forked from TrueCloudLab/lego
Add Akamai FastDNS as DNS provider (#522)
* Adding support to Akamai FastDNS as DNS provider * Adding fastdns to the list of dnsproviders
This commit is contained in:
parent
5ebb80fb44
commit
3c9be22bc0
3 changed files with 259 additions and 0 deletions
|
@ -17,6 +17,7 @@ import (
|
||||||
"github.com/xenolf/lego/providers/dns/dyn"
|
"github.com/xenolf/lego/providers/dns/dyn"
|
||||||
"github.com/xenolf/lego/providers/dns/exec"
|
"github.com/xenolf/lego/providers/dns/exec"
|
||||||
"github.com/xenolf/lego/providers/dns/exoscale"
|
"github.com/xenolf/lego/providers/dns/exoscale"
|
||||||
|
"github.com/xenolf/lego/providers/dns/fastdns"
|
||||||
"github.com/xenolf/lego/providers/dns/gandi"
|
"github.com/xenolf/lego/providers/dns/gandi"
|
||||||
"github.com/xenolf/lego/providers/dns/gandiv5"
|
"github.com/xenolf/lego/providers/dns/gandiv5"
|
||||||
"github.com/xenolf/lego/providers/dns/glesys"
|
"github.com/xenolf/lego/providers/dns/glesys"
|
||||||
|
@ -63,6 +64,8 @@ func NewDNSChallengeProviderByName(name string) (acme.ChallengeProvider, error)
|
||||||
provider, err = duckdns.NewDNSProvider()
|
provider, err = duckdns.NewDNSProvider()
|
||||||
case "dyn":
|
case "dyn":
|
||||||
provider, err = dyn.NewDNSProvider()
|
provider, err = dyn.NewDNSProvider()
|
||||||
|
case "fastdns":
|
||||||
|
provider, err = fastdns.NewDNSProvider()
|
||||||
case "exoscale":
|
case "exoscale":
|
||||||
provider, err = exoscale.NewDNSProvider()
|
provider, err = exoscale.NewDNSProvider()
|
||||||
case "gandi":
|
case "gandi":
|
||||||
|
|
139
providers/dns/fastdns/fastdns.go
Normal file
139
providers/dns/fastdns/fastdns.go
Normal file
|
@ -0,0 +1,139 @@
|
||||||
|
package fastdns
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
"reflect"
|
||||||
|
|
||||||
|
configdns "github.com/akamai/AkamaiOPEN-edgegrid-golang/configdns-v1"
|
||||||
|
"github.com/akamai/AkamaiOPEN-edgegrid-golang/edgegrid"
|
||||||
|
"github.com/xenolf/lego/acme"
|
||||||
|
)
|
||||||
|
|
||||||
|
// DNSProvider is an implementation of the acme.ChallengeProvider interface.
|
||||||
|
type DNSProvider struct {
|
||||||
|
config edgegrid.Config
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewDNSProvider uses the supplied environment variables to return a DNSProvider instance:
|
||||||
|
// AKAMAI_HOST, AKAMAI_CLIENT_TOKEN, AKAMAI_CLIENT_SECRET, AKAMAI_ACCESS_TOKEN
|
||||||
|
func NewDNSProvider() (*DNSProvider, error) {
|
||||||
|
host := os.Getenv("AKAMAI_HOST")
|
||||||
|
clientToken := os.Getenv("AKAMAI_CLIENT_TOKEN")
|
||||||
|
clientSecret := os.Getenv("AKAMAI_CLIENT_SECRET")
|
||||||
|
accessToken := os.Getenv("AKAMAI_ACCESS_TOKEN")
|
||||||
|
|
||||||
|
return NewDNSProviderClient(host, clientToken, clientSecret, accessToken)
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewDNSProviderClient uses the supplied parameters to return a DNSProvider instance
|
||||||
|
// configured for FastDNS.
|
||||||
|
func NewDNSProviderClient(host, clientToken, clientSecret, accessToken string) (*DNSProvider, error) {
|
||||||
|
if clientToken == "" || clientSecret == "" || accessToken == "" || host == "" {
|
||||||
|
return nil, fmt.Errorf("Akamai FastDNS credentials missing")
|
||||||
|
}
|
||||||
|
config := edgegrid.Config{
|
||||||
|
Host: host,
|
||||||
|
ClientToken: clientToken,
|
||||||
|
ClientSecret: clientSecret,
|
||||||
|
AccessToken: accessToken,
|
||||||
|
MaxBody: 131072,
|
||||||
|
}
|
||||||
|
|
||||||
|
return &DNSProvider{
|
||||||
|
config: config,
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Present creates a TXT record to fullfil the dns-01 challenge.
