starred/godoxy-yusing
1
0
Fork 0
mirror of https://github.com/yusing/godoxy.git synced 2026-01-14 07:33:36 +01:00
Code Issues 18 Packages Projects Releases 10 Wiki Activity

Fail to add DuckDns provider to autocert #5

New Issue
Closed
opened 2025-12-29 14:22:20 +01:00 by adam · 5 comments
adam commented 2025-12-29 14:22:20 +01:00
Owner
Copy Link

Originally created by @earvingad on GitHub (Apr 4, 2024).

Hello,

Modified autocert.go by adding duckdns provider as follow:

import (
    ....
    "github.com/go-acme/lego/v4/providers/dns/duckdns"
)
----snip----
var providersGenMap = map[string]ProviderGenerator{
	"cloudflare": providerGenerator(cloudflare.NewDefaultConfig, cloudflare.NewDNSProviderConfig),
        "clouddns": providerGenerator(clouddns.NewDefaultConfig, clouddns.NewDNSProviderConfig),
	"duckdns": providerGenerator(duckdns.NewDefaultConfig, duckdns.NewDNSProviderConfig),
}

Run make build and it compiles successfully.

Config:

autocert: # (optional, if you need autocert feature)
  email: "user@domain.com" # (required) email for acme certificate
  domains: # (required)
    - "*.server.duckdns.org" # domain for acme certificate, use wild card to allow all subdomains
  provider: duckdns # (required) dns challenge provider (string)
  options: # provider specific options
    DUCKDNS_TOKEN: "<----token--->"

Error after running bin/go-proxy

FATA[04-04 19:57:43] invalid config
  -   validation error
  - I[#/autocert] S[#/properties/autocert/anyOf] anyOf failed
  I[#/autocert/provider] S[#/properties/autocert/anyOf/0/properties/provider/const] value must be "cloudflare"  component=config
Originally created by @earvingad on GitHub (Apr 4, 2024). Hello, Modified autocert.go by adding duckdns provider as follow: ```go import ( .... "github.com/go-acme/lego/v4/providers/dns/duckdns" ) ----snip---- var providersGenMap = map[string]ProviderGenerator{ "cloudflare": providerGenerator(cloudflare.NewDefaultConfig, cloudflare.NewDNSProviderConfig), "clouddns": providerGenerator(clouddns.NewDefaultConfig, clouddns.NewDNSProviderConfig), "duckdns": providerGenerator(duckdns.NewDefaultConfig, duckdns.NewDNSProviderConfig), } ``` Run `make build` and it compiles successfully. Config: ```yml autocert: # (optional, if you need autocert feature) email: "user@domain.com" # (required) email for acme certificate domains: # (required) - "*.server.duckdns.org" # domain for acme certificate, use wild card to allow all subdomains provider: duckdns # (required) dns challenge provider (string) options: # provider specific options DUCKDNS_TOKEN: "<----token--->" ``` Error after running `bin/go-proxy` ```shell FATA[04-04 19:57:43] invalid config - validation error - I[#/autocert] S[#/properties/autocert/anyOf] anyOf failed I[#/autocert/provider] S[#/properties/autocert/anyOf/0/properties/provider/const] value must be "cloudflare" component=config ```
adam closed this issue 2025-12-29 14:22:20 +01:00
adam commented 2025-12-29 14:22:21 +01:00
Author
Owner
Copy Link

@yusing commented on GitHub (Apr 5, 2024):

Hi, please remove line 27, 41-52 from schema/config.schema.json then try again.

This is an error message from schema validator.

@yusing commented on GitHub (Apr 5, 2024): Hi, please remove line 27, 41-52 from [schema/config.schema.json](https://github.com/yusing/go-proxy/blob/main/schema/config.schema.json#L27) then try again. This is an error message from schema validator.
adam commented 2025-12-29 14:22:21 +01:00
Author
Owner
Copy Link

@yusing commented on GitHub (Apr 5, 2024):

For duckdns, it should be token: instead of DUCKDNS_TOKEN, according to this file.

