From 6a0a788d358a562019721f69c13e75458f04e9eb Mon Sep 17 00:00:00 2001 From: schou Date: Tue, 5 Dec 2023 14:05:19 -0500 Subject: [PATCH 1/7] add --no-email for disabling email in ACME query Signed-off-by: schou --- cmd/accounts_storage.go | 13 +++++++++---- cmd/flags.go | 6 ++++++ docs/data/zz_cli_help.toml | 1 + 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/cmd/accounts_storage.go b/cmd/accounts_storage.go index 05cd23722c..beffa86dd6 100644 --- a/cmd/accounts_storage.go +++ b/cmd/accounts_storage.go @@ -68,8 +68,13 @@ type AccountsStorage struct { // NewAccountsStorage Creates a new AccountsStorage. func NewAccountsStorage(ctx *cli.Context) *AccountsStorage { - // TODO: move to account struct? Currently MUST pass email. - email := getEmail(ctx) + var userID string + if ctx.IsSet("no-email") { + userID = "default" + } else { + // TODO: move to account struct? + userID = getEmail(ctx) + } serverURL, err := url.Parse(ctx.String("server")) if err != nil { @@ -79,10 +84,10 @@ func NewAccountsStorage(ctx *cli.Context) *AccountsStorage { rootPath := filepath.Join(ctx.String("path"), baseAccountsRootFolderName) serverPath := strings.NewReplacer(":", "_", "/", string(os.PathSeparator)).Replace(serverURL.Host) accountsPath := filepath.Join(rootPath, serverPath) - rootUserPath := filepath.Join(accountsPath, email) + rootUserPath := filepath.Join(accountsPath, userID) return &AccountsStorage{ - userID: email, + userID: userID, rootPath: rootPath, rootUserPath: rootUserPath, keysPath: filepath.Join(rootUserPath, baseKeysFolderName), diff --git a/cmd/flags.go b/cmd/flags.go index b014a1ff2d..247f35018e 100644 --- a/cmd/flags.go +++ b/cmd/flags.go @@ -31,6 +31,12 @@ func CreateFlags(defaultPath string) []cli.Flag { Aliases: []string{"m"}, Usage: "Email used for registration and recovery contact.", }, + &cli.BoolFlag{ + Name: "no-email", + Aliases: []string{"M"}, + EnvVars: []string{"LEGO_NO_EMAIL"}, + Usage: "Create an ACME request not including an email address.", + }, &cli.StringFlag{ Name: "csr", Aliases: []string{"c"}, diff --git a/docs/data/zz_cli_help.toml b/docs/data/zz_cli_help.toml index f082a80ac1..3a86e56c8b 100644 --- a/docs/data/zz_cli_help.toml +++ b/docs/data/zz_cli_help.toml @@ -23,6 +23,7 @@ GLOBAL OPTIONS: --server value, -s value CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client. (default: "https://acme-v02.api.letsencrypt.org/directory") --accept-tos, -a By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service. (default: false) --email value, -m value Email used for registration and recovery contact. + --no-email, -M Create an ACME request not including an email address. (default: false) [$LEGO_NO_EMAIL] --csr value, -c value Certificate signing request filename, if an external CSR is to be used. --eab Use External Account Binding for account registration. Requires --kid and --hmac. (default: false) [$LEGO_EAB] --kid value Key identifier from External CA. Used for External Account Binding. [$LEGO_EAB_KID] From 0bae2c95b57d96af9ce6ef081c15e7119e2d3853 Mon Sep 17 00:00:00 2001 From: schou Date: Tue, 5 Dec 2023 14:14:18 -0500 Subject: [PATCH 2/7] update error message for helpful hint Signed-off-by: schou --- cmd/setup.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/setup.go b/cmd/setup.go index e07a878003..c4b5e49c8e 100644 --- a/cmd/setup.go +++ b/cmd/setup.go @@ -84,7 +84,7 @@ func getKeyType(ctx *cli.Context) certcrypto.KeyType { func getEmail(ctx *cli.Context) string { email := ctx.String("email") if email == "" { - log.Fatal("You have to pass an account (email address) to the program using --email or -m") + log.Fatal("You have to pass an account (email address) to the program using --email or -m, or use --no-email to disable including an email in the ACME request.") } return email } From e5f135c756b5d9c9779432389f971271915ee8fb Mon Sep 17 00:00:00 2001 From: schou Date: Tue, 5 Dec 2023 14:20:45 -0500 Subject: [PATCH 3/7] wording Signed-off-by: schou --- cmd/flags.go | 2 +- docs/data/zz_cli_help.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/flags.go b/cmd/flags.go index 247f35018e..5ec8c626ae 100644 --- a/cmd/flags.go +++ b/cmd/flags.go @@ -35,7 +35,7 @@ func CreateFlags(defaultPath string) []cli.Flag { Name: "no-email", Aliases: []string{"M"}, EnvVars: []string{"LEGO_NO_EMAIL"}, - Usage: "Create an ACME request not including an email address.", + Usage: "Create an ACME request without including an email address.", }, &cli.StringFlag{ Name: "csr", diff --git a/docs/data/zz_cli_help.toml b/docs/data/zz_cli_help.toml index 3a86e56c8b..3317060f33 100644 --- a/docs/data/zz_cli_help.toml +++ b/docs/data/zz_cli_help.toml @@ -23,7 +23,7 @@ GLOBAL OPTIONS: --server value, -s value CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client. (default: "https://acme-v02.api.letsencrypt.org/directory") --accept-tos, -a By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service. (default: false) --email value, -m value Email used for registration and recovery contact. - --no-email, -M Create an ACME request not including an email address. (default: false) [$LEGO_NO_EMAIL] + --no-email, -M Create an ACME request without including an email address. (default: false) [$LEGO_NO_EMAIL] --csr value, -c value Certificate signing request filename, if an external CSR is to be used. --eab Use External Account Binding for account registration. Requires --kid and --hmac. (default: false) [$LEGO_EAB] --kid value Key identifier from External CA. Used for External Account Binding. [$LEGO_EAB_KID] From 504497e345b44d36f0a42dc1be474e206215e5b2 Mon Sep 17 00:00:00 2001 From: schou Date: Tue, 5 Dec 2023 14:23:29 -0500 Subject: [PATCH 4/7] usage helpful hint Signed-off-by: schou --- cmd/setup.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/setup.go b/cmd/setup.go index c4b5e49c8e..f83325b189 100644 --- a/cmd/setup.go +++ b/cmd/setup.go @@ -84,7 +84,7 @@ func getKeyType(ctx *cli.Context) certcrypto.KeyType { func getEmail(ctx *cli.Context) string { email := ctx.String("email") if email == "" { - log.Fatal("You have to pass an account (email address) to the program using --email or -m, or use --no-email to disable including an email in the ACME request.") + log.Fatal("You have to pass an account (email address) to the program using --email or -m, or use --no-email or -M to disable including an email in the ACME request.") } return email } From 51ef22a6c24d3172b165b287a962ac1828a11c66 Mon Sep 17 00:00:00 2001 From: schou Date: Wed, 6 Dec 2023 07:59:56 -0500 Subject: [PATCH 5/7] return empty string if no-email is set Signed-off-by: schou --- cmd/accounts_storage.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/cmd/accounts_storage.go b/cmd/accounts_storage.go index beffa86dd6..bc897522d3 100644 --- a/cmd/accounts_storage.go +++ b/cmd/accounts_storage.go @@ -58,6 +58,7 @@ const ( // │ └── root accounts directory // └── "path" option type AccountsStorage struct { + noEmail bool userID string rootPath string rootUserPath string @@ -69,7 +70,8 @@ type AccountsStorage struct { // NewAccountsStorage Creates a new AccountsStorage. func NewAccountsStorage(ctx *cli.Context) *AccountsStorage { var userID string - if ctx.IsSet("no-email") { + noEmail := ctx.IsSet("no-email") + if noEmail { userID = "default" } else { // TODO: move to account struct? @@ -87,6 +89,7 @@ func NewAccountsStorage(ctx *cli.Context) *AccountsStorage { rootUserPath := filepath.Join(accountsPath, userID) return &AccountsStorage{ + noEmail: noEmail, userID: userID, rootPath: rootPath, rootUserPath: rootUserPath, @@ -115,6 +118,9 @@ func (s *AccountsStorage) GetRootUserPath() string { } func (s *AccountsStorage) GetUserID() string { + if s.noEmail { + return "" + } return s.userID } From 73562549eaef7c4344e105c5eec43bd53ce43d07 Mon Sep 17 00:00:00 2001 From: usarise <7043681+usarise@users.noreply.github.com> Date: Tue, 15 Oct 2024 11:34:28 +0700 Subject: [PATCH 6/7] fix for https://github.com/go-acme/lego/pull/2283 --- cmd/accounts_storage.go | 2 +- cmd/flags.go | 3 ++- cmd/setup.go | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/cmd/accounts_storage.go b/cmd/accounts_storage.go index 27d409317b..95da37c9d2 100644 --- a/cmd/accounts_storage.go +++ b/cmd/accounts_storage.go @@ -70,7 +70,7 @@ type AccountsStorage struct { // NewAccountsStorage Creates a new AccountsStorage. func NewAccountsStorage(ctx *cli.Context) *AccountsStorage { var userID string - noEmail := ctx.IsSet("no-email") + noEmail := ctx.IsSet(flgNoEmail) if noEmail { userID = "default" } else { diff --git a/cmd/flags.go b/cmd/flags.go index e7a84990bf..e1f09bf46f 100644 --- a/cmd/flags.go +++ b/cmd/flags.go @@ -16,6 +16,7 @@ const ( flgServer = "server" flgAcceptTOS = "accept-tos" flgEmail = "email" + flgNoEmail = "no-email" flgCSR = "csr" flgEAB = "eab" flgKID = "kid" @@ -73,7 +74,7 @@ func CreateFlags(defaultPath string) []cli.Flag { Usage: "Email used for registration and recovery contact.", }, &cli.BoolFlag{ - Name: "no-email", + Name: flgNoEmail, Aliases: []string{"M"}, EnvVars: []string{"LEGO_NO_EMAIL"}, Usage: "Create an ACME request without including an email address.", diff --git a/cmd/setup.go b/cmd/setup.go index 00a7f2f2cb..84a1e36ea9 100644 --- a/cmd/setup.go +++ b/cmd/setup.go @@ -85,7 +85,7 @@ func getKeyType(ctx *cli.Context) certcrypto.KeyType { func getEmail(ctx *cli.Context) string { email := ctx.String(flgEmail) if email == "" { - log.Fatalf("You have to pass an account (email address) to the program using --%s or -m", flgEmail) + log.Fatalf("You have to pass an account (email address) to the program using --%s or -m, or use --%s or -M to disable including an email in the ACME request.", flgEmail, flgNoEmail) } return email } From 73423897c37b28616242554f650419c7686b021b Mon Sep 17 00:00:00 2001 From: usarise Date: Wed, 13 Nov 2024 06:47:34 +0700 Subject: [PATCH 7/7] up to v4.20.2+ (#2) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * volcengine: set API information within the default configuration (#2308) Co-authored-by: Fernandez Ludovic * limacity: fix error message (#2310) * Add DNS provider for Core-Networks (#2101) * chore: update readme generator (#2311) * chore: fix readme generator (#2312) * chore: embed templates for internal commands (#2314) * chore: improve internal release command (#2315) * fix: parse printf verbs in log line output (#2317) * Add DNS provider for Regfish (#2320) * chore: update dependencies (#2321) * selectelv2: fix non-ASCII domain (#2322) Co-authored-by: Fernandez Ludovic * brandit: provider deprecation (#2116) * cloudxns: provider deprecation (#2324) * chore: update issue templates * docs: use homogenous examples (#2328) * regru: update authentication method (#2325) * rfc2136: add support for tsig-keygen generated file (#2330) Co-authored-by: Dominik Menke * Add DNS provider for Technitium (#2332) * feat: skip the TLS verification of the ACME server (#2335) * docs: add documentation for env var only options (#2337) * docs: update least privilege instructions for Cloudflare (#2339) * feat: attempt to check ARI unless explicitly disabled (#2298) Co-authored-by: Fernandez Ludovic * chore: domain merge simplification (#2340) * chore: update linter (#2341) * Prepare release v4.20.0 * Detach v4.20.0 * Prepare release v4.20.1 * Detach v4.20.1 * Prepare release v4.20.2 * Detach v4.20.2 * fix: HTTP server IPv6 matching (#2345) * docs: improve changelog style (#2346) * docs: fix typos --------- Co-authored-by: 刘瑞斌 Co-authored-by: Fernandez Ludovic Co-authored-by: Dominik Menke Co-authored-by: Frederic Hemberger Co-authored-by: Artem Chirkov <45077592+Archirk@users.noreply.github.com> Co-authored-by: Maksim Kamanin <79706809+tcaty@users.noreply.github.com> Co-authored-by: Dominik Menke Co-authored-by: Josh McKinney Co-authored-by: Samantha Frank --- .github/ISSUE_TEMPLATE/bug_report.yml | 1 + .github/ISSUE_TEMPLATE/feature_request.yml | 1 + .github/ISSUE_TEMPLATE/new_dns_provider.yml | 2 + .github/workflows/pr.yml | 2 +- .github/workflows/release.yml | 2 +- .golangci.yml | 6 +- .goreleaser.yml | 6 +- CHANGELOG.md | 485 +++++++++++------- Makefile | 8 +- README.md | 218 ++++++-- acme/api/internal/sender/useragent.go | 4 +- challenge/http01/domain_matcher.go | 20 +- challenge/http01/domain_matcher_test.go | 55 +- challenge/http01/http_challenge_server.go | 24 +- cmd/cmd_renew.go | 55 +- cmd/flags.go | 5 + cmd/lego/main.go | 4 +- cmd/lego/zz_gen_version.go | 15 + cmd/setup.go | 8 + cmd/setup_challenges.go | 2 +- cmd/zz_gen_cmd_dnshelp.go | 77 ++- docs/content/dns/zz_gen_acme-dns.md | 2 +- docs/content/dns/zz_gen_alidns.md | 4 +- docs/content/dns/zz_gen_allinkl.md | 2 +- docs/content/dns/zz_gen_arvancloud.md | 2 +- docs/content/dns/zz_gen_auroradns.md | 2 +- docs/content/dns/zz_gen_autodns.md | 2 +- docs/content/dns/zz_gen_azuredns.md | 10 +- docs/content/dns/zz_gen_bindman.md | 2 +- docs/content/dns/zz_gen_bluecat.md | 2 +- docs/content/dns/zz_gen_brandit.md | 11 +- docs/content/dns/zz_gen_bunny.md | 2 +- docs/content/dns/zz_gen_checkdomain.md | 2 +- docs/content/dns/zz_gen_civo.md | 2 +- docs/content/dns/zz_gen_clouddns.md | 2 +- docs/content/dns/zz_gen_cloudflare.md | 7 +- docs/content/dns/zz_gen_cloudns.md | 2 +- docs/content/dns/zz_gen_cloudru.md | 2 +- docs/content/dns/zz_gen_cloudxns.md | 13 +- docs/content/dns/zz_gen_conoha.md | 2 +- docs/content/dns/zz_gen_constellix.md | 2 +- docs/content/dns/zz_gen_corenetworks.md | 70 +++ docs/content/dns/zz_gen_cpanel.md | 4 +- docs/content/dns/zz_gen_derak.md | 2 +- docs/content/dns/zz_gen_desec.md | 2 +- docs/content/dns/zz_gen_designate.md | 6 +- docs/content/dns/zz_gen_digitalocean.md | 2 +- docs/content/dns/zz_gen_directadmin.md | 2 +- docs/content/dns/zz_gen_dnshomede.md | 6 +- docs/content/dns/zz_gen_dnsimple.md | 2 +- docs/content/dns/zz_gen_dnsmadeeasy.md | 2 +- docs/content/dns/zz_gen_dnspod.md | 2 +- docs/content/dns/zz_gen_dode.md | 2 +- docs/content/dns/zz_gen_domeneshop.md | 2 +- docs/content/dns/zz_gen_dreamhost.md | 2 +- docs/content/dns/zz_gen_duckdns.md | 2 +- docs/content/dns/zz_gen_dyn.md | 2 +- docs/content/dns/zz_gen_dynu.md | 2 +- docs/content/dns/zz_gen_easydns.md | 6 +- docs/content/dns/zz_gen_edgedns.md | 2 +- docs/content/dns/zz_gen_efficientip.md | 2 +- docs/content/dns/zz_gen_epik.md | 2 +- docs/content/dns/zz_gen_exec.md | 10 +- docs/content/dns/zz_gen_exoscale.md | 2 +- docs/content/dns/zz_gen_freemyip.md | 2 +- docs/content/dns/zz_gen_gandi.md | 2 +- docs/content/dns/zz_gen_gandiv5.md | 2 +- docs/content/dns/zz_gen_gcloud.md | 9 +- docs/content/dns/zz_gen_gcore.md | 2 +- docs/content/dns/zz_gen_glesys.md | 2 +- docs/content/dns/zz_gen_godaddy.md | 2 +- docs/content/dns/zz_gen_googledomains.md | 2 +- docs/content/dns/zz_gen_hetzner.md | 2 +- docs/content/dns/zz_gen_hostingde.md | 2 +- docs/content/dns/zz_gen_hosttech.md | 2 +- docs/content/dns/zz_gen_httpnet.md | 2 +- docs/content/dns/zz_gen_httpreq.md | 2 +- docs/content/dns/zz_gen_huaweicloud.md | 2 +- docs/content/dns/zz_gen_hurricane.md | 4 +- docs/content/dns/zz_gen_hyperone.md | 2 +- docs/content/dns/zz_gen_ibmcloud.md | 2 +- docs/content/dns/zz_gen_iij.md | 2 +- docs/content/dns/zz_gen_iijdpf.md | 2 +- docs/content/dns/zz_gen_infoblox.md | 2 +- docs/content/dns/zz_gen_infomaniak.md | 2 +- docs/content/dns/zz_gen_internetbs.md | 2 +- docs/content/dns/zz_gen_inwx.md | 4 +- docs/content/dns/zz_gen_ionos.md | 2 +- docs/content/dns/zz_gen_ipv64.md | 2 +- docs/content/dns/zz_gen_iwantmyname.md | 2 +- docs/content/dns/zz_gen_joker.md | 6 +- docs/content/dns/zz_gen_liara.md | 2 +- docs/content/dns/zz_gen_limacity.md | 2 +- docs/content/dns/zz_gen_linode.md | 2 +- docs/content/dns/zz_gen_liquidweb.md | 2 +- docs/content/dns/zz_gen_loopia.md | 2 +- docs/content/dns/zz_gen_luadns.md | 2 +- docs/content/dns/zz_gen_mailinabox.md | 2 +- docs/content/dns/zz_gen_metaname.md | 2 +- docs/content/dns/zz_gen_mijnhost.md | 2 +- docs/content/dns/zz_gen_mittwald.md | 2 +- docs/content/dns/zz_gen_mydnsjp.md | 2 +- docs/content/dns/zz_gen_mythicbeasts.md | 2 +- docs/content/dns/zz_gen_namecheap.md | 2 +- docs/content/dns/zz_gen_namedotcom.md | 2 +- docs/content/dns/zz_gen_namesilo.md | 2 +- docs/content/dns/zz_gen_nearlyfreespeech.md | 2 +- docs/content/dns/zz_gen_netcup.md | 2 +- docs/content/dns/zz_gen_netlify.md | 2 +- docs/content/dns/zz_gen_nicmanager.md | 4 +- docs/content/dns/zz_gen_nifcloud.md | 2 +- docs/content/dns/zz_gen_njalla.md | 2 +- docs/content/dns/zz_gen_nodion.md | 2 +- docs/content/dns/zz_gen_ns1.md | 2 +- docs/content/dns/zz_gen_oraclecloud.md | 2 +- docs/content/dns/zz_gen_ovh.md | 6 +- docs/content/dns/zz_gen_pdns.md | 2 +- docs/content/dns/zz_gen_plesk.md | 2 +- docs/content/dns/zz_gen_porkbun.md | 2 +- docs/content/dns/zz_gen_rackspace.md | 2 +- docs/content/dns/zz_gen_rcodezero.md | 2 +- docs/content/dns/zz_gen_regfish.md | 68 +++ docs/content/dns/zz_gen_regru.md | 2 +- docs/content/dns/zz_gen_rfc2136.md | 19 +- docs/content/dns/zz_gen_rimuhosting.md | 2 +- docs/content/dns/zz_gen_route53.md | 2 +- docs/content/dns/zz_gen_safedns.md | 2 +- docs/content/dns/zz_gen_sakuracloud.md | 2 +- docs/content/dns/zz_gen_scaleway.md | 2 +- docs/content/dns/zz_gen_selectel.md | 2 +- docs/content/dns/zz_gen_selectelv2.md | 10 +- docs/content/dns/zz_gen_selfhostde.md | 2 +- docs/content/dns/zz_gen_servercow.md | 2 +- docs/content/dns/zz_gen_shellrent.md | 2 +- docs/content/dns/zz_gen_simply.md | 2 +- docs/content/dns/zz_gen_sonic.md | 2 +- docs/content/dns/zz_gen_stackpath.md | 2 +- docs/content/dns/zz_gen_technitium.md | 74 +++ docs/content/dns/zz_gen_tencentcloud.md | 2 +- docs/content/dns/zz_gen_timewebcloud.md | 2 +- docs/content/dns/zz_gen_transip.md | 2 +- docs/content/dns/zz_gen_ultradns.md | 2 +- docs/content/dns/zz_gen_variomedia.md | 2 +- docs/content/dns/zz_gen_vercel.md | 2 +- docs/content/dns/zz_gen_versio.md | 2 +- docs/content/dns/zz_gen_vinyldns.md | 2 +- docs/content/dns/zz_gen_vkcloud.md | 2 +- docs/content/dns/zz_gen_volcengine.md | 2 +- docs/content/dns/zz_gen_vscale.md | 2 +- docs/content/dns/zz_gen_vultr.md | 2 +- docs/content/dns/zz_gen_webnames.md | 2 +- docs/content/dns/zz_gen_websupport.md | 2 +- docs/content/dns/zz_gen_wedos.md | 2 +- docs/content/dns/zz_gen_yandex.md | 2 +- docs/content/dns/zz_gen_yandex360.md | 2 +- docs/content/dns/zz_gen_yandexcloud.md | 4 +- docs/content/dns/zz_gen_zoneee.md | 2 +- docs/content/dns/zz_gen_zonomi.md | 2 +- .../content/usage/cli/Obtain-a-Certificate.md | 7 +- docs/content/usage/cli/Options.md | 57 ++ docs/data/zz_cli_help.toml | 5 +- go.mod | 112 ++-- go.sum | 259 +++++----- internal/dns/docs/generator.go | 132 ++--- internal/dns/docs/{ => templates}/dns.go.tmpl | 0 internal/dns/docs/{ => templates}/dns.md.tmpl | 0 internal/dns/docs/templates/readme.md.tmpl | 11 + internal/dns/providers/generator.go | 23 +- internal/releaser/generator.go | 84 +++ internal/releaser/releaser.go | 183 +++++++ .../templates/dns.go.tmpl} | 9 +- .../templates/sender.go.tmpl} | 10 +- internal/releaser/templates/version.go.tmpl | 15 + internal/useragent/generator.go | 170 ------ internal/useragent/main.go | 84 --- providers/dns/acmedns/acmedns.toml | 2 +- providers/dns/alidns/alidns.toml | 4 +- providers/dns/allinkl/allinkl.toml | 2 +- providers/dns/arvancloud/arvancloud.toml | 2 +- providers/dns/auroradns/auroradns.toml | 2 +- providers/dns/auroradns/auroradns_test.go | 2 +- providers/dns/autodns/autodns.toml | 2 +- providers/dns/azuredns/azuredns.toml | 10 +- providers/dns/bindman/bindman.toml | 2 +- providers/dns/bluecat/bluecat.toml | 2 +- providers/dns/brandit/brandit.toml | 11 +- providers/dns/bunny/bunny.toml | 2 +- providers/dns/checkdomain/checkdomain.toml | 2 +- providers/dns/civo/civo.toml | 2 +- providers/dns/clouddns/clouddns.toml | 2 +- providers/dns/cloudflare/cloudflare.toml | 7 +- providers/dns/cloudns/cloudns.toml | 2 +- providers/dns/cloudru/cloudru.toml | 2 +- providers/dns/cloudxns/cloudxns.go | 87 +--- providers/dns/cloudxns/cloudxns.toml | 13 +- providers/dns/cloudxns/internal/client.go | 221 -------- .../dns/cloudxns/internal/client_test.go | 292 ----------- providers/dns/cloudxns/internal/types.go | 28 - providers/dns/conoha/conoha.toml | 2 +- providers/dns/constellix/constellix.toml | 2 +- providers/dns/corenetworks/corenetworks.go | 181 +++++++ providers/dns/corenetworks/corenetworks.toml | 25 + .../dns/corenetworks/corenetworks_test.go | 132 +++++ providers/dns/corenetworks/internal/client.go | 214 ++++++++ .../dns/corenetworks/internal/client_test.go | 214 ++++++++ .../internal/fixtures/GetZoneDetails.json | 8 + .../internal/fixtures/ListRecords.json | 20 + .../internal/fixtures/ListZone.json | 10 + .../corenetworks/internal/fixtures/auth.json | 4 + .../dns/corenetworks/internal/identity.go | 49 ++ providers/dns/corenetworks/internal/types.go | 37 ++ providers/dns/cpanel/cpanel.toml | 4 +- providers/dns/derak/derak.toml | 2 +- providers/dns/desec/desec.toml | 2 +- providers/dns/designate/designate.toml | 6 +- providers/dns/digitalocean/digitalocean.toml | 2 +- providers/dns/directadmin/directadmin.toml | 2 +- providers/dns/dnshomede/dnshomede.toml | 6 +- providers/dns/dnsimple/dnsimple.toml | 2 +- providers/dns/dnsmadeeasy/dnsmadeeasy.toml | 2 +- providers/dns/dnspod/dnspod.toml | 2 +- providers/dns/dode/dode.toml | 2 +- providers/dns/domeneshop/domeneshop.toml | 2 +- providers/dns/dreamhost/dreamhost.toml | 2 +- providers/dns/duckdns/duckdns.toml | 2 +- providers/dns/dyn/dyn.toml | 2 +- providers/dns/dynu/dynu.toml | 2 +- providers/dns/easydns/easydns.toml | 6 +- providers/dns/edgedns/edgedns.toml | 2 +- providers/dns/efficientip/efficientip.toml | 2 +- providers/dns/epik/epik.toml | 2 +- providers/dns/exec/exec.toml | 10 +- providers/dns/exoscale/exoscale.toml | 2 +- providers/dns/freemyip/freemyip.toml | 2 +- providers/dns/gandi/gandi.toml | 2 +- providers/dns/gandiv5/gandiv5.toml | 2 +- providers/dns/gcloud/gcloud.toml | 9 +- providers/dns/gcore/gcore.toml | 2 +- providers/dns/glesys/glesys.toml | 2 +- providers/dns/godaddy/godaddy.toml | 2 +- .../dns/googledomains/googledomains.toml | 2 +- providers/dns/hetzner/hetzner.toml | 2 +- providers/dns/hostingde/hostingde.toml | 2 +- providers/dns/hosttech/hosttech.toml | 2 +- providers/dns/httpnet/httpnet.toml | 2 +- providers/dns/httpreq/httpreq.toml | 2 +- providers/dns/huaweicloud/huaweicloud.toml | 2 +- providers/dns/hurricane/hurricane.toml | 4 +- providers/dns/hyperone/hyperone.toml | 2 +- providers/dns/ibmcloud/ibmcloud.toml | 2 +- providers/dns/iij/iij.toml | 2 +- providers/dns/iijdpf/iijdpf.toml | 2 +- providers/dns/infoblox/infoblox.toml | 2 +- providers/dns/infomaniak/infomaniak.toml | 2 +- providers/dns/internal/useragent/useragent.go | 4 +- providers/dns/internetbs/internetbs.toml | 2 +- providers/dns/inwx/inwx.toml | 4 +- providers/dns/ionos/ionos.toml | 2 +- providers/dns/ipv64/ipv64.toml | 2 +- providers/dns/iwantmyname/iwantmyname.toml | 2 +- providers/dns/joker/joker.toml | 6 +- providers/dns/liara/liara.toml | 2 +- providers/dns/limacity/limacity.go | 2 +- providers/dns/limacity/limacity.toml | 2 +- providers/dns/linode/linode.toml | 2 +- providers/dns/liquidweb/liquidweb.toml | 2 +- providers/dns/loopia/loopia.toml | 2 +- providers/dns/luadns/luadns.toml | 2 +- providers/dns/mailinabox/mailinabox.toml | 2 +- providers/dns/metaname/metaname.toml | 2 +- providers/dns/mijnhost/mijnhost.toml | 2 +- providers/dns/mittwald/mittwald.toml | 2 +- providers/dns/mydnsjp/mydnsjp.toml | 2 +- providers/dns/mythicbeasts/mythicbeasts.toml | 2 +- providers/dns/namecheap/namecheap.toml | 2 +- providers/dns/namedotcom/namedotcom.toml | 2 +- providers/dns/namesilo/namesilo.toml | 2 +- .../nearlyfreespeech/nearlyfreespeech.toml | 2 +- providers/dns/netcup/netcup.toml | 2 +- providers/dns/netlify/netlify.toml | 2 +- providers/dns/nicmanager/nicmanager.toml | 4 +- providers/dns/nifcloud/nifcloud.toml | 2 +- providers/dns/njalla/njalla.toml | 2 +- providers/dns/nodion/nodion.toml | 2 +- providers/dns/ns1/ns1.toml | 2 +- providers/dns/oraclecloud/oraclecloud.toml | 2 +- providers/dns/ovh/ovh.toml | 6 +- providers/dns/pdns/pdns.toml | 2 +- providers/dns/plesk/plesk.toml | 2 +- providers/dns/porkbun/porkbun.toml | 2 +- providers/dns/rackspace/rackspace.toml | 2 +- providers/dns/rcodezero/rcodezero.toml | 2 +- providers/dns/regfish/regfish.go | 143 ++++++ providers/dns/regfish/regfish.toml | 23 + providers/dns/regfish/regfish_test.go | 113 ++++ providers/dns/regru/internal/client.go | 7 +- providers/dns/regru/regru.toml | 2 +- .../internal/fixtures/invalid_field.conf | 4 + .../internal/fixtures/invalid_key.conf | 4 + .../internal/fixtures/mising_algo.conf | 3 + .../internal/fixtures/missing_secret.conf | 3 + .../dns/rfc2136/internal/fixtures/sample.conf | 4 + .../rfc2136/internal/fixtures/text_after.conf | 9 + .../internal/fixtures/text_before.conf | 8 + providers/dns/rfc2136/internal/readme.md | 10 + providers/dns/rfc2136/internal/tsigkey.go | 89 ++++ .../dns/rfc2136/internal/tsigkey_test.go | 95 ++++ providers/dns/rfc2136/rfc2136.go | 60 ++- providers/dns/rfc2136/rfc2136.toml | 19 +- providers/dns/rfc2136/rfc2136_test.go | 137 +++++ providers/dns/rimuhosting/rimuhosting.toml | 2 +- providers/dns/route53/route53.toml | 2 +- providers/dns/safedns/safedns.toml | 2 +- providers/dns/sakuracloud/sakuracloud.toml | 2 +- providers/dns/scaleway/scaleway.toml | 2 +- providers/dns/selectel/selectel.toml | 2 +- providers/dns/selectelv2/selectelv2.go | 21 +- providers/dns/selectelv2/selectelv2.toml | 10 +- providers/dns/selfhostde/selfhostde.toml | 2 +- providers/dns/servercow/servercow.toml | 2 +- providers/dns/shellrent/shellrent.toml | 2 +- providers/dns/simply/simply.toml | 2 +- providers/dns/sonic/sonic.toml | 2 +- providers/dns/stackpath/stackpath.toml | 2 +- providers/dns/technitium/internal/client.go | 158 ++++++ .../dns/technitium/internal/client_test.go | 105 ++++ .../internal/fixtures/add-record.json | 23 + .../internal/fixtures/delete-record.json | 4 + .../technitium/internal/fixtures/error.json | 6 + providers/dns/technitium/internal/types.go | 48 ++ providers/dns/technitium/technitium.go | 133 +++++ providers/dns/technitium/technitium.toml | 33 ++ .../technitium_test.go} | 73 ++- providers/dns/tencentcloud/tencentcloud.toml | 2 +- providers/dns/timewebcloud/timewebcloud.toml | 2 +- providers/dns/transip/transip.toml | 2 +- providers/dns/ultradns/ultradns.toml | 2 +- providers/dns/variomedia/variomedia.toml | 2 +- providers/dns/vercel/vercel.toml | 2 +- providers/dns/versio/versio.toml | 2 +- providers/dns/vinyldns/vinyldns.toml | 2 +- providers/dns/vkcloud/vkcloud.toml | 2 +- providers/dns/volcengine/volcengine.go | 7 +- providers/dns/volcengine/volcengine.toml | 2 +- providers/dns/vscale/vscale.toml | 2 +- providers/dns/vultr/vultr.toml | 2 +- providers/dns/webnames/webnames.toml | 2 +- providers/dns/websupport/websupport.toml | 2 +- providers/dns/wedos/wedos.toml | 2 +- providers/dns/yandex/yandex.toml | 2 +- providers/dns/yandex360/yandex360.toml | 2 +- providers/dns/yandexcloud/yandexcloud.toml | 4 +- providers/dns/zoneee/zoneee.toml | 2 +- providers/dns/zonomi/zonomi.toml | 2 +- providers/dns/zz_gen_dns_providers.go | 9 + 355 files changed, 4074 insertions(+), 1907 deletions(-) create mode 100644 cmd/lego/zz_gen_version.go create mode 100644 docs/content/dns/zz_gen_corenetworks.md create mode 100644 docs/content/dns/zz_gen_regfish.md create mode 100644 docs/content/dns/zz_gen_technitium.md rename internal/dns/docs/{ => templates}/dns.go.tmpl (100%) rename internal/dns/docs/{ => templates}/dns.md.tmpl (100%) create mode 100644 internal/dns/docs/templates/readme.md.tmpl create mode 100644 internal/releaser/generator.go create mode 100644 internal/releaser/releaser.go rename internal/{useragent/data_dns.go => releaser/templates/dns.go.tmpl} (77%) rename internal/{useragent/data_sender.go => releaser/templates/sender.go.tmpl} (64%) create mode 100644 internal/releaser/templates/version.go.tmpl delete mode 100644 internal/useragent/generator.go delete mode 100644 internal/useragent/main.go delete mode 100644 providers/dns/cloudxns/internal/client.go delete mode 100644 providers/dns/cloudxns/internal/client_test.go delete mode 100644 providers/dns/cloudxns/internal/types.go create mode 100644 providers/dns/corenetworks/corenetworks.go create mode 100644 providers/dns/corenetworks/corenetworks.toml create mode 100644 providers/dns/corenetworks/corenetworks_test.go create mode 100644 providers/dns/corenetworks/internal/client.go create mode 100644 providers/dns/corenetworks/internal/client_test.go create mode 100644 providers/dns/corenetworks/internal/fixtures/GetZoneDetails.json create mode 100644 providers/dns/corenetworks/internal/fixtures/ListRecords.json create mode 100644 providers/dns/corenetworks/internal/fixtures/ListZone.json create mode 100644 providers/dns/corenetworks/internal/fixtures/auth.json create mode 100644 providers/dns/corenetworks/internal/identity.go create mode 100644 providers/dns/corenetworks/internal/types.go create mode 100644 providers/dns/regfish/regfish.go create mode 100644 providers/dns/regfish/regfish.toml create mode 100644 providers/dns/regfish/regfish_test.go create mode 100644 providers/dns/rfc2136/internal/fixtures/invalid_field.conf create mode 100644 providers/dns/rfc2136/internal/fixtures/invalid_key.conf create mode 100644 providers/dns/rfc2136/internal/fixtures/mising_algo.conf create mode 100644 providers/dns/rfc2136/internal/fixtures/missing_secret.conf create mode 100644 providers/dns/rfc2136/internal/fixtures/sample.conf create mode 100644 providers/dns/rfc2136/internal/fixtures/text_after.conf create mode 100644 providers/dns/rfc2136/internal/fixtures/text_before.conf create mode 100644 providers/dns/rfc2136/internal/readme.md create mode 100644 providers/dns/rfc2136/internal/tsigkey.go create mode 100644 providers/dns/rfc2136/internal/tsigkey_test.go create mode 100644 providers/dns/technitium/internal/client.go create mode 100644 providers/dns/technitium/internal/client_test.go create mode 100644 providers/dns/technitium/internal/fixtures/add-record.json create mode 100644 providers/dns/technitium/internal/fixtures/delete-record.json create mode 100644 providers/dns/technitium/internal/fixtures/error.json create mode 100644 providers/dns/technitium/internal/types.go create mode 100644 providers/dns/technitium/technitium.go create mode 100644 providers/dns/technitium/technitium.toml rename providers/dns/{cloudxns/cloudxns_test.go => technitium/technitium_test.go} (60%) diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml index c837447f2c..a4d077e5a7 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -42,6 +42,7 @@ body: - Through Caddy - Through Terraform ACME provider - Through Bitnami + - Through 1Panel - Through Zoraxy - Other validations: diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml index 93f620cb97..b4e264177b 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.yml +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -21,6 +21,7 @@ body: - Through Caddy - Through Terraform ACME provider - Through Bitnami + - Through 1Panel - Through Zoraxy - Other validations: diff --git a/.github/ISSUE_TEMPLATE/new_dns_provider.yml b/.github/ISSUE_TEMPLATE/new_dns_provider.yml index b4b5d8d538..2749836367 100644 --- a/.github/ISSUE_TEMPLATE/new_dns_provider.yml +++ b/.github/ISSUE_TEMPLATE/new_dns_provider.yml @@ -31,6 +31,8 @@ body: - Through Caddy - Through Terraform ACME provider - Through Bitnami + - Through 1Panel + - Through Zoraxy - Other validations: required: true diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 9406fe498c..d7404a6b83 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest env: GO_VERSION: stable - GOLANGCI_LINT_VERSION: v1.60.1 + GOLANGCI_LINT_VERSION: v1.62.0 HUGO_VERSION: 0.131.0 CGO_ENABLED: 0 LEGO_E2E_TESTS: CI diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 67b18b770c..60f36c452f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -64,7 +64,7 @@ jobs: # https://goreleaser.com/ci/actions/ - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v5 + uses: goreleaser/goreleaser-action@v6 with: version: latest args: release -p 1 --clean --timeout=90m diff --git a/.golangci.yml b/.golangci.yml index b280d83bf7..b3383969a7 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,11 +1,9 @@ linters: enable-all: true disable: - - gomnd # deprecated - cyclop # duplicate of gocyclo - sqlclosecheck # not relevant (SQL) - rowserrcheck # not relevant (SQL) - - execinquery # not relevant (SQL) - lll - gosec - dupl # not relevant @@ -255,6 +253,10 @@ issues: text: 'cyclomatic complexity 13 of func `\(\*DNSProvider\)\.CleanUp` is high' linters: - gocyclo + - path: providers/dns/servercow/internal/types.go + text: 'the methods of "Value" use pointer receiver and non-pointer receiver.' + linters: + - recvcheck # Those elements have been replaced by non-exposed structures. - path: providers/dns/linode/linode_test.go diff --git a/.goreleaser.yml b/.goreleaser.yml index 7084db9a32..6eada272a4 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -5,7 +5,7 @@ project_name: lego builds: - binary: lego - main: ./cmd/lego/main.go + main: ./cmd/lego/ env: - CGO_ENABLED=0 flags: @@ -14,9 +14,9 @@ builds: - -s -w -X main.version={{.Version}} goos: - - windows - - darwin - linux + - darwin + - windows - freebsd - openbsd - solaris diff --git a/CHANGELOG.md b/CHANGELOG.md index 74cbd431b5..c2952f39d8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,19 +1,55 @@ # Changelog -## [v4.19.2] - 2024-10-06 +## [v4.20.2](https://github.com/go-acme/lego/releases/tag/v4.20.2) (2024-11-11) + +### Added + +- **[dnsprovider]** Add DNS provider for Technitium +- **[dnsprovider]** Add DNS provider for Regfish +- **[dnsprovider]** Add DNS provider for Timeweb Cloud +- **[dnsprovider]** Add DNS provider for Volcano Engine +- **[dnsprovider]** Add DNS provider for Core-Networks +- **[dnsprovider]** rfc2136: add support for tsig-keygen generated file +- **[cli]** Add option to skip the TLS verification of the ACME server +- Add documentation for env var only options + +### Changed + +- **[cli,ari]** Attempt to check ARI unless explicitly disabled +- **[dnsprovider]** Improve propagation check error messages +- **[dnsprovider]** cloudxns: provider deprecation +- **[dnsprovider]** brandit: provider deprecation + +### Fixed + +- **[dnsprovider]** regru: update authentication method +- **[dnsprovider]** selectelv2: fix non-ASCII domain +- **[dnsprovider]** limacity: fix error message +- **[dnsprovider]** volcengine: set API information within the default configuration +- **[log]** Parse printf verbs in log line output + +## v4.20.1 (2024-11-11) + +Cancelled due to CI failure. + +## v4.20.0 (2024-11-11) + +Cancelled due to CI failure. + +## [v4.19.2](https://github.com/go-acme/lego/releases/tag/v4.19.2) (2024-10-06) ### Fixed - **[lib]** go1.22 compatibility -## [v4.19.1] - 2024-10-06 +## [v4.19.1](https://github.com/go-acme/lego/releases/tag/v4.19.1) (2024-10-06) ### Fixed - **[dnsprovider]** selectelv2: use baseURL from configuration - **[dnsprovider]** epik: add User-Agent -## [v4.19.0] - 2024-10-03 +## [v4.19.0](https://github.com/go-acme/lego/releases/tag/v4.19.0) (2024-10-03) ### Added @@ -35,7 +71,7 @@ - **[dnsprovider]** namesilo: restrict CleanUp - **[dnsprovider]** godaddy: fix cleanup -## [v4.18.0] - 2024-08-30 +## [v4.18.0](https://github.com/go-acme/lego/releases/tag/v4.18.0) (2024-08-30) ### Added @@ -57,13 +93,13 @@ - **[ari]** fix: avoid Int63n panic in ShouldRenewAt() -## [v4.17.4] - 2024-06-12 +## [v4.17.4](https://github.com/go-acme/lego/releases/tag/v4.17.4) (2024-06-12) ### Fixed - **[dnsprovider]** Update dependencies -## [v4.17.3] - 2024-05-28 +## [v4.17.3](https://github.com/go-acme/lego/releases/tag/v4.17.3) (2024-05-28) ### Added @@ -91,13 +127,13 @@ - **[dnsprovider]** pdns: reconstruct zone URLs to enable non-root folder API endpoints - **[dnsprovider]** alidns: fix link to API documentation -## [v4.17.2] - 2024-05-28 +## v4.17.2 (2024-05-28) Canceled due to a release failure related to Snapcraft. The Snapcraft release are disabled for now. -## [v4.17.1] - 2024-05-28 +## v4.17.1 (2024-05-28) Canceled due to a release failure related to oci-go-sdk. @@ -106,17 +142,17 @@ The module `github.com/oracle/oci-go-sdk/v65` uses `github.com/gofrs/flock` but Due to that we will remove the Solaris build. -## [v4.17.0] - 2024-05-28 +## v4.17.0 (2024-05-28) Canceled due to a release failure related to Snapcraft. -## [v4.16.1] - 2024-03-10 +## [v4.16.1](https://github.com/go-acme/lego/releases/tag/v4.16.1) (2024-03-10) ### Fixed - **[cli,ari]** fix: don't generate ARI cert ID if ARI is not enable -## [v4.16.0] - 2024-03-09 +## [v4.16.0](https://github.com/go-acme/lego/releases/tag/v4.16.0) (2024-03-09) ### Added @@ -137,7 +173,7 @@ Canceled due to a release failure related to Snapcraft. - **[dnsprovider]** easydns: fix zone detection - **[dnsprovider]** ns1: fix record creation -## [v4.15.0] - 2024-01-28 +## [v4.15.0](https://github.com/go-acme/lego/releases/tag/v4.15.0) (2024-01-28) ### Added @@ -175,7 +211,7 @@ Canceled due to a release failure related to Snapcraft. - **[dnsprovider]** nifcloud: fix API requests - **[dnsprovider]** otc: sequential challenge -## [v4.14.1] - 2023-09-20 +## [v4.14.1](https://github.com/go-acme/lego/releases/tag/v4.14.1) (2023-09-20) ### Fixed @@ -183,11 +219,11 @@ Canceled due to a release failure related to Snapcraft. - **[dnsprovider]** bunny: use NRDCG fork - **[dnsprovider]** ovh: update client to v1.4.2 -## [v4.14.1] - 2023-09-19 +## v4.14.1 (2023-09-19) Cancelled due to CI failure. -## [v4.14.0] - 2023-08-20 +## [v4.14.0](https://github.com/go-acme/lego/releases/tag/v4.14.0) (2023-08-20) ### Added @@ -206,20 +242,20 @@ Cancelled due to CI failure. - **[dnsprovider]** pdns: fix notify - **[dnsprovider]** route53: avoid unexpected records deletion -## [v4.13.3] - 2023-07-25 +## [v4.13.3](https://github.com/go-acme/lego/releases/tag/v4.13.3) (2023-07-25) ### Fixed - **[dnsprovider]** azuredns: fix configuration from env vars - **[dnsprovider]** gcore: change API domain -## [v4.13.2] - 2023-07-21 +## [v4.13.2](https://github.com/go-acme/lego/releases/tag/v4.13.2) (2023-07-21) ### Fixed - **[dnsprovider]** servercow: fix regression -## [v4.13.1] - 2023-07-20 +## [v4.13.1](https://github.com/go-acme/lego/releases/tag/v4.13.1) (2023-07-20) ### Added @@ -240,24 +276,24 @@ Cancelled due to CI failure. - **[cli]** fix: list command - **[lib]** fix: ARI explanationURL -## [v4.13.0] - 2023-07-20 +## v4.13.0 (2023-07-20) Cancelled due to a CI issue (no space left on device). -## [v4.12.2] - 2023-06-19 +## [v4.12.2](https://github.com/go-acme/lego/releases/tag/v4.12.2) (2023-06-19) ### Fixed - **[dnsprovider]** dnsmadeeasy: fix DeleteRecord - **[lib]** fix: read status code from response -## [v4.12.1] - 2023-06-06 +## [v4.12.1](https://github.com/go-acme/lego/releases/tag/v4.12.1) (2023-06-06) ### Fixed - **[dnsprovider]** pdns: fix record value -## [v4.12.0] - 2023-05-28 +## [v4.12.0](https://github.com/go-acme/lego/releases/tag/v4.12.0) (2023-05-28) ### Added @@ -275,7 +311,7 @@ Cancelled due to a CI issue (no space left on device). - **[dnsprovider]** autodns: fixes wrong zone in api call if CNAME is used - **[cli]** fix: archive only domain-related files on revoke -## [v4.11.0] - 2023-05-02 +## [v4.11.0](https://github.com/go-acme/lego/releases/tag/v4.11.0) (2023-05-02) ### Added @@ -297,18 +333,18 @@ Cancelled due to a CI issue (no space left on device). - **[dnsprovider]** rimuhosting: fix API base URL -## [v4.10.2] - 2023-02-26 +## [v4.10.2](https://github.com/go-acme/lego/releases/tag/v4.10.2) (2023-02-26) Fix Docker image builds. -## [v4.10.1] - 2023-02-25 +## [v4.10.1](https://github.com/go-acme/lego/releases/tag/v4.10.1) (2023-02-25) ### Fixed - **[dnsprovider,cname]** acmedns: fix CNAME support - **[dnsprovider]** dynu: fix subdomain support -## [v4.10.0] - 2023-02-10 +## [v4.10.0](https://github.com/go-acme/lego/releases/tag/v4.10.0) (2023-02-10) ### Added @@ -334,22 +370,22 @@ Fix Docker image builds. - **[dnsprovider]** pdns: fix usage of notify only when zone kind is Master or Slave - **[dnsprovider]** return an error when extracting record name -## [v4.9.1] - 2022-11-25 +## [v4.9.1](https://github.com/go-acme/lego/releases/tag/v4.9.1) (2022-11-25) ### Changed -- + - **[lib,cname]** cname: add log about CNAME entries - **[dnsprovider]** regru: improve error handling ### Fixed -- + - **[dnsprovider,cname]** fix CNAME support for multiple DNS providers - **[dnsprovider,cname]** duckdns: fix CNAME support - **[dnsprovider,cname]** oraclecloud: use fqdn to resolve zone - **[dnsprovider]** hurricane: fix CNAME support - **[lib,cname]** cname: stop trying to traverse cname if none have been found -## [v4.9.0] - 2022-10-03 +## [v4.9.0](https://github.com/go-acme/lego/releases/tag/v4.9.0) (2022-10-03) ### Added @@ -379,7 +415,7 @@ Fix Docker image builds. - **[dnsprovider]** njalla: fix record id unmarshal error - **[dnsprovider]** tencentcloud: fix subdomain error -## [v4.8.0] - 2022-06-30 +## [v4.8.0](https://github.com/go-acme/lego/releases/tag/v4.8.0) (2022-06-30) ### Added @@ -395,9 +431,9 @@ Fix Docker image builds. - **[dnsprovider]** hetzner: set min TTL to 60s - **[docs]** refactoring and cleanup -## [v4.7.0] - 2022-05-27 +## [v4.7.0](https://github.com/go-acme/lego/releases/tag/v4.7.0) (2022-05-27) -### Added: +### Added - **[dnsprovider]** Add DNS provider for iwantmyname - **[dnsprovider]** Add DNS Provider for IIJ DNS Platform Service @@ -406,18 +442,18 @@ Fix Docker image builds. - **[dnsprovider]** dnsimple: add debug option - **[cli]** feat: add `LEGO_CERT_PEM_PATH` and `LEGO_CERT_PFX_PATH` -### Changed: +### Changed - **[dnsprovider]** gcore: change dns api url - **[dnsprovider]** bluecat: rewrite provider implementation -### Fixed: +### Fixed - **[dnsprovider]** rfc2136: fix TSIG secret - **[dnsprovider]** tencentcloud: fix InvalidParameter.DomainInvalid error when using DNS challenges - **[lib]** fix: panic in certcrypto.ParsePEMPrivateKey -## [v4.6.0] - 2022-01-18 +## [v4.6.0](https://github.com/go-acme/lego/releases/tag/v4.6.0) (2022-01-18) ### Added @@ -439,15 +475,15 @@ Fix Docker image builds. - **[dnsprovider]** mythicbeasts: fix token expiration - **[dnsprovider]** rackspace: change zone ID to string -## [v4.5.3] - 2021-09-06 +## [v4.5.3](https://github.com/go-acme/lego/releases/tag/v4.5.3) (2021-09-06) -### Fixed: +### Fixed - **[lib,cli]** fix: missing preferred chain param for renew request -## [v4.5.2] - 2021-09-01 +## [v4.5.2](https://github.com/go-acme/lego/releases/tag/v4.5.2) (2021-09-01) -### Added: +### Added - **[dnsprovider]** Add DNS provider for all-inkl - **[dnsprovider]** Add DNS provider for Epik @@ -458,7 +494,7 @@ Fix Docker image builds. - **[dnsprovider]** Add DNS provider for Internet.bs - **[dnsprovider]** Add DNS provider for nicmanager -### Changed: +### Changed - **[dnsprovider]** alidns: support ECS instance RAM role - **[dnsprovider]** alidns: support sts token credential @@ -466,7 +502,7 @@ Fix Docker image builds. - **[dnsprovider]** ovh: follow cname - **[lib,cli]** Add AlwaysDeactivateAuthorizations flag to ObtainRequest -### Fixed: +### Fixed - **[dnsprovider]** infomaniak: fix subzone support - **[dnsprovider]** edgedns: fix Present and CleanUp logic @@ -475,17 +511,17 @@ Fix Docker image builds. - **[lib]** lib: use permanent error instead of context cancellation - **[dnsprovider]** desec: bump to v0.6.0 -## [v4.5.1] - 2021-09-01 +## v4.5.1 (2021-09-01) Cancelled due to a CI issue, replaced by v4.5.2. -## [v4.5.0] - 2021-09-30 +## v4.5.0 (2021-09-30) Cancelled due to a CI issue, replaced by v4.5.2. -## [v4.4.0] - 2021-06-08 +## [v4.4.0](https://github.com/go-acme/lego/releases/tag/v4.4.0) (2021-06-08) -### Added: +### Added - **[dnsprovider]** Add DNS provider for Infoblox - **[dnsprovider]** Add DNS provider for Porkbun @@ -494,7 +530,7 @@ Cancelled due to a CI issue, replaced by v4.5.2. - **[dnsprovider]** Add DNS provider for VinylDNS - **[dnsprovider]** Add DNS provider for wedos -### Changed: +### Changed - **[cli]** log: Use stderr instead of stdout. - **[dnsprovider]** hostingde: autodetection of the zone name. @@ -502,7 +538,7 @@ Cancelled due to a CI issue, replaced by v4.5.2. - **[dnsprovider]** powerdns: several improvements - **[lib]** lib: improve wait.For returns. -### Fixed: +### Fixed - **[dnsprovider]** hurricane: add API rate limiter. - **[dnsprovider]** hurricane: only treat first word of response body as response code @@ -511,15 +547,15 @@ Cancelled due to a CI issue, replaced by v4.5.2. - **[dnsprovider]** nifcloud: Get zone info from dns01.FindZoneByFqdn - **[cli,lib]** csr: Support the type `NEW CERTIFICATE REQUEST` -## [v4.3.1] - 2021-03-12 +## [v4.3.1](https://github.com/go-acme/lego/releases/tag/v4.3.1) (2021-03-12) -### Fixed: +### Fixed - **[dnsprovider]** exoscale: fix dependency version. -## [v4.3.0] - 2021-03-10 +## [v4.3.0](https://github.com/go-acme/lego/releases/tag/v4.3.0) (2021-03-10) -### Added: +### Added - **[dnsprovider]** Add DNS provider for Njalla - **[dnsprovider]** Add DNS provider for Domeneshop @@ -527,13 +563,13 @@ Cancelled due to a CI issue, replaced by v4.5.2. - **[dnsprovider]** designate: support for Openstack Application Credentials - **[dnsprovider]** edgedns: support for .edgerc file -### Changed: +### Changed - **[dnsprovider]** infomaniak: Make error message more meaningful - **[dnsprovider]** cloudns: Improve reliability - **[dnsprovider]** rfc2163: Removed support for MD5 algorithm. The default algorithm is now SHA1. -### Fixed: +### Fixed - **[dnsprovider]** desec: fix error with default TTL - **[dnsprovider]** mythicbeasts: implement `ProviderTimeout` @@ -541,119 +577,119 @@ Cancelled due to a CI issue, replaced by v4.5.2. - **[lib]** Increase HTTP client timeouts - **[lib]** preferred chain only match root name -## [v4.2.0] - 2021-01-24 +## [v4.2.0](https://github.com/go-acme/lego/releases/tag/v4.2.0) (2021-01-24) -### Added: +### Added - **[dnsprovider]** Add DNS provider for Loopia - **[dnsprovider]** Add DNS provider for Ionos. -### Changed: +### Changed - **[dnsprovider]** acme-dns: update cpu/goacmedns to v0.1.1. - **[dnsprovider]** inwx: Increase propagation timeout to 360s to improve robustness - **[dnsprovider]** vultr: Update to govultr v2 API - **[dnsprovider]** pdns: get exact zone instead of all zones -### Fixed: +### Fixed - **[dnsprovider]** vult, dnspod: fix default HTTP timeout. - **[dnsprovider]** pdns: URL request creation. - **[lib]** errors: Fix instance not being printed -## [v4.1.3] - 2020-11-25 +## [v4.1.3](https://github.com/go-acme/lego/releases/tag/v4.1.3) (2020-11-25) -### Fixed: +### Fixed - **[dnsprovider]** azure: fix error handling. -## [v4.1.2] - 2020-11-21 +## [v4.1.2](https://github.com/go-acme/lego/releases/tag/v4.1.2) (2020-11-21) -### Fixed: +### Fixed - **[lib]** fix: preferred chain support. -## [v4.1.1] - 2020-11-19 +## [v4.1.1](https://github.com/go-acme/lego/releases/tag/v4.1.1) (2020-11-19) -### Fixed: +### Fixed - **[dnsprovider]** otc: select correct zone if multiple returned - **[dnsprovider]** azure: fix target must be a non-nil pointer -## [v4.1.0] - 2020-11-06 +## [v4.1.0](https://github.com/go-acme/lego/releases/tag/v4.1.0) (2020-11-06) -### Added: +### Added - **[dnsprovider]** Add DNS provider for Infomaniak - **[dnsprovider]** joker: add support for SVC API - **[dnsprovider]** gcloud: add an option to allow the use of private zones -### Changed: +### Changed - **[dnsprovider]** rfc2136: ensure TSIG algorithm is fully qualified - **[dnsprovider]** designate: Deprecate OS_TENANT_NAME as required field -### Fixed: +### Fixed - **[lib]** acme/api: use postAsGet instead of post for AccountService.Get - **[lib]** fix: use http.Header.Set method instead of Add. -## [v4.0.1] - 2020-09-03 +## [v4.0.1](https://github.com/go-acme/lego/releases/tag/v4.0.1) (2020-09-03) -### Fixed: +### Fixed - **[dnsprovider]** exoscale: change dependency version. -## [v4.0.0] - 2020-09-02 +## [v4.0.0](https://github.com/go-acme/lego/releases/tag/v4.0.0) (2020-09-02) -### Added: +### Added - **[cli], [lib]** Support "alternate" certificate links for selecting different signing Chains -### Changed: +### Changed - **[cli]** Replaces `ec384` by `ec256` as default key-type - **[lib]** Changes `ObtainForCSR` method signature -### Removed: +### Removed - **[dnsprovider]** Replaces FastDNS by EdgeDNS - **[dnsprovider]** Removes old Linode provider - **[lib]** Removes `AddPreCheck` function -## [v3.9.0] - 2020-09-01 +## [v3.9.0](https://github.com/go-acme/lego/releases/tag/v3.9.0) (2020-09-01) -### Added: +### Added - **[dnsprovider]** Add Akamai Edgedns. Deprecate FastDNS - **[dnsprovider]** Add DNS provider for HyperOne -### Changed: +### Changed - **[dnsprovider]** designate: add support for Openstack clouds.yaml - **[dnsprovider]** azure: allow selecting environments - **[dnsprovider]** desec: applies API rate limits. -### Fixed: +### Fixed - **[dnsprovider]** namesilo: fix cleanup. -## [v3.8.0] - 2020-07-02 +## [v3.8.0](https://github.com/go-acme/lego/releases/tag/v3.8.0) (2020-07-02) -### Added: +### Added - **[cli]** cli: add hook on the run command. - **[dnsprovider]** inwx: Two-Factor-Authentication - **[dnsprovider]** Add DNS provider for ArvanCloud -### Changed: +### Changed - **[dnsprovider]** vultr: bumping govultr version - **[dnsprovider]** desec: improve error logs. - **[lib]** Ensures the return of a location during account updates - **[dnsprovider]** route53: Document all AWS credential environment variables -### Fixed: +### Fixed - **[dnsprovider]** stackpath: fix subdomain support. - **[dnsprovider]** arvandcloud: fix record name. @@ -662,9 +698,9 @@ Cancelled due to a CI issue, replaced by v4.5.2. - **[dnsprovider]** hetzner: fix record name. - **[lib]** Registrar.ResolveAccountByKey: Fix malformed request -## [v3.7.0] - 2020-05-11 +## [v3.7.0](https://github.com/go-acme/lego/releases/tag/v3.7.0) (2020-05-11) -### Added: +### Added - **[dnsprovider]** Add DNS provider for Netlify. - **[dnsprovider]** Add DNS provider for deSEC.io @@ -673,28 +709,28 @@ Cancelled due to a CI issue, replaced by v4.5.2. - **[dnsprovider]** Add DNS provider for Mythic beasts DNSv2 - **[dnsprovider]** Add DNS provider for Yandex. -### Changed: +### Changed - **[dnsprovider]** Upgrade DNSimple client to 0.60.0 - **[dnsprovider]** update aws sdk -### Fixed: +### Fixed - **[dnsprovider]** autodns: removes TXT records during CleanUp. - **[dnsprovider]** Fix exoscale HTTP timeout - **[cli]** fix: renew path information. - **[cli]** Fix account storage location warning message -## [v3.6.0] - 2020-04-24 +## [v3.6.0](https://github.com/go-acme/lego/releases/tag/v3.6.0) (2020-04-24) -### Added: +### Added - **[dnsprovider]** Add DNS provider for CloudDNS. - **[dnsprovider]** alicloud: add support for domain with punycode - **[dnsprovider]** cloudns: Add subuser support - **[cli]** Information about renewed certificates are now passed to the renew hook -### Changed: +### Changed - **[dnsprovider]** acmedns: Update cpu/goacmedns v0.0.1 -> v0.0.2 - **[dnsprovider]** alicloud: update sdk dependency version to v1.61.112 @@ -704,14 +740,14 @@ Cancelled due to a CI issue, replaced by v4.5.2. - **[dnsprovider]** namedotcom: get the actual registered domain, so we can remove just that from the hostname to be created - **[dnsprovider]** transip: updated the client to v6 -### Fixed: +### Fixed - **[dnsprovider]** ns1: fix missing domain in log - **[dnsprovider]** rimuhosting: use HTTP client from config. -## [v3.5.0] - 2020-03-15 +## [v3.5.0](https://github.com/go-acme/lego/releases/tag/v3.5.0) (2020-03-15) -### Added: +### Added - **[dnsprovider]** Add DNS provider for Dynu. - **[dnsprovider]** Add DNS provider for reg.ru @@ -721,27 +757,27 @@ Cancelled due to a CI issue, replaced by v4.5.2. - **[cli]** Multi-arch Docker image. - **[cli]** Adds `--name` flag to list command. -### Changed: +### Changed - **[lib]** lib: Improve cleanup log messages. - **[lib]** Wrap errors. -### Fixed: +### Fixed - **[dnsprovider]** azure: pass AZURE_CLIENT_SECRET_FILE to autorest.Authorizer - **[dnsprovider]** gcloud: fixes issues when used with GKE Workload Identity - **[dnsprovider]** oraclecloud: fix subdomain support -## [v3.4.0] - 2020-02-25 +## [v3.4.0](https://github.com/go-acme/lego/releases/tag/v3.4.0) (2020-02-25) -### Added: +### Added - **[dnsprovider]** Add DNS provider for Constellix - **[dnsprovider]** Add DNS provider for Servercow. - **[dnsprovider]** Add DNS provider for Scaleway - **[cli]** Add "LEGO_PATH" environment variable -### Changed: +### Changed - **[dnsprovider]** route53: allow custom client to be provided - **[dnsprovider]** namecheap: allow external domains @@ -749,7 +785,7 @@ Cancelled due to a CI issue, replaced by v4.5.2. - **[dnsprovider]** ovh: Improve provider documentation - **[dnsprovider]** route53: Improve provider documentation -### Fixed: +### Fixed - **[dnsprovider]** zoneee: fix subdomains. - **[dnsprovider]** designate: Don't clean up managed records like SOA and NS @@ -757,147 +793,174 @@ Cancelled due to a CI issue, replaced by v4.5.2. - **[lib]** crypto: Treat CommonName as optional - **[lib]** chore: update cenkalti/backoff to v4. -## [v3.3.0] - 2020-01-08 +## [v3.3.0](https://github.com/go-acme/lego/releases/tag/v3.3.0) (2020-01-08) + +### Added -### Added: - **[dnsprovider]** Add DNS provider for Checkdomain - **[lib]** Add support to update account -### Changed: +### Changed + - **[dnsprovider]** gcloud: Auto-detection of the project ID. - **[lib]** Successfully parse private key PEM blocks -### Fixed: +### Fixed + - **[dnsprovider]** Update dnspod, because of API breaking changes. -## [v3.2.0] - 2019-11-10 +## [v3.2.0](https://github.com/go-acme/lego/releases/tag/v3.2.0) (2019-11-10) + +### Added -### Added: - **[dnsprovider]** Add support for autodns -### Changed: +### Changed + - **[dnsprovider]** httpreq: Allow use environment vars from a `_FILE` file - **[lib]** Don't deactivate valid authorizations - **[lib]** Expose more SOA fields found by dns01.FindZoneByFqdn -### Fixed: +### Fixed + - **[dnsprovider]** use token as unique ID. -## [v3.1.0] - 2019-10-07 +## [v3.1.0](https://github.com/go-acme/lego/releases/tag/v3.1.0) (2019-10-07) + +### Added -### Added: - **[dnsprovider]** Add DNS provider for Liquid Web - **[dnsprovider]** cloudflare: add support for API tokens - **[cli]** feat: ease operation behind proxy servers -### Changed: +### Changed + - **[dnsprovider]** cloudflare: update client - **[dnsprovider]** linodev4: propagation timeout configuration. -### Fixed: +### Fixed + - **[dnsprovider]** ovh: fix int overflow. - **[dnsprovider]** bindman: fix client version. -## [v3.0.2] - 2019-08-15 +## [v3.0.2](https://github.com/go-acme/lego/releases/tag/v3.0.2) (2019-08-15) + +### Fixed -### Fixed: - Invalid pseudo version (related to Cloudflare client). -## [v3.0.1] - 2019-08-14 +## [v3.0.1](https://github.com/go-acme/lego/releases/tag/v3.0.1) (2019-08-14) There was a problem when creating the tag v3.0.1, this tag has been invalidated. -## [v3.0.0] - 2019-08-05 +## [v3.0.0](https://github.com/go-acme/lego/releases/tag/v3.0.0) (2019-08-05) + +### Changed -### Changed: - migrate to go module (new import github.com/go-acme/lego/v3/) - update DNS clients -## [v2.7.2] - 2019-07-30 +## [v2.7.2](https://github.com/go-acme/lego/releases/tag/v2.7.2) (2019-07-30) + +### Fixed -### Fixed: - **[dnsprovider]** vultr: quote TXT record -## [v2.7.1] - 2019-07-22 +## [v2.7.1](https://github.com/go-acme/lego/releases/tag/v2.7.1) (2019-07-22) + +### Fixed -### Fixed: - **[dnsprovider]** vultr: invalid record type. -## [v2.7.0] - 2019-07-17 +## [v2.7.0](https://github.com/go-acme/lego/releases/tag/v2.7.0) (2019-07-17) + +### Added -### Added: - **[dnsprovider]** Add DNS provider for namesilo - **[dnsprovider]** Add DNS provider for versio.nl -### Changed: +### Changed + - **[dnsprovider]** Update DNS providers libs. - **[dnsprovider]** joker: support username and password. - **[dnsprovider]** Vultr: Switch to official client -### Fixed: +### Fixed + - **[dnsprovider]** otc: Prevent sending empty body. -## [v2.6.0] - 2019-05-27 +## [v2.6.0](https://github.com/go-acme/lego/releases/tag/v2.6.0) (2019-05-27) + +### Added -### Added: - **[dnsprovider]** Add support for Joker.com DMAPI - **[dnsprovider]** Add support for Bindman DNS provider - **[dnsprovider]** Add support for EasyDNS - **[lib]** Get an existing certificate by URL -### Changed: +### Changed + - **[dnsprovider]** digitalocean: LEGO_EXPERIMENTAL_CNAME_SUPPORT support - **[dnsprovider]** gcloud: Use fqdn to get zone Present/CleanUp - **[dnsprovider]** exec: serial behavior - **[dnsprovider]** manual: serial behavior. - **[dnsprovider]** Strip newlines when reading environment variables from `_FILE` suffixed files. -### Fixed: +### Fixed + - **[cli]** fix: cli disable-cp option. - **[dnsprovider]** gcloud: fix zone visibility. -## [v2.5.0] - 2019-04-17 +## [v2.5.0](https://github.com/go-acme/lego/releases/tag/v2.5.0) (2019-04-17) + +### Added -### Added: - **[cli]** Adds renew hook - **[dnsprovider]** Adds 'Since' to DNS providers documentation -### Changed: +### Changed + - **[dnsprovider]** gcloud: use public DNS zones - **[dnsprovider]** route53: enhance documentation. -### Fixed: +### Fixed + - **[dnsprovider]** cloudns: fix TTL and status validation - **[dnsprovider]** sakuracloud: supports concurrent update - **[dnsprovider]** Disable authz when solve fail. - Add tzdata to the Docker image. -## [v2.4.0] - 2019-03-25 +## [v2.4.0](https://github.com/go-acme/lego/releases/tag/v2.4.0) (2019-03-25) - Migrate from xenolf/lego to go-acme/lego. -### Added: +### Added + - **[dnsprovider]** Add DNS Provider for Domain Offensive (do.de) - **[dnsprovider]** Adds information about '_FILE' suffix. -### Fixed: +### Fixed + - **[cli,dnsprovider]** Add 'manual' provider to the output of dnshelp - **[dnsprovider]** hostingde: Use provided ZoneName instead of domain - **[dnsprovider]** pdns: fix wildcard with SANs -## [v2.3.0] - 2019-03-11 +## [v2.3.0](https://github.com/go-acme/lego/releases/tag/v2.3.0) (2019-03-11) + +### Added -### Added: - **[dnsprovider]** Add DNS Provider for ClouDNS.net - **[dnsprovider]** Add DNS Provider for Oracle Cloud -### Changed: +### Changed + - **[cli]** Adds log when no renewal. - **[dnsprovider,lib]** Add a mechanism to wrap a PreCheckFunc - **[dnsprovider]** oraclecloud: better way to get private key. - **[dnsprovider]** exoscale: update library -### Fixed: +### Fixed + - **[dnsprovider]** OVH: Refresh zone after deleting challenge record - **[dnsprovider]** oraclecloud: ttl config and timeout - **[dnsprovider]** hostingde: fix client fails if customer has no access to dns-groups @@ -906,40 +969,47 @@ There was a problem when creating the tag v3.0.1, this tag has been invalidated. - **[dnsprovider]** vscale: fix TXT records clean up - **[dnsprovider]** selectel: fix TXT records clean up -## [v2.2.0] - 2019-02-08 +## [v2.2.0](https://github.com/go-acme/lego/releases/tag/v2.2.0) (2019-02-08) + +### Added -### Added: - **[dnsprovider]** Add support for Openstack Designate as a DNS provider - **[dnsprovider]** gcloud: Option to specify gcloud service account json by env as string - **[experimental feature]** Resolve CNAME when creating dns-01 challenge. To enable: set `LEGO_EXPERIMENTAL_CNAME_SUPPORT` to `true`. -### Changed: +### Changed + - **[cli]** Applies Let’s Encrypt’s recommendation about renew. The option `--days` of the command `renew` has a new default value (`30`) - **[lib]** Uses a jittered exponential backoff -### Fixed: +### Fixed + - **[cli]** CLI and key type. - **[dnsprovider]** httpreq: Endpoint with path. - **[dnsprovider]** fastdns: Do not overwrite existing TXT records - Log wildcard domain correctly in validation -## [v2.1.0] - 2019-01-24 +## [v2.1.0](https://github.com/go-acme/lego/releases/tag/v2.1.0) (2019-01-24) + +### Added -### Added: - **[dnsprovider]** Add support for zone.ee as a DNS provider. -### Changed: +### Changed + - **[dnsprovider]** nifcloud: Change DNS base url. - **[dnsprovider]** gcloud: More detailed information about Google Cloud DNS. -### Fixed: +### Fixed + - **[lib]** fix: OCSP, set HTTP client. - **[dnsprovider]** alicloud: fix pagination. - **[dnsprovider]** namecheap: fix panic. -## [v2.0.0] - 2019-01-09 +## [v2.0.0](https://github.com/go-acme/lego/releases/tag/v2.0.0) (2019-01-09) + +### Added -### Added: - **[cli,lib]** Option to disable the complete propagation Requirement - **[lib,cli]** Support non-ascii domain name (punnycode) - **[cli,lib]** Add configurable timeout when obtaining certificates @@ -956,7 +1026,8 @@ There was a problem when creating the tag v3.0.1, this tag has been invalidated. - **[dnsprovider]** Add DNS Provider for inwx - **[dnsprovider]** alidns: add support to handle more than 20 domains -### Changed: +### Changed + - **[lib]** Check all challenges in a predictable order - **[lib]** Poll authz URL instead of challenge URL - **[lib]** Check all nameservers in a predictable order @@ -971,13 +1042,15 @@ There was a problem when creating the tag v3.0.1, this tag has been invalidated. - **[cli]** the option `--days` of the command `renew` has default value (`15`) - **[dnsprovider]** gcloud: Use GCE_PROJECT for project always, if specified -### Removed: +### Removed + - **[lib]** Remove `SetHTTP01Address` - **[lib]** Remove `SetTLSALPN01Address` - **[lib]** Remove `Exclude` - **[cli]** Remove `--exclude`, `-x` -### Fixed: +### Fixed + - **[lib]** Fixes revocation for subdomains and non-ascii domains - **[lib]** Disable pending authorizations - **[dnsprovider]** transip: concurrent access to the API. @@ -985,17 +1058,20 @@ There was a problem when creating the tag v3.0.1, this tag has been invalidated. - **[dnsprovider]** Azure: Do not overwrite existing TXT records - **[dnsprovider]** fix: Cloudflare error. -## [v1.2.0] - 2018-11-04 +## [v1.2.0](https://github.com/go-acme/lego/releases/tag/v1.2.0) (2018-11-04) + +### Added -### Added: - **[dnsprovider]** Add DNS Provider for ConoHa DNS - **[dnsprovider]** Add DNS Provider for MyDNS.jp - **[dnsprovider]** Add DNS Provider for Selectel -### Fixed: +### Fixed + - **[dnsprovider]** netcup: make unmarshalling of api-responses more lenient. -### Changed: +### Changed + - **[dnsprovider]** aurora: change DNS client - **[dnsprovider]** azure: update auth to support instance metadata service - **[dnsprovider]** dnsmadeeasy: log response body on error @@ -1003,9 +1079,10 @@ There was a problem when creating the tag v3.0.1, this tag has been invalidated. - **[lib]** Do not send a JWS body when POSTing challenges. - **[lib]** Support POST-as-GET. -## [v1.1.0] - 2018-10-16 +## [v1.1.0](https://github.com/go-acme/lego/releases/tag/v1.1.0) (2018-10-16) + +### Added -### Added: - **[lib]** TLS-ALPN-01 Challenge - **[cli]** Add filename parameter - **[dnsprovider]** Allow to configure TTL, interval and timeout @@ -1023,7 +1100,8 @@ There was a problem when creating the tag v3.0.1, this tag has been invalidated. - **[dnsprovider]** exec: add EXEC_MODE=RAW support. - **[dnsprovider]** cloudflare: support for CF_API_KEY and CF_API_EMAIL -### Fixed: +### Fixed + - **[lib]** Don't trust identifiers order. - **[lib]** Fix missing issuer certificates from Let's Encrypt - **[dnsprovider]** duckdns: fix TXT record update url @@ -1033,20 +1111,23 @@ There was a problem when creating the tag v3.0.1, this tag has been invalidated. - **[dnsprovider]** ns1: use the authoritative zone and not the domain name - **[dnsprovider]** ovh: check error to avoid panic due to nil client -### Changed: +### Changed + - **[lib]** Submit all dns records up front, then validate serially -## [v1.0.0] - 2018-05-30 +## [v1.0.0](https://github.com/go-acme/lego/releases/tag/v1.0.0) (2018-05-30) + +### Changed -### Changed: - **[lib]** ACME v2 Support. - **[dnsprovider]** Renamed `/providers/dns/googlecloud` to `/providers/dns/gcloud`. - **[dnsprovider]** Modified Google Cloud provider `gcloud.NewDNSProviderServiceAccount` function to extract the project id directly from the service account file. - **[dnsprovider]** Made errors more verbose for the Cloudflare provider. -## [v0.5.0] - 2018-05-29 +## [v0.5.0](https://github.com/go-acme/lego/releases/tag/v0.5.0) (2018-05-29) + +### Added -### Added: - **[dnsprovider]** Add DNS challenge provider `exec` - **[dnsprovider]** Add DNS Provider for Akamai FastDNS - **[dnsprovider]** Add DNS Provider for Bluecat DNS @@ -1058,7 +1139,8 @@ There was a problem when creating the tag v3.0.1, this tag has been invalidated. - **[dnsprovider]** Add DNS Provider for Lightsail - **[dnsprovider]** Add DNS Provider for Name.com -### Fixed: +### Fixed + - **[dnsprovider]** Azure: Added missing environment variable in the comments - **[dnsprovider]** PowerDNS: Fix zone URL, add leading slash. - **[dnsprovider]** DNSimple: Fix api @@ -1067,7 +1149,8 @@ There was a problem when creating the tag v3.0.1, this tag has been invalidated. - **[lib]** Fix zone detection for cross-zone cnames. - **[lib]** Use proxies from environment when making outbound http connections. -### Changed: +### Changed + - **[lib]** Users of an effective top-level domain can use the DNS challenge. - **[dnsprovider]** Azure: Refactor to work with new Azure SDK version. - **[dnsprovider]** Cloudflare and Azure: Adding output of which envvars are missing. @@ -1075,20 +1158,23 @@ There was a problem when creating the tag v3.0.1, this tag has been invalidated. - **[dnsprovider]** Exoscale: update to latest egoscale version. - **[dnsprovider]** Route53: Use NewSessionWithOptions instead of deprecated New. -## [0.4.1] - 2017-09-26 +## [0.4.1](https://github.com/go-acme/lego/releases/tag/0.4.1) (2017-09-26) + +### Added -### Added: - lib: A new DNS provider for OTC. - lib: The `AWS_HOSTED_ZONE_ID` environment variable for the Route53 DNS provider to directly specify the zone. - lib: The `RFC2136_TIMEOUT` environment variable to make the timeout for the RFC2136 provider configurable. - lib: The `GCE_SERVICE_ACCOUNT_FILE` environment variable to specify a service account file for the Google Cloud DNS provider. -### Fixed: +### Fixed + - lib: Fixed an authentication issue with the latest Azure SDK. -## [0.4.0] - 2017-07-13 +## [0.4.0](https://github.com/go-acme/lego/releases/tag/0.4.0) (2017-07-13) + +### Added -### Added: - CLI: The `--http-timeout` switch. This allows for an override of the default client HTTP timeout. - lib: The `HTTPClient` field. This allows for an override of the default HTTP timeout for library HTTP requests. - CLI: The `--dns-timeout` switch. This allows for an override of the default DNS timeout for library DNS requests. @@ -1114,14 +1200,17 @@ There was a problem when creating the tag v3.0.1, this tag has been invalidated. - lib: A new DNS provider for Exoscale DNS. - lib: A new DNS provider for DNSPod. -### Changed: +### Changed + - lib: Exported the `PreCheckDNS` field so library users can manage the DNS check in tests. - lib: The library will now skip challenge solving if a valid Authz already exists. -### Removed: +### Removed + - lib: The library will no longer check for auto-renewed certificates. This has been removed from the spec and is not supported in Boulder. -### Fixed: +### Fixed + - lib: Fix a problem with the Route53 provider where it was possible the verification was published to a private zone. - lib: Loading an account from file should fail if an integral part is nil - lib: Fix a potential issue where the Dyn provider could resolve to an incorrect zone. @@ -1135,20 +1224,22 @@ There was a problem when creating the tag v3.0.1, this tag has been invalidated. - lib: Fixed a condition where we could stall due to an early error condition. - lib: Fixed an issue where Authz object could end up in an active state after an error condition. -## [0.3.1] - 2016-04-19 +## [0.3.1](https://github.com/go-acme/lego/releases/tag/0.3.1) (2016-04-19) + +### Added -### Added: - lib: A new DNS provider for Vultr. -### Fixed: +### Fixed + - lib: DNS Provider for DigitalOcean could not handle subdomains properly. - lib: handleHTTPError should only try to JSON decode error messages with the right content type. - lib: The propagation checker for the DNS challenge would not retry on send errors. +## [0.3.0](https://github.com/go-acme/lego/releases/tag/0.3.0) (2016-03-19) -## [0.3.0] - 2016-03-19 +### Added -### Added: - CLI: The `--dns` switch. To include the DNS challenge for consideration. When using this switch, all other solvers are disabled. Supported are the following solvers: cloudflare, digitalocean, dnsimple, dyn, gandi, googlecloud, namecheap, route53, rfc2136 and manual. - CLI: The `--accept-tos` switch. Indicates your acceptance of the Let's Encrypt terms of service without prompting you. - CLI: The `--webroot` switch. The HTTP-01 challenge may now be completed by dropping a file into a webroot. When using this switch, all other solvers are disabled. @@ -1163,6 +1254,7 @@ There was a problem when creating the tag v3.0.1, this tag has been invalidated. - lib: The `acme.KeyType` type was added and is used for the configuration of crypto parameters for RSA and EC keys. Valid KeyTypes are: EC256, EC384, RSA2048, RSA4096 and RSA8192. ### Changed + - lib: ExcludeChallenges now expects to be passed an array of `Challenge` types. - lib: HTTP-01 now supports custom solvers using the `ChallengeProvider` interface. - lib: TLS-SNI-01 now supports custom solvers using the `ChallengeProvider` interface. @@ -1170,16 +1262,19 @@ There was a problem when creating the tag v3.0.1, this tag has been invalidated. - lib: The `acme.NewClient` function now expects an `acme.KeyType` instead of the keyBits parameter. ### Removed + - CLI: The `rsa-key-size` switch was removed in favor of `key-type` to support EC keys. ### Fixed + - lib: Fixed a race condition in HTTP-01 - lib: Fixed an issue where status codes on ACME challenge responses could lead to no action being taken. - lib: Fixed a regression when calling the Renew function with a SAN certificate. -## [0.2.0] - 2016-01-09 +## [0.2.0](https://github.com/go-acme/lego/releases/tag/0.2.0) (2016-01-09) + +### Added -### Added: - CLI: The `--exclude` or `-x` switch. To exclude a challenge from being solved. - CLI: The `--http` switch. To set the listen address and port of HTTP based challenges. Supports `host:port` and `:port` for any interface. - CLI: The `--tls` switch. To set the listen address and port of TLS based challenges. Supports `host:port` and `:port` for any interface. @@ -1189,41 +1284,43 @@ There was a problem when creating the tag v3.0.1, this tag has been invalidated. - lib: SetTLSAddress function. Pass a port to set the listen port of TLS based challenges. - lib: acme.UserAgent variable. Use this to customize the user agent on all requests sent by lego. -### Changed: +### Changed + - lib: NewClient does no longer accept the optPort parameter - lib: ObtainCertificate now returns a SAN certificate if you pass more than one domain. - lib: GetOCSPForCert now returns the parsed OCSP response instead of just the status. - lib: ObtainCertificate has a new parameter `privKey crypto.PrivateKey` which lets you reuse an existing private key for new certificates. - lib: RenewCertificate now expects the PrivateKey property of the CertificateResource to be set only if you want to reuse the key. -### Removed: +### Removed + - CLI: The `--port` switch was removed. - lib: RenewCertificate does no longer offer to also revoke your old certificate. -### Fixed: +### Fixed + - CLI: Fix logic using the `--days` parameter for renew -## [0.1.1] - 2015-12-18 +## [0.1.1](https://github.com/go-acme/lego/releases/tag/0.1.1) (2015-12-18) + +### Added -### Added: - CLI: Added a way to automate renewal through a cronjob using the --days parameter to renew -### Changed: +### Changed + - lib: Improved log output on challenge failures. -### Fixed: +### Fixed + - CLI: The short parameter for domains would not get accepted - CLI: The cli did not return proper exit codes on error library errors. - lib: RenewCertificate did not properly renew SAN certificates. ### Security + - lib: Fix possible DOS on GetOCSPForCert -## [0.1.0] - 2015-12-03 -- Initial release +## [0.1.0](https://github.com/go-acme/lego/releases/tag/0.1.0) (2015-12-03) -[0.3.1]: https://github.com/go-acme/lego/compare/v0.3.0...v0.3.1 -[0.3.0]: https://github.com/go-acme/lego/compare/v0.2.0...v0.3.0 -[0.2.0]: https://github.com/go-acme/lego/compare/v0.1.1...v0.2.0 -[0.1.1]: https://github.com/go-acme/lego/compare/v0.1.0...v0.1.1 -[0.1.0]: https://github.com/go-acme/lego/tree/v0.1.0 +- Initial release diff --git a/Makefile b/Makefile index 6dfcbfa66f..28cb339082 100644 --- a/Makefile +++ b/Makefile @@ -39,16 +39,16 @@ checks: .PHONY: patch minor major detach patch: - go run ./internal/useragent/ release -m patch + go run ./internal/releaser/ release -m patch minor: - go run ./internal/useragent/ release -m minor + go run ./internal/releaser/ release -m minor major: - go run ./internal/useragent/ release -m major + go run ./internal/releaser/ release -m major detach: - go run ./internal/useragent/ detach + go run ./internal/releaser/ detach # Docs .PHONY: docs-build docs-serve docs-themes diff --git a/README.md b/README.md index 701e1e10de..a430446c32 100644 --- a/README.md +++ b/README.md @@ -51,43 +51,187 @@ Detailed documentation is available [here](https://go-acme.github.io/lego/dns). -| | | | | -|---------------------------------------------------------------------------------|---------------------------------------------------------------------------------|---------------------------------------------------------------------------------|---------------------------------------------------------------------------------| -| [Akamai EdgeDNS](https://go-acme.github.io/lego/dns/edgedns/) | [Alibaba Cloud DNS](https://go-acme.github.io/lego/dns/alidns/) | [all-inkl](https://go-acme.github.io/lego/dns/allinkl/) | [Amazon Lightsail](https://go-acme.github.io/lego/dns/lightsail/) | -| [Amazon Route 53](https://go-acme.github.io/lego/dns/route53/) | [ArvanCloud](https://go-acme.github.io/lego/dns/arvancloud/) | [Aurora DNS](https://go-acme.github.io/lego/dns/auroradns/) | [Autodns](https://go-acme.github.io/lego/dns/autodns/) | -| [Azure (deprecated)](https://go-acme.github.io/lego/dns/azure/) | [Azure DNS](https://go-acme.github.io/lego/dns/azuredns/) | [Bindman](https://go-acme.github.io/lego/dns/bindman/) | [Bluecat](https://go-acme.github.io/lego/dns/bluecat/) | -| [Brandit](https://go-acme.github.io/lego/dns/brandit/) | [Bunny](https://go-acme.github.io/lego/dns/bunny/) | [Checkdomain](https://go-acme.github.io/lego/dns/checkdomain/) | [Civo](https://go-acme.github.io/lego/dns/civo/) | -| [Cloud.ru](https://go-acme.github.io/lego/dns/cloudru/) | [CloudDNS](https://go-acme.github.io/lego/dns/clouddns/) | [Cloudflare](https://go-acme.github.io/lego/dns/cloudflare/) | [ClouDNS](https://go-acme.github.io/lego/dns/cloudns/) | -| [CloudXNS](https://go-acme.github.io/lego/dns/cloudxns/) | [ConoHa](https://go-acme.github.io/lego/dns/conoha/) | [Constellix](https://go-acme.github.io/lego/dns/constellix/) | [CPanel/WHM](https://go-acme.github.io/lego/dns/cpanel/) | -| [Derak Cloud](https://go-acme.github.io/lego/dns/derak/) | [deSEC.io](https://go-acme.github.io/lego/dns/desec/) | [Designate DNSaaS for Openstack](https://go-acme.github.io/lego/dns/designate/) | [Digital Ocean](https://go-acme.github.io/lego/dns/digitalocean/) | -| [DirectAdmin](https://go-acme.github.io/lego/dns/directadmin/) | [DNS Made Easy](https://go-acme.github.io/lego/dns/dnsmadeeasy/) | [dnsHome.de](https://go-acme.github.io/lego/dns/dnshomede/) | [DNSimple](https://go-acme.github.io/lego/dns/dnsimple/) | -| [DNSPod (deprecated)](https://go-acme.github.io/lego/dns/dnspod/) | [Domain Offensive (do.de)](https://go-acme.github.io/lego/dns/dode/) | [Domeneshop](https://go-acme.github.io/lego/dns/domeneshop/) | [DreamHost](https://go-acme.github.io/lego/dns/dreamhost/) | -| [Duck DNS](https://go-acme.github.io/lego/dns/duckdns/) | [Dyn](https://go-acme.github.io/lego/dns/dyn/) | [Dynu](https://go-acme.github.io/lego/dns/dynu/) | [EasyDNS](https://go-acme.github.io/lego/dns/easydns/) | -| [Efficient IP](https://go-acme.github.io/lego/dns/efficientip/) | [Epik](https://go-acme.github.io/lego/dns/epik/) | [Exoscale](https://go-acme.github.io/lego/dns/exoscale/) | [External program](https://go-acme.github.io/lego/dns/exec/) | -| [freemyip.com](https://go-acme.github.io/lego/dns/freemyip/) | [G-Core](https://go-acme.github.io/lego/dns/gcore/) | [Gandi Live DNS (v5)](https://go-acme.github.io/lego/dns/gandiv5/) | [Gandi](https://go-acme.github.io/lego/dns/gandi/) | -| [Glesys](https://go-acme.github.io/lego/dns/glesys/) | [Go Daddy](https://go-acme.github.io/lego/dns/godaddy/) | [Google Cloud](https://go-acme.github.io/lego/dns/gcloud/) | [Google Domains](https://go-acme.github.io/lego/dns/googledomains/) | -| [Hetzner](https://go-acme.github.io/lego/dns/hetzner/) | [Hosting.de](https://go-acme.github.io/lego/dns/hostingde/) | [Hosttech](https://go-acme.github.io/lego/dns/hosttech/) | [HTTP request](https://go-acme.github.io/lego/dns/httpreq/) | -| [http.net](https://go-acme.github.io/lego/dns/httpnet/) | [Huawei Cloud](https://go-acme.github.io/lego/dns/huaweicloud/) | [Hurricane Electric DNS](https://go-acme.github.io/lego/dns/hurricane/) | [HyperOne](https://go-acme.github.io/lego/dns/hyperone/) | -| [IBM Cloud (SoftLayer)](https://go-acme.github.io/lego/dns/ibmcloud/) | [IIJ DNS Platform Service](https://go-acme.github.io/lego/dns/iijdpf/) | [Infoblox](https://go-acme.github.io/lego/dns/infoblox/) | [Infomaniak](https://go-acme.github.io/lego/dns/infomaniak/) | -| [Internet Initiative Japan](https://go-acme.github.io/lego/dns/iij/) | [Internet.bs](https://go-acme.github.io/lego/dns/internetbs/) | [INWX](https://go-acme.github.io/lego/dns/inwx/) | [Ionos](https://go-acme.github.io/lego/dns/ionos/) | -| [IPv64](https://go-acme.github.io/lego/dns/ipv64/) | [iwantmyname](https://go-acme.github.io/lego/dns/iwantmyname/) | [Joker](https://go-acme.github.io/lego/dns/joker/) | [Joohoi's ACME-DNS](https://go-acme.github.io/lego/dns/acme-dns/) | -| [Liara](https://go-acme.github.io/lego/dns/liara/) | [Lima-City](https://go-acme.github.io/lego/dns/limacity/) | [Linode (v4)](https://go-acme.github.io/lego/dns/linode/) | [Liquid Web](https://go-acme.github.io/lego/dns/liquidweb/) | -| [Loopia](https://go-acme.github.io/lego/dns/loopia/) | [LuaDNS](https://go-acme.github.io/lego/dns/luadns/) | [Mail-in-a-Box](https://go-acme.github.io/lego/dns/mailinabox/) | [Manual](https://go-acme.github.io/lego/dns/manual/) | -| [Metaname](https://go-acme.github.io/lego/dns/metaname/) | [mijn.host](https://go-acme.github.io/lego/dns/mijnhost/) | [Mittwald](https://go-acme.github.io/lego/dns/mittwald/) | [MyDNS.jp](https://go-acme.github.io/lego/dns/mydnsjp/) | -| [MythicBeasts](https://go-acme.github.io/lego/dns/mythicbeasts/) | [Name.com](https://go-acme.github.io/lego/dns/namedotcom/) | [Namecheap](https://go-acme.github.io/lego/dns/namecheap/) | [Namesilo](https://go-acme.github.io/lego/dns/namesilo/) | -| [NearlyFreeSpeech.NET](https://go-acme.github.io/lego/dns/nearlyfreespeech/) | [Netcup](https://go-acme.github.io/lego/dns/netcup/) | [Netlify](https://go-acme.github.io/lego/dns/netlify/) | [Nicmanager](https://go-acme.github.io/lego/dns/nicmanager/) | -| [NIFCloud](https://go-acme.github.io/lego/dns/nifcloud/) | [Njalla](https://go-acme.github.io/lego/dns/njalla/) | [Nodion](https://go-acme.github.io/lego/dns/nodion/) | [NS1](https://go-acme.github.io/lego/dns/ns1/) | -| [Open Telekom Cloud](https://go-acme.github.io/lego/dns/otc/) | [Oracle Cloud](https://go-acme.github.io/lego/dns/oraclecloud/) | [OVH](https://go-acme.github.io/lego/dns/ovh/) | [plesk.com](https://go-acme.github.io/lego/dns/plesk/) | -| [Porkbun](https://go-acme.github.io/lego/dns/porkbun/) | [PowerDNS](https://go-acme.github.io/lego/dns/pdns/) | [Rackspace](https://go-acme.github.io/lego/dns/rackspace/) | [RcodeZero](https://go-acme.github.io/lego/dns/rcodezero/) | -| [reg.ru](https://go-acme.github.io/lego/dns/regru/) | [RFC2136](https://go-acme.github.io/lego/dns/rfc2136/) | [RimuHosting](https://go-acme.github.io/lego/dns/rimuhosting/) | [Sakura Cloud](https://go-acme.github.io/lego/dns/sakuracloud/) | -| [Scaleway](https://go-acme.github.io/lego/dns/scaleway/) | [Selectel v2](https://go-acme.github.io/lego/dns/selectelv2/) | [Selectel](https://go-acme.github.io/lego/dns/selectel/) | [SelfHost.(de/eu)](https://go-acme.github.io/lego/dns/selfhostde/) | -| [Servercow](https://go-acme.github.io/lego/dns/servercow/) | [Shellrent](https://go-acme.github.io/lego/dns/shellrent/) | [Simply.com](https://go-acme.github.io/lego/dns/simply/) | [Sonic](https://go-acme.github.io/lego/dns/sonic/) | -| [Stackpath](https://go-acme.github.io/lego/dns/stackpath/) | [Tencent Cloud DNS](https://go-acme.github.io/lego/dns/tencentcloud/) | [Timeweb Cloud](https://go-acme.github.io/lego/dns/timewebcloud/) | [TransIP](https://go-acme.github.io/lego/dns/transip/) | -| [UKFast SafeDNS](https://go-acme.github.io/lego/dns/safedns/) | [Ultradns](https://go-acme.github.io/lego/dns/ultradns/) | [Variomedia](https://go-acme.github.io/lego/dns/variomedia/) | [VegaDNS](https://go-acme.github.io/lego/dns/vegadns/) | -| [Vercel](https://go-acme.github.io/lego/dns/vercel/) | [Versio.[nl/eu/uk]](https://go-acme.github.io/lego/dns/versio/) | [VinylDNS](https://go-acme.github.io/lego/dns/vinyldns/) | [VK Cloud](https://go-acme.github.io/lego/dns/vkcloud/) | -| [Volcano Engine/火山引擎](https://go-acme.github.io/lego/dns/volcengine/) | [Vscale](https://go-acme.github.io/lego/dns/vscale/) | [Vultr](https://go-acme.github.io/lego/dns/vultr/) | [Webnames](https://go-acme.github.io/lego/dns/webnames/) | -| [Websupport](https://go-acme.github.io/lego/dns/websupport/) | [WEDOS](https://go-acme.github.io/lego/dns/wedos/) | [Yandex 360](https://go-acme.github.io/lego/dns/yandex360/) | [Yandex Cloud](https://go-acme.github.io/lego/dns/yandexcloud/) | -| [Yandex PDD](https://go-acme.github.io/lego/dns/yandex/) | [Zone.ee](https://go-acme.github.io/lego/dns/zoneee/) | [Zonomi](https://go-acme.github.io/lego/dns/zonomi/) | | + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Akamai EdgeDNSAlibaba Cloud DNSall-inklAmazon Lightsail
Amazon Route 53ArvanCloudAurora DNSAutodns
Azure (deprecated)Azure DNSBindmanBluecat
Brandit (deprecated)BunnyCheckdomainCivo
Cloud.ruCloudDNSCloudflareClouDNS
CloudXNS (Deprecated)ConoHaConstellixCore-Networks
CPanel/WHMDerak ClouddeSEC.ioDesignate DNSaaS for Openstack
Digital OceanDirectAdminDNS Made EasydnsHome.de
DNSimpleDNSPod (deprecated)Domain Offensive (do.de)Domeneshop
DreamHostDuck DNSDynDynu
EasyDNSEfficient IPEpikExoscale
External programfreemyip.comG-CoreGandi
Gandi Live DNS (v5)GlesysGo DaddyGoogle Cloud
Google DomainsHetznerHosting.deHosttech
HTTP requesthttp.netHuawei CloudHurricane Electric DNS
HyperOneIBM Cloud (SoftLayer)IIJ DNS Platform ServiceInfoblox
InfomaniakInternet Initiative JapanInternet.bsINWX
IonosIPv64iwantmynameJoker
Joohoi's ACME-DNSLiaraLima-CityLinode (v4)
Liquid WebLoopiaLuaDNSMail-in-a-Box
ManualMetanamemijn.hostMittwald
MyDNS.jpMythicBeastsName.comNamecheap
NamesiloNearlyFreeSpeech.NETNetcupNetlify
NicmanagerNIFCloudNjallaNodion
NS1Open Telekom CloudOracle CloudOVH
plesk.comPorkbunPowerDNSRackspace
RcodeZeroreg.ruRegfishRFC2136
RimuHostingSakura CloudScalewaySelectel
Selectel v2SelfHost.(de|eu)ServercowShellrent
Simply.comSonicStackpathTechnitium
Tencent Cloud DNSTimeweb CloudTransIPUKFast SafeDNS
UltradnsVariomediaVegaDNSVercel
Versio.[nl|eu|uk]VinylDNSVK CloudVolcano Engine/火山引擎
VscaleVultrWebnamesWebsupport
WEDOSYandex 360Yandex CloudYandex PDD
Zone.eeZonomi
diff --git a/acme/api/internal/sender/useragent.go b/acme/api/internal/sender/useragent.go index 7fb4a94e98..ef11f4b57f 100644 --- a/acme/api/internal/sender/useragent.go +++ b/acme/api/internal/sender/useragent.go @@ -1,10 +1,10 @@ -// Code generated by 'internal/useragent'; DO NOT EDIT. +// Code generated by 'internal/releaser'; DO NOT EDIT. package sender const ( // ourUserAgent is the User-Agent of this underlying library package. - ourUserAgent = "xenolf-acme/4.19.2" + ourUserAgent = "xenolf-acme/4.20.2" // ourUserAgentComment is part of the UA comment linked to the version status of this underlying library package. // values: detach|release diff --git a/challenge/http01/domain_matcher.go b/challenge/http01/domain_matcher.go index 5c755c4b20..c31aeed6a7 100644 --- a/challenge/http01/domain_matcher.go +++ b/challenge/http01/domain_matcher.go @@ -3,6 +3,7 @@ package http01 import ( "fmt" "net/http" + "net/netip" "strings" ) @@ -54,7 +55,7 @@ func (m *hostMatcher) name() string { } func (m *hostMatcher) matches(r *http.Request, domain string) bool { - return strings.HasPrefix(r.Host, domain) + return matchDomain(r.Host, domain) } // arbitraryMatcher checks whether the specified (*net/http.Request).Header value starts with a domain name. @@ -65,7 +66,7 @@ func (m arbitraryMatcher) name() string { } func (m arbitraryMatcher) matches(r *http.Request, domain string) bool { - return strings.HasPrefix(r.Header.Get(m.name()), domain) + return matchDomain(r.Header.Get(m.name()), domain) } // forwardedMatcher checks whether the Forwarded header contains a "host" element starting with a domain name. @@ -87,7 +88,7 @@ func (m *forwardedMatcher) matches(r *http.Request, domain string) bool { } host := fwds[0]["host"] - return strings.HasPrefix(host, domain) + return matchDomain(host, domain) } // parsing requires some form of state machine. @@ -133,9 +134,7 @@ func parseForwardedHeader(s string) (elements []map[string]string, err error) { case r == ',': // end of forwarded-element if key != "" { - if val == "" { - val = s[pos:i] - } + val = s[pos:i] cur[key] = val } elements = append(elements, cur) @@ -185,3 +184,12 @@ func skipWS(s string, i int) int { func isWS(r rune) bool { return strings.ContainsRune(" \t\v\r\n", r) } + +func matchDomain(src, domain string) bool { + addr, err := netip.ParseAddr(domain) + if err == nil && addr.Is6() { + domain = "[" + domain + "]" + } + + return strings.HasPrefix(src, domain) +} diff --git a/challenge/http01/domain_matcher_test.go b/challenge/http01/domain_matcher_test.go index 94add14bb8..efdc4641d7 100644 --- a/challenge/http01/domain_matcher_test.go +++ b/challenge/http01/domain_matcher_test.go @@ -1,13 +1,15 @@ package http01 import ( + "net/http" + "net/http/httptest" "testing" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) -func TestParseForwardedHeader(t *testing.T) { +func Test_parseForwardedHeader(t *testing.T) { testCases := []struct { name string input string @@ -83,3 +85,54 @@ func TestParseForwardedHeader(t *testing.T) { }) } } + +func Test_hostMatcher_matches(t *testing.T) { + hm := &hostMatcher{} + + testCases := []struct { + desc string + domain string + req *http.Request + expected assert.BoolAssertionFunc + }{ + { + desc: "exact domain", + domain: "example.com", + req: httptest.NewRequest(http.MethodGet, "http://example.com", nil), + expected: assert.True, + }, + { + desc: "request with path", + domain: "example.com", + req: httptest.NewRequest(http.MethodGet, "http://example.com/foo/bar", nil), + expected: assert.True, + }, + { + desc: "ipv4", + domain: "127.0.0.1", + req: httptest.NewRequest(http.MethodGet, "http://127.0.0.1", nil), + expected: assert.True, + }, + { + desc: "ipv6", + domain: "2001:db8::1", + req: httptest.NewRequest(http.MethodGet, "http://[2001:db8::1]", nil), + expected: assert.True, + }, + { + desc: "ipv6 with brackets", + domain: "[2001:db8::1]", + req: httptest.NewRequest(http.MethodGet, "http://[2001:db8::1]", nil), + expected: assert.True, + }, + } + + for _, test := range testCases { + t.Run(test.desc, func(t *testing.T) { + t.Parallel() + hm.matches(test.req, test.domain) + + test.expected(t, hm.matches(test.req, test.domain)) + }) + } +} diff --git a/challenge/http01/http_challenge_server.go b/challenge/http01/http_challenge_server.go index f69f5ac1f8..009271cec4 100644 --- a/challenge/http01/http_challenge_server.go +++ b/challenge/http01/http_challenge_server.go @@ -56,7 +56,9 @@ func (s *ProviderServer) Present(domain, token, keyAuth string) error { } s.done = make(chan bool) + go s.serve(domain, token, keyAuth) + return nil } @@ -69,8 +71,11 @@ func (s *ProviderServer) CleanUp(domain, token, keyAuth string) error { if s.listener == nil { return nil } + s.listener.Close() + <-s.done + return nil } @@ -107,19 +112,23 @@ func (s *ProviderServer) serve(domain, token, keyAuth string) { mux.HandleFunc(path, func(w http.ResponseWriter, r *http.Request) { if r.Method == http.MethodGet && s.matcher.matches(r, domain) { w.Header().Set("Content-Type", "text/plain") + _, err := w.Write([]byte(keyAuth)) if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) return } + log.Infof("[%s] Served key authentication", domain) - } else { - log.Warnf("Received request for domain %s with method %s but the domain did not match any challenge. Please ensure you are passing the %s header properly.", r.Host, r.Method, s.matcher.name()) - _, err := w.Write([]byte("TEST")) - if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } + return + } + + log.Warnf("Received request for domain %s with method %s but the domain did not match any challenge. Please ensure you are passing the %s header properly.", r.Host, r.Method, s.matcher.name()) + + _, err := w.Write([]byte("TEST")) + if err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + return } }) @@ -133,5 +142,6 @@ func (s *ProviderServer) serve(domain, token, keyAuth string) { if err != nil && !strings.Contains(err.Error(), "use of closed network connection") { log.Println(err) } + s.done <- true } diff --git a/cmd/cmd_renew.go b/cmd/cmd_renew.go index 1d0a040796..1f9c081681 100644 --- a/cmd/cmd_renew.go +++ b/cmd/cmd_renew.go @@ -6,6 +6,7 @@ import ( "errors" "math/rand" "os" + "slices" "time" "github.com/go-acme/lego/v4/acme/api" @@ -20,7 +21,7 @@ import ( // Flag names. const ( flgDays = "days" - flgARIEnable = "ari-enable" + flgARIDisable = "ari-disable" flgARIWaitToRenewDuration = "ari-wait-to-renew-duration" flgReuseKey = "reuse-key" flgRenewHook = "renew-hook" @@ -61,8 +62,8 @@ func createRenew() *cli.Command { Usage: "The number of days left on a certificate to renew it.", }, &cli.BoolFlag{ - Name: flgARIEnable, - Usage: "Use the renewalInfo endpoint (draft-ietf-acme-ari) to check if a certificate should be renewed.", + Name: flgARIDisable, + Usage: "Do not use the renewalInfo endpoint (draft-ietf-acme-ari) to check if a certificate should be renewed.", }, &cli.DurationFlag{ Name: flgARIWaitToRenewDuration, @@ -151,16 +152,24 @@ func renewForDomains(ctx *cli.Context, client *lego.Client, certsStorage *Certif cert := certificates[0] var ariRenewalTime *time.Time - if ctx.Bool(flgARIEnable) { + var replacesCertID string + + if !ctx.Bool(flgARIDisable) { ariRenewalTime = getARIRenewalTime(ctx, cert, domain, client) if ariRenewalTime != nil { now := time.Now().UTC() + // Figure out if we need to sleep before renewing. if ariRenewalTime.After(now) { log.Infof("[%s] Sleeping %s until renewal time %s", domain, ariRenewalTime.Sub(now), ariRenewalTime) time.Sleep(ariRenewalTime.Sub(now)) } } + + replacesCertID, err = certificate.MakeARICertID(cert) + if err != nil { + log.Fatalf("Error while construction the ARI CertID for domain %s\n\t%v", domain, err) + } } if ariRenewalTime == nil && !needRenewal(cert, domain, ctx.Int(flgDays)) { @@ -209,11 +218,8 @@ func renewForDomains(ctx *cli.Context, client *lego.Client, certsStorage *Certif AlwaysDeactivateAuthorizations: ctx.Bool(flgAlwaysDeactivateAuthorizations), } - if ctx.Bool(flgARIEnable) { - request.ReplacesCertID, err = certificate.MakeARICertID(cert) - if err != nil { - log.Fatalf("Error while construction the ARI CertID for domain %s\n\t%v", domain, err) - } + if replacesCertID != "" { + request.ReplacesCertID = replacesCertID } certRes, err := client.Certificate.Obtain(request) @@ -250,16 +256,24 @@ func renewForCSR(ctx *cli.Context, client *lego.Client, certsStorage *Certificat cert := certificates[0] var ariRenewalTime *time.Time - if ctx.Bool(flgARIEnable) { + var replacesCertID string + + if !ctx.Bool(flgARIDisable) { ariRenewalTime = getARIRenewalTime(ctx, cert, domain, client) if ariRenewalTime != nil { now := time.Now().UTC() + // Figure out if we need to sleep before renewing. if ariRenewalTime.After(now) { log.Infof("[%s] Sleeping %s until renewal time %s", domain, ariRenewalTime.Sub(now), ariRenewalTime) time.Sleep(ariRenewalTime.Sub(now)) } } + + replacesCertID, err = certificate.MakeARICertID(cert) + if err != nil { + log.Fatalf("Error while construction the ARI CertID for domain %s\n\t%v", domain, err) + } } if ariRenewalTime == nil && !needRenewal(cert, domain, ctx.Int(flgDays)) { @@ -279,11 +293,8 @@ func renewForCSR(ctx *cli.Context, client *lego.Client, certsStorage *Certificat AlwaysDeactivateAuthorizations: ctx.Bool(flgAlwaysDeactivateAuthorizations), } - if ctx.Bool(flgARIEnable) { - request.ReplacesCertID, err = certificate.MakeARICertID(cert) - if err != nil { - log.Fatalf("Error while construction the ARI CertID for domain %s\n\t%v", domain, err) - } + if replacesCertID != "" { + request.ReplacesCertID = replacesCertID } certRes, err := client.Certificate.ObtainForCSR(request) @@ -367,16 +378,12 @@ func addPathToMetadata(meta map[string]string, domain string, certRes *certifica func merge(prevDomains, nextDomains []string) []string { for _, next := range nextDomains { - var found bool - for _, prev := range prevDomains { - if prev == next { - found = true - break - } - } - if !found { - prevDomains = append(prevDomains, next) + if slices.Contains(prevDomains, next) { + continue } + + prevDomains = append(prevDomains, next) } + return prevDomains } diff --git a/cmd/flags.go b/cmd/flags.go index e1f09bf46f..13eb879a5e 100644 --- a/cmd/flags.go +++ b/cmd/flags.go @@ -39,6 +39,7 @@ const ( flgDNSPropagationRNS = "dns.propagation-rns" flgDNSResolvers = "dns.resolvers" flgHTTPTimeout = "http-timeout" + flgTLSSkipVerify = "tls-skip-verify" flgDNSTimeout = "dns-timeout" flgPEM = "pem" flgPFX = "pfx" @@ -182,6 +183,10 @@ func CreateFlags(defaultPath string) []cli.Flag { Name: flgHTTPTimeout, Usage: "Set the HTTP timeout value to a specific value in seconds.", }, + &cli.BoolFlag{ + Name: flgTLSSkipVerify, + Usage: "Skip the TLS verification of the ACME server.", + }, &cli.IntFlag{ Name: flgDNSTimeout, Usage: "Set the DNS timeout value to a specific value in seconds. Used only when performing authoritative name server queries.", diff --git a/cmd/lego/main.go b/cmd/lego/main.go index de49869936..61a3d532a5 100644 --- a/cmd/lego/main.go +++ b/cmd/lego/main.go @@ -13,8 +13,6 @@ import ( "github.com/urfave/cli/v2" ) -var version = "dev" - func main() { app := cli.NewApp() app.Name = "lego" @@ -22,7 +20,7 @@ func main() { app.Usage = "Let's Encrypt client written in Go" app.EnableBashCompletion = true - app.Version = version + app.Version = getVersion() cli.VersionPrinter = func(c *cli.Context) { fmt.Printf("lego version %s %s/%s\n", c.App.Version, runtime.GOOS, runtime.GOARCH) } diff --git a/cmd/lego/zz_gen_version.go b/cmd/lego/zz_gen_version.go new file mode 100644 index 0000000000..6ff8eeb2b2 --- /dev/null +++ b/cmd/lego/zz_gen_version.go @@ -0,0 +1,15 @@ +// Code generated by 'internal/releaser'; DO NOT EDIT. + +package main + +const defaultVersion = "v4.20.2+dev-detach" + +var version = "" + +func getVersion() string { + if version == "" { + return defaultVersion + } + + return version +} diff --git a/cmd/setup.go b/cmd/setup.go index 84a1e36ea9..8f94bbbcd0 100644 --- a/cmd/setup.go +++ b/cmd/setup.go @@ -1,9 +1,11 @@ package cmd import ( + "crypto/tls" "crypto/x509" "encoding/pem" "fmt" + "net/http" "os" "strings" "time" @@ -48,6 +50,12 @@ func newClient(ctx *cli.Context, acc registration.User, keyType certcrypto.KeyTy config.HTTPClient.Timeout = time.Duration(ctx.Int(flgHTTPTimeout)) * time.Second } + if ctx.Bool(flgTLSSkipVerify) { + config.HTTPClient.Transport = &http.Transport{ + TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, + } + } + client, err := lego.NewClient(config) if err != nil { log.Fatalf("Could not create client: %v", err) diff --git a/cmd/setup_challenges.go b/cmd/setup_challenges.go index 2ec38198bf..0a59099a85 100644 --- a/cmd/setup_challenges.go +++ b/cmd/setup_challenges.go @@ -159,7 +159,7 @@ func setupDNS(ctx *cli.Context, client *lego.Client) error { func checkPropagationExclusiveOptions(ctx *cli.Context) error { if ctx.IsSet(flgDNSDisableCP) { - log.Println("The flag '%s' is deprecated use '%s' instead.", flgDNSDisableCP, flgDNSPropagationDisableANS) + log.Printf("The flag '%s' is deprecated use '%s' instead.", flgDNSDisableCP, flgDNSPropagationDisableANS) } if (isSetBool(ctx, flgDNSDisableCP) || isSetBool(ctx, flgDNSPropagationDisableANS)) && ctx.IsSet(flgDNSPropagationWait) { diff --git a/cmd/zz_gen_cmd_dnshelp.go b/cmd/zz_gen_cmd_dnshelp.go index 6516a78ee6..52eb0f11f7 100644 --- a/cmd/zz_gen_cmd_dnshelp.go +++ b/cmd/zz_gen_cmd_dnshelp.go @@ -34,6 +34,7 @@ func allDNSCodes() string { "cloudxns", "conoha", "constellix", + "corenetworks", "cpanel", "derak", "desec", @@ -115,6 +116,7 @@ func allDNSCodes() string { "porkbun", "rackspace", "rcodezero", + "regfish", "regru", "rfc2136", "rimuhosting", @@ -130,6 +132,7 @@ func allDNSCodes() string { "simply", "sonic", "stackpath", + "technitium", "tencentcloud", "timewebcloud", "transip", @@ -387,7 +390,7 @@ func displayDNSHelp(w io.Writer, name string) error { case "brandit": // generated from: providers/dns/brandit/brandit.toml - ew.writeln(`Configuration for Brandit.`) + ew.writeln(`Configuration for Brandit (deprecated).`) ew.writeln(`Code: 'brandit'`) ew.writeln(`Since: 'v4.11.0'`) ew.writeln() @@ -561,7 +564,7 @@ func displayDNSHelp(w io.Writer, name string) error { case "cloudxns": // generated from: providers/dns/cloudxns/cloudxns.toml - ew.writeln(`Configuration for CloudXNS.`) + ew.writeln(`Configuration for CloudXNS (Deprecated).`) ew.writeln(`Code: 'cloudxns'`) ew.writeln(`Since: 'v0.5.0'`) ew.writeln() @@ -624,6 +627,28 @@ func displayDNSHelp(w io.Writer, name string) error { ew.writeln() ew.writeln(`More information: https://go-acme.github.io/lego/dns/constellix`) + case "corenetworks": + // generated from: providers/dns/corenetworks/corenetworks.toml + ew.writeln(`Configuration for Core-Networks.`) + ew.writeln(`Code: 'corenetworks'`) + ew.writeln(`Since: 'v4.20.0'`) + ew.writeln() + + ew.writeln(`Credentials:`) + ew.writeln(` - "CORENETWORKS_LOGIN": The username of the API account`) + ew.writeln(` - "CORENETWORKS_PASSWORD": The password`) + ew.writeln() + + ew.writeln(`Additional Configuration:`) + ew.writeln(` - "CORENETWORKS_HTTP_TIMEOUT": API request timeout`) + ew.writeln(` - "CORENETWORKS_POLLING_INTERVAL": Time between DNS propagation check`) + ew.writeln(` - "CORENETWORKS_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + ew.writeln(` - "CORENETWORKS_SEQUENCE_INTERVAL": Time between sequential requests`) + ew.writeln(` - "CORENETWORKS_TTL": The TTL of the TXT record used for the DNS challenge`) + + ew.writeln() + ew.writeln(`More information: https://go-acme.github.io/lego/dns/corenetworks`) + case "cpanel": // generated from: providers/dns/cpanel/cpanel.toml ew.writeln(`Configuration for CPanel/WHM.`) @@ -2352,6 +2377,26 @@ func displayDNSHelp(w io.Writer, name string) error { ew.writeln() ew.writeln(`More information: https://go-acme.github.io/lego/dns/rcodezero`) + case "regfish": + // generated from: providers/dns/regfish/regfish.toml + ew.writeln(`Configuration for Regfish.`) + ew.writeln(`Code: 'regfish'`) + ew.writeln(`Since: 'v4.20.0'`) + ew.writeln() + + ew.writeln(`Credentials:`) + ew.writeln(` - "REGFISH_API_KEY": API key`) + ew.writeln() + + ew.writeln(`Additional Configuration:`) + ew.writeln(` - "REGFISH_HTTP_TIMEOUT": API request timeout`) + ew.writeln(` - "REGFISH_POLLING_INTERVAL": Time between DNS propagation check`) + ew.writeln(` - "REGFISH_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + ew.writeln(` - "REGFISH_TTL": The TTL of the TXT record used for the DNS challenge`) + + ew.writeln() + ew.writeln(`More information: https://go-acme.github.io/lego/dns/regfish`) + case "regru": // generated from: providers/dns/regru/regru.toml ew.writeln(`Configuration for reg.ru.`) @@ -2384,9 +2429,9 @@ func displayDNSHelp(w io.Writer, name string) error { ew.writeln(`Credentials:`) ew.writeln(` - "RFC2136_NAMESERVER": Network address in the form "host" or "host:port"`) - ew.writeln(` - "RFC2136_TSIG_ALGORITHM": TSIG algorithm. See [miekg/dns#tsig.go](https://github.com/miekg/dns/blob/master/tsig.go) for supported values. To disable TSIG authentication, leave the 'RFC2136_TSIG*' variables unset.`) - ew.writeln(` - "RFC2136_TSIG_KEY": Name of the secret key as defined in DNS server configuration. To disable TSIG authentication, leave the 'RFC2136_TSIG*' variables unset.`) - ew.writeln(` - "RFC2136_TSIG_SECRET": Secret key payload. To disable TSIG authentication, leave the' RFC2136_TSIG*' variables unset.`) + ew.writeln(` - "RFC2136_TSIG_ALGORITHM": TSIG algorithm. See [miekg/dns#tsig.go](https://github.com/miekg/dns/blob/master/tsig.go) for supported values. To disable TSIG authentication, leave the 'RFC2136_TSIG_KEY' or 'RFC2136_TSIG_SECRET' variables unset.`) + ew.writeln(` - "RFC2136_TSIG_KEY": Name of the secret key as defined in DNS server configuration. To disable TSIG authentication, leave the 'RFC2136_TSIG_KEY' variable unset.`) + ew.writeln(` - "RFC2136_TSIG_SECRET": Secret key payload. To disable TSIG authentication, leave the 'RFC2136_TSIG_SECRET' variable unset.`) ew.writeln() ew.writeln(`Additional Configuration:`) @@ -2394,6 +2439,7 @@ func displayDNSHelp(w io.Writer, name string) error { ew.writeln(` - "RFC2136_POLLING_INTERVAL": Time between DNS propagation check`) ew.writeln(` - "RFC2136_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) ew.writeln(` - "RFC2136_SEQUENCE_INTERVAL": Time between sequential requests`) + ew.writeln(` - "RFC2136_TSIG_FILE": Path to a key file generated by tsig-keygen`) ew.writeln(` - "RFC2136_TTL": The TTL of the TXT record used for the DNS challenge`) ew.writeln() @@ -2683,6 +2729,27 @@ func displayDNSHelp(w io.Writer, name string) error { ew.writeln() ew.writeln(`More information: https://go-acme.github.io/lego/dns/stackpath`) + case "technitium": + // generated from: providers/dns/technitium/technitium.toml + ew.writeln(`Configuration for Technitium.`) + ew.writeln(`Code: 'technitium'`) + ew.writeln(`Since: 'v4.20.0'`) + ew.writeln() + + ew.writeln(`Credentials:`) + ew.writeln(` - "TECHNITIUM_API_TOKEN": API token`) + ew.writeln(` - "TECHNITIUM_SERVER_BASE_URL": Server base URL`) + ew.writeln() + + ew.writeln(`Additional Configuration:`) + ew.writeln(` - "TECHNITIUM_HTTP_TIMEOUT": API request timeout`) + ew.writeln(` - "TECHNITIUM_POLLING_INTERVAL": Time between DNS propagation check`) + ew.writeln(` - "TECHNITIUM_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + ew.writeln(` - "TECHNITIUM_TTL": The TTL of the TXT record used for the DNS challenge`) + + ew.writeln() + ew.writeln(`More information: https://go-acme.github.io/lego/dns/technitium`) + case "tencentcloud": // generated from: providers/dns/tencentcloud/tencentcloud.toml ew.writeln(`Configuration for Tencent Cloud DNS.`) diff --git a/docs/content/dns/zz_gen_acme-dns.md b/docs/content/dns/zz_gen_acme-dns.md index 87c9de0db0..0d57146ffe 100644 --- a/docs/content/dns/zz_gen_acme-dns.md +++ b/docs/content/dns/zz_gen_acme-dns.md @@ -28,7 +28,7 @@ Here is an example bash command using the Joohoi's ACME-DNS provider: ```bash ACME_DNS_API_BASE=http://10.0.0.8:4443 \ ACME_DNS_STORAGE_PATH=/root/.lego-acme-dns-accounts.json \ -lego --email you@example.com --dns acme-dns --domains my.example.org run +lego --email you@example.com --dns "acme-dns" -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_alidns.md b/docs/content/dns/zz_gen_alidns.md index 4d4043e983..d822ecea60 100644 --- a/docs/content/dns/zz_gen_alidns.md +++ b/docs/content/dns/zz_gen_alidns.md @@ -28,13 +28,13 @@ Here is an example bash command using the Alibaba Cloud DNS provider: ```bash # Setup using instance RAM role ALICLOUD_RAM_ROLE=lego \ -lego --email you@example.com --dns alidns --domains my.example.org run +lego --email you@example.com --dns alidns -d '*.example.com' -d example.com run # Or, using credentials ALICLOUD_ACCESS_KEY=abcdefghijklmnopqrstuvwx \ ALICLOUD_SECRET_KEY=your-secret-key \ ALICLOUD_SECURITY_TOKEN=your-sts-token \ -lego --email you@example.com --dns alidns --domains my.example.org run +lego --email you@example.com --dns alidns - -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_allinkl.md b/docs/content/dns/zz_gen_allinkl.md index 997ef8b15d..08e354f871 100644 --- a/docs/content/dns/zz_gen_allinkl.md +++ b/docs/content/dns/zz_gen_allinkl.md @@ -28,7 +28,7 @@ Here is an example bash command using the all-inkl provider: ```bash ALL_INKL_LOGIN=xxxxxxxxxxxxxxxxxxxxxxxxxx \ ALL_INKL_PASSWORD=yyyyyyyyyyyyyyyyyyyyyyyyyy \ -lego --email you@example.com --dns allinkl --domains my.example.org run +lego --email you@example.com --dns allinkl -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_arvancloud.md b/docs/content/dns/zz_gen_arvancloud.md index 0d082364f2..ff03f22e17 100644 --- a/docs/content/dns/zz_gen_arvancloud.md +++ b/docs/content/dns/zz_gen_arvancloud.md @@ -27,7 +27,7 @@ Here is an example bash command using the ArvanCloud provider: ```bash ARVANCLOUD_API_KEY="Apikey xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" \ -lego --email you@example.com --dns arvancloud --domains my.example.org run +lego --email you@example.com --dns arvancloud -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_auroradns.md b/docs/content/dns/zz_gen_auroradns.md index 63c03af1ad..d3fa5a1dfd 100644 --- a/docs/content/dns/zz_gen_auroradns.md +++ b/docs/content/dns/zz_gen_auroradns.md @@ -28,7 +28,7 @@ Here is an example bash command using the Aurora DNS provider: ```bash AURORA_API_KEY=xxxxx \ AURORA_SECRET=yyyyyy \ -lego --email you@example.com --dns auroradns --domains my.example.org run +lego --email you@example.com --dns auroradns -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_autodns.md b/docs/content/dns/zz_gen_autodns.md index f95890e558..584f217700 100644 --- a/docs/content/dns/zz_gen_autodns.md +++ b/docs/content/dns/zz_gen_autodns.md @@ -28,7 +28,7 @@ Here is an example bash command using the Autodns provider: ```bash AUTODNS_API_USER=username \ AUTODNS_API_PASSWORD=supersecretpassword \ -lego --email you@example.com --dns autodns --domains my.example.org run +lego --email you@example.com --dns autodns -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_azuredns.md b/docs/content/dns/zz_gen_azuredns.md index e6355bdcee..4b762e6756 100644 --- a/docs/content/dns/zz_gen_azuredns.md +++ b/docs/content/dns/zz_gen_azuredns.md @@ -31,32 +31,32 @@ Here is an example bash command using the Azure DNS provider: AZURE_CLIENT_ID= \ AZURE_TENANT_ID= \ AZURE_CLIENT_SECRET= \ -lego --domains example.com --email your_example@email.com --dns azuredns run +lego --email you@example.com --dns azuredns -d '*.example.com' -d example.com run ### Using client certificate AZURE_CLIENT_ID= \ AZURE_TENANT_ID= \ AZURE_CLIENT_CERTIFICATE_PATH= \ -lego --domains example.com --email your_example@email.com --dns azuredns run +lego --email you@example.com --dns azuredns -d '*.example.com' -d example.com run ### Using Azure CLI az login \ -lego --domains example.com --email your_example@email.com --dns azuredns run +lego --email you@example.com --dns azuredns -d '*.example.com' -d example.com run ### Using Managed Identity (Azure VM) AZURE_TENANT_ID= \ AZURE_RESOURCE_GROUP= \ -lego --domains example.com --email your_example@email.com --dns azuredns run +lego --email you@example.com --dns azuredns -d '*.example.com' -d example.com run ### Using Managed Identity (Azure Arc) AZURE_TENANT_ID= \ IMDS_ENDPOINT=http://localhost:40342 \ IDENTITY_ENDPOINT=http://localhost:40342/metadata/identity/oauth2/token \ -lego --domains example.com --email your_example@email.com --dns azuredns run +lego --email you@example.com --dns azuredns -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_bindman.md b/docs/content/dns/zz_gen_bindman.md index 5c97eefd7b..c74273a7f4 100644 --- a/docs/content/dns/zz_gen_bindman.md +++ b/docs/content/dns/zz_gen_bindman.md @@ -27,7 +27,7 @@ Here is an example bash command using the Bindman provider: ```bash BINDMAN_MANAGER_ADDRESS= \ -lego --email you@example.com --dns bindman --domains my.example.org run +lego --email you@example.com --dns bindman -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_bluecat.md b/docs/content/dns/zz_gen_bluecat.md index b4909dc1cf..3b0ebf8989 100644 --- a/docs/content/dns/zz_gen_bluecat.md +++ b/docs/content/dns/zz_gen_bluecat.md @@ -32,7 +32,7 @@ BLUECAT_USER_NAME=myusername \ BLUECAT_CONFIG_NAME=myconfig \ BLUECAT_SERVER_URL=https://bam.example.com \ BLUECAT_TTL=30 \ -lego --email you@example.com --dns bluecat --domains my.example.org run +lego --email you@example.com --dns bluecat -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_brandit.md b/docs/content/dns/zz_gen_brandit.md index 8e8d234842..c2264f71c3 100644 --- a/docs/content/dns/zz_gen_brandit.md +++ b/docs/content/dns/zz_gen_brandit.md @@ -1,5 +1,5 @@ --- -title: "Brandit" +title: "Brandit (deprecated)" date: 2019-03-03T16:39:46+01:00 draft: false slug: brandit @@ -13,8 +13,11 @@ dnsprovider: +Brandit has been acquired by Abion. +Abion has a different API. + +If you are a Brandit/Albion user, you can try the PR https://github.com/go-acme/lego/pull/2112. -Configuration for [Brandit](https://www.brandit.com/). @@ -23,12 +26,12 @@ Configuration for [Brandit](https://www.brandit.com/). - Since: v4.11.0 -Here is an example bash command using the Brandit provider: +Here is an example bash command using the Brandit (deprecated) provider: ```bash BRANDIT_API_KEY=xxxxxxxxxxxxxxxxxxxxx \ BRANDIT_API_USERNAME=yyyyyyyyyyyyyyyyyyyy \ -lego --email myemail@example.com --dns brandit --domains my.example.org run +lego --email you@example.com --dns brandit -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_bunny.md b/docs/content/dns/zz_gen_bunny.md index 74fc22f090..f945b9153a 100644 --- a/docs/content/dns/zz_gen_bunny.md +++ b/docs/content/dns/zz_gen_bunny.md @@ -27,7 +27,7 @@ Here is an example bash command using the Bunny provider: ```bash BUNNY_API_KEY=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx \ -lego --email you@example.com --dns bunny --domains my.example.org run +lego --email you@example.com --dns bunny -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_checkdomain.md b/docs/content/dns/zz_gen_checkdomain.md index cefe485bab..694b8cc672 100644 --- a/docs/content/dns/zz_gen_checkdomain.md +++ b/docs/content/dns/zz_gen_checkdomain.md @@ -27,7 +27,7 @@ Here is an example bash command using the Checkdomain provider: ```bash CHECKDOMAIN_TOKEN=yoursecrettoken \ -lego --email you@example.com --dns checkdomain --domains my.example.org run +lego --email you@example.com --dns checkdomain -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_civo.md b/docs/content/dns/zz_gen_civo.md index ca9e73a8fd..73f04140d4 100644 --- a/docs/content/dns/zz_gen_civo.md +++ b/docs/content/dns/zz_gen_civo.md @@ -27,7 +27,7 @@ Here is an example bash command using the Civo provider: ```bash CIVO_TOKEN=xxxxxx \ -lego --email you@example.com --dns civo --domains my.example.org run +lego --email you@example.com --dns civo -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_clouddns.md b/docs/content/dns/zz_gen_clouddns.md index 2aff40c926..4754cebca7 100644 --- a/docs/content/dns/zz_gen_clouddns.md +++ b/docs/content/dns/zz_gen_clouddns.md @@ -29,7 +29,7 @@ Here is an example bash command using the CloudDNS provider: CLOUDDNS_CLIENT_ID=bLsdFAks23429841238feb177a572aX \ CLOUDDNS_EMAIL=you@example.com \ CLOUDDNS_PASSWORD=b9841238feb177a84330f \ -lego --email you@example.com --dns clouddns --domains my.example.org run +lego --email you@example.com --dns clouddns -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_cloudflare.md b/docs/content/dns/zz_gen_cloudflare.md index 7674a4fa9f..55fbaeae39 100644 --- a/docs/content/dns/zz_gen_cloudflare.md +++ b/docs/content/dns/zz_gen_cloudflare.md @@ -28,12 +28,12 @@ Here is an example bash command using the Cloudflare provider: ```bash CLOUDFLARE_EMAIL=you@example.com \ CLOUDFLARE_API_KEY=b9841238feb177a84330febba8a83208921177bffe733 \ -lego --email you@example.com --dns cloudflare --domains my.example.org run +lego --email you@example.com --dns cloudflare -d '*.example.com' -d example.com run # or CLOUDFLARE_DNS_API_TOKEN=1234567890abcdefghijklmnopqrstuvwxyz \ -lego --email you@example.com --dns cloudflare --domains my.example.org run +lego --email you@example.com --dns cloudflare -d '*.example.com' -d example.com run ``` @@ -98,12 +98,13 @@ Then pass the API token as `CF_DNS_API_TOKEN` to Lego. **Alternatively,** if you prefer a more strict set of privileges, you can split the access tokens: -* Create one with *Zone / Zone / Read* permissions and scope it to all your zones. +* Create one with *Zone / Zone / Read* permissions and scope it to all your zones or just the individual zone you need to edit. This is needed to resolve domain names to Zone IDs and can be shared among multiple Lego installations. Pass this API token as `CF_ZONE_API_TOKEN` to Lego. * Create another API token with *Zone / DNS / Edit* permissions and set the scope to the domains you want to manage with a single Lego installation. Pass this token as `CF_DNS_API_TOKEN` to Lego. * Repeat the previous step for each host you want to run Lego on. +* It is possible to use the same api token for both variables if it is given `Zone:Read` and `DNS:Edit` permission for the zone. This "paranoid" setup is mainly interesting for users who manage many zones/domains with a single Cloudflare account. It follows the principle of least privilege and limits the possible damage, should one of the hosts become compromised. diff --git a/docs/content/dns/zz_gen_cloudns.md b/docs/content/dns/zz_gen_cloudns.md index bdbc3c04ab..f063d835f3 100644 --- a/docs/content/dns/zz_gen_cloudns.md +++ b/docs/content/dns/zz_gen_cloudns.md @@ -28,7 +28,7 @@ Here is an example bash command using the ClouDNS provider: ```bash CLOUDNS_AUTH_ID=xxxx \ CLOUDNS_AUTH_PASSWORD=yyyy \ -lego --email you@example.com --dns cloudns --domains my.example.org run +lego --email you@example.com --dns cloudns -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_cloudru.md b/docs/content/dns/zz_gen_cloudru.md index b6076b27c6..b4cb9dcac4 100644 --- a/docs/content/dns/zz_gen_cloudru.md +++ b/docs/content/dns/zz_gen_cloudru.md @@ -29,7 +29,7 @@ Here is an example bash command using the Cloud.ru provider: CLOUDRU_SERVICE_INSTANCE_ID=ppp \ CLOUDRU_KEY_ID=xxx \ CLOUDRU_SECRET=yyy \ -lego --email you@example.com --dns cloudru --domains my.example.org run +lego --email you@example.com --dns cloudru -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_cloudxns.md b/docs/content/dns/zz_gen_cloudxns.md index 16c4543505..c63a773e1b 100644 --- a/docs/content/dns/zz_gen_cloudxns.md +++ b/docs/content/dns/zz_gen_cloudxns.md @@ -1,20 +1,20 @@ --- -title: "CloudXNS" +title: "CloudXNS (Deprecated)" date: 2019-03-03T16:39:46+01:00 draft: false slug: cloudxns dnsprovider: since: "v0.5.0" code: "cloudxns" - url: "https://www.cloudxns.net/" + url: "https://github.com/go-acme/lego/issues/2323" --- +The CloudXNS DNS provider has shut down. -Configuration for [CloudXNS](https://www.cloudxns.net/). @@ -23,12 +23,12 @@ Configuration for [CloudXNS](https://www.cloudxns.net/). - Since: v0.5.0 -Here is an example bash command using the CloudXNS provider: +Here is an example bash command using the CloudXNS (Deprecated) provider: ```bash CLOUDXNS_API_KEY=xxxx \ CLOUDXNS_SECRET_KEY=yyyy \ -lego --email you@example.com --dns cloudxns --domains my.example.org run +lego --email you@example.com --dns cloudxns -d '*.example.com' -d example.com run ``` @@ -60,9 +60,6 @@ More information [here]({{% ref "dns#configuration-and-credentials" %}}). -## More information - -- [API documentation](https://www.cloudxns.net/Public/Doc/CloudXNS_api2.0_doc_zh-cn.zip) diff --git a/docs/content/dns/zz_gen_conoha.md b/docs/content/dns/zz_gen_conoha.md index 772e86bb13..c5de0d20ee 100644 --- a/docs/content/dns/zz_gen_conoha.md +++ b/docs/content/dns/zz_gen_conoha.md @@ -29,7 +29,7 @@ Here is an example bash command using the ConoHa provider: CONOHA_TENANT_ID=487727e3921d44e3bfe7ebb337bf085e \ CONOHA_API_USERNAME=xxxx \ CONOHA_API_PASSWORD=yyyy \ -lego --email you@example.com --dns conoha --domains my.example.org run +lego --email you@example.com --dns conoha -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_constellix.md b/docs/content/dns/zz_gen_constellix.md index abaef10bb9..69040353d6 100644 --- a/docs/content/dns/zz_gen_constellix.md +++ b/docs/content/dns/zz_gen_constellix.md @@ -28,7 +28,7 @@ Here is an example bash command using the Constellix provider: ```bash CONSTELLIX_API_KEY=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx \ CONSTELLIX_SECRET_KEY=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx \ -lego --email you@example.com --dns constellix --domains my.example.org run +lego --email you@example.com --dns constellix -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_corenetworks.md b/docs/content/dns/zz_gen_corenetworks.md new file mode 100644 index 0000000000..0b61bbc778 --- /dev/null +++ b/docs/content/dns/zz_gen_corenetworks.md @@ -0,0 +1,70 @@ +--- +title: "Core-Networks" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: corenetworks +dnsprovider: + since: "v4.20.0" + code: "corenetworks" + url: "https://www.core-networks.de/" +--- + + + + + + +Configuration for [Core-Networks](https://www.core-networks.de/). + + + + +- Code: `corenetworks` +- Since: v4.20.0 + + +Here is an example bash command using the Core-Networks provider: + +```bash +CORENETWORKS_LOGIN="xxxx" \ +CORENETWORKS_PASSWORD="yyyy" \ +lego --email you@example.com --dns corenetworks -d '*.example.com' -d example.com run +``` + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `CORENETWORKS_LOGIN` | The username of the API account | +| `CORENETWORKS_PASSWORD` | The password | + +The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. +More information [here]({{% ref "dns#configuration-and-credentials" %}}). + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `CORENETWORKS_HTTP_TIMEOUT` | API request timeout | +| `CORENETWORKS_POLLING_INTERVAL` | Time between DNS propagation check | +| `CORENETWORKS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `CORENETWORKS_SEQUENCE_INTERVAL` | Time between sequential requests | +| `CORENETWORKS_TTL` | The TTL of the TXT record used for the DNS challenge | + +The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. +More information [here]({{% ref "dns#configuration-and-credentials" %}}). + + + + +## More information + +- [API documentation](https://beta.api.core-networks.de/doc/) + + + + diff --git a/docs/content/dns/zz_gen_cpanel.md b/docs/content/dns/zz_gen_cpanel.md index b8dd7a345b..9e939ca591 100644 --- a/docs/content/dns/zz_gen_cpanel.md +++ b/docs/content/dns/zz_gen_cpanel.md @@ -31,7 +31,7 @@ Here is an example bash command using the CPanel/WHM provider: CPANEL_USERNAME = "yyyy" CPANEL_TOKEN = "xxxx" CPANEL_BASE_URL = "https://example.com:2083" \ -lego --email you@example.com --dns cpanel --domains my.example.org run +lego --email you@example.com --dns cpanel -d '*.example.com' -d example.com run ## WHM @@ -39,7 +39,7 @@ CPANEL_MODE = whm CPANEL_USERNAME = "yyyy" CPANEL_TOKEN = "xxxx" CPANEL_BASE_URL = "https://example.com:2087" \ -lego --email you@example.com --dns cpanel --domains my.example.org run +lego --email you@example.com --dns cpanel -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_derak.md b/docs/content/dns/zz_gen_derak.md index 7584d12bdb..a5daf76dbc 100644 --- a/docs/content/dns/zz_gen_derak.md +++ b/docs/content/dns/zz_gen_derak.md @@ -27,7 +27,7 @@ Here is an example bash command using the Derak Cloud provider: ```bash DERAK_API_KEY="xxxxxxxxxxxxxxxxxxxxx" \ -lego --email myemail@example.com --dns derak --domains my.example.org run +lego --email you@example.com --dns derak -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_desec.md b/docs/content/dns/zz_gen_desec.md index 77b03947e7..45e5fabc66 100644 --- a/docs/content/dns/zz_gen_desec.md +++ b/docs/content/dns/zz_gen_desec.md @@ -27,7 +27,7 @@ Here is an example bash command using the deSEC.io provider: ```bash DESEC_TOKEN=x-xxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns desec --domains my.example.org run +lego --email you@example.com --dns desec -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_designate.md b/docs/content/dns/zz_gen_designate.md index 88ed001aa6..cbbdfa5577 100644 --- a/docs/content/dns/zz_gen_designate.md +++ b/docs/content/dns/zz_gen_designate.md @@ -28,7 +28,7 @@ Here is an example bash command using the Designate DNSaaS for Openstack provide ```bash # With a `clouds.yaml` OS_CLOUD=my_openstack \ -lego --email you@example.com --dns designate --domains my.example.org run +lego --email you@example.com --dns designate -d '*.example.com' -d example.com run # or @@ -37,7 +37,7 @@ OS_REGION_NAME=RegionOne \ OS_PROJECT_ID=23d4522a987d4ab529f722a007c27846 OS_USERNAME=myuser \ OS_PASSWORD=passw0rd \ -lego --email you@example.com --dns designate --domains my.example.org run +lego --email you@example.com --dns designate -d '*.example.com' -d example.com run # or @@ -46,7 +46,7 @@ OS_REGION_NAME=RegionOne \ OS_AUTH_TYPE=v3applicationcredential \ OS_APPLICATION_CREDENTIAL_ID=imn74uq0or7dyzz20dwo1ytls4me8dry \ OS_APPLICATION_CREDENTIAL_SECRET=68FuSPSdQqkFQYH5X1OoriEIJOwyLtQ8QSqXZOc9XxFK1A9tzZT6He2PfPw0OMja \ -lego --email you@example.com --dns designate --domains my.example.org run +lego --email you@example.com --dns designate -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_digitalocean.md b/docs/content/dns/zz_gen_digitalocean.md index 119c21186e..3bf57f59d2 100644 --- a/docs/content/dns/zz_gen_digitalocean.md +++ b/docs/content/dns/zz_gen_digitalocean.md @@ -27,7 +27,7 @@ Here is an example bash command using the Digital Ocean provider: ```bash DO_AUTH_TOKEN=xxxxxx \ -lego --email you@example.com --dns digitalocean --domains my.example.org run +lego --email you@example.com --dns digitalocean -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_directadmin.md b/docs/content/dns/zz_gen_directadmin.md index 27413791c4..252c69ccf8 100644 --- a/docs/content/dns/zz_gen_directadmin.md +++ b/docs/content/dns/zz_gen_directadmin.md @@ -29,7 +29,7 @@ Here is an example bash command using the DirectAdmin provider: DIRECTADMIN_API_URL="http://example.com:2222" \ DIRECTADMIN_USERNAME=xxxx \ DIRECTADMIN_PASSWORD=yyy \ -lego --email you@example.com --dns directadmin --domains my.example.org run +lego --email you@example.com --dns directadmin -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_dnshomede.md b/docs/content/dns/zz_gen_dnshomede.md index 466977443c..56825f38d8 100644 --- a/docs/content/dns/zz_gen_dnshomede.md +++ b/docs/content/dns/zz_gen_dnshomede.md @@ -26,11 +26,11 @@ Configuration for [dnsHome.de](https://www.dnshome.de). Here is an example bash command using the dnsHome.de provider: ```bash -DNSHOMEDE_CREDENTIALS=sub.example.org:password \ -lego --email you@example.com --dns dnshomede --domains example.org --domains '*.example.org' run +DNSHOMEDE_CREDENTIALS=example.org:password \ +lego --email you@example.com --dns dnshomede -d '*.example.com' -d example.com run DNSHOMEDE_CREDENTIALS=my.example.org:password1,demo.example.org:password2 \ -lego --email you@example.com --dns dnshomede --domains my.example.org --domains demo.example.org +lego --email you@example.com --dns dnshomede -d my.example.org -d demo.example.org ``` diff --git a/docs/content/dns/zz_gen_dnsimple.md b/docs/content/dns/zz_gen_dnsimple.md index 512f1cd57d..188d7c8958 100644 --- a/docs/content/dns/zz_gen_dnsimple.md +++ b/docs/content/dns/zz_gen_dnsimple.md @@ -27,7 +27,7 @@ Here is an example bash command using the DNSimple provider: ```bash DNSIMPLE_OAUTH_TOKEN=1234567890abcdefghijklmnopqrstuvwxyz \ -lego --email you@example.com --dns dnsimple --domains my.example.org run +lego --email you@example.com --dns dnsimple -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_dnsmadeeasy.md b/docs/content/dns/zz_gen_dnsmadeeasy.md index f25bd95cc7..d6f1cb56bf 100644 --- a/docs/content/dns/zz_gen_dnsmadeeasy.md +++ b/docs/content/dns/zz_gen_dnsmadeeasy.md @@ -28,7 +28,7 @@ Here is an example bash command using the DNS Made Easy provider: ```bash DNSMADEEASY_API_KEY=xxxxxx \ DNSMADEEASY_API_SECRET=yyyyy \ -lego --email you@example.com --dns dnsmadeeasy --domains my.example.org run +lego --email you@example.com --dns dnsmadeeasy -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_dnspod.md b/docs/content/dns/zz_gen_dnspod.md index db7421828e..2a654d640d 100644 --- a/docs/content/dns/zz_gen_dnspod.md +++ b/docs/content/dns/zz_gen_dnspod.md @@ -27,7 +27,7 @@ Here is an example bash command using the DNSPod (deprecated) provider: ```bash DNSPOD_API_KEY=xxxxxx \ -lego --email you@example.com --dns dnspod --domains my.example.org run +lego --email you@example.com --dns dnspod -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_dode.md b/docs/content/dns/zz_gen_dode.md index 5822f98307..b73fa70df6 100644 --- a/docs/content/dns/zz_gen_dode.md +++ b/docs/content/dns/zz_gen_dode.md @@ -27,7 +27,7 @@ Here is an example bash command using the Domain Offensive (do.de) provider: ```bash DODE_TOKEN=xxxxxx \ -lego --email you@example.com --dns dode --domains my.example.org run +lego --email you@example.com --dns dode -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_domeneshop.md b/docs/content/dns/zz_gen_domeneshop.md index b2c784a986..24a19a056b 100644 --- a/docs/content/dns/zz_gen_domeneshop.md +++ b/docs/content/dns/zz_gen_domeneshop.md @@ -28,7 +28,7 @@ Here is an example bash command using the Domeneshop provider: ```bash DOMENESHOP_API_TOKEN= \ DOMENESHOP_API_SECRET= \ -lego --email example@example.com --dns domeneshop --domains example.com run +lego --email example@example.com --dns domeneshop -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_dreamhost.md b/docs/content/dns/zz_gen_dreamhost.md index 0cc40bf90d..9d96639718 100644 --- a/docs/content/dns/zz_gen_dreamhost.md +++ b/docs/content/dns/zz_gen_dreamhost.md @@ -27,7 +27,7 @@ Here is an example bash command using the DreamHost provider: ```bash DREAMHOST_API_KEY="YOURAPIKEY" \ -lego --email you@example.com --dns dreamhost --domains my.example.org run +lego --email you@example.com --dns dreamhost -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_duckdns.md b/docs/content/dns/zz_gen_duckdns.md index de81007fb1..515097c772 100644 --- a/docs/content/dns/zz_gen_duckdns.md +++ b/docs/content/dns/zz_gen_duckdns.md @@ -27,7 +27,7 @@ Here is an example bash command using the Duck DNS provider: ```bash DUCKDNS_TOKEN=xxxxxx \ -lego --email you@example.com --dns duckdns --domains my.example.org run +lego --email you@example.com --dns duckdns -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_dyn.md b/docs/content/dns/zz_gen_dyn.md index 2a9f9d5d03..32f902394a 100644 --- a/docs/content/dns/zz_gen_dyn.md +++ b/docs/content/dns/zz_gen_dyn.md @@ -29,7 +29,7 @@ Here is an example bash command using the Dyn provider: DYN_CUSTOMER_NAME=xxxxxx \ DYN_USER_NAME=yyyyy \ DYN_PASSWORD=zzzz \ -lego --email you@example.com --dns dyn --domains my.example.org run +lego --email you@example.com --dns dyn -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_dynu.md b/docs/content/dns/zz_gen_dynu.md index ae7ef7fd8d..d59fa23f5a 100644 --- a/docs/content/dns/zz_gen_dynu.md +++ b/docs/content/dns/zz_gen_dynu.md @@ -27,7 +27,7 @@ Here is an example bash command using the Dynu provider: ```bash DYNU_API_KEY=1234567890abcdefghijklmnopqrstuvwxyz \ -lego --email you@example.com --dns dynu --domains my.example.org run +lego --email you@example.com --dns dynu -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_easydns.md b/docs/content/dns/zz_gen_easydns.md index a2f0797196..f4c44164c4 100644 --- a/docs/content/dns/zz_gen_easydns.md +++ b/docs/content/dns/zz_gen_easydns.md @@ -26,9 +26,9 @@ Configuration for [EasyDNS](https://easydns.com/). Here is an example bash command using the EasyDNS provider: ```bash -EASYDNS_TOKEN= \ -EASYDNS_KEY= \ -lego --email you@example.com --dns easydns --domains my.example.org run +EASYDNS_TOKEN=xxx \ +EASYDNS_KEY=yyy \ +lego --email you@example.com --dns easydns -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_edgedns.md b/docs/content/dns/zz_gen_edgedns.md index d063d08dcd..3ba5fffea4 100644 --- a/docs/content/dns/zz_gen_edgedns.md +++ b/docs/content/dns/zz_gen_edgedns.md @@ -30,7 +30,7 @@ AKAMAI_CLIENT_SECRET=abcdefghijklmnopqrstuvwxyz1234567890ABCDEFG= \ AKAMAI_CLIENT_TOKEN=akab-mnbvcxzlkjhgfdsapoiuytrewq1234567 \ AKAMAI_HOST=akab-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.luna.akamaiapis.net \ AKAMAI_ACCESS_TOKEN=akab-1234567890qwerty-asdfghjklzxcvtnu \ -lego --email you@example.com --dns edgedns --domains my.example.org run +lego --email you@example.com --dns edgedns -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_efficientip.md b/docs/content/dns/zz_gen_efficientip.md index b139fffcd6..cfdfb9bba7 100644 --- a/docs/content/dns/zz_gen_efficientip.md +++ b/docs/content/dns/zz_gen_efficientip.md @@ -30,7 +30,7 @@ EFFICIENTIP_USERNAME="user" \ EFFICIENTIP_PASSWORD="secret" \ EFFICIENTIP_HOSTNAME="ipam.example.org" \ EFFICIENTIP_DNS_NAME="dns.smart" \ -lego --email you@example.com --dns efficientip --domains my.example.org run +lego --email you@example.com --dns efficientip -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_epik.md b/docs/content/dns/zz_gen_epik.md index a065a17784..861efb640c 100644 --- a/docs/content/dns/zz_gen_epik.md +++ b/docs/content/dns/zz_gen_epik.md @@ -27,7 +27,7 @@ Here is an example bash command using the Epik provider: ```bash EPIK_SIGNATURE=xxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns epik --domains my.example.org run +lego --email you@example.com --dns epik -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_exec.md b/docs/content/dns/zz_gen_exec.md index 1d44bfcea2..f2f5f9619f 100644 --- a/docs/content/dns/zz_gen_exec.md +++ b/docs/content/dns/zz_gen_exec.md @@ -26,7 +26,7 @@ Here is an example bash command using the External program provider: ```bash EXEC_PATH=/the/path/to/myscript.sh \ -lego --email you@example.com --dns exec --domains my.example.org run +lego --email you@example.com --dns exec -d '*.example.com' -d example.com run ``` @@ -61,9 +61,7 @@ For example, requesting a certificate for the domain 'my.example.org' can be ach ```bash EXEC_PATH=./update-dns.sh \ - lego --email you@example.com \ - --dns exec \ - --domains my.example.org run +lego --email you@example.com --dns exec --d my.example.org run ``` It will then call the program './update-dns.sh' with like this: @@ -83,9 +81,7 @@ If you want to use the raw domain, token, and keyAuth values with your program, ```bash EXEC_MODE=RAW \ EXEC_PATH=./update-dns.sh \ - lego --email you@example.com \ - --dns exec \ - --domains my.example.org run +lego --email you@example.com --dns exec -d my.example.org run ``` It will then call the program `./update-dns.sh` like this: diff --git a/docs/content/dns/zz_gen_exoscale.md b/docs/content/dns/zz_gen_exoscale.md index 73815d8609..ffd3da1e4c 100644 --- a/docs/content/dns/zz_gen_exoscale.md +++ b/docs/content/dns/zz_gen_exoscale.md @@ -28,7 +28,7 @@ Here is an example bash command using the Exoscale provider: ```bash EXOSCALE_API_KEY=abcdefghijklmnopqrstuvwx \ EXOSCALE_API_SECRET=xxxxxxx \ -lego --email you@example.com --dns exoscale --domains my.example.org run +lego --email you@example.com --dns exoscale -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_freemyip.md b/docs/content/dns/zz_gen_freemyip.md index e36f404e7e..421361205b 100644 --- a/docs/content/dns/zz_gen_freemyip.md +++ b/docs/content/dns/zz_gen_freemyip.md @@ -27,7 +27,7 @@ Here is an example bash command using the freemyip.com provider: ```bash FREEMYIP_TOKEN=xxxxxx \ -lego --email you@example.com --dns freemyip --domains my.example.org run +lego --email you@example.com --dns freemyip -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_gandi.md b/docs/content/dns/zz_gen_gandi.md index 92c0cf975a..fa7ae6fe00 100644 --- a/docs/content/dns/zz_gen_gandi.md +++ b/docs/content/dns/zz_gen_gandi.md @@ -27,7 +27,7 @@ Here is an example bash command using the Gandi provider: ```bash GANDI_API_KEY=abcdefghijklmnopqrstuvwx \ -lego --email you@example.com --dns gandi --domains my.example.org run +lego --email you@example.com --dns gandi -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_gandiv5.md b/docs/content/dns/zz_gen_gandiv5.md index 66208718a9..c3f0e2d206 100644 --- a/docs/content/dns/zz_gen_gandiv5.md +++ b/docs/content/dns/zz_gen_gandiv5.md @@ -27,7 +27,7 @@ Here is an example bash command using the Gandi Live DNS (v5) provider: ```bash GANDIV5_PERSONAL_ACCESS_TOKEN=abcdefghijklmnopqrstuvwx \ -lego --email you@example.com --dns gandiv5 --domains my.example.org run +lego --email you@example.com --dns gandiv5 -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_gcloud.md b/docs/content/dns/zz_gen_gcloud.md index 00cefdd455..556bffe3df 100644 --- a/docs/content/dns/zz_gen_gcloud.md +++ b/docs/content/dns/zz_gen_gcloud.md @@ -26,12 +26,9 @@ Configuration for [Google Cloud](https://cloud.google.com). Here is an example bash command using the Google Cloud provider: ```bash -GCE_PROJECT="gc-project-id" GCE_SERVICE_ACCOUNT_FILE="/path/to/svc/account/file.json" lego \ - --email="abc@email.com" \ - --domains="example.com" \ - --dns="gcloud" \ - --path="${HOME}/.lego" \ - run +GCE_PROJECT="gc-project-id" \ +GCE_SERVICE_ACCOUNT_FILE="/path/to/svc/account/file.json" \ +lego --email you@email.com --dns gcloud -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_gcore.md b/docs/content/dns/zz_gen_gcore.md index ed1c12850f..7dbb3cec8b 100644 --- a/docs/content/dns/zz_gen_gcore.md +++ b/docs/content/dns/zz_gen_gcore.md @@ -27,7 +27,7 @@ Here is an example bash command using the G-Core provider: ```bash GCORE_PERMANENT_API_TOKEN=xxxxx \ -lego --email you@example.com --dns gcore --domains my.example.org run +lego --email you@example.com --dns gcore -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_glesys.md b/docs/content/dns/zz_gen_glesys.md index 314379b8c3..e49209d85d 100644 --- a/docs/content/dns/zz_gen_glesys.md +++ b/docs/content/dns/zz_gen_glesys.md @@ -28,7 +28,7 @@ Here is an example bash command using the Glesys provider: ```bash GLESYS_API_USER=xxxxx \ GLESYS_API_KEY=yyyyy \ -lego --email you@example.com --dns glesys --domains my.example.org run +lego --email you@example.com --dns glesys -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_godaddy.md b/docs/content/dns/zz_gen_godaddy.md index c04a43c185..9852a00d05 100644 --- a/docs/content/dns/zz_gen_godaddy.md +++ b/docs/content/dns/zz_gen_godaddy.md @@ -28,7 +28,7 @@ Here is an example bash command using the Go Daddy provider: ```bash GODADDY_API_KEY=xxxxxxxx \ GODADDY_API_SECRET=yyyyyyyy \ -lego --email you@example.com --dns godaddy --domains my.example.org run +lego --email you@example.com --dns godaddy -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_googledomains.md b/docs/content/dns/zz_gen_googledomains.md index bcff44b3f4..a7ccb031eb 100644 --- a/docs/content/dns/zz_gen_googledomains.md +++ b/docs/content/dns/zz_gen_googledomains.md @@ -27,7 +27,7 @@ Here is an example bash command using the Google Domains provider: ```bash GOOGLE_DOMAINS_ACCESS_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns googledomains --domains my.example.org run +lego --email you@example.com --dns googledomains -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_hetzner.md b/docs/content/dns/zz_gen_hetzner.md index 55cd3d42e0..1e28e44453 100644 --- a/docs/content/dns/zz_gen_hetzner.md +++ b/docs/content/dns/zz_gen_hetzner.md @@ -27,7 +27,7 @@ Here is an example bash command using the Hetzner provider: ```bash HETZNER_API_KEY=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx \ -lego --email you@example.com --dns hetzner --domains my.example.org run +lego --email you@example.com --dns hetzner -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_hostingde.md b/docs/content/dns/zz_gen_hostingde.md index bd7ef88c88..b2e575c4c5 100644 --- a/docs/content/dns/zz_gen_hostingde.md +++ b/docs/content/dns/zz_gen_hostingde.md @@ -27,7 +27,7 @@ Here is an example bash command using the Hosting.de provider: ```bash HOSTINGDE_API_KEY=xxxxxxxx \ -lego --email you@example.com --dns hostingde --domains my.example.org run +lego --email you@example.com --dns hostingde -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_hosttech.md b/docs/content/dns/zz_gen_hosttech.md index 3d23847c49..e2881c4fad 100644 --- a/docs/content/dns/zz_gen_hosttech.md +++ b/docs/content/dns/zz_gen_hosttech.md @@ -27,7 +27,7 @@ Here is an example bash command using the Hosttech provider: ```bash HOSTTECH_API_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns hosttech --domains my.example.org run +lego --email you@example.com --dns hosttech -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_httpnet.md b/docs/content/dns/zz_gen_httpnet.md index f128c5a249..8e333992f0 100644 --- a/docs/content/dns/zz_gen_httpnet.md +++ b/docs/content/dns/zz_gen_httpnet.md @@ -27,7 +27,7 @@ Here is an example bash command using the http.net provider: ```bash HTTPNET_API_KEY=xxxxxxxx \ -lego --email you@example.com --dns httpnet --domains my.example.org run +lego --email you@example.com --dns httpnet -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_httpreq.md b/docs/content/dns/zz_gen_httpreq.md index c39ff99072..81a761d4c6 100644 --- a/docs/content/dns/zz_gen_httpreq.md +++ b/docs/content/dns/zz_gen_httpreq.md @@ -27,7 +27,7 @@ Here is an example bash command using the HTTP request provider: ```bash HTTPREQ_ENDPOINT=http://my.server.com:9090 \ -lego --email you@example.com --dns httpreq --domains my.example.org run +lego --email you@example.com --dns httpreq -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_huaweicloud.md b/docs/content/dns/zz_gen_huaweicloud.md index 0b466cb269..d5911eff6a 100644 --- a/docs/content/dns/zz_gen_huaweicloud.md +++ b/docs/content/dns/zz_gen_huaweicloud.md @@ -29,7 +29,7 @@ Here is an example bash command using the Huawei Cloud provider: HUAWEICLOUD_ACCESS_KEY_ID=your-access-key-id \ HUAWEICLOUD_SECRET_ACCESS_KEY=your-secret-access-key \ HUAWEICLOUD_REGION=cn-south-1 \ -lego --email you@example.com --dns huaweicloud --domains my.example.org run +lego --email you@example.com --dns huaweicloud -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_hurricane.md b/docs/content/dns/zz_gen_hurricane.md index a5cf2b015d..385e6501b6 100644 --- a/docs/content/dns/zz_gen_hurricane.md +++ b/docs/content/dns/zz_gen_hurricane.md @@ -27,10 +27,10 @@ Here is an example bash command using the Hurricane Electric DNS provider: ```bash HURRICANE_TOKENS=example.org:token \ -lego --email you@example.com --dns hurricane --domains example.org --domains '*.example.org' run +lego --email you@example.com --dns hurricane -d '*.example.com' -d example.com run HURRICANE_TOKENS=my.example.org:token1,demo.example.org:token2 \ -lego --email you@example.com --dns hurricane --domains my.example.org --domains demo.example.org +lego --email you@example.com --dns hurricane -d my.example.org -d demo.example.org ``` diff --git a/docs/content/dns/zz_gen_hyperone.md b/docs/content/dns/zz_gen_hyperone.md index e7331d5039..b533de5d56 100644 --- a/docs/content/dns/zz_gen_hyperone.md +++ b/docs/content/dns/zz_gen_hyperone.md @@ -26,7 +26,7 @@ Configuration for [HyperOne](https://www.hyperone.com). Here is an example bash command using the HyperOne provider: ```bash -lego --email you@example.com --dns hyperone --domains my.example.org run +lego --email you@example.com --dns hyperone -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_ibmcloud.md b/docs/content/dns/zz_gen_ibmcloud.md index 6d11eccd91..365377d2b5 100644 --- a/docs/content/dns/zz_gen_ibmcloud.md +++ b/docs/content/dns/zz_gen_ibmcloud.md @@ -28,7 +28,7 @@ Here is an example bash command using the IBM Cloud (SoftLayer) provider: ```bash SOFTLAYER_USERNAME=xxxxx \ SOFTLAYER_API_KEY=yyyyy \ -lego --email you@example.com --dns ibmcloud --domains my.example.org run +lego --email you@example.com --dns ibmcloud -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_iij.md b/docs/content/dns/zz_gen_iij.md index 7390eafed6..b5e458db29 100644 --- a/docs/content/dns/zz_gen_iij.md +++ b/docs/content/dns/zz_gen_iij.md @@ -29,7 +29,7 @@ Here is an example bash command using the Internet Initiative Japan provider: IIJ_API_ACCESS_KEY=xxxxxxxx \ IIJ_API_SECRET_KEY=yyyyyy \ IIJ_DO_SERVICE_CODE=zzzzzz \ -lego --email you@example.com --dns iij --domains my.example.org run +lego --email you@example.com --dns iij -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_iijdpf.md b/docs/content/dns/zz_gen_iijdpf.md index 326408ac4f..b9635ac06d 100644 --- a/docs/content/dns/zz_gen_iijdpf.md +++ b/docs/content/dns/zz_gen_iijdpf.md @@ -28,7 +28,7 @@ Here is an example bash command using the IIJ DNS Platform Service provider: ```bash IIJ_DPF_API_TOKEN=xxxxxxxx \ IIJ_DPF_DPM_SERVICE_CODE=yyyyyy \ -lego --email you@example.com --dns iijdpf --domains my.example.org run +lego --email you@example.com --dns iijdpf -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_infoblox.md b/docs/content/dns/zz_gen_infoblox.md index 58b6efd360..ba7af48559 100644 --- a/docs/content/dns/zz_gen_infoblox.md +++ b/docs/content/dns/zz_gen_infoblox.md @@ -29,7 +29,7 @@ Here is an example bash command using the Infoblox provider: INFOBLOX_USERNAME=api-user-529 \ INFOBLOX_PASSWORD=b9841238feb177a84330febba8a83208921177bffe733 \ INFOBLOX_HOST=infoblox.example.org -lego --email you@example.com --dns infoblox --domains my.example.org run +lego --email you@example.com --dns infoblox -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_infomaniak.md b/docs/content/dns/zz_gen_infomaniak.md index 35d3d30bfa..4b737d4af8 100644 --- a/docs/content/dns/zz_gen_infomaniak.md +++ b/docs/content/dns/zz_gen_infomaniak.md @@ -27,7 +27,7 @@ Here is an example bash command using the Infomaniak provider: ```bash INFOMANIAK_ACCESS_TOKEN=1234567898765432 \ -lego --email you@example.com --dns infomaniak --domains my.example.org run +lego --email you@example.com --dns infomaniak -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_internetbs.md b/docs/content/dns/zz_gen_internetbs.md index eb86aff589..3725bcb077 100644 --- a/docs/content/dns/zz_gen_internetbs.md +++ b/docs/content/dns/zz_gen_internetbs.md @@ -28,7 +28,7 @@ Here is an example bash command using the Internet.bs provider: ```bash INTERNET_BS_API_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxx \ INTERNET_BS_PASSWORD=yyyyyyyyyyyyyyyyyyyyyyyyyy \ -lego --email you@example.com --dns internetbs --domains my.example.org run +lego --email you@example.com --dns internetbs -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_inwx.md b/docs/content/dns/zz_gen_inwx.md index 1fcbebbc64..b51d58c07f 100644 --- a/docs/content/dns/zz_gen_inwx.md +++ b/docs/content/dns/zz_gen_inwx.md @@ -28,13 +28,13 @@ Here is an example bash command using the INWX provider: ```bash INWX_USERNAME=xxxxxxxxxx \ INWX_PASSWORD=yyyyyyyyyy \ -lego --email you@example.com --dns inwx --domains my.example.org run +lego --email you@example.com --dns inwx -d '*.example.com' -d example.com run # 2FA INWX_USERNAME=xxxxxxxxxx \ INWX_PASSWORD=yyyyyyyyyy \ INWX_SHARED_SECRET=zzzzzzzzzz \ -lego --email you@example.com --dns inwx --domains my.example.org run +lego --email you@example.com --dns inwx -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_ionos.md b/docs/content/dns/zz_gen_ionos.md index 490c806dc5..54d694da05 100644 --- a/docs/content/dns/zz_gen_ionos.md +++ b/docs/content/dns/zz_gen_ionos.md @@ -27,7 +27,7 @@ Here is an example bash command using the Ionos provider: ```bash IONOS_API_KEY=xxxxxxxx \ -lego --email you@example.com --dns ionos --domains my.example.org run +lego --email you@example.com --dns ionos -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_ipv64.md b/docs/content/dns/zz_gen_ipv64.md index fe28bb490f..6d7bcd24c1 100644 --- a/docs/content/dns/zz_gen_ipv64.md +++ b/docs/content/dns/zz_gen_ipv64.md @@ -27,7 +27,7 @@ Here is an example bash command using the IPv64 provider: ```bash IPV64_API_KEY=xxxxxx \ -lego --email you@example.com --dns ipv64 --domains my.example.org run +lego --email you@example.com --dns ipv64 -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_iwantmyname.md b/docs/content/dns/zz_gen_iwantmyname.md index 72e316cfd2..8146a36ed8 100644 --- a/docs/content/dns/zz_gen_iwantmyname.md +++ b/docs/content/dns/zz_gen_iwantmyname.md @@ -28,7 +28,7 @@ Here is an example bash command using the iwantmyname provider: ```bash IWANTMYNAME_USERNAME=xxxxxxxx \ IWANTMYNAME_PASSWORD=xxxxxxxx \ -lego --email you@example.com --dns iwantmyname --domains my.example.org run +lego --email you@example.com --dns iwantmyname -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_joker.md b/docs/content/dns/zz_gen_joker.md index c50bf08dbe..2c0a6eafcf 100644 --- a/docs/content/dns/zz_gen_joker.md +++ b/docs/content/dns/zz_gen_joker.md @@ -30,17 +30,17 @@ Here is an example bash command using the Joker provider: JOKER_API_MODE=SVC \ JOKER_USERNAME= \ JOKER_PASSWORD= \ -lego --email you@example.com --dns joker --domains my.example.org run +lego --email you@example.com --dns joker -d '*.example.com' -d example.com run # DMAPI JOKER_API_MODE=DMAPI \ JOKER_USERNAME= \ JOKER_PASSWORD= \ -lego --email you@example.com --dns joker --domains my.example.org run +lego --email you@example.com --dns joker -d '*.example.com' -d example.com run ## or JOKER_API_MODE=DMAPI \ JOKER_API_KEY= \ -lego --email you@example.com --dns joker --domains my.example.org run +lego --email you@example.com --dns joker -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_liara.md b/docs/content/dns/zz_gen_liara.md index 44ccb39e30..23bde4d799 100644 --- a/docs/content/dns/zz_gen_liara.md +++ b/docs/content/dns/zz_gen_liara.md @@ -27,7 +27,7 @@ Here is an example bash command using the Liara provider: ```bash LIARA_API_KEY="xxxxxxxxxxxxxxxxxxxxx" \ -lego --email myemail@example.com --dns liara --domains my.example.org run +lego --email you@example.com --dns liara -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_limacity.md b/docs/content/dns/zz_gen_limacity.md index 80e7390c84..fdaae55e6e 100644 --- a/docs/content/dns/zz_gen_limacity.md +++ b/docs/content/dns/zz_gen_limacity.md @@ -27,7 +27,7 @@ Here is an example bash command using the Lima-City provider: ```bash LIMACITY_API_KEY="xxxxxxxxxxxxxxxxxxxxx" \ -lego --email myemail@example.com --dns limacity --domains my.example.org run +lego --email you@example.com --dns limacity -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_linode.md b/docs/content/dns/zz_gen_linode.md index 52ee8a4f9e..8b97123b20 100644 --- a/docs/content/dns/zz_gen_linode.md +++ b/docs/content/dns/zz_gen_linode.md @@ -27,7 +27,7 @@ Here is an example bash command using the Linode (v4) provider: ```bash LINODE_TOKEN=xxxxx \ -lego --email you@example.com --dns linode --domains my.example.org run +lego --email you@example.com --dns linode -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_liquidweb.md b/docs/content/dns/zz_gen_liquidweb.md index 0c1d86abbb..511ba9c927 100644 --- a/docs/content/dns/zz_gen_liquidweb.md +++ b/docs/content/dns/zz_gen_liquidweb.md @@ -28,7 +28,7 @@ Here is an example bash command using the Liquid Web provider: ```bash LWAPI_USERNAME=someuser \ LWAPI_PASSWORD=somepass \ -lego --email you@example.com --dns liquidweb --domains my.example.org run +lego --email you@example.com --dns liquidweb -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_loopia.md b/docs/content/dns/zz_gen_loopia.md index 25a3e79498..79827d325f 100644 --- a/docs/content/dns/zz_gen_loopia.md +++ b/docs/content/dns/zz_gen_loopia.md @@ -28,7 +28,7 @@ Here is an example bash command using the Loopia provider: ```bash LOOPIA_API_USER=xxxxxxxx \ LOOPIA_API_PASSWORD=yyyyyyyy \ -lego --email my@email.com --dns loopia --domains my.domain.com run +lego --email you@example.com --dns loopia -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_luadns.md b/docs/content/dns/zz_gen_luadns.md index 15a77f67e5..2a6a02dd98 100644 --- a/docs/content/dns/zz_gen_luadns.md +++ b/docs/content/dns/zz_gen_luadns.md @@ -28,7 +28,7 @@ Here is an example bash command using the LuaDNS provider: ```bash LUADNS_API_USERNAME=youremail \ LUADNS_API_TOKEN=xxxxxxxx \ -lego --email you@example.com --dns luadns --domains my.example.org run +lego --email you@example.com --dns luadns -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_mailinabox.md b/docs/content/dns/zz_gen_mailinabox.md index 9c507c27cb..f3269620fc 100644 --- a/docs/content/dns/zz_gen_mailinabox.md +++ b/docs/content/dns/zz_gen_mailinabox.md @@ -29,7 +29,7 @@ Here is an example bash command using the Mail-in-a-Box provider: MAILINABOX_EMAIL=user@example.com \ MAILINABOX_PASSWORD=yyyy \ MAILINABOX_BASE_URL=https://box.example.com \ -lego --email you@example.com --dns mailinabox --domains my.example.org run +lego --email you@example.com --dns mailinabox -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_metaname.md b/docs/content/dns/zz_gen_metaname.md index 7930669886..ea794d4e57 100644 --- a/docs/content/dns/zz_gen_metaname.md +++ b/docs/content/dns/zz_gen_metaname.md @@ -28,7 +28,7 @@ Here is an example bash command using the Metaname provider: ```bash METANAME_ACCOUNT_REFERENCE=xxxx \ METANAME_API_KEY=yyyyyyy \ -lego --email you@example.com --dns metaname --domains my.example.org run +lego --email you@example.com --dns metaname -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_mijnhost.md b/docs/content/dns/zz_gen_mijnhost.md index cd1dc720d5..65c1d953df 100644 --- a/docs/content/dns/zz_gen_mijnhost.md +++ b/docs/content/dns/zz_gen_mijnhost.md @@ -27,7 +27,7 @@ Here is an example bash command using the mijn.host provider: ```bash MIJNHOST_API_KEY="xxxxxxxxxxxxxxxxxxxxx" \ -lego --email myemail@example.com --dns mijnhost --domains my.example.org run +lego --email you@example.com --dns mijnhost -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_mittwald.md b/docs/content/dns/zz_gen_mittwald.md index 39daa494dc..c1edfe0845 100644 --- a/docs/content/dns/zz_gen_mittwald.md +++ b/docs/content/dns/zz_gen_mittwald.md @@ -27,7 +27,7 @@ Here is an example bash command using the Mittwald provider: ```bash MITTWALD_TOKEN=my-token \ -lego --email you@example.com --dns mittwald --domains my.example.org run +lego --email you@example.com --dns mittwald -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_mydnsjp.md b/docs/content/dns/zz_gen_mydnsjp.md index 641da1408d..4fc899bf03 100644 --- a/docs/content/dns/zz_gen_mydnsjp.md +++ b/docs/content/dns/zz_gen_mydnsjp.md @@ -28,7 +28,7 @@ Here is an example bash command using the MyDNS.jp provider: ```bash MYDNSJP_MASTER_ID=xxxxx \ MYDNSJP_PASSWORD=xxxxx \ -lego --email you@example.com --dns mydnsjp --domains my.example.org run +lego --email you@example.com --dns mydnsjp -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_mythicbeasts.md b/docs/content/dns/zz_gen_mythicbeasts.md index d7f752b931..86e2ae5fd2 100644 --- a/docs/content/dns/zz_gen_mythicbeasts.md +++ b/docs/content/dns/zz_gen_mythicbeasts.md @@ -28,7 +28,7 @@ Here is an example bash command using the MythicBeasts provider: ```bash MYTHICBEASTS_USERNAME=myuser \ MYTHICBEASTS_PASSWORD=mypass \ -lego --email you@example.com --dns mythicbeasts --domains my.example.org run +lego --email you@example.com --dns mythicbeasts -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_namecheap.md b/docs/content/dns/zz_gen_namecheap.md index c42c72ec1a..850a9ef8b0 100644 --- a/docs/content/dns/zz_gen_namecheap.md +++ b/docs/content/dns/zz_gen_namecheap.md @@ -33,7 +33,7 @@ Here is an example bash command using the Namecheap provider: ```bash NAMECHEAP_API_USER=user \ NAMECHEAP_API_KEY=key \ -lego --email you@example.com --dns namecheap --domains my.example.org run +lego --email you@example.com --dns namecheap -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_namedotcom.md b/docs/content/dns/zz_gen_namedotcom.md index 387002a353..df4c945592 100644 --- a/docs/content/dns/zz_gen_namedotcom.md +++ b/docs/content/dns/zz_gen_namedotcom.md @@ -28,7 +28,7 @@ Here is an example bash command using the Name.com provider: ```bash NAMECOM_USERNAME=foo.bar \ NAMECOM_API_TOKEN=a379a6f6eeafb9a55e378c118034e2751e682fab \ -lego --email you@example.com --dns namedotcom --domains my.example.org run +lego --email you@example.com --dns namedotcom -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_namesilo.md b/docs/content/dns/zz_gen_namesilo.md index 205109dfc8..1b69a35242 100644 --- a/docs/content/dns/zz_gen_namesilo.md +++ b/docs/content/dns/zz_gen_namesilo.md @@ -27,7 +27,7 @@ Here is an example bash command using the Namesilo provider: ```bash NAMESILO_API_KEY=b9841238feb177a84330febba8a83208921177bffe733 \ -lego --email you@example.com --dns namesilo --domains my.example.org run +lego --email you@example.com --dns namesilo -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_nearlyfreespeech.md b/docs/content/dns/zz_gen_nearlyfreespeech.md index 5816cd971d..1649fd34c0 100644 --- a/docs/content/dns/zz_gen_nearlyfreespeech.md +++ b/docs/content/dns/zz_gen_nearlyfreespeech.md @@ -28,7 +28,7 @@ Here is an example bash command using the NearlyFreeSpeech.NET provider: ```bash NEARLYFREESPEECH_API_KEY=xxxxxx \ NEARLYFREESPEECH_LOGIN=xxxx \ -lego --email you@example.com --dns nearlyfreespeech --domains my.example.org run +lego --email you@example.com --dns nearlyfreespeech -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_netcup.md b/docs/content/dns/zz_gen_netcup.md index e78a85b120..e1973c8140 100644 --- a/docs/content/dns/zz_gen_netcup.md +++ b/docs/content/dns/zz_gen_netcup.md @@ -29,7 +29,7 @@ Here is an example bash command using the Netcup provider: NETCUP_CUSTOMER_NUMBER=xxxx \ NETCUP_API_KEY=yyyy \ NETCUP_API_PASSWORD=zzzz \ -lego --email you@example.com --dns netcup --domains my.example.org run +lego --email you@example.com --dns netcup -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_netlify.md b/docs/content/dns/zz_gen_netlify.md index faaea4a2ea..ad41146dc8 100644 --- a/docs/content/dns/zz_gen_netlify.md +++ b/docs/content/dns/zz_gen_netlify.md @@ -27,7 +27,7 @@ Here is an example bash command using the Netlify provider: ```bash NETLIFY_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns netlify --domains my.example.org run +lego --email you@example.com --dns netlify -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_nicmanager.md b/docs/content/dns/zz_gen_nicmanager.md index 8f65466649..1ae8806cc1 100644 --- a/docs/content/dns/zz_gen_nicmanager.md +++ b/docs/content/dns/zz_gen_nicmanager.md @@ -34,7 +34,7 @@ NICMANAGER_API_PASSWORD = "password" \ # Optionally, if your account has TOTP enabled, set the secret here NICMANAGER_API_OTP = "long-secret" \ -lego --email you@example.com --dns nicmanager --domains my.example.org run +lego --email you@example.com --dns nicmanager -d '*.example.com' -d example.com run ## Login using account name + username @@ -45,7 +45,7 @@ NICMANAGER_API_PASSWORD = "password" \ # Optionally, if your account has TOTP enabled, set the secret here NICMANAGER_API_OTP = "long-secret" \ -lego --email you@example.com --dns nicmanager --domains my.example.org run +lego --email you@example.com --dns nicmanager -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_nifcloud.md b/docs/content/dns/zz_gen_nifcloud.md index 44866e2068..bd5d25321d 100644 --- a/docs/content/dns/zz_gen_nifcloud.md +++ b/docs/content/dns/zz_gen_nifcloud.md @@ -28,7 +28,7 @@ Here is an example bash command using the NIFCloud provider: ```bash NIFCLOUD_ACCESS_KEY_ID=xxxx \ NIFCLOUD_SECRET_ACCESS_KEY=yyyy \ -lego --email you@example.com --dns nifcloud --domains my.example.org run +lego --email you@example.com --dns nifcloud -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_njalla.md b/docs/content/dns/zz_gen_njalla.md index 767ece6849..f846cf1e89 100644 --- a/docs/content/dns/zz_gen_njalla.md +++ b/docs/content/dns/zz_gen_njalla.md @@ -27,7 +27,7 @@ Here is an example bash command using the Njalla provider: ```bash NJALLA_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns njalla --domains my.example.org run +lego --email you@example.com --dns njalla -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_nodion.md b/docs/content/dns/zz_gen_nodion.md index 4fc0c95858..fc1f820f83 100644 --- a/docs/content/dns/zz_gen_nodion.md +++ b/docs/content/dns/zz_gen_nodion.md @@ -27,7 +27,7 @@ Here is an example bash command using the Nodion provider: ```bash NODION_API_TOKEN="xxxxxxxxxxxxxxxxxxxxx" \ -lego --email myemail@example.com --dns nodion --domains my.example.org run +lego --email you@example.com --dns nodion -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_ns1.md b/docs/content/dns/zz_gen_ns1.md index f12efd4cc1..9e4c906ada 100644 --- a/docs/content/dns/zz_gen_ns1.md +++ b/docs/content/dns/zz_gen_ns1.md @@ -27,7 +27,7 @@ Here is an example bash command using the NS1 provider: ```bash NS1_API_KEY=xxxx \ -lego --email you@example.com --dns ns1 --domains my.example.org run +lego --email you@example.com --dns ns1 -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_oraclecloud.md b/docs/content/dns/zz_gen_oraclecloud.md index 348eba64ad..1b6647ce5e 100644 --- a/docs/content/dns/zz_gen_oraclecloud.md +++ b/docs/content/dns/zz_gen_oraclecloud.md @@ -33,7 +33,7 @@ OCI_USER_OCID="ocid1.user.oc1..secret" \ OCI_PUBKEY_FINGERPRINT="00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" \ OCI_REGION="us-phoenix-1" \ OCI_COMPARTMENT_OCID="ocid1.tenancy.oc1..secret" \ -lego --email you@example.com --dns oraclecloud --domains my.example.org run +lego --email you@example.com --dns oraclecloud -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_ovh.md b/docs/content/dns/zz_gen_ovh.md index 71345cf5cb..fad507cbdb 100644 --- a/docs/content/dns/zz_gen_ovh.md +++ b/docs/content/dns/zz_gen_ovh.md @@ -32,20 +32,20 @@ OVH_APPLICATION_KEY=1234567898765432 \ OVH_APPLICATION_SECRET=b9841238feb177a84330febba8a832089 \ OVH_CONSUMER_KEY=256vfsd347245sdfg \ OVH_ENDPOINT=ovh-eu \ -lego --email you@example.com --dns ovh --domains my.example.org run +lego --email you@example.com --dns ovh -d '*.example.com' -d example.com run # Or Access Token: OVH_ACCESS_TOKEN=xxx \ OVH_ENDPOINT=ovh-eu \ -lego --email you@example.com --dns ovh --domains my.example.org run +lego --email you@example.com --dns ovh -d '*.example.com' -d example.com run # Or OAuth2: OVH_CLIENT_ID=yyy \ OVH_CLIENT_SECRET=xxx \ OVH_ENDPOINT=ovh-eu \ -lego --email you@example.com --dns ovh --domains my.example.org run +lego --email you@example.com --dns ovh -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_pdns.md b/docs/content/dns/zz_gen_pdns.md index 9d684774e7..31870fbc0e 100644 --- a/docs/content/dns/zz_gen_pdns.md +++ b/docs/content/dns/zz_gen_pdns.md @@ -28,7 +28,7 @@ Here is an example bash command using the PowerDNS provider: ```bash PDNS_API_URL=http://pdns-server:80/ \ PDNS_API_KEY=xxxx \ -lego --email you@example.com --dns pdns --domains my.example.org run +lego --email you@example.com --dns pdns -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_plesk.md b/docs/content/dns/zz_gen_plesk.md index 4ffb286aca..5c9d060cff 100644 --- a/docs/content/dns/zz_gen_plesk.md +++ b/docs/content/dns/zz_gen_plesk.md @@ -29,7 +29,7 @@ Here is an example bash command using the plesk.com provider: PLESK_SERVER_BASE_URL="https://plesk.myserver.com:8443" \ PLESK_USERNAME=xxxxxx \ PLESK_PASSWORD=yyyyyy \ -lego --email you@example.com --dns plesk --domains my.example.org run +lego --email you@example.com --dns plesk -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_porkbun.md b/docs/content/dns/zz_gen_porkbun.md index b671604532..5e96e239ea 100644 --- a/docs/content/dns/zz_gen_porkbun.md +++ b/docs/content/dns/zz_gen_porkbun.md @@ -28,7 +28,7 @@ Here is an example bash command using the Porkbun provider: ```bash PORKBUN_SECRET_API_KEY=xxxxxx \ PORKBUN_API_KEY=yyyyyy \ -lego --email you@example.com --dns porkbun --domains my.example.org run +lego --email you@example.com --dns porkbun -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_rackspace.md b/docs/content/dns/zz_gen_rackspace.md index 7a7d6ba221..bbdd8cbfb5 100644 --- a/docs/content/dns/zz_gen_rackspace.md +++ b/docs/content/dns/zz_gen_rackspace.md @@ -28,7 +28,7 @@ Here is an example bash command using the Rackspace provider: ```bash RACKSPACE_USER=xxxx \ RACKSPACE_API_KEY=yyyy \ -lego --email you@example.com --dns rackspace --domains my.example.org run +lego --email you@example.com --dns rackspace -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_rcodezero.md b/docs/content/dns/zz_gen_rcodezero.md index 552d3bc68d..8677de7644 100644 --- a/docs/content/dns/zz_gen_rcodezero.md +++ b/docs/content/dns/zz_gen_rcodezero.md @@ -27,7 +27,7 @@ Here is an example bash command using the RcodeZero provider: ```bash RCODEZERO_API_TOKEN= \ -lego --email you@example.com --dns rcodezero --domains my.example.org run +lego --email you@example.com --dns rcodezero -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_regfish.md b/docs/content/dns/zz_gen_regfish.md new file mode 100644 index 0000000000..f5310db538 --- /dev/null +++ b/docs/content/dns/zz_gen_regfish.md @@ -0,0 +1,68 @@ +--- +title: "Regfish" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: regfish +dnsprovider: + since: "v4.20.0" + code: "regfish" + url: "https://regfish.de/" +--- + + + + + + +Configuration for [Regfish](https://regfish.de/). + + + + +- Code: `regfish` +- Since: v4.20.0 + + +Here is an example bash command using the Regfish provider: + +```bash +REGFISH_API_KEY="xxxxxxxxxxxxxxxxxxxxx" \ +lego --email you@example.com --dns regfish -d '*.example.com' -d example.com run +``` + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `REGFISH_API_KEY` | API key | + +The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. +More information [here]({{% ref "dns#configuration-and-credentials" %}}). + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `REGFISH_HTTP_TIMEOUT` | API request timeout | +| `REGFISH_POLLING_INTERVAL` | Time between DNS propagation check | +| `REGFISH_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `REGFISH_TTL` | The TTL of the TXT record used for the DNS challenge | + +The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. +More information [here]({{% ref "dns#configuration-and-credentials" %}}). + + + + +## More information + +- [API documentation](https://regfish.readme.io/) +- [Go client](https://github.com/regfish/regfish-dnsapi-go) + + + + diff --git a/docs/content/dns/zz_gen_regru.md b/docs/content/dns/zz_gen_regru.md index a7afb2fae8..8c6bea662e 100644 --- a/docs/content/dns/zz_gen_regru.md +++ b/docs/content/dns/zz_gen_regru.md @@ -28,7 +28,7 @@ Here is an example bash command using the reg.ru provider: ```bash REGRU_USERNAME=xxxxxx \ REGRU_PASSWORD=yyyyyy \ -lego --email you@example.com --dns regru --domains my.example.org run +lego --email you@example.com --dns regru -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_rfc2136.md b/docs/content/dns/zz_gen_rfc2136.md index ad2b1b276e..ad52005d4e 100644 --- a/docs/content/dns/zz_gen_rfc2136.md +++ b/docs/content/dns/zz_gen_rfc2136.md @@ -27,20 +27,18 @@ Here is an example bash command using the RFC2136 provider: ```bash RFC2136_NAMESERVER=127.0.0.1 \ -RFC2136_TSIG_KEY=lego \ +RFC2136_TSIG_KEY=example.com \ RFC2136_TSIG_ALGORITHM=hmac-sha256. \ RFC2136_TSIG_SECRET=YWJjZGVmZGdoaWprbG1ub3BxcnN0dXZ3eHl6MTIzNDU= \ -lego --email you@example.com --dns rfc2136 --domains my.example.org run +lego --email you@example.com --dns rfc2136 -d '*.example.com' -d example.com run ## --- -keyname=lego; keyfile=lego.key; tsig-keygen $keyname > $keyfile +keyname=example.com; keyfile=example.com.key; tsig-keygen $keyname > $keyfile RFC2136_NAMESERVER=127.0.0.1 \ -RFC2136_TSIG_KEY="$keyname" \ -RFC2136_TSIG_ALGORITHM="$( awk -F'[ ";]' '/algorithm/ { print $2 }' $keyfile )." \ -RFC2136_TSIG_SECRET="$( awk -F'[ ";]' '/secret/ { print $3 }' $keyfile )" \ -lego --email you@example.com --dns rfc2136 --domains my.example.org run +RFC2136_TSIG_FILE="$keyfile" \ +lego --email you@example.com --dns rfc2136 -d '*.example.com' -d example.com run ``` @@ -51,9 +49,9 @@ lego --email you@example.com --dns rfc2136 --domains my.example.org run | Environment Variable Name | Description | |-----------------------|-------------| | `RFC2136_NAMESERVER` | Network address in the form "host" or "host:port" | -| `RFC2136_TSIG_ALGORITHM` | TSIG algorithm. See [miekg/dns#tsig.go](https://github.com/miekg/dns/blob/master/tsig.go) for supported values. To disable TSIG authentication, leave the `RFC2136_TSIG*` variables unset. | -| `RFC2136_TSIG_KEY` | Name of the secret key as defined in DNS server configuration. To disable TSIG authentication, leave the `RFC2136_TSIG*` variables unset. | -| `RFC2136_TSIG_SECRET` | Secret key payload. To disable TSIG authentication, leave the` RFC2136_TSIG*` variables unset. | +| `RFC2136_TSIG_ALGORITHM` | TSIG algorithm. See [miekg/dns#tsig.go](https://github.com/miekg/dns/blob/master/tsig.go) for supported values. To disable TSIG authentication, leave the `RFC2136_TSIG_KEY` or `RFC2136_TSIG_SECRET` variables unset. | +| `RFC2136_TSIG_KEY` | Name of the secret key as defined in DNS server configuration. To disable TSIG authentication, leave the `RFC2136_TSIG_KEY` variable unset. | +| `RFC2136_TSIG_SECRET` | Secret key payload. To disable TSIG authentication, leave the `RFC2136_TSIG_SECRET` variable unset. | The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. More information [here]({{% ref "dns#configuration-and-credentials" %}}). @@ -67,6 +65,7 @@ More information [here]({{% ref "dns#configuration-and-credentials" %}}). | `RFC2136_POLLING_INTERVAL` | Time between DNS propagation check | | `RFC2136_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | | `RFC2136_SEQUENCE_INTERVAL` | Time between sequential requests | +| `RFC2136_TSIG_FILE` | Path to a key file generated by tsig-keygen | | `RFC2136_TTL` | The TTL of the TXT record used for the DNS challenge | The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. diff --git a/docs/content/dns/zz_gen_rimuhosting.md b/docs/content/dns/zz_gen_rimuhosting.md index 41f8800440..46687484c0 100644 --- a/docs/content/dns/zz_gen_rimuhosting.md +++ b/docs/content/dns/zz_gen_rimuhosting.md @@ -27,7 +27,7 @@ Here is an example bash command using the RimuHosting provider: ```bash RIMUHOSTING_API_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns rimuhosting --domains my.example.org run +lego --email you@example.com --dns rimuhosting -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_route53.md b/docs/content/dns/zz_gen_route53.md index 1f530ecaec..cd18a5c1dd 100644 --- a/docs/content/dns/zz_gen_route53.md +++ b/docs/content/dns/zz_gen_route53.md @@ -30,7 +30,7 @@ AWS_ACCESS_KEY_ID=your_key_id \ AWS_SECRET_ACCESS_KEY=your_secret_access_key \ AWS_REGION=aws-region \ AWS_HOSTED_ZONE_ID=your_hosted_zone_id \ -lego --domains example.com --email your_example@email.com --dns route53 --accept-tos=true run +lego --email you@example.com --dns route53 -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_safedns.md b/docs/content/dns/zz_gen_safedns.md index 97f5a2c626..c6d4cd7452 100644 --- a/docs/content/dns/zz_gen_safedns.md +++ b/docs/content/dns/zz_gen_safedns.md @@ -27,7 +27,7 @@ Here is an example bash command using the UKFast SafeDNS provider: ```bash SAFEDNS_AUTH_TOKEN=xxxxxx \ -lego --email you@example.com --dns safedns --domains my.example.org run +lego --email you@example.com --dns safedns -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_sakuracloud.md b/docs/content/dns/zz_gen_sakuracloud.md index 33fa2104ad..e0af53acfb 100644 --- a/docs/content/dns/zz_gen_sakuracloud.md +++ b/docs/content/dns/zz_gen_sakuracloud.md @@ -28,7 +28,7 @@ Here is an example bash command using the Sakura Cloud provider: ```bash SAKURACLOUD_ACCESS_TOKEN=xxxxx \ SAKURACLOUD_ACCESS_TOKEN_SECRET=yyyyy \ -lego --email you@example.com --dns sakuracloud --domains my.example.org run +lego --email you@example.com --dns sakuracloud -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_scaleway.md b/docs/content/dns/zz_gen_scaleway.md index bed1b7dd1c..111d18a42e 100644 --- a/docs/content/dns/zz_gen_scaleway.md +++ b/docs/content/dns/zz_gen_scaleway.md @@ -27,7 +27,7 @@ Here is an example bash command using the Scaleway provider: ```bash SCW_SECRET_KEY=xxxxxxx-xxxxx-xxxx-xxx-xxxxxx \ -lego --email you@example.com --dns scaleway --domains my.example.org run +lego --email you@example.com --dns scaleway -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_selectel.md b/docs/content/dns/zz_gen_selectel.md index 76e0c7be31..00e5b5bad7 100644 --- a/docs/content/dns/zz_gen_selectel.md +++ b/docs/content/dns/zz_gen_selectel.md @@ -27,7 +27,7 @@ Here is an example bash command using the Selectel provider: ```bash SELECTEL_API_TOKEN=xxxxx \ -lego --email you@example.com --dns selectel --domains my.example.org run +lego --email you@example.com --dns selectel -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_selectelv2.md b/docs/content/dns/zz_gen_selectelv2.md index dba55a44fe..bb09241aa5 100644 --- a/docs/content/dns/zz_gen_selectelv2.md +++ b/docs/content/dns/zz_gen_selectelv2.md @@ -26,11 +26,11 @@ Configuration for [Selectel v2](https://selectel.ru). Here is an example bash command using the Selectel v2 provider: ```bash -SELECTEL_USERNAME=trex \ -SELECTEL_PASSWORD=xxxxx \ -SELECTEL_ACCOUNT_ID=1234567 \ -SELECTEL_PROJECT_ID=111a11111aaa11aa1a11aaa11111aa1a \ -lego --email you@example.com --dns selectelv2 --domains my.example.org run +SELECTELV2_USERNAME=trex \ +SELECTELV2_PASSWORD=xxxxx \ +SELECTELV2_ACCOUNT_ID=1234567 \ +SELECTELV2_PROJECT_ID=111a11111aaa11aa1a11aaa11111aa1a \ +lego --email you@example.com --dns selectelv2 -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_selfhostde.md b/docs/content/dns/zz_gen_selfhostde.md index a7c3996519..81abe85c11 100644 --- a/docs/content/dns/zz_gen_selfhostde.md +++ b/docs/content/dns/zz_gen_selfhostde.md @@ -29,7 +29,7 @@ Here is an example bash command using the SelfHost.(de|eu) provider: SELFHOSTDE_USERNAME=xxx \ SELFHOSTDE_PASSWORD=yyy \ SELFHOSTDE_RECORDS_MAPPING=my.example.com:123 \ -lego --email you@example.com --dns selfhostde --domains my.example.org run +lego --email you@example.com --dns selfhostde -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_servercow.md b/docs/content/dns/zz_gen_servercow.md index ec67e2714f..ce47077df6 100644 --- a/docs/content/dns/zz_gen_servercow.md +++ b/docs/content/dns/zz_gen_servercow.md @@ -28,7 +28,7 @@ Here is an example bash command using the Servercow provider: ```bash SERVERCOW_USERNAME=xxxxxxxx \ SERVERCOW_PASSWORD=xxxxxxxx \ -lego --email you@example.com --dns servercow --domains my.example.org run +lego --email you@example.com --dns servercow -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_shellrent.md b/docs/content/dns/zz_gen_shellrent.md index fa8a6bcf82..1719e07c96 100644 --- a/docs/content/dns/zz_gen_shellrent.md +++ b/docs/content/dns/zz_gen_shellrent.md @@ -28,7 +28,7 @@ Here is an example bash command using the Shellrent provider: ```bash SHELLRENT_USERNAME=xxxx \ SHELLRENT_TOKEN=yyyy \ -lego --email you@example.com --dns shellrent --domains my.example.org run +lego --email you@example.com --dns shellrent -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_simply.md b/docs/content/dns/zz_gen_simply.md index b00db0b44c..1603ee53fd 100644 --- a/docs/content/dns/zz_gen_simply.md +++ b/docs/content/dns/zz_gen_simply.md @@ -28,7 +28,7 @@ Here is an example bash command using the Simply.com provider: ```bash SIMPLY_ACCOUNT_NAME=xxxxxx \ SIMPLY_API_KEY=yyyyyy \ -lego --email you@example.com --dns simply --domains my.example.org run +lego --email you@example.com --dns simply -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_sonic.md b/docs/content/dns/zz_gen_sonic.md index d850a566b3..2adb435a90 100644 --- a/docs/content/dns/zz_gen_sonic.md +++ b/docs/content/dns/zz_gen_sonic.md @@ -28,7 +28,7 @@ Here is an example bash command using the Sonic provider: ```bash SONIC_USER_ID=12345 \ SONIC_API_KEY=4d6fbf2f9ab0fa11697470918d37625851fc0c51 \ -lego --email you@example.com --dns sonic --domains my.example.org run +lego --email you@example.com --dns sonic -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_stackpath.md b/docs/content/dns/zz_gen_stackpath.md index c84843b114..cbafa42891 100644 --- a/docs/content/dns/zz_gen_stackpath.md +++ b/docs/content/dns/zz_gen_stackpath.md @@ -29,7 +29,7 @@ Here is an example bash command using the Stackpath provider: STACKPATH_CLIENT_ID=xxxxx \ STACKPATH_CLIENT_SECRET=yyyyy \ STACKPATH_STACK_ID=zzzzz \ -lego --email you@example.com --dns stackpath --domains my.example.org run +lego --email you@example.com --dns stackpath -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_technitium.md b/docs/content/dns/zz_gen_technitium.md new file mode 100644 index 0000000000..ecfa204ce4 --- /dev/null +++ b/docs/content/dns/zz_gen_technitium.md @@ -0,0 +1,74 @@ +--- +title: "Technitium" +date: 2019-03-03T16:39:46+01:00 +draft: false +slug: technitium +dnsprovider: + since: "v4.20.0" + code: "technitium" + url: "https://technitium.com/" +--- + + + + + + +Configuration for [Technitium](https://technitium.com/). + + + + +- Code: `technitium` +- Since: v4.20.0 + + +Here is an example bash command using the Technitium provider: + +```bash +TECHNITIUM_SERVER_BASE_URL="https://localhost:5380" \ +TECHNITIUM_API_TOKEN="xxxxxxxxxxxxxxxxxxxxx" \ +lego --email you@example.com --dns technitium -d '*.example.com' -d example.com run +``` + + + + +## Credentials + +| Environment Variable Name | Description | +|-----------------------|-------------| +| `TECHNITIUM_API_TOKEN` | API token | +| `TECHNITIUM_SERVER_BASE_URL` | Server base URL | + +The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. +More information [here]({{% ref "dns#configuration-and-credentials" %}}). + + +## Additional Configuration + +| Environment Variable Name | Description | +|--------------------------------|-------------| +| `TECHNITIUM_HTTP_TIMEOUT` | API request timeout | +| `TECHNITIUM_POLLING_INTERVAL` | Time between DNS propagation check | +| `TECHNITIUM_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `TECHNITIUM_TTL` | The TTL of the TXT record used for the DNS challenge | + +The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. +More information [here]({{% ref "dns#configuration-and-credentials" %}}). + +Technitium DNS Server supports Dynamic Updates (RFC2136) for primary zones, +so you can also use the [RFC2136 provider](https://go-acme.github.io/lego/dns/rfc2136/index.html). + +[RFC2136 provider](https://go-acme.github.io/lego/dns/rfc2136/index.html) is much better compared to the HTTP API option from security perspective. +Technitium recommends to use it in production over the HTTP API. + + + +## More information + +- [API documentation](https://github.com/TechnitiumSoftware/DnsServer/blob/0f83d23e605956b66ac76921199e241d9cc061bd/APIDOCS.md) + + + + diff --git a/docs/content/dns/zz_gen_tencentcloud.md b/docs/content/dns/zz_gen_tencentcloud.md index 17093768ec..bc93c225ed 100644 --- a/docs/content/dns/zz_gen_tencentcloud.md +++ b/docs/content/dns/zz_gen_tencentcloud.md @@ -28,7 +28,7 @@ Here is an example bash command using the Tencent Cloud DNS provider: ```bash TENCENTCLOUD_SECRET_ID=abcdefghijklmnopqrstuvwx \ TENCENTCLOUD_SECRET_KEY=your-secret-key \ -lego --email you@example.com --dns tencentcloud --domains my.example.org run +lego --email you@example.com --dns tencentcloud -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_timewebcloud.md b/docs/content/dns/zz_gen_timewebcloud.md index cbf3db3d8f..e933043a4e 100644 --- a/docs/content/dns/zz_gen_timewebcloud.md +++ b/docs/content/dns/zz_gen_timewebcloud.md @@ -27,7 +27,7 @@ Here is an example bash command using the Timeweb Cloud provider: ```bash TIMEWEBCLOUD_AUTH_TOKEN=xxxxxx \ -lego --email you@example.com --dns timewebcloud --domains my.example.org run +lego --email you@example.com --dns timewebcloud -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_transip.md b/docs/content/dns/zz_gen_transip.md index 263d90bdb8..64db62dc6f 100644 --- a/docs/content/dns/zz_gen_transip.md +++ b/docs/content/dns/zz_gen_transip.md @@ -28,7 +28,7 @@ Here is an example bash command using the TransIP provider: ```bash TRANSIP_ACCOUNT_NAME = "Account name" \ TRANSIP_PRIVATE_KEY_PATH = "transip.key" \ -lego --email you@example.com --dns transip --domains my.example.org run +lego --email you@example.com --dns transip -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_ultradns.md b/docs/content/dns/zz_gen_ultradns.md index 45aa9b3974..36a233ae2e 100644 --- a/docs/content/dns/zz_gen_ultradns.md +++ b/docs/content/dns/zz_gen_ultradns.md @@ -28,7 +28,7 @@ Here is an example bash command using the Ultradns provider: ```bash ULTRADNS_USERNAME=username \ ULTRADNS_PASSWORD=password \ -lego --email you@example.com --dns ultradns --domains my.example.org run +lego --email you@example.com --dns ultradns -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_variomedia.md b/docs/content/dns/zz_gen_variomedia.md index 93e6b29099..5fc6dfea69 100644 --- a/docs/content/dns/zz_gen_variomedia.md +++ b/docs/content/dns/zz_gen_variomedia.md @@ -27,7 +27,7 @@ Here is an example bash command using the Variomedia provider: ```bash VARIOMEDIA_API_TOKEN=xxxx \ -lego --email you@example.com --dns variomedia --domains my.example.org run +lego --email you@example.com --dns variomedia -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_vercel.md b/docs/content/dns/zz_gen_vercel.md index e71c77167b..e092b4fff4 100644 --- a/docs/content/dns/zz_gen_vercel.md +++ b/docs/content/dns/zz_gen_vercel.md @@ -27,7 +27,7 @@ Here is an example bash command using the Vercel provider: ```bash VERCEL_API_TOKEN=xxxxxx \ -lego --email you@example.com --dns vercel --domains my.example.org run +lego --email you@example.com --dns vercel -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_versio.md b/docs/content/dns/zz_gen_versio.md index c12c625283..3941605c43 100644 --- a/docs/content/dns/zz_gen_versio.md +++ b/docs/content/dns/zz_gen_versio.md @@ -28,7 +28,7 @@ Here is an example bash command using the Versio.[nl|eu|uk] provider: ```bash VERSIO_USERNAME= \ VERSIO_PASSWORD= \ -lego --email you@example.com --dns versio --domains my.example.org run +lego --email you@example.com --dns versio -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_vinyldns.md b/docs/content/dns/zz_gen_vinyldns.md index 682043c467..92e0138dd0 100644 --- a/docs/content/dns/zz_gen_vinyldns.md +++ b/docs/content/dns/zz_gen_vinyldns.md @@ -29,7 +29,7 @@ Here is an example bash command using the VinylDNS provider: VINYLDNS_ACCESS_KEY=xxxxxx \ VINYLDNS_SECRET_KEY=yyyyy \ VINYLDNS_HOST=https://api.vinyldns.example.org:9443 \ -lego --email you@example.com --dns vinyldns --domains my.example.org run +lego --email you@example.com --dns vinyldns -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_vkcloud.md b/docs/content/dns/zz_gen_vkcloud.md index b6a9c79e7f..d3c33e9c27 100644 --- a/docs/content/dns/zz_gen_vkcloud.md +++ b/docs/content/dns/zz_gen_vkcloud.md @@ -29,7 +29,7 @@ Here is an example bash command using the VK Cloud provider: VK_CLOUD_PROJECT_ID="" \ VK_CLOUD_USERNAME="" \ VK_CLOUD_PASSWORD="" \ -lego --email you@example.com --dns vkcloud --domains "example.org" --domains "*.example.org" run +lego --email you@example.com --dns vkcloud -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_volcengine.md b/docs/content/dns/zz_gen_volcengine.md index abe10e9a76..a1eb5d4ece 100644 --- a/docs/content/dns/zz_gen_volcengine.md +++ b/docs/content/dns/zz_gen_volcengine.md @@ -28,7 +28,7 @@ Here is an example bash command using the Volcano Engine/火山引擎 provider: ```bash VOLC_ACCESSKEY=xxx \ VOLC_SECRETKEY=yyy \ -lego --email you@example.com --dns volcengine --domains "example.org" --domains "*.example.org" run +lego --email you@example.com --dns volcengine -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_vscale.md b/docs/content/dns/zz_gen_vscale.md index 9c12081caf..696d404d8b 100644 --- a/docs/content/dns/zz_gen_vscale.md +++ b/docs/content/dns/zz_gen_vscale.md @@ -27,7 +27,7 @@ Here is an example bash command using the Vscale provider: ```bash VSCALE_API_TOKEN=xxxxx \ -lego --email you@example.com --dns vscale --domains my.example.org run +lego --email you@example.com --dns vscale -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_vultr.md b/docs/content/dns/zz_gen_vultr.md index 5aac5f203e..0334a69ada 100644 --- a/docs/content/dns/zz_gen_vultr.md +++ b/docs/content/dns/zz_gen_vultr.md @@ -27,7 +27,7 @@ Here is an example bash command using the Vultr provider: ```bash VULTR_API_KEY=xxxxx \ -lego --email you@example.com --dns vultr --domains my.example.org run +lego --email you@example.com --dns vultr -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_webnames.md b/docs/content/dns/zz_gen_webnames.md index b2c7e2100e..2fdc09cd30 100644 --- a/docs/content/dns/zz_gen_webnames.md +++ b/docs/content/dns/zz_gen_webnames.md @@ -27,7 +27,7 @@ Here is an example bash command using the Webnames provider: ```bash WEBNAMES_API_KEY=xxxxxx \ -lego --email you@example.com --dns webnames --domains my.example.org run +lego --email you@example.com --dns webnames -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_websupport.md b/docs/content/dns/zz_gen_websupport.md index 60f7e95f3d..c48181a544 100644 --- a/docs/content/dns/zz_gen_websupport.md +++ b/docs/content/dns/zz_gen_websupport.md @@ -28,7 +28,7 @@ Here is an example bash command using the Websupport provider: ```bash WEBSUPPORT_API_KEY="xxxxxxxxxxxxxxxxxxxxx" \ WEBSUPPORT_SECRET="yyyyyyyyyyyyyyyyyyyyy" \ -lego --email myemail@example.com --dns websupport --domains my.example.org run +lego --email you@example.com --dns websupport -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_wedos.md b/docs/content/dns/zz_gen_wedos.md index c4b2353e3d..1762cf4ca7 100644 --- a/docs/content/dns/zz_gen_wedos.md +++ b/docs/content/dns/zz_gen_wedos.md @@ -28,7 +28,7 @@ Here is an example bash command using the WEDOS provider: ```bash WEDOS_USERNAME=xxxxxxxx \ WEDOS_WAPI_PASSWORD=xxxxxxxx \ -lego --email you@example.com --dns wedos --domains my.example.org run +lego --email you@example.com --dns wedos -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_yandex.md b/docs/content/dns/zz_gen_yandex.md index 00693d6b22..60b8a0ac3d 100644 --- a/docs/content/dns/zz_gen_yandex.md +++ b/docs/content/dns/zz_gen_yandex.md @@ -27,7 +27,7 @@ Here is an example bash command using the Yandex PDD provider: ```bash YANDEX_PDD_TOKEN= \ -lego --email you@example.com --dns yandex --domains my.example.org run +lego --email you@example.com --dns yandex -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_yandex360.md b/docs/content/dns/zz_gen_yandex360.md index 9ce7fcc5c2..04eeab45cb 100644 --- a/docs/content/dns/zz_gen_yandex360.md +++ b/docs/content/dns/zz_gen_yandex360.md @@ -28,7 +28,7 @@ Here is an example bash command using the Yandex 360 provider: ```bash YANDEX360_OAUTH_TOKEN= \ YANDEX360_ORG_ID= \ -lego --email you@example.com --dns yandex360 --domains my.example.org run +lego --email you@example.com --dns yandex360 -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_yandexcloud.md b/docs/content/dns/zz_gen_yandexcloud.md index 294ff74d22..0831e8c499 100644 --- a/docs/content/dns/zz_gen_yandexcloud.md +++ b/docs/content/dns/zz_gen_yandexcloud.md @@ -28,7 +28,7 @@ Here is an example bash command using the Yandex Cloud provider: ```bash YANDEX_CLOUD_IAM_TOKEN= \ YANDEX_CLOUD_FOLDER_ID= \ -lego --email you@example.com --dns yandexcloud --domains "example.org" --domains "*.example.org" run +lego --email you@example.com --dns yandexcloud -d '*.example.com' -d example.com run # --- @@ -41,7 +41,7 @@ YANDEX_CLOUD_IAM_TOKEN=$(echo '{ \ "private_key": "-----BEGIN PRIVATE KEY----------END PRIVATE KEY-----" \ }' | base64) \ YANDEX_CLOUD_FOLDER_ID= \ -lego --email you@example.com --dns yandexcloud --domains "example.org" --domains "*.example.org" run +lego --email you@example.com --dns yandexcloud -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_zoneee.md b/docs/content/dns/zz_gen_zoneee.md index 07a2c2a90a..a6df03b567 100644 --- a/docs/content/dns/zz_gen_zoneee.md +++ b/docs/content/dns/zz_gen_zoneee.md @@ -28,7 +28,7 @@ Here is an example bash command using the Zone.ee provider: ```bash ZONEEE_API_USER=xxxxx \ ZONEEE_API_KEY=yyyyy \ -lego --email you@example.com --dns zoneee --domains my.example.org run +lego --email you@example.com --dns zoneee -d '*.example.com' -d example.com run ``` diff --git a/docs/content/dns/zz_gen_zonomi.md b/docs/content/dns/zz_gen_zonomi.md index bc6071649b..51c25d95dd 100644 --- a/docs/content/dns/zz_gen_zonomi.md +++ b/docs/content/dns/zz_gen_zonomi.md @@ -27,7 +27,7 @@ Here is an example bash command using the Zonomi provider: ```bash ZONOMI_API_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns zonomi --domains my.example.org run +lego --email you@example.com --dns zonomi -d '*.example.com' -d example.com run ``` diff --git a/docs/content/usage/cli/Obtain-a-Certificate.md b/docs/content/usage/cli/Obtain-a-Certificate.md index f7cd014de6..c92f4ecf05 100644 --- a/docs/content/usage/cli/Obtain-a-Certificate.md +++ b/docs/content/usage/cli/Obtain-a-Certificate.md @@ -49,14 +49,13 @@ lego comes with [support for many]({{% ref "dns#dns-providers" %}}) providers, and you need to pick the one where your domain's DNS settings are set up. Typically, this is the registrar where you bought the domain, but in some cases this can be another third-party provider. -For this example, let's assume you have set up CloudFlare for your domain. +For this example, let's assume you have set up Gandi for your domain. Execute this command: ```bash -CLOUDFLARE_EMAIL="you@example.com" \ -CLOUDFLARE_API_KEY="yourprivatecloudflareapikey" \ -lego --email "you@example.com" --dns cloudflare --domains "example.org" run +GANDI_API_KEY=xxx \ +lego --email "you@example.com" --dns gandi --domains "example.org" --domains "*.example.org" run ``` diff --git a/docs/content/usage/cli/Options.md b/docs/content/usage/cli/Options.md index 2a6ae9a7cb..a6484de234 100644 --- a/docs/content/usage/cli/Options.md +++ b/docs/content/usage/cli/Options.md @@ -85,3 +85,60 @@ In these cases, you can instruct Lego to use a different DNS resolver, using the You should prefer one on the public internet, otherwise you might be susceptible to the same problem. [^apex]: The apex domain is the domain you have registered with your domain registrar. For gTLDs (`.com`, `.fyi`) this is the 2nd level domain, but for ccTLDs, this can either be the 2nd level (`.de`) or 3rd level domain (`.co.uk`). + +## Other options + +### LEGO_CA_CERTIFICATES + +The environment variable `LEGO_CA_CERTIFICATES` allows to specify the path to PEM-encoded CA certificates +that can be used to authenticate an ACME server with an HTTPS certificate not issued by a CA in the system-wide trusted root list. + +Multiple file paths can be added by using `:` (unix) or `;` (Windows) as a separator. + +Example: + +```bash +# On Unix system +LEGO_CA_CERTIFICATES=/foo/cert1.pem:/foo/cert2.pem +``` + +### LEGO_CA_SYSTEM_CERT_POOL + +The environment variable `LEGO_CA_SYSTEM_CERT_POOL` can be used to define if the certificates pool must use a copy of the system cert pool. + +Example: + +```bash +LEGO_CA_SYSTEM_CERT_POOL=true +``` + +### LEGO_CA_SERVER_NAME + +The environment variable `LEGO_CA_SERVER_NAME` allows to specify the CA server name used to authenticate an ACME server +with an HTTPS certificate not issued by a CA in the system-wide trusted root list. + +Example: + +```bash +LEGO_CA_SERVER_NAME=foo +``` + +### LEGO_DISABLE_CNAME_SUPPORT + +By default, lego follows CNAME, the environment variable `LEGO_DISABLE_CNAME_SUPPORT` allows to disable this support. + +Example: + +```bash +LEGO_DISABLE_CNAME_SUPPORT=false +``` + +### LEGO_DEBUG_CLIENT_VERBOSE_ERROR + +The environment variable `LEGO_DEBUG_CLIENT_VERBOSE_ERROR` allows to enrich error messages from some of the DNS clients. + +Example: + +```bash +LEGO_DEBUG_CLIENT_VERBOSE_ERROR=true +``` diff --git a/docs/data/zz_cli_help.toml b/docs/data/zz_cli_help.toml index 45ceb9efe9..99c6b5b682 100644 --- a/docs/data/zz_cli_help.toml +++ b/docs/data/zz_cli_help.toml @@ -46,6 +46,7 @@ GLOBAL OPTIONS: --dns.propagation-wait value By setting this flag, disables all the propagation checks of the TXT record and uses a wait duration instead. (default: 0s) --dns.resolvers value [ --dns.resolvers value ] Set the resolvers to use for performing (recursive) CNAME resolving and apex domain determination. For DNS-01 challenge verification, the authoritative DNS server is queried directly. Supported: host:port. The default is to use the system resolvers, or Google's DNS resolvers if the system's cannot be determined. --http-timeout value Set the HTTP timeout value to a specific value in seconds. (default: 0) + --tls-skip-verify Skip the TLS verification of the ACME server. (default: false) --dns-timeout value Set the DNS timeout value to a specific value in seconds. Used only when performing authoritative name server queries. (default: 10) --pem Generate an additional .pem (base64) file by concatenating the .key and .crt files together. (default: false) --pfx Generate an additional .pfx (PKCS#12) file by concatenating the .key and .crt and issuer .crt files together. (default: false) [$LEGO_PFX] @@ -88,7 +89,7 @@ USAGE: OPTIONS: --days value The number of days left on a certificate to renew it. (default: 30) - --ari-enable Use the renewalInfo endpoint (draft-ietf-acme-ari) to check if a certificate should be renewed. (default: false) + --ari-disable Do not use the renewalInfo endpoint (draft-ietf-acme-ari) to check if a certificate should be renewed. (default: false) --ari-wait-to-renew-duration value The maximum duration you're willing to sleep for a renewal time returned by the renewalInfo endpoint. (default: 0s) --reuse-key Used to indicate you want to reuse your current private key for the new certificate. (default: false) --no-bundle Do not create a certificate bundle by adding the issuers certificate to the new certificate. (default: false) @@ -142,7 +143,7 @@ To display the documentation for a specific DNS provider, run: $ lego dnshelp -c code Supported DNS providers: - acme-dns, alidns, allinkl, arvancloud, auroradns, autodns, azure, azuredns, bindman, bluecat, brandit, bunny, checkdomain, civo, clouddns, cloudflare, cloudns, cloudru, cloudxns, conoha, constellix, cpanel, derak, desec, designate, digitalocean, directadmin, dnshomede, dnsimple, dnsmadeeasy, dnspod, dode, domeneshop, dreamhost, duckdns, dyn, dynu, easydns, edgedns, efficientip, epik, exec, exoscale, freemyip, gandi, gandiv5, gcloud, gcore, glesys, godaddy, googledomains, hetzner, hostingde, hosttech, httpnet, httpreq, huaweicloud, hurricane, hyperone, ibmcloud, iij, iijdpf, infoblox, infomaniak, internetbs, inwx, ionos, ipv64, iwantmyname, joker, liara, lightsail, limacity, linode, liquidweb, loopia, luadns, mailinabox, manual, metaname, mijnhost, mittwald, mydnsjp, mythicbeasts, namecheap, namedotcom, namesilo, nearlyfreespeech, netcup, netlify, nicmanager, nifcloud, njalla, nodion, ns1, oraclecloud, otc, ovh, pdns, plesk, porkbun, rackspace, rcodezero, regru, rfc2136, rimuhosting, route53, safedns, sakuracloud, scaleway, selectel, selectelv2, selfhostde, servercow, shellrent, simply, sonic, stackpath, tencentcloud, timewebcloud, transip, ultradns, variomedia, vegadns, vercel, versio, vinyldns, vkcloud, volcengine, vscale, vultr, webnames, websupport, wedos, yandex, yandex360, yandexcloud, zoneee, zonomi + acme-dns, alidns, allinkl, arvancloud, auroradns, autodns, azure, azuredns, bindman, bluecat, brandit, bunny, checkdomain, civo, clouddns, cloudflare, cloudns, cloudru, cloudxns, conoha, constellix, corenetworks, cpanel, derak, desec, designate, digitalocean, directadmin, dnshomede, dnsimple, dnsmadeeasy, dnspod, dode, domeneshop, dreamhost, duckdns, dyn, dynu, easydns, edgedns, efficientip, epik, exec, exoscale, freemyip, gandi, gandiv5, gcloud, gcore, glesys, godaddy, googledomains, hetzner, hostingde, hosttech, httpnet, httpreq, huaweicloud, hurricane, hyperone, ibmcloud, iij, iijdpf, infoblox, infomaniak, internetbs, inwx, ionos, ipv64, iwantmyname, joker, liara, lightsail, limacity, linode, liquidweb, loopia, luadns, mailinabox, manual, metaname, mijnhost, mittwald, mydnsjp, mythicbeasts, namecheap, namedotcom, namesilo, nearlyfreespeech, netcup, netlify, nicmanager, nifcloud, njalla, nodion, ns1, oraclecloud, otc, ovh, pdns, plesk, porkbun, rackspace, rcodezero, regfish, regru, rfc2136, rimuhosting, route53, safedns, sakuracloud, scaleway, selectel, selectelv2, selfhostde, servercow, shellrent, simply, sonic, stackpath, technitium, tencentcloud, timewebcloud, transip, ultradns, variomedia, vegadns, vercel, versio, vinyldns, vkcloud, volcengine, vscale, vultr, webnames, websupport, wedos, yandex, yandex360, yandexcloud, zoneee, zonomi More information: https://go-acme.github.io/lego/dns """ diff --git a/go.mod b/go.mod index dbd468c11b..ed000aac2d 100644 --- a/go.mod +++ b/go.mod @@ -3,12 +3,12 @@ module github.com/go-acme/lego/v4 go 1.22.0 require ( - cloud.google.com/go/compute/metadata v0.5.1 + cloud.google.com/go/compute/metadata v0.5.2 github.com/Azure/azure-sdk-for-go v68.0.0+incompatible - github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0 - github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0 + github.com/Azure/azure-sdk-for-go/sdk/azcore v1.16.0 + github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdns v1.2.0 - github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.2.0 + github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.3.0 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resourcegraph/armresourcegraph v0.9.0 github.com/Azure/go-autorest/autorest v0.11.29 github.com/Azure/go-autorest/autorest/azure/auth v0.5.13 @@ -16,31 +16,32 @@ require ( github.com/BurntSushi/toml v1.4.0 github.com/OpenDNS/vegadns2client v0.0.0-20180418235048-a3fa4a771d87 github.com/akamai/AkamaiOPEN-edgegrid-golang v1.2.2 - github.com/aliyun/alibaba-cloud-sdk-go v1.63.15 - github.com/aws/aws-sdk-go-v2 v1.30.5 - github.com/aws/aws-sdk-go-v2/config v1.27.33 - github.com/aws/aws-sdk-go-v2/credentials v1.17.32 - github.com/aws/aws-sdk-go-v2/service/lightsail v1.40.6 - github.com/aws/aws-sdk-go-v2/service/route53 v1.43.2 - github.com/aws/aws-sdk-go-v2/service/s3 v1.61.2 - github.com/aws/aws-sdk-go-v2/service/sts v1.30.7 + github.com/aliyun/alibaba-cloud-sdk-go v1.63.47 + github.com/aws/aws-sdk-go-v2 v1.32.3 + github.com/aws/aws-sdk-go-v2/config v1.28.1 + github.com/aws/aws-sdk-go-v2/credentials v1.17.42 + github.com/aws/aws-sdk-go-v2/service/lightsail v1.42.3 + github.com/aws/aws-sdk-go-v2/service/route53 v1.46.0 + github.com/aws/aws-sdk-go-v2/service/s3 v1.66.2 + github.com/aws/aws-sdk-go-v2/service/sts v1.32.3 github.com/cenkalti/backoff/v4 v4.3.0 github.com/civo/civogo v0.3.11 - github.com/cloudflare/cloudflare-go v0.104.0 + github.com/cloudflare/cloudflare-go v0.108.0 github.com/cpu/goacmedns v0.1.1 github.com/dnsimple/dnsimple-go v1.7.0 - github.com/exoscale/egoscale/v3 v3.1.5 + github.com/exoscale/egoscale/v3 v3.1.7 github.com/go-jose/go-jose/v4 v4.0.4 - github.com/go-viper/mapstructure/v2 v2.1.0 + github.com/go-viper/mapstructure/v2 v2.2.1 github.com/google/go-querystring v1.1.0 - github.com/gophercloud/gophercloud v1.14.0 + github.com/gophercloud/gophercloud v1.14.1 github.com/gophercloud/utils v0.0.0-20231010081019-80377eca5d56 github.com/hashicorp/go-retryablehttp v0.7.7 - github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.114 + github.com/hashicorp/go-version v1.7.0 + github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.120 github.com/iij/doapi v0.0.0-20190504054126-0bbf12d6d7df github.com/infobloxopen/infoblox-go-client v1.1.1 github.com/labbsr0x/bindman-dns-webhook v1.0.2 - github.com/linode/linodego v1.40.0 + github.com/linode/linodego v1.42.0 github.com/liquidweb/liquidweb-go v1.6.4 github.com/mattn/go-isatty v0.0.20 github.com/miekg/dns v1.1.62 @@ -57,40 +58,41 @@ require ( github.com/nrdcg/nodion v0.1.0 github.com/nrdcg/porkbun v0.4.0 github.com/nzdjb/go-metaname v1.0.0 - github.com/oracle/oci-go-sdk/v65 v65.73.0 + github.com/oracle/oci-go-sdk/v65 v65.77.1 github.com/ovh/go-ovh v1.6.0 github.com/pquerna/otp v1.4.0 github.com/rainycape/memcache v0.0.0-20150622160815-1031fa0ce2f2 + github.com/regfish/regfish-dnsapi-go v0.1.1 github.com/sacloud/api-client-go v0.2.10 github.com/sacloud/iaas-api-go v1.12.0 github.com/scaleway/scaleway-sdk-go v1.0.0-beta.30 github.com/selectel/domains-go v1.1.0 github.com/selectel/go-selvpcclient/v3 v3.1.1 - github.com/softlayer/softlayer-go v1.1.5 + github.com/softlayer/softlayer-go v1.1.7 github.com/stretchr/testify v1.9.0 - github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1002 - github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1002 + github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1034 + github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1034 github.com/transip/gotransip/v6 v6.26.0 - github.com/ultradns/ultradns-go-sdk v1.7.0-20240913052650-970ca9a - github.com/urfave/cli/v2 v2.27.4 + github.com/ultradns/ultradns-go-sdk v1.8.0-20241010134910-243eeec + github.com/urfave/cli/v2 v2.27.5 github.com/vinyldns/go-vinyldns v0.9.16 - github.com/volcengine/volc-sdk-golang v1.0.177 + github.com/volcengine/volc-sdk-golang v1.0.183 github.com/vultr/govultr/v3 v3.9.1 - github.com/yandex-cloud/go-genproto v0.0.0-20240911120709-1fa0cb6f47c2 - github.com/yandex-cloud/go-sdk v0.0.0-20240911121212-e4e74d0d02f5 - golang.org/x/crypto v0.27.0 - golang.org/x/net v0.29.0 + github.com/yandex-cloud/go-genproto v0.0.0-20241101135610-76a0cfc1a773 + github.com/yandex-cloud/go-sdk v0.0.0-20241101143304-947cf519f6bd + golang.org/x/crypto v0.28.0 + golang.org/x/net v0.30.0 golang.org/x/oauth2 v0.23.0 - golang.org/x/time v0.6.0 - google.golang.org/api v0.197.0 - gopkg.in/ns1/ns1-go.v2 v2.12.0 + golang.org/x/time v0.7.0 + google.golang.org/api v0.204.0 + gopkg.in/ns1/ns1-go.v2 v2.12.2 gopkg.in/yaml.v2 v2.4.0 software.sslmate.com/src/go-pkcs12 v0.5.0 ) require ( - cloud.google.com/go/auth v0.9.3 // indirect - cloud.google.com/go/auth/oauth2adapt v0.2.4 // indirect + cloud.google.com/go/auth v0.10.0 // indirect + cloud.google.com/go/auth/oauth2adapt v0.2.5 // indirect github.com/AdamSLevy/jsonrpc2/v14 v14.1.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect github.com/Azure/go-autorest v14.2.0+incompatible // indirect @@ -100,22 +102,22 @@ require ( github.com/Azure/go-autorest/logger v0.2.1 // indirect github.com/Azure/go-autorest/tracing v0.6.0 // indirect github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect - github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.4 // indirect - github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.17 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.17 // indirect + github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.6 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.18 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.22 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.22 // indirect github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect - github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.17 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.19 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.19 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.17 // indirect - github.com/aws/aws-sdk-go-v2/service/sso v1.22.7 // indirect - github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.7 // indirect - github.com/aws/smithy-go v1.20.4 // indirect + github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.22 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.0 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.3 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.3 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.3 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.24.3 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.3 // indirect + github.com/aws/smithy-go v1.22.0 // indirect github.com/benbjohnson/clock v1.3.0 // indirect github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect - github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.5 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/dimchansky/utfbom v1.1.1 // indirect github.com/fatih/structs v1.1.0 // indirect @@ -132,7 +134,7 @@ require ( github.com/go-resty/resty/v2 v2.13.1 // indirect github.com/goccy/go-json v0.10.3 // indirect github.com/gofrs/flock v0.12.1 // indirect - github.com/golang-jwt/jwt/v4 v4.5.0 // indirect + github.com/golang-jwt/jwt/v4 v4.5.1 // indirect github.com/golang-jwt/jwt/v5 v5.2.1 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/google/s2a-go v0.1.8 // indirect @@ -195,14 +197,14 @@ require ( golang.org/x/exp v0.0.0-20240213143201-ec583247a57a // indirect golang.org/x/mod v0.21.0 // indirect golang.org/x/sync v0.8.0 // indirect - golang.org/x/sys v0.25.0 // indirect - golang.org/x/text v0.18.0 // indirect + golang.org/x/sys v0.26.0 // indirect + golang.org/x/text v0.19.0 // indirect golang.org/x/tools v0.25.0 // indirect - google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20240827150818-7e3bb234dfed // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 // indirect - google.golang.org/grpc v1.66.1 // indirect - google.golang.org/protobuf v1.34.2 // indirect + google.golang.org/genproto v0.0.0-20241021214115-324edc3d5d38 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20241015192408-796eee8c2d53 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20241021214115-324edc3d5d38 // indirect + google.golang.org/grpc v1.67.1 // indirect + google.golang.org/protobuf v1.35.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index b812a6eeb7..40bdeb6693 100644 --- a/go.sum +++ b/go.sum @@ -13,18 +13,18 @@ cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKV cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= -cloud.google.com/go/auth v0.9.3 h1:VOEUIAADkkLtyfr3BLa3R8Ed/j6w1jTBmARx+wb5w5U= -cloud.google.com/go/auth v0.9.3/go.mod h1:7z6VY+7h3KUdRov5F1i8NDP5ZzWKYmEPO842BgCsmTk= -cloud.google.com/go/auth/oauth2adapt v0.2.4 h1:0GWE/FUsXhf6C+jAkWgYm7X9tK8cuEIfy19DBn6B6bY= -cloud.google.com/go/auth/oauth2adapt v0.2.4/go.mod h1:jC/jOpwFP6JBxhB3P5Rr0a9HLMC/Pe3eaL4NmdvqPtc= +cloud.google.com/go/auth v0.10.0 h1:tWlkvFAh+wwTOzXIjrwM64karR1iTBZ/GRr0S/DULYo= +cloud.google.com/go/auth v0.10.0/go.mod h1:xxA5AqpDrvS+Gkmo9RqrGGRh6WSNKKOXhY3zNOr38tI= +cloud.google.com/go/auth/oauth2adapt v0.2.5 h1:2p29+dePqsCHPP1bqDJcKj4qxRyYCcbzKpFyKGt3MTk= +cloud.google.com/go/auth/oauth2adapt v0.2.5/go.mod h1:AlmsELtlEBnaNTL7jCj8VQFLy6mbZv0s4Q7NGBeQ5E8= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= -cloud.google.com/go/compute/metadata v0.5.1 h1:NM6oZeZNlYjiwYje+sYFjEpP0Q0zCan1bmQW/KmIrGs= -cloud.google.com/go/compute/metadata v0.5.1/go.mod h1:C66sj2AluDcIqakBq/M8lw8/ybHgOZqin2obFxa/E5k= +cloud.google.com/go/compute/metadata v0.5.2 h1:UxK4uu/Tn+I3p2dYWTfiX4wva7aYlKixAHn3fyqngqo= +cloud.google.com/go/compute/metadata v0.5.2/go.mod h1:C66sj2AluDcIqakBq/M8lw8/ybHgOZqin2obFxa/E5k= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= @@ -42,22 +42,24 @@ github.com/AdamSLevy/jsonrpc2/v14 v14.1.0 h1:Dy3M9aegiI7d7PF1LUdjbVigJReo+QOceYs github.com/AdamSLevy/jsonrpc2/v14 v14.1.0/go.mod h1:ZakZtbCXxCz82NJvq7MoREtiQesnDfrtF6RFUGzQfLo= github.com/Azure/azure-sdk-for-go v68.0.0+incompatible h1:fcYLmCpyNYRnvJbPerq7U0hS+6+I79yEDJBqVNcqUzU= github.com/Azure/azure-sdk-for-go v68.