From 62fea05e21ab69ede01ebcfdae2cf78b8a58028d Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Fri, 8 Mar 2019 19:47:06 +0100 Subject: [PATCH] Automatic generation of documentation (#818) * generate a detailed CLI help * generate a documentation site * new readme --- .dockerignore | 1 + .travis.yml | 23 +- CONTRIBUTING.md | 59 - Dockerfile | 4 +- Gopkg.lock | 9 + Makefile | 23 +- README.md | 313 +---- cmd/cmd_dnshelp.go | 153 +-- cmd/zz_gen_cmd_dnshelp.go | 1144 +++++++++++++++++ docs/.gitignore | 2 + docs/Makefile | 20 + docs/archetypes/default.md | 6 + docs/config.toml | 67 + docs/content/_index.md | 30 + docs/content/dns/_index.md | 18 + docs/content/dns/manual.md | 59 + docs/content/dns/zz_gen_acme-dns.md | 46 + docs/content/dns/zz_gen_alidns.md | 54 + docs/content/dns/zz_gen_auroradns.md | 54 + docs/content/dns/zz_gen_azure.md | 58 + docs/content/dns/zz_gen_bluecat.md | 53 + docs/content/dns/zz_gen_cloudflare.md | 58 + docs/content/dns/zz_gen_cloudns.md | 53 + docs/content/dns/zz_gen_cloudxns.md | 53 + docs/content/dns/zz_gen_conoha.md | 55 + docs/content/dns/zz_gen_designate.md | 56 + docs/content/dns/zz_gen_digitalocean.md | 52 + docs/content/dns/zz_gen_dnsimple.md | 53 + docs/content/dns/zz_gen_dnsmadeeasy.md | 54 + docs/content/dns/zz_gen_dnspod.md | 53 + docs/content/dns/zz_gen_dreamhost.md | 52 + docs/content/dns/zz_gen_duckdns.md | 53 + docs/content/dns/zz_gen_dyn.md | 54 + docs/content/dns/zz_gen_exec.md | 133 ++ docs/content/dns/zz_gen_exoscale.md | 55 + docs/content/dns/zz_gen_fastdns.md | 55 + docs/content/dns/zz_gen_gandi.md | 52 + docs/content/dns/zz_gen_gandiv5.md | 52 + docs/content/dns/zz_gen_gcloud.md | 55 + docs/content/dns/zz_gen_glesys.md | 53 + docs/content/dns/zz_gen_godaddy.md | 54 + docs/content/dns/zz_gen_hostingde.md | 53 + docs/content/dns/zz_gen_httpreq.md | 91 ++ docs/content/dns/zz_gen_iij.md | 54 + docs/content/dns/zz_gen_inwx.md | 54 + docs/content/dns/zz_gen_lightsail.md | 53 + docs/content/dns/zz_gen_linode.md | 52 + docs/content/dns/zz_gen_linodev4.md | 52 + docs/content/dns/zz_gen_mydnsjp.md | 53 + docs/content/dns/zz_gen_namecheap.md | 53 + docs/content/dns/zz_gen_namedotcom.md | 54 + docs/content/dns/zz_gen_netcup.md | 54 + docs/content/dns/zz_gen_nifcloud.md | 53 + docs/content/dns/zz_gen_ns1.md | 53 + docs/content/dns/zz_gen_oraclecloud.md | 67 + docs/content/dns/zz_gen_otc.md | 56 + docs/content/dns/zz_gen_ovh.md | 56 + docs/content/dns/zz_gen_pdns.md | 60 + docs/content/dns/zz_gen_rackspace.md | 53 + docs/content/dns/zz_gen_rfc2136.md | 56 + docs/content/dns/zz_gen_route53.md | 98 ++ docs/content/dns/zz_gen_sakuracloud.md | 53 + docs/content/dns/zz_gen_selectel.md | 53 + docs/content/dns/zz_gen_stackpath.md | 53 + docs/content/dns/zz_gen_transip.md | 53 + docs/content/dns/zz_gen_vegadns.md | 54 + docs/content/dns/zz_gen_vscale.md | 53 + docs/content/dns/zz_gen_vultr.md | 53 + docs/content/dns/zz_gen_zoneee.md | 54 + docs/content/installation/_index.md | 35 + docs/content/usage/_index.md | 8 + docs/content/usage/cli/_index.md | 94 ++ docs/content/usage/cli/examples.md | 48 + .../library/Writing-a-Challenge-Solver.md | 103 ++ docs/content/usage/library/_index.md | 115 ++ docs/layouts/partials/logo.html | 1 + docs/static/images/logo-white.png | Bin 0 -> 15331 bytes docs/static/images/logo.png | Bin 0 -> 9997 bytes internal/dnsdocs/dns.go.tmpl | 53 + internal/dnsdocs/dns.md.tmpl | 73 ++ internal/dnsdocs/generator.go | 136 ++ providers/dns/acmedns/acmedns.toml | 15 + providers/dns/alidns/alidns.toml | 20 + providers/dns/auroradns/auroradns.toml | 20 + providers/dns/azure/azure.toml | 24 + providers/dns/bluecat/bluecat.toml | 19 + providers/dns/cloudflare/cloudflare.toml | 24 + providers/dns/cloudns/cloudns.toml | 19 + providers/dns/cloudxns/cloudxns.toml | 19 + providers/dns/conoha/conoha.toml | 21 + providers/dns/designate/designate.toml | 22 + providers/dns/digitalocean/digitalocean.toml | 18 + providers/dns/dnsimple/dnsimple.toml | 19 + providers/dns/dnsmadeeasy/dnsmadeeasy.toml | 20 + providers/dns/dnspod/dnspod.toml | 19 + providers/dns/dreamhost/dreamhost.toml | 18 + providers/dns/duckdns/duckdns.toml | 19 + providers/dns/dyn/dyn.toml | 20 + providers/dns/exec/{readme.md => exec.toml} | 42 +- providers/dns/exoscale/exoscale.toml | 21 + providers/dns/fastdns/fastdns.toml | 23 + providers/dns/gandi/gandi.toml | 18 + providers/dns/gandiv5/gandiv5.toml | 18 + providers/dns/gcloud/gcloud.toml | 21 + providers/dns/glesys/glesys.go | 2 - providers/dns/glesys/glesys.toml | 19 + providers/dns/godaddy/godaddy.toml | 18 + providers/dns/hostingde/hostingde.toml | 19 + providers/dns/httpreq/httpreq.toml | 60 + providers/dns/httpreq/readme.md | 33 - providers/dns/iij/iij.toml | 20 + providers/dns/inwx/inwx.toml | 20 + providers/dns/lightsail/lightsail.toml | 18 + providers/dns/linode/linode.toml | 18 + providers/dns/linodev4/linodev4.toml | 18 + providers/dns/mydnsjp/mydnsjp.toml | 19 + providers/dns/namecheap/namecheap.toml | 19 + providers/dns/namedotcom/namedotcom.toml | 21 + providers/dns/netcup/netcup.toml | 20 + providers/dns/nifcloud/nifcloud.toml | 19 + providers/dns/ns1/ns1.toml | 19 + providers/dns/oraclecloud/README.md | 48 - providers/dns/oraclecloud/oraclecloud.toml | 34 + providers/dns/otc/otc.toml | 23 + providers/dns/ovh/ovh.toml | 22 + providers/dns/pdns/{README.md => pdns.toml} | 24 +- providers/dns/rackspace/rackspace.toml | 19 + providers/dns/rfc2136/rfc2136.go | 2 +- providers/dns/rfc2136/rfc2136.toml | 22 + providers/dns/route53/route53.toml | 67 + providers/dns/sakuracloud/sakuracloud.toml | 19 + providers/dns/selectel/selectel.toml | 19 + providers/dns/stackpath/stackpath.toml | 19 + providers/dns/transip/transip.toml | 20 + providers/dns/vegadns/vegadns.toml | 21 + providers/dns/vscale/vscale.toml | 19 + providers/dns/vultr/vultr.toml | 19 + providers/dns/zoneee/zoneee.toml | 20 + vendor/github.com/BurntSushi/toml/COPYING | 21 + .../toml/cmd/toml-test-decoder/COPYING | 21 + .../toml/cmd/toml-test-encoder/COPYING | 21 + .../BurntSushi/toml/cmd/tomlv/COPYING | 21 + vendor/github.com/BurntSushi/toml/decode.go | 509 ++++++++ .../github.com/BurntSushi/toml/decode_meta.go | 121 ++ vendor/github.com/BurntSushi/toml/doc.go | 27 + vendor/github.com/BurntSushi/toml/encode.go | 568 ++++++++ .../BurntSushi/toml/encoding_types.go | 19 + .../BurntSushi/toml/encoding_types_1.1.go | 18 + vendor/github.com/BurntSushi/toml/lex.go | 953 ++++++++++++++ vendor/github.com/BurntSushi/toml/parse.go | 592 +++++++++ .../github.com/BurntSushi/toml/type_check.go | 91 ++ .../github.com/BurntSushi/toml/type_fields.go | 242 ++++ 152 files changed, 9528 insertions(+), 572 deletions(-) create mode 100644 cmd/zz_gen_cmd_dnshelp.go create mode 100644 docs/.gitignore create mode 100644 docs/Makefile create mode 100644 docs/archetypes/default.md create mode 100644 docs/config.toml create mode 100644 docs/content/_index.md create mode 100644 docs/content/dns/_index.md create mode 100644 docs/content/dns/manual.md create mode 100644 docs/content/dns/zz_gen_acme-dns.md create mode 100644 docs/content/dns/zz_gen_alidns.md create mode 100644 docs/content/dns/zz_gen_auroradns.md create mode 100644 docs/content/dns/zz_gen_azure.md create mode 100644 docs/content/dns/zz_gen_bluecat.md create mode 100644 docs/content/dns/zz_gen_cloudflare.md create mode 100644 docs/content/dns/zz_gen_cloudns.md create mode 100644 docs/content/dns/zz_gen_cloudxns.md create mode 100644 docs/content/dns/zz_gen_conoha.md create mode 100644 docs/content/dns/zz_gen_designate.md create mode 100644 docs/content/dns/zz_gen_digitalocean.md create mode 100644 docs/content/dns/zz_gen_dnsimple.md create mode 100644 docs/content/dns/zz_gen_dnsmadeeasy.md create mode 100644 docs/content/dns/zz_gen_dnspod.md create mode 100644 docs/content/dns/zz_gen_dreamhost.md create mode 100644 docs/content/dns/zz_gen_duckdns.md create mode 100644 docs/content/dns/zz_gen_dyn.md create mode 100644 docs/content/dns/zz_gen_exec.md create mode 100644 docs/content/dns/zz_gen_exoscale.md create mode 100644 docs/content/dns/zz_gen_fastdns.md create mode 100644 docs/content/dns/zz_gen_gandi.md create mode 100644 docs/content/dns/zz_gen_gandiv5.md create mode 100644 docs/content/dns/zz_gen_gcloud.md create mode 100644 docs/content/dns/zz_gen_glesys.md create mode 100644 docs/content/dns/zz_gen_godaddy.md create mode 100644 docs/content/dns/zz_gen_hostingde.md create mode 100644 docs/content/dns/zz_gen_httpreq.md create mode 100644 docs/content/dns/zz_gen_iij.md create mode 100644 docs/content/dns/zz_gen_inwx.md create mode 100644 docs/content/dns/zz_gen_lightsail.md create mode 100644 docs/content/dns/zz_gen_linode.md create mode 100644 docs/content/dns/zz_gen_linodev4.md create mode 100644 docs/content/dns/zz_gen_mydnsjp.md create mode 100644 docs/content/dns/zz_gen_namecheap.md create mode 100644 docs/content/dns/zz_gen_namedotcom.md create mode 100644 docs/content/dns/zz_gen_netcup.md create mode 100644 docs/content/dns/zz_gen_nifcloud.md create mode 100644 docs/content/dns/zz_gen_ns1.md create mode 100644 docs/content/dns/zz_gen_oraclecloud.md create mode 100644 docs/content/dns/zz_gen_otc.md create mode 100644 docs/content/dns/zz_gen_ovh.md create mode 100644 docs/content/dns/zz_gen_pdns.md create mode 100644 docs/content/dns/zz_gen_rackspace.md create mode 100644 docs/content/dns/zz_gen_rfc2136.md create mode 100644 docs/content/dns/zz_gen_route53.md create mode 100644 docs/content/dns/zz_gen_sakuracloud.md create mode 100644 docs/content/dns/zz_gen_selectel.md create mode 100644 docs/content/dns/zz_gen_stackpath.md create mode 100644 docs/content/dns/zz_gen_transip.md create mode 100644 docs/content/dns/zz_gen_vegadns.md create mode 100644 docs/content/dns/zz_gen_vscale.md create mode 100644 docs/content/dns/zz_gen_vultr.md create mode 100644 docs/content/dns/zz_gen_zoneee.md create mode 100644 docs/content/installation/_index.md create mode 100644 docs/content/usage/_index.md create mode 100644 docs/content/usage/cli/_index.md create mode 100644 docs/content/usage/cli/examples.md create mode 100644 docs/content/usage/library/Writing-a-Challenge-Solver.md create mode 100644 docs/content/usage/library/_index.md create mode 100644 docs/layouts/partials/logo.html create mode 100644 docs/static/images/logo-white.png create mode 100644 docs/static/images/logo.png create mode 100644 internal/dnsdocs/dns.go.tmpl create mode 100644 internal/dnsdocs/dns.md.tmpl create mode 100644 internal/dnsdocs/generator.go create mode 100644 providers/dns/acmedns/acmedns.toml create mode 100644 providers/dns/alidns/alidns.toml create mode 100644 providers/dns/auroradns/auroradns.toml create mode 100644 providers/dns/azure/azure.toml create mode 100644 providers/dns/bluecat/bluecat.toml create mode 100644 providers/dns/cloudflare/cloudflare.toml create mode 100644 providers/dns/cloudns/cloudns.toml create mode 100644 providers/dns/cloudxns/cloudxns.toml create mode 100644 providers/dns/conoha/conoha.toml create mode 100644 providers/dns/designate/designate.toml create mode 100644 providers/dns/digitalocean/digitalocean.toml create mode 100644 providers/dns/dnsimple/dnsimple.toml create mode 100644 providers/dns/dnsmadeeasy/dnsmadeeasy.toml create mode 100644 providers/dns/dnspod/dnspod.toml create mode 100644 providers/dns/dreamhost/dreamhost.toml create mode 100644 providers/dns/duckdns/duckdns.toml create mode 100644 providers/dns/dyn/dyn.toml rename providers/dns/exec/{readme.md => exec.toml} (78%) create mode 100644 providers/dns/exoscale/exoscale.toml create mode 100644 providers/dns/fastdns/fastdns.toml create mode 100644 providers/dns/gandi/gandi.toml create mode 100644 providers/dns/gandiv5/gandiv5.toml create mode 100644 providers/dns/gcloud/gcloud.toml create mode 100644 providers/dns/glesys/glesys.toml create mode 100644 providers/dns/godaddy/godaddy.toml create mode 100644 providers/dns/hostingde/hostingde.toml create mode 100644 providers/dns/httpreq/httpreq.toml delete mode 100644 providers/dns/httpreq/readme.md create mode 100644 providers/dns/iij/iij.toml create mode 100644 providers/dns/inwx/inwx.toml create mode 100644 providers/dns/lightsail/lightsail.toml create mode 100644 providers/dns/linode/linode.toml create mode 100644 providers/dns/linodev4/linodev4.toml create mode 100644 providers/dns/mydnsjp/mydnsjp.toml create mode 100644 providers/dns/namecheap/namecheap.toml create mode 100644 providers/dns/namedotcom/namedotcom.toml create mode 100644 providers/dns/netcup/netcup.toml create mode 100644 providers/dns/nifcloud/nifcloud.toml create mode 100644 providers/dns/ns1/ns1.toml delete mode 100644 providers/dns/oraclecloud/README.md create mode 100644 providers/dns/oraclecloud/oraclecloud.toml create mode 100644 providers/dns/otc/otc.toml create mode 100644 providers/dns/ovh/ovh.toml rename providers/dns/pdns/{README.md => pdns.toml} (51%) create mode 100644 providers/dns/rackspace/rackspace.toml create mode 100644 providers/dns/rfc2136/rfc2136.toml create mode 100644 providers/dns/route53/route53.toml create mode 100644 providers/dns/sakuracloud/sakuracloud.toml create mode 100644 providers/dns/selectel/selectel.toml create mode 100644 providers/dns/stackpath/stackpath.toml create mode 100644 providers/dns/transip/transip.toml create mode 100644 providers/dns/vegadns/vegadns.toml create mode 100644 providers/dns/vscale/vscale.toml create mode 100644 providers/dns/vultr/vultr.toml create mode 100644 providers/dns/zoneee/zoneee.toml create mode 100644 vendor/github.com/BurntSushi/toml/COPYING create mode 100644 vendor/github.com/BurntSushi/toml/cmd/toml-test-decoder/COPYING create mode 100644 vendor/github.com/BurntSushi/toml/cmd/toml-test-encoder/COPYING create mode 100644 vendor/github.com/BurntSushi/toml/cmd/tomlv/COPYING create mode 100644 vendor/github.com/BurntSushi/toml/decode.go create mode 100644 vendor/github.com/BurntSushi/toml/decode_meta.go create mode 100644 vendor/github.com/BurntSushi/toml/doc.go create mode 100644 vendor/github.com/BurntSushi/toml/encode.go create mode 100644 vendor/github.com/BurntSushi/toml/encoding_types.go create mode 100644 vendor/github.com/BurntSushi/toml/encoding_types_1.1.go create mode 100644 vendor/github.com/BurntSushi/toml/lex.go create mode 100644 vendor/github.com/BurntSushi/toml/parse.go create mode 100644 vendor/github.com/BurntSushi/toml/type_check.go create mode 100644 vendor/github.com/BurntSushi/toml/type_fields.go diff --git a/.dockerignore b/.dockerignore index ae055285..e27fb10a 100644 --- a/.dockerignore +++ b/.dockerignore @@ -5,3 +5,4 @@ lego.exe .vscode/ dist/ builds/ +docs/ diff --git a/.travis.yml b/.travis.yml index 69e3fbd6..5cc08977 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,12 +1,14 @@ language: go go: - - 1.10.x + - 1.12.x - 1.x services: - memcached +go_import_path: github.com/xenolf/lego + addons: hosts: # for e2e tests @@ -33,6 +35,10 @@ before_install: - curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | bash -s -- -b $GOPATH/bin v1.15.0 - golangci-lint --version + # Hugo - documentation + - wget -O /tmp/hugo.deb https://github.com/gohugoio/hugo/releases/download/v0.54.0/hugo_0.54.0_Linux-64bit.deb + - sudo dpkg -i /tmp/hugo.deb + install: - echo "TRAVIS_GO_VERSION=$TRAVIS_GO_VERSION" - dep status -v @@ -40,6 +46,13 @@ install: after_success: - make clean +before_deploy: + - > + if ! [ "$BEFORE_DEPLOY_RUN" ]; then + export BEFORE_DEPLOY_RUN=1; + make docs-build + fi + deploy: - provider: script skip_cleanup: true @@ -57,3 +70,11 @@ deploy: on: tags: true condition: $TRAVIS_GO_VERSION =~ ^1\.x$ + + - provider: pages + local_dir: docs/public + skip_cleanup: true + github_token: ${GITHUB_TOKEN} + on: + tags: true + condition: $TRAVIS_GO_VERSION =~ ^1\.x$ diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 8a4afbd5..0f2ef95f 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -73,62 +73,3 @@ git push -u origin my-feature ## create a pull request on Github ## ``` - - -## DNS Providers: API references - -| DNS provider | Code | Documentation | Go client | -|---------------------------|----------------|--------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------| -| Acme DNS | `acmedns` | [documentation](https://github.com/joohoi/acme-dns#api) | [Go client](https://github.com/cpu/goacmedns) | -| Alibaba Cloud | `alidns` | [documentation](https://www.alibabacloud.com/help/doc-detail/42875.htm) | [Go client](https://github.com/aliyun/alibaba-cloud-sdk-go) | -| Aurora DNS | `auroradns` | [documentation](https://libcloud.readthedocs.io/en/latest/dns/drivers/auroradns.html#api-docs) | [Go client](https://github.com/nrdcg/auroradns) | -| Azure | `azure` | [documentation](https://docs.microsoft.com/en-us/go/azure/) | [Go client](https://github.com/Azure/azure-sdk-for-go) | -| Bluecat | `bluecat` | ? | - | -| Cloudflare | `cloudflare` | [documentation](https://api.cloudflare.com/) | [Go client](https://github.com/cloudflare/cloudflare-go) | -| ClouDNS | `cloudns` | [documentation](https://www.cloudns.net/wiki/article/42/) | - | -| CloudXNS | `cloudxns` | [documentation](https://www.cloudxns.net/Public/Doc/CloudXNS_api2.0_doc_zh-cn.zip) | - | -| ConoHa | `conoha` | [documentation](https://www.conoha.jp/docs/) | - | -| Openstack Designate | `designate` | [documentation](https://docs.openstack.org/designate/latest/) | [Go client](https://godoc.org/github.com/gophercloud/gophercloud/openstack/dns/v2) | -| Digital Ocean | `digitalocean` | [documentation](https://developers.digitalocean.com/documentation/v2/#domain-records) | - | -| DNSimple | `dnsimple` | [documentation](https://developer.dnsimple.com/v2/) | [Go client](https://github.com/dnsimple/dnsimple-go) | -| DNS Made Easy | `dnsmadeeasy` | [documentation](https://api-docs.dnsmadeeasy.com/) | - | -| DNSPod | `dnspod` | [documentation](https://www.dnspod.cn/docs/index.html) | [Go client](https://github.com/decker502/dnspod-go) | -| DreamHost | `dreamhost` | [documentation](https://help.dreamhost.com/hc/en-us/articles/217560167-API_overview) | - | -| Duck DNS | `duckdns` | [documentation](https://www.duckdns.org/spec.jsp) | - | -| Dyn | `dyn` | [documentation](https://help.dyn.com/rest/) | - | -| exec | `exec` | - | - | -| Exoscale | `exoscale` | [documentation](https://community.exoscale.com/documentation/dns/api/) | [Go client](https://github.com/exoscale/egoscale) | -| FastDNS | `fastdns` | [documentation](https://developer.akamai.com/api/web_performance/fast_dns_record_management/v1.html) | [Go client](https://github.com/akamai/AkamaiOPEN-edgegrid-golang) | -| Gandi | `gandi` | [documentation](http://doc.rpc.gandi.net/index.html) | - | -| Gandi v5 | `gandiv5` | [documentation](http://doc.livedns.gandi.net) | - | -| Google Cloud | `gcloud` | ? | [Go client](https://github.com/googleapis/google-api-go-client) | -| Glesys | `glesys` | [documentation](https://github.com/GleSYS/API/wiki/API-Documentation) | - | -| Go Daddy | `godaddy` | [documentation](https://developer.godaddy.com/doc/endpoint/domains) | - | -| hosting.de | `hostingde` | [documentation](https://www.hosting.de/api/#dns) | - | -| Internet Initiative Japan | `iij` | [documentation](http://manual.iij.jp/p2/pubapi/) | [Go client](https://github.com/iij/doapi) | -| INWX | `inwx` | [documentation](https://www.inwx.de/en/help/apidoc) | [Go client](https://github.com/nrdcg/goinwx) | -| Lightsail | `lightsail` | ? | [Go client](https://github.com/aws/aws-sdk-go/aws) | -| Linode (deprecated) | `linode` | [documentation](https://www.linode.com/api/dns) | [Go client](https://github.com/timewasted/linode) | -| Linodev4 | `linodev4` | [documentation](https://developers.linode.com/api/v4) | [Go client](https://github.com/linode/linodego) | -| Namecheap | `namecheap` | [documentation](https://www.namecheap.com/support/api/methods.aspx) | - | -| Name.com | `namedotcom` | [documentation](https://www.name.com/api-docs/DNS) | [Go client](https://github.com/namedotcom/go) | -| manual | `manual` | - | - | -| MyDNS.jp | `mydnsjp` | [documentation](https://www.mydns.jp/?MENU=030) | - | -| Netcup | `netcup` | [documentation](https://www.netcup-wiki.de/wiki/DNS_API) | - | -| NIFCloud | `nifcloud` | [documentation](https://mbaas.nifcloud.com/doc/current/rest/common/format.html) | - | -| NS1 | `ns1` | [documentation](https://ns1.com/api) | [Go client](https://github.com/ns1/ns1-go) | -| Open Telekom Cloud | `otc` | [documentation](https://docs.otc.t-systems.com/en-us/dns/index.html) | - | -| Oracle Cloud | `oraclecloud` | [documentation](https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnszonemanagement.htm) | [Go Client](https://github.com/oracle/oci-go-sdk) | -| OVH | `ovh` | [documentation](https://eu.api.ovh.com/) | [Go client](https://github.com/ovh/go-ovh) | -| PowerDNS | `pdns` | [documentation](https://doc.powerdns.com/md/httpapi/README/) | - | -| Rackspace | `rackspace` | [documentation](https://developer.rackspace.com/docs/cloud-dns/v1/) | - | -| RFC2136 | `rfc2136` | [documentation](https://tools.ietf.org/html/rfc2136) | - | -| Route 53 | `route53` | [documentation](https://docs.aws.amazon.com/Route53/latest/APIReference/API_Operations_Amazon_Route_53.html) | [Go client](https://github.com/aws/aws-sdk-go/aws) | -| Sakura Cloud | `sakuracloud` | [documentation](https://developer.sakura.ad.jp/cloud/api/1.1/) | [Go client](https://github.com/sacloud/libsacloud) | -| Selectel | `selectel` | [documentation](https://kb.selectel.com/23136054.html) | - | -| Stackpath | `stackpath` | [documentation](https://developer.stackpath.com/en/api/dns/#tag/Zone) | - | -| TransIP | `transip` | [documentation](https://api.transip.nl/docs/transip.nl/package-Transip.html) | [Go client](https://github.com/transip/gotransip) | -| VegaDNS | `vegadns` | [documentation](https://github.com/shupp/VegaDNS-API) | [Go client](https://github.com/OpenDNS/vegadns2client) | -| Vultr | `vultr` | [documentation](https://www.vultr.com/api/#dns) | [Go client](https://github.com/JamesClonk/vultr) | -| Vscale | `vscale` | [documentation](https://developers.vscale.io/documentation/api/v1/#api-Domains_Records) | - | -| Zone.ee | `zone` | [documentation](https://api.zone.eu/v2) | - | diff --git a/Dockerfile b/Dockerfile index cb942944..ed36091f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:alpine3.8 as builder +FROM golang:alpine3.9 as builder RUN apk --update upgrade \ && apk --no-cache --no-progress add make git \ @@ -8,7 +8,7 @@ WORKDIR /go/src/github.com/xenolf/lego COPY . . RUN make build -FROM alpine:3.8 +FROM alpine:3.9 RUN apk update && apk add --no-cache --virtual ca-certificates COPY --from=builder /go/src/github.com/xenolf/lego/dist/lego /usr/bin/lego ENTRYPOINT [ "/usr/bin/lego" ] diff --git a/Gopkg.lock b/Gopkg.lock index ba372228..3e3a84d7 100644 --- a/Gopkg.lock +++ b/Gopkg.lock @@ -38,6 +38,14 @@ revision = "39013ecb48eaf6ced3f4e3e1d95515140ce6b3cf" version = "v10.15.2" +[[projects]] + digest = "1:5d72bbcc9c8667b11c3dc3cbe681c5a6f71e5096744c0bf7726ab5c6425d5dc4" + name = "github.com/BurntSushi/toml" + packages = ["."] + pruneopts = "NUT" + revision = "3012a1dbe2e4bd1391d42b32f0577cb7bbc7f005" + version = "v0.3.1" + [[projects]] digest = "1:ed3fc9992df610d07c85c24e0b792268cc1ce226dd9bf8cb2e6ad9a377b35415" name = "github.com/JamesClonk/vultr" @@ -671,6 +679,7 @@ "github.com/Azure/go-autorest/autorest/azure", "github.com/Azure/go-autorest/autorest/azure/auth", "github.com/Azure/go-autorest/autorest/to", + "github.com/BurntSushi/toml", "github.com/JamesClonk/vultr/lib", "github.com/OpenDNS/vegadns2client", "github.com/akamai/AkamaiOPEN-edgegrid-golang/configdns-v1", diff --git a/Makefile b/Makefile index b6ba5c36..88e25a1b 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -.PHONY: clean checks test build image dependencies +.PHONY: clean checks test build image dependencies e2e fmt SRCS = $(shell git ls-files '*.go' | grep -v '^vendor/') @@ -10,7 +10,7 @@ TAG_NAME := $(shell git tag -l --contains HEAD) SHA := $(shell git rev-parse HEAD) VERSION := $(if $(TAG_NAME),$(TAG_NAME),$(SHA)) -default: clean checks test build +default: clean generate-dns checks test build clean: rm -rf dist/ builds/ cover.out @@ -39,6 +39,7 @@ fmt: gofmt -s -l -w $(SRCS) # Release helper +.PHONY: patch minor major detach patch: go run internal/release.go release -m patch @@ -51,3 +52,21 @@ major: detach: go run internal/release.go detach + +# Docs +.PHONY: docs-build docs-serve docs-themes + +docs-build: generate-dns + @make -C ./docs hugo-build + +docs-serve: generate-dns + @make -C ./docs hugo + +docs-themes: + @make -C ./docs hugo-themes + +# Generate DNS +.PHONY: generate-dns + +generate-dns: + go generate ./... diff --git a/README.md b/README.md index fe7a7646..9a2551d7 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # lego -Let's Encrypt client and ACME library written in Go +Let's Encrypt client and ACME library written in Go. [![GoDoc](https://godoc.org/github.com/xenolf/lego?status.svg)](https://godoc.org/github.com/xenolf/lego/acme) [![Build Status](https://travis-ci.org/xenolf/lego.svg?branch=master)](https://travis-ci.org/xenolf/lego) @@ -8,37 +8,6 @@ Let's Encrypt client and ACME library written in Go [![Dev Chat](https://img.shields.io/badge/dev%20chat-gitter-blue.svg?label=dev+chat)](https://gitter.im/xenolf/lego) [![Beerpay](https://beerpay.io/xenolf/lego/badge.svg)](https://beerpay.io/xenolf/lego) -## Installation - -### Binaries - -To get the binary just download the latest release for your OS/Arch from [the release page](https://github.com/xenolf/lego/releases) and put the binary somewhere convenient. -lego does not assume anything about the location you run it from. - -### From Docker - -```bash -docker run xenolf/lego -h -``` - -### From package managers - -- [ArchLinux (AUR)](https://aur.archlinux.org/packages/lego): - -```bash -yay -S lego -``` - -**Note**: only the package manager for Arch Linux is officially supported by the lego team. - -### From sources - -To install from sources, just run: - -```bash -go get -u github.com/xenolf/lego/cmd/lego -``` - ## Features - Register with CA @@ -55,266 +24,38 @@ go get -u github.com/xenolf/lego/cmd/lego - Certificate bundling - OCSP helper function -Please keep in mind that CLI switches and APIs are still subject to change. +lego introduced support for ACME v2 in [v1.0.0](https://github.com/xenolf/lego/releases/tag/v1.0.0). If you still need to utilize ACME v1, you can do so by using the [v0.5.0](https://github.com/xenolf/lego/releases/tag/v0.5.0) version. -When using the standard `--path` option, all certificates and account configurations are saved to a folder `.lego` in the current working directory. +## Installation + +How to [install](https://xenolf.github.io/lego/installation/). ## Usage -```text -NAME: - lego - Let's Encrypt client written in Go +- as a [CLI](https://xenolf.github.io/lego/usage/cli) +- as a [library](https://xenolf.github.io/lego/usage/lib) -USAGE: - lego [global options] command [command options] [arguments...] +## Documentation -COMMANDS: - run Register an account, then create and install a certificate - revoke Revoke a certificate - renew Renew a certificate - dnshelp Shows additional help for the --dns global option - list Display certificates and accounts information. - help, h Shows a list of commands or help for one command +Documentation is hosted live at https://xenolf.github.io/lego/. -GLOBAL OPTIONS: - --domains value, -d value Add a domain to the process. Can be specified multiple times. - --server value, -s value CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client. (default: "https://acme-v02.api.letsencrypt.org/directory") - --accept-tos, -a By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service. - --email value, -m value Email used for registration and recovery contact. - --csr value, -c value Certificate signing request filename, if an external CSR is to be used. - --eab Use External Account Binding for account registration. Requires --kid and --hmac. - --kid value Key identifier from External CA. Used for External Account Binding. - --hmac value MAC key from External CA. Should be in Base64 URL Encoding without padding format. Used for External Account Binding. - --key-type value, -k value Key type to use for private keys. Supported: rsa2048, rsa4096, rsa8192, ec256, ec384. (default: "rsa2048") - --filename value (deprecated) Filename of the generated certificate. - --path value Directory to use for storing the data. (default: "./.lego") - --http Use the HTTP challenge to solve challenges. Can be mixed with other types of challenges. - --http.port value Set the port and interface to use for HTTP based challenges to listen on.Supported: interface:port or :port. (default: ":80") - --http.webroot value Set the webroot folder to use for HTTP based challenges to write directly in a file in .well-known/acme-challenge. - --http.memcached-host value Set the memcached host(s) to use for HTTP based challenges. Challenges will be written to all specified hosts. - --tls Use the TLS challenge to solve challenges. Can be mixed with other types of challenges. - --tls.port value Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port. (default: ":443") - --dns value Solve a DNS challenge using the specified provider. Can be mixed with other types of challenges. Run 'lego dnshelp' for help on usage. - --dns.disable-cp By setting this flag to true, disables the need to wait the propagation of the TXT record to all authoritative name servers. - --dns.resolvers value Set the resolvers to use for performing recursive DNS queries. Supported: host:port. The default is to use the system resolvers, or Google's DNS resolvers if the system's cannot be determined. - --http-timeout value Set the HTTP timeout value to a specific value in seconds. (default: 0) - --dns-timeout value Set the DNS timeout value to a specific value in seconds. Used only when performing authoritative name servers queries. (default: 10) - --pem Generate a .pem file by concatenating the .key and .crt files together. - --cert.timeout value Set the certificate timeout value to a specific value in seconds. Only used when obtaining certificates. (default: 30) - --help, -h show help - --version, -v print the version -``` +## DNS providers -### Sudo +Detailed documentation is available [here](https://xenolf.github.io/lego/dns). -The CLI does not require root permissions but needs to bind to port 80 and 443 for certain challenges. -To run the CLI without sudo, you have four options: - -- Use setcap 'cap_net_bind_service=+ep' /path/to/program -- Pass the `--http.port` or/and the `--tls.port` option and specify a custom port to bind to. In this case you have to forward port 80/443 to these custom ports (see [Port Usage](#port-usage)). -- Pass the `--http.webroot` option and specify the path to your webroot folder. In this case the challenge will be written in a file in `.well-known/acme-challenge/` inside your webroot. -- Pass the `--dns` option and specify a DNS provider. - -### Port Usage - -By default lego assumes it is able to bind to ports 80 and 443 to solve challenges. -If this is not possible in your environment, you can use the `--http.port` and `--tls.port` options to instruct -lego to listen on that interface:port for any incoming challenges. - -If you are using this option, make sure you proxy all of the following traffic to these ports. - -HTTP Port: - -- All plaintext HTTP requests to port 80 which begin with a request path of `/.well-known/acme-challenge/` for the HTTP challenge. - -TLS Port: - -- All TLS handshakes on port 443 for the TLS-ALPN challenge. - -This traffic redirection is only needed as long as lego solves challenges. As soon as you have received your certificates you can deactivate the forwarding. - -### CLI Example - -Assumes the `lego` binary has permission to bind to ports 80 and 443. -You can get a pre-built binary from the [releases](https://github.com/xenolf/lego/releases) page. -If your environment does not allow you to bind to these ports, please read [Port Usage](#port-usage). - -Obtain a certificate: - -```bash -lego --email="foo@bar.com" --domains="example.com" --http run -``` - -(Find your certificate in the `.lego` folder of current working directory.) - -To renew the certificate: - -```bash -lego --email="foo@bar.com" --domains="example.com" --http renew -``` - -To renew the certificate only if it expires within 30 days - -```bash -lego --email="foo@bar.com" --domains="example.com" --http renew --days 30 -``` - -Obtain a certificate using the DNS challenge and AWS Route 53: - -```bash -AWS_REGION=us-east-1 AWS_ACCESS_KEY_ID=my_id AWS_SECRET_ACCESS_KEY=my_key lego --email="foo@bar.com" --domains="example.com" --dns="route53" run -``` - -Obtain a certificate given a certificate signing request (CSR) generated by something else: - -```bash -lego --email="foo@bar.com" --http --csr=/path/to/csr.pem run -``` - -(lego will infer the domains to be validated based on the contents of the CSR, so make sure the CSR's Common Name and optional SubjectAltNames are set correctly.) - -lego defaults to communicating with the production Let's Encrypt ACME server. -If you'd like to test something without issuing real certificates, consider using the staging endpoint instead: - -```bash -lego --server=https://acme-staging-v02.api.letsencrypt.org/directory … -``` - -## ACME Library Usage - -A valid, but bare-bones example use of the acme package: - -```go -package main - -import ( - "crypto" - "crypto/ecdsa" - "crypto/elliptic" - "crypto/rand" - "fmt" - "log" - - "github.com/xenolf/lego/certcrypto" - "github.com/xenolf/lego/certificate" - "github.com/xenolf/lego/challenge/http01" - "github.com/xenolf/lego/challenge/tlsalpn01" - "github.com/xenolf/lego/lego" - "github.com/xenolf/lego/registration" -) - -// You'll need a user or account type that implements acme.User -type MyUser struct { - Email string - Registration *registration.Resource - key crypto.PrivateKey -} - -func (u *MyUser) GetEmail() string { - return u.Email -} -func (u MyUser) GetRegistration() *registration.Resource { - return u.Registration -} -func (u *MyUser) GetPrivateKey() crypto.PrivateKey { - return u.key -} - -func main() { - - // Create a user. New accounts need an email and private key to start. - privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) - if err != nil { - log.Fatal(err) - } - - myUser := MyUser{ - Email: "you@yours.com", - key: privateKey, - } - - config := lego.NewConfig(&myUser) - - // This CA URL is configured for a local dev instance of Boulder running in Docker in a VM. - config.CADirURL = "http://192.168.99.100:4000/directory" - config.Certificate.KeyType = certcrypto.RSA2048 - - // A client facilitates communication with the CA server. - client, err := lego.NewClient(config) - if err != nil { - log.Fatal(err) - } - - // We specify an http port of 5002 and an tls port of 5001 on all interfaces - // because we aren't running as root and can't bind a listener to port 80 and 443 - // (used later when we attempt to pass challenges). Keep in mind that you still - // need to proxy challenge traffic to port 5002 and 5001. - err = client.Challenge.SetHTTP01Provider(http01.NewProviderServer("", "5002")) - if err != nil { - log.Fatal(err) - } - err = client.Challenge.SetTLSALPN01Provider(tlsalpn01.NewProviderServer("", "5001")) - if err != nil { - log.Fatal(err) - } - - // New users will need to register - reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true}) - if err != nil { - log.Fatal(err) - } - myUser.Registration = reg - - request := certificate.ObtainRequest{ - Domains: []string{"mydomain.com"}, - Bundle: true, - } - certificates, err := client.Certificate.Obtain(request) - if err != nil { - log.Fatal(err) - } - - // Each certificate comes back with the cert bytes, the bytes of the client's - // private key, and a certificate URL. SAVE THESE TO DISK. - fmt.Printf("%#v\n", certificates) - - // ... all done. -} -``` - -## DNS Challenge API Details - -### AWS Route 53 - -The following AWS IAM policy document describes the permissions required for lego to complete the DNS challenge. - -```json -{ - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "", - "Effect": "Allow", - "Action": [ - "route53:GetChange", - "route53:ChangeResourceRecordSets", - "route53:ListResourceRecordSets" - ], - "Resource": [ - "arn:aws:route53:::hostedzone/*", - "arn:aws:route53:::change/*" - ] - }, - { - "Sid": "", - "Effect": "Allow", - "Action": "route53:ListHostedZonesByName", - "Resource": "*" - } - ] -} -``` - -## ACME v1 - -lego introduced support for ACME v2 in [v1.0.0](https://github.com/xenolf/lego/releases/tag/v1.0.0), if you still need to utilize ACME v1, you can do so by using the [v0.5.0](https://github.com/xenolf/lego/releases/tag/v0.5.0) version. +| | | | | +|----------------------------------------------------------------|--------------------------------------------------------------------------------|-------------------------------------------------------------------|------------------------------------------------------------------| +| [Alibaba Cloud DNS](https://xenolf.github.io/lego/dns/alidns/) | [Amazon Lightsail](https://xenolf.github.io/lego/dns/lightsail/) | [Amazon Route 53](https://xenolf.github.io/lego/dns/route53/) | [Aurora DNS](https://xenolf.github.io/lego/dns/auroradns/) | +| [Azure](https://xenolf.github.io/lego/dns/azure/) | [Bluecat](https://xenolf.github.io/lego/dns/bluecat/) | [ClouDNS](https://xenolf.github.io/lego/dns/cloudns/) | [CloudXNS](https://xenolf.github.io/lego/dns/cloudxns/) | +| [Cloudflare](https://xenolf.github.io/lego/dns/cloudflare/) | [ConoHa](https://xenolf.github.io/lego/dns/conoha/) | [DNS Made Easy](https://xenolf.github.io/lego/dns/dnsmadeeasy/) | [DNSPod](https://xenolf.github.io/lego/dns/dnspod/) | +| [DNSimple](https://xenolf.github.io/lego/dns/dnsimple/) | [Designate DNSaaS for Openstack](https://xenolf.github.io/lego/dns/designate/) | [Digital Ocean](https://xenolf.github.io/lego/dns/digitalocean/) | [DreamHost](https://xenolf.github.io/lego/dns/dreamhost/) | +| [Duck DNS](https://xenolf.github.io/lego/dns/duckdns/) | [Dyn](https://xenolf.github.io/lego/dns/dyn/) | [Exoscale](https://xenolf.github.io/lego/dns/exoscale/) | [External program](https://xenolf.github.io/lego/dns/exec/) | +| [FastDNS](https://xenolf.github.io/lego/dns/fastdns/) | [Gandi](https://xenolf.github.io/lego/dns/gandi/) | [Gandi Live DNS (v5)](https://xenolf.github.io/lego/dns/gandiv5/) | [Glesys](https://xenolf.github.io/lego/dns/glesys/) | +| [Go Daddy](https://xenolf.github.io/lego/dns/godaddy/) | [Google Cloud](https://xenolf.github.io/lego/dns/gcloud/) | [HTTP request](https://xenolf.github.io/lego/dns/httpreq/) | [Hosting.de](https://xenolf.github.io/lego/dns/hostingde/) | +| [INWX](https://xenolf.github.io/lego/dns/inwx/) | [Internet Initiative Japan](https://xenolf.github.io/lego/dns/iij/) | [Joohoi's ACME-DNS](https://xenolf.github.io/lego/dns/acme-dns) | [Linode (deprecated)](https://xenolf.github.io/lego/dns/linode/) | +| [Linode (v4)](https://xenolf.github.io/lego/dns/linodev4/) | [Manual](https://xenolf.github.io/lego/dns/manual/) | [MyDNS.jp](https://xenolf.github.io/lego/dns/mydnsjp/) | [NIFCloud](https://xenolf.github.io/lego/dns/nifcloud/) | +| [NS1](https://xenolf.github.io/lego/dns/ns1/) | [Name.com](https://xenolf.github.io/lego/dns/namedotcom/) | [Namecheap](https://xenolf.github.io/lego/dns/namecheap/) | [Netcup](https://xenolf.github.io/lego/dns/netcup/) | +| [OVH](https://xenolf.github.io/lego/dns/ovh/) | [Open Telekom Cloud](https://xenolf.github.io/lego/dns/otc/) | [Oracle Cloud](https://xenolf.github.io/lego/dns/oraclecloud/) | [PowerDNS](https://xenolf.github.io/lego/dns/pdns/) | +| [RFC2136](https://xenolf.github.io/lego/dns/rfc2136/) | [Rackspace](https://xenolf.github.io/lego/dns/rackspace/) | [Sakura Cloud](https://xenolf.github.io/lego/dns/sakuracloud/) | [Selectel](https://xenolf.github.io/lego/dns/selectel/) | +| [Stackpath](https://xenolf.github.io/lego/dns/stackpath/) | [TransIP](https://xenolf.github.io/lego/dns/transip/) | [VegaDNS](https://xenolf.github.io/lego/dns/vegadns/) | [Vscale](https://xenolf.github.io/lego/dns/vscale/) | +| [Vultr](https://xenolf.github.io/lego/dns/vultr/) | [Zone.ee](https://xenolf.github.io/lego/dns/zoneee/) | | | diff --git a/cmd/cmd_dnshelp.go b/cmd/cmd_dnshelp.go index 99873435..8852833f 100644 --- a/cmd/cmd_dnshelp.go +++ b/cmd/cmd_dnshelp.go @@ -3,6 +3,7 @@ package cmd import ( "fmt" "os" + "strings" "text/tabwriter" "github.com/urfave/cli" @@ -11,141 +12,37 @@ import ( func createDNSHelp() cli.Command { return cli.Command{ Name: "dnshelp", - Usage: "Shows additional help for the --dns global option", + Usage: "Shows additional help for the '--dns' global option", Action: dnsHelp, + Flags: []cli.Flag{ + cli.StringFlag{ + Name: "code, c", + Usage: fmt.Sprintf("DNS code: %s", allDNSCodes()), + }, + }, } } -func dnsHelp(_ *cli.Context) error { - fmt.Printf( - `Credentials for DNS providers must be passed through environment variables. +func dnsHelp(ctx *cli.Context) error { + code := ctx.String("code") + if code == "" { + w := tabwriter.NewWriter(os.Stdout, 0, 8, 1, '\t', 0) -Here is an example bash command using the CloudFlare DNS provider: + fmt.Fprintln(w, `Credentials for DNS providers must be passed through environment variables.