fix provisioning

2023-06-30 21:55:31 +01:00 · 2023-06-30 21:55:31 +01:00 · f00fa833e0
parent 5b9dcd6a60
commit f00fa833e0
3 changed files with 651 additions and 51 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -17,6 +17,15 @@ version = "1.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe"

+[[package]]
+name = "aho-corasick"
+version = "0.7.20"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cc936419f96fa211c1b9166887b38e5e40b19958e5b895be7c1f93adec7071ac"
+dependencies = [
+ "memchr",
+]
+
 [[package]]
 name = "aho-corasick"
 version = "1.0.2"
@ -26,12 +35,33 @@ dependencies = [
 "memchr",
 ]

+[[package]]
+name = "android-tzdata"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e999941b234f3131b00bc13c22d06e8c5ff726d1b6318ac7eb276997bbb4fef0"
+
+[[package]]
+name = "android_system_properties"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311"
+dependencies = [
+ "libc",
+]
+
 [[package]]
 name = "anyhow"
 version = "1.0.71"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9c7d0618f0e0b7e8ff11427422b64564d5fb0be1940354bfe2e0529b18a9d9b8"

+[[package]]
+name = "arrayvec"
+version = "0.7.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "96d30a06541fbafbc7f82ed10c06164cfbd2c401138f6addd8404629c4b16711"
+
 [[package]]
 name = "async-trait"
 version = "0.1.68"
@ -76,6 +106,25 @@ version = "1.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"

+[[package]]
+name = "block-buffer"
+version = "0.10.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71"
+dependencies = [
+ "generic-array",
+]
+
+[[package]]
+name = "bstr"
+version = "1.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a246e68bb43f6cd9db24bea052a53e40405417c5fb372e3d1a8a7f770a564ef5"
+dependencies = [
+ "memchr",
+ "serde",
+]
+
 [[package]]
 name = "bumpalo"
 version = "3.13.0"
@ -100,6 +149,40 @@ version = "1.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"

+[[package]]
+name = "chrono"
+version = "0.4.26"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ec837a71355b28f6556dbd569b37b3f363091c0bd4b2e735674521b4c5fd9bc5"
+dependencies = [
+ "android-tzdata",
+ "iana-time-zone",
+ "num-traits",
+ "winapi",
+]
+
+[[package]]
+name = "chrono-tz"
+version = "0.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "58549f1842da3080ce63002102d5bc954c7bc843d4f47818e642abdc36253552"
+dependencies = [
+ "chrono",
+ "chrono-tz-build",
+ "phf",
+]
+
+[[package]]
+name = "chrono-tz-build"
+version = "0.0.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "db058d493fb2f65f41861bfed7e3fe6335264a9f0f92710cab5bdf01fef09069"
+dependencies = [
+ "parse-zoneinfo",
+ "phf",
+ "phf_codegen",
+]
+
 [[package]]
 name = "config_struct"
 version = "0.5.0"
@ -137,6 +220,25 @@ version = "0.8.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e496a50fda8aacccc86d7529e2c1e0892dbd0f898a6b5645b5561b89c3210efa"

+[[package]]
+name = "cpufeatures"
+version = "0.2.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "03e69e28e9f7f77debdedbaafa2866e1de9ba56df55a8bd7cfc724c25a09987c"
+dependencies = [
+ "libc",
+]
+
+[[package]]
+name = "crypto-common"
+version = "0.1.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
+dependencies = [
+ "generic-array",
+ "typenum",
+]
+
 [[package]]
 name = "desec"
 version = "0.1.0"
@ -149,6 +251,22 @@ dependencies = [
 "tokio",
 ]

+[[package]]
+name = "deunicode"
+version = "0.4.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "850878694b7933ca4c9569d30a34b55031b9b139ee1fc7b94a527c4ef960d690"
+
+[[package]]
+name = "digest"
+version = "0.10.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292"
+dependencies = [
+ "block-buffer",
+ "crypto-common",
+]
+
 [[package]]
 name = "encoding_rs"
 version = "0.8.32"
@ -318,12 +436,57 @@ dependencies = [
 "pin-utils",
 ]

