Skip to content

Commit

Permalink
Merge branch 'multilevel_domain_support' into dev
Browse files Browse the repository at this point in the history
  • Loading branch information
infinityofspace committed Sep 27, 2024
2 parents aae00b0 + 573f20d commit a318d0b
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 22 deletions.
38 changes: 18 additions & 20 deletions certbot_dns_porkbun/cert/client.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,9 @@
from certbot.plugins import dns_common
from dns import resolver
from pkb_client.client import PKBClient
from tldextract import tldextract

DEFAULT_PROPAGATION_SECONDS = 60
DEFAULT_PROPAGATION_SECONDS = 600

ACME_TXT_PREFIX = "_acme-challenge"

Expand Down Expand Up @@ -80,37 +81,34 @@ def _perform(self, domain: str, validation_name: str, validation: str) -> None:
:raise PluginError: if the TXT record can not be set or something goes wrong
"""

client = self._get_porkbun_client()

propagation_seconds = self.conf("propagation_seconds")
if propagation_seconds < 600:
logging.warning("The propagation time is less than Porkbun DNS TTL minimum of 600 seconds. Subsequent "
"challenges for same domain may fail. Try increasing the propagation time if you encounter "
"issues.")

# replace wildcard in domain
domain = domain.replace("*", "")
domain = f"{ACME_TXT_PREFIX}.{domain}"

propagation_seconds = self.conf("propagation_seconds")

try:
# follow all CNAME and DNAME records
canonical_name = resolver.canonical_name(domain)

if domain != canonical_name.to_text().rstrip('.') and propagation_seconds < 600:
logging.warning("Make sure your CNAME record is propagated to all DNS servers, "
"because the default CNAME TTL propagation time is 600 seconds "
f"and your certbot propagation time is only {propagation_seconds}.")

self._root_domain = canonical_name.split(3)[1].to_text().rstrip('.')

name = ".".join(canonical_name.to_text().split('.')[:-3])
except (resolver.NoAnswer, resolver.NXDOMAIN):
canonical_name = domain

self._root_domain = ".".join(canonical_name.split('.')[-2:])

name = ".".join(canonical_name.split('.')[:-2])
extract_result = tldextract.extract(canonical_name.to_text())
root_domain = f"{extract_result.domain}.{extract_result.suffix}"
name = extract_result.subdomain

try:
self.record_ids_to_root_domain[validation] = (self._get_porkbun_client().dns_create(self._root_domain,
"TXT",
validation,
name=name),
self._root_domain)
self.record_ids_to_root_domain[validation] = (client.dns_create(root_domain,
"TXT",
validation,
name=name),
root_domain)

except Exception as e:
raise errors.PluginError(e)
Expand Down
3 changes: 2 additions & 1 deletion requirements.txt
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
setuptools>=41.6.0
certbot>=1.18.0,<4.0
pkb_client>=1.1,<2.0
dnspython>=2.0.0,<3.0
dnspython>=2.0.0,<3.0
tldextract>=5.1.2,<6.0
3 changes: 2 additions & 1 deletion setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,8 @@
"setuptools>=41.6.0",
"certbot>=1.18.0,<4.0",
"pkb_client>=1.1,<2.0",
"dnspython>=2.0.0,<3.0"
"dnspython>=2.0.0,<3.0",
"tldextract>=5.1.2,<6.0"
],
entry_points={
"certbot.plugins": [
Expand Down

0 comments on commit a318d0b

Please sign in to comment.