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0 h1:nyQWyZvwGTvunIMxi1Y9uXkcyr+I7TeNrr/foo4Kpk8= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0/go.mod h1:l38EPgmsp71HHLq9j7De57JcKOWPyhrsW1Awm1JS6K0= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0 h1:tfLQ34V6F7tVSwoTf/4lH5sE0o6eCJuNDTmH09nDpbc= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0/go.mod h1:9kIvujWAA58nmPmWB1m23fyWic1kYZMxD9CxaWn4Qpg= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.16.0 h1:JZg6HRh6W6U4OLl6lk7BZ7BLisIzM9dG1R50zUk9C/M= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.16.0/go.mod h1:YL1xnZ6QejvQHWJrX/AvhFl4WW4rqHVoKspWNVwFk0M= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0 h1:B/dfvscEQtew9dVuoxqxrUKKv8Ih2f55PydknDamU+g= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0/go.mod h1:fiPSssYvltE08HJchL04dOy+RD4hgrjph0cwGGMntdI= +github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.0 h1:+m0M/LFxN43KvULkDNfdXOgrjtg6UYJPFBJyuEcRCAw= +github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.0/go.mod h1:PwOyop78lveYMRs6oCxjiVyBdyCgIYH6XHIVZO9/SFQ= github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 h1:ywEEhmNahHBihViHepv3xPBn1663uRv2t2q/ESv9seY= github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0/go.mod h1:iZDifYGJTIgIIkYRNWPENUnqx6bJ2xnSDFI2tjwZNuY= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdns v1.2.0 h1:lpOxwrQ919lCZoNCd69rVt8u1eLZuMORrGXqy8sNf3c= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdns v1.2.0/go.mod h1:fSvRkb8d26z9dbL40Uf/OO6Vo9iExtZK3D0ulRV+8M0= -github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal/v2 v2.0.0 h1:PTFGRSlMKCQelWwxUyYVEUqseBJVemLyqWJjvMyt0do= -github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal/v2 v2.0.0/go.mod h1:LRr2FzBTQlONPPa5HREE5+RjSCTXl7BwOvYOaWTqCaI= -github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.2.0 h1:9Eih8XcEeQnFD0ntMlUDleKMzfeCeUfa+VbnDCI4AZs= -github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.2.0/go.mod h1:wGPyTi+aURdqPAGMZDQqnNs9IrShADF8w2WZb6bKeq0= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal/v3 v3.1.0 h1:2qsIIvxVT+uE6yrNldntJKlLRgxGbZ85kgtz5SNBhMw= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal/v3 v3.1.0/go.mod h1:AW8VEadnhw9xox+VaVd9sP7NjzOAnaZBLRH6Tq3cJ38= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.3.0 h1:yzrctSl9GMIQ5lHu7jc8olOsGjWDCsBpJhWqfGa/YIM= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns v1.3.0/go.mod h1:GE4m0rnnfwLGX0Y9A9A25Zx5N/90jneT5ABevqzhuFQ= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resourcegraph/armresourcegraph v0.9.0 h1:zLzoX5+W2l95UJoVwiyNS4dX8vHyQ6x2xRLoBBL9wMk= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resourcegraph/armresourcegraph v0.9.0/go.mod h1:wVEOJfGTj0oPAUGA1JuRAvz/lxXQsWW16axmHPP47Bk= -github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1.1.1 h1:7CBQ+Ei8SP2c6ydQTGCCrS35bDxgTMfoP2miAwK++OU= -github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1.1.1/go.mod h1:c/wcGeGx5FUPbM/JltUYHZcKmigwyVLJlDq+4HdtXaw= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1.2.0 h1:Dd+RhdJn0OTtVGaeDLZpcumkIVCtA/3/Fo42+eoYvVM= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1.2.0/go.mod h1:5kakwfW5CjC9KK+Q4wjXAg+ShuIm2mBMua0ZFj2C8PE= github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= github.com/Azure/go-autorest/autorest v0.11.28/go.mod h1:MrkzG3Y3AH668QyF9KRk5neJnGgmhQ6krbhR8Q5eMvA= @@ -81,6 +83,8 @@ github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+Z github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= +github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1 h1:WJTmL004Abzc5wDB5VtZG2PJk5ndYDgVacGqfirKxjM= +github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1/go.mod h1:tCcJZ0uHAmvjsVYzEFivsRTN00oz5BEsRgQHu5JZ9WE= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mxXfQidrMEnLlPk9UMeRtyBTnEFtxkV0kU= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= @@ -109,8 +113,8 @@ github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuy github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= -github.com/aliyun/alibaba-cloud-sdk-go v1.63.15 h1:r2uwBUQhLhcPzaWz9tRJqc8MjYwHb+oF2+Q6467BF14= -github.com/aliyun/alibaba-cloud-sdk-go v1.63.15/go.mod h1:SOSDHfe1kX91v3W5QiBsWSLqeLxImobbMX1mxrFHsVQ= +github.com/aliyun/alibaba-cloud-sdk-go v1.63.47 h1:B8ApNodSpIM5ST9INmhMG4d0rRwNY/63/XjXUDO/XIo= +github.com/aliyun/alibaba-cloud-sdk-go v1.63.47/go.mod h1:SOSDHfe1kX91v3W5QiBsWSLqeLxImobbMX1mxrFHsVQ= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= @@ -120,48 +124,48 @@ github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgI github.com/avast/retry-go v3.0.0+incompatible/go.mod h1:XtSnn+n/sHqQIpZ10K1qAevBhOOCWBLXXy3hyiqqBrY= github.com/aws/aws-sdk-go v1.40.45/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q= github.com/aws/aws-sdk-go-v2 v1.9.1/go.mod h1:cK/D0BBs0b/oWPIcX/Z/obahJK1TT7IPVjy53i/mX/4= -github.com/aws/aws-sdk-go-v2 v1.30.5 h1:mWSRTwQAb0aLE17dSzztCVJWI9+cRMgqebndjwDyK0g= -github.com/aws/aws-sdk-go-v2 v1.30.5/go.mod h1:CT+ZPWXbYrci8chcARI3OmI/qgd+f6WtuLOoaIA8PR0= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.4 h1:70PVAiL15/aBMh5LThwgXdSQorVr91L127ttckI9QQU= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.4/go.mod h1:/MQxMqci8tlqDH+pjmoLu1i0tbWCUP1hhyMRuFxpQCw= -github.com/aws/aws-sdk-go-v2/config v1.27.33 h1:Nof9o/MsmH4oa0s2q9a0k7tMz5x/Yj5k06lDODWz3BU= -github.com/aws/aws-sdk-go-v2/config v1.27.33/go.mod h1:kEqdYzRb8dd8Sy2pOdEbExTTF5v7ozEXX0McgPE7xks= -github.com/aws/aws-sdk-go-v2/credentials v1.17.32 h1:7Cxhp/BnT2RcGy4VisJ9miUPecY+lyE9I8JvcZofn9I= -github.com/aws/aws-sdk-go-v2/credentials v1.17.32/go.mod h1:P5/QMF3/DCHbXGEGkdbilXHsyTBX5D3HSwcrSc9p20I= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13 h1:pfQ2sqNpMVK6xz2RbqLEL0GH87JOwSxPV2rzm8Zsb74= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13/go.mod h1:NG7RXPUlqfsCLLFfi0+IpKN4sCB9D9fw/qTaSB+xRoU= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.17 h1:pI7Bzt0BJtYA0N/JEC6B8fJ4RBrEMi1LBrkMdFYNSnQ= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.17/go.mod h1:Dh5zzJYMtxfIjYW+/evjQ8uj2OyR/ve2KROHGHlSFqE= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.17 h1:Mqr/V5gvrhA2gvgnF42Zh5iMiQNcOYthFYwCyrnuWlc= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.17/go.mod h1:aLJpZlCmjE+V+KtN1q1uyZkfnUWpQGpbsn89XPKyzfU= +github.com/aws/aws-sdk-go-v2 v1.32.3 h1:T0dRlFBKcdaUPGNtkBSwHZxrtis8CQU17UpNBZYd0wk= +github.com/aws/aws-sdk-go-v2 v1.32.3/go.mod h1:2SK5n0a2karNTv5tbP1SjsX0uhttou00v/HpXKM1ZUo= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.6 h1:pT3hpW0cOHRJx8Y0DfJUEQuqPild8jRGmSFmBgvydr0= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.6/go.mod h1:j/I2++U0xX+cr44QjHay4Cvxj6FUbnxrgmqN3H1jTZA= +github.com/aws/aws-sdk-go-v2/config v1.28.1 h1:oxIvOUXy8x0U3fR//0eq+RdCKimWI900+SV+10xsCBw= +github.com/aws/aws-sdk-go-v2/config v1.28.1/go.mod h1:bRQcttQJiARbd5JZxw6wG0yIK3eLeSCPdg6uqmmlIiI= +github.com/aws/aws-sdk-go-v2/credentials v1.17.42 h1:sBP0RPjBU4neGpIYyx8mkU2QqLPl5u9cmdTWVzIpHkM= +github.com/aws/aws-sdk-go-v2/credentials v1.17.42/go.mod h1:FwZBfU530dJ26rv9saAbxa9Ej3eF/AK0OAY86k13n4M= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.18 h1:68jFVtt3NulEzojFesM/WVarlFpCaXLKaBxDpzkQ9OQ= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.18/go.mod h1:Fjnn5jQVIo6VyedMc0/EhPpfNlPl7dHV916O6B+49aE= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.22 h1:Jw50LwEkVjuVzE1NzkhNKkBf9cRN7MtE1F/b2cOKTUM= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.22/go.mod h1:Y/SmAyPcOTmpeVaWSzSKiILfXTVJwrGmYZhcRbhWuEY= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.22 h1:981MHwBaRZM7+9QSR6XamDzF/o7ouUGxFzr+nVSIhrs= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.22/go.mod h1:1RA1+aBEfn+CAB/Mh0MB6LsdCYCnjZm7tKXtnk499ZQ= github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 h1:VaRN3TlFdd6KxX1x3ILT5ynH6HvKgqdiXoTxAF4HQcQ= github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc= -github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.17 h1:Roo69qTpfu8OlJ2Tb7pAYVuF0CpuUMB0IYWwYP/4DZM= -github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.17/go.mod h1:NcWPxQzGM1USQggaTVwz6VpqMZPX1CvDJLDh6jnOCa4= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.22 h1:yV+hCAHZZYJQcwAaszoBNwLbPItHvApxT0kVIw6jRgs= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.22/go.mod h1:kbR1TL8llqB1eGnVbybcA4/wgScxdylOdyAd51yxPdw= github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.8.1/go.mod h1:CM+19rL1+4dFWnOQKwDc7H1KwXTz+h61oUSHyhV0b3o= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4 h1:KypMCbLPPHEmf9DgMGw51jMj77VfGPAN2Kv4cfhlfgI= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4/go.mod h1:Vz1JQXliGcQktFTN/LN6uGppAIRoLBR2bMvIMP0gOjc= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.19 h1:FLMkfEiRjhgeDTCjjLoc3URo/TBkgeQbocA78lfkzSI= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.19/go.mod h1:Vx+GucNSsdhaxs3aZIKfSUjKVGsxN25nX2SRcdhuw08= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.19 h1:rfprUlsdzgl7ZL2KlXiUAoJnI/VxfHCvDFr2QDFj6u4= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.19/go.mod h1:SCWkEdRq8/7EK60NcvvQ6NXKuTcchAD4ROAsC37VEZE= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.17 h1:u+EfGmksnJc/x5tq3A+OD7LrMbSSR/5TrKLvkdy/fhY= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.17/go.mod h1:VaMx6302JHax2vHJWgRo+5n9zvbacs3bLU/23DNQrTY= -github.com/aws/aws-sdk-go-v2/service/lightsail v1.40.6 h1:ea6TO3HgVeVTB2Ie1djyBFWBOc9CohpKbo/QZbGTCJQ= -github.com/aws/aws-sdk-go-v2/service/lightsail v1.40.6/go.mod h1:D2TUTD3v6AWmE5LzdCXLWNFtoYbSf6IEjKh1ggbuVdw= -github.com/aws/aws-sdk-go-v2/service/route53 v1.43.2 h1:957e1/SwXIfPi/0OUJkH9YnPZRe9G6Kisd/xUhF7AUE= -github.com/aws/aws-sdk-go-v2/service/route53 v1.43.2/go.mod h1:343vcjcyOTuHTBBgUrOxPM36/jE96qLZnGL447ldrB0= -github.com/aws/aws-sdk-go-v2/service/s3 v1.61.2 h1:Kp6PWAlXwP1UvIflkIP6MFZYBNDCa4mFCGtxrpICVOg= -github.com/aws/aws-sdk-go-v2/service/s3 v1.61.2/go.mod h1:5FmD/Dqq57gP+XwaUnd5WFPipAuzrf0HmupX27Gvjvc= -github.com/aws/aws-sdk-go-v2/service/sso v1.22.7 h1:pIaGg+08llrP7Q5aiz9ICWbY8cqhTkyy+0SHvfzQpTc= -github.com/aws/aws-sdk-go-v2/service/sso v1.22.7/go.mod h1:eEygMHnTKH/3kNp9Jr1n3PdejuSNcgwLe1dWgQtO0VQ= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.7 h1:/Cfdu0XV3mONYKaOt1Gr0k1KvQzkzPyiKUdlWJqy+J4= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.7/go.mod h1:bCbAxKDqNvkHxRaIMnyVPXPo+OaPRwvmgzMxbz1VKSA= -github.com/aws/aws-sdk-go-v2/service/sts v1.30.7 h1:NKTa1eqZYw8tiHSRGpP0VtTdub/8KNk8sDkNPFaOKDE= -github.com/aws/aws-sdk-go-v2/service/sts v1.30.7/go.mod h1:NXi1dIAGteSaRLqYgarlhP/Ij0cFT+qmCwiJqWh/U5o= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.0 h1:TToQNkvGguu209puTojY/ozlqy2d/SFNcoLIqTFi42g= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.0/go.mod h1:0jp+ltwkf+SwG2fm/PKo8t4y8pJSgOCO4D8Lz3k0aHQ= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.3 h1:kT6BcZsmMtNkP/iYMcRG+mIEA/IbeiUimXtGmqF39y0= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.3/go.mod h1:Z8uGua2k4PPaGOYn66pK02rhMrot3Xk3tpBuUFPomZU= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.3 h1:qcxX0JYlgWH3hpPUnd6U0ikcl6LLA9sLkXE2w1fpMvY= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.3/go.mod h1:cLSNEmI45soc+Ef8K/L+8sEA3A3pYFEYf5B5UI+6bH4= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.3 h1:ZC7Y/XgKUxwqcdhO5LE8P6oGP1eh6xlQReWNKfhvJno= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.3/go.mod h1:WqfO7M9l9yUAw0HcHaikwRd/H6gzYdz7vjejCA5e2oY= +github.com/aws/aws-sdk-go-v2/service/lightsail v1.42.3 h1:lcsqV11EaB74iNKr/PaXV0Og1D/lCZIhIf+kPucTfPw= +github.com/aws/aws-sdk-go-v2/service/lightsail v1.42.3/go.mod h1:IyYNP3fIP5/BvFKqQFj7wwQnKuH0wndcv6j4DyG9pRk= +github.com/aws/aws-sdk-go-v2/service/route53 v1.46.0 h1:AaOWmXBSDSIEsTzx8Y2nYAxckgmBPNiRU5mjn/a9ynI= +github.com/aws/aws-sdk-go-v2/service/route53 v1.46.0/go.mod h1:IN9bx4yLAa3a3J7A41skQefcYObNv6ARAd2i5WxvGKg= +github.com/aws/aws-sdk-go-v2/service/s3 v1.66.2 h1:p9TNFL8bFUMd+38YIpTAXpoxyz0MxC7FlbFEH4P4E1U= +github.com/aws/aws-sdk-go-v2/service/s3 v1.66.2/go.mod h1:fNjyo0Coen9QTwQLWeV6WO2Nytwiu+cCcWaTdKCAqqE= +github.com/aws/aws-sdk-go-v2/service/sso v1.24.3 h1:UTpsIf0loCIWEbrqdLb+0RxnTXfWh2vhw4nQmFi4nPc= +github.com/aws/aws-sdk-go-v2/service/sso v1.24.3/go.mod h1:FZ9j3PFHHAR+w0BSEjK955w5YD2UwB/l/H0yAK3MJvI= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.3 h1:2YCmIXv3tmiItw0LlYf6v7gEHebLY45kBEnPezbUKyU= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.3/go.mod h1:u19stRyNPxGhj6dRm+Cdgu6N75qnbW7+QN0q0dsAk58= +github.com/aws/aws-sdk-go-v2/service/sts v1.32.3 h1:wVnQ6tigGsRqSWDEEyH6lSAJ9OyFUsSnbaUWChuSGzs= +github.com/aws/aws-sdk-go-v2/service/sts v1.32.3/go.mod h1:VZa9yTFyj4o10YGsmDO4gbQJUvvhY72fhumT8W4LqsE= github.com/aws/smithy-go v1.8.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= -github.com/aws/smithy-go v1.20.4 h1:2HK1zBdPgRbjFOHlfeQZfpC4r72MOb9bZkiFwggKO+4= -github.com/aws/smithy-go v1.20.4/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg= +github.com/aws/smithy-go v1.22.0 h1:uunKnWlcoL3zO7q+gG2Pk53joueEOsnNB28QdMsmiMM= +github.com/aws/smithy-go v1.22.0/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A= github.com/benbjohnson/clock v1.3.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= @@ -173,16 +177,18 @@ github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJm github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc h1:biVzkmvwrH8WK8raXaxBx6fRVTlJILwEwQGL1I/ByEI= github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/c-bata/go-prompt v0.2.5/go.mod h1:vFnjEGDIIA/Lib7giyE4E9c50Lvl8j0S+7FVlAwDAVw= -github.com/c2h5oh/datasize v0.0.0-20200112174442-28bbd4740fee/go.mod h1:S/7n9copUssQ56c7aAgHqftWO4LTf4xY6CGWt8Bc+3M= github.com/casbin/casbin/v2 v2.37.0/go.mod h1:vByNa/Fchek0KZUgG5wEsl7iFsiviAYKRtgrQfcJqHg= github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/cenkalti/backoff/v4 v4.1.2/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= @@ -192,12 +198,11 @@ github.com/civo/civogo v0.3.11 h1:mON/fyrV946Sbk6paRtOSGsN+asCgCmHCgArf5xmGxM= github.com/civo/civogo v0.3.11/go.mod h1:7+GeeFwc4AYTULaEshpT2vIcl3Qq8HPoxA17viX3l6g= github.com/clbanning/mxj v1.8.4/go.mod h1:BVjHeAH+rl9rs6f+QIpeRl0tfu10SXn1pUSa5PVGJng= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cloudflare/cloudflare-go v0.104.0 h1:R/lB0dZupaZbOgibAH/BRrkFbZ6Acn/WsKg2iX2xXuY= -github.com/cloudflare/cloudflare-go v0.104.0/go.mod h1:pfUQ4PIG4ISI0/Mmc21Bp86UnFU0ktmPf3iTgbSL+cM= +github.com/cloudflare/cloudflare-go v0.108.0 h1:C4Skfjd8I8X3uEOGmQUT4/iGyZcWdkIU7HwvMoLkEE0= +github.com/cloudflare/cloudflare-go v0.108.0/go.mod h1:m492eNahT/9MsN7Ppnoge8AaI7QhVFtEgVm3I9HJFeU= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= @@ -208,14 +213,16 @@ github.com/cpu/goacmedns v0.1.1 h1:DM3H2NiN2oam7QljgGY5ygy4yDXhK5Z4JUnqaugs2C4= github.com/cpu/goacmedns v0.1.1/go.mod h1:MuaouqEhPAHxsbqjgnck5zeghuwBP1dLnPoobeGqugQ= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/cpuguy83/go-md2man/v2 v2.0.4 h1:wfIWP927BUkWJb2NmU/kNDYIBTh/ziUX91+lVfRxZq4= -github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.5 h1:ZtcqGrnekaHpVLArFSe4HK5DoKx1T0rq2DwVB0alcyc= +github.com/cpuguy83/go-md2man/v2 v2.0.5/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78= +github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U= github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= @@ -233,10 +240,9 @@ github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1m github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= -github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/exoscale/egoscale/v3 v3.1.5 h1:Nsfmqiq/CQJM3Ukqg9/u4rc9Q0QBeTQc3JFPMpFkhJg= -github.com/exoscale/egoscale/v3 v3.1.5/go.mod h1:GHKucK/J26v8PGWztGdhxWNMjrjG9PbelxKCJ4YI11Q= +github.com/exoscale/egoscale/v3 v3.1.7 h1:Q6p9tOVY0IiOW0fUpaPQWY7ggGEuSPZLAGxFgDd2sCE= +github.com/exoscale/egoscale/v3 v3.1.7/go.mod h1:GHKucK/J26v8PGWztGdhxWNMjrjG9PbelxKCJ4YI11Q= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= github.com/fatih/color v1.12.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM= @@ -298,8 +304,8 @@ github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/me github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= -github.com/go-viper/mapstructure/v2 v2.1.0 h1:gHnMa2Y/pIxElCH2GlZZ1lZSsn6XMtufpGyP1XxdC/w= -github.com/go-viper/mapstructure/v2 v2.1.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= +github.com/go-viper/mapstructure/v2 v2.2.1 h1:ZAaOCxANMuZx5RCeg0mBdEZk7DZasvvZIxtHqx8aGss= +github.com/go-viper/mapstructure/v2 v2.2.1/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= github.com/go-zookeeper/zk v1.0.2/go.mod h1:nOB03cncLtlp4t+UAkGSV+9beXP/akpekBwL+UX1Qcw= github.com/gobs/pretty v0.0.0-20180724170744-09732c25a95b h1:/vQ+oYKu+JoyaMPDsv5FzwuL2wwWBgBbtj/YLCi4LuA= github.com/gobs/pretty v0.0.0-20180724170744-09732c25a95b/go.mod h1:Xo4aNUOrJnVruqWQJBtW6+bTBDTniY8yZum5rF3b5jw= @@ -314,10 +320,10 @@ github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zV github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/goji/httpauth v0.0.0-20160601135302-2da839ab0f4d/go.mod h1:nnjvkQ9ptGaCkuDUx6wNykzzlUixGxvkme+H/lnzb+A= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.1.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo= +github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= @@ -403,8 +409,8 @@ github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5m github.com/googleapis/gax-go/v2 v2.13.0 h1:yitjD5f7jQHhyDsnhKEBU52NdvvdSeGzlAnDPT0hH1s= github.com/googleapis/gax-go/v2 v2.13.0/go.mod h1:Z/fvTZXF8/uw7Xu5GuslPw+bplx6SS338j1Is2S+B7A= github.com/gophercloud/gophercloud v1.3.0/go.mod h1:aAVqcocTSXh2vYFZ1JTvx4EQmfgzxRcNupUfxZbBNDM= -github.com/gophercloud/gophercloud v1.14.0 h1:Bt9zQDhPrbd4qX7EILGmy+i7GP35cc+AAL2+wIJpUE8= -github.com/gophercloud/gophercloud v1.14.0/go.mod h1:aAVqcocTSXh2vYFZ1JTvx4EQmfgzxRcNupUfxZbBNDM= +github.com/gophercloud/gophercloud v1.14.1 h1:DTCNaTVGl8/cFu58O1JwWgis9gtISAFONqpMKNg/Vpw= +github.com/gophercloud/gophercloud v1.14.1/go.mod h1:aAVqcocTSXh2vYFZ1JTvx4EQmfgzxRcNupUfxZbBNDM= github.com/gophercloud/utils v0.0.0-20231010081019-80377eca5d56 h1:sH7xkTfYzxIEgzq1tDHIMKRh1vThOEOGNsettdEeLbE= github.com/gophercloud/utils v0.0.0-20231010081019-80377eca5d56/go.mod h1:VSalo4adEk+3sNkmVJLnhHoOyOYYS8sTWLG4mv5BKto= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= @@ -454,6 +460,8 @@ github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/b github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= +github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKeRZfjY= +github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= @@ -468,8 +476,8 @@ github.com/hashicorp/memberlist v0.2.2/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOn github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= github.com/hashicorp/serf v0.9.5/go.mod h1:UWDWwZeL5cuWDJdl0C6wrvrUwEqtQ4ZKBKKENpqIUyk= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.114 h1:X3E16S6AUZsQKhJIQ5kNnylnp0GtSy2YhIbxfvDavtU= -github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.114/go.mod h1:JWz2ujO9X3oU5wb6kXp+DpR2UuDj2SldDbX8T0FSuhI= +github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.120 h1:i+rlH2xzkEMGbol86Fq/ioxgAaOnX2vkH4i/bLptc5s= +github.com/huaweicloud/huaweicloud-sdk-go-v3 v0.1.120/go.mod h1:JWz2ujO9X3oU5wb6kXp+DpR2UuDj2SldDbX8T0FSuhI= github.com/hudl/fargo v1.4.0/go.mod h1:9Ai6uvFy5fQNq6VPKtg+Ceq1+eTY4nKUlR2JElEOcDo= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= @@ -492,6 +500,8 @@ github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9Y github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= +github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= +github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= @@ -509,6 +519,8 @@ github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8 github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= github.com/k0kubun/go-ansi v0.0.0-20180517002512-3bf9e2903213 h1:qGQQKEcAR99REcMpsXCp3lJ03zYT1PkRd3kQGPn9GVg= github.com/k0kubun/go-ansi v0.0.0-20180517002512-3bf9e2903213/go.mod h1:vNUNkEQ1e29fT/6vq2aBdFsgNPmy8qMdSay1npru+Sw= +github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6 h1:IsMZxCuZqKuao2vNdfD82fjjgPLfyHLpR41Z88viRWs= +github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6/go.mod h1:3VeWNIJaW+O5xpRQbPp0Ybqu1vJd/pm7s2F473HRrkw= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= @@ -538,8 +550,8 @@ github.com/labbsr0x/goh v1.0.1 h1:97aBJkDjpyBZGPbQuOK5/gHcSFbcr5aRsq3RSRJFpPk= github.com/labbsr0x/goh v1.0.1/go.mod h1:8K2UhVoaWXcCU7Lxoa2omWnC8gyW8px7/lmO61c027w= github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q= github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4= -github.com/linode/linodego v1.40.0 h1:7ESY0PwK94hoggoCtIroT1Xk6b1flrFBNZ6KwqbTqlI= -github.com/linode/linodego v1.40.0/go.mod h1:NsUw4l8QrLdIofRg1NYFBbW5ZERnmbZykVBszPZLORM= +github.com/linode/linodego v1.42.0 h1:ZSbi4MtvwrfB9Y6bknesorvvueBGGilcmh2D5dq76RM= +github.com/linode/linodego v1.42.0/go.mod h1:2yzmY6pegPBDgx2HDllmt0eIk2IlzqcgK6NR0wFCFRY= github.com/liquidweb/go-lwApi v0.0.0-20190605172801-52a4864d2738/go.mod h1:0sYF9rMXb0vlG+4SzdiGMXHheCZxjguMq+Zb4S2BfBs= github.com/liquidweb/liquidweb-cli v0.6.9 h1:acbIvdRauiwbxIsOCEMXGwF75aSJDbDiyAWPjVnwoYM= github.com/liquidweb/liquidweb-cli v0.6.9/go.mod h1:cE1uvQ+x24NGUL75D0QagOFCG8Wdvmwu8aL9TLmA/eQ= @@ -585,8 +597,9 @@ github.com/mitchellh/cli v1.1.0/go.mod h1:xcISNoH86gajksDmfB23e/pu+B+GeFRMYmoHXx github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0= github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= +github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU= +github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8= github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= @@ -666,8 +679,8 @@ github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYr github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b h1:FfH+VrHHk6Lxt9HdVS0PXzSXFyS2NbZKXv33FYPol0A= github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b/go.mod h1:AC62GU6hc0BrNm+9RK9VSiwa/EUe1bkIeFORAMcHvJU= github.com/openzipkin/zipkin-go v0.2.5/go.mod h1:KpXfKdgRDnnhsxw4pNIH9Md5lyFqKUa4YDFlwRYAMyE= -github.com/oracle/oci-go-sdk/v65 v65.73.0 h1:C7uel6CoKk4A1KPkdhFBAyvVyFRTHAmX8m0o64RmfPg= -github.com/oracle/oci-go-sdk/v65 v65.73.0/go.mod h1:IBEV9l1qBzUpo7zgGaRUhbB05BVfcDGYRFBCPlTcPp0= +github.com/oracle/oci-go-sdk/v65 v65.77.1 h1:gqjTXIUWvTihkn470AclxSAMcR1JecqjD2IUtp+sDIU= +github.com/oracle/oci-go-sdk/v65 v65.77.1/go.mod h1:IBEV9l1qBzUpo7zgGaRUhbB05BVfcDGYRFBCPlTcPp0= github.com/ovh/go-ovh v1.6.0 h1:ixLOwxQdzYDx296sXcgS35TOPEahJkpjMGtzPadCjQI= github.com/ovh/go-ovh v1.6.0/go.mod h1:cTVDnl94z4tl8pP1uZ/8jlVxntjSIf09bNcQ5TJSC7c= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= @@ -729,6 +742,10 @@ github.com/rainycape/memcache v0.0.0-20150622160815-1031fa0ce2f2 h1:dq90+d51/hQR github.com/rainycape/memcache v0.0.0-20150622160815-1031fa0ce2f2/go.mod h1:7tZKcyumwBO6qip7RNQ5r77yrssm9bfCowcLEBcU5IA= github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= +github.com/redis/go-redis/v9 v9.6.1 h1:HHDteefn6ZkTtY5fGUE8tj8uy85AHk6zP7CpzIAM0y4= +github.com/redis/go-redis/v9 v9.6.1/go.mod h1:0C0c6ycQsdpVNQpxb1njEQIqkx5UcsM8FJCQLgE9+RA= +github.com/regfish/regfish-dnsapi-go v0.1.1 h1:TJFtbePHkd47q5GZwYl1h3DIYXmoxdLjW/SBsPtB5IE= +github.com/regfish/regfish-dnsapi-go v0.1.1/go.mod h1:ubIgXSfqarSnl3XHSn8hIFwFF3h0yrq0ZiWD93Y2VjY= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= @@ -774,8 +791,8 @@ github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9/go.mod h github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/smartystreets/gunit v1.0.4 h1:tpTjnuH7MLlqhoD21vRoMZbMIi5GmBsAJDFyF67GhZA= github.com/smartystreets/gunit v1.0.4/go.mod h1:EH5qMBab2UclzXUcpR8b93eHsIlp9u+pDQIRp5DZNzQ= -github.com/softlayer/softlayer-go v1.1.5 h1:UFFtgKxiw0yIuUw93XBCFIiIMYR5eLgmm4a5DqMHXGg= -github.com/softlayer/softlayer-go v1.1.5/go.mod h1:WeJrBLoTJcaT8nO1azeyHyNpo/fDLtbpbvh+pzts+Qw= +github.com/softlayer/softlayer-go v1.1.7 h1:SgTL+pQZt1h+5QkAhVmHORM/7N9c1X0sljJhuOIHxWE= +github.com/softlayer/softlayer-go v1.1.7/go.mod h1:WeJrBLoTJcaT8nO1azeyHyNpo/fDLtbpbvh+pzts+Qw= github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e h1:3OgWYFw7jxCZPcvAg+4R8A50GZ+CCkARF10lxu2qDsQ= github.com/softlayer/xmlrpc v0.0.0-20200409220501-5f089df7cb7e/go.mod h1:fKZCUVdirrxrBpwd9wb+lSoVixvpwAu8eHzbQB2tums= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= @@ -828,10 +845,10 @@ github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8 github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= -github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1002 h1:RE84sHFFx6t24DJvSnF9fS1DzBNv9OpctzHK3t7AY+I= -github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1002/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= -github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1002 h1:QwE0dRkAAbdf+eACnkNULgDn9ZKUJpPWRyXdqJolP5E= -github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1002/go.mod h1:WdC0FYbqYhJwQ3kbqri6hVP5HAEp+rzX9FToItTAzUg= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1034 h1:T7ewuO2DD+5R2LRpD2kTRy25aCkVDVdYkmmyUS63i08= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1034/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1034 h1:hXxv58/eSlDj80n0P0ISXh91pC/2vqurJNwn5SpXFPI= +github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1034/go.mod h1:hwTIplwF9IYWz5HQcyw0+R8aqJB0lEZB8sI0pIA5Htw= github.com/tjfoc/gmsm v1.4.1 h1:aMe1GlZb+0bLjn+cKTPEvvn9oUEBlJitaZiiBwsbgho= github.com/tjfoc/gmsm v1.4.1/go.mod h1:j4INPkHWMrhJb38G+J6W4Tw0AbuN8Thu3PbdVYhVcTE= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= @@ -842,15 +859,15 @@ github.com/uber/jaeger-client-go v2.30.0+incompatible h1:D6wyKGCecFaSRUpo8lCVbaO github.com/uber/jaeger-client-go v2.30.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk= github.com/uber/jaeger-lib v2.4.1+incompatible h1:td4jdvLcExb4cBISKIpHuGoVXh+dVKhn2Um6rjCsSsg= github.com/uber/jaeger-lib v2.4.1+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U= -github.com/ultradns/ultradns-go-sdk v1.7.0-20240913052650-970ca9a h1:R6IR+Vj/RnGZLnX8PpPQsbbQthctO7Ah2q4tj5eoe2o= -github.com/ultradns/ultradns-go-sdk v1.7.0-20240913052650-970ca9a/go.mod h1:BZr7Qs3ku1ckpqed8tCRSqTlp8NAeZfAVpfx4OzXMss= +github.com/ultradns/ultradns-go-sdk v1.8.0-20241010134910-243eeec h1:2s/ghQ8wKE+UzD/hf3P4Gd1j0JI9ncbxv+nsypPoUYI= +github.com/ultradns/ultradns-go-sdk v1.8.0-20241010134910-243eeec/go.mod h1:BZr7Qs3ku1ckpqed8tCRSqTlp8NAeZfAVpfx4OzXMss= github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI= -github.com/urfave/cli/v2 v2.27.4 h1:o1owoI+02Eb+K107p27wEX9Bb8eqIoZCfLXloLUSWJ8= -github.com/urfave/cli/v2 v2.27.4/go.mod h1:m4QzxcD2qpra4z7WhzEGn74WZLViBnMpb1ToCAKdGRQ= +github.com/urfave/cli/v2 v2.27.5 h1:WoHEJLdsXr6dDWoJgMq/CboDmyY/8HMMH1fTECbih+w= +github.com/urfave/cli/v2 v2.27.5/go.mod h1:3Sevf16NykTbInEnD0yKkjDAeZDS0A6bzhBH5hrMvTQ= github.com/vinyldns/go-vinyldns v0.9.16 h1:GZJStDkcCk1F1AcRc64LuuMh+ENL8pHA0CVd4ulRMcQ= github.com/vinyldns/go-vinyldns v0.9.16/go.mod h1:5qIJOdmzAnatKjurI+Tl4uTus7GJKJxb+zitufjHs3Q= -github.com/volcengine/volc-sdk-golang v1.0.177 h1:Wzqw3ONLNRelhgxk9qQide+CHGNnOzhqa24fNfQflrM= -github.com/volcengine/volc-sdk-golang v1.0.177/go.mod h1:u0VtPvlXWpXDTmc9IHkaW1q+5Jjwus4oAqRhNMDRInE= +github.com/volcengine/volc-sdk-golang v1.0.183 h1:V6M/lhgnBxZS3pLDNwMXSLw+i4VowphNCfVzai6JjWE= +github.com/volcengine/volc-sdk-golang v1.0.183/go.mod h1:u0VtPvlXWpXDTmc9IHkaW1q+5Jjwus4oAqRhNMDRInE= github.com/vultr/govultr/v3 v3.9.1 h1:uxSIb8Miel7tqTs3ee+z3t+JelZikwqBBsZzCOPBy/8= github.com/vultr/govultr/v3 v3.9.1/go.mod h1:Rd8ebpXm7jxH3MDmhnEs+zrlYW212ouhx+HeUMfHm2o= github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= @@ -864,10 +881,10 @@ github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQ github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 h1:gEOO8jv9F4OT7lGCjxCBTO/36wtF6j2nSip77qHd4x4= github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM= -github.com/yandex-cloud/go-genproto v0.0.0-20240911120709-1fa0cb6f47c2 h1:WgeEP+8WizCQyccJNHOMLONq23qVAzYHtyg5qTdUWmg= -github.com/yandex-cloud/go-genproto v0.0.0-20240911120709-1fa0cb6f47c2/go.mod h1:HEUYX/p8966tMUHHT+TsS0hF/Ca/NYwqprC5WXSDMfE= -github.com/yandex-cloud/go-sdk v0.0.0-20240911121212-e4e74d0d02f5 h1:Q4LvUMF4kzaGtopoIdXReL9/qGtmzOewBhF3dQvuHMU= -github.com/yandex-cloud/go-sdk v0.0.0-20240911121212-e4e74d0d02f5/go.mod h1:9dt2V80cfJGRZA+5SKP3Ky+R/DxH02XfKObi2Uy2uPc= +github.com/yandex-cloud/go-genproto v0.0.0-20241101135610-76a0cfc1a773 h1:xkWrnYFWxiwCKVbmuOEMR030UCFklpglmOcPv9yJz2c= +github.com/yandex-cloud/go-genproto v0.0.0-20241101135610-76a0cfc1a773/go.mod h1:0LDD/IZLIUIV4iPH+YcF+jysO3jkSvADFGm4dCAuwQo= +github.com/yandex-cloud/go-sdk v0.0.0-20241101143304-947cf519f6bd h1:LcA5pQoWjS2hhG6bV2ZL9eBEV2wLSVbM2KcpDphYP/w= +github.com/yandex-cloud/go-sdk v0.0.0-20241101143304-947cf519f6bd/go.mod h1:oku4OkbdLLOOpZEz2XxYGXI7rFhxBI5W0cLPmpStdqA= github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -940,8 +957,8 @@ golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIi golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= -golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A= -golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70= +golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw= +golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1036,8 +1053,8 @@ golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= -golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo= -golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0= +golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4= +golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1138,8 +1155,8 @@ golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34= -golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo= +golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= @@ -1148,8 +1165,8 @@ golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o= golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= -golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM= -golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8= +golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24= +golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1166,8 +1183,8 @@ golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224= -golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM= +golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1175,8 +1192,8 @@ golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxb golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= -golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U= -golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= +golang.org/x/time v0.7.0 h1:ntUhktv3OPE6TgYxXWv9vKvUSJyIFJlyohwbkEwPrKQ= +golang.org/x/time v0.7.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -1257,8 +1274,8 @@ google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0M google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= -google.golang.org/api v0.197.0 h1:x6CwqQLsFiA5JKAiGyGBjc2bNtHtLddhJCE2IKuhhcQ= -google.golang.org/api v0.197.0/go.mod h1:AuOuo20GoQ331nq7DquGHlU6d+2wN2fZ8O0ta60nRNw= +google.golang.org/api v0.204.0 h1:3PjmQQEDkR/ENVZZwIYB4W/KzYtN8OrqnNcHWpeR8E4= +google.golang.org/api v0.204.0/go.mod h1:69y8QSoKIbL9F94bWgWAq6wGqGwyjBgi2y8rAK8zLag= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -1297,13 +1314,12 @@ google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= google.golang.org/genproto v0.0.0-20210917145530-b395a37504d4/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20211021150943-2b146023228c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1 h1:BulPr26Jqjnd4eYDVe+YvyR7Yc2vJGkO5/0UxD0/jZU= -google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:hL97c3SYopEHblzpxRL4lSs523++l8DYxGM1FQiYmb4= -google.golang.org/genproto/googleapis/api v0.0.0-20240827150818-7e3bb234dfed h1:3RgNmBoI9MZhsj3QxC+AP/qQhNwpCLOvYDYYsFrhFt0= -google.golang.org/genproto/googleapis/api v0.0.0-20240827150818-7e3bb234dfed/go.mod h1:OCdP9MfskevB/rbYvHTsXTtKC+3bHWajPdoKgjcYkfo= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 h1:pPJltXNxVzT4pK9yD8vR9X75DaWYYmLGMsEvBfFQZzQ= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU= +google.golang.org/genproto v0.0.0-20241021214115-324edc3d5d38 h1:Q3nlH8iSQSRUwOskjbcSMcF2jiYMNiQYZ0c2KEJLKKU= +google.golang.org/genproto v0.0.0-20241021214115-324edc3d5d38/go.mod h1:xBI+tzfqGGN2JBeSebfKXFSdBpWVQ7sLW40PTupVRm4= +google.golang.org/genproto/googleapis/api v0.0.0-20241015192408-796eee8c2d53 h1:fVoAXEKA4+yufmbdVYv+SE73+cPZbbbe8paLsHfkK+U= +google.golang.org/genproto/googleapis/api v0.0.0-20241015192408-796eee8c2d53/go.mod h1:riSXTwQ4+nqmPGtobMFyW5FqVAmIs0St6VPp4Ug7CE4= +google.golang.org/genproto/googleapis/rpc v0.0.0-20241021214115-324edc3d5d38 h1:zciRKQ4kBpFgpfC5QQCVtnnNAcLIqweL7plyZRQHVpI= +google.golang.org/genproto/googleapis/rpc v0.0.0-20241021214115-324edc3d5d38/go.mod h1:GX3210XPVPUjJbTUbvwI8f2IpZDMZuPJWDzDuebbviI= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -1321,9 +1337,8 @@ google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzIUK6k= -google.golang.org/grpc v1.66.1 h1:hO5qAXR19+/Z44hmvIM4dQFMSYX9XcWsByfoxutBpAM= -google.golang.org/grpc v1.66.1/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y= +google.golang.org/grpc v1.67.1 h1:zWnc1Vrcno+lHZCOofnIMvycFcc0QRGIzm9dhnDX68E= +google.golang.org/grpc v1.67.1/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFNg2AA= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -1338,8 +1353,8 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= +google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -1358,8 +1373,8 @@ gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= -gopkg.in/ns1/ns1-go.v2 v2.12.0 h1:cqdqQoTx17JmTusfxh5m3e2b36jfUzFAZedv89pFX18= -gopkg.in/ns1/ns1-go.v2 v2.12.0/go.mod h1:pfaU0vECVP7DIOr453z03HXS6dFJpXdNRwOyRzwmPSc= +gopkg.in/ns1/ns1-go.v2 v2.12.2 h1:SPM5BTTMJ1zVBhMMiiPFdF7l6Y3fq5o7bKM7jDqsUfM= +gopkg.in/ns1/ns1-go.v2 v2.12.2/go.mod h1:pfaU0vECVP7DIOr453z03HXS6dFJpXdNRwOyRzwmPSc= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= diff --git a/internal/dns/docs/generator.go b/internal/dns/docs/generator.go index 30e543faa3..a6b91b45d6 100644 --- a/internal/dns/docs/generator.go +++ b/internal/dns/docs/generator.go @@ -5,28 +5,36 @@ package main import ( "bufio" "bytes" + "embed" "errors" "fmt" "go/format" - "io" + html "html/template" "log" "os" "path/filepath" - "sort" + "slices" "strings" "text/template" "github.com/go-acme/lego/v4/internal/dns/descriptors" ) +//go:embed templates +var templateFS embed.FS + const ( root = "../../../" - mdTemplate = root + "internal/dns/docs/dns.md.tmpl" - cliTemplate = root + "internal/dns/docs/dns.go.tmpl" - cliOutput = root + "cmd/zz_gen_cmd_dnshelp.go" - docOutput = root + "docs/content/dns" - readmePath = root + "README.md" + cliOutput = root + "cmd/zz_gen_cmd_dnshelp.go" + docOutput = root + "docs/content/dns" + readmePath = root + "README.md" +) + +const ( + mdTemplate = "templates/dns.md.tmpl" + cliTemplate = "templates/dns.go.tmpl" + readmeTemplate = "templates/readme.md.tmpl" ) const ( @@ -73,7 +81,7 @@ func generateDocumentation(m descriptors.Provider) error { defer func() { _ = file.Close() }() - return template.Must(template.ParseFiles(mdTemplate)).Execute(file, m) + return template.Must(template.ParseFS(templateFS, mdTemplate)).Execute(file, m) } func generateCLIHelp(models *descriptors.Providers) error { @@ -86,14 +94,14 @@ func generateCLIHelp(models *descriptors.Providers) error { defer func() { _ = file.Close() }() - tlt := template.New(filepath.Base(cliTemplate)).Funcs(map[string]interface{}{ - "safe": func(src string) string { - return strings.ReplaceAll(src, "`", "'") - }, - }) - b := &bytes.Buffer{} - err = template.Must(tlt.ParseFiles(cliTemplate)).Execute(b, models) + err = template.Must( + template.New(filepath.Base(cliTemplate)).Funcs(map[string]interface{}{ + "safe": func(src string) string { + return strings.ReplaceAll(src, "`", "'") + }, + }).ParseFS(templateFS, cliTemplate), + ).Execute(b, models) if err != nil { return err } @@ -109,7 +117,8 @@ func generateCLIHelp(models *descriptors.Providers) error { } func generateReadMe(models *descriptors.Providers) error { - maximum, lines := extractTableData(models) + tpl := html.Must(html.New(filepath.Base(readmeTemplate)).ParseFS(templateFS, readmeTemplate)) + providers := orderProviders(models) file, err := os.Open(readmePath) if err != nil { @@ -128,8 +137,7 @@ func generateReadMe(models *descriptors.Providers) error { if text == startLine { _, _ = fmt.Fprintln(buffer, text) - err = writeDNSTable(buffer, lines, maximum) - if err != nil { + if err = tpl.Execute(buffer, providers); err != nil { return err } skip = true @@ -157,83 +165,45 @@ func generateReadMe(models *descriptors.Providers) error { return os.WriteFile(readmePath, buffer.Bytes(), 0o666) } -func extractTableData(models *descriptors.Providers) (int, [][]string) { - readmePattern := "[%s](https://go-acme.github.io/lego/dns/%s/)" - - items := []string{fmt.Sprintf(readmePattern, "Manual", "manual")} - - var maximum int - - for _, pvd := range models.Providers { - item := fmt.Sprintf(readmePattern, strings.ReplaceAll(pvd.Name, "|", "/"), pvd.Code) - items = append(items, item) - - if maximum < len(item) { - maximum = len(item) - } - } +func orderProviders(models *descriptors.Providers) [][]descriptors.Provider { + providers := append(models.Providers, descriptors.Provider{ + Name: "Manual", + Code: "manual", + }) const nbCol = 4 - sort.Slice(items, func(i, j int) bool { - return strings.ToLower(items[i]) < strings.ToLower(items[j]) + slices.SortFunc(providers, func(a, b descriptors.Provider) int { + return strings.Compare(strings.ToLower(a.Name), strings.ToLower(b.Name)) }) - var lines [][]string - var line []string + var matrix [][]descriptors.Provider + var row []descriptors.Provider - for i, item := range items { + for i, p := range providers { switch { - case len(line) == nbCol: - lines = append(lines, line) - line = []string{item} - - case i == len(items)-1: - line = append(line, item) - for j := len(line); j < nbCol; j++ { - line = append(line, "") + case len(row) == nbCol: + matrix = append(matrix, row) + row = []descriptors.Provider{p} + + case i == len(providers)-1: + row = append(row, p) + for j := len(row); j < nbCol; j++ { + row = append(row, descriptors.Provider{}) } - lines = append(lines, line) + matrix = append(matrix, row) default: - line = append(line, item) - } - } - - if len(line) < nbCol { - for j := len(line); j < nbCol; j++ { - line = append(line, "") + row = append(row, p) } - lines = append(lines, line) } - return maximum, lines -} - -func writeDNSTable(w io.Writer, lines [][]string, size int) error { - _, err := fmt.Fprintf(w, "\n") - if err != nil { - return err - } - - _, err = fmt.Fprintf(w, "|%[1]s|%[1]s|%[1]s|%[1]s|\n", strings.Repeat(" ", size+2)) - if err != nil { - return err - } - - _, err = fmt.Fprintf(w, "|%[1]s|%[1]s|%[1]s|%[1]s|\n", strings.Repeat("-", size+2)) - if err != nil { - return err - } - - linePattern := fmt.Sprintf("| %%-%[1]ds | %%-%[1]ds | %%-%[1]ds | %%-%[1]ds |\n", size) - for _, line := range lines { - _, err = fmt.Fprintf(w, linePattern, line[0], line[1], line[2], line[3]) - if err != nil { - return err + if len(row) < nbCol { + for j := len(row); j < nbCol; j++ { + row = append(row, descriptors.Provider{}) } + matrix = append(matrix, row) } - _, err = fmt.Fprintf(w, "\n") - return err + return matrix } diff --git a/internal/dns/docs/dns.go.tmpl b/internal/dns/docs/templates/dns.go.tmpl similarity index 100% rename from internal/dns/docs/dns.go.tmpl rename to internal/dns/docs/templates/dns.go.tmpl diff --git a/internal/dns/docs/dns.md.tmpl b/internal/dns/docs/templates/dns.md.tmpl similarity index 100% rename from internal/dns/docs/dns.md.tmpl rename to internal/dns/docs/templates/dns.md.tmpl diff --git a/internal/dns/docs/templates/readme.md.tmpl b/internal/dns/docs/templates/readme.md.tmpl new file mode 100644 index 0000000000..09cb10dae8 --- /dev/null +++ b/internal/dns/docs/templates/readme.md.tmpl @@ -0,0 +1,11 @@ + + +{{- range . -}} + + {{- range . }} + + {{- end }} + +{{- end -}} +
{{if .Code }}{{ .Name }}{{end}}
+ diff --git a/internal/dns/providers/generator.go b/internal/dns/providers/generator.go index 98749db470..bab31072d2 100644 --- a/internal/dns/providers/generator.go +++ b/internal/dns/providers/generator.go @@ -4,6 +4,7 @@ package main import ( "bytes" + _ "embed" "fmt" "go/format" "log" @@ -18,10 +19,12 @@ import ( const ( root = "../../../" - srcTemplate = "internal/dns/providers/dns_providers.go.tmpl" - outputPath = "providers/dns/zz_gen_dns_providers.go" + outputPath = "providers/dns/zz_gen_dns_providers.go" ) +//go:embed dns_providers.go.tmpl +var srcTemplate string + func main() { err := generate() if err != nil { @@ -42,16 +45,14 @@ func generate() error { defer func() { _ = file.Close() }() - tmplFile := filepath.Join(root, srcTemplate) - - tlt := template.New(filepath.Base(tmplFile)).Funcs(map[string]interface{}{ - "cleanName": func(src string) string { - return strings.ReplaceAll(src, "-", "") - }, - }) - b := &bytes.Buffer{} - err = template.Must(tlt.ParseFiles(tmplFile)).Execute(b, info) + err = template.Must( + template.New("").Funcs(map[string]interface{}{ + "cleanName": func(src string) string { + return strings.ReplaceAll(src, "-", "") + }, + }).Parse(srcTemplate), + ).Execute(b, info) if err != nil { return err } diff --git a/internal/releaser/generator.go b/internal/releaser/generator.go new file mode 100644 index 0000000000..d1b3e74e1d --- /dev/null +++ b/internal/releaser/generator.go @@ -0,0 +1,84 @@ +package main + +import ( + "bytes" + "embed" + "fmt" + "go/format" + "os" + "path/filepath" + "text/template" +) + +const ( + dnsTemplate = "templates/dns.go.tmpl" + dnsTargetFile = "./providers/dns/internal/useragent/useragent.go" +) + +const ( + senderTemplate = "templates/sender.go.tmpl" + senderTargetFile = "./acme/api/internal/sender/useragent.go" +) + +const ( + versionTemplate = "templates/version.go.tmpl" + versionTargetFile = "./cmd/lego/zz_gen_version.go" +) + +//go:embed templates +var templateFS embed.FS + +type Generator struct { + templatePath string + targetFile string +} + +func NewGenerator(templatePath string, targetFile string) *Generator { + return &Generator{templatePath: templatePath, targetFile: targetFile} +} + +func (g *Generator) Generate(version, comment string) error { + tmpl, err := template.New(filepath.Base(g.templatePath)).ParseFS(templateFS, g.templatePath) + if err != nil { + return fmt.Errorf("parsing template (%s): %w", g.templatePath, err) + } + + b := &bytes.Buffer{} + + err = tmpl.Execute(b, map[string]string{ + "version": version, + "comment": comment, + }) + if err != nil { + return fmt.Errorf("execute template (%s): %w", g.templatePath, err) + } + + source, err := format.Source(b.Bytes()) + if err != nil { + return fmt.Errorf("format generated content (%s): %w", g.targetFile, err) + } + + err = os.WriteFile(g.targetFile, source, 0o644) + if err != nil { + return fmt.Errorf("write file (%s): %w", g.targetFile, err) + } + + return nil +} + +func generate(targetVersion, comment string) error { + generators := []*Generator{ + NewGenerator(dnsTemplate, dnsTargetFile), + NewGenerator(senderTemplate, senderTargetFile), + NewGenerator(versionTemplate, versionTargetFile), + } + + for _, generator := range generators { + err := generator.Generate(targetVersion, comment) + if err != nil { + return fmt.Errorf("generate file(s): %w", err) + } + } + + return nil +} diff --git a/internal/releaser/releaser.go b/internal/releaser/releaser.go new file mode 100644 index 0000000000..6047c427cf --- /dev/null +++ b/internal/releaser/releaser.go @@ -0,0 +1,183 @@ +package main + +import ( + "fmt" + "go/ast" + "go/parser" + "go/token" + "log" + "os" + "strconv" + + hcversion "github.com/hashicorp/go-version" + "github.com/urfave/cli/v2" +) + +const flgMode = "mode" + +const ( + modePatch = "patch" + modeMinor = "minor" + modeMajor = "major" +) + +const versionSourceFile = "./cmd/lego/zz_gen_version.go" + +const ( + commentRelease = "release" + commentDetach = "detach" +) + +func main() { + app := cli.NewApp() + app.Name = "lego-releaser" + app.Usage = "Lego releaser" + app.HelpName = "releaser" + app.Commands = []*cli.Command{ + { + Name: "release", + Usage: "Update file for a release", + Action: release, + Before: func(ctx *cli.Context) error { + mode := ctx.String("mode") + switch mode { + case modePatch, modeMinor, modeMajor: + return nil + default: + return fmt.Errorf("invalid mode: %s", mode) + } + }, + Flags: []cli.Flag{ + &cli.StringFlag{ + Name: flgMode, + Aliases: []string{"m"}, + Value: modePatch, + Usage: fmt.Sprintf("The release mode: %s|%s|%s", modePatch, modeMinor, modeMajor), + }, + }, + }, + { + Name: "detach", + Usage: "Update file post release", + Action: detach, + }, + } + + err := app.Run(os.Args) + if err != nil { + log.Fatal(err) + } +} + +func release(ctx *cli.Context) error { + mode := ctx.String(flgMode) + + currentVersion, err := readCurrentVersion(versionSourceFile) + if err != nil { + return fmt.Errorf("read current version: %w", err) + } + + nextVersion, err := bumpVersion(mode, currentVersion) + if err != nil { + return fmt.Errorf("bump version: %w", err) + } + + err = generate(nextVersion, commentRelease) + if err != nil { + return err + } + + return nil +} + +func detach(_ *cli.Context) error { + currentVersion, err := readCurrentVersion(versionSourceFile) + if err != nil { + return fmt.Errorf("read current version: %w", err) + } + + v := currentVersion.Core().String() + + err = generate(v, commentDetach) + if err != nil { + return err + } + + return nil +} + +func readCurrentVersion(filename string) (*hcversion.Version, error) { + fset := token.NewFileSet() + file, err := parser.ParseFile(fset, filename, nil, parser.AllErrors) + if err != nil { + return nil, err + } + + v := visitor{data: make(map[string]string)} + ast.Walk(v, file) + + current, err := hcversion.NewSemver(v.data["defaultVersion"]) + if err != nil { + return nil, err + } + + return current, nil +} + +type visitor struct { + data map[string]string +} + +func (v visitor) Visit(n ast.Node) ast.Visitor { + if n == nil { + return nil + } + + switch d := n.(type) { + case *ast.GenDecl: + if d.Tok == token.CONST { + for _, spec := range d.Specs { + valueSpec, ok := spec.(*ast.ValueSpec) + if !ok { + continue + } + if len(valueSpec.Names) != 1 || len(valueSpec.Values) != 1 { + continue + } + + va, ok := valueSpec.Values[0].(*ast.BasicLit) + if !ok { + continue + } + if va.Kind != token.STRING { + continue + } + + s, err := strconv.Unquote(va.Value) + if err != nil { + continue + } + + v.data[valueSpec.Names[0].String()] = s + } + } + default: + // noop + } + return v +} + +func bumpVersion(mode string, v *hcversion.Version) (string, error) { + segments := v.Segments() + + switch mode { + case modePatch: + return fmt.Sprintf("%d.%d.%d", segments[0], segments[1], segments[2]+1), nil + case modeMinor: + return fmt.Sprintf("%d.%d.0", segments[0], segments[1]+1), nil + case modeMajor: + return fmt.Sprintf("%d.0.0", segments[0]+1), nil + default: + return "", fmt.Errorf("invalid mode: %s", mode) + } +} diff --git a/internal/useragent/data_dns.go b/internal/releaser/templates/dns.go.tmpl similarity index 77% rename from internal/useragent/data_dns.go rename to internal/releaser/templates/dns.go.tmpl index 2ce8a3223e..0e5cd65d70 100644 --- a/internal/useragent/data_dns.go +++ b/internal/releaser/templates/dns.go.tmpl @@ -1,10 +1,4 @@ -package main - -const dnsBaseUserAgent = "goacme-lego/" - -const dnsSourceFile = "./providers/dns/internal/useragent/useragent.go" - -const dnsTemplate = `// Code generated by 'internal/useragent'; DO NOT EDIT. +// Code generated by 'internal/releaser'; DO NOT EDIT. package useragent @@ -33,4 +27,3 @@ func Get() string { func SetHeader(h http.Header) { h.Set("User-Agent", Get()) } -` diff --git a/internal/useragent/data_sender.go b/internal/releaser/templates/sender.go.tmpl similarity index 64% rename from internal/useragent/data_sender.go rename to internal/releaser/templates/sender.go.tmpl index 5da2d8538d..c072538418 100644 --- a/internal/useragent/data_sender.go +++ b/internal/releaser/templates/sender.go.tmpl @@ -1,10 +1,4 @@ -package main - -const senderBaseUserAgent = "xenolf-acme/" - -const senderSourceFile = "./acme/api/internal/sender/useragent.go" - -const senderTemplate = `// Code generated by 'internal/useragent'; DO NOT EDIT. +// Code generated by 'internal/releaser'; DO NOT EDIT. package sender @@ -17,5 +11,3 @@ const ( // NOTE: Update this with each tagged release. ourUserAgentComment = "{{ .comment }}" ) - -` diff --git a/internal/releaser/templates/version.go.tmpl b/internal/releaser/templates/version.go.tmpl new file mode 100644 index 0000000000..0c25120479 --- /dev/null +++ b/internal/releaser/templates/version.go.tmpl @@ -0,0 +1,15 @@ +// Code generated by 'internal/releaser'; DO NOT EDIT. + +package main + +const defaultVersion = "v{{ .version }}+dev{{ if .comment }}-{{ .comment }}{{end}}" + +var version = "" + +func getVersion() string { + if version == "" { + return defaultVersion + } + + return version +} diff --git a/internal/useragent/generator.go b/internal/useragent/generator.go deleted file mode 100644 index bfa2e406b5..0000000000 --- a/internal/useragent/generator.go +++ /dev/null @@ -1,170 +0,0 @@ -package main - -import ( - "bytes" - "fmt" - "go/ast" - "go/format" - "go/parser" - "go/token" - "os" - "regexp" - "strconv" - "strings" - "text/template" -) - -type Generator struct { - baseUserAgent string - template string - sourcePath string -} - -func NewGenerator(baseUserAgent string, tmpl string, sourcePath string) *Generator { - return &Generator{baseUserAgent: baseUserAgent, template: tmpl, sourcePath: sourcePath} -} - -func (g *Generator) Release(mode string) error { - // Read file - data, err := readUserAgentFile(g.sourcePath) - if err != nil { - return err - } - - // Bump version - newVersion, err := g.bumpVersion(data["ourUserAgent"], mode) - if err != nil { - return err - } - - // Write file - comment := "release" // detach|release - - return g.writeUserAgentFile(g.sourcePath, newVersion, comment) -} - -func (g *Generator) Detach() error { - // Read file - data, err := readUserAgentFile(g.sourcePath) - if err != nil { - return err - } - - // Write file - version := strings.TrimPrefix(data["ourUserAgent"], g.baseUserAgent) - comment := "detach" - - return g.writeUserAgentFile(g.sourcePath, version, comment) -} - -func (g *Generator) writeUserAgentFile(filename, version, comment string) error { - tmpl, err := template.New("ua").Parse(g.template) - if err != nil { - return err - } - - b := &bytes.Buffer{} - err = tmpl.Execute(b, map[string]string{ - "version": version, - "comment": comment, - }) - if err != nil { - return err - } - - source, err := format.Source(b.Bytes()) - if err != nil { - return err - } - - return os.WriteFile(filename, source, 0o644) -} - -func (g *Generator) bumpVersion(userAgent, mode string) (string, error) { - prevVersion := strings.TrimPrefix(userAgent, g.baseUserAgent) - - allString := regexp.MustCompile(`(\d+)\.(\d+)\.(\d+)`).FindStringSubmatch(prevVersion) - - if len(allString) != 4 { - return "", fmt.Errorf("invalid version format: %s", prevVersion) - } - - switch mode { - case "patch": - patch, err := strconv.Atoi(allString[3]) - if err != nil { - return "", err - } - return fmt.Sprintf("%s.%s.%d", allString[1], allString[2], patch+1), nil - case "minor": - minor, err := strconv.Atoi(allString[2]) - if err != nil { - return "", err - } - return fmt.Sprintf("%s.%d.0", allString[1], minor+1), nil - case "major": - major, err := strconv.Atoi(allString[1]) - if err != nil { - return "", err - } - return fmt.Sprintf("%d.0.0", major+1), nil - default: - return "", fmt.Errorf("invalid mode: %s", mode) - } -} - -func readUserAgentFile(filename string) (map[string]string, error) { - fset := token.NewFileSet() - file, err := parser.ParseFile(fset, filename, nil, parser.AllErrors) - if err != nil { - return nil, err - } - - v := visitor{data: make(map[string]string)} - ast.Walk(v, file) - - return v.data, nil -} - -type visitor struct { - data map[string]string -} - -func (v visitor) Visit(n ast.Node) ast.Visitor { - if n == nil { - return nil - } - - switch d := n.(type) { - case *ast.GenDecl: - if d.Tok == token.CONST { - for _, spec := range d.Specs { - valueSpec, ok := spec.(*ast.ValueSpec) - if !ok { - continue - } - if len(valueSpec.Names) != 1 || len(valueSpec.Values) != 1 { - continue - } - - va, ok := valueSpec.Values[0].(*ast.BasicLit) - if !ok { - continue - } - if va.Kind != token.STRING { - continue - } - - s, err := strconv.Unquote(va.Value) - if err != nil { - continue - } - - v.data[valueSpec.Names[0].String()] = s - } - } - default: - // noop - } - return v -} diff --git a/internal/useragent/main.go b/internal/useragent/main.go deleted file mode 100644 index 9add82aa47..0000000000 --- a/internal/useragent/main.go +++ /dev/null @@ -1,84 +0,0 @@ -package main - -import ( - "fmt" - "log" - "os" - - "github.com/urfave/cli/v2" -) - -func main() { - app := cli.NewApp() - app.Name = "lego-releaser" - app.Usage = "Lego releaser" - app.HelpName = "releaser" - app.Commands = []*cli.Command{ - { - Name: "release", - Usage: "Update file for a release", - Action: release, - Before: func(ctx *cli.Context) error { - mode := ctx.String("mode") - switch mode { - case "patch", "minor", "major": - return nil - default: - return fmt.Errorf("invalid mode: %s", mode) - } - }, - Flags: []cli.Flag{ - &cli.StringFlag{ - Name: "mode", - Aliases: []string{"m"}, - Value: "patch", - Usage: "The release mode: patch|minor|major", - }, - }, - }, - { - Name: "detach", - Usage: "Update file post release", - Action: detach, - }, - } - - err := app.Run(os.Args) - if err != nil { - log.Fatal(err) - } -} - -func release(ctx *cli.Context) error { - mode := ctx.String("mode") - - generators := []*Generator{ - NewGenerator(senderBaseUserAgent, senderTemplate, senderSourceFile), - NewGenerator(dnsBaseUserAgent, dnsTemplate, dnsSourceFile), - } - - for _, generator := range generators { - err := generator.Release(mode) - if err != nil { - return err - } - } - - return nil -} - -func detach(_ *cli.Context) error { - generators := []*Generator{ - NewGenerator(senderBaseUserAgent, senderTemplate, senderSourceFile), - NewGenerator(dnsBaseUserAgent, dnsTemplate, dnsSourceFile), - } - - for _, generator := range generators { - err := generator.Detach() - if err != nil { - return err - } - } - - return nil -} diff --git a/providers/dns/acmedns/acmedns.toml b/providers/dns/acmedns/acmedns.toml index 098260a375..f4632411b2 100644 --- a/providers/dns/acmedns/acmedns.toml +++ b/providers/dns/acmedns/acmedns.toml @@ -8,7 +8,7 @@ Since = "v1.1.0" Example = ''' ACME_DNS_API_BASE=http://10.0.0.8:4443 \ ACME_DNS_STORAGE_PATH=/root/.lego-acme-dns-accounts.json \ -lego --email you@example.com --dns acme-dns --domains my.example.org run +lego --email you@example.com --dns "acme-dns" -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/alidns/alidns.toml b/providers/dns/alidns/alidns.toml index 875307443d..e2d5af8f8f 100644 --- a/providers/dns/alidns/alidns.toml +++ b/providers/dns/alidns/alidns.toml @@ -7,13 +7,13 @@ Since = "v1.1.0" Example = ''' # Setup using instance RAM role ALICLOUD_RAM_ROLE=lego \ -lego --email you@example.com --dns alidns --domains my.example.org run +lego --email you@example.com --dns alidns -d '*.example.com' -d example.com run # Or, using credentials ALICLOUD_ACCESS_KEY=abcdefghijklmnopqrstuvwx \ ALICLOUD_SECRET_KEY=your-secret-key \ ALICLOUD_SECURITY_TOKEN=your-sts-token \ -lego --email you@example.com --dns alidns --domains my.example.org run +lego --email you@example.com --dns alidns - -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/allinkl/allinkl.toml b/providers/dns/allinkl/allinkl.toml index 29534f34cd..4a308d6537 100644 --- a/providers/dns/allinkl/allinkl.toml +++ b/providers/dns/allinkl/allinkl.toml @@ -7,7 +7,7 @@ Since = "v4.5.0" Example = ''' ALL_INKL_LOGIN=xxxxxxxxxxxxxxxxxxxxxxxxxx \ ALL_INKL_PASSWORD=yyyyyyyyyyyyyyyyyyyyyyyyyy \ -lego --email you@example.com --dns allinkl --domains my.example.org run +lego --email you@example.com --dns allinkl -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/arvancloud/arvancloud.toml b/providers/dns/arvancloud/arvancloud.toml index f53eb72996..3c0fed4ac7 100644 --- a/providers/dns/arvancloud/arvancloud.toml +++ b/providers/dns/arvancloud/arvancloud.toml @@ -6,7 +6,7 @@ Since = "v3.8.0" Example = ''' ARVANCLOUD_API_KEY="Apikey xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" \ -lego --email you@example.com --dns arvancloud --domains my.example.org run +lego --email you@example.com --dns arvancloud -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/auroradns/auroradns.toml b/providers/dns/auroradns/auroradns.toml index 4afaf71848..4ee8c09757 100644 --- a/providers/dns/auroradns/auroradns.toml +++ b/providers/dns/auroradns/auroradns.toml @@ -7,7 +7,7 @@ Since = "v0.4.0" Example = ''' AURORA_API_KEY=xxxxx \ AURORA_SECRET=yyyyyy \ -lego --email you@example.com --dns auroradns --domains my.example.org run +lego --email you@example.com --dns auroradns -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/auroradns/auroradns_test.go b/providers/dns/auroradns/auroradns_test.go index 6e4aa54a7c..cbd51b8303 100644 --- a/providers/dns/auroradns/auroradns_test.go +++ b/providers/dns/auroradns/auroradns_test.go @@ -163,7 +163,7 @@ func TestDNSProvider_Present(t *testing.T) { reqBody, err := io.ReadAll(r.Body) require.NoError(t, err) - assert.Equal(t, `{"type":"TXT","name":"_acme-challenge","content":"w6uP8Tcg6K2QR905Rms8iXTlksL6OD1KOWBxTK7wxPI","ttl":300}`, string(reqBody)) + assert.JSONEq(t, `{"type":"TXT","name":"_acme-challenge","content":"w6uP8Tcg6K2QR905Rms8iXTlksL6OD1KOWBxTK7wxPI","ttl":300}`, string(reqBody)) w.WriteHeader(http.StatusCreated) fmt.Fprintf(w, `{ diff --git a/providers/dns/autodns/autodns.toml b/providers/dns/autodns/autodns.toml index 112ec86e3b..353f223a94 100644 --- a/providers/dns/autodns/autodns.toml +++ b/providers/dns/autodns/autodns.toml @@ -7,7 +7,7 @@ Since = "v3.2.0" Example = ''' AUTODNS_API_USER=username \ AUTODNS_API_PASSWORD=supersecretpassword \ -lego --email you@example.com --dns autodns --domains my.example.org run +lego --email you@example.com --dns autodns -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/azuredns/azuredns.toml b/providers/dns/azuredns/azuredns.toml index 7cd1b5814b..1f160a856e 100644 --- a/providers/dns/azuredns/azuredns.toml +++ b/providers/dns/azuredns/azuredns.toml @@ -10,32 +10,32 @@ Example = ''' AZURE_CLIENT_ID= \ AZURE_TENANT_ID= \ AZURE_CLIENT_SECRET= \ -lego --domains example.com --email your_example@email.com --dns azuredns run +lego --email you@example.com --dns azuredns -d '*.example.com' -d example.com run ### Using client certificate AZURE_CLIENT_ID= \ AZURE_TENANT_ID= \ AZURE_CLIENT_CERTIFICATE_PATH= \ -lego --domains example.com --email your_example@email.com --dns azuredns run +lego --email you@example.com --dns azuredns -d '*.example.com' -d example.com run ### Using Azure CLI az login \ -lego --domains example.com --email your_example@email.com --dns azuredns run +lego --email you@example.com --dns azuredns -d '*.example.com' -d example.com run ### Using Managed Identity (Azure VM) AZURE_TENANT_ID= \ AZURE_RESOURCE_GROUP= \ -lego --domains example.com --email your_example@email.com --dns azuredns run +lego --email you@example.com --dns azuredns -d '*.example.com' -d example.com run ### Using Managed Identity (Azure Arc) AZURE_TENANT_ID= \ IMDS_ENDPOINT=http://localhost:40342 \ IDENTITY_ENDPOINT=http://localhost:40342/metadata/identity/oauth2/token \ -lego --domains example.com --email your_example@email.com --dns azuredns run +lego --email you@example.com --dns azuredns -d '*.example.com' -d example.com run ''' diff --git a/providers/dns/bindman/bindman.toml b/providers/dns/bindman/bindman.toml index 9804bf62de..4befe9e9d4 100644 --- a/providers/dns/bindman/bindman.toml +++ b/providers/dns/bindman/bindman.toml @@ -6,7 +6,7 @@ Since = "v2.6.0" Example = ''' BINDMAN_MANAGER_ADDRESS= \ -lego --email you@example.com --dns bindman --domains my.example.org run +lego --email you@example.com --dns bindman -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/bluecat/bluecat.toml b/providers/dns/bluecat/bluecat.toml index 11a2f0e2ca..e7eb456649 100644 --- a/providers/dns/bluecat/bluecat.toml +++ b/providers/dns/bluecat/bluecat.toml @@ -11,7 +11,7 @@ BLUECAT_USER_NAME=myusername \ BLUECAT_CONFIG_NAME=myconfig \ BLUECAT_SERVER_URL=https://bam.example.com \ BLUECAT_TTL=30 \ -lego --email you@example.com --dns bluecat --domains my.example.org run +lego --email you@example.com --dns bluecat -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/brandit/brandit.toml b/providers/dns/brandit/brandit.toml index acf61bd7f5..1c70eb1caa 100644 --- a/providers/dns/brandit/brandit.toml +++ b/providers/dns/brandit/brandit.toml @@ -1,5 +1,10 @@ -Name = "Brandit" -Description = '''''' +Name = "Brandit (deprecated)" +Description = ''' +Brandit has been acquired by Abion. +Abion has a different API. + +If you are a Brandit/Albion user, you can try the PR https://github.com/go-acme/lego/pull/2112. +''' URL = "https://www.brandit.com/" Code = "brandit" Since = "v4.11.0" @@ -7,7 +12,7 @@ Since = "v4.11.0" Example = ''' BRANDIT_API_KEY=xxxxxxxxxxxxxxxxxxxxx \ BRANDIT_API_USERNAME=yyyyyyyyyyyyyyyyyyyy \ -lego --email myemail@example.com --dns brandit --domains my.example.org run +lego --email you@example.com --dns brandit -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/bunny/bunny.toml b/providers/dns/bunny/bunny.toml index 93ccfadbe7..22b119bbb2 100644 --- a/providers/dns/bunny/bunny.toml +++ b/providers/dns/bunny/bunny.toml @@ -6,7 +6,7 @@ Since = "v4.11.0" Example = ''' BUNNY_API_KEY=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx \ -lego --email you@example.com --dns bunny --domains my.example.org run +lego --email you@example.com --dns bunny -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/checkdomain/checkdomain.toml b/providers/dns/checkdomain/checkdomain.toml index 854fab3d7e..309b1dfa1a 100644 --- a/providers/dns/checkdomain/checkdomain.toml +++ b/providers/dns/checkdomain/checkdomain.toml @@ -6,7 +6,7 @@ Since = "v3.3.0" Example = ''' CHECKDOMAIN_TOKEN=yoursecrettoken \ -lego --email you@example.com --dns checkdomain --domains my.example.org run +lego --email you@example.com --dns checkdomain -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/civo/civo.toml b/providers/dns/civo/civo.toml index 9b759dc8c8..fe29364a47 100644 --- a/providers/dns/civo/civo.toml +++ b/providers/dns/civo/civo.toml @@ -6,7 +6,7 @@ Since = "v4.9.0" Example = ''' CIVO_TOKEN=xxxxxx \ -lego --email you@example.com --dns civo --domains my.example.org run +lego --email you@example.com --dns civo -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/clouddns/clouddns.toml b/providers/dns/clouddns/clouddns.toml index 3c73dd99f4..1927e21b50 100644 --- a/providers/dns/clouddns/clouddns.toml +++ b/providers/dns/clouddns/clouddns.toml @@ -8,7 +8,7 @@ Example = ''' CLOUDDNS_CLIENT_ID=bLsdFAks23429841238feb177a572aX \ CLOUDDNS_EMAIL=you@example.com \ CLOUDDNS_PASSWORD=b9841238feb177a84330f \ -lego --email you@example.com --dns clouddns --domains my.example.org run +lego --email you@example.com --dns clouddns -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/cloudflare/cloudflare.toml b/providers/dns/cloudflare/cloudflare.toml index fa4ed74736..0a8295f698 100644 --- a/providers/dns/cloudflare/cloudflare.toml +++ b/providers/dns/cloudflare/cloudflare.toml @@ -7,12 +7,12 @@ Since = "v0.3.0" Example = ''' CLOUDFLARE_EMAIL=you@example.com \ CLOUDFLARE_API_KEY=b9841238feb177a84330febba8a83208921177bffe733 \ -lego --email you@example.com --dns cloudflare --domains my.example.org run +lego --email you@example.com --dns cloudflare -d '*.example.com' -d example.com run # or CLOUDFLARE_DNS_API_TOKEN=1234567890abcdefghijklmnopqrstuvwxyz \ -lego --email you@example.com --dns cloudflare --domains my.example.org run +lego --email you@example.com --dns cloudflare -d '*.example.com' -d example.com run ''' Additional = ''' @@ -46,12 +46,13 @@ Then pass the API token as `CF_DNS_API_TOKEN` to Lego. **Alternatively,** if you prefer a more strict set of privileges, you can split the access tokens: -* Create one with *Zone / Zone / Read* permissions and scope it to all your zones. +* Create one with *Zone / Zone / Read* permissions and scope it to all your zones or just the individual zone you need to edit. This is needed to resolve domain names to Zone IDs and can be shared among multiple Lego installations. Pass this API token as `CF_ZONE_API_TOKEN` to Lego. * Create another API token with *Zone / DNS / Edit* permissions and set the scope to the domains you want to manage with a single Lego installation. Pass this token as `CF_DNS_API_TOKEN` to Lego. * Repeat the previous step for each host you want to run Lego on. +* It is possible to use the same api token for both variables if it is given `Zone:Read` and `DNS:Edit` permission for the zone. This "paranoid" setup is mainly interesting for users who manage many zones/domains with a single Cloudflare account. It follows the principle of least privilege and limits the possible damage, should one of the hosts become compromised. diff --git a/providers/dns/cloudns/cloudns.toml b/providers/dns/cloudns/cloudns.toml index 517bff7502..dd81da4620 100644 --- a/providers/dns/cloudns/cloudns.toml +++ b/providers/dns/cloudns/cloudns.toml @@ -7,7 +7,7 @@ Since = "v2.3.0" Example = ''' CLOUDNS_AUTH_ID=xxxx \ CLOUDNS_AUTH_PASSWORD=yyyy \ -lego --email you@example.com --dns cloudns --domains my.example.org run +lego --email you@example.com --dns cloudns -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/cloudru/cloudru.toml b/providers/dns/cloudru/cloudru.toml index 19faf8d872..f795c7ac41 100644 --- a/providers/dns/cloudru/cloudru.toml +++ b/providers/dns/cloudru/cloudru.toml @@ -8,7 +8,7 @@ Example = ''' CLOUDRU_SERVICE_INSTANCE_ID=ppp \ CLOUDRU_KEY_ID=xxx \ CLOUDRU_SECRET=yyy \ -lego --email you@example.com --dns cloudru --domains my.example.org run +lego --email you@example.com --dns cloudru -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/cloudxns/cloudxns.go b/providers/dns/cloudxns/cloudxns.go index 6269b8da7e..25ff17573e 100644 --- a/providers/dns/cloudxns/cloudxns.go +++ b/providers/dns/cloudxns/cloudxns.go @@ -2,15 +2,11 @@ package cloudxns import ( - "context" "errors" - "fmt" "net/http" "time" "github.com/go-acme/lego/v4/challenge/dns01" - "github.com/go-acme/lego/v4/platform/config/env" - "github.com/go-acme/lego/v4/providers/dns/cloudxns/internal" ) // Environment variables names. @@ -38,101 +34,34 @@ type Config struct { // NewDefaultConfig returns a default configuration for the DNSProvider. func NewDefaultConfig() *Config { - return &Config{ - PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, dns01.DefaultPropagationTimeout), - PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, dns01.DefaultPollingInterval), - TTL: env.GetOrDefaultInt(EnvTTL, dns01.DefaultTTL), - HTTPClient: &http.Client{ - Timeout: env.GetOrDefaultSecond(EnvHTTPTimeout, 30*time.Second), - }, - } + return &Config{} } // DNSProvider implements the challenge.Provider interface. -type DNSProvider struct { - config *Config - client *internal.Client -} +type DNSProvider struct{} // NewDNSProvider returns a DNSProvider instance configured for CloudXNS. -// Credentials must be passed in the environment variables: -// CLOUDXNS_API_KEY and CLOUDXNS_SECRET_KEY. func NewDNSProvider() (*DNSProvider, error) { - values, err := env.Get(EnvAPIKey, EnvSecretKey) - if err != nil { - return nil, fmt.Errorf("cloudxns: %w", err) - } - - config := NewDefaultConfig() - config.APIKey = values[EnvAPIKey] - config.SecretKey = values[EnvSecretKey] - - return NewDNSProviderConfig(config) + return NewDNSProviderConfig(&Config{}) } // NewDNSProviderConfig return a DNSProvider instance configured for CloudXNS. -func NewDNSProviderConfig(config *Config) (*DNSProvider, error) { - if config == nil { - return nil, errors.New("cloudxns: the configuration of the DNS provider is nil") - } - - client, err := internal.NewClient(config.APIKey, config.SecretKey) - if err != nil { - return nil, fmt.Errorf("cloudxns: %w", err) - } - - if config.HTTPClient != nil { - client.HTTPClient = config.HTTPClient - } - - return &DNSProvider{client: client, config: config}, nil +func NewDNSProviderConfig(_ *Config) (*DNSProvider, error) { + return nil, errors.New("cloudxns: provider has shut down") } // Present creates a TXT record to fulfill the dns-01 challenge. -func (d *DNSProvider) Present(domain, token, keyAuth string) error { - challengeInfo := dns01.GetChallengeInfo(domain, keyAuth) - - ctx := context.Background() - - info, err := d.client.GetDomainInformation(ctx, challengeInfo.EffectiveFQDN) - if err != nil { - return fmt.Errorf("cloudxns: %w", err) - } - - err = d.client.AddTxtRecord(ctx, info, challengeInfo.EffectiveFQDN, challengeInfo.Value, d.config.TTL) - if err != nil { - return fmt.Errorf("cloudxns: %w", err) - } - +func (d *DNSProvider) Present(_, _, _ string) error { return nil } // CleanUp removes the TXT record matching the specified parameters. -func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error { - challengeInfo := dns01.GetChallengeInfo(domain, keyAuth) - - ctx := context.Background() - - info, err := d.client.GetDomainInformation(ctx, challengeInfo.EffectiveFQDN) - if err != nil { - return fmt.Errorf("cloudxns: %w", err) - } - - record, err := d.client.FindTxtRecord(ctx, info.ID, challengeInfo.EffectiveFQDN) - if err != nil { - return fmt.Errorf("cloudxns: %w", err) - } - - err = d.client.RemoveTxtRecord(ctx, record.RecordID, info.ID) - if err != nil { - return fmt.Errorf("cloudxns: %w", err) - } - +func (d *DNSProvider) CleanUp(_, _, _ string) error { return nil } // Timeout returns the timeout and interval to use when checking for DNS propagation. // Adjusting here to cope with spikes in propagation times. func (d *DNSProvider) Timeout() (timeout, interval time.Duration) { - return d.config.PropagationTimeout, d.config.PollingInterval + return dns01.DefaultPropagationTimeout, dns01.DefaultPollingInterval } diff --git a/providers/dns/cloudxns/cloudxns.toml b/providers/dns/cloudxns/cloudxns.toml index 4f5424b324..1486cc4fad 100644 --- a/providers/dns/cloudxns/cloudxns.toml +++ b/providers/dns/cloudxns/cloudxns.toml @@ -1,13 +1,15 @@ -Name = "CloudXNS" -Description = """""" -URL = "https://www.cloudxns.net/" +Name = "CloudXNS (Deprecated)" +Description = ''' +The CloudXNS DNS provider has shut down. +''' +URL = "https://github.com/go-acme/lego/issues/2323" Code = "cloudxns" Since = "v0.5.0" Example = ''' CLOUDXNS_API_KEY=xxxx \ CLOUDXNS_SECRET_KEY=yyyy \ -lego --email you@example.com --dns cloudxns --domains my.example.org run +lego --email you@example.com --dns cloudxns -d '*.example.com' -d example.com run ''' [Configuration] @@ -19,6 +21,3 @@ lego --email you@example.com --dns cloudxns --domains my.example.org run CLOUDXNS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" CLOUDXNS_TTL = "The TTL of the TXT record used for the DNS challenge" CLOUDXNS_HTTP_TIMEOUT = "API request timeout" - -[Links] - API = "https://www.cloudxns.net/Public/Doc/CloudXNS_api2.0_doc_zh-cn.zip" diff --git a/providers/dns/cloudxns/internal/client.go b/providers/dns/cloudxns/internal/client.go deleted file mode 100644 index 37f10fe872..0000000000 --- a/providers/dns/cloudxns/internal/client.go +++ /dev/null @@ -1,221 +0,0 @@ -package internal - -import ( - "bytes" - "context" - "crypto/md5" - "encoding/hex" - "encoding/json" - "errors" - "fmt" - "io" - "net/http" - "net/url" - "strconv" - "time" - - "github.com/go-acme/lego/v4/challenge/dns01" - "github.com/go-acme/lego/v4/providers/dns/internal/errutils" -) - -const defaultBaseURL = "https://www.cloudxns.net/api2/" - -// Client CloudXNS client. -type Client struct { - apiKey string - secretKey string - - baseURL *url.URL - HTTPClient *http.Client -} - -// NewClient creates a CloudXNS client. -func NewClient(apiKey, secretKey string) (*Client, error) { - if apiKey == "" { - return nil, errors.New("credentials missing: apiKey") - } - - if secretKey == "" { - return nil, errors.New("credentials missing: secretKey") - } - - baseURL, _ := url.Parse(defaultBaseURL) - - return &Client{ - apiKey: apiKey, - secretKey: secretKey, - baseURL: baseURL, - HTTPClient: &http.Client{Timeout: 10 * time.Second}, - }, nil -} - -// GetDomainInformation Get domain name information for a FQDN. -func (c *Client) GetDomainInformation(ctx context.Context, fqdn string) (*Data, error) { - endpoint := c.baseURL.JoinPath("domain") - - req, err := c.newRequest(ctx, http.MethodGet, endpoint, nil) - if err != nil { - return nil, err - } - - authZone, err := dns01.FindZoneByFqdn(fqdn) - if err != nil { - return nil, fmt.Errorf("could not find zone: %w", err) - } - - var domains []Data - err = c.do(req, &domains) - if err != nil { - return nil, err - } - - for _, data := range domains { - if data.Domain == authZone { - return &data, nil - } - } - - return nil, fmt.Errorf("zone %s not found for domain %s", authZone, fqdn) -} - -// FindTxtRecord return the TXT record a zone ID and a FQDN. -func (c *Client) FindTxtRecord(ctx context.Context, zoneID, fqdn string) (*TXTRecord, error) { - endpoint := c.baseURL.JoinPath("record", zoneID) - - query := endpoint.Query() - query.Set("host_id", "0") - query.Set("offset", "0") - query.Set("row_num", "2000") - endpoint.RawQuery = query.Encode() - - req, err := c.newRequest(ctx, http.MethodGet, endpoint, nil) - if err != nil { - return nil, err - } - - var records []TXTRecord - err = c.do(req, &records) - if err != nil { - return nil, err - } - - for _, record := range records { - if record.Host == dns01.UnFqdn(fqdn) && record.Type == "TXT" { - return &record, nil - } - } - - return nil, fmt.Errorf("no existing record found for %q", fqdn) -} - -// AddTxtRecord add a TXT record. -func (c *Client) AddTxtRecord(ctx context.Context, info *Data, fqdn, value string, ttl int) error { - id, err := strconv.Atoi(info.ID) - if err != nil { - return fmt.Errorf("invalid zone ID: %w", err) - } - - endpoint := c.baseURL.JoinPath("record") - - subDomain, err := dns01.ExtractSubDomain(fqdn, info.Domain) - if err != nil { - return err - } - - record := TXTRecord{ - ID: id, - Host: subDomain, - Value: value, - Type: "TXT", - LineID: 1, - TTL: ttl, - } - - req, err := c.newRequest(ctx, http.MethodPost, endpoint, record) - if err != nil { - return err - } - - return c.do(req, nil) -} - -// RemoveTxtRecord remove a TXT record. -func (c *Client) RemoveTxtRecord(ctx context.Context, recordID, zoneID string) error { - endpoint := c.baseURL.JoinPath("record", recordID, zoneID) - - req, err := c.newRequest(ctx, http.MethodDelete, endpoint, nil) - if err != nil { - return err - } - - return c.do(req, nil) -} - -func (c *Client) do(req *http.Request, result any) error { - resp, err := c.HTTPClient.Do(req) - if err != nil { - return errutils.NewHTTPDoError(req, err) - } - - defer func() { _ = resp.Body.Close() }() - - raw, err := io.ReadAll(resp.Body) - if err != nil { - return errutils.NewReadResponseError(req, resp.StatusCode, err) - } - - var response apiResponse - err = json.Unmarshal(raw, &response) - if err != nil { - return errutils.NewUnmarshalError(req, resp.StatusCode, raw, err) - } - - if response.Code != 1 { - return fmt.Errorf("[status code %d] invalid code (%v) error: %s", resp.StatusCode, response.Code, response.Message) - } - - if result == nil { - return nil - } - - if len(response.Data) == 0 { - return nil - } - - err = json.Unmarshal(response.Data, result) - if err != nil { - return errutils.NewUnmarshalError(req, resp.StatusCode, raw, err) - } - - return nil -} - -func (c *Client) newRequest(ctx context.Context, method string, endpoint *url.URL, payload any) (*http.Request, error) { - buf := new(bytes.Buffer) - - if payload != nil { - err := json.NewEncoder(buf).Encode(payload) - if err != nil { - return nil, fmt.Errorf("failed to create request JSON body: %w", err) - } - } - - req, err := http.NewRequestWithContext(ctx, method, endpoint.String(), buf) - if err != nil { - return nil, fmt.Errorf("unable to create request: %w", err) - } - - requestDate := time.Now().Format(time.RFC1123Z) - - req.Header.Set("API-KEY", c.apiKey) - req.Header.Set("API-REQUEST-DATE", requestDate) - req.Header.Set("API-HMAC", c.hmac(endpoint.String(), requestDate, buf.String())) - req.Header.Set("API-FORMAT", "json") - - return req, nil -} - -func (c *Client) hmac(endpoint, date, body string) string { - sum := md5.Sum([]byte(c.apiKey + endpoint + body + date + c.secretKey)) - return hex.EncodeToString(sum[:]) -} diff --git a/providers/dns/cloudxns/internal/client_test.go b/providers/dns/cloudxns/internal/client_test.go deleted file mode 100644 index ac4e36d6b7..0000000000 --- a/providers/dns/cloudxns/internal/client_test.go +++ /dev/null @@ -1,292 +0,0 @@ -package internal - -import ( - "bytes" - "context" - "encoding/json" - "fmt" - "io" - "net/http" - "net/http/httptest" - "net/url" - "testing" - - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" -) - -func setupTest(t *testing.T, handler http.HandlerFunc) *Client { - t.Helper() - - server := httptest.NewServer(handler) - t.Cleanup(server.Close) - - client, _ := NewClient("myKey", "mySecret") - client.baseURL, _ = url.Parse(server.URL + "/") - client.HTTPClient = server.Client() - - return client -} - -func handlerMock(method string, response *apiResponse, data interface{}) http.HandlerFunc { - return func(rw http.ResponseWriter, req *http.Request) { - if req.Method != method { - content, err := json.Marshal(apiResponse{ - Code: 999, // random code only for the test - Message: fmt.Sprintf("invalid method: got %s want %s", req.Method, method), - }) - if err != nil { - http.Error(rw, err.Error(), http.StatusInternalServerError) - return - } - - http.Error(rw, string(content), http.StatusBadRequest) - return - } - - jsonData, err := json.Marshal(data) - if err != nil { - http.Error(rw, err.Error(), http.StatusInternalServerError) - return - } - - response.Data = jsonData - - content, err := json.Marshal(response) - if err != nil { - http.Error(rw, err.Error(), http.StatusInternalServerError) - return - } - - _, err = rw.Write(content) - if err != nil { - http.Error(rw, err.Error(), http.StatusInternalServerError) - return - } - } -} - -func TestClient_GetDomainInformation(t *testing.T) { - type result struct { - domain *Data - error bool - } - - testCases := []struct { - desc string - fqdn string - response *apiResponse - data []Data - expected result - }{ - { - desc: "domain found", - fqdn: "_acme-challenge.example.org.", - response: &apiResponse{ - Code: 1, - }, - data: []Data{ - { - ID: "1", - Domain: "example.com.", - }, - { - ID: "2", - Domain: "example.org.", - }, - }, - expected: result{domain: &Data{ - ID: "2", - Domain: "example.org.", - }}, - }, - { - desc: "domains not found", - fqdn: "_acme-challenge.huu.com.", - response: &apiResponse{ - Code: 1, - }, - data: []Data{ - { - ID: "5", - Domain: "example.com.", - }, - { - ID: "6", - Domain: "example.org.", - }, - }, - expected: result{error: true}, - }, - } - - for _, test := range testCases { - t.Run(test.desc, func(t *testing.T) { - client := setupTest(t, handlerMock(http.MethodGet, test.response, test.data)) - - domain, err := client.GetDomainInformation(context.Background(), test.fqdn) - - if test.expected.error { - require.Error(t, err) - } else { - require.NoError(t, err) - assert.Equal(t, test.expected.domain, domain) - } - }) - } -} - -func TestClient_FindTxtRecord(t *testing.T) { - type result struct { - txtRecord *TXTRecord - error bool - } - - testCases := []struct { - desc string - fqdn string - zoneID string - txtRecords []TXTRecord - response *apiResponse - expected result - }{ - { - desc: "record found", - fqdn: "_acme-challenge.example.org.", - zoneID: "test-zone", - txtRecords: []TXTRecord{ - { - ID: 1, - RecordID: "Record-A", - Host: "_acme-challenge.example.org", - Value: "txtTXTtxtTXTtxtTXTtxtTXT", - Type: "TXT", - LineID: 6, - TTL: 30, - }, - { - ID: 2, - RecordID: "Record-B", - Host: "_acme-challenge.example.com", - Value: "TXTtxtTXTtxtTXTtxtTXTtxt", - Type: "TXT", - LineID: 6, - TTL: 30, - }, - }, - response: &apiResponse{ - Code: 1, - }, - expected: result{ - txtRecord: &TXTRecord{ - ID: 1, - RecordID: "Record-A", - Host: "_acme-challenge.example.org", - Value: "txtTXTtxtTXTtxtTXTtxtTXT", - Type: "TXT", - LineID: 6, - TTL: 30, - }, - }, - }, - { - desc: "record not found", - fqdn: "_acme-challenge.huu.com.", - zoneID: "test-zone", - txtRecords: []TXTRecord{ - { - ID: 1, - RecordID: "Record-A", - Host: "_acme-challenge.example.org", - Value: "txtTXTtxtTXTtxtTXTtxtTXT", - Type: "TXT", - LineID: 6, - TTL: 30, - }, - { - ID: 2, - RecordID: "Record-B", - Host: "_acme-challenge.example.com", - Value: "TXTtxtTXTtxtTXTtxtTXTtxt", - Type: "TXT", - LineID: 6, - TTL: 30, - }, - }, - response: &apiResponse{ - Code: 1, - }, - expected: result{error: true}, - }, - } - - for _, test := range testCases { - t.Run(test.desc, func(t *testing.T) { - client := setupTest(t, handlerMock(http.MethodGet, test.response, test.txtRecords)) - - txtRecord, err := client.FindTxtRecord(context.Background(), test.zoneID, test.fqdn) - - if test.expected.error { - require.Error(t, err) - } else { - require.NoError(t, err) - assert.Equal(t, test.expected.txtRecord, txtRecord) - } - }) - } -} - -func TestClient_AddTxtRecord(t *testing.T) { - testCases := []struct { - desc string - domain *Data - fqdn string - value string - ttl int - expected string - }{ - { - desc: "sub-domain", - domain: &Data{ - ID: "1", - Domain: "example.com.", - }, - fqdn: "_acme-challenge.foo.example.com.", - value: "txtTXTtxtTXTtxtTXTtxtTXT", - ttl: 30, - expected: `{"domain_id":1,"host":"_acme-challenge.foo","value":"txtTXTtxtTXTtxtTXTtxtTXT","type":"TXT","line_id":"1","ttl":"30"}`, - }, - { - desc: "main domain", - domain: &Data{ - ID: "2", - Domain: "example.com.", - }, - fqdn: "_acme-challenge.example.com.", - value: "TXTtxtTXTtxtTXTtxtTXTtxt", - ttl: 30, - expected: `{"domain_id":2,"host":"_acme-challenge","value":"TXTtxtTXTtxtTXTtxtTXTtxt","type":"TXT","line_id":"1","ttl":"30"}`, - }, - } - - for _, test := range testCases { - t.Run(test.desc, func(t *testing.T) { - response := &apiResponse{ - Code: 1, - } - - client := setupTest(t, func(rw http.ResponseWriter, req *http.Request) { - assert.NotNil(t, req.Body) - content, err := io.ReadAll(req.Body) - require.NoError(t, err) - - assert.Equal(t, test.expected, string(bytes.TrimSpace(content))) - - handlerMock(http.MethodPost, response, nil).ServeHTTP(rw, req) - }) - - err := client.AddTxtRecord(context.Background(), test.domain, test.fqdn, test.value, test.ttl) - require.NoError(t, err) - }) - } -} diff --git a/providers/dns/cloudxns/internal/types.go b/providers/dns/cloudxns/internal/types.go deleted file mode 100644 index c1b24e30c2..0000000000 --- a/providers/dns/cloudxns/internal/types.go +++ /dev/null @@ -1,28 +0,0 @@ -package internal - -import "encoding/json" - -type apiResponse struct { - Code int `json:"code"` - Message string `json:"message"` - Data json.RawMessage `json:"data,omitempty"` -} - -// Data Domain information. -type Data struct { - ID string `json:"id"` - Domain string `json:"domain"` - TTL int `json:"ttl,omitempty"` -} - -// TXTRecord a TXT record. -type TXTRecord struct { - ID int `json:"domain_id,omitempty"` - RecordID string `json:"record_id,omitempty"` - - Host string `json:"host"` - Value string `json:"value"` - Type string `json:"type"` - LineID int `json:"line_id,string"` - TTL int `json:"ttl,string"` -} diff --git a/providers/dns/conoha/conoha.toml b/providers/dns/conoha/conoha.toml index 417663dbb8..87903365f6 100644 --- a/providers/dns/conoha/conoha.toml +++ b/providers/dns/conoha/conoha.toml @@ -8,7 +8,7 @@ Example = ''' CONOHA_TENANT_ID=487727e3921d44e3bfe7ebb337bf085e \ CONOHA_API_USERNAME=xxxx \ CONOHA_API_PASSWORD=yyyy \ -lego --email you@example.com --dns conoha --domains my.example.org run +lego --email you@example.com --dns conoha -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/constellix/constellix.toml b/providers/dns/constellix/constellix.toml index c5f7b2e451..02442d31d3 100644 --- a/providers/dns/constellix/constellix.toml +++ b/providers/dns/constellix/constellix.toml @@ -7,7 +7,7 @@ Since = "v3.4.0" Example = ''' CONSTELLIX_API_KEY=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx \ CONSTELLIX_SECRET_KEY=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx \ -lego --email you@example.com --dns constellix --domains my.example.org run +lego --email you@example.com --dns constellix -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/corenetworks/corenetworks.go b/providers/dns/corenetworks/corenetworks.go new file mode 100644 index 0000000000..43b2f47b9f --- /dev/null +++ b/providers/dns/corenetworks/corenetworks.go @@ -0,0 +1,181 @@ +package corenetworks + +import ( + "context" + "errors" + "fmt" + "net/http" + "time" + + "github.com/go-acme/lego/v4/challenge/dns01" + "github.com/go-acme/lego/v4/platform/config/env" + "github.com/go-acme/lego/v4/providers/dns/corenetworks/internal" +) + +// Environment variables names. +const ( + envNamespace = "CORENETWORKS_" + + EnvLogin = envNamespace + "LOGIN" + EnvPassword = envNamespace + "PASSWORD" + + EnvTTL = envNamespace + "TTL" + EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT" + EnvPollingInterval = envNamespace + "POLLING_INTERVAL" + EnvSequenceInterval = envNamespace + "SEQUENCE_INTERVAL" + EnvHTTPTimeout = envNamespace + "HTTP_TIMEOUT" +) + +// Config is used to configure the creation of the DNSProvider. +type Config struct { + Login string + Password string + PropagationTimeout time.Duration + PollingInterval time.Duration + SequenceInterval time.Duration + TTL int + HTTPClient *http.Client +} + +// NewDefaultConfig returns a default configuration for the DNSProvider. +func NewDefaultConfig() *Config { + return &Config{ + TTL: env.GetOrDefaultInt(EnvTTL, 3600), + PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, dns01.DefaultPropagationTimeout), + PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, dns01.DefaultPollingInterval), + SequenceInterval: env.GetOrDefaultSecond(EnvSequenceInterval, dns01.DefaultPropagationTimeout), + HTTPClient: &http.Client{ + Timeout: env.GetOrDefaultSecond(EnvHTTPTimeout, 30*time.Second), + }, + } +} + +// DNSProvider implements the challenge.Provider interface. +type DNSProvider struct { + config *Config + client *internal.Client +} + +// NewDNSProvider returns a DNSProvider instance configured for Core-Networks. +// Credentials must be passed in the environment variables: CORENETWORKS_LOGIN, CORENETWORKS_PASSWORD. +func NewDNSProvider() (*DNSProvider, error) { + values, err := env.Get(EnvLogin, EnvPassword) + if err != nil { + return nil, fmt.Errorf("corenetworks: %w", err) + } + + config := NewDefaultConfig() + config.Login = values[EnvLogin] + config.Password = values[EnvPassword] + + return NewDNSProviderConfig(config) +} + +// NewDNSProviderConfig return a DNSProvider instance configured for Bluecat DNS. +func NewDNSProviderConfig(config *Config) (*DNSProvider, error) { + if config == nil { + return nil, errors.New("corenetworks: the configuration of the DNS provider is nil") + } + + if config.Login == "" || config.Password == "" { + return nil, errors.New("corenetworks: credentials missing") + } + + client := internal.NewClient(config.Login, config.Password) + + if config.HTTPClient != nil { + client.HTTPClient = config.HTTPClient + } + + return &DNSProvider{config: config, client: client}, nil +} + +// Timeout returns the timeout and interval to use when checking for DNS propagation. +// Adjusting here to cope with spikes in propagation times. +func (d *DNSProvider) Timeout() (timeout, interval time.Duration) { + return d.config.PropagationTimeout, d.config.PollingInterval +} + +// Sequential All DNS challenges for this provider will be resolved sequentially. +// Returns the interval between each iteration. +func (d *DNSProvider) Sequential() time.Duration { + return d.config.SequenceInterval +} + +// Present creates a TXT record using the specified parameters. +func (d *DNSProvider) Present(domain, token, keyAuth string) error { + info := dns01.GetChallengeInfo(domain, keyAuth) + + ctx, err := d.client.CreateAuthenticatedContext(context.Background()) + if err != nil { + return fmt.Errorf("create authentication token: %w", err) + } + + zone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN) + if err != nil { + return fmt.Errorf("corenetworks: could not find zone for domain %q: %w", domain, err) + } + + subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zone) + if err != nil { + return fmt.Errorf("corenetworks: %w", err) + } + + record := internal.Record{ + Name: subDomain, + TTL: d.config.TTL, + Type: "TXT", + Data: info.Value, + } + + err = d.client.AddRecord(ctx, dns01.UnFqdn(zone), record) + if err != nil { + return fmt.Errorf("corenetworks: add record: %w", err) + } + + err = d.client.CommitRecords(ctx, dns01.UnFqdn(zone)) + if err != nil { + return fmt.Errorf("corenetworks: commit records: %w", err) + } + + return nil +} + +// CleanUp removes the TXT record matching the specified parameters. +func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error { + info := dns01.GetChallengeInfo(domain, keyAuth) + + ctx, err := d.client.CreateAuthenticatedContext(context.Background()) + if err != nil { + return fmt.Errorf("create authentication token: %w", err) + } + + zone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN) + if err != nil { + return fmt.Errorf("corenetworks: could not find zone for domain %q: %w", domain, err) + } + + subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zone) + if err != nil { + return fmt.Errorf("corenetworks: %w", err) + } + + record := internal.Record{ + Name: subDomain, + TTL: d.config.TTL, + Type: "TXT", + Data: info.Value, + } + + err = d.client.DeleteRecords(ctx, dns01.UnFqdn(zone), record) + if err != nil { + return fmt.Errorf("corenetworks: delete records: %w", err) + } + + err = d.client.CommitRecords(ctx, dns01.UnFqdn(zone)) + if err != nil { + return fmt.Errorf("corenetworks: commit records: %w", err) + } + + return nil +} diff --git a/providers/dns/corenetworks/corenetworks.toml b/providers/dns/corenetworks/corenetworks.toml new file mode 100644 index 0000000000..f2bae017ce --- /dev/null +++ b/providers/dns/corenetworks/corenetworks.toml @@ -0,0 +1,25 @@ +Name = "Core-Networks" +Description = '''''' +URL = "https://www.core-networks.de/" +Code = "corenetworks" +Since = "v4.20.0" + +Example = ''' +CORENETWORKS_LOGIN="xxxx" \ +CORENETWORKS_PASSWORD="yyyy" \ +lego --email you@example.com --dns corenetworks -d '*.example.com' -d example.com run +''' + +[Configuration] + [Configuration.Credentials] + CORENETWORKS_LOGIN = "The username of the API account" + CORENETWORKS_PASSWORD = "The password" + [Configuration.Additional] + CORENETWORKS_POLLING_INTERVAL = "Time between DNS propagation check" + CORENETWORKS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + CORENETWORKS_TTL = "The TTL of the TXT record used for the DNS challenge" + CORENETWORKS_HTTP_TIMEOUT = "API request timeout" + CORENETWORKS_SEQUENCE_INTERVAL = "Time between sequential requests" + +[Links] + API = "https://beta.api.core-networks.de/doc/" diff --git a/providers/dns/corenetworks/corenetworks_test.go b/providers/dns/corenetworks/corenetworks_test.go new file mode 100644 index 0000000000..3cd80f88d7 --- /dev/null +++ b/providers/dns/corenetworks/corenetworks_test.go @@ -0,0 +1,132 @@ +package corenetworks + +import ( + "testing" + + "github.com/go-acme/lego/v4/platform/tester" + "github.com/stretchr/testify/require" +) + +const envDomain = envNamespace + "DOMAIN" + +var envTest = tester.NewEnvTest(EnvLogin, EnvPassword).WithDomain(envDomain) + +func TestNewDNSProvider(t *testing.T) { + testCases := []struct { + desc string + envVars map[string]string + expected string + }{ + { + desc: "success", + envVars: map[string]string{ + EnvLogin: "user", + EnvPassword: "secret", + }, + }, + { + desc: "missing login", + envVars: map[string]string{ + EnvPassword: "secret", + }, + expected: "corenetworks: some credentials information are missing: CORENETWORKS_LOGIN", + }, + { + desc: "missing password", + envVars: map[string]string{ + EnvLogin: "user", + }, + expected: "corenetworks: some credentials information are missing: CORENETWORKS_PASSWORD", + }, + } + + for _, test := range testCases { + t.Run(test.desc, func(t *testing.T) { + defer envTest.RestoreEnv() + envTest.ClearEnv() + + envTest.Apply(test.envVars) + + p, err := NewDNSProvider() + + if test.expected == "" { + require.NoError(t, err) + require.NotNil(t, p) + require.NotNil(t, p.config) + require.NotNil(t, p.client) + } else { + require.EqualError(t, err, test.expected) + } + }) + } +} + +func TestNewDNSProviderConfig(t *testing.T) { + testCases := []struct { + desc string + login string + password string + expected string + }{ + { + desc: "success", + login: "user", + password: "secret", + }, + { + desc: "missing login", + password: "secret", + expected: "corenetworks: credentials missing", + }, + { + desc: "missing password", + login: "user", + expected: "corenetworks: credentials missing", + }, + } + + for _, test := range testCases { + t.Run(test.desc, func(t *testing.T) { + config := NewDefaultConfig() + config.Login = test.login + config.Password = test.password + + p, err := NewDNSProviderConfig(config) + + if test.expected == "" { + require.NoError(t, err) + require.NotNil(t, p) + require.NotNil(t, p.config) + require.NotNil(t, p.client) + } else { + require.EqualError(t, err, test.expected) + } + }) + } +} + +func TestLivePresent(t *testing.T) { + if !envTest.IsLiveTest() { + t.Skip("skipping live test") + } + + envTest.RestoreEnv() + provider, err := NewDNSProvider() + require.NoError(t, err) + + err = provider.Present(envTest.GetDomain(), "", "123d==") + require.NoError(t, err) +} + +func TestLiveCleanUp(t *testing.T) { + if !envTest.IsLiveTest() { + t.Skip("skipping live test") + } + + envTest.RestoreEnv() + provider, err := NewDNSProvider() + require.NoError(t, err) + + err = provider.CleanUp(envTest.GetDomain(), "", "123d==") + require.NoError(t, err) +} diff --git a/providers/dns/corenetworks/internal/client.go b/providers/dns/corenetworks/internal/client.go new file mode 100644 index 0000000000..993b01f1e9 --- /dev/null +++ b/providers/dns/corenetworks/internal/client.go @@ -0,0 +1,214 @@ +package internal + +import ( + "bytes" + "context" + "encoding/json" + "fmt" + "io" + "net/http" + "net/url" + "time" + + "github.com/go-acme/lego/v4/providers/dns/internal/errutils" +) + +const defaultBaseURL = "https://beta.api.core-networks.de" + +// Client a Core-Networks client. +type Client struct { + login string + password string + + baseURL *url.URL + HTTPClient *http.Client +} + +// NewClient creates a new Client. +func NewClient(login, password string) *Client { + baseURL, _ := url.Parse(defaultBaseURL) + + return &Client{ + login: login, + password: password, + baseURL: baseURL, + HTTPClient: &http.Client{Timeout: 5 * time.Second}, + } +} + +// ListZone gets a list of all DNS zones. +// https://beta.api.core-networks.de/doc/#functon_dnszones +func (c Client) ListZone(ctx context.Context) ([]Zone, error) { + endpoint := c.baseURL.JoinPath("dnszones") + + req, err := newJSONRequest(ctx, http.MethodGet, endpoint, nil) + if err != nil { + return nil, err + } + + var zones []Zone + err = c.do(req, &zones) + if err != nil { + return nil, err + } + + return zones, nil +} + +// GetZoneDetails provides detailed information about a DNS zone. +// https://beta.api.core-networks.de/doc/#functon_dnszones_details +func (c Client) GetZoneDetails(ctx context.Context, zone string) (*ZoneDetails, error) { + endpoint := c.baseURL.JoinPath("dnszones", zone) + + req, err := newJSONRequest(ctx, http.MethodGet, endpoint, nil) + if err != nil { + return nil, err + } + + var details ZoneDetails + err = c.do(req, &details) + if err != nil { + return nil, err + } + + return &details, nil +} + +// ListRecords gets a list of DNS records belonging to the zone. +// https://beta.api.core-networks.de/doc/#functon_dnszones_records +func (c Client) ListRecords(ctx context.Context, zone string) ([]Record, error) { + endpoint := c.baseURL.JoinPath("dnszones", zone, "records") + + req, err := newJSONRequest(ctx, http.MethodGet, endpoint, nil) + if err != nil { + return nil, err + } + + var records []Record + err = c.do(req, &records) + if err != nil { + return nil, err + } + + return records, nil +} + +// AddRecord adds a record. +// https://beta.api.core-networks.de/doc/#functon_dnszones_records_add +func (c Client) AddRecord(ctx context.Context, zone string, record Record) error { + endpoint := c.baseURL.JoinPath("dnszones", zone, "records", "/") + + if record.Name == "" { + record.Name = "@" + } + + req, err := newJSONRequest(ctx, http.MethodPost, endpoint, record) + if err != nil { + return err + } + + err = c.do(req, nil) + if err != nil { + return err + } + + return nil +} + +// DeleteRecords deletes all DNS records of a zone that match the DNS record passed. +// https://beta.api.core-networks.de/doc/#functon_dnszones_records_delete +func (c Client) DeleteRecords(ctx context.Context, zone string, record Record) error { + endpoint := c.baseURL.JoinPath("dnszones", zone, "records", "delete") + + if record.Name == "" { + record.Name = "@" + } + + req, err := newJSONRequest(ctx, http.MethodPost, endpoint, record) + if err != nil { + return err + } + + err = c.do(req, nil) + if err != nil { + return err + } + + return nil +} + +// CommitRecords sends a commit to the zone. +// https://beta.api.core-networks.de/doc/#functon_dnszones_commit +func (c Client) CommitRecords(ctx context.Context, zone string) error { + endpoint := c.baseURL.JoinPath("dnszones", zone, "records", "commit") + + req, err := newJSONRequest(ctx, http.MethodPost, endpoint, nil) + if err != nil { + return err + } + + err = c.do(req, nil) + if err != nil { + return err + } + + return nil +} + +func (c Client) do(req *http.Request, result any) error { + at := getToken(req.Context()) + if at != "" { + req.Header.Set(authorizationHeader, "Bearer "+at) + } + + resp, errD := c.HTTPClient.Do(req) + if errD != nil { + return errutils.NewHTTPDoError(req, errD) + } + + defer func() { _ = resp.Body.Close() }() + + if resp.StatusCode/100 != 2 { + return errutils.NewUnexpectedResponseStatusCodeError(req, resp) + } + + if result == nil { + return nil + } + + raw, err := io.ReadAll(resp.Body) + if err != nil { + return errutils.NewReadResponseError(req, resp.StatusCode, err) + } + + err = json.Unmarshal(raw, result) + if err != nil { + return errutils.NewUnmarshalError(req, resp.StatusCode, raw, err) + } + + return nil +} + +func newJSONRequest(ctx context.Context, method string, endpoint *url.URL, payload any) (*http.Request, error) { + buf := new(bytes.Buffer) + + if payload != nil { + err := json.NewEncoder(buf).Encode(payload) + if err != nil { + return nil, fmt.Errorf("failed to create request JSON body: %w", err) + } + } + + req, err := http.NewRequestWithContext(ctx, method, endpoint.String(), buf) + if err != nil { + return nil, fmt.Errorf("unable to create request: %w", err) + } + + req.Header.Set("Accept", "application/json") + + if payload != nil { + req.Header.Set("Content-Type", "application/json") + } + + return req, nil +} diff --git a/providers/dns/corenetworks/internal/client_test.go b/providers/dns/corenetworks/internal/client_test.go new file mode 100644 index 0000000000..0fff0d5ae9 --- /dev/null +++ b/providers/dns/corenetworks/internal/client_test.go @@ -0,0 +1,214 @@ +package internal + +import ( + "context" + "fmt" + "io" + "net/http" + "net/http/httptest" + "net/url" + "os" + "path/filepath" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func setupTest(t *testing.T) (*Client, *http.ServeMux) { + t.Helper() + + mux := http.NewServeMux() + server := httptest.NewServer(mux) + t.Cleanup(server.Close) + + client := NewClient("user", "secret") + client.baseURL, _ = url.Parse(server.URL) + client.HTTPClient = server.Client() + + return client, mux +} + +func testHandler(method string, statusCode int, filename string) http.HandlerFunc { + return func(rw http.ResponseWriter, req *http.Request) { + if req.Method != method { + http.Error(rw, fmt.Sprintf(`unsupported method: %s`, req.Method), http.StatusMethodNotAllowed) + return + } + + rw.WriteHeader(statusCode) + + if statusCode == http.StatusNoContent { + return + } + + file, err := os.Open(filepath.Join("fixtures", filename)) + if err != nil { + http.Error(rw, fmt.Sprintf(`message %v`, err), http.StatusInternalServerError) + return + } + + defer func() { _ = file.Close() }() + + _, err = io.Copy(rw, file) + if err != nil { + http.Error(rw, fmt.Sprintf(`message %v`, err), http.StatusInternalServerError) + return + } + } +} + +func testHandlerAuth(method string, statusCode int, filename string) http.HandlerFunc { + return func(rw http.ResponseWriter, req *http.Request) { + if req.Method != method { + http.Error(rw, fmt.Sprintf(`{"message":"unsupported method: %s"}`, req.Method), http.StatusMethodNotAllowed) + return + } + + rw.WriteHeader(statusCode) + + if statusCode == http.StatusNoContent { + return + } + + file, err := os.Open(filepath.Join("fixtures", filename)) + if err != nil { + http.Error(rw, fmt.Sprintf(`{"message":"%v"}`, err), http.StatusInternalServerError) + return + } + + defer func() { _ = file.Close() }() + + _, err = io.Copy(rw, file) + if err != nil { + http.Error(rw, fmt.Sprintf(`{"message":"%v"}`, err), http.StatusInternalServerError) + return + } + } +} + +func TestClient_CreateAuthenticationToken(t *testing.T) { + client, mux := setupTest(t) + + mux.HandleFunc("/auth/token", testHandlerAuth(http.MethodPost, http.StatusOK, "auth.json")) + + ctx := context.Background() + + token, err := client.CreateAuthenticationToken(ctx) + require.NoError(t, err) + + expected := &Token{ + Token: "authsecret", + Expires: 123, + } + assert.Equal(t, expected, token) +} + +func TestClient_ListZone(t *testing.T) { + client, mux := setupTest(t) + + mux.HandleFunc("/dnszones/", testHandler(http.MethodGet, http.StatusOK, "ListZone.json")) + + ctx := context.Background() + + zones, err := client.ListZone(ctx) + require.NoError(t, err) + + expected := []Zone{ + {Name: "example.com", Type: "master"}, + {Name: "example.net", Type: "slave"}, + } + + assert.Equal(t, expected, zones) +} + +func TestClient_GetZoneDetails(t *testing.T) { + client, mux := setupTest(t) + + mux.HandleFunc("/dnszones/example.com", testHandler(http.MethodGet, http.StatusOK, "GetZoneDetails.json")) + + ctx := context.Background() + + zone, err := client.GetZoneDetails(ctx, "example.com") + require.NoError(t, err) + + expected := &ZoneDetails{ + Active: true, + DNSSec: true, + Name: "example.com", + Type: "master", + } + + assert.Equal(t, expected, zone) +} + +func TestClient_ListRecords(t *testing.T) { + client, mux := setupTest(t) + + mux.HandleFunc("/dnszones/example.com/records/", testHandler(http.MethodGet, http.StatusOK, "ListRecords.json")) + + ctx := context.Background() + + records, err := client.ListRecords(ctx, "example.com") + require.NoError(t, err) + + expected := []Record{ + { + Name: "@", + TTL: 86400, + Type: "NS", + Data: "ns2.core-networks.eu.", + }, + { + Name: "@", + TTL: 86400, + Type: "NS", + Data: "ns3.core-networks.com.", + }, + { + Name: "@", + TTL: 86400, + Type: "NS", + Data: "ns1.core-networks.de.", + }, + } + + assert.Equal(t, expected, records) +} + +func TestClient_AddRecord(t *testing.T) { + client, mux := setupTest(t) + + mux.HandleFunc("/dnszones/example.com/records/", testHandler(http.MethodPost, http.StatusNoContent, "")) + + ctx := context.Background() + + record := Record{Name: "www", TTL: 3600, Type: "A", Data: "127.0.0.1"} + + err := client.AddRecord(ctx, "example.com", record) + require.NoError(t, err) +} + +func TestClient_DeleteRecords(t *testing.T) { + client, mux := setupTest(t) + + mux.HandleFunc("/dnszones/example.com/records/delete", testHandler(http.MethodPost, http.StatusNoContent, "")) + + ctx := context.Background() + + record := Record{Name: "www", Type: "A", Data: "127.0.0.1"} + + err := client.DeleteRecords(ctx, "example.com", record) + require.NoError(t, err) +} + +func TestClient_CommitRecords(t *testing.T) { + client, mux := setupTest(t) + + mux.HandleFunc("/dnszones/example.com/records/commit", testHandler(http.MethodPost, http.StatusNoContent, "")) + + ctx := context.Background() + + err := client.CommitRecords(ctx, "example.com") + require.NoError(t, err) +} diff --git a/providers/dns/corenetworks/internal/fixtures/GetZoneDetails.json b/providers/dns/corenetworks/internal/fixtures/GetZoneDetails.json new file mode 100644 index 0000000000..1fce07238b --- /dev/null +++ b/providers/dns/corenetworks/internal/fixtures/GetZoneDetails.json @@ -0,0 +1,8 @@ +{ + "active": true, + "dnssec": true, + "master": null, + "name": "example.com", + "tsig": null, + "type": "master" +} diff --git a/providers/dns/corenetworks/internal/fixtures/ListRecords.json b/providers/dns/corenetworks/internal/fixtures/ListRecords.json new file mode 100644 index 0000000000..a09ff9c1a2 --- /dev/null +++ b/providers/dns/corenetworks/internal/fixtures/ListRecords.json @@ -0,0 +1,20 @@ +[ + { + "name": "@", + "ttl": 86400, + "type": "NS", + "data": "ns2.core-networks.eu." + }, + { + "name": "@", + "ttl": 86400, + "type": "NS", + "data": "ns3.core-networks.com." + }, + { + "name": "@", + "ttl": 86400, + "type": "NS", + "data": "ns1.core-networks.de." + } +] diff --git a/providers/dns/corenetworks/internal/fixtures/ListZone.json b/providers/dns/corenetworks/internal/fixtures/ListZone.json new file mode 100644 index 0000000000..7263808739 --- /dev/null +++ b/providers/dns/corenetworks/internal/fixtures/ListZone.json @@ -0,0 +1,10 @@ +[ + { + "name": "example.com", + "type": "master" + }, + { + "name": "example.net", + "type": "slave" + } +] diff --git a/providers/dns/corenetworks/internal/fixtures/auth.json b/providers/dns/corenetworks/internal/fixtures/auth.json new file mode 100644 index 0000000000..399a180076 --- /dev/null +++ b/providers/dns/corenetworks/internal/fixtures/auth.json @@ -0,0 +1,4 @@ +{ + "token": "authsecret", + "expires": 123 +} diff --git a/providers/dns/corenetworks/internal/identity.go b/providers/dns/corenetworks/internal/identity.go new file mode 100644 index 0000000000..6a3b4d46ad --- /dev/null +++ b/providers/dns/corenetworks/internal/identity.go @@ -0,0 +1,49 @@ +package internal + +import ( + "context" + "net/http" +) + +const authorizationHeader = "Authorization" + +type token string + +const tokenKey token = "token" + +// CreateAuthenticationToken gets an authentication token. +// https://beta.api.core-networks.de/doc/#functon_auth_token +func (c Client) CreateAuthenticationToken(ctx context.Context) (*Token, error) { + endpoint := c.baseURL.JoinPath("auth", "token") + + req, err := newJSONRequest(ctx, http.MethodPost, endpoint, Auth{Login: c.login, Password: c.password}) + if err != nil { + return nil, err + } + + var token Token + err = c.do(req, &token) + if err != nil { + return nil, err + } + + return &token, nil +} + +func (c Client) CreateAuthenticatedContext(ctx context.Context) (context.Context, error) { + tok, err := c.CreateAuthenticationToken(ctx) + if err != nil { + return nil, err + } + + return context.WithValue(ctx, tokenKey, tok.Token), nil +} + +func getToken(ctx context.Context) string { + tok, ok := ctx.Value(tokenKey).(string) + if !ok { + return "" + } + + return tok +} diff --git a/providers/dns/corenetworks/internal/types.go b/providers/dns/corenetworks/internal/types.go new file mode 100644 index 0000000000..77b0378c25 --- /dev/null +++ b/providers/dns/corenetworks/internal/types.go @@ -0,0 +1,37 @@ +package internal + +type Auth struct { + Login string `json:"login,omitempty"` + Password string `json:"password,omitempty"` +} + +type Token struct { + Token string `json:"token,omitempty"` + Expires int `json:"expires,omitempty"` +} + +type Zone struct { + Name string `json:"name,omitempty"` + Type string `json:"type,omitempty"` +} + +type ZoneDetails struct { + Active bool `json:"active,omitempty"` + DNSSec bool `json:"dnssec,omitempty"` + Master string `json:"master,omitempty"` + Name string `json:"name,omitempty"` + TSIG *TSIGKey `json:"tsig,omitempty"` + Type string `json:"type,omitempty"` +} + +type TSIGKey struct { + Algo string `json:"algo,omitempty"` + Secret string `json:"secret,omitempty"` +} + +type Record struct { + Name string `json:"name,omitempty"` + TTL int `json:"ttl,omitempty"` + Type string `json:"type,omitempty"` + Data string `json:"data,omitempty"` +} diff --git a/providers/dns/cpanel/cpanel.toml b/providers/dns/cpanel/cpanel.toml index eac811effb..10f75b3857 100644 --- a/providers/dns/cpanel/cpanel.toml +++ b/providers/dns/cpanel/cpanel.toml @@ -10,7 +10,7 @@ Example = ''' CPANEL_USERNAME = "yyyy" CPANEL_TOKEN = "xxxx" CPANEL_BASE_URL = "https://example.com:2083" \ -lego --email you@example.com --dns cpanel --domains my.example.org run +lego --email you@example.com --dns cpanel -d '*.example.com' -d example.com run ## WHM @@ -18,7 +18,7 @@ CPANEL_MODE = whm CPANEL_USERNAME = "yyyy" CPANEL_TOKEN = "xxxx" CPANEL_BASE_URL = "https://example.com:2087" \ -lego --email you@example.com --dns cpanel --domains my.example.org run +lego --email you@example.com --dns cpanel -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/derak/derak.toml b/providers/dns/derak/derak.toml index d99e0853dd..202d208349 100644 --- a/providers/dns/derak/derak.toml +++ b/providers/dns/derak/derak.toml @@ -6,7 +6,7 @@ Since = "v4.12.0" Example = ''' DERAK_API_KEY="xxxxxxxxxxxxxxxxxxxxx" \ -lego --email myemail@example.com --dns derak --domains my.example.org run +lego --email you@example.com --dns derak -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/desec/desec.toml b/providers/dns/desec/desec.toml index 4bfbf0fb90..6f5486027c 100644 --- a/providers/dns/desec/desec.toml +++ b/providers/dns/desec/desec.toml @@ -6,7 +6,7 @@ Since = "v3.7.0" Example = ''' DESEC_TOKEN=x-xxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns desec --domains my.example.org run +lego --email you@example.com --dns desec -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/designate/designate.toml b/providers/dns/designate/designate.toml index 2681df7004..aec11eb1e6 100644 --- a/providers/dns/designate/designate.toml +++ b/providers/dns/designate/designate.toml @@ -7,7 +7,7 @@ Since = "v2.2.0" Example = ''' # With a `clouds.yaml` OS_CLOUD=my_openstack \ -lego --email you@example.com --dns designate --domains my.example.org run +lego --email you@example.com --dns designate -d '*.example.com' -d example.com run # or @@ -16,7 +16,7 @@ OS_REGION_NAME=RegionOne \ OS_PROJECT_ID=23d4522a987d4ab529f722a007c27846 OS_USERNAME=myuser \ OS_PASSWORD=passw0rd \ -lego --email you@example.com --dns designate --domains my.example.org run +lego --email you@example.com --dns designate -d '*.example.com' -d example.com run # or @@ -25,7 +25,7 @@ OS_REGION_NAME=RegionOne \ OS_AUTH_TYPE=v3applicationcredential \ OS_APPLICATION_CREDENTIAL_ID=imn74uq0or7dyzz20dwo1ytls4me8dry \ OS_APPLICATION_CREDENTIAL_SECRET=68FuSPSdQqkFQYH5X1OoriEIJOwyLtQ8QSqXZOc9XxFK1A9tzZT6He2PfPw0OMja \ -lego --email you@example.com --dns designate --domains my.example.org run +lego --email you@example.com --dns designate -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/digitalocean/digitalocean.toml b/providers/dns/digitalocean/digitalocean.toml index 11b7fa5d82..ef2e9de7ca 100644 --- a/providers/dns/digitalocean/digitalocean.toml +++ b/providers/dns/digitalocean/digitalocean.toml @@ -6,7 +6,7 @@ Since = "v0.3.0" Example = ''' DO_AUTH_TOKEN=xxxxxx \ -lego --email you@example.com --dns digitalocean --domains my.example.org run +lego --email you@example.com --dns digitalocean -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/directadmin/directadmin.toml b/providers/dns/directadmin/directadmin.toml index 0ad08f1596..6b9f1353f7 100644 --- a/providers/dns/directadmin/directadmin.toml +++ b/providers/dns/directadmin/directadmin.toml @@ -8,7 +8,7 @@ Example = ''' DIRECTADMIN_API_URL="http://example.com:2222" \ DIRECTADMIN_USERNAME=xxxx \ DIRECTADMIN_PASSWORD=yyy \ -lego --email you@example.com --dns directadmin --domains my.example.org run +lego --email you@example.com --dns directadmin -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/dnshomede/dnshomede.toml b/providers/dns/dnshomede/dnshomede.toml index 0af466bf14..3aafb4ef89 100644 --- a/providers/dns/dnshomede/dnshomede.toml +++ b/providers/dns/dnshomede/dnshomede.toml @@ -5,11 +5,11 @@ Code = "dnshomede" Since = "v4.10.0" Example = ''' -DNSHOMEDE_CREDENTIALS=sub.example.org:password \ -lego --email you@example.com --dns dnshomede --domains example.org --domains '*.example.org' run +DNSHOMEDE_CREDENTIALS=example.org:password \ +lego --email you@example.com --dns dnshomede -d '*.example.com' -d example.com run DNSHOMEDE_CREDENTIALS=my.example.org:password1,demo.example.org:password2 \ -lego --email you@example.com --dns dnshomede --domains my.example.org --domains demo.example.org +lego --email you@example.com --dns dnshomede -d my.example.org -d demo.example.org ''' [Configuration] diff --git a/providers/dns/dnsimple/dnsimple.toml b/providers/dns/dnsimple/dnsimple.toml index 0dd8f06e9c..4d31daae1b 100644 --- a/providers/dns/dnsimple/dnsimple.toml +++ b/providers/dns/dnsimple/dnsimple.toml @@ -6,7 +6,7 @@ Since = "v0.3.0" Example = ''' DNSIMPLE_OAUTH_TOKEN=1234567890abcdefghijklmnopqrstuvwxyz \ -lego --email you@example.com --dns dnsimple --domains my.example.org run +lego --email you@example.com --dns dnsimple -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/dnsmadeeasy/dnsmadeeasy.toml b/providers/dns/dnsmadeeasy/dnsmadeeasy.toml index fd0866f56b..28b38e771a 100644 --- a/providers/dns/dnsmadeeasy/dnsmadeeasy.toml +++ b/providers/dns/dnsmadeeasy/dnsmadeeasy.toml @@ -7,7 +7,7 @@ Since = "v0.4.0" Example = ''' DNSMADEEASY_API_KEY=xxxxxx \ DNSMADEEASY_API_SECRET=yyyyy \ -lego --email you@example.com --dns dnsmadeeasy --domains my.example.org run +lego --email you@example.com --dns dnsmadeeasy -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/dnspod/dnspod.toml b/providers/dns/dnspod/dnspod.toml index ff15355955..7723f12ed7 100644 --- a/providers/dns/dnspod/dnspod.toml +++ b/providers/dns/dnspod/dnspod.toml @@ -8,7 +8,7 @@ Since = "v0.4.0" Example = ''' DNSPOD_API_KEY=xxxxxx \ -lego --email you@example.com --dns dnspod --domains my.example.org run +lego --email you@example.com --dns dnspod -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/dode/dode.toml b/providers/dns/dode/dode.toml index c352d249ac..a6a6e8f294 100644 --- a/providers/dns/dode/dode.toml +++ b/providers/dns/dode/dode.toml @@ -6,7 +6,7 @@ Since = "v2.4.0" Example = ''' DODE_TOKEN=xxxxxx \ -lego --email you@example.com --dns dode --domains my.example.org run +lego --email you@example.com --dns dode -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/domeneshop/domeneshop.toml b/providers/dns/domeneshop/domeneshop.toml index 1bbd1e8589..8dfe806e5b 100644 --- a/providers/dns/domeneshop/domeneshop.toml +++ b/providers/dns/domeneshop/domeneshop.toml @@ -8,7 +8,7 @@ Since = "v4.3.0" Example = ''' DOMENESHOP_API_TOKEN= \ DOMENESHOP_API_SECRET= \ -lego --email example@example.com --dns domeneshop --domains example.com run +lego --email example@example.com --dns domeneshop -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/dreamhost/dreamhost.toml b/providers/dns/dreamhost/dreamhost.toml index 176848d4df..a359ad97f0 100644 --- a/providers/dns/dreamhost/dreamhost.toml +++ b/providers/dns/dreamhost/dreamhost.toml @@ -6,7 +6,7 @@ Since = "v1.1.0" Example = ''' DREAMHOST_API_KEY="YOURAPIKEY" \ -lego --email you@example.com --dns dreamhost --domains my.example.org run +lego --email you@example.com --dns dreamhost -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/duckdns/duckdns.toml b/providers/dns/duckdns/duckdns.toml index ae6b318b91..a0ae92c2df 100644 --- a/providers/dns/duckdns/duckdns.toml +++ b/providers/dns/duckdns/duckdns.toml @@ -6,7 +6,7 @@ Since = "v0.5.0" Example = ''' DUCKDNS_TOKEN=xxxxxx \ -lego --email you@example.com --dns duckdns --domains my.example.org run +lego --email you@example.com --dns duckdns -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/dyn/dyn.toml b/providers/dns/dyn/dyn.toml index dc754fe01b..e7607d0a2e 100644 --- a/providers/dns/dyn/dyn.toml +++ b/providers/dns/dyn/dyn.toml @@ -8,7 +8,7 @@ Example = ''' DYN_CUSTOMER_NAME=xxxxxx \ DYN_USER_NAME=yyyyy \ DYN_PASSWORD=zzzz \ -lego --email you@example.com --dns dyn --domains my.example.org run +lego --email you@example.com --dns dyn -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/dynu/dynu.toml b/providers/dns/dynu/dynu.toml index 22976ef408..7d12b428e2 100644 --- a/providers/dns/dynu/dynu.toml +++ b/providers/dns/dynu/dynu.toml @@ -6,7 +6,7 @@ Since = "v3.5.0" Example = ''' DYNU_API_KEY=1234567890abcdefghijklmnopqrstuvwxyz \ -lego --email you@example.com --dns dynu --domains my.example.org run +lego --email you@example.com --dns dynu -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/easydns/easydns.toml b/providers/dns/easydns/easydns.toml index 0b243f2766..4c775fb5a6 100644 --- a/providers/dns/easydns/easydns.toml +++ b/providers/dns/easydns/easydns.toml @@ -5,9 +5,9 @@ Code = "easydns" Since = "v2.6.0" Example = ''' -EASYDNS_TOKEN= \ -EASYDNS_KEY= \ -lego --email you@example.com --dns easydns --domains my.example.org run +EASYDNS_TOKEN=xxx \ +EASYDNS_KEY=yyy \ +lego --email you@example.com --dns easydns -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/edgedns/edgedns.toml b/providers/dns/edgedns/edgedns.toml index d543281d6c..c01500112f 100644 --- a/providers/dns/edgedns/edgedns.toml +++ b/providers/dns/edgedns/edgedns.toml @@ -12,7 +12,7 @@ AKAMAI_CLIENT_SECRET=abcdefghijklmnopqrstuvwxyz1234567890ABCDEFG= \ AKAMAI_CLIENT_TOKEN=akab-mnbvcxzlkjhgfdsapoiuytrewq1234567 \ AKAMAI_HOST=akab-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.luna.akamaiapis.net \ AKAMAI_ACCESS_TOKEN=akab-1234567890qwerty-asdfghjklzxcvtnu \ -lego --email you@example.com --dns edgedns --domains my.example.org run +lego --email you@example.com --dns edgedns -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/efficientip/efficientip.toml b/providers/dns/efficientip/efficientip.toml index cd20228072..f03a8026f2 100644 --- a/providers/dns/efficientip/efficientip.toml +++ b/providers/dns/efficientip/efficientip.toml @@ -9,7 +9,7 @@ EFFICIENTIP_USERNAME="user" \ EFFICIENTIP_PASSWORD="secret" \ EFFICIENTIP_HOSTNAME="ipam.example.org" \ EFFICIENTIP_DNS_NAME="dns.smart" \ -lego --email you@example.com --dns efficientip --domains my.example.org run +lego --email you@example.com --dns efficientip -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/epik/epik.toml b/providers/dns/epik/epik.toml index a07ef83ab5..d0f1fda038 100644 --- a/providers/dns/epik/epik.toml +++ b/providers/dns/epik/epik.toml @@ -6,7 +6,7 @@ Since = "v4.5.0" Example = ''' EPIK_SIGNATURE=xxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns epik --domains my.example.org run +lego --email you@example.com --dns epik -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/exec/exec.toml b/providers/dns/exec/exec.toml index e5868d6013..b5a68e36aa 100644 --- a/providers/dns/exec/exec.toml +++ b/providers/dns/exec/exec.toml @@ -6,7 +6,7 @@ Since = "v0.5.0" Example = ''' EXEC_PATH=/the/path/to/myscript.sh \ -lego --email you@example.com --dns exec --domains my.example.org run +lego --email you@example.com --dns exec -d '*.example.com' -d example.com run ''' Additional = ''' @@ -39,9 +39,7 @@ For example, requesting a certificate for the domain 'my.example.org' can be ach ```bash EXEC_PATH=./update-dns.sh \ - lego --email you@example.com \ - --dns exec \ - --domains my.example.org run +lego --email you@example.com --dns exec --d my.example.org run ``` It will then call the program './update-dns.sh' with like this: @@ -61,9 +59,7 @@ If you want to use the raw domain, token, and keyAuth values with your program, ```bash EXEC_MODE=RAW \ EXEC_PATH=./update-dns.sh \ - lego --email you@example.com \ - --dns exec \ - --domains my.example.org run +lego --email you@example.com --dns exec -d my.example.org run ``` It will then call the program `./update-dns.sh` like this: diff --git a/providers/dns/exoscale/exoscale.toml b/providers/dns/exoscale/exoscale.toml index 1a61e201a9..28a756413a 100644 --- a/providers/dns/exoscale/exoscale.toml +++ b/providers/dns/exoscale/exoscale.toml @@ -7,7 +7,7 @@ Since = "v0.4.0" Example = ''' EXOSCALE_API_KEY=abcdefghijklmnopqrstuvwx \ EXOSCALE_API_SECRET=xxxxxxx \ -lego --email you@example.com --dns exoscale --domains my.example.org run +lego --email you@example.com --dns exoscale -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/freemyip/freemyip.toml b/providers/dns/freemyip/freemyip.toml index ff3b601425..a71538ee3d 100644 --- a/providers/dns/freemyip/freemyip.toml +++ b/providers/dns/freemyip/freemyip.toml @@ -6,7 +6,7 @@ Since = "v4.5.0" Example = ''' FREEMYIP_TOKEN=xxxxxx \ -lego --email you@example.com --dns freemyip --domains my.example.org run +lego --email you@example.com --dns freemyip -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/gandi/gandi.toml b/providers/dns/gandi/gandi.toml index 0477bb7c71..be5bc00d2f 100644 --- a/providers/dns/gandi/gandi.toml +++ b/providers/dns/gandi/gandi.toml @@ -6,7 +6,7 @@ Since = "v0.3.0" Example = ''' GANDI_API_KEY=abcdefghijklmnopqrstuvwx \ -lego --email you@example.com --dns gandi --domains my.example.org run +lego --email you@example.com --dns gandi -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/gandiv5/gandiv5.toml b/providers/dns/gandiv5/gandiv5.toml index 4d952b2c20..ebeef84b8e 100644 --- a/providers/dns/gandiv5/gandiv5.toml +++ b/providers/dns/gandiv5/gandiv5.toml @@ -6,7 +6,7 @@ Since = "v0.5.0" Example = ''' GANDIV5_PERSONAL_ACCESS_TOKEN=abcdefghijklmnopqrstuvwx \ -lego --email you@example.com --dns gandiv5 --domains my.example.org run +lego --email you@example.com --dns gandiv5 -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/gcloud/gcloud.toml b/providers/dns/gcloud/gcloud.toml index 261e35b919..ed12a75dc7 100644 --- a/providers/dns/gcloud/gcloud.toml +++ b/providers/dns/gcloud/gcloud.toml @@ -5,12 +5,9 @@ Code = "gcloud" Since = "v0.3.0" Example = ''' -GCE_PROJECT="gc-project-id" GCE_SERVICE_ACCOUNT_FILE="/path/to/svc/account/file.json" lego \ - --email="abc@email.com" \ - --domains="example.com" \ - --dns="gcloud" \ - --path="${HOME}/.lego" \ - run +GCE_PROJECT="gc-project-id" \ +GCE_SERVICE_ACCOUNT_FILE="/path/to/svc/account/file.json" \ +lego --email you@email.com --dns gcloud -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/gcore/gcore.toml b/providers/dns/gcore/gcore.toml index 121a6d8827..bd514ac783 100644 --- a/providers/dns/gcore/gcore.toml +++ b/providers/dns/gcore/gcore.toml @@ -6,7 +6,7 @@ Since = "v4.5.0" Example = ''' GCORE_PERMANENT_API_TOKEN=xxxxx \ -lego --email you@example.com --dns gcore --domains my.example.org run +lego --email you@example.com --dns gcore -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/glesys/glesys.toml b/providers/dns/glesys/glesys.toml index 10c3e0732c..146b24517c 100644 --- a/providers/dns/glesys/glesys.toml +++ b/providers/dns/glesys/glesys.toml @@ -7,7 +7,7 @@ Since = "v0.5.0" Example = ''' GLESYS_API_USER=xxxxx \ GLESYS_API_KEY=yyyyy \ -lego --email you@example.com --dns glesys --domains my.example.org run +lego --email you@example.com --dns glesys -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/godaddy/godaddy.toml b/providers/dns/godaddy/godaddy.toml index 5983b0c09a..aa835d0879 100644 --- a/providers/dns/godaddy/godaddy.toml +++ b/providers/dns/godaddy/godaddy.toml @@ -7,7 +7,7 @@ Since = "v0.5.0" Example = ''' GODADDY_API_KEY=xxxxxxxx \ GODADDY_API_SECRET=yyyyyyyy \ -lego --email you@example.com --dns godaddy --domains my.example.org run +lego --email you@example.com --dns godaddy -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/googledomains/googledomains.toml b/providers/dns/googledomains/googledomains.toml index 2b1c4ddddc..97e5452cc8 100644 --- a/providers/dns/googledomains/googledomains.toml +++ b/providers/dns/googledomains/googledomains.toml @@ -6,7 +6,7 @@ Since = "v4.11.0" Example = ''' GOOGLE_DOMAINS_ACCESS_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns googledomains --domains my.example.org run +lego --email you@example.com --dns googledomains -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/hetzner/hetzner.toml b/providers/dns/hetzner/hetzner.toml index 19609f7db6..77d23acb8b 100644 --- a/providers/dns/hetzner/hetzner.toml +++ b/providers/dns/hetzner/hetzner.toml @@ -6,7 +6,7 @@ Since = "v3.7.0" Example = ''' HETZNER_API_KEY=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx \ -lego --email you@example.com --dns hetzner --domains my.example.org run +lego --email you@example.com --dns hetzner -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/hostingde/hostingde.toml b/providers/dns/hostingde/hostingde.toml index 3c0d18f363..39e7ab0f90 100644 --- a/providers/dns/hostingde/hostingde.toml +++ b/providers/dns/hostingde/hostingde.toml @@ -6,7 +6,7 @@ Since = "v1.1.0" Example = ''' HOSTINGDE_API_KEY=xxxxxxxx \ -lego --email you@example.com --dns hostingde --domains my.example.org run +lego --email you@example.com --dns hostingde -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/hosttech/hosttech.toml b/providers/dns/hosttech/hosttech.toml index b50eaeed9d..89d495b0cb 100644 --- a/providers/dns/hosttech/hosttech.toml +++ b/providers/dns/hosttech/hosttech.toml @@ -6,7 +6,7 @@ Since = "v4.5.0" Example = ''' HOSTTECH_API_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns hosttech --domains my.example.org run +lego --email you@example.com --dns hosttech -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/httpnet/httpnet.toml b/providers/dns/httpnet/httpnet.toml index a465d06e90..baf170973b 100644 --- a/providers/dns/httpnet/httpnet.toml +++ b/providers/dns/httpnet/httpnet.toml @@ -6,7 +6,7 @@ Since = "v4.15.0" Example = ''' HTTPNET_API_KEY=xxxxxxxx \ -lego --email you@example.com --dns httpnet --domains my.example.org run +lego --email you@example.com --dns httpnet -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/httpreq/httpreq.toml b/providers/dns/httpreq/httpreq.toml index cd6c823d36..43f3e4f62e 100644 --- a/providers/dns/httpreq/httpreq.toml +++ b/providers/dns/httpreq/httpreq.toml @@ -6,7 +6,7 @@ Since = "v2.0.0" Example = ''' HTTPREQ_ENDPOINT=http://my.server.com:9090 \ -lego --email you@example.com --dns httpreq --domains my.example.org run +lego --email you@example.com --dns httpreq -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/huaweicloud/huaweicloud.toml b/providers/dns/huaweicloud/huaweicloud.toml index 2354165516..423dd9d7d1 100644 --- a/providers/dns/huaweicloud/huaweicloud.toml +++ b/providers/dns/huaweicloud/huaweicloud.toml @@ -8,7 +8,7 @@ Example = ''' HUAWEICLOUD_ACCESS_KEY_ID=your-access-key-id \ HUAWEICLOUD_SECRET_ACCESS_KEY=your-secret-access-key \ HUAWEICLOUD_REGION=cn-south-1 \ -lego --email you@example.com --dns huaweicloud --domains my.example.org run +lego --email you@example.com --dns huaweicloud -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/hurricane/hurricane.toml b/providers/dns/hurricane/hurricane.toml index ce96a3963e..88e73dea9b 100644 --- a/providers/dns/hurricane/hurricane.toml +++ b/providers/dns/hurricane/hurricane.toml @@ -6,10 +6,10 @@ Since = "v4.3.0" Example = ''' HURRICANE_TOKENS=example.org:token \ -lego --email you@example.com --dns hurricane --domains example.org --domains '*.example.org' run +lego --email you@example.com --dns hurricane -d '*.example.com' -d example.com run HURRICANE_TOKENS=my.example.org:token1,demo.example.org:token2 \ -lego --email you@example.com --dns hurricane --domains my.example.org --domains demo.example.org +lego --email you@example.com --dns hurricane -d my.example.org -d demo.example.org ''' Additional = """ diff --git a/providers/dns/hyperone/hyperone.toml b/providers/dns/hyperone/hyperone.toml index bf6d874efc..bebde3185e 100644 --- a/providers/dns/hyperone/hyperone.toml +++ b/providers/dns/hyperone/hyperone.toml @@ -5,7 +5,7 @@ Code = "hyperone" Since = "v3.9.0" Example = ''' -lego --email you@example.com --dns hyperone --domains my.example.org run +lego --email you@example.com --dns hyperone -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/ibmcloud/ibmcloud.toml b/providers/dns/ibmcloud/ibmcloud.toml index 2a87c5846f..270995465c 100644 --- a/providers/dns/ibmcloud/ibmcloud.toml +++ b/providers/dns/ibmcloud/ibmcloud.toml @@ -7,7 +7,7 @@ Since = "v4.5.0" Example = ''' SOFTLAYER_USERNAME=xxxxx \ SOFTLAYER_API_KEY=yyyyy \ -lego --email you@example.com --dns ibmcloud --domains my.example.org run +lego --email you@example.com --dns ibmcloud -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/iij/iij.toml b/providers/dns/iij/iij.toml index db0f733092..da7590dd9d 100644 --- a/providers/dns/iij/iij.toml +++ b/providers/dns/iij/iij.toml @@ -8,7 +8,7 @@ Example = ''' IIJ_API_ACCESS_KEY=xxxxxxxx \ IIJ_API_SECRET_KEY=yyyyyy \ IIJ_DO_SERVICE_CODE=zzzzzz \ -lego --email you@example.com --dns iij --domains my.example.org run +lego --email you@example.com --dns iij -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/iijdpf/iijdpf.toml b/providers/dns/iijdpf/iijdpf.toml index 7fa76c04c8..297866e2b8 100644 --- a/providers/dns/iijdpf/iijdpf.toml +++ b/providers/dns/iijdpf/iijdpf.toml @@ -7,7 +7,7 @@ Since = "v4.7.0" Example = ''' IIJ_DPF_API_TOKEN=xxxxxxxx \ IIJ_DPF_DPM_SERVICE_CODE=yyyyyy \ -lego --email you@example.com --dns iijdpf --domains my.example.org run +lego --email you@example.com --dns iijdpf -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/infoblox/infoblox.toml b/providers/dns/infoblox/infoblox.toml index 761e6f6532..ad7cb5cef7 100644 --- a/providers/dns/infoblox/infoblox.toml +++ b/providers/dns/infoblox/infoblox.toml @@ -8,7 +8,7 @@ Example = ''' INFOBLOX_USERNAME=api-user-529 \ INFOBLOX_PASSWORD=b9841238feb177a84330febba8a83208921177bffe733 \ INFOBLOX_HOST=infoblox.example.org -lego --email you@example.com --dns infoblox --domains my.example.org run +lego --email you@example.com --dns infoblox -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/infomaniak/infomaniak.toml b/providers/dns/infomaniak/infomaniak.toml index f480ab1939..2de205b8fb 100644 --- a/providers/dns/infomaniak/infomaniak.toml +++ b/providers/dns/infomaniak/infomaniak.toml @@ -6,7 +6,7 @@ Since = "v4.1.0" Example = ''' INFOMANIAK_ACCESS_TOKEN=1234567898765432 \ -lego --email you@example.com --dns infomaniak --domains my.example.org run +lego --email you@example.com --dns infomaniak -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/internal/useragent/useragent.go b/providers/dns/internal/useragent/useragent.go index 8ecbfcccba..76696ddf2e 100644 --- a/providers/dns/internal/useragent/useragent.go +++ b/providers/dns/internal/useragent/useragent.go @@ -1,4 +1,4 @@ -// Code generated by 'internal/useragent'; DO NOT EDIT. +// Code generated by 'internal/releaser'; DO NOT EDIT. package useragent @@ -10,7 +10,7 @@ import ( const ( // ourUserAgent is the User-Agent of this underlying library package. - ourUserAgent = "goacme-lego/4.19.2" + ourUserAgent = "goacme-lego/4.20.2" // ourUserAgentComment is part of the UA comment linked to the version status of this underlying library package. // values: detach|release diff --git a/providers/dns/internetbs/internetbs.toml b/providers/dns/internetbs/internetbs.toml index 6f705ba62d..054a1f6e98 100644 --- a/providers/dns/internetbs/internetbs.toml +++ b/providers/dns/internetbs/internetbs.toml @@ -7,7 +7,7 @@ Since = "v4.5.0" Example = ''' INTERNET_BS_API_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxx \ INTERNET_BS_PASSWORD=yyyyyyyyyyyyyyyyyyyyyyyyyy \ -lego --email you@example.com --dns internetbs --domains my.example.org run +lego --email you@example.com --dns internetbs -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/inwx/inwx.toml b/providers/dns/inwx/inwx.toml index 7e30463aec..1186dcf20a 100644 --- a/providers/dns/inwx/inwx.toml +++ b/providers/dns/inwx/inwx.toml @@ -7,13 +7,13 @@ Since = "v2.0.0" Example = ''' INWX_USERNAME=xxxxxxxxxx \ INWX_PASSWORD=yyyyyyyyyy \ -lego --email you@example.com --dns inwx --domains my.example.org run +lego --email you@example.com --dns inwx -d '*.example.com' -d example.com run # 2FA INWX_USERNAME=xxxxxxxxxx \ INWX_PASSWORD=yyyyyyyyyy \ INWX_SHARED_SECRET=zzzzzzzzzz \ -lego --email you@example.com --dns inwx --domains my.example.org run +lego --email you@example.com --dns inwx -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/ionos/ionos.toml b/providers/dns/ionos/ionos.toml index b545128e66..e9bfd73193 100644 --- a/providers/dns/ionos/ionos.toml +++ b/providers/dns/ionos/ionos.toml @@ -6,7 +6,7 @@ Since = "v4.2.0" Example = ''' IONOS_API_KEY=xxxxxxxx \ -lego --email you@example.com --dns ionos --domains my.example.org run +lego --email you@example.com --dns ionos -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/ipv64/ipv64.toml b/providers/dns/ipv64/ipv64.toml index 6bcf841f04..ece506c346 100644 --- a/providers/dns/ipv64/ipv64.toml +++ b/providers/dns/ipv64/ipv64.toml @@ -6,7 +6,7 @@ Since = "v4.13.0" Example = ''' IPV64_API_KEY=xxxxxx \ -lego --email you@example.com --dns ipv64 --domains my.example.org run +lego --email you@example.com --dns ipv64 -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/iwantmyname/iwantmyname.toml b/providers/dns/iwantmyname/iwantmyname.toml index 1bdf589bec..6789770292 100644 --- a/providers/dns/iwantmyname/iwantmyname.toml +++ b/providers/dns/iwantmyname/iwantmyname.toml @@ -7,7 +7,7 @@ Since = "v4.7.0" Example = ''' IWANTMYNAME_USERNAME=xxxxxxxx \ IWANTMYNAME_PASSWORD=xxxxxxxx \ -lego --email you@example.com --dns iwantmyname --domains my.example.org run +lego --email you@example.com --dns iwantmyname -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/joker/joker.toml b/providers/dns/joker/joker.toml index 786097ac40..1f5acf17fc 100644 --- a/providers/dns/joker/joker.toml +++ b/providers/dns/joker/joker.toml @@ -9,17 +9,17 @@ Example = ''' JOKER_API_MODE=SVC \ JOKER_USERNAME= \ JOKER_PASSWORD= \ -lego --email you@example.com --dns joker --domains my.example.org run +lego --email you@example.com --dns joker -d '*.example.com' -d example.com run # DMAPI JOKER_API_MODE=DMAPI \ JOKER_USERNAME= \ JOKER_PASSWORD= \ -lego --email you@example.com --dns joker --domains my.example.org run +lego --email you@example.com --dns joker -d '*.example.com' -d example.com run ## or JOKER_API_MODE=DMAPI \ JOKER_API_KEY= \ -lego --email you@example.com --dns joker --domains my.example.org run +lego --email you@example.com --dns joker -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/liara/liara.toml b/providers/dns/liara/liara.toml index 323229c5cc..aaa4061f55 100644 --- a/providers/dns/liara/liara.toml +++ b/providers/dns/liara/liara.toml @@ -6,7 +6,7 @@ Since = "v4.10.0" Example = ''' LIARA_API_KEY="xxxxxxxxxxxxxxxxxxxxx" \ -lego --email myemail@example.com --dns liara --domains my.example.org run +lego --email you@example.com --dns liara -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/limacity/limacity.go b/providers/dns/limacity/limacity.go index 87b7d37aab..a999f56489 100644 --- a/providers/dns/limacity/limacity.go +++ b/providers/dns/limacity/limacity.go @@ -153,7 +153,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error { domainID, ok := d.domainIDs[token] d.domainIDsMu.Unlock() if !ok { - return fmt.Errorf("liara: unknown domain ID for '%s' '%s'", info.EffectiveFQDN, token) + return fmt.Errorf("limacity: unknown domain ID for '%s' '%s'", info.EffectiveFQDN, token) } records, err := d.client.GetRecords(context.Background(), domainID) diff --git a/providers/dns/limacity/limacity.toml b/providers/dns/limacity/limacity.toml index 68766a3151..c9bcaf16e7 100644 --- a/providers/dns/limacity/limacity.toml +++ b/providers/dns/limacity/limacity.toml @@ -6,7 +6,7 @@ Since = "v4.18.0" Example = ''' LIMACITY_API_KEY="xxxxxxxxxxxxxxxxxxxxx" \ -lego --email myemail@example.com --dns limacity --domains my.example.org run +lego --email you@example.com --dns limacity -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/linode/linode.toml b/providers/dns/linode/linode.toml index 91fbc783c2..790a2238c9 100644 --- a/providers/dns/linode/linode.toml +++ b/providers/dns/linode/linode.toml @@ -7,7 +7,7 @@ Since = "v1.1.0" Example = ''' LINODE_TOKEN=xxxxx \ -lego --email you@example.com --dns linode --domains my.example.org run +lego --email you@example.com --dns linode -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/liquidweb/liquidweb.toml b/providers/dns/liquidweb/liquidweb.toml index c9116912e7..987b8027df 100644 --- a/providers/dns/liquidweb/liquidweb.toml +++ b/providers/dns/liquidweb/liquidweb.toml @@ -7,7 +7,7 @@ Since = "v3.1.0" Example = ''' LWAPI_USERNAME=someuser \ LWAPI_PASSWORD=somepass \ -lego --email you@example.com --dns liquidweb --domains my.example.org run +lego --email you@example.com --dns liquidweb -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/loopia/loopia.toml b/providers/dns/loopia/loopia.toml index e0a75effdc..f1065b35e7 100644 --- a/providers/dns/loopia/loopia.toml +++ b/providers/dns/loopia/loopia.toml @@ -7,7 +7,7 @@ Since = "v4.2.0" Example = ''' LOOPIA_API_USER=xxxxxxxx \ LOOPIA_API_PASSWORD=yyyyyyyy \ -lego --email my@email.com --dns loopia --domains my.domain.com run +lego --email you@example.com --dns loopia -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/luadns/luadns.toml b/providers/dns/luadns/luadns.toml index 60c11c8152..b55751f556 100644 --- a/providers/dns/luadns/luadns.toml +++ b/providers/dns/luadns/luadns.toml @@ -7,7 +7,7 @@ Since = "v3.7.0" Example = ''' LUADNS_API_USERNAME=youremail \ LUADNS_API_TOKEN=xxxxxxxx \ -lego --email you@example.com --dns luadns --domains my.example.org run +lego --email you@example.com --dns luadns -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/mailinabox/mailinabox.toml b/providers/dns/mailinabox/mailinabox.toml index fdfef081b0..8ee282396a 100644 --- a/providers/dns/mailinabox/mailinabox.toml +++ b/providers/dns/mailinabox/mailinabox.toml @@ -8,7 +8,7 @@ Example = ''' MAILINABOX_EMAIL=user@example.com \ MAILINABOX_PASSWORD=yyyy \ MAILINABOX_BASE_URL=https://box.example.com \ -lego --email you@example.com --dns mailinabox --domains my.example.org run +lego --email you@example.com --dns mailinabox -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/metaname/metaname.toml b/providers/dns/metaname/metaname.toml index bacdf9b6c1..142f06639f 100644 --- a/providers/dns/metaname/metaname.toml +++ b/providers/dns/metaname/metaname.toml @@ -7,7 +7,7 @@ Since = "v4.13.0" Example = ''' METANAME_ACCOUNT_REFERENCE=xxxx \ METANAME_API_KEY=yyyyyyy \ -lego --email you@example.com --dns metaname --domains my.example.org run +lego --email you@example.com --dns metaname -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/mijnhost/mijnhost.toml b/providers/dns/mijnhost/mijnhost.toml index 7140c45f54..7cea55a183 100644 --- a/providers/dns/mijnhost/mijnhost.toml +++ b/providers/dns/mijnhost/mijnhost.toml @@ -6,7 +6,7 @@ Since = "v4.18.0" Example = ''' MIJNHOST_API_KEY="xxxxxxxxxxxxxxxxxxxxx" \ -lego --email myemail@example.com --dns mijnhost --domains my.example.org run +lego --email you@example.com --dns mijnhost -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/mittwald/mittwald.toml b/providers/dns/mittwald/mittwald.toml index 2df7d026ff..7df9797b60 100644 --- a/providers/dns/mittwald/mittwald.toml +++ b/providers/dns/mittwald/mittwald.toml @@ -6,7 +6,7 @@ Since = "v1.48.0" Example = ''' MITTWALD_TOKEN=my-token \ -lego --email you@example.com --dns mittwald --domains my.example.org run +lego --email you@example.com --dns mittwald -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/mydnsjp/mydnsjp.toml b/providers/dns/mydnsjp/mydnsjp.toml index 2d3b310e24..d462e95377 100644 --- a/providers/dns/mydnsjp/mydnsjp.toml +++ b/providers/dns/mydnsjp/mydnsjp.toml @@ -7,7 +7,7 @@ Since = "v1.2.0" Example = ''' MYDNSJP_MASTER_ID=xxxxx \ MYDNSJP_PASSWORD=xxxxx \ -lego --email you@example.com --dns mydnsjp --domains my.example.org run +lego --email you@example.com --dns mydnsjp -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/mythicbeasts/mythicbeasts.toml b/providers/dns/mythicbeasts/mythicbeasts.toml index 6cb3a28f07..86d69d017b 100644 --- a/providers/dns/mythicbeasts/mythicbeasts.toml +++ b/providers/dns/mythicbeasts/mythicbeasts.toml @@ -7,7 +7,7 @@ Since = "v0.3.7" Example = ''' MYTHICBEASTS_USERNAME=myuser \ MYTHICBEASTS_PASSWORD=mypass \ -lego --email you@example.com --dns mythicbeasts --domains my.example.org run +lego --email you@example.com --dns mythicbeasts -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/namecheap/namecheap.toml b/providers/dns/namecheap/namecheap.toml index 004b2a4a15..ef2ef53c4a 100644 --- a/providers/dns/namecheap/namecheap.toml +++ b/providers/dns/namecheap/namecheap.toml @@ -14,7 +14,7 @@ More information in the section [Enabling API Access](https://www.namecheap.com/ Example = ''' NAMECHEAP_API_USER=user \ NAMECHEAP_API_KEY=key \ -lego --email you@example.com --dns namecheap --domains my.example.org run +lego --email you@example.com --dns namecheap -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/namedotcom/namedotcom.toml b/providers/dns/namedotcom/namedotcom.toml index 41ed103db5..768164cf8d 100644 --- a/providers/dns/namedotcom/namedotcom.toml +++ b/providers/dns/namedotcom/namedotcom.toml @@ -7,7 +7,7 @@ Since = "v0.5.0" Example = ''' NAMECOM_USERNAME=foo.bar \ NAMECOM_API_TOKEN=a379a6f6eeafb9a55e378c118034e2751e682fab \ -lego --email you@example.com --dns namedotcom --domains my.example.org run +lego --email you@example.com --dns namedotcom -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/namesilo/namesilo.toml b/providers/dns/namesilo/namesilo.toml index a4e8687b15..991e78fccf 100644 --- a/providers/dns/namesilo/namesilo.toml +++ b/providers/dns/namesilo/namesilo.toml @@ -6,7 +6,7 @@ Since = "v2.7.0" Example = ''' NAMESILO_API_KEY=b9841238feb177a84330febba8a83208921177bffe733 \ -lego --email you@example.com --dns namesilo --domains my.example.org run +lego --email you@example.com --dns namesilo -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/nearlyfreespeech/nearlyfreespeech.toml b/providers/dns/nearlyfreespeech/nearlyfreespeech.toml index e81579f662..985df6cbae 100644 --- a/providers/dns/nearlyfreespeech/nearlyfreespeech.toml +++ b/providers/dns/nearlyfreespeech/nearlyfreespeech.toml @@ -7,7 +7,7 @@ Since = "v4.8.0" Example = ''' NEARLYFREESPEECH_API_KEY=xxxxxx \ NEARLYFREESPEECH_LOGIN=xxxx \ -lego --email you@example.com --dns nearlyfreespeech --domains my.example.org run +lego --email you@example.com --dns nearlyfreespeech -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/netcup/netcup.toml b/providers/dns/netcup/netcup.toml index 790d97ba07..0954d07d6e 100644 --- a/providers/dns/netcup/netcup.toml +++ b/providers/dns/netcup/netcup.toml @@ -8,7 +8,7 @@ Example = ''' NETCUP_CUSTOMER_NUMBER=xxxx \ NETCUP_API_KEY=yyyy \ NETCUP_API_PASSWORD=zzzz \ -lego --email you@example.com --dns netcup --domains my.example.org run +lego --email you@example.com --dns netcup -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/netlify/netlify.toml b/providers/dns/netlify/netlify.toml index af53c7b290..1191c6bebc 100644 --- a/providers/dns/netlify/netlify.toml +++ b/providers/dns/netlify/netlify.toml @@ -6,7 +6,7 @@ Since = "v3.7.0" Example = ''' NETLIFY_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns netlify --domains my.example.org run +lego --email you@example.com --dns netlify -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/nicmanager/nicmanager.toml b/providers/dns/nicmanager/nicmanager.toml index 913f685b4a..7be44deb8c 100644 --- a/providers/dns/nicmanager/nicmanager.toml +++ b/providers/dns/nicmanager/nicmanager.toml @@ -13,7 +13,7 @@ NICMANAGER_API_PASSWORD = "password" \ # Optionally, if your account has TOTP enabled, set the secret here NICMANAGER_API_OTP = "long-secret" \ -lego --email you@example.com --dns nicmanager --domains my.example.org run +lego --email you@example.com --dns nicmanager -d '*.example.com' -d example.com run ## Login using account name + username @@ -24,7 +24,7 @@ NICMANAGER_API_PASSWORD = "password" \ # Optionally, if your account has TOTP enabled, set the secret here NICMANAGER_API_OTP = "long-secret" \ -lego --email you@example.com --dns nicmanager --domains my.example.org run +lego --email you@example.com --dns nicmanager -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/nifcloud/nifcloud.toml b/providers/dns/nifcloud/nifcloud.toml index 35d302aa80..9966ce8820 100644 --- a/providers/dns/nifcloud/nifcloud.toml +++ b/providers/dns/nifcloud/nifcloud.toml @@ -7,7 +7,7 @@ Since = "v1.1.0" Example = ''' NIFCLOUD_ACCESS_KEY_ID=xxxx \ NIFCLOUD_SECRET_ACCESS_KEY=yyyy \ -lego --email you@example.com --dns nifcloud --domains my.example.org run +lego --email you@example.com --dns nifcloud -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/njalla/njalla.toml b/providers/dns/njalla/njalla.toml index e9670b8372..a7e46c02dc 100644 --- a/providers/dns/njalla/njalla.toml +++ b/providers/dns/njalla/njalla.toml @@ -6,7 +6,7 @@ Since = "v4.3.0" Example = ''' NJALLA_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns njalla --domains my.example.org run +lego --email you@example.com --dns njalla -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/nodion/nodion.toml b/providers/dns/nodion/nodion.toml index ae76b5f5be..5bf2e1df16 100644 --- a/providers/dns/nodion/nodion.toml +++ b/providers/dns/nodion/nodion.toml @@ -6,7 +6,7 @@ Since = "v4.11.0" Example = ''' NODION_API_TOKEN="xxxxxxxxxxxxxxxxxxxxx" \ -lego --email myemail@example.com --dns nodion --domains my.example.org run +lego --email you@example.com --dns nodion -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/ns1/ns1.toml b/providers/dns/ns1/ns1.toml index e65bacdfaf..9aeb0841e8 100644 --- a/providers/dns/ns1/ns1.toml +++ b/providers/dns/ns1/ns1.toml @@ -6,7 +6,7 @@ Since = "v0.4.0" Example = ''' NS1_API_KEY=xxxx \ -lego --email you@example.com --dns ns1 --domains my.example.org run +lego --email you@example.com --dns ns1 -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/oraclecloud/oraclecloud.toml b/providers/dns/oraclecloud/oraclecloud.toml index 9380be9ed7..70b776554e 100644 --- a/providers/dns/oraclecloud/oraclecloud.toml +++ b/providers/dns/oraclecloud/oraclecloud.toml @@ -12,7 +12,7 @@ OCI_USER_OCID="ocid1.user.oc1..secret" \ OCI_PUBKEY_FINGERPRINT="00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" \ OCI_REGION="us-phoenix-1" \ OCI_COMPARTMENT_OCID="ocid1.tenancy.oc1..secret" \ -lego --email you@example.com --dns oraclecloud --domains my.example.org run +lego --email you@example.com --dns oraclecloud -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/ovh/ovh.toml b/providers/dns/ovh/ovh.toml index 4e9d35f262..cbdcb43aef 100644 --- a/providers/dns/ovh/ovh.toml +++ b/providers/dns/ovh/ovh.toml @@ -11,20 +11,20 @@ OVH_APPLICATION_KEY=1234567898765432 \ OVH_APPLICATION_SECRET=b9841238feb177a84330febba8a832089 \ OVH_CONSUMER_KEY=256vfsd347245sdfg \ OVH_ENDPOINT=ovh-eu \ -lego --email you@example.com --dns ovh --domains my.example.org run +lego --email you@example.com --dns ovh -d '*.example.com' -d example.com run # Or Access Token: OVH_ACCESS_TOKEN=xxx \ OVH_ENDPOINT=ovh-eu \ -lego --email you@example.com --dns ovh --domains my.example.org run +lego --email you@example.com --dns ovh -d '*.example.com' -d example.com run # Or OAuth2: OVH_CLIENT_ID=yyy \ OVH_CLIENT_SECRET=xxx \ OVH_ENDPOINT=ovh-eu \ -lego --email you@example.com --dns ovh --domains my.example.org run +lego --email you@example.com --dns ovh -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/pdns/pdns.toml b/providers/dns/pdns/pdns.toml index a59c02cdad..81158c4440 100644 --- a/providers/dns/pdns/pdns.toml +++ b/providers/dns/pdns/pdns.toml @@ -7,7 +7,7 @@ Since = "v0.4.0" Example = ''' PDNS_API_URL=http://pdns-server:80/ \ PDNS_API_KEY=xxxx \ -lego --email you@example.com --dns pdns --domains my.example.org run +lego --email you@example.com --dns pdns -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/plesk/plesk.toml b/providers/dns/plesk/plesk.toml index 96b507cd73..3a67065d6a 100644 --- a/providers/dns/plesk/plesk.toml +++ b/providers/dns/plesk/plesk.toml @@ -8,7 +8,7 @@ Example = ''' PLESK_SERVER_BASE_URL="https://plesk.myserver.com:8443" \ PLESK_USERNAME=xxxxxx \ PLESK_PASSWORD=yyyyyy \ -lego --email you@example.com --dns plesk --domains my.example.org run +lego --email you@example.com --dns plesk -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/porkbun/porkbun.toml b/providers/dns/porkbun/porkbun.toml index b06f5c300d..91b0b13290 100644 --- a/providers/dns/porkbun/porkbun.toml +++ b/providers/dns/porkbun/porkbun.toml @@ -7,7 +7,7 @@ Since = "v4.4.0" Example = ''' PORKBUN_SECRET_API_KEY=xxxxxx \ PORKBUN_API_KEY=yyyyyy \ -lego --email you@example.com --dns porkbun --domains my.example.org run +lego --email you@example.com --dns porkbun -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/rackspace/rackspace.toml b/providers/dns/rackspace/rackspace.toml index 35768b4ed1..ae0b0fca4e 100644 --- a/providers/dns/rackspace/rackspace.toml +++ b/providers/dns/rackspace/rackspace.toml @@ -7,7 +7,7 @@ Since = "v0.4.0" Example = ''' RACKSPACE_USER=xxxx \ RACKSPACE_API_KEY=yyyy \ -lego --email you@example.com --dns rackspace --domains my.example.org run +lego --email you@example.com --dns rackspace -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/rcodezero/rcodezero.toml b/providers/dns/rcodezero/rcodezero.toml index a012736f4f..7ab451e5f9 100644 --- a/providers/dns/rcodezero/rcodezero.toml +++ b/providers/dns/rcodezero/rcodezero.toml @@ -6,7 +6,7 @@ Since = "v4.13" Example = ''' RCODEZERO_API_TOKEN= \ -lego --email you@example.com --dns rcodezero --domains my.example.org run +lego --email you@example.com --dns rcodezero -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/regfish/regfish.go b/providers/dns/regfish/regfish.go new file mode 100644 index 0000000000..306c59bdd8 --- /dev/null +++ b/providers/dns/regfish/regfish.go @@ -0,0 +1,143 @@ +// Package regfish implements a DNS provider for solving the DNS-01 challenge using Regfish. +package regfish + +import ( + "errors" + "fmt" + "net/http" + "sync" + "time" + + "github.com/go-acme/lego/v4/challenge/dns01" + "github.com/go-acme/lego/v4/platform/config/env" + regfishapi "github.com/regfish/regfish-dnsapi-go" +) + +// Environment variables names. +const ( + envNamespace = "REGFISH_" + + EnvAPIKey = envNamespace + "API_KEY" + + EnvTTL = envNamespace + "TTL" + EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT" + EnvPollingInterval = envNamespace + "POLLING_INTERVAL" + EnvHTTPTimeout = envNamespace + "HTTP_TIMEOUT" +) + +// Config is used to configure the creation of the DNSProvider. +type Config struct { + APIKey string + + PropagationTimeout time.Duration + PollingInterval time.Duration + TTL int + HTTPClient *http.Client +} + +// NewDefaultConfig returns a default configuration for the DNSProvider. +func NewDefaultConfig() *Config { + return &Config{ + TTL: env.GetOrDefaultInt(EnvTTL, dns01.DefaultTTL), + PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, dns01.DefaultPropagationTimeout), + PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, dns01.DefaultPollingInterval), + HTTPClient: &http.Client{ + Timeout: env.GetOrDefaultSecond(EnvHTTPTimeout, 30*time.Second), + }, + } +} + +// DNSProvider implements the challenge.Provider interface. +type DNSProvider struct { + config *Config + client *regfishapi.Client + + recordIDs map[string]int + recordIDsMu sync.Mutex +} + +// NewDNSProvider returns a DNSProvider instance configured for Regfish. +func NewDNSProvider() (*DNSProvider, error) { + values, err := env.Get(EnvAPIKey) + if err != nil { + return nil, fmt.Errorf("regfish: %w", err) + } + + config := NewDefaultConfig() + config.APIKey = values[EnvAPIKey] + + return NewDNSProviderConfig(config) +} + +// NewDNSProviderConfig return a DNSProvider instance configured for Regfish. +func NewDNSProviderConfig(config *Config) (*DNSProvider, error) { + if config == nil { + return nil, errors.New("regfish: the configuration of the DNS provider is nil") + } + + if config.APIKey == "" { + return nil, errors.New("regfish: credentials missing") + } + + client := regfishapi.NewClient(config.APIKey) + + return &DNSProvider{ + config: config, + client: client, + recordIDs: make(map[string]int), + }, nil +} + +// Present creates a TXT record using the specified parameters. +func (d *DNSProvider) Present(domain, token, keyAuth string) error { + info := dns01.GetChallengeInfo(domain, keyAuth) + + record := regfishapi.Record{ + Name: info.EffectiveFQDN, + Type: "TXT", + Data: info.Value, + TTL: d.config.TTL, + } + + newRecord, err := d.client.CreateRecord(record) + if err != nil { + return fmt.Errorf("regfish: create record: %w", err) + } + + d.recordIDsMu.Lock() + d.recordIDs[token] = newRecord.ID + d.recordIDsMu.Unlock() + + return nil +} + +// CleanUp removes the TXT record matching the specified parameters. +func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error { + info := dns01.GetChallengeInfo(domain, keyAuth) + + // get the record's unique ID from when we created it + d.recordIDsMu.Lock() + recordID, ok := d.recordIDs[token] + d.recordIDsMu.Unlock() + if !ok { + return fmt.Errorf("regfish: unknown record ID for '%s'", info.EffectiveFQDN) + } + + err := d.client.DeleteRecord(recordID) + if err != nil { + return fmt.Errorf("regfish: delete record: %w", err) + } + + // Delete record ID from map + d.recordIDsMu.Lock() + delete(d.recordIDs, token) + d.recordIDsMu.Unlock() + + return nil +} + +// Timeout returns the timeout and interval to use when checking for DNS propagation. +// Adjusting here to cope with spikes in propagation times. +func (d *DNSProvider) Timeout() (timeout, interval time.Duration) { + return d.config.PropagationTimeout, d.config.PollingInterval +} diff --git a/providers/dns/regfish/regfish.toml b/providers/dns/regfish/regfish.toml new file mode 100644 index 0000000000..fbc4bdd703 --- /dev/null +++ b/providers/dns/regfish/regfish.toml @@ -0,0 +1,23 @@ +Name = "Regfish" +Description = '''''' +URL = "https://regfish.de/" +Code = "regfish" +Since = "v4.20.0" + +Example = ''' +REGFISH_API_KEY="xxxxxxxxxxxxxxxxxxxxx" \ +lego --email you@example.com --dns regfish -d '*.example.com' -d example.com run +''' + +[Configuration] + [Configuration.Credentials] + REGFISH_API_KEY = "API key" + [Configuration.Additional] + REGFISH_POLLING_INTERVAL = "Time between DNS propagation check" + REGFISH_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + REGFISH_TTL = "The TTL of the TXT record used for the DNS challenge" + REGFISH_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://regfish.readme.io/" + GoClient = "https://github.com/regfish/regfish-dnsapi-go" diff --git a/providers/dns/regfish/regfish_test.go b/providers/dns/regfish/regfish_test.go new file mode 100644 index 0000000000..80928048fe --- /dev/null +++ b/providers/dns/regfish/regfish_test.go @@ -0,0 +1,113 @@ +package regfish + +import ( + "testing" + + "github.com/go-acme/lego/v4/platform/tester" + "github.com/stretchr/testify/require" +) + +const envDomain = envNamespace + "DOMAIN" + +var envTest = tester.NewEnvTest(EnvAPIKey).WithDomain(envDomain) + +func TestNewDNSProvider(t *testing.T) { + testCases := []struct { + desc string + envVars map[string]string + expected string + }{ + { + desc: "success", + envVars: map[string]string{ + EnvAPIKey: "secret", + }, + }, + { + desc: "missing credentials", + envVars: map[string]string{}, + expected: "regfish: some credentials information are missing: REGFISH_API_KEY", + }, + } + + for _, test := range testCases { + t.Run(test.desc, func(t *testing.T) { + defer envTest.RestoreEnv() + envTest.ClearEnv() + + envTest.Apply(test.envVars) + + p, err := NewDNSProvider() + + if test.expected == "" { + require.NoError(t, err) + require.NotNil(t, p) + require.NotNil(t, p.config) + require.NotNil(t, p.client) + } else { + require.EqualError(t, err, test.expected) + } + }) + } +} + +func TestNewDNSProviderConfig(t *testing.T) { + testCases := []struct { + desc string + apiKey string + expected string + }{ + { + desc: "success", + apiKey: "secret", + }, + { + desc: "missing credentials", + expected: "regfish: credentials missing", + }, + } + + for _, test := range testCases { + t.Run(test.desc, func(t *testing.T) { + config := NewDefaultConfig() + config.APIKey = test.apiKey + + p, err := NewDNSProviderConfig(config) + + if test.expected == "" { + require.NoError(t, err) + require.NotNil(t, p) + require.NotNil(t, p.config) + require.NotNil(t, p.client) + } else { + require.EqualError(t, err, test.expected) + } + }) + } +} + +func TestLivePresent(t *testing.T) { + if !envTest.IsLiveTest() { + t.Skip("skipping live test") + } + + envTest.RestoreEnv() + provider, err := NewDNSProvider() + require.NoError(t, err) + + err = provider.Present(envTest.GetDomain(), "", "123d==") + require.NoError(t, err) +} + +func TestLiveCleanUp(t *testing.T) { + if !envTest.IsLiveTest() { + t.Skip("skipping live test") + } + + envTest.RestoreEnv() + provider, err := NewDNSProvider() + require.NoError(t, err) + + err = provider.CleanUp(envTest.GetDomain(), "", "123d==") + require.NoError(t, err) +} diff --git a/providers/dns/regru/internal/client.go b/providers/dns/regru/internal/client.go index 8d91f4a66f..7ce633b054 100644 --- a/providers/dns/regru/internal/client.go +++ b/providers/dns/regru/internal/client.go @@ -76,17 +76,14 @@ func (c Client) AddTXTRecord(ctx context.Context, domain, subDomain, content str func (c Client) doRequest(ctx context.Context, request any, fragments ...string) (*APIResponse, error) { endpoint := c.baseURL.JoinPath(fragments...) - query := endpoint.Query() - query.Set("username", c.username) - query.Set("password", c.password) - endpoint.RawQuery = query.Encode() - inputData, err := json.Marshal(request) if err != nil { return nil, fmt.Errorf("failed to create input data: %w", err) } data := url.Values{} + data.Set("username", c.username) + data.Set("password", c.password) data.Set("input_data", string(inputData)) data.Set("input_format", "json") diff --git a/providers/dns/regru/regru.toml b/providers/dns/regru/regru.toml index 5bdb2c9870..16d8e4e3a8 100644 --- a/providers/dns/regru/regru.toml +++ b/providers/dns/regru/regru.toml @@ -7,7 +7,7 @@ Since = "v3.5.0" Example = ''' REGRU_USERNAME=xxxxxx \ REGRU_PASSWORD=yyyyyy \ -lego --email you@example.com --dns regru --domains my.example.org run +lego --email you@example.com --dns regru -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/rfc2136/internal/fixtures/invalid_field.conf b/providers/dns/rfc2136/internal/fixtures/invalid_field.conf new file mode 100644 index 0000000000..07c6a7be24 --- /dev/null +++ b/providers/dns/rfc2136/internal/fixtures/invalid_field.conf @@ -0,0 +1,4 @@ +key "example.com" { + algorithm; + secret "TCG5A6/lOHUGbW0e/9RYYbzWDFMlj1pIxCvybLBayBg="; +}; diff --git a/providers/dns/rfc2136/internal/fixtures/invalid_key.conf b/providers/dns/rfc2136/internal/fixtures/invalid_key.conf new file mode 100644 index 0000000000..965888eaeb --- /dev/null +++ b/providers/dns/rfc2136/internal/fixtures/invalid_key.conf @@ -0,0 +1,4 @@ +key { + algorithm hmac-sha256; + secret "TCG5A6/lOHUGbW0e/9RYYbzWDFMlj1pIxCvybLBayBg="; +}; diff --git a/providers/dns/rfc2136/internal/fixtures/mising_algo.conf b/providers/dns/rfc2136/internal/fixtures/mising_algo.conf new file mode 100644 index 0000000000..530323172d --- /dev/null +++ b/providers/dns/rfc2136/internal/fixtures/mising_algo.conf @@ -0,0 +1,3 @@ +key "example.com" { + secret "TCG5A6/lOHUGbW0e/9RYYbzWDFMlj1pIxCvybLBayBg="; +}; diff --git a/providers/dns/rfc2136/internal/fixtures/missing_secret.conf b/providers/dns/rfc2136/internal/fixtures/missing_secret.conf new file mode 100644 index 0000000000..f45eeac300 --- /dev/null +++ b/providers/dns/rfc2136/internal/fixtures/missing_secret.conf @@ -0,0 +1,3 @@ +key "example.com" { + algorithm hmac-sha256; +}; diff --git a/providers/dns/rfc2136/internal/fixtures/sample.conf b/providers/dns/rfc2136/internal/fixtures/sample.conf new file mode 100644 index 0000000000..6e249e8a58 --- /dev/null +++ b/providers/dns/rfc2136/internal/fixtures/sample.conf @@ -0,0 +1,4 @@ +key "example.com" { + algorithm hmac-sha256; + secret "TCG5A6/lOHUGbW0e/9RYYbzWDFMlj1pIxCvybLBayBg="; +}; diff --git a/providers/dns/rfc2136/internal/fixtures/text_after.conf b/providers/dns/rfc2136/internal/fixtures/text_after.conf new file mode 100644 index 0000000000..9b1cf8e587 --- /dev/null +++ b/providers/dns/rfc2136/internal/fixtures/text_after.conf @@ -0,0 +1,9 @@ +key "example.com" { + algorithm hmac-sha256; + secret "TCG5A6/lOHUGbW0e/9RYYbzWDFMlj1pIxCvybLBayBg="; +}; + +key "example.org" { + algorithm hmac-sha512; + secret "v6CkK3gop6HXj4+dcWiLXLGSYKVY5J1cTMjDsdl/Ah9B8aWfTgjwFBoHHyiHWSyvwWPDuEIRs2Pqm8nedca4+g=="; +}; diff --git a/providers/dns/rfc2136/internal/fixtures/text_before.conf b/providers/dns/rfc2136/internal/fixtures/text_before.conf new file mode 100644 index 0000000000..0a8415b21e --- /dev/null +++ b/providers/dns/rfc2136/internal/fixtures/text_before.conf @@ -0,0 +1,8 @@ +foo { + bar example; +}; + +key "example.com" { + algorithm hmac-sha256; + secret "TCG5A6/lOHUGbW0e/9RYYbzWDFMlj1pIxCvybLBayBg="; +}; diff --git a/providers/dns/rfc2136/internal/readme.md b/providers/dns/rfc2136/internal/readme.md new file mode 100644 index 0000000000..d0ecae7f49 --- /dev/null +++ b/providers/dns/rfc2136/internal/readme.md @@ -0,0 +1,10 @@ +# TSIG Key File + +How to generate example: + +```console +$ docker run --rm -it -v $(pwd):/app -w /app alpine sh +/app # apk add bind +/app # tsig-keygen example.com > sample1.conf +/app # tsig-keygen -a hmac-sha512 example.com > sample2.conf +``` diff --git a/providers/dns/rfc2136/internal/tsigkey.go b/providers/dns/rfc2136/internal/tsigkey.go new file mode 100644 index 0000000000..b4672f44dd --- /dev/null +++ b/providers/dns/rfc2136/internal/tsigkey.go @@ -0,0 +1,89 @@ +package internal + +import ( + "bufio" + "fmt" + "os" + "strings" +) + +type Key struct { + Name string + Algorithm string + Secret string +} + +// ReadTSIGFile reads TSIG key file generated with `tsig-keygen`. +func ReadTSIGFile(filename string) (*Key, error) { + file, err := os.Open(filename) + if err != nil { + return nil, fmt.Errorf("open file: %w", err) + } + + defer func() { _ = file.Close() }() + + key := &Key{} + + var read bool + + scanner := bufio.NewScanner(file) + for scanner.Scan() { + line := strings.TrimSpace(strings.TrimSuffix(scanner.Text(), ";")) + + if line == "" { + continue + } + + if read && line == "}" { + break + } + + fields := strings.Fields(line) + + switch { + case fields[0] == "key": + read = true + + if len(fields) != 3 { + return nil, fmt.Errorf("invalid key line: %s", line) + } + + key.Name = safeUnquote(fields[1]) + + case !read: + continue + + default: + if len(fields) != 2 { + continue + } + + v := safeUnquote(fields[1]) + + switch safeUnquote(fields[0]) { + case "algorithm": + key.Algorithm = v + case "secret": + key.Secret = v + default: + continue + } + } + } + + return key, nil +} + +func safeUnquote(v string) string { + if len(v) < 2 { + // empty or single character string + return v + } + + if v[0] == '"' && v[len(v)-1] == '"' { + // string wrapped in quotes + return v[1 : len(v)-1] + } + + return v +} diff --git