feat: new acme dns-01 provider: ucloud udnr
This commit is contained in:
Fu Diwei
@@ -1,9 +1,8 @@
|
||||
package lego_aliyunesa
|
||||
package internal
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"strings"
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
@@ -102,13 +101,13 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
|
||||
return fmt.Errorf("alicloud-esa: could not find zone for domain %q: %w", domain, err)
|
||||
}
|
||||
|
||||
siteName := strings.TrimRight(authZone, ".")
|
||||
siteName := dns01.UnFqdn(authZone)
|
||||
siteId, err := d.getSiteId(siteName)
|
||||
if err != nil {
|
||||
return fmt.Errorf("alicloud-esa: could not find site for zone %q: %w", siteName, err)
|
||||
}
|
||||
|
||||
if err := d.addOrUpdateDNSRecord(siteId, strings.TrimRight(info.EffectiveFQDN, "."), info.Value); err != nil {
|
||||
if err := d.addOrUpdateDNSRecord(siteId, dns01.UnFqdn(info.EffectiveFQDN), info.Value); err != nil {
|
||||
return fmt.Errorf("alicloud-esa: %w", err)
|
||||
}
|
||||
|
||||
@@ -123,13 +122,13 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
|
||||
return fmt.Errorf("alicloud-esa: could not find zone for domain %q: %w", domain, err)
|
||||
}
|
||||
|
||||
siteName := strings.TrimRight(authZone, ".")
|
||||
siteName := dns01.UnFqdn(authZone)
|
||||
siteId, err := d.getSiteId(siteName)
|
||||
if err != nil {
|
||||
return fmt.Errorf("alicloud-esa: could not find site for zone %q: %w", siteName, err)
|
||||
}
|
||||
|
||||
if err := d.removeDNSRecord(siteId, strings.TrimRight(info.EffectiveFQDN, ".")); err != nil {
|
||||
if err := d.removeDNSRecord(siteId, dns01.UnFqdn(info.EffectiveFQDN)); err != nil {
|
||||
return fmt.Errorf("alicloud-esa: %w", err)
|
||||
}
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package lego_baiducloud
|
||||
package internal
|
||||
|
||||
import (
|
||||
"errors"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package lego_dnsla
|
||||
package internal
|
||||
|
||||
import (
|
||||
"errors"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package lego_dynv6
|
||||
package internal
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package lego_gname
|
||||
package internal
|
||||
|
||||
import (
|
||||
"errors"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package lego_jdcloud
|
||||
package internal
|
||||
|
||||
import (
|
||||
"errors"
|
||||
|
||||
@@ -1,10 +1,9 @@
|
||||
package lego_tencentcloudeo
|
||||
package internal
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"math"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/go-acme/lego/v4/challenge"
|
||||
@@ -91,7 +90,7 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
||||
func (d *DNSProvider) Present(domain, token, keyAuth string) error {
|
||||
info := dns01.GetChallengeInfo(domain, keyAuth)
|
||||
|
||||
if err := d.addOrUpdateDNSRecord(strings.TrimRight(info.EffectiveFQDN, "."), info.Value); err != nil {
|
||||
if err := d.addOrUpdateDNSRecord(dns01.UnFqdn(info.EffectiveFQDN), info.Value); err != nil {
|
||||
return fmt.Errorf("tencentcloud-eo: %w", err)
|
||||
}
|
||||
|
||||
@@ -101,7 +100,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
|
||||
func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
|
||||
info := dns01.GetChallengeInfo(domain, keyAuth)
|
||||
|
||||
if err := d.removeDNSRecord(strings.TrimRight(info.EffectiveFQDN, ".")); err != nil {
|
||||
if err := d.removeDNSRecord(dns01.UnFqdn(info.EffectiveFQDN)); err != nil {
|
||||
return fmt.Errorf("tencentcloud-eo: %w", err)
|
||||
}
|
||||
|
||||
|
||||
@@ -0,0 +1,165 @@
|
||||
