regru.go raw
1 // Package regru implements a DNS provider for solving the DNS-01 challenge using reg.ru DNS.
2 package regru
3
4 import (
5 "context"
6 "crypto/tls"
7 "errors"
8 "fmt"
9 "net/http"
10 "time"
11
12 "github.com/go-acme/lego/v4/challenge"
13 "github.com/go-acme/lego/v4/challenge/dns01"
14 "github.com/go-acme/lego/v4/platform/config/env"
15 "github.com/go-acme/lego/v4/providers/dns/internal/clientdebug"
16 "github.com/go-acme/lego/v4/providers/dns/regru/internal"
17 )
18
19 // Environment variables names.
20 const (
21 envNamespace = "REGRU_"
22
23 EnvUsername = envNamespace + "USERNAME"
24 EnvPassword = envNamespace + "PASSWORD"
25 EnvTLSCert = envNamespace + "TLS_CERT"
26 EnvTLSKey = envNamespace + "TLS_KEY"
27
28 EnvTTL = envNamespace + "TTL"
29 EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
30 EnvPollingInterval = envNamespace + "POLLING_INTERVAL"
31 EnvHTTPTimeout = envNamespace + "HTTP_TIMEOUT"
32 )
33
34 var _ challenge.ProviderTimeout = (*DNSProvider)(nil)
35
36 // Config is used to configure the creation of the DNSProvider.
37 type Config struct {
38 Username string
39 Password string
40 TLSCert string
41 TLSKey string
42
43 PropagationTimeout time.Duration
44 PollingInterval time.Duration
45 TTL int
46 HTTPClient *http.Client
47 }
48
49 // NewDefaultConfig returns a default configuration for the DNSProvider.
50 func NewDefaultConfig() *Config {
51 return &Config{
52 TTL: env.GetOrDefaultInt(EnvTTL, 300),
53 PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, dns01.DefaultPropagationTimeout),
54 PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, dns01.DefaultPollingInterval),
55 HTTPClient: &http.Client{
56 Timeout: env.GetOrDefaultSecond(EnvHTTPTimeout, 30*time.Second),
57 },
58 }
59 }
60
61 // DNSProvider implements the challenge.Provider interface.
62 type DNSProvider struct {
63 config *Config
64 client *internal.Client
65 }
66
67 // NewDNSProvider returns a DNSProvider instance configured for reg.ru.
68 // Credentials must be passed in the environment variables:
69 // REGRU_USERNAME and REGRU_PASSWORD.
70 func NewDNSProvider() (*DNSProvider, error) {
71 values, err := env.Get(EnvUsername, EnvPassword)
72 if err != nil {
73 return nil, fmt.Errorf("regru: %w", err)
74 }
75
76 config := NewDefaultConfig()
77 config.Username = values[EnvUsername]
78 config.Password = values[EnvPassword]
79 config.TLSCert = env.GetOrDefaultString(EnvTLSCert, "")
80 config.TLSKey = env.GetOrDefaultString(EnvTLSKey, "")
81
82 return NewDNSProviderConfig(config)
83 }
84
85 // NewDNSProviderConfig return a DNSProvider instance configured for reg.ru.
86 func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
87 if config == nil {
88 return nil, errors.New("regru: the configuration of the DNS provider is nil")
89 }
90
91 if config.Username == "" || config.Password == "" {
92 return nil, errors.New("regru: incomplete credentials, missing username and/or password")
93 }
94
95 client := internal.NewClient(config.Username, config.Password)
96
97 if config.HTTPClient != nil {
98 client.HTTPClient = config.HTTPClient
99 }
100
101 client.HTTPClient = clientdebug.Wrap(client.HTTPClient)
102
103 if config.TLSCert != "" || config.TLSKey != "" {
104 if config.TLSCert == "" {
105 return nil, errors.New("regru: TLS certificate is missing")
106 }
107
108 if config.TLSKey == "" {
109 return nil, errors.New("regru: TLS key is missing")
110 }
111
112 tlsCert, err := tls.X509KeyPair([]byte(config.TLSCert), []byte(config.TLSKey))
113 if err != nil {
114 return nil, fmt.Errorf("regru: %w", err)
115 }
116
117 client.HTTPClient.Transport = &http.Transport{
118 TLSClientConfig: &tls.Config{
119 Certificates: []tls.Certificate{tlsCert},
120 },
121 }
122 }
123
124 return &DNSProvider{config: config, client: client}, nil
125 }
126
127 // Timeout returns the timeout and interval to use when checking for DNS propagation.
128 // Adjusting here to cope with spikes in propagation times.
129 func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
130 return d.config.PropagationTimeout, d.config.PollingInterval
131 }
132
133 // Present creates a TXT record using the specified parameters.
134 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
135 info := dns01.GetChallengeInfo(domain, keyAuth)
136
137 authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
138 if err != nil {
139 return fmt.Errorf("regru: could not find zone for domain %q: %w", domain, err)
140 }
141
142 subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
143 if err != nil {
144 return fmt.Errorf("regru: %w", err)
145 }
146
147 err = d.client.AddTXTRecord(context.Background(), dns01.UnFqdn(authZone), subDomain, info.Value)
148 if err != nil {
149 return fmt.Errorf("regru: failed to create TXT records [domain: %s, sub domain: %s]: %w",
150 dns01.UnFqdn(authZone), subDomain, err)
151 }
152
153 return nil
154 }
155
156 // CleanUp removes the TXT record matching the specified parameters.
157 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
158 info := dns01.GetChallengeInfo(domain, keyAuth)
159
160 authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
161 if err != nil {
162 return fmt.Errorf("regru: could not find zone for domain %q: %w", domain, err)
163 }
164
165 subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
166 if err != nil {
167 return fmt.Errorf("regru: %w", err)
168 }
169
170 err = d.client.RemoveTxtRecord(context.Background(), dns01.UnFqdn(authZone), subDomain, info.Value)
171 if err != nil {
172 return fmt.Errorf("regru: failed to remove TXT records [domain: %s, sub domain: %s]: %w",
173 dns01.UnFqdn(authZone), subDomain, err)
174 }
175
176 return nil
177 }
178