caddy plugin dns propagation_timeout

Started by wirehire, August 20, 2024, 08:40:28 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 20, 2024, 08:40:28 AM
Hey,

How can i set the propagation_timeout and propagation_delay? When i type this keyword sin the fields , i dont see the config parameter in the json file. Example with netcup you need a high propagation_timeout and propagation_delay time.

Its this possible in the gui or must it have set on the cli?


Greets
August 20, 2024, 08:46:58 PM #1
Its going to be in os-caddy-1.6.3

https://github.com/opnsense/plugins/issues/4161
Hardware:
DEC740
August 21, 2024, 11:15:20 AM #2
ich habe den patch eingespielt, sehe auch das disable, aber wo kann ich die werte an sich dann mitgeben? zb für netcup 600 oder 900s?
August 21, 2024, 12:58:33 PM #3
propagation_timeout -1 will be set and that means there are indefinite retries.

Also, soon the resolver option can be set too, so you can set it to the netcup dns server. That way there wont be any dns delay.

https://github.com/opnsense/plugins/issues/4178
Hardware:
DEC740
August 21, 2024, 01:15:20 PM #4
retries yes, but , example netcup need longer propagation time , when not infinity loop.

https://github.com/caddy-dns/netcup

NOTE: You may need to set an unexpectedly high propagation time (≥ 900 seconds) to give the netcup DNS time to propagate the entries! This may be annoying when executing caddy run/start manually but should not be a problem in automated setups. In exceptional cases, 20 minutes may be required. See

can we have this option? to set a propagation time and delay ?

August 21, 2024, 03:09:18 PM #5
I don't yet understand.

https://github.com/opnsense/plugins/blob/master/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/Caddyfile#L348-L351

When you enable the checkbox, it waits "propagation_delay 30s" before trying. And afterwards it will "propagation_timeout -1", retry indefinitely without ever stopping. The default when not setting this is 2 Minutes. But setting it to -1 will be unlimited Minutes.

It sets the example parameters as described here:
https://github.com/caddyserver/caddy/pull/4723

Please actually verify that netcup does not work with this patch. If it indeed does not, please raise a ticket on the github plugins.
Hardware:
DEC740
August 22, 2024, 01:54:12 PM #6
Hey,

i tried with patch and the new update 27.1.2 with os-caddy-1.6.3

"error","ts":"2024-08-21T20:13:27Z","logger":"tls.obtain","msg":"will retry","error":"[sub.domain.de] Obtain: [sub.domain.de] solving challenge: sub.domain.de: [sub.domain.de] authorization failed: HTTP 403 urn:ietf:params:acme:error:unauthorized - Incorrect TXT record "rekord" (and 1 more) found at _acme-challenge.sub.domain.de (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":2,"retrying_in":120,"elapsed":124.751260674,"max_duration":2592000%7D

The disable dont help by netcup. The options with longer propagation where needed. Do you still need more for debug?

with other dns example clouflare its workes, so its looks like its needed the higher value for netcup.

thanks for your work !
August 22, 2024, 02:41:37 PM #7
No thats fine, just create a ticket on github for me and I'll add the option to set custom values.

https://github.com/opnsense/plugins/issues
Hardware:
DEC740
Print
Go Up Pages1
User actions