caddy-dns / hetzner Goto Github PK
View Code? Open in Web Editor NEWCaddy module: dns.providers.hetzner
License: MIT License
Caddy module: dns.providers.hetzner
License: MIT License
I accidentally uploaded the wrong branch and github uses the first branch as default. Could you please change the default branch to master
I am coming from
Here it is stated that the cause is the dns provider.
In short it seems to be that the implementation generates duplicate entries if used for A/AAAA entries.
Within the linked issue it is stated, that it is a problem of the dns provider.
Thank you!
Hi @matthiasng,
this is a follow up of issue #128 (Please provide github.com/caddy-dns/hetzner
module from your download section).
@francislavoie commented here, that the creator/maintainer of this module (which I presume is you:)) should:
github.com/caddy-dns/hetzner
packagegithub.com/caddy-dns/hetzner
as an extra package on https://caddyserver.com/download
Thanks for your work creating the hetzner-dns package
Denis Brodbeck
I'm trying to use Let's Encrypt certificates in my internal network, so I'm using DNS challenges to obtain them. However, when using sub-subdomains (e.g. abc.def.example.com), this module does not find the correct zone.
I'm using Caddy with the builder image in a Docker environment. Using sub-subdomains on a Cloudflare-managed domain worked in the same environment.
Caddyfile (redacted):
abc.def.example.com {
reverse_proxy http://localhost:1234
tls {
dns hetzner <CHALLENGE>
}
}
Log output (domains changed accordingly):
{"level":"info","ts":1602725241.0834517,"logger":"tls.obtain","msg":"acquiring lock","identifier":"abc.def.example.com"}
{"level":"info","ts":1602725241.0839012,"logger":"tls.obtain","msg":"lock acquired","identifier":"abc.def.example.com"}
{"level":"info","ts":1602725241.084835,"logger":"tls.issuance.acme","msg":"waiting on internal rate limiter","identifiers":["abc.def.example.com"]}
{"level":"info","ts":1602725241.0849154,"logger":"tls.issuance.acme","msg":"done waiting on internal rate limiter","identifiers":["abc.def.example.com"]}
{"level":"info","ts":1602725242.789842,"logger":"tls.issuance.acme.acme_client","msg":"trying to solve challenge","identifier":"abc.def.example.com","challenge_type":"dns-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}
{"level":"error","ts":1602725243.1575782,"logger":"tls.issuance.acme.acme_client","msg":"cleaning up solver","identifier":"abc.def.example.com","challenge_type":"dns-01","error":"no memory of presenting a DNS record for abc.def.example.com (probably OK if presenting failed)"}
{"level":"error","ts":1602725243.372287,"logger":"tls.obtain","msg":"will retry","error":"[abc.def.example.com] Obtain: [abc.def.example.com] solving challenges: presenting for challenge: adding temporary record for zone def.example.com.: Not Found (404) (order=https://acme-v02.api.letsencrypt.org/acme/order/99341992/5693576092) (ca=https://acme-v02.api.letsencrypt.org/directory)","attempt":1,"retrying_in":60,"elapsed":2.288363091,"max_duration":2592000}
Zone "def.example.com" does not exist, only "example.com" does. I'm assuming this is the problem, but I'm not sure how to fix it. The Cloudflare API does not behave differently, but Caddy seems to feed it the right part of the domain.
Hi,
My DNS is hosted on Cloudflare.
I have NS records for _acme-challenge pointing to Hetzner DNS to enable automated cert management for load balancer.
I have a standalone VM requiring its own certificate so I am using Caddy with dns.providers.hetzner to perform dns-01 challenge.
I can confirm that _acme-challenge.mydomain.com is created but somehow caddy is not getting the cert.
{"level":"info","ts":"2023-07-06T16:10:32.308+0800","logger":"tls.obtain","msg":"obtaining certificate","identifier":"*.mydomain.com"}
{"level":"debug","ts":"2023-07-06T16:10:32.309+0800","logger":"tls.obtain","msg":"trying issuer 1/1","issuer":"acme-staging-v02.api.letsencrypt.org-directory"}
{"level":"error","ts":"2023-07-06T16:12:36.836+0800","logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":".mydomain.com","issuer":"acme-staging-v02.api.letsencrypt.org-directory","error":"[.mydomain.com] solving challenges: waiting for solver certmagic.solverWrapper to be ready: timed out waiting for record to fully propagate; verify DNS provider configuration is correct - last error: <nil> (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/<redacted>/<redacted>) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)"}
{"level":"error","ts":"2023-07-06T16:12:36.838+0800","logger":"tls.obtain","msg":"will retry","error":"[.mydomain.com] Obtain: [.mydomain.com] solving challenges: waiting for solver certmagic.solverWrapper to be ready: timed out waiting for record to fully propagate; verify DNS provider configuration is correct - last error: <nil> (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/<redacted>/<redacted>) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":1,"retrying_in":60,"elapsed":124.530103601,"max_duration":2592000}
Hey there,
thanks a lot for this super useful caddy plugin!
I was trying to use this but realised that caddy gets stuck verifying the DNS challenge, even though a TXT record is created by caddy in my Hetzner DNS console.
Inspecting the DNS record more closely, I see that my domain appears twice in the TXT record (something like _acme.challenge.test.example.com.example.com)
Could this be the source of the problem?
Best,
Leander
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.