From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <meissner@b1-systems.de>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id B82AB807A6
 for <pve-devel@lists.proxmox.com>; Thu, 18 Nov 2021 09:51:45 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 9A86217E4D
 for <pve-devel@lists.proxmox.com>; Thu, 18 Nov 2021 09:51:15 +0100 (CET)
Received: from mx2.b1-systems.de (mx2.b1-systems.de [159.69.135.53])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id 7518317E3D
 for <pve-devel@lists.proxmox.com>; Thu, 18 Nov 2021 09:51:14 +0100 (CET)
To: Thomas Lamprecht <t.lamprecht@proxmox.com>,
 Proxmox VE development discussion <pve-devel@lists.proxmox.com>
References: <20211117080301.50468-1-meissner@b1-systems.de>
 <37e5ab74-119b-8839-3da8-2fd9eb72f580@proxmox.com>
From: =?UTF-8?Q?Jens_Mei=c3=9fner?= <meissner@b1-systems.de>
Message-ID: <b869de82-6c08-f650-3a5e-1b78d059f01c@b1-systems.de>
Date: Thu, 18 Nov 2021 09:50:57 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
 Thunderbird/68.12.0
MIME-Version: 1.0
In-Reply-To: <37e5ab74-119b-8839-3da8-2fd9eb72f580@proxmox.com>
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="SpZD2VyI08adgcCppWc5ICehIT5i7phJT"
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.504 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 NICE_REPLY_A           -1.009 Looks like a legit reply (A)
 SPF_HELO_PASS          -0.001 SPF: HELO matches SPF record
 SPF_PASS               -0.001 SPF: sender matches SPF record
Subject: Re: [pve-devel] [PATCH] Add DNS challenge schema for knot.
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Thu, 18 Nov 2021 08:51:45 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--SpZD2VyI08adgcCppWc5ICehIT5i7phJT
Content-Type: multipart/mixed; boundary="ENMeU7WJP0uWi2ZDBgGJXPtRIqGfizqLs"

--ENMeU7WJP0uWi2ZDBgGJXPtRIqGfizqLs
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable

Am 17.11.21 um 17:27 schrieb Thomas Lamprecht:
> looks OK in general, one question inline...
>=20
> On 17.11.21 09:03, Jens Mei=C3=9Fner wrote:
>> Signed-off-by: Jens Mei=C3=9Fner <meissner@b1-systems.de>
>> ---
>>  src/dns-challenge-schema.json | 19 ++++++++++++++++++-
>>  1 file changed, 18 insertions(+), 1 deletion(-)
>>
>> diff --git a/src/dns-challenge-schema.json b/src/dns-challenge-schema.=
json
>> index a3a3ebc..d194701 100644
>> --- a/src/dns-challenge-schema.json
>> +++ b/src/dns-challenge-schema.json
>> @@ -211,7 +211,24 @@
>>     },
>>     "kas" : {},
>>     "kinghost" : {},
>> -   "knot" : {},
>> +   "knot" : {
>> +      "fields" : {
>> +         "KNOT_SERVER" : {
>> +            "description" : "Hostname of the RFC 2136 compatible name=
server",
>> +            "type" : "string"
>> +         },
>> +         "KNOT_KEY" : {
>> +            "description" : "TSIG key (format alg:name:key)",
>> +            "type" : "string"
>> +         },
>> +         "KNOT_ZONE" : {
>=20
> I did not find this variable being used anywhere in the acme.sh knot pl=
ugin[0], there's
> only KNOT_SERVER and KNOT_KEY being accessed, so what's up with that on=
e?
>=20
> [1] https://git.proxmox.com/?p=3Dmirror_acme.sh.git;a=3Dblob;f=3Ddnsapi=
/dns_knot.sh;hb=3D3.0.1

Hm, the parameter is documented but not used in code:
https://github.com/acmesh-official/acme.sh/wiki/dnsapi#19-use-knot-knsupd=
ate-dns-api-to-automatically-issue-cert

I sent an updated patch without it.

>> +            "description" : "DNS zone name (optional)",
>> +            "optional" : 1,
>> +            "type" : "string"
>> +         }
>> +      },
>> +      "name" : "Knot / knsupdate (RFC 2136)"
>> +   },
>>     "leaseweb" : {},
>>     "lexicon" : {},
>>     "linode" : {},


--ENMeU7WJP0uWi2ZDBgGJXPtRIqGfizqLs--

--SpZD2VyI08adgcCppWc5ICehIT5i7phJT
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.2.32 (GNU/Linux)

iHUEARMIAB0WIQQzmwJ49aeidB/S7d2cltrwmsD8SAUCYZYT8gAKCRCcltrwmsD8
SKxmAP0R2+61w02bhJ/AhjZy9N4E0h3OVyJcwx0RRD+Kleye9wD+JUrQjIJH2vHI
eix2unWklb6A5pD4dBlQebrXwSJd/5Y=
=u8jD
-----END PGP SIGNATURE-----

--SpZD2VyI08adgcCppWc5ICehIT5i7phJT--