tls: Slight adjustment to how DNS provider modules are loaded

We don't load the provider directly, because the lego provider types
aren't designed for JSON configuration and they are not implemented
as Caddy modules (there are some setup steps which a Provision call
would need to do, but they do not have Provision methods, they have
their own constructor functions that we have to wrap).

Instead of loading the challenge providers directly, the modules are
simple wrappers over the challenge providers, to facilitate the JSON
config structure and to provide a consistent experience. This also lets
us swap out the underlying challenge providers transparently if needed;
it acts as a layer of abstraction.

1 files changed, 11 insertions, 1 deletions

diff --git a/modules/caddytls/acmemanager.go b/modules/caddytls/acmemanager.go
index 8e60183..df73545 100644
--- a/modules/caddytls/acmemanager.go
+++ b/modules/caddytls/acmemanager.go
@@ -111,7 +111,11 @@ func (m *ACMEManagerMaker) Provision(ctx caddy.Context) error {
 		if err != nil {
 			return fmt.Errorf("loading DNS provider module: %v", err)
 		}
-		m.Challenges.DNS = val.(challenge.Provider)
+		prov, err := val.(DNSProviderMaker).NewDNSProvider()
+		if err != nil {
+			return fmt.Errorf("making DNS provider: %v", err)
+		}
+		m.Challenges.DNS = prov
 	}
 
 	// policy-specific storage implementation
@@ -238,5 +242,11 @@ func onDemandAskRequest(ask string, name string) error {
 	return nil
 }
 
+// DNSProviderMaker is a type that can create a new DNS provider.
+// Modules in the tls.dns namespace should implement this interface.
+type DNSProviderMaker interface {
+	NewDNSProvider() (challenge.Provider, error)
+}
+
 // Interface guard
 var _ ManagerMaker = (*ACMEManagerMaker)(nil)