[pbs-devel] [PATCH proxmox-backup 0/2] acme: add sleep for dns record propagation

all lists on lists.proxmox.com
 help / color / mirror / Atom feed

* [pbs-devel] [PATCH proxmox-backup 0/2] acme: add sleep for dns record propagation
@ 2021-06-28 16:27 Stoiko Ivanov
  2021-06-28 16:27 ` [pbs-devel] [PATCH proxmox-backup 1/2] config: acme: make validation_delay crate public Stoiko Ivanov
  2021-06-28 16:27 ` [pbs-devel] [PATCH proxmox-backup 2/2] acme: plugin: add sleep for dns propagation Stoiko Ivanov
  0 siblings, 2 replies; 4+ messages in thread
From: Stoiko Ivanov @ 2021-06-28 16:27 UTC (permalink / raw)
  To: pbs-devel

The issue was brought up in our community forum:
https://forum.proxmox.com/threads/acme-configuration-via-gui.91381/

While I could not directly reproduce it (writing to a pdns-database is
faster than waiting on cloud-flare to propagate their records) I
compared the task-log to the one from PMG.

The use of tokio::time::sleep was taken from the other delays in
api2::node::certificate, for the rest I mostly trusted the compiler
warnings and rustfmt.

Stoiko Ivanov (2):
  config: acme: make validation_delay crate public
  acme: plugin: add sleep for dns propagation

 src/acme/plugin.rs        | 8 ++++++++
 src/config/acme/plugin.rs | 2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)

-- 
2.20.1





^ permalink raw reply	[flat|nested] 4+ messages in thread

* [pbs-devel] [PATCH proxmox-backup 1/2] config: acme: make validation_delay crate public
  2021-06-28 16:27 [pbs-devel] [PATCH proxmox-backup 0/2] acme: add sleep for dns record propagation Stoiko Ivanov
@ 2021-06-28 16:27 ` Stoiko Ivanov
  2021-06-28 16:27 ` [pbs-devel] [PATCH proxmox-backup 2/2] acme: plugin: add sleep for dns propagation Stoiko Ivanov
  1 sibling, 0 replies; 4+ messages in thread
From: Stoiko Ivanov @ 2021-06-28 16:27 UTC (permalink / raw)
  To: pbs-devel

we need the setting in acme::plugin.

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
---
 src/config/acme/plugin.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/config/acme/plugin.rs b/src/config/acme/plugin.rs
index 759b9a33..2e22ab77 100644
--- a/src/config/acme/plugin.rs
+++ b/src/config/acme/plugin.rs
@@ -72,7 +72,7 @@ pub struct DnsPluginCore {
     ///
     /// Allows to cope with long TTL of DNS records.
     #[serde(skip_serializing_if = "Option::is_none", default)]
-    validation_delay: Option<u32>,
+    pub(crate) validation_delay: Option<u32>,
 
     /// Flag to disable the config.
     #[serde(skip_serializing_if = "Option::is_none", default)]
-- 
2.20.1





^ permalink raw reply	[flat|nested] 4+ messages in thread

* [pbs-devel] [PATCH proxmox-backup 2/2] acme: plugin: add sleep for dns propagation
  2021-06-28 16:27 [pbs-devel] [PATCH proxmox-backup 0/2] acme: add sleep for dns record propagation Stoiko Ivanov
  2021-06-28 16:27 ` [pbs-devel] [PATCH proxmox-backup 1/2] config: acme: make validation_delay crate public Stoiko Ivanov
@ 2021-06-28 16:27 ` Stoiko Ivanov
  2021-06-28 17:01   ` Thomas Lamprecht
  1 sibling, 1 reply; 4+ messages in thread
From: Stoiko Ivanov @ 2021-06-28 16:27 UTC (permalink / raw)
  To: pbs-devel

the dns plugin config allow for a specified amount of time to wait for
the TXT record to be set and propagated through DNS.

This patch adds a sleep for this amount of time.
The log message was taken from the perl implementation in proxmox-acme
for consistency.

