github.com/StackExchange/DNSControl@v0.2.8/pkg/acme/checkDns.go

github.com/StackExchange/DNSControl@v0.2.8/pkg/acme/checkDns.go (about)

     1  package acme
     2  
     3  import (
     4  	"log"
     5  	"time"
     6  
     7  	"github.com/xenolf/lego/acme"
     8  )
     9  
    10  var acmePreCheck = acme.PreCheckDNS
    11  
    12  func (c *certManager) preCheckDNS(fqdn, value string) (bool, error) {
    13  	// default record verification in the client library makes sure the authoritative nameservers
    14  	// have the expected records.
    15  	// Sometimes the Let's Encrypt verification fails anyway because records have not propagated the provider's network fully.
    16  	// So we add an additional 20 second sleep just for safety.
    17  	v, err := acmePreCheck(fqdn, value)
    18  	if err != nil {
    19  		return v, err
    20  	}
    21  	if !c.waitedOnce {
    22  		log.Printf("DNS ok. Waiting another 20s to ensure stability.")
    23  		time.Sleep(20 * time.Second)
    24  		c.waitedOnce = true
    25  	}
    26  	log.Printf("DNS records seem to exist. Proceeding to request validation")
    27  	return v, err
    28  }
    29  
    30  // Timeout increases the client-side polling check time to five minutes with one second waits in-between.
    31  func (c *certManager) Timeout() (timeout, interval time.Duration) {
    32  	return 5 * time.Minute, time.Second
    33  }