mirror of
https://github.com/go-acme/lego.git
synced 2024-12-25 11:02:56 +02:00
Add NearlyFreeSpeech DNS Provider (#1652)
Co-authored-by: Ludovic Fernandez <ldez@users.noreply.github.com>
This commit is contained in:
parent
9a95c86c4a
commit
638745cbce
18
README.md
18
README.md
@ -63,15 +63,15 @@ Detailed documentation is available [here](https://go-acme.github.io/lego/dns).
|
||||
| [Joker](https://go-acme.github.io/lego/dns/joker/) | [Joohoi's ACME-DNS](https://go-acme.github.io/lego/dns/acme-dns/) | [Linode (v4)](https://go-acme.github.io/lego/dns/linode/) | [Liquid Web](https://go-acme.github.io/lego/dns/liquidweb/) |
|
||||
| [Loopia](https://go-acme.github.io/lego/dns/loopia/) | [LuaDNS](https://go-acme.github.io/lego/dns/luadns/) | [Manual](https://go-acme.github.io/lego/dns/manual/) | [MyDNS.jp](https://go-acme.github.io/lego/dns/mydnsjp/) |
|
||||
| [MythicBeasts](https://go-acme.github.io/lego/dns/mythicbeasts/) | [Name.com](https://go-acme.github.io/lego/dns/namedotcom/) | [Namecheap](https://go-acme.github.io/lego/dns/namecheap/) | [Namesilo](https://go-acme.github.io/lego/dns/namesilo/) |
|
||||
| [Netcup](https://go-acme.github.io/lego/dns/netcup/) | [Netlify](https://go-acme.github.io/lego/dns/netlify/) | [Nicmanager](https://go-acme.github.io/lego/dns/nicmanager/) | [NIFCloud](https://go-acme.github.io/lego/dns/nifcloud/) |
|
||||
| [Njalla](https://go-acme.github.io/lego/dns/njalla/) | [NS1](https://go-acme.github.io/lego/dns/ns1/) | [Open Telekom Cloud](https://go-acme.github.io/lego/dns/otc/) | [Oracle Cloud](https://go-acme.github.io/lego/dns/oraclecloud/) |
|
||||
| [OVH](https://go-acme.github.io/lego/dns/ovh/) | [Porkbun](https://go-acme.github.io/lego/dns/porkbun/) | [PowerDNS](https://go-acme.github.io/lego/dns/pdns/) | [Rackspace](https://go-acme.github.io/lego/dns/rackspace/) |
|
||||
| [reg.ru](https://go-acme.github.io/lego/dns/regru/) | [RFC2136](https://go-acme.github.io/lego/dns/rfc2136/) | [RimuHosting](https://go-acme.github.io/lego/dns/rimuhosting/) | [Sakura Cloud](https://go-acme.github.io/lego/dns/sakuracloud/) |
|
||||
| [Scaleway](https://go-acme.github.io/lego/dns/scaleway/) | [Selectel](https://go-acme.github.io/lego/dns/selectel/) | [Servercow](https://go-acme.github.io/lego/dns/servercow/) | [Simply.com](https://go-acme.github.io/lego/dns/simply/) |
|
||||
| [Sonic](https://go-acme.github.io/lego/dns/sonic/) | [Stackpath](https://go-acme.github.io/lego/dns/stackpath/) | [Tencent Cloud DNS](https://go-acme.github.io/lego/dns/tencentcloud/) | [TransIP](https://go-acme.github.io/lego/dns/transip/) |
|
||||
| [UKFast SafeDNS](https://go-acme.github.io/lego/dns/safedns/) | [VegaDNS](https://go-acme.github.io/lego/dns/vegadns/) | [Vercel](https://go-acme.github.io/lego/dns/vercel/) | [Versio.[nl/eu/uk]](https://go-acme.github.io/lego/dns/versio/) |
|
||||
| [VinylDNS](https://go-acme.github.io/lego/dns/vinyldns/) | [Vscale](https://go-acme.github.io/lego/dns/vscale/) | [Vultr](https://go-acme.github.io/lego/dns/vultr/) | [WEDOS](https://go-acme.github.io/lego/dns/wedos/) |
|
||||
| [Yandex](https://go-acme.github.io/lego/dns/yandex/) | [Zone.ee](https://go-acme.github.io/lego/dns/zoneee/) | [Zonomi](https://go-acme.github.io/lego/dns/zonomi/) | |
|
||||
