From a9fbb6991e04d7c7be9f81498b36434a29906ddc Mon Sep 17 00:00:00 2001 From: Ryan Meulenkamp Date: Tue, 9 Feb 2021 12:14:09 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20Fix=20problems=20with=20alias=20?= =?UTF-8?q?domains=20and=20dns-01=20challenge=20(#1785)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * 🐛 Fix problems with alias domains and dns-01 challenge And add some documentation to clarify a bit. Resolves #1331 * Fix linter issue * Add changelog * Update config.json * Update config.json Co-authored-by: Pascal Vizeli --- duckdns/CHANGELOG.md | 4 ++++ duckdns/DOCS.md | 10 ++++++++-- duckdns/config.json | 4 ++-- duckdns/data/run.sh | 19 +++++++++++++++---- 4 files changed, 29 insertions(+), 8 deletions(-) diff --git a/duckdns/CHANGELOG.md b/duckdns/CHANGELOG.md index 7a0a8a6..c1732e2 100644 --- a/duckdns/CHANGELOG.md +++ b/duckdns/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog +## 1.12.5 + +- Fix bug causing DuckDNS to return KO, when aliases were configured + ## 1.12.4 - Fix bug where IPv6 got the value of IPv4 diff --git a/duckdns/DOCS.md b/duckdns/DOCS.md index b8aee92..aaf99c4 100644 --- a/duckdns/DOCS.md +++ b/duckdns/DOCS.md @@ -101,13 +101,19 @@ For example: ```yaml domains: - my-domain.duckdns.org - - ha.my-domain.com aliases: - domain: ha.my-domain.com alias: my-domain.duckdns.org ``` -Also, add your custom domain name to the `domains` array to create the certificate for both domains +Don't add your custom domain name to the `domains` array. For certificate creation, all unique domains and aliases are used. + +Also, don't forget to make sure the dns-01 challenge can reach Duckdns. It might be required to add a specific CNAME for that: + +``` +CNAME _acme-challenge. _acme-challenge..duckdns.org +CNAME .duckdns.org +``` ### Option: `seconds` diff --git a/duckdns/config.json b/duckdns/config.json index 4b01c9f..ddb0401 100644 --- a/duckdns/config.json +++ b/duckdns/config.json @@ -1,6 +1,6 @@ { "name": "Duck DNS", - "version": "1.12.4", + "version": "1.12.5", "slug": "duckdns", "description": "Free Dynamic DNS (DynDNS or DDNS) service with Let's Encrypt support", "url": "https://github.com/home-assistant/hassio-addons/tree/master/duckdns", @@ -27,7 +27,7 @@ "ipv4": "str?", "ipv6": "str?", "token": "str", - "domains": ["str"], + "domains": ["match(.+\.duckdns\.org)"], "aliases": [ {"domain": "str", "alias": "str"} ], diff --git a/duckdns/data/run.sh b/duckdns/data/run.sh index 8825a73..969a1b7 100755 --- a/duckdns/data/run.sh +++ b/duckdns/data/run.sh @@ -16,15 +16,26 @@ WAIT_TIME=$(bashio::config 'seconds') # Function that performe a renew function le_renew() { local domain_args=() - local domains - + local domains='' + local aliases='' + domains=$(bashio::config 'domains') # Prepare domain for Let's Encrypt for domain in ${domains}; do + for alias in $(jq --raw-output --exit-status "[.aliases[]|{(.alias):.domain}]|add.\"${domain}\" | select(. != null)" /data/options.json) ; do + aliases="${aliases} ${alias}" + done + done + + aliases="$(echo "${aliases}" | tr ' ' '\n' | sort | uniq)" + + bashio::log.info "Renew certificate for domains: $(echo -n "${domains}") and aliases: $(echo -n "${aliases}")" + + for domain in $(echo "${domains}" "${aliases}" | tr ' ' '\n' | sort | uniq); do domain_args+=("--domain" "${domain}") done - + dehydrated --cron --hook ./hooks.sh --challenge dns-01 "${domain_args[@]}" --out "${CERT_DIR}" --config "${WORK_DIR}/config" || true LE_UPDATE="$(date +%s)" } @@ -56,7 +67,7 @@ while true; do [[ ${IPV4} != *:/* ]] && ipv4=${IPV4} || ipv4=$(curl -s -m 10 "${IPV4}") [[ ${IPV6} != *:/* ]] && ipv6=${IPV6} || ipv6=$(curl -s -m 10 "${IPV6}") - if answer="$(curl -s "https://www.duckdns.org/update?domains=${DOMAINS}&token=${TOKEN}&ip=${ipv4}&ipv6=${ipv6}&verbose=true")"; then + if answer="$(curl -s "https://www.duckdns.org/update?domains=${DOMAINS}&token=${TOKEN}&ip=${ipv4}&ipv6=${ipv6}&verbose=true")" && [ "${answer}" != 'KO' ]; then bashio::log.info "${answer}" else bashio::log.warning "${answer}"