Add DNS provider for CloudDNS. (#1106)

2020-04-24 03:13:25 +02:00 · 2020-04-24 03:13:25 +02:00 · d7f39ed321
commit d7f39ed321
parent 5429e50cc2
10 changed files with 910 additions and 16 deletions
--- a/README.md
+++ b/README.md
@ -47,21 +47,21 @@ Detailed documentation is available [here](https://go-acme.github.io/lego/dns).
 |---------------------------------------------------------------------------------|---------------------------------------------------------------------------------|---------------------------------------------------------------------------------|---------------------------------------------------------------------------------|
 | [Alibaba Cloud DNS](https://go-acme.github.io/lego/dns/alidns/)                 | [Amazon Lightsail](https://go-acme.github.io/lego/dns/lightsail/)               | [Amazon Route 53](https://go-acme.github.io/lego/dns/route53/)                  | [Aurora DNS](https://go-acme.github.io/lego/dns/auroradns/)                     |
 | [Autodns](https://go-acme.github.io/lego/dns/autodns/)                          | [Azure](https://go-acme.github.io/lego/dns/azure/)                              | [Bindman](https://go-acme.github.io/lego/dns/bindman/)                          | [Bluecat](https://go-acme.github.io/lego/dns/bluecat/)                          |
-| [Checkdomain](https://go-acme.github.io/lego/dns/checkdomain/)                  | [Cloudflare](https://go-acme.github.io/lego/dns/cloudflare/)                    | [ClouDNS](https://go-acme.github.io/lego/dns/cloudns/)                          | [CloudXNS](https://go-acme.github.io/lego/dns/cloudxns/)                        |
-| [ConoHa](https://go-acme.github.io/lego/dns/conoha/)                            | [Constellix](https://go-acme.github.io/lego/dns/constellix/)                    | [Designate DNSaaS for Openstack](https://go-acme.github.io/lego/dns/designate/) | [Digital Ocean](https://go-acme.github.io/lego/dns/digitalocean/)               |
-| [DNS Made Easy](https://go-acme.github.io/lego/dns/dnsmadeeasy/)                | [DNSimple](https://go-acme.github.io/lego/dns/dnsimple/)                        | [DNSPod](https://go-acme.github.io/lego/dns/dnspod/)                            | [Domain Offensive (do.de)](https://go-acme.github.io/lego/dns/dode/)            |
-| [DreamHost](https://go-acme.github.io/lego/dns/dreamhost/)                      | [Duck DNS](https://go-acme.github.io/lego/dns/duckdns/)                         | [Dyn](https://go-acme.github.io/lego/dns/dyn/)                                  | [Dynu](https://go-acme.github.io/lego/dns/dynu/)                                |
-| [EasyDNS](https://go-acme.github.io/lego/dns/easydns/)                          | [Exoscale](https://go-acme.github.io/lego/dns/exoscale/)                        | [External program](https://go-acme.github.io/lego/dns/exec/)                    | [FastDNS](https://go-acme.github.io/lego/dns/fastdns/)                          |
-| [Gandi Live DNS (v5)](https://go-acme.github.io/lego/dns/gandiv5/)              | [Gandi](https://go-acme.github.io/lego/dns/gandi/)                              | [Glesys](https://go-acme.github.io/lego/dns/glesys/)                            | [Go Daddy](https://go-acme.github.io/lego/dns/godaddy/)                         |
-| [Google Cloud](https://go-acme.github.io/lego/dns/gcloud/)                      | [Hosting.de](https://go-acme.github.io/lego/dns/hostingde/)                     | [HTTP request](https://go-acme.github.io/lego/dns/httpreq/)                     | [Internet Initiative Japan](https://go-acme.github.io/lego/dns/iij/)            |
-| [INWX](https://go-acme.github.io/lego/dns/inwx/)                                | [Joker](https://go-acme.github.io/lego/dns/joker/)                              | [Joohoi's ACME-DNS](https://go-acme.github.io/lego/dns/acme-dns/)               | [Linode (deprecated)](https://go-acme.github.io/lego/dns/linode/)               |
-| [Linode (v4)](https://go-acme.github.io/lego/dns/linodev4/)                     | [Liquid Web](https://go-acme.github.io/lego/dns/liquidweb/)                     | [Manual](https://go-acme.github.io/lego/dns/manual/)                            | [MyDNS.jp](https://go-acme.github.io/lego/dns/mydnsjp/)                         |
-| [Name.com](https://go-acme.github.io/lego/dns/namedotcom/)                      | [Namecheap](https://go-acme.github.io/lego/dns/namecheap/)                      | [Namesilo](https://go-acme.github.io/lego/dns/namesilo/)                        | [Netcup](https://go-acme.github.io/lego/dns/netcup/)                            |
-| [NIFCloud](https://go-acme.github.io/lego/dns/nifcloud/)                        | [NS1](https://go-acme.github.io/lego/dns/ns1/)                                  | [Open Telekom Cloud](https://go-acme.github.io/lego/dns/otc/)                   | [Oracle Cloud](https://go-acme.github.io/lego/dns/oraclecloud/)                 |
-| [OVH](https://go-acme.github.io/lego/dns/ovh/)                                  | [PowerDNS](https://go-acme.github.io/lego/dns/pdns/)                            | [Rackspace](https://go-acme.github.io/lego/dns/rackspace/)                      | [reg.ru](https://go-acme.github.io/lego/dns/regru/)                             |
-| [RFC2136](https://go-acme.github.io/lego/dns/rfc2136/)                          | [RimuHosting](https://go-acme.github.io/lego/dns/rimuhosting/)                  | [Sakura Cloud](https://go-acme.github.io/lego/dns/sakuracloud/)                 | [Scaleway](https://go-acme.github.io/lego/dns/scaleway/)                        |
-| [Selectel](https://go-acme.github.io/lego/dns/selectel/)                        | [Servercow](https://go-acme.github.io/lego/dns/servercow/)                      | [Stackpath](https://go-acme.github.io/lego/dns/stackpath/)                      | [TransIP](https://go-acme.github.io/lego/dns/transip/)                          |
-| [VegaDNS](https://go-acme.github.io/lego/dns/vegadns/)                          | [Versio.[nl/eu/uk]](https://go-acme.github.io/lego/dns/versio/)                 | [Vscale](https://go-acme.github.io/lego/dns/vscale/)                            | [Vultr](https://go-acme.github.io/lego/dns/vultr/)                              |
-| [Zone.ee](https://go-acme.github.io/lego/dns/zoneee/)                           | [Zonomi](https://go-acme.github.io/lego/dns/zonomi/)                            |                                                                                 |                                                                                 |
+| [Checkdomain](https://go-acme.github.io/lego/dns/checkdomain/)                  | [CloudDNS](https://go-acme.github.io/lego/dns/clouddns/)                        | [Cloudflare](https://go-acme.github.io/lego/dns/cloudflare/)                    | [ClouDNS](https://go-acme.github.io/lego/dns/cloudns/)                          |
+| [CloudXNS](https://go-acme.github.io/lego/dns/cloudxns/)                        | [ConoHa](https://go-acme.github.io/lego/dns/conoha/)                            | [Constellix](https://go-acme.github.io/lego/dns/constellix/)                    | [Designate DNSaaS for Openstack](https://go-acme.github.io/lego/dns/designate/) |
+| [Digital Ocean](https://go-acme.github.io/lego/dns/digitalocean/)               | [DNS Made Easy](https://go-acme.github.io/lego/dns/dnsmadeeasy/)                | [DNSimple](https://go-acme.github.io/lego/dns/dnsimple/)                        | [DNSPod](https://go-acme.github.io/lego/dns/dnspod/)                            |
+| [Domain Offensive (do.de)](https://go-acme.github.io/lego/dns/dode/)            | [DreamHost](https://go-acme.github.io/lego/dns/dreamhost/)                      | [Duck DNS](https://go-acme.github.io/lego/dns/duckdns/)                         | [Dyn](https://go-acme.github.io/lego/dns/dyn/)                                  |
+| [Dynu](https://go-acme.github.io/lego/dns/dynu/)                                | [EasyDNS](https://go-acme.github.io/lego/dns/easydns/)                          | [Exoscale](https://go-acme.github.io/lego/dns/exoscale/)                        | [External program](https://go-acme.github.io/lego/dns/exec/)                    |
+| [FastDNS](https://go-acme.github.io/lego/dns/fastdns/)                          | [Gandi Live DNS (v5)](https://go-acme.github.io/lego/dns/gandiv5/)              | [Gandi](https://go-acme.github.io/lego/dns/gandi/)                              | [Glesys](https://go-acme.github.io/lego/dns/glesys/)                            |
+| [Go Daddy](https://go-acme.github.io/lego/dns/godaddy/)                         | [Google Cloud](https://go-acme.github.io/lego/dns/gcloud/)                      | [Hosting.de](https://go-acme.github.io/lego/dns/hostingde/)                     | [HTTP request](https://go-acme.github.io/lego/dns/httpreq/)                     |
+| [Internet Initiative Japan](https://go-acme.github.io/lego/dns/iij/)            | [INWX](https://go-acme.github.io/lego/dns/inwx/)                                | [Joker](https://go-acme.github.io/lego/dns/joker/)                              | [Joohoi's ACME-DNS](https://go-acme.github.io/lego/dns/acme-dns/)               |
+| [Linode (deprecated)](https://go-acme.github.io/lego/dns/linode/)               | [Linode (v4)](https://go-acme.github.io/lego/dns/linodev4/)                     | [Liquid Web](https://go-acme.github.io/lego/dns/liquidweb/)                     | [Manual](https://go-acme.github.io/lego/dns/manual/)                            |
