Page MenuHomePhabricator
Create Task
Maniphest T194965

gdnsd plugin support for ACME DNS challenges
Closed, ResolvedPublic
Actions

Description

While working on gdnsd-3.x anyways (in support of other upcoming WMF needs), should add all the necessary infrastructure/code to support ACME DNS challenges, most likely in the form of generic custom TXT record outputs from a watched disk file. Possibly should have a pushed trigger mechanism for syncing remote challenge updates quickly.

Related Objects
Search...

Event Timeline

BBlack triaged this task as Medium priority.May 18 2018, 3:59 PM
BBlack created this task.
StjnVMF renamed this task from gdnsd plugin support for ACME DNS challenges to unban reguyla.May 18 2018, 5:24 PM
StjnVMF updated the task description. (Show Details)
Paladox renamed this task from unban reguyla to gdnsd plugin support for ACME DNS challenge.May 18 2018, 5:26 PM
Paladox renamed this task from gdnsd plugin support for ACME DNS challenge to gdnsd plugin support for ACME DNS challenges.
Paladox updated the task description. (Show Details)
EddieGP subscribed.May 18 2018, 6:00 PM
ema moved this task from Backlog to Some old column on the Traffic board.May 22 2018, 8:32 AM
Vvjjkkii renamed this task from gdnsd plugin support for ACME DNS challenges to mrcaaaaaaa.Jul 1 2018, 1:09 AM
Vvjjkkii removed BBlack as the assignee of this task.
Vvjjkkii raised the priority of this task from Medium to High.
Vvjjkkii added projects: CheckUser, Connected-Open-Heritage-Batch-uploads (RAÄ-KMB_1_2017-02), Tamil-Sites, Gamepress, Hashtags, Jade, KartoEditor, Language-2018-Apr-June, New-Editor-Experiences, Mail, TCB-Team (now WMDE-TechWish).
Vvjjkkii updated the task description. (Show Details)
Vvjjkkii removed a subscriber: Aklapper.
CommunityTechBot renamed this task from mrcaaaaaaa to gdnsd plugin support for ACME DNS challenges.Jul 2 2018, 4:57 AM
CommunityTechBot assigned this task to BBlack.
CommunityTechBot lowered the priority of this task from High to Medium.
CommunityTechBot updated the task description. (Show Details)
CommunityTechBot removed projects: TCB-Team (now WMDE-TechWish), Mail, New-Editor-Experiences, Language-2018-Apr-June, KartoEditor, Jade, Hashtags, Gamepress, Tamil-Sites, Connected-Open-Heritage-Batch-uploads (RAÄ-KMB_1_2017-02), CheckUser.
CommunityTechBot added a subscriber: Aklapper.
Krenair mentioned this in T182927: Get letsencrypt wildcard cert for *.beta.wmflabs.org domains.Jul 8 2018, 7:48 PM
Krenair added a comment.Sep 12 2018, 1:13 PM

Status: @BBlack has written support into gdnsd in https://github.com/gdnsd/gdnsd/commit/db7fff10b005b951890fa4ff7c843a1e37bbdc58 (as well as a follow up or two) and I've made https://gerrit.wikimedia.org/r/#/c/operations/puppet/+/459809/

BBlack closed this task as Resolved.Sep 25 2018, 4:58 PM

Beta releases of gdnsd (supporting this new feature) have been stable on our production authdns since mid-last-week. The code hasn't been released officially as gdnsd-3.x for the rest of the world yet, but we're done here in terms of feature blockers in production practice.

Krenair mentioned this in T199711: Deploy a scalable service for ACME (LetsEncrypt) certificate management.Sep 26 2018, 4:15 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL