Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add DNS provider for UKFast SafeDNS #1545

Merged
merged 2 commits into from
Dec 20, 2021
Merged

Add DNS provider for UKFast SafeDNS #1545

merged 2 commits into from
Dec 20, 2021
+660 −3

Conversation

Xiol
Copy link
Contributor

@Xiol Xiol commented Dec 16, 2021
edited by ldez
Loading

Adds UKFast's SafeDNS dns01 provider for #1503.

@ldez
Copy link
Member

ldez commented Dec 16, 2021
edited
Loading

Hello, in order for a PR adding a DNS provider to be accepted, you have to:

  • add a description to your PR
  • be able to maintain this provider
  • have a homogeneous design with the other providers
  • add tests (units)
make test
  • add tests ("live")

    lego/providers/dns/cloudflare/cloudflare_test.go

    Lines 125 to 151 in c938de6

    func TestLivePresent(t *testing.T) {
    if !envTest.IsLiveTest() {
    t.Skip("skipping live test")
    }
    envTest.RestoreEnv()
    provider, err := NewDNSProvider()
    require.NoError(t, err)
    err = provider.Present(envTest.GetDomain(), "", "123d==")
    require.NoError(t, err)
    }
    func TestLiveCleanUp(t *testing.T) {
    if !envTest.IsLiveTest() {
    t.Skip("skipping live test")
    }
    envTest.RestoreEnv()
    provider, err := NewDNSProvider()
    require.NoError(t, err)
    time.Sleep(2 * time.Second)
    err = provider.CleanUp(envTest.GetDomain(), "", "123d==")
    require.NoError(t, err)
    } 
make test
make generate-dns
  • be able to do: (and put the output of this command to a comment in your PR)
rm -rf .lego

./lego -m [email protected] --dns YOUR_PROVIDER_NAME -d *.example.com -d example.com -s https://acme-staging-v02.api.letsencrypt.org/directory run

Note the wildcard domain is important.

make checks
  • do go mod tidy

@ldez ldez self-requested a review December 16, 2021 14:53
@Xiol Xiol force-pushed the safedns-dns01-provider branch from 28fe672 to 30847bc Compare December 16, 2021 14:53
@Xiol
Copy link
Contributor Author

Xiol commented Dec 16, 2021
edited by ldez
Loading

Example run as requested;

export SAFEDNS_AUTH_TOKEN=asdfasdfdist/lego -m [email protected] --dns safedns -d '*.testops.ukfast.co.uk' -d 'testops.ukfast.co.uk' -s https://acme-staging-v02.api.letsencrypt.org/directory run
2021/12/16 14:58:16 No key found for account [email protected]. Generating a P256 key.
2021/12/16 14:58:16 Saved key to /home/dane/projects/lego/.lego/accounts/acme-staging-v02.api.letsencrypt.org/[email protected]/keys/[email protected]
2021/12/16 14:58:17 Please review the TOS at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
Do you accept the TOS? Y/n
y
2021/12/16 14:58:19 [INFO] acme: Registering account for [email protected]
!!!! HEADS UP !!!!

Your account credentials have been saved in your Let's Encrypt
configuration directory at "/home/dane/projects/lego/.lego/accounts".