package internal
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"github.com/go-acme/lego/v4/challenge"
|
||||
"github.com/go-acme/lego/v4/challenge/dns01"
|
||||
"github.com/go-acme/lego/v4/platform/config/env"
|
||||
"github.com/ucloud/ucloud-sdk-go/ucloud"
|
||||
"github.com/ucloud/ucloud-sdk-go/ucloud/auth"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/sdk3rd/ucloud/udnr"
|
||||
)
|
||||
|
||||
const (
|
||||
envNamespace = "UCLOUDUDNR_"
|
||||
|
||||
EnvPublicKey = envNamespace + "PUBLIC_KEY"
|
||||
EnvPrivateKey = envNamespace + "PRIVATE_KEY"
|
||||
|
||||
EnvTTL = envNamespace + "TTL"
|
||||
EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
|
||||
EnvPollingInterval = envNamespace + "POLLING_INTERVAL"
|
||||
EnvHTTPTimeout = envNamespace + "HTTP_TIMEOUT"
|
||||
)
|
||||
|
||||
var _ challenge.ProviderTimeout = (*DNSProvider)(nil)
|
||||
|
||||
type Config struct {
|
||||
PrivateKey string
|
||||
PublicKey string
|
||||
|
||||
PropagationTimeout time.Duration
|
||||
PollingInterval time.Duration
|
||||
TTL int32
|
||||
HTTPTimeout time.Duration
|
||||
}
|
||||
|
||||
type DNSProvider struct {
|
||||
client *udnr.UDNRClient
|
||||
config *Config
|
||||
}
|
||||
|
||||
func NewDefaultConfig() *Config {
|
||||
return &Config{
|
||||
TTL: int32(env.GetOrDefaultInt(EnvTTL, 300)),
|
||||
PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, 2*time.Minute),
|
||||
PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, dns01.DefaultPollingInterval),
|
||||
HTTPTimeout: env.GetOrDefaultSecond(EnvHTTPTimeout, 30*time.Second),
|
||||
}
|
||||
}
|
||||
|
||||
func NewDNSProvider() (*DNSProvider, error) {
|
||||
values, err := env.Get(EnvPrivateKey, EnvPublicKey)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("ucloud-udnr: %w", err)
|
||||
}
|
||||
|
||||
config := NewDefaultConfig()
|
||||
config.PrivateKey = values[EnvPrivateKey]
|
||||
config.PublicKey = values[EnvPublicKey]
|
||||
|
||||
return NewDNSProviderConfig(config)
|
||||
}
|
||||
|
||||
func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
||||
if config == nil {
|
||||
return nil, errors.New("ucloud-udnr: the configuration of the DNS provider is nil")
|
||||
}
|
||||
|
||||
cfg := ucloud.NewConfig()
|
||||
credential := auth.NewCredential()
|
||||
credential.PrivateKey = config.PrivateKey
|
||||
credential.PublicKey = config.PublicKey
|
||||
client := udnr.NewClient(&cfg, &credential)
|
||||
|
||||
return &DNSProvider{
|
||||
client: client,
|
||||
config: config,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (d *DNSProvider) Present(domain, token, keyAuth string) error {
|
||||
info := dns01.GetChallengeInfo(domain, keyAuth)
|
||||
|
||||
authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
|
||||
if err != nil {
|
||||
return fmt.Errorf("ucloud-udnr: could not find zone for domain %q: %w", domain, err)
|
||||
}
|
||||
|
||||
subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
|
||||
if err != nil {
|
||||
return fmt.Errorf("ucloud-udnr: %w", err)
|
||||
}
|
||||
|
||||
udnrDomainDNSQueryReq := d.client.NewQueryDomainDNSRequest()
|
||||
udnrDomainDNSQueryReq.Dn = ucloud.String(authZone)
|
||||
if udnrDomainDNSQueryResp, err := d.client.QueryDomainDNS(udnrDomainDNSQueryReq); err != nil {
|
||||
return fmt.Errorf("ucloud-udnr: %w", err)
|
||||
} else {
|
||||
for _, record := range udnrDomainDNSQueryResp.Data {
|
||||
if record.DnsType == "TXT" && record.RecordName == subDomain {
|
||||
udnrDomainDNSDeleteReq := d.client.NewDeleteDomainDNSRequest()
|
||||
udnrDomainDNSDeleteReq.Dn = ucloud.String(authZone)