`) + fmt.Fprintln(w) + fmt.Fprintln(w, `To display the documentation for a DNS providers:`) + fmt.Fprintln(w) + fmt.Fprintln(w, "\t$ lego dnshelp -c code") + fmt.Fprintln(w) + fmt.Fprintln(w, "All DNS codes:") + fmt.Fprintf(w, "\t%s\n", allDNSCodes()) + fmt.Fprintln(w) + fmt.Fprintln(w, "More information: https://xenolf.github.io/lego/dns") - $ CLOUDFLARE_EMAIL=foo@bar.com \ - CLOUDFLARE_API_KEY=b9841238feb177a84330febba8a83208921177bffe733 \ - lego --dns cloudflare --domains www.example.com --email me@bar.com run + return w.Flush() + } -`) - - w := tabwriter.NewWriter(os.Stdout, 0, 8, 1, '\t', 0) - fmt.Fprintln(w, "Valid providers and their associated credential environment variables:") - fmt.Fprintln(w) - fmt.Fprintln(w, "\tacme-dns:\tACME_DNS_API_BASE, ACME_DNS_STORAGE_PATH") - fmt.Fprintln(w, "\talidns:\tALICLOUD_ACCESS_KEY, ALICLOUD_SECRET_KEY") - fmt.Fprintln(w, "\tauroradns:\tAURORA_USER_ID, AURORA_KEY, AURORA_ENDPOINT") - fmt.Fprintln(w, "\tazure:\tAZURE_CLIENT_ID, AZURE_CLIENT_SECRET, AZURE_SUBSCRIPTION_ID, AZURE_TENANT_ID, AZURE_RESOURCE_GROUP") - fmt.Fprintln(w, "\tbluecat:\tBLUECAT_SERVER_URL, BLUECAT_USER_NAME, BLUECAT_PASSWORD, BLUECAT_CONFIG_NAME, BLUECAT_DNS_VIEW") - fmt.Fprintln(w, "\tcloudflare:\tCLOUDFLARE_EMAIL, CLOUDFLARE_API_KEY") - fmt.Fprintln(w, "\tcloudns:\tCLOUDNS_AUTH_ID, CLOUDNS_AUTH_PASSWORD") - fmt.Fprintln(w, "\tcloudxns:\tCLOUDXNS_API_KEY, CLOUDXNS_SECRET_KEY") - fmt.Fprintln(w, "\tconoha:\tCONOHA_TENANT_ID, CONOHA_API_USERNAME, CONOHA_API_PASSWORD") - fmt.Fprintln(w, "\tdesignate:\tOS_AUTH_URL, OS_USERNAME, OS_PASSWORD, OS_TENANT_NAME, OS_REGION_NAME") - fmt.Fprintln(w, "\tdigitalocean:\tDO_AUTH_TOKEN") - fmt.Fprintln(w, "\tdnsimple:\tDNSIMPLE_EMAIL, DNSIMPLE_OAUTH_TOKEN") - fmt.Fprintln(w, "\tdnsmadeeasy:\tDNSMADEEASY_API_KEY, DNSMADEEASY_API_SECRET") - fmt.Fprintln(w, "\tdnspod:\tDNSPOD_API_KEY") - fmt.Fprintln(w, "\tdreamhost:\tDREAMHOST_API_KEY") - fmt.Fprintln(w, "\tduckdns:\tDUCKDNS_TOKEN") - fmt.Fprintln(w, "\tdyn:\tDYN_CUSTOMER_NAME, DYN_USER_NAME, DYN_PASSWORD") - fmt.Fprintln(w, "\texec:\tEXEC_PATH, EXEC_MODE") - fmt.Fprintln(w, "\texoscale:\tEXOSCALE_API_KEY, EXOSCALE_API_SECRET, EXOSCALE_ENDPOINT") - fmt.Fprintln(w, "\tfastdns:\tAKAMAI_HOST, AKAMAI_CLIENT_TOKEN, AKAMAI_CLIENT_SECRET, AKAMAI_ACCESS_TOKEN") - fmt.Fprintln(w, "\tgandi:\tGANDI_API_KEY") - fmt.Fprintln(w, "\tgandiv5:\tGANDIV5_API_KEY") - fmt.Fprintln(w, "\tgcloud:\tGCE_PROJECT, 'Application Default Credentials', [GCE_SERVICE_ACCOUNT_FILE], [GCE_SERVICE_ACCOUNT]") - fmt.Fprintln(w, "\tglesys:\tGLESYS_API_USER, GLESYS_API_KEY") - fmt.Fprintln(w, "\tgodaddy:\tGODADDY_API_KEY, GODADDY_API_SECRET") - fmt.Fprintln(w, "\thostingde:\tHOSTINGDE_API_KEY, HOSTINGDE_ZONE_NAME") - fmt.Fprintln(w, "\thttpreq:\tHTTPREQ_ENDPOINT, HTTPREQ_MODE, HTTPREQ_USERNAME, HTTPREQ_PASSWORD") - fmt.Fprintln(w, "\tiij:\tIIJ_API_ACCESS_KEY, IIJ_API_SECRET_KEY, IIJ_DO_SERVICE_CODE") - fmt.Fprintln(w, "\tinwx:\tINWX_USERNAME, INWX_PASSWORD") - fmt.Fprintln(w, "\tlightsail:\tAWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, DNS_ZONE") - fmt.Fprintln(w, "\tlinode:\tLINODE_API_KEY") - fmt.Fprintln(w, "\tlinodev4:\tLINODE_TOKEN") - fmt.Fprintln(w, "\tmanual:\tnone") - fmt.Fprintln(w, "\tmydnsjp:\tMYDNSJP_MASTER_ID, MYDNSJP_PASSWORD") - fmt.Fprintln(w, "\tnamecheap:\tNAMECHEAP_API_USER, NAMECHEAP_API_KEY") - fmt.Fprintln(w, "\tnamedotcom:\tNAMECOM_USERNAME, NAMECOM_API_TOKEN") - fmt.Fprintln(w, "\tnetcup:\tNETCUP_CUSTOMER_NUMBER, NETCUP_API_KEY, NETCUP_API_PASSWORD") - fmt.Fprintln(w, "\tnifcloud:\tNIFCLOUD_ACCESS_KEY_ID, NIFCLOUD_SECRET_ACCESS_KEY") - fmt.Fprintln(w, "\tns1:\tNS1_API_KEY") - fmt.Fprintln(w, "\toraclecloud:\tOCI_PRIVKEY_FILE, OCI_PRIVKEY_PASS, OCI_TENANCY_OCID, OCI_USER_OCID, OCI_PUBKEY_FINGERPRINT, OCI_REGION, OCI_COMPARTMENT_OCID") - fmt.Fprintln(w, "\totc:\tOTC_USER_NAME, OTC_PASSWORD, OTC_PROJECT_NAME, OTC_DOMAIN_NAME, OTC_IDENTITY_ENDPOINT") - fmt.Fprintln(w, "\tovh:\tOVH_ENDPOINT, OVH_APPLICATION_KEY, OVH_APPLICATION_SECRET, OVH_CONSUMER_KEY") - fmt.Fprintln(w, "\tpdns:\tPDNS_API_KEY, PDNS_API_URL") - fmt.Fprintln(w, "\trackspace:\tRACKSPACE_USER, RACKSPACE_API_KEY") - fmt.Fprintln(w, "\trfc2136:\tRFC2136_TSIG_KEY, RFC2136_TSIG_SECRET,\n\t\tRFC2136_TSIG_ALGORITHM, RFC2136_NAMESERVER") - fmt.Fprintln(w, "\troute53:\tAWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION, AWS_HOSTED_ZONE_ID") - fmt.Fprintln(w, "\tsakuracloud:\tSAKURACLOUD_ACCESS_TOKEN, SAKURACLOUD_ACCESS_TOKEN_SECRET") - fmt.Fprintln(w, "\tselectel:\tSELECTEL_API_TOKEN") - fmt.Fprintln(w, "\tstackpath:\tSTACKPATH_CLIENT_ID, STACKPATH_CLIENT_SECRET, STACKPATH_STACK_ID") - fmt.Fprintln(w, "\ttransip:\tTRANSIP_ACCOUNT_NAME, TRANSIP_PRIVATE_KEY_PATH") - fmt.Fprintln(w, "\tvegadns:\tSECRET_VEGADNS_KEY, SECRET_VEGADNS_SECRET, VEGADNS_URL") - fmt.Fprintln(w, "\tvscale:\tVSCALE_API_TOKEN") - fmt.Fprintln(w, "\tvultr:\tVULTR_API_KEY") - fmt.Fprintln(w, "\tzoneee:\tZONEEE_ENDPOINT, ZONEEE_API_USER, ZONEEE_API_KEY") - fmt.Fprintln(w) - fmt.Fprintln(w, "Additional configuration environment variables:") - fmt.Fprintln(w) - fmt.Fprintln(w, "\talidns:\tALICLOUD_POLLING_INTERVAL, ALICLOUD_PROPAGATION_TIMEOUT, ALICLOUD_TTL, ALICLOUD_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tauroradns:\tAURORA_POLLING_INTERVAL, AURORA_PROPAGATION_TIMEOUT, AURORA_TTL") - fmt.Fprintln(w, "\tazure:\tAZURE_POLLING_INTERVAL, AZURE_PROPAGATION_TIMEOUT, AZURE_TTL, AZURE_METADATA_ENDPOINT") - fmt.Fprintln(w, "\tbluecat:\tBLUECAT_POLLING_INTERVAL, BLUECAT_PROPAGATION_TIMEOUT, BLUECAT_TTL, BLUECAT_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tcloudflare:\tCLOUDFLARE_POLLING_INTERVAL, CLOUDFLARE_PROPAGATION_TIMEOUT, CLOUDFLARE_TTL, CLOUDFLARE_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tcloudns:\tCLOUDNS_POLLING_INTERVAL, CLOUDNS_PROPAGATION_TIMEOUT, CLOUDNS_TTL, CLOUDNS_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tcloudxns:\tCLOUDXNS_POLLING_INTERVAL, CLOUDXNS_PROPAGATION_TIMEOUT, CLOUDXNS_TTL, CLOUDXNS_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tconoha:\tCONOHA_POLLING_INTERVAL, CONOHA_PROPAGATION_TIMEOUT, CONOHA_TTL, CONOHA_HTTP_TIMEOUT, CONOHA_REGION") - fmt.Fprintln(w, "\tdesignate:\tDESIGNATE_POLLING_INTERVAL, DESIGNATE_PROPAGATION_TIMEOUT, DESIGNATE_TTL") - fmt.Fprintln(w, "\tdigitalocean:\tDO_POLLING_INTERVAL, DO_PROPAGATION_TIMEOUT, DO_TTL, DO_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tdnsimple:\tDNSIMPLE_TTL, DNSIMPLE_POLLING_INTERVAL, DNSIMPLE_PROPAGATION_TIMEOUT") - fmt.Fprintln(w, "\tdnsmadeeasy:\tDNSMADEEASY_POLLING_INTERVAL, DNSMADEEASY_PROPAGATION_TIMEOUT, DNSMADEEASY_TTL, DNSMADEEASY_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tdnspod:\tDNSPOD_POLLING_INTERVAL, DNSPOD_PROPAGATION_TIMEOUT, DNSPOD_TTL, DNSPOD_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tdreamhost:\tDREAMHOST_POLLING_INTERVAL, DREAMHOST_PROPAGATION_TIMEOUT, DREAMHOST_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tduckdns:\tDUCKDNS_POLLING_INTERVAL, DUCKDNS_PROPAGATION_TIMEOUT, DUCKDNS_HTTP_TIMEOUT, DUCKDNS_SEQUENCE_INTERVAL") - fmt.Fprintln(w, "\tdyn:\tDYN_POLLING_INTERVAL, DYN_PROPAGATION_TIMEOUT, DYN_TTL, DYN_HTTP_TIMEOUT") - fmt.Fprintln(w, "\texec:\tEXEC_POLLING_INTERVAL, EXEC_PROPAGATION_TIMEOUT") - fmt.Fprintln(w, "\texoscale:\tEXOSCALE_POLLING_INTERVAL, EXOSCALE_PROPAGATION_TIMEOUT, EXOSCALE_TTL, EXOSCALE_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tfastdns:\tAKAMAI_POLLING_INTERVAL, AKAMAI_PROPAGATION_TIMEOUT, AKAMAI_TTL") - fmt.Fprintln(w, "\tgandi:\tGANDI_POLLING_INTERVAL, GANDI_PROPAGATION_TIMEOUT, GANDI_TTL, GANDI_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tgandiv5:\tGANDIV5_POLLING_INTERVAL, GANDIV5_PROPAGATION_TIMEOUT, GANDIV5_TTL, GANDIV5_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tgcloud:\tGCE_POLLING_INTERVAL, GCE_PROPAGATION_TIMEOUT, GCE_TTL") - fmt.Fprintln(w, "\tglesys:\tGLESYS_POLLING_INTERVAL, GLESYS_PROPAGATION_TIMEOUT, GLESYS_TTL, GLESYS_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tgodaddy:\tGODADDY_POLLING_INTERVAL, GODADDY_PROPAGATION_TIMEOUT, GODADDY_TTL, GODADDY_HTTP_TIMEOUT, GODADDY_SEQUENCE_INTERVAL") - fmt.Fprintln(w, "\thostingde:\tHOSTINGDE_POLLING_INTERVAL, HOSTINGDE_PROPAGATION_TIMEOUT, HOSTINGDE_TTL, HOSTINGDE_HTTP_TIMEOUT") - fmt.Fprintln(w, "\thttpreq:\tHTTPREQ_POLLING_INTERVAL, HTTPREQ_PROPAGATION_TIMEOUT, HTTPREQ_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tiij:\tIIJ_POLLING_INTERVAL, IIJ_PROPAGATION_TIMEOUT, IIJ_TTL") - fmt.Fprintln(w, "\tinwx:\tINWX_POLLING_INTERVAL, INWX_PROPAGATION_TIMEOUT, INWX_TTL, INWX_SANDBOX") - fmt.Fprintln(w, "\tlightsail:\tLIGHTSAIL_POLLING_INTERVAL, LIGHTSAIL_PROPAGATION_TIMEOUT") - fmt.Fprintln(w, "\tlinode:\tLINODE_POLLING_INTERVAL, LINODE_TTL, LINODE_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tlinodev4:\tLINODE_POLLING_INTERVAL, LINODE_TTL, LINODE_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tmydnsjp:\tMYDNSJP_PROPAGATION_TIMEOUT, MYDNSJP_POLLING_INTERVAL, MYDNSJP_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tnamecheap:\tNAMECHEAP_POLLING_INTERVAL, NAMECHEAP_PROPAGATION_TIMEOUT, NAMECHEAP_TTL, NAMECHEAP_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tnamedotcom:\tNAMECOM_POLLING_INTERVAL, NAMECOM_PROPAGATION_TIMEOUT, NAMECOM_TTL, NAMECOM_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tnetcup:\tNETCUP_POLLING_INTERVAL, NETCUP_PROPAGATION_TIMEOUT, NETCUP_TTL, NETCUP_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tnifcloud:\tNIFCLOUD_POLLING_INTERVAL, NIFCLOUD_PROPAGATION_TIMEOUT, NIFCLOUD_TTL, NIFCLOUD_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tns1:\tNS1_POLLING_INTERVAL, NS1_PROPAGATION_TIMEOUT, NS1_TTL, NS1_HTTP_TIMEOUT") - fmt.Fprintln(w, "\toraclecloud:\tOCI_TTL, OCI_PROPAGATION_TIMEOUT, OCI_POLLING_INTERVAL") - fmt.Fprintln(w, "\totc:\tOTC_POLLING_INTERVAL, OTC_PROPAGATION_TIMEOUT, OTC_TTL, OTC_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tovh:\tOVH_POLLING_INTERVAL, OVH_PROPAGATION_TIMEOUT, OVH_TTL, OVH_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tpdns:\tPDNS_POLLING_INTERVAL, PDNS_PROPAGATION_TIMEOUT, PDNS_TTL, PDNS_HTTP_TIMEOUT") - fmt.Fprintln(w, "\trackspace:\tRACKSPACE_POLLING_INTERVAL, RACKSPACE_PROPAGATION_TIMEOUT, RACKSPACE_TTL, RACKSPACE_HTTP_TIMEOUT") - fmt.Fprintln(w, "\trfc2136:\tRFC2136_POLLING_INTERVAL, RFC2136_PROPAGATION_TIMEOUT, RFC2136_TTL, RFC2136_SEQUENCE_INTERVAL, RFC2136_DNS_TIMEOUT") - fmt.Fprintln(w, "\troute53:\tAWS_POLLING_INTERVAL, AWS_PROPAGATION_TIMEOUT, AWS_TTL") - fmt.Fprintln(w, "\tsakuracloud:\tSAKURACLOUD_POLLING_INTERVAL, SAKURACLOUD_PROPAGATION_TIMEOUT, SAKURACLOUD_TTL") - fmt.Fprintln(w, "\tselectel:\tSELECTEL_BASE_URL, SELECTEL_TTL, SELECTEL_PROPAGATION_TIMEOUT, SELECTEL_POLLING_INTERVAL, SELECTEL_HTTP_TIMEOUT") - fmt.Fprintln(w, "\ttransip:\tTRANSIP_POLLING_INTERVAL, TRANSIP_PROPAGATION_TIMEOUT, TRANSIP_TTL") - fmt.Fprintln(w, "\tstackpath:\tSTACKPATH_POLLING_INTERVAL, STACKPATH_PROPAGATION_TIMEOUT, STACKPATH_TTL") - fmt.Fprintln(w, "\tvegadns:\tVEGADNS_POLLING_INTERVAL, VEGADNS_PROPAGATION_TIMEOUT, VEGADNS_TTL") - fmt.Fprintln(w, "\tvscale:\tVSCALE_BASE_URL, VSCALE_TTL, VSCALE_PROPAGATION_TIMEOUT, VSCALE_POLLING_INTERVAL, VSCALE_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tvultr:\tVULTR_POLLING_INTERVAL, VULTR_PROPAGATION_TIMEOUT, VULTR_TTL, VULTR_HTTP_TIMEOUT") - fmt.Fprintln(w, "\tzoneee:\tZONEEE_POLLING_INTERVAL, ZONEEE_PROPAGATION_TIMEOUT, ZONEEE_HTTP_TIMEOUT") - - w.Flush() - - fmt.Println(` -For a more detailed explanation of a DNS provider's credential variables, -please consult their online documentation.`) + displayDNSHelp(strings.ToLower(code)) return nil } diff --git a/cmd/zz_gen_cmd_dnshelp.go b/cmd/zz_gen_cmd_dnshelp.go new file mode 100644 index 00000000..1ba4172b --- /dev/null +++ b/cmd/zz_gen_cmd_dnshelp.go @@ -0,0 +1,1144 @@ +package cmd + +// CODE GENERATED AUTOMATICALLY +// THIS FILE MUST NOT BE EDITED BY HAND + +import ( + "fmt" + "os" + "strings" + "text/tabwriter" + + "github.com/xenolf/lego/log" +) + +func allDNSCodes() string { + return strings.Join([]string{ + "acme-dns", + "alidns", + "auroradns", + "azure", + "bluecat", + "cloudflare", + "cloudns", + "cloudxns", + "conoha", + "designate", + "digitalocean", + "dnsimple", + "dnsmadeeasy", + "dnspod", + "dreamhost", + "duckdns", + "dyn", + "exec", + "exoscale", + "fastdns", + "gandi", + "gandiv5", + "gcloud", + "glesys", + "godaddy", + "hostingde", + "httpreq", + "iij", + "inwx", + "lightsail", + "linode", + "linodev4", + "mydnsjp", + "namecheap", + "namedotcom", + "netcup", + "nifcloud", + "ns1", + "oraclecloud", + "otc", + "ovh", + "pdns", + "rackspace", + "rfc2136", + "route53", + "sakuracloud", + "selectel", + "stackpath", + "transip", + "vegadns", + "vscale", + "vultr", + "zoneee", + }, ", ") +} + +func displayDNSHelp(name string) { + w := tabwriter.NewWriter(os.Stdout, 0, 8, 1, '\t', 0) + switch name { + + case "acme-dns": + // generated from: providers/dns/acmedns/acmedns.toml + fmt.Fprintln(w, `Configuration for Joohoi's ACME-DNS.`) + fmt.Fprintln(w, `Code: 'acme-dns'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "ACME_DNS_API_BASE": The ACME-DNS API address`) + fmt.Fprintln(w, ` - "ACME_DNS_STORAGE_PATH": The ACME-DNS JSON account data file. A per-domain account will be registered/persisted to this file and used for TXT updates.`) + fmt.Fprintln(w) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/acme-dns`) + + case "alidns": + // generated from: providers/dns/alidns/alidns.toml + fmt.Fprintln(w, `Configuration for Alibaba Cloud DNS.`) + fmt.Fprintln(w, `Code: 'alidns'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "ALICLOUD_ACCESS_KEY": Access key ID`) + fmt.Fprintln(w, ` - "ALICLOUD_SECRET_KEY": Access Key secret`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "ALICLOUD_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "ALICLOUD_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "ALICLOUD_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "ALICLOUD_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/alidns`) + + case "auroradns": + // generated from: providers/dns/auroradns/auroradns.toml + fmt.Fprintln(w, `Configuration for Aurora DNS.`) + fmt.Fprintln(w, `Code: 'auroradns'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "AURORA_ENDPOINT": API endpoint URL`) + fmt.Fprintln(w, ` - "AURORA_KEY": User API key`) + fmt.Fprintln(w, ` - "AURORA_USER_ID": User ID`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "AURORA_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "AURORA_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "AURORA_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/auroradns`) + + case "azure": + // generated from: providers/dns/azure/azure.toml + fmt.Fprintln(w, `Configuration for Azure.`) + fmt.Fprintln(w, `Code: 'azure'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "AZURE_CLIENT_ID": Client ID`) + fmt.Fprintln(w, ` - "AZURE_CLIENT_SECRET": Client secret`) + fmt.Fprintln(w, ` - "AZURE_RESOURCE_GROUP": Resource group`) + fmt.Fprintln(w, ` - "AZURE_SUBSCRIPTION_ID": Subscription ID`) + fmt.Fprintln(w, ` - "AZURE_TENANT_ID": Tenant ID`) + fmt.Fprintln(w, ` - "instance metadata service": If the credentials are **not** set via the environment, then it will attempt to get a bearer token via the [instance metadata service](https://docs.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service).`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "AZURE_METADATA_ENDPOINT": Metadata Service endpoint URL`) + fmt.Fprintln(w, ` - "AZURE_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "AZURE_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "AZURE_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/azure`) + + case "bluecat": + // generated from: providers/dns/bluecat/bluecat.toml + fmt.Fprintln(w, `Configuration for Bluecat.`) + fmt.Fprintln(w, `Code: 'bluecat'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "BLUECAT_CONFIG_NAME": Configuration name`) + fmt.Fprintln(w, ` - "BLUECAT_DNS_VIEW": External DNS View Name`) + fmt.Fprintln(w, ` - "BLUECAT_PASSWORD": API password`) + fmt.Fprintln(w, ` - "BLUECAT_SERVER_URL": The server URL, should have scheme, hostname, and port (if required) of the authoritative Bluecat BAM serve`) + fmt.Fprintln(w, ` - "BLUECAT_USER_NAME": API username`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "BLUECAT_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "BLUECAT_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "BLUECAT_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "BLUECAT_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/bluecat`) + + case "cloudflare": + // generated from: providers/dns/cloudflare/cloudflare.toml + fmt.Fprintln(w, `Configuration for Cloudflare.`) + fmt.Fprintln(w, `Code: 'cloudflare'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "CLOUDFLARE_API_KEY": API key`) + fmt.Fprintln(w, ` - "CLOUDFLARE_EMAIL": Account email`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "CLOUDFLARE_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "CLOUDFLARE_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "CLOUDFLARE_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "CLOUDFLARE_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/cloudflare`) + + case "cloudns": + // generated from: providers/dns/cloudns/cloudns.toml + fmt.Fprintln(w, `Configuration for ClouDNS.`) + fmt.Fprintln(w, `Code: 'cloudns'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "CLOUDNS_AUTH_ID": The API user ID`) + fmt.Fprintln(w, ` - "CLOUDNS_AUTH_PASSWORD": The password for API user ID`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "CLOUDNS_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "CLOUDNS_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "CLOUDNS_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "CLOUDNS_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/cloudns`) + + case "cloudxns": + // generated from: providers/dns/cloudxns/cloudxns.toml + fmt.Fprintln(w, `Configuration for CloudXNS.`) + fmt.Fprintln(w, `Code: 'cloudxns'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "CLOUDXNS_API_KEY": The API key`) + fmt.Fprintln(w, ` - "CLOUDXNS_SECRET_KEY": THe API secret key`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "CLOUDXNS_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "CLOUDXNS_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "CLOUDXNS_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "CLOUDXNS_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/cloudxns`) + + case "conoha": + // generated from: providers/dns/conoha/conoha.toml + fmt.Fprintln(w, `Configuration for ConoHa.`) + fmt.Fprintln(w, `Code: 'conoha'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "CONOHA_API_PASSWORD": The API password`) + fmt.Fprintln(w, ` - "CONOHA_API_USERNAME": The API username`) + fmt.Fprintln(w, ` - "CONOHA_TENANT_ID": Tenant ID`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "CONOHA_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "CONOHA_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "CONOHA_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "CONOHA_REGION": The region`) + fmt.Fprintln(w, ` - "CONOHA_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/conoha`) + + case "designate": + // generated from: providers/dns/designate/designate.toml + fmt.Fprintln(w, `Configuration for Designate DNSaaS for Openstack.`) + fmt.Fprintln(w, `Code: 'designate'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "OS_AUTH_URL": Identity endpoint URL`) + fmt.Fprintln(w, ` - "OS_PASSWORD": Password`) + fmt.Fprintln(w, ` - "OS_REGION_NAME": Region name`) + fmt.Fprintln(w, ` - "OS_TENANT_NAME": Tenant name`) + fmt.Fprintln(w, ` - "OS_USERNAME": Username`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "DESIGNATE_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "DESIGNATE_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "DESIGNATE_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/designate`) + + case "digitalocean": + // generated from: providers/dns/digitalocean/digitalocean.toml + fmt.Fprintln(w, `Configuration for Digital Ocean.`) + fmt.Fprintln(w, `Code: 'digitalocean'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "DO_AUTH_TOKEN": Authentication token`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "DO_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "DO_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "DO_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "DO_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/digitalocean`) + + case "dnsimple": + // generated from: providers/dns/dnsimple/dnsimple.toml + fmt.Fprintln(w, `Configuration for DNSimple.`) + fmt.Fprintln(w, `Code: 'dnsimple'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "DNSIMPLE_BASE_URL": API endpoint URL`) + fmt.Fprintln(w, ` - "DNSIMPLE_OAUTH_TOKEN": OAuth token`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "DNSIMPLE_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "DNSIMPLE_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "DNSIMPLE_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/dnsimple`) + + case "dnsmadeeasy": + // generated from: providers/dns/dnsmadeeasy/dnsmadeeasy.toml + fmt.Fprintln(w, `Configuration for DNS Made Easy.`) + fmt.Fprintln(w, `Code: 'dnsmadeeasy'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "DNSMADEEASY_API_KEY": The API key`) + fmt.Fprintln(w, ` - "DNSMADEEASY_API_SECRET": The API Secret key`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "DNSMADEEASY_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "DNSMADEEASY_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "DNSMADEEASY_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "DNSMADEEASY_SANDBOX": Activate the sandbox (boolean)`) + fmt.Fprintln(w, ` - "DNSMADEEASY_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/dnsmadeeasy`) + + case "dnspod": + // generated from: providers/dns/dnspod/dnspod.toml + fmt.Fprintln(w, `Configuration for DNSPod.`) + fmt.Fprintln(w, `Code: 'dnspod'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "DNSPOD_API_KEY": The user token`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "DNSPOD_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "DNSPOD_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "DNSPOD_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "DNSPOD_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/dnspod`) + + case "dreamhost": + // generated from: providers/dns/dreamhost/dreamhost.toml + fmt.Fprintln(w, `Configuration for DreamHost.`) + fmt.Fprintln(w, `Code: 'dreamhost'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "DREAMHOST_API_KEY": The API key`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "DREAMHOST_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "DREAMHOST_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "DREAMHOST_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "DREAMHOST_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/dreamhost`) + + case "duckdns": + // generated from: providers/dns/duckdns/duckdns.toml + fmt.Fprintln(w, `Configuration for Duck DNS.`) + fmt.Fprintln(w, `Code: 'duckdns'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "DUCKDNS_TOKEN": Account token`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "DUCKDNS_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "DUCKDNS_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "DUCKDNS_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "DUCKDNS_SEQUENCE_INTERVAL": Interval between iteration`) + fmt.Fprintln(w, ` - "DUCKDNS_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/duckdns`) + + case "dyn": + // generated from: providers/dns/dyn/dyn.toml + fmt.Fprintln(w, `Configuration for Dyn.`) + fmt.Fprintln(w, `Code: 'dyn'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "DYN_CUSTOMER_NAME": Customer name`) + fmt.Fprintln(w, ` - "DYN_PASSWORD": Paswword`) + fmt.Fprintln(w, ` - "DYN_USER_NAME": User name`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "DYN_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "DYN_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "DYN_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "DYN_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/dyn`) + + case "exec": + // generated from: providers/dns/exec/exec.toml + fmt.Fprintln(w, `Configuration for External program.`) + fmt.Fprintln(w, `Code: 'exec'`) + fmt.Fprintln(w) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/exec`) + + case "exoscale": + // generated from: providers/dns/exoscale/exoscale.toml + fmt.Fprintln(w, `Configuration for Exoscale.`) + fmt.Fprintln(w, `Code: 'exoscale'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "EXOSCALE_API_KEY": API key`) + fmt.Fprintln(w, ` - "EXOSCALE_API_SECRET": API secret`) + fmt.Fprintln(w, ` - "EXOSCALE_ENDPOINT": API endpoint URL`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "EXOSCALE_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "EXOSCALE_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "EXOSCALE_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "EXOSCALE_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/exoscale`) + + case "fastdns": + // generated from: providers/dns/fastdns/fastdns.toml + fmt.Fprintln(w, `Configuration for FastDNS.`) + fmt.Fprintln(w, `Code: 'fastdns'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "AKAMAI_ACCESS_TOKEN": Access token`) + fmt.Fprintln(w, ` - "AKAMAI_CLIENT_SECRET": Client secret`) + fmt.Fprintln(w, ` - "AKAMAI_CLIENT_TOKEN": Client token`) + fmt.Fprintln(w, ` - "AKAMAI_HOST": API host`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "AKAMAI_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "AKAMAI_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "AKAMAI_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/fastdns`) + + case "gandi": + // generated from: providers/dns/gandi/gandi.toml + fmt.Fprintln(w, `Configuration for Gandi.`) + fmt.Fprintln(w, `Code: 'gandi'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "GANDI_API_KEY": API key`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "GANDI_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "GANDI_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "GANDI_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "GANDI_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/gandi`) + + case "gandiv5": + // generated from: providers/dns/gandiv5/gandiv5.toml + fmt.Fprintln(w, `Configuration for Gandi Live DNS (v5).`) + fmt.Fprintln(w, `Code: 'gandiv5'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "GANDIV5_API_KEY": API key`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "GANDIV5_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "GANDIV5_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "GANDIV5_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "GANDIV5_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/gandiv5`) + + case "gcloud": + // generated from: providers/dns/gcloud/gcloud.toml + fmt.Fprintln(w, `Configuration for Google Cloud.`) + fmt.Fprintln(w, `Code: 'gcloud'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "Application Default Credentials": [Documentation](https://cloud.google.com/docs/authentication/production#providing_credentials_to_your_application)`) + fmt.Fprintln(w, ` - "GCE_PROJECT": Project name`) + fmt.Fprintln(w, ` - "GCE_SERVICE_ACCOUNT": Account`) + fmt.Fprintln(w, ` - "GCE_SERVICE_ACCOUNT_FILE": Account file path`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "GCE_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "GCE_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "GCE_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/gcloud`) + + case "glesys": + // generated from: providers/dns/glesys/glesys.toml + fmt.Fprintln(w, `Configuration for Glesys.`) + fmt.Fprintln(w, `Code: 'glesys'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "GLESYS_API_KEY": API key`) + fmt.Fprintln(w, ` - "GLESYS_API_USER": API user`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "GLESYS_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "GLESYS_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "GLESYS_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "GLESYS_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/glesys`) + + case "godaddy": + // generated from: providers/dns/godaddy/godaddy.toml + fmt.Fprintln(w, `Configuration for Go Daddy.`) + fmt.Fprintln(w, `Code: 'godaddy'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "GODADDY_API_KEY": **TODO**`) + fmt.Fprintln(w, ` - "GODADDY_API_SECRET": **TODO**`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "GODADDY_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "GODADDY_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "GODADDY_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "GODADDY_SEQUENCE_INTERVAL": Interval between iteration`) + fmt.Fprintln(w, ` - "GODADDY_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/godaddy`) + + case "hostingde": + // generated from: providers/dns/hostingde/hostingde.toml + fmt.Fprintln(w, `Configuration for Hosting.de.`) + fmt.Fprintln(w, `Code: 'hostingde'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "HOSTINGDE_API_KEY": **TODO**`) + fmt.Fprintln(w, ` - "HOSTINGDE_ZONE_NAME": **TODO**`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "HOSTINGDE_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "HOSTINGDE_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "HOSTINGDE_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "HOSTINGDE_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/hostingde`) + + case "httpreq": + // generated from: providers/dns/httpreq/httpreq.toml + fmt.Fprintln(w, `Configuration for HTTP request.`) + fmt.Fprintln(w, `Code: 'httpreq'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "HTTPREQ_ENDPOINT": The URL of the server`) + fmt.Fprintln(w, ` - "HTTPREQ_MODE": 'RAW', none`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "HTTPREQ_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "HTTPREQ_PASSWORD": **TODO**`) + fmt.Fprintln(w, ` - "HTTPREQ_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "HTTPREQ_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "HTTPREQ_USERNAME": **TODO**`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/httpreq`) + + case "iij": + // generated from: providers/dns/iij/iij.toml + fmt.Fprintln(w, `Configuration for Internet Initiative Japan.`) + fmt.Fprintln(w, `Code: 'iij'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "IIJ_API_ACCESS_KEY": API access key`) + fmt.Fprintln(w, ` - "IIJ_API_SECRET_KEY": API secret key`) + fmt.Fprintln(w, ` - "IIJ_DO_SERVICE_CODE": DO service code`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "IIJ_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "IIJ_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "IIJ_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/iij`) + + case "inwx": + // generated from: providers/dns/inwx/inwx.toml + fmt.Fprintln(w, `Configuration for INWX.`) + fmt.Fprintln(w, `Code: 'inwx'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "INWX_PASSWORD": Password`) + fmt.Fprintln(w, ` - "INWX_USERNAME": Username`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "INWX_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "INWX_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "INWX_SANDBOX": Activate the sandbox (boolean)`) + fmt.Fprintln(w, ` - "INWX_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/inwx`) + + case "lightsail": + // generated from: providers/dns/lightsail/lightsail.toml + fmt.Fprintln(w, `Configuration for Amazon Lightsail.`) + fmt.Fprintln(w, `Code: 'lightsail'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "AWS_ACCESS_KEY_ID": Access key ID`) + fmt.Fprintln(w, ` - "AWS_SECRET_ACCESS_KEY": Secret access key`) + fmt.Fprintln(w, ` - "DNS_ZONE": DNS zone`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "LIGHTSAIL_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "LIGHTSAIL_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/lightsail`) + + case "linode": + // generated from: providers/dns/linode/linode.toml + fmt.Fprintln(w, `Configuration for Linode (deprecated).`) + fmt.Fprintln(w, `Code: 'linode'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "LINODE_API_KEY": API key`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "LINODE_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "LINODE_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "LINODE_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/linode`) + + case "linodev4": + // generated from: providers/dns/linodev4/linodev4.toml + fmt.Fprintln(w, `Configuration for Linode (v4).`) + fmt.Fprintln(w, `Code: 'linodev4'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "LINODE_TOKEN": API token`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "LINODE_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "LINODE_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "LINODE_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/linodev4`) + + case "mydnsjp": + // generated from: providers/dns/mydnsjp/mydnsjp.toml + fmt.Fprintln(w, `Configuration for MyDNS.jp.`) + fmt.Fprintln(w, `Code: 'mydnsjp'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "MYDNSJP_MASTER_ID": Master ID`) + fmt.Fprintln(w, ` - "MYDNSJP_PASSWORD": Password`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "MYDNSJP_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "MYDNSJP_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "MYDNSJP_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "MYDNSJP_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/mydnsjp`) + + case "namecheap": + // generated from: providers/dns/namecheap/namecheap.toml + fmt.Fprintln(w, `Configuration for Namecheap.`) + fmt.Fprintln(w, `Code: 'namecheap'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "NAMECHEAP_API_KEY": API key`) + fmt.Fprintln(w, ` - "NAMECHEAP_API_USER": API user`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "NAMECHEAP_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "NAMECHEAP_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "NAMECHEAP_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "NAMECHEAP_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/namecheap`) + + case "namedotcom": + // generated from: providers/dns/namedotcom/namedotcom.toml + fmt.Fprintln(w, `Configuration for Name.com.`) + fmt.Fprintln(w, `Code: 'namedotcom'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "NAMECOM_API_TOKEN": API token`) + fmt.Fprintln(w, ` - "NAMECOM_USERNAME": Username`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "NAMECOM_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "NAMECOM_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "NAMECOM_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "NAMECOM_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/namedotcom`) + + case "netcup": + // generated from: providers/dns/netcup/netcup.toml + fmt.Fprintln(w, `Configuration for Netcup.`) + fmt.Fprintln(w, `Code: 'netcup'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "NETCUP_API_KEY": API key`) + fmt.Fprintln(w, ` - "NETCUP_API_PASSWORD": API password`) + fmt.Fprintln(w, ` - "NETCUP_CUSTOMER_NUMBER": Customer number`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "NETCUP_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "NETCUP_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "NETCUP_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "NETCUP_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/netcup`) + + case "nifcloud": + // generated from: providers/dns/nifcloud/nifcloud.toml + fmt.Fprintln(w, `Configuration for NIFCloud.`) + fmt.Fprintln(w, `Code: 'nifcloud'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "NIFCLOUD_ACCESS_KEY_ID": Access key`) + fmt.Fprintln(w, ` - "NIFCLOUD_SECRET_ACCESS_KEY": Secret access key`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "NIFCLOUD_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "NIFCLOUD_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "NIFCLOUD_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "NIFCLOUD_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/nifcloud`) + + case "ns1": + // generated from: providers/dns/ns1/ns1.toml + fmt.Fprintln(w, `Configuration for NS1.`) + fmt.Fprintln(w, `Code: 'ns1'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "NS1_API_KEY": API key`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "NS1_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "NS1_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "NS1_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "NS1_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/ns1`) + + case "oraclecloud": + // generated from: providers/dns/oraclecloud/oraclecloud.toml + fmt.Fprintln(w, `Configuration for Oracle Cloud.`) + fmt.Fprintln(w, `Code: 'oraclecloud'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "OCI_COMPARTMENT_OCID": Compartment OCID`) + fmt.Fprintln(w, ` - "OCI_PRIVKEY_FILE": Private key file`) + fmt.Fprintln(w, ` - "OCI_PRIVKEY_PASS": Private key password`) + fmt.Fprintln(w, ` - "OCI_PUBKEY_FINGERPRINT": Public key fingerprint`) + fmt.Fprintln(w, ` - "OCI_REGION": Region`) + fmt.Fprintln(w, ` - "OCI_TENANCY_OCID": Tenanct OCID`) + fmt.Fprintln(w, ` - "OCI_USER_OCID": User OCID`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "OCI_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "OCI_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "OCI_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/oraclecloud`) + + case "otc": + // generated from: providers/dns/otc/otc.toml + fmt.Fprintln(w, `Configuration for Open Telekom Cloud.`) + fmt.Fprintln(w, `Code: 'otc'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "OTC_DOMAIN_NAME": Domain name`) + fmt.Fprintln(w, ` - "OTC_IDENTITY_ENDPOINT": Identity endpoint URL`) + fmt.Fprintln(w, ` - "OTC_PASSWORD": Password`) + fmt.Fprintln(w, ` - "OTC_PROJECT_NAME": Project name`) + fmt.Fprintln(w, ` - "OTC_USER_NAME": User name`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "OTC_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "OTC_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "OTC_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "OTC_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/otc`) + + case "ovh": + // generated from: providers/dns/ovh/ovh.toml + fmt.Fprintln(w, `Configuration for OVH.`) + fmt.Fprintln(w, `Code: 'ovh'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "OVH_APPLICATION_KEY": Application key`) + fmt.Fprintln(w, ` - "OVH_APPLICATION_SECRET": Application secret`) + fmt.Fprintln(w, ` - "OVH_CONSUMER_KEY": Consumer key`) + fmt.Fprintln(w, ` - "OVH_ENDPOINT": Endpoint URL (ovh-eu or ovh-ca)`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "OVH_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "OVH_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "OVH_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "OVH_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/ovh`) + + case "pdns": + // generated from: providers/dns/pdns/pdns.toml + fmt.Fprintln(w, `Configuration for PowerDNS.`) + fmt.Fprintln(w, `Code: 'pdns'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "PDNS_API_KEY": API key`) + fmt.Fprintln(w, ` - "PDNS_API_URL": API url`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "PDNS_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "PDNS_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "PDNS_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "PDNS_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/pdns`) + + case "rackspace": + // generated from: providers/dns/rackspace/rackspace.toml + fmt.Fprintln(w, `Configuration for Rackspace.`) + fmt.Fprintln(w, `Code: 'rackspace'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "RACKSPACE_API_KEY": API key`) + fmt.Fprintln(w, ` - "RACKSPACE_USER": API user`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "RACKSPACE_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "RACKSPACE_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "RACKSPACE_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "RACKSPACE_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/rackspace`) + + case "rfc2136": + // generated from: providers/dns/rfc2136/rfc2136.toml + fmt.Fprintln(w, `Configuration for RFC2136.