I will update the README for this, and may support DUCKDNS_TOKEN like environment variable style options

@yusing commented on GitHub (Apr 5, 2024): For duckdns, it should be `token:` instead of `DUCKDNS_TOKEN`, according to [this file](https://github.com/go-acme/lego/blob/master/providers/dns/duckdns/duckdns.go#L31). I will update the README for this, and may support `DUCKDNS_TOKEN` like environment variable style options
adam commented 2025-12-29 14:22:21 +01:00
Author
Owner
Copy Link

@earvingad commented on GitHub (Apr 5, 2024):

Hi, please remove line 27, 41-52 from schema/config.schema.json then try again.

This is an error message from schema validator.

yes, after deleting the lines it is working now!!

For duckdns, it should be token: instead of DUCKDNS_TOKEN, according to this file.

I will update the README for this, and may support DUCKDNS_TOKEN like environment variable style options

You were right, it got the tls certificate in just a moment! this is veeeery simple to set up! Thanks a lot!

I dont think there is the need to support DUCKDNS_TOKEN just token is understandable. Same case for clouddns_client_id just as the docs say clien_idis enough it was my confusion.

Config for duckdns:

autocert: # (optional, if you need autocert feature)
  email: "user@domain.com" # (required) email for acme certificate
  domains: # (required)
    - "*.<-domain name->.duckdns.org" # domain for acme certificate, use wild card to allow all subdomain
  provider: duckdns # (required) dns challenge provider (string)
  options: # provider specific options
    token: "<--Token-->"

