cert-manager-webhook-loopia is an ACME webhook for Cert-Manager that allows for Cert-Manager to use DNS-01 challenge against the Loopia DNS.
License: Apache License 2.0
I am getting the following issue which maybe related to puzzle/cert-manager-webhook-dnsimple#8 (comment).
I am quite sure secret loopia-mydomain-issuer-credentials exists on namespace cert-manager.
I1004 09:49:13.709848 1 dns.go:88] cert-manager/controller/challenges/Present "msg"="presenting DNS01 challenge for domain" "dnsName"="staging.mydomain.com" "domain"="staging.mydomain.com" "resource_kind"="Challenge" "resource_name"="staging-mydomain-com-nnw2b-1608050242-1242144700" "resource_namespace"="default" "resource_version"="v1" "type"="DNS-01"
E1004 09:49:13.969132 1 controller.go:163] cert-manager/controller/challenges "msg"="re-queuing item due to error processing" "error"="unable to get credential: failed to load secret \"cert-manager/loopia-mydomain-issuer-credentials\": secrets \"loopia-mydomain-issuer-credentials\" is forbidden: User \"system:serviceaccount:cert-manager:cert-manager-webhook-loopia\" cannot get resource \"secrets\" in API group \"\" in the namespace \"cert-manager\"" "key"="default/staging-mydomain-com-nnw2b-1608050242-1242144700"
$ kubectl get secret loopia-mydomain-issuer-credentials --namespace=cert-manager
NAME TYPE DATA AGE
loopia-mydomain-issuer-credentials Opaque 2 16m
k3s version v1.21.5+k3s1 (acad8ef8)
go version go1.16.8
It appears the loopia-go library is broken at the moment, see my PR at jonlil/loopia-go#14
I got it to work by building my own version with this patch applied.
This is (most likely) also the cause of issue #5
Hi!
Been following the guide but seem to get stuck when the challenge is created:
Solver:
dns01:
Webhook:
Config:
Password Secret Key Ref:
Key: password
Name: loopia-credentials
Namespace: adguard
Username Secret Key Ref:
Key: username
Name: loopia-credentials
Namespace: adguard
Group Name: acme.webhook.loopia.com
Solver Name: loopia
Token: xxxx
Type: DNS-01
URL: https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/xxxx
Wildcard: false
Status:
Presented: false
Processing: true
Reason: unexpected error: txt-record was not created:
State: pending
Events:
Type Reason Age From Message
Normal Started 13m cert-manager Challenge scheduled for processing
Warning PresentError 3m24s (x8 over 13m) cert-manager Error presenting challenge: unexpected error: txt-record was not created:
I have created a "parked" sub dns called adguard.mydomain.com. Do I need to add some data to this record?
Best,
Filip
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.