TRKJ/EdgeAPI
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeAPI.git synced 2025-11-05 01:20:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

通过DNS方式申请ACME证书时支持二级域名

Browse Source
This commit is contained in:
GoEdgeLab
2021-09-08 18:23:37 +08:00
parent eb37493af2
commit b3cbba935b
3 changed files with 13 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
internal/acme/dns_provider.go
View File

@@ -9,28 +9,32 @@ import (
) )
type DNSProvider struct { type DNSProvider struct {
raw dnsclients.ProviderInterface raw dnsclients.ProviderInterface
dnsDomain string
} }
func NewDNSProvider(raw dnsclients.ProviderInterface) *DNSProvider { func NewDNSProvider(raw dnsclients.ProviderInterface, dnsDomain string) *DNSProvider {
return &DNSProvider{raw: raw} return &DNSProvider{
raw: raw,
dnsDomain: dnsDomain,
}
} }
func (this *DNSProvider) Present(domain, token, keyAuth string) error { func (this *DNSProvider) Present(domain, token, keyAuth string) error {
fqdn, value := dns01.GetRecord(domain, keyAuth) fqdn, value := dns01.GetRecord(domain, keyAuth)
// 设置记录 // 设置记录
index := strings.Index(fqdn, "."+domain) index := strings.Index(fqdn, "."+this.dnsDomain)
if index < 0 { if index < 0 {
return errors.New("invalid fqdn value") return errors.New("invalid fqdn value")
} }
recordName := fqdn[:index] recordName := fqdn[:index]
record, err := this.raw.QueryRecord(domain, recordName, dnstypes.RecordTypeTXT) record, err := this.raw.QueryRecord(this.dnsDomain, recordName, dnstypes.RecordTypeTXT)
if err != nil { if err != nil {
return errors.New("query DNS record failed: " + err.Error()) return errors.New("query DNS record failed: " + err.Error())
} }
if record == nil { if record == nil {
err = this.raw.AddRecord(domain, &dnstypes.Record{ err = this.raw.AddRecord(this.dnsDomain, &dnstypes.Record{
Id: "", Id: "",
Name: recordName, Name: recordName,
Type: dnstypes.RecordTypeTXT, Type: dnstypes.RecordTypeTXT,
@@ -41,7 +45,7 @@ func (this *DNSProvider) Present(domain, token, keyAuth string) error {
return errors.New("create DNS record failed: " + err.Error()) return errors.New("create DNS record failed: " + err.Error())
} }
} else { } else {
err = this.raw.UpdateRecord(domain, record, &dnstypes.Record{ err = this.raw.UpdateRecord(this.dnsDomain, record, &dnstypes.Record{
Name: recordName, Name: recordName,
Type: dnstypes.RecordTypeTXT, Type: dnstypes.RecordTypeTXT,
Value: value, Value: value,

2
internal/acme/request.go
View File

@@ -92,7 +92,7 @@ func (this *Request) runDNS() (certData []byte, keyData []byte, err error) {
} }
} }
err = client.Challenge.SetDNS01Provider(NewDNSProvider(this.task.DNSProvider)) err = client.Challenge.SetDNS01Provider(NewDNSProvider(this.task.DNSProvider, this.task.DNSDomain))
if err != nil { if err != nil {
return nil, nil, err return nil, nil, err
} }

2
internal/acme/request_test.go
View File

@@ -42,7 +42,7 @@ func TestRequest_Run_DNS(t *testing.T) {
AuthType: AuthTypeDNS, AuthType: AuthTypeDNS,
DNSProvider: dnsProvider, DNSProvider: dnsProvider,
DNSDomain: "yun4s.cn", DNSDomain: "yun4s.cn",
Domains: []string{"yun4s.cn"}, Domains: []string{"www.yun4s.cn"},
}) })
certData, keyData, err := req.Run() certData, keyData, err := req.Run()
if err != nil { if err != nil {