Tested with the powerdns plugin in my test setup.

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
---
 src/acme/plugin.rs | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/acme/plugin.rs b/src/acme/plugin.rs
index 5e0e547a..96f64b7d 100644
--- a/src/acme/plugin.rs
+++ b/src/acme/plugin.rs
@@ -2,6 +2,7 @@ use std::future::Future;
 use std::pin::Pin;
 use std::process::Stdio;
 use std::sync::Arc;
+use std::time::Duration;
 
 use anyhow::{bail, format_err, Error};
 use hyper::{Body, Request, Response};
@@ -168,6 +169,13 @@ impl DnsPlugin {
             );
         }
 
+        let validation_delay = self.core.validation_delay.unwrap_or(30) as u64;
+        task.log(format!(
+            "Sleeping {} seconds to wait for TXT record propagation",
+            validation_delay
+        ));
+        tokio::time::sleep(Duration::from_secs(validation_delay)).await;
+
         Ok(&challenge.url)
     }
 }
-- 
2.20.1





^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [pbs-devel] [PATCH proxmox-backup 2/2] acme: plugin: add sleep for dns propagation
  2021-06-28 16:27 ` [pbs-devel] [PATCH proxmox-backup 2/2] acme: plugin: add sleep for dns propagation Stoiko Ivanov
@ 2021-06-28 17:01   ` Thomas Lamprecht
  0 siblings, 0 replies; 4+ messages in thread
From: Thomas Lamprecht @ 2021-06-28 17:01 UTC (permalink / raw)
  To: Proxmox Backup Server development discussion, Stoiko Ivanov

"fix #3496: ..." 

On 28.06.21 18:27, Stoiko Ivanov wrote:
> the dns plugin config allow for a specified amount of time to wait for
> the TXT record to be set and propagated through DNS.
> 
> This patch adds a sleep for this amount of time.
> The log message was taken from the perl implementation in proxmox-acme
> for consistency.
> 
> Tested with the powerdns plugin in my test setup.
> 
> Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
> ---
>  src/acme/plugin.rs | 8 ++++++++
>  1 file changed, 8 insertions(+)
> 
> diff --git a/src/acme/plugin.rs b/src/acme/plugin.rs
> index 5e0e547a..96f64b7d 100644
> --- a/src/acme/plugin.rs
> +++ b/src/acme/plugin.rs
> @@ -2,6 +2,7 @@ use std::future::Future;
>  use std::pin::Pin;
>  use std::process::Stdio;
>  use std::sync::Arc;
> +use std::time::Duration;
>  
>  use anyhow::{bail, format_err, Error};
>  use hyper::{Body, Request, Response};
> @@ -168,6 +169,13 @@ impl DnsPlugin {
>              );
>          }
>  
> +        let validation_delay = self.core.validation_delay.unwrap_or(30) as u64;

misses the `if validation_delay > 0 {` for consistency with PVE and PMG.

> +        task.log(format!(
> +            "Sleeping {} seconds to wait for TXT record propagation",
> +            validation_delay
> +        ));
> +        tokio::time::sleep(Duration::from_secs(validation_delay)).await;
> +

This now adds the delay on every action, not only on "setup" like in PVE/PMG - makes
no sense to do so for teardown...

>          Ok(&challenge.url)
>      }
>  }
> 





^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2021-06-28 17:02 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-28 16:27 [pbs-devel] [PATCH proxmox-backup 0/2] acme: add sleep for dns record propagation Stoiko Ivanov
2021-06-28 16:27 ` [pbs-devel] [PATCH proxmox-backup 1/2] config: acme: make validation_delay crate public Stoiko Ivanov
2021-06-28 16:27 ` [pbs-devel] [PATCH proxmox-backup 2/2] acme: plugin: add sleep for dns propagation Stoiko Ivanov
2021-06-28 17:01   ` Thomas Lamprecht

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.

Service provided by Proxmox Server Solutions GmbH | Privacy | Legal