search

acmesh-official / acme.sh

A pure Unix shell script implementing ACME client protocol
https://acme.sh
GNU General Public License v3.0
39.86k stars 5.01k forks source link

Hardcode global azure dns, not support azure china region #2234

Open wu-wenxiang opened 5 years ago

wu-wenxiang commented 5 years ago

https://docs.azure.cn/zh-cn/articles/guidance/developerdifferences

https://github.com/Neilpang/acme.sh/blob/master/dnsapi/dns_azure.sh

blackstorm commented 5 years ago

Yep! Should add a new dns api Azure China DNS @Neilpang

Li-Yanzhi commented 5 years ago

Here is the various azure cloud enviroments setting used in kubenetes cert-manager helm chart (https://git.trddev.com/jdobyns/rancher-letsencrypt/blob/0d159919899dab37393345ef6380ecac19a22345/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go):

PublicCloud = Environment{
    Name:                         "AzurePublicCloud",
    ManagementPortalURL:          "https://manage.windowsazure.com/",
    PublishSettingsURL:           "https://manage.windowsazure.com/publishsettings/index",
    ServiceManagementEndpoint:    "https://management.core.windows.net/",
    ResourceManagerEndpoint:      "https://management.azure.com/",
    ActiveDirectoryEndpoint:      "https://login.microsoftonline.com/",
    GalleryEndpoint:              "https://gallery.azure.com/",
    KeyVaultEndpoint:             "https://vault.azure.net/",
    GraphEndpoint:                "https://graph.windows.net/",
    StorageEndpointSuffix:        "core.windows.net",
    SQLDatabaseDNSSuffix:         "database.windows.net",
    TrafficManagerDNSSuffix:      "trafficmanager.net",
    KeyVaultDNSSuffix:            "vault.azure.net",
    ServiceBusEndpointSuffix:     "servicebus.azure.com",
    ServiceManagementVMDNSSuffix: "cloudapp.net",
    ResourceManagerVMDNSSuffix:   "cloudapp.azure.com",
    ContainerRegistryDNSSuffix:   "azurecr.io",
}

// USGovernmentCloud is the cloud environment for the US Government
USGovernmentCloud = Environment{
    Name:                         "AzureUSGovernmentCloud",
    ManagementPortalURL:          "https://manage.windowsazure.us/",
    PublishSettingsURL:           "https://manage.windowsazure.us/publishsettings/index",
    ServiceManagementEndpoint:    "https://management.core.usgovcloudapi.net/",
    ResourceManagerEndpoint:      "https://management.usgovcloudapi.net/",
    ActiveDirectoryEndpoint:      "https://login.microsoftonline.com/",
    GalleryEndpoint:              "https://gallery.usgovcloudapi.net/",
    KeyVaultEndpoint:             "https://vault.usgovcloudapi.net/",
    GraphEndpoint:                "https://graph.usgovcloudapi.net/",
    StorageEndpointSuffix:        "core.usgovcloudapi.net",
    SQLDatabaseDNSSuffix:         "database.usgovcloudapi.net",
    TrafficManagerDNSSuffix:      "usgovtrafficmanager.net",
    KeyVaultDNSSuffix:            "vault.usgovcloudapi.net",
    ServiceBusEndpointSuffix:     "servicebus.usgovcloudapi.net",
    ServiceManagementVMDNSSuffix: "usgovcloudapp.net",
    ResourceManagerVMDNSSuffix:   "cloudapp.windowsazure.us",
    ContainerRegistryDNSSuffix:   "azurecr.io",
}

// ChinaCloud is the cloud environment operated in China
ChinaCloud = Environment{
    Name:                         "AzureChinaCloud",
    ManagementPortalURL:          "https://manage.chinacloudapi.com/",
    PublishSettingsURL:           "https://manage.chinacloudapi.com/publishsettings/index",
    ServiceManagementEndpoint:    "https://management.core.chinacloudapi.cn/",
    ResourceManagerEndpoint:      "https://management.chinacloudapi.cn/",
    ActiveDirectoryEndpoint:      "https://login.chinacloudapi.cn/",
    GalleryEndpoint:              "https://gallery.chinacloudapi.cn/",
    KeyVaultEndpoint:             "https://vault.azure.cn/",
    GraphEndpoint:                "https://graph.chinacloudapi.cn/",
    StorageEndpointSuffix:        "core.chinacloudapi.cn",
    SQLDatabaseDNSSuffix:         "database.chinacloudapi.cn",
    TrafficManagerDNSSuffix:      "trafficmanager.cn",
    KeyVaultDNSSuffix:            "vault.azure.cn",
    ServiceBusEndpointSuffix:     "servicebus.chinacloudapi.net",
    ServiceManagementVMDNSSuffix: "chinacloudapp.cn",
    ResourceManagerVMDNSSuffix:   "cloudapp.azure.cn",
    ContainerRegistryDNSSuffix:   "azurecr.io",
}

// GermanCloud is the cloud environment operated in Germany
GermanCloud = Environment{
    Name:                         "AzureGermanCloud",
    ManagementPortalURL:          "http://portal.microsoftazure.de/",
    PublishSettingsURL:           "https://manage.microsoftazure.de/publishsettings/index",
    ServiceManagementEndpoint:    "https://management.core.cloudapi.de/",
    ResourceManagerEndpoint:      "https://management.microsoftazure.de/",
    ActiveDirectoryEndpoint:      "https://login.microsoftonline.de/",
    GalleryEndpoint:              "https://gallery.cloudapi.de/",
    KeyVaultEndpoint:             "https://vault.microsoftazure.de/",
    GraphEndpoint:                "https://graph.cloudapi.de/",
    StorageEndpointSuffix:        "core.cloudapi.de",
    SQLDatabaseDNSSuffix:         "database.cloudapi.de",
    TrafficManagerDNSSuffix:      "azuretrafficmanager.de",
    KeyVaultDNSSuffix:            "vault.microsoftazure.de",
    ServiceBusEndpointSuffix:     "servicebus.cloudapi.de",
    ServiceManagementVMDNSSuffix: "azurecloudapp.de",
    ResourceManagerVMDNSSuffix:   "cloudapp.microsoftazure.de",
    ContainerRegistryDNSSuffix:   "azurecr.io",
}
Li-Yanzhi commented 5 years ago

Current dns_azure.sh does not support Resource Group also, in Azure DNS, you can create same DNS zone name in different resource group (for support different environment).

For those who need use Resource Group in Azure DNS or Azure China DNS, you can refer this: https://github.com/Li-Yanzhi/acme.sh/blob/master/dnsapi/dns_azurechina.sh