`) + fmt.Fprintln(w, `Code: 'rfc2136'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "RFC2136_NAMESERVER": Network address in the form "host" or "host:port"`) + fmt.Fprintln(w, ` - "RFC2136_TSIG_ALGORITHM": TSIG algorythm. See [miekg/dns#tsig.go](https://github.com/miekg/dns/blob/master/tsig.go) for supported values. To disable TSIG authentication, leave the 'RFC2136_TSIG*' variables unset.`) + fmt.Fprintln(w, ` - "RFC2136_TSIG_KEY": Name of the secret key as defined in DNS server configuration. To disable TSIG authentication, leave the 'RFC2136_TSIG*' variables unset.`) + fmt.Fprintln(w, ` - "RFC2136_TSIG_SECRET": Secret key payload. To disable TSIG authentication, leave the' RFC2136_TSIG*' variables unset.`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "RFC2136_DNS_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "RFC2136_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "RFC2136_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "RFC2136_SEQUENCE_INTERVAL": Interval between iteration`) + fmt.Fprintln(w, ` - "RFC2136_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/rfc2136`) + + case "route53": + // generated from: providers/dns/route53/route53.toml + fmt.Fprintln(w, `Configuration for Amazon Route 53.`) + fmt.Fprintln(w, `Code: 'route53'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "AWS_ACCESS_KEY_ID": `) + fmt.Fprintln(w, ` - "AWS_HOSTED_ZONE_ID": `) + fmt.Fprintln(w, ` - "AWS_REGION": `) + fmt.Fprintln(w, ` - "AWS_SECRET_ACCESS_KEY": `) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "AWS_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "AWS_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "AWS_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/route53`) + + case "sakuracloud": + // generated from: providers/dns/sakuracloud/sakuracloud.toml + fmt.Fprintln(w, `Configuration for Sakura Cloud.`) + fmt.Fprintln(w, `Code: 'sakuracloud'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "SAKURACLOUD_ACCESS_TOKEN": Access token`) + fmt.Fprintln(w, ` - "SAKURACLOUD_ACCESS_TOKEN_SECRET": Access token secret`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "SAKURACLOUD_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "SAKURACLOUD_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "SAKURACLOUD_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/sakuracloud`) + + case "selectel": + // generated from: providers/dns/selectel/selectel.toml + fmt.Fprintln(w, `Configuration for Selectel.`) + fmt.Fprintln(w, `Code: 'selectel'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "SELECTEL_API_TOKEN": API token`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "SELECTEL_BASE_URL": API endpoint URL`) + fmt.Fprintln(w, ` - "SELECTEL_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "SELECTEL_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "SELECTEL_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "SELECTEL_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/selectel`) + + case "stackpath": + // generated from: providers/dns/stackpath/stackpath.toml + fmt.Fprintln(w, `Configuration for Stackpath.`) + fmt.Fprintln(w, `Code: 'stackpath'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "STACKPATH_CLIENT_ID": Client ID`) + fmt.Fprintln(w, ` - "STACKPATH_CLIENT_SECRET": Client secret`) + fmt.Fprintln(w, ` - "STACKPATH_STACK_ID": Stack ID`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "STACKPATH_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "STACKPATH_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "STACKPATH_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/stackpath`) + + case "transip": + // generated from: providers/dns/transip/transip.toml + fmt.Fprintln(w, `Configuration for TransIP.`) + fmt.Fprintln(w, `Code: 'transip'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "TRANSIP_ACCOUNT_NAME": Account name`) + fmt.Fprintln(w, ` - "TRANSIP_PRIVATE_KEY_PATH": Private key path`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "TRANSIP_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "TRANSIP_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "TRANSIP_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/transip`) + + case "vegadns": + // generated from: providers/dns/vegadns/vegadns.toml + fmt.Fprintln(w, `Configuration for VegaDNS.`) + fmt.Fprintln(w, `Code: 'vegadns'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "SECRET_VEGADNS_KEY": API key`) + fmt.Fprintln(w, ` - "SECRET_VEGADNS_SECRET": API secret`) + fmt.Fprintln(w, ` - "VEGADNS_URL": API endpoint URL`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "VEGADNS_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "VEGADNS_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "VEGADNS_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/vegadns`) + + case "vscale": + // generated from: providers/dns/vscale/vscale.toml + fmt.Fprintln(w, `Configuration for Vscale.`) + fmt.Fprintln(w, `Code: 'vscale'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "VSCALE_API_TOKEN": API token`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "VSCALE_BASE_URL": API enddpoint URL`) + fmt.Fprintln(w, ` - "VSCALE_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "VSCALE_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "VSCALE_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "VSCALE_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/vscale`) + + case "vultr": + // generated from: providers/dns/vultr/vultr.toml + fmt.Fprintln(w, `Configuration for Vultr.`) + fmt.Fprintln(w, `Code: 'vultr'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "VULTR_API_KEY": API key`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "VULTR_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "VULTR_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "VULTR_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "VULTR_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/vultr`) + + case "zoneee": + // generated from: providers/dns/zoneee/zoneee.toml + fmt.Fprintln(w, `Configuration for Zone.ee.`) + fmt.Fprintln(w, `Code: 'zoneee'`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Credentials:`) + fmt.Fprintln(w, ` - "ZONEEE_API_KEY": API key`) + fmt.Fprintln(w, ` - "ZONEEE_API_USER": API user`) + fmt.Fprintln(w) + + fmt.Fprintln(w, `Additional Configuration:`) + fmt.Fprintln(w, ` - "ZONEEE_ENDPOINT": API endpoint URL`) + fmt.Fprintln(w, ` - "ZONEEE_HTTP_TIMEOUT": API request timeout`) + fmt.Fprintln(w, ` - "ZONEEE_POLLING_INTERVAL": Time between DNS propagation check`) + fmt.Fprintln(w, ` - "ZONEEE_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + fmt.Fprintln(w, ` - "ZONEEE_TTL": The TTL of the TXT record used for the DNS challenge`) + + fmt.Fprintln(w) + fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/zoneee`) + + case "manual": + fmt.Fprintln(w, `Solving the DNS-01 challenge using CLI prompt.`) + default: + log.Fatalf("%q is not yet supported.", name) + } + w.Flush() +} diff --git a/docs/.gitignore b/docs/.gitignore new file mode 100644 index 00000000..7b822970 --- /dev/null +++ b/docs/.gitignore @@ -0,0 +1,2 @@ +themes/ +public/ diff --git a/docs/Makefile b/docs/Makefile new file mode 100644 index 00000000..09d3dad2 --- /dev/null +++ b/docs/Makefile @@ -0,0 +1,20 @@ +.PHONY: default clean hugo hugo-build + +default: hugo + +clean: + rm -rf public/ + + +hugo-build: clean hugo-themes + hugo --enableGitInfo --source . + +hugo: + hugo server --disableFastRender --enableGitInfo --watch --source . + # hugo server -D + +hugo-themes: + rm -rf themes + mkdir themes + git clone --depth=1 https://github.com/matcornic/hugo-theme-learn.git themes/hugo-theme-learn + rm -rf themes/hugo-theme-learn/.git diff --git a/docs/archetypes/default.md b/docs/archetypes/default.md new file mode 100644 index 00000000..00e77bd7 --- /dev/null +++ b/docs/archetypes/default.md @@ -0,0 +1,6 @@ +--- +title: "{{ replace .Name "-" " " | title }}" +date: {{ .Date }} +draft: true +--- + diff --git a/docs/config.toml b/docs/config.toml new file mode 100644 index 00000000..028dcf1c --- /dev/null +++ b/docs/config.toml @@ -0,0 +1,67 @@ +baseURL = "https://xenolf.github.io/lego/" +languageCode = "en-us" +title = "Lego" + +theme = "hugo-theme-learn" + +# Code higlighting settings +pygmentsCodefences = true +pygmentsCodeFencesGuesSsyntax = false +pygmentsOptions = "" +pygmentsStyle = "monokai" +# The monokai stylesheet is included in the base template. +pygmentsUseClasses = true + +[permalinks] + dns = "/dns/:slug/" + +[params] + # Prefix URL to edit current page. Will display an "Edit this page" button on top right hand corner of every page. + # Useful to give opportunity to people to create merge request for your doc. + # See the config.toml file from this documentation site to have an example. +# editURL = "" + # Author of the site, will be used in meta information + author = "Lego Team" + # Description of the site, will be used in meta information +# description = "" + # Shows a checkmark for visited pages on the menu + showVisitedLinks = true + # Disable search function. It will hide search bar +# disableSearch = false + # Javascript and CSS cache are automatically busted when new version of site is generated. + # Set this to true to disable this behavior (some proxies don't handle well this optimization) +# disableAssetsBusting = false + # Set this to true to disable copy-to-clipboard button for inline code. +# disableInlineCopyToClipBoard = true + # A title for shortcuts in menu is set by default. Set this to true to disable it. +# disableShortcutsTitle = false + # When using mulitlingual website, disable the switch language button. +# disableLanguageSwitchingButton = false + # Hide breadcrumbs in the header and only show the current page title +# disableBreadcrumb = true + # Hide Next and Previous page buttons normally displayed full height beside content +# disableNextPrev = true + # Order sections in menu by "weight" or "title". Default to "weight" +# ordersectionsby = "weight" + # Change default color scheme with a variant one. Can be "red", "blue", "green". + themeVariant = "blue" + +[Languages] +[Languages.en] + title = "Let’s Encrypt client and ACME library written in Go." + weight = 1 + languageName = "English" + +[[Languages.en.menu.shortcuts]] + name = " Github repo" + identifier = "ds" + url = "https://github.com/xenof/lego" + weight = 10 + +[[Languages.en.menu.shortcuts]] + name = " Issues" + url = "https://github.com/xenolf/lego/issues" + weight = 11 + +[outputs] + home = [ "HTML", "RSS", "JSON"] diff --git a/docs/content/_index.md b/docs/content/_index.md new file mode 100644 index 00000000..a3634dab --- /dev/null +++ b/docs/content/_index.md @@ -0,0 +1,30 @@ +--- +title: "Welcome" +date: 2019-03-03T16:39:46+01:00 +draft: false +chapter: true +--- + +# Lego + +Let's Encrypt client and ACME library written in Go. + +## Features + +- Register with CA +- Obtain certificates, both from scratch or with an existing CSR +- Renew certificates +- Revoke certificates +- Robust implementation of all ACME challenges + - HTTP (http-01) + - DNS (dns-01) + - TLS (tls-alpn-01) +- SAN certificate support +- Comes with multiple optional [DNS providers](dns) +- [Custom challenge solvers](usage/library/writing-a-challenge-solver/) +- Certificate bundling +- OCSP helper function + + +lego introduced support for ACME v2 in [v1.0.0](https://github.com/xenolf/lego/releases/tag/v1.0.0). +If you still need to utilize ACME v1, you can do so by using the [v0.5.0](https://github.com/xenolf/lego/releases/tag/v0.5.0) version. diff --git a/docs/content/dns/_index.md b/docs/content/dns/_index.md new file mode 100644 index 00000000..d4a80a51 --- /dev/null +++ b/docs/content/dns/_index.md @@ -0,0 +1,18 @@ +--- +title: "DNS Providers" +date: 2019-03-03T16:39:46+01:00 +draft: false +weight: 3 +--- + +Credentials for DNS providers must be passed through environment variables. + +Here is an example bash command using the CloudFlare DNS provider: + +```bash +CLOUDFLARE_EMAIL=foo@bar.com \ +CLOUDFLARE_API_KEY=b9841238feb177a84330febba8a83208921177bffe733 \ +lego --dns cloudflare --domains www.example.com --email me@bar.com run +``` + +{{%children style="h2" description="true" %}} \ No newline at end of file diff --git a/docs/content/dns/manual.md b/docs/content/dns/manual.md new file mode 100644 index 00000000..8a9c125e --- /dev/null +++ b/docs/content/dns/manual.md @@ -0,0 +1,59 @@ +--- +title: "Manual" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: manual +--- + +Solving the DNS-01 challenge using CLI prompt. + + + +## Example + +```txt +Do you accept the TOS? Y/n + +[INFO] acme: Registering account for test@test.com +!!!! HEADS UP !!!! + + Your account credentials have been saved in your Let's Encrypt + configuration directory at "~/.lego/accounts". + You should make a secure backup of this folder now. This + configuration directory will also contain certificates and + private keys obtained from Let's Encrypt so making regular + backups of this folder is ideal. + +[INFO] [test.com] acme: Obtaining bundled SAN certificate +[INFO] [test.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/lornkZmVYjsh5wLHpxdQcZDPekGf_TYUM-MTJk3-yrA +[INFO] [test.com] acme: Could not find solver for: tls-alpn-01 +[INFO] [test.com] acme: Could not find solver for: http-01 +[INFO] [test.com] acme: use dns-01 solver +[INFO] [test.com] acme: Preparing to solve DNS-01 +lego: Please create the following TXT record in your test.com. zone: +_acme-challenge.test.com. 120 IN TXT "VP-dby1RBuUOnDZg1n9sF-cwicLsognMzJb0Vx8ttAI" +lego: Press 'Enter' when you are done + +Do you accept the TOS? Y/n + +[INFO] acme: Registering account for test@test.com +!!!! HEADS UP !!!! + + Your account credentials have been saved in your Let's Encrypt + configuration directory at "~/.lego/accounts". + You should make a secure backup of this folder now. This + configuration directory will also contain certificates and + private keys obtained from Let's Encrypt so making regular + backups of this folder is ideal. + +[INFO] [test.com] acme: Obtaining bundled SAN certificate +[INFO] [test.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/lornkZmVYjsh5wLHpxdQcZDPekGf_TYUM-MTJk3-yrA +[INFO] [test.com] acme: Could not find solver for: tls-alpn-01 +[INFO] [test.com] acme: Could not find solver for: http-01 +[INFO] [test.com] acme: use dns-01 solver +[INFO] [test.com] acme: Preparing to solve DNS-01 +lego: Please create the following TXT record in your test.com. zone: +_acme-challenge.test.com. 120 IN TXT "VP-dby1RBuUOnDZg1n9sF-cwicLsognMzJb0Vx8ttAI" +lego: Press 'Enter' when you are done + +``` \ No newline at end of file diff --git a/docs/content/dns/zz_gen_acme-dns.md b/docs/content/dns/zz_gen_acme-dns.md new file mode 100644 index 00000000..ed671b45 --- /dev/null +++ b/docs/content/dns/zz_gen_acme-dns.md @@ -0,0 +1,46 @@ +--- +title: "Joohoi's ACME-DNS" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: acme-dns +--- + + + + + + +Configuration for [Joohoi's ACME-DNS](https://github.com/joohoi/acme-dns). + + + + +- Code: `acme-dns` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `ACME_DNS_API_BASE` | The ACME-DNS API address | +| `ACME_DNS_STORAGE_PATH` | The ACME-DNS JSON account data file. A per-domain account will be registered/persisted to this file and used for TXT updates. | + + + + + + +## More information + +- [API documentation](https://github.com/joohoi/acme-dns#api) +- [Go client](https://github.com/cpu/goacmedns) + + + + diff --git a/docs/content/dns/zz_gen_alidns.md b/docs/content/dns/zz_gen_alidns.md new file mode 100644 index 00000000..0b1ae6fa --- /dev/null +++ b/docs/content/dns/zz_gen_alidns.md @@ -0,0 +1,54 @@ +--- +title: "Alibaba Cloud DNS" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: alidns +--- + + + + + + +Configuration for [Alibaba Cloud DNS](https://www.alibabacloud.com/product/dns). + + + + +- Code: `alidns` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `ALICLOUD_ACCESS_KEY` | Access key ID | +| `ALICLOUD_SECRET_KEY` | Access Key secret | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `ALICLOUD_HTTP_TIMEOUT` | API request timeout | +| `ALICLOUD_POLLING_INTERVAL` | Time between DNS propagation check | +| `ALICLOUD_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `ALICLOUD_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://www.alibabacloud.com/help/doc-detail/42875.htm) +- [Go client](https://github.com/aliyun/alibaba-cloud-sdk-go) + + + + diff --git a/docs/content/dns/zz_gen_auroradns.md b/docs/content/dns/zz_gen_auroradns.md new file mode 100644 index 00000000..223819bb --- /dev/null +++ b/docs/content/dns/zz_gen_auroradns.md @@ -0,0 +1,54 @@ +--- +title: "Aurora DNS" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: auroradns +--- + + + + + + +Configuration for [Aurora DNS](https://www.pcextreme.com/aurora/dns). + + + + +- Code: `auroradns` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `AURORA_ENDPOINT` | API endpoint URL | +| `AURORA_KEY` | User API key | +| `AURORA_USER_ID` | User ID | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `AURORA_POLLING_INTERVAL` | Time between DNS propagation check | +| `AURORA_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `AURORA_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://libcloud.readthedocs.io/en/latest/dns/drivers/auroradns.html#api-docs) +- [Go client](https://github.com/nrdcg/auroradns) + + + + diff --git a/docs/content/dns/zz_gen_azure.md b/docs/content/dns/zz_gen_azure.md new file mode 100644 index 00000000..4186dc87 --- /dev/null +++ b/docs/content/dns/zz_gen_azure.md @@ -0,0 +1,58 @@ +--- +title: "Azure" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: azure +--- + + + + + + +Configuration for [Azure](https://azure.microsoft.com/services/dns/). + + + + +- Code: `azure` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `AZURE_CLIENT_ID` | Client ID | +| `AZURE_CLIENT_SECRET` | Client secret | +| `AZURE_RESOURCE_GROUP` | Resource group | +| `AZURE_SUBSCRIPTION_ID` | Subscription ID | +| `AZURE_TENANT_ID` | Tenant ID | +| `instance metadata service` | If the credentials are **not** set via the environment, then it will attempt to get a bearer token via the [instance metadata service](https://docs.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service). | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `AZURE_METADATA_ENDPOINT` | Metadata Service endpoint URL | +| `AZURE_POLLING_INTERVAL` | Time between DNS propagation check | +| `AZURE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `AZURE_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://docs.microsoft.com/en-us/go/azure/) +- [Go client](https://github.com/Azure/azure-sdk-for-go) + + + + diff --git a/docs/content/dns/zz_gen_bluecat.md b/docs/content/dns/zz_gen_bluecat.md new file mode 100644 index 00000000..64d7082d --- /dev/null +++ b/docs/content/dns/zz_gen_bluecat.md @@ -0,0 +1,53 @@ +--- +title: "Bluecat" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: bluecat +--- + + + + + + +Configuration for [Bluecat](https://www.bluecatnetworks.com). + + + + +- Code: `bluecat` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `BLUECAT_CONFIG_NAME` | Configuration name | +| `BLUECAT_DNS_VIEW` | External DNS View Name | +| `BLUECAT_PASSWORD` | API password | +| `BLUECAT_SERVER_URL` | The server URL, should have scheme, hostname, and port (if required) of the authoritative Bluecat BAM serve | +| `BLUECAT_USER_NAME` | API username | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `BLUECAT_HTTP_TIMEOUT` | API request timeout | +| `BLUECAT_POLLING_INTERVAL` | Time between DNS propagation check | +| `BLUECAT_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `BLUECAT_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + + + + + diff --git a/docs/content/dns/zz_gen_cloudflare.md b/docs/content/dns/zz_gen_cloudflare.md new file mode 100644 index 00000000..34868c8a --- /dev/null +++ b/docs/content/dns/zz_gen_cloudflare.md @@ -0,0 +1,58 @@ +--- +title: "Cloudflare" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: cloudflare +--- + + + + + + +Configuration for [Cloudflare](https://www.cloudflare.com/dns/). + + + + +- Code: `cloudflare` + +Here is an example bash command using the Cloudflare provider: + +```bash +CLOUDFLARE_EMAIL=foo@bar.com \ +CLOUDFLARE_API_KEY=b9841238feb177a84330febba8a83208921177bffe733 \ +lego --dns cloudflare --domains my.domain.com --email my@email.com run +``` + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `CLOUDFLARE_API_KEY` | API key | +| `CLOUDFLARE_EMAIL` | Account email | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `CLOUDFLARE_HTTP_TIMEOUT` | API request timeout | +| `CLOUDFLARE_POLLING_INTERVAL` | Time between DNS propagation check | +| `CLOUDFLARE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `CLOUDFLARE_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://api.cloudflare.com/) +- [Go client](https://github.com/cloudflare/cloudflare-go) + + + + diff --git a/docs/content/dns/zz_gen_cloudns.md b/docs/content/dns/zz_gen_cloudns.md new file mode 100644 index 00000000..6b5f14a9 --- /dev/null +++ b/docs/content/dns/zz_gen_cloudns.md @@ -0,0 +1,53 @@ +--- +title: "ClouDNS" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: cloudns +--- + + + + + + +Configuration for [ClouDNS](https://www.cloudns.net). + + + + +- Code: `cloudns` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `CLOUDNS_AUTH_ID` | The API user ID | +| `CLOUDNS_AUTH_PASSWORD` | The password for API user ID | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `CLOUDNS_HTTP_TIMEOUT` | API request timeout | +| `CLOUDNS_POLLING_INTERVAL` | Time between DNS propagation check | +| `CLOUDNS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `CLOUDNS_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://www.cloudns.net/wiki/article/42/) + + + + diff --git a/docs/content/dns/zz_gen_cloudxns.md b/docs/content/dns/zz_gen_cloudxns.md new file mode 100644 index 00000000..d89a5c5e --- /dev/null +++ b/docs/content/dns/zz_gen_cloudxns.md @@ -0,0 +1,53 @@ +--- +title: "CloudXNS" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: cloudxns +--- + + + + + + +Configuration for [CloudXNS](https://www.cloudxns.net/). + + + + +- Code: `cloudxns` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `CLOUDXNS_API_KEY` | The API key | +| `CLOUDXNS_SECRET_KEY` | THe API secret key | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `CLOUDXNS_HTTP_TIMEOUT` | API request timeout | +| `CLOUDXNS_POLLING_INTERVAL` | Time between DNS propagation check | +| `CLOUDXNS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `CLOUDXNS_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://www.cloudxns.net/Public/Doc/CloudXNS_api2.0_doc_zh-cn.zip) + + + + diff --git a/docs/content/dns/zz_gen_conoha.md b/docs/content/dns/zz_gen_conoha.md new file mode 100644 index 00000000..c37e245f --- /dev/null +++ b/docs/content/dns/zz_gen_conoha.md @@ -0,0 +1,55 @@ +--- +title: "ConoHa" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: conoha +--- + + + + + + +Configuration for [ConoHa](https://www.conoha.jp/). + + + + +- Code: `conoha` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `CONOHA_API_PASSWORD` | The API password | +| `CONOHA_API_USERNAME` | The API username | +| `CONOHA_TENANT_ID` | Tenant ID | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `CONOHA_HTTP_TIMEOUT` | API request timeout | +| `CONOHA_POLLING_INTERVAL` | Time between DNS propagation check | +| `CONOHA_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `CONOHA_REGION` | The region | +| `CONOHA_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://www.conoha.jp/docs/) + + + + diff --git a/docs/content/dns/zz_gen_designate.md b/docs/content/dns/zz_gen_designate.md new file mode 100644 index 00000000..090be577 --- /dev/null +++ b/docs/content/dns/zz_gen_designate.md @@ -0,0 +1,56 @@ +--- +title: "Designate DNSaaS for Openstack" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: designate +--- + + + + + + +Configuration for [Designate DNSaaS for Openstack](https://docs.openstack.org/designate/latest/). + + + + +- Code: `designate` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `OS_AUTH_URL` | Identity endpoint URL | +| `OS_PASSWORD` | Password | +| `OS_REGION_NAME` | Region name | +| `OS_TENANT_NAME` | Tenant name | +| `OS_USERNAME` | Username | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `DESIGNATE_POLLING_INTERVAL` | Time between DNS propagation check | +| `DESIGNATE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `DESIGNATE_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://docs.openstack.org/designate/latest/) +- [Go client](https://godoc.org/github.com/gophercloud/gophercloud/openstack/dns/v2) + + + + diff --git a/docs/content/dns/zz_gen_digitalocean.md b/docs/content/dns/zz_gen_digitalocean.md new file mode 100644 index 00000000..09b31f7a --- /dev/null +++ b/docs/content/dns/zz_gen_digitalocean.md @@ -0,0 +1,52 @@ +--- +title: "Digital Ocean" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: digitalocean +--- + + + + + + +Configuration for [Digital Ocean](https://www.digitalocean.com/docs/networking/dns/). + + + + +- Code: `digitalocean` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `DO_AUTH_TOKEN` | Authentication token | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `DO_HTTP_TIMEOUT` | API request timeout | +| `DO_POLLING_INTERVAL` | Time between DNS propagation check | +| `DO_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `DO_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://developers.digitalocean.com/documentation/v2/#domain-records) + + + + diff --git a/docs/content/dns/zz_gen_dnsimple.md b/docs/content/dns/zz_gen_dnsimple.md new file mode 100644 index 00000000..0689948b --- /dev/null +++ b/docs/content/dns/zz_gen_dnsimple.md @@ -0,0 +1,53 @@ +--- +title: "DNSimple" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: dnsimple +--- + + + + + + +Configuration for [DNSimple](https://dnsimple.com/). + + + + +- Code: `dnsimple` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `DNSIMPLE_BASE_URL` | API endpoint URL | +| `DNSIMPLE_OAUTH_TOKEN` | OAuth token | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `DNSIMPLE_POLLING_INTERVAL` | Time between DNS propagation check | +| `DNSIMPLE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `DNSIMPLE_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://developer.dnsimple.com/v2/) +- [Go client](https://github.com/dnsimple/dnsimple-go) + + + + diff --git a/docs/content/dns/zz_gen_dnsmadeeasy.md b/docs/content/dns/zz_gen_dnsmadeeasy.md new file mode 100644 index 00000000..5841f210 --- /dev/null +++ b/docs/content/dns/zz_gen_dnsmadeeasy.md @@ -0,0 +1,54 @@ +--- +title: "DNS Made Easy" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: dnsmadeeasy +--- + + + + + + +Configuration for [DNS Made Easy](https://dnsmadeeasy.com/). + + + + +- Code: `dnsmadeeasy` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `DNSMADEEASY_API_KEY` | The API key | +| `DNSMADEEASY_API_SECRET` | The API Secret key | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `DNSMADEEASY_HTTP_TIMEOUT` | API request timeout | +| `DNSMADEEASY_POLLING_INTERVAL` | Time between DNS propagation check | +| `DNSMADEEASY_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `DNSMADEEASY_SANDBOX` | Activate the sandbox (boolean) | +| `DNSMADEEASY_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://api-docs.dnsmadeeasy.com/) + + + + diff --git a/docs/content/dns/zz_gen_dnspod.md b/docs/content/dns/zz_gen_dnspod.md new file mode 100644 index 00000000..76b0f81c --- /dev/null +++ b/docs/content/dns/zz_gen_dnspod.md @@ -0,0 +1,53 @@ +--- +title: "DNSPod" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: dnspod +--- + + + + + + +Configuration for [DNSPod](http://www.dnspod.com/). + + + + +- Code: `dnspod` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `DNSPOD_API_KEY` | The user token | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `DNSPOD_HTTP_TIMEOUT` | API request timeout | +| `DNSPOD_POLLING_INTERVAL` | Time between DNS propagation check | +| `DNSPOD_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `DNSPOD_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://www.dnspod.com/docs/index.html) +- [Go client](https://github.com/decker502/dnspod-go) + + + + diff --git a/docs/content/dns/zz_gen_dreamhost.md b/docs/content/dns/zz_gen_dreamhost.md new file mode 100644 index 00000000..01f90f5f --- /dev/null +++ b/docs/content/dns/zz_gen_dreamhost.md @@ -0,0 +1,52 @@ +--- +title: "DreamHost" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: dreamhost +--- + + + + + + +Configuration for [DreamHost](https://www.dreamhost.com). + + + + +- Code: `dreamhost` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `DREAMHOST_API_KEY` | The API key | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `DREAMHOST_HTTP_TIMEOUT` | API request timeout | +| `DREAMHOST_POLLING_INTERVAL` | Time between DNS propagation check | +| `DREAMHOST_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `DREAMHOST_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://help.dreamhost.com/hc/en-us/articles/217560167-API_overview) + + + + diff --git a/docs/content/dns/zz_gen_duckdns.md b/docs/content/dns/zz_gen_duckdns.md new file mode 100644 index 00000000..3c891588 --- /dev/null +++ b/docs/content/dns/zz_gen_duckdns.md @@ -0,0 +1,53 @@ +--- +title: "Duck DNS" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: duckdns +--- + + + + + + +Configuration for [Duck DNS](https://www.duckdns.org/). + + + + +- Code: `duckdns` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `DUCKDNS_TOKEN` | Account token | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `DUCKDNS_HTTP_TIMEOUT` | API request timeout | +| `DUCKDNS_POLLING_INTERVAL` | Time between DNS propagation check | +| `DUCKDNS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `DUCKDNS_SEQUENCE_INTERVAL` | Interval between iteration | +| `DUCKDNS_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://www.duckdns.org/spec.jsp) + + + + diff --git a/docs/content/dns/zz_gen_dyn.md b/docs/content/dns/zz_gen_dyn.md new file mode 100644 index 00000000..10271700 --- /dev/null +++ b/docs/content/dns/zz_gen_dyn.md @@ -0,0 +1,54 @@ +--- +title: "Dyn" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: dyn +--- + + + + + + +Configuration for [Dyn](https://dyn.com/). + + + + +- Code: `dyn` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `DYN_CUSTOMER_NAME` | Customer name | +| `DYN_PASSWORD` | Paswword | +| `DYN_USER_NAME` | User name | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `DYN_HTTP_TIMEOUT` | API request timeout | +| `DYN_POLLING_INTERVAL` | Time between DNS propagation check | +| `DYN_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `DYN_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://help.dyn.com/rest/) + + + + diff --git a/docs/content/dns/zz_gen_exec.md b/docs/content/dns/zz_gen_exec.md new file mode 100644 index 00000000..e6114e6a --- /dev/null +++ b/docs/content/dns/zz_gen_exec.md @@ -0,0 +1,133 @@ +--- +title: "External program" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: exec +--- + + + + + +Solving the DNS-01 challenge using an external program. + + + + +- Code: `exec` + +Here is an example bash command using the External program provider: + +```bash +EXEC_PATH=/the/path/to/myscript.sh \ +lego --dns exec --domains my.domain.com --email my@email.com run +``` + + + + + +## Base Configuration + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `EXEC_MODE` | `RAW`, none | +| `EXEC_PATH` | TODO | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `EXEC_POLLING_INTERVAL` | Time between DNS propagation check | +| `EXEC_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | + + +## Description + +The file name of the external program is specified in the environment variable `EXEC_PATH`. + +When it is run by lego, three command-line parameters are passed to it: +The action ("present" or "cleanup"), the fully-qualified domain name and the value for the record. + +For example, requesting a certificate for the domain 'foo.example.com' can be achieved by calling lego as follows: + +```bash +EXEC_PATH=./update-dns.sh \ + lego --dns exec \ + --domains foo.example.com \ + --email invalid@example.com run +``` + +It will then call the program './update-dns.sh' with like this: + +```bash +./update-dns.sh "present" "_acme-challenge.foo.example.com." "MsijOYZxqyjGnFGwhjrhfg-Xgbl5r68WPda0J9EgqqI" +``` + +The program then needs to make sure the record is inserted. +When it returns an error via a non-zero exit code, lego aborts. + +When the record is to be removed again, +the program is called with the first command-line parameter set to `cleanup` instead of `present`. + +If you want to use the raw domain, token, and keyAuth values with your program, you can set `EXEC_MODE=RAW`: + +```bash +EXEC_MODE=RAW \ +EXEC_PATH=./update-dns.sh \ + lego --dns exec \ + --domains foo.example.com \ + --email invalid@example.com run +``` + +It will then call the program `./update-dns.sh` like this: + +```bash +./update-dns.sh "present" "foo.example.com." "--" "some-token" "KxAy-J3NwUmg9ZQuM-gP_Mq1nStaYSaP9tYQs5_-YsE.ksT-qywTd8058G-SHHWA3RAN72Pr0yWtPYmmY5UBpQ8" +``` + +## Commands + +{{% notice note %}} +The `--` is because the token MAY start with a `-`, and the called program may try and interpret a `-` as indicating a flag. +In the case of urfave, which is commonly used, +you can use the `--` delimiter to specify the start of positional arguments, and handle such a string safely. +{{% /notice %}} + +### Present + +| Mode | Command | +|---------|----------------------------------------------------| +| default | `myprogram present -- ` | +| `RAW` | `myprogram present -- ` | + +### Cleanup + +| Mode | Command | +|---------|----------------------------------------------------| +| default | `myprogram cleanup -- ` | +| `RAW` | `myprogram cleanup -- ` | + +### Timeout + +The command have to display propagation timeout and polling interval into Stdout. + +The values must be formatted as JSON, and times are in seconds. +Example: `{"timeout": 30, "interval": 5}` + +If an error occurs or if the command is not provided: +the default display propagation timeout and polling interval are used. + +| Mode | Command | +|---------|----------------------------------------------------| +| default | `myprogram timeout` | +| `RAW` | `myprogram timeout` | + + + + + + + + diff --git a/docs/content/dns/zz_gen_exoscale.md b/docs/content/dns/zz_gen_exoscale.md new file mode 100644 index 00000000..f764f3d4 --- /dev/null +++ b/docs/content/dns/zz_gen_exoscale.md @@ -0,0 +1,55 @@ +--- +title: "Exoscale" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: exoscale +--- + + + + + + +Configuration for [Exoscale](https://www.exoscale.com/). + + + + +- Code: `exoscale` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `EXOSCALE_API_KEY` | API key | +| `EXOSCALE_API_SECRET` | API secret | +| `EXOSCALE_ENDPOINT` | API endpoint URL | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `EXOSCALE_HTTP_TIMEOUT` | API request timeout | +| `EXOSCALE_POLLING_INTERVAL` | Time between DNS propagation check | +| `EXOSCALE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `EXOSCALE_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://community.exoscale.com/documentation/dns/api/) +- [Go client](https://github.com/exoscale/egoscale) + + + + diff --git a/docs/content/dns/zz_gen_fastdns.md b/docs/content/dns/zz_gen_fastdns.md new file mode 100644 index 00000000..c46f23b6 --- /dev/null +++ b/docs/content/dns/zz_gen_fastdns.md @@ -0,0 +1,55 @@ +--- +title: "FastDNS" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: fastdns +--- + + + + + + +Configuration for [FastDNS](https://www.akamai.com/us/en/products/security/fast-dns.jsp). + + + + +- Code: `fastdns` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `AKAMAI_ACCESS_TOKEN` | Access token | +| `AKAMAI_CLIENT_SECRET` | Client secret | +| `AKAMAI_CLIENT_TOKEN` | Client token | +| `AKAMAI_HOST` | API host | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `AKAMAI_POLLING_INTERVAL` | Time between DNS propagation check | +| `AKAMAI_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `AKAMAI_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://developer.akamai.com/api/web_performance/fast_dns_record_management/v1.html) +- [Go client](https://github.com/akamai/AkamaiOPEN-edgegrid-golang) + + + + diff --git a/docs/content/dns/zz_gen_gandi.md b/docs/content/dns/zz_gen_gandi.md new file mode 100644 index 00000000..feb2aa4d --- /dev/null +++ b/docs/content/dns/zz_gen_gandi.md @@ -0,0 +1,52 @@ +--- +title: "Gandi" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: gandi +--- + + + + + + +Configuration for [Gandi](https://www.gandi.net). + + + + +- Code: `gandi` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `GANDI_API_KEY` | API key | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `GANDI_HTTP_TIMEOUT` | API request timeout | +| `GANDI_POLLING_INTERVAL` | Time between DNS propagation check | +| `GANDI_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `GANDI_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](http://doc.rpc.gandi.net/index.html) + + + + diff --git a/docs/content/dns/zz_gen_gandiv5.md b/docs/content/dns/zz_gen_gandiv5.md new file mode 100644 index 00000000..b3b5ac1b --- /dev/null +++ b/docs/content/dns/zz_gen_gandiv5.md @@ -0,0 +1,52 @@ +--- +title: "Gandi Live DNS (v5)" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: gandiv5 +--- + + + + + + +Configuration for [Gandi Live DNS (v5)](https://www.gandi.net). + + + + +- Code: `gandiv5` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `GANDIV5_API_KEY` | API key | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `GANDIV5_HTTP_TIMEOUT` | API request timeout | +| `GANDIV5_POLLING_INTERVAL` | Time between DNS propagation check | +| `GANDIV5_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `GANDIV5_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](http://doc.livedns.gandi.net) + + + + diff --git a/docs/content/dns/zz_gen_gcloud.md b/docs/content/dns/zz_gen_gcloud.md new file mode 100644 index 00000000..de08207a --- /dev/null +++ b/docs/content/dns/zz_gen_gcloud.md @@ -0,0 +1,55 @@ +--- +title: "Google Cloud" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: gcloud +--- + + + + + + +Configuration for [Google Cloud](https://cloud.google.com). + + + + +- Code: `gcloud` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `Application Default Credentials` | [Documentation](https://cloud.google.com/docs/authentication/production#providing_credentials_to_your_application) | +| `GCE_PROJECT` | Project name | +| `GCE_SERVICE_ACCOUNT` | Account | +| `GCE_SERVICE_ACCOUNT_FILE` | Account file path | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `GCE_POLLING_INTERVAL` | Time between DNS propagation check | +| `GCE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `GCE_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://community.exoscale.com/documentation/dns/api/) +- [Go client](https://github.com/googleapis/google-api-go-client) + + + + diff --git a/docs/content/dns/zz_gen_glesys.md b/docs/content/dns/zz_gen_glesys.md new file mode 100644 index 00000000..5413d90b --- /dev/null +++ b/docs/content/dns/zz_gen_glesys.md @@ -0,0 +1,53 @@ +--- +title: "Glesys" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: glesys +--- + + + + + + +Configuration for [Glesys](https://glesys.com/). + + + + +- Code: `glesys` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `GLESYS_API_KEY` | API key | +| `GLESYS_API_USER` | API user | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `GLESYS_HTTP_TIMEOUT` | API request timeout | +| `GLESYS_POLLING_INTERVAL` | Time between DNS propagation check | +| `GLESYS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `GLESYS_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://github.com/GleSYS/API/wiki/API-Documentation) + + + + diff --git a/docs/content/dns/zz_gen_godaddy.md b/docs/content/dns/zz_gen_godaddy.md new file mode 100644 index 00000000..1458ed15 --- /dev/null +++ b/docs/content/dns/zz_gen_godaddy.md @@ -0,0 +1,54 @@ +--- +title: "Go Daddy" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: godaddy +--- + + + + + + +Configuration for [Go Daddy](https://godaddy.com). + + + + +- Code: `godaddy` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `GODADDY_API_KEY` | **TODO** | +| `GODADDY_API_SECRET` | **TODO** | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `GODADDY_HTTP_TIMEOUT` | API request timeout | +| `GODADDY_POLLING_INTERVAL` | Time between DNS propagation check | +| `GODADDY_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `GODADDY_SEQUENCE_INTERVAL` | Interval between iteration | +| `GODADDY_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://developer.godaddy.com/doc/endpoint/domains) + + + + diff --git a/docs/content/dns/zz_gen_hostingde.md b/docs/content/dns/zz_gen_hostingde.md new file mode 100644 index 00000000..5b927633 --- /dev/null +++ b/docs/content/dns/zz_gen_hostingde.md @@ -0,0 +1,53 @@ +--- +title: "Hosting.de" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: hostingde +--- + + + + + + +Configuration for [Hosting.de](https://www.hosting.de/). + + + + +- Code: `hostingde` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `HOSTINGDE_API_KEY` | **TODO** | +| `HOSTINGDE_ZONE_NAME` | **TODO** | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `HOSTINGDE_HTTP_TIMEOUT` | API request timeout | +| `HOSTINGDE_POLLING_INTERVAL` | Time between DNS propagation check | +| `HOSTINGDE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `HOSTINGDE_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://www.hosting.de/api/#dns) + + + + diff --git a/docs/content/dns/zz_gen_httpreq.md b/docs/content/dns/zz_gen_httpreq.md new file mode 100644 index 00000000..05c1cb63 --- /dev/null +++ b/docs/content/dns/zz_gen_httpreq.md @@ -0,0 +1,91 @@ +--- +title: "HTTP request" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: httpreq +--- + + + + + + +Configuration for [HTTP request](/dns/httpreq/). + + + + +- Code: `httpreq` + +Here is an example bash command using the HTTP request provider: + +```bash +HTTPREQ_ENDPOINT=http://my.server.com:9090 \ +lego --dns httpreq --domains my.domain.com --email my@email.com run +``` + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `HTTPREQ_ENDPOINT` | The URL of the server | +| `HTTPREQ_MODE` | `RAW`, none | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `HTTPREQ_HTTP_TIMEOUT` | API request timeout | +| `HTTPREQ_PASSWORD` | **TODO** | +| `HTTPREQ_POLLING_INTERVAL` | Time between DNS propagation check | +| `HTTPREQ_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `HTTPREQ_USERNAME` | **TODO** | + +## Description + +The server must provide: + +- `POST` `/present` +- `POST` `/cleanup` + +The URL of the server must be define by `HTTPREQ_ENDPOINT`. + +### Mode + +There are 2 modes (`HTTPREQ_MODE`): + +- default mode: +```json +{ + "fqdn": "_acme-challenge.domain.", + "value": "LHDhK3oGRvkiefQnx7OOczTY5Tic_xZ6HcMOc_gmtoM" +} +``` + +- `RAW` +```json +{ + "domain": "domain", + "token": "token", + "keyAuth": "key" +} +``` + +### Authentication + +Basic authentication (optional) can be set with some environment variables: + +- `HTTPREQ_USERNAME` and `HTTPREQ_PASSWORD` +- both values must be set, otherwise basic authentication is not defined. + + + + + + + + diff --git a/docs/content/dns/zz_gen_iij.md b/docs/content/dns/zz_gen_iij.md new file mode 100644 index 00000000..d1daea31 --- /dev/null +++ b/docs/content/dns/zz_gen_iij.md @@ -0,0 +1,54 @@ +--- +title: "Internet Initiative Japan" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: iij +--- + + + + + + +Configuration for [Internet Initiative Japan](https://www.iij.ad.jp/en/). + + + + +- Code: `iij` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `IIJ_API_ACCESS_KEY` | API access key | +| `IIJ_API_SECRET_KEY` | API secret key | +| `IIJ_DO_SERVICE_CODE` | DO service code | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `IIJ_POLLING_INTERVAL` | Time between DNS propagation check | +| `IIJ_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `IIJ_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](http://manual.iij.jp/p2/pubapi/http://manual.iij.jp/p2/pubapi/) +- [Go client](https://github.com/iij/doapi) + + + + diff --git a/docs/content/dns/zz_gen_inwx.md b/docs/content/dns/zz_gen_inwx.md new file mode 100644 index 00000000..917a7e97 --- /dev/null +++ b/docs/content/dns/zz_gen_inwx.md @@ -0,0 +1,54 @@ +--- +title: "INWX" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: inwx +--- + + + + + + +Configuration for [INWX](https://www.inwx.de/en). + + + + +- Code: `inwx` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `INWX_PASSWORD` | Password | +| `INWX_USERNAME` | Username | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `INWX_POLLING_INTERVAL` | Time between DNS propagation check | +| `INWX_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `INWX_SANDBOX` | Activate the sandbox (boolean) | +| `INWX_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://www.inwx.de/en/help/apidoc) +- [Go client](https://github.com/nrdcg/goinwx) + + + + diff --git a/docs/content/dns/zz_gen_lightsail.md b/docs/content/dns/zz_gen_lightsail.md new file mode 100644 index 00000000..4e904bf4 --- /dev/null +++ b/docs/content/dns/zz_gen_lightsail.md @@ -0,0 +1,53 @@ +--- +title: "Amazon Lightsail" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: lightsail +--- + + + + + + +Configuration for [Amazon Lightsail](https://aws.amazon.com/lightsail/). + + + + +- Code: `lightsail` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `AWS_ACCESS_KEY_ID` | Access key ID | +| `AWS_SECRET_ACCESS_KEY` | Secret access key | +| `DNS_ZONE` | DNS zone | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `LIGHTSAIL_POLLING_INTERVAL` | Time between DNS propagation check | +| `LIGHTSAIL_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | + + + + +## More information + + +- [Go client](https://github.com/aws/aws-sdk-go/aws) + + + + diff --git a/docs/content/dns/zz_gen_linode.md b/docs/content/dns/zz_gen_linode.md new file mode 100644 index 00000000..6b6113b1 --- /dev/null +++ b/docs/content/dns/zz_gen_linode.md @@ -0,0 +1,52 @@ +--- +title: "Linode (deprecated)" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: linode +--- + + + + + + +Configuration for [Linode (deprecated)](https://www.linode.com/). + + + + +- Code: `linode` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `LINODE_API_KEY` | API key | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `LINODE_HTTP_TIMEOUT` | API request timeout | +| `LINODE_POLLING_INTERVAL` | Time between DNS propagation check | +| `LINODE_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://www.linode.com/api/dns) +- [Go client](https://github.com/timewasted/linode) + + + + diff --git a/docs/content/dns/zz_gen_linodev4.md b/docs/content/dns/zz_gen_linodev4.md new file mode 100644 index 00000000..317b701a --- /dev/null +++ b/docs/content/dns/zz_gen_linodev4.md @@ -0,0 +1,52 @@ +--- +title: "Linode (v4)" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: linodev4 +--- + + + + + + +Configuration for [Linode (v4)](https://www.linode.com/). + + + + +- Code: `linodev4` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `LINODE_TOKEN` | API token | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `LINODE_HTTP_TIMEOUT` | API request timeout | +| `LINODE_POLLING_INTERVAL` | Time between DNS propagation check | +| `LINODE_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://developers.linode.com/api/v4) +- [Go client](https://github.com/linode/linodego) + + + + diff --git a/docs/content/dns/zz_gen_mydnsjp.md b/docs/content/dns/zz_gen_mydnsjp.md new file mode 100644 index 00000000..ac996c02 --- /dev/null +++ b/docs/content/dns/zz_gen_mydnsjp.md @@ -0,0 +1,53 @@ +--- +title: "MyDNS.jp" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: mydnsjp +--- + + + + + + +Configuration for [MyDNS.jp](https://www.mydns.jp). + + + + +- Code: `mydnsjp` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `MYDNSJP_MASTER_ID` | Master ID | +| `MYDNSJP_PASSWORD` | Password | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `MYDNSJP_HTTP_TIMEOUT` | API request timeout | +| `MYDNSJP_POLLING_INTERVAL` | Time between DNS propagation check | +| `MYDNSJP_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `MYDNSJP_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://www.mydns.jp/?MENU=030) + + + + diff --git a/docs/content/dns/zz_gen_namecheap.md b/docs/content/dns/zz_gen_namecheap.md new file mode 100644 index 00000000..ba4197dd --- /dev/null +++ b/docs/content/dns/zz_gen_namecheap.md @@ -0,0 +1,53 @@ +--- +title: "Namecheap" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: namecheap +--- + + + + + + +Configuration for [Namecheap](https://www.namecheap.com). + + + + +- Code: `namecheap` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `NAMECHEAP_API_KEY` | API key | +| `NAMECHEAP_API_USER` | API user | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `NAMECHEAP_HTTP_TIMEOUT` | API request timeout | +| `NAMECHEAP_POLLING_INTERVAL` | Time between DNS propagation check | +| `NAMECHEAP_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `NAMECHEAP_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://www.namecheap.com/support/api/methods.aspx) + + + + diff --git a/docs/content/dns/zz_gen_namedotcom.md b/docs/content/dns/zz_gen_namedotcom.md new file mode 100644 index 00000000..7f7ba304 --- /dev/null +++ b/docs/content/dns/zz_gen_namedotcom.md @@ -0,0 +1,54 @@ +--- +title: "Name.com" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: namedotcom +--- + + + + + + +Configuration for [Name.com](https://www.name.com). + + + + +- Code: `namedotcom` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `NAMECOM_API_TOKEN` | API token | +| `NAMECOM_USERNAME` | Username | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `NAMECOM_HTTP_TIMEOUT` | API request timeout | +| `NAMECOM_POLLING_INTERVAL` | Time between DNS propagation check | +| `NAMECOM_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `NAMECOM_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://www.name.com/api-docs/DNS) +- [Go client](https://github.com/namedotcom/go) + + + + diff --git a/docs/content/dns/zz_gen_netcup.md b/docs/content/dns/zz_gen_netcup.md new file mode 100644 index 00000000..4c42da06 --- /dev/null +++ b/docs/content/dns/zz_gen_netcup.md @@ -0,0 +1,54 @@ +--- +title: "Netcup" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: netcup +--- + + + + + + +Configuration for [Netcup](https://www.netcup.eu/). + + + + +- Code: `netcup` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `NETCUP_API_KEY` | API key | +| `NETCUP_API_PASSWORD` | API password | +| `NETCUP_CUSTOMER_NUMBER` | Customer number | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `NETCUP_HTTP_TIMEOUT` | API request timeout | +| `NETCUP_POLLING_INTERVAL` | Time between DNS propagation check | +| `NETCUP_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `NETCUP_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://www.netcup-wiki.de/wiki/DNS_API) + + + + diff --git a/docs/content/dns/zz_gen_nifcloud.md b/docs/content/dns/zz_gen_nifcloud.md new file mode 100644 index 00000000..253b4f7a --- /dev/null +++ b/docs/content/dns/zz_gen_nifcloud.md @@ -0,0 +1,53 @@ +--- +title: "NIFCloud" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: nifcloud +--- + + + + + + +Configuration for [NIFCloud](https://www.nifcloud.com/). + + + + +- Code: `nifcloud` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `NIFCLOUD_ACCESS_KEY_ID` | Access key | +| `NIFCLOUD_SECRET_ACCESS_KEY` | Secret access key | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `NIFCLOUD_HTTP_TIMEOUT` | API request timeout | +| `NIFCLOUD_POLLING_INTERVAL` | Time between DNS propagation check | +| `NIFCLOUD_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `NIFCLOUD_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://mbaas.nifcloud.com/doc/current/rest/common/format.html) + + + + diff --git a/docs/content/dns/zz_gen_ns1.md b/docs/content/dns/zz_gen_ns1.md new file mode 100644 index 00000000..609b1e41 --- /dev/null +++ b/docs/content/dns/zz_gen_ns1.md @@ -0,0 +1,53 @@ +--- +title: "NS1" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: ns1 +--- + + + + + + +Configuration for [NS1](https://ns1.com). + + + + +- Code: `ns1` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `NS1_API_KEY` | API key | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `NS1_HTTP_TIMEOUT` | API request timeout | +| `NS1_POLLING_INTERVAL` | Time between DNS propagation check | +| `NS1_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `NS1_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://ns1.com/api) +- [Go client](https://github.com/ns1/ns1-go) + + + + diff --git a/docs/content/dns/zz_gen_oraclecloud.md b/docs/content/dns/zz_gen_oraclecloud.md new file mode 100644 index 00000000..42bad2ea --- /dev/null +++ b/docs/content/dns/zz_gen_oraclecloud.md @@ -0,0 +1,67 @@ +--- +title: "Oracle Cloud" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: oraclecloud +--- + + + + + + +Configuration for [Oracle Cloud](https://cloud.oracle.com/home). + + + + +- Code: `oraclecloud` + +Here is an example bash command using the Oracle Cloud provider: + +```bash +OCI_PRIVKEY_FILE="~/.oci/oci_api_key.pem" \ +OCI_PRIVKEY_PASS="secret" \ +OCI_TENANCY_OCID="ocid1.tenancy.oc1..secret" \ +OCI_USER_OCID="ocid1.user.oc1..secret" \ +OCI_PUBKEY_FINGERPRINT="00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" \ +OCI_REGION="us-phoenix-1" \ +OCI_COMPARTMENT_OCID="ocid1.tenancy.oc1..secret" \ +lego --dns oraclecloud --domains my.domain.com --email my@email.com run +``` + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `OCI_COMPARTMENT_OCID` | Compartment OCID | +| `OCI_PRIVKEY_FILE` | Private key file | +| `OCI_PRIVKEY_PASS` | Private key password | +| `OCI_PUBKEY_FINGERPRINT` | Public key fingerprint | +| `OCI_REGION` | Region | +| `OCI_TENANCY_OCID` | Tenanct OCID | +| `OCI_USER_OCID` | User OCID | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `OCI_POLLING_INTERVAL` | Time between DNS propagation check | +| `OCI_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `OCI_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnszonemanagement.htm) +- [Go client](https://github.com/oracle/oci-go-sdk) + + + + diff --git a/docs/content/dns/zz_gen_otc.md b/docs/content/dns/zz_gen_otc.md new file mode 100644 index 00000000..119bcfc5 --- /dev/null +++ b/docs/content/dns/zz_gen_otc.md @@ -0,0 +1,56 @@ +--- +title: "Open Telekom Cloud" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: otc +--- + + + + + + +Configuration for [Open Telekom Cloud](https://cloud.telekom.de/en). + + + + +- Code: `otc` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `OTC_DOMAIN_NAME` | Domain name | +| `OTC_IDENTITY_ENDPOINT` | Identity endpoint URL | +| `OTC_PASSWORD` | Password | +| `OTC_PROJECT_NAME` | Project name | +| `OTC_USER_NAME` | User name | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `OTC_HTTP_TIMEOUT` | API request timeout | +| `OTC_POLLING_INTERVAL` | Time between DNS propagation check | +| `OTC_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `OTC_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://docs.otc.t-systems.com/en-us/dns/index.html) + + + + diff --git a/docs/content/dns/zz_gen_ovh.md b/docs/content/dns/zz_gen_ovh.md new file mode 100644 index 00000000..5b897df4 --- /dev/null +++ b/docs/content/dns/zz_gen_ovh.md @@ -0,0 +1,56 @@ +--- +title: "OVH" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: ovh +--- + + + + + + +Configuration for [OVH](https://www.ovh.com/). + + + + +- Code: `ovh` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `OVH_APPLICATION_KEY` | Application key | +| `OVH_APPLICATION_SECRET` | Application secret | +| `OVH_CONSUMER_KEY` | Consumer key | +| `OVH_ENDPOINT` | Endpoint URL (ovh-eu or ovh-ca) | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `OVH_HTTP_TIMEOUT` | API request timeout | +| `OVH_POLLING_INTERVAL` | Time between DNS propagation check | +| `OVH_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `OVH_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://eu.api.ovh.com/) +- [Go client](https://github.com/ovh/go-ovh) + + + + diff --git a/docs/content/dns/zz_gen_pdns.md b/docs/content/dns/zz_gen_pdns.md new file mode 100644 index 00000000..f8834e9e --- /dev/null +++ b/docs/content/dns/zz_gen_pdns.md @@ -0,0 +1,60 @@ +--- +title: "PowerDNS" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: pdns +--- + + + + + + +Configuration for [PowerDNS](https://www.powerdns.com/). + + + + +- Code: `pdns` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `PDNS_API_KEY` | API key | +| `PDNS_API_URL` | API url | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `PDNS_HTTP_TIMEOUT` | API request timeout | +| `PDNS_POLLING_INTERVAL` | Time between DNS propagation check | +| `PDNS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `PDNS_TTL` | The TTL of the TXT record used for the DNS challenge | + +## Information + +Tested and confirmed to work with PowerDNS authoritative server 3.4.8 and 4.0.1. Refer to [PowerDNS documentation](https://doc.powerdns.com/md/httpapi/README/) instructions on how to enable the built-in API interface. + +PowerDNS Notes: +- PowerDNS API does not currently support SSL, therefore you should take care to ensure that traffic between lego and the PowerDNS API is over a trusted network, VPN etc. +- In order to have the SOA serial automatically increment each time the `_acme-challenge` record is added/modified via the API, set `SOA-EDIT-API` to `INCEPTION-INCREMENT` for the zone in the `domainmetadata` table + + + +## More information + +- [API documentation](https://doc.powerdns.com/md/httpapi/README/) + + + + diff --git a/docs/content/dns/zz_gen_rackspace.md b/docs/content/dns/zz_gen_rackspace.md new file mode 100644 index 00000000..67113418 --- /dev/null +++ b/docs/content/dns/zz_gen_rackspace.md @@ -0,0 +1,53 @@ +--- +title: "Rackspace" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: rackspace +--- + + + + + + +Configuration for [Rackspace](https://www.rackspace.com/). + + + + +- Code: `rackspace` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `RACKSPACE_API_KEY` | API key | +| `RACKSPACE_USER` | API user | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `RACKSPACE_HTTP_TIMEOUT` | API request timeout | +| `RACKSPACE_POLLING_INTERVAL` | Time between DNS propagation check | +| `RACKSPACE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `RACKSPACE_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://developer.rackspace.com/docs/cloud-dns/v1/) + + + + diff --git a/docs/content/dns/zz_gen_rfc2136.md b/docs/content/dns/zz_gen_rfc2136.md new file mode 100644 index 00000000..22140092 --- /dev/null +++ b/docs/content/dns/zz_gen_rfc2136.md @@ -0,0 +1,56 @@ +--- +title: "RFC2136" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: rfc2136 +--- + + + + + + +Configuration for [RFC2136](https://tools.ietf.org/html/rfc2136). + + + + +- Code: `rfc2136` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `RFC2136_NAMESERVER` | Network address in the form "host" or "host:port" | +| `RFC2136_TSIG_ALGORITHM` | TSIG algorythm. See [miekg/dns#tsig.go](https://github.com/miekg/dns/blob/master/tsig.go) for supported values. To disable TSIG authentication, leave the `RFC2136_TSIG*` variables unset. | +| `RFC2136_TSIG_KEY` | Name of the secret key as defined in DNS server configuration. To disable TSIG authentication, leave the `RFC2136_TSIG*` variables unset. | +| `RFC2136_TSIG_SECRET` | Secret key payload. To disable TSIG authentication, leave the` RFC2136_TSIG*` variables unset. | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `RFC2136_DNS_TIMEOUT` | API request timeout | +| `RFC2136_POLLING_INTERVAL` | Time between DNS propagation check | +| `RFC2136_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `RFC2136_SEQUENCE_INTERVAL` | Interval between iteration | +| `RFC2136_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://tools.ietf.org/html/rfc2136) + + + + diff --git a/docs/content/dns/zz_gen_route53.md b/docs/content/dns/zz_gen_route53.md new file mode 100644 index 00000000..48ae58b7 --- /dev/null +++ b/docs/content/dns/zz_gen_route53.md @@ -0,0 +1,98 @@ +--- +title: "Amazon Route 53" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: route53 +--- + + + + + + +Configuration for [Amazon Route 53](https://aws.amazon.com/route53/). + + + + +- Code: `route53` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `AWS_ACCESS_KEY_ID` | | +| `AWS_HOSTED_ZONE_ID` | | +| `AWS_REGION` | | +| `AWS_SECRET_ACCESS_KEY` | | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `AWS_POLLING_INTERVAL` | Time between DNS propagation check | +| `AWS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `AWS_TTL` | The TTL of the TXT record used for the DNS challenge | + +## Description + +AWS Credentials are automatically detected in the following locations and prioritized in the following order: + +1. Environment variables: `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, `AWS_REGION`, [`AWS_SESSION_TOKEN`] +2. Shared credentials file (defaults to `~/.aws/credentials`) +3. Amazon EC2 IAM role + +If `AWS_HOSTED_ZONE_ID` is not set, Lego tries to determine the correct public hosted zone via the FQDN. + +See also: [configuring-sdk](https://github.com/aws/aws-sdk-go/wiki/configuring-sdk) + +## Policy + +The following AWS IAM policy document describes the permissions required for lego to complete the DNS challenge. + +```json +{ + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "", + "Effect": "Allow", + "Action": [ + "route53:GetChange", + "route53:ChangeResourceRecordSets", + "route53:ListResourceRecordSets" + ], + "Resource": [ + "arn:aws:route53:::hostedzone/*", + "arn:aws:route53:::change/*" + ] + }, + { + "Sid": "", + "Effect": "Allow", + "Action": "route53:ListHostedZonesByName", + "Resource": "*" + } + ] +} +``` + + + + +## More information + +- [API documentation](https://docs.aws.amazon.com/Route53/latest/APIReference/API_Operations_Amazon_Route_53.html) +- [Go client](https://github.com/aws/aws-sdk-go/aws) + + + + diff --git a/docs/content/dns/zz_gen_sakuracloud.md b/docs/content/dns/zz_gen_sakuracloud.md new file mode 100644 index 00000000..69b734d3 --- /dev/null +++ b/docs/content/dns/zz_gen_sakuracloud.md @@ -0,0 +1,53 @@ +--- +title: "Sakura Cloud" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: sakuracloud +--- + + + + + + +Configuration for [Sakura Cloud](https://cloud.sakura.ad.jp/). + + + + +- Code: `sakuracloud` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `SAKURACLOUD_ACCESS_TOKEN` | Access token | +| `SAKURACLOUD_ACCESS_TOKEN_SECRET` | Access token secret | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `SAKURACLOUD_POLLING_INTERVAL` | Time between DNS propagation check | +| `SAKURACLOUD_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `SAKURACLOUD_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://developer.sakura.ad.jp/cloud/api/1.1/) +- [Go client](https://github.com/sacloud/libsacloud) + + + + diff --git a/docs/content/dns/zz_gen_selectel.md b/docs/content/dns/zz_gen_selectel.md new file mode 100644 index 00000000..ba452036 --- /dev/null +++ b/docs/content/dns/zz_gen_selectel.md @@ -0,0 +1,53 @@ +--- +title: "Selectel" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: selectel +--- + + + + + + +Configuration for [Selectel](https://kb.selectel.com/). + + + + +- Code: `selectel` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `SELECTEL_API_TOKEN` | API token | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `SELECTEL_BASE_URL` | API endpoint URL | +| `SELECTEL_HTTP_TIMEOUT` | API request timeout | +| `SELECTEL_POLLING_INTERVAL` | Time between DNS propagation check | +| `SELECTEL_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `SELECTEL_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://kb.selectel.com/23136054.html) + + + + diff --git a/docs/content/dns/zz_gen_stackpath.md b/docs/content/dns/zz_gen_stackpath.md new file mode 100644 index 00000000..04047729 --- /dev/null +++ b/docs/content/dns/zz_gen_stackpath.md @@ -0,0 +1,53 @@ +--- +title: "Stackpath" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: stackpath +--- + + + + + + +Configuration for [Stackpath](https://www.stackpath.com/). + + + + +- Code: `stackpath` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `STACKPATH_CLIENT_ID` | Client ID | +| `STACKPATH_CLIENT_SECRET` | Client secret | +| `STACKPATH_STACK_ID` | Stack ID | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `STACKPATH_POLLING_INTERVAL` | Time between DNS propagation check | +| `STACKPATH_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `STACKPATH_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://developer.stackpath.com/en/api/dns/#tag/Zone) + + + + diff --git a/docs/content/dns/zz_gen_transip.md b/docs/content/dns/zz_gen_transip.md new file mode 100644 index 00000000..ad3457b1 --- /dev/null +++ b/docs/content/dns/zz_gen_transip.md @@ -0,0 +1,53 @@ +--- +title: "TransIP" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: transip +--- + + + + + + +Configuration for [TransIP](https://www.transip.nl/). + + + + +- Code: `transip` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `TRANSIP_ACCOUNT_NAME` | Account name | +| `TRANSIP_PRIVATE_KEY_PATH` | Private key path | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `TRANSIP_POLLING_INTERVAL` | Time between DNS propagation check | +| `TRANSIP_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `TRANSIP_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://api.transip.nl/docs/transip.nl/package-Transip.html) +- [Go client](https://github.com/transip/gotransip) + + + + diff --git a/docs/content/dns/zz_gen_vegadns.md b/docs/content/dns/zz_gen_vegadns.md new file mode 100644 index 00000000..3958de8f --- /dev/null +++ b/docs/content/dns/zz_gen_vegadns.md @@ -0,0 +1,54 @@ +--- +title: "VegaDNS" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: vegadns +--- + + + + + + +Configuration for [VegaDNS](https://github.com/shupp/VegaDNS-API). + + + + +- Code: `vegadns` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `SECRET_VEGADNS_KEY` | API key | +| `SECRET_VEGADNS_SECRET` | API secret | +| `VEGADNS_URL` | API endpoint URL | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `VEGADNS_POLLING_INTERVAL` | Time between DNS propagation check | +| `VEGADNS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `VEGADNS_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://github.com/shupp/VegaDNS-API) +- [Go client](https://github.com/OpenDNS/vegadns2client) + + + + diff --git a/docs/content/dns/zz_gen_vscale.md b/docs/content/dns/zz_gen_vscale.md new file mode 100644 index 00000000..76e09c94 --- /dev/null +++ b/docs/content/dns/zz_gen_vscale.md @@ -0,0 +1,53 @@ +--- +title: "Vscale" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: vscale +--- + + + + + + +Configuration for [Vscale](https://vscale.io/). + + + + +- Code: `vscale` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `VSCALE_API_TOKEN` | API token | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `VSCALE_BASE_URL` | API enddpoint URL | +| `VSCALE_HTTP_TIMEOUT` | API request timeout | +| `VSCALE_POLLING_INTERVAL` | Time between DNS propagation check | +| `VSCALE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `VSCALE_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://developers.vscale.io/documentation/api/v1/#api-Domains_Records) + + + + diff --git a/docs/content/dns/zz_gen_vultr.md b/docs/content/dns/zz_gen_vultr.md new file mode 100644 index 00000000..8d7ad724 --- /dev/null +++ b/docs/content/dns/zz_gen_vultr.md @@ -0,0 +1,53 @@ +--- +title: "Vultr" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: vultr +--- + + + + + + +Configuration for [Vultr](https://www.vultr.com/). + + + + +- Code: `vultr` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `VULTR_API_KEY` | API key | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `VULTR_HTTP_TIMEOUT` | API request timeout | +| `VULTR_POLLING_INTERVAL` | Time between DNS propagation check | +| `VULTR_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `VULTR_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://www.vultr.com/api/#dns) +- [Go client](https://github.com/JamesClonk/vultr) + + + + diff --git a/docs/content/dns/zz_gen_zoneee.md b/docs/content/dns/zz_gen_zoneee.md new file mode 100644 index 00000000..a04398fc --- /dev/null +++ b/docs/content/dns/zz_gen_zoneee.md @@ -0,0 +1,54 @@ +--- +title: "Zone.ee" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: zoneee +--- + + + + + + +Configuration for [Zone.ee](https://www.zone.ee/). + + + + +- Code: `zoneee` + +{{% notice note %}} +_Please contribute by adding a CLI example._ +{{% /notice %}} + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `ZONEEE_API_KEY` | API key | +| `ZONEEE_API_USER` | API user | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `ZONEEE_ENDPOINT` | API endpoint URL | +| `ZONEEE_HTTP_TIMEOUT` | API request timeout | +| `ZONEEE_POLLING_INTERVAL` | Time between DNS propagation check | +| `ZONEEE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `ZONEEE_TTL` | The TTL of the TXT record used for the DNS challenge | + + + + +## More information + +- [API documentation](https://api.zone.eu/v2) + + + + diff --git a/docs/content/installation/_index.md b/docs/content/installation/_index.md new file mode 100644 index 00000000..4858945a --- /dev/null +++ b/docs/content/installation/_index.md @@ -0,0 +1,35 @@ +--- +title: "Installation" +date: 2019-03-03T16:39:46+01:00 +weight: 1 +draft: false +--- + +## Binaries + +To get the binary just download the latest release for your OS/Arch from [the release page](https://github.com/xenolf/lego/releases) and put the binary somewhere convenient. +lego does not assume anything about the location you run it from. + +## From Docker + +```bash +docker run xenolf/lego -h +``` + +## From package managers + +- [ArchLinux (AUR)](https://aur.archlinux.org/packages/lego): + +```bash +yay -S lego +``` + +**Note**: only the package manager for Arch Linux is officially supported by the lego team. + +## From sources + +To install from sources, just run: + +```bash +go get -u github.com/xenolf/lego/cmd/lego +``` diff --git a/docs/content/usage/_index.md b/docs/content/usage/_index.md new file mode 100644 index 00000000..7a4b3f48 --- /dev/null +++ b/docs/content/usage/_index.md @@ -0,0 +1,8 @@ +--- +title: "Usage" +date: 2019-03-03T16:39:46+01:00 +draft: false +weight: 2 +--- + +{{%children style="h2" description="true" %}} diff --git a/docs/content/usage/cli/_index.md b/docs/content/usage/cli/_index.md new file mode 100644 index 00000000..3b3c0e83 --- /dev/null +++ b/docs/content/usage/cli/_index.md @@ -0,0 +1,94 @@ +--- +title: "CLI" +date: 2019-03-03T16:39:46+01:00 +draft: false +--- + +Lego can be use as a CLI. + + + +## Usage + +{{%expand "CLI help" %}} +```slim +NAME: + lego - Let's Encrypt client written in Go + +USAGE: + lego [global options] command [command options] [arguments...] + +COMMANDS: + run Register an account, then create and install a certificate + revoke Revoke a certificate + renew Renew a certificate + dnshelp Shows additional help for the --dns global option + list Display certificates and accounts information. + help, h Shows a list of commands or help for one command + +GLOBAL OPTIONS: + --domains value, -d value Add a domain to the process. Can be specified multiple times. + --server value, -s value CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client. (default: "https://acme-v02.api.letsencrypt.org/directory") + --accept-tos, -a By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service. + --email value, -m value Email used for registration and recovery contact. + --csr value, -c value Certificate signing request filename, if an external CSR is to be used. + --eab Use External Account Binding for account registration. Requires --kid and --hmac. + --kid value Key identifier from External CA. Used for External Account Binding. + --hmac value MAC key from External CA. Should be in Base64 URL Encoding without padding format. Used for External Account Binding. + --key-type value, -k value Key type to use for private keys. Supported: rsa2048, rsa4096, rsa8192, ec256, ec384. (default: "rsa2048") + --filename value (deprecated) Filename of the generated certificate. + --path value Directory to use for storing the data. (default: "./.lego") + --http Use the HTTP challenge to solve challenges. Can be mixed with other types of challenges. + --http.port value Set the port and interface to use for HTTP based challenges to listen on.Supported: interface:port or :port. (default: ":80") + --http.webroot value Set the webroot folder to use for HTTP based challenges to write directly in a file in .well-known/acme-challenge. + --http.memcached-host value Set the memcached host(s) to use for HTTP based challenges. Challenges will be written to all specified hosts. + --tls Use the TLS challenge to solve challenges. Can be mixed with other types of challenges. + --tls.port value Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port. (default: ":443") + --dns value Solve a DNS challenge using the specified provider. Can be mixed with other types of challenges. Run 'lego dnshelp' for help on usage. + --dns.disable-cp By setting this flag to true, disables the need to wait the propagation of the TXT record to all authoritative name servers. + --dns.resolvers value Set the resolvers to use for performing recursive DNS queries. Supported: host:port. The default is to use the system resolvers, or Google's DNS resolvers if the system's cannot be determined. + --http-timeout value Set the HTTP timeout value to a specific value in seconds. (default: 0) + --dns-timeout value Set the DNS timeout value to a specific value in seconds. Used only when performing authoritative name servers queries. (default: 10) + --pem Generate a .pem file by concatenating the .key and .crt files together. + --cert.timeout value Set the certificate timeout value to a specific value in seconds. Only used when obtaining certificates. (default: 30) + --help, -h show help + --version, -v print the version +``` +{{% /expand%}} + + +When using the standard `--path` option, all certificates and account configurations are saved to a folder `.lego` in the current working directory. + + +## Let's Encrypt ACME server + +lego defaults to communicating with the production Let's Encrypt ACME server. +If you'd like to test something without issuing real certificates, consider using the staging endpoint instead: + +```bash +lego --server=https://acme-staging-v02.api.letsencrypt.org/directory … +``` + +## Sudo + +The CLI does not require root permissions but needs to bind to port 80 and 443 for certain challenges. +To run the CLI without sudo, you have four options: + +- Use setcap 'cap_net_bind_service=+ep' /path/to/program +- Pass the `--http.port` or/and the `--tls.port` option and specify a custom port to bind to. In this case you have to forward port 80/443 to these custom ports (see [Port Usage](usage/cli#port-usage)). +- Pass the `--http.webroot` option and specify the path to your webroot folder. In this case the challenge will be written in a file in `.well-known/acme-challenge/` inside your webroot. +- Pass the `--dns` option and specify a DNS provider. + +## Port Usage + +By default lego assumes it is able to bind to ports 80 and 443 to solve challenges. +If this is not possible in your environment, you can use the `--http.port` and `--tls.port` options to instruct +lego to listen on that interface:port for any incoming challenges. + +If you are using this option, make sure you proxy all of the following traffic to these ports. + +**HTTP Port:** All plaintext HTTP requests to port **80** which begin with a request path of `/.well-known/acme-challenge/` for the HTTP challenge. + +**TLS Port:** All TLS handshakes on port **443** for the TLS-ALPN challenge. + +This traffic redirection is only needed as long as lego solves challenges. As soon as you have received your certificates you can deactivate the forwarding. diff --git a/docs/content/usage/cli/examples.md b/docs/content/usage/cli/examples.md new file mode 100644 index 00000000..9b6c6072 --- /dev/null +++ b/docs/content/usage/cli/examples.md @@ -0,0 +1,48 @@ +--- +title: "Examples" +date: 2019-03-03T16:39:46+01:00 +draft: false +--- + +## CLI Examples + +Assumes the `lego` binary has permission to bind to ports 80 and 443. +You can get a pre-built binary from the [releases](https://github.com/xenolf/lego/releases) page. +If your environment does not allow you to bind to these ports, please read [Port Usage](usage/cli#port-usage). + +### Obtain a certificate + +```bash +lego --email="foo@bar.com" --domains="example.com" --http run +``` + +(Find your certificate in the `.lego` folder of current working directory.) + +### To renew the certificate + +```bash +lego --email="foo@bar.com" --domains="example.com" --http renew +``` + +### To renew the certificate only if it expires within 45 days + +```bash +lego --email="foo@bar.com" --domains="example.com" --http renew --days 45 +``` + +### Obtain a certificate using the DNS challenge + +```bash +AWS_REGION=us-east-1 \ +AWS_ACCESS_KEY_ID=my_id \ +AWS_SECRET_ACCESS_KEY=my_key \ +lego --email="foo@bar.com" --domains="example.com" --dns="route53" run +``` + +### Obtain a certificate given a certificate signing request (CSR) generated by something else + +```bash +lego --email="foo@bar.com" --http --csr=/path/to/csr.pem run +``` + +(lego will infer the domains to be validated based on the contents of the CSR, so make sure the CSR's Common Name and optional SubjectAltNames are set correctly.) diff --git a/docs/content/usage/library/Writing-a-Challenge-Solver.md b/docs/content/usage/library/Writing-a-Challenge-Solver.md new file mode 100644 index 00000000..f9edae2a --- /dev/null +++ b/docs/content/usage/library/Writing-a-Challenge-Solver.md @@ -0,0 +1,103 @@ +--- +title: "Writing a Challenge Solver" +date: 2019-03-03T16:39:46+01:00 +draft: false +--- + +Lego can solve multiple ACME challenge types out of the box, but sometimes you have custom requirements. + + + +For example, you may want to write a solver for the DNS-01 challenge that works with a different DNS provider (lego already supports CloudFlare, AWS, DigitalOcean, and others). + +The DNS-01 challenge is advantageous when other challenge types are impossible. +For example, the HTTP-01 challenge doesn't work well behind a load balancer or CDN and the TLS-ALPN-01 challenge breaks behind TLS termination. + +But even if using HTTP-01 or TLS-ALPN-01 challenges, you may have specific needs that lego does not consider by default. + +You can write something called a `challenge.Provider` that implements [this interface](https://godoc.org/github.com/xenolf/lego/challenge#Provider): + +```go +type Provider interface { + Present(domain, token, keyAuth string) error + CleanUp(domain, token, keyAuth string) error +} +``` + +This provides the means to solve a challenge. +First you present a token to the ACME server in a way defined by the challenge type you're solving for, then you "clean up" after the challenge finishes. + +## Writing a challenge.Provider + +Pretend we want to write our own DNS-01 challenge provider (other challenge types have different requirements but the same principles apply). + +This will let us prove ownership of domain names parked at a new, imaginary DNS service called BestDNS without having to start our own HTTP server. +BestDNS has an API that, given an authentication token, allows us to manipulate DNS records. + +This simplistic example has only one field to store the auth token, but in reality you may need to keep more state. + +```go +type DNSProviderBestDNS struct { + apiAuthToken string +} +``` + +We should provide a constructor that returns a *pointer* to the `struct`. +This is important in case we need to maintain state in the `struct`. + +```go +func NewDNSProviderBestDNS(apiAuthToken string) (*DNSProviderBestDNS, error) { + return &DNSProviderBestDNS{apiAuthToken: apiAuthToken}, nil +} +``` + +Now we need to implement the interface. +We'll start with the `Present` method. +You'll be passed the `domain` name for which you're proving ownership, a `token`, and a `keyAuth` string. +How your provider uses `token` and `keyAuth`, or if you even use them at all, depends on the challenge type. +For DNS-01, we'll just use `domain` and `keyAuth`. + +```go +func (d *DNSProviderBestDNS) Present(domain, token, keyAuth string) error { + fqdn, value := dns01.GetRecord(domain, keyAuth) + // make API request to set a TXT record on fqdn with value and ttl + return nil +} +``` + +After calling `dns01.GetRecord(domain, keyAuth)`, we now have the information we need to make our API request and set the TXT record: +- `fqdn` is the fully qualified domain name on which to set the TXT record. +- `value` is the record's value to set on the record. + +So then you make an API request to the DNS service according to their docs. +Once the TXT record is set on the domain, you may return and the challenge will proceed. + +The ACME server will then verify that you did what it required you to do, and once it is finished, lego will call your `CleanUp` method. +In our case, we want to remove the TXT record we just created. + +```go +func (d *DNSProviderBestDNS) CleanUp(domain, token, keyAuth string) error { + // clean up any state you created in Present, like removing the TXT record +} +``` + +In our case, we'd just make another API request to have the DNS record deleted; no need to keep it and clutter the zone file. + +## Using your new challenge.Provider + +To use your new challenge provider, call [`client.Challenge.SetDNS01Provider`](https://godoc.org/github.com/xenolf/lego/challenge/resolver#SolverManager.SetDNS01Provider) to tell lego, "For this challenge, use this provider". +In our case: + +```go +bestDNS, err := NewDNSProviderBestDNS("my-auth-token") +if err != nil { + return err +} + +client.Challenge.SetDNS01Provider(bestDNS) +``` + +Then, when this client tries to solve the DNS-01 challenge, it will use our new provider, which sets TXT records on a domain name hosted by BestDNS. + +That's really all there is to it. +Go make awesome things! diff --git a/docs/content/usage/library/_index.md b/docs/content/usage/library/_index.md new file mode 100644 index 00000000..a697511b --- /dev/null +++ b/docs/content/usage/library/_index.md @@ -0,0 +1,115 @@ +--- +title: "Library" +date: 2019-03-03T16:39:46+01:00 +draft: false +--- + +Lego can be use as a Go Library. + + + +## GoDoc + +The GoDoc can be found here: [GoDoc](https://godoc.org/github.com/xenolf/lego/acme) + +## Usage + +A valid, but bare-bones example use of the acme package: + +```go +package main + +import ( + "crypto" + "crypto/ecdsa" + "crypto/elliptic" + "crypto/rand" + "fmt" + "log" + + "github.com/xenolf/lego/certcrypto" + "github.com/xenolf/lego/certificate" + "github.com/xenolf/lego/challenge/http01" + "github.com/xenolf/lego/challenge/tlsalpn01" + "github.com/xenolf/lego/lego" + "github.com/xenolf/lego/registration" +) + +// You'll need a user or account type that implements acme.User +type MyUser struct { + Email string + Registration *registration.Resource + key crypto.PrivateKey +} + +func (u *MyUser) GetEmail() string { + return u.Email +} +func (u MyUser) GetRegistration() *registration.Resource { + return u.Registration +} +func (u *MyUser) GetPrivateKey() crypto.PrivateKey { + return u.key +} + +func main() { + + // Create a user. New accounts need an email and private key to start. + privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) + if err != nil { + log.Fatal(err) + } + + myUser := MyUser{ + Email: "you@yours.com", + key: privateKey, + } + + config := lego.NewConfig(&myUser) + + // This CA URL is configured for a local dev instance of Boulder running in Docker in a VM. + config.CADirURL = "http://192.168.99.100:4000/directory" + config.Certificate.KeyType = certcrypto.RSA2048 + + // A client facilitates communication with the CA server. + client, err := lego.NewClient(config) + if err != nil { + log.Fatal(err) + } + + // We specify an http port of 5002 and an tls port of 5001 on all interfaces + // because we aren't running as root and can't bind a listener to port 80 and 443 + // (used later when we attempt to pass challenges). Keep in mind that you still + // need to proxy challenge traffic to port 5002 and 5001. + err = client.Challenge.SetHTTP01Provider(http01.NewProviderServer("", "5002")) + if err != nil { + log.Fatal(err) + } + err = client.Challenge.SetTLSALPN01Provider(tlsalpn01.NewProviderServer("", "5001")) + if err != nil { + log.Fatal(err) + } + + // New users will need to register + reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true}) + if err != nil { + log.Fatal(err) + } + myUser.Registration = reg + + request := certificate.ObtainRequest{ + Domains: []string{"mydomain.com"}, + Bundle: true, + } + certificates, err := client.Certificate.Obtain(request) + if err != nil { + log.Fatal(err) + } + + // Each certificate comes back with the cert bytes, the bytes of the client's + // private key, and a certificate URL. SAVE THESE TO DISK. + fmt.Printf("%#v\n", certificates) + + // ... all done. +} +``` diff --git a/docs/layouts/partials/logo.html b/docs/layouts/partials/logo.html new file mode 100644 index 00000000..f91d1ddd --- /dev/null +++ b/docs/layouts/partials/logo.html @@ -0,0 +1 @@ + diff --git a/docs/static/images/logo-white.png b/docs/static/images/logo-white.png new file mode 100644 index 0000000000000000000000000000000000000000..598c5da742509c3af0cc0e6d76577f1fdbc47097 GIT binary patch literal 15331 zcmeHtgFe2I|IWhD}%+W*S}zIeOr3NL>GX02RCCOmgkl?f4gyR5P#ncU16}MKyEYACVES>0cUNSS(i@JMg+C)oF-u)@-~a zO?tPS*h|8?;JUO$5X-&kYrXNJpJH5cN+(XbIz6S*u%!