feat: add support for external dns plugins

mkdocs/docs/configuration/dns-providers.md

@@ -13,7 +13,11 @@ Without a configured DNS provider, these features will not be available to your
 
 ## Supported DNS providers
 
-ionscale uses the [libdns](https://github.com/libdns) libraries to support the following DNS providers:
+ionscale supports DNS providers through two methods:
+
+### Built-in providers (deprecated)
+
+ionscale includes built-in support for the following DNS providers using [libdns](https://github.com/libdns) libraries:
 
 - [Azure DNS](https://github.com/libdns/azure)
 - [Cloudflare](https://github.com/libdns/cloudflare)
@@ -21,18 +25,26 @@ ionscale uses the [libdns](https://github.com/libdns) libraries to support the f
 - [Google Cloud DNS](https://github.com/libdns/googleclouddns)
 - [Amazon Route 53](https://github.com/libdns/route53)
 
-!!! info "Provider availability"
-    These are the DNS providers supported at the time of this writing. Since ionscale uses the libdns ecosystem, additional providers may be added in future releases as the ecosystem expands.
-    
-    If you need support for a different DNS provider, check the [libdns GitHub organization](https://github.com/libdns) for newly available providers or consider contributing an implementation for your provider.
+!!! warning "Built-in providers are deprecated"
+    The built-in DNS providers are deprecated and will be removed in a future release. Please migrate to external DNS plugins for continued support.
 
-!!! note "Future plugin system"
-    A plugin system for DNS providers is currently in the ideation phase. This would make it significantly easier to add and configure additional DNS providers without modifying the core ionscale code. Stay tuned for updates on this feature in future releases.
+### External DNS plugins (recommended)
+
+ionscale now supports external DNS plugins through a plugin system. This allows for:
+
+- **Extensibility**: Add support for any DNS provider without modifying ionscale
+- **Maintainability**: Plugins are maintained independently
+- **Flexibility**: Plugin configuration specific to each provider's needs
+
+!!! info "Plugin availability"
+    External DNS plugins implement the [libdns-plugin](https://github.com/libdns/libdns-plugin) interface. Official plugin implementations can be found in the [ionscale GitHub organization](https://github.com/ionscale) with repositories named `ionscale-<provider>-dns`. You can also create your own following the plugin specification.
 
 ## DNS provider configuration
 
 To configure a DNS provider, add the appropriate settings to your ionscale configuration file (`config.yaml`):
 
+### Built-in provider configuration
+
 ```yaml
 dns:
   # The base domain for MagicDNS FQDN hostnames
@@ -50,11 +62,31 @@ dns:
       # See provider-specific examples below
 ```
 
+### External plugin configuration
+
+```yaml
+dns:
+  # The base domain for MagicDNS FQDN hostnames
+  magic_dns_suffix: "ionscale.net"
+  
+  # DNS provider configuration for HTTPS certificates
+  provider:
+    # Path to your DNS plugin executable
+    plugin_path: "/path/to/your/dns-plugin"
+    # The DNS zone to use (typically your domain name)
+    zone: "example.com"
+    # Plugin-specific configuration (varies by plugin)
+    config:
+      # Plugin-specific credentials and settings go here
+      # See plugin documentation for configuration options
+```
+
 ### Important requirements
 
 1. The `magic_dns_suffix` must be a subdomain of the provider's zone (or the zone itself).
 2. MagicDNS must be enabled for the tailnet to use HTTPS certificates.
 3. You must have administrative access to the DNS zone to configure the provider.
+4. For external plugins, the plugin executable must be accessible and executable by the ionscale process.
 
 ## Provider-specific examples
 
@@ -142,6 +174,38 @@ dns:
 
 For DigitalOcean, create an API token with read and write access.
 
+## External DNS plugin examples
+
+### Using a hypothetical Cloudflare plugin
+
+```yaml
+dns:
+  magic_dns_suffix: "ts.example.com"
+  provider:
+    plugin_path: "/usr/local/bin/libdns-cloudflare-plugin"
+    zone: "example.com"
+    config:
+      api_token: "your-cloudflare-api-token"
+```
+
+### Using a custom DNS plugin
+
+```yaml
+dns:
+  magic_dns_suffix: "ts.example.com"
+  provider:
+    plugin_path: "/opt/dns-plugins/my-custom-provider"
+    zone: "example.com"
+    config:
+      # Configuration specific to your custom plugin
+      endpoint: "https://api.mydnsprovider.com"
+      api_key: "your-api-key"
+      custom_setting: "value"
+```
+
+!!! tip "Plugin development"
+    To create your own DNS plugin, implement the [libdns-plugin](https://github.com/libdns/libdns-plugin) interface. The plugin system uses HashiCorp's go-plugin framework for communication between ionscale and your plugin.
+
 ## Enabling HTTPS certificates for a tailnet
 
 After configuring a DNS provider in your ionscale server, you can enable HTTPS certificates for a tailnet:
@@ -168,9 +232,17 @@ To verify that your DNS provider is correctly configured:
 
 If you encounter issues with DNS provider integration:
 
+### General troubleshooting
+
 1. **Check DNS Provider Credentials**: Ensure the credentials in your configuration have sufficient permissions.
 2. **Verify Zone Configuration**: Make sure the zone in your configuration matches your actual DNS zone.
 3. **Check MagicDNS Settings**: Confirm that `magic_dns_suffix` is properly configured as a subdomain of your zone.
 4. **Review Server Logs**: The ionscale server logs may contain error messages related to DNS provider integration.
 5. **Test DNS Record Creation**: Some providers offer tools to test API access for creating and updating DNS records.
 
+### External plugin troubleshooting
+
+1. **Plugin Executable**: Ensure the plugin path is correct and the executable has proper permissions.
+2. **Plugin Logs**: Check both ionscale logs and any plugin-specific logs for error messages.
+3. **Plugin Health**: ionscale automatically restarts failed plugins, but persistent failures may indicate configuration issues.
+