caddy-dns / godaddy

MIT License
7 stars 4 forks source link

Documentation for GODADDY_TOKEN environment variable #3

Open PhantomEight opened 1 year ago

PhantomEight commented 1 year ago

I'm trying to use this plugin and it seems like some basic information is missing from your documentation. In Caddy V1 the code below works just fine when GODADDY_API_KEY and GODADDY_API_SECRET are set as environment variables.

The proper environment variables for this plugin for caddy V2 are not even discussed at all in your documentation or I can't find it. I'm assuming they haven't changed? Also there is use of the word Token, ex: "{env.GODADDY_TOKEN}", which doesn't match anything. What token? Go Daddy uses an API Key and a Secret.

tls {
     dns godaddy
     }

In V2 the same code throws this error

2023/01/14 18:45:13.500 INFO   http.acme_client        trying to solve challenge       {"identifier": "REDACTED.TLD", "challenge_type": "dns-01", "ca": "https://acme-staging-v02.api.letsencrypt.org/directory"}
2023/01/14 18:45:13.504 INFO   AppendRecords REDACTED.TLD. [{ TXT _acme-challenge.<REDACTED> nZQM<REDACTED>HOEE 0s 0}]
2023/01/14 18:45:13.603 ERROR  http.acme_client        cleaning up solver      {"identifier": "REDACTED.TLD", "challenge_type": "dns-01", "error": "no memory of presenting a DNS record for \"_acme-challenge.REDACTED.TLD\" (usually OK if presenting also failed)"}
2023/01/14 18:45:13.673 ERROR  tls.obtain      could not get certificate from issuer   {"identifier": "REDACTED.TLD", "issuer": "acme-v02.api.letsencrypt.org-directory", "error": "[REDACTED.TLD] solving challenges: presenting for challenge: adding temporary record for zone \"REDACTED.TLD.\": could not append records: Domain: REDACTED.TLD; Record: _acme-challenge.<REDACTED>, Status: 401; Body: {\"code\":\"MALFORMED_CREDENTIALS\",\"message\":\"Unauthorized : API Key-Secret is malformed\"}; PUT: [{\"data\":\"nZ<REDACTED>EE\"}] (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/83059923/6528081103) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)"}
mholt commented 1 year ago

What's wrong with the documentation exactly?

https://github.com/caddy-dns/godaddy#config-examples

(You know that v1 configs aren't compatible with v2, right?)

PhantomEight commented 1 year ago

So I figured out how to do this in a caddy file, this needs to be spelled out....

    tls {
        dns godaddy <GODADDY_API_KEY>:<GODADDY_API_SECRET>  
    }

I tried to make a system environment variable named GODADDY_TOKEN with the same data ":" and it didn't work. I'm still guessing around and trying to find out the significance of GODADDY_TOKEN

PhantomEight commented 1 year ago

I figured out the issue with the environment variable, the command window needed to be re-opened for the change to the system environment variable to take affect.

So to sum it up, if a user choses to use a caddy file instead of json, then the use of the "GODADDYTOKEN" environment variable and what is expected to be in it, :_, and that the environment variables used in v1, "GODADDY_API_KEY" and "GODADDY_API_SECRET" are now deprecated, this needs to called out.

While I do understand there's a difference between v1 and v2, the v2 documentation is lacking this. Pardon my frustration, but it's horrific spending days trying to convert from v1 to v2. Basic information like this, being left out, is making the process way longer than it has to be and why change up the environment variables, switching from two environment variables that were perfectly named to one that uses terminology that GoDaddy does not use?

williamblair333 commented 6 months ago

I figured out the issue with the environment variable, the command window needed to be re-opened for the change to the system environment variable to take affect.

So to sum it up, if a user choses to use a caddy file instead of json, then the use of the "GODADDYTOKEN" environment variable and what is expected to be in it, :_, and that the environment variables used in v1, "GODADDY_API_KEY" and "GODADDY_API_SECRET" are now deprecated, this needs to called out.

While I do understand there's a difference between v1 and v2, the v2 documentation is lacking this. Pardon my frustration, but it's horrific spending days trying to convert from v1 to v2. Basic information like this, being left out, is making the process way longer than it has to be and why change up the environment variables, switching from two environment variables that were perfectly named to one that uses terminology that GoDaddy does not use?

