diff --git a/letsencrypt/CHANGELOG.md b/letsencrypt/CHANGELOG.md index 9a486ad..86d7d09 100644 --- a/letsencrypt/CHANGELOG.md +++ b/letsencrypt/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog +## 4.11.0 + +- Add support for Njalla DNS + ## 4.10.0 - Add support for custom ACME server and Certificate Authority diff --git a/letsencrypt/DOCS.md b/letsencrypt/DOCS.md index 131c33b..2247cc1 100644 --- a/letsencrypt/DOCS.md +++ b/letsencrypt/DOCS.md @@ -65,6 +65,7 @@ linode_key: '' linode_version: '' luadns_email: '' luadns_token: '' +njalla_token: '' nsone_api_key: '' ovh_endpoint: '' ovh_application_key: '' @@ -252,6 +253,24 @@ dns: directadmin_password: da_password_or_key ``` +### Njalla + +You need to generate an API token inside Settings > API Access or directly at https://njal.la/settings/api/. If you have a static IP-address restrict the access to your IP. I you are not sure, you probably don't have a static IP-address. + +Example configuration: + +```yaml +email: your.email@example.com +domains: + - home-assistant.io +certfile: fullchain.pem +keyfile: privkey.pem +challenge: dns +dns: + provider: dns-njalla + njalla_token: 0123456789abcdef0123456789abcdef01234567 +``` + ### TransIP You will need to generate an API key from the TransIP Control Panel at https://www.transip.nl/cp/account/api/. @@ -323,6 +342,7 @@ dns-gehirn dns-google dns-linode dns-luadns +dns-njalla dns-nsone dns-ovh dns-rfc2136 diff --git a/letsencrypt/Dockerfile b/letsencrypt/Dockerfile index d80cc45..e66f80c 100644 --- a/letsencrypt/Dockerfile +++ b/letsencrypt/Dockerfile @@ -5,6 +5,7 @@ FROM $BUILD_FROM ARG CERTBOT_VERSION ARG CERTBOT_DNS_DIRECTADMIN_VERSION ARG CERTBOT_NETCUP_VERSION +ARG CERTBOT_NJALLA_VERSION ARG CERTBOT_GANDI_VERSION ARG CERTBOT_DNS_TRANSIP_VERSION @@ -30,6 +31,7 @@ RUN apk add --no-cache --update \ certbot-dns-google==${CERTBOT_VERSION} \ certbot-dns-linode==${CERTBOT_VERSION} \ certbot-dns-luadns==${CERTBOT_VERSION} \ + certbot-dns-njalla==${CERTBOT_NJALLA_VERSION} \ certbot-dns-nsone==${CERTBOT_VERSION} \ certbot-dns-ovh==${CERTBOT_VERSION} \ certbot-dns-rfc2136==${CERTBOT_VERSION} \ diff --git a/letsencrypt/build.json b/letsencrypt/build.json index 51c6b9f..3c6bad1 100644 --- a/letsencrypt/build.json +++ b/letsencrypt/build.json @@ -10,6 +10,7 @@ "CERTBOT_VERSION": "1.2.0", "CERTBOT_DNS_DIRECTADMIN_VERSION": "0.0.13", "CERTBOT_NETCUP_VERSION": "0.31.0.1", + "CERTBOT_NJALLA_VERSION": "0.0.4", "CERTBOT_GANDI_VERSION": "1.2.5", "CERTBOT_DNS_TRANSIP_VERSION": "0.3.0" } diff --git a/letsencrypt/config.json b/letsencrypt/config.json index f59cc17..ac0ec93 100644 --- a/letsencrypt/config.json +++ b/letsencrypt/config.json @@ -1,6 +1,6 @@ { "name": "Let's Encrypt", - "version": "4.10.0", + "version": "4.11.0", "slug": "letsencrypt", "description": "Manage certificate from