update docc
This commit is contained in:
Helge
parent
867ad7a9c2
commit
6d5396cc58
3 changed files with 28 additions and 28 deletions
2
.vscode/launch.json
vendored
2
.vscode/launch.json
vendored
|
|
@ -10,7 +10,7 @@
|
||||||
"request": "launch",
|
"request": "launch",
|
||||||
"program": "/home/pi/dev/certbot/venv3/bin/certbot",
|
"program": "/home/pi/dev/certbot/venv3/bin/certbot",
|
||||||
"console": "integratedTerminal",
|
"console": "integratedTerminal",
|
||||||
"args": ["certonly", "-a", "dns-ionos", "-d", "*.erbehome.de", "--config-dir", "my_debug/config", "--work-dir", "my_debug/work", "--logs-dir", "my_debug/logs"]
|
"args": ["certonly", "-a", "dns-ionos", "-d", "*.erbehome.de", "--dns-ionos-credentials", "/home/pi/dev/certbot-dns-ionos/my_debug/secrets/credentials.ini", "--config-dir", "my_debug/config", "--work-dir", "my_debug/work", "--logs-dir", "my_debug/logs"]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
52
README.rst
52
README.rst
|
|
@ -1,12 +1,12 @@
|
||||||
certbot-dns-ispconfig
|
certbot-dns-ionos
|
||||||
=====================
|
=====================
|
||||||
|
|
||||||
ISPConfig_ DNS Authenticator plugin for Certbot
|
IONOS_ DNS Authenticator plugin for Certbot
|
||||||
|
|
||||||
This plugin automates the process of completing a ``dns-01`` challenge by
|
This plugin automates the process of completing a ``dns-01`` challenge by
|
||||||
creating, and subsequently removing, TXT records using the ISPConfig Remote API.
|
creating, and subsequently removing, TXT records using the IONOS Remote API.
|
||||||
|
|
||||||
Configuration of ISPConfig
|
Configuration of IONOS
|
||||||
---------------------------
|
---------------------------
|
||||||
|
|
||||||
In the `System -> Remote Users` you have to have a user, with the following rights
|
In the `System -> Remote Users` you have to have a user, with the following rights
|
||||||
|
|
@ -16,7 +16,7 @@ In the `System -> Remote Users` you have to have a user, with the following righ
|
||||||
- DNS txt functions
|
- DNS txt functions
|
||||||
|
|
||||||
|
|
||||||
.. _ISPConfig: https://www.ispconfig.org/
|
.. _IONOS: https://www.ionos.de/
|
||||||
.. _certbot: https://certbot.eff.org/
|
.. _certbot: https://certbot.eff.org/
|
||||||
|
|
||||||
Installation
|
Installation
|
||||||
|
|
@ -24,27 +24,27 @@ Installation
|
||||||
|
|
||||||
::
|
::
|
||||||
|
|
||||||
pip install certbot-dns-ispconfig
|
pip install certbot-dns-ionos
|
||||||
|
|
||||||
|
|
||||||
Named Arguments
|
Named Arguments
|
||||||
---------------
|
---------------
|
||||||
|
|
||||||
To start using DNS authentication for ispconfig, pass the following arguments on
|
To start using DNS authentication for ionos, pass the following arguments on
|
||||||
certbot's command line:
|
certbot's command line:
|
||||||
|
|
||||||
============================================================= ==============================================
|
============================================================= ==============================================
|
||||||
``--authenticator certbot-dns-ispconfig:dns-ispconfig`` select the authenticator plugin (Required)
|
``--authenticator certbot-dns-ionos:dns-ionos`` select the authenticator plugin (Required)
|
||||||
|
|
||||||
``--certbot-dns-ispconfig:dns-ispconfig-credentials`` ispconfig Remote User credentials
|
``--certbot-dns-ionos:dns-ionos-credentials`` ionos Remote User credentials
|
||||||
INI file. (Required)
|
INI file. (Required)
|
||||||
|
|
||||||
``--certbot-dns-ispconfig:dns-ispconfig-propagation-seconds`` | waiting time for DNS to propagate before asking
|
``--certbot-dns-ionos:dns-ionos-propagation-seconds`` | waiting time for DNS to propagate before asking
|
||||||
| the ACME server to verify the DNS record.
|
| the ACME server to verify the DNS record.
|
||||||
| (Default: 10, Recommended: >= 600)
|
| (Default: 10, Recommended: >= 600)
|
||||||
============================================================= ==============================================
|
============================================================= ==============================================
|
||||||
|
|
||||||
(Note that the verbose and seemingly redundant ``certbot-dns-ispconfig:`` prefix
|
(Note that the verbose and seemingly redundant ``certbot-dns-ionos:`` prefix
|
||||||
is currently imposed by certbot for external plugins.)
|
is currently imposed by certbot for external plugins.)