Just for those of us who are slow witted here what is the correct way to do this with the latest caddy version (latest as of this post) Is this it?

my.domain.name { reverse_proxy 192.168.1.1:80 tls { dns godaddy key:secret } }

PhantomEight commented 6 months ago

Just for those of us who are slow witted here what is the correct way to do this with the latest caddy version (latest as of this post) Is this it?

my.domain.name { reverse_proxy 192.168.1.1:80 tls { dns godaddy key:secret } }

Well firstly...... I run caddy on Windows because I have a family and a life and I expect to be able to do things quickly and Linux is not my specialty. First you need to get your API key and Secrect from GoDaddy and you need to make an environment variable.

image

The problem with the documentaion for this plugin is that you don't find how to store the environment variable in the operating system well documented... but this is how you do it for Windows.

For the config... I have this in my Caddyfile. I have godaddy as a block at the top that I import into each of the site configurations further down in the file becaue my caddyfile has several sites in it.

(godaddy) {
    #Challenge with DNS
    #URL for API Key Management = https://developer.godaddy.com/keys
    #System Environment Variable Set!  - Windows Key + Pause Key, click Advanced System Settings
    #Click Advanced Tab, Click Environment Variables at bottom, under System Variables Set:
    #   GODADDY_TOKEN to  <GODADDY_API_KEY>:<GODADDY_API_SECRET>      
    tls {
        dns godaddy {env.GODADDY_TOKEN}
    }
}

mydomain.com {
    log {
        output file ./logs/mydomain.com  {
            roll_size 10mb
            roll_keep_for 720h
        }
    }

    import godaddy
    encode gzip zstd
    reverse_proxy 10.3.0.32 #This is my main site.   
    file_server
}

emby.mydomain.com:8920, emby.mydomain.com {
    log {
        output file ./logs/emby_access.log {
            roll_size 10mb
            roll_keep_for 720h
        }
    }

    import godaddy
    @paths path /
    redir @paths https://emby.mydomain.com/web/index.html permanent
    reverse_proxy emby.localdomain.com:8096
    header {
        X-Robots-Tag none;
    }   
}

The code above also happens to fix the 302 redirect emby was causing.... but just ignore that.

williamblair333 commented 6 months ago

Just for those of us who are slow witted here what is the correct way to do this with the latest caddy version (latest as of this post) Is this it? my.domain.name { reverse_proxy 192.168.1.1:80 tls { dns godaddy key:secret } }

Well firstly...... I run caddy on Windows because I have a family and a life and I expect to be able to do things quickly and Linux is not my specialty. First you need to get your API key and Secrect from GoDaddy and you need to make an environment variable.

image

For the config... I have this in my Caddyfile. I have godaddy as a block at the top that I import into each of the site configurations further down in the file becaue my caddyfile has several sites in it.

You wont find this well documented... but this is how you do it and not wanna throw yourself infront of a bus.

(godaddy) {
  #Challenge with DNS
  #URL for API Key Management = https://developer.godaddy.com/keys
  #System Environment Variable Set!  - Windows Key + Pause Key, click Advanced System Settings
  #Click Advanced Tab, Click Environment Variables at bottom, under System Variables Set:
  #   GODADDY_TOKEN to  <GODADDY_API_KEY>:<GODADDY_API_SECRET>      
  tls {
      dns godaddy {env.GODADDY_TOKEN}
  }
}

mydomain.com {
  log {
      output file ./logs/mydomain.com  {
          roll_size 10mb
          roll_keep_for 720h
      }
  }

  import godaddy
  encode gzip zstd
  reverse_proxy 10.3.0.32 #This is my main site.   
  file_server
}

This isn't Reddit. You should keep your opinions to yourself. Regardless, I found the answer to my problem. Godaddy API access has been revoked for accounts having fewer than 50 domain names. But since you do think it's Reddit, here's an article that lead me to [my problem resolution](https://www.reddit.com/r/godaddy/comments/1bl0f5r/am_i_the_only_one_who_cant_use_the_api/)