| [NearlyFreeSpeech.NET](https://go-acme.github.io/lego/dns/nearlyfreespeech/) | [Netcup](https://go-acme.github.io/lego/dns/netcup/) | [Netlify](https://go-acme.github.io/lego/dns/netlify/) | [Nicmanager](https://go-acme.github.io/lego/dns/nicmanager/) |
|
||||
| [NIFCloud](https://go-acme.github.io/lego/dns/nifcloud/) | [Njalla](https://go-acme.github.io/lego/dns/njalla/) | [NS1](https://go-acme.github.io/lego/dns/ns1/) | [Open Telekom Cloud](https://go-acme.github.io/lego/dns/otc/) |
|
||||
| [Oracle Cloud](https://go-acme.github.io/lego/dns/oraclecloud/) | [OVH](https://go-acme.github.io/lego/dns/ovh/) | [Porkbun](https://go-acme.github.io/lego/dns/porkbun/) | [PowerDNS](https://go-acme.github.io/lego/dns/pdns/) |
|
||||
| [Rackspace](https://go-acme.github.io/lego/dns/rackspace/) | [reg.ru](https://go-acme.github.io/lego/dns/regru/) | [RFC2136](https://go-acme.github.io/lego/dns/rfc2136/) | [RimuHosting](https://go-acme.github.io/lego/dns/rimuhosting/) |
|
||||
| [Sakura Cloud](https://go-acme.github.io/lego/dns/sakuracloud/) | [Scaleway](https://go-acme.github.io/lego/dns/scaleway/) | [Selectel](https://go-acme.github.io/lego/dns/selectel/) | [Servercow](https://go-acme.github.io/lego/dns/servercow/) |
|
||||
| [Simply.com](https://go-acme.github.io/lego/dns/simply/) | [Sonic](https://go-acme.github.io/lego/dns/sonic/) | [Stackpath](https://go-acme.github.io/lego/dns/stackpath/) | [Tencent Cloud DNS](https://go-acme.github.io/lego/dns/tencentcloud/) |
|
||||
| [TransIP](https://go-acme.github.io/lego/dns/transip/) | [UKFast SafeDNS](https://go-acme.github.io/lego/dns/safedns/) | [VegaDNS](https://go-acme.github.io/lego/dns/vegadns/) | [Vercel](https://go-acme.github.io/lego/dns/vercel/) |
|
||||
| [Versio.[nl/eu/uk]](https://go-acme.github.io/lego/dns/versio/) | [VinylDNS](https://go-acme.github.io/lego/dns/vinyldns/) | [Vscale](https://go-acme.github.io/lego/dns/vscale/) | [Vultr](https://go-acme.github.io/lego/dns/vultr/) |
|
||||
| [WEDOS](https://go-acme.github.io/lego/dns/wedos/) | [Yandex](https://go-acme.github.io/lego/dns/yandex/) | [Zone.ee](https://go-acme.github.io/lego/dns/zoneee/) | [Zonomi](https://go-acme.github.io/lego/dns/zonomi/) |
|
||||
|
||||
<!-- END DNS PROVIDERS LIST -->
|
||||
|
||||
|
@ -80,6 +80,7 @@ func allDNSCodes() string {
|
||||
"namecheap",
|
||||
"namedotcom",
|
||||
"namesilo",
|
||||
"nearlyfreespeech",
|
||||
"netcup",
|
||||
"netlify",
|
||||
"nicmanager",
|
||||
@ -1522,6 +1523,28 @@ func displayDNSHelp(name string) error {
|
||||
ew.writeln()
|
||||
ew.writeln(`More information: https://go-acme.github.io/lego/dns/namesilo`)
|
||||
|
||||
case "nearlyfreespeech":
|
||||
// generated from: providers/dns/nearlyfreespeech/nearlyfreespeech.toml
|
||||
ew.writeln(`Configuration for NearlyFreeSpeech.NET.`)
|
||||
ew.writeln(`Code: 'nearlyfreespeech'`)
|
||||
ew.writeln(`Since: 'v4.8.0'`)
|
||||
ew.writeln()
|
||||
|
||||
ew.writeln(`Credentials:`)
|
||||
ew.writeln(` - "NEARLYFREESPEECH_API_KEY": API Key for API requests`)
|
||||
ew.writeln(` - "NEARLYFREESPEECH_LOGIN": Username for API requests`)
|
||||
ew.writeln()
|
||||
|
||||
ew.writeln(`Additional Configuration:`)
|
||||
ew.writeln(` - "NEARLYFREESPEECH_HTTP_TIMEOUT": API request timeout`)
|
||||
ew.writeln(` - "NEARLYFREESPEECH_POLLING_INTERVAL": Time between DNS propagation check`)
|
||||
ew.writeln(` - "NEARLYFREESPEECH_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`)
|
||||
