Add DNS provider for RU Center

[AntonDzyk]

https://nic.ru/

Fixes #1891

[ldez]

Hello, in order for a PR adding a DNS provider to be accepted, you have to:

• add a description to your PR
• be able to maintain this provider
• have a homogeneous design with the other providers
• add tests (units)

make test

• add tests ("live")
  

  lego/providers/dns/cloudflare/cloudflare_test.go

  Lines 125 to 151 in c938de6

  	func TestLivePresent(t *testing.T) {
  	if !envTest.IsLiveTest() {
  	t.Skip("skipping live test")
  	}
  	envTest.RestoreEnv()
  	provider, err := NewDNSProvider()
  	require.NoError(t, err)
  	err = provider.Present(envTest.GetDomain(), "", "123d==")
  	require.NoError(t, err)
  	}
  	func TestLiveCleanUp(t *testing.T) {
  	if !envTest.IsLiveTest() {
  	t.Skip("skipping live test")
  	}
  	envTest.RestoreEnv()
  	provider, err := NewDNSProvider()
  	require.NoError(t, err)
  	time.Sleep(2 * time.Second)
  	err = provider.CleanUp(envTest.GetDomain(), "", "123d==")
  	require.NoError(t, err)
  	}

make test

• add a provider descriptor
• generate CLI help, documentation, and readme.

make generate-dns

• be able to do: (and put the output of this command to a comment in your PR)

rm -rf .lego

./lego -m [email protected] --dns YOUR_PROVIDER_NAME -d *.example.com -d example.com -s https://acme-staging-v02.api.letsencrypt.org/directory run

Note the wildcard domain is important.

• pass the linter (golangci-lint must be installed):

make checks

• do go mod tidy

[ldez]

Your PR was far away from the design of the other implementations, so I rewrite it and add tests on the client.

You can check my previous comment to know what are the next requirements.

[ldez]

ping @AntonDzyk

[ldez]

@AntonDzyk can you provide the missing information?
#1892 (comment)

[ldez]

ping @AntonDzyk

[ldez]

I'm still waiting for feedback @AntonDzyk.

---

If a user wants to help this PR by testing it, you are welcome to do so.

How to test this PR?

1. You need Go
2. Checkout the PR:

   git clone https://github.com/AntonDzyk/lego.git
   cd lego
   git checkout master

3. Compile lego:
   • if you have make: make build
   • if you don't make make: go build -o dist/lego ./cmd/lego
4. Run the following command with your own information (email, domain, credentials):

   NICRU_USER="<your_user>" \
   NICRU_PASSWORD="<your_password>" \
   NICRU_SERVICE_ID="<service_id>" \
   NICRU_SECRET="<service_secret>" \
   ./dist/lego --dns nicru --domains "*.example.com" -d *.example.com -d example.com -s https://acme-staging-v02.api.letsencrypt.org/directory run

   The wildcard domain is important
5. Before each run of the command, you should clean your local environment:

   rm -rf .lego

[ldez]

Remember, that I only have the API documentation.

I created a new implementation with automatic service name detection, can you try it?

[livebreakz]

Tried:

2024/11/25 16:11:01 [INFO] [gptev.ru] acme: Obtaining bundled SAN certificate
2024/11/25 16:11:01 [INFO] [gptev.ru] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz/173129704/15078976354
2024/11/25 16:11:01 [INFO] [gptev.ru] acme: Could not find solver for: tls-alpn-01
2024/11/25 16:11:01 [INFO] [gptev.ru] acme: Could not find solver for: http-01
2024/11/25 16:11:01 [INFO] [gptev.ru] acme: use dns-01 solver
2024/11/25 16:11:01 [INFO] [gptev.ru] acme: Preparing to solve DNS-01
2024/11/25 16:11:01 [INFO] findZone: gptev.ru
2024/11/25 16:11:01 [INFO] zones count: 0
2024/11/25 16:11:01 [INFO] [gptev.ru] acme: Cleaning DNS-01 challenge
2024/11/25 16:11:01 [INFO] findZone: gptev.ru
2024/11/25 16:11:01 [INFO] zones count: 0
2024/11/25 16:11:01 [WARN] [gptev.ru] acme: cleaning up failed: nicru: find zone: zone UUID not found for gptev.ru
2024/11/25 16:11:02 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz/173129704/15078976354
2024/11/25 16:11:02 Could not obtain certificates:
        error: one or more domains had a problem:
[gptev.ru] [gptev.ru] acme: error presenting token: nicru: find zone: zone UUID not found for gptev.ru

[ldez]

2024/11/25 16:11:01 [INFO] zones count: 0

The new call is trying to get all your zones, but you have 0 zones.

Have you created a zone?

[ldez]

I added a new log: all the API responses will be displayed.

[livebreakz]

2024/11/25 16:36:17 [INFO] findZone: gptev.ru
<?xml version="1.0" encoding="UTF-8" ?>
<response>
   <status>success</status>
</response>

2024/11/25 16:36:17 [INFO] zones count: 0
2024/11/25 16:36:17 [INFO] [gptev.ru] acme: Cleaning DNS-01 challenge
2024/11/25 16:36:17 [INFO] findZone: gptev.ru
<?xml version="1.0" encoding="UTF-8" ?>
<response>
   <status>success</status>
</response>

2024/11/25 16:36:18 [INFO] zones count: 0
2024/11/25 16:36:18 [WARN] [gptev.ru] acme: cleaning up failed: nicru: find zone: zone not found for gptev.ru
2024/11/25 16:36:18 [INFO] Deactivating auth: https://acme-staging-v02.api.letsencrypt.org/acme/authz/173133654/15079267514
2024/11/25 16:36:18 Could not obtain certificates:
        error: one or more domains had a problem:
[gptev.ru] [gptev.ru] acme: error presenting token: nicru: find zone: zone not found for gptev.ru

[ldez]

I don't understand what you are trying to show inside your screenshot because I am not able to read Russian.
I can only understand "DNS-master".

<?xml version="1.0" encoding="UTF-8" ?>
<response>
   <status>success</status>
</response>

So there are no zones 🤔

Maybe this is a problem with rights management 🤔
Is it a scope or something like that related to user/password or secret?

[livebreakz]

I don't understand what you are trying to show inside your screenshot because I am not able to read Russian. I can only understand "DNS-master".

i showed that option "DNS-master" is checked. Maybe it's the reason...

[ldez]

dns-master is the right option, based on what I can read inside the API documentation.

This is not a zone but a global element where zones are.

[ldez]

As you have the same problem with acme.sh, my guess is that the problem is related to your account/zone configuration and not to lego or acme.sh.

acmesh-official/acme.sh#2547 (comment)