2024/04/05 00:08:49 [INFO] acme: Registering account for user@domain.com
2024/04/05 00:08:50 [INFO] [*.server.duckdns.org] acme: Obtaining bundled SAN certificate
2024/04/05 00:08:52 [INFO] [*.server.duckdns.org] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/334657148027
2024/04/05 00:08:52 [INFO] [*.server.duckdns.org] acme: use dns-01 solver
2024/04/05 00:08:52 [INFO] [*.server.duckdns.org] acme: Preparing to solve DNS-01
2024/04/05 00:08:52 [INFO] [*.server.duckdns.org] acme: Trying to solve DNS-01
2024/04/05 00:08:52 [INFO] [*.server.duckdns.org] acme: Checking DNS record propagation. [nameservers=127.0.0.53:53]
2024/04/05 00:08:54 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
2024/04/05 00:09:03 [INFO] [*.server.duckdns.org] The server validated our request
2024/04/05 00:09:03 [INFO] [*.server.duckdns.org] acme: Cleaning DNS-01 challenge
2024/04/05 00:09:03 [INFO] [*.server.duckdns.org] acme: Validations succeeded; requesting certificates
2024/04/05 00:09:07 [INFO] [*.server.duckdns.org] Server responded with a certificate.
INFO[04-05 00:09:07] certificate "*.server.duckdns.org": expire on 2024-07-03 23:09:03 +0000 UTC  component=autocert
INFO[04-05 00:09:07] starting http proxy server on :80
INFO[04-05 00:09:07] starting https proxy server on :443
INFO[04-05 00:09:07] starting http panel server on :8080
INFO[04-05 00:09:07] starting https panel server on :8443
INFO[04-05 00:09:07] loaded 1 proxy configurations                 name=server kind=file component=provider
INFO[04-05 00:09:07] next renewal in 71h59m59.99999848s            component=autocert
@earvingad commented on GitHub (Apr 5, 2024): > Hi, please remove line 27, 41-52 from [schema/config.schema.json](https://github.com/yusing/go-proxy/blob/main/schema/config.schema.json#L27) then try again. > > This is an error message from schema validator. yes, after deleting the lines it is working now!! > For duckdns, it should be `token:` instead of `DUCKDNS_TOKEN`, according to [this file](https://github.com/go-acme/lego/blob/master/providers/dns/duckdns/duckdns.go#L31). > > I will update the README for this, and may support `DUCKDNS_TOKEN` like environment variable style options You were right, it got the tls certificate in just a moment! this is veeeery simple to set up! Thanks a lot! I dont think there is the need to support `DUCKDNS_TOKEN` just `token` is understandable. Same case for `clouddns_client_id` just as the docs say `clien_id`is enough it was my confusion. Config for duckdns: ```yml autocert: # (optional, if you need autocert feature) email: "user@domain.com" # (required) email for acme certificate domains: # (required) - "*.<-domain name->.duckdns.org" # domain for acme certificate, use wild card to allow all subdomain provider: duckdns # (required) dns challenge provider (string) options: # provider specific options token: "<--Token-->" ``` ```shell 2024/04/05 00:08:49 [INFO] acme: Registering account for user@domain.com 2024/04/05 00:08:50 [INFO] [*.server.duckdns.org] acme: Obtaining bundled SAN certificate 2024/04/05 00:08:52 [INFO] [*.server.duckdns.org] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/334657148027 2024/04/05 00:08:52 [INFO] [*.server.duckdns.org] acme: use dns-01 solver 2024/04/05 00:08:52 [INFO] [*.server.duckdns.org] acme: Preparing to solve DNS-01 2024/04/05 00:08:52 [INFO] [*.server.duckdns.org] acme: Trying to solve DNS-01 2024/04/05 00:08:52 [INFO] [*.server.duckdns.org] acme: Checking DNS record propagation. [nameservers=127.0.0.53:53] 2024/04/05 00:08:54 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s] 2024/04/05 00:09:03 [INFO] [*.server.duckdns.org] The server validated our request 2024/04/05 00:09:03 [INFO] [*.server.duckdns.org] acme: Cleaning DNS-01 challenge 2024/04/05 00:09:03 [INFO] [*.server.duckdns.org] acme: Validations succeeded; requesting certificates 2024/04/05 00:09:07 [INFO] [*.server.duckdns.org] Server responded with a certificate. INFO[04-05 00:09:07] certificate "*.server.duckdns.org": expire on 2024-07-03 23:09:03 +0000 UTC component=autocert INFO[04-05 00:09:07] starting http proxy server on :80 INFO[04-05 00:09:07] starting https proxy server on :443 INFO[04-05 00:09:07] starting http panel server on :8080 INFO[04-05 00:09:07] starting https panel server on :8443 INFO[04-05 00:09:07] loaded 1 proxy configurations name=server kind=file component=provider INFO[04-05 00:09:07] next renewal in 71h59m59.99999848s component=autocert ```
adam commented 2025-12-29 14:22:22 +01:00
Author
Owner
Copy Link

@yusing commented on GitHub (Apr 5, 2024):

INFO[04-05 00:09:07] next renewal in 71h59m59.99999848s component=autocert

Thanks for testing it out, there is a bug that the cert will renew every 3 days, but not every N-3 days. I will fix it soon.

@yusing commented on GitHub (Apr 5, 2024): > INFO[04-05 00:09:07] next renewal in 71h59m59.99999848s component=autocert Thanks for testing it out, there is a bug that the cert will renew every 3 days, but not every N-3 days. I will fix it soon.
adam commented 2025-12-29 14:22:22 +01:00
Author
Owner
Copy Link

@earvingad commented on GitHub (Apr 5, 2024):

Yes I was about to ask you if it could be changed. Usually it should renew every two months requesting a 3 months certificate. That's the thumb rule I saw in other reverse proxies (swag or npm).

@earvingad commented on GitHub (Apr 5, 2024): Yes I was about to ask you if it could be changed. Usually it should renew every two months requesting a 3 months certificate. That's the thumb rule I saw in other reverse proxies (swag or npm).
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
enhancement
pull-request
Mirrored from GitHub Pull Request
 wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/godoxy-yusing#5
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?