diff options
| author | Rick <Spekpannenkoek@users.noreply.github.com> | 2022-01-25 13:34:38 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-01-25 13:34:38 +0300 |
| commit | fb1b105ba24939f379d0e005f8315a7c59b39e91 (patch) | |
| tree | 0d13e8be4b6d280350d9434b0fe90403c2a46699 | |
| parent | dac0b2c187fd94de9725da623587729ef356b60d (diff) | |
dns-digitalocean: Ignore SOA TTL in favor of explicit TTL argument (#9149)
* Ignore SOA TTL in favor of explicit TTL argument
`domain.ttl` should be `None` so that the `self.ttl` argument in
`add_txt_record()` is not ignored (`domain.ttl` takes precedence).
* Document mitigation for dns-digitalocean ignoring the 30 second TTL.
| -rw-r--r-- | certbot-dns-digitalocean/certbot_dns_digitalocean/_internal/dns_digitalocean.py | 4 | ||||
| -rw-r--r-- | certbot/CHANGELOG.md | 1 |
2 files changed, 5 insertions, 0 deletions
diff --git a/certbot-dns-digitalocean/certbot_dns_digitalocean/_internal/dns_digitalocean.py b/certbot-dns-digitalocean/certbot_dns_digitalocean/_internal/dns_digitalocean.py index efdc88b9e..0c0ab3faf 100644 --- a/certbot-dns-digitalocean/certbot_dns_digitalocean/_internal/dns_digitalocean.py +++ b/certbot-dns-digitalocean/certbot_dns_digitalocean/_internal/dns_digitalocean.py @@ -82,6 +82,10 @@ class _DigitalOceanClient: try: domain = self._find_domain(domain_name) + # The TTL value is set to the SOA record's TTL. Unless set to a falsy value, + # the optional TTL argument to add_txt_record() would be ignored. + # See https://github.com/certbot/certbot/pull/9149 for details. + domain.ttl = None except digitalocean.Error as e: hint = None diff --git a/certbot/CHANGELOG.md b/certbot/CHANGELOG.md index d2134b864..685466685 100644 --- a/certbot/CHANGELOG.md +++ b/certbot/CHANGELOG.md @@ -19,6 +19,7 @@ Certbot adheres to [Semantic Versioning](https://semver.org/). ### Fixed * GCP Permission list for certbot-dns-google in plugin documentation +* dns-digitalocean used the SOA TTL for newly created records, rather than 30 seconds. More details about these changes can be found on our GitHub repo. |