Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for local server as dns provider #1621

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 12 additions & 12 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -60,18 +60,18 @@ Detailed documentation is available [here](https://go-acme.github.io/lego/dns).
| [HTTP request](https://go-acme.github.io/lego/dns/httpreq/) | [Hurricane Electric DNS](https://go-acme.github.io/lego/dns/hurricane/) | [HyperOne](https://go-acme.github.io/lego/dns/hyperone/) | [IBM Cloud (SoftLayer)](https://go-acme.github.io/lego/dns/ibmcloud/) |
| [Infoblox](https://go-acme.github.io/lego/dns/infoblox/) | [Infomaniak](https://go-acme.github.io/lego/dns/infomaniak/) | [Internet Initiative Japan](https://go-acme.github.io/lego/dns/iij/) | [Internet.bs](https://go-acme.github.io/lego/dns/internetbs/) |
| [INWX](https://go-acme.github.io/lego/dns/inwx/) | [Ionos](https://go-acme.github.io/lego/dns/ionos/) | [iwantmyname](https://go-acme.github.io/lego/dns/iwantmyname/) | [Joker](https://go-acme.github.io/lego/dns/joker/) |
| [Joohoi's ACME-DNS](https://go-acme.github.io/lego/dns/acme-dns/) | [Linode (v4)](https://go-acme.github.io/lego/dns/linode/) | [Liquid Web](https://go-acme.github.io/lego/dns/liquidweb/) | [Loopia](https://go-acme.github.io/lego/dns/loopia/) |
| [LuaDNS](https://go-acme.github.io/lego/dns/luadns/) | [Manual](https://go-acme.github.io/lego/dns/manual/) | [MyDNS.jp](https://go-acme.github.io/lego/dns/mydnsjp/) | [MythicBeasts](https://go-acme.github.io/lego/dns/mythicbeasts/) |
| [Name.com](https://go-acme.github.io/lego/dns/namedotcom/) | [Namecheap](https://go-acme.github.io/lego/dns/namecheap/) | [Namesilo](https://go-acme.github.io/lego/dns/namesilo/) | [Netcup](https://go-acme.github.io/lego/dns/netcup/) |
| [Netlify](https://go-acme.github.io/lego/dns/netlify/) | [Nicmanager](https://go-acme.github.io/lego/dns/nicmanager/) | [NIFCloud](https://go-acme.github.io/lego/dns/nifcloud/) | [Njalla](https://go-acme.github.io/lego/dns/njalla/) |
| [NS1](https://go-acme.github.io/lego/dns/ns1/) | [Open Telekom Cloud](https://go-acme.github.io/lego/dns/otc/) | [Oracle Cloud](https://go-acme.github.io/lego/dns/oraclecloud/) | [OVH](https://go-acme.github.io/lego/dns/ovh/) |
| [Porkbun](https://go-acme.github.io/lego/dns/porkbun/) | [PowerDNS](https://go-acme.github.io/lego/dns/pdns/) | [Rackspace](https://go-acme.github.io/lego/dns/rackspace/) | [reg.ru](https://go-acme.github.io/lego/dns/regru/) |
| [RFC2136](https://go-acme.github.io/lego/dns/rfc2136/) | [RimuHosting](https://go-acme.github.io/lego/dns/rimuhosting/) | [Sakura Cloud](https://go-acme.github.io/lego/dns/sakuracloud/) | [Scaleway](https://go-acme.github.io/lego/dns/scaleway/) |
| [Selectel](https://go-acme.github.io/lego/dns/selectel/) | [Servercow](https://go-acme.github.io/lego/dns/servercow/) | [Simply.com](https://go-acme.github.io/lego/dns/simply/) | [Sonic](https://go-acme.github.io/lego/dns/sonic/) |
| [Stackpath](https://go-acme.github.io/lego/dns/stackpath/) | [Tencent Cloud DNS](https://go-acme.github.io/lego/dns/tencentcloud/) | [TransIP](https://go-acme.github.io/lego/dns/transip/) | [UKFast SafeDNS](https://go-acme.github.io/lego/dns/safedns/) |