-`x39y>7+c9sGLY|qkM6o% zbotPq>w_AmqT=n4x;t_Y@jhJkyQTYMk?M>`z)?n;kEMd01L5-U-{O7z_&~IH-`Pto==-*A%ttH-<{7V4-y%#^*^Lf` z`)M%T9M|oi9cQ@byk$yx?Bklgz$Q`HPwC}SUAB@-tA0a=W1^}EPJ3Eb7^Z44`r)dq z^|e9~9A?h_U5&5mM3C3G$=Yu6{p+IQENGbl)Twd$x6V+N5VWyzYW`0hCsU>8?&RrI z0AoZpNhE`rw3y8&YWpm|G)VoZ$TeN;k+EN@ZAEp{6^-OU1LWSRy=~EZdF{OdcW&Td zovxPT?I-oBMbBftY3I)UGs$4P{p`tQd%hc3YxkJRg`EcV5W3^abV|%@H-R}E1?RGV z%eyJpUm++bud*@Roamvqnet+pRpT{_F`?4WS$S&Kh|Bjz&KH^O%Yx_4eje=iMIGO} z2Xl0H?gRw4QrcWL?=qTYf6g%^yhf@gwrM{<-Ntatah;2HicY@U*E-K9IrJzPFZdDk z%?Xl<)#bFB&B;7C@+~KI#^(`I^WE$xGK0ptEhig>d^-#sM+=Y16unyaDxHXZT?IA1 z;k+?Whk<0`GcY6i?APm@01iMazb2`Vv3Rg%dULM&N7vYQo%v=hS+vHiHy;+R1D$f7 zqw#|b?mTM}?e<_Nd^nxUD4k+2ou$GBsa)P7an&XMW%B(N7aFjX;Cd! zKby-p{c7~QH73+7>JGTuWE=UoBV4&A6m98Z-fUM-9jwQ5dbDTzRCufKm88?R%BsgU zIU6@Oimw*tnZ&;WB-Xuab&GRze16q9ncUIaXo z7)Rrqy|@LtHRRf>K53G!MXOy$;=CMfES&Dz)*uL@Lt3YO%QS1uY_DSkK9AVDi#|Ou!ZvGR_@yx*h3SSC;>XAEO{9zX#+YnU{#Kga zirqi--ERhf&7!HqQSD3hMLZ6VO{vxWn>XxDtlZYEiem}$n8uZOR+~PVwSpd?bsVhp z%=u6A6?4?C6XP{5BMbZ~*mCVZ=sdo9e=RvGB?uAmQmgn>D}eAH$|%lcd^}=uohQN% zbFT@01EQek8!VKfP*^5?$@B_UZ<%P@(AqP_1|a%||DJlh$fMe!OfEq#u_eUPOi^5K zA+O#v>qmrGHLiz1Y%4NkJkbtX`b$IZWk9n*YZE06o)m7}o4)RcMwkPP@m#N8!l&B}G-Tx}s3z8)N@oZMvN{=e`kO|3foi@&qzPZ_Ec)%(arX9g2-pD`|``bD-S zbz$~%fgjUJW>QHnfDp!7+g8eA3A+raa0|Lvkd>ld#!DT#;9do+lqVL2mCOZgv7-Lz z9Z3J6lvl?QcDaw^N-5vsm4Dm;Cy#6Maq>2oTqTtshxVv8K7S<`@l?(WU|(3{p{qdq zTP}1lXNtK%w1PzPSKxuz_(vN_%Nl=Mx(m(~k~wAz9JpK1&qx;cuDdc%}cQ$P2`%vMLj1p{Zi(>bPhWcb3+|S4V2G~FX}8R6@PB? z_(SQE(bEEAS4=b|3thykD-N%KB5#(`87HzSM?5cE5-OZ}c@EX})hBH`tcrYH3d2H} zSkFnttgw7io2HA$`!xF;Su53+e`GvOT`MJo26Z|Yd<^CL`XXi0@9}3ge0N;{Sy*6- zjAHnnoh?^nbf6f{U3D@Y4E}49T>o*4rV0MfD6Oy=sTH6Fga!+*u071#`mg8SOCvq& z5u!vX#WB7GaDwU#^*b;iXM!}NjYP3u1yWaxQT#}?{bgDlwH!{aM5aw#x`o-~Z>B_U zLQa(#Zl?k5S3c*!FFIvp&Na=6AF#DPH%SrT*-Z+zNoNq^eP8=lB|qngtXw}0zoH=Z zQhOhbp#7ln$+c`&q7~Sn&=!j3qp~A9(0VPYN=t-iLzh(Kfib1D87O5SN4T~QZn3|9a}qwF@RJ$qtpQhf zsWi1;ed8Jr8TAX^m1kOObte=rmD9+>s30mD@))0sus@JZZWOW>2a|lLE{h;Z_{mf7 zArObHHxcnVDcUSubYLr|(}Mc-tBjY2T3e)o_S$YXtZ0eKcN{!|Oz1xpvUH z9Jnwmf0b#II3RI~aqplf`X;m1HKdsLj)`~hW%YZX)`po!ofUqv#Nk~Kid_0-EE@-^ z$ZIU-^jG1<)TxXw+6sgf-cRgteRaL;25JFN|(M zz-GgEM&%GIF4ym9GL9ZD5jQFqh+PD!;~2EIIrCcJ%P{fCE)HNpG~oeh{DLklDOo5S;$v! z!B_4jP<~>R3ZY(GX9dSb?qO~#Bg$IzE>Ro{u`v+;;9sOUn$B}xp3zOTJ4ol5MZTdk zRY++64&Y-8vvMwgZ!U8sDZdglK0)$c8^m7QXlnE`)|6Gd^zk8x6Hd=}=#0fShtc|c zL^X-K{^0esd;no9=O>en5(8KXQ}z#L`!R|@F>TE*?Q0)9_s^c}rByT{ zlj&c^4*iIhc~@N8UP@vBe4HGh1&I6cBQFJqfH#VqZvh}2@32J^;_&N^AeY-i?#H8G zapP%kLnTM8xrz^w9W5n?-;7S?W1-;pWA7geoo|OYF#{ar)Z|Ck8a9*eX;kK2{mq`c zN`fS8Dk;`YUVB!b=r@Qf`4J7-tvt(Z5VUKD$05Et zg)7llp&z17wGlDnZi`=3lZcYP@y%lxj?t2~^TWnsHq(s~8K(-g^B+jhtNK~^j{sIRn2Zh%;*0ee`IO>kmAXk;ki2e^2rGu(d3HwNm5Th ztKy8a)>AISM6zGX7ScW{2`|-`1p`ePp1>~GMY-Omz@Lr_Un??hW+(#TFCW{wjlw*# zwa={DW?qg!4wMwMi(ZfP)02sY?2HGA7?{lJHHWN+qk8AJ&mx+)wEy&usyJM7A3TmM7&wRH04lhSCpLes|^CXZ$jphU{8 z_=o_d*Y{A$C&Ji8fIweT&=OBhkVNC+b!gd*vW4CsHgD;#v5_aSe^?Nbu&$n~gPMw) z>ZA?X4N-P?#PLzNeF2GfUqOw+ROe0a0f&iQDj8ETk$0?$l#Wp#)I4`K@rCGELi|AW1~ zFIX0P8UdUu8rf*`v_!Ao`rh;lQmih=$vtUIRG5DzN@2kAoX)uCvs|L z^4}AdXc5hEhj6({w}*X@XA%pJH@68@NpI4Rj6>m6QxAP6Q7TSkjqoCTlO@9pJS7+D z%+q0)-rSO4W0}iW#}Q;W4>xmXax$G8pE{;}RnesM`wDgu$}+4a4IjXzHj^Voyg8|4 zh#mK)A0xFX)TRHze5n|j-~2spe#GUPfMeeOmHJ;>7b>k+z-o*=ka&^8^8pMp{yr`- zEXH5zOm!@er~U7yVF!Y-Y(*=XNi7Yx6L#$VU<|zz{W#4$GFH`b+o%St5oUkslguMj5OU})+#506Dva6S1kV%p|x*2@%@s+b?(Rx`B zm4}l*M#o93_2U&knTUruvj$IiYSV?}zcf<`srhL)v zb{3H;N7EBN|AQfI^!;h5q3@3v=RH2zjaY2kPC}fiwTeknTtg)aXvAZMo-OXVQ!m~I zDLmzB?KRi;4fuF`^;pj2;=@%X%BurxQYpKI0sy<^b>pACpZI6z?Z7S`36!LUTI&oa zH$__KS^^jM&l9~h77l(i-D5A51#l^5tn)n(g*evgDvA%+hjFRU9`bO(cU3j^008(| z|Gj{|Uu3->zQpweYbfEaVd79wV~?rMeF6ZO0ANLVJ>R+gMZXSn{h;%|V*;4q4EIbT zs-yzEL8d1qCfKb86=_HgF&=~PQZfB-HAZL^7Gp(~6oIOG<0OX|Q>m)9Nd?7Y^5+GK z?|&39vEe*=%#08I5!gM(2>sIMi=Mq+2#5?Cz3j5Axh4=eli8}SKby0^KcERF9R7cI zl(U#&+f6yZ&af=7q-e!_OY+?=Q$`S&2$xU_#A8%{^vs{R7cX#)?Ci9#^aFq;7&SN+ zi4kRPh>YA|??6s`s$tpr<1qtN38FdFMX}F+x;!&8^VCF+0>+{0Ukw*foh#@!X5F?1 z4{R>4$Wo3}>fC&JJ2g{aEl@x@Lr6vX3ae=&{}kbXs*9eP+BkiNFGeXw?8{dhk{mqQ zi`YOIhR(BE>!wfdidhNPlGfsConSa)H0`~!Iaqw*5o$ZdN7@w;S`@Z+JoX#`Y|l9( zM5!R+5LF0iP+cS8t~JdwdS6c0x3R(dPKd2Av~u6Axlzel7;ETS=o3s%qSwu&TmCJ~ z_Y0Ju?&C#>ogMvb5felX*$wuGuOCjW!MX$>#c*zO14eco^Zh?B-nCzclj|*dU@{mqgEs zIkYmE6FgVdyX*N0Zo_8Ivb_SD=(PhAvgba9kS^ER*-hb-c1yE&svv`4O$jVizORrJ zusq~S&*UuZz(CkB-7_2RW;`UH=Tb(;pft8DzlM_s}kdC=uCVlv=SJG>Ke5r?e_ z4nGVZuC%BYhyUfJ^z~=aTf>5;rWQn_Hxa#u>SPVq} z?D>8}QZenb#nc5_{%sT58%hfB0n)eP$>}gcY@f=>LK>Yd@6aZcn9!pTfgkt$3DLIF zcTuYiH&KKLxjP?|yE0o9dj26<#lF*E-i+CI-68 zGyVw%Gme(=DqjVhr=8SEeQe+BXl7KCD2|w$AqPXVg#xb(bA`6ekwRem4g9;fCa!Lu z5YnKKQ}s3`EvI)46>Pa_m~VDhmC0fKl(#2x(x13>NzG4Q6f0R?3=wv{YXX~aZ=c;* z8F6hd-Q36K%riUfT7fP3sI6pjx+n4%5ZBj6;PkE3Y}-vlP<2H3bnH&)v?M#<$UZda zqt%@qIKZ&8b62E_$Lb+>&=s$WimcnzPDTx+gC1oL4-@yLVJ#*+OuUvi@BcYzuNw zHqSye2f!YX&(|{01n9=%$9d4F7cu|99bB;(jghCke`%S0-JYyN%4M*S0pvDw;b2 zHv!WW9RnUbl#hmi)ebf_liI~V507W_&wC@qqcigZfE9WNK&vEpCQ0qEqnMI3)3ShA zu)yIs&A@<8fN$xdB}yeZvM?q*R0~LG@|-R`qLL@{7|bo;;8y{+*KY};7}0I##;xg{ z{BD4PVx#{~5S%vfVwB(f$^{OO@f?&hm=Uj|$_J&DJly5>0Yk%gh%W4b*iC9DT!u2Y zKq&}`hJLR8XA&8$ouBi_@|PPHUt8fPq>XzjjRAEe++tlhvajsxDxwJEn}am%4j{&Q zf32*df_2d9wnJF~k(;_z78NVQ!wQk+-E+TyX~sb@7^R`2AqEyjJ=N4mf}GzWc}d)44Q` zbk$maJEg%kQ;TAYA*Z6BT+8c60s_A^4^ljf;bb1lx7~@J;E%YA5ikEF>+P~ zVBlbQQZfBI587>7C0F5Q>f|%_5jrK5L_KYO4+D!(D6Ow`@}g!_19rC!GsI{$!6By} z_t5^b#KN-j-C|eh9KMcW63oJ&#{dv3b@gU-U?q=tg&^C(YJ1D`W14ettW^Aa+TYm?>o3@vDVucJnIH~$PH zng)EWU)nLwb_-YbV}zYd#Y~+7{Q|xyU#G&?*p*^swU+T<(frOE&&>GOIwXc#+UONN zz;McCh|&Xacj-lP)YJbyeOZ5Xr#6peh8bAWFZ{Lw2mLG+)qVB;bj{(+ZWkdc^gt#~F|2v?GC*N*tZ+z)3nIgpX5&JOBG@&L;nXQ}fF;8pkA*s%HJX%S{aGo$)Le2Jv(6BTZmskazo8F9W zDN_tR?d-VpYEK=Zl5JP(G-M?r$jYLZJ;%|6x@MX#20zga28LnszIajp8V8H;DcwX` zF6qRcMf$^{?QP$B9HgiH{Y4jWAL7SwcOt_@R(`a?a)bJ zT4v_#56o~)qvuoLin*ueQw!||4qpRA;ZWC5TRXe`uLYQcEtTtj<5@ACe>YjIhzL&? z%z`o16E?>iPx0)}|64ZGI3mu2B13qhJbdliXAT$E!1$~V)qu%PuT%F~whVP~06Y5_ zJxT8kb_l8->B1hNv&!@;qQD*?JxDBYutX*f#DuwWMPAp&jE6I{ zIghts#)`v)Y6U|Chyf7${M0WOWNEl25w#XKaQ1!s;-N~;}N-JH(QdAE;q71R!6$seF$zk56 zM76W;xDb^+sr;N zETXYRZxNm-*qiVQX^+KQKFAka$wkaSTBCh+`+wTzQR*`Q%VJb>5O-=g*tq54caXMx zWIlVEe8Ps(3jK+VKIW>8KQJy7!I_C|_+ur8i!q?y#>+BA(c^rpiduQbak)69< z6o)*>L$iuSfRrqY3=Ie>jUKGbdT^anZC21c_&rC}t87g*qU|EX!w;Dw*}9W%aiTlhesV}Z%$-6SuAsl$t^di zdxlqw(XxE}^`8`8;}PiZi2P*17Dh#r)oy!|+Ns3N-<64;WQUd@w`S=6`3@QaPr+Xc zHD$5>0^K;@+0sUhsdCE}!*ta5@=0Ztvp#hbw5TJ!5RHDSbN}6PJp%m2bP#2Xx3Ebiw`8ki81fkbA^5A9|$DjMkfn9qaB*8@U-@Y^T=dZ5A zQ!+y&T#Mji{zcaRHk*5KD9LcasUvcT&u$?YnNo1%tHW_v#Fonls_?Hp=*JAfzoB;} z=LYS@BUT`Y<1pFO6F1bL^YC~5&+#O{I~rfYvgY#Pm(d?v??^`XcRQjl;?V~6Q|=7B z^+~cf#h4zUPg04hy+zU{Og%^rA>bfsqYoiif#hQGvaj48iEE2JzEG5Do}QZyYYmoB z&6+kGdpiEZ>xvE)3mg3btomoZ6?+jbpWs`V_Q`3R2~)37bl~<=ZTbV;4xB#%ZdY#* zmK)P2YPWmDfdJnC%%uYWGICiUO=!xe))?v={R_~qe;eCu{gI*sfMy?Qbx277G$*;g zJq^bMCpQlH<3p4-S*3Mk1xDmw7oBX0oN4Mf^Zlb;_zpRqcG1VcYZUv^2vTh5Aa@fL z*@tKOX${X<($3|wvx%gN;*ayc|BA(Ji-${tdp{@B+)N1oEtt1u{oQ1;AM6|&6)Rcr zX&IwQuYfKfnS&0k@4BRn-6%rU2`g%$ca) zXcgbUj~<)Jltv4fjx2l`V%)g*xKmucAo$8R#in$fW1DyH?5^uzBtqDm}hTp9lD;%KT$ZRu((O4yNP>R(-*uT$mN zh6BL+sD?o|f->B)S<+d?B>&IO%YLO=NOMF4qNH>&*-M8M+sMvoP5-^!sdxkG;yg^< zX9P+CnrB%xK-s{TvhA|vcANslT^YEKeNv_5E(^<35nm9!6ol1zuT1t_37*AG=+5q; zcHB@dEY?4(k4ul1(kyvFQm5AT2H@qszB-6qMco<7_+Qx9P$#t*#?4Pyp8K#VW=88iYAfIVg z3`sRQoCh3iTmzn^uWT6xkzJHT`!<9-y?G2Vs!ct>jlmcRAdF{RouB#VJtiIb#Vmx# zMZ1VeTjJmgDiQh>!_hND3o0h~qAANteXJDDgjFOrc?PQi*QoHdCB^xF|Ju0uin@TZ zPYzCdk{|9-ruj&^@*NIECkj|9ERx=ELMSXNq@rjpd)-N@L?2LmZkMOs$d>+lxYH|AVEI6&YlDsIuFI z;A9J8V@W$ecAarl$=!~JpSLWgk3I;}*k1;!o0`-f4AglVxuPTdii4d%S`Qg$h0R^K zNvIltrf{n95IAhbN%i7$B`iC4s1Pu>`4^bzc@(n`Kd3aQIy2Ey#W@!Bj3YqeXQm@p4{a(a@gKBey zgnW$?47P2EI-}ntuI6Yh?r`Y1=(384J%KncbJ8QS|2Z@N#KuQrj4ctrt6a^rvRIFL z7^+8U!z|H{D`Qd^cZ(UEENMeSfOnZf2`)lC*96F&$^5HP;eQ*#C+%?o+9z`$rrNtv zOpx#+Gt{fW{h!lSr!5&N2Pn=~O@j@@sh|!?jYU;@s(AE$2;5I`ekU+?1Ww#2ixn6& z-AOo7*(&vO(b1E%hf&Q0yCc5g>#q33Qnn`i<54q)A%@{5^MFOoz!2LaiIl+fau9;p zPew;zdPo6whuy;2Tt^nl`MRU*#0lYr*Z{dDqxJqbhCDK3+15nSAnkq$VC7-&B{4>t zx@&vMa>t%oBX6oCj|`rt?ShO}vo0e1jR^x4kYnBuORXU%M*$tuKQu_~T^6J(N&}lV z;h)p2AC$#v1`r-AxLS}@awH;!9a)`9zEb*9`S$U&I$}BP$)IGwvP@2bos4D8E*OyS zEB$ouq!Z_h{>${TqEOyees|BI%CrF~Q!au|b`P*aA_@*hfZ&CB%5wyj(b3ECM?oAI zYe8QKYS!MsExst55--q#vdxD6&2{_}bx4H_%v=i5%9aYZXCNiht8mYf<^mdj4l zz5fnM+&WPFL&LX2GoR8h9{JzL;qJuJ-?uEo&=bN-+X4TwitCm}ekgTvuV& z^G5^eFauGBkwf+SWh|n^&0A0PP+=0W#JOv*Gs{N4iFlt^T%dVLbKxFmqCus_(`^h? zb;owYf6B{5?O^E$4B$KQ4z3^$6zHR)RoE9{Lx#|3C>t%IPn#{`Ua?PGI&cl#8xhc4 z=C}ryw%5Xu;f53%7H8?lzG%%B9&!YLv&jE!v|Hae2wX+%lKxn2mT013Lbo(>LhuQxkR~9XqA z8*M?gBO8mX&5cjgj~YnpV-82&P5F+8is}T<-s$M1oh#$wivrRy&&f5yU+z9p&QUC)2wC*+uJ8za=A zxym$OuW?+1moUEUvsgn(zNTSp0mnFqUE;s^daT5EzJ*tPY62`{%TR)RrgiPbOIz!} z`w%Gz|8i8AAx3g!D`gU9Z!eoPiq81oDQp{IKnxKw{NV`;!QwBQ%X4cj*~Nu9kIJud z!^uekeg)|gG$m64Zs;x;T!R!HD`!q;2o`v^U!hpx9p;Vx%36axdFL!b|Gb75aO$IQ zybDfsrL}A0P(%PZ}lw>In1M(o?VaEtF@G(86Z$oKLGF#izk z%xy(=mdaKtab%Y9Nl$Yb4t7;d`;7u>dey+`$=(K0ugdG-|AYX2AJ>Q<7GKoq+?aSP|x%6`oC-iHD!tvx{@Fy(wN>LJqTuJ zP{(rYFg#9kBg$98 z3DWMvNvg&mFgrtDqg>_7yg~NGXZM5ueiv5C?c~4JCm=X_HZS+R-1C8X%S#PFm0Oc+ z1k`ML4@sjQz-L`NkJz0aSfwq?@jdBXdXk7o^@bnC)1wbwIRVZOEyEj#x0=|PQ?>{t zb}cmKrr{eN7O=+-p24)YZs=r{IbN`? z#P*Sq!G@YG^{YJi$OC(%02{4To!u(ynB3pwzyQ!N_fSt@8SL)1K1_Cp#(Y}`OcCVA`3>RpP=yOrj^0z>Jlc%7Lnk1 z2rJk1utjvhL2|)%sAKieh`YIsC<(h|zYS3I&3`#RE02f*^UR(x{0t)Q!0~;2 z7{Y$b#?sVqrJ&d+2u{~oj_DA;Bt;z`nN`~@kJ-OocD0i+4etF=vVQY+ zqY)! z*(Ljj?tqv7dI2~lj{%TItAV|QCm<->$lzGySMTAUCV(7zP;552QLa+ZHkEga1k2{- zDEgB?$ybHT(`x?kuzhGOTpX4+ z(LXj}xph;RyU4j+sXS~te4L?~EYv+JSXuV%(TZli%^BBRFCBQC_PH#N<+R6cMnqf1 zcm0e{=m+d}CVRmF2qC$#jX>vPh7z*ff)y*hHO@V0=kq5d+gvc0y`>zv9>uDE>-_$-ps^pQ*RH5R9xnoi-bh zcH+<$NgeP<9v>~E_3GgLn112!Ek|V(-rb zr-%}k)lbnEV8sPSQ1{2^5O$5j&LY$;X{u*NMXTrrTZ0z2m=pKm!xU?0({q)+Q_x>Z zRJ~kPYWUjRjA@;R)w5Wky{4vb>1!S4;XFs{hsWiVZYuOe`fR(Y6q0&N-cr^7w=N}H%VrVc(DT>S zgSLEw@PXy5($=oc5CUKA#E@@a(E-T65M>yD?!>;f(-KUh~l^>(2;eqDU&1F)ryZcHJg{7?Xn+}X2@^{5y;Ef<%vSQY61eH*aq#79*ox+9D=U>mU3~M* z>ly&zQOMZtmrH%SsSAPPY04YyW^<$*rGK4-r`8vDH3~1}t{LBJJQw=WL{=SI_ zRHlYSsA8-L!H#I+=r||P`K-F@#E8w{`0d&mTL#n7lj1*UlM?;FO~M+i-D<;JI)N9y zij_Wm=Yh2C`3*7ENnyXdt(aYH6&=0!9+uir&0^Xcg`%eS3y$4 z&OAr5GL1Qo}VAj$?dN+R}3Z?4qrv<>*RL;OA#Xj%pjJSfhxS@S$ zGo9=H44pqQgmh{k)Cp8K+xSqy`2XWS4NOJc$<7g%*cCGpK6KUr0AM9e#p;(<;r|1u Cp2G+L literal 0 HcmV?d00001 diff --git a/docs/static/images/logo.png b/docs/static/images/logo.png new file mode 100644 index 0000000000000000000000000000000000000000..bee263a47b958be2eda115b0f65ee1e1c3b674a2 GIT binary patch literal 9997 zcmdUVc{tSV_dmv#HB@%WTFJg^FFWFd7V4a#>$kPMSz8dhK3z@ z#mJ6^h7LsidyScq`rB2^Z;XcKEDg{|-ytk-Y103hk7LxzD$M#1Lvcyvd#>km?qBiy zb{~1QCuZ?6v#ogII~&G%C>=0qRAK-(=r{9?-c0DqOo;*aTecTm-!=bO@jLaF7JJgR zJ(TCPt3#^~Bu-@cQMB{_=VNmhXcpz=$K)kmD`tey;-ySL&VKmN!Db(uKzN#nT>jgA8!qmxtUksHV<0eF*7pa?&@1I&5xix4s9&TCa z+}lbLX5AB7{d()Rby~x9Ax7;JVY0y&f_e0W89N! zAn!!27u}Tgr)r3ddmmaB!+=>$F7#>RVDhA?67TSW(N8hv(Ny_$T?eL_pyd^(cX}~8 zY@*CTXMHzgEvbrRWFe2gY(0L6A(8cQH zanT_R#o_RCfMlkBb6m4RWI?k>W8)lLE8$QnkA9Qspr8S{9W`URkH}8xNCIsx7|eX= zd+L_H0>1fXaU8fZisI>wj?4uub;^D6(!W2fn=5v2AVY;mi5I$S;4SjyHLK?)$lIz< zSQT}sRHt;ea0&S7NrjsdQO^6-HY-1D81fhpqbCt$JMy4P7R!ks9CkzGNrimvxuCgk z+ZaFsW*tP7#kx1QKBkaI`fr4l4t@Gz1{ufB?wMNUUzpJgXeIS-|LLd_SpfOk3v|=j z8LMFl_^`;oa-tXr<(*$>GP|X!8kze{zTp`Tdw;oNl)${_eGNCi8cftH*G+9hMgs~= z>a9^rhWEcdeN0g$K4%|E>s}p>?w1!k(=>?_!8}TE>vKdMc9;x+RZ0f~Yw?ZMzBf(5 zFB2Y*%_TT`xb-Z(@^iPMvD6eh~g{)vjWZU_n_Kxk!vvjs6A`tcY@$AKHiY{29uX4llhXyENr0+|;KM zItNLnmEo)XRq0l}4^&0z(QJ)A96jXIs7!pLe3y?B6|7v>?2`+%S+a~=K@Sga7<%Wv z=-g4RSUl9Ah~FEi+7?{QIUh-Hzplmh2`!VIRLa4+qY6s7KJakW6b4MRTy*!nGqx{Nl2Y8pWdTBn4(J@A^Cqm5i%OypCaE ztlHCcv+w?ny*Tm6#cDs=f6AiDaoDsA2wxii(X&^_Yojy0AL<=5tQ&rrQn*%OJLrg! zR7FJ_8a9?b6N5FkvYh8}t@%a?lz_&ycRlwp7=OGPwx~pjb^XhDe|7nED6twdJ)xCW zFEp0=Y`vpyjzXYCynL|6XN;Su6UI2V$t+1%Jr93M79omiR@UGZscF)6Lg=k^$|*VV zxy^kp%Gzfu|7mSTe&2o^S;OzBW!a}g;5e5DDS-YGlM z&XxGf;v!zcipSYwU3x$lDp)7`p*P{tSAR@y=)nqnJ{ZV4ukdic%nM9;oA0=pzHwH> z9#uhsnAnS^Y0Rew@MU>?O@xI^X#F9KrciwIUv}TK|r-KM@nzBRX z+8K%%V!xh&2wtB==2W->*U;*v2?%~4BWUY1{%InuOfh5Ce(S|xx+UYtPCJvLxWKH> zgb$-#=9JmhM~Q9@QHqw7$d+Ub?2e;*a;%>eHab1*O|VNuDIM1M&i>;@PvbW9^h+cs zyUVwinb16EHkWx0d>1=9bJ}pky;l`tbd-LOcPbQ_SDfPqtYJov<`t^cxz~CbafiIv zdxcRUXUXbpHFuQBJ^7B#D+{yvYzW>u;9cI8FFzkQ_J5faD!s)`T2yMr1h0+Z1sL2v zo#J{LzcBFPk%6iZz)1nDdX0hXM^yUdz854t=TEs?*uGXa6+xD4Xsh+hk18*Shs&() z|EN?oqN&PV$r7mP2c%HJ>rL&g2fD-h$!$5;nh)}W>YB38L391ECr+d9H&I~wo^?#RCpdi4u1!|cYfabeRvK7#%Z=lf9a zawHV#^_(E?yf$JRWhD)F#{W@jHzz>8nvz?DWdQxGXVBllxGS zT=)I-&N#;_q7QNxUuu^q9PPVHU3nEl>Q{&Xx8`!EmlT+$7s-_u#Y7c$sTk_fRlWls zg>!?ycBdPO%O8GHSV_%i=5p4@{c0e?Y*4og`^e+&QwuSUIzIot(501AvgOm~{g$VR zsut=XLpe$RdAr;81*GHHMKM+#D1hO(!`VQukvLs|Q#3WA_GzJ9`KK<-4-RjiO6-vn)IL(pHon&ck0^i>5h`w5G`(1|Gn(LLmnlbR@e_MKgOE-(J z_T~ldR1dY=dlM{dAf7(tX*SSO1T!vbKY7_q@Z$jnMGIrpy%Heg4)^q;ky~)ty=mDe z7!%Dn#jGtnCT%{T3Y8~HF%}M~$3$sWE_+fT%l#qtS{A#o9-0m?VswnWyCO6buZf+V zF$mbNb~+9IExuKU!83#Ma_RVGnoi40=eM8LMbx^a7Vl{78-p!2W~GE^#QdEuIe-{$Z?REN_zw&Y>C4NmF_3 zin%h_!dUT{{vQ_LB~f8IC;;j~lHvpgEVMdniYi#uz37XYH}O zkL#-$GbM-H*|uaWV1dg)OKsTps;38TR-XtT_YW*-ndtOb+c~xnmVKiDy>uIxpjoC9 zhGZ8*Yp&ycl!rmur<#)*M4u#M@Bh3^+)G+Q#pp4nlp=m@01{42kMlsMgz-+^m+yB& zcY?f#A=o>z^SgI+gK2{=;L`EDBN1||!3LsFk8V=|TyA=tL&=WV1e=c!>J~QOGfiI# zPE$JRnp>C}H>#s}!(5EJs?P;c5S2`go~(OH{^CJ_=Yf@O6qdoAS3h62KR;cZKM2Q7-G#HC|#%;UvTFPTqFg!^lo8#%9e` z9luwT^m|Pz&|mhQ*KafHY#}&6;g(tGCdxp!TEw;5M=K z;iv~d8$RE1Ni~AjmoAqt^1w@cgh6l}FGm=1i|L|E`S^uDJL5m1({UQR)ROvn^1+rF zQ6E5xIDxY+-RB9O-J1ODCe8im7Ki2`j5|VL8Ny#DYv+tcu1ItecE1$fb!PofJMyJ; zgy;K@R$bUUBVR4I-P8^C%dB51{Z=;RyK2TLFLjrm%y}9WSP>P6SYf1LtjeQ)W+bj7 ztfCBfV&A=A5iihfd-AL}QaPmZqVq17V)iZtqko#hS8KuvqA}&EEQJ+kZw8CkbqwOL zN^I6IL|GF@E+~S(+kr85smIlcz#-|BfY2sudoL!tFS%e}q*p>93gBek+OwI^Fcq@U zug>^Vt_X3FzS$^K^M4PeoiJczi`HDP8jH*@|DB5)vP>M}PBzg3tLG0Fu<2nv+!3cY z5^15o=tdCO_w(rq10xF<6nA0E?ocXl<>-t5eWu1mdg4G#v}A!rTPBEo&&1o9GH~)1 zs-IqD&^Eb^WRD3y$t6%=a0!Wz1G0cjxn+92u0&>bnnX4Q(Rb3i(?*^Oli^z4B)zo2 zAT#WLdlV|f&>qihi>9K*I8u~bFRqj);w!wIla{*O;mPOgn%=(-OJi;!O;sa*0+~S( zfC0%3$vs_4gh|l39WtGFaV4vdF|~+K|4t&vR3gSV5uRv=P?;NdngQ0S+wMR08fs+& zRU&=qyl9taq+`27#m>7MT5JSCo)2|0RWZ@Q&J{=r-7rNi85JV3K^9GcKHm8i&cE-$ zrPQW_B^;tv_&{_CT7EKtjF77?~Pu`{axPKo60+75N4QY%y?lCp+fsvPdzw$Ax_3q`eX z>KCkg?F6{BWTzLK^Y``-hLMz;GiMA6-FS<%9=V*@(+pX!dAVxv)3qtSTe<-= zyZ9btV_cYl!sh&<716k%KIBd|DE;3&ka|w}t~Pgoi7!WOa?FUeq=ae8samvmcG%Ol zvVx=?h3flOprU{g3uB$NK&{$rP|j6h#W!flY4|7|Q&TX9kAbX~YuUA&t*S;`j?Lqd zEFZ(3f$FpW28$VlI!r3R`@EXB1c`#>Ty`baVbj4U5(rd5yY;gs1Wb;ad~tY1WI30ADBhpVve-m`i*fYPg>9a1JD zV3{4vapZzpU5b14iN8TrpNih0|6&3%U0L=X^HSc5?>(|SK_~Xa>WU2o_u>y6*GY9V0NvS6yd~z0!FoR4ekQ^uTM^=Z2>>FTK)qCe`%$XGzr!e**q$YQiBuVmU#Jc zJZD)CQZ*c-d5*-(uzmAa+R_6gGN>UMhaKZ~c^{QZ31T;{7C z{2$D8kAp_nB&u+VB~o}xhcxgjJ)o5-{LMF&IcTRW4;~S2;k6UZagd5$J>(H z`ea!DX3Lj*xNiB}vb1_V^!pD%G?)zhOEjcpO!rs#Gw1udc|WbQ(IR>scdn*?#P0m3^J@jnk$Kabym^Jik#c14887+<_9$l1Nwle+ z<@yIps$7LCYLUG;N4X5vU*9i0IX*to9b8zal~|pR$PewNBErp!e^-&;j9w%2$6{}J zS4n;TGuZ75A<&2hT4j>+4ww0~1dizL<1cOxla!ik-D-%n9SiPSRVHe5_-fLa?xa%LiI;8fUN=u#`>S)J|LHto6)~^8n z*wJ)dlHO^h=@*x}RC*AcI@rm&Cr`vY%qg%4SWx}}bJutO(H8!(4%nNxFHnh)(d{D= z5`8d+$j!739l_G5)Uo1idT;U7&Mwh^v>q*F@F`El|w*o1WdTv;}~baH%dwaevhMlD9cwY<0+FO^u9112hmUlK8;YZ5});C!dAq|ix2scLU#4xjlN1N+GL{y?% zLN9MQ3i^-EqMc6aNo6TbK~^ri;(Yf9{0`2HN;IJWrEEXybrLA8tyL>l#3F29x2{e$ zwb9A@$FhwU0aiIby{6X^g6B+plA_+$s6@{b?}pT9Cgr}OiSrey=CO~>#X7H`LGS)H;*&OohTSw+3-kFGNpx@#6Y z*u!{Z=O4nKOH^-Ajd}hr#;$P^jn}_5jb|nNX>*6wpPl?sWOzJ2R4e!*g*9}Uz5Q|6 z8`NSBm1GS0M-05yHyb1soGM>2{AX}d7h!QX*-8C{!}uzpt!YqGF6JbOAC4GN4%_qoqL2hGy7|pbrw=GWJ+AY-Qbe-Q%ro_#n<&N_|dIVhl z@m6;?82U?g?sal$JVN~BSATzs48>|%d!5S+Zw^XqgvJce!KBZ)d*qkQ=Y*V8G;`XF zLh$TwxgYmN|D*b7JtaNRLes1ii}Jp9*yTnGh&Ewez0^#s;0krKJ!*{6oi$+ci&udc zkJ_5QvG;eIzDYClWm`Wg3J`4Ji}N4sIN2Qgx)9ZeiPHSv^@b~OFR$JinOO4+2$ALo z2hoM*gK{tIg>mXta)6QBf2k$o<-fPMqeK-vzAT#!ao6%v-1fAa>PgFvRP9B!^#bg? z{cXY8E7}_w>>_%lF25_PRx+uxv$k!p!DyJFs+6kHMd$h~&{y62zzniHTA11IdkuXo zUQ>md;f9h^wKtB8F-$V$z54cTe*N5UOUmGK|MZi!H?FiL^uz6^Z2GU>q#G%x%2d7K zgZ)0OMLQ1N$Fjq}*0E4elB-z(<13H(^8->fD{POdM!ml(JGoi%?*Hva?Sf94n^^3W z^(s)8**xBv^&kMCBtK$&>qQ&Nzci-I9JLFyGVq$d)*2QI1yen`5d~|deicxU#>=w9 zpZ(~1%?jHS|GpL)w{Bx|+wN-PRZ~gj>AOf>sjdmC;5o&Y`8B@Lo&6uQaN6$?mJ z9V6k~1g_>zKB=nkh}!w%?K{=&CPxbaDa%!wmaWn>Xxn}M2&zo9-*9i5?xO{-@v`?* zx7a}XOMF2e5-iuR$-GztqV6j1m$^{cGnID~%%>k{Y*u6LY7G3bAj05IH(`wT4G<^K zSY6!r?@scD>->6^x$fpdlu`=hr2pH;d?b%*rx8NNNJ zRHHk?rtT7{dmYZ@Iw10@pIvykjEkzbn*t&>+GPccM5$cxoQ}qTP#}&kO0_BjTlPje zraI{$ww-GW04AJ)j$UsTC36sak`A_8nVQ+Qe88!py@w}mv3c!&ZBXC2Imb+)Hft{v z6qGDHa{X3-eHVx?&Ml7Xca0hj(UsFe&uA3Q2OcW!oKppNv@^|T7v*c4c(GFj^DD$_ zScZTJ(eHhjUe^kb^s6u;4wFCILiS=5GK~yvQ!qO}rauv?*YUcQ#rwXrsVMq%?b)d5 zFCOEXIf8vTVsnSdN-RI#yx@^g1zQ>j&a2&kU|cUQ%_#0b_~HS)kEN+&?A#you78l; z)gwiptgOM+sR}ev&Dxt6${%#_`At&+pHEJ|P0uMV{0O^?q1jSkj%8IuU8rs_%Uu)Z zQSR4}{e(vMjB<{~V*ze^=|p?N7x`0;OJ>AQ*}T}Dr9X%QzoI*X7!i+_P3pkwPqI9^ zq)}g~b6~3q|5Ev_&7u^izQ8$_8x5s5xeuJNV{vF@((uxOgJ6a0+n@tDu*1U zN(SLI){eDYHIROpZ-$_UesIgCtK;7KKyNkMrrV}5xNyVD$F~0Vp_`&bu8YmCqv~N( zp#2F|O3Uf55k|>>jTx=a2B95rtJjDfm=hQ-3;>yxrslFuaMNI-jNd6c%$uNZM{WfO z>nB~>)1g4GPXe@GcG&a#J)`8c1}L`;d!S9I#7Xgb;5$ivsm#BIixKNvPDDq5rRxFsj72l__7~KZ{Ars%s*q)w(I(PFBRtln;U*}P7yU~T7NEoeK>mCKV@U*MqX14 zqFM=c?noAv>5?BA4hHruT9<^=|1`y*)NPxk-tap_cP=v)fY#IxI_6;RQ%2L`0=_d5 z_JPV2b4E4+MH1fSHX+)v@5GWh^4OiW@|ST#5YK34a>>I{m{gE7WOE%-q32atir~Pl zK@Q%%lVTC=KGj{lF?C%An0s62htpNjypMk7-YS#*{^UHI*m1Mz?A#rqiYj~&4yzeY z+_Y>fWi301><}EQoP*_2oe4dfN-}T-w{9(seInO24^Mfd)d!e~l`}CIE z%<2#jHgs*h`xbI@lPH9TL~ELOl~f46-oa6OSY~(E)g8BljLF7`Z~(3lWu9PsrBa(Z z$XpMkhdKwQU;?D>4X!i8<(k4E1PiWP?^>B%CHouGRPM{$?-$+Ft#cYV%Yd`y33^is z4fTcJ@>An!V`h8BOHQRugjv~f1>>$_dn&8A0EGKieMhE#)o(TEb>DO22`%(n~L;N$>i@Y4u|9baYUpileXVH zbVDl0&C76qL$gp?Ep24k|1@P0JZYFzT)$_uf z1iYi+5v4B*a*A38MmLeW4WUwL5|VhqEyC>NkGq}wytUMvw6zx2r++?Ch-yn@I`7nY z=VF>fiB=A%DnxKw4uR%c^OZpAc{l4^TEsgMhcJL~?GwPXxH@Ta08wyO&?StQl1hMX zhVa#)!8K0?4`~n#rYPz=9<(S~FNXRA;LRPaI;XE!moiZWZYD`j5%*V3Uv(M>y#BW2 z3mh~WD+HxYFD8Yyk(sEEK;mh7-D*7c(cD`MM0fAhk5~1)#uHSF3;KwC&n1DR5*&7} zZAEgV-_&P3fk?9hL<&n>y_ZtWUw|l zbjF~0%y{Jt5rA31Jeg>Vd*a{=^Y&;|Mn+#HixfH2zyKnK0ll;D%Ow0~sE zYFC2q4?Pu + + + +{{if .Description -}} +{{ .Description }} +{{else}} +Configuration for [{{ .Name }}]({{ .URL }}). +{{end}} + + + +- Code: `{{ .Code }}` +{{if .Example }} +Here is an example bash command using the {{ .Name }} provider: + +```bash +{{ .Example -}} +``` +{{else}} +{{ "{{" }}% notice note %}} +_Please contribute by adding a CLI example._ +{{ "{{" }}% /notice %}} +{{end}} + +{{if .Configuration }} +{{if .Configuration.Credentials }} +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +{{- range $k, $v := .Configuration.Credentials }} +| `{{$k}}` | {{$v}} | +{{- end}} + +{{- end}} + +{{if .Configuration.Additional }} +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +{{- range $k, $v := .Configuration.Additional }} +| `{{$k}}` | {{$v}} | +{{- end}} + +{{- end}} +{{- end}} + +{{ .Additional }} + +{{if .Links }} +## More information + +{{if .Links.API -}} +- [API documentation]({{ .Links.API }}) +{{- end}} +{{- if .Links.GoClient }} +- [Go client]({{ .Links.GoClient }}) +{{- end}} + +{{- end}} + + + + diff --git a/internal/dnsdocs/generator.go b/internal/dnsdocs/generator.go new file mode 100644 index 00000000..a2d1742e --- /dev/null +++ b/internal/dnsdocs/generator.go @@ -0,0 +1,136 @@ +package main + +//go:generate go run . + +import ( + "bytes" + "go/format" + "log" + "os" + "path/filepath" + "strings" + "text/template" + + "github.com/BurntSushi/toml" +) + +const ( + root = "../../" + dnsPackage = root + "providers/dns" + mdTemplate = root + "internal/dnsdocs/dns.md.tmpl" + cliTemplate = root + "internal/dnsdocs/dns.go.tmpl" + cliOutput = root + "cmd/zz_gen_cmd_dnshelp.go" + docOutput = root + "docs/content/dns" +) + +type Model struct { + Name string // Real name of the DNS provider + Code string // DNS code + URL string // DNS provider URL + Description string // Provider summary + Example string // CLI example + Configuration *Configuration // Environment variables + Links *Links // Links + Additional string // Extra documentation + GeneratedFrom string // Source file +} + +type Configuration struct { + Credentials map[string]string + Additional map[string]string +} + +type Links struct { + API string + GoClient string +} + +type Providers struct { + Providers []Model +} + +func main() { + models := &Providers{} + + err := filepath.Walk(dnsPackage, walker(models)) + if err != nil { + log.Fatal(err) + } + + // generate CLI help + err = generateCLIHelp(models) + if err != nil { + log.Fatal(err) + } +} + +func walker(prs *Providers) func(string, os.FileInfo, error) error { + return func(path string, _ os.FileInfo, err error) error { + if err != nil { + return err + } + + if filepath.Ext(path) == ".toml" { + m := Model{} + + m.GeneratedFrom, err = filepath.Rel(root, path) + if err != nil { + return err + } + + _, err := toml.DecodeFile(path, &m) + if err != nil { + return err + } + + prs.Providers = append(prs.Providers, m) + + // generate documentation + return generateDocumentation(m) + } + + return nil + } +} + +func generateDocumentation(m Model) error { + filename := filepath.Join(docOutput, "zz_gen_"+m.Code+".md") + + file, err := os.Create(filename) + if err != nil { + return err + } + + return template.Must(template.ParseFiles(mdTemplate)).Execute(file, m) +} + +func generateCLIHelp(models *Providers) error { + filename := filepath.Join(cliOutput) + + file, err := os.Create(filename) + if err != nil { + return err + } + + tlt := template.New(filepath.Base(cliTemplate)).Funcs(map[string]interface{}{ + "safe": func(src string) string { + return strings.ReplaceAll(src, "`", "'") + }, + }) + + b := &bytes.Buffer{} + err = template.Must(tlt.ParseFiles(cliTemplate)).Execute(b, models) + if err != nil { + return err + } + + // gofmt + source, err := format.Source(b.Bytes()) + if err != nil { + return err + } + + _, err = file.Write(source) + return err + +} diff --git a/providers/dns/acmedns/acmedns.toml b/providers/dns/acmedns/acmedns.toml new file mode 100644 index 00000000..da0372c0 --- /dev/null +++ b/providers/dns/acmedns/acmedns.toml @@ -0,0 +1,15 @@ +Name = "Joohoi's ACME-DNS" +Description = '''''' +URL = "https://github.com/joohoi/acme-dns" +Code = "acme-dns" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + ACME_DNS_API_BASE = "The ACME-DNS API address" + ACME_DNS_STORAGE_PATH = "The ACME-DNS JSON account data file. A per-domain account will be registered/persisted to this file and used for TXT updates." + +[Links] + API = "https://github.com/joohoi/acme-dns#api" + GoClient = "https://github.com/cpu/goacmedns" diff --git a/providers/dns/alidns/alidns.toml b/providers/dns/alidns/alidns.toml new file mode 100644 index 00000000..c3c9fb87 --- /dev/null +++ b/providers/dns/alidns/alidns.toml @@ -0,0 +1,20 @@ +Name = "Alibaba Cloud DNS" +Description = '''''' +URL = "https://www.alibabacloud.com/product/dns" +Code = "alidns" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + ALICLOUD_ACCESS_KEY = "Access key ID" + ALICLOUD_SECRET_KEY = "Access Key secret" + [Configuration.Additional] + ALICLOUD_POLLING_INTERVAL = "Time between DNS propagation check" + ALICLOUD_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + ALICLOUD_TTL = "The TTL of the TXT record used for the DNS challenge" + ALICLOUD_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://www.alibabacloud.com/help/doc-detail/42875.htm" + GoClient = "https://github.com/aliyun/alibaba-cloud-sdk-go" diff --git a/providers/dns/auroradns/auroradns.toml b/providers/dns/auroradns/auroradns.toml new file mode 100644 index 00000000..d9e065ab --- /dev/null +++ b/providers/dns/auroradns/auroradns.toml @@ -0,0 +1,20 @@ +Name = "Aurora DNS" +Description = '''''' +URL = "https://www.pcextreme.com/aurora/dns" +Code = "auroradns" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + AURORA_USER_ID = "User ID" + AURORA_KEY = "User API key" + AURORA_ENDPOINT = "API endpoint URL" + [Configuration.Additional] + AURORA_POLLING_INTERVAL = "Time between DNS propagation check" + AURORA_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + AURORA_TTL = "The TTL of the TXT record used for the DNS challenge" + +[Links] + API = "https://libcloud.readthedocs.io/en/latest/dns/drivers/auroradns.html#api-docs" + GoClient = "https://github.com/nrdcg/auroradns" diff --git a/providers/dns/azure/azure.toml b/providers/dns/azure/azure.toml new file mode 100644 index 00000000..0923d1b4 --- /dev/null +++ b/providers/dns/azure/azure.toml @@ -0,0 +1,24 @@ +Name = "Azure" +Description = '''''' +URL = "https://azure.microsoft.com/services/dns/" +Code = "azure" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + AZURE_CLIENT_ID = "Client ID" + AZURE_CLIENT_SECRET = "Client secret" + AZURE_SUBSCRIPTION_ID = "Subscription ID" + AZURE_TENANT_ID = "Tenant ID" + AZURE_RESOURCE_GROUP = "Resource group" + 'instance metadata service' = "If the credentials are **not** set via the environment, then it will attempt to get a bearer token via the [instance metadata service](https://docs.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service)." + [Configuration.Additional] + AZURE_POLLING_INTERVAL = "Time between DNS propagation check" + AZURE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + AZURE_TTL = "The TTL of the TXT record used for the DNS challenge" + AZURE_METADATA_ENDPOINT = "Metadata Service endpoint URL" + +[Links] + API = "https://docs.microsoft.com/en-us/go/azure/" + GoClient = "https://github.com/Azure/azure-sdk-for-go" diff --git a/providers/dns/bluecat/bluecat.toml b/providers/dns/bluecat/bluecat.toml new file mode 100644 index 00000000..c8f43ce6 --- /dev/null +++ b/providers/dns/bluecat/bluecat.toml @@ -0,0 +1,19 @@ +Name = "Bluecat" +Description = '''''' +URL = "https://www.bluecatnetworks.com" +Code = "bluecat" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + BLUECAT_SERVER_URL = "The server URL, should have scheme, hostname, and port (if required) of the authoritative Bluecat BAM serve" + BLUECAT_USER_NAME = "API username" + BLUECAT_PASSWORD = "API password" + BLUECAT_CONFIG_NAME = "Configuration name" + BLUECAT_DNS_VIEW = "External DNS View Name" + [Configuration.Additional] + BLUECAT_POLLING_INTERVAL = "Time between DNS propagation check" + BLUECAT_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + BLUECAT_TTL = "The TTL of the TXT record used for the DNS challenge" + BLUECAT_HTTP_TIMEOUT = "API request timeout" diff --git a/providers/dns/cloudflare/cloudflare.toml b/providers/dns/cloudflare/cloudflare.toml new file mode 100644 index 00000000..c60f4999 --- /dev/null +++ b/providers/dns/cloudflare/cloudflare.toml @@ -0,0 +1,24 @@ +Name = "Cloudflare" +Description = '''''' +URL = "https://www.cloudflare.com/dns/" +Code = "cloudflare" + +Example = ''' +CLOUDFLARE_EMAIL=foo@bar.com \ +CLOUDFLARE_API_KEY=b9841238feb177a84330febba8a83208921177bffe733 \ +lego --dns cloudflare --domains my.domain.com --email my@email.com run +''' + +[Configuration] + [Configuration.Credentials] + CLOUDFLARE_EMAIL = "Account email" + CLOUDFLARE_API_KEY = "API key" + [Configuration.Additional] + CLOUDFLARE_POLLING_INTERVAL = "Time between DNS propagation check" + CLOUDFLARE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + CLOUDFLARE_TTL = "The TTL of the TXT record used for the DNS challenge" + CLOUDFLARE_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://api.cloudflare.com/" + GoClient = "https://github.com/cloudflare/cloudflare-go" diff --git a/providers/dns/cloudns/cloudns.toml b/providers/dns/cloudns/cloudns.toml new file mode 100644 index 00000000..f8c2b83a --- /dev/null +++ b/providers/dns/cloudns/cloudns.toml @@ -0,0 +1,19 @@ +Name = "ClouDNS" +Description = '''''' +URL = "https://www.cloudns.net" +Code = "cloudns" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + CLOUDNS_AUTH_ID = "The API user ID" + CLOUDNS_AUTH_PASSWORD = "The password for API user ID" + [Configuration.Additional] + CLOUDNS_POLLING_INTERVAL = "Time between DNS propagation check" + CLOUDNS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + CLOUDNS_TTL = "The TTL of the TXT record used for the DNS challenge" + CLOUDNS_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://www.cloudns.net/wiki/article/42/" diff --git a/providers/dns/cloudxns/cloudxns.toml b/providers/dns/cloudxns/cloudxns.toml new file mode 100644 index 00000000..58695142 --- /dev/null +++ b/providers/dns/cloudxns/cloudxns.toml @@ -0,0 +1,19 @@ +Name = "CloudXNS" +Description = """""" +URL = "https://www.cloudxns.net/" +Code = "cloudxns" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + CLOUDXNS_API_KEY = "The API key" + CLOUDXNS_SECRET_KEY = "THe API secret key" + [Configuration.Additional] + CLOUDXNS_POLLING_INTERVAL = "Time between DNS propagation check" + CLOUDXNS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + CLOUDXNS_TTL = "The TTL of the TXT record used for the DNS challenge" + CLOUDXNS_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://www.cloudxns.net/Public/Doc/CloudXNS_api2.0_doc_zh-cn.zip" diff --git a/providers/dns/conoha/conoha.toml b/providers/dns/conoha/conoha.toml new file mode 100644 index 00000000..c5f003da --- /dev/null +++ b/providers/dns/conoha/conoha.toml @@ -0,0 +1,21 @@ +Name = "ConoHa" +Description = '''''' +URL = "https://www.conoha.jp/" +Code = "conoha" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + CONOHA_TENANT_ID = "Tenant ID" + CONOHA_API_USERNAME = "The API username" + CONOHA_API_PASSWORD = "The API password" + [Configuration.Additional] + CONOHA_POLLING_INTERVAL = "Time between DNS propagation check" + CONOHA_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + CONOHA_TTL = "The TTL of the TXT record used for the DNS challenge" + CONOHA_HTTP_TIMEOUT = "API request timeout" + CONOHA_REGION = "The region" + +[Links] + API = "https://www.conoha.jp/docs/" diff --git a/providers/dns/designate/designate.toml b/providers/dns/designate/designate.toml new file mode 100644 index 00000000..7c82d216 --- /dev/null +++ b/providers/dns/designate/designate.toml @@ -0,0 +1,22 @@ +Name = "Designate DNSaaS for Openstack" +Description = '''''' +URL = "https://docs.openstack.org/designate/latest/" +Code = "designate" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + OS_AUTH_URL = "Identity endpoint URL" + OS_USERNAME = "Username" + OS_PASSWORD = "Password" + OS_TENANT_NAME = "Tenant name" + OS_REGION_NAME = "Region name" + [Configuration.Additional] + DESIGNATE_POLLING_INTERVAL = "Time between DNS propagation check" + DESIGNATE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + DESIGNATE_TTL = "The TTL of the TXT record used for the DNS challenge" + +[Links] + API = "https://docs.openstack.org/designate/latest/" + GoClient = "https://godoc.org/github.com/gophercloud/gophercloud/openstack/dns/v2" diff --git a/providers/dns/digitalocean/digitalocean.toml b/providers/dns/digitalocean/digitalocean.toml new file mode 100644 index 00000000..f4aaf9ee --- /dev/null +++ b/providers/dns/digitalocean/digitalocean.toml @@ -0,0 +1,18 @@ +Name = "Digital Ocean" +Description = '''''' +URL = "https://www.digitalocean.com/docs/networking/dns/" +Code = "digitalocean" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + DO_AUTH_TOKEN = "Authentication token" + [Configuration.Additional] + DO_POLLING_INTERVAL = "Time between DNS propagation check" + DO_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + DO_TTL = "The TTL of the TXT record used for the DNS challenge" + DO_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://developers.digitalocean.com/documentation/v2/#domain-records" diff --git a/providers/dns/dnsimple/dnsimple.toml b/providers/dns/dnsimple/dnsimple.toml new file mode 100644 index 00000000..a817e598 --- /dev/null +++ b/providers/dns/dnsimple/dnsimple.toml @@ -0,0 +1,19 @@ +Name = "DNSimple" +Description = '''''' +URL = "https://dnsimple.com/" +Code = "dnsimple" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + DNSIMPLE_OAUTH_TOKEN = "OAuth token" + DNSIMPLE_BASE_URL = "API endpoint URL" + [Configuration.Additional] + DNSIMPLE_POLLING_INTERVAL = "Time between DNS propagation check" + DNSIMPLE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + DNSIMPLE_TTL = "The TTL of the TXT record used for the DNS challenge" + +[Links] + API = "https://developer.dnsimple.com/v2/" + GoClient = "https://github.com/dnsimple/dnsimple-go" diff --git a/providers/dns/dnsmadeeasy/dnsmadeeasy.toml b/providers/dns/dnsmadeeasy/dnsmadeeasy.toml new file mode 100644 index 00000000..53ec6014 --- /dev/null +++ b/providers/dns/dnsmadeeasy/dnsmadeeasy.toml @@ -0,0 +1,20 @@ +Name = "DNS Made Easy" +Description = '''''' +URL = "https://dnsmadeeasy.com/" +Code = "dnsmadeeasy" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + DNSMADEEASY_API_KEY = "The API key" + DNSMADEEASY_API_SECRET = "The API Secret key" + [Configuration.Additional] + DNSMADEEASY_SANDBOX = "Activate the sandbox (boolean)" + DNSMADEEASY_POLLING_INTERVAL = "Time between DNS propagation check" + DNSMADEEASY_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + DNSMADEEASY_TTL = "The TTL of the TXT record used for the DNS challenge" + DNSMADEEASY_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://api-docs.dnsmadeeasy.com/" diff --git a/providers/dns/dnspod/dnspod.toml b/providers/dns/dnspod/dnspod.toml new file mode 100644 index 00000000..7b468466 --- /dev/null +++ b/providers/dns/dnspod/dnspod.toml @@ -0,0 +1,19 @@ +Name = "DNSPod" +Description = '''''' +URL = "http://www.dnspod.com/" +Code = "dnspod" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + DNSPOD_API_KEY = "The user token" + [Configuration.Additional] + DNSPOD_POLLING_INTERVAL = "Time between DNS propagation check" + DNSPOD_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + DNSPOD_TTL = "The TTL of the TXT record used for the DNS challenge" + DNSPOD_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://www.dnspod.com/docs/index.html" + GoClient = "https://github.com/decker502/dnspod-go" diff --git a/providers/dns/dreamhost/dreamhost.toml b/providers/dns/dreamhost/dreamhost.toml new file mode 100644 index 00000000..7bfeff10 --- /dev/null +++ b/providers/dns/dreamhost/dreamhost.toml @@ -0,0 +1,18 @@ +Name = "DreamHost" +Description = '''''' +URL = "https://www.dreamhost.com" +Code = "dreamhost" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + DREAMHOST_API_KEY = "The API key" + [Configuration.Additional] + DREAMHOST_POLLING_INTERVAL = "Time between DNS propagation check" + DREAMHOST_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + DREAMHOST_TTL = "The TTL of the TXT record used for the DNS challenge" + DREAMHOST_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://help.dreamhost.com/hc/en-us/articles/217560167-API_overview" diff --git a/providers/dns/duckdns/duckdns.toml b/providers/dns/duckdns/duckdns.toml new file mode 100644 index 00000000..f99eb0ab --- /dev/null +++ b/providers/dns/duckdns/duckdns.toml @@ -0,0 +1,19 @@ +Name = "Duck DNS" +Description = '''''' +URL = "https://www.duckdns.org/" +Code = "duckdns" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + DUCKDNS_TOKEN = "Account token" + [Configuration.Additional] + DUCKDNS_POLLING_INTERVAL = "Time between DNS propagation check" + DUCKDNS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + DUCKDNS_TTL = "The TTL of the TXT record used for the DNS challenge" + DUCKDNS_HTTP_TIMEOUT = "API request timeout" + DUCKDNS_SEQUENCE_INTERVAL = "Interval between iteration" + +[Links] + API = "https://www.duckdns.org/spec.jsp" diff --git a/providers/dns/dyn/dyn.toml b/providers/dns/dyn/dyn.toml new file mode 100644 index 00000000..c2a4b6b8 --- /dev/null +++ b/providers/dns/dyn/dyn.toml @@ -0,0 +1,20 @@ +Name = "Dyn" +Description = '''''' +URL = "https://dyn.com/" +Code = "dyn" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + DYN_CUSTOMER_NAME = "Customer name" + DYN_USER_NAME = "User name" + DYN_PASSWORD = "Paswword" + [Configuration.Additional] + DYN_POLLING_INTERVAL = "Time between DNS propagation check" + DYN_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + DYN_TTL = "The TTL of the TXT record used for the DNS challenge" + DYN_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://help.dyn.com/rest/" diff --git a/providers/dns/exec/readme.md b/providers/dns/exec/exec.toml similarity index 78% rename from providers/dns/exec/readme.md rename to providers/dns/exec/exec.toml index 3fa2f7cf..c44a4c93 100644 --- a/providers/dns/exec/readme.md +++ b/providers/dns/exec/exec.toml @@ -1,6 +1,30 @@ -# Execute an external program +Name = "External program" +Description = "Solving the DNS-01 challenge using an external program." +URL = "/dns/exec" +Code = "exec" + +Example = ''' +EXEC_PATH=/the/path/to/myscript.sh \ +lego --dns exec --domains my.domain.com --email my@email.com run +''' + +Additional = ''' + +## Base Configuration + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `EXEC_MODE` | `RAW`, none | +| `EXEC_PATH` | TODO | + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `EXEC_POLLING_INTERVAL` | Time between DNS propagation check | +| `EXEC_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | -Solving the DNS-01 challenge using an external program. ## Description @@ -48,6 +72,12 @@ It will then call the program `./update-dns.sh` like this: ## Commands +{{% notice note %}} +The `--` is because the token MAY start with a `-`, and the called program may try and interpret a `-` as indicating a flag. +In the case of urfave, which is commonly used, +you can use the `--` delimiter to specify the start of positional arguments, and handle such a string safely. +{{% /notice %}} + ### Present | Mode | Command | @@ -77,10 +107,4 @@ the default display propagation timeout and polling interval are used. | default | `myprogram timeout` | | `RAW` | `myprogram timeout` | - -## NOTE - -The `--` is because the token MAY start with a `-`, and the called program may try and interpret a - as indicating a flag. - -In the case of urfave, which is commonly used, -you can use the `--` delimiter to specify the start of positional arguments, and handle such a string safely. +''' diff --git a/providers/dns/exoscale/exoscale.toml b/providers/dns/exoscale/exoscale.toml new file mode 100644 index 00000000..0e992aba --- /dev/null +++ b/providers/dns/exoscale/exoscale.toml @@ -0,0 +1,21 @@ +Name = "Exoscale" +Description = '''''' +URL = "https://www.exoscale.com/" +Code = "exoscale" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + EXOSCALE_API_KEY = "API key" + EXOSCALE_API_SECRET = "API secret" + EXOSCALE_ENDPOINT = "API endpoint URL" + [Configuration.Additional] + EXOSCALE_POLLING_INTERVAL = "Time between DNS propagation check" + EXOSCALE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + EXOSCALE_TTL = "The TTL of the TXT record used for the DNS challenge" + EXOSCALE_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://community.exoscale.com/documentation/dns/api/" + GoClient = "https://github.com/exoscale/egoscale" diff --git a/providers/dns/fastdns/fastdns.toml b/providers/dns/fastdns/fastdns.toml new file mode 100644 index 00000000..196994ba --- /dev/null +++ b/providers/dns/fastdns/fastdns.toml @@ -0,0 +1,23 @@ +Name = "FastDNS" +Description = '''''' +URL = "https://www.akamai.com/us/en/products/security/fast-dns.jsp" +Code = "fastdns" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + AKAMAI_HOST = "API host" + AKAMAI_CLIENT_TOKEN = "Client token" + AKAMAI_CLIENT_SECRET = "Client secret" + AKAMAI_ACCESS_TOKEN = "Access token" + [Configuration.Additional] + AKAMAI_POLLING_INTERVAL = "Time between DNS propagation check" + AKAMAI_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + AKAMAI_TTL = "The TTL of the TXT record used for the DNS challenge" + +[Links] + API = "https://developer.akamai.com/api/web_performance/fast_dns_record_management/v1.html" + GoClient = "https://github.com/akamai/AkamaiOPEN-edgegrid-golang" + + diff --git a/providers/dns/gandi/gandi.toml b/providers/dns/gandi/gandi.toml new file mode 100644 index 00000000..15db58ca --- /dev/null +++ b/providers/dns/gandi/gandi.toml @@ -0,0 +1,18 @@ +Name = "Gandi" +Description = """""" +URL = "https://www.gandi.net" +Code = "gandi" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + GANDI_API_KEY = "API key" + [Configuration.Additional] + GANDI_POLLING_INTERVAL = "Time between DNS propagation check" + GANDI_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + GANDI_TTL = "The TTL of the TXT record used for the DNS challenge" + GANDI_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "http://doc.rpc.gandi.net/index.html" diff --git a/providers/dns/gandiv5/gandiv5.toml b/providers/dns/gandiv5/gandiv5.toml new file mode 100644 index 00000000..9eaa567e --- /dev/null +++ b/providers/dns/gandiv5/gandiv5.toml @@ -0,0 +1,18 @@ +Name = "Gandi Live DNS (v5)" +Description = '''''' +URL = "https://www.gandi.net" +Code = "gandiv5" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + GANDIV5_API_KEY = "API key" + [Configuration.Additional] + GANDIV5_POLLING_INTERVAL = "Time between DNS propagation check" + GANDIV5_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + GANDIV5_TTL = "The TTL of the TXT record used for the DNS challenge" + GANDIV5_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "http://doc.livedns.gandi.net" diff --git a/providers/dns/gcloud/gcloud.toml b/providers/dns/gcloud/gcloud.toml new file mode 100644 index 00000000..ae43c965 --- /dev/null +++ b/providers/dns/gcloud/gcloud.toml @@ -0,0 +1,21 @@ +Name = "Google Cloud" +Description = '''''' +URL = "https://cloud.google.com" +Code = "gcloud" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + GCE_PROJECT = "Project name" + 'Application Default Credentials' = "[Documentation](https://cloud.google.com/docs/authentication/production#providing_credentials_to_your_application)" + GCE_SERVICE_ACCOUNT_FILE = "Account file path" + GCE_SERVICE_ACCOUNT = "Account" + [Configuration.Additional] + GCE_POLLING_INTERVAL = "Time between DNS propagation check" + GCE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + GCE_TTL = "The TTL of the TXT record used for the DNS challenge" + +[Links] + API = "https://community.exoscale.com/documentation/dns/api/" + GoClient = "https://github.com/googleapis/google-api-go-client" diff --git a/providers/dns/glesys/glesys.go b/providers/dns/glesys/glesys.go index 98667d8d..c647a741 100644 --- a/providers/dns/glesys/glesys.go +++ b/providers/dns/glesys/glesys.go @@ -13,8 +13,6 @@ import ( "github.com/xenolf/lego/platform/config/env" ) -// GleSYS API reference: https://github.com/GleSYS/API/wiki/API-Documentation - const ( // defaultBaseURL is the GleSYS API endpoint used by Present and CleanUp. defaultBaseURL = "https://api.glesys.com/domain" diff --git a/providers/dns/glesys/glesys.toml b/providers/dns/glesys/glesys.toml new file mode 100644 index 00000000..daba9d7b --- /dev/null +++ b/providers/dns/glesys/glesys.toml @@ -0,0 +1,19 @@ +Name = "Glesys" +Description = '''''' +URL = "https://glesys.com/" +Code = "glesys" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + GLESYS_API_USER = "API user" + GLESYS_API_KEY = "API key" + [Configuration.Additional] + GLESYS_POLLING_INTERVAL = "Time between DNS propagation check" + GLESYS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + GLESYS_TTL = "The TTL of the TXT record used for the DNS challenge" + GLESYS_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://github.com/GleSYS/API/wiki/API-Documentation" diff --git a/providers/dns/godaddy/godaddy.toml b/providers/dns/godaddy/godaddy.toml new file mode 100644 index 00000000..688bc665 --- /dev/null +++ b/providers/dns/godaddy/godaddy.toml @@ -0,0 +1,18 @@ +Name = "Go Daddy" +Description = '''''' +URL = "https://godaddy.com" +Code = "godaddy" + +[Configuration] + [Configuration.Credentials] + GODADDY_API_KEY = "**TODO**" + GODADDY_API_SECRET = "**TODO**" + [Configuration.Additional] + GODADDY_POLLING_INTERVAL = "Time between DNS propagation check" + GODADDY_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + GODADDY_TTL = "The TTL of the TXT record used for the DNS challenge" + GODADDY_HTTP_TIMEOUT = "API request timeout" + GODADDY_SEQUENCE_INTERVAL = "Interval between iteration" + +[Links] + API = "https://developer.godaddy.com/doc/endpoint/domains" diff --git a/providers/dns/hostingde/hostingde.toml b/providers/dns/hostingde/hostingde.toml new file mode 100644 index 00000000..1bf91b92 --- /dev/null +++ b/providers/dns/hostingde/hostingde.toml @@ -0,0 +1,19 @@ +Name = "Hosting.de" +Description = '''''' +URL = "https://www.hosting.de/" +Code = "hostingde" + +[Configuration] + [Configuration.Credentials] + HOSTINGDE_API_KEY = "**TODO**" + HOSTINGDE_ZONE_NAME = "**TODO**" + [Configuration.Additional] + HOSTINGDE_POLLING_INTERVAL = "Time between DNS propagation check" + HOSTINGDE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + HOSTINGDE_TTL = "The TTL of the TXT record used for the DNS challenge" + HOSTINGDE_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://www.hosting.de/api/#dns" + + diff --git a/providers/dns/httpreq/httpreq.toml b/providers/dns/httpreq/httpreq.toml new file mode 100644 index 00000000..bf7892d3 --- /dev/null +++ b/providers/dns/httpreq/httpreq.toml @@ -0,0 +1,60 @@ +Name = "HTTP request" +Description = '''''' +URL = "/dns/httpreq/" +Code = "httpreq" + +Example = ''' +HTTPREQ_ENDPOINT=http://my.server.com:9090 \ +lego --dns httpreq --domains my.domain.com --email my@email.com run +''' + +Additional = ''' +## Description + +The server must provide: + +- `POST` `/present` +- `POST` `/cleanup` + +The URL of the server must be define by `HTTPREQ_ENDPOINT`. + +### Mode + +There are 2 modes (`HTTPREQ_MODE`): + +- default mode: +```json +{ + "fqdn": "_acme-challenge.domain.", + "value": "LHDhK3oGRvkiefQnx7OOczTY5Tic_xZ6HcMOc_gmtoM" +} +``` + +- `RAW` +```json +{ + "domain": "domain", + "token": "token", + "keyAuth": "key" +} +``` + +### Authentication + +Basic authentication (optional) can be set with some environment variables: + +- `HTTPREQ_USERNAME` and `HTTPREQ_PASSWORD` +- both values must be set, otherwise basic authentication is not defined. + +''' + +[Configuration] + [Configuration.Credentials] + HTTPREQ_MODE = "`RAW`, none" + HTTPREQ_ENDPOINT = "The URL of the server" + [Configuration.Additional] + HTTPREQ_USERNAME = "**TODO**" + HTTPREQ_PASSWORD = "**TODO**" + HTTPREQ_POLLING_INTERVAL = "Time between DNS propagation check" + HTTPREQ_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + HTTPREQ_HTTP_TIMEOUT = "API request timeout" diff --git a/providers/dns/httpreq/readme.md b/providers/dns/httpreq/readme.md deleted file mode 100644 index 51bc9a0b..00000000 --- a/providers/dns/httpreq/readme.md +++ /dev/null @@ -1,33 +0,0 @@ -# HTTP request - -The server must provide: -- `POST` `/present` -- `POST` `/cleanup` - -The URL of the server must be define by `HTTPREQ_ENDPOINT`. - -## Mode - -There are 2 modes (`HTTPREQ_MODE`): -- default mode: -```json -{ - "fqdn": "_acme-challenge.domain.", - "value": "LHDhK3oGRvkiefQnx7OOczTY5Tic_xZ6HcMOc_gmtoM" -} -``` - -- `RAW` -```json -{ - "domain": "domain", - "token": "token", - "keyAuth": "key" -} -``` - -## Authentication - -Basic authentication (optional) can be set with some environment variables: -- `HTTPREQ_USERNAME` and `HTTPREQ_PASSWORD` -- both values must be set, otherwise basic authentication is not defined. diff --git a/providers/dns/iij/iij.toml b/providers/dns/iij/iij.toml new file mode 100644 index 00000000..0beb5587 --- /dev/null +++ b/providers/dns/iij/iij.toml @@ -0,0 +1,20 @@ +Name = "Internet Initiative Japan" +Description = '''''' +URL = "https://www.iij.ad.jp/en/" +Code = "iij" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + IIJ_API_ACCESS_KEY = "API access key" + IIJ_API_SECRET_KEY = "API secret key" + IIJ_DO_SERVICE_CODE = "DO service code" + [Configuration.Additional] + IIJ_POLLING_INTERVAL = "Time between DNS propagation check" + IIJ_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + IIJ_TTL = "The TTL of the TXT record used for the DNS challenge" + +[Links] + API = "http://manual.iij.jp/p2/pubapi/http://manual.iij.jp/p2/pubapi/" + GoClient = "https://github.com/iij/doapi" diff --git a/providers/dns/inwx/inwx.toml b/providers/dns/inwx/inwx.toml new file mode 100644 index 00000000..f77265fc --- /dev/null +++ b/providers/dns/inwx/inwx.toml @@ -0,0 +1,20 @@ +Name = "INWX" +Description = '''''' +URL = "https://www.inwx.de/en" +Code = "inwx" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + INWX_USERNAME = "Username" + INWX_PASSWORD = "Password" + [Configuration.Additional] + INWX_POLLING_INTERVAL = "Time between DNS propagation check" + INWX_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + INWX_TTL = "The TTL of the TXT record used for the DNS challenge" + INWX_SANDBOX = "Activate the sandbox (boolean)" + +[Links] + API = "https://www.inwx.de/en/help/apidoc" + GoClient = "https://github.com/nrdcg/goinwx" diff --git a/providers/dns/lightsail/lightsail.toml b/providers/dns/lightsail/lightsail.toml new file mode 100644 index 00000000..191cb1d3 --- /dev/null +++ b/providers/dns/lightsail/lightsail.toml @@ -0,0 +1,18 @@ +Name = "Amazon Lightsail" +Description = '''''' +URL = "https://aws.amazon.com/lightsail/" +Code = "lightsail" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + AWS_ACCESS_KEY_ID = "Access key ID" + AWS_SECRET_ACCESS_KEY = "Secret access key" + DNS_ZONE = "DNS zone" + [Configuration.Additional] + LIGHTSAIL_POLLING_INTERVAL = "Time between DNS propagation check" + LIGHTSAIL_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + +[Links] + GoClient = "https://github.com/aws/aws-sdk-go/aws" diff --git a/providers/dns/linode/linode.toml b/providers/dns/linode/linode.toml new file mode 100644 index 00000000..d11021c0 --- /dev/null +++ b/providers/dns/linode/linode.toml @@ -0,0 +1,18 @@ +Name = "Linode (deprecated)" +Description = '''''' +URL = "https://www.linode.com/" +Code = "linode" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + LINODE_API_KEY = "API key" + [Configuration.Additional] + LINODE_POLLING_INTERVAL = "Time between DNS propagation check" + LINODE_TTL = "The TTL of the TXT record used for the DNS challenge" + LINODE_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://www.linode.com/api/dns" + GoClient = "https://github.com/timewasted/linode" diff --git a/providers/dns/linodev4/linodev4.toml b/providers/dns/linodev4/linodev4.toml new file mode 100644 index 00000000..49e853cf --- /dev/null +++ b/providers/dns/linodev4/linodev4.toml @@ -0,0 +1,18 @@ +Name = "Linode (v4)" +Description = '''''' +URL = "https://www.linode.com/" +Code = "linodev4" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + LINODE_TOKEN = "API token" + [Configuration.Additional] + LINODE_POLLING_INTERVAL = "Time between DNS propagation check" + LINODE_TTL = "The TTL of the TXT record used for the DNS challenge" + LINODE_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://developers.linode.com/api/v4" + GoClient = "https://github.com/linode/linodego" diff --git a/providers/dns/mydnsjp/mydnsjp.toml b/providers/dns/mydnsjp/mydnsjp.toml new file mode 100644 index 00000000..ec5392e2 --- /dev/null +++ b/providers/dns/mydnsjp/mydnsjp.toml @@ -0,0 +1,19 @@ +Name = "MyDNS.jp" +Description = '''''' +URL = "https://www.mydns.jp" +Code = "mydnsjp" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + MYDNSJP_MASTER_ID = "Master ID" + MYDNSJP_PASSWORD = "Password" + [Configuration.Additional] + MYDNSJP_POLLING_INTERVAL = "Time between DNS propagation check" + MYDNSJP_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + MYDNSJP_TTL = "The TTL of the TXT record used for the DNS challenge" + MYDNSJP_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://www.mydns.jp/?MENU=030" diff --git a/providers/dns/namecheap/namecheap.toml b/providers/dns/namecheap/namecheap.toml new file mode 100644 index 00000000..341ac6ad --- /dev/null +++ b/providers/dns/namecheap/namecheap.toml @@ -0,0 +1,19 @@ +Name = "Namecheap" +Description = '''''' +URL = "https://www.namecheap.com" +Code = "namecheap" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + NAMECHEAP_API_USER = "API user" + NAMECHEAP_API_KEY = "API key" + [Configuration.Additional] + NAMECHEAP_POLLING_INTERVAL = "Time between DNS propagation check" + NAMECHEAP_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + NAMECHEAP_TTL = "The TTL of the TXT record used for the DNS challenge" + NAMECHEAP_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://www.namecheap.com/support/api/methods.aspx" diff --git a/providers/dns/namedotcom/namedotcom.toml b/providers/dns/namedotcom/namedotcom.toml new file mode 100644 index 00000000..c69c45e7 --- /dev/null +++ b/providers/dns/namedotcom/namedotcom.toml @@ -0,0 +1,21 @@ +Name = "Name.com" +Description = '''''' +URL = "https://www.name.com" +Code = "namedotcom" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + NAMECOM_USERNAME = "Username" + NAMECOM_API_TOKEN = "API token" + [Configuration.Additional] + NAMECOM_POLLING_INTERVAL = "Time between DNS propagation check" + NAMECOM_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + NAMECOM_TTL = "The TTL of the TXT record used for the DNS challenge" + NAMECOM_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://www.name.com/api-docs/DNS" + GoClient = "https://github.com/namedotcom/go" + diff --git a/providers/dns/netcup/netcup.toml b/providers/dns/netcup/netcup.toml new file mode 100644 index 00000000..6ade9cf3 --- /dev/null +++ b/providers/dns/netcup/netcup.toml @@ -0,0 +1,20 @@ +Name = "Netcup" +Description = '''''' +URL = "https://www.netcup.eu/" +Code = "netcup" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + NETCUP_CUSTOMER_NUMBER = "Customer number" + NETCUP_API_KEY = "API key" + NETCUP_API_PASSWORD = "API password" + [Configuration.Additional] + NETCUP_POLLING_INTERVAL = "Time between DNS propagation check" + NETCUP_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + NETCUP_TTL = "The TTL of the TXT record used for the DNS challenge" + NETCUP_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://www.netcup-wiki.de/wiki/DNS_API" diff --git a/providers/dns/nifcloud/nifcloud.toml b/providers/dns/nifcloud/nifcloud.toml new file mode 100644 index 00000000..c4b6465d --- /dev/null +++ b/providers/dns/nifcloud/nifcloud.toml @@ -0,0 +1,19 @@ +Name = "NIFCloud" +Description = '''''' +URL = "https://www.nifcloud.com/" +Code = "nifcloud" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + NIFCLOUD_ACCESS_KEY_ID = "Access key" + NIFCLOUD_SECRET_ACCESS_KEY = "Secret access key" + [Configuration.Additional] + NIFCLOUD_POLLING_INTERVAL = "Time between DNS propagation check" + NIFCLOUD_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + NIFCLOUD_TTL = "The TTL of the TXT record used for the DNS challenge" + NIFCLOUD_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://mbaas.nifcloud.com/doc/current/rest/common/format.html" diff --git a/providers/dns/ns1/ns1.toml b/providers/dns/ns1/ns1.toml new file mode 100644 index 00000000..74807974 --- /dev/null +++ b/providers/dns/ns1/ns1.toml @@ -0,0 +1,19 @@ +Name = "NS1" +Description = '''''' +URL = "https://ns1.com" +Code = "ns1" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + NS1_API_KEY = "API key" + [Configuration.Additional] + NS1_POLLING_INTERVAL = "Time between DNS propagation check" + NS1_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + NS1_TTL = "The TTL of the TXT record used for the DNS challenge" + NS1_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://ns1.com/api" + GoClient = "https://github.com/ns1/ns1-go" diff --git a/providers/dns/oraclecloud/README.md b/providers/dns/oraclecloud/README.md deleted file mode 100644 index 476882e0..00000000 --- a/providers/dns/oraclecloud/README.md +++ /dev/null @@ -1,48 +0,0 @@ -# Export shell-env for OracleCloud - -## In Bash - -``` -export OCI_PRIVKEY_FILE="/.oci/oci_api_key.pem" -export OCI_PRIVKEY_PASS="secret" -export OCI_TENANCY_OCID="ocid1.tenancy.oc1..secret" -export OCI_USER_OCID="ocid1.user.oc1..secret" -export OCI_PUBKEY_FINGERPRINT="00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" -export OCI_REGION="us-phoenix-1" -export OCI_COMPARTMENT_OCID="ocid1.tenancy.oc1..secret" -``` - -``` -export OCI_PRIVKEY=`base64 ~/.oci/oci_api_key.pem` -export OCI_PRIVKEY_PASS="secret" -export OCI_TENANCY_OCID="ocid1.tenancy.oc1..secret" -export OCI_USER_OCID="ocid1.user.oc1..secret" -export OCI_PUBKEY_FINGERPRINT="00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" -export OCI_REGION="us-phoenix-1" -export OCI_COMPARTMENT_OCID="ocid1.tenancy.oc1..secret" -``` - -## In Fish - -``` -set -x OCI_PRIVKEY_FILE '~/.oci/oci_api_key.pem' -set -x OCI_PRIVKEY_PASS 'secret' -set -x OCI_TENANCY_OCID 'ocid1.tenancy.oc1..secret' -set -x OCI_USER_OCID 'ocid1.user.oc1..secret' -set -x OCI_PUBKEY_FINGERPRINT '00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00' -set -x OCI_REGION 'us-phoenix-1' -set -x OCI_COMPARTMENT_OCID 'ocid1.tenancy.oc1..secret' -``` - -``` -set IFS -set -x OCI_PRIVKEY (base64 ~/.oci/oci_api_key.pem) -set IFS \n" "\t - -set -x OCI_PRIVKEY_PASS 'secret' -set -x OCI_TENANCY_OCID 'ocid1.tenancy.oc1..secret' -set -x OCI_USER_OCID 'ocid1.user.oc1..secret' -set -x OCI_PUBKEY_FINGERPRINT '00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00' -set -x OCI_REGION 'us-phoenix-1' -set -x OCI_COMPARTMENT_OCID 'ocid1.tenancy.oc1..secret' -``` diff --git a/providers/dns/oraclecloud/oraclecloud.toml b/providers/dns/oraclecloud/oraclecloud.toml new file mode 100644 index 00000000..60786c3c --- /dev/null +++ b/providers/dns/oraclecloud/oraclecloud.toml @@ -0,0 +1,34 @@ +Name = "Oracle Cloud" +Description = '''''' +URL = "https://cloud.oracle.com/home" +Code = "oraclecloud" + +Example = ''' +OCI_PRIVKEY_FILE="~/.oci/oci_api_key.pem" \ +OCI_PRIVKEY_PASS="secret" \ +OCI_TENANCY_OCID="ocid1.tenancy.oc1..secret" \ +OCI_USER_OCID="ocid1.user.oc1..secret" \ +OCI_PUBKEY_FINGERPRINT="00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" \ +OCI_REGION="us-phoenix-1" \ +OCI_COMPARTMENT_OCID="ocid1.tenancy.oc1..secret" \ +lego --dns oraclecloud --domains my.domain.com --email my@email.com run +''' + +[Configuration] + [Configuration.Credentials] + OCI_PRIVKEY_FILE = "Private key file" + OCI_PRIVKEY_PASS = "Private key password" + OCI_TENANCY_OCID = "Tenanct OCID" + OCI_USER_OCID = "User OCID" + OCI_PUBKEY_FINGERPRINT = "Public key fingerprint" + OCI_REGION = "Region" + OCI_COMPARTMENT_OCID = "Compartment OCID" + [Configuration.Additional] + OCI_POLLING_INTERVAL = "Time between DNS propagation check" + OCI_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + OCI_TTL = "The TTL of the TXT record used for the DNS challenge" + +[Links] + API = "https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnszonemanagement.htm" + GoClient = "https://github.com/oracle/oci-go-sdk" + diff --git a/providers/dns/otc/otc.toml b/providers/dns/otc/otc.toml new file mode 100644 index 00000000..24bb5008 --- /dev/null +++ b/providers/dns/otc/otc.toml @@ -0,0 +1,23 @@ +Name = "Open Telekom Cloud" +Description = '''''' +URL = "https://cloud.telekom.de/en" +Code = "otc" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + OTC_USER_NAME = "User name" + OTC_PASSWORD = "Password" + OTC_PROJECT_NAME = "Project name" + OTC_DOMAIN_NAME = "Domain name" + OTC_IDENTITY_ENDPOINT = "Identity endpoint URL" + [Configuration.Additional] + OTC_POLLING_INTERVAL = "Time between DNS propagation check" + OTC_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + OTC_TTL = "The TTL of the TXT record used for the DNS challenge" + OTC_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://docs.otc.t-systems.com/en-us/dns/index.html" + diff --git a/providers/dns/ovh/ovh.toml b/providers/dns/ovh/ovh.toml new file mode 100644 index 00000000..3c65e71a --- /dev/null +++ b/providers/dns/ovh/ovh.toml @@ -0,0 +1,22 @@ +Name = "OVH" +Description = '''''' +URL = "https://www.ovh.com/" +Code = "ovh" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + OVH_ENDPOINT = "Endpoint URL (ovh-eu or ovh-ca)" + OVH_APPLICATION_KEY = "Application key" + OVH_APPLICATION_SECRET = "Application secret" + OVH_CONSUMER_KEY = "Consumer key" + [Configuration.Additional] + OVH_POLLING_INTERVAL = "Time between DNS propagation check" + OVH_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + OVH_TTL = "The TTL of the TXT record used for the DNS challenge" + OVH_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://eu.api.ovh.com/" + GoClient = "https://github.com/ovh/go-ovh" diff --git a/providers/dns/pdns/README.md b/providers/dns/pdns/pdns.toml similarity index 51% rename from providers/dns/pdns/README.md rename to providers/dns/pdns/pdns.toml index c13e7f9d..393f52a6 100644 --- a/providers/dns/pdns/README.md +++ b/providers/dns/pdns/pdns.toml @@ -1,7 +1,29 @@ -## PowerDNS provider +Name = "PowerDNS" +Description = '''''' +URL = "https://www.powerdns.com/" +Code = "pdns" + +Example = '''''' + +Additional = ''' +## Information Tested and confirmed to work with PowerDNS authoritative server 3.4.8 and 4.0.1. Refer to [PowerDNS documentation](https://doc.powerdns.com/md/httpapi/README/) instructions on how to enable the built-in API interface. PowerDNS Notes: - PowerDNS API does not currently support SSL, therefore you should take care to ensure that traffic between lego and the PowerDNS API is over a trusted network, VPN etc. - In order to have the SOA serial automatically increment each time the `_acme-challenge` record is added/modified via the API, set `SOA-EDIT-API` to `INCEPTION-INCREMENT` for the zone in the `domainmetadata` table +''' + +[Configuration] + [Configuration.Credentials] + PDNS_API_KEY = "API key" + PDNS_API_URL = "API url" + [Configuration.Additional] + PDNS_POLLING_INTERVAL = "Time between DNS propagation check" + PDNS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + PDNS_TTL = "The TTL of the TXT record used for the DNS challenge" + PDNS_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://doc.powerdns.com/md/httpapi/README/" diff --git a/providers/dns/rackspace/rackspace.toml b/providers/dns/rackspace/rackspace.toml new file mode 100644 index 00000000..caec8f72 --- /dev/null +++ b/providers/dns/rackspace/rackspace.toml @@ -0,0 +1,19 @@ +Name = "Rackspace" +Description = '''''' +URL = "https://www.rackspace.com/" +Code = "rackspace" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + RACKSPACE_USER = "API user" + RACKSPACE_API_KEY = "API key" + [Configuration.Additional] + RACKSPACE_POLLING_INTERVAL = "Time between DNS propagation check" + RACKSPACE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + RACKSPACE_TTL = "The TTL of the TXT record used for the DNS challenge" + RACKSPACE_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://developer.rackspace.com/docs/cloud-dns/v1/" diff --git a/providers/dns/rfc2136/rfc2136.go b/providers/dns/rfc2136/rfc2136.go index 395e7dc9..b49daa4f 100644 --- a/providers/dns/rfc2136/rfc2136.go +++ b/providers/dns/rfc2136/rfc2136.go @@ -51,7 +51,7 @@ type DNSProvider struct { // See https://github.com/miekg/dns/blob/master/tsig.go for supported values. // RFC2136_TSIG_KEY: Name of the secret key as defined in DNS server configuration. // RFC2136_TSIG_SECRET: Secret key payload. -// RFC2136_TIMEOUT: DNS propagation timeout in time.ParseDuration format. (60s) +// RFC2136_PROPAGATION_TIMEOUT: DNS propagation timeout in time.ParseDuration format. (60s) // To disable TSIG authentication, leave the RFC2136_TSIG* variables unset. func NewDNSProvider() (*DNSProvider, error) { values, err := env.Get("RFC2136_NAMESERVER") diff --git a/providers/dns/rfc2136/rfc2136.toml b/providers/dns/rfc2136/rfc2136.toml new file mode 100644 index 00000000..183f8ef5 --- /dev/null +++ b/providers/dns/rfc2136/rfc2136.toml @@ -0,0 +1,22 @@ +Name = "RFC2136" +Description = '''''' +URL = "https://tools.ietf.org/html/rfc2136" +Code = "rfc2136" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + RFC2136_TSIG_KEY = "Name of the secret key as defined in DNS server configuration. To disable TSIG authentication, leave the `RFC2136_TSIG*` variables unset." + RFC2136_TSIG_SECRET = "Secret key payload. To disable TSIG authentication, leave the` RFC2136_TSIG*` variables unset." + RFC2136_TSIG_ALGORITHM = "TSIG algorythm. See [miekg/dns#tsig.go](https://github.com/miekg/dns/blob/master/tsig.go) for supported values. To disable TSIG authentication, leave the `RFC2136_TSIG*` variables unset." + RFC2136_NAMESERVER = 'Network address in the form "host" or "host:port"' + [Configuration.Additional] + RFC2136_POLLING_INTERVAL = "Time between DNS propagation check" + RFC2136_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + RFC2136_TTL = "The TTL of the TXT record used for the DNS challenge" + RFC2136_DNS_TIMEOUT = "API request timeout" + RFC2136_SEQUENCE_INTERVAL = "Interval between iteration" + +[Links] + API = "https://tools.ietf.org/html/rfc2136" diff --git a/providers/dns/route53/route53.toml b/providers/dns/route53/route53.toml new file mode 100644 index 00000000..39b17223 --- /dev/null +++ b/providers/dns/route53/route53.toml @@ -0,0 +1,67 @@ +Name = "Amazon Route 53" +Description = '''''' +URL = "https://aws.amazon.com/route53/" +Code = "route53" + +Example = '''''' + +Additional = ''' +## Description + +AWS Credentials are automatically detected in the following locations and prioritized in the following order: + +1. Environment variables: `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, `AWS_REGION`, [`AWS_SESSION_TOKEN`] +2. Shared credentials file (defaults to `~/.aws/credentials`) +3. Amazon EC2 IAM role + +If `AWS_HOSTED_ZONE_ID` is not set, Lego tries to determine the correct public hosted zone via the FQDN. + +See also: [configuring-sdk](https://github.com/aws/aws-sdk-go/wiki/configuring-sdk) + +## Policy + +The following AWS IAM policy document describes the permissions required for lego to complete the DNS challenge. + +```json +{ + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "", + "Effect": "Allow", + "Action": [ + "route53:GetChange", + "route53:ChangeResourceRecordSets", + "route53:ListResourceRecordSets" + ], + "Resource": [ + "arn:aws:route53:::hostedzone/*", + "arn:aws:route53:::change/*" + ] + }, + { + "Sid": "", + "Effect": "Allow", + "Action": "route53:ListHostedZonesByName", + "Resource": "*" + } + ] +} +``` + +''' + +[Configuration] + [Configuration.Credentials] + AWS_ACCESS_KEY_ID = "" + AWS_SECRET_ACCESS_KEY = "" + AWS_REGION = "" + AWS_HOSTED_ZONE_ID = "" + [Configuration.Additional] + AWS_POLLING_INTERVAL = "Time between DNS propagation check" + AWS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + AWS_TTL = "The TTL of the TXT record used for the DNS challenge" + +[Links] + API = "https://docs.aws.amazon.com/Route53/latest/APIReference/API_Operations_Amazon_Route_53.html" + GoClient = "https://github.com/aws/aws-sdk-go/aws" diff --git a/providers/dns/sakuracloud/sakuracloud.toml b/providers/dns/sakuracloud/sakuracloud.toml new file mode 100644 index 00000000..b49506a8 --- /dev/null +++ b/providers/dns/sakuracloud/sakuracloud.toml @@ -0,0 +1,19 @@ +Name = "Sakura Cloud" +Description = '''''' +URL = "https://cloud.sakura.ad.jp/" +Code = "sakuracloud" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + SAKURACLOUD_ACCESS_TOKEN = "Access token" + SAKURACLOUD_ACCESS_TOKEN_SECRET = "Access token secret" + [Configuration.Additional] + SAKURACLOUD_POLLING_INTERVAL = "Time between DNS propagation check" + SAKURACLOUD_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + SAKURACLOUD_TTL = "The TTL of the TXT record used for the DNS challenge" + +[Links] + API = "https://developer.sakura.ad.jp/cloud/api/1.1/" + GoClient = "https://github.com/sacloud/libsacloud" diff --git a/providers/dns/selectel/selectel.toml b/providers/dns/selectel/selectel.toml new file mode 100644 index 00000000..2e756e9c --- /dev/null +++ b/providers/dns/selectel/selectel.toml @@ -0,0 +1,19 @@ +Name = "Selectel" +Description = '''''' +URL = "https://kb.selectel.com/" +Code = "selectel" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + SELECTEL_API_TOKEN = "API token" + [Configuration.Additional] + SELECTEL_BASE_URL = "API endpoint URL" + SELECTEL_POLLING_INTERVAL = "Time between DNS propagation check" + SELECTEL_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + SELECTEL_TTL = "The TTL of the TXT record used for the DNS challenge" + SELECTEL_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://kb.selectel.com/23136054.html" diff --git a/providers/dns/stackpath/stackpath.toml b/providers/dns/stackpath/stackpath.toml new file mode 100644 index 00000000..81b94191 --- /dev/null +++ b/providers/dns/stackpath/stackpath.toml @@ -0,0 +1,19 @@ +Name = "Stackpath" +Description = '''''' +URL = "https://www.stackpath.com/" +Code = "stackpath" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + STACKPATH_CLIENT_ID = "Client ID" + STACKPATH_CLIENT_SECRET = "Client secret" + STACKPATH_STACK_ID = "Stack ID" + [Configuration.Additional] + STACKPATH_POLLING_INTERVAL = "Time between DNS propagation check" + STACKPATH_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + STACKPATH_TTL = "The TTL of the TXT record used for the DNS challenge" + +[Links] + API = "https://developer.stackpath.com/en/api/dns/#tag/Zone" diff --git a/providers/dns/transip/transip.toml b/providers/dns/transip/transip.toml new file mode 100644 index 00000000..913806c3 --- /dev/null +++ b/providers/dns/transip/transip.toml @@ -0,0 +1,20 @@ +Name = "TransIP" +Description = '''''' +URL = "https://www.transip.nl/" +Code = "transip" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + TRANSIP_ACCOUNT_NAME = "Account name" + TRANSIP_PRIVATE_KEY_PATH = "Private key path" + [Configuration.Additional] + TRANSIP_POLLING_INTERVAL = "Time between DNS propagation check" + TRANSIP_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + TRANSIP_TTL = "The TTL of the TXT record used for the DNS challenge" + +[Links] + API = "https://api.transip.nl/docs/transip.nl/package-Transip.html" + GoClient = "https://github.com/transip/gotransip" + diff --git a/providers/dns/vegadns/vegadns.toml b/providers/dns/vegadns/vegadns.toml new file mode 100644 index 00000000..a223b6e6 --- /dev/null +++ b/providers/dns/vegadns/vegadns.toml @@ -0,0 +1,21 @@ +Name = "VegaDNS" +Description = '''''' +URL = "https://github.com/shupp/VegaDNS-API" +Code = "vegadns" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + SECRET_VEGADNS_KEY = "API key" + SECRET_VEGADNS_SECRET = "API secret" + VEGADNS_URL = "API endpoint URL" + [Configuration.Additional] + VEGADNS_POLLING_INTERVAL = "Time between DNS propagation check" + VEGADNS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + VEGADNS_TTL = "The TTL of the TXT record used for the DNS challenge" + +[Links] + API = "https://github.com/shupp/VegaDNS-API" + GoClient = "https://github.com/OpenDNS/vegadns2client" + diff --git a/providers/dns/vscale/vscale.toml b/providers/dns/vscale/vscale.toml new file mode 100644 index 00000000..71a3350a --- /dev/null +++ b/providers/dns/vscale/vscale.toml @@ -0,0 +1,19 @@ +Name = "Vscale" +Description = '''''' +URL = "https://vscale.io/" +Code = "vscale" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + VSCALE_API_TOKEN = "API token" + [Configuration.Additional] + VSCALE_BASE_URL = "API enddpoint URL" + VSCALE_POLLING_INTERVAL = "Time between DNS propagation check" + VSCALE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + VSCALE_TTL = "The TTL of the TXT record used for the DNS challenge" + VSCALE_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://developers.vscale.io/documentation/api/v1/#api-Domains_Records" diff --git a/providers/dns/vultr/vultr.toml b/providers/dns/vultr/vultr.toml new file mode 100644 index 00000000..23d4243e --- /dev/null +++ b/providers/dns/vultr/vultr.toml @@ -0,0 +1,19 @@ +Name = "Vultr" +Description = '''''' +URL = "https://www.vultr.com/" +Code = "vultr" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + VULTR_API_KEY = "API key" + [Configuration.Additional] + VULTR_POLLING_INTERVAL = "Time between DNS propagation check" + VULTR_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + VULTR_TTL = "The TTL of the TXT record used for the DNS challenge" + VULTR_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://www.vultr.com/api/#dns" + GoClient = "https://github.com/JamesClonk/vultr" diff --git a/providers/dns/zoneee/zoneee.toml b/providers/dns/zoneee/zoneee.toml new file mode 100644 index 00000000..fc564ce7 --- /dev/null +++ b/providers/dns/zoneee/zoneee.toml @@ -0,0 +1,20 @@ +Name = "Zone.ee" +Description = '''''' +URL = "https://www.zone.ee/" +Code = "zoneee" + +Example = '''''' + +[Configuration] + [Configuration.Credentials] + ZONEEE_API_USER = "API user" + ZONEEE_API_KEY = "API key" + [Configuration.Additional] + ZONEEE_ENDPOINT = "API endpoint URL" + ZONEEE_POLLING_INTERVAL = "Time between DNS propagation check" + ZONEEE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + ZONEEE_TTL = "The TTL of the TXT record used for the DNS challenge" + ZONEEE_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://api.zone.eu/v2" diff --git a/vendor/github.com/BurntSushi/toml/COPYING b/vendor/github.com/BurntSushi/toml/COPYING new file mode 100644 index 00000000..01b57432 --- /dev/null +++ b/vendor/github.com/BurntSushi/toml/COPYING @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2013 TOML authors + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/vendor/github.com/BurntSushi/toml/cmd/toml-test-decoder/COPYING b/vendor/github.com/BurntSushi/toml/cmd/toml-test-decoder/COPYING new file mode 100644 index 00000000..01b57432 --- /dev/null +++ b/vendor/github.com/BurntSushi/toml/cmd/toml-test-decoder/COPYING @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2013 TOML authors + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/vendor/github.com/BurntSushi/toml/cmd/toml-test-encoder/COPYING b/vendor/github.com/BurntSushi/toml/cmd/toml-test-encoder/COPYING new file mode 100644 index 00000000..01b57432 --- /dev/null +++ b/vendor/github.com/BurntSushi/toml/cmd/toml-test-encoder/COPYING @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2013 TOML authors + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/vendor/github.com/BurntSushi/toml/cmd/tomlv/COPYING b/vendor/github.com/BurntSushi/toml/cmd/tomlv/COPYING new file mode 100644 index 00000000..01b57432 --- /dev/null +++ b/vendor/github.com/BurntSushi/toml/cmd/tomlv/COPYING @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2013 TOML authors + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/vendor/github.com/BurntSushi/toml/decode.go b/vendor/github.com/BurntSushi/toml/decode.go new file mode 100644 index 00000000..b0fd51d5 --- /dev/null +++ b/vendor/github.com/BurntSushi/toml/decode.go @@ -0,0 +1,509 @@ +package toml + +import ( + "fmt" + "io" + "io/ioutil" + "math" + "reflect" + "strings" + "time" +) + +func e(format string, args ...interface{}) error { + return fmt.Errorf("toml: "+format, args...) +} + +// Unmarshaler is the interface implemented by objects that can unmarshal a +// TOML description of themselves. +type Unmarshaler interface { + UnmarshalTOML(interface{}) error +} + +// Unmarshal decodes the contents of `p` in TOML format into a pointer `v`. +func Unmarshal(p []byte, v interface{}) error { + _, err := Decode(string(p), v) + return err +} + +// Primitive is a TOML value that hasn't been decoded into a Go value. +// When using the various `Decode*` functions, the type `Primitive` may +// be given to any value, and its decoding will be delayed. +// +// A `Primitive` value can be decoded using the `PrimitiveDecode` function. +// +// The underlying representation of a `Primitive` value is subject to change. +// Do not rely on it. +// +// N.B. Primitive values are still parsed, so using them will only avoid +// the overhead of reflection. They can be useful when you don't know the +// exact type of TOML data until run time. +type Primitive struct { + undecoded interface{} + context Key +} + +// DEPRECATED! +// +// Use MetaData.PrimitiveDecode instead. +func PrimitiveDecode(primValue Primitive, v interface{}) error { + md := MetaData{decoded: make(map[string]bool)} + return md.unify(primValue.undecoded, rvalue(v)) +} + +// PrimitiveDecode is just like the other `Decode*` functions, except it +// decodes a TOML value that has already been parsed. Valid primitive values +// can *only* be obtained from values filled by the decoder functions, +// including this method. (i.e., `v` may contain more `Primitive` +// values.) +// +// Meta data for primitive values is included in the meta data returned by +// the `Decode*` functions with one exception: keys returned by the Undecoded +// method will only reflect keys that were decoded. Namely, any keys hidden +// behind a Primitive will be considered undecoded. Executing this method will +// update the undecoded keys in the meta data. (See the example.) +func (md *MetaData) PrimitiveDecode(primValue Primitive, v interface{}) error { + md.context = primValue.context + defer func() { md.context = nil }() + return md.unify(primValue.undecoded, rvalue(v)) +} + +// Decode will decode the contents of `data` in TOML format into a pointer +// `v`. +// +// TOML hashes correspond to Go structs or maps. (Dealer's choice. They can be +// used interchangeably.) +// +// TOML arrays of tables correspond to either a slice of structs or a slice +// of maps. +// +// TOML datetimes correspond to Go `time.Time` values. +// +// All other TOML types (float, string, int, bool and array) correspond +// to the obvious Go types. +// +// An exception to the above rules is if a type implements the +// encoding.TextUnmarshaler interface. In this case, any primitive TOML value +// (floats, strings, integers, booleans and datetimes) will be converted to +// a byte string and given to the value's UnmarshalText method. See the +// Unmarshaler example for a demonstration with time duration strings. +// +// Key mapping +// +// TOML keys can map to either keys in a Go map or field names in a Go +// struct. The special `toml` struct tag may be used to map TOML keys to +// struct fields that don't match the key name exactly. (See the example.) +// A case insensitive match to struct names will be tried if an exact match +// can't be found. +// +// The mapping between TOML values and Go values is loose. That is, there +// may exist TOML values that cannot be placed into your representation, and +// there may be parts of your representation that do not correspond to +// TOML values. This loose mapping can be made stricter by using the IsDefined +// and/or Undecoded methods on the MetaData returned. +// +// This decoder will not handle cyclic types. If a cyclic type is passed, +// `Decode` will not terminate. +func Decode(data string, v interface{}) (MetaData, error) { + rv := reflect.ValueOf(v) + if rv.Kind() != reflect.Ptr { + return MetaData{}, e("Decode of non-pointer %s", reflect.TypeOf(v)) + } + if rv.IsNil() { + return MetaData{}, e("Decode of nil %s", reflect.TypeOf(v)) + } + p, err := parse(data) + if err != nil { + return MetaData{}, err + } + md := MetaData{ + p.mapping, p.types, p.ordered, + make(map[string]bool, len(p.ordered)), nil, + } + return md, md.unify(p.mapping, indirect(rv)) +} + +// DecodeFile is just like Decode, except it will automatically read the +// contents of the file at `fpath` and decode it for you. +func DecodeFile(fpath string, v interface{}) (MetaData, error) { + bs, err := ioutil.ReadFile(fpath) + if err != nil { + return MetaData{}, err + } + return Decode(string(bs), v) +} + +// DecodeReader is just like Decode, except it will consume all bytes +// from the reader and decode it for you. +func DecodeReader(r io.Reader, v interface{}) (MetaData, error) { + bs, err := ioutil.ReadAll(r) + if err != nil { + return MetaData{}, err + } + return Decode(string(bs), v) +} + +// unify performs a sort of type unification based on the structure of `rv`, +// which is the client representation. +// +// Any type mismatch produces an error. Finding a type that we don't know +// how to handle produces an unsupported type error. +func (md *MetaData) unify(data interface{}, rv reflect.Value) error { + + // Special case. Look for a `Primitive` value. + if rv.Type() == reflect.TypeOf((*Primitive)(nil)).Elem() { + // Save the undecoded data and the key context into the primitive + // value. + context := make(Key, len(md.context)) + copy(context, md.context) + rv.Set(reflect.ValueOf(Primitive{ + undecoded: data, + context: context, + })) + return nil + } + + // Special case. Unmarshaler Interface support. + if rv.CanAddr() { + if v, ok := rv.Addr().Interface().