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -55,17 +55,17 @@ An example ``credentials.ini`` file:
|
||||||
|
|
||||||
.. code-block:: ini
|
.. code-block:: ini
|
||||||
|
|
||||||
certbot_dns_ispconfig:dns_ispconfig_username = myremoteuser
|
dns_ionos_prefix = myapikeyprefix
|
||||||
certbot_dns_ispconfig:dns_ispconfig_password = verysecureremoteuserpassword
|
dns_ionos_secret = verysecureapikeysecret
|
||||||
certbot_dns_ispconfig:dns_ispconfig_endpoint = https://localhost:8080/remote/json.php
|
dns_ionos_endpoint = https://api.hosting.ionos.com
|
||||||
|
|
||||||
The path to this file can be provided interactively or using the
|
The path to this file can be provided interactively or using the
|
||||||
``--certbot-dns-ispconfig:dns-ispconfig-credentials`` command-line argument. Certbot
|
``--certbot-dns-ionos:dns-ionos-credentials`` command-line argument. Certbot
|
||||||
records the path to this file for use during renewal, but does not store the
|
records the path to this file for use during renewal, but does not store the
|
||||||
file's contents.
|
file's contents.
|
||||||
|
|
||||||
**CAUTION:** You should protect these API credentials as you would the
|
**CAUTION:** You should protect these API credentials as you would the
|
||||||
password to your ispconfig account. Users who can read this file can use these
|
password to your ionos account. Users who can read this file can use these
|
||||||
credentials to issue arbitrary API calls on your behalf. Users who can cause
|
credentials to issue arbitrary API calls on your behalf. Users who can cause
|
||||||
Certbot to run using these credentials can complete a ``dns-01`` challenge to
|
Certbot to run using these credentials can complete a ``dns-01`` challenge to
|
||||||
acquire new certificates or revoke existing certificates for associated
|
acquire new certificates or revoke existing certificates for associated
|
||||||
|
|
@ -88,9 +88,9 @@ To acquire a single certificate for both ``example.com`` and
|
||||||
.. code-block:: bash
|
.. code-block:: bash
|
||||||
|
|
||||||
certbot certonly \
|
certbot certonly \
|
||||||
--authenticator certbot-dns-ispconfig:dns-ispconfig \
|
--authenticator certbot-dns-ionos:dns-ionos \
|
||||||
--certbot-dns-ispconfig:dns-ispconfig-credentials /etc/letsencrypt/.secrets/domain.tld.ini \
|
--certbot-dns-ionos:dns-ionos-credentials /etc/letsencrypt/.secrets/domain.tld.ini \
|
||||||
--certbot-dns-ispconfig:dns-ispconfig-propagation-seconds 900 \
|
--certbot-dns-ionos:dns-ionos-propagation-seconds 900 \
|
||||||
--server https://acme-v02.api.letsencrypt.org/directory \
|
--server https://acme-v02.api.letsencrypt.org/directory \
|
||||||
--agree-tos \
|
--agree-tos \
|
||||||
--rsa-key-size 4096 \
|
--rsa-key-size 4096 \
|
||||||
|
|
@ -101,17 +101,17 @@ To acquire a single certificate for both ``example.com`` and
|
||||||
Docker
|
Docker
|
||||||
------
|
------
|
||||||
|
|
||||||
In order to create a docker container with a certbot-dns-ispconfig installation,
|
In order to create a docker container with a certbot-dns-ionos installation,
|
||||||
create an empty directory with the following ``Dockerfile``:
|
create an empty directory with the following ``Dockerfile``:
|
||||||
|
|
||||||
.. code-block:: docker
|
.. code-block:: docker
|
||||||
|
|
||||||
FROM certbot/certbot
|
FROM certbot/certbot
|
||||||
RUN pip install certbot-dns-ispconfig
|
RUN pip install certbot-dns-ionos
|
||||||
|
|
||||||
Proceed to build the image::
|
Proceed to build the image::
|
||||||
|
|
||||||
docker build -t certbot/dns-ispconfig .
|
docker build -t certbot/dns-ionos .
|
||||||
|
|
||||||
Once that's finished, the application can be run as follows::
|
Once that's finished, the application can be run as follows::
|
||||||
|
|
||||||
|
|
@ -119,10 +119,10 @@ Once that's finished, the application can be run as follows::
|
||||||
-v /var/lib/letsencrypt:/var/lib/letsencrypt \
|
-v /var/lib/letsencrypt:/var/lib/letsencrypt \
|
||||||
-v /etc/letsencrypt:/etc/letsencrypt \
|
-v /etc/letsencrypt:/etc/letsencrypt \
|
||||||
--cap-drop=all \
|
--cap-drop=all \
|
||||||
certbot/dns-ispconfig certonly \
|
certbot/dns-ionos certonly \
|
||||||
--authenticator certbot-dns-ispconfig:dns-ispconfig \
|
--authenticator certbot-dns-ionos:dns-ionos \
|
||||||
--certbot-dns-ispconfig:dns-ispconfig-propagation-seconds 900 \
|
--certbot-dns-ionos:dns-ionos-propagation-seconds 900 \
|
||||||
--certbot-dns-ispconfig:dns-ispconfig-credentials \
|
--certbot-dns-ionos:dns-ionos-credentials \
|
||||||
/etc/letsencrypt/.secrets/domain.tld.ini \
|
/etc/letsencrypt/.secrets/domain.tld.ini \
|
||||||
--no-self-upgrade \
|
--no-self-upgrade \
|
||||||
--keep-until-expiring --non-interactive --expand \
|
--keep-until-expiring --non-interactive --expand \
|
||||||
|
|
|
||||||
2
setup.py
2
setup.py
|
|
@ -1,7 +1,7 @@
|
||||||
from setuptools import setup
|
from setuptools import setup
|
||||||
from setuptools import find_packages
|
from setuptools import find_packages
|
||||||
|
|
||||||
version = "0.0.2"
|
version = "0.0.3"
|
||||||
|
|
||||||
install_requires = [
|
install_requires = [
|
||||||
"acme>=0.29.0",
|
"acme>=0.29.0",
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue