new provider module HEXONET

OWNERS

@@ -5,6 +5,7 @@ providers/digitalocean @Deraen
 providers/dnsimple @aeden
 providers/gandi @TomOnTime
 # providers/gcloud
+providers/hexonet @papakai
 providers/linode @koesie10
 providers/namecheap @captncraig
 # providers/namedotcom

README.md

@@ -20,6 +20,7 @@ Currently supported DNS providers:
  - DNSimple
  - Gandi
  - Google
+ - HEXONET
  - Linode
  - Namecheap
  - Name.com

docs/_includes/matrix.html

@@ -14,6 +14,7 @@
 	<th class="rotate"><div><span>GANDI</span></div></th>
 	<th class="rotate"><div><span>GANDI-LIVEDNS</span></div></th>
 	<th class="rotate"><div><span>GCLOUD</span></div></th>
+	<th class="rotate"><div><span>HEXONET</span></div></th>
 	<th class="rotate"><div><span>LINODE</span></div></th>
 	<th class="rotate"><div><span>NAMECHEAP</span></div></th>
 	<th class="rotate"><div><span>NAMEDOTCOM</span></div></th>
@@ -53,6 +54,9 @@
 		<td class="success">
 			<i class="fa fa-check text-success" aria-hidden="true"></i>
 		</td>
+		<td class="danger" data-toggle="tooltip" data-container="body" data-placement="top" title="Actively maintained provider module.">
+			<i class="fa has-tooltip fa-times text-danger" aria-hidden="true"></i>
+		</td>
 		<td class="danger">
 			<i class="fa fa-times text-danger" aria-hidden="true"></i>
 		</td>
@@ -125,6 +129,9 @@
 		<td class="success">
 			<i class="fa fa-check text-success" aria-hidden="true"></i>
 		</td>
+		<td class="success">
+			<i class="fa fa-check text-success" aria-hidden="true"></i>
+		</td>
 		<td class="danger">
 			<i class="fa fa-times text-danger" aria-hidden="true"></i>
 		</td>
@@ -167,6 +174,9 @@
 		<td class="danger">
 			<i class="fa fa-times text-danger" aria-hidden="true"></i>
 		</td>
+		<td class="success">
+			<i class="fa fa-check text-success" aria-hidden="true"></i>
+		</td>
 		<td class="danger">
 			<i class="fa fa-times text-danger" aria-hidden="true"></i>
 		</td>
@@ -214,6 +224,9 @@
 		<td><i class="fa fa-minus dim"></i></td>
 		<td><i class="fa fa-minus dim"></i></td>
 		<td><i class="fa fa-minus dim"></i></td>
+		<td class="success" data-toggle="tooltip" data-container="body" data-placement="top" title="We fallback to CNAME up to now. Our API comes already with realtime ALIAS support over X-ALIAS-A / X-ALIAS-AAAA. This will be supported shortly.">
+			<i class="fa has-tooltip fa-check text-success" aria-hidden="true"></i>
+		</td>
 		<td><i class="fa fa-minus dim"></i></td>
 		<td class="danger">
 			<i class="fa fa-times text-danger" aria-hidden="true"></i>
@@ -259,6 +272,9 @@
 		<td class="success">
 			<i class="fa fa-check text-success" aria-hidden="true"></i>
 		</td>
+		<td class="success">
+			<i class="fa fa-check text-success" aria-hidden="true"></i>
+		</td>
 		<td><i class="fa fa-minus dim"></i></td>
 		<td class="danger">
 			<i class="fa fa-times text-danger" aria-hidden="true"></i>
@@ -300,6 +316,9 @@