(Unmarshaler); ok { + return v.UnmarshalTOML(data) + } + } + + // Special case. Handle time.Time values specifically. + // TODO: Remove this code when we decide to drop support for Go 1.1. + // This isn't necessary in Go 1.2 because time.Time satisfies the encoding + // interfaces. + if rv.Type().AssignableTo(rvalue(time.Time{}).Type()) { + return md.unifyDatetime(data, rv) + } + + // Special case. Look for a value satisfying the TextUnmarshaler interface. + if v, ok := rv.Interface().(TextUnmarshaler); ok { + return md.unifyText(data, v) + } + // BUG(burntsushi) + // The behavior here is incorrect whenever a Go type satisfies the + // encoding.TextUnmarshaler interface but also corresponds to a TOML + // hash or array. In particular, the unmarshaler should only be applied + // to primitive TOML values. But at this point, it will be applied to + // all kinds of values and produce an incorrect error whenever those values + // are hashes or arrays (including arrays of tables). + + k := rv.Kind() + + // laziness + if k >= reflect.Int && k <= reflect.Uint64 { + return md.unifyInt(data, rv) + } + switch k { + case reflect.Ptr: + elem := reflect.New(rv.Type().Elem()) + err := md.unify(data, reflect.Indirect(elem)) + if err != nil { + return err + } + rv.Set(elem) + return nil + case reflect.Struct: + return md.unifyStruct(data, rv) + case reflect.Map: + return md.unifyMap(data, rv) + case reflect.Array: + return md.unifyArray(data, rv) + case reflect.Slice: + return md.unifySlice(data, rv) + case reflect.String: + return md.unifyString(data, rv) + case reflect.Bool: + return md.unifyBool(data, rv) + case reflect.Interface: + // we only support empty interfaces. + if rv.NumMethod() > 0 { + return e("unsupported type %s", rv.Type()) + } + return md.unifyAnything(data, rv) + case reflect.Float32: + fallthrough + case reflect.Float64: + return md.unifyFloat64(data, rv) + } + return e("unsupported type %s", rv.Kind()) +} + +func (md *MetaData) unifyStruct(mapping interface{}, rv reflect.Value) error { + tmap, ok := mapping.(map[string]interface{}) + if !ok { + if mapping == nil { + return nil + } + return e("type mismatch for %s: expected table but found %T", + rv.Type().String(), mapping) + } + + for key, datum := range tmap { + var f *field + fields := cachedTypeFields(rv.Type()) + for i := range fields { + ff := &fields[i] + if ff.name == key { + f = ff + break + } + if f == nil && strings.EqualFold(ff.name, key) { + f = ff + } + } + if f != nil { + subv := rv + for _, i := range f.index { + subv = indirect(subv.Field(i)) + } + if isUnifiable(subv) { + md.decoded[md.context.add(key).String()] = true + md.context = append(md.context, key) + if err := md.unify(datum, subv); err != nil { + return err + } + md.context = md.context[0 : len(md.context)-1] + } else if f.name != "" { + // Bad user! No soup for you! + return e("cannot write unexported field %s.%s", + rv.Type().String(), f.name) + } + } + } + return nil +} + +func (md *MetaData) unifyMap(mapping interface{}, rv reflect.Value) error { + tmap, ok := mapping.(map[string]interface{}) + if !ok { + if tmap == nil { + return nil + } + return badtype("map", mapping) + } + if rv.IsNil() { + rv.Set(reflect.MakeMap(rv.Type())) + } + for k, v := range tmap { + md.decoded[md.context.add(k).String()] = true + md.context = append(md.context, k) + + rvkey := indirect(reflect.New(rv.Type().Key())) + rvval := reflect.Indirect(reflect.New(rv.Type().Elem())) + if err := md.unify(v, rvval); err != nil { + return err + } + md.context = md.context[0 : len(md.context)-1] + + rvkey.SetString(k) + rv.SetMapIndex(rvkey, rvval) + } + return nil +} + +func (md *MetaData) unifyArray(data interface{}, rv reflect.Value) error { + datav := reflect.ValueOf(data) + if datav.Kind() != reflect.Slice { + if !datav.IsValid() { + return nil + } + return badtype("slice", data) + } + sliceLen := datav.Len() + if sliceLen != rv.Len() { + return e("expected array length %d; got TOML array of length %d", + rv.Len(), sliceLen) + } + return md.unifySliceArray(datav, rv) +} + +func (md *MetaData) unifySlice(data interface{}, rv reflect.Value) error { + datav := reflect.ValueOf(data) + if datav.Kind() != reflect.Slice { + if !datav.IsValid() { + return nil + } + return badtype("slice", data) + } + n := datav.Len() + if rv.IsNil() || rv.Cap() < n { + rv.Set(reflect.MakeSlice(rv.Type(), n, n)) + } + rv.SetLen(n) + return md.unifySliceArray(datav, rv) +} + +func (md *MetaData) unifySliceArray(data, rv reflect.Value) error { + sliceLen := data.Len() + for i := 0; i < sliceLen; i++ { + v := data.Index(i).Interface() + sliceval := indirect(rv.Index(i)) + if err := md.unify(v, sliceval); err != nil { + return err + } + } + return nil +} + +func (md *MetaData) unifyDatetime(data interface{}, rv reflect.Value) error { + if _, ok := data.(time.Time); ok { + rv.Set(reflect.ValueOf(data)) + return nil + } + return badtype("time.Time", data) +} + +func (md *MetaData) unifyString(data interface{}, rv reflect.Value) error { + if s, ok := data.(string); ok { + rv.SetString(s) + return nil + } + return badtype("string", data) +} + +func (md *MetaData) unifyFloat64(data interface{}, rv reflect.Value) error { + if num, ok := data.(float64); ok { + switch rv.Kind() { + case reflect.Float32: + fallthrough + case reflect.Float64: + rv.SetFloat(num) + default: + panic("bug") + } + return nil + } + return badtype("float", data) +} + +func (md *MetaData) unifyInt(data interface{}, rv reflect.Value) error { + if num, ok := data.(int64); ok { + if rv.Kind() >= reflect.Int && rv.Kind() <= reflect.Int64 { + switch rv.Kind() { + case reflect.Int, reflect.Int64: + // No bounds checking necessary. + case reflect.Int8: + if num < math.MinInt8 || num > math.MaxInt8 { + return e("value %d is out of range for int8", num) + } + case reflect.Int16: + if num < math.MinInt16 || num > math.MaxInt16 { + return e("value %d is out of range for int16", num) + } + case reflect.Int32: + if num < math.MinInt32 || num > math.MaxInt32 { + return e("value %d is out of range for int32", num) + } + } + rv.SetInt(num) + } else if rv.Kind() >= reflect.Uint && rv.Kind() <= reflect.Uint64 { + unum := uint64(num) + switch rv.Kind() { + case reflect.Uint, reflect.Uint64: + // No bounds checking necessary. + case reflect.Uint8: + if num < 0 || unum > math.MaxUint8 { + return e("value %d is out of range for uint8", num) + } + case reflect.Uint16: + if num < 0 || unum > math.MaxUint16 { + return e("value %d is out of range for uint16", num) + } + case reflect.Uint32: + if num < 0 || unum > math.MaxUint32 { + return e("value %d is out of range for uint32", num) + } + } + rv.SetUint(unum) + } else { + panic("unreachable") + } + return nil + } + return badtype("integer", data) +} + +func (md *MetaData) unifyBool(data interface{}, rv reflect.Value) error { + if b, ok := data.(bool); ok { + rv.SetBool(b) + return nil + } + return badtype("boolean", data) +} + +func (md *MetaData) unifyAnything(data interface{}, rv reflect.Value) error { + rv.Set(reflect.ValueOf(data)) + return nil +} + +func (md *MetaData) unifyText(data interface{}, v TextUnmarshaler) error { + var s string + switch sdata := data.(type) { + case TextMarshaler: + text, err := sdata.MarshalText() + if err != nil { + return err + } + s = string(text) + case fmt.Stringer: + s = sdata.String() + case string: + s = sdata + case bool: + s = fmt.Sprintf("%v", sdata) + case int64: + s = fmt.Sprintf("%d", sdata) + case float64: + s = fmt.Sprintf("%f", sdata) + default: + return badtype("primitive (string-like)", data) + } + if err := v.UnmarshalText([]byte(s)); err != nil { + return err + } + return nil +} + +// rvalue returns a reflect.Value of `v`. All pointers are resolved. +func rvalue(v interface{}) reflect.Value { + return indirect(reflect.ValueOf(v)) +} + +// indirect returns the value pointed to by a pointer. +// Pointers are followed until the value is not a pointer. +// New values are allocated for each nil pointer. +// +// An exception to this rule is if the value satisfies an interface of +// interest to us (like encoding.TextUnmarshaler). +func indirect(v reflect.Value) reflect.Value { + if v.Kind() != reflect.Ptr { + if v.CanSet() { + pv := v.Addr() + if _, ok := pv.Interface().(TextUnmarshaler); ok { + return pv + } + } + return v + } + if v.IsNil() { + v.Set(reflect.New(v.Type().Elem())) + } + return indirect(reflect.Indirect(v)) +} + +func isUnifiable(rv reflect.Value) bool { + if rv.CanSet() { + return true + } + if _, ok := rv.Interface().(TextUnmarshaler); ok { + return true + } + return false +} + +func badtype(expected string, data interface{}) error { + return e("cannot load TOML value of type %T into a Go %s", data, expected) +} diff --git a/vendor/github.com/BurntSushi/toml/decode_meta.go b/vendor/github.com/BurntSushi/toml/decode_meta.go new file mode 100644 index 00000000..b9914a67 --- /dev/null +++ b/vendor/github.com/BurntSushi/toml/decode_meta.go @@ -0,0 +1,121 @@ +package toml + +import "strings" + +// MetaData allows access to meta information about TOML data that may not +// be inferrable via reflection. In particular, whether a key has been defined +// and the TOML type of a key. +type MetaData struct { + mapping map[string]interface{} + types map[string]tomlType + keys []Key + decoded map[string]bool + context Key // Used only during decoding. +} + +// IsDefined returns true if the key given exists in the TOML data. The key +// should be specified hierarchially. e.g., +// +// // access the TOML key 'a.b.c' +// IsDefined("a", "b", "c") +// +// IsDefined will return false if an empty key given. Keys are case sensitive. +func (md *MetaData) IsDefined(key ...string) bool { + if len(key) == 0 { + return false + } + + var hash map[string]interface{} + var ok bool + var hashOrVal interface{} = md.mapping + for _, k := range key { + if hash, ok = hashOrVal.(map[string]interface{}); !ok { + return false + } + if hashOrVal, ok = hash[k]; !ok { + return false + } + } + return true +} + +// Type returns a string representation of the type of the key specified. +// +// Type will return the empty string if given an empty key or a key that +// does not exist. Keys are case sensitive. +func (md *MetaData) Type(key ...string) string { + fullkey := strings.Join(key, ".") + if typ, ok := md.types[fullkey]; ok { + return typ.typeString() + } + return "" +} + +// Key is the type of any TOML key, including key groups. Use (MetaData).Keys +// to get values of this type. +type Key []string + +func (k Key) String() string { + return strings.Join(k, ".") +} + +func (k Key) maybeQuotedAll() string { + var ss []string + for i := range k { + ss = append(ss, k.maybeQuoted(i)) + } + return strings.Join(ss, ".") +} + +func (k Key) maybeQuoted(i int) string { + quote := false + for _, c := range k[i] { + if !isBareKeyChar(c) { + quote = true + break + } + } + if quote { + return "\"" + strings.Replace(k[i], "\"", "\\\"", -1) + "\"" + } + return k[i] +} + +func (k Key) add(piece string) Key { + newKey := make(Key, len(k)+1) + copy(newKey, k) + newKey[len(k)] = piece + return newKey +} + +// Keys returns a slice of every key in the TOML data, including key groups. +// Each key is itself a slice, where the first element is the top of the +// hierarchy and the last is the most specific. +// +// The list will have the same order as the keys appeared in the TOML data. +// +// All keys returned are non-empty. +func (md *MetaData) Keys() []Key { + return md.keys +} + +// Undecoded returns all keys that have not been decoded in the order in which +// they appear in the original TOML document. +// +// This includes keys that haven't been decoded because of a Primitive value. +// Once the Primitive value is decoded, the keys will be considered decoded. +// +// Also note that decoding into an empty interface will result in no decoding, +// and so no keys will be considered decoded. +// +// In this sense, the Undecoded keys correspond to keys in the TOML document +// that do not have a concrete type in your representation. +func (md *MetaData) Undecoded() []Key { + undecoded := make([]Key, 0, len(md.keys)) + for _, key := range md.keys { + if !md.decoded[key.String()] { + undecoded = append(undecoded, key) + } + } + return undecoded +} diff --git a/vendor/github.com/BurntSushi/toml/doc.go b/vendor/github.com/BurntSushi/toml/doc.go new file mode 100644 index 00000000..b371f396 --- /dev/null +++ b/vendor/github.com/BurntSushi/toml/doc.go @@ -0,0 +1,27 @@ +/* +Package toml provides facilities for decoding and encoding TOML configuration +files via reflection. There is also support for delaying decoding with +the Primitive type, and querying the set of keys in a TOML document with the +MetaData type. + +The specification implemented: https://github.com/toml-lang/toml + +The sub-command github.com/BurntSushi/toml/cmd/tomlv can be used to verify +whether a file is a valid TOML document. It can also be used to print the +type of each key in a TOML document. + +Testing + +There are two important types of tests used for this package. The first is +contained inside '*_test.go' files and uses the standard Go unit testing +framework. These tests are primarily devoted to holistically testing the +decoder and encoder. + +The second type of testing is used to verify the implementation's adherence +to the TOML specification. These tests have been factored into their own +project: https://github.com/BurntSushi/toml-test + +The reason the tests are in a separate project is so that they can be used by +any implementation of TOML. Namely, it is language agnostic. +*/ +package toml diff --git a/vendor/github.com/BurntSushi/toml/encode.go b/vendor/github.com/BurntSushi/toml/encode.go new file mode 100644 index 00000000..d905c21a --- /dev/null +++ b/vendor/github.com/BurntSushi/toml/encode.go @@ -0,0 +1,568 @@ +package toml + +import ( + "bufio" + "errors" + "fmt" + "io" + "reflect" + "sort" + "strconv" + "strings" + "time" +) + +type tomlEncodeError struct{ error } + +var ( + errArrayMixedElementTypes = errors.New( + "toml: cannot encode array with mixed element types") + errArrayNilElement = errors.New( + "toml: cannot encode array with nil element") + errNonString = errors.New( + "toml: cannot encode a map with non-string key type") + errAnonNonStruct = errors.New( + "toml: cannot encode an anonymous field that is not a struct") + errArrayNoTable = errors.New( + "toml: TOML array element cannot contain a table") + errNoKey = errors.New( + "toml: top-level values must be Go maps or structs") + errAnything = errors.New("") // used in testing +) + +var quotedReplacer = strings.NewReplacer( + "\t", "\\t", + "\n", "\\n", + "\r", "\\r", + "\"", "\\\"", + "\\", "\\\\", +) + +// Encoder controls the encoding of Go values to a TOML document to some +// io.Writer. +// +// The indentation level can be controlled with the Indent field. +type Encoder struct { + // A single indentation level. By default it is two spaces. + Indent string + + // hasWritten is whether we have written any output to w yet. + hasWritten bool + w *bufio.Writer +} + +// NewEncoder returns a TOML encoder that encodes Go values to the io.Writer +// given. By default, a single indentation level is 2 spaces. +func NewEncoder(w io.Writer) *Encoder { + return &Encoder{ + w: bufio.NewWriter(w), + Indent: " ", + } +} + +// Encode writes a TOML representation of the Go value to the underlying +// io.Writer. If the value given cannot be encoded to a valid TOML document, +// then an error is returned. +// +// The mapping between Go values and TOML values should be precisely the same +// as for the Decode* functions. Similarly, the TextMarshaler interface is +// supported by encoding the resulting bytes as strings. (If you want to write +// arbitrary binary data then you will need to use something like base64 since +// TOML does not have any binary types.) +// +// When encoding TOML hashes (i.e., Go maps or structs), keys without any +// sub-hashes are encoded first. +// +// If a Go map is encoded, then its keys are sorted alphabetically for +// deterministic output. More control over this behavior may be provided if +// there is demand for it. +// +// Encoding Go values without a corresponding TOML representation---like map +// types with non-string keys---will cause an error to be returned. Similarly +// for mixed arrays/slices, arrays/slices with nil elements, embedded +// non-struct types and nested slices containing maps or structs. +// (e.g., [][]map[string]string is not allowed but []map[string]string is OK +// and so is []map[string][]string.) +func (enc *Encoder) Encode(v interface{}) error { + rv := eindirect(reflect.ValueOf(v)) + if err := enc.safeEncode(Key([]string{}), rv); err != nil { + return err + } + return enc.w.Flush() +} + +func (enc *Encoder) safeEncode(key Key, rv reflect.Value) (err error) { + defer func() { + if r := recover(); r != nil { + if terr, ok := r.(tomlEncodeError); ok { + err = terr.error + return + } + panic(r) + } + }() + enc.encode(key, rv) + return nil +} + +func (enc *Encoder) encode(key Key, rv reflect.Value) { + // Special case. Time needs to be in ISO8601 format. + // Special case. If we can marshal the type to text, then we used that. + // Basically, this prevents the encoder for handling these types as + // generic structs (or whatever the underlying type of a TextMarshaler is). + switch rv.Interface().(type) { + case time.Time, TextMarshaler: + enc.keyEqElement(key, rv) + return + } + + k := rv.Kind() + switch k { + case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, + reflect.Int64, + reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, + reflect.Uint64, + reflect.Float32, reflect.Float64, reflect.String, reflect.Bool: + enc.keyEqElement(key, rv) + case reflect.Array, reflect.Slice: + if typeEqual(tomlArrayHash, tomlTypeOfGo(rv)) { + enc.eArrayOfTables(key, rv) + } else { + enc.keyEqElement(key, rv) + } + case reflect.Interface: + if rv.IsNil() { + return + } + enc.encode(key, rv.Elem()) + case reflect.Map: + if rv.IsNil() { + return + } + enc.eTable(key, rv) + case reflect.Ptr: + if rv.IsNil() { + return + } + enc.encode(key, rv.Elem()) + case reflect.Struct: + enc.eTable(key, rv) + default: + panic(e("unsupported type for key '%s': %s", key, k)) + } +} + +// eElement encodes any value that can be an array element (primitives and +// arrays). +func (enc *Encoder) eElement(rv reflect.Value) { + switch v := rv.Interface().(type) { + case time.Time: + // Special case time.Time as a primitive. Has to come before + // TextMarshaler below because time.Time implements + // encoding.TextMarshaler, but we need to always use UTC. + enc.wf(v.UTC().Format("2006-01-02T15:04:05Z")) + return + case TextMarshaler: + // Special case. Use text marshaler if it's available for this value. + if s, err := v.MarshalText(); err != nil { + encPanic(err) + } else { + enc.writeQuoted(string(s)) + } + return + } + switch rv.Kind() { + case reflect.Bool: + enc.wf(strconv.FormatBool(rv.Bool())) + case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, + reflect.Int64: + enc.wf(strconv.FormatInt(rv.Int(), 10)) + case reflect.Uint, reflect.Uint8, reflect.Uint16, + reflect.Uint32, reflect.Uint64: + enc.wf(strconv.FormatUint(rv.Uint(), 10)) + case reflect.Float32: + enc.wf(floatAddDecimal(strconv.FormatFloat(rv.Float(), 'f', -1, 32))) + case reflect.Float64: + enc.wf(floatAddDecimal(strconv.FormatFloat(rv.Float(), 'f', -1, 64))) + case reflect.Array, reflect.Slice: + enc.eArrayOrSliceElement(rv) + case reflect.Interface: + enc.eElement(rv.Elem()) + case reflect.String: + enc.writeQuoted(rv.String()) + default: + panic(e("unexpected primitive type: %s", rv.Kind())) + } +} + +// By the TOML spec, all floats must have a decimal with at least one +// number on either side. +func floatAddDecimal(fstr string) string { + if !strings.Contains(fstr, ".") { + return fstr + ".0" + } + return fstr +} + +func (enc *Encoder) writeQuoted(s string) { + enc.wf("\"%s\"", quotedReplacer.Replace(s)) +} + +func (enc *Encoder) eArrayOrSliceElement(rv reflect.Value) { + length := rv.Len() + enc.wf("[") + for i := 0; i < length; i++ { + elem := rv.Index(i) + enc.eElement(elem) + if i != length-1 { + enc.wf(", ") + } + } + enc.wf("]") +} + +func (enc *Encoder) eArrayOfTables(key Key, rv reflect.Value) { + if len(key) == 0 { + encPanic(errNoKey) + } + for i := 0; i < rv.Len(); i++ { + trv := rv.Index(i) + if isNil(trv) { + continue + } + panicIfInvalidKey(key) + enc.newline() + enc.wf("%s[[%s]]", enc.indentStr(key), key.maybeQuotedAll()) + enc.newline() + enc.eMapOrStruct(key, trv) + } +} + +func (enc *Encoder) eTable(key Key, rv reflect.Value) { + panicIfInvalidKey(key) + if len(key) == 1 { + // Output an extra newline between top-level tables. + // (The newline isn't written if nothing else has been written though.) + enc.newline() + } + if len(key) > 0 { + enc.wf("%s[%s]", enc.indentStr(key), key.maybeQuotedAll()) + enc.newline() + } + enc.eMapOrStruct(key, rv) +} + +func (enc *Encoder) eMapOrStruct(key Key, rv reflect.Value) { + switch rv := eindirect(rv); rv.Kind() { + case reflect.Map: + enc.eMap(key, rv) + case reflect.Struct: + enc.eStruct(key, rv) + default: + panic("eTable: unhandled reflect.Value Kind: " + rv.Kind().String()) + } +} + +func (enc *Encoder) eMap(key Key, rv reflect.Value) { + rt := rv.Type() + if rt.Key().Kind() != reflect.String { + encPanic(errNonString) + } + + // Sort keys so that we have deterministic output. And write keys directly + // underneath this key first, before writing sub-structs or sub-maps. + var mapKeysDirect, mapKeysSub []string + for _, mapKey := range rv.MapKeys() { + k := mapKey.String() + if typeIsHash(tomlTypeOfGo(rv.MapIndex(mapKey))) { + mapKeysSub = append(mapKeysSub, k) + } else { + mapKeysDirect = append(mapKeysDirect, k) + } + } + + var writeMapKeys = func(mapKeys []string) { + sort.Strings(mapKeys) + for _, mapKey := range mapKeys { + mrv := rv.MapIndex(reflect.ValueOf(mapKey)) + if isNil(mrv) { + // Don't write anything for nil fields. + continue + } + enc.encode(key.add(mapKey), mrv) + } + } + writeMapKeys(mapKeysDirect) + writeMapKeys(mapKeysSub) +} + +func (enc *Encoder) eStruct(key Key, rv reflect.Value) { + // Write keys for fields directly under this key first, because if we write + // a field that creates a new table, then all keys under it will be in that + // table (not the one we're writing here). + rt := rv.Type() + var fieldsDirect, fieldsSub [][]int + var addFields func(rt reflect.Type, rv reflect.Value, start []int) + addFields = func(rt reflect.Type, rv reflect.Value, start []int) { + for i := 0; i < rt.NumField(); i++ { + f := rt.Field(i) + // skip unexported fields + if f.PkgPath != "" && !f.Anonymous { + continue + } + frv := rv.Field(i) + if f.Anonymous { + t := f.Type + switch t.Kind() { + case reflect.Struct: + // Treat anonymous struct fields with + // tag names as though they are not + // anonymous, like encoding/json does. + if getOptions(f.Tag).name == "" { + addFields(t, frv, f.Index) + continue + } + case reflect.Ptr: + if t.Elem().Kind() == reflect.Struct && + getOptions(f.Tag).name == "" { + if !frv.IsNil() { + addFields(t.Elem(), frv.Elem(), f.Index) + } + continue + } + // Fall through to the normal field encoding logic below + // for non-struct anonymous fields. + } + } + + if typeIsHash(tomlTypeOfGo(frv)) { + fieldsSub = append(fieldsSub, append(start, f.Index...)) + } else { + fieldsDirect = append(fieldsDirect, append(start, f.Index...)) + } + } + } + addFields(rt, rv, nil) + + var writeFields = func(fields [][]int) { + for _, fieldIndex := range fields { + sft := rt.FieldByIndex(fieldIndex) + sf := rv.FieldByIndex(fieldIndex) + if isNil(sf) { + // Don't write anything for nil fields. + continue + } + + opts := getOptions(sft.Tag) + if opts.skip { + continue + } + keyName := sft.Name + if opts.name != "" { + keyName = opts.name + } + if opts.omitempty && isEmpty(sf) { + continue + } + if opts.omitzero && isZero(sf) { + continue + } + + enc.encode(key.add(keyName), sf) + } + } + writeFields(fieldsDirect) + writeFields(fieldsSub) +} + +// tomlTypeName returns the TOML type name of the Go value's type. It is +// used to determine whether the types of array elements are mixed (which is +// forbidden). If the Go value is nil, then it is illegal for it to be an array +// element, and valueIsNil is returned as true. + +// Returns the TOML type of a Go value. The type may be `nil`, which means +// no concrete TOML type could be found. +func tomlTypeOfGo(rv reflect.Value) tomlType { + if isNil(rv) || !rv.IsValid() { + return nil + } + switch rv.Kind() { + case reflect.Bool: + return tomlBool + case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, + reflect.Int64, + reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, + reflect.Uint64: + return tomlInteger + case reflect.Float32, reflect.Float64: + return tomlFloat + case reflect.Array, reflect.Slice: + if typeEqual(tomlHash, tomlArrayType(rv)) { + return tomlArrayHash + } + return tomlArray + case reflect.Ptr, reflect.Interface: + return tomlTypeOfGo(rv.Elem()) + case reflect.String: + return tomlString + case reflect.Map: + return tomlHash + case reflect.Struct: + switch rv.Interface().(type) { + case time.Time: + return tomlDatetime + case TextMarshaler: + return tomlString + default: + return tomlHash + } + default: + panic("unexpected reflect.Kind: " + rv.Kind().String()) + } +} + +// tomlArrayType returns the element type of a TOML array. The type returned +// may be nil if it cannot be determined (e.g., a nil slice or a zero length +// slize). This function may also panic if it finds a type that cannot be +// expressed in TOML (such as nil elements, heterogeneous arrays or directly +// nested arrays of tables). +func tomlArrayType(rv reflect.Value) tomlType { + if isNil(rv) || !rv.IsValid() || rv.Len() == 0 { + return nil + } + firstType := tomlTypeOfGo(rv.Index(0)) + if firstType == nil { + encPanic(errArrayNilElement) + } + + rvlen := rv.Len() + for i := 1; i < rvlen; i++ { + elem := rv.Index(i) + switch elemType := tomlTypeOfGo(elem); { + case elemType == nil: + encPanic(errArrayNilElement) + case !typeEqual(firstType, elemType): + encPanic(errArrayMixedElementTypes) + } + } + // If we have a nested array, then we must make sure that the nested + // array contains ONLY primitives. + // This checks arbitrarily nested arrays. + if typeEqual(firstType, tomlArray) || typeEqual(firstType, tomlArrayHash) { + nest := tomlArrayType(eindirect(rv.Index(0))) + if typeEqual(nest, tomlHash) || typeEqual(nest, tomlArrayHash) { + encPanic(errArrayNoTable) + } + } + return firstType +} + +type tagOptions struct { + skip bool // "-" + name string + omitempty bool + omitzero bool +} + +func getOptions(tag reflect.StructTag) tagOptions { + t := tag.Get("toml") + if t == "-" { + return tagOptions{skip: true} + } + var opts tagOptions + parts := strings.Split(t, ",") + opts.name = parts[0] + for _, s := range parts[1:] { + switch s { + case "omitempty": + opts.omitempty = true + case "omitzero": + opts.omitzero = true + } + } + return opts +} + +func isZero(rv reflect.Value) bool { + switch rv.Kind() { + case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: + return rv.Int() == 0 + case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64: + return rv.Uint() == 0 + case reflect.Float32, reflect.Float64: + return rv.Float() == 0.0 + } + return false +} + +func isEmpty(rv reflect.Value) bool { + switch rv.Kind() { + case reflect.Array, reflect.Slice, reflect.Map, reflect.String: + return rv.Len() == 0 + case reflect.Bool: + return !rv.Bool() + } + return false +} + +func (enc *Encoder) newline() { + if enc.hasWritten { + enc.wf("\n") + } +} + +func (enc *Encoder) keyEqElement(key Key, val reflect.Value) { + if len(key) == 0 { + encPanic(errNoKey) + } + panicIfInvalidKey(key) + enc.wf("%s%s = ", enc.indentStr(key), key.maybeQuoted(len(key)-1)) + enc.eElement(val) + enc.newline() +} + +func (enc *Encoder) wf(format string, v ...interface{}) { + if _, err := fmt.Fprintf(enc.w, format, v...); err != nil { + encPanic(err) + } + enc.hasWritten = true +} + +func (enc *Encoder) indentStr(key Key) string { + return strings.Repeat(enc.Indent, len(key)-1) +} + +func encPanic(err error) { + panic(tomlEncodeError{err}) +} + +func eindirect(v reflect.Value) reflect.Value { + switch v.Kind() { + case reflect.Ptr, reflect.Interface: + return eindirect(v.Elem()) + default: + return v + } +} + +func isNil(rv reflect.Value) bool { + switch rv.Kind() { + case reflect.Interface, reflect.Map, reflect.Ptr, reflect.Slice: + return rv.IsNil() + default: + return false + } +} + +func panicIfInvalidKey(key Key) { + for _, k := range key { + if len(k) == 0 { + encPanic(e("Key '%s' is not a valid table name. Key names "+ + "cannot be empty.", key.maybeQuotedAll())) + } + } +} + +func isValidKeyName(s string) bool { + return len(s) != 0 +} diff --git a/vendor/github.com/BurntSushi/toml/encoding_types.go b/vendor/github.com/BurntSushi/toml/encoding_types.go new file mode 100644 index 00000000..d36e1dd6 --- /dev/null +++ b/vendor/github.com/BurntSushi/toml/encoding_types.go @@ -0,0 +1,19 @@ +// +build go1.2 + +package toml + +// In order to support Go 1.1, we define our own TextMarshaler and +// TextUnmarshaler types. For Go 1.2+, we just alias them with the +// standard library interfaces. + +import ( + "encoding" +) + +// TextMarshaler is a synonym for encoding.TextMarshaler. It is defined here +// so that Go 1.1 can be supported. +type TextMarshaler encoding.TextMarshaler + +// TextUnmarshaler is a synonym for encoding.TextUnmarshaler. It is defined +// here so that Go 1.1 can be supported. +type TextUnmarshaler encoding.TextUnmarshaler diff --git a/vendor/github.com/BurntSushi/toml/encoding_types_1.1.go b/vendor/github.com/BurntSushi/toml/encoding_types_1.1.go new file mode 100644 index 00000000..e8d503d0 --- /dev/null +++ b/vendor/github.com/BurntSushi/toml/encoding_types_1.1.go @@ -0,0 +1,18 @@ +// +build !go1.2 + +package toml + +// These interfaces were introduced in Go 1.2, so we add them manually when +// compiling for Go 1.1. + +// TextMarshaler is a synonym for encoding.TextMarshaler. It is defined here +// so that Go 1.1 can be supported. +type TextMarshaler interface { + MarshalText() (text []byte, err error) +} + +// TextUnmarshaler is a synonym for encoding.TextUnmarshaler. It is defined +// here so that Go 1.1 can be supported. +type TextUnmarshaler interface { + UnmarshalText(text []byte) error +} diff --git a/vendor/github.com/BurntSushi/toml/lex.go b/vendor/github.com/BurntSushi/toml/lex.go new file mode 100644 index 00000000..e0a742a8 --- /dev/null +++ b/vendor/github.com/BurntSushi/toml/lex.go @@ -0,0 +1,953 @@ +package toml + +import ( + "fmt" + "strings" + "unicode" + "unicode/utf8" +) + +type itemType int + +const ( + itemError itemType = iota + itemNIL // used in the parser to indicate no type + itemEOF + itemText + itemString + itemRawString + itemMultilineString + itemRawMultilineString + itemBool + itemInteger + itemFloat + itemDatetime + itemArray // the start of an array + itemArrayEnd + itemTableStart + itemTableEnd + itemArrayTableStart + itemArrayTableEnd + itemKeyStart + itemCommentStart + itemInlineTableStart + itemInlineTableEnd +) + +const ( + eof = 0 + comma = ',' + tableStart = '[' + tableEnd = ']' + arrayTableStart = '[' + arrayTableEnd = ']' + tableSep = '.' + keySep = '=' + arrayStart = '[' + arrayEnd = ']' + commentStart = '#' + stringStart = '"' + stringEnd = '"' + rawStringStart = '\'' + rawStringEnd = '\'' + inlineTableStart = '{' + inlineTableEnd = '}' +) + +type stateFn func(lx *lexer) stateFn + +type lexer struct { + input string + start int + pos int + line int + state stateFn + items chan item + + // Allow for backing up up to three runes. + // This is necessary because TOML contains 3-rune tokens (""" and '''). + prevWidths [3]int + nprev int // how many of prevWidths are in use + // If we emit an eof, we can still back up, but it is not OK to call + // next again. + atEOF bool + + // A stack of state functions used to maintain context. + // The idea is to reuse parts of the state machine in various places. + // For example, values can appear at the top level or within arbitrarily + // nested arrays. The last state on the stack is used after a value has + // been lexed. Similarly for comments. + stack []stateFn +} + +type item struct { + typ itemType + val string + line int +} + +func (lx *lexer) nextItem() item { + for { + select { + case item := <-lx.items: + return item + default: + lx.state = lx.state(lx) + } + } +} + +func lex(input string) *lexer { + lx := &lexer{ + input: input, + state: lexTop, + line: 1, + items: make(chan item, 10), + stack: make([]stateFn, 0, 10), + } + return lx +} + +func (lx *lexer) push(state stateFn) { + lx.stack = append(lx.stack, state) +} + +func (lx *lexer) pop() stateFn { + if len(lx.stack) == 0 { + return lx.errorf("BUG in lexer: no states to pop") + } + last := lx.stack[len(lx.stack)-1] + lx.stack = lx.stack[0 : len(lx.stack)-1] + return last +} + +func (lx *lexer) current() string { + return lx.input[lx.start:lx.pos] +} + +func (lx *lexer) emit(typ itemType) { + lx.items <- item{typ, lx.current(), lx.line} + lx.start = lx.pos +} + +func (lx *lexer) emitTrim(typ itemType) { + lx.items <- item{typ, strings.TrimSpace(lx.current()), lx.line} + lx.start = lx.pos +} + +func (lx *lexer) next() (r rune) { + if lx.atEOF { + panic("next called after EOF") + } + if lx.pos >= len(lx.input) { + lx.atEOF = true + return eof + } + + if lx.input[lx.pos] == '\n' { + lx.line++ + } + lx.prevWidths[2] = lx.prevWidths[1] + lx.prevWidths[1] = lx.prevWidths[0] + if lx.nprev < 3 { + lx.nprev++ + } + r, w := utf8.DecodeRuneInString(lx.input[lx.pos:]) + lx.prevWidths[0] = w + lx.pos += w + return r +} + +// ignore skips over the pending input before this point. +func (lx *lexer) ignore() { + lx.start = lx.pos +} + +// backup steps back one rune. Can be called only twice between calls to next. +func (lx *lexer) backup() { + if lx.atEOF { + lx.atEOF = false + return + } + if lx.nprev < 1 { + panic("backed up too far") + } + w := lx.prevWidths[0] + lx.prevWidths[0] = lx.prevWidths[1] + lx.prevWidths[1] = lx.prevWidths[2] + lx.nprev-- + lx.pos -= w + if lx.pos < len(lx.input) && lx.input[lx.pos] == '\n' { + lx.line-- + } +} + +// accept consumes the next rune if it's equal to `valid`. +func (lx *lexer) accept(valid rune) bool { + if lx.next() == valid { + return true + } + lx.backup() + return false +} + +// peek returns but does not consume the next rune in the input. +func (lx *lexer) peek() rune { + r := lx.next() + lx.backup() + return r +} + +// skip ignores all input that matches the given predicate. +func (lx *lexer) skip(pred func(rune) bool) { + for { + r := lx.next() + if pred(r) { + continue + } + lx.backup() + lx.ignore() + return + } +} + +// errorf stops all lexing by emitting an error and returning `nil`. +// Note that any value that is a character is escaped if it's a special +// character (newlines, tabs, etc.). +func (lx *lexer) errorf(format string, values ...interface{}) stateFn { + lx.items <- item{ + itemError, + fmt.Sprintf(format, values...), + lx.line, + } + return nil +} + +// lexTop consumes elements at the top level of TOML data. +func lexTop(lx *lexer) stateFn { + r := lx.next() + if isWhitespace(r) || isNL(r) { + return lexSkip(lx, lexTop) + } + switch r { + case commentStart: + lx.push(lexTop) + return lexCommentStart + case tableStart: + return lexTableStart + case eof: + if lx.pos > lx.start { + return lx.errorf("unexpected EOF") + } + lx.emit(itemEOF) + return nil + } + + // At this point, the only valid item can be a key, so we back up + // and let the key lexer do the rest. + lx.backup() + lx.push(lexTopEnd) + return lexKeyStart +} + +// lexTopEnd is entered whenever a top-level item has been consumed. (A value +// or a table.) It must see only whitespace, and will turn back to lexTop +// upon a newline. If it sees EOF, it will quit the lexer successfully. +func lexTopEnd(lx *lexer) stateFn { + r := lx.next() + switch { + case r == commentStart: + // a comment will read to a newline for us. + lx.push(lexTop) + return lexCommentStart + case isWhitespace(r): + return lexTopEnd + case isNL(r): + lx.ignore() + return lexTop + case r == eof: + lx.emit(itemEOF) + return nil + } + return lx.errorf("expected a top-level item to end with a newline, "+ + "comment, or EOF, but got %q instead", r) +} + +// lexTable lexes the beginning of a table. Namely, it makes sure that +// it starts with a character other than '.' and ']'. +// It assumes that '[' has already been consumed. +// It also handles the case that this is an item in an array of tables. +// e.g., '[[name]]'. +func lexTableStart(lx *lexer) stateFn { + if lx.peek() == arrayTableStart { + lx.next() + lx.emit(itemArrayTableStart) + lx.push(lexArrayTableEnd) + } else { + lx.emit(itemTableStart) + lx.push(lexTableEnd) + } + return lexTableNameStart +} + +func lexTableEnd(lx *lexer) stateFn { + lx.emit(itemTableEnd) + return lexTopEnd +} + +func lexArrayTableEnd(lx *lexer) stateFn { + if r := lx.next(); r != arrayTableEnd { + return lx.errorf("expected end of table array name delimiter %q, "+ + "but got %q instead", arrayTableEnd, r) + } + lx.emit(itemArrayTableEnd) + return lexTopEnd +} + +func lexTableNameStart(lx *lexer) stateFn { + lx.skip(isWhitespace) + switch r := lx.peek(); { + case r == tableEnd || r == eof: + return lx.errorf("unexpected end of table name " + + "(table names cannot be empty)") + case r == tableSep: + return lx.errorf("unexpected table separator " + + "(table names cannot be empty)") + case r == stringStart || r == rawStringStart: + lx.ignore() + lx.push(lexTableNameEnd) + return lexValue // reuse string lexing + default: + return lexBareTableName + } +} + +// lexBareTableName lexes the name of a table. It assumes that at least one +// valid