security/acme-client: add support for Oracle Cloud Infrastructure DNS API (#3901)

* Add support for Oracle Cloud (OCI)
2026-05-28 04:34:15 -04:00 · 2024-04-09 21:58:10 +12:00 · 2024-04-09 21:58:10 +12:00 · d1d17ce43f
commit d1d17ce43f
parent 520960d435
3 changed files with 86 additions and 0 deletions
--- a/security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/forms/dialogValidation.xml
+++ b/security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/forms/dialogValidation.xml
@ -1108,6 +1108,32 @@
        <label><![CDATA[Please manually install the plugin "os-bind" to enable support for it.]]></label>
        <type>info</type>
    </field>
+    <field>
+        <label>Oracle Cloud Infrastructure (OCI)</label>
+        <type>header</type>
+        <style>table_dns table_dns_oci</style>
+    </field>
+    <field>
+        <id>validation.dns_oci_cli_user</id>
+        <label>OCID of the user calling the API</label>
+        <type>text</type>
+    </field>
+    <field>
+        <id>validation.dns_oci_cli_tenancy</id>
+        <label>OCID of your tenancy</label>
+        <type>text</type>
+    </field>
+    <field>
+        <id>validation.dns_oci_cli_region</id>
+        <label>Your OCI region</label>
+        <type>text</type>
+    </field>
+    <field>
+        <id>validation.dns_oci_cli_key</id>
+        <label>API Signing key in PEM format</label>
+        <type>textbox</type>
+        <help><![CDATA[Please refer to the <a href="https://github.com/acmesh-official/acme.sh/wiki/How-to-use-Oracle-Cloud-Infrastructure-DNS">acme.sh documentation</a> for further information.]]></help>
+    </field>
    <field>
        <label>OVH</label>
        <type>header</type>
--- a/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/DnsOci.php
+++ b/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/DnsOci.php
@ -0,0 +1,47 @@
+<?php
+
+/*
+ * Copyright (C) 2024 Alex Smith
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+namespace OPNsense\AcmeClient\LeValidation;
+
+use OPNsense\AcmeClient\LeValidationInterface;
+use OPNsense\Core\Config;
+
+/**
+ * OCI - Oracle Cloud Infrastructure API
+ * @package OPNsense\AcmeClient
+ */
+class DnsOci extends Base implements LeValidationInterface
+{
+    public function prepare()
+    {
+        $this->acme_env['OCI_CLI_USER'] = (string)$this->config->dns_oci_cli_user;
+        $this->acme_env['OCI_CLI_TENANCY'] = (string)$this->config->dns_oci_cli_tenancy;
+        $this->acme_env['OCI_CLI_REGION'] = (string)$this->config->dns_oci_cli_region;
+        $this->acme_env['OCI_CLI_KEY'] = (string)$this->config->dns_oci_cli_key;
+    }
+}
--- a/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml
+++ b/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml
@ -501,6 +501,7 @@
                        <dns_nsupdate>nsupdate (RFC 2136)</dns_nsupdate>
                        <dns_online>online.net</dns_online>
                        <dns_opnsense>OPNsense BIND Plugin</dns_opnsense>
+                        <dns_oci>Oracle Cloud Infrastructure (OCI)</dns_oci>
                        <dns_ovh>OVH, kimsufi, soyoustart and runabove</dns_ovh>
                        <dns_pdns>PowerDNS.com</dns_pdns>
                        <dns_pleskxml>Plesk</dns_pleskxml>
@ -953,6 +954,18 @@
                <dns_nsupdate_key type="TextField">
                    <Required>N</Required>
                </dns_nsupdate_key>
+                <dns_oci_cli_user type="TextField">
+                    <Required>N</Required>
+                </dns_oci_cli_user>
+                <dns_oci_cli_tenancy type="TextField">
+                    <Required>N</Required>
+                </dns_oci_cli_tenancy>
+                <dns_oci_cli_region type="TextField">
+                    <Required>N</Required>
+                </dns_oci_cli_region>
+                <dns_oci_cli_key type="TextField">
+                    <Required>N</Required>
+                </dns_oci_cli_key>
                <dns_online_key type="TextField">
                    <Required>N</Required>
                </dns_online_key>