1
0
mirror of https://github.com/go-acme/lego.git synced 2024-12-23 09:15:11 +02:00
lego/providers/dns/timewebcloud/timewebcloud.go
Pavel Sobolev 755164c939
Add DNS provider for Timeweb Cloud (#2301)
Co-authored-by: Fernandez Ludovic <ldez@users.noreply.github.com>
2024-10-14 01:03:41 +02:00

155 lines
4.3 KiB
Go

// Package timewebcloud implements a DNS provider for solving the DNS-01 challenge using Timeweb Cloud.
package timewebcloud
import (
"context"
"errors"
"fmt"
"net/http"
"sync"
"time"
"github.com/go-acme/lego/v4/challenge/dns01"
"github.com/go-acme/lego/v4/platform/config/env"
"github.com/go-acme/lego/v4/providers/dns/timewebcloud/internal"
)
// Environment variables names.
const (
envNamespace = "TIMEWEBCLOUD_"
EnvAuthToken = envNamespace + "AUTH_TOKEN"
EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
EnvPollingInterval = envNamespace + "POLLING_INTERVAL"
EnvHTTPTimeout = envNamespace + "HTTP_TIMEOUT"
)
// Config is used to configure the creation of the DNSProvider.
type Config struct {
AuthToken string
HTTPClient *http.Client
PropagationTimeout time.Duration
PollingInterval time.Duration
}
// NewDefaultConfig returns a default configuration for the DNSProvider.
func NewDefaultConfig() *Config {
return &Config{
PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, dns01.DefaultPropagationTimeout),
PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, dns01.DefaultPollingInterval),
HTTPClient: &http.Client{
Timeout: env.GetOrDefaultSecond(EnvHTTPTimeout, 10*time.Second),
},
}
}
// DNSProvider implements the challenge.Provider interface.
type DNSProvider struct {
config *Config
client *internal.Client
recordIDs map[string]int
recordIDsMu sync.Mutex
}
// NewDNSProvider returns a DNSProvider instance configured for Timeweb Cloud.
// API token must be passed in the environment variable TIMEWEBCLOUD_TOKEN.
func NewDNSProvider() (*DNSProvider, error) {
values, err := env.Get(EnvAuthToken)
if err != nil {
return nil, fmt.Errorf("timewebcloud: %w", err)
}
config := NewDefaultConfig()
config.AuthToken = values[EnvAuthToken]
return NewDNSProviderConfig(config)
}
// NewDNSProviderConfig returns a DNSProvider instance configured for Timeweb Cloud.
func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
if config == nil {
return nil, errors.New("timewebcloud: the configuration of the DNS provider is nil")
}
if config.AuthToken == "" {
return nil, errors.New("timewebcloud: authentication token is missing")
}
client := internal.NewClient(internal.OAuthStaticAccessToken(config.HTTPClient, config.AuthToken))
return &DNSProvider{
config: config,
client: client,
recordIDs: make(map[string]int),
}, nil
}
// Timeout returns the timeout and interval to use when checking for DNS propagation.
// Adjusting here to cope with spikes in propagation times.
func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
return d.config.PropagationTimeout, d.config.PollingInterval
}
// Present creates a TXT record to fulfill the dns-01 challenge.
func (d *DNSProvider) Present(domain, token, keyAuth string) error {
info := dns01.GetChallengeInfo(domain, keyAuth)
authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
if err != nil {
return fmt.Errorf("timewebcloud: could not find zone for domain %q: %w", domain, err)
}
subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
if err != nil {
return fmt.Errorf("timewebcloud: %w", err)
}
record := internal.DNSRecord{
Type: "TXT",
Value: info.Value,
SubDomain: subDomain,
}
response, err := d.client.CreateRecord(context.Background(), authZone, record)
if err != nil {
return fmt.Errorf("timewebcloud: %w", err)
}
d.recordIDsMu.Lock()
d.recordIDs[token] = response.ID
d.recordIDsMu.Unlock()
return nil
}
// CleanUp removes the TXT record matching the specified parameters.
func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
info := dns01.GetChallengeInfo(domain, keyAuth)
authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
if err != nil {
return fmt.Errorf("timewebcloud: could not find zone for domain %q: %w", domain, err)
}
d.recordIDsMu.Lock()
recordID, ok := d.recordIDs[token]
d.recordIDsMu.Unlock()
if !ok {
return fmt.Errorf("timewebcloud: unknown record ID for '%s'", info.EffectiveFQDN)
}
err = d.client.DeleteRecord(context.Background(), authZone, recordID)
if err != nil {
return fmt.Errorf("timewebcloud: %w", err)
}
d.recordIDsMu.Lock()
delete(d.recordIDs, token)
d.recordIDsMu.Unlock()
return nil
}