rkosegi / cert-manager-webhook-active24 Goto Github PK
View Code? Open in Web Editor NEWA cert-manager ACME DNS-01 webhook that uses Active24.cz API
License: Apache License 2.0
A cert-manager ACME DNS-01 webhook that uses Active24.cz API
License: Apache License 2.0
Currently, there are 2 Helm charts:
rkosegi/cert-manager-webhook-active24:1.0.0
ghcr.io/rkosegi/cert-manager-webhook-active24:1.0.1
(the right one would be ghcr.io/rkosegi/cert-manager-webhook-active24:v1.0.1
)ClusterRole
and ClusterRoleBinding
in rbac.yaml
In the main README.md file, the 2nd one is used in the installation description so I'm not sure what the 1st one is for.
I use that 2nd one with fixed image tag.
In any case, please sort this out so that there's just 1 Helm chart and that it works without any additional modifications.
I followed the installation instruction and after I created the certificate I got this error in the certificate challenge:
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Started 2m18s cert-manager Challenge scheduled for processing
Warning PresentError 72s (x5 over 2m17s) cert-manager Error presenting challenge: unable to get secret `/cert-manager`; resource name may not be empty
Am I missing something? Is there a secret name I need to set in the helm chart?
Hello,
Image in docker.hub is not published.
After download source and run helm upgrade --install ac24 ./chart --namespace cert-manager
EVENT K8s:
ac24-cert-manager-webhook-active24-6874bd4c86-nqpqt.17a67eefb0038230
Failed
Error: ErrImagePull
--
Failed to pull image "rkosegi/cert-manager-webhook-active24:v1.0.2": reading manifest v1.0.2 in docker.io/rkosegi/cert-manager-webhook-active24: requested access to the resource is denied
--
Back-off pulling image "rkosegi/cert-manager-webhook-active24:v1.0.2"
Does it support multiple domains in some way?
We;ve got several domains managed by active24 and so far we've been able to get only 1 of them to work. If we add more domains then the acme challenge DNS records are created in the 1st one - the one for which this webhook is configured (apiGroup in Helm chart).
Is there any way how to use multiple domains with this webhook?
We can perhaps add the acme challenge CNAME records to the other domains to point to the 1st one, but that looks more like a workaround.
Recently I started having issues with the certificate renewal (worked a few months ago, but not any longer).
I0809 13:34:52.061900 1 main.go:78] Present: fqdn=_acme-challenge.somedomain.net., zone=somedomain.net., key=qUXCrf7evXjIQfBWEItLIwuCxzoDQCOpK5aRitCSMpc
I0809 13:34:52.061924 1 main.go:189] recordName: ResolvedZone=somedomain.net., ResolvedFQDN=_acme-challenge.somedomain.net.
I0809 13:34:52.066250 1 active24.go:37] FindTxtRecord: name=_acme-challenge, text=qUXCrf7evXjIQfBWEItLIwuCxzoDQCOpK5aRitCSMpc
E0809 13:34:52.295304 1 active24.go:41] "invalid API response" err="invalid response from api: 404" code="404 404"
ghcr.io/rkosegi/cert-manager-webhook-active24:v1.0.1
(you've got it wrong in the v1.0.1 - it points to rkosegi/cert-manager-webhook-active24:1.0.1
which doesn't exist).Do you know if the Active24 API hasn't changed in any way?
I looked at https://api.active24.com/swagger-ui.html and tried some manual requests to get some records (using my API key) - those work and it appears to match what the https://github.com/rkosegi/active24-go/blob/main/active24/dns.go does. But maybe I'm missing something.
Note that I can't find the expected TXT record there - based on the above piece of log it should be at least created, but there's nothing visible in those records. Maybe even that part doesn't work properly, or it's just a consequence.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.