Merge pull request #163 from rgl/master

Add DNS challenge provider for Vultr.
2016-03-23 22:44:58 +01:00 · 2016-03-23 22:44:58 +01:00 · 1ee5cbd9e8
commit 1ee5cbd9e8
parent 1469abcb0c 4d7223057d
4 changed files with 196 additions and 0 deletions
--- a/cli.go
+++ b/cli.go
@ -169,6 +169,7 @@ Here is an example bash command using the CloudFlare DNS provider:
 	fmt.Fprintln(w, "\trfc2136:\tRFC2136_TSIG_KEY, RFC2136_TSIG_SECRET,\n\t\tRFC2136_TSIG_ALGORITHM, RFC2136_NAMESERVER")
 	fmt.Fprintln(w, "\troute53:\tAWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION")
 	fmt.Fprintln(w, "\tdyn:\tDYN_CUSTOMER_NAME, DYN_USER_NAME, DYN_PASSWORD")
+	fmt.Fprintln(w, "\tvultr:\tVULTR_API_KEY")
 	w.Flush()

 	fmt.Println(`
--- a/cli_handlers.go
+++ b/cli_handlers.go
@ -20,6 +20,7 @@ import (
 	"github.com/xenolf/lego/providers/dns/namecheap"
 	"github.com/xenolf/lego/providers/dns/rfc2136"
 	"github.com/xenolf/lego/providers/dns/route53"
+	"github.com/xenolf/lego/providers/dns/vultr"
 	"github.com/xenolf/lego/providers/http/webroot"
 )

@ -108,6 +109,8 @@ func setup(c *cli.Context) (*Configuration, *Account, *acme.Client) {
 			provider, err = route53.NewDNSProvider()
 		case "rfc2136":
 			provider, err = rfc2136.NewDNSProvider()
+		case "vultr":
+			provider, err = vultr.NewDNSProvider()
 		}