|
||||||
|
func (c *DNSProvider) Present(domain, token, keyAuth string) error {
|
||||||
|
fqdn, value, ttl := acme.DNS01Record(domain, keyAuth)
|
||||||
|
zoneName, recordName, err := c.findZoneAndRecordName(fqdn, domain)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
configdns.Init(c.config)
|
||||||
|
|
||||||
|
zone, err := configdns.GetZone(zoneName)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
record := configdns.NewTxtRecord()
|
||||||
|
record.SetField("name", recordName)
|
||||||
|
record.SetField("ttl", ttl)
|
||||||
|
record.SetField("target", value)
|
||||||
|
record.SetField("active", true)
|
||||||
|
|
||||||
|
existingRecord := c.findExistingRecord(zone, recordName)
|
||||||
|
|
||||||
|
if existingRecord != nil {
|
||||||
|
if reflect.DeepEqual(existingRecord.ToMap(), record.ToMap()) {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
zone.RemoveRecord(existingRecord)
|
||||||
|
return c.createRecord(zone, record)
|
||||||
|
}
|
||||||
|
|
||||||
|
return c.createRecord(zone, record)
|
||||||
|
}
|
||||||
|
|
||||||
|
// CleanUp removes the record matching the specified parameters.
|
||||||
|
func (c *DNSProvider) CleanUp(domain, token, keyAuth string) error {
|
||||||
|
fqdn, _, _ := acme.DNS01Record(domain, keyAuth)
|
||||||
|
zoneName, recordName, err := c.findZoneAndRecordName(fqdn, domain)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
configdns.Init(c.config)
|
||||||
|
|
||||||
|
zone, err := configdns.GetZone(zoneName)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
existingRecord := c.findExistingRecord(zone, recordName)
|
||||||
|
|
||||||
|
if existingRecord != nil {
|
||||||
|
err := zone.RemoveRecord(existingRecord)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return zone.Save()
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *DNSProvider) findZoneAndRecordName(fqdn, domain string) (string, string, error) {
|
||||||
|
zone, err := acme.FindZoneByFqdn(acme.ToFqdn(domain), acme.RecursiveNameservers)
|
||||||
|
if err != nil {
|
||||||
|
return "", "", err
|
||||||
|
}
|
||||||
|
zone = acme.UnFqdn(zone)
|
||||||
|
name := acme.UnFqdn(fqdn)
|
||||||
|
name = name[:len(name)-len("."+zone)]
|
||||||
|
|
||||||
|
return zone, name, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *DNSProvider) findExistingRecord(zone *configdns.Zone, recordName string) *configdns.TxtRecord {
|
||||||
|
for _, r := range zone.Zone.Txt {
|
||||||
|
if r.Name == recordName {
|
||||||
|
return r
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *DNSProvider) createRecord(zone *configdns.Zone, record *configdns.TxtRecord) error {
|
||||||
|
err := zone.AddRecord(record)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
return zone.Save()
|
||||||
|
}
|
117
providers/dns/fastdns/fastdns_test.go
Normal file
117
providers/dns/fastdns/fastdns_test.go
Normal file
|
@ -0,0 +1,117 @@
|
||||||
|
package fastdns
|
||||||
|
|
||||||
|
import (
|
||||||
|
"os"
|
||||||
|
"testing"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
fastdnsLiveTest bool
|
||||||
|
host string
|
||||||
|
clientToken string
|
||||||
|
clientSecret string
|
||||||
|
accessToken string
|
||||||
|
testDomain string
|
||||||
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
host = os.Getenv("AKAMAI_HOST")
|
||||||
|
clientToken = os.Getenv("AKAMAI_CLIENT_TOKEN")
|
||||||
|
clientSecret = os.Getenv("AKAMAI_CLIENT_SECRET")
|
||||||
|
accessToken = os.Getenv("AKAMAI_ACCESS_TOKEN")
|
||||||
|
testDomain = os.Getenv("AKAMAI_TEST_DOMAIN")
|
||||||
|
|
||||||
|
if len(host) > 0 && len(clientToken) > 0 && len(clientSecret) > 0 && len(accessToken) > 0 {
|
||||||
|