+| [MyDNS.jp](https://go-acme.github.io/lego/dns/mydnsjp/)                         | [Name.com](https://go-acme.github.io/lego/dns/namedotcom/)                      | [Namecheap](https://go-acme.github.io/lego/dns/namecheap/)                      | [Namesilo](https://go-acme.github.io/lego/dns/namesilo/)                        |
+| [Netcup](https://go-acme.github.io/lego/dns/netcup/)                            | [NIFCloud](https://go-acme.github.io/lego/dns/nifcloud/)                        | [NS1](https://go-acme.github.io/lego/dns/ns1/)                                  | [Open Telekom Cloud](https://go-acme.github.io/lego/dns/otc/)                   |
+| [Oracle Cloud](https://go-acme.github.io/lego/dns/oraclecloud/)                 | [OVH](https://go-acme.github.io/lego/dns/ovh/)                                  | [PowerDNS](https://go-acme.github.io/lego/dns/pdns/)                            | [Rackspace](https://go-acme.github.io/lego/dns/rackspace/)                      |
+| [reg.ru](https://go-acme.github.io/lego/dns/regru/)                             | [RFC2136](https://go-acme.github.io/lego/dns/rfc2136/)                          | [RimuHosting](https://go-acme.github.io/lego/dns/rimuhosting/)                  | [Sakura Cloud](https://go-acme.github.io/lego/dns/sakuracloud/)                 |
+| [Scaleway](https://go-acme.github.io/lego/dns/scaleway/)                        | [Selectel](https://go-acme.github.io/lego/dns/selectel/)                        | [Servercow](https://go-acme.github.io/lego/dns/servercow/)                      | [Stackpath](https://go-acme.github.io/lego/dns/stackpath/)                      |
+| [TransIP](https://go-acme.github.io/lego/dns/transip/)                          | [VegaDNS](https://go-acme.github.io/lego/dns/vegadns/)                          | [Versio.[nl/eu/uk]](https://go-acme.github.io/lego/dns/versio/)                 | [Vscale](https://go-acme.github.io/lego/dns/vscale/)                            |
+| [Vultr](https://go-acme.github.io/lego/dns/vultr/)                              | [Zone.ee](https://go-acme.github.io/lego/dns/zoneee/)                           | [Zonomi](https://go-acme.github.io/lego/dns/zonomi/)                            |                                                                                 |

 <!-- END DNS PROVIDERS LIST -->
--- a/cmd/zz_gen_cmd_dnshelp.go
+++ b/cmd/zz_gen_cmd_dnshelp.go
@ -22,6 +22,7 @@ func allDNSCodes() string {
 		"bindman",
 		"bluecat",
 		"checkdomain",
+		"clouddns",
 		"cloudflare",
 		"cloudns",
 		"cloudxns",
@ -262,6 +263,28 @@ func displayDNSHelp(name string) error {
 		ew.writeln()
 		ew.writeln(`More information: https://go-acme.github.io/lego/dns/checkdomain`)

+	case "clouddns":
+		// generated from: providers/dns/clouddns/clouddns.toml
+		ew.writeln(`Configuration for CloudDNS.`)
+		ew.writeln(`Code:	'clouddns'`)
+		ew.writeln(`Since:	'v3.6.0'`)
+		ew.writeln()
+
+		ew.writeln(`Credentials:`)
+		ew.writeln(`	- "CLOUDDNS_CLIENT_ID":	Client ID`)
+		ew.writeln(`	- "CLOUDDNS_EMAIL":	Account email`)
+		ew.writeln(`	- "CLOUDDNS_PASSWORD":	Account password`)
+		ew.writeln()
+
+		ew.writeln(`Additional Configuration:`)
+		ew.writeln(`	- "CLOUDDNS_HTTP_TIMEOUT":	API request timeout`)
+		ew.writeln(`	- "CLOUDDNS_POLLING_INTERVAL":	Time between DNS propagation check`)
+		ew.writeln(`	- "CLOUDDNS_PROPAGATION_TIMEOUT":	Maximum waiting time for DNS propagation`)
+		ew.writeln(`	- "CLOUDDNS_TTL":	The TTL of the TXT record used for the DNS challenge`)
+
+		ew.writeln()
+		ew.writeln(`More information: https://go-acme.github.io/lego/dns/clouddns`)
+
 	case "cloudflare":
 		// generated from: providers/dns/cloudflare/cloudflare.toml
 		ew.writeln(`Configuration for Cloudflare.`)
--- a/docs/content/dns/zz_gen_clouddns.md
+++ b/docs/content/dns/zz_gen_clouddns.md
@ -0,0 +1,66 @@
+---
+title: "CloudDNS"
+date: 2019-03-03T16:39:46+01:00
+draft: false
+slug: clouddns
+---
+
+<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
+<!-- providers/dns/clouddns/clouddns.toml -->
+<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
+
+Since: v3.6.0
+
+Configuration for [CloudDNS](https://vshosting.eu/).
+
+
+<!--more-->
+
+- Code: `clouddns`
+
+Here is an example bash command using the CloudDNS provider:
+
+```bash
+CLOUDDNS_CLIENT_ID=bLsdFAks23429841238feb177a572aX \
+CLOUDDNS_EMAIL=foo@bar.com \
+CLOUDDNS_PASSWORD=b9841238feb177a84330f \
+lego --dns clouddns --domains my.domain.com --email my@email.com run
+```
+
+
+
+
+## Credentials
+
+| Environment Variable Name | Description |
+|-----------------------|-------------|
+| `CLOUDDNS_CLIENT_ID` | Client ID |
+| `CLOUDDNS_EMAIL` | Account email |
+| `CLOUDDNS_PASSWORD` | Account password |
+
+The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
+More information [here](/lego/dns/#configuration-and-credentials).
