pragkent/alidns-webhook pragkent/alidns-webhook

  • Stars
    star
    136
  • Rank 267,670 (Top 6 %)
  • Language
    Go
  • Created over 5 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
pragkent/alidns-webhook
github

pragkent

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Cert manager acme dns01 webhook provider for alidns

alidns-webhook

Cert-manager ACME DNS webhook provider for alidns.

Install

Install cert manager

Please find document here: https://cert-manager.io/docs/installation/kubernetes/

Install webhook (Cert manager v0.11 and above)

  1. Install alidns-webhook
# Install alidns-webhook to cert-manager namespace. 
kubectl apply -f https://raw.githubusercontent.com/pragkent/alidns-webhook/master/deploy/bundle.yaml
  1. Create secret contains alidns credentials
apiVersion: v1
kind: Secret
metadata:
  name: alidns-secret
  namespace: cert-manager
data:
  access-key: YOUR_ACCESS_KEY
  secret-key: YOUR_SECRET_KEY
  1. Example Issuer
apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
  name: letsencrypt-staging
spec:
  acme:
    # Change to your letsencrypt email
    email: [email protected]
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
      name: letsencrypt-staging-account-key
    solvers:
    - dns01:
        webhook:
          groupName: acme.yourcompany.com
          solverName: alidns
          config:
            region: ""
            accessKeySecretRef:
              name: alidns-secret
              key: access-key
            secretKeySecretRef:
              name: alidns-secret
              key: secret-key
  1. Issue a certificate
apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
  name: example-tls
spec:
  secretName: example-com-tls
  commonName: example.com
  dnsNames:
  - example.com
  - "*.example.com"
  issuerRef:
    name: letsencrypt-staging
    kind: ClusterIssuer

Install webhook (Cert manager prior to v0.11)

  1. Install alidns-webhook
# Install alidns-webhook to cert-manager namespace. 
kubectl apply -f https://raw.githubusercontent.com/pragkent/alidns-webhook/master/deploy/legacy.yaml
  1. Create secret contains alidns credentials
apiVersion: v1
kind: Secret
metadata:
  name: alidns-secret
  namespace: cert-manager
data:
  access-key: YOUR_ACCESS_KEY
  secret-key: YOUR_SECRET_KEY
  1. Example Issuer
apiVersion: certmanager.k8s.io/v1alpha1
kind: ClusterIssuer
metadata:
  name: letsencrypt-staging
spec:
  acme:
    email: [email protected]
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
      name: letsencrypt-staging-account-key
    solvers:
    - dns01:
        webhook:
          groupName: acme.yourcompany.com
          solverName: alidns
          config:
            region: ""
            accessKeySecretRef:
              name: alidns-secret
              key: access-key
            secretKeySecretRef:
              name: alidns-secret
              key: secret-key
  1. Issue a certificate
apiVersion: certmanager.k8s.io/v1alpha1
kind: Certificate
metadata:
  name: example-tls
spec:
  secretName: example-com-tls
  commonName: example.com
  dnsNames:
  - example.com
  - "*.example.com"
  issuerRef:
    name: letsencrypt-staging
    kind: ClusterIssuer

Development

Running the test suite

  1. Edit testdata/alidns/alidns-secret.yaml and testdata/alidns/config.json.

  2. Run test suites:

$ ./scripts/fetch-test-binaries.sh
$ TEST_ZONE_NAME=example.com go test .

More Repositories

1

aliyun-disk

Aliyun Disk Kubernetes FlexVolume Driver
Go
3
star
2

hydra-wework

Hydra consent app based on wework and hydra warden group api
Go
2
star
3

logbox

A pragmatic C++ logging library
C++
2
star
4

vimfiles

My vim configuration
Vim Script
1
star