Compare commits

..

No commits in common. "master" and "feature/optimizations" have entirely different histories.

7 changed files with 80 additions and 124 deletions

1
.gitignore vendored
View File

@ -1,2 +1 @@
*secret*
node_modules/ node_modules/

View File

@ -1 +0,0 @@
/Users/aj/dotfiles/dummy/.jshintrc

View File

@ -1,2 +1 @@
AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/) AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)
Aneem Patrabansha <aneempp@gmail.com> (https://aneem.com.np)

View File

@ -1,20 +1,8 @@
# [acme-dns-01-digitalocean](https://git.rootprojects.org/root/acme-dns-01-digitalocean.js) | a [Root](https://rootprojects.org) project # [acme-dns-01-digitalocean](https://git.rootprojects.org/root/acme-dns-01-digitalocean) | a [Root](https://rootrpojects.org) project
Digital Ocean DNS + Let's Encrypt for Node.js Digital Ocean DNS + Let's Encrypt for Node.js
This handles ACME dns-01 challenges, compatible with ACME.js and Greenlock.js. This handles ACME dns-01 challenges, compatible with ACME.js and Greenlock.js.
Passes [acme-dns-01-test](https://git.rootprojects.org/root/acme-dns-01-test.js).
## Features
- Compatible
- [x] Let's Encrypt v2.1 / ACME draft 18 (2019)
- [x] Digital Ocean v2 API
- [x] ACME.js, Greenlock.js, and others
- Quality
- [x] node v6 compatible VanillaJS
- [x] &lt; 150 lines of code
- [x] **Zero Dependencies**
# Install # Install
@ -22,22 +10,18 @@ Passes [acme-dns-01-test](https://git.rootprojects.org/root/acme-dns-01-test.js)
npm install --save acme-dns-01-digitalocean@3.x npm install --save acme-dns-01-digitalocean@3.x
``` ```
Generate Digital Ocean API Token:
- <https://cloud.digitalocean.com/account/api/tokens>
# Usage # Usage
First you create an instance with your credentials: First you create an instance with your credentials:
```js ```js
var dns01 = require('acme-dns-01-digitalocean').create({ var dns01 = require('acme-dns-01-digitalocean').create({
baseUrl: 'https://api.digitalocean.com/v2/domains', // default baseUrl: 'https://api.digitalocean.com', // default
token: 'xxxx' token: 'xxxx'
}); });
``` ```
Then you can use it with any compatible ACME library, Then you can use it with any compatible ACME module,
such as Greenlock.js or ACME.js. such as Greenlock.js or ACME.js.
### Greenlock.js ### Greenlock.js
@ -52,9 +36,8 @@ var greenlock = Greenlock.create({
}); });
``` ```
See [Greenlock Express](https://git.rootprojects.org/root/greenlock-express.js) See [Greenlock™ Express](https://git.rootprojects.org/root/greenlock-express.js)
and/or [Greenlock.js](https://git.rootprojects.org/root/greenlock.js) and/or [Greenlock.js](https://git.rootprojects.org/root/greenlock.js) documentation for more details.
documentation for more details.
### ACME.js ### ACME.js
@ -66,29 +49,20 @@ See the [ACME.js](https://git.rootprojects.org/root/acme-v2.js) for more details
### Build your own ### Build your own
There are only 5 methods:
- `init(config)`
- `zones(opts)`
- `set(opts)`
- `get(opts)`
- `remove(opts)`
```js ```js
dns01 dns01
.set({ .set({
identifier: { value: 'foo.example.co.uk' }, identifier: { value: 'foo.example.com' },
wildcard: false, wildcard: false,
dnsZone: 'example.co.uk', dnsHost: '_acme-challenge.foo.example.com'
dnsPrefix: '_acme-challenge.foo', dnsAuthorization: 'xxx_secret_xxx'
dnsAuthorization: 'xxx_secret_xxx' })
}) .then(function () {
.then(function() { console.log("TXT record set");
console.log('TXT record set'); })
}) .catch(function () {
.catch(function() { console.log("Failed to set TXT record");
console.log('Failed to set TXT record'); });
});
``` ```
See [acme-dns-01-test](https://git.rootprojects.org/root/acme-dns-01-test.js) See [acme-dns-01-test](https://git.rootprojects.org/root/acme-dns-01-test.js)