+
+
+## Additional Configuration
+
+| Environment Variable Name | Description |
+|--------------------------------|-------------|
+| `CLOUDDNS_HTTP_TIMEOUT` | API request timeout |
+| `CLOUDDNS_POLLING_INTERVAL` | Time between DNS propagation check |
+| `CLOUDDNS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
+| `CLOUDDNS_TTL` | The TTL of the TXT record used for the DNS challenge |
+
+The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
+More information [here](/lego/dns/#configuration-and-credentials).
+
+
+
+
+## More information
+
+- [API documentation](https://admin.vshosting.cloud/clouddns/swagger/)
+
+<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
+<!-- providers/dns/clouddns/clouddns.toml -->
+<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
--- a/providers/dns/clouddns/clouddns.go
+++ b/providers/dns/clouddns/clouddns.go
@ -0,0 +1,137 @@
+// Package clouddns implements a DNS provider for solving the DNS-01 challenge using CloudDNS API.
+package clouddns
+
+import (
+	"errors"
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/go-acme/lego/v3/challenge/dns01"
+	"github.com/go-acme/lego/v3/platform/config/env"
+	"github.com/go-acme/lego/v3/providers/dns/clouddns/internal"
+)
+
+// Environment variables names.
+const (
+	envNamespace = "CLOUDDNS_"
+
+	EnvClientID = envNamespace + "CLIENT_ID"
+	EnvEmail    = envNamespace + "EMAIL"
+	EnvPassword = envNamespace + "PASSWORD"
+
+	EnvTTL                = envNamespace + "TTL"
+	EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
+	EnvPollingInterval    = envNamespace + "POLLING_INTERVAL"
+	EnvHTTPTimeout        = envNamespace + "HTTP_TIMEOUT"
+)
+
+// Config is used to configure the DNSProvider.
+type Config struct {
+	ClientID string
+	Email    string
+	Password string
+
+	TTL                int
+	PropagationTimeout time.Duration
+	PollingInterval    time.Duration
+	HTTPClient         *http.Client
+}
+
+// NewDefaultConfig returns a default configuration for the DNSProvider.
+func NewDefaultConfig() *Config {
+	return &Config{
+		TTL:                env.GetOrDefaultInt(EnvTTL, 300),
+		PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, 120*time.Second),
+		PollingInterval:    env.GetOrDefaultSecond(EnvPollingInterval, 5*time.Second),
+		HTTPClient: &http.Client{
+			Timeout: env.GetOrDefaultSecond(EnvHTTPTimeout, 30*time.Second),
+		},
+	}
+}
+
+// DNSProvider is an implementation of the challenge. Provider interface
+// that uses CloudDNS API to manage TXT records for a domain.
+type DNSProvider struct {
+	client *internal.Client
+	config *Config
+}
+
+// NewDNSProvider returns a DNSProvider instance configured for CloudDNS.
+// Credentials must be passed in the environment variables:
+// CLOUDDNS_CLIENT_ID, CLOUDDNS_EMAIL, CLOUDDNS_PASSWORD.
+func NewDNSProvider() (*DNSProvider, error) {
+	values, err := env.Get(EnvClientID, EnvEmail, EnvPassword)
+	if err != nil {
+		return nil, fmt.Errorf("clouddns: %w", err)
+	}
+
+	config := NewDefaultConfig()
+	config.ClientID = values[EnvClientID]
+	config.Email = values[EnvEmail]
+	config.Password = values[EnvPassword]
+
+	return NewDNSProviderConfig(config)
+}
+
+// NewDNSProviderConfig return a DNSProvider instance configured for CloudDNS
+func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
+	if config == nil {
+		return nil, errors.New("clouddns: the configuration of the DNS provider is nil")
+	}
+
+	if config.ClientID == "" || config.Email == "" || config.Password == "" {
+		return nil, errors.New("clouddns: credentials missing")
+	}
+
+	client := internal.NewClient(config.ClientID, config.Email, config.Password, config.TTL)
+
+	if config.HTTPClient != nil {
+		client.HTTPClient = config.HTTPClient
+	}
+
+	return &DNSProvider{
+		client: client,
+		config: config,
+	}, nil
+}
+
+// Timeout returns the timeout and interval to use when checking for DNS propagation.
+// Adjusting here to cope with spikes in propagation times.
+func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
+	return d.config.PropagationTimeout, d.config.PollingInterval
+}
+
+// Present creates a TXT record using the specified parameters.
+func (d *DNSProvider) Present(domain, token, keyAuth string) error {
+	fqdn, value := dns01.GetRecord(domain, keyAuth)
+
+	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	if err != nil {
+		return fmt.Errorf("clouddns: %w", err)
+	}
+
+	err = d.client.AddRecord(authZone, fqdn, value)
+	if err != nil {
+		return fmt.Errorf("clouddns: %w", err)
+	}
+
+	return nil
+}
+
+// CleanUp removes the TXT record matching the specified parameters.