+[[package]]
+name = "generic-array"
+version = "0.14.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a"
+dependencies = [
+ "typenum",
+ "version_check",
+]
+
+[[package]]
+name = "getrandom"
+version = "0.2.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427"
+dependencies = [
+ "cfg-if",
+ "libc",
+ "wasi",
+]
+
 [[package]]
 name = "gimli"
 version = "0.27.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b6c80984affa11d98d1b88b66ac8853f143217b399d3c74116778ff8fdb4ed2e"

+[[package]]
+name = "globset"
+version = "0.4.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "029d74589adefde59de1a0c4f4732695c32805624aec7b68d91503d4dba79afc"
+dependencies = [
+ "aho-corasick 0.7.20",
+ "bstr",
+ "fnv",
+ "log",
+ "regex",
+]
+
+[[package]]
+name = "globwalk"
+version = "0.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "93e3af942408868f6934a7b85134a3230832b9977cf66125df2f9edcfce4ddcc"
+dependencies = [
+ "bitflags",
+ "ignore",
+ "walkdir",
+]
+
 [[package]]
 name = "h2"
 version = "0.3.20"
@ -404,6 +567,15 @@ version = "1.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c4a1e36c821dbe04574f602848a19f742f4fb3c98d40449f11bcad18d6b17421"

+[[package]]
+name = "humansize"
+version = "2.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6cb51c9a029ddc91b07a787f1d86b53ccfa49b0e86688c946ebe8d3555685dd7"
+dependencies = [
+ "libm",
+]
+
 [[package]]
 name = "humantime"
 version = "2.1.0"
@ -461,6 +633,29 @@ dependencies = [
 "tokio-native-tls",
 ]

+[[package]]
+name = "iana-time-zone"
+version = "0.1.57"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2fad5b825842d2b38bd206f3e81d6957625fd7f0a361e345c30e01a0ae2dd613"
+dependencies = [
+ "android_system_properties",
+ "core-foundation-sys",
+ "iana-time-zone-haiku",
+ "js-sys",
+ "wasm-bindgen",
+ "windows",
+]
+
+[[package]]
+name = "iana-time-zone-haiku"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f"
+dependencies = [
+ "cc",
+]
+
 [[package]]
 name = "idna"
 version = "0.4.0"
@ -471,6 +666,23 @@ dependencies = [
 "unicode-normalization",
 ]

+[[package]]
+name = "ignore"
+version = "0.4.20"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dbe7873dab538a9a44ad79ede1faf5f30d49f9a5c883ddbab48bce81b64b7492"
+dependencies = [
+ "globset",
+ "lazy_static",
+ "log",
+ "memchr",
+ "regex",
+ "same-file",
+ "thread_local",
+ "walkdir",
+ "winapi-util",
+]
+
 [[package]]
 name = "indexmap"
 version = "1.9.3"
@ -571,6 +783,12 @@ version = "0.2.147"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3"

+[[package]]
+name = "libm"
+version = "0.2.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f7012b1bbb0719e1097c47611d3898568c546d597c2e74d66f6087edd5233ff4"
+
 [[package]]
 name = "linear-map"
 version = "1.2.0"
@ -653,6 +871,15 @@ dependencies = [
 "tempfile",
 ]

+[[package]]
+name = "num-traits"
+version = "0.2.15"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd"
+dependencies = [
+ "autocfg",
+]
+
 [[package]]
 name = "num_cpus"
 version = "1.15.0"
@ -745,6 +972,15 @@ dependencies = [
 "windows-targets",
 ]

+[[package]]
+name = "parse-zoneinfo"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c705f256449c60da65e11ff6626e0c16a0a0b96aaa348de61376b249bc340f41"
+dependencies = [
+ "regex",
+]
+
 [[package]]
 name = "pem"
 version = "2.0.1"
@ -761,6 +997,89 @@ version = "2.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9b2a4787296e9989611394c33f193f676704af1686e70b8f8033ab5ba9a35a94"

+[[package]]
+name = "pest"
+version = "2.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f73935e4d55e2abf7f130186537b19e7a4abc886a0252380b59248af473a3fc9"
+dependencies = [
+ "thiserror",
+ "ucd-trie",
+]
+
+[[package]]
+name = "pest_derive"
+version = "2.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "aef623c9bbfa0eedf5a0efba11a5ee83209c326653ca31ff019bec3a95bfff2b"
+dependencies = [
+ "pest",
+ "pest_generator",
+]
+
+[[package]]
+name = "pest_generator"
+version = "2.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b3e8cba4ec22bada7fc55ffe51e2deb6a0e0db2d0b7ab0b103acc80d2510c190"
+dependencies = [
+ "pest",
+ "pest_meta",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.22",
+]
+
+[[package]]
+name = "pest_meta"
+version = "2.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a01f71cb40bd8bb94232df14b946909e14660e33fc05db3e50ae2a82d7ea0ca0"
+dependencies = [
+ "once_cell",
+ "pest",
+ "sha2",
+]
+
+[[package]]
+name = "phf"
+version = "0.10.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fabbf1ead8a5bcbc20f5f8b939ee3f5b0f6f281b6ad3468b84656b658b455259"
+dependencies = [
+ "phf_shared",
+]
+
+[[package]]
+name = "phf_codegen"
+version = "0.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4fb1c3a8bc4dd4e5cfce29b44ffc14bedd2ee294559a294e2a4d4c9e9a6a13cd"
+dependencies = [
+ "phf_generator",
+ "phf_shared",
+]
+
+[[package]]
+name = "phf_generator"
+version = "0.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5d5285893bb5eb82e6aaf5d59ee909a06a16737a8970984dd7746ba9283498d6"
+dependencies = [
+ "phf_shared",
+ "rand",
+]
+
+[[package]]
+name = "phf_shared"
+version = "0.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b6796ad771acdc0123d2a88dc428b5e38ef24456743ddb1744ed628f9815c096"
+dependencies = [
+ "siphasher",
+ "uncased",
+]
+
 [[package]]
 name = "pin-project-lite"
 version = "0.2.9"
@ -779,6 +1098,12 @@ version = "0.3.27"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964"

+[[package]]
+name = "ppv-lite86"
+version = "0.2.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de"
+
 [[package]]
 name = "pretty_env_logger"
 version = "0.5.0"
@ -817,6 +1142,36 @@ dependencies = [
 "proc-macro2",
 ]

+[[package]]
+name = "rand"
+version = "0.8.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
+dependencies = [
+ "libc",
+ "rand_chacha",
+ "rand_core",
+]
+
+[[package]]
+name = "rand_chacha"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88"
+dependencies = [
+ "ppv-lite86",
+ "rand_core",
+]
+
+[[package]]
+name = "rand_core"
+version = "0.6.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c"
+dependencies = [
+ "getrandom",
+]
+
 [[package]]
 name = "rcgen"
 version = "0.11.1"
@ -844,7 +1199,7 @@ version = "1.8.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d0ab3ca65655bb1e41f2a8c8cd662eb4fb035e67c3f78da1d61dffe89d07300f"
 dependencies = [
- "aho-corasick",
+ "aho-corasick 1.0.2",
 "memchr",
 "regex-syntax",
 ]
@ -907,6 +1262,20 @@ dependencies = [
 "winapi",
 ]

+[[package]]
+name = "rsdns"
+version = "0.15.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6eede25b1d48c90a93167428ca549b977a598e1d2a9c708610f917308d2550f6"
+dependencies = [
+ "arrayvec",
+ "cfg-if",
+ "rand",
+ "tera",
+ "thiserror",
+ "tokio",
+]
+
 [[package]]
 name = "rustc-demangle"
 version = "0.1.23"
@ -990,12 +1359,22 @@ dependencies = [
 "pretty_env_logger",
 "quick-xml",
 "rcgen",
+ "rsdns",
 "serde",
 "tokio",
 "tokio-rustls",
 "toml 0.7.5",
 ]

+[[package]]
+name = "same-file"
+version = "1.0.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502"
+dependencies = [
+ "winapi-util",
+]
+
 [[package]]
 name = "schannel"
 version = "0.1.21"
@ -1105,6 +1484,17 @@ dependencies = [
 "serde",
 ]

+[[package]]
+name = "sha2"
+version = "0.10.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "479fb9d862239e610720565ca91403019f2f00410f1864c5aa7479b950a76ed8"
+dependencies = [
+ "cfg-if",
+ "cpufeatures",
+ "digest",
+]
+
 [[package]]
 name = "signal-hook-registry"
 version = "1.4.1"
@ -1114,6 +1504,12 @@ dependencies = [
 "libc",
 ]