@ -100,23 +74,3 @@ for more implementation details.
# node ./test.js domain-zone api-token # node ./test.js domain-zone api-token
node ./test.js example.com xxxxxx node ./test.js example.com xxxxxx
``` ```
# Authors
- Aneem Patrabansha
- AJ ONeal
See AUTHORS for contact info.
<!-- {{ if .Legal }} -->
# Legal
[acme-dns-01-digitalocean.js](https://git.coolaj86.com/coolaj86/acme-dns-01-digitalocean.js) |
MPL-2.0 |
[Terms of Use](https://therootcompany.com/legal/#terms) |
[Privacy Policy](https://therootcompany.com/legal/#privacy)
Copyright 2019 The Root Group LLC
<!-- {{ end }} -->

View File

@ -1,46 +1,31 @@
'use strict'; 'use strict';
var request = require('@root/request');
request = require('util').promisify(request);
var defaults = { var defaults = {
baseUrl: 'https://api.digitalocean.com/v2/domains' baseUrl: 'https://api.digitalocean.com'
}; };
module.exports.create = function(config) { module.exports.create = function(config) {
// config = { baseUrl, token } // config = { baseUrl, token }
var baseUrl = (config.baseUrl || defaults.baseUrl).replace(/\/$/, ''); var baseUrl = config.baseUrl || defaults.baseUrl;
var authtoken = config.token; var authtoken = config.token;
var request;
function api(method, path, form) {
var req = {
method: method,
url: baseUrl + path,
headers: {
Authorization: 'Bearer ' + authtoken,
'Content-Type': 'application/json'
},
json: true,
form: form
};
return request(req).then(function(resp) {
if (2 !== Math.floor(resp.statusCode / 100)) {
console.error(resp.statusCode, req.url);
console.error();
console.error('Request:');
console.error(req);
console.error();
console.error('Response:');
console.error(resp.body);
console.error();
throw new Error('Error response. Check token, baseUrl, domains, etc.');
}
return resp;
});
}
var helpers = { var helpers = {
getZonenames: function(/*opts*/) { getZonenames: function(/*opts*/) {
// { dnsHosts: [ xxxx.foo.example.com ] } // { dnsHosts: [ xxxx.foo.example.com ] }
return api('GET', '/').then(function(resp) { var url = baseUrl + '/v2/domains/';
return request({
method: 'GET',
url: url,
headers: {
Authorization: 'Bearer ' + authtoken,
'Content-Type': 'application/json'
},
json: true
}).then(function(resp) {
return resp.body.domains.map(function(x) { return resp.body.domains.map(function(x) {
return x.name; return x.name;
}); });
@ -50,11 +35,20 @@ module.exports.create = function(config) {
// data:{dnsPrefix:"_88-acme-challenge-0e.foo",zone:"example.com",txt:"_cdZWaclIbkP1qYpMkZIURTK--ydQIK6d9axFmftWz0"} // data:{dnsPrefix:"_88-acme-challenge-0e.foo",zone:"example.com",txt:"_cdZWaclIbkP1qYpMkZIURTK--ydQIK6d9axFmftWz0"}
var dnsPrefix = data.dnsPrefix; var dnsPrefix = data.dnsPrefix;
var txt = data.txt; var txt = data.txt;
var url = baseUrl + '/v2/domains/' + data.zone + '/records';
// Digital ocean provides the api to fetch records by ID. Since we do not have id, we fetch all the records, // Digital ocean provides the api to fetch records by ID. Since we do not have id, we fetch all the records,
// filter the required TXT record // filter the required TXT record
return api('GET', '/' + data.zone + '/records').then(function(resp) { return request({
method: 'GET',
url: url,
json: true,
headers: {
Authorization: 'Bearer ' + authtoken,
'Content-Type': 'application/json'
}
}).then(function(resp) {
resp = resp.body; resp = resp.body;
var entries = var entries =
resp && resp &&
@ -68,10 +62,6 @@ module.exports.create = function(config) {
}; };
return { return {
init: function(opts) {
request = opts.request;
return null;
},
zones: function(data) { zones: function(data) {
//console.info('Get zones'); //console.info('Get zones');
return helpers.getZonenames(data); return helpers.getZonenames(data);
