starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-01-11 22:30:44 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

Add a configurable wait time between deploying and checking challenges #63

New Issue
Closed
opened 2025-12-29 00:23:55 +01:00 by adam · 4 comments
adam commented 2025-12-29 00:23:55 +01:00
Owner
Copy Link

Originally created by @loewexy on GitHub (Feb 12, 2016).

First of all thank you for your awesome software.

In my setup I am running into the problem that I have created a hook script which deploys the challenges to my master DNS server, but it takes a little while for the secondary to get the new data.
One option would be to wait for say 5 minutes in the hook script or to poll there until the secondary has the right data. But if this is done for multiple domains the job will last forever...

It would be nice if letsencrypt.sh sets all dns records via the hook script, then waits for a configurable amount of time and then tells letsencrypt to check the challenges. In this scenario the waiting time would only occure once which would be a significant imporovement.

I am not quite shure if the acme protocoll allows such a time but i can not imagine how it should work otherwise.

Another option would be that letsencrypt.sh checks the nameservers on its own but i think that would be fairly complicated.

Originally created by @loewexy on GitHub (Feb 12, 2016). First of all thank you for your awesome software. In my setup I am running into the problem that I have created a hook script which deploys the challenges to my master DNS server, but it takes a little while for the secondary to get the new data. One option would be to wait for say 5 minutes in the hook script or to poll there until the secondary has the right data. But if this is done for multiple domains the job will last forever... It would be nice if letsencrypt.sh sets all dns records via the hook script, then waits for a configurable amount of time and then tells letsencrypt to check the challenges. In this scenario the waiting time would only occure once which would be a significant imporovement. I am not quite shure if the acme protocoll allows such a time but i can not imagine how it should work otherwise. Another option would be that letsencrypt.sh checks the nameservers on its own but i think that would be fairly complicated.
adam closed this issue 2025-12-29 00:23:55 +01:00
adam commented 2025-12-29 00:23:56 +01:00
Author
Owner
Copy Link

@lukas2511 commented on GitHub (Feb 12, 2016):

I recently merged changes to allow "chaining" hooks, which basically calls all the hooks for distributing those challenges first before talking to letsencrypt.sh again. The hook syntax changes a bit and there isn't really documentation for this feature yet, but basically it just adds more parameters to the deploy_challenge hook (see https://github.com/lukas2511/letsencrypt.sh/blob/master/letsencrypt.sh#L394)

You should be able to use that (+ a sleep in your hook script) to have it working like you want it to work.

@lukas2511 commented on GitHub (Feb 12, 2016): I recently merged changes to allow "chaining" hooks, which basically calls all the hooks for distributing those challenges first before talking to letsencrypt.sh again. The hook syntax changes a bit and there isn't really documentation for this feature yet, but basically it just adds more parameters to the deploy_challenge hook (see https://github.com/lukas2511/letsencrypt.sh/blob/master/letsencrypt.sh#L394) You should be able to use that (+ a sleep in your hook script) to have it working like you want it to work.
adam commented 2025-12-29 00:23:56 +01:00
Author
Owner
Copy Link

@loewexy commented on GitHub (Feb 12, 2016):

I recognized the HOOK_CHAIN option but did not get its functionality or purpose from the docs. But this sounds like it is what I need to achive my goal. Some documentation on how this can be used would be very usefull. Thanks

@loewexy commented on GitHub (Feb 12, 2016): I recognized the HOOK_CHAIN option but did not get its functionality or purpose from the docs. But this sounds like it is what I need to achive my goal. Some documentation on how this can be used would be very usefull. Thanks
adam commented 2025-12-29 00:23:56 +01:00
Author
Owner
Copy Link

@loewexy commented on GitHub (Feb 13, 2016):

I tried the HOOK_CHAIN option and logged the arguments the hook got. It seems the right way for me, but if I am not mistaken to hook is called once for every certificate not once per every run. Therefore i would have to wait about 10 minutes per certificate instead of 10 minutes per run.

@loewexy commented on GitHub (Feb 13, 2016): I tried the HOOK_CHAIN option and logged the arguments the hook got. It seems the right way for me, but if I am not mistaken to hook is called once for every certificate not once per every run. Therefore i would have to wait about 10 minutes per certificate instead of 10 minutes per run.
adam commented 2025-12-29 00:23:56 +01:00
Author
Owner
Copy Link

@lukas2511 commented on GitHub (Feb 13, 2016):

Yes that is true, but sorry, won't change that, would require too many changes.

@lukas2511 commented on GitHub (Feb 13, 2016): Yes that is true, but sorry, won't change that, would require too many changes.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Complicated
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
 suggestions wanted
testing
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/dehydrated#63
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?