1
0
mirror of https://github.com/go-acme/lego.git synced 2024-12-23 09:15:11 +02:00

Add DNS Provider for Vscale (#705)

This commit is contained in:
Daniil Rutskiy 2018-11-08 12:31:42 +03:00 committed by Ludovic Fernandez
parent 1837a3bb1c
commit e89afae4f8
7 changed files with 523 additions and 19 deletions

View File

@ -81,3 +81,4 @@ owners to license your work under the terms of the [MIT License](LICENSE).
| Stackpath | `stackpath` | [documentation](https://developer.stackpath.com/en/api/dns/#tag/Zone) | - | | Stackpath | `stackpath` | [documentation](https://developer.stackpath.com/en/api/dns/#tag/Zone) | - |
| VegaDNS | `vegadns` | [documentation](https://github.com/shupp/VegaDNS-API) | [Go client](https://github.com/OpenDNS/vegadns2client) | | VegaDNS | `vegadns` | [documentation](https://github.com/shupp/VegaDNS-API) | [Go client](https://github.com/OpenDNS/vegadns2client) |
| Vultr | `vultr` | [documentation](https://www.vultr.com/api/#dns) | [Go client](https://github.com/JamesClonk/vultr) | | Vultr | `vultr` | [documentation](https://www.vultr.com/api/#dns) | [Go client](https://github.com/JamesClonk/vultr) |
| Vscale | `vscale` | [documentation](https://developers.vscale.io/documentation/api/v1/#api-Domains_Records) | - |

2
cli.go
View File

@ -249,6 +249,7 @@ Here is an example bash command using the CloudFlare DNS provider:
fmt.Fprintln(w, "\tselectel:\tSELECTEL_API_TOKEN") fmt.Fprintln(w, "\tselectel:\tSELECTEL_API_TOKEN")
fmt.Fprintln(w, "\tvegadns:\tSECRET_VEGADNS_KEY, SECRET_VEGADNS_SECRET, VEGADNS_URL") fmt.Fprintln(w, "\tvegadns:\tSECRET_VEGADNS_KEY, SECRET_VEGADNS_SECRET, VEGADNS_URL")
fmt.Fprintln(w, "\tvultr:\tVULTR_API_KEY") fmt.Fprintln(w, "\tvultr:\tVULTR_API_KEY")
fmt.Fprintln(w, "\tvscale:\tVSCALE_API_TOKEN")
fmt.Fprintln(w) fmt.Fprintln(w)
fmt.Fprintln(w, "Additional configuration environment variables:") fmt.Fprintln(w, "Additional configuration environment variables:")
fmt.Fprintln(w) fmt.Fprintln(w)
@ -295,6 +296,7 @@ Here is an example bash command using the CloudFlare DNS provider:
fmt.Fprintln(w, "\tselectel:\tSELECTEL_BASE_URL, SELECTEL_TTL, SELECTEL_PROPAGATION_TIMEOUT, SELECTEL_POLLING_INTERVAL, SELECTEL_HTTP_TIMEOUT") fmt.Fprintln(w, "\tselectel:\tSELECTEL_BASE_URL, SELECTEL_TTL, SELECTEL_PROPAGATION_TIMEOUT, SELECTEL_POLLING_INTERVAL, SELECTEL_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tvegadns:\tVEGADNS_POLLING_INTERVAL, VEGADNS_PROPAGATION_TIMEOUT, VEGADNS_TTL") fmt.Fprintln(w, "\tvegadns:\tVEGADNS_POLLING_INTERVAL, VEGADNS_PROPAGATION_TIMEOUT, VEGADNS_TTL")
fmt.Fprintln(w, "\tvultr:\tVULTR_POLLING_INTERVAL, VULTR_PROPAGATION_TIMEOUT, VULTR_TTL, VULTR_HTTP_TIMEOUT") fmt.Fprintln(w, "\tvultr:\tVULTR_POLLING_INTERVAL, VULTR_PROPAGATION_TIMEOUT, VULTR_TTL, VULTR_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tvscale:\tVSCALE_BASE_URL, VSCALE_TTL, VSCALE_PROPAGATION_TIMEOUT, VSCALE_POLLING_INTERVAL, VSCALE_HTTP_TIMEOUT")
w.Flush() w.Flush()

