DNS Challenge for several domains & Gandi

(Pixys) #1


I apology in advance if this question has already been asked and answered, I looked for information on this forum but could not find anything. Also I might have misunderstood something regarding the way DNS challenge works.

I am the owner of 2 domain names and the technical admin of a 3rd one. All 3 are provided by Gandi.
These 3 domain names are bound to 3 websites hosted on the same physical server and served by a unique caddy instance.

Each domain has its own caddy config file where I specified the provider (ie Gandi) according to this doc: https://caddyserver.com/docs/automatic-https#dns-challenge

tls {
       dns gandiv5

I have also created a single environment variable GANDIV5_API_KEY in /etc/environment (caddy runs on Arch Linux).

The problem I have is that Gandi provides 1 API key per domain. I don’t know how to allocate 1 key per domain in caddy config file. Can it be solved on caddy side or should I get in touch with Gandy ?

Thank you very much for your help !

(Matthew Fay) #2

Currently there’s no way to configure Caddy to accept different DNS credentials per domain.

If Gandi support is able to provide you with a blanket API key, that would solve the issue. Otherwise you might open a feature request at the Github repo for some way to supply API keys per domain - but that’s no guarantee it’ll be implemented, let alone quickly, I’m afraid.

(Pixys) #3

OK, thank you very much. At least I know my settings are correct.
Thanks again.

(Paul Hodges) #4

If not many domains are involved, running an instance of Caddy for each domain could be a workaround (presumably subdomains could be grouped with their main domain, at least).

(Pixys) #5

When you say:

running an instance of Caddy for each domain

That means several OS as the configuration of the DNSSEC signing is tightly link to the environment variables.
I suppose I should Dockerize my little architecture…

(Paul Hodges) #6

Can you not simply set the environment variables locally in each process (I’ve done this for multiple PHP instances in my Windows server)?

(Pixys) #7

I need to investigate, I don’t know how to do that with Linux

(Matthew Fay) #8

If you’re launching via shell (script), you can set scoped environmental variables for a process by declaring them immediately before the command, e.g. FOO=bar X=y cmd -flag arg1 arg2

(Pixys) #9

OK, thanks a lot @Whitestrake