 		<td class="success">
 			<i class="fa fa-check text-success" aria-hidden="true"></i>
 		</td>
+		<td class="success">
+			<i class="fa fa-check text-success" aria-hidden="true"></i>
+		</td>
 		<td><i class="fa fa-minus dim"></i></td>
 		<td class="danger">
 			<i class="fa fa-times text-danger" aria-hidden="true"></i>
@@ -349,6 +368,9 @@
 		<td class="success">
 			<i class="fa fa-check text-success" aria-hidden="true"></i>
 		</td>
+		<td class="success">
+			<i class="fa fa-check text-success" aria-hidden="true"></i>
+		</td>
 		<td><i class="fa fa-minus dim"></i></td>
 		<td class="danger" data-toggle="tooltip" data-container="body" data-placement="top" title="The namecheap web console allows you to make SRV records, but their api does not let you read or set them">
 			<i class="fa has-tooltip fa-times text-danger" aria-hidden="true"></i>
@@ -390,6 +412,9 @@
 		<td><i class="fa fa-minus dim"></i></td>
 		<td><i class="fa fa-minus dim"></i></td>
 		<td><i class="fa fa-minus dim"></i></td>
+		<td class="success">
+			<i class="fa fa-check text-success" aria-hidden="true"></i>
+		</td>
 		<td><i class="fa fa-minus dim"></i></td>
 		<td class="danger">
 			<i class="fa fa-times text-danger" aria-hidden="true"></i>
@@ -419,6 +444,9 @@
 		<td><i class="fa fa-minus dim"></i></td>
 		<td><i class="fa fa-minus dim"></i></td>
 		<td><i class="fa fa-minus dim"></i></td>
+		<td class="success">
+			<i class="fa fa-check text-success" aria-hidden="true"></i>
+		</td>
 		<td><i class="fa fa-minus dim"></i></td>
 		<td><i class="fa fa-minus dim"></i></td>
 		<td class="success">
@@ -444,6 +472,9 @@
 		<td><i class="fa fa-minus dim"></i></td>
 		<td><i class="fa fa-minus dim"></i></td>
 		<td><i class="fa fa-minus dim"></i></td>
+		<td class="danger">
+			<i class="fa fa-times text-danger" aria-hidden="true"></i>
+		</td>
 		<td><i class="fa fa-minus dim"></i></td>
 		<td><i class="fa fa-minus dim"></i></td>
 		<td><i class="fa fa-minus dim"></i></td>
@@ -477,6 +508,9 @@
 		<td class="success">
 			<i class="fa fa-check text-success" aria-hidden="true"></i>
 		</td>
+		<td class="success">
+			<i class="fa fa-check text-success" aria-hidden="true"></i>
+		</td>
 		<td class="danger">
 			<i class="fa fa-times text-danger" aria-hidden="true"></i>
 		</td>
@@ -528,6 +562,9 @@
 		<td class="success">
 			<i class="fa fa-check text-success" aria-hidden="true"></i>
 		</td>
+		<td class="success">
+			<i class="fa fa-check text-success" aria-hidden="true"></i>
+		</td>
 		<td class="danger">
 			<i class="fa fa-times text-danger" aria-hidden="true"></i>
 		</td>
@@ -588,6 +625,9 @@
 		<td class="success">
 			<i class="fa fa-check text-success" aria-hidden="true"></i>
 		</td>
+		<td class="success">
+			<i class="fa fa-check text-success" aria-hidden="true"></i>
+		</td>
 		<td class="danger">
 			<i class="fa fa-times text-danger" aria-hidden="true"></i>
 		</td>

docs/_providers/hexonet.md

@@ -0,0 +1,92 @@
+---
+name: HEXONET
+title: HEXONET Provider
+layout: default
+jsId: HEXONET
+---
+# HEXONET Provider
+
+HEXONET is a leading developer and operator of domain names and DNS platforms.
+Individual, service provider and registrars around the globe choose HEXONET for
+domains and DNS because of our advanced technology, operational performance and
+up-time, and most importantly for DNS expertise. DnsControl with HEXONET's DNS
+marries DNS automation with an industry-leading DNS platform that supports DNSSEC,
+PremiumDNS via Anycast Network, and nearly all of DnsControl's listed provider features.
+
+## Configuration
+
+Please provide your HEXONET login data in your credentials file `creds.json` as follows:
+
+{% highlight json %}
+{
+  "hexonet": {
+    "apilogin": "your-hexonet-account-id",
+    "apipassword": "your-hexonet-account-password",
+    "apientity": "LIVE", // for the LIVE system; use "OTE" for the OT&E system
+    "ipaddress": "172.31.3.16", // provide here your outgoing ip address
+    "debugmode": "0", // set it to "1" to get debug output of the communication with our Backend System API
+  }
+}
+{% endhighlight %}
+
+Here a working example for our OT&E System:
+
+{% highlight json %}
+{
+  "hexonet": {
+    "apilogin": "test.user",
+    "apipassword": "test.passw0rd",
+    "apientity": "OTE",
+    "debugmode": "0",
+  }
+}
+{% endhighlight %}
+
+## Usage
+
+Here an example DNS Configuration `dnsconfig.js` using our provider module.
+Even though it shows how you use us as Domain Registrar AND DNS Provider, we don't force you to do that.
+You are free to decide if you want to use both of our provider technology or just one of them.
+
+{% highlight javascript %}
+// Providers:
+var REG_HX = NewRegistrar('hexonet', 'HEXONET');
+var DNS_HX = NewDnsProvider('hexonet', 'HEXONET');
+
+// Set Default TTL for all RR to reflect our Backend API Default
+// If you use additional DNS Providers, configure a default TTL
+// per domain using the domain modifyer DefaultTTL instead.
+// also check this issue for [NAMESERVER TTL](https://github.com/StackExchange/dnscontrol/issues/176).
+DEFAULTS(
+    {"ns_ttl":"3600"},
+    DefaultTTL(3600)
+);
+
+// Domains:
+D('abhoster.com', REG_HX, DnsProvider(DNS_HX),
+    NAMESERVER('ns1.ispapi.net'),
+    NAMESERVER('ns2.ispapi.net'),
+    NAMESERVER('ns3.ispapi.net'),
+    NAMESERVER('ns4.ispapi.net'),
+    A('elk1', '10.190.234.178'),
+    A('test', '56.123.54.12')
+);
+{% endhighlight %}
+
+## Metadata
+
+This provider does not recognize any special metadata fields unique to HEXONET.
+
+## New domains
+
+If a dnszone does not exist in your HEXONET account, DNSControl will *not* automatically add it with the `dnscontrol push` or `dnscontrol preview` command. You'll need to do that via the control panel manually or using the command `dnscontrol create-domains`.
+This is because it could lead to unwanted costs on customer-side that we want to avoid.
+
+## Debug Mode
+
+As shown in the configuration examples above, this can be activated on demand and it can be used to check the API commands send to our system.
+In general this is thought for our purpose to have an easy way to dive into issues. But if you're interested what's going on, feel free to activate it.
+
+## IP Filter
+
+In case you have ip filter settings made for you HEXONET account, please provide your outgoing ip address as shown in the configuration examples above.

integrationTest/providers.json

@@ -42,6 +42,14 @@
     "private_key": "$GCLOUD_PRIVATEKEY",
     "project_id": "$GCLOUD_PROJECT"
   },
+  "HEXONET": {
+    "apilogin": "$HEXONET_UID",
+    "apipassword": "$HEXONET_PW",
+    "apientity": "$HEXONET_ENTITY",
+    "debugmode": "$HEXONET_DEBUGMODE",
+    "ipaddress": "$HEXONET_IP",
+    "domain": "dnscontrol.com"
+  },
   "LINODE": {
     "COMMENT": "25: Linode's hostname validation does not allow the target domain TLD",
     "token": "$LINODE_TOKEN",

providers/_all/all.go

@@ -10,6 +10,7 @@ import (
 	_ "github.com/StackExchange/dnscontrol/providers/dnsimple"
 	_ "github.com/StackExchange/dnscontrol/providers/gandi"
 	_ "github.com/StackExchange/dnscontrol/providers/gcloud"
+	_ "github.com/StackExchange/dnscontrol/providers/hexonet"
 	_ "github.com/StackExchange/dnscontrol/providers/linode"
 	_ "github.com/StackExchange/dnscontrol/providers/namecheap"
 	_ "github.com/StackExchange/dnscontrol/providers/namedotcom"