+[[package]]
+name = "siphasher"
+version = "0.3.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7bd3e3206899af3f8b12af284fafc038cc1dc2b41d1b89dd17297221c5d225de"
+
 [[package]]
 name = "slab"
 version = "0.4.8"
@ -1123,6 +1519,15 @@ dependencies = [
 "autocfg",
 ]

+[[package]]
+name = "slug"
+version = "0.1.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b3bc762e6a4b6c6fcaade73e77f9ebc6991b676f88bb2358bddb56560f073373"
+dependencies = [
+ "deunicode",
+]
+
 [[package]]
 name = "smallvec"
 version = "1.10.0"
@ -1193,6 +1598,29 @@ dependencies = [
 "windows-sys 0.48.0",
 ]

+[[package]]
+name = "tera"
+version = "1.19.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a5ab29bb4f3e256ae6ad5c3e2775aa1f8829f2c0c101fc407bfd3a6df15c60c5"
+dependencies = [
+ "chrono",
+ "chrono-tz",
+ "globwalk",
+ "humansize",
+ "lazy_static",
+ "percent-encoding",
+ "pest",
+ "pest_derive",
+ "rand",
+ "regex",
+ "serde",
+ "serde_json",
+ "slug",
+ "thread_local",
+ "unic-segment",
+]
+
 [[package]]
 name = "termcolor"
 version = "1.2.0"
@ -1222,6 +1650,15 @@ dependencies = [
 "syn 2.0.22",
 ]

+[[package]]
+name = "thread_local"
+version = "1.1.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5516c27b78311c50bf42c071425c560ac799b11c30b31f87e3081965fe5e0180"
+dependencies = [
+ "once_cell",
+]
+
 [[package]]
 name = "time"
 version = "0.3.22"
@ -1393,6 +1830,77 @@ version = "0.2.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3528ecfd12c466c6f163363caf2d02a71161dd5e1cc6ae7b34207ea2d42d81ed"

+[[package]]
+name = "typenum"
+version = "1.16.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba"
+
+[[package]]
+name = "ucd-trie"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9e79c4d996edb816c91e4308506774452e55e95c3c9de07b6729e17e15a5ef81"
+
+[[package]]
+name = "uncased"
+version = "0.9.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9b9bc53168a4be7402ab86c3aad243a84dd7381d09be0eddc81280c1da95ca68"
+dependencies = [
+ "version_check",
+]
+
+[[package]]
+name = "unic-char-property"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a8c57a407d9b6fa02b4795eb81c5b6652060a15a7903ea981f3d723e6c0be221"
+dependencies = [
+ "unic-char-range",
+]
+
+[[package]]
+name = "unic-char-range"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0398022d5f700414f6b899e10b8348231abf9173fa93144cbc1a43b9793c1fbc"
+
+[[package]]
+name = "unic-common"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "80d7ff825a6a654ee85a63e80f92f054f904f21e7d12da4e22f9834a4aaa35bc"
+
+[[package]]
+name = "unic-segment"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e4ed5d26be57f84f176157270c112ef57b86debac9cd21daaabbe56db0f88f23"
+dependencies = [
+ "unic-ucd-segment",
+]
+
+[[package]]
+name = "unic-ucd-segment"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2079c122a62205b421f499da10f3ee0f7697f012f55b675e002483c73ea34700"
+dependencies = [
+ "unic-char-property",
+ "unic-char-range",
+ "unic-ucd-version",
+]
+
+[[package]]
+name = "unic-ucd-version"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "96bd2f2237fe450fcd0a1d2f5f4e91711124f7857ba2e964247776ebeeb7b0c4"
+dependencies = [
+ "unic-common",
+]
+
 [[package]]
 name = "unicode-bidi"
 version = "0.3.13"
@ -1449,6 +1957,22 @@ version = "0.2.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426"

+[[package]]
+name = "version_check"
+version = "0.9.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f"
+
+[[package]]
+name = "walkdir"
+version = "2.3.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "36df944cda56c7d8d8b7496af378e6b16de9284591917d307c9b4d313c44e698"
+dependencies = [
+ "same-file",
+ "winapi-util",
+]
+
 [[package]]
 name = "want"
 version = "0.3.1"
@ -1571,6 +2095,15 @@ version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"

