mirror of
https://github.com/outbackdingo/labca.git
synced 2026-01-27 18:19:33 +00:00
86 lines
2.5 KiB
Diff
86 lines
2.5 KiB
Diff
diff --git a/cmd/expiration-mailer/main.go b/cmd/expiration-mailer/main.go
|
|
index 9f56157dd..8cc77676c 100644
|
|
--- a/cmd/expiration-mailer/main.go
|
|
+++ b/cmd/expiration-mailer/main.go
|
|
@@ -20,6 +20,7 @@ import (
|
|
"github.com/honeycombio/beeline-go"
|
|
"github.com/jmhodges/clock"
|
|
|
|
+ "github.com/letsencrypt/boulder/bdns"
|
|
"github.com/letsencrypt/boulder/cmd"
|
|
"github.com/letsencrypt/boulder/core"
|
|
"github.com/letsencrypt/boulder/db"
|
|
@@ -35,7 +36,7 @@ import (
|
|
|
|
const (
|
|
defaultNagCheckInterval = 24 * time.Hour
|
|
- defaultExpirationSubject = "Let's Encrypt certificate expiration notice for domain {{.ExpirationSubject}}"
|
|
+ defaultExpirationSubject = "LabCA certificate expiration notice for domain {{.ExpirationSubject}}"
|
|
)
|
|
|
|
type regStore interface {
|
|
@@ -384,6 +385,9 @@ type config struct {
|
|
TLS cmd.TLSConfig
|
|
SAService *cmd.GRPCClientConfig
|
|
|
|
+ DNSTries int
|
|
+ DNSResolvers []string
|
|
+
|
|
// Path to a file containing a list of trusted root certificates for use
|
|
// during the SMTP connection (as opposed to the gRPC connections).
|
|
SMTPTrustedRootFile string
|
|
@@ -393,6 +397,12 @@ type config struct {
|
|
|
|
Syslog cmd.SyslogConfig
|
|
Beeline cmd.BeelineConfig
|
|
+
|
|
+ Common struct {
|
|
+ DNSResolver string
|
|
+ DNSTimeout string
|
|
+ DNSAllowLoopbackAddresses bool
|
|
+ }
|
|
}
|
|
|
|
func initStats(stats prometheus.Registerer) mailerStats {
|
|
@@ -510,6 +520,32 @@ func main() {
|
|
cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to SA")
|
|
sac := bgrpc.NewStorageAuthorityClient(sapb.NewStorageAuthorityClient(conn))
|
|
|
|
+ dnsTimeout, err := time.ParseDuration(c.Common.DNSTimeout)
|
|
+ cmd.FailOnError(err, "Couldn't parse DNS timeout")
|
|
+ dnsTries := c.Mailer.DNSTries
|
|
+ if dnsTries < 1 {
|
|
+ dnsTries = 1
|
|
+ }
|
|
+ var resolver bdns.Client
|
|
+ if len(c.Common.DNSResolver) != 0 {
|
|
+ c.Mailer.DNSResolvers = append(c.Mailer.DNSResolvers, c.Common.DNSResolver)
|
|
+ }
|
|
+ servers, err := bdns.NewStaticProvider(c.Mailer.DNSResolvers)
|
|
+ cmd.FailOnError(err, "Couldn't parse static DNS server(s)")
|
|
+ if !c.Common.DNSAllowLoopbackAddresses {
|
|
+ r := bdns.New(
|
|
+ dnsTimeout,
|
|
+ servers,
|
|
+ scope,
|
|
+ clk,
|
|
+ dnsTries,
|
|
+ logger)
|
|
+ resolver = r
|
|
+ } else {
|
|
+ r := bdns.NewTest(dnsTimeout, servers, scope, clk, dnsTries, logger)
|
|
+ resolver = r
|
|
+ }
|
|
+
|
|
var smtpRoots *x509.CertPool
|
|
if c.Mailer.SMTPTrustedRootFile != "" {
|
|
pem, err := ioutil.ReadFile(c.Mailer.SMTPTrustedRootFile)
|
|
@@ -545,6 +581,7 @@ func main() {
|
|
c.Mailer.Username,
|
|
smtpPassword,
|
|
smtpRoots,
|
|
+ resolver,
|
|
*fromAddress,
|
|
logger,
|
|
scope,
|