ew.writeln(` - "NEARLYFREESPEECH_SEQUENCE_INTERVAL": Time between sequential requests`)
|
||||
ew.writeln(` - "NEARLYFREESPEECH_TTL": The TTL of the TXT record used for the DNS challenge`)
|
||||
|
||||
ew.writeln()
|
||||
ew.writeln(`More information: https://go-acme.github.io/lego/dns/nearlyfreespeech`)
|
||||
|
||||
case "netcup":
|
||||
// generated from: providers/dns/netcup/netcup.toml
|
||||
ew.writeln(`Configuration for Netcup.`)
|
||||
|
65
docs/content/dns/zz_gen_nearlyfreespeech.md
Normal file
65
docs/content/dns/zz_gen_nearlyfreespeech.md
Normal file
@ -0,0 +1,65 @@
|
||||
---
|
||||
title: "NearlyFreeSpeech.NET"
|
||||
date: 2019-03-03T16:39:46+01:00
|
||||
draft: false
|
||||
slug: nearlyfreespeech
|
||||
---
|
||||
|
||||
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
|
||||
<!-- providers/dns/nearlyfreespeech/nearlyfreespeech.toml -->
|
||||
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
|
||||
|
||||
Since: v4.8.0
|
||||
|
||||
Configuration for [NearlyFreeSpeech.NET](https://nearlyfreespeech.net/).
|
||||
|
||||
|
||||
<!--more-->
|
||||
|
||||
- Code: `nearlyfreespeech`
|
||||
|
||||
Here is an example bash command using the NearlyFreeSpeech.NET provider:
|
||||
|
||||
```bash
|
||||
NEARLYFREESPEECH_API_KEY=xxxxxx \
|
||||
NEARLYFREESPEECH_LOGIN=xxxx \
|
||||
lego --email myemail@example.com --dns nearlyfreespeech --domains my.example.org run
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## Credentials
|
||||
|
||||
| Environment Variable Name | Description |
|
||||
|-----------------------|-------------|
|
||||
| `NEARLYFREESPEECH_API_KEY` | API Key for API requests |
|
||||
| `NEARLYFREESPEECH_LOGIN` | Username for API requests |
|
||||
|
||||
The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
|
||||
More information [here](/lego/dns/#configuration-and-credentials).
|
||||
|
||||
|
||||
## Additional Configuration
|
||||
|
||||
| Environment Variable Name | Description |
|
||||
|--------------------------------|-------------|
|
||||
| `NEARLYFREESPEECH_HTTP_TIMEOUT` | API request timeout |
|
||||
| `NEARLYFREESPEECH_POLLING_INTERVAL` | Time between DNS propagation check |
|
||||
| `NEARLYFREESPEECH_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
|
||||
| `NEARLYFREESPEECH_SEQUENCE_INTERVAL` | Time between sequential requests |
|
||||
| `NEARLYFREESPEECH_TTL` | The TTL of the TXT record used for the DNS challenge |
|
||||
|
||||
The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
|
||||
More information [here](/lego/dns/#configuration-and-credentials).
|
||||
|
||||
|
||||
|
||||
|
||||
## More information
|
||||
|
||||
- [API documentation](https://members.nearlyfreespeech.net/wiki/API/Reference)
|
||||
|
||||
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
|
||||
<!-- providers/dns/nearlyfreespeech/nearlyfreespeech.toml -->
|
||||
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
|
@ -71,6 +71,7 @@ import (
|
||||
"github.com/go-acme/lego/v4/providers/dns/namecheap"
|
||||
"github.com/go-acme/lego/v4/providers/dns/namedotcom"
|
||||
"github.com/go-acme/lego/v4/providers/dns/namesilo"
|
||||
"github.com/go-acme/lego/v4/providers/dns/nearlyfreespeech"
|
||||
"github.com/go-acme/lego/v4/providers/dns/netcup"
|
||||
"github.com/go-acme/lego/v4/providers/dns/netlify"
|
||||
"github.com/go-acme/lego/v4/providers/dns/nicmanager"
|
||||