+[[package]]
+name = "windows"
+version = "0.48.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e686886bc078bc1b0b600cac0147aadb815089b6e4da64016cbd754b6342700f"
+dependencies = [
+ "windows-targets",
+]
+
 [[package]]
 name = "windows-sys"
 version = "0.42.0"
--- a/salut/Cargo.toml
+++ b/salut/Cargo.toml
@ -20,3 +20,4 @@ tokio-rustls = { version = "0.24.1" }
 instant-acme = "0.3.2"
 desec = { path = "../desec" }
 rcgen = "0.11.1"
+rsdns = { version = "0.15.0", features = ["net-tokio"] }
--- a/salut/src/config.rs
+++ b/salut/src/config.rs
@ -1,17 +1,27 @@
 use std::{
    fs::File,
    io::{prelude::Write, Read},
+    net::{SocketAddr, ToSocketAddrs},
+    str::FromStr,
    time::Duration,
    vec,
 };

-use desec::dns::{RRSet, RRSetPatch, Record};
+use desec::{
+    dns::{RRSet, RRSetPatch, Record},
+    Session,
+};
 use instant_acme::{
    Account, AuthorizationStatus, ChallengeType, Identifier, LetsEncrypt, NewAccount, NewOrder,
-    OrderStatus,
+    Order, OrderStatus,
 };
 use log::{debug, error, info, warn};
 use rcgen::{Certificate, CertificateParams, DistinguishedName};
+use rsdns::{
+    clients::{tokio::Client, ClientConfig},
+    constants::Class,
+    records::data,
+};
 use serde::{Deserialize, Serialize};

 #[derive(Debug, Clone, Serialize, Deserialize)]
@ -35,6 +45,7 @@ pub struct Config {
 pub struct DesecConfig {
    pub username: String,
    pub password: String,
+    pub name_servers: Vec<String>,
 }

 #[derive(Debug, Clone, Serialize, Deserialize)]
@ -44,6 +55,7 @@ pub struct CertificatePEM {
 }

 const CONFIG_PATHS: [&str; 3] = [DEFAULT_PATH, "/etc/salut.toml", "/usr/local/etc/salut.toml"];
+const DNS_QUERY_WAIT: Duration = Duration::from_millis(250);
 pub const DEFAULT_PATH: &str = "salut.toml";

 impl Default for Config {
@ -56,6 +68,7 @@ impl Default for Config {
            desec_cfg: DesecConfig {
                username: String::new(),
                password: String::new(),
+                name_servers: vec!["ns1.desec.io".into(), "ns2.desec.org".into()],
            },
            original_path: DEFAULT_PATH,
        }
@ -110,7 +123,7 @@ impl Config {
                terms_of_service_agreed: true,
                only_return_existing: false,
            },
-            LetsEncrypt::Staging.url(),
+            LetsEncrypt::Production.url(),
            None,
        )
        .await?;
@ -150,7 +163,7 @@ impl Config {
        let authorizations = order.authorizations().await.unwrap();
        debug!("got {} authorizations for this order", authorizations.len());
        let mut challenges = Vec::with_capacity(authorizations.len());
-        let mut cleanup_records: Vec<RRSet> = vec![];
+        let mut cleanup_records = vec![];

        for authz in &authorizations {
            if let AuthorizationStatus::Valid = authz.status {
@ -209,59 +222,20 @@ impl Config {
            };

            challenges.push((identifier, &challenge.url));
-            cleanup_records.push(record);
+            cleanup_records.push((record, dns_challenge));
        }
+        let challenges_result = self
+            .wait_challenges(&cleanup_records, &challenges, &mut order)
+            .await;

