Merge pull request #2928 from Netflix/powerdnsplugin_01
Add Support for ACME_POWERDNS_VERIFY Option
This commit is contained in:
commit
5fc62aff7e
|
@ -1014,6 +1014,15 @@ The following configuration properties are required to use the PowerDNS ACME Plu
|
||||||
|
|
||||||
This is the number of times DNS Verification should be attempted (i.e. 20)
|
This is the number of times DNS Verification should be attempted (i.e. 20)
|
||||||
|
|
||||||
|
|
||||||
|
.. data:: ACME_POWERDNS_VERIFY
|
||||||
|
:noindex:
|
||||||
|
|
||||||
|
This configures how TLS certificates on the PowerDNS API target are validated. The PowerDNS Plugin depends on the PyPi requests library, which supports the following options for the verify parameter:
|
||||||
|
* True: Verifies the TLS certificate was issued by a known publicly-trusted CA. (Default)
|
||||||
|
* False: Disables certificate validation (Not Recommended)
|
||||||
|
* File/Dir path to CA Bundle: Verifies the TLS certificate was issued by a Certificate Authority in the provided CA bundle.
|
||||||
|
|
||||||
.. _CommandLineInterface:
|
.. _CommandLineInterface:
|
||||||
|
|
||||||
Command Line Interface
|
Command Line Interface
|
||||||
|
|
|
@ -246,11 +246,12 @@ def _get_zone_name(domain, account_number):
|
||||||
def _get(path, params=None):
|
def _get(path, params=None):
|
||||||
""" Execute a GET request on the given URL (base_uri + path) and return response as JSON object """
|
""" Execute a GET request on the given URL (base_uri + path) and return response as JSON object """
|
||||||
base_uri = current_app.config.get("ACME_POWERDNS_DOMAIN")
|
base_uri = current_app.config.get("ACME_POWERDNS_DOMAIN")
|
||||||
|
verify_value = current_app.config.get("ACME_POWERDNS_VERIFY", True)
|
||||||
resp = requests.get(
|
resp = requests.get(
|
||||||
f"{base_uri}{path}",
|
f"{base_uri}{path}",
|
||||||
headers=_generate_header(),
|
headers=_generate_header(),
|
||||||
params=params,
|
params=params,
|
||||||
verify=True,
|
verify=verify_value
|
||||||
)
|
)
|
||||||
resp.raise_for_status()
|
resp.raise_for_status()
|
||||||
return resp.json()
|
return resp.json()
|
||||||
|
@ -259,9 +260,11 @@ def _get(path, params=None):
|
||||||
def _patch(path, payload):
|
def _patch(path, payload):
|
||||||
""" Execute a Patch request on the given URL (base_uri + path) with given payload """
|
""" Execute a Patch request on the given URL (base_uri + path) with given payload """
|
||||||
base_uri = current_app.config.get("ACME_POWERDNS_DOMAIN")
|
base_uri = current_app.config.get("ACME_POWERDNS_DOMAIN")
|
||||||
|
verify_value = current_app.config.get("ACME_POWERDNS_VERIFY", True)
|
||||||
resp = requests.patch(
|
resp = requests.patch(
|
||||||
f"{base_uri}{path}",
|
f"{base_uri}{path}",
|
||||||
data=json.dumps(payload),
|
data=json.dumps(payload),
|
||||||
headers=_generate_header()
|
headers=_generate_header(),
|
||||||
|
verify=verify_value
|
||||||
)
|
)
|
||||||
resp.raise_for_status()
|
resp.raise_for_status()
|
||||||
|
|
Loading…
Reference in New Issue