More DNS settings changes
This commit is contained in:
parent
8fde28b44c
commit
8b78b490c3
12
Makefile
12
Makefile
@ -52,11 +52,10 @@ build: rendered-manifest.yaml dependencies bin/buildversion.exe version.txt
|
||||
docker build --pull --rm -f "Dockerfile" -t "stuurmcp/$(IMAGE_NAME):latest" -t "stuurmcp/$(IMAGE_NAME):$(shell head -n 1 version.txt)" "."
|
||||
docker image push "docker.io/stuurmcp/$(IMAGE_NAME):$(shell head -n 1 version.txt)"
|
||||
docker image push "docker.io/stuurmcp/$(IMAGE_NAME):latest"
|
||||
helm package \
|
||||
-n ix-sthome-webhook2\
|
||||
--version $(shell head -n 1 version.txt) \
|
||||
deploy/sthome-webhook \
|
||||
-d //truenas/Shared_data/Chris/clusterissuer/charts/
|
||||
helm package -n ix-sthome-webhook2 --version $(shell head -n 1 version.txt) deploy/sthome-webhook -d //truenas/Shared_data/Chris/clusterissuer/charts/
|
||||
|
||||
.PHONY: rendered-manifest.yaml
|
||||
rendered-manifest.yaml: $(OUT)/rendered-manifest.yaml
|
||||
|
||||
$(OUT)/rendered-manifest.yaml: $(HELM_FILES) | $(OUT)
|
||||
helm template \
|
||||
@ -65,8 +64,5 @@ $(OUT)/rendered-manifest.yaml: $(HELM_FILES) | $(OUT)
|
||||
--set image.tag=$(shell head -n 1 version.txt) \
|
||||
deploy/sthome-webhook > $@
|
||||
|
||||
.PHONY: rendered-manifest.yaml
|
||||
rendered-manifest.yaml: $(OUT)/rendered-manifest.yaml
|
||||
|
||||
_test $(OUT) _test/kubebuilder-$(KUBEBUILDER_VERSION)-$(OS)-$(ARCH):
|
||||
mkdir -p $@
|
||||
|
||||
@ -94,5 +94,13 @@ spec:
|
||||
{{- end }}
|
||||
{{- with .Values.tolerations }}
|
||||
tolerations:
|
||||
{{ toYaml . | indent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.dnsPolicy }}
|
||||
dnsPolicy:
|
||||
{{ toYaml . | indent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.dnsConfig }}
|
||||
dnsConfig:
|
||||
{{ toYaml . | indent 8 }}
|
||||
{{- end }}
|
||||
|
||||
@ -45,6 +45,23 @@ extraArgs:
|
||||
# dns1: 192.168.2.4
|
||||
# dns2: 10.0.0.15
|
||||
|
||||
dnsPolicy: None
|
||||
|
||||
dnsConfig:
|
||||
nameservers:
|
||||
- 10.0.0.15
|
||||
- 172.17.0.10
|
||||
- 192.168.2.4
|
||||
searches:
|
||||
- ix-sthome-webhook2.svc.cluster.local
|
||||
- svc.cluster.local
|
||||
- cluster.local
|
||||
- sthome.net
|
||||
- sthome.lan
|
||||
options:
|
||||
- name: ndots
|
||||
value: "5"
|
||||
|
||||
replicaCount: 1
|
||||
|
||||
pki:
|
||||
|
||||
@ -91,7 +91,7 @@ func (loc *LocalDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error
|
||||
//localip := GetOutboundIP(Dnsserver_net)
|
||||
err = loc.Check(ch.DNSName, ch.Key)
|
||||
if err != nil {
|
||||
klog.Infof("Check for propagation failed: %s", err)
|
||||
klog.Infof("Check prop failed: %s", err)
|
||||
return err
|
||||
}
|
||||
success, err := Execute(
|
||||
@ -160,7 +160,8 @@ func (s *LocalDNSProviderSolver) Check(DNSName string, Key string) error {
|
||||
return err
