feat: domain config add disable follow CNAME #228

internal/applicant/applicant.go

@@ -7,6 +7,7 @@ import (
 	"crypto/rand"
 	"errors"
 	"fmt"
+	"os"
 	"strings"
 
 	"github.com/usual2970/certimate/internal/domain"
@@ -69,6 +70,7 @@ type ApplyOption struct {
 	KeyAlgorithm       string `json:"keyAlgorithm"`
 	Nameservers        string `json:"nameservers"`
 	Timeout            int64  `json:"timeout"`
+	DisableFollowCNAME bool   `json:"disableFollowCNAME"`
 }
 
 type ApplyUser struct {
@@ -121,6 +123,7 @@ func Get(record *models.Record) (Applicant, error) {
 		KeyAlgorithm:       applyConfig.KeyAlgorithm,
 		Nameservers:        applyConfig.Nameservers,
 		Timeout:            applyConfig.Timeout,
+		DisableFollowCNAME: applyConfig.DisableFollowCNAME,
 	}
 
 	switch access.GetString("configType") {
@@ -177,6 +180,14 @@ func apply(option *ApplyOption, provider challenge.Provider) (*Certificate, erro
 		return nil, err
 	}
 
+	// Some unified lego environment variables are configured here.
+	disableFCNAME := "false"
+	if option.DisableFollowCNAME {
+		disableFCNAME = "true"
+	}
+	// link: https://github.com/go-acme/lego/issues/1867
+	os.Setenv("LEGO_DISABLE_CNAME_SUPPORT", disableFCNAME)
+
 	myUser := ApplyUser{
 		Email: option.Email,
 		key:   privateKey,

internal/domain/domains.go

@@ -6,6 +6,7 @@ type ApplyConfig struct {
 	KeyAlgorithm       string `json:"keyAlgorithm"`
 	Nameservers        string `json:"nameservers"`
 	Timeout            int64  `json:"timeout"`
+	DisableFollowCNAME bool   `json:"disableFollowCNAME"`
 }
 
 type DeployConfig struct {