fastdnsLiveTest = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func restoreFastdnsEnv() {
|
||||||
|
os.Setenv("AKAMAI_HOST", host)
|
||||||
|
os.Setenv("AKAMAI_CLIENT_TOKEN", clientToken)
|
||||||
|
os.Setenv("AKAMAI_CLIENT_SECRET", clientSecret)
|
||||||
|
os.Setenv("AKAMAI_ACCESS_TOKEN", accessToken)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestNewDNSProviderValid(t *testing.T) {
|
||||||
|
os.Setenv("AKAMAI_HOST", "")
|
||||||
|
os.Setenv("AKAMAI_CLIENT_TOKEN", "")
|
||||||
|
os.Setenv("AKAMAI_CLIENT_SECRET", "")
|
||||||
|
os.Setenv("AKAMAI_ACCESS_TOKEN", "")
|
||||||
|
_, err := NewDNSProviderClient("somehost", "someclienttoken", "someclientsecret", "someaccesstoken")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
restoreFastdnsEnv()
|
||||||
|
}
|
||||||
|
func TestNewDNSProviderValidEnv(t *testing.T) {
|
||||||
|
os.Setenv("AKAMAI_HOST", "somehost")
|
||||||
|
os.Setenv("AKAMAI_CLIENT_TOKEN", "someclienttoken")
|
||||||
|
os.Setenv("AKAMAI_CLIENT_SECRET", "someclientsecret")
|
||||||
|
os.Setenv("AKAMAI_ACCESS_TOKEN", "someaccesstoken")
|
||||||
|
_, err := NewDNSProvider()
|
||||||
|
assert.NoError(t, err)
|
||||||
|
restoreFastdnsEnv()
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestNewDNSProviderMissingCredErr(t *testing.T) {
|
||||||
|
os.Setenv("AKAMAI_HOST", "")
|
||||||
|
os.Setenv("AKAMAI_CLIENT_TOKEN", "")
|
||||||
|
os.Setenv("AKAMAI_CLIENT_SECRET", "")
|
||||||
|
os.Setenv("AKAMAI_ACCESS_TOKEN", "")
|
||||||
|
|
||||||
|
_, err := NewDNSProvider()
|
||||||
|
assert.EqualError(t, err, "Akamai FastDNS credentials missing")
|
||||||
|
restoreFastdnsEnv()
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestLiveFastdnsPresent(t *testing.T) {
|
||||||
|
if !fastdnsLiveTest {
|
||||||
|
t.Skip("skipping live test")
|
||||||
|
}
|
||||||
|
|
||||||
|
provider, err := NewDNSProviderClient(host, clientToken, clientSecret, accessToken)
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
err = provider.Present(testDomain, "", "123d==")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
// Present Twice to handle create / update
|
||||||
|
err = provider.Present(testDomain, "", "123d==")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestExtractRootRecordName(t *testing.T) {
|
||||||
|
provider, err := NewDNSProviderClient("somehost", "someclienttoken", "someclientsecret", "someaccesstoken")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
zone, recordName, err := provider.findZoneAndRecordName("_acme-challenge.bar.com.", "bar.com")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.Equal(t, "bar.com", zone)
|
||||||
|
assert.Equal(t, "_acme-challenge", recordName)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestExtractSubRecordName(t *testing.T) {
|
||||||
|
provider, err := NewDNSProviderClient("somehost", "someclienttoken", "someclientsecret", "someaccesstoken")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
zone, recordName, err := provider.findZoneAndRecordName("_acme-challenge.foo.bar.com.", "foo.bar.com")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.Equal(t, "bar.com", zone)
|
||||||
|
assert.Equal(t, "_acme-challenge.foo", recordName)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestLiveFastdnsCleanUp(t *testing.T) {
|
||||||
|
if !fastdnsLiveTest {
|
||||||
|
t.Skip("skipping live test")
|
||||||
|
}
|
||||||
|
|
||||||
|
time.Sleep(time.Second * 1)
|
||||||
|
|
||||||
|
provider, err := NewDNSProviderClient(host, clientToken, clientSecret, accessToken)
|
||||||
|
assert.NoError(t, err)
|
||||||
|
|
||||||
|
err = provider.CleanUp(testDomain, "", "123d==")
|
||||||
|
assert.NoError(t, err)
|
||||||
|
}
|
Loading…
Reference in a new issue