@ -246,6 +247,8 @@ func NewDNSChallengeProviderByName(name string) (challenge.Provider, error) {
|
||||
return namedotcom.NewDNSProvider()
|
||||
case "namesilo":
|
||||
return namesilo.NewDNSProvider()
|
||||
case "nearlyfreespeech":
|
||||
return nearlyfreespeech.NewDNSProvider()
|
||||
case "netcup":
|
||||
return netcup.NewDNSProvider()
|
||||
case "netlify":
|
||||
|
117
providers/dns/nearlyfreespeech/internal/client.go
Normal file
117
providers/dns/nearlyfreespeech/internal/client.go
Normal file
@ -0,0 +1,117 @@
|
||||
package internal
|
||||
|
||||
import (
|
||||
"crypto/sha1"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
"math/rand"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"path"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/go-acme/lego/v4/challenge/dns01"
|
||||
querystring "github.com/google/go-querystring/query"
|
||||
)
|
||||
|
||||
const apiURL = "https://api.nearlyfreespeech.net"
|
||||
|
||||
const authenticationHeader = "X-NFSN-Authentication"
|
||||
|
||||
const saltBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
|
||||
|
||||
type Client struct {
|
||||
HTTPClient *http.Client
|
||||
baseURL *url.URL
|
||||
|
||||
login string
|
||||
apiKey string
|
||||
}
|
||||
|
||||
func NewClient(login string, apiKey string) *Client {
|
||||
baseURL, _ := url.Parse(apiURL)
|
||||
return &Client{
|
||||
HTTPClient: &http.Client{Timeout: 10 * time.Second},
|
||||
baseURL: baseURL,
|
||||
login: login,
|
||||
apiKey: apiKey,
|
||||
}
|
||||
}
|
||||
|
||||
func (c Client) AddRecord(domain string, record Record) error {
|
||||
params, err := querystring.Values(record)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return c.do(path.Join("dns", dns01.UnFqdn(domain), "addRR"), params)
|
||||
}
|
||||
|
||||
func (c Client) RemoveRecord(domain string, record Record) error {
|
||||
params, err := querystring.Values(record)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return c.do(path.Join("dns", dns01.UnFqdn(domain), "removeRR"), params)
|
||||
}
|
||||
|
||||
func (c Client) do(uri string, params url.Values) error {
|
||||
endpoint, err := c.baseURL.Parse(path.Join(c.baseURL.Path, uri))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
payload := params.Encode()
|
||||
|
||||
req, err := http.NewRequest(http.MethodPost, endpoint.String(), strings.NewReader(payload))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
||||
req.Header.Set(authenticationHeader, c.createSignature(endpoint.Path, payload))
|
||||
|
||||
resp, err := c.HTTPClient.Do(req)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
defer func() { _ = resp.Body.Close() }()
|
||||
|
||||
if resp.StatusCode != http.StatusOK {
|
||||
data, _ := io.ReadAll(resp.Body)
|
||||
|
||||
apiErr := &APIError{}
|
||||
err := json.Unmarshal(data, apiErr)
|
||||
if err != nil {
|
||||
return fmt.Errorf("%s: %s", resp.Status, data)
|
||||
}
|
||||
|
||||
return apiErr
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c Client) createSignature(uri string, body string) string {
|
||||
// This is the only part of this that needs to be serialized.
|
||||
salt := make([]byte, 16)
|
||||
for i := 0; i < 16; i++ {
|
||||
salt[i] = saltBytes[rand.Intn(len(saltBytes))]
|
||||
}
|
||||
|
||||
// Header is "login;timestamp;salt;hash".
|
||||
// hash is SHA1("login;timestamp;salt;api-key;request-uri;body-hash")
|
||||
// and body-hash is SHA1(body).
