Skip to content

Instantly share code, notes, and snippets.

@leeyc0
Created March 28, 2023 03:28
Show Gist options
  • Save leeyc0/4f0de26534e2ee11927e011654c19009 to your computer and use it in GitHub Desktop.
Save leeyc0/4f0de26534e2ee11927e011654c19009 to your computer and use it in GitHub Desktop.
patch certbos-dns-desec to follow CNAME
--- dns_desec.py.orig 2023-03-28 01:02:32.038446830 +0000
+++ dns_desec.py 2023-03-28 01:04:20.900591910 +0000
@@ -4,6 +4,7 @@
import time
import requests
+import dns.resolver
from certbot import interfaces
try:
# needed for compatibility with older certbots, see #13
@@ -41,6 +42,8 @@
def __init__(self, *args, **kwargs):
super(Authenticator, self).__init__(*args, **kwargs)
self.credentials = None
+ self.resolver = dns.resolver.Resolver(configure = False)
+ self.resolver.nameservers = ["8.8.8.8"]
@classmethod
def add_parser_arguments(cls, add): # pylint: disable=arguments-differ
@@ -66,6 +69,7 @@
def _desec_work(self, domain, validation_name, validation, set_operator):
client = self._get_desec_client()
+ validation_name = self.resolver.canonical_name(validation_name).to_text().rstrip(".")
zone = client.get_authoritative_zone(validation_name)
subname = validation_name.rsplit(zone['name'], 1)[0].rstrip('.')
records = client.get_txt_rrset(zone, subname)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment