support Provider ACME DNS in Backend.

2026-06-22 21:05:48 +08:00 · 2025-08-15 01:49:29 +08:00 · 2025-08-15 01:49:29 +08:00 · 152bdbfcf5
commit 152bdbfcf5
parent 43acea2e77
6 changed files with 62 additions and 0 deletions
--- a/go.mod
+++ b/go.mod
@ -123,6 +123,7 @@ require (
 	github.com/namedotcom/go v0.0.0-20180403034216-08470befbe04 // indirect
 	github.com/nrdcg/bunny-go v0.0.0-20240207213615-dde5bf4577a3 // indirect
 	github.com/nrdcg/desec v0.10.0 // indirect
+	github.com/nrdcg/goacmedns v0.2.0 // indirect
 	github.com/nrdcg/mailinabox v0.2.0 // indirect
 	github.com/nrdcg/porkbun v0.4.0 // indirect
 	github.com/peterhellberg/link v1.2.0 // indirect
--- a/go.sum
+++ b/go.sum
@ -692,6 +692,8 @@ github.com/nrdcg/bunny-go v0.0.0-20240207213615-dde5bf4577a3 h1:ouZ2JWDl8IW5k1qu
 github.com/nrdcg/bunny-go v0.0.0-20240207213615-dde5bf4577a3/go.mod h1:ZwadWt7mVhMHMbAQ1w8IhDqtWO3eWqWq72W7trnaiE8=
 github.com/nrdcg/desec v0.10.0 h1:qrEDiqnsvNU9QE7lXIXi/tIHAfyaFXKxF2/8/52O8uM=
 github.com/nrdcg/desec v0.10.0/go.mod h1:5+4vyhMRTs49V9CNoODF/HwT8Mwxv9DJ6j+7NekUnBs=
+github.com/nrdcg/goacmedns v0.2.0 h1:ADMbThobzEMnr6kg2ohs4KGa3LFqmgiBA22/6jUWJR0=
+github.com/nrdcg/goacmedns v0.2.0/go.mod h1:T5o6+xvSLrQpugmwHvrSNkzWht0UGAwj2ACBMhh73Cg=
 github.com/nrdcg/mailinabox v0.2.0 h1:IKq8mfKiVwNW2hQii/ng1dJ4yYMMv3HAP3fMFIq2CFk=
 github.com/nrdcg/mailinabox v0.2.0/go.mod h1:0yxqeYOiGyxAu7Sb94eMxHPIOsPYXAjTeA9ZhePhGnc=
 github.com/nrdcg/namesilo v0.2.1 h1:kLjCjsufdW/IlC+iSfAqj0iQGgKjlbUUeDJio5Y6eMg=
--- a/internal/applicant/providers.go
+++ b/internal/applicant/providers.go
@ -6,6 +6,7 @@ import (
 	"github.com/go-acme/lego/v4/challenge"

 	"github.com/certimate-go/certimate/internal/domain"
+	pACMEDNS "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/acmedns"
 	pACMEHttpReq "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/acmehttpreq"
 	pAliyun "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/aliyun"
 	pAliyunESA "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa"
@ -75,6 +76,21 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi
 	  NOTICE: If you add new constant, please keep ASCII order.
 	*/
 	switch options.Provider {
+	case domain.ACMEDns01ProviderTypeACMEDNS:
+		{
+			access := domain.AccessConfigForACMEDNS{}
+			if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil {
+				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
+			}
+
+			applicant, err := pACMEDNS.NewChallengeProvider(&pACMEDNS.ChallengeProviderConfig{
+				ApiBase:        access.ApiBase,
+				StorageBaseUrl: access.StorageBaseUrl,
+				StoragePath:    access.StoragePath,
+			})
+			return applicant, err
+		}
+
 	case domain.ACMEDns01ProviderTypeACMEHttpReq:
 		{
 			access := domain.AccessConfigForACMEHttpReq{}
--- a/internal/domain/access.go
+++ b/internal/domain/access.go
@ -28,6 +28,12 @@ type AccessConfigForACMECA struct {
 	EabHmacKey string `json:"eabHmacKey,omitempty"`
 }

+type AccessConfigForACMEDNS struct {
+	ApiBase        string `json:"apiBase"`
+	StorageBaseUrl string `json:"storageBaseUrl,omitempty"`
+	StoragePath    string `json:"storagePath,omitempty"`
+}
+
 type AccessConfigForACMEHttpReq struct {
 	Endpoint string `json:"endpoint"`
 	Mode     string `json:"mode,omitempty"`
--- a/internal/domain/provider.go
+++ b/internal/domain/provider.go
@ -11,6 +11,7 @@ type AccessProviderType string
 const (
 	AccessProviderType1Panel              = AccessProviderType("1panel")
 	AccessProviderTypeACMECA              = AccessProviderType("acmeca")
+	AccessProviderTypeACMEDNS             = AccessProviderType("acmedns")
 	AccessProviderTypeACMEHttpReq         = AccessProviderType("acmehttpreq")
 	AccessProviderTypeAkamai              = AccessProviderType("akamai") // Akamai（预留）
 	AccessProviderTypeAliyun              = AccessProviderType("aliyun")
@ -121,6 +122,7 @@ ACME DNS-01 提供商常量值。
 	NOTICE: If you add new constant, please keep ASCII order.
 */
 const (
+	ACMEDns01ProviderTypeACMEDNS           = ACMEDns01ProviderType(AccessProviderTypeACMEDNS)
 	ACMEDns01ProviderTypeACMEHttpReq       = ACMEDns01ProviderType(AccessProviderTypeACMEHttpReq)
 	ACMEDns01ProviderTypeAliyun            = ACMEDns01ProviderType(AccessProviderTypeAliyun) // 兼容旧值，等同于 [ACMEDns01ProviderTypeAliyunDNS]
 	ACMEDns01ProviderTypeAliyunDNS         = ACMEDns01ProviderType(AccessProviderTypeAliyun + "-dns")
--- a/pkg/core/ssl-applicator/acme-dns01/providers/acmedns/acmedns.go
+++ b/pkg/core/ssl-applicator/acme-dns01/providers/acmedns/acmedns.go
@ -0,0 +1,35 @@
+package acmedns
+
+import (
+	"errors"
+	"net/url"
+
+	"github.com/go-acme/lego/v4/providers/dns/acmedns"
+
+	"github.com/certimate-go/certimate/pkg/core"
+)
+
+type ChallengeProviderConfig struct {
+	ApiBase        string `json:"apiBase,omitempty"`
+	StorageBaseUrl string `json:"storageBaseUrl,omitempty"`
+	StoragePath    string `json:"storagePath,omitempty"`
+}
+
+func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) {
+	if config == nil {
+		return nil, errors.New("the configuration of the acme challenge provider is nil")
+	}
+
+	ApiBase, _ := url.Parse(config.ApiBase)
+	providerConfig := acmedns.NewDefaultConfig()
+	providerConfig.APIBase = ApiBase.String()
+	providerConfig.StorageBaseURL = config.StorageBaseUrl
+	providerConfig.StoragePath = config.StoragePath
+
+	provider, err := acmedns.NewDNSProviderConfig(providerConfig)
+	if err != nil {
+		return nil, err
+	}
+
+	return provider, nil
+}