|
||||
}
|
||||
|
||||
klog.Info("checking DNS propagation: ", "dns: ", DNSName, ", fqdn: ", fqdn, ", key: ", Key, ", nameservers: ", DNS01Nameservers)
|
||||
//klog.Info("checking DNS propagation: ", "dns: ", DNSName, ", fqdn: ", fqdn, ", key: ", Key, ", nameservers: ", DNS01Nameservers)
|
||||
klog.Info("checking DNS prop: fqdn: ", fqdn)
|
||||
|
||||
ok, err := util.PreCheckDNS(fqdn, Key, DNS01Nameservers, DNS01CheckAuthoritative)
|
||||
if err != nil {
|
||||
|
||||
@ -139,7 +139,7 @@ func checkAuthoritativeNss(fqdn, value string, nameservers []string) (bool, erro
|
||||
r, err := DNSQuery(fqdn, dns.TypeTXT, []string{ns}, true)
|
||||
//klog.Infof("checkAuthoritativeNss: DNSQuery returned \nr: %s, \nerr: %s", r, err)
|
||||
if err != nil {
|
||||
klog.Infof("checkAuthoritativeNss: DNSQuery failed")
|
||||
klog.Infof("checkAuthoritativeNss: DNSQuery failed, err: %s", err)
|
||||
return false, err
|
||||
}
|
||||
klog.Infof("checkAuthoritativeNss: DNSQuery succeeded with r.Rcode: %d", r.Rcode)
|
||||
@ -149,8 +149,8 @@ func checkAuthoritativeNss(fqdn, value string, nameservers []string) (bool, erro
|
||||
return false, fmt.Errorf("NS %s returned %s for %s", ns, dns.RcodeToString[r.Rcode], fqdn)
|
||||
}
|
||||
|
||||
klog.Infof("Looking up TXT records for %q, should be = %s", fqdn, value)
|
||||
//klog.Infof("checkAuthoritativeNss: r.Answer: %s", r.Answer)
|
||||
klog.Infof("%q: must be %s", fqdn, value)
|
||||
klog.Infof("checkAuthoritativeNss: r.Answer: %s", r.Answer)
|
||||
var found bool
|
||||
var i = 0
|
||||
for _, rr := range r.Answer {
|
||||
@ -388,7 +388,8 @@ func matchCAA(caas []*dns.CAA, issuerIDs map[string]bool, iswildcard bool) bool
|
||||
func lookupNameservers(fqdn string, nameservers []string) ([]string, error) {
|
||||
var authoritativeNss []string
|
||||
|
||||
klog.Infof("Searching fqdn %q using seed nameservers [%s]", fqdn, strings.Join(nameservers, ", "))
|
||||
//klog.Infof("Searching fqdn %q using seed nameservers [%s]", fqdn, strings.Join(nameservers, ", "))
|
||||
klog.Infof("Searching fqdn %q", fqdn)
|
||||
zone, err := FindZoneByFqdn(fqdn, nameservers)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("could not determine the zone for %q: %v", fqdn, err)
|
||||
@ -419,7 +420,7 @@ func FindZoneByFqdn(fqdn string, nameservers []string) (string, error) {
|
||||
// Do we have it cached?
|
||||
if zone, ok := fqdnToZone[fqdn]; ok {
|
||||
fqdnToZoneLock.RUnlock()
|
||||
klog.Infof("Returning cached zone record %q for fqdn %q", zone, fqdn)
|
||||
klog.Infof("Return zone %q for %q", zone, fqdn)
|
||||
return zone, nil
|
||||
}
|
||||
fqdnToZoneLock.RUnlock()
|
||||
|
||||
@ -1,3 +1,3 @@
|
||||
0.0.5-alpha.37
|
||||
20240411-0048
|
||||
37
|
||||
0.0.5-alpha.43
|
||||
20240412-1356
|
||||
43
|
||||
Loading…
Reference in New Issue
Block a user