From 77b5fda6fb256781ea01eda5cc69a60b86896423 Mon Sep 17 00:00:00 2001 From: Daniel Date: Tue, 27 Feb 2018 21:45:13 -0500 Subject: [PATCH 1/3] README: Add example 'ip' in example API config. `acme-dns` supports binding the API to a specific interface instead of all interfaces by providing an `ip` address in the `[api]` configuration section. Prior to this commit the `ip` field wasn't shown in the example configuration in the README. This commit adds an example showing how to configure `acme-dns` to listen only on `127.0.0.1` to the example config and describes what the default value (`""`) does. --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 54f0090..f70df08 100644 --- a/README.md +++ b/README.md @@ -188,6 +188,8 @@ connection = "acme-dns.db" api_domain = "" # autocert HTTP port, eg. 80 for answering Let's Encrypt HTTP-01 challenges. Mandatory if using tls = "letsencrypt". autocert_port = "80" +# listen ip, default "" listens on all interfaces/addresses +ip = "127.0.0.1" # listen port, eg. 443 for default HTTPS port = "8080" # possible values: "letsencrypt", "cert", "none" From 11c852ee91f0217b675e77f3129ee182ac0e9b17 Mon Sep 17 00:00:00 2001 From: Daniel McCarney Date: Wed, 28 Feb 2018 13:38:44 -0500 Subject: [PATCH 2/3] README: simplify installation instructions with `go get`. (#41) * README: simplify installation instructions with `go get`. Prior to this commit the installation instructions in the README had you use `git clone` and then `go build`. This can be collapsed into one step using a more idiomatic `go get` command. This commit updates the README accordingly. * Also mention supported config file locations * Fix go get URL --- README.md | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index f70df08..6441913 100644 --- a/README.md +++ b/README.md @@ -110,13 +110,11 @@ Check out how in the INSTALL section. 1) Install [Go 1.9 or newer](https://golang.org/doc/install) -2) Clone this repo: `git clone https://github.com/joohoi/acme-dns $GOPATH/src/acme-dns` +2) Install acme-dns: `go get github.com/joohoi/acme-dns/...` -3) Build ACME-DNS: `go build` +3) Edit config.cfg to suit your needs (see [configuration](#configuration)). `acme-dns` will read the configuration file from `/etc/acme-dns/config.cfg` or `./config.cfg` -4) Edit config.cfg to suit your needs (see [configuration](#configuration)) - -5) Run acme-dns. Please note that acme-dns needs to open a privileged port (53, domain), so it needs to be run with elevated privileges. +4) Run acme-dns. Please note that acme-dns needs to open a privileged port (53, domain), so it needs to be run with elevated privileges. ## Using Docker From 9a908d7d6b6f96715888d78436c28e6d440116cf Mon Sep 17 00:00:00 2001 From: Joona Hoikkala Date: Thu, 1 Mar 2018 16:53:38 +0200 Subject: [PATCH 3/3] Log IP address that we're matching against allowFrom values stored in the DB (#46) * Add logging for IP matching * Fix typo --- acmetxt.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/acmetxt.go b/acmetxt.go index 8584017..7b20c02 100644 --- a/acmetxt.go +++ b/acmetxt.go @@ -5,6 +5,7 @@ import ( "net" "github.com/satori/go.uuid" + log "github.com/sirupsen/logrus" ) // ACMETxt is the default structure for the user controlled record @@ -47,6 +48,7 @@ func (a ACMETxt) allowedFrom(ip string) bool { if len(a.AllowFrom.ValidEntries()) == 0 { return true } + log.WithFields(log.Fields{"ip": remoteIP}).Debug("Checking if update is permitted from IP") for _, v := range a.AllowFrom.ValidEntries() { _, vnet, _ := net.ParseCIDR(v) if vnet.Contains(remoteIP) {