View File

@ -50,6 +50,7 @@ import (
"github.com/xenolf/lego/providers/dns/stackpath" "github.com/xenolf/lego/providers/dns/stackpath"
"github.com/xenolf/lego/providers/dns/transip" "github.com/xenolf/lego/providers/dns/transip"
"github.com/xenolf/lego/providers/dns/vegadns" "github.com/xenolf/lego/providers/dns/vegadns"
"github.com/xenolf/lego/providers/dns/vscale"
"github.com/xenolf/lego/providers/dns/vultr" "github.com/xenolf/lego/providers/dns/vultr"
) )
@ -152,6 +153,8 @@ func NewDNSChallengeProviderByName(name string) (acme.ChallengeProvider, error)
return vegadns.NewDNSProvider() return vegadns.NewDNSProvider()
case "vultr": case "vultr":
return vultr.NewDNSProvider() return vultr.NewDNSProvider()
case "vscale":
return vscale.NewDNSProvider()
default: default:
return nil, fmt.Errorf("unrecognised DNS provider: %s", name) return nil, fmt.Errorf("unrecognised DNS provider: %s", name)
} }

View File

@ -24,12 +24,15 @@ type Record struct {
Content string `json:"content,omitempty"` // Record content (not for SRV) Content string `json:"content,omitempty"` // Record content (not for SRV)
} }
// Client represents DNS client. // APIError API error message
type Client struct { type APIError struct {
baseURL string Description string `json:"error"`
token string Code int `json:"code"`
userAgent string Field string `json:"field"`
httpClient *http.Client }
func (a *APIError) Error() string {
return fmt.Sprintf("API error: %d - %s - %s", a.Code, a.Description, a.Field)
} }
// ClientOpts represents options to init client. // ClientOpts represents options to init client.
@ -40,15 +43,12 @@ type ClientOpts struct {
HTTPClient *http.Client HTTPClient *http.Client
} }
// APIError API error message // Client represents DNS client.
type APIError struct { type Client struct {
Description string `json:"error"` baseURL string
Code int `json:"code"` token string
Field string `json:"field"` userAgent string
} httpClient *http.Client
func (a *APIError) Error() string {
return fmt.Sprintf("API error: %d - %s - %s", a.Code, a.Description, a.Field)
} }
// NewClient returns a client instance. // NewClient returns a client instance.
@ -161,8 +161,8 @@ func (c *Client) do(req *http.Request, to interface{}) (*http.Response, error) {
} }
if to != nil { if to != nil {
if err = extractResult(resp, to); err != nil { if err = unmarshalBody(resp, to); err != nil {
return resp, fmt.Errorf("failed to extract request body into interface with error: %v", err) return resp, err
} }
} }
@ -195,12 +195,17 @@ func checkResponse(resp *http.Response) error {
return nil return nil
} }
func extractResult(resp *http.Response, to interface{}) error { func unmarshalBody(resp *http.Response, to interface{}) error {
body, err := ioutil.ReadAll(resp.Body) body, err := ioutil.ReadAll(resp.Body)
if err != nil { if err != nil {
return err return err
} }
defer resp.Body.Close() defer resp.Body.Close()
return json.Unmarshal(body, to) err = json.Unmarshal(body, to)
if err != nil {
return fmt.Errorf("unmarshaling error: %v: %s", err, string(body))
}
return nil
} }

