search

ddavness / power-mailinabox

A Mail-in-a-Box with extra capabilities and more customizability. Not just for power users!
Creative Commons Zero v1.0 Universal
168 stars 31 forks source link

Custom DNS API for txt record results in "No value for the record provided" #121

Open ghost opened 1 year ago

ghost commented 1 year ago

The context for this is im trying to setup acme on pfsense to create a wildcard cert using the DNS-MailinaBox method, but its failing. But that is just the context of where im hitting this issue i understand that is external to power-mailinabox

However, in the Custom DNS panel, at the bottom it shows an example of how this should work, where a command such as curl -X POST --user "username@mydomain.tld:my awesome passphrase" -d "some text here" https://box.mydomain.tld/admin/dns/custom/_subdomain.mydomain.tld/txt should result in the text record created. But instead i get the error message No value for the record provided.

This is the same error message i get from acme when i try to use the staging account to create a test wildcard certificate. Again i know that part is out of scope but it shows im getting the same error with two different methods. The log shows it hitting the same endpoint.

[Sat Mar 25 23:33:46 AEST 2023] Adding txt value: somelongstring for domain:  _acme-challenge.mydomain.tld
[Sat Mar 25 23:33:46 AEST 2023] Using miab challange add
[Sat Mar 25 23:33:46 AEST 2023] MIAB_Username='username@mydomain.tld'
[Sat Mar 25 23:33:46 AEST 2023] MIAB_Password='my awesome passphrase'
[Sat Mar 25 23:33:46 AEST 2023] MIAB_Server='box.mydomain.tld'
[Sat Mar 25 23:33:46 AEST 2023] _api_path='zones'
[Sat Mar 25 23:33:46 AEST 2023] _url='https://box.mydomain.tld/admin/dns/zones'
[Sat Mar 25 23:33:46 AEST 2023] _credentails='somelongstring'
[Sat Mar 25 23:33:46 AEST 2023] _httpmethod='GET'
[Sat Mar 25 23:33:46 AEST 2023] GET
[Sat Mar 25 23:33:46 AEST 2023] url='https://box.pavocracy.dev/admin/dns/zones'
[Sat Mar 25 23:33:47 AEST 2023] ret='0'
[Sat Mar 25 23:33:47 AEST 2023] response='["mydomain.tld"]'
[Sat Mar 25 23:33:47 AEST 2023] _test_domain='mydomain.tld'
[Sat Mar 25 23:33:47 AEST 2023] _sub_domain='_acme-challenge'
[Sat Mar 25 23:33:47 AEST 2023] _api_path='custom/_acme-challenge.mydomain.tld/txt'
[Sat Mar 25 23:33:47 AEST 2023] _url='https://box.mydomain.tld/admin/dns/custom/_acme-challenge.mydomain.tld/txt'
[Sat Mar 25 23:33:47 AEST 2023] _credentails='somelongstring'
[Sat Mar 25 23:33:47 AEST 2023] _httpmethod='POST'
[Sat Mar 25 23:33:47 AEST 2023] POST
[Sat Mar 25 23:33:47 AEST 2023] _post_url='https://box.mydomain.tld/admin/dns/custom/_acme-challenge.mydomain.tld/txt'
[Sat Mar 25 23:33:47 AEST 2023] body='somelongstring'
[Sat Mar 25 23:33:48 AEST 2023] _ret='0'
[Sat Mar 25 23:33:48 AEST 2023] response='No value for the record provided.'

This is a brand new debian 11 VPS and is otherwise working where i can send and receive emails and access the mail and admin panels, and manually create DNS entrys. FWIW my domain is with godaddy and i changed the default nameservers to be ns1.box.mydomain.tld and ns2.box.mydomain.tld that both resolve to the public IP address of my VPS, so all the dns entries for my domain should be coming from the maib server.

Any help with this issue would be greatly appreciated.

ghost commented 1 year ago

Do i need to setup an alias for this subdomain for it to work? I may just be confused how these custom domain works with miab. What im trying to do is use custom domains to forward to an nginx server i have with other services running, since i gave up that ability at a DNS level because i switched my name servers to be using the dns on this box.

Do i need an alias for every subdomain i want to setup with miab?

ghost commented 1 year ago

https://discourse.mailinabox.email/t/solved-but-a-bug-miab-dns-added-new-custom-dns-did-not-work/5550

Is this related at all? Is this an actual bug hanging around? What is the correct way to setup custom DNS entries on a MIAB server? As i said all i want to do is create a sub domain using an CNAME record that points to my other domains (eg homelab.otherdomain.tld) and a txt record for the acme challenges to work to get certificates from lets encrypt for that homelab domain from external to the MIAB.

ddavness commented 1 year ago

Hello!

I don't think this is a bug, rather than a feature I've introduced a few releases ago (#28) made the documentation incorrect :sweat_smile:

Since curl submits POST data as a x-www-form-urlencoded you'll want to prepend value= before the actual value you want (this is valid for all record types!)

So for your case:

curl -X POST --user "username@mydomain.tld:my awesome passphrase" -d "value=some text here" https://box.mydomain.tld/admin/dns/custom/_subdomain.mydomain.tld/txt

You can add a TTL to the record (optional) by appending &ttl=<seconds>. Example:

curl -X POST --user "username@mydomain.tld:my awesome passphrase" -d "value=some text here&ttl=3600" https://box.mydomain.tld/admin/dns/custom/_subdomain.mydomain.tld/txt
ghost commented 1 year ago

Thanks for the clarification. Would be awesome to get the docs updated at some stage. But thanks for posting the correct method to solve my issues :)