pylego 0.1.25__py3-none-any.whl → 0.1.31__py3-none-any.whl

pylego/lego.go

@@ -15,6 +15,7 @@ import (
 
 	"github.com/go-acme/lego/v4/certcrypto"
 	"github.com/go-acme/lego/v4/certificate"
+	"github.com/go-acme/lego/v4/challenge/dns01"
 	"github.com/go-acme/lego/v4/challenge/http01"
 	"github.com/go-acme/lego/v4/challenge/tlsalpn01"
 	"github.com/go-acme/lego/v4/lego"
@@ -141,26 +142,30 @@ func requestCertificate(email, privateKeyPem, server, csr, plugin string) (*Lego
 
 func configureClientChallenges(client *lego.Client, plugin string) error {
 	switch plugin {
-	case "":
-		err := client.Challenge.SetHTTP01Provider(http01.NewProviderServer(os.Getenv("HTTP01_IFACE"), os.Getenv("HTTP01_PORT")))
-		if err != nil {
+	case "", "http":
+		if err := client.Challenge.SetHTTP01Provider(http01.NewProviderServer(os.Getenv("HTTP01_IFACE"), os.Getenv("HTTP01_PORT"))); err != nil {
 			return errors.Join(errors.New("couldn't set http01 provider server: "), err)
 		}
-		err = client.Challenge.SetTLSALPN01Provider(tlsalpn01.NewProviderServer(os.Getenv("TLSALPN01_IFACE"), os.Getenv("TLSALPN01_PORT")))
-		if err != nil {
+		return nil
+	case "tls":
+		if err := client.Challenge.SetTLSALPN01Provider(tlsalpn01.NewProviderServer(os.Getenv("TLSALPN01_IFACE"), os.Getenv("TLSALPN01_PORT"))); err != nil {
 			return errors.Join(errors.New("couldn't set tlsalpn01 provider server: "), err)
 		}
+		return nil
 	default:
 		dnsProvider, err := dns.NewDNSChallengeProviderByName(plugin)
 		if err != nil {
 			return errors.Join(fmt.Errorf("couldn't create %s provider: ", plugin), err)
 		}
-		err = client.Challenge.SetDNS01Provider(dnsProvider)
+		err = client.Challenge.SetDNS01Provider(dnsProvider,
+			dns01.CondOption(os.Getenv("DNS_PROPAGATION_DISABLE_ANS") != "",
+				dns01.DisableAuthoritativeNssPropagationRequirement()),
+			dns01.CondOption(os.Getenv("DNS_PROPAGATION_RNS") != "", dns01.RecursiveNSsPropagationRequirement()))
 		if err != nil {
 			return errors.Join(fmt.Errorf("couldn't set %s DNS provider server: ", plugin), err)
 		}
+		return nil
 	}
-	return nil
 }
 
 type LetsEncryptUser struct {

pylego/pylego.py

@@ -43,7 +43,7 @@ def run_lego_command(
         email: the email to be used for registration
         server: the server to be used for requesting a certificate that implements the ACME protocol
         csr: the csr to be signed
-        plugin: which DNS provider plugin to use for the request. Find yours at https://go-acme.github.io/lego/dns/.
+        plugin: provider to use. One of: "http" (HTTP-01), "tls" (TLS-ALPN-01), or any LEGO DNS provider from https://go-acme.github.io/lego/dns/.
         env: the environment variables required for the chosen plugin.
         private_key: the private key to be used for the registration on the ACME server (not the private key used to sign the CSR).
             If not provided, a new one will be generated.

