search

caddy-dns / route53

Caddy module: dns.providers.route53
MIT License
38 stars 31 forks source link

ttl for route53 should be sent as seconds #17

Closed kwypchlo closed 2 years ago

kwypchlo commented 2 years ago

👋

I'm using caddy to request certificates through route53 provider

{
  "module": "acme",
  "challenges": {
    "dns": {
      "provider": {
        "name": "route53"
      },
      "ttl": "1h"
    }
  }
}

unfortunately it seems like the ttl of 1 hour is translated to 3600000000000 while the dns errors out saying that max is 2147483647

{
  "level": "error",
  "ts": 1632395039.5339599,
  "logger": "tls.obtain",
  "msg": "will retry",
  "error": "[siasky.dev] Obtain: [siasky.dev] solving challenges: presenting for challenge: adding temporary record for zone siasky.dev.: InvalidInput: InvalidInput: 1 validation error detected: Value '3600000000000' at 'changeBatch.changes.1.member.resourceRecordSet.tTL' failed to satisfy constraint: Member must have value less than or equal to 2147483647\n\tstatus code: 400, request id: 21b98755-2e7b-47f8-abad-d8eb24207a81 (order=https://acme-staging-v02.api.letsencrypt.org/acme/order/27549458/598268258) (ca=https://acme-staging-v02.api.letsencrypt.org/directory)",
  "attempt": 2,
  "retrying_in": 120,
  "elapsed": 63.129179538,
  "max_duration": 2592000
}

seems to me there should be some conversion going on for route53 so that the number is sent as seconds so 3600 instead of 3600000000000

TTL (seconds) The amount of time, in seconds, that you want DNS recursive resolvers to cache information about this record. If you specify a longer value (for example, 172800 seconds, or two days), you reduce the number of calls that DNS recursive resolvers must make to Route 53 to get the latest information in this record. This has the effect of reducing latency and reducing your bill for Route 53 service. For more information, see How Amazon Route 53 routes traffic for your domain.

https://aws.amazon.com/route53/faqs/

kwypchlo commented 2 years ago

Actually I'm not sure whether it's this plugin concern or caddy itself - @mholt is this expected number format ?

mholt commented 2 years ago

Caddy feeds the plugins a time.Duration value as defined by the libdns APIs, which is a number of nanoseconds. If the provider expects seconds, the plugin will need to do the conversion.

kwypchlo commented 2 years ago

resolved in https://github.com/libdns/route53/pull/8