| [VegaDNS](https://go-acme.github.io/lego/dns/vegadns/) | [Versio.[nl/eu/uk]](https://go-acme.github.io/lego/dns/versio/) | [VinylDNS](https://go-acme.github.io/lego/dns/vinyldns/) | [Vscale](https://go-acme.github.io/lego/dns/vscale/) |
| [Vultr](https://go-acme.github.io/lego/dns/vultr/) | [WEDOS](https://go-acme.github.io/lego/dns/wedos/) | [Yandex](https://go-acme.github.io/lego/dns/yandex/) | [Zone.ee](https://go-acme.github.io/lego/dns/zoneee/) |
| [Zonomi](https://go-acme.github.io/lego/dns/zonomi/) | | | |
| [Joohoi's ACME-DNS](https://go-acme.github.io/lego/dns/acme-dns/) | [Linode (v4)](https://go-acme.github.io/lego/dns/linode/) | [Liquid Web](https://go-acme.github.io/lego/dns/liquidweb/) | [Local](https://go-acme.github.io/lego/dns/local/) |
| [Loopia](https://go-acme.github.io/lego/dns/loopia/) | [LuaDNS](https://go-acme.github.io/lego/dns/luadns/) | [Manual](https://go-acme.github.io/lego/dns/manual/) | [MyDNS.jp](https://go-acme.github.io/lego/dns/mydnsjp/) |
| [MythicBeasts](https://go-acme.github.io/lego/dns/mythicbeasts/) | [Name.com](https://go-acme.github.io/lego/dns/namedotcom/) | [Namecheap](https://go-acme.github.io/lego/dns/namecheap/) | [Namesilo](https://go-acme.github.io/lego/dns/namesilo/) |
| [Netcup](https://go-acme.github.io/lego/dns/netcup/) | [Netlify](https://go-acme.github.io/lego/dns/netlify/) | [Nicmanager](https://go-acme.github.io/lego/dns/nicmanager/) | [NIFCloud](https://go-acme.github.io/lego/dns/nifcloud/) |
| [Njalla](https://go-acme.github.io/lego/dns/njalla/) | [NS1](https://go-acme.github.io/lego/dns/ns1/) | [Open Telekom Cloud](https://go-acme.github.io/lego/dns/otc/) | [Oracle Cloud](https://go-acme.github.io/lego/dns/oraclecloud/) |
| [OVH](https://go-acme.github.io/lego/dns/ovh/) | [Porkbun](https://go-acme.github.io/lego/dns/porkbun/) | [PowerDNS](https://go-acme.github.io/lego/dns/pdns/) | [Rackspace](https://go-acme.github.io/lego/dns/rackspace/) |
| [reg.ru](https://go-acme.github.io/lego/dns/regru/) | [RFC2136](https://go-acme.github.io/lego/dns/rfc2136/) | [RimuHosting](https://go-acme.github.io/lego/dns/rimuhosting/) | [Sakura Cloud](https://go-acme.github.io/lego/dns/sakuracloud/) |
| [Scaleway](https://go-acme.github.io/lego/dns/scaleway/) | [Selectel](https://go-acme.github.io/lego/dns/selectel/) | [Servercow](https://go-acme.github.io/lego/dns/servercow/) | [Simply.com](https://go-acme.github.io/lego/dns/simply/) |
| [Sonic](https://go-acme.github.io/lego/dns/sonic/) | [Stackpath](https://go-acme.github.io/lego/dns/stackpath/) | [Tencent Cloud DNS](https://go-acme.github.io/lego/dns/tencentcloud/) | [TransIP](https://go-acme.github.io/lego/dns/transip/) |
| [UKFast SafeDNS](https://go-acme.github.io/lego/dns/safedns/) | [VegaDNS](https://go-acme.github.io/lego/dns/vegadns/) | [Versio.[nl/eu/uk]](https://go-acme.github.io/lego/dns/versio/) | [VinylDNS](https://go-acme.github.io/lego/dns/vinyldns/) |
| [Vscale](https://go-acme.github.io/lego/dns/vscale/) | [Vultr](https://go-acme.github.io/lego/dns/vultr/) | [WEDOS](https://go-acme.github.io/lego/dns/wedos/) | [Yandex](https://go-acme.github.io/lego/dns/yandex/) |
| [Zone.ee](https://go-acme.github.io/lego/dns/zoneee/) | [Zonomi](https://go-acme.github.io/lego/dns/zonomi/) | | |

<!-- END DNS PROVIDERS LIST -->

Expand Down
15 changes: 15 additions & 0 deletions cmd/zz_gen_cmd_dnshelp.go
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,7 @@ func allDNSCodes() string {
"lightsail",
"linode",
"liquidweb",
"local",
"loopia",
"luadns",
"mydnsjp",
Expand Down Expand Up @@ -1351,6 +1352,20 @@ func displayDNSHelp(name string) error {
ew.writeln()
ew.writeln(`More information: https://go-acme.github.io/lego/dns/liquidweb`)

case "local":
// generated from: providers/dns/local/local.toml
ew.writeln(`Configuration for Local.`)
ew.writeln(`Code: 'local'`)
ew.writeln(`Since: 'v0.0.1'`)
ew.writeln()

ew.writeln(`Credentials:`)
ew.writeln(` - "LOCAL_LISTEN": Listen udp dns-server address`)
ew.writeln()

ew.writeln()
ew.writeln(`More information: https://go-acme.github.io/lego/dns/local`)

case "loopia":
// generated from: providers/dns/loopia/loopia.toml
ew.writeln(`Configuration for Loopia.`)
Expand Down
47 changes: 47 additions & 0 deletions docs/content/dns/zz_gen_local.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
---
title: "Local"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: local
---

<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/local/local.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

Since: v0.0.1
Setup local udp dns server that can serve forawrded requests from main dns server


<!--more-->

- Code: `local`

Here is an example bash command using the Local provider:

```bash
LOCAL_LISTEN=:5353 \
lego --email [email protected] --dns local --domains my.example.org run
```




## Credentials

| Environment Variable Name | Description |
|-----------------------|-------------|
| `LOCAL_LISTEN` | Listen udp dns-server address |

The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
More information [here](/lego/dns/#configuration-and-credentials).







<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/local/local.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
3 changes: 3 additions & 0 deletions providers/dns/dns_providers.go
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@ import (
"github.com/go-acme/lego/v4/providers/dns/lightsail"
"github.com/go-acme/lego/v4/providers/dns/linode"
"github.com/go-acme/lego/v4/providers/dns/liquidweb"
"github.com/go-acme/lego/v4/providers/dns/localserver"
"github.com/go-acme/lego/v4/providers/dns/loopia"
"github.com/go-acme/lego/v4/providers/dns/luadns"
"github.com/go-acme/lego/v4/providers/dns/mydnsjp"
Expand Down Expand Up @@ -312,6 +313,8 @@ func NewDNSChallengeProviderByName(name string) (challenge.Provider, error) {
return zoneee.NewDNSProvider()
case "zonomi":
return zonomi.NewDNSProvider()
case "local":
return localserver.NewDNSProvider()
default:
return nil, fmt.Errorf("unrecognized DNS provider: %s", name)
}
Expand Down
111 changes: 111 additions & 0 deletions providers/dns/localserver/localserver.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,111 @@
package localserver

import (
"errors"
"log"
"net"
"net/netip"
"os"

"github.com/go-acme/lego/v4/challenge/dns01"
"github.com/miekg/dns"
)

// Environment variables names.
const (
envNamespace = "LOCALSERVER_"

EnvListen = envNamespace + "LISTEN"
)

type DNSProvider struct {
addr string
server *dns.Server
}

func NewDNSProvider() (*DNSProvider, error) {
addr := os.Getenv(EnvListen)
if addr == "" {
return nil, errors.New("localserver: listen addr is nil")
}
_, err := netip.ParseAddrPort(addr)
if err != nil {
return nil, err
}
return &DNSProvider{addr: addr}, nil
}

func (s *DNSProvider) Present(domain, token, keyAuth string) error {
addr, err := netip.ParseAddrPort(s.addr)
if err != nil {
return err
}

conn, err := net.ListenUDP("udp", net.UDPAddrFromAddrPort(addr))
if err != nil {
return err
}

fqdn, value := dns01.GetRecord(domain, keyAuth)
handler := &dnsHandler{acmeResponse: value, fqdn: fqdn}
s.server = &dns.Server{Handler: handler, PacketConn: conn}

startCh := make(chan struct{}, 1)
errCh := make(chan error, 1)
s.server.NotifyStartedFunc = func() {
startCh <- struct{}{}
}
go func() {
err := s.server.ActivateAndServe()
if err != nil {
errCh <- err
return
}
}()
select {
case err := <-errCh:
return err
case <-startCh:
}

return nil
}

func (s *DNSProvider) CleanUp(domain, token, keyAuth string) error {
if s.server == nil {
return errors.New("dns server is not running")
}
err := s.server.Shutdown()
s.server = nil
return err
}

type dnsHandler struct {
acmeResponse string
fqdn string
}

func (h *dnsHandler) ServeDNS(w dns.ResponseWriter, r *dns.Msg) {
m := new(dns.Msg)
m.SetReply(r)
m.Authoritative = true
m.RecursionAvailable = false
question := r.Question[0]
if question.Name == h.fqdn && question.Qtype == dns.TypeTXT {
m.Answer = append(m.Answer, &dns.TXT{
Hdr: dns.RR_Header{
Name: question.Name,
Rrtype: dns.TypeTXT,
Class: dns.ClassINET,
},
Txt: []string{h.acmeResponse},
})
log.Printf("localserver dns response: found, request: %#v\n", question)
} else {
m.Rcode = dns.RcodeNameError
log.Printf("localserver dns response: not found, request: %#v\n", question)
}
if err := w.WriteMsg(m); err != nil {
log.Println(err.Error())
}
}
13 changes: 13 additions & 0 deletions providers/dns/localserver/localserver.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
Name = "Localserver"
Description = '''Setup localserver udp dns server that can serve forawrded requests from main dns server'''

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Description = '''Setup localserver udp dns server that can serve forawrded requests from main dns server'''
Description = '''Setup localserver udp dns server that can serve forwarded requests from main dns server'''

Code = "localserver"
Since = "v0.0.1"

Example = '''
LOCALSERVER_LISTEN=0.0.0.0:5353 \
lego --email [email protected] --dns localserver --domains my.example.org run
'''

[Configuration]
[Configuration.Credentials]
LOCALSERVER_LISTEN = "Listen udp dns-server address"
45 changes: 45 additions & 0 deletions providers/dns/localserver/localserver_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
package localserver

import (
"github.com/go-acme/lego/v4/challenge/dns01"
"github.com/miekg/dns"
"github.com/stretchr/testify/assert"
"testing"

"github.com/go-acme/lego/v4/platform/tester"
)

var envTest = tester.NewEnvTest(EnvListen)
var listenAddr = "127.0.0.1:5352"

func TestDnsProvider(t *testing.T) {
envTest.Apply(map[string]string{EnvListen: listenAddr})
provider, err := NewDNSProvider()
assert.Nil(t, err)

domain := "foo.com"
keyAuth := "12d=="

fqdn, txtExpectedValue := dns01.GetRecord(domain, keyAuth)
err = provider.Present(domain, "", keyAuth)
assert.Nil(t, err)

r, err := makeDnsQuery(fqdn, dns.TypeTXT, listenAddr)
assert.Nil(t, err)
assert.Equal(t, txtExpectedValue, r.Answer[0].(*dns.TXT).Txt[0])

r, err = makeDnsQuery("bar.com.", dns.TypeTXT, listenAddr)
assert.Nil(t, err)
assert.Equal(t, dns.RcodeNameError, r.MsgHdr.Rcode)

err = provider.CleanUp(domain, "", keyAuth)
assert.Nil(t, err)
}

func makeDnsQuery(fqdn string, dnsType uint16, dnsServer string) (*dns.Msg, error) {
c := new(dns.Client)
m := new(dns.Msg)
m.SetQuestion(fqdn, dnsType)
r, _, err := c.Exchange(m, dnsServer)
return r, err
}