diff --git a/README.md b/README.md
index e02eff0c7a..e7326cba09 100644
--- a/README.md
+++ b/README.md
@@ -197,77 +197,77 @@ Detailed documentation is available [here](https://go-acme.github.io/lego/dns).
| Nicmanager |
NIFCloud |
Njalla |
- Nodion |
+ No-IP |
+ | Nodion |
NS1 |
Octenium |
Open Telekom Cloud |
- Oracle Cloud |
+ | Oracle Cloud |
OVH |
plesk.com |
Porkbun |
- PowerDNS |
+ | PowerDNS |
Rackspace |
Rain Yun/雨云 |
RcodeZero |
- reg.ru |
+ | reg.ru |
Regfish |
RFC2136 |
RimuHosting |
- RU CENTER |
+ | RU CENTER |
Sakura Cloud |
Scaleway |
Selectel |
- Selectel v2 |
+ | Selectel v2 |
SelfHost.(de|eu) |
Servercow |
Shellrent |
- Simply.com |
+ | Simply.com |
Sonic |
Spaceship |
Stackpath |
- Technitium |
+ | Technitium |
Tencent Cloud DNS |
Tencent EdgeOne |
Timeweb Cloud |
- TransIP |
+ | TransIP |
UKFast SafeDNS |
Ultradns |
Variomedia |
- VegaDNS |
+ | VegaDNS |
Vercel |
Versio.[nl|eu|uk] |
VinylDNS |
- VK Cloud |
+ | VK Cloud |
Volcano Engine/火山引擎 |
Vscale |
Vultr |
- Webnames |
+ | Webnames |
Websupport |
WEDOS |
West.cn/西部数码 |
- Yandex 360 |
+ | Yandex 360 |
Yandex Cloud |
Yandex PDD |
Zone.ee |
- ZoneEdit |
+ | ZoneEdit |
Zonomi |
|
|
- |
diff --git a/cmd/zz_gen_cmd_dnshelp.go b/cmd/zz_gen_cmd_dnshelp.go
index 4c76a0f517..cc98bd1dd2 100644
--- a/cmd/zz_gen_cmd_dnshelp.go
+++ b/cmd/zz_gen_cmd_dnshelp.go
@@ -125,6 +125,7 @@ func allDNSCodes() string {
"nifcloud",
"njalla",
"nodion",
+ "noip",
"ns1",
"octenium",
"oraclecloud",
@@ -2577,6 +2578,26 @@ func displayDNSHelp(w io.Writer, name string) error {
ew.writeln()
ew.writeln(`More information: https://go-acme.github.io/lego/dns/nodion`)
+ case "noip":
+ // generated from: providers/dns/noip/noip.toml
+ ew.writeln(`Configuration for No-IP.`)
+ ew.writeln(`Code: 'noip'`)
+ ew.writeln(`Since: 'v4.28.0'`)
+ ew.writeln()
+
+ ew.writeln(`Credentials:`)
+ ew.writeln(` - "NOIP_API_KEY": API key`)
+ ew.writeln()
+
+ ew.writeln(`Additional Configuration:`)
+ ew.writeln(` - "NOIP_HTTP_TIMEOUT": API request timeout in seconds (Default: 30)`)
+ ew.writeln(` - "NOIP_POLLING_INTERVAL": Time between DNS propagation check in seconds (Default: 2)`)
+ ew.writeln(` - "NOIP_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation in seconds (Default: 60)`)
+ ew.writeln(` - "NOIP_TTL": The TTL of the TXT record used for the DNS challenge in seconds (Default: 120)`)
+
+ ew.writeln()
+ ew.writeln(`More information: https://go-acme.github.io/lego/dns/noip`)
+
case "ns1":
// generated from: providers/dns/ns1/ns1.toml
ew.writeln(`Configuration for NS1.`)
diff --git a/docs/content/dns/zz_gen_noip.md b/docs/content/dns/zz_gen_noip.md
new file mode 100644
index 0000000000..d5b4e6edaa
--- /dev/null
+++ b/docs/content/dns/zz_gen_noip.md
@@ -0,0 +1,67 @@
+---
+title: "No-IP"
+date: 2019-03-03T16:39:46+01:00
+draft: false
+slug: noip
+dnsprovider:
+ since: "v4.28.0"
+ code: "noip"
+ url: "https://www.noip.com/"
+---
+
+
+
+
+
+
+Configuration for [No-IP](https://www.noip.com/).
+
+
+
+
+- Code: `noip`
+- Since: v4.28.0
+
+
+Here is an example bash command using the No-IP provider:
+
+```bash
+NOIP_API_KEY="xxxxxxxxxxxxxxxxxxxxx" \
+lego --email you@example.com --dns noip -d '*.example.com' -d example.com run
+```
+
+
+
+
+## Credentials
+
+| Environment Variable Name | Description |
+|-----------------------|-------------|
+| `NOIP_API_KEY` | API key |
+
+The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
+More information [here]({{% ref "dns#configuration-and-credentials" %}}).
+
+
+## Additional Configuration
+
+| Environment Variable Name | Description |
+|--------------------------------|-------------|
+| `NOIP_HTTP_TIMEOUT` | API request timeout in seconds (Default: 30) |
+| `NOIP_POLLING_INTERVAL` | Time between DNS propagation check in seconds (Default: 2) |
+| `NOIP_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation in seconds (Default: 60) |
+| `NOIP_TTL` | The TTL of the TXT record used for the DNS challenge in seconds (Default: 120) |
+
+The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
+More information [here]({{% ref "dns#configuration-and-credentials" %}}).
+
+
+
+
+## More information
+
+- [API documentation](https://developer.noip.com/reference/v1-dns-records-list-names)
+
+
+
+
diff --git a/docs/data/zz_cli_help.toml b/docs/data/zz_cli_help.toml
index bebc8b7633..115d31046d 100644
--- a/docs/data/zz_cli_help.toml
+++ b/docs/data/zz_cli_help.toml
@@ -152,7 +152,7 @@ To display the documentation for a specific DNS provider, run:
$ lego dnshelp -c code
Supported DNS providers:
- acme-dns, active24, alidns, allinkl, anexia, arvancloud, auroradns, autodns, axelname, azion, azure, azuredns, baiducloud, beget, binarylane, bindman, bluecat, bookmyname, brandit, bunny, checkdomain, civo, clouddns, cloudflare, cloudns, cloudru, cloudxns, conoha, conohav3, constellix, corenetworks, cpanel, derak, desec, designate, digitalocean, directadmin, dnshomede, dnsimple, dnsmadeeasy, dnspod, dode, domeneshop, dreamhost, duckdns, dyn, dyndnsfree, dynu, easydns, edgedns, edgeone, efficientip, epik, exec, exoscale, f5xc, freemyip, gandi, gandiv5, gcloud, gcore, glesys, godaddy, googledomains, hetzner, hostingde, hostinger, hosttech, httpnet, httpreq, huaweicloud, hurricane, hyperone, ibmcloud, iij, iijdpf, infoblox, infomaniak, internetbs, inwx, ionos, ipv64, iwantmyname, joker, keyhelp, liara, lightsail, limacity, linode, liquidweb, loopia, luadns, mailinabox, manageengine, manual, metaname, metaregistrar, mijnhost, mittwald, myaddr, mydnsjp, mythicbeasts, namecheap, namedotcom, namesilo, nearlyfreespeech, netcup, netlify, nicmanager, nicru, nifcloud, njalla, nodion, ns1, octenium, oraclecloud, otc, ovh, pdns, plesk, porkbun, rackspace, rainyun, rcodezero, regfish, regru, rfc2136, rimuhosting, route53, safedns, sakuracloud, scaleway, selectel, selectelv2, selfhostde, servercow, shellrent, simply, sonic, spaceship, stackpath, technitium, tencentcloud, timewebcloud, transip, ultradns, variomedia, vegadns, vercel, versio, vinyldns, vkcloud, volcengine, vscale, vultr, webnames, websupport, wedos, westcn, yandex, yandex360, yandexcloud, zoneedit, zoneee, zonomi
+ acme-dns, active24, alidns, allinkl, anexia, arvancloud, auroradns, autodns, axelname, azion, azure, azuredns, baiducloud, beget, binarylane, bindman, bluecat, bookmyname, brandit, bunny, checkdomain, civo, clouddns, cloudflare, cloudns, cloudru, cloudxns, conoha, conohav3, constellix, corenetworks, cpanel, derak, desec, designate, digitalocean, directadmin, dnshomede, dnsimple, dnsmadeeasy, dnspod, dode, domeneshop, dreamhost, duckdns, dyn, dyndnsfree, dynu, easydns, edgedns, edgeone, efficientip, epik, exec, exoscale, f5xc, freemyip, gandi, gandiv5, gcloud, gcore, glesys, godaddy, googledomains, hetzner, hostingde, hostinger, hosttech, httpnet, httpreq, huaweicloud, hurricane, hyperone, ibmcloud, iij, iijdpf, infoblox, infomaniak, internetbs, inwx, ionos, ipv64, iwantmyname, joker, keyhelp, liara, lightsail, limacity, linode, liquidweb, loopia, luadns, mailinabox, manageengine, manual, metaname, metaregistrar, mijnhost, mittwald, myaddr, mydnsjp, mythicbeasts, namecheap, namedotcom, namesilo, nearlyfreespeech, netcup, netlify, nicmanager, nicru, nifcloud, njalla, nodion, noip, ns1, octenium, oraclecloud, otc, ovh, pdns, plesk, porkbun, rackspace, rainyun, rcodezero, regfish, regru, rfc2136, rimuhosting, route53, safedns, sakuracloud, scaleway, selectel, selectelv2, selfhostde, servercow, shellrent, simply, sonic, spaceship, stackpath, technitium, tencentcloud, timewebcloud, transip, ultradns, variomedia, vegadns, vercel, versio, vinyldns, vkcloud, volcengine, vscale, vultr, webnames, websupport, wedos, westcn, yandex, yandex360, yandexcloud, zoneedit, zoneee, zonomi
More information: https://go-acme.github.io/lego/dns
"""
diff --git a/providers/dns/noip/internal/client.go b/providers/dns/noip/internal/client.go
new file mode 100644
index 0000000000..5d18ed5921
--- /dev/null
+++ b/providers/dns/noip/internal/client.go
@@ -0,0 +1,144 @@
+package internal
+
+import (
+ "bytes"
+ "context"
+ "encoding/json"
+ "fmt"
+ "io"
+ "net/http"
+ "net/url"
+ "time"
+
+ "github.com/go-acme/lego/v4/providers/dns/internal/errutils"
+ "github.com/go-acme/lego/v4/providers/dns/internal/useragent"
+ "golang.org/x/oauth2"
+)
+
+const defaultBaseURL = "https://api.noip.com"
+
+// Client the No-IP API client.
+type Client struct {
+ BaseURL *url.URL
+ httpClient *http.Client
+}
+
+// NewClient creates a new Client.
+func NewClient(hc *http.Client) (*Client, error) {
+ baseURL, _ := url.Parse(defaultBaseURL)
+ if hc == nil {
+ hc = &http.Client{Timeout: 10 * time.Second}
+ }
+
+ return &Client{
+ BaseURL: baseURL,
+ httpClient: hc,
+ }, nil
+}
+
+// CreateRData creates a record.
+// https://developer.noip.com/reference/v1-dns-records-create-rdata
+func (c *Client) CreateRData(ctx context.Context, zone, name, dnsType string, data RData) error {
+ endpoint := c.BaseURL.JoinPath("v1", "dns", "records", zone, name, "rrsets", dnsType, "rdata")
+
+ req, err := newJSONRequest(ctx, http.MethodPost, endpoint, []RData{data})
+ if err != nil {
+ return err
+ }
+
+ return c.do(req, nil)
+}
+
+// DeleteRDataByLabel deletes a record by label.
+// https://developer.noip.com/reference/v1-dns-records-delete-rdata-by-label
+func (c *Client) DeleteRDataByLabel(ctx context.Context, zone, name, dnsType, label string) error {
+ endpoint := c.BaseURL.JoinPath("v1", "dns", "records", zone, name, "rrsets", dnsType, "rdata", label)
+
+ req, err := newJSONRequest(ctx, http.MethodDelete, endpoint, nil)
+ if err != nil {
+ return err
+ }
+
+ return c.do(req, nil)
+}
+
+func (c *Client) do(req *http.Request, result any) error {
+ useragent.SetHeader(req.Header)
+
+ resp, err := c.httpClient.Do(req)
+ if err != nil {
+ return errutils.NewHTTPDoError(req, err)
+ }
+
+ defer func() { _ = resp.Body.Close() }()
+
+ if resp.StatusCode/100 != 2 {
+ return parseError(req, resp)
+ }
+
+ if result == nil {
+ return nil
+ }
+
+ raw, err := io.ReadAll(resp.Body)
+ if err != nil {
+ return errutils.NewReadResponseError(req, resp.StatusCode, err)
+ }
+
+ err = json.Unmarshal(raw, result)
+ if err != nil {
+ return errutils.NewUnmarshalError(req, resp.StatusCode, raw, err)
+ }
+
+ return nil
+}
+
+func newJSONRequest(ctx context.Context, method string, endpoint *url.URL, payload any) (*http.Request, error) {
+ buf := new(bytes.Buffer)
+
+ if payload != nil {
+ err := json.NewEncoder(buf).Encode(payload)
+ if err != nil {
+ return nil, fmt.Errorf("failed to create request JSON body: %w", err)
+ }
+ }
+
+ req, err := http.NewRequestWithContext(ctx, method, endpoint.String(), buf)
+ if err != nil {
+ return nil, fmt.Errorf("unable to create request: %w", err)
+ }
+
+ req.Header.Set("Accept", "application/json")
+
+ if payload != nil {
+ req.Header.Set("Content-Type", "application/json")
+ }
+
+ return req, nil
+}
+
+func parseError(req *http.Request, resp *http.Response) error {
+ raw, _ := io.ReadAll(resp.Body)
+
+ var apiResp APIResponse[any]
+
+ err := json.Unmarshal(raw, &apiResp)
+ if err != nil {
+ return errutils.NewUnexpectedStatusCodeError(req, resp.StatusCode, raw)
+ }
+
+ return fmt.Errorf("[status code %d] %w", resp.StatusCode, apiResp.Errors)
+}
+
+func OAuthStaticAccessToken(client *http.Client, accessToken string) *http.Client {
+ if client == nil {
+ client = &http.Client{Timeout: 5 * time.Second}
+ }
+
+ client.Transport = &oauth2.Transport{
+ Source: oauth2.StaticTokenSource(&oauth2.Token{AccessToken: accessToken}),
+ Base: client.Transport,
+ }
+
+ return client
+}
diff --git a/providers/dns/noip/internal/client_test.go b/providers/dns/noip/internal/client_test.go
new file mode 100644
index 0000000000..7314a4c456
--- /dev/null
+++ b/providers/dns/noip/internal/client_test.go
@@ -0,0 +1,71 @@
+package internal
+
+import (
+ "net/http"
+ "net/http/httptest"
+ "net/url"
+ "testing"
+
+ "github.com/go-acme/lego/v4/platform/tester/servermock"
+ "github.com/stretchr/testify/require"
+)
+
+func mockBuilder() *servermock.Builder[*Client] {
+ return servermock.NewBuilder[*Client](
+ func(server *httptest.Server) (*Client, error) {
+ client, err := NewClient(OAuthStaticAccessToken(server.Client(), "secret"))
+ if err != nil {
+ return nil, err
+ }
+
+ client.BaseURL, _ = url.Parse(server.URL)
+
+ return client, nil
+ },
+ servermock.CheckHeader().
+ WithJSONHeaders().
+ WithAuthorization("Bearer secret"),
+ )
+}
+
+func TestClient_CreateRData(t *testing.T) {
+ client := mockBuilder().
+ Route("POST /v1/dns/records/example.com/foo/rrsets/TXT/rdata",
+ servermock.Noop(),
+ servermock.CheckRequestJSONBody(`[{"value":"txtTXTtxt","label":"mylabel"}]`)).
+ Build(t)
+
+ data := RData{
+ Value: "txtTXTtxt",
+ Label: "mylabel",
+ }
+
+ err := client.CreateRData(t.Context(), "example.com", "foo", "TXT", data)
+ require.NoError(t, err)
+}
+
+func TestClient_CreateRData_error(t *testing.T) {
+ client := mockBuilder().
+ Route("POST /v1/dns/records/example.com/foo/rrsets/TXT/rdata",
+ servermock.ResponseFromFixture("full.json").
+ WithStatusCode(http.StatusUnauthorized)).
+ Build(t)
+
+ data := RData{
+ Value: "txtTXTtxt",
+ Label: "mylabel",
+ }
+
+ err := client.CreateRData(t.Context(), "example.com", "foo", "TXT", data)
+ require.EqualError(t, err, "[status code 401] id: err_eXgLfYUj, code: 2451, title: invalid request query, detail: unknown variant `summary`, expected `detail` or `name_only`, location: query; id: err_oWfehpGt, code: 3809, title: invalid url encoded request body")
+}
+
+func TestClient_DeleteRDataByLabel(t *testing.T) {
+ client := mockBuilder().
+ Route("DELETE /v1/dns/records/example.com/foo/rrsets/TXT/rdata/mylabel",
+ servermock.Noop()).
+ Build(t)
+
+ err := client.DeleteRDataByLabel(t.Context(), "example.com", "foo", "TXT", "mylabel")
+ require.NoError(t, err)
+}
diff --git a/providers/dns/noip/internal/fixtures/full.json b/providers/dns/noip/internal/fixtures/full.json
new file mode 100644
index 0000000000..95becfe99b
--- /dev/null
+++ b/providers/dns/noip/internal/fixtures/full.json
@@ -0,0 +1,35 @@
+{
+ "data": [
+ {
+ "name": "example.com",
+ "created_at": "2019-08-24T14:15:22Z",
+ "updated_at": "2024-08-24T14:15:22Z"
+ }
+ ],
+ "page": {
+ "limit": 0,
+ "offset": 0,
+ "total": 10
+ },
+ "errors": [
+ {
+ "id": "err_eXgLfYUj",
+ "code": "2451",
+ "title": "invalid request query",
+ "detail": "unknown variant `summary`, expected `detail` or `name_only`",
+ "location": "query"
+ },
+ {
+ "id": "err_oWfehpGt",
+ "code": "3809",
+ "title": "invalid url encoded request body"
+ }
+ ],
+ "warnings": [
+ {
+ "title": "Resource expiring soon",
+ "code": "W1001",
+ "detail": "The related resource will expire soon"
+ }
+ ]
+}
diff --git a/providers/dns/noip/internal/types.go b/providers/dns/noip/internal/types.go
new file mode 100644
index 0000000000..24ee2c253b
--- /dev/null
+++ b/providers/dns/noip/internal/types.go
@@ -0,0 +1,78 @@
+package internal
+
+import "strings"
+
+type APIResponse[T any] struct {
+ Data T `json:"data,omitempty"`
+ Page *Page `json:"page,omitempty"`
+ Errors Errors `json:"errors,omitempty"`
+ Warnings []Warning `json:"warnings,omitempty"`
+}
+
+type Errors []Error
+
+func (e Errors) Error() string {
+ if e == nil {
+ return "API error"
+ }
+
+ var allMsg []string
+
+ for _, item := range e {
+ var msg []string
+
+ if item.ID != "" {
+ msg = append(msg, "id: "+item.ID)
+ }
+
+ if item.Code != "" {
+ msg = append(msg, "code: "+item.Code)
+ }
+
+ if item.Title != "" {
+ msg = append(msg, "title: "+item.Title)
+ }
+
+ if item.Detail != "" {
+ msg = append(msg, "detail: "+item.Detail)
+ }
+
+ if item.Location != "" {
+ msg = append(msg, "location: "+item.Location)
+ }
+
+ if item.Pointer != "" {
+ msg = append(msg, "pointer: "+item.Pointer)
+ }
+
+ allMsg = append(allMsg, strings.Join(msg, ", "))
+ }
+
+ return strings.Join(allMsg, "; ")
+}
+
+type Error struct {
+ ID string `json:"id,omitempty"`
+ Code string `json:"code,omitempty"`
+ Title string `json:"title,omitempty"`
+ Detail string `json:"detail,omitempty"`
+ Location string `json:"location,omitempty"`
+ Pointer string `json:"pointer,omitempty"`
+}
+
+type Warning struct {
+ Title string `json:"title,omitempty"`
+ Code string `json:"code,omitempty"`
+ Detail string `json:"detail,omitempty"`
+}
+
+type Page struct {
+ Limit int `json:"limit,omitempty"`
+ Offset int `json:"offset,omitempty"`
+ Total int `json:"total,omitempty"`
+}
+
+type RData struct {
+ Value string `json:"value,omitempty"`
+ Label string `json:"label,omitempty"`
+}
diff --git a/providers/dns/noip/noip.go b/providers/dns/noip/noip.go
new file mode 100644
index 0000000000..5a5aa1a98f
--- /dev/null
+++ b/providers/dns/noip/noip.go
@@ -0,0 +1,143 @@
+// Package noip implements a DNS provider for solving the DNS-01 challenge using No-IP.
+package noip
+
+import (
+ "context"
+ "errors"
+ "fmt"
+ "net/http"
+ "time"
+
+ "github.com/go-acme/lego/v4/challenge/dns01"
+ "github.com/go-acme/lego/v4/platform/config/env"
+ "github.com/go-acme/lego/v4/providers/dns/noip/internal"
+)
+
+// Environment variables names.
+const (
+ envNamespace = "NOIP_"
+
+ EnvAPIKey = envNamespace + "API_KEY"
+
+ EnvTTL = envNamespace + "TTL"
+ EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
+ EnvPollingInterval = envNamespace + "POLLING_INTERVAL"
+ EnvHTTPTimeout = envNamespace + "HTTP_TIMEOUT"
+)
+
+// Config is used to configure the creation of the DNSProvider.
+type Config struct {
+ APIKey string
+
+ PropagationTimeout time.Duration
+ PollingInterval time.Duration
+ TTL int
+ HTTPClient *http.Client
+}
+
+// NewDefaultConfig returns a default configuration for the DNSProvider.
+func NewDefaultConfig() *Config {
+ return &Config{
+ TTL: env.GetOrDefaultInt(EnvTTL, dns01.DefaultTTL),
+ PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, dns01.DefaultPropagationTimeout),
+ PollingInterval: env.GetOrDefaultSecond(EnvPollingInterval, dns01.DefaultPollingInterval),
+ HTTPClient: &http.Client{
+ Timeout: env.GetOrDefaultSecond(EnvHTTPTimeout, 30*time.Second),
+ },
+ }
+}
+
+// DNSProvider implements the challenge.Provider interface.
+type DNSProvider struct {
+ config *Config
+ client *internal.Client
+}
+
+// NewDNSProvider returns a DNSProvider instance configured for No-IP.
+func NewDNSProvider() (*DNSProvider, error) {
+ values, err := env.Get(EnvAPIKey)
+ if err != nil {
+ return nil, fmt.Errorf("noip: %w", err)
+ }
+
+ config := NewDefaultConfig()
+ config.APIKey = values[EnvAPIKey]
+
+ return NewDNSProviderConfig(config)
+}
+
+// NewDNSProviderConfig return a DNSProvider instance configured for No-IP.
+func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
+ if config == nil {
+ return nil, errors.New("noip: the configuration of the DNS provider is nil")
+ }
+
+ if config.APIKey == "" {
+ return nil, errors.New("noip: credentials missing")
+ }
+
+ client, err := internal.NewClient(internal.OAuthStaticAccessToken(config.HTTPClient, config.APIKey))
+ if err != nil {
+ return nil, fmt.Errorf("noip: %w", err)
+ }
+
+ return &DNSProvider{
+ config: config,
+ client: client,
+ }, nil
+}
+
+// Present creates a TXT record using the specified parameters.
+func (d *DNSProvider) Present(domain, token, keyAuth string) error {
+ info := dns01.GetChallengeInfo(domain, keyAuth)
+
+ authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
+ if err != nil {
+ return fmt.Errorf("noip: could not find zone for domain %q: %w", domain, err)
+ }
+
+ subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
+ if err != nil {
+ return fmt.Errorf("noip: %w", err)
+ }
+
+ data := internal.RData{
+ Value: info.Value,
+ Label: token,
+ }
+
+ err = d.client.CreateRData(context.Background(), dns01.UnFqdn(authZone), subDomain, "TXT", data)
+ if err != nil {
+ return fmt.Errorf("noip: %w", err)
+ }
+
+ return nil
+}
+
+// CleanUp removes the TXT record matching the specified parameters.
+func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
+ info := dns01.GetChallengeInfo(domain, keyAuth)
+
+ authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
+ if err != nil {
+ return fmt.Errorf("noip: could not find zone for domain %q: %w", domain, err)
+ }
+
+ subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
+ if err != nil {
+ return fmt.Errorf("noip: %w", err)
+ }
+
+ err = d.client.DeleteRDataByLabel(context.Background(), dns01.UnFqdn(authZone), subDomain, "TXT", token)
+ if err != nil {
+ return fmt.Errorf("noip: %w", err)
+ }
+
+ return nil
+}
+
+// Timeout returns the timeout and interval to use when checking for DNS propagation.
+// Adjusting here to cope with spikes in propagation times.
+func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
+ return d.config.PropagationTimeout, d.config.PollingInterval
+}
diff --git a/providers/dns/noip/noip.toml b/providers/dns/noip/noip.toml
new file mode 100644
index 0000000000..b44dbf58bc
--- /dev/null
+++ b/providers/dns/noip/noip.toml
@@ -0,0 +1,22 @@
+Name = "No-IP"
+Description = ''''''
+URL = "https://www.noip.com/"
+Code = "noip"
+Since = "v4.28.0"
+
+Example = '''
+NOIP_API_KEY="xxxxxxxxxxxxxxxxxxxxx" \
+lego --email you@example.com --dns noip -d '*.example.com' -d example.com run
+'''
+
+[Configuration]
+ [Configuration.Credentials]
+ NOIP_API_KEY = "API key"
+ [Configuration.Additional]
+ NOIP_POLLING_INTERVAL = "Time between DNS propagation check in seconds (Default: 2)"
+ NOIP_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation in seconds (Default: 60)"
+ NOIP_TTL = "The TTL of the TXT record used for the DNS challenge in seconds (Default: 120)"
+ NOIP_HTTP_TIMEOUT = "API request timeout in seconds (Default: 30)"
+
+[Links]
+ API = "https://developer.noip.com/reference/v1-dns-records-list-names"
diff --git a/providers/dns/noip/noip_test.go b/providers/dns/noip/noip_test.go
new file mode 100644
index 0000000000..4c89f27479
--- /dev/null
+++ b/providers/dns/noip/noip_test.go
@@ -0,0 +1,160 @@
+package noip
+
+import (
+ "net/http"
+ "net/http/httptest"
+ "net/url"
+ "testing"
+
+ "github.com/go-acme/lego/v4/platform/tester"
+ "github.com/go-acme/lego/v4/platform/tester/servermock"
+ "github.com/stretchr/testify/require"
+)
+
+const envDomain = envNamespace + "DOMAIN"
+
+var envTest = tester.NewEnvTest(EnvAPIKey).WithDomain(envDomain)
+
+func TestNewDNSProvider(t *testing.T) {
+ testCases := []struct {
+ desc string
+ envVars map[string]string
+ expected string
+ }{
+ {
+ desc: "success",
+ envVars: map[string]string{
+ EnvAPIKey: "secret",
+ },
+ },
+ {
+ desc: "missing credentials",
+ envVars: map[string]string{},
+ expected: "noip: some credentials information are missing: NOIP_API_KEY",
+ },
+ }
+
+ for _, test := range testCases {
+ t.Run(test.desc, func(t *testing.T) {
+ defer envTest.RestoreEnv()
+ envTest.ClearEnv()
+
+ envTest.Apply(test.envVars)
+
+ p, err := NewDNSProvider()
+
+ if test.expected == "" {
+ require.NoError(t, err)
+ require.NotNil(t, p)
+ require.NotNil(t, p.config)
+ require.NotNil(t, p.client)
+ } else {
+ require.EqualError(t, err, test.expected)
+ }
+ })
+ }
+}
+
+func TestNewDNSProviderConfig(t *testing.T) {