View File

@ -0,0 +1,211 @@
package vscale
import (
"bytes"
"encoding/json"
"fmt"
"io/ioutil"
"net/http"
)
// Domain represents domain name.
type Domain struct {
ID int `json:"id,omitempty"`
Name string `json:"name,omitempty"`
}
// Record represents DNS record.
type Record struct {
ID int `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Type string `json:"type,omitempty"` // Record type (SOA, NS, A/AAAA, CNAME, SRV, MX, TXT, SPF)
TTL int `json:"ttl,omitempty"`
Email string `json:"email,omitempty"` // Email of domain's admin (only for SOA records)
Content string `json:"content,omitempty"` // Record content (not for SRV)
}
// APIError API error message
type APIError struct {
Description string `json:"error"`
Code int `json:"code"`
Field string `json:"field"`
}
func (a *APIError) Error() string {
return fmt.Sprintf("API error: %d - %s - %s", a.Code, a.Description, a.Field)
}
// ClientOpts represents options to init client.
type ClientOpts struct {
BaseURL string
Token string
UserAgent string
HTTPClient *http.Client
}
// Client represents DNS client.
type Client struct {
baseURL string
token string
userAgent string
httpClient *http.Client
}
// NewClient returns a client instance.
func NewClient(opts ClientOpts) *Client {
if opts.HTTPClient == nil {
opts.HTTPClient = &http.Client{}
}
return &Client{
token: opts.Token,
baseURL: opts.BaseURL,
httpClient: opts.HTTPClient,
userAgent: opts.UserAgent,
}
}
// GetDomainByName gets Domain object by its name.
func (c *Client) GetDomainByName(domainName string) (*Domain, error) {
uri := fmt.Sprintf("/%s", domainName)
req, err := c.newRequest(http.MethodGet, uri, nil)
if err != nil {
return nil, err
}
domain := &Domain{}
_, err = c.do(req, domain)
if err != nil {
return nil, err
}
return domain, nil
}
// AddRecord adds Record for given domain.
func (c *Client) AddRecord(domainID int, body Record) (*Record, error) {
uri := fmt.Sprintf("/%d/records/", domainID)
req, err := c.newRequest(http.MethodPost, uri, body)
if err != nil {
return nil, err
}
record := &Record{}
_, err = c.do(req, record)
if err != nil {
return nil, err
}
return record, nil
}
// ListRecords returns list records for specific domain.
func (c *Client) ListRecords(domainID int) ([]*Record, error) {
uri := fmt.Sprintf("/%d/records/", domainID)
req, err := c.newRequest(http.MethodGet, uri, nil)
if err != nil {
return nil, err
}
var records []*Record
_, err = c.do(req, &records)
if err != nil {
return nil, err
}
return records, nil
}
// DeleteRecord deletes specific record.
func (c *Client) DeleteRecord(domainID, recordID int) error {
uri := fmt.Sprintf("/%d/records/%d", domainID, recordID)
req, err := c.newRequest(http.MethodDelete, uri, nil)
if err != nil {
return err
}
_, err = c.do(req, nil)
return err
}
func (c *Client) newRequest(method, uri string, body interface{}) (*http.Request, error) {
buf := new(bytes.Buffer)
if body != nil {
err := json.NewEncoder(buf).Encode(body)
if err != nil {
return nil, fmt.Errorf("failed to encode request body with error: %v", err)
}
}
req, err := http.NewRequest(method, c.baseURL+uri, buf)
if err != nil {
return nil, fmt.Errorf("failed to create new http request with error: %v", err)
}
req.Header.Add("X-Token", c.token)
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Accept", "application/json")
return req, nil
}
func (c *Client) do(req *http.Request, to interface{}) (*http.Response, error) {
resp, err := c.httpClient.Do(req)
if err != nil {
return nil, fmt.Errorf("request failed with error: %v", err)
}
err = checkResponse(resp)
if err != nil {
return resp, err
}
if to != nil {
if err = unmarshalBody(resp, to); err != nil {
return resp, err
}
}
return resp, nil
}
func checkResponse(resp *http.Response) error {
if resp.StatusCode >= http.StatusBadRequest &&
resp.StatusCode <= http.StatusNetworkAuthenticationRequired {
if resp.Body == nil {
return fmt.Errorf("request failed with status code %d and empty body", resp.StatusCode)
}
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
return err
}
defer resp.Body.Close()
apiError := APIError{}
err = json.Unmarshal(body, &apiError)
if err != nil {
return fmt.Errorf("request failed with status code %d, response body: %s", resp.StatusCode, string(body))
}
return fmt.Errorf("request failed with status code %d: %v", resp.StatusCode, apiError)
}
return nil
}
func unmarshalBody(resp *http.Response, to interface{}) error {
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
return err
}
defer resp.Body.Close()
err = json.Unmarshal(body, to)
if err != nil {
return fmt.Errorf("unmarshaling error: %v: %s", err, string(body))
}
return nil
}

