Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a override_domain option to allow DNS challenge delegation #4596

Merged
merged 3 commits into from Mar 8, 2022
Merged

Add a override_domain option to allow DNS challenge delegation #4596

merged 3 commits into from Mar 8, 2022

Conversation

crccw
Copy link
Contributor

@crccw crccw commented Feb 23, 2022
edited by francislavoie

CNAME can be used to delegate answering the chanllenge to another DNS
zone. One usage is to reduce the exposure of the DNS credential [1].
Based on the discussion in caddy/certmagic#160, we are adding an option
to allow the user explicitly specify the domain to delegate, instead of
following the CNAME chain.

This needs caddyserver/certmagic#160.

@crccw
Add a override_domain option to allow DNS chanllenge delegation
6e62081 
CNAME can be used to delegate answering the chanllenge to another DNS
zone. One usage is to reduce the exposure of the DNS credential [1].
Based on the discussion in caddy/certmagic#160, we are adding an option
to allow the user explicitly specify the domain to delegate, instead of
following the CNAME chain.

This needs caddy/certmagic#160.
@CLAassistant
Copy link

CLAassistant commented Feb 23, 2022
edited

CLA assistant check
All committers have signed the CLA.

@crccw crccw mentioned this pull request Feb 23, 2022
Merged
@francislavoie
Copy link
Member

I think maybe we should change the option to something like dns_challenge_override_domain or something. That is very long, but I don't think it's clear upfront that this specifically applies to the DNS challenge only (it is clear in JSON config though because of nesting)

@francislavoie francislavoie added feature ⚙️ New feature or request under review 🧐 Review is pending before merging labels Feb 23, 2022
@francislavoie francislavoie changed the title Add a override_domain option to allow DNS chanllenge delegation Add a override_domain option to allow DNS challenge delegation Mar 2, 2022
@francislavoie francislavoie added this to the 2.x milestone Mar 2, 2022
@crccw
Copy link
Contributor Author

crccw commented Mar 7, 2022

Changed to dns_challenge_override_domain

@mholt mholt modified the milestones: 2.x, v2.5.0 Mar 7, 2022
@mholt
Copy link
Member

mholt commented Mar 7, 2022

@crccw We just need you to sign the CLA and then we can merge this. If you do it today we can get it in the v2.5 prereleases.

@crccw
Copy link
Contributor Author

crccw commented Mar 8, 2022
edited

Just signed. Do we need to wait for a certmagic release and bump the dependency version before merging this?

@mholt mholt removed the under review 🧐 Review is pending before merging label Mar 8, 2022
@mholt
Copy link
Member

mholt commented Mar 8, 2022

@crccw Thanks!

Do we need to wait for a certmagic release and bump the dependency version before merging this?

Already done 😉

@mholt mholt merged commit d9b1d46 into caddyserver:master Mar 8, 2022
@francislavoie francislavoie mentioned this pull request Mar 11, 2022
Closed
@emilylange emilylange mentioned this pull request Mar 14, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
feature ⚙️ New feature or request
Projects
None yet
Milestone
v2.5.0
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@crccw @CLAassistant @francislavoie @mholt