Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add DNS provider for Porkbun #1396

Merged
merged 6 commits into from
May 2, 2021
Merged

Add DNS provider for Porkbun #1396

merged 6 commits into from
May 2, 2021

Conversation

ldez
Copy link
Member

@ldez ldez commented May 1, 2021
edited
Loading

  • have a homogeneous design with the other providers
  • pass the linter
  • do go mod tidy
  • add tests (units)
  • add tests ("live")
  • add a provider descriptor
  • generate CLI help, documentation, and readme.
  • be able to do: (and put the output of this command to a comment)
rm -rf .lego

PORKBUN_SECRET_API_KEY=xxx PORKBUN_PAPI_KEY=yyy ./lego -m [email protected] --dns porkbun -d *.example.com -d example.com -s https://acme-staging-v02.api.letsencrypt.org/directory run

Note the wildcard domain is important.

@eosti could you test by running the previous command (you have to use a real domain and email)?

Closes #1395

@ldez ldez mentioned this pull request May 1, 2021
Closed
5 tasks
@eosti

This comment has been minimized.

Sign in to view
@ldez

This comment has been minimized.

Sign in to view
@eosti

This comment has been minimized.

Sign in to view
@ldez

This comment has been minimized.

Sign in to view
@eosti
Copy link

eosti commented May 1, 2021

create:POST to https://porkbun.com/api/json/v3/dns/create/example.com

Body:

{
	"secretapikey": "secretkey",
	"apikey": "apikey",
        "name": "_acme-challenge",
        "type": "TXT",
        "content": "hello",
        "ttl": "300"
}

Response:

{
    "status": "SUCCESS",
    "id": 123456789
}

retrieve: POST to https://porkbun.com/api/json/v3/dns/retrieve/example.com:

Body:

{
	"secretapikey": "secretkey",
	"apikey": "apikey"
}

Response:

{
    "status": "SUCCESS",
    "cloudflare": "disabled",
    "records": [
        {
            "id": "12345",
            "name": "example.com",
            "type": "ALIAS",
            "content": "uixie.porkbun.com",
            "ttl": "600",
            "prio": null
        },
        {
            "id": "12345",
            "name": "example.com",
            "type": "MX",
            "content": "fwd1.porkbun.com",
            "ttl": "300",
            "prio": "10"
        },
        {
            "id": "12345",
            "name": "example.com",
            "type": "MX",
            "content": "fwd2.porkbun.com",
            "ttl": "300",
            "prio": "20"
        },
        {
            "id": "12345",
            "name": "_autodiscover._tcp.example.com",
            "type": "SRV",
            "content": "10 443 webmail.porkbun.com",
            "ttl": "300",
            "prio": "10"
        },
        {
            "id": "12345",
            "name": "example.com",
            "type": "TXT",
            "content": "v=spf1 mx ~all",
            "ttl": "300",
            "prio": null
        },
        {
            "id": "123456789",
            "name": "_acme-challenge.example.com",
            "type": "TXT",
            "content": "hello",
            "ttl": "300",
            "prio": "0"
        }
    ]
}

Side note, lego does create the DNS records, so it must be erroring out after sending the POST.

@ldez

This comment has been minimized.

Sign in to view
@eosti

This comment has been minimized.

Sign in to view
@ldez

This comment has been minimized.

Sign in to view
@eosti
Copy link

eosti commented May 1, 2021

Yay, everything is now working as expected. Output of the last run:

2021/05/01 14:26:49 No key found for account [email protected]. Generating a P256 key.
2021/05/01 14:26:49 Saved key to /Users/eosti/Projects/lego/dist/.lego/accounts/acme-staging-v02.api.letsencrypt.org/[email protected]/keys/[email protected]
2021/05/01 14:26:49 Please review the TOS at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
Do you accept the TOS? Y/n
y
2021/05/01 14:26:52 [INFO] acme: Registering account for [email protected]
!!!! HEADS UP !!!!

Your account credentials have been saved in your Let's Encrypt
configuration directory at "/Users/eosti/Projects/lego/dist/.lego/accounts".

You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from Let's Encrypt so making regular
backups of this folder is ideal.
2021/05/01 14:26:52 [INFO] [*.example.com, example.com] acme: Obtaining bundled SAN certificate
2021/05/01 14:26:52 [INFO] [*.example.com] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/12345
2021/05/01 14:26:52 [INFO] [example.com] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/12345
2021/05/01 14:26:52 [INFO] [*.example.com] acme: use dns-01 solver
2021/05/01 14:26:52 [INFO] [example.com] acme: Could not find solver for: tls-alpn-01
2021/05/01 14:26:52 [INFO] [example.com] acme: Could not find solver for: http-01
2021/05/01 14:26:52 [INFO] [example.com] acme: use dns-01 solver
2021/05/01 14:26:52 [INFO] [*.example.com] acme: Preparing to solve DNS-01
2021/05/01 14:26:53 [INFO] [example.com] acme: Preparing to solve DNS-01
2021/05/01 14:26:53 [INFO] [*.example.com] acme: Trying to solve DNS-01
2021/05/01 14:26:53 [INFO] [*.example.com] acme: Checking DNS record propagation using [192.168.99.21:53 192.168.11.1:53]
2021/05/01 14:27:03 [INFO] Wait for propagation [timeout: 10m0s, interval: 10s]
2021/05/01 14:27:09 [INFO] [*.example.com] The server validated our request
2021/05/01 14:27:09 [INFO] [example.com] acme: Trying to solve DNS-01
2021/05/01 14:27:09 [INFO] [example.com] acme: Checking DNS record propagation using [192.168.99.21:53 192.168.11.1:53]
2021/05/01 14:27:19 [INFO] Wait for propagation [timeout: 10m0s, interval: 10s]
2021/05/01 14:27:20 [INFO] [example.com] acme: Waiting for DNS record propagation.
2021/05/01 14:27:37 [INFO] [example.com] The server validated our request
2021/05/01 14:27:37 [INFO] [*.example.com] acme: Cleaning DNS-01 challenge
2021/05/01 14:27:38 [INFO] [example.com] acme: Cleaning DNS-01 challenge
2021/05/01 14:27:38 [INFO] [*.example.com, example.com] acme: Validations succeeded; requesting certificates
2021/05/01 14:27:39 [INFO] [*.example.com] Server responded with a certificate.

Thank you again for your time!

@ldez
Copy link
Member Author

ldez commented May 1, 2021

Thank you for your time too!

@ldez ldez requested a review from dmke May 1, 2021 22:19
dmke
dmke approved these changes May 2, 2021
View reviewed changes
Copy link
Member

@dmke dmke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ldez ldez merged commit c22cd40 into go-acme:master May 2, 2021
@ldez ldez deleted the feat/porkbun branch May 2, 2021 11:41
@ldez ldez added this to the v4.4 milestone May 2, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmke dmke dmke approved these changes

Assignees
No one assigned
Labels
area/dnsprovider enhancement
Milestone
v4.4
Development

Successfully merging this pull request may close these issues.

Add support for Porkbun DNS
3 participants
@ldez @eosti @dmke