View File

@ -0,0 +1,153 @@
// Package selectel implements a DNS provider for solving the DNS-01 challenge using Vscale Domains API.
// Vscale Domain API reference: https://developers.vscale.io/documentation/api/v1/#api-Domains
// Token: https://vscale.io/panel/settings/tokens/
package vscale
import (
"errors"
"fmt"
"net/http"
"time"
"github.com/xenolf/lego/acme"
"github.com/xenolf/lego/platform/config/env"
)
const (
defaultBaseURL = "https://api.vscale.io/v1/domains"
minTTL = 60
)
const (
envNamespace = "VSCALE_"
baseURLEnvVar = envNamespace + "BASE_URL"
apiTokenEnvVar = envNamespace + "API_TOKEN"
ttlEnvVar = envNamespace + "TTL"
propagationTimeoutEnvVar = envNamespace + "PROPAGATION_TIMEOUT"
pollingIntervalEnvVar = envNamespace + "POLLING_INTERVAL"
httpTimeoutEnvVar = envNamespace + "HTTP_TIMEOUT"
)
// Config is used to configure the creation of the DNSProvider.
type Config struct {
BaseURL string
Token string
PropagationTimeout time.Duration
PollingInterval time.Duration
TTL int
HTTPClient *http.Client
}
// NewDefaultConfig returns a default configuration for the DNSProvider.
func NewDefaultConfig() *Config {
return &Config{
BaseURL: env.GetOrDefaultString(baseURLEnvVar, defaultBaseURL),
TTL: env.GetOrDefaultInt(ttlEnvVar, minTTL),
PropagationTimeout: env.GetOrDefaultSecond(propagationTimeoutEnvVar, 120*time.Second),
PollingInterval: env.GetOrDefaultSecond(pollingIntervalEnvVar, 2*time.Second),
HTTPClient: &http.Client{
Timeout: env.GetOrDefaultSecond(httpTimeoutEnvVar, 30*time.Second),
},
}
}
// DNSProvider is an implementation of the acme.ChallengeProvider interface.
type DNSProvider struct {
config *Config
client *Client
}
// NewDNSProvider returns a DNSProvider instance configured for Vscale Domains API.
// API token must be passed in the environment variable VSCALE_API_TOKEN.
func NewDNSProvider() (*DNSProvider, error) {
values, err := env.Get(apiTokenEnvVar)
if err != nil {
return nil, fmt.Errorf("vscale: %v", err)
}
config := NewDefaultConfig()
config.Token = values[apiTokenEnvVar]
return NewDNSProviderConfig(config)
}
// NewDNSProviderConfig return a DNSProvider instance configured for Vscale.
func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
if config == nil {
return nil, errors.New("vscale: the configuration of the DNS provider is nil")
}
if config.Token == "" {
return nil, errors.New("vscale: credentials missing")
}
if config.TTL < minTTL {
return nil, fmt.Errorf("vscale: invalid TTL, TTL (%d) must be greater than %d", config.TTL, minTTL)
}
client := NewClient(ClientOpts{
BaseURL: config.BaseURL,
Token: config.Token,
UserAgent: acme.UserAgent,
HTTPClient: config.HTTPClient,
})
return &DNSProvider{config: config, client: client}, nil
}
// Timeout returns the Timeout and interval to use when checking for DNS propagation.
// Adjusting here to cope with spikes in propagation times.
func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
return d.config.PropagationTimeout, d.config.PollingInterval
}
// Present creates a TXT record to fulfill DNS-01 challenge.
func (d *DNSProvider) Present(domain, token, keyAuth string) error {
fqdn, value, _ := acme.DNS01Record(domain, keyAuth)
domainObj, err := d.client.GetDomainByName(domain)
if err != nil {
return fmt.Errorf("vscale: %v", err)
}
txtRecord := Record{
Type: "TXT",
TTL: d.config.TTL,
Name: fqdn,
Content: value,
}
_, err = d.client.AddRecord(domainObj.ID, txtRecord)
if err != nil {
return fmt.Errorf("vscale: %v", err)
}
return nil
}
// CleanUp removes a TXT record used for DNS-01 challenge.
func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
fqdn, _, _ := acme.DNS01Record(domain, keyAuth)
domainObj, err := d.client.GetDomainByName(domain)
if err != nil {
return fmt.Errorf("vscale: %v", err)
}
records, err := d.client.ListRecords(domainObj.ID)
if err != nil {
return fmt.Errorf("vscale: %v", err)
}
// Delete records with specific FQDN
var lastErr error
for _, record := range records {
if record.Name == fqdn {
err = d.client.DeleteRecord(domainObj.ID, record.ID)
if err != nil {
lastErr = fmt.Errorf("vscale: %v", err)
}
}
}
return lastErr
}