providers/hexonet/domains.go

@@ -0,0 +1,26 @@
+package hexonet
+
+//EnsureDomainExists returns an error
+// * if access to dnszone is not allowed (not authorized) or
+// * if it doesn't exist and creating it fails
+func (n *HXClient) EnsureDomainExists(domain string) error {
+	r := n.client.Request(map[string]string{
+		"COMMAND": "StatusDNSZone",
+		"DNSZONE": domain + ".",
+	})
+	code := r.Code()
+	if code == 545 {
+		r = n.client.Request(map[string]string{
+			"COMMAND": "CreateDNSZone",
+			"DNSZONE": domain + ".",
+		})
+		if !r.IsSuccess() {
+			return n.GetHXApiError("Failed to create not existing zone for domain", domain, r)
+		}
+	} else if code == 531 {
+		return n.GetHXApiError("Not authorized to manage dnszone", domain, r)
+	} else if r.IsError() || r.IsError() {
+		return n.GetHXApiError("Error while checking status of dnszone", domain, r)
+	}
+	return nil
+}

providers/hexonet/error.go

@@ -0,0 +1,11 @@
+package hexonet
+
+import (
+	lr "github.com/hexonet/go-sdk/response/listresponse"
+	"github.com/pkg/errors"
+)
+
+// GetHXApiError returns an error including API error code and error description.
+func (n *HXClient) GetHXApiError(format string, objectid string, r *lr.ListResponse) error {
+	return errors.Errorf(format+" %s. [%s %s]", objectid, r.Code(), r.Description())
+}

providers/hexonet/hexonetProvider.go

@@ -0,0 +1,69 @@
+// Package hexonet implements a registrar that uses the hexonet api to set name servers. It will self register it's providers when imported.
+package hexonet
+
+import (
+	"encoding/json"
+	"fmt"
+
+	"github.com/StackExchange/dnscontrol/providers"
+	hxcl "github.com/hexonet/go-sdk/client"
+)
+
+// HXClient describes a connection to the hexonet API.
+type HXClient struct {
+	APILogin    string
+	APIPassword string
+	APIEntity   string
+	client      *hxcl.Client
+}
+
+var features = providers.DocumentationNotes{
+	providers.CanUseAlias:            providers.Cannot("Using ALIAS is possible through our extended DNS (X-DNS) service. Feel free to get in touch with us."),
+	providers.CanUseCAA:              providers.Can(),
+	providers.CanUsePTR:              providers.Can(),
+	providers.CanUseRoute53Alias:     providers.Cannot("Using ALIAS is possible through our extended DNS (X-DNS) service. Feel free to get in touch with us."),
+	providers.CanUseSRV:              providers.Can(),
+	providers.CanUseTLSA:             providers.Can(),
+	providers.CanUseTXTMulti:         providers.Can(),
+	providers.CantUseNOPURGE:         providers.Can(),
+	providers.DocCreateDomains:       providers.Can(),
+	providers.DocDualHost:            providers.Can(),
+	providers.DocOfficiallySupported: providers.Cannot("Actively maintained provider module."),
+}
+
+func newProvider(conf map[string]string) (*HXClient, error) {
+	api := &HXClient{
+		client: hxcl.NewClient(),
+	}
+	api.APILogin, api.APIPassword, api.APIEntity = conf["apilogin"], conf["apipassword"], conf["apientity"]
+	if conf["debugmode"] == "1" {
+		api.client.EnableDebugMode()
+	}
+	if len(conf["ipaddress"]) > 0 {
+		api.client.SetIPAddress(conf["ipaddress"])
+	}
+	if api.APIEntity != "OTE" && api.APIEntity != "LIVE" {
+		return nil, fmt.Errorf("wrong api system entity used. use \"OTE\" for OT&E system or \"LIVE\" for Live system")
+	}
+	if api.APIEntity == "OTE" {
+		api.client.UseOTESystem()
+	}
+	if api.APILogin == "" || api.APIPassword == "" {
+		return nil, fmt.Errorf("missing login credentials apilogin or apipassword")
+	}
+	api.client.SetCredentials(api.APILogin, api.APIPassword, "")
+	return api, nil
+}
+
+func newReg(conf map[string]string) (providers.Registrar, error) {
+	return newProvider(conf)
+}
+
+func newDsp(conf map[string]string, meta json.RawMessage) (providers.DNSServiceProvider, error) {
+	return newProvider(conf)
+}
+
+func init() {
+	providers.RegisterRegistrarType("HEXONET", newReg)
+	providers.RegisterDomainServiceProviderType("HEXONET", newDsp, features)
+}