feat: domain config add disable follow CNAME #228

2025-07-19 01:41:55 +08:00 · 2024-10-20 23:27:42 +08:00 · 2024-10-20 23:27:42 +08:00 · 2c75d2bfde
commit 2c75d2bfde
parent ec6f10053a
2 changed files with 29 additions and 17 deletions
--- a/internal/applicant/applicant.go
+++ b/internal/applicant/applicant.go
@ -7,6 +7,7 @@ import (
 	"crypto/rand"
 	"errors"
 	"fmt"
+	"os"
 	"strings"

 	"github.com/usual2970/certimate/internal/domain"
@ -63,12 +64,13 @@ type Certificate struct {
 }

 type ApplyOption struct {
-	Email        string `json:"email"`
-	Domain       string `json:"domain"`
-	Access       string `json:"access"`
-	KeyAlgorithm string `json:"keyAlgorithm"`
-	Nameservers  string `json:"nameservers"`
-	Timeout      int64  `json:"timeout"`
+	Email              string `json:"email"`
+	Domain             string `json:"domain"`
+	Access             string `json:"access"`
+	KeyAlgorithm       string `json:"keyAlgorithm"`
+	Nameservers        string `json:"nameservers"`
+	Timeout            int64  `json:"timeout"`
+	DisableFollowCNAME bool   `json:"disableFollowCNAME"`
 }

 type ApplyUser struct {
@ -115,12 +117,13 @@ func Get(record *models.Record) (Applicant, error) {
 	}

 	option := &ApplyOption{
-		Email:        applyConfig.Email,
-		Domain:       record.GetString("domain"),
-		Access:       access.GetString("config"),
-		KeyAlgorithm: applyConfig.KeyAlgorithm,
-		Nameservers:  applyConfig.Nameservers,
-		Timeout:      applyConfig.Timeout,
+		Email:              applyConfig.Email,
+		Domain:             record.GetString("domain"),
+		Access:             access.GetString("config"),
+		KeyAlgorithm:       applyConfig.KeyAlgorithm,
+		Nameservers:        applyConfig.Nameservers,
+		Timeout:            applyConfig.Timeout,
+		DisableFollowCNAME: applyConfig.DisableFollowCNAME,
 	}

 	switch access.GetString("configType") {
@ -177,6 +180,14 @@ func apply(option *ApplyOption, provider challenge.Provider) (*Certificate, erro
 		return nil, err
 	}

+	// Some unified lego environment variables are configured here.
+	disableFCNAME := "false"
+	if option.DisableFollowCNAME {
+		disableFCNAME = "true"
+	}
+	// link: https://github.com/go-acme/lego/issues/1867
+	os.Setenv("LEGO_DISABLE_CNAME_SUPPORT", disableFCNAME)
+
 	myUser := ApplyUser{
 		Email: option.Email,
 		key:   privateKey,
--- a/internal/domain/domains.go
+++ b/internal/domain/domains.go
@ -1,11 +1,12 @@
 package domain

 type ApplyConfig struct {
-	Email        string `json:"email"`
-	Access       string `json:"access"`
-	KeyAlgorithm string `json:"keyAlgorithm"`
-	Nameservers  string `json:"nameservers"`
-	Timeout      int64  `json:"timeout"`
+	Email              string `json:"email"`
+	Access             string `json:"access"`
+	KeyAlgorithm       string `json:"keyAlgorithm"`
+	Nameservers        string `json:"nameservers"`
+	Timeout            int64  `json:"timeout"`
+	DisableFollowCNAME bool   `json:"disableFollowCNAME"`
 }

 type DeployConfig struct {