Different DNS providers were handling credentials in different ways.
Some were reading credential environment variables in cli_handlers.go
and then passing them into the NewDNSProvider function, while others
were reading the environment variables within their NewDNSProvider
functions.
This change replaces each DNS challenge's NewDNSProvider function with
two new functions: (1) a NewDNSProvider function that takes no
parameters and uses the environment to read credentials, and (2) a
NewDNSProviderCredentials that takes credentials as parameters.
Use GCE_PROJECT to designate your GCE project.
Authentication is automatically picked up from gcloud credentials if
running locally and from GCE metadata if run within Google Cloud.
Requires at least permission scope
"https://www.googleapis.com/auth/ndev.clouddns.readwrite"
This commit adds support for Dyn, specifically Dyn Managed DNS. Makes
use of the Dyn REST API [1] and requires 3 environment variables for
credentails:
DYN_CUSTOMER_NAME
DYN_USER_NAME
DYN_PASSWORD
The Dyn DNS API requires a session to be established first using the
credentials above, After creating a session an api token is used for
subsequent requests.
The unit test performs a "live test" and currently requires a valid Dyn
account and domain.
[1] https://help.dyn.com/rest/
Move the DNS provider (--dns) help to a separate command and elaborate on its usage by providing an example.
This should reduce clutter in the the help system's usage text.
- Reworked the code in dns_challenge.go to not assume nameserver is
port-less or defaults to 53. (messes up testing)
- Updated nameserver test to clear the fqdn2zone cache and return a dummy
SOA RR to make initial findZoneByFqdn call happy.
- Used publicsuffix library to determine if the "authorative" zone we found
is a public registry, in that case error out. (Also used by boulder btw)
- Removal of RFC2136_ZONE from help text
- Query nameserver directly to find zone we have to update
- During insert, make sure the new record is the ONLY challence.
(I had a few panics, hence 3 challences left. Not good.)
