(Optionally?) Check that DNS records are in place before running a deploy #227
Labels
No Label
abra
abra-gandi
awaiting-feedback
backups
bug
build
ci/cd
community organising
contributing
coopcloud.tech
democracy
design
documentation
duplicate
enhancement
finance
funding
good first issue
help wanted
installer
kadabra
performance
proposal
question
recipes.coopcloud.tech
security
test
wontfix
No Milestone
No project
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: coop-cloud/organising#227
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Describe the problem to be solved
I'm deploying an app, I typo the domain, or I mess up the DNS config. Then when I deploy the app, Traefik can't generate SSL certificates. If I do this enough times (> 4 in an hour?) then LetsEncrypt rate-limits me and I have to wait for the timeout before continuing with the deployment.
Describe the solution you would like
Before deploying, abra could look up if there's an A record pointing to the relevant swarm server (ping it to get its IP?), or a CNAME record pointing to its hostname, and throw up a GIGANTIC WARNING.
For maximum bonus points, this would use whatever "unbound" system LetsEncrypt itself uses, to account for propagation /caching differences.
Good idea! Idk if its as robust as you have described but we have logic to do a DNS lookup (you could add more DNS servers to make it better maybe?) over in
08aca28d9d/cli/server/add.go (L269-L291)
. You could just run that on the server before a deploy alright.I've just pushed
85ff04202f
and tested that it does indeed bail out, whatcha reckon?This looks amazing! 😍
Maybe let's close this, open a separate ticket for "check if $DOMAIN resolves to the same IP address as $SERVER"?
OK, gave that a stab in
9122c0a9b8
. Will close.