Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ttl for route53 should be sent as seconds #17

Closed
kwypchlo opened this issue Sep 23, 2021 · 3 comments
Closed

ttl for route53 should be sent as seconds #17

kwypchlo opened this issue Sep 23, 2021 · 3 comments

Comments

@kwypchlo
Copy link

馃憢

I'm using caddy to request certificates through route53 provider

{
  "module": "acme",
  "challenges": {
    "dns": {
      "provider": {
        "name": "route53"
      },
      "ttl": "1h"
    }
  }
}

unfortunately it seems like the ttl of 1 hour is translated to 3600000000000 while the dns errors out saying that max is 2147483647

{
  "level": "error",
  "ts": 1632395039.5339599,
  "logger": "tls.obtain",
  "msg": "will retry",
  "error": "[siasky.dev] Obtain: [siasky.dev] solving challenges: presenting for challenge: adding temporary record for zone siasky.dev.: InvalidInput: InvalidInput: 1 validation error detected: Value '3600000000000' at 'changeBatch.changes.1.member.resourceRecordSet.tTL' failed to satisfy constraint: Member must have value less than or equal to 2147483647\n\tstatus code: 400, request id: 21b98755-2e7b-47f8-abad-d8eb24207a81 (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/27549458/598268258) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)",
  "attempt": 2,
  "retrying_in": 120,
  "elapsed": 63.129179538,
  "max_duration": 2592000
}

seems to me there should be some conversion going on for route53 so that the number is sent as seconds so 3600 instead of 3600000000000

TTL (seconds)
The amount of time, in seconds, that you want DNS recursive resolvers to cache information about this record. If you specify a longer value (for example, 172800 seconds, or two days), you reduce the number of calls that DNS recursive resolvers must make to Route 53 to get the latest information in this record. This has the effect of reducing latency and reducing your bill for Route 53 service. For more information, see How Amazon Route 53 routes traffic for your domain.

https://aws.amazon.com/route53/faqs/
@kwypchlo
Copy link
Author

Actually I'm not sure whether it's this plugin concern or caddy itself - @mholt is this expected number format ?

@mholt
Copy link
Contributor

mholt commented Sep 24, 2021

Caddy feeds the plugins a time.Duration value as defined by the libdns APIs, which is a number of nanoseconds. If the provider expects seconds, the plugin will need to do the conversion.

@kwypchlo kwypchlo mentioned this issue Sep 24, 2021
Merged
PhoenixPeca pushed a commit to libdns/route53 that referenced this issue Oct 28, 2021
@kwypchlo
route53 ttl should be set in seconds (#8)
dc624ef 
* route53 ttl should be set in seconds

more details in caddy-dns/route53#17

* change deleteRecord and updateRecord too
@kwypchlo
Copy link
Author

kwypchlo commented Oct 28, 2021
edited
Loading

resolved in libdns/route53#8

@kwypchlo kwypchlo mentioned this issue Feb 2, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mholt @kwypchlo