{pylego-0.1.25.dist-info → pylego-0.1.31.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pylego
-Version: 0.1.25
+Version: 0.1.31
 Summary: A python wrapper package for the lego application written in Golang
 Author-email: Canonical <telco-engineers@lists.canonical.com>
 Project-URL: Homepage, https://github.com/canonical/pylego
@@ -34,27 +34,34 @@ You can import the lego command and run any function that you can run from the C
 ```python
 from pylego import run_lego_command
 test_env = {"NAMECHEAP_API_USER": "user", "NAMECHEAP_API_KEY": "key"}
-run_lego_command("something@gmail.com", "https://localhost/directory", "-----BEGIN CERTIFICATE REQUEST----- ...", "namecheap", test_env, "-----BEGIN RSA PRIVATE KEY-----")
+run_lego_command(
+    "something@gmail.com",
+    "https://localhost/directory",
+    b"-----BEGIN CERTIFICATE REQUEST----- ...",
+    env=test_env,
+    plugin="namecheap",
+    private_key="-----BEGIN RSA PRIVATE KEY-----",
+)
 ```
 
-| Argument | Description                                                                                                                                                                                                                                                  |
-| -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
-| `email`  | The provided email will be registered to the ACME server. It may receive some emails notifying the user about certificate expiry.                                                                                                                                |
-| `server` | This is the full URL of a server that implements the ACME protocol. While letsencrypt is the most common one, there are other programs that provide this facility like Vault.                                                                                |
-| `csr`    | This must be a PEM string in bytes that is user generated and valid as according to the ACME server that is being provided above. Many providers have different requirements for what is allowed to be in the fields of the CSR.                             |
-| `plugin` | The plugin is a string that's supported by LEGO. The full list is located [here](https://go-acme.github.io/lego/dns/). On top of the LEGO provided ones, we have an extra plugin called `http` that will allow users to use HTTP01 and TLSALPN01 challenges. |
-| `env`    | The env is a dictionary mapping of strings to strings that will be loaded into the environment for LEGO to use. All plugins require some configuration values loaded into the environment. You can find them [here](https://go-acme.github.io/lego/dns/)     |
-| `private_key`    | The provided private key will be used to register the user to the ACME server (not the key that signed the CSR), if not provided pylego will generate a new one  |
+| Argument      | Description                                                                                                                                                                                                                                              |
+| ------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `email`       | The provided email will be registered to the ACME server. It may receive some emails notifying the user about certificate expiry.                                                                                                                        |
+| `server`      | This is the full URL of a server that implements the ACME protocol. While letsencrypt is the most common one, there are other programs that provide this facility like Vault.                                                                            |
+| `csr`         | This must be a PEM string in bytes that is user generated and valid as according to the ACME server that is being provided above. Many providers have different requirements for what is allowed to be in the fields of the CSR.                         |
+| `plugin`      | Provider to use: `http` (HTTP-01), `tls` (TLS-ALPN-01), or any LEGO DNS provider from [here](https://go-acme.github.io/lego/dns/). If no plugin is provided, pylego uses HTTP-01 by default.                                                             |
+| `env`         | The env is a dictionary mapping of strings to strings that will be loaded into the environment for LEGO to use. All plugins require some configuration values loaded into the environment. You can find them [here](https://go-acme.github.io/lego/dns/) |
+| `private_key` | The provided private key will be used to register the user to the ACME server (not the key that signed the CSR), if not provided pylego will generate a new one                                                                                          |
 
 On top of the environment variables that LEGO supports, we have some extra ones that we use to configure the library:
 
 | Key               | Description                                                                                                                   |
 | ----------------- | ----------------------------------------------------------------------------------------------------------------------------- |
 | `SSL_CERT_FILE`   | Path to a CA certificate file for pylego to trust. This can be used for trusting the certificate of the ACME server provided. |
-| `HTTP01_IFACE`    | The interface to be used for the HTTP01 challenge if the plugin is chosen. Any interface by default.                          |
-| `HTTP01_PORT`     | The port to be used for the HTTP01 challenge if the plugin is chosen. 80 by default.                                          |
-| `TLSALPN01_IFACE` | The interface to be used for the TLSALPN01 challenge if the plugin is chosen. Any interface by default.                       |
-| `TLSALPN01_PORT`  | The port to be used for the TLSALPN01 challenge if the plugin is chosen. 443 by default.                                      |
+| `HTTP01_IFACE`    | Interface for the HTTP-01 challenge (when no DNS plugin is used or when `plugin=http`). Any interface by default.             |
+| `HTTP01_PORT`     | Port for the HTTP-01 challenge (when no DNS plugin is used or when `plugin=http`). 80 by default.                             |
+| `TLSALPN01_IFACE` | Interface for the TLS-ALPN-01 challenge (when `plugin=tls`). Any interface by default.                                        |
+| `TLSALPN01_PORT`  | Port for the TLS-ALPN-01 challenge (when `plugin=tls`). 443 by default.                                                       |
 
