-
-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
letsencrypt: Added rfc2136_sign_query to dns-rfc2136 provider #3866
base: master
Are you sure you want to change the base?
Conversation
Add rfc2136_sign_query
Add parsing of rfc2136_sign_query
Bump version
Add rfc2136_sign_query
Add rfc2136_sign_query
📝 Walkthrough📝 WalkthroughWalkthroughThe pull request introduces version 5.2.11 of the Letsencrypt add-on, focusing on enhancing DNS configuration capabilities. A new parameter Changes
Tip CodeRabbit's docstrings feature is now available as part of our Early Access Program! Simply use the command Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 1
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (4)
letsencrypt/CHANGELOG.md
(1 hunks)letsencrypt/DOCS.md
(1 hunks)letsencrypt/config.yaml
(2 hunks)letsencrypt/rootfs/etc/cont-init.d/file-structure.sh
(1 hunks)
🧰 Additional context used
📓 Path-based instructions (3)
letsencrypt/CHANGELOG.md (6)
Pattern */**(html|markdown|md)
: - For instructional content in documentation, use a direct and authoritative tone. Avoid expressions of politeness such as 'may' or 'please', and ensure the goal of the instruction is fronted.
- Apply the Microsoft Style Guide to ensure documentation maintains clarity and conciseness.
- In step-by-step instructions, front the location phrase in the instructional sentence.
- In step-by-step instructions, front the 'goal' in the instructional sentence.
- In step-by-step instructions, if in doubt what to front, front the 'goal' before the location phrase in the instructional sentence.
- do not hyphenate terms like 'top-right' or 'bottom-left' with 'corner'
Pattern */**(html|markdown|md)
: - Use bold to mark UI strings.
- If "" are used to mark UI strings, replace them by bold.
Pattern */**(html|markdown|md)
: - Be brief in your replies and don't add fluff like "thank you for..." and "Please let me know if"
Pattern */**(html|markdown|md)
: - Use sentence-style capitalization also in headings.
Pattern */**(html|markdown|md)
: do not comment on HTML used for icons
Pattern */**(html|markdown|md)
: Avoid flagging inline HTML for embedding videos in future reviews for this repository.
letsencrypt/DOCS.md (6)
Pattern */**(html|markdown|md)
: - For instructional content in documentation, use a direct and authoritative tone. Avoid expressions of politeness such as 'may' or 'please', and ensure the goal of the instruction is fronted.
- Apply the Microsoft Style Guide to ensure documentation maintains clarity and conciseness.
- In step-by-step instructions, front the location phrase in the instructional sentence.
- In step-by-step instructions, front the 'goal' in the instructional sentence.
- In step-by-step instructions, if in doubt what to front, front the 'goal' before the location phrase in the instructional sentence.
- do not hyphenate terms like 'top-right' or 'bottom-left' with 'corner'
Pattern */**(html|markdown|md)
: - Use bold to mark UI strings.
- If "" are used to mark UI strings, replace them by bold.
Pattern */**(html|markdown|md)
: - Be brief in your replies and don't add fluff like "thank you for..." and "Please let me know if"
Pattern */**(html|markdown|md)
: - Use sentence-style capitalization also in headings.
Pattern */**(html|markdown|md)
: do not comment on HTML used for icons
Pattern */**(html|markdown|md)
: Avoid flagging inline HTML for embedding videos in future reviews for this repository.
letsencrypt/config.yaml (6)
Pattern */**(html|markdown|md)
: - For instructional content in documentation, use a direct and authoritative tone. Avoid expressions of politeness such as 'may' or 'please', and ensure the goal of the instruction is fronted.
- Apply the Microsoft Style Guide to ensure documentation maintains clarity and conciseness.
- In step-by-step instructions, front the location phrase in the instructional sentence.
- In step-by-step instructions, front the 'goal' in the instructional sentence.
- In step-by-step instructions, if in doubt what to front, front the 'goal' before the location phrase in the instructional sentence.
