From 152bdbfcf509432941d52df0ad6486c43df722c2 Mon Sep 17 00:00:00 2001 From: "Aldrich J. Xing" Date: Fri, 15 Aug 2025 01:49:29 +0800 Subject: [PATCH] support Provider ACME DNS in Backend. --- go.mod | 1 + go.sum | 2 ++ internal/applicant/providers.go | 16 +++++++++ internal/domain/access.go | 6 ++++ internal/domain/provider.go | 2 ++ .../acme-dns01/providers/acmedns/acmedns.go | 35 +++++++++++++++++++ 6 files changed, 62 insertions(+) create mode 100644 pkg/core/ssl-applicator/acme-dns01/providers/acmedns/acmedns.go diff --git a/go.mod b/go.mod index 712a9904..fb1968eb 100644 --- a/go.mod +++ b/go.mod @@ -123,6 +123,7 @@ require ( github.com/namedotcom/go v0.0.0-20180403034216-08470befbe04 // indirect github.com/nrdcg/bunny-go v0.0.0-20240207213615-dde5bf4577a3 // indirect github.com/nrdcg/desec v0.10.0 // indirect + github.com/nrdcg/goacmedns v0.2.0 // indirect github.com/nrdcg/mailinabox v0.2.0 // indirect github.com/nrdcg/porkbun v0.4.0 // indirect github.com/peterhellberg/link v1.2.0 // indirect diff --git a/go.sum b/go.sum index 149f9151..d5bb2afb 100644 --- a/go.sum +++ b/go.sum @@ -692,6 +692,8 @@ github.com/nrdcg/bunny-go v0.0.0-20240207213615-dde5bf4577a3 h1:ouZ2JWDl8IW5k1qu github.com/nrdcg/bunny-go v0.0.0-20240207213615-dde5bf4577a3/go.mod h1:ZwadWt7mVhMHMbAQ1w8IhDqtWO3eWqWq72W7trnaiE8= github.com/nrdcg/desec v0.10.0 h1:qrEDiqnsvNU9QE7lXIXi/tIHAfyaFXKxF2/8/52O8uM= github.com/nrdcg/desec v0.10.0/go.mod h1:5+4vyhMRTs49V9CNoODF/HwT8Mwxv9DJ6j+7NekUnBs= +github.com/nrdcg/goacmedns v0.2.0 h1:ADMbThobzEMnr6kg2ohs4KGa3LFqmgiBA22/6jUWJR0= +github.com/nrdcg/goacmedns v0.2.0/go.mod h1:T5o6+xvSLrQpugmwHvrSNkzWht0UGAwj2ACBMhh73Cg= github.com/nrdcg/mailinabox v0.2.0 h1:IKq8mfKiVwNW2hQii/ng1dJ4yYMMv3HAP3fMFIq2CFk= github.com/nrdcg/mailinabox v0.2.0/go.mod h1:0yxqeYOiGyxAu7Sb94eMxHPIOsPYXAjTeA9ZhePhGnc= github.com/nrdcg/namesilo v0.2.1 h1:kLjCjsufdW/IlC+iSfAqj0iQGgKjlbUUeDJio5Y6eMg= diff --git a/internal/applicant/providers.go b/internal/applicant/providers.go index 7b07997f..55c4c0fe 100644 --- a/internal/applicant/providers.go +++ b/internal/applicant/providers.go @@ -6,6 +6,7 @@ import ( "github.com/go-acme/lego/v4/challenge" "github.com/certimate-go/certimate/internal/domain" + pACMEDNS "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/acmedns" pACMEHttpReq "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/acmehttpreq" pAliyun "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/aliyun" pAliyunESA "github.com/certimate-go/certimate/pkg/core/ssl-applicator/acme-dns01/providers/aliyun-esa" @@ -75,6 +76,21 @@ func createApplicantProvider(options *applicantProviderOptions) (challenge.Provi NOTICE: If you add new constant, please keep ASCII order. */ switch options.Provider { + case domain.ACMEDns01ProviderTypeACMEDNS: + { + access := domain.AccessConfigForACMEDNS{} + if err := xmaps.Populate(options.ProviderAccessConfig, &access); err != nil { + return nil, fmt.Errorf("failed to populate provider access config: %w", err) + } + + applicant, err := pACMEDNS.NewChallengeProvider(&pACMEDNS.ChallengeProviderConfig{ + ApiBase: access.ApiBase, + StorageBaseUrl: access.StorageBaseUrl, + StoragePath: access.StoragePath, + }) + return applicant, err + } + case domain.ACMEDns01ProviderTypeACMEHttpReq: { access := domain.AccessConfigForACMEHttpReq{} diff --git a/internal/domain/access.go b/internal/domain/access.go index dd63ada1..6aad4602 100644 --- a/internal/domain/access.go +++ b/internal/domain/access.go @@ -28,6 +28,12 @@ type AccessConfigForACMECA struct { EabHmacKey string `json:"eabHmacKey,omitempty"` } +type AccessConfigForACMEDNS struct { + ApiBase string `json:"apiBase"` + StorageBaseUrl string `json:"storageBaseUrl,omitempty"` + StoragePath string `json:"storagePath,omitempty"` +} + type AccessConfigForACMEHttpReq struct { Endpoint string `json:"endpoint"` Mode string `json:"mode,omitempty"` diff --git a/internal/domain/provider.go b/internal/domain/provider.go index c6e7b969..9372026e 100644 --- a/internal/domain/provider.go +++ b/internal/domain/provider.go @@ -11,6 +11,7 @@ type AccessProviderType string const ( AccessProviderType1Panel = AccessProviderType("1panel") AccessProviderTypeACMECA = AccessProviderType("acmeca") + AccessProviderTypeACMEDNS = AccessProviderType("acmedns") AccessProviderTypeACMEHttpReq = AccessProviderType("acmehttpreq") AccessProviderTypeAkamai = AccessProviderType("akamai") // Akamai(预留) AccessProviderTypeAliyun = AccessProviderType("aliyun") @@ -121,6 +122,7 @@ ACME DNS-01 提供商常量值。 NOTICE: If you add new constant, please keep ASCII order. */ const ( + ACMEDns01ProviderTypeACMEDNS = ACMEDns01ProviderType(AccessProviderTypeACMEDNS) ACMEDns01ProviderTypeACMEHttpReq = ACMEDns01ProviderType(AccessProviderTypeACMEHttpReq) ACMEDns01ProviderTypeAliyun = ACMEDns01ProviderType(AccessProviderTypeAliyun) // 兼容旧值,等同于 [ACMEDns01ProviderTypeAliyunDNS] ACMEDns01ProviderTypeAliyunDNS = ACMEDns01ProviderType(AccessProviderTypeAliyun + "-dns") diff --git a/pkg/core/ssl-applicator/acme-dns01/providers/acmedns/acmedns.go b/pkg/core/ssl-applicator/acme-dns01/providers/acmedns/acmedns.go new file mode 100644 index 00000000..992766f8 --- /dev/null +++ b/pkg/core/ssl-applicator/acme-dns01/providers/acmedns/acmedns.go @@ -0,0 +1,35 @@ +package acmedns + +import ( + "errors" + "net/url" + + "github.com/go-acme/lego/v4/providers/dns/acmedns" + + "github.com/certimate-go/certimate/pkg/core" +) + +type ChallengeProviderConfig struct { + ApiBase string `json:"apiBase,omitempty"` + StorageBaseUrl string `json:"storageBaseUrl,omitempty"` + StoragePath string `json:"storagePath,omitempty"` +} + +func NewChallengeProvider(config *ChallengeProviderConfig) (core.ACMEChallenger, error) { + if config == nil { + return nil, errors.New("the configuration of the acme challenge provider is nil") + } + + ApiBase, _ := url.Parse(config.ApiBase) + providerConfig := acmedns.NewDefaultConfig() + providerConfig.APIBase = ApiBase.String() + providerConfig.StorageBaseURL = config.StorageBaseUrl + providerConfig.StoragePath = config.StoragePath + + provider, err := acmedns.NewDNSProviderConfig(providerConfig) + if err != nil { + return nil, err + } + + return provider, nil +}