Troubleshooting DNS01

2024-04-02 01:37:21 +02:00 · 2024-04-02 01:37:21 +02:00 · 977ca6a544
commit 977ca6a544
parent e064ae8dad
8 changed files with 33 additions and 52 deletions
--- a/8
+++ b/8
@ -4,6 +4,7 @@ FROM golang:1.21-alpine3.18 AS build_deps
 ENV RUNNING_IN_DOCKER true
 ENV DEBIAN_FRONTEND=noninteractive
 ENV TZ="Africa/Johannesburg"
+ENV WEBROOT=/webroot

 # Set up ZSH and our preferred terminal environment for containers
 RUN apk add --no-cache git 
@ -35,9 +36,10 @@ RUN apk add --no-cache alpine-conf && \
    setup-timezone -z Africa/Johannesburg 
 #    chmod 0644 /etc/krb5.conf

-#RUN  mkdir -p /app
-#COPY ./config/updatedns.sh /app
-#RUN chmod 0744 /app/updatedns.sh
+ENV RUNNING_IN_DOCKER true
+ENV DEBIAN_FRONTEND=noninteractive
+ENV TZ="Africa/Johannesburg"
+ENV WEBROOT=/webroot

 COPY --from=build /workspace/webhook /usr/local/bin/webhook

--- a/config/bash.sh
+++ b/config/bash.sh
@ -27,3 +27,4 @@ alias dnsupd=/acme/updatedns.sh
 export PATH=/root/bin:$PATH:/acme
 export FRONTEND=noninteractive
 export TZ=Africa/Johannesburg
+export WEBROOT=/webroot
--- a/config/zsh.sh
+++ b/config/zsh.sh
@ -32,3 +32,4 @@ alias dnsupd=/acme/updatedns.sh
 # alias mv='mv -i'
 # alias rm='rm -i'
 export PATH=/root/bin:$PATH
+export WEBROOT=/webroot
--- a/deploy/sthome-webhook/Chart.yaml
+++ b/deploy/sthome-webhook/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: v0.0.4-alpha.86
+appVersion: v0.0.4-alpha.93
 description: Cert-Manager webhook for sthome
 name: sthome-webhook
-version: 0.0.4-alpha.86
+version: 0.0.4-alpha.93
--- a/deploy/sthome-webhook/templates/deployment.yaml
+++ b/deploy/sthome-webhook/templates/deployment.yaml
@ -60,6 +60,9 @@ spec:
            - name: workdir
              mountPath: /workdir
              readOnly: false
+            - name: webroot
+              mountPath: /webroot
+              readOnly: false
          resources:
 {{ toYaml .Values.resources | indent 12 }}
      volumes:
@ -71,8 +74,10 @@ spec:
            path: {{ .Values.host.scriptdir }}
        - name: workdir
          hostPath:
-            path: {{ .Values.host.workdir}}
-
+            path: {{ .Values.host.workdir }}
+        - name: webroot
+          hostPath:
+            path: {{ .Values.host.webrootdir }}

    {{- with .Values.nodeSelector }}
      nodeSelector:
--- a/deploy/sthome-webhook/values.yaml
+++ b/deploy/sthome-webhook/values.yaml
@ -31,7 +31,7 @@ clusterIssuer:
 image:
  repository: stuurmcp/cert-manager-webhook-sthome
  #repository: wstat.sthome.net:5000/cert-manager-webhook-sthome
-  tag: 0.0.4-alpha.86
+  tag: 0.0.4-alpha.93
  #pullPolicy should be IfNotPresent. Set to Always for testing purposes
  pullPolicy: IfNotPresent

@ -50,6 +50,7 @@ pki:
 host:
  workdir: /mnt/stpool1/scripts/acme/cert-manager-webhook-sthome
  scriptdir: /mnt/stpool1/scripts/acme
+  webrootdir: /mnt/stpool1/apps/static-web-server

 secret:
  accessKey: ""
--- a/sthome/solver_local.go
+++ b/sthome/solver_local.go
@ -15,7 +15,7 @@ import (
 const (
 	providerName = "sthome"
 	shell        = "/bin/bash"
-	dnsUpdaterScriptCmd = "/acme/updatedns.sh"
+	acmeAuthCmd  = "/acme/acmeauth.sh"

 	dnsserver_net  = "10.0.0.15"
 	dnsserver_lan  = "192.168.2.1"
@ -86,31 +86,16 @@ func (loc *LocalDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error
 	// shell command
 	settxtcommand := []string{
 		shell,
-		dnsUpdaterScriptCmd,
-		"-set",
-		".net",
+		acmeAuthCmd,
+		"set",
 		ch.DNSName,
-		"TXT",
+		ch.ResolvedFQDN,
 		ch.Key,
-		"-v",
 		"-l",
 		localip,
-	}
-	unsetcnamecommand := []string{
-		shell,
-		dnsUpdaterScriptCmd,
-		"-unset",
-		".net",
-		ch.DNSName,
-		"CNAME",
-		hostserver_net,
 		"-v",
-		"-l",
-		localip,
 	}
-	success, _ := Execute(shell, unsetcnamecommand)
-	klog.Infof("Execute unset CNAME returned success: %t", success)
-	success, _ = Execute(shell, settxtcommand)
+	success, _ := Execute(shell, settxtcommand)
 	klog.Infof("Execute set TXT returned success: %t", success)
 	return nil
 }
@ -122,37 +107,23 @@ func (loc *LocalDNSProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error
 // This is in order to facilitate multiple DNS validations for the same domain
 // concurrently.
 func (loc *LocalDNSProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error {
+	//domainName := extractDomainName(ch.ResolvedZone)
 	// TODO: add code that deletes a record from the DNS provider's console
 	localip := getOutboundIP(dnsserver_net)
 	// shell command
 	unsetxtcommand := []string{
 		shell,
-		dnsUpdaterScriptCmd,
-		"-unset",
-		".net",
+		acmeAuthCmd,
+		"unset",
 		ch.DNSName,
-		"TXT",
+		ch.ResolvedFQDN,
 		ch.Key,
-		"-v",
 		"-l",
 		localip,
-	}
-	setcnamecommand := []string{
-		shell,
-		dnsUpdaterScriptCmd,
-		"-set",
-		".net",
-		ch.DNSName,
-		"CNAME",
-		hostserver_net,
 		"-v",
-		"-l",
-		localip,
 	}
 	success, _ := Execute(shell, unsetxtcommand)
 	klog.Infof("Execute unset TXT returned success: %t", success)
-	success, _ = Execute(shell, setcnamecommand)
-	klog.Infof("Execute set CNAME returned success: %t", success)
 	return nil
 }

--- a/version.txt
+++ b/version.txt
@ -1,3 +1,3 @@
-0.0.4-alpha.86
-20240331-2359
-86
+0.0.4-alpha.93
+20240401-2346
+93