|
||||
|
||||
bodyHash := sha1.Sum([]byte(body))
|
||||
timestamp := strconv.FormatInt(time.Now().Unix(), 10)
|
||||
|
||||
hashInput := fmt.Sprintf("%s;%s;%s;%s;%s;%02x", c.login, timestamp, salt, c.apiKey, uri, bodyHash)
|
||||
|
||||
return fmt.Sprintf("%s;%s;%s;%02x", c.login, timestamp, salt, sha1.Sum([]byte(hashInput)))
|
||||
}
|
148
providers/dns/nearlyfreespeech/internal/client_test.go
Normal file
148
providers/dns/nearlyfreespeech/internal/client_test.go
Normal file
@ -0,0 +1,148 @@
|
||||
package internal
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"net/url"
|
||||
"os"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func setupTest(t *testing.T) (*Client, *http.ServeMux) {
|
||||
t.Helper()
|
||||
|
||||
mux := http.NewServeMux()
|
||||
|
||||
server := httptest.NewServer(mux)
|
||||
|
||||
client := NewClient("user", "secret")
|
||||
client.HTTPClient = server.Client()
|
||||
client.baseURL, _ = url.Parse(server.URL)
|
||||
|
||||
return client, mux
|
||||
}
|
||||
|
||||
func testHandler(params map[string]string) http.HandlerFunc {
|
||||
return func(rw http.ResponseWriter, req *http.Request) {
|
||||
if req.Method != http.MethodPost {
|
||||
http.Error(rw, http.StatusText(http.StatusMethodNotAllowed), http.StatusMethodNotAllowed)
|
||||
return
|
||||
}
|
||||
|
||||
if req.Header.Get(authenticationHeader) == "" {
|
||||
http.Error(rw, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
err := req.ParseForm()
|
||||
if err != nil {
|
||||
http.Error(rw, err.Error(), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
for k, v := range params {
|
||||
if req.PostForm.Get(k) != v {
|
||||
http.Error(rw, fmt.Sprintf("data: got %s want %s", k, v), http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func testErrorHandler() http.HandlerFunc {
|
||||
return func(rw http.ResponseWriter, req *http.Request) {
|
||||
if req.Method != http.MethodPost {
|
||||
http.Error(rw, http.StatusText(http.StatusMethodNotAllowed), http.StatusMethodNotAllowed)
|
||||
return
|
||||
}
|
||||
|
||||
file, err := os.Open("./fixtures/error.json")
|
||||
if err != nil {
|
||||
http.Error(rw, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
rw.WriteHeader(http.StatusUnauthorized)
|
||||
|
||||
_, _ = io.Copy(rw, file)
|
||||
}
|
||||
}
|
||||
|
||||
func TestClient_AddRecord(t *testing.T) {
|
||||
client, mux := setupTest(t)
|
||||
|
||||
params := map[string]string{
|
||||
"data": "txtTXTtxt",
|
||||
"name": "sub",
|
||||
"type": "TXT",
|
||||
"ttl": "30",
|
||||
}
|
||||
|
||||
mux.Handle("/dns/example.com/addRR", testHandler(params))
|
||||
|
||||
record := Record{
|
||||
Name: "sub",
|
||||
Type: "TXT",
|
||||
Data: "txtTXTtxt",
|
||||
TTL: 30,
|
||||
}
|
||||
|
||||
err := client.AddRecord("example.com", record)
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
func TestClient_AddRecord_error(t *testing.T) {
|
||||
client, mux := setupTest(t)
|
||||
|
||||
mux.Handle("/dns/example.com/addRR", testErrorHandler())
|
||||
|
||||
record := Record{
|
||||
Name: "sub",
|
||||
Type: "TXT",
|
||||
Data: "txtTXTtxt",
|
||||
TTL: 30,
|
||||
}
|
||||
|
||||
err := client.AddRecord("example.com", record)
|
||||
require.Error(t, err)
|
||||
}
|
||||
|
||||
func TestClient_RemoveRecord(t *testing.T) {
|
||||
client, mux := setupTest(t)
|
||||
|
||||
params := map[string]string{
|
||||
"data": "txtTXTtxt",
|
||||
"name": "sub",
|
||||
"type": "TXT",
|
||||
}
|
||||
|
||||
mux.Handle("/dns/example.com/removeRR", testHandler(params))
|
||||
|
||||
record := Record{
|
||||
Name: "sub",
|
||||
Type: "TXT",
|
||||
Data: "txtTXTtxt",
|
||||
}
|
||||
|
||||
err := client.RemoveRecord("example.com", record)
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
func TestClient_RemoveRecord_error(t *testing.T) {
|
||||
client, mux := setupTest(t)
|
||||
|
||||
mux.Handle("/dns/example.com/removeRR", testErrorHandler())
|
||||
|
||||
record := Record{
|
||||
Name: "sub",
|
||||
Type: "TXT",
|
||||
Data: "txtTXTtxt",
|
||||
}
|
||||
|
||||
err := client.RemoveRecord("example.com", record)
|
||||
require.Error(t, err)
|
||||
}
|
@ -0,0 +1,4 @@
|
||||
{
|
||||
"error": "The API request could not be authenticated.",
|
||||
"debug": "The X-NFSN-Authentication header is not present."