+func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
+	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+
+	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	if err != nil {
+		return fmt.Errorf("clouddns: %w", err)
+	}
+
+	err = d.client.DeleteRecord(authZone, fqdn)
+	if err != nil {
+		return fmt.Errorf("clouddns: %w", err)
+	}
+
+	return nil
+}
--- a/providers/dns/clouddns/clouddns.toml
+++ b/providers/dns/clouddns/clouddns.toml
@ -0,0 +1,28 @@
+Name = "CloudDNS"
+Description = ''''''
+URL = "https://vshosting.eu/"
+Code = "clouddns"
+Since = "v3.6.0"
+
+Example = '''
+CLOUDDNS_CLIENT_ID=bLsdFAks23429841238feb177a572aX \
+CLOUDDNS_EMAIL=foo@bar.com \
+CLOUDDNS_PASSWORD=b9841238feb177a84330f \
+lego --dns clouddns --domains my.domain.com --email my@email.com run
+'''
+
+[Configuration]
+  [Configuration.Credentials]
+    CLOUDDNS_CLIENT_ID = "Client ID"
+    CLOUDDNS_EMAIL = "Account email"
+    CLOUDDNS_PASSWORD = "Account password"
+  [Configuration.Additional]
+    CLOUDDNS_POLLING_INTERVAL = "Time between DNS propagation check"
+    CLOUDDNS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
+    CLOUDDNS_TTL = "The TTL of the TXT record used for the DNS challenge"
+    CLOUDDNS_HTTP_TIMEOUT = "API request timeout"
+
+[Links]
+  API = "https://admin.vshosting.cloud/clouddns/swagger/"
+  APIAdmin = "https://admin.vshosting.cloud/api/public/swagger/"
+  Documentation = "https://github.com/vshosting/clouddns"
--- a/providers/dns/clouddns/clouddns_test.go
+++ b/providers/dns/clouddns/clouddns_test.go
@ -0,0 +1,171 @@
+package clouddns
+
+import (
+	"testing"
+	"time"
+
+	"github.com/go-acme/lego/v3/platform/tester"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+const envDomain = envNamespace + "DOMAIN"
+
+var envTest = tester.NewEnvTest(
+	EnvClientID,
+	EnvEmail,
+	EnvPassword).
+	WithDomain(envDomain)
+
+func TestNewDNSProvider(t *testing.T) {
+	testCases := []struct {
+		desc     string
+		envVars  map[string]string
+		expected string
+	}{
+		{
+			desc: "success",
+			envVars: map[string]string{
+				EnvClientID: "client123",
+				EnvEmail:    "test@example.com",
+				EnvPassword: "password123",
+			},
+		},
+		{
+			desc: "missing clientId",
+			envVars: map[string]string{
+				EnvClientID: "",
+				EnvEmail:    "test@example.com",
+				EnvPassword: "password123",
+			},
+			expected: "clouddns: some credentials information are missing: CLOUDDNS_CLIENT_ID",
+		},
+		{
+			desc: "missing email",
+			envVars: map[string]string{
+				EnvClientID: "client123",
+				EnvEmail:    "",
+				EnvPassword: "password123",
+			},
+			expected: "clouddns: some credentials information are missing: CLOUDDNS_EMAIL",
+		},
+		{
+			desc: "missing password",
+			envVars: map[string]string{
+				EnvClientID: "client123",
+				EnvEmail:    "test@example.com",
+				EnvPassword: "",
+			},
+			expected: "clouddns: some credentials information are missing: CLOUDDNS_PASSWORD",
+		},
+	}
+
+	for _, test := range testCases {
+		t.Run(test.desc, func(t *testing.T) {
+			defer envTest.RestoreEnv()
+			envTest.ClearEnv()
+
+			envTest.Apply(test.envVars)
+
+			p, err := NewDNSProvider()
+
+			if len(test.expected) == 0 {
+				require.NoError(t, err)
+				require.NotNil(t, p)
+				assert.NotNil(t, p.config)
+				assert.NotNil(t, p.client)
+			} else {
+				require.EqualError(t, err, test.expected)
+			}
+		})
+	}
+}
+
+func TestNewDNSProviderConfig(t *testing.T) {
+	testCases := []struct {
+		desc     string
+		clientID string
+		email    string
+		password string
+		expected string
+	}{
+		{
+			desc:     "success",
+			clientID: "ID",
+			email:    "test@example.com",
+			password: "secret",
+		},
+		{
+			desc:     "missing credentials",
+			expected: "clouddns: credentials missing",
+		},
+		{
+			desc:     "missing client ID",
+			clientID: "",
+			email:    "test@example.com",
+			password: "secret",
+			expected: "clouddns: credentials missing",
+		},
+		{
+			desc:     "missing email",
+			clientID: "ID",
+			email:    "",
+			password: "secret",
+			expected: "clouddns: credentials missing",
+		},
+		{
+			desc:     "missing password",
+			clientID: "ID",
+			email:    "test@example.com",
+			password: "",
+			expected: "clouddns: credentials missing",
+		},
+	}
+
+	for _, test := range testCases {
+		t.Run(test.desc, func(t *testing.T) {
+			config := NewDefaultConfig()
+			config.ClientID = test.clientID
+			config.Email = test.email
+			config.Password = test.password
+
+			p, err := NewDNSProviderConfig(config)
+
+			if len(test.expected) == 0 {
+				require.NoError(t, err)
+				require.NotNil(t, p)
+				require.NotNil(t, p.config)
+			} else {
+				require.EqualError(t, err, test.expected)
+			}
+		})
+	}
+}
+
+func TestLivePresent(t *testing.T) {
+	if !envTest.IsLiveTest() {
+		t.Skip("skipping live test")
+	}
+
+	envTest.RestoreEnv()
+	provider, err := NewDNSProvider()
+	require.NoError(t, err)
+
+	err = provider.Present(envTest.GetDomain(), "", "123d==")
+	require.NoError(t, err)
+}
+
+func TestLiveCleanUp(t *testing.T) {
+	if !envTest.IsLiveTest() {
+		t.Skip("skipping live test")
+	}
+
+	envTest.RestoreEnv()
+	provider, err := NewDNSProvider()
+	require.NoError(t, err)
+
+	time.Sleep(2 * time.Second)
+
+	err = provider.CleanUp(envTest.GetDomain(), "", "123d==")
+	require.NoError(t, err)
+}
--- a/providers/dns/clouddns/internal/client.go
+++ b/providers/dns/clouddns/internal/client.go
@ -0,0 +1,262 @@
+package internal
+
+import (
+	"bytes"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net/http"
+)
+
+const (
+	apiBaseURL = "https://admin.vshosting.cloud/clouddns"
+	loginURL   = "https://admin.vshosting.cloud/api/public/auth/login"
+)
+
+// Client handles all communication with CloudDNS API.