View File

@ -0,0 +1,129 @@
package vscale
import (
"fmt"
"testing"
"time"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/xenolf/lego/platform/tester"
)
var envTest = tester.NewEnvTest(apiTokenEnvVar, ttlEnvVar)
func TestNewDNSProvider(t *testing.T) {
testCases := []struct {
desc string
envVars map[string]string
expected string
}{
{
desc: "success",
envVars: map[string]string{
apiTokenEnvVar: "123",
},
},
{
desc: "missing api key",
envVars: map[string]string{
apiTokenEnvVar: "",
},
expected: fmt.Sprintf("vscale: some credentials information are missing: %s", apiTokenEnvVar),
},
}
for _, test := range testCases {
t.Run(test.desc, func(t *testing.T) {
defer envTest.RestoreEnv()
envTest.ClearEnv()
envTest.Apply(test.envVars)
p, err := NewDNSProvider()
if len(test.expected) == 0 {
require.NoError(t, err)
require.NotNil(t, p)
assert.NotNil(t, p.config)
assert.NotNil(t, p.client)
} else {
require.EqualError(t, err, test.expected)
}
})
}
}
func TestNewDNSProviderConfig(t *testing.T) {
testCases := []struct {
desc string
token string
ttl int
expected string
}{
{
desc: "success",
token: "123",
ttl: 60,
},
{
desc: "missing api key",
token: "",
ttl: 60,
expected: "vscale: credentials missing",
},
{
desc: "bad TTL value",
token: "123",
ttl: 59,
expected: fmt.Sprintf("vscale: invalid TTL, TTL (59) must be greater than %d", minTTL),
},
}
for _, test := range testCases {
t.Run(test.desc, func(t *testing.T) {
config := NewDefaultConfig()
config.TTL = test.ttl
config.Token = test.token
p, err := NewDNSProviderConfig(config)
if len(test.expected) == 0 {
require.NoError(t, err)
require.NotNil(t, p)
assert.NotNil(t, p.config)
assert.NotNil(t, p.client)
} else {
require.EqualError(t, err, test.expected)
}
})
}
}
func TestLivePresent(t *testing.T) {
if !envTest.IsLiveTest() {
t.Skip("skipping live test")
}
envTest.RestoreEnv()
provider, err := NewDNSProvider()
require.NoError(t, err)
err = provider.Present(envTest.GetDomain(), "", "123d==")
require.NoError(t, err)
}
func TestLiveCleanUp(t *testing.T) {
if !envTest.IsLiveTest() {
t.Skip("skipping live test")
}
envTest.RestoreEnv()
provider, err := NewDNSProvider()
require.NoError(t, err)
time.Sleep(2 * time.Second)
err = provider.CleanUp(envTest.GetDomain(), "", "123d==")
require.NoError(t, err)
}