|
||||
}
|
19
providers/dns/nearlyfreespeech/internal/types.go
Normal file
19
providers/dns/nearlyfreespeech/internal/types.go
Normal file
@ -0,0 +1,19 @@
|
||||
package internal
|
||||
|
||||
import "fmt"
|
||||
|
||||
type Record struct {
|
||||
Name string `url:"name,omitempty"`
|
||||
Type string `url:"type,omitempty"`
|
||||
Data string `url:"data,omitempty"`
|
||||
TTL int `url:"ttl,omitempty"`
|
||||
}
|
||||
|
||||
type APIError struct {
|
||||
Message string `json:"error"`
|
||||
Debug string `json:"debug"`
|
||||
}
|
||||
|
||||
func (a APIError) Error() string {
|
||||
return fmt.Sprintf("%s: %s", a.Message, a.Debug)
|
||||
}
|
158
providers/dns/nearlyfreespeech/nearlyfreespeech.go
Normal file
158
providers/dns/nearlyfreespeech/nearlyfreespeech.go
Normal file
@ -0,0 +1,158 @@
|
||||
// Package nearlyfreespeech implements a DNS provider for solving the DNS-01 challenge using NearlyFreeSpeech.NET.
|
||||
package nearlyfreespeech
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"github.com/go-acme/lego/v4/challenge/dns01"
|
||||
"github.com/go-acme/lego/v4/platform/config/env"
|
||||
"github.com/go-acme/lego/v4/providers/dns/nearlyfreespeech/internal"
|
||||
)
|
||||
|
||||
// Environment variables names.
|
||||
const (
|
||||
envNamespace = "NEARLYFREESPEECH_"
|
||||
|
||||
EnvLogin = envNamespace + "LOGIN"
|
||||
EnvAPIKey = envNamespace + "API_KEY"
|
||||
|
||||
EnvTTL = envNamespace + "TTL"
|
||||
EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
|
||||
EnvPollingInterval = envNamespace + "POLLING_INTERVAL"
|
||||
EnvHTTPTimeout = envNamespace + "HTTP_TIMEOUT"
|
||||
EnvSequenceInterval = envNamespace + "SEQUENCE_INTERVAL"
|
||||
)
|
||||
|
||||
// Config is used to configure the creation of the DNSProvider.
|
||||
type Config struct {
|
||||
APIKey string
|
||||
Login string
|
||||
|
||||
TTL int
|
||||
PropagationTimeout time.Duration
|
||||
PollingInterval time.Duration
|
||||
SequenceInterval time.Duration
|
||||
HTTPClient *http.Client
|
||||
}
|
||||
|
||||
// NewDefaultConfig returns a default configuration for the DNSProvider.
|
||||
func NewDefaultConfig() *Config {
|
||||
return &Config{
|
||||
TTL: env.GetOrDefaultInt(EnvTTL, 3600),
|
||||
PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, dns01.DefaultPropagationTimeout),
|
||||
PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, dns01.DefaultPollingInterval),
|
||||
SequenceInterval: env.GetOrDefaultSecond(EnvSequenceInterval, dns01.DefaultPropagationTimeout),
|
||||
HTTPClient: &http.Client{
|
||||
Timeout: env.GetOrDefaultSecond(EnvHTTPTimeout, 30*time.Second),
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
// DNSProvider implements the challenge.Provider interface.
|
||||
type DNSProvider struct {
|
||||
config *Config
|
||||
client *internal.Client
|
||||
}
|
||||
|
||||
// NewDNSProvider returns a DNSProvider instance configured for NearlyFreeSpeech.NET.
|
||||
// Credentials must be passed in the environment variable: NEARLYFREESPEECH_LOGIN, NEARLYFREESPEECH_API_KEY.
|
||||
func NewDNSProvider() (*DNSProvider, error) {
|
||||
values, err := env.Get(EnvAPIKey, EnvLogin)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("nearlyfreespeech: %w", err)
|
||||
}
|
||||
|
||||
config := NewDefaultConfig()
|
||||
config.APIKey = values[EnvAPIKey]
|
||||
config.Login = values[EnvLogin]
|
||||
|
||||
return NewDNSProviderConfig(config)
|
||||
}
|
||||
|
||||
// NewDNSProviderConfig return a DNSProvider instance configured for NearlyFreeSpeech.NET.
|
||||
func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
||||
if config == nil {
|
||||
return nil, errors.New("nearlyfreespeech: the configuration of the DNS provider is nil")
|
||||
}
|
||||
|
||||
if config.Login == "" || config.APIKey == "" {
|
||||
return nil, errors.New("nearlyfreespeech: API credentials are missing")
|
||||
}
|
||||
|
||||
client := internal.NewClient(config.Login, config.APIKey)
|
||||
|
||||
if config.HTTPClient != nil {
|
||||
client.HTTPClient = config.HTTPClient
|
||||
}
|
||||
|
||||
return &DNSProvider{
|
||||
config: config,
|
||||
client: client,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// Timeout returns the timeout and interval to use when checking for DNS propagation.