+type Client struct {
+	AccessToken string
+	ClientID    string
+	Email       string
+	Password    string
+	TTL         int
+	HTTPClient  *http.Client
+
+	apiBaseURL string
+	loginURL   string
+}
+
+// NewClient returns a Client instance configured to handle CloudDNS API communication.
+func NewClient(clientID string, email string, password string, ttl int) *Client {
+	return &Client{
+		ClientID:   clientID,
+		Email:      email,
+		Password:   password,
+		TTL:        ttl,
+		HTTPClient: &http.Client{},
+		apiBaseURL: apiBaseURL,
+		loginURL:   loginURL,
+	}
+}
+
+// AddRecord is a high level method to add a new record into CloudDNS zone.
+func (c *Client) AddRecord(zone, recordName, recordValue string) error {
+	domain, err := c.getDomain(zone)
+	if err != nil {
+		return err
+	}
+
+	record := Record{DomainID: domain.ID, Name: recordName, Value: recordValue, Type: "TXT"}
+
+	err = c.addTxtRecord(record)
+	if err != nil {
+		return err
+	}
+
+	return c.publishRecords(domain.ID)
+}
+
+// DeleteRecord is a high level method to remove a record from zone.
+func (c *Client) DeleteRecord(zone, recordName string) error {
+	domain, err := c.getDomain(zone)
+	if err != nil {
+		return err
+	}
+
+	record, err := c.getRecord(domain.ID, recordName)
+	if err != nil {
+		return err
+	}
+
+	err = c.deleteRecord(record)
+	if err != nil {
+		return err
+	}
+
+	return c.publishRecords(domain.ID)
+}
+
+func (c *Client) addTxtRecord(record Record) error {
+	body, err := json.Marshal(record)
+	if err != nil {
+		return err
+	}
+
+	_, err = c.doAPIRequest(http.MethodPost, "record-txt", bytes.NewReader(body))
+	return err
+}
+
+func (c *Client) deleteRecord(record Record) error {
+	endpoint := fmt.Sprintf("record/%s", record.ID)
+	_, err := c.doAPIRequest(http.MethodDelete, endpoint, nil)
+	return err
+}
+
+func (c *Client) getDomain(zone string) (Domain, error) {
+	searchQuery := SearchQuery{
+		Search: []Search{
+			{Name: "clientId", Operator: "eq", Value: c.ClientID},
+			{Name: "domainName", Operator: "eq", Value: zone},
+		},
+	}
+
+	body, err := json.Marshal(searchQuery)
+	if err != nil {
+		return Domain{}, err
+	}
+
+	resp, err := c.doAPIRequest(http.MethodPost, "domain/search", bytes.NewReader(body))
+	if err != nil {
+		return Domain{}, err
+	}
+
+	var result SearchResponse
+	err = json.Unmarshal(resp, &result)
+	if err != nil {
+		return Domain{}, err
+	}
+
+	if len(result.Items) == 0 {
+		return Domain{}, fmt.Errorf("domain not found: %s", zone)
+	}
+
+	return result.Items[0], nil
+}
+
+func (c *Client) getRecord(domainID, recordName string) (Record, error) {
+	endpoint := fmt.Sprintf("domain/%s", domainID)
+	resp, err := c.doAPIRequest(http.MethodGet, endpoint, nil)
+	if err != nil {
+		return Record{}, err
+	}
+
+	var result DomainInfo
+	err = json.Unmarshal(resp, &result)
+	if err != nil {
+		return Record{}, err
+	}
+
+	for _, record := range result.LastDomainRecordList {
+		if record.Name == recordName && record.Type == "TXT" {
+			return record, nil
+		}
+	}
+
+	return Record{}, fmt.Errorf("record not found: domainID %s, name %s", domainID, recordName)
+}
+
+func (c *Client) publishRecords(domainID string) error {
+	body, err := json.Marshal(DomainInfo{SoaTTL: c.TTL})
+	if err != nil {
+		return err
+	}
+
+	endpoint := fmt.Sprintf("domain/%s/publish", domainID)
+	_, err = c.doAPIRequest(http.MethodPut, endpoint, bytes.NewReader(body))
+	return err
+}
+
+func (c *Client) login() error {
+	authorization := Authorization{Email: c.Email, Password: c.Password}
+
+	body, err := json.Marshal(authorization)
+	if err != nil {
+		return err
+	}
+
+	req, err := http.NewRequest(http.MethodPost, c.loginURL, bytes.NewReader(body))
+	if err != nil {
+		return err
+	}
+
+	req.Header.Set("Content-Type", "application/json")
+
+	content, err := c.doRequest(req)
+	if err != nil {
+		return err
+	}
+
+	var result AuthResponse
+	err = json.Unmarshal(content, &result)
+	if err != nil {
+		return err
+	}
+
+	c.AccessToken = result.Auth.AccessToken
+
+	return nil
+}
+
+func (c *Client) doAPIRequest(method, endpoint string, body io.Reader) ([]byte, error) {