 ## How does it work?
 

pylego-0.1.31.dist-info/RECORD

@@ -0,0 +1,11 @@
+pylego/__init__.py,sha256=7rcUcQcOWsOLxTOEXF2ASkwm_7eED1UIXzxdlgKPr5c,82
+pylego/go.mod,sha256=2zddNtfcY9OT_qrCABQwRB06dvL0QF9kMA1E6lmvOlM,12467
+pylego/go.sum,sha256=-Gl6lIAbKb0cjJHr4dVvA4_XGBSHONqL0lKRGHUoYn0,187420
+pylego/lego.go,sha256=O_tXZN6DRXlVXJfZdjIXTrDWXyn1UuBeZa_ZzPCnGOA,6004
+pylego/lego.so,sha256=97DWk_jF6PWw5qR3S4wPRZ6K8vP_4_LE03eYhJLO7wA,61313170
+pylego/pylego.py,sha256=x9NTkBi1P4ITPhGBUgMCHVBHqFN7NXAJAc9aknKLcgk,2263
+pylego-0.1.31.dist-info/licenses/LICENSE,sha256=aklz9Y8CIpFsN61U4jHlJYp4W_8HoDpY-tINlDcdSZY,10934
+pylego-0.1.31.dist-info/METADATA,sha256=gsUgrPUL3EI5U0px3y0lbf3magHQayI5TC41NrDR9Qc,5776
+pylego-0.1.31.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+pylego-0.1.31.dist-info/top_level.txt,sha256=pSOYv55_w90qy3xOvqz_ysSz-X-XRTb-jMpiOyLNnNs,7
+pylego-0.1.31.dist-info/RECORD,,

pylego-0.1.25.dist-info/RECORD

@@ -1,11 +0,0 @@
-pylego/__init__.py,sha256=7rcUcQcOWsOLxTOEXF2ASkwm_7eED1UIXzxdlgKPr5c,82
-pylego/go.mod,sha256=n2-zLjKRREhmUyfj0u-VQRyEvmlp4wJcVY_Ret6v2bw,10759
-pylego/go.sum,sha256=vWXQ9GPwP6WPKjCuQ1_sWDka9PjTL2Yh28nIQeWKU80,146531
-pylego/lego.go,sha256=iXzvfVQ19PxqwFkgfxT8ueRdtIT6-cegjuzOzSuHkWs,5678
-pylego/lego.so,sha256=ObOt7e40UbDoYqJSEmuxdVvux0yQRT2VUWREKrtGRjs,161224160
-pylego/pylego.py,sha256=LD5BF1c0FM0p3M4Mqz62edNwsM0vV-tJ9J16VCWbyJU,2233
-pylego-0.1.25.dist-info/licenses/LICENSE,sha256=aklz9Y8CIpFsN61U4jHlJYp4W_8HoDpY-tINlDcdSZY,10934
-pylego-0.1.25.dist-info/METADATA,sha256=HXxrOi6AMeyJemyvn8DE1nlNNclk5oo7juLllTwnB30,5637
-pylego-0.1.25.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-pylego-0.1.25.dist-info/top_level.txt,sha256=pSOYv55_w90qy3xOvqz_ysSz-X-XRTb-jMpiOyLNnNs,7
-pylego-0.1.25.dist-info/RECORD,,