Added support to pass ttl as cli argument (#62)

* Added support to pass ttl as cli argument * Update certbot_dns_godaddy.py --------- Co-authored-by: miigotu <[email protected]>
miigotu · Jan 5, 2024 · a1390b2 · a1390b2
1 parent 3184c7b
commit a1390b2
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -32,6 +32,7 @@ To start using DNS authentication for godaddy, pass the following arguments on c
 | `--authenticator dns-godaddy`           | select the authenticator plugin (Required)                                            |
 | `--dns-godaddy-credentials FILE`        | godaddy credentials INI file. (Required)                                              |
 | `--dns-godaddy-propagation-seconds NUM` | how long to wait before ACME tries to verify DNS. (Default: 30, Recommended: \>= 600) |
+| `--dns-godaddy-ttl NUM`  | TTL for TXT record. (Default 600. For WildCard >= 600 )
 
 You may need to set an unexpectedly high propagation time (≥ 900 seconds) to give the godaddy DNS time to propagate the entries! This may be annoying when calling certbot manually but should not be a problem in automated setups.
 
@@ -62,6 +63,7 @@ To acquire a single certificate for both `example.com` and `*.example.com`, wait
       --authenticator dns-godaddy \\
       --dns-godaddy-credentials ~/.secrets/certbot/godaddy.ini \\
       --dns-godaddy-propagation-seconds 900 \\
+      --dns-godaddy-ttl 600 \\
       --keep-until-expiring --non-interactive --expand \
       --server https://acme-v02.api.letsencrypt.org/directory \
       -d 'example.com' \\
@@ -83,10 +85,16 @@ Once that's finished, the application can be run as follows:
       miigotu/certbot-dns-godaddy certbot certonly \
         --authenticator dns-godaddy \
         --dns-godaddy-propagation-seconds 900 \
+        --dns-godaddy-ttl 600 \
         --dns-godaddy-credentials /var/lib/letsencrypt/godaddy_credentials.ini \
         --keep-until-expiring --non-interactive --expand \
         --server https://acme-v02.api.letsencrypt.org/directory \
         --agree-tos --email "[email protected]" \
         -d example.com -d '*.example.com'
 
 You may want to change the volumes `/var/lib/letsencrypt` and `/etc/letsencrypt` to local directories where the certificates and configuration should be stored.
+
+Exception
+---------
+
+If receives error like invalid argument `dns-godaddy-ttl`. Goto `/etc/letsencrypt/renewal/[YOURDOMAIN].conf` and edit file and in the end add `dns_godaddy_ttl = 600`. This is required once and then subssequent requests will not fail
diff --git a/certbot_dns_godaddy.py b/certbot_dns_godaddy.py
@@ -20,8 +20,11 @@ class Authenticator(dns_common_lexicon.LexiconDNSAuthenticator):
 
     description = ('Obtain certificates using a DNS TXT record (if you are '
                    'using GoDaddy for DNS).')
-    
+
     def __init__(self, *args: Any, **kwargs: Any) -> None:
+
+        params_dict = args[0].to_dict()
+        self.ttl = str(params_dict.get("dns_godaddy_ttl", 600))
         super().__init__(*args, **kwargs)
         self._add_provider_option('key',
                                   'Key to access the Godaddy API',
@@ -43,3 +46,10 @@ def more_info(self) -> str:
     @property
     def _provider_name(self) -> str:
         return 'godaddy'
+
+    @property
+    def _ttl(self) -> int:
+        """
+        Time to live to apply to the DNS records created by this Authenticator
+        """
+        return self.ttl