+ testCases := []struct {
+ desc string
+ apiKey string
+ expected string
+ }{
+ {
+ desc: "success",
+ apiKey: "secret",
+ },
+ {
+ desc: "missing credentials",
+ expected: "noip: credentials missing",
+ },
+ }
+
+ for _, test := range testCases {
+ t.Run(test.desc, func(t *testing.T) {
+ config := NewDefaultConfig()
+ config.APIKey = test.apiKey
+
+ p, err := NewDNSProviderConfig(config)
+
+ if test.expected == "" {
+ require.NoError(t, err)
+ require.NotNil(t, p)
+ require.NotNil(t, p.config)
+ require.NotNil(t, p.client)
+ } else {
+ require.EqualError(t, err, test.expected)
+ }
+ })
+ }
+}
+
+func TestLivePresent(t *testing.T) {
+ if !envTest.IsLiveTest() {
+ t.Skip("skipping live test")
+ }
+
+ envTest.RestoreEnv()
+ provider, err := NewDNSProvider()
+ require.NoError(t, err)
+
+ err = provider.Present(envTest.GetDomain(), "", "123d==")
+ require.NoError(t, err)
+}
+
+func TestLiveCleanUp(t *testing.T) {
+ if !envTest.IsLiveTest() {
+ t.Skip("skipping live test")
+ }
+
+ envTest.RestoreEnv()
+ provider, err := NewDNSProvider()
+ require.NoError(t, err)
+
+ err = provider.CleanUp(envTest.GetDomain(), "", "123d==")
+ require.NoError(t, err)
+}
+
+func mockBuilder() *servermock.Builder[*DNSProvider] {
+ return servermock.NewBuilder(
+ func(server *httptest.Server) (*DNSProvider, error) {
+ config := NewDefaultConfig()
+ config.APIKey = "secret"
+ config.HTTPClient = server.Client()
+
+ p, err := NewDNSProviderConfig(config)
+ if err != nil {
+ return nil, err
+ }
+
+ p.client.BaseURL, _ = url.Parse(server.URL)
+
+ return p, nil
+ },
+ servermock.CheckHeader().
+ WithJSONHeaders(),
+ )
+}
+
+func TestDNSProvider_Present(t *testing.T) {
+ provider := mockBuilder().
+ Route("POST /v1/dns/records/example.com/_acme-challenge/rrsets/TXT/rdata",
+ servermock.Noop().
+ WithStatusCode(http.StatusCreated),
+ servermock.CheckRequestJSONBody(`[{"value":"ADw2sEd82DUgXcQ9hNBZThJs7zVJkR5v9JeSbAb9mZY","label":"abc"}]`)).
+ Build(t)
+
+ err := provider.Present("example.com", "abc", "123d==")
+ require.NoError(t, err)
+}
+
+func TestDNSProvider_CleanUp(t *testing.T) {
+ provider := mockBuilder().
+ Route("DELETE /v1/dns/records/example.com/_acme-challenge/rrsets/TXT/rdata/abc",
+ servermock.Noop()).
+ Build(t)
+
+ err := provider.CleanUp("example.com", "abc", "123d==")
+ require.NoError(t, err)
+}
diff --git a/providers/dns/zz_gen_dns_providers.go b/providers/dns/zz_gen_dns_providers.go
index 5cb428eb12..0b5121e8de 100644
--- a/providers/dns/zz_gen_dns_providers.go
+++ b/providers/dns/zz_gen_dns_providers.go
@@ -119,6 +119,7 @@ import (
"github.com/go-acme/lego/v4/providers/dns/nifcloud"
"github.com/go-acme/lego/v4/providers/dns/njalla"
"github.com/go-acme/lego/v4/providers/dns/nodion"
+ "github.com/go-acme/lego/v4/providers/dns/noip"
"github.com/go-acme/lego/v4/providers/dns/ns1"
"github.com/go-acme/lego/v4/providers/dns/octenium"
"github.com/go-acme/lego/v4/providers/dns/oraclecloud"
@@ -402,6 +403,8 @@ func NewDNSChallengeProviderByName(name string) (challenge.Provider, error) {
return njalla.NewDNSProvider()
case "nodion":
return nodion.NewDNSProvider()
+ case "noip":
+ return noip.NewDNSProvider()
case "ns1":
return ns1.NewDNSProvider()
case "octenium":