diff --git a/documentation/providers.md b/documentation/providers.md index 72c99e725..b3ef72fff 100644 --- a/documentation/providers.md +++ b/documentation/providers.md @@ -35,7 +35,7 @@ If a feature is definitively not supported for whatever reason, we would also li | [`EXOSCALE`](providers/exoscale.md) | ❌ | ✅ | ❌ | ❌ | ✅ | ✅ | ❔ | ❌ | ❔ | ✅ | ❔ | ✅ | ❔ | ❌ | ❔ | ❔ | ❔ | ❌ | ❌ | ❔ | | [`GANDI_V5`](providers/gandi_v5.md) | ❌ | ✅ | ✅ | ❌ | ✅ | ✅ | ❔ | ❌ | ❔ | ✅ | ❔ | ✅ | ✅ | ✅ | ❌ | ❔ | ❔ | ❔ | ❌ | ✅ | | [`GCLOUD`](providers/gcloud.md) | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ❔ | ❌ | ❔ | ✅ | ❔ | ✅ | ✅ | ✅ | ❔ | ❔ | ❔ | ✅ | ✅ | ✅ | -| [`GCORE`](providers/gcore.md) | ❌ | ✅ | ❌ | ❌ | ✅ | ✅ | ❌ | ❌ | ❌ | ✅ | ❔ | ✅ | ❌ | ❌ | ❌ | ❔ | ❔ | ✅ | ✅ | ✅ | +| [`GCORE`](providers/gcore.md) | ❌ | ✅ | ❌ | ❌ | ✅ | ✅ | ✅ | ❌ | ❌ | ✅ | ❔ | ✅ | ❌ | ❌ | ❌ | ❔ | ❔ | ✅ | ✅ | ✅ | | [`HEDNS`](providers/hedns.md) | ❌ | ✅ | ❌ | ❌ | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ❌ | ❌ | ❔ | ❔ | ✅ | ✅ | ✅ | | [`HETZNER`](providers/hetzner.md) | ❌ | ✅ | ❌ | ❌ | ❌ | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ | ✅ | ❌ | ✅ | ✅ | ❔ | ❔ | ✅ | ✅ | ✅ | | [`HEXONET`](providers/hexonet.md) | ❌ | ✅ | ✅ | ❌ | ❌ | ✅ | ❔ | ❔ | ❔ | ✅ | ❔ | ✅ | ❔ | ✅ | ❔ | ❔ | ❔ | ✅ | ✅ | ❔ | diff --git a/providers/gcore/gcoreExtend.go b/providers/gcore/gcoreExtend.go index a07cb6577..1cd4a4e3e 100644 --- a/providers/gcore/gcoreExtend.go +++ b/providers/gcore/gcoreExtend.go @@ -13,6 +13,14 @@ import ( dnssdk "github.com/G-Core/gcore-dns-sdk-go" ) +type gcoreZone struct { + DNSSECEnabled bool `json:"dnssec_enabled"` +} + +type gcoreDNSSECRequest struct { + Enabled bool `json:"enabled"` +} + type gcoreRRSets struct { RRSets []gcoreRRSetExtended `json:"rrsets"` } @@ -103,3 +111,29 @@ func (c *gcoreProvider) dnssdkRRSets(domain string) (gcoreRRSets, error) { return result, nil } + +func (c *gcoreProvider) dnssdkGetDNSSEC(domain string) (bool, error) { + var result gcoreZone + url := fmt.Sprintf("/v2/zones/%s", domain) + + err := dnssdkDo(c.ctx, c.provider, c.apiKey, http.MethodGet, url, nil, &result) + if err != nil { + return false, err + } + + return result.DNSSECEnabled, nil +} + +func (c *gcoreProvider) dnssdkSetDNSSEC(domain string, enabled bool) error { + var request gcoreDNSSECRequest + request.Enabled = enabled + + url := fmt.Sprintf("/v2/zones/%s/dnssec", domain) + + err := dnssdkDo(c.ctx, c.provider, c.apiKey, http.MethodPatch, url, request, nil) + if err != nil { + return err + } + + return nil +} diff --git a/providers/gcore/gcoreProvider.go b/providers/gcore/gcoreProvider.go index dcc223e10..9ea285558 100644 --- a/providers/gcore/gcoreProvider.go +++ b/providers/gcore/gcoreProvider.go @@ -43,7 +43,7 @@ func NewGCore(m map[string]string, metadata json.RawMessage) (providers.DNSServi var features = providers.DocumentationNotes{ // The default for unlisted capabilities is 'Cannot'. // See providers/capabilities.go for the entire list of capabilities. - providers.CanAutoDNSSEC: providers.Cannot(), + providers.CanAutoDNSSEC: providers.Can(), providers.CanGetZones: providers.Can(), providers.CanConcur: providers.Cannot(), providers.CanUseAlias: providers.Can(), @@ -189,6 +189,31 @@ func (c *gcoreProvider) GetZoneRecordsCorrections(dc *models.DomainConfig, exist } } + dnssecEnabled, err := c.dnssdkGetDNSSEC(dc.Name) + if err != nil { + return nil, err + } + + if !dnssecEnabled && dc.AutoDNSSEC == "on" { + // Copy all params to avoid overwrites + zone := dc.Name + corrections = append(corrections, &models.Correction{ + Msg: "Enable DNSSEC", + F: func() error { + return c.dnssdkSetDNSSEC(zone, true) + }, + }) + } else if dnssecEnabled && dc.AutoDNSSEC == "off" { + // Copy all params to avoid overwrites + zone := dc.Name + corrections = append(corrections, &models.Correction{ + Msg: "Disable DNSSEC", + F: func() error { + return c.dnssdkSetDNSSEC(zone, false) + }, + }) + } + result := append(reports, deletions...) result = append(result, corrections...) return result, nil