diff --git a/Makefile b/Makefile index 98054bc..ea55fef 100644 --- a/Makefile +++ b/Makefile @@ -52,11 +52,10 @@ build: rendered-manifest.yaml dependencies bin/buildversion.exe version.txt docker build --pull --rm -f "Dockerfile" -t "stuurmcp/$(IMAGE_NAME):latest" -t "stuurmcp/$(IMAGE_NAME):$(shell head -n 1 version.txt)" "." docker image push "docker.io/stuurmcp/$(IMAGE_NAME):$(shell head -n 1 version.txt)" docker image push "docker.io/stuurmcp/$(IMAGE_NAME):latest" - helm package \ - -n ix-sthome-webhook2\ - --version $(shell head -n 1 version.txt) \ - deploy/sthome-webhook \ - -d //truenas/Shared_data/Chris/clusterissuer/charts/ + helm package -n ix-sthome-webhook2 --version $(shell head -n 1 version.txt) deploy/sthome-webhook -d //truenas/Shared_data/Chris/clusterissuer/charts/ + +.PHONY: rendered-manifest.yaml +rendered-manifest.yaml: $(OUT)/rendered-manifest.yaml $(OUT)/rendered-manifest.yaml: $(HELM_FILES) | $(OUT) helm template \ @@ -65,8 +64,5 @@ $(OUT)/rendered-manifest.yaml: $(HELM_FILES) | $(OUT) --set image.tag=$(shell head -n 1 version.txt) \ deploy/sthome-webhook > $@ -.PHONY: rendered-manifest.yaml -rendered-manifest.yaml: $(OUT)/rendered-manifest.yaml - _test $(OUT) _test/kubebuilder-$(KUBEBUILDER_VERSION)-$(OS)-$(ARCH): mkdir -p $@ diff --git a/deploy/sthome-webhook/templates/deployment.yaml b/deploy/sthome-webhook/templates/deployment.yaml index dfb4d89..73d593f 100644 --- a/deploy/sthome-webhook/templates/deployment.yaml +++ b/deploy/sthome-webhook/templates/deployment.yaml @@ -94,5 +94,13 @@ spec: {{- end }} {{- with .Values.tolerations }} tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.dnsPolicy }} + dnsPolicy: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.dnsConfig }} + dnsConfig: {{ toYaml . | indent 8 }} {{- end }} diff --git a/deploy/sthome-webhook/values.yaml b/deploy/sthome-webhook/values.yaml index 81be250..3fe0c15 100644 --- a/deploy/sthome-webhook/values.yaml +++ b/deploy/sthome-webhook/values.yaml @@ -45,6 +45,23 @@ extraArgs: # dns1: 192.168.2.4 # dns2: 10.0.0.15 +dnsPolicy: None + +dnsConfig: + nameservers: + - 10.0.0.15 + - 172.17.0.10 + - 192.168.2.4 + searches: + - ix-sthome-webhook2.svc.cluster.local + - svc.cluster.local + - cluster.local + - sthome.net + - sthome.lan + options: + - name: ndots + value: "5" + replicaCount: 1 pki: diff --git a/pkg/dns/solver_local.go b/pkg/dns/solver_local.go index c3ad104..d09a1ac 100644 --- a/pkg/dns/solver_local.go +++ b/pkg/dns/solver_local.go @@ -91,7 +91,7 @@ func (loc *LocalDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error //localip := GetOutboundIP(Dnsserver_net) err = loc.Check(ch.DNSName, ch.Key) if err != nil { - klog.Infof("Check for propagation failed: %s", err) + klog.Infof("Check prop failed: %s", err) return err } success, err := Execute( @@ -160,7 +160,8 @@ func (s *LocalDNSProviderSolver) Check(DNSName string, Key string) error { return err } - klog.Info("checking DNS propagation: ", "dns: ", DNSName, ", fqdn: ", fqdn, ", key: ", Key, ", nameservers: ", DNS01Nameservers) + //klog.Info("checking DNS propagation: ", "dns: ", DNSName, ", fqdn: ", fqdn, ", key: ", Key, ", nameservers: ", DNS01Nameservers) + klog.Info("checking DNS prop: fqdn: ", fqdn) ok, err := util.PreCheckDNS(fqdn, Key, DNS01Nameservers, DNS01CheckAuthoritative) if err != nil { diff --git a/pkg/util/wait.go b/pkg/util/wait.go index 222658f..c0044b0 100644 --- a/pkg/util/wait.go +++ b/pkg/util/wait.go @@ -139,7 +139,7 @@ func checkAuthoritativeNss(fqdn, value string, nameservers []string) (bool, erro r, err := DNSQuery(fqdn, dns.TypeTXT, []string{ns}, true) //klog.Infof("checkAuthoritativeNss: DNSQuery returned \nr: %s, \nerr: %s", r, err) if err != nil { - klog.Infof("checkAuthoritativeNss: DNSQuery failed") + klog.Infof("checkAuthoritativeNss: DNSQuery failed, err: %s", err) return false, err } klog.Infof("checkAuthoritativeNss: DNSQuery succeeded with r.Rcode: %d", r.Rcode) @@ -149,8 +149,8 @@ func checkAuthoritativeNss(fqdn, value string, nameservers []string) (bool, erro return false, fmt.Errorf("NS %s returned %s for %s", ns, dns.RcodeToString[r.Rcode], fqdn) } - klog.Infof("Looking up TXT records for %q, should be = %s", fqdn, value) - //klog.Infof("checkAuthoritativeNss: r.Answer: %s", r.Answer) + klog.Infof("%q: must be %s", fqdn, value) + klog.Infof("checkAuthoritativeNss: r.Answer: %s", r.Answer) var found bool var i = 0 for _, rr := range r.Answer { @@ -388,7 +388,8 @@ func matchCAA(caas []*dns.CAA, issuerIDs map[string]bool, iswildcard bool) bool func lookupNameservers(fqdn string, nameservers []string) ([]string, error) { var authoritativeNss []string - klog.Infof("Searching fqdn %q using seed nameservers [%s]", fqdn, strings.Join(nameservers, ", ")) + //klog.Infof("Searching fqdn %q using seed nameservers [%s]", fqdn, strings.Join(nameservers, ", ")) + klog.Infof("Searching fqdn %q", fqdn) zone, err := FindZoneByFqdn(fqdn, nameservers) if err != nil { return nil, fmt.Errorf("could not determine the zone for %q: %v", fqdn, err) @@ -419,7 +420,7 @@ func FindZoneByFqdn(fqdn string, nameservers []string) (string, error) { // Do we have it cached? if zone, ok := fqdnToZone[fqdn]; ok { fqdnToZoneLock.RUnlock() - klog.Infof("Returning cached zone record %q for fqdn %q", zone, fqdn) + klog.Infof("Return zone %q for %q", zone, fqdn) return zone, nil } fqdnToZoneLock.RUnlock() diff --git a/version.txt b/version.txt index cb96bda..356ca85 100644 --- a/version.txt +++ b/version.txt @@ -1,3 +1,3 @@ -0.0.5-alpha.37 -20240411-0048 -37 \ No newline at end of file +0.0.5-alpha.43 +20240412-1356 +43 \ No newline at end of file