acme: add dns_wait option

acme.sh by default use public DNS resolvers to check if TXT record was
correctly added when using DNS-01. This can be undesirable in a private
environment where the DNS server is not publicly accessible.

This option allows bypassing such check and simply waiting for a
specific length of time for the TXT record to take effect.

Signed-off-by: Glen Huang <i@glenhuang.com>

diff --git a/net/acme-acmesh/files/hook.sh b/net/acme-acmesh/files/hook.sh
index bbe23b4a1fcc5ac9dffb1c225ad7e851079635c8..e736dc5996414e77cc4195fd984913457af5eee3 100644 (file)
--- a/net/acme-acmesh/files/hook.sh
+++ b/net/acme-acmesh/files/hook.sh
@@ -87,6 +87,9 @@ get)
                elif [ "$calias" ]; then
                        set -- "$@" --challenge-alias "$calias"
                fi
+               if [ "$dns_wait" ]; then
+                       set -- "$@" --dnssleep "$dns_wait"
+               fi
        elif [ "$standalone" = 1 ]; then
                set -- "$@" --standalone --listen-v6
        else

diff --git a/net/acme-common/files/acme.sh b/net/acme-common/files/acme.sh
index 24601a5025fbe2882e90d92abcf4a41ab8b2cd18..bcf3d84518061a46421dda51b23c6f6d8c7ec545 100644 (file)
--- a/net/acme-common/files/acme.sh
+++ b/net/acme-common/files/acme.sh
@@ -59,6 +59,8 @@ load_options() {
        export days
        config_get standalone "$section" standalone 0
        export standalone
+       config_get dns_wait "$section" dns_wait
+       export dns_wait
 
        config_get webroot "$section" webroot
        export webroot