DNSAPI per-domain conf wrapper funcs #3085
Conversation
This is meant to address acmesh-official#799 and acmesh-official#2091
|
First, NEVER send a PR to Or some other wiki pages: |
Update to acmesh-official#799 for per-domain auth conf storage. _readdnsapiconf() <Item Key> - Prefers the values stored in the domainconf over the accountconf[_mutable] if it exists in both places. - After first new/update save with _savednsapiconf() it will be stored in the domainconf (and the original acctconf* location if applicable) that's where this function will find the value and the entry in the accountconf* will be obsolete/unused. _savednsapiconf() <Item Key> <Item Value> - "Migrate"/save the auth provided by env var or from accountconf[_mutable] to domainconf for future use. Update it in the original account location for backward compatibility if necessary. 1. These wrappers don't update the environment variable like the _getdeployconf(), they read from arg, emit text. 2. The keys saved through the save wrapper are named in mutable form with "SAVED_" prefix. 3. The DNS API Dev Guide (https://github.com/acmesh-official/acme.sh/wiki/DNS-API-Dev-Guide) will need to be updated for the new functions dns_cf.sh dnsapi script for cloudflare updated as an example.
senseisimple
changed the title
|
COMMIT 1 3df276c (dns_rackspace.sh) Shows a simplistic and functional update to a single dnsapi script using existing read/save domainconf functions in acme.sh COMMIT 2 716b9b8 Provides a solution and migration path for existing dnsapi scripts to eliminate issues switching from accountconf storage to domainconf storage allowing for backward compatibility with existing configurations. It updates acme.sh and the dns_cf.sh scripts, which would also necessitate an update to the wiki page at https://github.com/acmesh-official/acme.sh/wiki/DNS-API-Dev-Guide |
|
Yes, we need a unique way to do that. We should save them into account.conf by default to keep compatibility. export xxxx=xxx
export cccc=ddddd
acme.sh --issue xxxxx --dns dns_cfWe need another new option to save it in domain conf export xxx=xxx
export ccc=ddd
acme.sh --issue xxxx --dns dns_cf --dns-save-per-certWhen renewal, we should check domain conf first, then fallback to accont.conf. I think we need two functions: They should work similarly to the deplohhook functions. |
This is meant as an example to address Per-domain api auth setting #799 and related improvement to #2091