-        // Let the server know we're ready to accept the challenges.
-        debug!("done setting challenges, notifying CA");
-        for (_, url) in &challenges {
-            order.set_challenge_ready(url).await.unwrap();
-        }
-
-        let mut tries = 1u8;
-        let mut delay = Duration::from_millis(250);
-        loop {
-            tokio::time::sleep(delay).await;
-            let state = order.refresh().await?;
-            if let OrderStatus::Ready | OrderStatus::Invalid = state.status {
-                info!("order state: {:#?}", state);
-                std::io::stdin().read_line(&mut String::new()).unwrap();
-                break;
-            } else {
-                info!("waiting on order... state: {:?}", state.status);
-            }
-
-            delay *= 2;
-            tries += 1;
-            match tries < 5 {
-                true => info!("[{state:?}({tries})] order is not ready, waiting {delay:?}"),
-                false => {
-                    info!("[{state:?}({tries})] order is not ready");
-                    return Err(anyhow::anyhow!("order is not ready"));
-                }
-            }
-        }
-
-        let state = order.state();
-        if state.status != OrderStatus::Ready {
-            for rec in cleanup_records {
-                warn!("cleaning up record: {}", rec.name);
-                if let Err(err) = dns.delete_rrset(rec).await {
-                    error!("failed cleaning up record: {err}")
-                }
-            }
-            return Err(anyhow::anyhow!(
-                "unexpected order status: {:?}\nwith state:{state:#?}",
-                state.status
-            ));
-        }
-
-        for rec in cleanup_records {
+        for (rec, _) in cleanup_records {
            if let Err(err) = dns.delete_rrset(rec).await {
                error!("failed cleaning up record: {err}")
            }
        }

+        challenges_result?;
+
        let mut names = Vec::with_capacity(challenges.len());
        for (identifier, _) in challenges {
            names.push(identifier.to_owned());
@ -295,4 +269,96 @@ impl Config {

        Ok(cert)
    }
+
+    async fn wait_challenges(
+        &self,
+        cleanup_records: &Vec<(RRSet, String)>,
+        challenges: &Vec<(&String, &String)>,
+        order: &mut Order,
+    ) -> Result<(), anyhow::Error> {
+        for (record, dns_challenge) in cleanup_records {
+            for ns in &self.desec_cfg.name_servers {
+                info!("waiting for nameserver {ns}");
+                loop {
+                    let ns = format!("{ns}:53");
+                    let mut client = Client::new(ClientConfig::with_nameserver(
+                        ns.to_socket_addrs()?
+                            .as_slice()
+                            .first()
+                            .ok_or(anyhow::anyhow!("cannot get address for {ns}"))?
+                            .to_owned(),
+                    ))
+                    .await?;
+                    let record = match client
+                        .query_rrset::<data::Txt>(&record.name, Class::In)
+                        .await
+                    {
+                        Ok(r) => r,
+                        Err(err) => {
+                            if let rsdns::Error::NoAnswer = err {
+                                tokio::time::sleep(DNS_QUERY_WAIT).await;
+                                continue;
+                            } else {
+                                return Err(err.into());
+                            }
+                        }
+                    };
+                    debug!(
+                        "{ns} came back with record: {:?}",
+                        (&record.rdata)
+                            .into_iter()
+                            .map(|r| String::from_utf8(r.text.clone()).unwrap_or_default())
+                            .collect::<Vec<String>>()
+                    );
+                    if record
+                        .rdata
+                        .into_iter()
+                        .any(|r| r.text.eq_ignore_ascii_case(dns_challenge.as_bytes()))
+                    {
+                        break;
+                    }
+                    tokio::time::sleep(DNS_QUERY_WAIT).await;
+                }
+            }
+        }
+        info!("all nameservers are serving (slay), waiting 3 more seconds");
+        tokio::time::sleep(Duration::from_secs(3)).await;
+        info!("notifying CA");
+
+        for (_, url) in challenges {
+            order.set_challenge_ready(url).await.unwrap();
+        }
+
+        let mut tries = 1u8;
+        let mut delay = Duration::from_millis(250);
+        loop {
+            tokio::time::sleep(delay).await;
+            let state = order.refresh().await?;
+            if let OrderStatus::Ready | OrderStatus::Invalid = state.status {
+                info!("order state: {:#?}", state);
+                break;
+            } else {
+                info!("waiting on order... state: {:?}", state.status);
+            }
+
+            delay *= 2;
+            tries += 1;
+            match tries < 5 {
+                true => info!("[{state:?}({tries})] order is not ready, waiting {delay:?}"),
+                false => {
+                    info!("[{state:?}({tries})] order is not ready");
+                    return Err(anyhow::anyhow!("order is not ready"));
+                }
+            }
+        }
+
+        let state = order.state();
+        match &state.status {
+            OrderStatus::Ready => Ok(()),
+            status => Err(anyhow::anyhow!(
+                "unexpected order status: {:?}\nwith state:{state:#?}",
+                status
+            )),
+        }
+    }
 }