- do not hyphenate terms like 'top-right' or 'bottom-left' with 'corner'
Pattern */**(html|markdown|md)
: - Use bold to mark UI strings.
- If "" are used to mark UI strings, replace them by bold.
Pattern */**(html|markdown|md)
: - Be brief in your replies and don't add fluff like "thank you for..." and "Please let me know if"
Pattern */**(html|markdown|md)
: - Use sentence-style capitalization also in headings.
Pattern */**(html|markdown|md)
: do not comment on HTML used for icons
Pattern */**(html|markdown|md)
: Avoid flagging inline HTML for embedding videos in future reviews for this repository.
🔇 Additional comments (4)
letsencrypt/config.yaml (2)
2-2
: LGTM: Version bump follows semantic versioning
The version increment from 5.2.10 to 5.2.11 is appropriate for adding a new feature.
119-119
: LGTM: Schema addition is well-structured
The new rfc2136_sign_query
boolean field is properly placed with other RFC2136-related configuration options.
letsencrypt/CHANGELOG.md (1)
3-5
: LGTM: Changelog entry is clear and follows format
The changelog entry properly documents the addition of the new parameter and follows the established format.
letsencrypt/rootfs/etc/cont-init.d/file-structure.sh (1)
63-63
: LGTM: Configuration handling follows security best practices
The new RFC2136 sign query parameter is properly added to the DNS API key file, maintaining the secure file permissions (600) and following the established pattern for DNS configurations.
Add documentation to rfc2136_sign_query field.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 0
🧹 Nitpick comments (1)
letsencrypt/DOCS.md (1)
786-787
: Documentation looks good but could be more detailed.The documentation clearly indicates that this is an optional parameter for TSIG key signing. However, it would be beneficial to add more details about:
- The expected values (true/false)
- The default value if not specified
- A brief explanation of how it helps with BIND multiple views
Consider expanding the documentation with these details:
# Optional: Enable TSIG key signing for DNS queries (useful for BIND multiple views) - rfc2136_sign_query: true + # Default: false + # When set to true, DNS queries will be signed with the TSIG key specified in rfc2136_secret. + # This is particularly useful when using BIND with multiple views, as it helps direct queries + # to the appropriate view based on the TSIG key authentication. + rfc2136_sign_query: true
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
letsencrypt/DOCS.md
(2 hunks)
🧰 Additional context used
📓 Path-based instructions (1)
letsencrypt/DOCS.md (6)
Pattern */**(html|markdown|md)
: - For instructional content in documentation, use a direct and authoritative tone. Avoid expressions of politeness such as 'may' or 'please', and ensure the goal of the instruction is fronted.
- Apply the Microsoft Style Guide to ensure documentation maintains clarity and conciseness.
- In step-by-step instructions, front the location phrase in the instructional sentence.
- In step-by-step instructions, front the 'goal' in the instructional sentence.
- In step-by-step instructions, if in doubt what to front, front the 'goal' before the location phrase in the instructional sentence.
- do not hyphenate terms like 'top-right' or 'bottom-left' with 'corner'
Pattern */**(html|markdown|md)
: - Use bold to mark UI strings.
- If "" are used to mark UI strings, replace them by bold.
Pattern */**(html|markdown|md)
: - Be brief in your replies and don't add fluff like "thank you for..." and "Please let me know if"
Pattern */**(html|markdown|md)
: - Use sentence-style capitalization also in headings.
Pattern */**(html|markdown|md)
: do not comment on HTML used for icons
Pattern */**(html|markdown|md)
: Avoid flagging inline HTML for embedding videos in future reviews for this repository.
Added ability to sign RFC2136 request with TSIG key.
According to documentation - https://certbot-dns-rfc2136.readthedocs.io/en/stable/ is it possible to sign a request with TSIG key in case of multiple views in BIND. With a signed request BIND direct to the correct view.
PS: Successfully tested signed requests in my environment.
Summary by CodeRabbit
New Features
rfc2136_sign_query
, enhancing DNS settings.Bug Fixes
Documentation