]>
git.proxmox.com Git - proxmox-acme.git/log
summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Fabian Grünbichler [Mon, 20 Apr 2020 08:34:23 +0000 (10:34 +0200)]
bump version to 1.0.0-1
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Mon, 20 Apr 2020 08:05:01 +0000 (10:05 +0200)]
d/control: add B+R libpve-common-perl
since we takeover the perl modules
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Mon, 20 Apr 2020 08:00:38 +0000 (10:00 +0200)]
d/control: wrap-and-sort
Fabian Grünbichler [Fri, 17 Apr 2020 13:11:05 +0000 (15:11 +0200)]
proxmox-acme: fix readaccountconf
by switching to bash and echoing the values passed in from the plugin
config.
plugins like the OVH config attempt to detect and handle changed config
by comparing set env variables and values stored in the config, leading
to confusing output otherwise.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Fri, 17 Apr 2020 13:09:34 +0000 (15:09 +0200)]
dns plugin: improve 'data' string encoding/passing
encode the full multi-line string as base64 single-line string on
each config write, and decode at config parse time. pass both the data
key/value pairs and the secret txtvalue via STDIN instead of as command
line arguments.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Fri, 17 Apr 2020 12:42:24 +0000 (14:42 +0200)]
dns plugin: reset environment
in addition to switching to nobody:nogroup, to reduce things exposed to
the dnsapi plugins
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Fri, 17 Apr 2020 12:31:49 +0000 (14:31 +0200)]
plugins: remove get_subplugins
it's unused, and the only plugin that has such functionality already
encodes the possible values as enum in the schema anyway..
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Fri, 17 Apr 2020 12:27:42 +0000 (14:27 +0200)]
plugins: unify extract_challenge
we have a list of supported challenge types per plugin, so we only need
one generic implementation.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Fri, 17 Apr 2020 07:39:50 +0000 (09:39 +0200)]
plugins: refactor setup/teardown signatures
and move handling of tokens/key_auths to plugins, since it's not bound
to be identical for all challenge types forever.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Thu, 16 Apr 2020 18:47:55 +0000 (20:47 +0200)]
dns plugin: use non-usrmerged path for bash
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Thu, 16 Apr 2020 18:45:04 +0000 (20:45 +0200)]
dns plugin: make data optional
it might be hard-coded in a (modified) plugin, or not needed
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Thu, 16 Apr 2020 18:10:32 +0000 (20:10 +0200)]
protocol: request validation with empty body
including the key authorization is deprecated and will be removed at
some point, might as well clean that up now to be prepared.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Thu, 16 Apr 2020 18:07:33 +0000 (20:07 +0200)]
config: always define a 'standalone' plugin instance
so that consumers can fallback to it
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Wolfgang Link [Wed, 8 Apr 2020 09:06:10 +0000 (11:06 +0200)]
Implement function to resolve all subplugins
This function helps to retrieve all subplugins
that are supported by the plugins.
This will later be used as an enumeration for entering parameters.
Wolfgang Link [Tue, 31 Mar 2020 06:53:45 +0000 (08:53 +0200)]
Add debug mode
This can be used at setup time to get feedback on the DNS plugin parameters.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Tue, 31 Mar 2020 07:01:06 +0000 (09:01 +0200)]
Add DNSChallenge Plugin
This plugin calls the custom script acme.sh and uses the implementation of the DNS API.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Mon, 6 Apr 2020 06:35:06 +0000 (08:35 +0200)]
Use the caller's data instead of extracting it yourself.
Add the server in the data structure to return it.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Tue, 7 Apr 2020 08:40:02 +0000 (10:40 +0200)]
Create the plugin config.
At the moment, Proxmox has two different configurations that require different properties.
DNSChallange requires credentials for the DNSAPI.
Standalone has no settings because Letsencrypt only supports port 80 with the http-01 challenge.
This configuration is registered in the pve-manager.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Mon, 6 Apr 2020 11:30:23 +0000 (13:30 +0200)]
Refactor extract_callenge for code reuse.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Tue, 31 Mar 2020 06:39:28 +0000 (08:39 +0200)]
Move code from pve-common
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Fri, 3 Apr 2020 11:16:19 +0000 (13:16 +0200)]
Add submodule acme.sh for DNS plugins
Copy the DNS plugins form acme.sh
The project acme.sh can be found here.
https://github.com/Neilpang/acme.sh
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Thu, 2 Apr 2020 12:32:11 +0000 (14:32 +0200)]
Implement feature setup and teardown functionality.
We use these functions to add and remove a txt record via the dnsapi.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Mon, 6 Apr 2020 04:48:38 +0000 (06:48 +0200)]
Add funtion to set DNSAPI variable
acme.sh DNS plugins expect a configuration in which the login information
is stored.
We pass the credentials with the command.
This function supports the expected behavior of the plugins.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Tue, 31 Mar 2020 06:38:50 +0000 (08:38 +0200)]
Remove unnecessary Code and fixes.
This Code is not required in the Proxmox environment.
We know in our environment what we have as a tool-change.
Fix Code what does not work because variable or functions are missing.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Tue, 31 Mar 2020 06:38:22 +0000 (08:38 +0200)]
Copy the needed function form acme.sh
For the thin wrapper around acme.sh DNS plugins, the required functions are copied.
The project acme.sh can be found here.
https://github.com/Neilpang/acme.sh
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Thu, 2 Apr 2020 12:29:16 +0000 (14:29 +0200)]
Add Debian Buildsystem config
Signed-off-by: Wolfgang Link <w.link@proxmox.com>