101 lines
2.8 KiB
Go
101 lines
2.8 KiB
Go
package acme
|
|
|
|
import (
|
|
"fmt"
|
|
"os"
|
|
|
|
"github.com/go-acme/lego/v4/challenge"
|
|
"github.com/go-acme/lego/v4/providers/dns/alidns"
|
|
"github.com/go-acme/lego/v4/providers/dns/cloudflare"
|
|
"github.com/go-acme/lego/v4/providers/dns/dnspod"
|
|
"github.com/go-acme/lego/v4/providers/dns/godaddy"
|
|
"github.com/go-acme/lego/v4/providers/dns/namesilo"
|
|
"github.com/go-acme/lego/v4/providers/dns/tencentcloud"
|
|
)
|
|
|
|
var DNSProviderEnvKeys = map[string][]string{
|
|
"cloudflare": {"CF_API_EMAIL", "CF_API_KEY", "CF_DNS_API_TOKEN"},
|
|
"alidns": {"ALICLOUD_ACCESS_KEY", "ALICLOUD_SECRET_KEY"},
|
|
"tencentcloud": {"TENCENTCLOUD_SECRET_ID", "TENCENTCLOUD_SECRET_KEY"},
|
|
"dnspod": {"DNSPOD_API_KEY"},
|
|
"namesilo": {"NAMESILO_API_KEY"},
|
|
"godaddy": {"GODADDY_API_KEY", "GODADDY_API_SECRET"},
|
|
}
|
|
|
|
func NewDNSProviderByName(name string) (challenge.Provider, error) {
|
|
switch name {
|
|
case "cloudflare":
|
|
return cloudflare.NewDNSProvider()
|
|
case "alidns":
|
|
return alidns.NewDNSProvider()
|
|
case "tencentcloud":
|
|
return tencentcloud.NewDNSProvider()
|
|
case "dnspod":
|
|
return dnspod.NewDNSProvider()
|
|
case "namesilo":
|
|
return namesilo.NewDNSProvider()
|
|
case "godaddy":
|
|
return godaddy.NewDNSProvider()
|
|
default:
|
|
return nil, fmt.Errorf("unsupported DNS provider: %s", name)
|
|
}
|
|
}
|
|
|
|
func SetDNSCredentialEnv(providerType string, credentials map[string]string) (cleanup func(), err error) {
|
|
keys, ok := DNSProviderEnvKeys[providerType]
|
|
if !ok {
|
|
return nil, fmt.Errorf("unsupported DNS provider type: %s", providerType)
|
|
}
|
|
|
|
var setKeys []string
|
|
for _, key := range keys {
|
|
if val, exists := credentials[key]; exists && val != "" {
|
|
os.Setenv(key, val)
|
|
setKeys = append(setKeys, key)
|
|
}
|
|
}
|
|
|
|
if len(setKeys) == 0 {
|
|
return nil, fmt.Errorf("no valid credentials provided for DNS provider %s", providerType)
|
|
}
|
|
|
|
cleanup = func() {
|
|
for _, key := range setKeys {
|
|
os.Unsetenv(key)
|
|
}
|
|
}
|
|
return cleanup, nil
|
|
}
|
|
|
|
const (
|
|
CALetsEncrypt = "letsencrypt"
|
|
CALetsEncryptStaging = "letsencrypt-staging"
|
|
CAZeroSSL = "zerossl"
|
|
CABuypass = "buypass"
|
|
CABuypassTest = "buypass-test"
|
|
)
|
|
|
|
var CADirectoryURLs = map[string]string{
|
|
CALetsEncrypt: "https://acme-v02.api.letsencrypt.org/directory",
|
|
CALetsEncryptStaging: "https://acme-staging-v02.api.letsencrypt.org/directory",
|
|
CAZeroSSL: "https://acme.zerossl.com/v2/DV90",
|
|
CABuypass: "https://api.buypass.com/acme/directory",
|
|
CABuypassTest: "https://api.test4.buypass.no/acme/directory",
|
|
}
|
|
|
|
func ResolveCADirectoryURL(provider string, staging bool) string {
|
|
if staging {
|
|
if url, ok := CADirectoryURLs[provider+"-staging"]; ok {
|
|
return url
|
|
}
|
|
if url, ok := CADirectoryURLs[provider+"-test"]; ok {
|
|
return url
|
|
}
|
|
return CADirectoryURLs[CALetsEncryptStaging]
|
|
}
|
|
if url, ok := CADirectoryURLs[provider]; ok {
|
|
return url
|
|
}
|
|
return CADirectoryURLs[CALetsEncrypt]
|
|
}
|