character for the table has already been read. +func lexBareTableName(lx *lexer) stateFn { + r := lx.next() + if isBareKeyChar(r) { + return lexBareTableName + } + lx.backup() + lx.emit(itemText) + return lexTableNameEnd +} + +// lexTableNameEnd reads the end of a piece of a table name, optionally +// consuming whitespace. +func lexTableNameEnd(lx *lexer) stateFn { + lx.skip(isWhitespace) + switch r := lx.next(); { + case isWhitespace(r): + return lexTableNameEnd + case r == tableSep: + lx.ignore() + return lexTableNameStart + case r == tableEnd: + return lx.pop() + default: + return lx.errorf("expected '.' or ']' to end table name, "+ + "but got %q instead", r) + } +} + +// lexKeyStart consumes a key name up until the first non-whitespace character. +// lexKeyStart will ignore whitespace. +func lexKeyStart(lx *lexer) stateFn { + r := lx.peek() + switch { + case r == keySep: + return lx.errorf("unexpected key separator %q", keySep) + case isWhitespace(r) || isNL(r): + lx.next() + return lexSkip(lx, lexKeyStart) + case r == stringStart || r == rawStringStart: + lx.ignore() + lx.emit(itemKeyStart) + lx.push(lexKeyEnd) + return lexValue // reuse string lexing + default: + lx.ignore() + lx.emit(itemKeyStart) + return lexBareKey + } +} + +// lexBareKey consumes the text of a bare key. Assumes that the first character +// (which is not whitespace) has not yet been consumed. +func lexBareKey(lx *lexer) stateFn { + switch r := lx.next(); { + case isBareKeyChar(r): + return lexBareKey + case isWhitespace(r): + lx.backup() + lx.emit(itemText) + return lexKeyEnd + case r == keySep: + lx.backup() + lx.emit(itemText) + return lexKeyEnd + default: + return lx.errorf("bare keys cannot contain %q", r) + } +} + +// lexKeyEnd consumes the end of a key and trims whitespace (up to the key +// separator). +func lexKeyEnd(lx *lexer) stateFn { + switch r := lx.next(); { + case r == keySep: + return lexSkip(lx, lexValue) + case isWhitespace(r): + return lexSkip(lx, lexKeyEnd) + default: + return lx.errorf("expected key separator %q, but got %q instead", + keySep, r) + } +} + +// lexValue starts the consumption of a value anywhere a value is expected. +// lexValue will ignore whitespace. +// After a value is lexed, the last state on the next is popped and returned. +func lexValue(lx *lexer) stateFn { + // We allow whitespace to precede a value, but NOT newlines. + // In array syntax, the array states are responsible for ignoring newlines. + r := lx.next() + switch { + case isWhitespace(r): + return lexSkip(lx, lexValue) + case isDigit(r): + lx.backup() // avoid an extra state and use the same as above + return lexNumberOrDateStart + } + switch r { + case arrayStart: + lx.ignore() + lx.emit(itemArray) + return lexArrayValue + case inlineTableStart: + lx.ignore() + lx.emit(itemInlineTableStart) + return lexInlineTableValue + case stringStart: + if lx.accept(stringStart) { + if lx.accept(stringStart) { + lx.ignore() // Ignore """ + return lexMultilineString + } + lx.backup() + } + lx.ignore() // ignore the '"' + return lexString + case rawStringStart: + if lx.accept(rawStringStart) { + if lx.accept(rawStringStart) { + lx.ignore() // Ignore """ + return lexMultilineRawString + } + lx.backup() + } + lx.ignore() // ignore the "'" + return lexRawString + case '+', '-': + return lexNumberStart + case '.': // special error case, be kind to users + return lx.errorf("floats must start with a digit, not '.'") + } + if unicode.IsLetter(r) { + // Be permissive here; lexBool will give a nice error if the + // user wrote something like + // x = foo + // (i.e. not 'true' or 'false' but is something else word-like.) + lx.backup() + return lexBool + } + return lx.errorf("expected value but found %q instead", r) +} + +// lexArrayValue consumes one value in an array. It assumes that '[' or ',' +// have already been consumed. All whitespace and newlines are ignored. +func lexArrayValue(lx *lexer) stateFn { + r := lx.next() + switch { + case isWhitespace(r) || isNL(r): + return lexSkip(lx, lexArrayValue) + case r == commentStart: + lx.push(lexArrayValue) + return lexCommentStart + case r == comma: + return lx.errorf("unexpected comma") + case r == arrayEnd: + // NOTE(caleb): The spec isn't clear about whether you can have + // a trailing comma or not, so we'll allow it. + return lexArrayEnd + } + + lx.backup() + lx.push(lexArrayValueEnd) + return lexValue +} + +// lexArrayValueEnd consumes everything between the end of an array value and +// the next value (or the end of the array): it ignores whitespace and newlines +// and expects either a ',' or a ']'. +func lexArrayValueEnd(lx *lexer) stateFn { + r := lx.next() + switch { + case isWhitespace(r) || isNL(r): + return lexSkip(lx, lexArrayValueEnd) + case r == commentStart: + lx.push(lexArrayValueEnd) + return lexCommentStart + case r == comma: + lx.ignore() + return lexArrayValue // move on to the next value + case r == arrayEnd: + return lexArrayEnd + } + return lx.errorf( + "expected a comma or array terminator %q, but got %q instead", + arrayEnd, r, + ) +} + +// lexArrayEnd finishes the lexing of an array. +// It assumes that a ']' has just been consumed. +func lexArrayEnd(lx *lexer) stateFn { + lx.ignore() + lx.emit(itemArrayEnd) + return lx.pop() +} + +// lexInlineTableValue consumes one key/value pair in an inline table. +// It assumes that '{' or ',' have already been consumed. Whitespace is ignored. +func lexInlineTableValue(lx *lexer) stateFn { + r := lx.next() + switch { + case isWhitespace(r): + return lexSkip(lx, lexInlineTableValue) + case isNL(r): + return lx.errorf("newlines not allowed within inline tables") + case r == commentStart: + lx.push(lexInlineTableValue) + return lexCommentStart + case r == comma: + return lx.errorf("unexpected comma") + case r == inlineTableEnd: + return lexInlineTableEnd + } + lx.backup() + lx.push(lexInlineTableValueEnd) + return lexKeyStart +} + +// lexInlineTableValueEnd consumes everything between the end of an inline table +// key/value pair and the next pair (or the end of the table): +// it ignores whitespace and expects either a ',' or a '}'. +func lexInlineTableValueEnd(lx *lexer) stateFn { + r := lx.next() + switch { + case isWhitespace(r): + return lexSkip(lx, lexInlineTableValueEnd) + case isNL(r): + return lx.errorf("newlines not allowed within inline tables") + case r == commentStart: + lx.push(lexInlineTableValueEnd) + return lexCommentStart + case r == comma: + lx.ignore() + return lexInlineTableValue + case r == inlineTableEnd: + return lexInlineTableEnd + } + return lx.errorf("expected a comma or an inline table terminator %q, "+ + "but got %q instead", inlineTableEnd, r) +} + +// lexInlineTableEnd finishes the lexing of an inline table. +// It assumes that a '}' has just been consumed. +func lexInlineTableEnd(lx *lexer) stateFn { + lx.ignore() + lx.emit(itemInlineTableEnd) + return lx.pop() +} + +// lexString consumes the inner contents of a string. It assumes that the +// beginning '"' has already been consumed and ignored. +func lexString(lx *lexer) stateFn { + r := lx.next() + switch { + case r == eof: + return lx.errorf("unexpected EOF") + case isNL(r): + return lx.errorf("strings cannot contain newlines") + case r == '\\': + lx.push(lexString) + return lexStringEscape + case r == stringEnd: + lx.backup() + lx.emit(itemString) + lx.next() + lx.ignore() + return lx.pop() + } + return lexString +} + +// lexMultilineString consumes the inner contents of a string. It assumes that +// the beginning '"""' has already been consumed and ignored. +func lexMultilineString(lx *lexer) stateFn { + switch lx.next() { + case eof: + return lx.errorf("unexpected EOF") + case '\\': + return lexMultilineStringEscape + case stringEnd: + if lx.accept(stringEnd) { + if lx.accept(stringEnd) { + lx.backup() + lx.backup() + lx.backup() + lx.emit(itemMultilineString) + lx.next() + lx.next() + lx.next() + lx.ignore() + return lx.pop() + } + lx.backup() + } + } + return lexMultilineString +} + +// lexRawString consumes a raw string. Nothing can be escaped in such a string. +// It assumes that the beginning "'" has already been consumed and ignored. +func lexRawString(lx *lexer) stateFn { + r := lx.next() + switch { + case r == eof: + return lx.errorf("unexpected EOF") + case isNL(r): + return lx.errorf("strings cannot contain newlines") + case r == rawStringEnd: + lx.backup() + lx.emit(itemRawString) + lx.next() + lx.ignore() + return lx.pop() + } + return lexRawString +} + +// lexMultilineRawString consumes a raw string. Nothing can be escaped in such +// a string. It assumes that the beginning "'''" has already been consumed and +// ignored. +func lexMultilineRawString(lx *lexer) stateFn { + switch lx.next() { + case eof: + return lx.errorf("unexpected EOF") + case rawStringEnd: + if lx.accept(rawStringEnd) { + if lx.accept(rawStringEnd) { + lx.backup() + lx.backup() + lx.backup() + lx.emit(itemRawMultilineString) + lx.next() + lx.next() + lx.next() + lx.ignore() + return lx.pop() + } + lx.backup() + } + } + return lexMultilineRawString +} + +// lexMultilineStringEscape consumes an escaped character. It assumes that the +// preceding '\\' has already been consumed. +func lexMultilineStringEscape(lx *lexer) stateFn { + // Handle the special case first: + if isNL(lx.next()) { + return lexMultilineString + } + lx.backup() + lx.push(lexMultilineString) + return lexStringEscape(lx) +} + +func lexStringEscape(lx *lexer) stateFn { + r := lx.next() + switch r { + case 'b': + fallthrough + case 't': + fallthrough + case 'n': + fallthrough + case 'f': + fallthrough + case 'r': + fallthrough + case '"': + fallthrough + case '\\': + return lx.pop() + case 'u': + return lexShortUnicodeEscape + case 'U': + return lexLongUnicodeEscape + } + return lx.errorf("invalid escape character %q; only the following "+ + "escape characters are allowed: "+ + `\b, \t, \n, \f, \r, \", \\, \uXXXX, and \UXXXXXXXX`, r) +} + +func lexShortUnicodeEscape(lx *lexer) stateFn { + var r rune + for i := 0; i < 4; i++ { + r = lx.next() + if !isHexadecimal(r) { + return lx.errorf(`expected four hexadecimal digits after '\u', `+ + "but got %q instead", lx.current()) + } + } + return lx.pop() +} + +func lexLongUnicodeEscape(lx *lexer) stateFn { + var r rune + for i := 0; i < 8; i++ { + r = lx.next() + if !isHexadecimal(r) { + return lx.errorf(`expected eight hexadecimal digits after '\U', `+ + "but got %q instead", lx.current()) + } + } + return lx.pop() +} + +// lexNumberOrDateStart consumes either an integer, a float, or datetime. +func lexNumberOrDateStart(lx *lexer) stateFn { + r := lx.next() + if isDigit(r) { + return lexNumberOrDate + } + switch r { + case '_': + return lexNumber + case 'e', 'E': + return lexFloat + case '.': + return lx.errorf("floats must start with a digit, not '.'") + } + return lx.errorf("expected a digit but got %q", r) +} + +// lexNumberOrDate consumes either an integer, float or datetime. +func lexNumberOrDate(lx *lexer) stateFn { + r := lx.next() + if isDigit(r) { + return lexNumberOrDate + } + switch r { + case '-': + return lexDatetime + case '_': + return lexNumber + case '.', 'e', 'E': + return lexFloat + } + + lx.backup() + lx.emit(itemInteger) + return lx.pop() +} + +// lexDatetime consumes a Datetime, to a first approximation. +// The parser validates that it matches one of the accepted formats. +func lexDatetime(lx *lexer) stateFn { + r := lx.next() + if isDigit(r) { + return lexDatetime + } + switch r { + case '-', 'T', ':', '.', 'Z', '+': + return lexDatetime + } + + lx.backup() + lx.emit(itemDatetime) + return lx.pop() +} + +// lexNumberStart consumes either an integer or a float. It assumes that a sign +// has already been read, but that *no* digits have been consumed. +// lexNumberStart will move to the appropriate integer or float states. +func lexNumberStart(lx *lexer) stateFn { + // We MUST see a digit. Even floats have to start with a digit. + r := lx.next() + if !isDigit(r) { + if r == '.' { + return lx.errorf("floats must start with a digit, not '.'") + } + return lx.errorf("expected a digit but got %q", r) + } + return lexNumber +} + +// lexNumber consumes an integer or a float after seeing the first digit. +func lexNumber(lx *lexer) stateFn { + r := lx.next() + if isDigit(r) { + return lexNumber + } + switch r { + case '_': + return lexNumber + case '.', 'e', 'E': + return lexFloat + } + + lx.backup() + lx.emit(itemInteger) + return lx.pop() +} + +// lexFloat consumes the elements of a float. It allows any sequence of +// float-like characters, so floats emitted by the lexer are only a first +// approximation and must be validated by the parser. +func lexFloat(lx *lexer) stateFn { + r := lx.next() + if isDigit(r) { + return lexFloat + } + switch r { + case '_', '.', '-', '+', 'e', 'E': + return lexFloat + } + + lx.backup() + lx.emit(itemFloat) + return lx.pop() +} + +// lexBool consumes a bool string: 'true' or 'false. +func lexBool(lx *lexer) stateFn { + var rs []rune + for { + r := lx.next() + if !unicode.IsLetter(r) { + lx.backup() + break + } + rs = append(rs, r) + } + s := string(rs) + switch s { + case "true", "false": + lx.emit(itemBool) + return lx.pop() + } + return lx.errorf("expected value but found %q instead", s) +} + +// lexCommentStart begins the lexing of a comment. It will emit +// itemCommentStart and consume no characters, passing control to lexComment. +func lexCommentStart(lx *lexer) stateFn { + lx.ignore() + lx.emit(itemCommentStart) + return lexComment +} + +// lexComment lexes an entire comment. It assumes that '#' has been consumed. +// It will consume *up to* the first newline character, and pass control +// back to the last state on the stack. +func lexComment(lx *lexer) stateFn { + r := lx.peek() + if isNL(r) || r == eof { + lx.emit(itemText) + return lx.pop() + } + lx.next() + return lexComment +} + +// lexSkip ignores all slurped input and moves on to the next state. +func lexSkip(lx *lexer, nextState stateFn) stateFn { + return func(lx *lexer) stateFn { + lx.ignore() + return nextState + } +} + +// isWhitespace returns true if `r` is a whitespace character according +// to the spec. +func isWhitespace(r rune) bool { + return r == '\t' || r == ' ' +} + +func isNL(r rune) bool { + return r == '\n' || r == '\r' +} + +func isDigit(r rune) bool { + return r >= '0' && r <= '9' +} + +func isHexadecimal(r rune) bool { + return (r >= '0' && r <= '9') || + (r >= 'a' && r <= 'f') || + (r >= 'A' && r <= 'F') +} + +func isBareKeyChar(r rune) bool { + return (r >= 'A' && r <= 'Z') || + (r >= 'a' && r <= 'z') || + (r >= '0' && r <= '9') || + r == '_' || + r == '-' +} + +func (itype itemType) String() string { + switch itype { + case itemError: + return "Error" + case itemNIL: + return "NIL" + case itemEOF: + return "EOF" + case itemText: + return "Text" + case itemString, itemRawString, itemMultilineString, itemRawMultilineString: + return "String" + case itemBool: + return "Bool" + case itemInteger: + return "Integer" + case itemFloat: + return "Float" + case itemDatetime: + return "DateTime" + case itemTableStart: + return "TableStart" + case itemTableEnd: + return "TableEnd" + case itemKeyStart: + return "KeyStart" + case itemArray: + return "Array" + case itemArrayEnd: + return "ArrayEnd" + case itemCommentStart: + return "CommentStart" + } + panic(fmt.Sprintf("BUG: Unknown type '%d'.", int(itype))) +} + +func (item item) String() string { + return fmt.Sprintf("(%s, %s)", item.typ.String(), item.val) +} diff --git a/vendor/github.com/BurntSushi/toml/parse.go b/vendor/github.com/BurntSushi/toml/parse.go new file mode 100644 index 00000000..50869ef9 --- /dev/null +++ b/vendor/github.com/BurntSushi/toml/parse.go @@ -0,0 +1,592 @@ +package toml + +import ( + "fmt" + "strconv" + "strings" + "time" + "unicode" + "unicode/utf8" +) + +type parser struct { + mapping map[string]interface{} + types map[string]tomlType + lx *lexer + + // A list of keys in the order that they appear in the TOML data. + ordered []Key + + // the full key for the current hash in scope + context Key + + // the base key name for everything except hashes + currentKey string + + // rough approximation of line number + approxLine int + + // A map of 'key.group.names' to whether they were created implicitly. + implicits map[string]bool +} + +type parseError string + +func (pe parseError) Error() string { + return string(pe) +} + +func parse(data string) (p *parser, err error) { + defer func() { + if r := recover(); r != nil { + var ok bool + if err, ok = r.(parseError); ok { + return + } + panic(r) + } + }() + + p = &parser{ + mapping: make(map[string]interface{}), + types: make(map[string]tomlType), + lx: lex(data), + ordered: make([]Key, 0), + implicits: make(map[string]bool), + } + for { + item := p.next() + if item.typ == itemEOF { + break + } + p.topLevel(item) + } + + return p, nil +} + +func (p *parser) panicf(format string, v ...interface{}) { + msg := fmt.Sprintf("Near line %d (last key parsed '%s'): %s", + p.approxLine, p.current(), fmt.Sprintf(format, v...)) + panic(parseError(msg)) +} + +func (p *parser) next() item { + it := p.lx.nextItem() + if it.typ == itemError { + p.panicf("%s", it.val) + } + return it +} + +func (p *parser) bug(format string, v ...interface{}) { + panic(fmt.Sprintf("BUG: "+format+"\n\n", v...)) +} + +func (p *parser) expect(typ itemType) item { + it := p.next() + p.assertEqual(typ, it.typ) + return it +} + +func (p *parser) assertEqual(expected, got itemType) { + if expected != got { + p.bug("Expected '%s' but got '%s'.", expected, got) + } +} + +func (p *parser) topLevel(item item) { + switch item.typ { + case itemCommentStart: + p.approxLine = item.line + p.expect(itemText) + case itemTableStart: + kg := p.next() + p.approxLine = kg.line + + var key Key + for ; kg.typ != itemTableEnd && kg.typ != itemEOF; kg = p.next() { + key = append(key, p.keyString(kg)) + } + p.assertEqual(itemTableEnd, kg.typ) + + p.establishContext(key, false) + p.setType("", tomlHash) + p.ordered = append(p.ordered, key) + case itemArrayTableStart: + kg := p.next() + p.approxLine = kg.line + + var key Key + for ; kg.typ != itemArrayTableEnd && kg.typ != itemEOF; kg = p.next() { + key = append(key, p.keyString(kg)) + } + p.assertEqual(itemArrayTableEnd, kg.typ) + + p.establishContext(key, true) + p.setType("", tomlArrayHash) + p.ordered = append(p.ordered, key) + case itemKeyStart: + kname := p.next() + p.approxLine = kname.line + p.currentKey = p.keyString(kname) + + val, typ := p.value(p.next()) + p.setValue(p.currentKey, val) + p.setType(p.currentKey, typ) + p.ordered = append(p.ordered, p.context.add(p.currentKey)) + p.currentKey = "" + default: + p.bug("Unexpected type at top level: %s", item.typ) + } +} + +// Gets a string for a key (or part of a key in a table name). +func (p *parser) keyString(it item) string { + switch it.typ { + case itemText: + return it.val + case itemString, itemMultilineString, + itemRawString, itemRawMultilineString: + s, _ := p.value(it) + return s.(string) + default: + p.bug("Unexpected key type: %s", it.typ) + panic("unreachable") + } +} + +// value translates an expected value from the lexer into a Go value wrapped +// as an empty interface. +func (p *parser) value(it item) (interface{}, tomlType) { + switch it.typ { + case itemString: + return p.replaceEscapes(it.val), p.typeOfPrimitive(it) + case itemMultilineString: + trimmed := stripFirstNewline(stripEscapedWhitespace(it.val)) + return p.replaceEscapes(trimmed), p.typeOfPrimitive(it) + case itemRawString: + return it.val, p.typeOfPrimitive(it) + case itemRawMultilineString: + return stripFirstNewline(it.val), p.typeOfPrimitive(it) + case itemBool: + switch it.val { + case "true": + return true, p.typeOfPrimitive(it) + case "false": + return false, p.typeOfPrimitive(it) + } + p.bug("Expected boolean value, but got '%s'.", it.val) + case itemInteger: + if !numUnderscoresOK(it.val) { + p.panicf("Invalid integer %q: underscores must be surrounded by digits", + it.val) + } + val := strings.Replace(it.val, "_", "", -1) + num, err := strconv.ParseInt(val, 10, 64) + if err != nil { + // Distinguish integer values. Normally, it'd be a bug if the lexer + // provides an invalid integer, but it's possible that the number is + // out of range of valid values (which the lexer cannot determine). + // So mark the former as a bug but the latter as a legitimate user + // error. + if e, ok := err.(*strconv.NumError); ok && + e.Err == strconv.ErrRange { + + p.panicf("Integer '%s' is out of the range of 64-bit "+ + "signed integers.", it.val) + } else { + p.bug("Expected integer value, but got '%s'.", it.val) + } + } + return num, p.typeOfPrimitive(it) + case itemFloat: + parts := strings.FieldsFunc(it.val, func(r rune) bool { + switch r { + case '.', 'e', 'E': + return true + } + return false + }) + for _, part := range parts { + if !numUnderscoresOK(part) { + p.panicf("Invalid float %q: underscores must be "+ + "surrounded by digits", it.val) + } + } + if !numPeriodsOK(it.val) { + // As a special case, numbers like '123.' or '1.e2', + // which are valid as far as Go/strconv are concerned, + // must be rejected because TOML says that a fractional + // part consists of '.' followed by 1+ digits. + p.panicf("Invalid float %q: '.' must be followed "+ + "by one or more digits", it.val) + } + val := strings.Replace(it.val, "_", "", -1) + num, err := strconv.ParseFloat(val, 64) + if err != nil { + if e, ok := err.(*strconv.NumError); ok && + e.Err == strconv.ErrRange { + + p.panicf("Float '%s' is out of the range of 64-bit "+ + "IEEE-754 floating-point numbers.", it.val) + } else { + p.panicf("Invalid float value: %q", it.val) + } + } + return num, p.typeOfPrimitive(it) + case itemDatetime: + var t time.Time + var ok bool + var err error + for _, format := range []string{ + "2006-01-02T15:04:05Z07:00", + "2006-01-02T15:04:05", + "2006-01-02", + } { + t, err = time.ParseInLocation(format, it.val, time.Local) + if err == nil { + ok = true + break + } + } + if !ok { + p.panicf("Invalid TOML Datetime: %q.", it.val) + } + return t, p.typeOfPrimitive(it) + case itemArray: + array := make([]interface{}, 0) + types := make([]tomlType, 0) + + for it = p.next(); it.typ != itemArrayEnd; it = p.next() { + if it.typ == itemCommentStart { + p.expect(itemText) + continue + } + + val, typ := p.value(it) + array = append(array, val) + types = append(types, typ) + } + return array, p.typeOfArray(types) + case itemInlineTableStart: + var ( + hash = make(map[string]interface{}) + outerContext = p.context + outerKey = p.currentKey + ) + + p.context = append(p.context, p.currentKey) + p.currentKey = "" + for it := p.next(); it.typ != itemInlineTableEnd; it = p.next() { + if it.typ != itemKeyStart { + p.bug("Expected key start but instead found %q, around line %d", + it.val, p.approxLine) + } + if it.typ == itemCommentStart { + p.expect(itemText) + continue + } + + // retrieve key + k := p.next() + p.approxLine = k.line + kname := p.keyString(k) + + // retrieve value + p.currentKey = kname + val, typ := p.value(p.next()) + // make sure we keep metadata up to date + p.setType(kname, typ) + p.ordered = append(p.ordered, p.context.add(p.currentKey)) + hash[kname] = val + } + p.context = outerContext + p.currentKey = outerKey + return hash, tomlHash + } + p.bug("Unexpected value type: %s", it.typ) + panic("unreachable") +} + +// numUnderscoresOK checks whether each underscore in s is surrounded by +// characters that are not underscores. +func numUnderscoresOK(s string) bool { + accept := false + for _, r := range s { + if r == '_' { + if !accept { + return false + } + accept = false + continue + } + accept = true + } + return accept +} + +// numPeriodsOK checks whether every period in s is followed by a digit. +func numPeriodsOK(s string) bool { + period := false + for _, r := range s { + if period && !isDigit(r) { + return false + } + period = r == '.' + } + return !period +} + +// establishContext sets the current context of the parser, +// where the context is either a hash or an array of hashes. Which one is +// set depends on the value of the `array` parameter. +// +// Establishing the context also makes sure that the key isn't a duplicate, and +// will create implicit hashes automatically. +func (p *parser) establishContext(key Key, array bool) { + var ok bool + + // Always start at the top level and drill down for our context. + hashContext := p.mapping + keyContext := make(Key, 0) + + // We only need implicit hashes for key[0:-1] + for _, k := range key[0 : len(key)-1] { + _, ok = hashContext[k] + keyContext = append(keyContext, k) + + // No key? Make an implicit hash and move on. + if !ok { + p.addImplicit(keyContext) + hashContext[k] = make(map[string]interface{}) + } + + // If the hash context is actually an array of tables, then set + // the hash context to the last element in that array. + // + // Otherwise, it better be a table, since this MUST be a key group (by + // virtue of it not being the last element in a key). + switch t := hashContext[k].(type) { + case []map[string]interface{}: + hashContext = t[len(t)-1] + case map[string]interface{}: + hashContext = t + default: + p.panicf("Key '%s' was already created as a hash.", keyContext) + } + } + + p.context = keyContext + if array { + // If this is the first element for this array, then allocate a new + // list of tables for it. + k := key[len(key)-1] + if _, ok := hashContext[k]; !ok { + hashContext[k] = make([]map[string]interface{}, 0, 5) + } + + // Add a new table. But make sure the key hasn't already been used + // for something else. + if hash, ok := hashContext[k].([]map[string]interface{}); ok { + hashContext[k] = append(hash, make(map[string]interface{})) + } else { + p.panicf("Key '%s' was already created and cannot be used as "+ + "an array.", keyContext) + } + } else { + p.setValue(key[len(key)-1], make(map[string]interface{})) + } + p.context = append(p.context, key[len(key)-1]) +} + +// setValue sets the given key to the given value in the current context. +// It will make sure that the key hasn't already been defined, account for +// implicit key groups. +func (p *parser) setValue(key string, value interface{}) { + var tmpHash interface{} + var ok bool + + hash := p.mapping + keyContext := make(Key, 0) + for _, k := range p.context { + keyContext = append(keyContext, k) + if tmpHash, ok = hash[k]; !ok { + p.bug("Context for key '%s' has not been established.", keyContext) + } + switch t := tmpHash.(type) { + case []map[string]interface{}: + // The context is a table of hashes. Pick the most recent table + // defined as the current hash. + hash = t[len(t)-1] + case map[string]interface{}: + hash = t + default: + p.bug("Expected hash to have type 'map[string]interface{}', but "+ + "it has '%T' instead.", tmpHash) + } + } + keyContext = append(keyContext, key) + + if _, ok := hash[key]; ok { + // Typically, if the given key has already been set, then we have + // to raise an error since duplicate keys are disallowed. However, + // it's possible that a key was previously defined implicitly. In this + // case, it is allowed to be redefined concretely. (See the + // `tests/valid/implicit-and-explicit-after.toml` test in `toml-test`.) + // + // But we have to make sure to stop marking it as an implicit. (So that + // another redefinition provokes an error.) + // + // Note that since it has already been defined (as a hash), we don't + // want to overwrite it. So our business is done. + if p.isImplicit(keyContext) { + p.removeImplicit(keyContext) + return + } + + // Otherwise, we have a concrete key trying to override a previous + // key, which is *always* wrong. + p.panicf("Key '%s' has already been defined.", keyContext) + } + hash[key] = value +} + +// setType sets the type of a particular value at a given key. +// It should be called immediately AFTER setValue. +// +// Note that if `key` is empty, then the type given will be applied to the +// current context (which is either a table or an array of tables). +func (p *parser) setType(key string, typ tomlType) { + keyContext := make(Key, 0, len(p.context)+1) + for _, k := range p.context { + keyContext = append(keyContext, k) + } + if len(key) > 0 { // allow type setting for hashes + keyContext = append(keyContext, key) + } + p.types[keyContext.String()] = typ +} + +// addImplicit sets the given Key as having been created implicitly. +func (p *parser) addImplicit(key Key) { + p.implicits[key.String()] = true +} + +// removeImplicit stops tagging the given key as having been implicitly +// created. +func (p *parser) removeImplicit(key Key) { + p.implicits[key.String()] = false +} + +// isImplicit returns true if the key group pointed to by the key was created +// implicitly. +func (p *parser) isImplicit(key Key) bool { + return p.implicits[key.String()] +} + +// current returns the full key name of the current context. +func (p *parser) current() string { + if len(p.currentKey) == 0 { + return p.context.String() + } + if len(p.context) == 0 { + return p.currentKey + } + return fmt.Sprintf("%s.%s", p.context, p.currentKey) +} + +func stripFirstNewline(s string) string { + if len(s) == 0 || s[0] != '\n' { + return s + } + return s[1:] +} + +func stripEscapedWhitespace(s string) string { + esc := strings.Split(s, "\\\n") + if len(esc) > 1 { + for i := 1; i < len(esc); i++ { + esc[i] = strings.TrimLeftFunc(esc[i], unicode.IsSpace) + } + } + return strings.Join(esc, "") +} + +func (p *parser) replaceEscapes(str string) string { + var replaced []rune + s := []byte(str) + r := 0 + for r < len(s) { + if s[r] != '\\' { + c, size := utf8.DecodeRune(s[r:]) + r += size + replaced = append(replaced, c) + continue + } + r += 1 + if r >= len(s) { + p.bug("Escape sequence at end of string.") + return "" + } + switch s[r] { + default: + p.bug("Expected valid escape code after \\, but got %q.", s[r]) + return "" + case 'b': + replaced = append(replaced, rune(0x0008)) + r += 1 + case 't': + replaced = append(replaced, rune(0x0009)) + r += 1 + case 'n': + replaced = append(replaced, rune(0x000A)) + r += 1 + case 'f': + replaced = append(replaced, rune(0x000C)) + r += 1 + case 'r': + replaced = append(replaced, rune(0x000D)) + r += 1 + case '"': + replaced = append(replaced, rune(0x0022)) + r += 1 + case '\\': + replaced = append(replaced, rune(0x005C)) + r += 1 + case 'u': + // At this point, we know we have a Unicode escape of the form + // `uXXXX` at [r, r+5). (Because the lexer guarantees this + // for us.) + escaped := p.asciiEscapeToUnicode(s[r+1 : r+5]) + replaced = append(replaced, escaped) + r += 5 + case 'U': + // At this point, we know we have a Unicode escape of the form + // `uXXXX` at [r, r+9). (Because the lexer guarantees this + // for us.) + escaped := p.asciiEscapeToUnicode(s[r+1 : r+9]) + replaced = append(replaced, escaped) + r += 9 + } + } + return string(replaced) +} + +func (p *parser) asciiEscapeToUnicode(bs []byte) rune { + s := string(bs) + hex, err := strconv.ParseUint(strings.ToLower(s), 16, 32) + if err != nil { + p.bug("Could not parse '%s' as a hexadecimal number, but the "+ + "lexer claims it's OK: %s", s, err) + } + if !utf8.ValidRune(rune(hex)) { + p.panicf("Escaped character '\\u%s' is not valid UTF-8.", s) + } + return rune(hex) +} + +func isStringType(ty itemType) bool { + return ty == itemString || ty == itemMultilineString || + ty == itemRawString || ty == itemRawMultilineString +} diff --git a/vendor/github.com/BurntSushi/toml/type_check.go b/vendor/github.com/BurntSushi/toml/type_check.go new file mode 100644 index 00000000..c73f8afc --- /dev/null +++ b/vendor/github.com/BurntSushi/toml/type_check.go @@ -0,0 +1,91 @@ +package toml + +// tomlType represents any Go type that corresponds to a TOML type. +// While the first draft of the TOML spec has a simplistic type system that +// probably doesn't need this level of sophistication, we seem to be militating +// toward adding real composite types. +type tomlType interface { + typeString() string +} + +// typeEqual accepts any two types and returns true if they are equal. +func typeEqual(t1, t2 tomlType) bool { + if t1 == nil || t2 == nil { + return false + } + return t1.typeString() == t2.typeString() +} + +func typeIsHash(t tomlType) bool { + return typeEqual(t, tomlHash) || typeEqual(t, tomlArrayHash) +} + +type tomlBaseType string + +func (btype tomlBaseType) typeString() string { + return string(btype) +} + +func (btype tomlBaseType) String() string { + return btype.typeString() +} + +var ( + tomlInteger tomlBaseType = "Integer" + tomlFloat tomlBaseType = "Float" + tomlDatetime tomlBaseType = "Datetime" + tomlString tomlBaseType = "String" + tomlBool tomlBaseType = "Bool" + tomlArray tomlBaseType = "Array" + tomlHash tomlBaseType = "Hash" + tomlArrayHash tomlBaseType = "ArrayHash" +) + +// typeOfPrimitive returns a tomlType of any primitive value in TOML. +// Primitive values are: Integer, Float, Datetime, String and Bool. +// +// Passing a lexer item other than the following will cause a BUG message +// to occur: itemString, itemBool, itemInteger, itemFloat, itemDatetime. +func (p *parser) typeOfPrimitive(lexItem item) tomlType { + switch lexItem.typ { + case itemInteger: + return tomlInteger + case itemFloat: + return tomlFloat + case itemDatetime: + return tomlDatetime + case itemString: + return tomlString + case itemMultilineString: + return tomlString + case itemRawString: + return tomlString + case itemRawMultilineString: + return tomlString + case itemBool: + return tomlBool + } + p.bug("Cannot infer primitive type of lex item '%s'.", lexItem) + panic("unreachable") +} + +// typeOfArray returns a tomlType for an array given a list of types of its +// values. +// +// In the current spec, if an array is homogeneous, then its type is always +// "Array". If the array is not homogeneous, an error is generated. +func (p *parser) typeOfArray(types []tomlType) tomlType { + // Empty arrays are cool. + if len(types) == 0 { + return tomlArray + } + + theType := types[0] + for _, t := range types[1:] { + if !typeEqual(theType, t) { + p.panicf("Array contains values of type '%s' and '%s', but "+ + "arrays must be homogeneous.", theType, t) + } + } + return tomlArray +} diff --git a/vendor/github.com/BurntSushi/toml/type_fields.go b/vendor/github.com/BurntSushi/toml/type_fields.go new file mode 100644 index 00000000..608997c2 --- /dev/null +++ b/vendor/github.com/BurntSushi/toml/type_fields.go @@ -0,0 +1,242 @@ +package toml + +// Struct field handling is adapted from code in encoding/json: +// +// Copyright 2010 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the Go distribution. + +import ( + "reflect" + "sort" + "sync" +) + +// A field represents a single field found in a struct. +type field struct { + name string // the name of the field (`toml` tag included) + tag bool // whether field has a `toml` tag + index []int // represents the depth of an anonymous field + typ reflect.Type // the type of the field +} + +// byName sorts field by name, breaking ties with depth, +// then breaking ties with "name came from toml tag", then +// breaking ties with index sequence. +type byName []field + +func (x byName) Len() int { return len(x) } + +func (x byName) Swap(i, j int) { x[i], x[j] = x[j], x[i] } + +func (x byName) Less(i, j int) bool { + if x[i].name != x[j].name { + return x[i].name < x[j].name + } + if len(x[i].index) != len(x[j].index) { + return len(x[i].index) < len(x[j].index) + } + if x[i].tag != x[j].tag { + return x[i].tag + } + return byIndex(x).Less(i, j) +} + +// byIndex sorts field by index sequence. +type byIndex []field + +func (x byIndex) Len() int { return len(x) } + +func (x byIndex) Swap(i, j int) { x[i], x[j] = x[j], x[i] } + +func (x byIndex) Less(i, j int) bool { + for k, xik := range x[i].index { + if k >= len(x[j].index) { + return false + } + if xik != x[j].index[k] { + return xik < x[j].index[k] + } + } + return len(x[i].index) < len(x[j].index) +} + +// typeFields returns a list of fields that TOML should recognize for the given +// type. The algorithm is breadth-first search over the set of structs to +// include - the top struct and then any reachable anonymous structs. +func typeFields(t reflect.Type) []field { + // Anonymous fields to explore at the current level and the next. + current := []field{} + next := []field{{typ: t}} + + // Count of queued names for current level and the next. + count := map[reflect.Type]int{} + nextCount := map[reflect.Type]int{} + + // Types already visited at an earlier level. + visited := map[reflect.Type]bool{} + + // Fields found. + var fields []field + + for len(next) > 0 { + current, next = next, current[:0] + count, nextCount = nextCount, map[reflect.Type]int{} + + for _, f := range current { + if visited[f.typ] { + continue + } + visited[f.typ] = true + + // Scan f.typ for fields to include. + for i := 0; i < f.typ.NumField(); i++ { + sf := f.typ.Field(i) + if sf.PkgPath != "" && !sf.Anonymous { // unexported + continue + } + opts := getOptions(sf.Tag) + if opts.skip { + continue + } + index := make([]int, len(f.index)+1) + copy(index, f.index) + index[len(f.index)] = i + + ft := sf.Type + if ft.Name() == "" && ft.Kind() == reflect.Ptr { + // Follow pointer. + ft = ft.Elem() + } + + // Record found field and index sequence. + if opts.name != "" || !sf.Anonymous || ft.Kind() != reflect.Struct { + tagged := opts.name != "" + name := opts.name + if name == "" { + name = sf.Name + } + fields = append(fields, field{name, tagged, index, ft}) + if count[f.typ] > 1 { + // If there were multiple instances, add a second, + // so that the annihilation code will see a duplicate. + // It only cares about the distinction between 1 or 2, + // so don't bother generating any more copies. + fields = append(fields, fields[len(fields)-1]) + } + continue + } + + // Record new anonymous struct to explore in next round. + nextCount[ft]++ + if nextCount[ft] == 1 { + f := field{name: ft.Name(), index: index, typ: ft} + next = append(next, f) + } + } + } + } + + sort.Sort(byName(fields)) + + // Delete all fields that are hidden by the Go rules for embedded fields, + // except that fields with TOML tags are promoted. + + // The fields are sorted in primary order of name, secondary order + // of field index length. Loop over names; for each name, delete + // hidden fields by choosing the one dominant field that survives. + out := fields[:0] + for advance, i := 0, 0; i < len(fields); i += advance { + // One iteration per name. + // Find the sequence of fields with the name of this first field. + fi := fields[i] + name := fi.name + for advance = 1; i+advance < len(fields); advance++ { + fj := fields[i+advance] + if fj.name != name { + break + } + } + if advance == 1 { // Only one field with this name + out = append(out, fi) + continue + } + dominant, ok := dominantField(fields[i : i+advance]) + if ok { + out = append(out, dominant) + } + } + + fields = out + sort.Sort(byIndex(fields)) + + return fields +} + +// dominantField looks through the fields, all of which are known to +// have the same name, to find the single field that dominates the +// others using Go's embedding rules, modified by the presence of +// TOML tags. If there are multiple top-level fields, the boolean +// will be false: This condition is an error in Go and we skip all +// the fields. +func dominantField(fields []field) (field, bool) { + // The fields are sorted in increasing index-length order. The winner + // must therefore be one with the shortest index length. Drop all + // longer entries, which is easy: just truncate the slice. + length := len(fields[0].index) + tagged := -1 // Index of first tagged field. + for i, f := range fields { + if len(f.index) > length { + fields = fields[:i] + break + } + if f.tag { + if tagged >= 0 { + // Multiple tagged fields at the same level: conflict. + // Return no field. + return field{}, false + } + tagged = i + } + } + if tagged >= 0 { + return fields[tagged], true + } + // All remaining fields have the same length. If there's more than one, + // we have a conflict (two fields named "X" at the same level) and we + // return no field. + if len(fields) > 1 { + return field{}, false + } + return fields[0], true +} + +var fieldCache struct { + sync.RWMutex + m map[reflect.Type][]field +} + +// cachedTypeFields is like typeFields but uses a cache to avoid repeated work. +func cachedTypeFields(t reflect.Type) []field { + fieldCache.RLock() + f := fieldCache.m[t] + fieldCache.RUnlock() + if f != nil { + return f + } + + // Compute fields without lock. + // Might duplicate effort but won't hold other computations back. + f = typeFields(t) + if f == nil { + f = []field{} + } + + fieldCache.Lock() + if fieldCache.m == nil { + fieldCache.m = map[reflect.Type][]field{} + } + fieldCache.m[t] = f + fieldCache.Unlock() + return f +}