Add support for TransIP DNS Provider (#1322)

* Add TransIP DNS Provider * Cleanup and fix SC errors. * Fix SC2004.
2026-02-01 11:15:38 +01:00 · 2020-05-23 13:24:53 +02:00
parent b94bea1d52
commit 80da6e8aaf
6 changed files with 54 additions and 4 deletions
--- a/letsencrypt/DOCS.md
+++ b/letsencrypt/DOCS.md
@@ -80,6 +80,8 @@ netcup_api_key: ''
 netcup_api_password: ''
 gandi_api_key: ''
 gandi_sharing_id: ''
+transip_username: ''
+transip_api_key: ''
 ```

 ## Example Configurations
@@ -200,6 +202,29 @@ dns:
  cloudflare_api_key: 0123456789abcdef0123456789abcdef01234
 ```

+### TransIP
+
+You will need to generate an API key from the TransIP Control Panel at https://www.transip.nl/cp/account/api/.
+
+The propagation limit will be automatically raised to 240 seconds.
+
+Example configuration:
+```yaml
+email: hello@home-assistant.io
+domains:
+  - your.domain.tld
+certfile: fullchain.pem
+keyfile: privkey.pem
+challenge: dns
+dns:
+  provider: dns-transip
+  transip_username: transip-user
+  transip_api_key: |
+    -----BEGIN PRIVATE KEY-----
+    MII..ABCDEFGHIJKLMNOPQRSTUVWXYZ
+    AAAAAABCDEFGHIJKLMNOPQRSTUVWXYZ
+    -----END PRIVATE KEY-----
+```

