]>
git.proxmox.com Git - proxmox-acme.git/log
summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Thomas Lamprecht [Tue, 5 May 2020 17:18:58 +0000 (19:18 +0200)]
dns schema: move fields one level deeper
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Tue, 5 May 2020 16:34:33 +0000 (18:34 +0200)]
dns: complete OVH schema
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominik Csapak [Tue, 5 May 2020 12:38:12 +0000 (14:38 +0200)]
add note that the data has to be base64 encoded
but only via api, on the cli it is a file which contains
the data in plaintext
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Dominik Csapak [Tue, 5 May 2020 12:38:11 +0000 (14:38 +0200)]
DNSChallenge: make plugins a hash with an optional schema
so that we can use that schema to generate form fields in the gui
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Thomas Lamprecht [Mon, 4 May 2020 12:54:24 +0000 (14:54 +0200)]
plugin id: limit to 'pve-configid' format
Else one can pass almost arbitrary data as ID and break editing or
deletion of a plugin.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Sun, 3 May 2020 16:06:01 +0000 (18:06 +0200)]
bump version to 1.0.1
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Sun, 3 May 2020 16:05:29 +0000 (18:05 +0200)]
DNS Challenge: add validation-delay plugin option
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Sun, 3 May 2020 15:17:39 +0000 (17:17 +0200)]
use smart-relative gitmodule path
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Sun, 3 May 2020 15:07:44 +0000 (17:07 +0200)]
bump version to 1.0.0
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Sun, 3 May 2020 15:05:29 +0000 (17:05 +0200)]
use native source format, fix lintian complaints
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Sun, 3 May 2020 15:00:46 +0000 (17:00 +0200)]
buildsys: move submodule to src, cleanups
it's nicer as the build system is more coherent, i.e., I can do `make
install` from inside src and it actually works ;)
Use an atomic target for the build directory, else we can easily get
bogus builds.
Further use only one type of GNU make variable flavors, not both $()
and ${} mixed..
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Sun, 3 May 2020 14:49:26 +0000 (16:49 +0200)]
buildsys: sort and cleanup
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Sun, 3 May 2020 14:47:41 +0000 (16:47 +0200)]
allow to get full DNS plugins list
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Sat, 2 May 2020 16:48:07 +0000 (18:48 +0200)]
acme: variable name cleanup
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Thu, 30 Apr 2020 10:14:41 +0000 (12:14 +0200)]
d/control: add ${perl:Depends} and require pve-common > 6~
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Fabian Grünbichler [Mon, 20 Apr 2020 08:34:23 +0000 (10:34 +0200)]
bump version to 1.0.0-1
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Mon, 20 Apr 2020 08:05:01 +0000 (10:05 +0200)]
d/control: add B+R libpve-common-perl
since we takeover the perl modules
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Mon, 20 Apr 2020 08:00:38 +0000 (10:00 +0200)]
d/control: wrap-and-sort
Fabian Grünbichler [Fri, 17 Apr 2020 13:11:05 +0000 (15:11 +0200)]
proxmox-acme: fix readaccountconf
by switching to bash and echoing the values passed in from the plugin
config.
plugins like the OVH config attempt to detect and handle changed config
by comparing set env variables and values stored in the config, leading
to confusing output otherwise.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Fri, 17 Apr 2020 13:09:34 +0000 (15:09 +0200)]
dns plugin: improve 'data' string encoding/passing
encode the full multi-line string as base64 single-line string on
each config write, and decode at config parse time. pass both the data
key/value pairs and the secret txtvalue via STDIN instead of as command
line arguments.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Fri, 17 Apr 2020 12:42:24 +0000 (14:42 +0200)]
dns plugin: reset environment
in addition to switching to nobody:nogroup, to reduce things exposed to
the dnsapi plugins
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Fri, 17 Apr 2020 12:31:49 +0000 (14:31 +0200)]
plugins: remove get_subplugins
it's unused, and the only plugin that has such functionality already
encodes the possible values as enum in the schema anyway..
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Fri, 17 Apr 2020 12:27:42 +0000 (14:27 +0200)]
plugins: unify extract_challenge
we have a list of supported challenge types per plugin, so we only need
one generic implementation.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Fri, 17 Apr 2020 07:39:50 +0000 (09:39 +0200)]
plugins: refactor setup/teardown signatures
and move handling of tokens/key_auths to plugins, since it's not bound
to be identical for all challenge types forever.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Thu, 16 Apr 2020 18:47:55 +0000 (20:47 +0200)]
dns plugin: use non-usrmerged path for bash
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Thu, 16 Apr 2020 18:45:04 +0000 (20:45 +0200)]
dns plugin: make data optional
it might be hard-coded in a (modified) plugin, or not needed
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Thu, 16 Apr 2020 18:10:32 +0000 (20:10 +0200)]
protocol: request validation with empty body
including the key authorization is deprecated and will be removed at
some point, might as well clean that up now to be prepared.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Thu, 16 Apr 2020 18:07:33 +0000 (20:07 +0200)]
config: always define a 'standalone' plugin instance
so that consumers can fallback to it
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Wolfgang Link [Wed, 8 Apr 2020 09:06:10 +0000 (11:06 +0200)]
Implement function to resolve all subplugins
This function helps to retrieve all subplugins
that are supported by the plugins.
This will later be used as an enumeration for entering parameters.
Wolfgang Link [Tue, 31 Mar 2020 06:53:45 +0000 (08:53 +0200)]
Add debug mode
This can be used at setup time to get feedback on the DNS plugin parameters.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Tue, 31 Mar 2020 07:01:06 +0000 (09:01 +0200)]
Add DNSChallenge Plugin
This plugin calls the custom script acme.sh and uses the implementation of the DNS API.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Mon, 6 Apr 2020 06:35:06 +0000 (08:35 +0200)]
Use the caller's data instead of extracting it yourself.
Add the server in the data structure to return it.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Tue, 7 Apr 2020 08:40:02 +0000 (10:40 +0200)]
Create the plugin config.
At the moment, Proxmox has two different configurations that require different properties.
DNSChallange requires credentials for the DNSAPI.
Standalone has no settings because Letsencrypt only supports port 80 with the http-01 challenge.
This configuration is registered in the pve-manager.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Mon, 6 Apr 2020 11:30:23 +0000 (13:30 +0200)]
Refactor extract_callenge for code reuse.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Tue, 31 Mar 2020 06:39:28 +0000 (08:39 +0200)]
Move code from pve-common
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Fri, 3 Apr 2020 11:16:19 +0000 (13:16 +0200)]
Add submodule acme.sh for DNS plugins
Copy the DNS plugins form acme.sh
The project acme.sh can be found here.
https://github.com/Neilpang/acme.sh
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Thu, 2 Apr 2020 12:32:11 +0000 (14:32 +0200)]
Implement feature setup and teardown functionality.
We use these functions to add and remove a txt record via the dnsapi.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Mon, 6 Apr 2020 04:48:38 +0000 (06:48 +0200)]
Add funtion to set DNSAPI variable
acme.sh DNS plugins expect a configuration in which the login information
is stored.
We pass the credentials with the command.
This function supports the expected behavior of the plugins.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Tue, 31 Mar 2020 06:38:50 +0000 (08:38 +0200)]
Remove unnecessary Code and fixes.
This Code is not required in the Proxmox environment.
We know in our environment what we have as a tool-change.
Fix Code what does not work because variable or functions are missing.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Tue, 31 Mar 2020 06:38:22 +0000 (08:38 +0200)]
Copy the needed function form acme.sh
For the thin wrapper around acme.sh DNS plugins, the required functions are copied.
The project acme.sh can be found here.
https://github.com/Neilpang/acme.sh
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Thu, 2 Apr 2020 12:29:16 +0000 (14:29 +0200)]
Add Debian Buildsystem config
Signed-off-by: Wolfgang Link <w.link@proxmox.com>