|
||||
// Adjusting here to cope with spikes in propagation times.
|
||||
func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
|
||||
return d.config.PropagationTimeout, d.config.PollingInterval
|
||||
}
|
||||
|
||||
// Sequential All DNS challenges for this provider will be resolved sequentially.
|
||||
// Returns the interval between each iteration.
|
||||
func (d *DNSProvider) Sequential() time.Duration {
|
||||
return d.config.SequenceInterval
|
||||
}
|
||||
|
||||
// Present creates a TXT record to fulfill the dns-01 challenge.
|
||||
func (d *DNSProvider) Present(domain, token, keyAuth string) error {
|
||||
fqdn, value := dns01.GetRecord(domain, keyAuth)
|
||||
|
||||
authZone, err := dns01.FindZoneByFqdn(dns01.ToFqdn(domain))
|
||||
if err != nil {
|
||||
return fmt.Errorf("nearlyfreespeech: could not determine zone for domain %q: %w", domain, err)
|
||||
}
|
||||
|
||||
record := internal.Record{
|
||||
Name: getRecordName(fqdn, authZone),
|
||||
Type: "TXT",
|
||||
Data: value,
|
||||
TTL: d.config.TTL,
|
||||
}
|
||||
|
||||
err = d.client.AddRecord(authZone, record)
|
||||
if err != nil {
|
||||
return fmt.Errorf("nearlyfreespeech: %w", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// CleanUp removes the TXT record matching the specified parameters.
|
||||
func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
|
||||
fqdn, value := dns01.GetRecord(domain, keyAuth)
|
||||
|
||||
authZone, err := dns01.FindZoneByFqdn(dns01.ToFqdn(domain))
|
||||
if err != nil {
|
||||
return fmt.Errorf("nearlyfreespeech: could not determine zone for domain %q: %w", domain, err)
|
||||
}
|
||||
|
||||
record := internal.Record{
|
||||
Name: getRecordName(fqdn, authZone),
|
||||
Type: "TXT",
|
||||
Data: value,
|
||||
}
|
||||
|
||||
err = d.client.RemoveRecord(domain, record)
|
||||
if err != nil {
|
||||
return fmt.Errorf("nearlyfreespeech: %w", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func getRecordName(fqdn, authZone string) string {
|
||||
return fqdn[0 : len(fqdn)-len(authZone)-1]
|
||||
}
|
25
providers/dns/nearlyfreespeech/nearlyfreespeech.toml
Normal file
25
providers/dns/nearlyfreespeech/nearlyfreespeech.toml
Normal file
@ -0,0 +1,25 @@
|
||||
Name = "NearlyFreeSpeech.NET"
|
||||
Description = ''''''
|
||||
URL = "https://nearlyfreespeech.net/"
|
||||
Code = "nearlyfreespeech"
|
||||
Since = "v4.8.0"
|
||||
|
||||
Example = '''
|
||||
NEARLYFREESPEECH_API_KEY=xxxxxx \
|
||||
NEARLYFREESPEECH_LOGIN=xxxx \
|
||||
lego --email myemail@example.com --dns nearlyfreespeech --domains my.example.org run
|
||||
'''
|
||||
|
||||
[Configuration]
|
||||
[Configuration.Credentials]
|
||||
NEARLYFREESPEECH_API_KEY = "API Key for API requests"
|
||||
NEARLYFREESPEECH_LOGIN = "Username for API requests"
|
||||
[Configuration.Additional]
|
||||
NEARLYFREESPEECH_POLLING_INTERVAL = "Time between DNS propagation check"
|
||||
NEARLYFREESPEECH_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
|
||||
NEARLYFREESPEECH_TTL = "The TTL of the TXT record used for the DNS challenge"
|
||||
NEARLYFREESPEECH_HTTP_TIMEOUT = "API request timeout"
|
||||
NEARLYFREESPEECH_SEQUENCE_INTERVAL = "Time between sequential requests"
|
||||
|
||||
[Links]
|
||||
API = "https://members.nearlyfreespeech.net/wiki/API/Reference"
|
149
providers/dns/nearlyfreespeech/nearlyfreespeech_test.go
Normal file
149
providers/dns/nearlyfreespeech/nearlyfreespeech_test.go
Normal file
@ -0,0 +1,149 @@
|
||||
package nearlyfreespeech
|
||||
|
||||
import (
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/go-acme/lego/v4/platform/tester"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
const envDomain = envNamespace + "DOMAIN"
