search

AnalogJ / lexicon

Manipulate DNS records on various DNS providers in a standardized way.
MIT License
1.48k stars 305 forks source link

DreamHost Provider only works if root domain is set with an A or AAAA record #1064

Closed JerrettDavis closed 1 year ago

JerrettDavis commented 2 years ago

I'm using Lexicon to generate certificates an environment where DNS is my only accessible option, but I've noticed an odd behavior. It appears that it'll only successfully authenticate a domain if the @ entry has an A or AAAA record defined in DNS. This is a bit problematic in my environment as I have a CNAME pointed towards hashnode setup for that entry.

Is there any reason why a CNAME would not be regarded as valid for the purposes of authenticating the domain? You can see the behavior defined below.

https://github.com/AnalogJ/lexicon/blob/18c788dc410b0088336ee1c392f63102fe956ed4/lexicon/providers/dreamhost.py#L109-L112

chhsiao1981 commented 2 years ago

hi @JerrettDavis ~

Sorry for the late of response.

  1. I'm so sorry that I missed "CNAME". I can add it back to the code as well.
  2. Dreamhost actually changed their API in Nov. (without any official announcement). Basically they retired majority of the APIs, including all the update-related APIs. The module won't work anymore.

image

chhsiao1981 commented 2 years ago

A follow-up from Dreamhost confirmed that the APIs that we are using (dns-add_record and dns-remove_record and dns-list_records) are still working.

I'll update the code and include CNAME

image

JerrettDavis commented 2 years ago

@chhsiao1981 Thanks for following up on this, and I'm glad to hear it was an oversight rather than a functional limitation.

I'm more than happy to push a PR to correct this if you've got some stuff stacked up on your plate.

chhsiao1981 commented 2 years ago

hi @JerrettDavis ~

thanks!

welcome PR!

chhsiao1981 commented 1 year ago

Looks like this issue has been resolved by #1110

JerrettDavis commented 1 year ago

Closed with #1110