 ## Certificate files

@@ -227,6 +252,7 @@ dns-route53
 dns-sakuracloud
 dns-netcup
 dns-gandi
+dns-transip
 ```

 ## Support
--- a/letsencrypt/Dockerfile
+++ b/letsencrypt/Dockerfile
@@ -5,6 +5,7 @@ FROM $BUILD_FROM
 ARG CERTBOT_VERSION
 ARG CERTBOT_NETCUP_VERSION
 ARG CERTBOT_GANDI_VERSION
+ARG CERTBOT_DNS_TRANSIP_VERSION

 RUN apk add --no-cache --update \
        libffi \
@@ -34,6 +35,7 @@ RUN apk add --no-cache --update \
        certbot-dns-sakuracloud==${CERTBOT_VERSION} \
        certbot-dns-netcup==${CERTBOT_NETCUP_VERSION} \
        certbot-plugin-gandi==${CERTBOT_GANDI_VERSION} \
+        certbot-dns-transip==${CERTBOT_DNS_TRANSIP_VERSION} \
    && apk del .build-dependencies

 # Copy data
--- a/letsencrypt/build.json
+++ b/letsencrypt/build.json
@@ -9,6 +9,7 @@
  "args": {
    "CERTBOT_VERSION": "1.2.0",
    "CERTBOT_NETCUP_VERSION": "0.31.0.1",
-    "CERTBOT_GANDI_VERSION": "1.2.5"
+    "CERTBOT_GANDI_VERSION": "1.2.5",
+    "CERTBOT_DNS_TRANSIP_VERSION": "0.3.0"
  }
 }
--- a/letsencrypt/config.json
+++ b/letsencrypt/config.json
@@ -30,7 +30,7 @@
    "keyfile": "str",
    "challenge": "list(dns|http)",
    "dns": {
-      "provider": "list(dns-cloudflare|dns-cloudxns|dns-digitalocean|dns-dnsimple|dns-dnsmadeeasy|dns-gehirn|dns-google|dns-linode|dns-luadns|dns-nsone|dns-ovh|dns-rfc2136|dns-route53|dns-sakuracloud|dns-netcup|dns-gandi)?",
+      "provider": "list(dns-cloudflare|dns-cloudxns|dns-digitalocean|dns-dnsimple|dns-dnsmadeeasy|dns-gehirn|dns-google|dns-linode|dns-luadns|dns-nsone|dns-ovh|dns-rfc2136|dns-route53|dns-sakuracloud|dns-netcup|dns-gandi|dns-transip)?",
      "propagation_seconds": "int(60,3600)?",
      "cloudflare_email": "email?",
      "cloudflare_api_key": "str?",
@@ -66,7 +66,9 @@
      "netcup_api_key": "str?",
      "netcup_api_password": "str?",
      "gandi_api_key": "str?",
-      "gandi_sharing_id": "str?"
+      "gandi_sharing_id": "str?",
+      "transip_username": "str?",
+      "transip_api_key": "str?"
    }
  },
  "image": "homeassistant/{arch}-addon-letsencrypt"
--- a/letsencrypt/rootfs/etc/cont-init.d/file-structure.sh
+++ b/letsencrypt/rootfs/etc/cont-init.d/file-structure.sh
@@ -35,6 +35,15 @@ echo -e "dns_cloudxns_api_key = $(bashio::config 'dns.cloudxns_api_key')\n" \
      "aws_secret_access_key = $(bashio::config 'dns.aws_secret_access_key')\n" \
      "dns_sakuracloud_api_token = $(bashio::config 'dns.sakuracloud_api_token')\n" \
      "dns_sakuracloud_api_secret = $(bashio::config 'dns.sakuracloud_api_secret')\n" \
-      "certbot_plugin_gandi:dns_api_key = $(bashio::config 'dns.gandi_api_key')" > /data/dnsapikey
+      "certbot_plugin_gandi:dns_api_key = $(bashio::config 'dns.gandi_api_key')\n" \
+      "certbot_dns_transip:dns_transip_username = $(bashio::config 'dns.transip_username')\n" \
+      "certbot_dns_transip:dns_transip_key_file = /data/transip-rsa.key" > /data/dnsapikey

 chmod 600 /data/dnsapikey
+
+## Prepare TransIP RSA key
+if bashio::config.exists 'dns.transip_api_key'; then
+      TRANSIP_API_KEY=$(bashio::config 'dns.transip_api_key')
+      echo "${TRANSIP_API_KEY}" | openssl rsa -out /data/transip-rsa.key
+      chmod 600 /data/transip-rsa.key
+fi
--- a/letsencrypt/rootfs/etc/services.d/lets-encrypt/run
+++ b/letsencrypt/rootfs/etc/services.d/lets-encrypt/run
@@ -50,6 +50,16 @@ elif bashio::config.exists 'dns.google_creds'; then
 elif bashio::config.exists 'dns.netcup_customer_id' && bashio::config.exists 'dns.netcup_api_key' && bashio::config.exists 'dns.netcup_api_password'; then
    PROVIDER_ARGUMENTS+=("--authenticator" "certbot-dns-netcup:dns-netcup" "--certbot-dns-netcup:dns-netcup-credentials" /data/dnsapikey "--certbot-dns-netcup:dns-netcup-propagation-seconds" "${PROPAGATION_SECONDS}")

+#TransIP
+elif [ "${CHALLENGE}" == "dns" ] && [ "${DNS_PROVIDER}" == "dns-transip" ]; then
+    bashio::config.require.username 'dns.transip_username'
+    bashio::config.require 'dns.transip_api_key'
+    if (( PROPAGATION_SECONDS < 240 )); then
+        bashio::log.info "Increasing DNS propagation limit for TransIP to at least 240 seconds."
+        PROPAGATION_SECONDS=240
+    fi
+    PROVIDER_ARGUMENTS+=("--authenticator" "certbot-${DNS_PROVIDER}:${DNS_PROVIDER}" "--certbot-${DNS_PROVIDER}:${DNS_PROVIDER}-credentials" /data/dnsapikey "--certbot-${DNS_PROVIDER}:${DNS_PROVIDER}-propagation-seconds" "${PROPAGATION_SECONDS}")
+
 # CloudFlare
 elif [ "${DNS_PROVIDER}" == "dns-cloudflare" ]; then
    if bashio::config.exists 'dns.cloudflare_api_token'; then