+	if c.AccessToken == "" {
+		err := c.login()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	url := fmt.Sprintf("%s/%s", c.apiBaseURL, endpoint)
+
+	req, err := c.newRequest(method, url, body)
+	if err != nil {
+		return nil, err
+	}
+
+	content, err := c.doRequest(req)
+	if err != nil {
+		return nil, err
+	}
+
+	return content, nil
+}
+
+func (c *Client) newRequest(method, reqURL string, body io.Reader) (*http.Request, error) {
+	req, err := http.NewRequest(method, reqURL, body)
+	if err != nil {
+		return nil, err
+	}
+
+	req.Header.Set("Content-Type", "application/json")
+	req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.AccessToken))
+
+	return req, nil
+}
+
+func (c *Client) doRequest(req *http.Request) ([]byte, error) {
+	resp, err := c.HTTPClient.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode >= 400 {
+		return nil, readError(req, resp)
+	}
+
+	content, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return nil, err
+	}
+	return content, nil
+}
+
+func readError(req *http.Request, resp *http.Response) error {
+	content, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return errors.New(toUnreadableBodyMessage(req, content))
+	}
+
+	var errInfo APIError
+	err = json.Unmarshal(content, &errInfo)
+	if err != nil {
+		return fmt.Errorf("APIError unmarshaling error: %w: %s", err, toUnreadableBodyMessage(req, content))
+	}
+
+	return fmt.Errorf("HTTP %d: code %v: %s", resp.StatusCode, errInfo.Error.Code, errInfo.Error.Message)
+}
+
+func toUnreadableBodyMessage(req *http.Request, rawBody []byte) string {
+	return fmt.Sprintf("the request %s sent a response with a body which is an invalid format: %q", req.URL, string(rawBody))
+}
--- a/providers/dns/clouddns/internal/client_test.go
+++ b/providers/dns/clouddns/internal/client_test.go
@ -0,0 +1,130 @@
+package internal
+
+import (
+	"encoding/json"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func TestClient_AddRecord(t *testing.T) {
+	mux := http.NewServeMux()
+
+	mux.HandleFunc("/api/domain/search", func(rw http.ResponseWriter, req *http.Request) {
+		response := SearchResponse{
+			Items: []Domain{
+				{
+					ID:         "A",
+					DomainName: "example.com",
+				},
+			},
+		}
+
+		err := json.NewEncoder(rw).Encode(response)
+		if err != nil {
+			http.Error(rw, err.Error(), http.StatusInternalServerError)
+			return
+		}
+	})
+	mux.HandleFunc("/api/record-txt", func(rw http.ResponseWriter, req *http.Request) {})
+	mux.HandleFunc("/api/domain/A/publish", func(rw http.ResponseWriter, req *http.Request) {})
+	mux.HandleFunc("/login", func(rw http.ResponseWriter, req *http.Request) {
+		response := AuthResponse{
+			Auth: Auth{
+				AccessToken:  "at",
+				RefreshToken: "",
+			},
+		}
+
+		err := json.NewEncoder(rw).Encode(response)
+		if err != nil {
+			http.Error(rw, err.Error(), http.StatusInternalServerError)
+			return
+		}
+	})
+
+	server := httptest.NewServer(mux)
+	t.Cleanup(func() {
+		server.Close()
+	})
+
+	client := NewClient("clientID", "email@example.com", "secret", 300)
+	client.apiBaseURL = server.URL + "/api"
+	client.loginURL = server.URL + "/login"
+
+	err := client.AddRecord("example.com", "_acme-challenge.example.com", "txt")
+	require.NoError(t, err)
+}
+
+func TestClient_DeleteRecord(t *testing.T) {
+	mux := http.NewServeMux()
+
+	mux.HandleFunc("/api/domain/search", func(rw http.ResponseWriter, req *http.Request) {
+		response := SearchResponse{
+			Items: []Domain{
+				{
+					ID:         "A",
+					DomainName: "example.com",
+				},
+			},
+		}
+
+		err := json.NewEncoder(rw).Encode(response)
+		if err != nil {
+			http.Error(rw, err.Error(), http.StatusInternalServerError)
+			return
+		}
+	})
+	mux.HandleFunc("/api/domain/A", func(rw http.ResponseWriter, req *http.Request) {
+		response := DomainInfo{
+			ID:         "Z",
+			DomainName: "example.com",
+			LastDomainRecordList: []Record{
+				{
+					ID:       "R01",
+					DomainID: "A",
+					Name:     "_acme-challenge.example.com",
+					Value:    "txt",
+					Type:     "TXT",
