Implements validation using CNAMEs and RFC2138, as described in the
Let's Encrypt documentation.
For instance, if requesting the domain "test.net" with a CNAME from
"_acme-challenge.test.net" to "_acme-challenge.ledomain.net". As per the
spec this is fully supported, but using RFC2138 and nsupdate, acme.sh
did not support this properly, instead trying to add the record to the
original fulldomain unconditionally.
To implement this, this commit adds an additional environment variable,
NSUPDATE_CNAME_ZONE, which would contain the target zone, for instance
in the example above, "ledomain.net". If this variable is set, nsupdate
then adds/removes the _acme-validation TXT record to that zone instead
of the requested zone, as well as printing a helpful message mentioning
that the CNAME must exist for this to succeed.
Previously, the else was assumed to be the one where NSUPDATE_ZONE was
set. Flip this in order to facilitate adding additional nsupdate
configurations.
* support jdcloud.com
* fix format
* ttl 3000
* Escape slashes (#2375)
* Change 1.1.1.1 to 1.0.0.1 to probe compatibility (#2330)
As we can see, 1.1.1.1 is not routed or routed to an Intranet devices due to historical reason. Change 1.1.1.1 to 1.0.0.1 will have a better compatibility. I found this problem on my Tencent Cloud server.
* check empty id
* fix error
* Add dnsapi for Vultr (#2370)
* Add Vultr dns api
* PushOver notifications (#2325)
* PushOver notifications, using AppToken, UserKey, and optional sounds
* fix errors
* added dns api support for hexonet (#1776)
* update
* minor
* support new Cloudflare Token format
fix https://github.com/Neilpang/acme.sh/issues/2398
* fix wildcard domain name
* add more info
* fix https://github.com/Neilpang/acme.sh/issues/2377
* fix format
* fix format
We have a few domains that ends the same. For example :
iperfony.com
perfony.com
The problem was in the _get_root functions, when getting the domain_id :
only the first result "iperfony.com" was returned, because "perfony.com"
is contained in the "iperfony.com" string.
The correction consist of being strict in the regex, adding a slash (/)
so that it will only match on ".*/(perfony.com).*" and not
".*(perfony.com).*".
The --no-run-if-empty option is a GNU extension and the long version isn't supported by *BSD variants.
Instead use the short version (-r) which is present, but ignored as it is the default behavior, in at least FreeBSD: https://www.freebsd.org/cgi/man.cgi?xargs
* Create LICENSE.md
* remove _hostingde_parse_no_strip_whitespace function as this breaks API requests
* Fix sessionid parsing on BSD
* Make travis happy. (SC2020)
* fix for https://github.com/Neilpang/acme.sh/issues/2286
* Notify mail update (#2293)
* feat: disable e-mail validation if MAIL_NOVALIDATE is set
* fix: expose _MAIL_BIN variable
* fix: call _mail_body and _mail_cmnd directly to make sure that all used variables are exposed
* fix: update notify/mail.sh
Co-Authored-By: Matej Mihevc <zuexo@users.noreply.github.com>
* fix: remove useless echo, quote eval
MaraDNS is a lightweight self-hosting DNS server. This patch adds
support for adding records to zone files stored on the server in the
format expected by MaraDNS. Path to the file should be exported in
MARA_ZONE_FILE environment variable. To reload the configuration
automatically, the user must provide path to the pid file of duende (the
daemonization tool that ships with MaraDNS) in MARA_DUENDE_PID_PATH
(--pid argument to duende).