 		if err != nil {
--- a/providers/dns/vultr/vultr.go
+++ b/providers/dns/vultr/vultr.go
@ -0,0 +1,127 @@
+// Package vultr implements a DNS provider for solving the DNS-01 challenge using
+// the vultr DNS.
+// See https://www.vultr.com/api/#dns
+package vultr
+
+import (
+	"fmt"
+	"os"
+	"strings"
+
+	vultr "github.com/JamesClonk/vultr/lib"
+	"github.com/xenolf/lego/acme"
+)
+
+// DNSProvider is an implementation of the acme.ChallengeProvider interface.
+type DNSProvider struct {
+	client *vultr.Client
+}
+
+// NewDNSProvider returns a DNSProvider instance with a configured Vultr client.
+// Authentication uses the VULTR_API_KEY environment variable.
+func NewDNSProvider() (*DNSProvider, error) {
+	apiKey := os.Getenv("VULTR_API_KEY")
+	return NewDNSProviderCredentials(apiKey)
+}
+
+// NewDNSProviderCredentials uses the supplied credentials to return a DNSProvider
+// instance configured for Vultr.
+func NewDNSProviderCredentials(apiKey string) (*DNSProvider, error) {
+	if apiKey == "" {
+		return nil, fmt.Errorf("Vultr credentials missing")
+	}
+
+	c := &DNSProvider{
+		client: vultr.NewClient(apiKey, nil),
+	}
+
+	return c, nil
+}
+
+// Present creates a TXT record to fulfil the DNS-01 challenge.
+func (c *DNSProvider) Present(domain, token, keyAuth string) error {
+	fqdn, value, ttl := acme.DNS01Record(domain, keyAuth)
+
+	zoneDomain, err := c.getHostedZone(domain)
+	if err != nil {
+		return err
+	}
+
+	name := c.extractRecordName(fqdn, zoneDomain)
+
+	err = c.client.CreateDnsRecord(zoneDomain, name, "TXT", `"`+value+`"`, 0, ttl)
+	if err != nil {
+		return fmt.Errorf("Vultr API call failed: %v", err)
+	}
+
+	return nil
+}
+
+// CleanUp removes the TXT record matching the specified parameters.
+func (c *DNSProvider) CleanUp(domain, token, keyAuth string) error {
+	fqdn, _, _ := acme.DNS01Record(domain, keyAuth)
+
+	zoneDomain, records, err := c.findTxtRecords(domain, fqdn)
+	if err != nil {
+		return err
+	}
+
+	for _, rec := range records {
+		err := c.client.DeleteDnsRecord(zoneDomain, rec.RecordID)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (c *DNSProvider) getHostedZone(domain string) (string, error) {
+	domains, err := c.client.GetDnsDomains()
+	if err != nil {
+		return "", fmt.Errorf("Vultr API call failed: %v", err)
+	}
+
+	var hostedDomain vultr.DnsDomain
+	for _, d := range domains {
+		if strings.HasSuffix(domain, d.Domain) {
+			if len(d.Domain) > len(hostedDomain.Domain) {
+				hostedDomain = d
+			}
+		}
+	}
+	if hostedDomain.Domain == "" {
+		return "", fmt.Errorf("No matching Vultr domain found for domain %s", domain)
+	}
+
+	return hostedDomain.Domain, nil
+}
+
+func (c *DNSProvider) findTxtRecords(domain, fqdn string) (string, []vultr.DnsRecord, error) {
+	zoneDomain, err := c.getHostedZone(domain)
+	if err != nil {
+		return "", nil, err
+	}
+
+	var records []vultr.DnsRecord
+	result, err := c.client.GetDnsRecords(zoneDomain)
+	if err != nil {
+		return "", records, fmt.Errorf("Vultr API call has failed: %v", err)
+	}
+
+	recordName := c.extractRecordName(fqdn, zoneDomain)
+	for _, record := range result {
+		if record.Type == "TXT" && record.Name == recordName {
+			records = append(records, record)
+		}
+	}
+
+	return zoneDomain, records, nil
+}
+
+func (c *DNSProvider) extractRecordName(fqdn, domain string) string {
+	name := acme.UnFqdn(fqdn)
+	if idx := strings.Index(name, "."+domain); idx != -1 {
+		return name[:idx]
+	}
+	return name
+}
--- a/providers/dns/vultr/vultr_test.go
+++ b/providers/dns/vultr/vultr_test.go
@ -0,0 +1,65 @@
+package vultr
+
+import (
+	"os"
+	"testing"
+	"time"
+
+	"github.com/stretchr/testify/assert"
+)
+
+var (
+	liveTest bool
+	apiKey   string
+	domain   string
+)
+
+func init() {
+	apiKey = os.Getenv("VULTR_API_KEY")
+	domain = os.Getenv("VULTR_TEST_DOMAIN")
+	liveTest = len(apiKey) > 0 && len(domain) > 0
+}
+
+func restoreEnv() {
+	os.Setenv("VULTR_API_KEY", apiKey)
+}
+
+func TestNewDNSProviderValidEnv(t *testing.T) {
+	os.Setenv("VULTR_API_KEY", "123")
+	defer restoreEnv()
+	_, err := NewDNSProvider()
+	assert.NoError(t, err)
+}
+
+func TestNewDNSProviderMissingCredErr(t *testing.T) {
+	os.Setenv("VULTR_API_KEY", "")
+	defer restoreEnv()
+	_, err := NewDNSProvider()
+	assert.EqualError(t, err, "Vultr credentials missing")
+}
+
+func TestLivePresent(t *testing.T) {
+	if !liveTest {
+		t.Skip("skipping live test")
+	}
+
+	provider, err := NewDNSProvider()
+	assert.NoError(t, err)
+
+	err = provider.Present(domain, "", "123d==")
+	assert.NoError(t, err)
+}
+
+func TestLiveCleanUp(t *testing.T) {
+	if !liveTest {
+		t.Skip("skipping live test")
+	}
+
+	time.Sleep(time.Second * 1)
+
+	provider, err := NewDNSProvider()
+	assert.NoError(t, err)
+
+	err = provider.CleanUp(domain, "", "123d==")
+	assert.NoError(t, err)
+}