131 lines
2.8 KiB
Go
131 lines
2.8 KiB
Go
// not implemented
|
|
package dns
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"strings"
|
|
"sync"
|
|
|
|
"github.com/cert-manager/cert-manager/pkg/acme/webhook"
|
|
acme "github.com/cert-manager/cert-manager/pkg/acme/webhook/apis/acme/v1alpha1"
|
|
"github.com/miekg/dns"
|
|
"k8s.io/client-go/kubernetes"
|
|
"k8s.io/client-go/rest"
|
|
"k8s.io/klog/v2"
|
|
)
|
|
|
|
type SthomeSolver struct {
|
|
ctx context.Context
|
|
name string
|
|
server *dns.Server
|
|
txtRecords map[string]string
|
|
secretFetcher SecretFetcher
|
|
sync.RWMutex
|
|
}
|
|
|
|
func (e *SthomeSolver) Name() string {
|
|
return e.name
|
|
}
|
|
|
|
func (e *SthomeSolver) Present(ch *acme.ChallengeRequest) error {
|
|
e.Lock()
|
|
e.txtRecords[ch.ResolvedFQDN] = ch.Key
|
|
e.Unlock()
|
|
cfg, err := LoadConfig(ch.Config)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
klog.Infof("CZ: Presenting record for %s, type: %s, uid: %s, key: %s, ns: %s, fqdn: %s, zone: %s, allowambcred: %t, cfg.secret: %s, cfg.email: %s, cfg.allowz: %s",
|
|
ch.DNSName,
|
|
ch.UID,
|
|
ch.Type,
|
|
ch.Key,
|
|
ch.ResourceNamespace,
|
|
ch.ResolvedFQDN,
|
|
ch.ResolvedZone,
|
|
ch.AllowAmbientCredentials,
|
|
cfg.APIKeySecretRef.Name,
|
|
cfg.Email,
|
|
strings.Join(cfg.AllowedZones, ","),
|
|
)
|
|
// TODO: convert shell script to golang
|
|
localip := GetOutboundIP(Dnsserver_net)
|
|
success, _ := Execute(
|
|
Shell,
|
|
AcmeAuthCmd,
|
|
"set",
|
|
ch.DNSName,
|
|
ch.ResolvedFQDN,
|
|
ch.Key,
|
|
"-l",
|
|
localip,
|
|
"-v",
|
|
)
|
|
klog.Infof("Execute set TXT returned success: %t", success)
|
|
return nil
|
|
}
|
|
|
|
func (e *SthomeSolver) CleanUp(ch *acme.ChallengeRequest) error {
|
|
e.Lock()
|
|
delete(e.txtRecords, ch.ResolvedFQDN)
|
|
e.Unlock()
|
|
localip := GetOutboundIP(Dnsserver_net)
|
|
success, _ := Execute(
|
|
Shell,
|
|
AcmeAuthCmd,
|
|
"unset",
|
|
ch.DNSName,
|
|
ch.ResolvedFQDN,
|
|
ch.Key,
|
|
"-l",
|
|
localip,
|
|
"-v",
|
|
)
|
|
klog.Infof("Execute unset TXT returned success: %t", success)
|
|
return nil
|
|
}
|
|
|
|
func (e *SthomeSolver) Initialize(kubeClientConfig *rest.Config, stopCh <-chan struct{}) error {
|
|
klog.Infof("Initializing sthome solver")
|
|
cl, err := kubernetes.NewForConfig(kubeClientConfig)
|
|
if err != nil {
|
|
return fmt.Errorf("failed to get kubernetes client: %w", err)
|
|
}
|
|
e.secretFetcher = &kubeSecretFetcher{
|
|
client: cl,
|
|
ctx: e.ctx,
|
|
}
|
|
/*
|
|
go func(done <-chan struct{}) {
|
|
<-done
|
|
if err := e.server.Shutdown(); err != nil {
|
|
fmt.Fprintf(os.Stderr, "%s\n", err.Error())
|
|
}
|
|
}(stopCh)
|
|
go func() {
|
|
if err := e.server.ListenAndServe(); err != nil {
|
|
fmt.Fprintf(os.Stderr, "%s\n", err.Error())
|
|
os.Exit(1)
|
|
}
|
|
}()
|
|
*/
|
|
klog.Infof("Sthome solver initialized")
|
|
return nil
|
|
}
|
|
|
|
func New(port string) webhook.Solver {
|
|
klog.Infof("Entering New")
|
|
e := &SthomeSolver{
|
|
name: ProviderName,
|
|
txtRecords: make(map[string]string),
|
|
}
|
|
e.server = &dns.Server{
|
|
Addr: ":" + port,
|
|
Net: "udp",
|
|
Handler: dns.HandlerFunc(e.handleDNSRequest),
|
|
}
|
|
klog.Infof("Exiting New")
|
|
return e
|
|
}
|