub - joohoi/acme-dns: Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely. to serve as a CNAME to pass LE DNS challenge so I can do:
Wildcard domains
Be able to operate without needing caddy (actually the acme issuer) have access to 80/443
The last conversation about this here seems to be by @danb35 : Acme-dns for DNS validation
acme-dns seems to support the Lego client acme-dns/README.md at master · joohoi/acme-dns · GitHub
What I plan to do is:
i. Make a CNAME entry of _acme-challenge → _acme-challenge.blah.cf, at the primary domain DNSGitHub - joohoi/acme-dns: Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.
As the first step, I will simplify i-iii by using https://auth.acme-dns.io/register as shown at acme-dns/README.md at master · joohoi/acme-dns · GitHub but I’m curious about the caddy v2 integration
It should be easy to implement a libdns module for acmedns:
Caddy 2 uses a new set of interfaces for its DNS provider APIs. While there is a shim to use all the existing old ones for now , the new APIs offer better performance, leaner builds, and more capabilities. We want all providers to be ported over to the new APIs as soon as possible.
Since I do not have accounts with all DNS providers in the world, it’s up to the community to migrate to the new APIs and to maintain their implementations. This post will show you how!
Buuut I have some ideas surrounding acmedns
1 Like
JnAlu
March 16, 2022, 6:09pm
3
I’m all ears!
I’m Go ignorant and while I am more than happy to learn Go and contribute that way, are you saying the Lego client for caddy v2 won’t work with acme-dns Lego client support ?
I’m just thinking for the quickest way to see if this can be made to work - if anything in the OP is invalid, please let me know as it’s very important I understand this correctly
The lego-deprecated plugin should work fine for now, but obviously the preferred way is to use a proper libdns plugin. See here:
Caddy 2 uses a new and improved DNS provider interface for solving the ACME DNS challenge.
All you have to do is plug the service provider(s) you need into your build, then add the DNS challenge to your configuration!
Caddy download page .
Find your DNS provider in the list of modules (dns.providers.*) and select it.
Download your custom Caddy …
1 Like
JnAlu
March 16, 2022, 6:48pm
5
I need help here. The 4th/5th step: GitHub - caddy-dns/lego-deprecated: (DEPRECATED) DNS modules so Caddy can solve the ACME DNS challenge with over 75 providers
says I should replace <provider_code> with the name of this provider, but I don’t see acmedns at:
https://go-acme.github.io/lego/dns/
What should I write for:
tls {
dns lego_deprecated <provider_code>
}
JnAlu
March 16, 2022, 7:06pm
7
francislavoie:
So it’s acme-dns
AH - they have more in the sidebar
I’m still all ears
JnAlu:
I’m still all ears
Nothing to announce right now lol
system
April 15, 2022, 4:53pm
9
This topic was automatically closed after 30 days. New replies are no longer allowed.