You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from Let's Encrypt so making regular
backups of this folder is ideal.
2021/12/16 14:58:19 [INFO] [*.testops.ukfast.co.uk, testops.ukfast.co.uk] acme: Obtaining bundled SAN certificate
2021/12/16 14:58:20 [INFO] [*.testops.ukfast.co.uk] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/1195778128
2021/12/16 14:58:20 [INFO] [testops.ukfast.co.uk] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/1195778138
2021/12/16 14:58:20 [INFO] [*.testops.ukfast.co.uk] acme: use dns-01 solver
2021/12/16 14:58:20 [INFO] [testops.ukfast.co.uk] acme: Could not find solver for: tls-alpn-01
2021/12/16 14:58:20 [INFO] [testops.ukfast.co.uk] acme: Could not find solver for: http-01
2021/12/16 14:58:20 [INFO] [testops.ukfast.co.uk] acme: use dns-01 solver
2021/12/16 14:58:20 [INFO] [*.testops.ukfast.co.uk] acme: Preparing to solve DNS-01
2021/12/16 14:58:20 [INFO] safedns: creating record {Name:_acme-challenge.testops.ukfast.co.uk Type:TXT Content:"1wUvgm14E8sgWJInLRmy-tcaadflvvD90UPWGS40pNo" TTL:30} at https://api.ukfast.io/safedns/v1/zones/testops.ukfast.co.uk/records
2021/12/16 14:58:20 [INFO] safedns: created record with ID 5020534
2021/12/16 14:58:20 [INFO] [testops.ukfast.co.uk] acme: Preparing to solve DNS-01
2021/12/16 14:58:20 [INFO] safedns: creating record {Name:_acme-challenge.testops.ukfast.co.uk Type:TXT Content:"qXofvo-hbD_3mR-LyDr0xwQZFkRMAcAl6pgAiu2johU" TTL:30} at https://api.ukfast.io/safedns/v1/zones/testops.ukfast.co.uk/records
2021/12/16 14:58:20 [INFO] safedns: created record with ID 5020535
2021/12/16 14:58:20 [INFO] [*.testops.ukfast.co.uk] acme: Trying to solve DNS-01
2021/12/16 14:58:20 [INFO] [*.testops.ukfast.co.uk] acme: Checking DNS record propagation using [127.0.0.53:53]
2021/12/16 14:58:25 [INFO] Wait for propagation [timeout: 1m0s, interval: 5s]
2021/12/16 14:58:25 [INFO] [*.testops.ukfast.co.uk] acme: Waiting for DNS record propagation.
2021/12/16 14:58:34 [INFO] [*.testops.ukfast.co.uk] The server validated our request
2021/12/16 14:58:34 [INFO] [testops.ukfast.co.uk] acme: Trying to solve DNS-01
2021/12/16 14:58:34 [INFO] [testops.ukfast.co.uk] acme: Checking DNS record propagation using [127.0.0.53:53]
2021/12/16 14:58:39 [INFO] Wait for propagation [timeout: 1m0s, interval: 5s]
2021/12/16 14:58:39 [INFO] [testops.ukfast.co.uk] acme: Waiting for DNS record propagation.
2021/12/16 14:58:51 [INFO] [testops.ukfast.co.uk] The server validated our request
2021/12/16 14:58:51 [INFO] [*.testops.ukfast.co.uk] acme: Cleaning DNS-01 challenge
2021/12/16 14:58:51 [INFO] safedns: cleaning up record 5020534 at https://api.ukfast.io/safedns/v1/zones/testops.ukfast.co.uk/records/5020534
2021/12/16 14:58:51 [INFO] [testops.ukfast.co.uk] acme: Cleaning DNS-01 challenge
2021/12/16 14:58:51 [INFO] safedns: cleaning up record 5020535 at https://api.ukfast.io/safedns/v1/zones/testops.ukfast.co.uk/records/5020535
2021/12/16 14:58:51 [INFO] [*.testops.ukfast.co.uk, testops.ukfast.co.uk] acme: Validations succeeded; requesting certificates
2021/12/16 14:58:52 [INFO] [*.testops.ukfast.co.uk] Server responded with a certificate.

@Xiol Xiol force-pushed the safedns-dns01-provider branch from 55cb5da to 5ee45d7 Compare December 16, 2021 16:07
@Xiol
Copy link
Contributor Author

Xiol commented Dec 16, 2021

Right, sorry, that should pass checks now.

@ldez ldez changed the title Add SafeDNS dns01 provider Add UKFast SafeDNS DNS provider Dec 17, 2021
@ldez ldez changed the title Add UKFast SafeDNS DNS provider Add DNS provider for UKFast SafeDNS Dec 17, 2021
@ldez ldez added this to the v4.6 milestone Dec 17, 2021
@ldez ldez force-pushed the safedns-dns01-provider branch from a15610a to fb05afc Compare December 17, 2021 01:23
@ldez
Copy link
Member

ldez commented Dec 18, 2021

to answer this point:

be able to maintain this provider

I need to know who you are: are you a UKFast employee? Are you a UKFast customer? etc.

@Xiol
Copy link
Contributor Author

Xiol commented Dec 18, 2021

@ldez, I'm a UKFast employee. Happy to maintain this.

ldez
ldez approved these changes Dec 20, 2021
View reviewed changes
Copy link
Member

@ldez ldez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks 👍

@ldez ldez force-pushed the safedns-dns01-provider branch from fb05afc to 2a3632a Compare December 20, 2021 14:05
@ldez ldez enabled auto-merge (squash) December 20, 2021 14:06
@ldez ldez merged commit 0324783 into go-acme:master Dec 20, 2021
@ldez ldez mentioned this pull request Dec 20, 2021
Closed
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ldez ldez ldez approved these changes

Assignees
No one assigned
Labels
area/dnsprovider enhancement
Milestone
v4.6
Development

Successfully merging this pull request may close these issues.
2 participants
@Xiol @ldez