|
||||
|
||||
var envTest = tester.NewEnvTest(EnvAPIKey, EnvLogin).WithDomain(envDomain)
|
||||
|
||||
func TestNewDNSProvider(t *testing.T) {
|
||||
testCases := []struct {
|
||||
desc string
|
||||
envVars map[string]string
|
||||
expected string
|
||||
}{
|
||||
{
|
||||
desc: "success",
|
||||
envVars: map[string]string{
|
||||
EnvAPIKey: "123",
|
||||
EnvLogin: "testuser",
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "missing credentials",
|
||||
envVars: map[string]string{
|
||||
EnvAPIKey: "",
|
||||
EnvLogin: "",
|
||||
},
|
||||
expected: "nearlyfreespeech: some credentials information are missing: NEARLYFREESPEECH_API_KEY,NEARLYFREESPEECH_LOGIN",
|
||||
},
|
||||
{
|
||||
desc: "missing api key",
|
||||
envVars: map[string]string{
|
||||
EnvAPIKey: "",
|
||||
EnvLogin: "testuser",
|
||||
},
|
||||
expected: "nearlyfreespeech: some credentials information are missing: NEARLYFREESPEECH_API_KEY",
|
||||
},
|
||||
{
|
||||
desc: "missing login",
|
||||
envVars: map[string]string{
|
||||
EnvAPIKey: "123",
|
||||
EnvLogin: "",
|
||||
},
|
||||
expected: "nearlyfreespeech: some credentials information are missing: NEARLYFREESPEECH_LOGIN",
|
||||
},
|
||||
}
|
||||
|
||||
for _, test := range testCases {
|
||||
t.Run(test.desc, func(t *testing.T) {
|
||||
defer envTest.RestoreEnv()
|
||||
envTest.ClearEnv()
|
||||
|
||||
envTest.Apply(test.envVars)
|
||||
|
||||
p, err := NewDNSProvider()
|
||||
|
||||
if test.expected == "" {
|
||||
require.NoError(t, err)
|
||||
require.NotNil(t, p)
|
||||
require.NotNil(t, p.config)
|
||||
} else {
|
||||
require.EqualError(t, err, test.expected)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestNewDNSProviderConfig(t *testing.T) {
|
||||
testCases := []struct {
|
||||
desc string
|
||||
login string
|
||||
apikey string
|
||||
expected string
|
||||
}{
|
||||
{
|
||||
desc: "success",
|
||||
login: "login",
|
||||
apikey: "apikey",
|
||||
},
|
||||
{
|
||||
desc: "missing credentials",
|
||||
expected: "nearlyfreespeech: API credentials are missing",
|
||||
},
|
||||
{
|
||||
desc: "missing login",
|
||||
login: "",
|
||||
apikey: "apikey",
|
||||
expected: "nearlyfreespeech: API credentials are missing",
|
||||
},
|
||||
{
|
||||
desc: "missing key",
|
||||
login: "login",
|
||||
apikey: "",
|
||||
expected: "nearlyfreespeech: API credentials are missing",
|
||||
},
|
||||
}
|
||||
|
||||
for _, test := range testCases {
|
||||
t.Run(test.desc, func(t *testing.T) {
|
||||
config := NewDefaultConfig()
|
||||
config.APIKey = test.apikey
|
||||
config.Login = test.login
|
||||
|
||||
p, err := NewDNSProviderConfig(config)
|
||||
|
||||
if test.expected == "" {
|
||||
require.NoError(t, err)
|
||||
require.NotNil(t, p)
|
||||
require.NotNil(t, p.config)
|
||||
} else {
|
||||
require.EqualError(t, err, test.expected)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestLivePresent(t *testing.T) {
|
||||
if !envTest.IsLiveTest() {
|
||||
t.Skip("skipping live test")
|
||||
}
|
||||
|
||||
envTest.RestoreEnv()
|
||||
provider, err := NewDNSProvider()
|
||||
require.NoError(t, err)
|
||||
|
||||
err = provider.Present(envTest.GetDomain(), "", "123d==")
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
func TestLiveCleanUp(t *testing.T) {
|
||||
if !envTest.IsLiveTest() {
|
||||
t.Skip("skipping live test")
|
||||
}
|
||||
|
||||
envTest.RestoreEnv()
|
||||
provider, err := NewDNSProvider()
|
||||
require.NoError(t, err)
|
||||
|
||||
time.Sleep(1 * time.Second)
|
||||
|
||||
err = provider.CleanUp(envTest.GetDomain(), "", "123d==")
|
||||
require.NoError(t, err)
|
||||
}
|
Loading…
Reference in New Issue
Block a user