Let's Encrypt", "url": "https://github.com/home-assistant/hassio-addons/tree/master/letsencrypt", @@ -32,7 +32,7 @@ "acme_server": "url?", "acme_root_ca_cert": "str?", "dns": { - "provider": "list(dns-cloudflare|dns-cloudxns|dns-digitalocean|dns-directadmin|dns-dnsimple|dns-dnsmadeeasy|dns-gehirn|dns-google|dns-linode|dns-luadns|dns-nsone|dns-ovh|dns-rfc2136|dns-route53|dns-sakuracloud|dns-netcup|dns-gandi|dns-transip)?", + "provider": "list(dns-cloudflare|dns-cloudxns|dns-digitalocean|dns-directadmin|dns-dnsimple|dns-dnsmadeeasy|dns-gehirn|dns-google|dns-linode|dns-luadns|dns-njalla|dns-nsone|dns-ovh|dns-rfc2136|dns-route53|dns-sakuracloud|dns-netcup|dns-gandi|dns-transip)?", "propagation_seconds": "int(60,3600)?", "cloudflare_email": "email?", "cloudflare_api_key": "str?", @@ -53,6 +53,7 @@ "linode_version": "str?", "luadns_email": "email?", "luadns_token": "str?", + "njalla_token": "str?", "nsone_api_key": "str?", "ovh_endpoint": "str?", "ovh_application_key": "str?", diff --git a/letsencrypt/rootfs/etc/cont-init.d/file-structure.sh b/letsencrypt/rootfs/etc/cont-init.d/file-structure.sh index 15fcd1d..31b8d9d 100644 --- a/letsencrypt/rootfs/etc/cont-init.d/file-structure.sh +++ b/letsencrypt/rootfs/etc/cont-init.d/file-structure.sh @@ -24,6 +24,7 @@ echo -e "dns_cloudxns_api_key = $(bashio::config 'dns.cloudxns_api_key')\n" \ "certbot_dns_netcup:dns_netcup_customer_id = $(bashio::config 'dns.netcup_customer_id')\n" \ "certbot_dns_netcup:dns_netcup_api_key = $(bashio::config 'dns.netcup_api_key')\n" \ "certbot_dns_netcup:dns_netcup_api_password = $(bashio::config 'dns.netcup_api_password')\n" \ + "certbot_dns_njalla:dns_njalla_token = $(bashio::config 'dns.njalla_token')\n" \ "dns_nsone_api_key = $(bashio::config 'dns.nsone_api_key')\n" \ "dns_ovh_endpoint = $(bashio::config 'dns.ovh_endpoint')\n" \ "dns_ovh_application_key = $(bashio::config 'dns.ovh_application_key')\n" \ diff --git a/letsencrypt/rootfs/etc/services.d/lets-encrypt/run b/letsencrypt/rootfs/etc/services.d/lets-encrypt/run index b27b6de..5154c80 100644 --- a/letsencrypt/rootfs/etc/services.d/lets-encrypt/run +++ b/letsencrypt/rootfs/etc/services.d/lets-encrypt/run @@ -91,6 +91,11 @@ elif [ "${DNS_PROVIDER}" == "dns-gandi" ]; then fi PROVIDER_ARGUMENTS+=("--authenticator" "certbot-plugin-gandi:dns" "--certbot-plugin-gandi:dns-credentials" /data/dnsapikey) +# Njalla +elif [ "${CHALLENGE}" == "dns" ] && [ "${DNS_PROVIDER}" == "dns-njalla" ]; then + bashio::config.require 'dns.njalla_token' + PROVIDER_ARGUMENTS+=("--authenticator" "certbot-dns-njalla:dns-njalla" "--certbot-dns-njalla:dns-njalla-credentials" /data/dnsapikey "--certbot-dns-njalla:dns-njalla-propagation-seconds" "${PROPAGATION_SECONDS}") + #All others else PROVIDER_ARGUMENTS+=("--${DNS_PROVIDER}" "--${DNS_PROVIDER}-credentials" /data/dnsapikey)