a/providers/dns/rfc2136/internal/tsigkey_test.go b/providers/dns/rfc2136/internal/tsigkey_test.go new file mode 100644 index 0000000000..4ed7f66168 --- /dev/null +++ b/providers/dns/rfc2136/internal/tsigkey_test.go @@ -0,0 +1,95 @@ +package internal + +import ( + "path/filepath" + "runtime" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestReadTSIGFile(t *testing.T) { + testCases := []struct { + desc string + filename string + expected *Key + }{ + { + desc: "basic", + filename: "sample.conf", + expected: &Key{Name: "example.com", Algorithm: "hmac-sha256", Secret: "TCG5A6/lOHUGbW0e/9RYYbzWDFMlj1pIxCvybLBayBg="}, + }, + { + desc: "data before the key", + filename: "text_before.conf", + expected: &Key{Name: "example.com", Algorithm: "hmac-sha256", Secret: "TCG5A6/lOHUGbW0e/9RYYbzWDFMlj1pIxCvybLBayBg="}, + }, + { + desc: "data after the key", + filename: "text_after.conf", + expected: &Key{Name: "example.com", Algorithm: "hmac-sha256", Secret: "TCG5A6/lOHUGbW0e/9RYYbzWDFMlj1pIxCvybLBayBg="}, + }, + { + desc: "ignore missing secret", + filename: "missing_secret.conf", + expected: &Key{Name: "example.com", Algorithm: "hmac-sha256"}, + }, + { + desc: "ignore missing algorithm", + filename: "mising_algo.conf", + expected: &Key{Name: "example.com", Secret: "TCG5A6/lOHUGbW0e/9RYYbzWDFMlj1pIxCvybLBayBg="}, + }, + { + desc: "ignore invalid field format", + filename: "invalid_field.conf", + expected: &Key{Name: "example.com", Secret: "TCG5A6/lOHUGbW0e/9RYYbzWDFMlj1pIxCvybLBayBg="}, + }, + } + + for _, test := range testCases { + t.Run(test.desc, func(t *testing.T) { + t.Parallel() + + key, err := ReadTSIGFile(filepath.Join("fixtures", test.filename)) + require.NoError(t, err) + + assert.Equal(t, test.expected, key) + }) + } +} + +func TestReadTSIGFile_error(t *testing.T) { + if runtime.GOOS != "linux" { + // Because error messages are different on Windows. + t.Skip("only for UNIX systems") + } + + testCases := []struct { + desc string + filename string + expected string + }{ + { + desc: "missing file", + filename: "missing.conf", + expected: "open file: open fixtures/missing.conf: no such file or directory", + }, + { + desc: "invalid key format", + filename: "invalid_key.conf", + expected: "invalid key line: key {", + }, + } + + for _, test := range testCases { + t.Run(test.desc, func(t *testing.T) { + t.Parallel() + + _, err := ReadTSIGFile(filepath.Join("fixtures", test.filename)) + require.Error(t, err) + + require.EqualError(t, err, test.expected) + }) + } +} diff --git a/providers/dns/rfc2136/rfc2136.go b/providers/dns/rfc2136/rfc2136.go index 8a7dedc803..bd1d58a0cf 100644 --- a/providers/dns/rfc2136/rfc2136.go +++ b/providers/dns/rfc2136/rfc2136.go @@ -10,6 +10,7 @@ import ( "github.com/go-acme/lego/v4/challenge/dns01" "github.com/go-acme/lego/v4/platform/config/env" + "github.com/go-acme/lego/v4/providers/dns/rfc2136/internal" "github.com/miekg/dns" ) @@ -17,11 +18,14 @@ import ( const ( envNamespace = "RFC2136_" + EnvTSIGFile = envNamespace + "TSIG_FILE" + EnvTSIGKey = envNamespace + "TSIG_KEY" EnvTSIGSecret = envNamespace + "TSIG_SECRET" EnvTSIGAlgorithm = envNamespace + "TSIG_ALGORITHM" - EnvNameserver = envNamespace + "NAMESERVER" - EnvDNSTimeout = envNamespace + "DNS_TIMEOUT" + + EnvNameserver = envNamespace + "NAMESERVER" + EnvDNSTimeout = envNamespace + "DNS_TIMEOUT" EnvTTL = envNamespace + "TTL" EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT" @@ -31,10 +35,14 @@ const ( // Config is used to configure the creation of the DNSProvider. type Config struct { - Nameserver string - TSIGAlgorithm string - TSIGKey string - TSIGSecret string + Nameserver string + + TSIGFile string + + TSIGAlgorithm string + TSIGKey string + TSIGSecret string + PropagationTimeout time.Duration PollingInterval time.Duration TTL int @@ -76,6 +84,9 @@ func NewDNSProvider() (*DNSProvider, error) { config := NewDefaultConfig() config.Nameserver = values[EnvNameserver] + + config.TSIGFile = env.GetOrDefaultString(EnvTSIGFile, "") + config.TSIGKey = env.GetOrFile(EnvTSIGKey) config.TSIGSecret = env.GetOrFile(EnvTSIGSecret) @@ -92,8 +103,15 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) { return nil, errors.New("rfc2136: nameserver missing") } - if config.TSIGAlgorithm == "" { - config.TSIGAlgorithm = dns.HmacSHA1 + if config.TSIGFile != "" { + key, err := internal.ReadTSIGFile(config.TSIGFile) + if err != nil { + return nil, fmt.Errorf("rfc2136: read TSIG file %s: %w", config.TSIGFile, err) + } + + config.TSIGAlgorithm = key.Algorithm + config.TSIGKey = key.Name + config.TSIGSecret = key.Secret } // Append the default DNS port if none is specified. @@ -108,6 +126,23 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) { if config.TSIGKey == "" || config.TSIGSecret == "" { config.TSIGKey = "" config.TSIGSecret = "" + } else { + // zonename must be in canonical form (lowercase, fqdn, see RFC 4034 Section 6.2) + config.TSIGKey = strings.ToLower(dns.Fqdn(config.TSIGKey)) + } + + if config.TSIGAlgorithm == "" { + config.TSIGAlgorithm = dns.HmacSHA1 + } else { + // To be compatible with https://github.com/miekg/dns/blob/master/tsig.go + config.TSIGAlgorithm = dns.Fqdn(config.TSIGAlgorithm) + } + + switch config.TSIGAlgorithm { + case dns.HmacSHA1, dns.HmacSHA224, dns.HmacSHA256, dns.HmacSHA384, dns.HmacSHA512: + // valid algorithm + default: + return nil, fmt.Errorf("rfc2136: unsupported TSIG algorithm: %s", config.TSIGAlgorithm) } return &DNSProvider{config: config}, nil @@ -179,13 +214,10 @@ func (d *DNSProvider) changeRecord(action, fqdn, value string, ttl int) error { // TSIG authentication / msg signing if d.config.TSIGKey != "" && d.config.TSIGSecret != "" { - key := strings.ToLower(dns.Fqdn(d.config.TSIGKey)) - alg := dns.Fqdn(d.config.TSIGAlgorithm) - m.SetTsig(key, alg, 300, time.Now().Unix()) + m.SetTsig(d.config.TSIGKey, d.config.TSIGAlgorithm, 300, time.Now().Unix()) - // secret(s) for Tsig map[], - // zonename must be in canonical form (lowercase, fqdn, see RFC 4034 Section 6.2) - c.TsigSecret = map[string]string{key: d.config.TSIGSecret} + // Secret(s) for TSIG map[]. + c.TsigSecret = map[string]string{d.config.TSIGKey: d.config.TSIGSecret} } // Send the query diff --git a/providers/dns/rfc2136/rfc2136.toml b/providers/dns/rfc2136/rfc2136.toml index 4125aa5572..df313fde77 100644 --- a/providers/dns/rfc2136/rfc2136.toml +++ b/providers/dns/rfc2136/rfc2136.toml @@ -6,29 +6,28 @@ Since = "v0.3.0" Example = ''' RFC2136_NAMESERVER=127.0.0.1 \ -RFC2136_TSIG_KEY=lego \ +RFC2136_TSIG_KEY=example.com \ RFC2136_TSIG_ALGORITHM=hmac-sha256. \ RFC2136_TSIG_SECRET=YWJjZGVmZGdoaWprbG1ub3BxcnN0dXZ3eHl6MTIzNDU= \ -lego --email you@example.com --dns rfc2136 --domains my.example.org run +lego --email you@example.com --dns rfc2136 -d '*.example.com' -d example.com run ## --- -keyname=lego; keyfile=lego.key; tsig-keygen $keyname > $keyfile +keyname=example.com; keyfile=example.com.key; tsig-keygen $keyname > $keyfile RFC2136_NAMESERVER=127.0.0.1 \ -RFC2136_TSIG_KEY="$keyname" \ -RFC2136_TSIG_ALGORITHM="$( awk -F'[ ";]' '/algorithm/ { print $2 }' $keyfile )." \ -RFC2136_TSIG_SECRET="$( awk -F'[ ";]' '/secret/ { print $3 }' $keyfile )" \ -lego --email you@example.com --dns rfc2136 --domains my.example.org run +RFC2136_TSIG_FILE="$keyfile" \ +lego --email you@example.com --dns rfc2136 -d '*.example.com' -d example.com run ''' [Configuration] [Configuration.Credentials] - RFC2136_TSIG_KEY = "Name of the secret key as defined in DNS server configuration. To disable TSIG authentication, leave the `RFC2136_TSIG*` variables unset." - RFC2136_TSIG_SECRET = "Secret key payload. To disable TSIG authentication, leave the` RFC2136_TSIG*` variables unset." - RFC2136_TSIG_ALGORITHM = "TSIG algorithm. See [miekg/dns#tsig.go](https://github.com/miekg/dns/blob/master/tsig.go) for supported values. To disable TSIG authentication, leave the `RFC2136_TSIG*` variables unset." + RFC2136_TSIG_KEY = "Name of the secret key as defined in DNS server configuration. To disable TSIG authentication, leave the `RFC2136_TSIG_KEY` variable unset." + RFC2136_TSIG_SECRET = "Secret key payload. To disable TSIG authentication, leave the `RFC2136_TSIG_SECRET` variable unset." + RFC2136_TSIG_ALGORITHM = "TSIG algorithm. See [miekg/dns#tsig.go](https://github.com/miekg/dns/blob/master/tsig.go) for supported values. To disable TSIG authentication, leave the `RFC2136_TSIG_KEY` or `RFC2136_TSIG_SECRET` variables unset." RFC2136_NAMESERVER = 'Network address in the form "host" or "host:port"' [Configuration.Additional] + RFC2136_TSIG_FILE = "Path to a key file generated by tsig-keygen" RFC2136_POLLING_INTERVAL = "Time between DNS propagation check" RFC2136_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" RFC2136_TTL = "The TTL of the TXT record used for the DNS challenge" diff --git a/providers/dns/rfc2136/rfc2136_test.go b/providers/dns/rfc2136/rfc2136_test.go index 235ce4e4e5..80fdc69cbd 100644 --- a/providers/dns/rfc2136/rfc2136_test.go +++ b/providers/dns/rfc2136/rfc2136_test.go @@ -10,6 +10,7 @@ import ( "time" "github.com/go-acme/lego/v4/challenge/dns01" + "github.com/go-acme/lego/v4/platform/tester" "github.com/miekg/dns" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" @@ -26,6 +27,142 @@ const ( fakeTsigSecret = "IwBTJx9wrDp4Y1RyC3H0gA==" ) +const envDomain = envNamespace + "DOMAIN" + +var envTest = tester.NewEnvTest( + EnvTSIGFile, + EnvTSIGKey, + EnvTSIGSecret, + EnvTSIGAlgorithm, + EnvNameserver, + EnvDNSTimeout, +).WithDomain(envDomain) + +func TestNewDNSProvider(t *testing.T) { + testCases := []struct { + desc string + envVars map[string]string + expected string + }{ + { + desc: "success", + envVars: map[string]string{ + EnvNameserver: "example.com", + }, + }, + { + desc: "missing nameserver", + envVars: map[string]string{ + EnvNameserver: "", + }, + expected: "rfc2136: some credentials information are missing: RFC2136_NAMESERVER", + }, + { + desc: "invalid algorithm", + envVars: map[string]string{ + EnvNameserver: "example.com", + EnvTSIGKey: "", + EnvTSIGSecret: "", + EnvTSIGAlgorithm: "foo", + }, + expected: "rfc2136: unsupported TSIG algorithm: foo.", + }, + { + desc: "valid TSIG file", + envVars: map[string]string{ + EnvNameserver: "example.com", + EnvTSIGFile: "./internal/fixtures/sample.conf", + }, + }, + { + desc: "invalid TSIG file", + envVars: map[string]string{ + EnvNameserver: "example.com", + EnvTSIGFile: "./internal/fixtures/invalid_key.conf", + }, + expected: "rfc2136: read TSIG file ./internal/fixtures/invalid_key.conf: invalid key line: key {", + }, + } + + for _, test := range testCases { + t.Run(test.desc, func(t *testing.T) { + defer envTest.RestoreEnv() + envTest.ClearEnv() + + envTest.Apply(test.envVars) + + p, err := NewDNSProvider() + + if test.expected == "" { + require.NoError(t, err) + require.NotNil(t, p) + require.NotNil(t, p.config) + } else { + require.EqualError(t, err, test.expected) + } + }) + } +} + +func TestNewDNSProviderConfig(t *testing.T) { + testCases := []struct { + desc string + expected string + nameserver string + tsigFile string + tsigAlgorithm string + tsigKey string + tsigSecret string + }{ + { + desc: "success", + nameserver: "example.com", + }, + { + desc: "missing nameserver", + expected: "rfc2136: nameserver missing", + }, + { + desc: "invalid algorithm", + nameserver: "example.com", + tsigAlgorithm: "foo", + expected: "rfc2136: unsupported TSIG algorithm: foo.", + }, + { + desc: "valid TSIG file", + nameserver: "example.com", + tsigFile: "./internal/fixtures/sample.conf", + }, + { + desc: "invalid TSIG file", + nameserver: "example.com", + tsigFile: "./internal/fixtures/invalid_key.conf", + expected: "rfc2136: read TSIG file ./internal/fixtures/invalid_key.conf: invalid key line: key {", + }, + } + + for _, test := range testCases { + t.Run(test.desc, func(t *testing.T) { + config := NewDefaultConfig() + config.Nameserver = test.nameserver + config.TSIGFile = test.tsigFile + config.TSIGAlgorithm = test.tsigAlgorithm + config.TSIGKey = test.tsigKey + config.TSIGSecret = test.tsigSecret + + p, err := NewDNSProviderConfig(config) + + if test.expected == "" { + require.NoError(t, err) + require.NotNil(t, p) + require.NotNil(t, p.config) + } else { + require.EqualError(t, err, test.expected) + } + }) + } +} + func TestCanaryLocalTestServer(t *testing.T) { dns01.ClearFqdnCache() dns.HandleFunc("example.com.", serverHandlerHello) diff --git a/providers/dns/rimuhosting/rimuhosting.toml b/providers/dns/rimuhosting/rimuhosting.toml index fc5ee5826f..4b4fa5ea7d 100644 --- a/providers/dns/rimuhosting/rimuhosting.toml +++ b/providers/dns/rimuhosting/rimuhosting.toml @@ -6,7 +6,7 @@ Since = "v0.3.5" Example = ''' RIMUHOSTING_API_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns rimuhosting --domains my.example.org run +lego --email you@example.com --dns rimuhosting -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/route53/route53.toml b/providers/dns/route53/route53.toml index da8b489a36..53c1d61d1d 100644 --- a/providers/dns/route53/route53.toml +++ b/providers/dns/route53/route53.toml @@ -9,7 +9,7 @@ AWS_ACCESS_KEY_ID=your_key_id \ AWS_SECRET_ACCESS_KEY=your_secret_access_key \ AWS_REGION=aws-region \ AWS_HOSTED_ZONE_ID=your_hosted_zone_id \ -lego --domains example.com --email your_example@email.com --dns route53 --accept-tos=true run +lego --email you@example.com --dns route53 -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/safedns/safedns.toml b/providers/dns/safedns/safedns.toml index b92e4630f2..11b2a289c5 100644 --- a/providers/dns/safedns/safedns.toml +++ b/providers/dns/safedns/safedns.toml @@ -6,7 +6,7 @@ Since = "v4.6.0" Example = ''' SAFEDNS_AUTH_TOKEN=xxxxxx \ -lego --email you@example.com --dns safedns --domains my.example.org run +lego --email you@example.com --dns safedns -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/sakuracloud/sakuracloud.toml b/providers/dns/sakuracloud/sakuracloud.toml index c6a2eeb909..f86f215e5f 100644 --- a/providers/dns/sakuracloud/sakuracloud.toml +++ b/providers/dns/sakuracloud/sakuracloud.toml @@ -7,7 +7,7 @@ Since = "v1.1.0" Example = ''' SAKURACLOUD_ACCESS_TOKEN=xxxxx \ SAKURACLOUD_ACCESS_TOKEN_SECRET=yyyyy \ -lego --email you@example.com --dns sakuracloud --domains my.example.org run +lego --email you@example.com --dns sakuracloud -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/scaleway/scaleway.toml b/providers/dns/scaleway/scaleway.toml index 569c032f97..a13a34d22a 100644 --- a/providers/dns/scaleway/scaleway.toml +++ b/providers/dns/scaleway/scaleway.toml @@ -6,7 +6,7 @@ Since = "v3.4.0" Example = ''' SCW_SECRET_KEY=xxxxxxx-xxxxx-xxxx-xxx-xxxxxx \ -lego --email you@example.com --dns scaleway --domains my.example.org run +lego --email you@example.com --dns scaleway -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/selectel/selectel.toml b/providers/dns/selectel/selectel.toml index 2b00ee6a97..a37565d4d7 100644 --- a/providers/dns/selectel/selectel.toml +++ b/providers/dns/selectel/selectel.toml @@ -6,7 +6,7 @@ Since = "v1.2.0" Example = ''' SELECTEL_API_TOKEN=xxxxx \ -lego --email you@example.com --dns selectel --domains my.example.org run +lego --email you@example.com --dns selectel -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/selectelv2/selectelv2.go b/providers/dns/selectelv2/selectelv2.go index 8e114e245e..f5bd10c924 100644 --- a/providers/dns/selectelv2/selectelv2.go +++ b/providers/dns/selectelv2/selectelv2.go @@ -14,6 +14,7 @@ import ( "github.com/go-acme/lego/v4/providers/dns/internal/useragent" selectelapi "github.com/selectel/domains-go/pkg/v2" "github.com/selectel/go-selvpcclient/v3/selvpcclient" + "golang.org/x/net/idna" ) const tokenHeader = "X-Auth-Token" @@ -252,7 +253,12 @@ type clientWrapper struct { } func (w *clientWrapper) getZone(ctx context.Context, name string) (*selectelapi.Zone, error) { - params := &map[string]string{"filter": name} + unicodeName, err := idna.ToUnicode(name) + if err != nil { + return nil, fmt.Errorf("to unicode: %w", err) + } + + params := &map[string]string{"filter": unicodeName} zones, err := w.ListZones(ctx, params) if err != nil { @@ -260,13 +266,13 @@ func (w *clientWrapper) getZone(ctx context.Context, name string) (*selectelapi. } for _, zone := range zones.GetItems() { - if zone.Name == dns01.ToFqdn(name) { + if zone.Name == dns01.ToFqdn(unicodeName) { return zone, nil } } if len(strings.Split(dns01.UnFqdn(name), ".")) == 1 { - return nil, errors.New("zone for challenge has not been found") + return nil, fmt.Errorf("zone '%s' for challenge has not been found", name) } // -1 can not be returned since if no dots present we exit above @@ -276,7 +282,12 @@ func (w *clientWrapper) getZone(ctx context.Context, name string) (*selectelapi. } func (w *clientWrapper) getRRset(ctx context.Context, name, zoneID string) (*selectelapi.RRSet, error) { - params := &map[string]string{"name": name, "rrset_types": string(selectelapi.TXT)} + unicodeName, err := idna.ToUnicode(name) + if err != nil { + return nil, fmt.Errorf("to unicode: %w", err) + } + + params := &map[string]string{"name": unicodeName, "rrset_types": string(selectelapi.TXT)} resp, err := w.ListRRSets(ctx, zoneID, params) if err != nil { @@ -284,7 +295,7 @@ func (w *clientWrapper) getRRset(ctx context.Context, name, zoneID string) (*sel } for _, rrset := range resp.GetItems() { - if rrset.Name == dns01.ToFqdn(name) { + if rrset.Name == dns01.ToFqdn(unicodeName) { return rrset, nil } } diff --git a/providers/dns/selectelv2/selectelv2.toml b/providers/dns/selectelv2/selectelv2.toml index 7870688bdd..4c06949f48 100644 --- a/providers/dns/selectelv2/selectelv2.toml +++ b/providers/dns/selectelv2/selectelv2.toml @@ -5,11 +5,11 @@ Code = "selectelv2" Since = "v4.17.0" Example = ''' -SELECTEL_USERNAME=trex \ -SELECTEL_PASSWORD=xxxxx \ -SELECTEL_ACCOUNT_ID=1234567 \ -SELECTEL_PROJECT_ID=111a11111aaa11aa1a11aaa11111aa1a \ -lego --email you@example.com --dns selectelv2 --domains my.example.org run +SELECTELV2_USERNAME=trex \ +SELECTELV2_PASSWORD=xxxxx \ +SELECTELV2_ACCOUNT_ID=1234567 \ +SELECTELV2_PROJECT_ID=111a11111aaa11aa1a11aaa11111aa1a \ +lego --email you@example.com --dns selectelv2 -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/selfhostde/selfhostde.toml b/providers/dns/selfhostde/selfhostde.toml index 72ddad2975..eba96fce26 100644 --- a/providers/dns/selfhostde/selfhostde.toml +++ b/providers/dns/selfhostde/selfhostde.toml @@ -8,7 +8,7 @@ Example = ''' SELFHOSTDE_USERNAME=xxx \ SELFHOSTDE_PASSWORD=yyy \ SELFHOSTDE_RECORDS_MAPPING=my.example.com:123 \ -lego --email you@example.com --dns selfhostde --domains my.example.org run +lego --email you@example.com --dns selfhostde -d '*.example.com' -d example.com run ''' Additional = """ diff --git a/providers/dns/servercow/servercow.toml b/providers/dns/servercow/servercow.toml index 670ca6b141..e9ec36be91 100644 --- a/providers/dns/servercow/servercow.toml +++ b/providers/dns/servercow/servercow.toml @@ -7,7 +7,7 @@ Since = "v3.4.0" Example = ''' SERVERCOW_USERNAME=xxxxxxxx \ SERVERCOW_PASSWORD=xxxxxxxx \ -lego --email you@example.com --dns servercow --domains my.example.org run +lego --email you@example.com --dns servercow -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/shellrent/shellrent.toml b/providers/dns/shellrent/shellrent.toml index 5c63db19f7..1e19e2d0df 100644 --- a/providers/dns/shellrent/shellrent.toml +++ b/providers/dns/shellrent/shellrent.toml @@ -7,7 +7,7 @@ Since = "v4.16.0" Example = ''' SHELLRENT_USERNAME=xxxx \ SHELLRENT_TOKEN=yyyy \ -lego --email you@example.com --dns shellrent --domains my.example.org run +lego --email you@example.com --dns shellrent -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/simply/simply.toml b/providers/dns/simply/simply.toml index 4b6c0cd02b..15cf7feb2d 100644 --- a/providers/dns/simply/simply.toml +++ b/providers/dns/simply/simply.toml @@ -7,7 +7,7 @@ Since = "v4.4.0" Example = ''' SIMPLY_ACCOUNT_NAME=xxxxxx \ SIMPLY_API_KEY=yyyyyy \ -lego --email you@example.com --dns simply --domains my.example.org run +lego --email you@example.com --dns simply -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/sonic/sonic.toml b/providers/dns/sonic/sonic.toml index c4ba74dd50..f871d3f94f 100644 --- a/providers/dns/sonic/sonic.toml +++ b/providers/dns/sonic/sonic.toml @@ -7,7 +7,7 @@ Since = "v4.4.0" Example = ''' SONIC_USER_ID=12345 \ SONIC_API_KEY=4d6fbf2f9ab0fa11697470918d37625851fc0c51 \ -lego --email you@example.com --dns sonic --domains my.example.org run +lego --email you@example.com --dns sonic -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/stackpath/stackpath.toml b/providers/dns/stackpath/stackpath.toml index 63182625d7..307922ee23 100644 --- a/providers/dns/stackpath/stackpath.toml +++ b/providers/dns/stackpath/stackpath.toml @@ -8,7 +8,7 @@ Example = ''' STACKPATH_CLIENT_ID=xxxxx \ STACKPATH_CLIENT_SECRET=yyyyy \ STACKPATH_STACK_ID=zzzzz \ -lego --email you@example.com --dns stackpath --domains my.example.org run +lego --email you@example.com --dns stackpath -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/technitium/internal/client.go b/providers/dns/technitium/internal/client.go new file mode 100644 index 0000000000..312892e5ac --- /dev/null +++ b/providers/dns/technitium/internal/client.go @@ -0,0 +1,158 @@ +package internal + +import ( + "context" + "encoding/json" + "errors" + "fmt" + "io" + "net/http" + "net/url" + "strings" + "time" + + "github.com/go-acme/lego/v4/providers/dns/internal/errutils" + querystring "github.com/google/go-querystring/query" +) + +const statusSuccess = "ok" + +// Client the Technitium API client. +type Client struct { + apiToken string + + baseURL *url.URL + HTTPClient *http.Client +} + +// NewClient creates a new Client. +func NewClient(baseURL, apiToken string) (*Client, error) { + if apiToken == "" { + return nil, errors.New("missing credentials") + } + + if baseURL == "" { + return nil, errors.New("missing server URL") + } + + apiEndpoint, err := url.Parse(baseURL) + if err != nil { + return nil, err + } + + return &Client{ + apiToken: apiToken, + baseURL: apiEndpoint, + HTTPClient: &http.Client{Timeout: 10 * time.Second}, + }, nil +} + +// AddRecord adds a resource record for an authoritative zone. +// https://github.com/TechnitiumSoftware/DnsServer/blob/master/APIDOCS.md#add-record +func (c *Client) AddRecord(ctx context.Context, record Record) (*Record, error) { + endpoint := c.baseURL.JoinPath("api", "zones", "records", "add") + + req, err := c.newFormRequest(ctx, endpoint, record) + if err != nil { + return nil, fmt.Errorf("create request: %w", err) + } + + result := &APIResponse[AddRecordResponse]{} + + err = c.do(req, result) + if err != nil { + return nil, err + } + + if result.Status != statusSuccess { + return nil, result + } + + return result.Response.AddedRecord, nil +} + +// DeleteRecord deletes a record from an authoritative zone. +// https://github.com/TechnitiumSoftware/DnsServer/blob/master/APIDOCS.md#delete-record +func (c *Client) DeleteRecord(ctx context.Context, record Record) error { + endpoint := c.baseURL.JoinPath("api", "zones", "records", "delete") + + req, err := c.newFormRequest(ctx, endpoint, record) + if err != nil { + return fmt.Errorf("create request: %w", err) + } + + result := &APIResponse[any]{} + + err = c.do(req, result) + if err != nil { + return err + } + + if result.Status != statusSuccess { + return result + } + + return nil +} + +func (c *Client) do(req *http.Request, result any) error { + resp, err := c.HTTPClient.Do(req) + if err != nil { + return errutils.NewHTTPDoError(req, err) + } + + defer func() { _ = resp.Body.Close() }() + + if resp.StatusCode > http.StatusBadRequest { + return parseError(req, resp) + } + + raw, err := io.ReadAll(resp.Body) + if err != nil { + return errutils.NewReadResponseError(req, resp.StatusCode, err) + } + + err = json.Unmarshal(raw, result) + if err != nil { + return errutils.NewUnmarshalError(req, resp.StatusCode, raw, err) + } + + return nil +} + +func (c *Client) newFormRequest(ctx context.Context, endpoint *url.URL, payload any) (*http.Request, error) { + values := url.Values{} + + if payload != nil { + var err error + values, err = querystring.Values(payload) + if err != nil { + return nil, fmt.Errorf("failed to create request body: %w", err) + } + } + + values.Set("token", c.apiToken) + + req, err := http.NewRequestWithContext(ctx, http.MethodPost, endpoint.String(), strings.NewReader(values.Encode())) + if err != nil { + return nil, fmt.Errorf("unable to create request: %w", err) + } + + if payload != nil { + req.Header.Set("Content-Type", "application/x-www-form-urlencoded") + } + + return req, nil +} + +func parseError(req *http.Request, resp *http.Response) error { + raw, _ := io.ReadAll(resp.Body) + + var errAPI APIResponse[any] + err := json.Unmarshal(raw, &errAPI) + if err != nil { + return errutils.NewUnexpectedStatusCodeError(req, resp.StatusCode, raw) + } + + return &errAPI +} diff --git a/providers/dns/technitium/internal/client_test.go b/providers/dns/technitium/internal/client_test.go new file mode 100644 index 0000000000..326c1e8ebd --- /dev/null +++ b/providers/dns/technitium/internal/client_test.go @@ -0,0 +1,105 @@ +package internal + +import ( + "context" + "io" + "net/http" + "net/http/httptest" + "os" + "path/filepath" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func setupTest(t *testing.T, pattern string, filename string) *Client { + t.Helper() + + mux := http.NewServeMux() + server := httptest.NewServer(mux) + t.Cleanup(server.Close) + + mux.HandleFunc(pattern, func(rw http.ResponseWriter, req *http.Request) { + file, err := os.Open(filepath.Join("fixtures", filename)) + if err != nil { + http.Error(rw, err.Error(), http.StatusInternalServerError) + return + } + + defer func() { _ = file.Close() }() + + _, err = io.Copy(rw, file) + if err != nil { + http.Error(rw, err.Error(), http.StatusInternalServerError) + return + } + }) + + client, err := NewClient(server.URL, "secret") + require.NoError(t, err) + + client.HTTPClient = server.Client() + + return client +} + +func TestClient_AddRecord(t *testing.T) { + client := setupTest(t, "POST /api/zones/records/add", "add-record.json") + + record := Record{ + Domain: "_acme-challenge.example.com", + Type: "TXT", + Text: "txtTXTtxt", + } + + newRecord, err := client.AddRecord(context.Background(), record) + require.NoError(t, err) + + expected := &Record{Name: "example.com", Type: "A"} + + assert.Equal(t, expected, newRecord) +} + +func TestClient_AddRecord_error(t *testing.T) { + client := setupTest(t, "POST /api/zones/records/add", "error.json") + + record := Record{ + Domain: "_acme-challenge.example.com", + Type: "TXT", + Text: "txtTXTtxt", + } + + _, err := client.AddRecord(context.Background(), record) + require.Error(t, err) + + assert.EqualError(t, err, "Status: error, ErrorMessage: error message, StackTrace: application stack trace, InnerErrorMessage: inner exception message") +} + +func TestClient_DeleteRecord(t *testing.T) { + client := setupTest(t, "POST /api/zones/records/delete", "delete-record.json") + + record := Record{ + Domain: "_acme-challenge.example.com", + Type: "TXT", + Text: "txtTXTtxt", + } + + err := client.DeleteRecord(context.Background(), record) + require.NoError(t, err) +} + +func TestClient_DeleteRecord_error(t *testing.T) { + client := setupTest(t, "POST /api/zones/records/delete", "error.json") + + record := Record{ + Domain: "_acme-challenge.example.com", + Type: "TXT", + Text: "txtTXTtxt", + } + + err := client.DeleteRecord(context.Background(), record) + require.Error(t, err) + + assert.EqualError(t, err, "Status: error, ErrorMessage: error message, StackTrace: application stack trace, InnerErrorMessage: inner exception message") +} diff --git a/providers/dns/technitium/internal/fixtures/add-record.json b/providers/dns/technitium/internal/fixtures/add-record.json new file mode 100644 index 0000000000..a57f318a32 --- /dev/null +++ b/providers/dns/technitium/internal/fixtures/add-record.json @@ -0,0 +1,23 @@ +{ + "response": { + "zone": { + "name": "example.com", + "type": "Primary", + "internal": false, + "dnssecStatus": "SignedWithNSEC", + "disabled": false + }, + "addedRecord": { + "disabled": false, + "name": "example.com", + "type": "A", + "ttl": 3600, + "rData": { + "ipAddress": "3.3.3.3" + }, + "dnssecStatus": "Unknown", + "lastUsedOn": "0001-01-01T00:00:00" + } + }, + "status": "ok" +} diff --git a/providers/dns/technitium/internal/fixtures/delete-record.json b/providers/dns/technitium/internal/fixtures/delete-record.json new file mode 100644 index 0000000000..a1c51a5d0e --- /dev/null +++ b/providers/dns/technitium/internal/fixtures/delete-record.json @@ -0,0 +1,4 @@ +{ + "response": {}, + "status": "ok" +} diff --git a/providers/dns/technitium/internal/fixtures/error.json b/providers/dns/technitium/internal/fixtures/error.json new file mode 100644 index 0000000000..6440cde844 --- /dev/null +++ b/providers/dns/technitium/internal/fixtures/error.json @@ -0,0 +1,6 @@ +{ + "status": "error", + "errorMessage": "error message", + "stackTrace": "application stack trace", + "innerErrorMessage": "inner exception message" +} diff --git a/providers/dns/technitium/internal/types.go b/providers/dns/technitium/internal/types.go new file mode 100644 index 0000000000..29872cd3bc --- /dev/null +++ b/providers/dns/technitium/internal/types.go @@ -0,0 +1,48 @@ +package internal + +import "fmt" + +type APIResponse[T any] struct { + Status string `json:"status"` // ok/error/invalid-token + + Response T `json:"response"` + + ErrorMessage string `json:"errorMessage"` + StackTrace string `json:"stackTrace"` + InnerErrorMessage string `json:"innerErrorMessage"` +} + +func (a *APIResponse[T]) Error() string { + msg := fmt.Sprintf("Status: %s", a.Status) + + if a.ErrorMessage != "" { + msg += fmt.Sprintf(", ErrorMessage: %s", a.ErrorMessage) + } + + if a.StackTrace != "" { + msg += fmt.Sprintf(", StackTrace: %s", a.StackTrace) + } + + if a.InnerErrorMessage != "" { + msg += fmt.Sprintf(", InnerErrorMessage: %s", a.InnerErrorMessage) + } + + return msg +} + +type AddRecordResponse struct { + Zone *Zone `json:"zone"` + AddedRecord *Record `json:"addedRecord"` +} + +type Record struct { + Name string `json:"name,omitempty" url:"-"` + Domain string `json:"domain,omitempty" url:"domain"` + Type string `json:"type,omitempty" url:"type"` + Text string `json:"text,omitempty" url:"text"` +} + +type Zone struct { + Name string `json:"name"` + Type string `json:"type"` +} diff --git a/providers/dns/technitium/technitium.go b/providers/dns/technitium/technitium.go new file mode 100644 index 0000000000..8ee3ccc067 --- /dev/null +++ b/providers/dns/technitium/technitium.go @@ -0,0 +1,133 @@ +// Package technitium implements a DNS provider for solving the DNS-01 challenge using Technitium. +package technitium + +import ( + "context" + "errors" + "fmt" + "net/http" + "time" + + "github.com/go-acme/lego/v4/challenge/dns01" + "github.com/go-acme/lego/v4/platform/config/env" + "github.com/go-acme/lego/v4/providers/dns/technitium/internal" +) + +// Environment variables names. +const ( + envNamespace = "TECHNITIUM_" + + EnvServerBaseURL = envNamespace + "SERVER_BASE_URL" + EnvAPIToken = envNamespace + "API_TOKEN" + + EnvTTL = envNamespace + "TTL" + EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT" + EnvPollingInterval = envNamespace + "POLLING_INTERVAL" + EnvHTTPTimeout = envNamespace + "HTTP_TIMEOUT" +) + +// Config is used to configure the creation of the DNSProvider. +type Config struct { + BaseURL string + APIToken string + + PropagationTimeout time.Duration + PollingInterval time.Duration + TTL int + HTTPClient *http.Client +} + +// NewDefaultConfig returns a default configuration for the DNSProvider. +func NewDefaultConfig() *Config { + return &Config{ + TTL: env.GetOrDefaultInt(EnvTTL, dns01.DefaultTTL), + PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, dns01.DefaultPropagationTimeout), + PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, dns01.DefaultPollingInterval), + HTTPClient: &http.Client{ + Timeout: env.GetOrDefaultSecond(EnvHTTPTimeout, 30*time.Second), + }, + } +} + +// DNSProvider implements the challenge.Provider interface. +type DNSProvider struct { + config *Config + client *internal.Client +} + +// NewDNSProvider returns a DNSProvider instance configured for Technitium. +func NewDNSProvider() (*DNSProvider, error) { + values, err := env.Get(EnvServerBaseURL, EnvAPIToken) + if err != nil { + return nil, fmt.Errorf("technitium: %w", err) + } + + config := NewDefaultConfig() + config.BaseURL = values[EnvServerBaseURL] + config.APIToken = values[EnvAPIToken] + + return NewDNSProviderConfig(config) +} + +// NewDNSProviderConfig return a DNSProvider instance configured for Technitium. +func NewDNSProviderConfig(config *Config) (*DNSProvider, error) { + if config == nil { + return nil, errors.New("technitium: the configuration of the DNS provider is nil") + } + + client, err := internal.NewClient(config.BaseURL, config.APIToken) + if err != nil { + return nil, fmt.Errorf("technitium: %w", err) + } + + if config.HTTPClient != nil { + client.HTTPClient = config.HTTPClient + } + + return &DNSProvider{ + config: config, + client: client, + }, nil +} + +// Present creates a TXT record using the specified parameters. +func (d *DNSProvider) Present(domain, token, keyAuth string) error { + info := dns01.GetChallengeInfo(domain, keyAuth) + + record := internal.Record{ + Domain: info.EffectiveFQDN, + Type: "TXT", + Text: info.Value, + } + + _, err := d.client.AddRecord(context.Background(), record) + if err != nil { + return fmt.Errorf("technitium: add record: %w", err) + } + + return nil +} + +// CleanUp removes the TXT record matching the specified parameters. +func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error { + info := dns01.GetChallengeInfo(domain, keyAuth) + + record := internal.Record{ + Domain: info.EffectiveFQDN, + Type: "TXT", + Text: info.Value, + } + + err := d.client.DeleteRecord(context.Background(), record) + if err != nil { + return fmt.Errorf("technitium: delete record: %w", err) + } + + return nil +} + +// Timeout returns the timeout and interval to use when checking for DNS propagation. +// Adjusting here to cope with spikes in propagation times. +func (d *DNSProvider) Timeout() (timeout, interval time.Duration) { + return d.config.PropagationTimeout, d.config.PollingInterval +} diff --git a/providers/dns/technitium/technitium.toml b/providers/dns/technitium/technitium.toml new file mode 100644 index 0000000000..54502957f9 --- /dev/null +++ b/providers/dns/technitium/technitium.toml @@ -0,0 +1,33 @@ +Name = "Technitium" +Description = '''''' +URL = "https://technitium.com/" +Code = "technitium" +Since = "v4.20.0" + +Example = ''' +TECHNITIUM_SERVER_BASE_URL="https://localhost:5380" \ +TECHNITIUM_API_TOKEN="xxxxxxxxxxxxxxxxxxxxx" \ +lego --email you@example.com --dns technitium -d '*.example.com' -d example.com run +''' + +Additional = ''' +Technitium DNS Server supports Dynamic Updates (RFC2136) for primary zones, +so you can also use the [RFC2136 provider](https://go-acme.github.io/lego/dns/rfc2136/index.html). + +[RFC2136 provider](https://go-acme.github.io/lego/dns/rfc2136/index.html) is much better compared to the HTTP API option from security perspective. +Technitium recommends to use it in production over the HTTP API. +''' + +[Configuration] + [Configuration.Credentials] + TECHNITIUM_SERVER_BASE_URL = "Server base URL" + TECHNITIUM_API_TOKEN = "API token" + [Configuration.Additional] + TECHNITIUM_POLLING_INTERVAL = "Time between DNS propagation check" + TECHNITIUM_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" + TECHNITIUM_TTL = "The TTL of the TXT record used for the DNS challenge" + TECHNITIUM_HTTP_TIMEOUT = "API request timeout" + +[Links] + API = "https://github.com/TechnitiumSoftware/DnsServer/blob/0f83d23e605956b66ac76921199e241d9cc061bd/APIDOCS.md" + Article = "https://blog.technitium.com/2023/03/" diff --git a/providers/dns/cloudxns/cloudxns_test.go b/providers/dns/technitium/technitium_test.go similarity index 60% rename from providers/dns/cloudxns/cloudxns_test.go rename to providers/dns/technitium/technitium_test.go index 0b3271761e..da50b6fe63 100644 --- a/providers/dns/cloudxns/cloudxns_test.go +++ b/providers/dns/technitium/technitium_test.go @@ -1,8 +1,7 @@ -package cloudxns +package technitium import ( "testing" - "time" "github.com/go-acme/lego/v4/platform/tester" "github.com/stretchr/testify/require" @@ -10,10 +9,7 @@ import ( const envDomain = envNamespace + "DOMAIN" -var envTest = tester.NewEnvTest( - EnvAPIKey, - EnvSecretKey). - WithDomain(envDomain) +var envTest = tester.NewEnvTest(EnvServerBaseURL, EnvAPIToken).WithDomain(envDomain) func TestNewDNSProvider(t *testing.T) { testCases := []struct { @@ -24,33 +20,30 @@ func TestNewDNSProvider(t *testing.T) { { desc: "success", envVars: map[string]string{ - EnvAPIKey: "123", - EnvSecretKey: "456", + EnvServerBaseURL: "https://localhost:5380", + EnvAPIToken: "secret", }, }, { - desc: "missing credentials", + desc: "missing server base URL", envVars: map[string]string{ - EnvAPIKey: "", - EnvSecretKey: "", + EnvServerBaseURL: "", + EnvAPIToken: "secret", }, - expected: "cloudxns: some credentials information are missing: CLOUDXNS_API_KEY,CLOUDXNS_SECRET_KEY", + expected: "technitium: some credentials information are missing: TECHNITIUM_SERVER_BASE_URL", }, { - desc: "missing API key", + desc: "missing token", envVars: map[string]string{ - EnvAPIKey: "", - EnvSecretKey: "456", + EnvServerBaseURL: "https://localhost:5380", + EnvAPIToken: "", }, - expected: "cloudxns: some credentials information are missing: CLOUDXNS_API_KEY", + expected: "technitium: some credentials information are missing: TECHNITIUM_API_TOKEN", }, { - desc: "missing secret key", - envVars: map[string]string{ - EnvAPIKey: "123", - EnvSecretKey: "", - }, - expected: "cloudxns: some credentials information are missing: CLOUDXNS_SECRET_KEY", + desc: "missing credentials", + envVars: map[string]string{}, + expected: "technitium: some credentials information are missing: TECHNITIUM_SERVER_BASE_URL,TECHNITIUM_API_TOKEN", }, } @@ -77,37 +70,37 @@ func TestNewDNSProvider(t *testing.T) { func TestNewDNSProviderConfig(t *testing.T) { testCases := []struct { - desc string - apiKey string - secretKey string - expected string + desc string + baseURL string + token string + expected string }{ { - desc: "success", - apiKey: "123", - secretKey: "456", + desc: "success", + baseURL: "https://localhost:5380", + token: "secret", }, { - desc: "missing credentials", - expected: "cloudxns: credentials missing: apiKey", + desc: "missing server base URL", + token: "secret", + expected: "technitium: missing server URL", }, { - desc: "missing api key", - secretKey: "456", - expected: "cloudxns: credentials missing: apiKey", + desc: "missing token", + baseURL: "https://localhost:5380", + expected: "technitium: missing credentials", }, { - desc: "missing secret key", - apiKey: "123", - expected: "cloudxns: credentials missing: secretKey", + desc: "missing credentials", + expected: "technitium: missing credentials", }, } for _, test := range testCases { t.Run(test.desc, func(t *testing.T) { config := NewDefaultConfig() - config.APIKey = test.apiKey - config.SecretKey = test.secretKey + config.BaseURL = test.baseURL + config.APIToken = test.token p, err := NewDNSProviderConfig(config) @@ -145,8 +138,6 @@ func TestLiveCleanUp(t *testing.T) { provider, err := NewDNSProvider() require.NoError(t, err) - time.Sleep(2 * time.Second) - err = provider.CleanUp(envTest.GetDomain(), "", "123d==") require.NoError(t, err) } diff --git a/providers/dns/tencentcloud/tencentcloud.toml b/providers/dns/tencentcloud/tencentcloud.toml index 4338e1daf6..beb138e917 100644 --- a/providers/dns/tencentcloud/tencentcloud.toml +++ b/providers/dns/tencentcloud/tencentcloud.toml @@ -7,7 +7,7 @@ Since = "v4.6.0" Example = ''' TENCENTCLOUD_SECRET_ID=abcdefghijklmnopqrstuvwx \ TENCENTCLOUD_SECRET_KEY=your-secret-key \ -lego --email you@example.com --dns tencentcloud --domains my.example.org run +lego --email you@example.com --dns tencentcloud -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/timewebcloud/timewebcloud.toml b/providers/dns/timewebcloud/timewebcloud.toml index 67573e2f23..4f8d7e8608 100644 --- a/providers/dns/timewebcloud/timewebcloud.toml +++ b/providers/dns/timewebcloud/timewebcloud.toml @@ -6,7 +6,7 @@ Since = "v4.20.0" Example = ''' TIMEWEBCLOUD_AUTH_TOKEN=xxxxxx \ -lego --email you@example.com --dns timewebcloud --domains my.example.org run +lego --email you@example.com --dns timewebcloud -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/transip/transip.toml b/providers/dns/transip/transip.toml index c4733f4317..47059c551f 100644 --- a/providers/dns/transip/transip.toml +++ b/providers/dns/transip/transip.toml @@ -7,7 +7,7 @@ Since = "v2.0.0" Example = ''' TRANSIP_ACCOUNT_NAME = "Account name" \ TRANSIP_PRIVATE_KEY_PATH = "transip.key" \ -lego --email you@example.com --dns transip --domains my.example.org run +lego --email you@example.com --dns transip -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/ultradns/ultradns.toml b/providers/dns/ultradns/ultradns.toml index 3db63fe7a7..c6ff72eac9 100644 --- a/providers/dns/ultradns/ultradns.toml +++ b/providers/dns/ultradns/ultradns.toml @@ -7,7 +7,7 @@ Since = "v4.10.0" Example = ''' ULTRADNS_USERNAME=username \ ULTRADNS_PASSWORD=password \ -lego --email you@example.com --dns ultradns --domains my.example.org run +lego --email you@example.com --dns ultradns -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/variomedia/variomedia.toml b/providers/dns/variomedia/variomedia.toml index ac3a6674a6..945a6f9f52 100644 --- a/providers/dns/variomedia/variomedia.toml +++ b/providers/dns/variomedia/variomedia.toml @@ -6,7 +6,7 @@ Since = "v4.8.0" Example = ''' VARIOMEDIA_API_TOKEN=xxxx \ -lego --email you@example.com --dns variomedia --domains my.example.org run +lego --email you@example.com --dns variomedia -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/vercel/vercel.toml b/providers/dns/vercel/vercel.toml index 689caba6d9..60df417989 100644 --- a/providers/dns/vercel/vercel.toml +++ b/providers/dns/vercel/vercel.toml @@ -6,7 +6,7 @@ Since = "v4.7.0" Example = ''' VERCEL_API_TOKEN=xxxxxx \ -lego --email you@example.com --dns vercel --domains my.example.org run +lego --email you@example.com --dns vercel -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/versio/versio.toml b/providers/dns/versio/versio.toml index 6f57bc0371..7fc27ebcdb 100644 --- a/providers/dns/versio/versio.toml +++ b/providers/dns/versio/versio.toml @@ -7,7 +7,7 @@ Since = "v2.7.0" Example = ''' VERSIO_USERNAME= \ VERSIO_PASSWORD= \ -lego --email you@example.com --dns versio --domains my.example.org run +lego --email you@example.com --dns versio -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/vinyldns/vinyldns.toml b/providers/dns/vinyldns/vinyldns.toml index 93062619c7..bdd07bae8e 100644 --- a/providers/dns/vinyldns/vinyldns.toml +++ b/providers/dns/vinyldns/vinyldns.toml @@ -8,7 +8,7 @@ Example = ''' VINYLDNS_ACCESS_KEY=xxxxxx \ VINYLDNS_SECRET_KEY=yyyyy \ VINYLDNS_HOST=https://api.vinyldns.example.org:9443 \ -lego --email you@example.com --dns vinyldns --domains my.example.org run +lego --email you@example.com --dns vinyldns -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/vkcloud/vkcloud.toml b/providers/dns/vkcloud/vkcloud.toml index 20beeefd63..8e67e26708 100644 --- a/providers/dns/vkcloud/vkcloud.toml +++ b/providers/dns/vkcloud/vkcloud.toml @@ -8,7 +8,7 @@ Example = ''' VK_CLOUD_PROJECT_ID="" \ VK_CLOUD_USERNAME="" \ VK_CLOUD_PASSWORD="" \ -lego --email you@example.com --dns vkcloud --domains "example.org" --domains "*.example.org" run +lego --email you@example.com --dns vkcloud -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/volcengine/volcengine.go b/providers/dns/volcengine/volcengine.go index 80933b4c18..7dc1054d60 100644 --- a/providers/dns/volcengine/volcengine.go +++ b/providers/dns/volcengine/volcengine.go @@ -54,6 +54,10 @@ type Config struct { // NewDefaultConfig returns a default configuration for the DNSProvider. func NewDefaultConfig() *Config { return &Config{ + Scheme: env.GetOrDefaultString(EnvScheme, "https"), + Host: env.GetOrDefaultString(EnvHost, "open.volcengineapi.com"), + Region: env.GetOrDefaultString(EnvRegion, volc.DefaultRegion), + TTL: env.GetOrDefaultInt(EnvTTL, defaultTTL), PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, 240*time.Second), PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, 10*time.Second), @@ -81,9 +85,6 @@ func NewDNSProvider() (*DNSProvider, error) { config := NewDefaultConfig() config.AccessKey = values[EnvAccessKey] config.SecretKey = values[EnvSecretKey] - config.Scheme = env.GetOrDefaultString(EnvScheme, "https") - config.Host = env.GetOrDefaultString(EnvHost, "open.volcengineapi.com") - config.Region = env.GetOrDefaultString(EnvRegion, volc.DefaultRegion) return NewDNSProviderConfig(config) } diff --git a/providers/dns/volcengine/volcengine.toml b/providers/dns/volcengine/volcengine.toml index 1565280108..85431714f8 100644 --- a/providers/dns/volcengine/volcengine.toml +++ b/providers/dns/volcengine/volcengine.toml @@ -7,7 +7,7 @@ Since = "v4.19.0" Example = ''' VOLC_ACCESSKEY=xxx \ VOLC_SECRETKEY=yyy \ -lego --email you@example.com --dns volcengine --domains "example.org" --domains "*.example.org" run +lego --email you@example.com --dns volcengine -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/vscale/vscale.toml b/providers/dns/vscale/vscale.toml index db69ec784d..83aa6a513d 100644 --- a/providers/dns/vscale/vscale.toml +++ b/providers/dns/vscale/vscale.toml @@ -6,7 +6,7 @@ Since = "v2.0.0" Example = ''' VSCALE_API_TOKEN=xxxxx \ -lego --email you@example.com --dns vscale --domains my.example.org run +lego --email you@example.com --dns vscale -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/vultr/vultr.toml b/providers/dns/vultr/vultr.toml index 33483fa62a..83b896f77d 100644 --- a/providers/dns/vultr/vultr.toml +++ b/providers/dns/vultr/vultr.toml @@ -6,7 +6,7 @@ Since = "v0.3.1" Example = ''' VULTR_API_KEY=xxxxx \ -lego --email you@example.com --dns vultr --domains my.example.org run +lego --email you@example.com --dns vultr -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/webnames/webnames.toml b/providers/dns/webnames/webnames.toml index b42ac3e12b..030d385c9c 100644 --- a/providers/dns/webnames/webnames.toml +++ b/providers/dns/webnames/webnames.toml @@ -6,7 +6,7 @@ Since = "v4.15.0" Example = ''' WEBNAMES_API_KEY=xxxxxx \ -lego --email you@example.com --dns webnames --domains my.example.org run +lego --email you@example.com --dns webnames -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/websupport/websupport.toml b/providers/dns/websupport/websupport.toml index 8eb32fbbb8..d1a0af7dcf 100644 --- a/providers/dns/websupport/websupport.toml +++ b/providers/dns/websupport/websupport.toml @@ -7,7 +7,7 @@ Since = "v4.10.0" Example = ''' WEBSUPPORT_API_KEY="xxxxxxxxxxxxxxxxxxxxx" \ WEBSUPPORT_SECRET="yyyyyyyyyyyyyyyyyyyyy" \ -lego --email myemail@example.com --dns websupport --domains my.example.org run +lego --email you@example.com --dns websupport -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/wedos/wedos.toml b/providers/dns/wedos/wedos.toml index cb2693ee5d..64845536ec 100644 --- a/providers/dns/wedos/wedos.toml +++ b/providers/dns/wedos/wedos.toml @@ -7,7 +7,7 @@ Since = "v4.4.0" Example = ''' WEDOS_USERNAME=xxxxxxxx \ WEDOS_WAPI_PASSWORD=xxxxxxxx \ -lego --email you@example.com --dns wedos --domains my.example.org run +lego --email you@example.com --dns wedos -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/yandex/yandex.toml b/providers/dns/yandex/yandex.toml index d52ce4eac2..91adf46581 100644 --- a/providers/dns/yandex/yandex.toml +++ b/providers/dns/yandex/yandex.toml @@ -7,7 +7,7 @@ Since = "v3.7.0" Example = ''' YANDEX_PDD_TOKEN= \ -lego --email you@example.com --dns yandex --domains my.example.org run +lego --email you@example.com --dns yandex -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/yandex360/yandex360.toml b/providers/dns/yandex360/yandex360.toml index ad0ce0d3e1..88e4036ab4 100644 --- a/providers/dns/yandex360/yandex360.toml +++ b/providers/dns/yandex360/yandex360.toml @@ -8,7 +8,7 @@ Since = "v4.14.0" Example = ''' YANDEX360_OAUTH_TOKEN= \ YANDEX360_ORG_ID= \ -lego --email you@example.com --dns yandex360 --domains my.example.org run +lego --email you@example.com --dns yandex360 -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/yandexcloud/yandexcloud.toml b/providers/dns/yandexcloud/yandexcloud.toml index 97677b9967..c19b9c1ccf 100644 --- a/providers/dns/yandexcloud/yandexcloud.toml +++ b/providers/dns/yandexcloud/yandexcloud.toml @@ -7,7 +7,7 @@ Since = "v4.9.0" Example = ''' YANDEX_CLOUD_IAM_TOKEN= \ YANDEX_CLOUD_FOLDER_ID= \ -lego --email you@example.com --dns yandexcloud --domains "example.org" --domains "*.example.org" run +lego --email you@example.com --dns yandexcloud -d '*.example.com' -d example.com run # --- @@ -20,7 +20,7 @@ YANDEX_CLOUD_IAM_TOKEN=$(echo '{ \ "private_key": "-----BEGIN PRIVATE KEY----------END PRIVATE KEY-----" \ }' | base64) \ YANDEX_CLOUD_FOLDER_ID= \ -lego --email you@example.com --dns yandexcloud --domains "example.org" --domains "*.example.org" run +lego --email you@example.com --dns yandexcloud -d '*.example.com' -d example.com run ''' Additional = ''' diff --git a/providers/dns/zoneee/zoneee.toml b/providers/dns/zoneee/zoneee.toml index 16704671f8..5d95095e80 100644 --- a/providers/dns/zoneee/zoneee.toml +++ b/providers/dns/zoneee/zoneee.toml @@ -7,7 +7,7 @@ Since = "v2.1.0" Example = ''' ZONEEE_API_USER=xxxxx \ ZONEEE_API_KEY=yyyyy \ -lego --email you@example.com --dns zoneee --domains my.example.org run +lego --email you@example.com --dns zoneee -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/zonomi/zonomi.toml b/providers/dns/zonomi/zonomi.toml index 2d3f3e3aa8..9780323a74 100644 --- a/providers/dns/zonomi/zonomi.toml +++ b/providers/dns/zonomi/zonomi.toml @@ -6,7 +6,7 @@ Since = "v3.5.0" Example = ''' ZONOMI_API_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx \ -lego --email you@example.com --dns zonomi --domains my.example.org run +lego --email you@example.com --dns zonomi -d '*.example.com' -d example.com run ''' [Configuration] diff --git a/providers/dns/zz_gen_dns_providers.go b/providers/dns/zz_gen_dns_providers.go index 5c805e770d..3d9f4965de 100644 --- a/providers/dns/zz_gen_dns_providers.go +++ b/providers/dns/zz_gen_dns_providers.go @@ -28,6 +28,7 @@ import ( "github.com/go-acme/lego/v4/providers/dns/cloudxns" "github.com/go-acme/lego/v4/providers/dns/conoha" "github.com/go-acme/lego/v4/providers/dns/constellix" + "github.com/go-acme/lego/v4/providers/dns/corenetworks" "github.com/go-acme/lego/v4/providers/dns/cpanel" "github.com/go-acme/lego/v4/providers/dns/derak" "github.com/go-acme/lego/v4/providers/dns/desec" @@ -109,6 +110,7 @@ import ( "github.com/go-acme/lego/v4/providers/dns/porkbun" "github.com/go-acme/lego/v4/providers/dns/rackspace" "github.com/go-acme/lego/v4/providers/dns/rcodezero" + "github.com/go-acme/lego/v4/providers/dns/regfish" "github.com/go-acme/lego/v4/providers/dns/regru" "github.com/go-acme/lego/v4/providers/dns/rfc2136" "github.com/go-acme/lego/v4/providers/dns/rimuhosting" @@ -124,6 +126,7 @@ import ( "github.com/go-acme/lego/v4/providers/dns/simply" "github.com/go-acme/lego/v4/providers/dns/sonic" "github.com/go-acme/lego/v4/providers/dns/stackpath" + "github.com/go-acme/lego/v4/providers/dns/technitium" "github.com/go-acme/lego/v4/providers/dns/tencentcloud" "github.com/go-acme/lego/v4/providers/dns/timewebcloud" "github.com/go-acme/lego/v4/providers/dns/transip" @@ -194,6 +197,8 @@ func NewDNSChallengeProviderByName(name string) (challenge.Provider, error) { return conoha.NewDNSProvider() case "constellix": return constellix.NewDNSProvider() + case "corenetworks": + return corenetworks.NewDNSProvider() case "cpanel": return cpanel.NewDNSProvider() case "derak": @@ -356,6 +361,8 @@ func NewDNSChallengeProviderByName(name string) (challenge.Provider, error) { return rackspace.NewDNSProvider() case "rcodezero": return rcodezero.NewDNSProvider() + case "regfish": + return regfish.NewDNSProvider() case "regru": return regru.NewDNSProvider() case "rfc2136": @@ -386,6 +393,8 @@ func NewDNSChallengeProviderByName(name string) (challenge.Provider, error) { return sonic.NewDNSProvider() case "stackpath": return stackpath.NewDNSProvider() + case "technitium": + return technitium.NewDNSProvider() case "tencentcloud": return tencentcloud.NewDNSProvider() case "timewebcloud":