|
||||
udnrDomainDNSDeleteReq.DnsType = ucloud.String(record.DnsType)
|
||||
udnrDomainDNSDeleteReq.RecordName = ucloud.String(record.RecordName)
|
||||
udnrDomainDNSDeleteReq.Content = ucloud.String(record.Content)
|
||||
d.client.DeleteDomainDNS(udnrDomainDNSDeleteReq)
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
udnrDomainDNSAddReq := d.client.NewAddDomainDNSRequest()
|
||||
udnrDomainDNSAddReq.Dn = ucloud.String(authZone)
|
||||
udnrDomainDNSAddReq.DnsType = ucloud.String("TXT")
|
||||
udnrDomainDNSAddReq.RecordName = ucloud.String(subDomain)
|
||||
udnrDomainDNSAddReq.Content = ucloud.String(info.Value)
|
||||
udnrDomainDNSAddReq.TTL = ucloud.Int(int(d.config.TTL))
|
||||
if _, err := d.client.AddDomainDNS(udnrDomainDNSAddReq); err != nil {
|
||||
return fmt.Errorf("ucloud-udnr: %w", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
|
||||
info := dns01.GetChallengeInfo(domain, keyAuth)
|
||||
|
||||
authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
|
||||
if err != nil {
|
||||
return fmt.Errorf("ucloud-udnr: could not find zone for domain %q: %w", domain, err)
|
||||
}
|
||||
|
||||
subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
|
||||
if err != nil {
|
||||
return fmt.Errorf("ucloud-udnr: %w", err)
|
||||
}
|
||||
|
||||
udnrDomainDNSQueryReq := d.client.NewQueryDomainDNSRequest()
|
||||
udnrDomainDNSQueryReq.Dn = ucloud.String(authZone)
|
||||
if udnrDomainDNSQueryResp, err := d.client.QueryDomainDNS(udnrDomainDNSQueryReq); err != nil {
|
||||
return fmt.Errorf("ucloud-udnr: %w", err)
|
||||
} else {
|
||||
for _, record := range udnrDomainDNSQueryResp.Data {
|
||||
if record.DnsType == "TXT" && record.RecordName == subDomain {
|
||||
udnrDomainDNSDeleteReq := d.client.NewDeleteDomainDNSRequest()
|
||||
udnrDomainDNSDeleteReq.Dn = ucloud.String(authZone)
|
||||
udnrDomainDNSDeleteReq.DnsType = ucloud.String(record.DnsType)
|
||||
udnrDomainDNSDeleteReq.RecordName = ucloud.String(record.RecordName)
|
||||
udnrDomainDNSDeleteReq.Content = ucloud.String(record.Content)
|
||||
d.client.DeleteDomainDNS(udnrDomainDNSDeleteReq)
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
|
||||
return d.config.PropagationTimeout, d.config.PollingInterval
|
||||
}
|
||||
@@ -0,0 +1,40 @@
|
||||
package ucloududnr
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"time"
|
||||
|
||||
"github.com/go-acme/lego/v4/challenge"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/applicant/acme-dns-01/lego-providers/ucloud-udnr/internal"
|
||||
)
|
||||
|
||||
type ChallengeProviderConfig struct {
|
||||
PrivateKey string `json:"privateKey"`
|
||||
PublicKey string `json:"publicKey"`
|
||||
DnsPropagationTimeout int32 `json:"dnsPropagationTimeout,omitempty"`
|
||||
DnsTTL int32 `json:"dnsTTL,omitempty"`
|
||||
}
|
||||
|
||||
func NewChallengeProvider(config *ChallengeProviderConfig) (challenge.Provider, error) {
|
||||
if config == nil {
|
||||
return nil, errors.New("config is nil")
|
||||
}
|
||||
|
||||
providerConfig := internal.NewDefaultConfig()
|
||||
providerConfig.PrivateKey = config.PrivateKey
|
||||
providerConfig.PublicKey = config.PublicKey
|
||||
if config.DnsTTL != 0 {
|
||||
providerConfig.TTL = config.DnsTTL
|
||||
}
|
||||
if config.DnsPropagationTimeout != 0 {
|
||||
providerConfig.PropagationTimeout = time.Duration(config.DnsPropagationTimeout) * time.Second
|
||||
}
|
||||
|
||||
provider, err := internal.NewDNSProviderConfig(providerConfig)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return provider, nil
|
||||
}
|
||||
Reference in New Issue
Block a user