Hi, I’m looking to clarify a couple of things about DNS based ACME challenges in Caddy and the associated plugins
How do plugins interact with system package managers? I installed Caddy from the Ubuntu repository, if I update after installing the plugin will that replace the patched binary with one that doesn’t have the plugin, or will I have to manually update the binary? Can these plugins really only be used by either manually compiling Caddy using xcaddy or by downloading a precompiled package manually?
Who develops and/or verifies these plugins? They don’t seem to be first party in that they’re described as community developed, but they’re under the vaguely official sounding umbrella of “caddy-dns”, yet each individual plugin is developed by different people. I would ideally want to have a sense of who’s code I’m trusting if I’m compiling these plugins into a central service on my network.
You can use package support files from distros while using binaries you downloaded:
Plugins are statically linked (for many good reasons), so they have to be compiled into the binary.
You’re right, they’re community-maintained, and we don’t officially vet them, we just give them a place to be accessed.
This is something we’re able to do for our higher-tier sponsors (businesses, enterprises, etc).
In any case, they’re all open source, and the DNS plugins in particular are usually pretty cookie-cutter and straightforward. You can get a sense of what they’re doing pretty quickly. Some use dependencies to interact with the providers, so you can decide whether you trust the dependencies. But the Caddy module layer is very thin.