@ -79,13 +69,25 @@ module.exports.create = function(config) {
set: function(data) { set: function(data) {
var ch = data.challenge; var ch = data.challenge;
var txt = ch.dnsAuthorization; var txt = ch.dnsAuthorization;
var url = baseUrl + '/v2/domains/' + ch.dnsZone + '/records';
// console.info('Adding TXT', data); // console.info('Adding TXT', data);
return api('POST', '/' + ch.dnsZone + '/records', { return request({
type: 'TXT', method: 'POST',
name: ch.dnsPrefix, url: url,
data: txt, headers: {
ttl: 300 Authorization: 'Bearer ' + authtoken,
'Content-Type': 'application/json'
},
json: {
type: 'TXT',
// Note: dnsPrefix != dnsHost.split('.')[0]
// _greenlock-dryrun-2277.bar.foo.example.com => _greenlock-dryrun-2277.bar.foo
name: ch.dnsPrefix,
data: txt,
// Note: set a LOW ttl so that responses are not cached so long
ttl: 300
}
}).then(function(resp) { }).then(function(resp) {
resp = resp.body; resp = resp.body;
if (resp && resp.domain_record && resp.domain_record.data === txt) { if (resp && resp.domain_record && resp.domain_record.data === txt) {
@ -107,12 +109,17 @@ module.exports.create = function(config) {
return helpers.getTXTRecord(payload).then(function(txtRecord) { return helpers.getTXTRecord(payload).then(function(txtRecord) {
if (txtRecord) { if (txtRecord) {
var url = baseUrl + '/' + ch.dnsZone + '/records/' + txtRecord.id; var url =
baseUrl + '/v2/domains/' + ch.dnsZone + '/records/' + txtRecord.id;
return api( return request({
'DELETE', method: 'DELETE',
'/' + ch.dnsZone + '/records/' + txtRecord.id url: url,
).then(function(resp) { headers: {
Authorization: 'Bearer ' + authtoken,
'Content-Type': 'application/json'
}
}).then(function(resp) {
resp = resp.body; resp = resp.body;
return true; return true;
}); });

14
package-lock.json generated
View File

@ -7,17 +7,13 @@
"@root/request": { "@root/request": {
"version": "1.3.11", "version": "1.3.11",
"resolved": "https://registry.npmjs.org/@root/request/-/request-1.3.11.tgz", "resolved": "https://registry.npmjs.org/@root/request/-/request-1.3.11.tgz",
"integrity": "sha512-3a4Eeghcjsfe6zh7EJ+ni1l8OK9Fz2wL1OjP4UCa0YdvtH39kdXB9RGWuzyNv7dZi0+Ffkc83KfH0WbPMiuJFw==", "integrity": "sha512-3a4Eeghcjsfe6zh7EJ+ni1l8OK9Fz2wL1OjP4UCa0YdvtH39kdXB9RGWuzyNv7dZi0+Ffkc83KfH0WbPMiuJFw=="
"dev": true
}, },
"acme-challenge-test": { "acme-challenge-test": {
"version": "3.3.1", "version": "3.2.1",
"resolved": "https://registry.npmjs.org/acme-challenge-test/-/acme-challenge-test-3.3.1.tgz", "resolved": "https://registry.npmjs.org/acme-challenge-test/-/acme-challenge-test-3.2.1.tgz",
"integrity": "sha512-y7iCHb70hWuFgPvtAWwQd1sz9I2Atu+6PKhN5sIIfqDhkg/sVmlxAVKXn6/SBx9TSrP50xHtiAnMkmt+umemDw==", "integrity": "sha512-8MwL2oWx7vM/SBIeEQfeoRyW0kYCtLFS4FfgIx3lsQmSKhbDo9J88Ud6DejdupRp2T+DlEkWIBVI3qOCVViUaQ==",
"dev": true, "dev": true
"requires": {
"@root/request": "^1.3.11"
}
}, },
"acme-dns-01-test": { "acme-dns-01-test": {
"version": "3.2.1", "version": "3.2.1",

View File

@ -1,6 +1,6 @@
{ {
"name": "acme-dns-01-digitalocean", "name": "acme-dns-01-digitalocean",
"version": "3.0.1", "version": "3.0.0",
"description": "Digital Ocean DNS for Let's Encrypt / ACME dns-01 challenges with ACME.js and Greenlock.js", "description": "Digital Ocean DNS for Let's Encrypt / ACME dns-01 challenges with ACME.js and Greenlock.js",
"main": "index.js", "main": "index.js",
"scripts": { "scripts": {
@ -21,8 +21,10 @@
], ],
"author": "AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)", "author": "AJ ONeal <coolaj86@gmail.com> (https://coolaj86.com/)",
"license": "MPL-2.0", "license": "MPL-2.0",
"dependencies": {}, "dependencies": {
"@root/request": "^1.3.11"
},
"devDependencies": { "devDependencies": {
"acme-dns-01-test": "^3.2.1" "acme-dns-01-test": "^3.2.0"
} }
} }