allinkl.go raw
1 // Package allinkl implements a DNS provider for solving the DNS-01 challenge using all-inkl.
2 package allinkl
3
4 import (
5 "context"
6 "errors"
7 "fmt"
8 "net/http"
9 "sync"
10 "time"
11
12 "github.com/go-acme/lego/v4/challenge"
13 "github.com/go-acme/lego/v4/challenge/dns01"
14 "github.com/go-acme/lego/v4/platform/config/env"
15 "github.com/go-acme/lego/v4/providers/dns/allinkl/internal"
16 "github.com/go-acme/lego/v4/providers/dns/internal/clientdebug"
17 )
18
19 // Environment variables names.
20 const (
21 envNamespace = "ALL_INKL_"
22
23 EnvLogin = envNamespace + "LOGIN"
24 EnvPassword = envNamespace + "PASSWORD"
25
26 EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
27 EnvPollingInterval = envNamespace + "POLLING_INTERVAL"
28 EnvHTTPTimeout = envNamespace + "HTTP_TIMEOUT"
29 )
30
31 var _ challenge.ProviderTimeout = (*DNSProvider)(nil)
32
33 // Config is used to configure the creation of the DNSProvider.
34 type Config struct {
35 Login string
36 Password string
37 PropagationTimeout time.Duration
38 PollingInterval time.Duration
39 TTL int
40 HTTPClient *http.Client
41 }
42
43 // NewDefaultConfig returns a default configuration for the DNSProvider.
44 func NewDefaultConfig() *Config {
45 return &Config{
46 PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, dns01.DefaultPropagationTimeout),
47 PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, dns01.DefaultPollingInterval),
48 HTTPClient: &http.Client{
49 Timeout: env.GetOrDefaultSecond(EnvHTTPTimeout, 30*time.Second),
50 },
51 }
52 }
53
54 // DNSProvider implements the challenge.Provider interface.
55 type DNSProvider struct {
56 config *Config
57
58 identifier *internal.Identifier
59 client *internal.Client
60
61 recordIDs map[string]string
62 recordIDsMu sync.Mutex
63 }
64
65 // NewDNSProvider returns a DNSProvider instance configured for all-inkl.
66 // Credentials must be passed in the environment variable: ALL_INKL_LOGIN, ALL_INKL_PASSWORD.
67 func NewDNSProvider() (*DNSProvider, error) {
68 values, err := env.Get(EnvLogin, EnvPassword)
69 if err != nil {
70 return nil, fmt.Errorf("allinkl: %w", err)
71 }
72
73 config := NewDefaultConfig()
74 config.Login = values[EnvLogin]
75 config.Password = values[EnvPassword]
76
77 return NewDNSProviderConfig(config)
78 }
79
80 // NewDNSProviderConfig return a DNSProvider instance configured for all-inkl.
81 func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
82 if config == nil {
83 return nil, errors.New("allinkl: the configuration of the DNS provider is nil")
84 }
85
86 if config.Login == "" || config.Password == "" {
87 return nil, errors.New("allinkl: missing credentials")
88 }
89
90 identifier := internal.NewIdentifier(config.Login, config.Password)
91
92 if config.HTTPClient != nil {
93 identifier.HTTPClient = config.HTTPClient
94 }
95
96 identifier.HTTPClient = clientdebug.Wrap(identifier.HTTPClient)
97
98 client := internal.NewClient(config.Login)
99
100 if config.HTTPClient != nil {
101 client.HTTPClient = config.HTTPClient
102 }
103
104 client.HTTPClient = clientdebug.Wrap(client.HTTPClient)
105
106 return &DNSProvider{
107 config: config,
108 identifier: identifier,
109 client: client,
110 recordIDs: make(map[string]string),
111 }, nil
112 }
113
114 // Timeout returns the timeout and interval to use when checking for DNS propagation.
115 // Adjusting here to cope with spikes in propagation times.
116 func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
117 return d.config.PropagationTimeout, d.config.PollingInterval
118 }
119
120 // Present creates a TXT record using the specified parameters.
121 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
122 info := dns01.GetChallengeInfo(domain, keyAuth)
123
124 authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
125 if err != nil {
126 return fmt.Errorf("allinkl: could not find zone for domain %q: %w", domain, err)
127 }
128
129 ctx := context.Background()
130
131 credential, err := d.identifier.Authentication(ctx, 60, true)
132 if err != nil {
133 return fmt.Errorf("allinkl: authentication: %w", err)
134 }
135
136 ctx = internal.WithContext(ctx, credential)
137
138 subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
139 if err != nil {
140 return fmt.Errorf("allinkl: %w", err)
141 }
142
143 record := internal.DNSRequest{
144 ZoneHost: authZone,
145 RecordType: "TXT",
146 RecordName: subDomain,
147 RecordData: info.Value,
148 }
149
150 recordID, err := d.client.AddDNSSettings(ctx, record)
151 if err != nil {
152 return fmt.Errorf("allinkl: add DNS settings: %w", err)
153 }
154
155 d.recordIDsMu.Lock()
156 d.recordIDs[token] = recordID
157 d.recordIDsMu.Unlock()
158
159 return nil
160 }
161
162 // CleanUp removes the TXT record matching the specified parameters.
163 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
164 info := dns01.GetChallengeInfo(domain, keyAuth)
165
166 ctx := context.Background()
167
168 credential, err := d.identifier.Authentication(ctx, 60, true)
169 if err != nil {
170 return fmt.Errorf("allinkl: authentication: %w", err)
171 }
172
173 ctx = internal.WithContext(ctx, credential)
174
175 // gets the record's unique ID from when we created it
176 d.recordIDsMu.Lock()
177 recordID, ok := d.recordIDs[token]
178 d.recordIDsMu.Unlock()
179
180 if !ok {
181 return fmt.Errorf("allinkl: unknown record ID for '%s' '%s'", info.EffectiveFQDN, token)
182 }
183
184 _, err = d.client.DeleteDNSSettings(ctx, recordID)
185 if err != nil {
186 return fmt.Errorf("allinkl: delete DNS settings: %w", err)
187 }
188
189 d.recordIDsMu.Lock()
190 delete(d.recordIDs, token)
191 d.recordIDsMu.Unlock()
192
193 return nil
194 }
195