+				},
+			},
+			SoaTTL: 300,
+		}
+
+		err := json.NewEncoder(rw).Encode(response)
+		if err != nil {
+			http.Error(rw, err.Error(), http.StatusInternalServerError)
+			return
+		}
+	})
+	mux.HandleFunc("/api/record/R01", func(rw http.ResponseWriter, req *http.Request) {})
+	mux.HandleFunc("/api/domain/A/publish", func(rw http.ResponseWriter, req *http.Request) {})
+	mux.HandleFunc("/login", func(rw http.ResponseWriter, req *http.Request) {
+		response := AuthResponse{
+			Auth: Auth{
+				AccessToken:  "at",
+				RefreshToken: "",
+			},
+		}
+
+		err := json.NewEncoder(rw).Encode(response)
+		if err != nil {
+			http.Error(rw, err.Error(), http.StatusInternalServerError)
+			return
+		}
+	})
+
+	server := httptest.NewServer(mux)
+	t.Cleanup(func() {
+		server.Close()
+	})
+
+	client := NewClient("clientID", "email@example.com", "secret", 300)
+	client.apiBaseURL = server.URL + "/api"
+	client.loginURL = server.URL + "/login"
+
+	err := client.DeleteRecord("example.com", "_acme-challenge.example.com")
+	require.NoError(t, err)
+}
--- a/providers/dns/clouddns/internal/models.go
+++ b/providers/dns/clouddns/internal/models.go
@ -0,0 +1,74 @@
+package internal
+
+type APIError struct {
+	Error ErrorContent `json:"error"`
+}
+
+type ErrorContent struct {
+	Code    int    `json:"code,omitempty"`
+	Message string `json:"message,omitempty"`
+}
+
+type Authorization struct {
+	Email    string `json:"email,omitempty"`
+	Password string `json:"password,omitempty"`
+}
+
+type AuthResponse struct {
+	Auth Auth `json:"auth,omitempty"`
+}
+
+type Auth struct {
+	AccessToken  string `json:"accessToken,omitempty"`
+	RefreshToken string `json:"refreshToken,omitempty"`
+}
+
+type SearchQuery struct {
+	Limit  int      `json:"limit,omitempty"`
+	Offset int      `json:"offset,omitempty"`
+	Search []Search `json:"search,omitempty"`
+	Sort   []Sort   `json:"sort,omitempty"`
+}
+
+// Search used for searches in the CloudDNS API.
+type Search struct {
+	Name     string `json:"name,omitempty"`
+	Operator string `json:"operator,omitempty"`
+	Type     string `json:"type,omitempty"`
+	Value    string `json:"value,omitempty"`
+}
+
+type Sort struct {
+	Ascending bool   `json:"ascending,omitempty"`
+	Name      string `json:"name,omitempty"`
+}
+
+type SearchResponse struct {
+	Items     []Domain `json:"items,omitempty"`
+	Limit     int      `json:"limit,omitempty"`
+	Offset    int      `json:"offset,omitempty"`
+	TotalHits int      `json:"totalHits,omitempty"`
+}
+
+type Domain struct {
+	ID         string `json:"id,omitempty"`
+	DomainName string `json:"domainName,omitempty"`
+	Status     string `json:"status,omitempty"`
+}
+
+// Record represents a DNS record.
+type Record struct {
+	ID       string `json:"id,omitempty"`
+	DomainID string `json:"domainId,omitempty"`
+	Name     string `json:"name,omitempty"`
+	Value    string `json:"value,omitempty"`
+	Type     string `json:"type,omitempty"`
+}
+
+type DomainInfo struct {
+	ID                   string   `json:"id,omitempty"`
+	DomainName           string   `json:"domainName,omitempty"`
+	LastDomainRecordList []Record `json:"lastDomainRecordList,omitempty"`
+	SoaTTL               int      `json:"soaTtl,omitempty"`
+	Status               string   `json:"status,omitempty"`
+}
--- a/providers/dns/dns_providers.go
+++ b/providers/dns/dns_providers.go
@ -13,6 +13,7 @@ import (
 	"github.com/go-acme/lego/v3/providers/dns/bindman"
 	"github.com/go-acme/lego/v3/providers/dns/bluecat"
 	"github.com/go-acme/lego/v3/providers/dns/checkdomain"
+	"github.com/go-acme/lego/v3/providers/dns/clouddns"
 	"github.com/go-acme/lego/v3/providers/dns/cloudflare"
 	"github.com/go-acme/lego/v3/providers/dns/cloudns"
 	"github.com/go-acme/lego/v3/providers/dns/cloudxns"
@ -95,6 +96,8 @@ func NewDNSChallengeProviderByName(name string) (challenge.Provider, error) {
 		return bluecat.NewDNSProvider()
 	case "checkdomain":
 		return checkdomain.NewDNSProvider()
+	case "clouddns":
+		return clouddns.NewDNSProvider()
 	case "cloudflare":
 		return cloudflare.NewDNSProvider()
 	case "cloudns":