forked from 14850842/rancher-letsencrypt
-
Notifications
You must be signed in to change notification settings - Fork 0
/
providers.go
153 lines (130 loc) · 4.09 KB
/
providers.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
package letsencrypt
import (
"fmt"
"os"
lego "github.com/xenolf/lego/acme"
"github.com/xenolf/lego/providers/dns/cloudflare"
"github.com/xenolf/lego/providers/dns/digitalocean"
"github.com/xenolf/lego/providers/dns/dnsimple"
"github.com/xenolf/lego/providers/dns/dyn"
"github.com/xenolf/lego/providers/dns/route53"
)
// ProviderOpts is used to configure the DNS provider
// used by the Let's Encrypt client for domain validation
type ProviderOpts struct {
Provider DnsProvider
// CloudFlare credentials
CloudflareEmail string
CloudflareKey string
// DigitalOcean credentials
DoAccessToken string
// AWS Route 53 credentials
AwsAccessKey string
AwsSecretKey string
// DNSimple credentials
DNSimpleEmail string
DNSimpleKey string
// Dyn credentials
DynCustomerName string
DynUserName string
DynPassword string
}
type DnsProvider string
const (
CLOUDFLARE = DnsProvider("CloudFlare")
DIGITALOCEAN = DnsProvider("DigitalOcean")
ROUTE53 = DnsProvider("Route53")
DNSIMPLE = DnsProvider("DNSimple")
DYN = DnsProvider("Dyn")
)
var dnsProviderFactory = map[DnsProvider]interface{}{
CLOUDFLARE: makeCloudflareProvider,
DIGITALOCEAN: makeDigitalOceanProvider,
ROUTE53: makeRoute53Provider,
DNSIMPLE: makeDNSimpleProvider,
DYN: makeDynProvider,
}
func getProvider(opts ProviderOpts) (lego.ChallengeProvider, error) {
if f, ok := dnsProviderFactory[opts.Provider]; ok {
provider, err := f.(func(ProviderOpts) (lego.ChallengeProvider, error))(opts)
if err != nil {
return nil, err
}
return provider, nil
}
return nil, fmt.Errorf("Unsupported DNS provider: %s", opts.Provider)
}
// returns a preconfigured CloudFlare lego.ChallengeProvider
func makeCloudflareProvider(opts ProviderOpts) (lego.ChallengeProvider, error) {
if len(opts.CloudflareEmail) == 0 {
return nil, fmt.Errorf("CloudFlare email is not set")
}
if len(opts.CloudflareKey) == 0 {
return nil, fmt.Errorf("CloudFlare API key is not set")
}
provider, err := cloudflare.NewDNSProviderCredentials(opts.CloudflareEmail, opts.CloudflareKey)
if err != nil {
return nil, err
}
return provider, nil
}
// returns a preconfigured DigitalOcean lego.ChallengeProvider
func makeDigitalOceanProvider(opts ProviderOpts) (lego.ChallengeProvider, error) {
if len(opts.DoAccessToken) == 0 {
return nil, fmt.Errorf("DigitalOcean API access token is not set")
}
provider, err := digitalocean.NewDNSProviderCredentials(opts.DoAccessToken)
if err != nil {
return nil, err
}
return provider, nil
}
// returns a preconfigured Route53 lego.ChallengeProvider
func makeRoute53Provider(opts ProviderOpts) (lego.ChallengeProvider, error) {
if len(opts.AwsAccessKey) == 0 {
return nil, fmt.Errorf("AWS access key is not set")
}
if len(opts.AwsSecretKey) == 0 {
return nil, fmt.Errorf("AWS secret key is not set")
}
os.Setenv("AWS_REGION", "us-east-1")
os.Setenv("AWS_ACCESS_KEY_ID", opts.AwsAccessKey)
os.Setenv("AWS_SECRET_ACCESS_KEY", opts.AwsSecretKey)
provider, err := route53.NewDNSProvider()
if err != nil {
return nil, err
}
return provider, nil
}
// returns a preconfigured DNSimple lego.ChallengeProvider
func makeDNSimpleProvider(opts ProviderOpts) (lego.ChallengeProvider, error) {
if len(opts.DNSimpleEmail) == 0 {
return nil, fmt.Errorf("DNSimple Email is not set")
}
if len(opts.DNSimpleKey) == 0 {
return nil, fmt.Errorf("DNSimple API key is not set")
}
provider, err := dnsimple.NewDNSProviderCredentials(opts.DNSimpleEmail, opts.DNSimpleKey)
if err != nil {
return nil, err
}
return provider, nil
}
// returns a preconfigured Dyn lego.ChallengeProvider
func makeDynProvider(opts ProviderOpts) (lego.ChallengeProvider, error) {
if len(opts.DynCustomerName) == 0 {
return nil, fmt.Errorf("Dyn customer name is not set")
}
if len(opts.DynUserName) == 0 {
return nil, fmt.Errorf("Dyn user name is not set")
}
if len(opts.DynPassword) == 0 {
return nil, fmt.Errorf("Dyn password is not set")
}
provider, err := dyn.NewDNSProviderCredentials(opts.DynCustomerName,
opts.DynUserName, opts.DynPassword)
if err != nil {
return nil, err
}
return provider, nil
}