added support for netcup dns (#1030)

* added support for netcup dns * Changes based on PR feedback * changed rexexp for netcup propagation seconds * pinned netcup plugin to a version * updated changelog + version to 4.4 * adapted to new format of example json
2025-12-17 05:04:21 +01:00 · 2020-02-05 21:51:30 +01:00
parent 53cd11f35a
commit ae84a86209
6 changed files with 60 additions and 6 deletions
--- a/letsencrypt/CHANGELOG.md
+++ b/letsencrypt/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog

+## 4.4
+
+- Added support for nectup dns
+
 ## 4.3

 - Added support for google dns
--- a/letsencrypt/Dockerfile
+++ b/letsencrypt/Dockerfile
@@ -3,6 +3,7 @@ FROM $BUILD_FROM

 # setup base
 ARG CERTBOT_VERSION
+ARG CERTBOT_NETCUP_VERSION

 RUN apk add --no-cache --update \
        libffi \
@@ -28,6 +29,7 @@ RUN apk add --no-cache --update \
        certbot-dns-rfc2136==${CERTBOT_VERSION} \
        certbot-dns-route53==${CERTBOT_VERSION} \
        certbot-dns-sakuracloud==${CERTBOT_VERSION} \
+        certbot-dns-netcup==${CERTBOT_NETCUP_VERSION} \
    && apk del .build-dependencies

 # Copy data
--- a/letsencrypt/README.md
+++ b/letsencrypt/README.md
@@ -53,6 +53,7 @@ dnsprovider: ""

 In addition add the fields according to the credentials required by your dns provider:

+
 ```yaml
 cloudflare_email: ''
 cloudflare_api_key: ''
@@ -83,6 +84,10 @@ aws_access_key_id: ''
 aws_secret_access_key: ''
 sakuracloud_api_token: ''
 sakuracloud_api_secret: ''
+"netcup_customer_id": ''
+"netcup_api_key": ''
+"netcup_api_password": ''
+"netcup_propagation_seconds": ''
 ```

 ## Example Configurations
@@ -137,11 +142,34 @@ You can find additional information in regards to the required permissions in th

 <https://github.com/certbot/certbot/blob/master/certbot-dns-google/certbot_dns_google/__init__.py>

+### netcup dns challenge:
+```json
+{
+  "email": "hello@home-assistant.io",
+  "domains": [
+    "home-assistant.io"
+  ],
+  "certfile": "fullchain.pem",
+  "keyfile": "privkey.pem",
+  "challenge": "dns",
+  "dns": {
+    "provider": "dns-netcup",
+    "netcup_customer_id": "12345",
+    "netcup_api_key": "ABCDEFGHIJKLMNOPQRST",
+    "netcup_api_password": "1234567890ABCDEFGHIJK",
+    "netcup_propagation_seconds": "600"
+  }
+}
+```
+
+You can create the api key and api password in your netcup customer control panel. Here you'll also find you customer id.
+The "netcup_propagation_seconds" parameter sets the waiting time for DNS to propagate before asking the ACME server to verify the DNS record. It is highly recommended to setup a value >600 seconds.
+
 ## Certificate files

-The certificate files will be available within the "ssl" share after sucessful request of the certificates.
+The certificate files will be available within the "ssl" share after successful request of the certificates.

-By default other addons are refering to the correct path of the certificates.
+By default other addons are referring to the correct path of the certificates.
 You can in addition find the files via the "samba" addon within the "ssl" share.

 ## Supported DNS providers
@@ -161,6 +189,7 @@ dns-ovh
 dns-rfc2136
 dns-route53
 dns-sakuracloud
+dns-netcup
 ```

 ## Support
--- a/letsencrypt/build.json
+++ b/letsencrypt/build.json
@@ -7,6 +7,7 @@
    "i386": "homeassistant/i386-base-python:3.7-alpine3.10"
  },
  "args": {
-    "CERTBOT_VERSION": "1.0.0"
+    "CERTBOT_VERSION": "1.0.0",
+    "CERTBOT_NETCUP_VERSION": "0.31.0.1"
  }
 }
--- a/letsencrypt/config.json
+++ b/letsencrypt/config.json
@@ -1,6 +1,6 @@
 {
  "name": "Let's Encrypt",
-  "version": "4.3",
+  "version": "4.4",
  "slug": "letsencrypt",
  "description": "Manage certificate from Let's Encrypt",
  "url": "https://github.com/home-assistant/hassio-addons/tree/master/letsencrypt",
@@ -29,7 +29,7 @@
    "keyfile": "str",
    "challenge": "list(dns|http)",
    "dns": {
-      "provider": "list(dns-cloudflare|dns-cloudxns|dns-digitalocean|dns-dnsimple|dns-dnsmadeeasy|dns-gehirn|dns-google|dns-linode|dns-luadns|dns-nsone|dns-ovh|dns-rfc2136|dns-route53|dns-sakuracloud)?",
+      "provider": "list(dns-cloudflare|dns-cloudxns|dns-digitalocean|dns-dnsimple|dns-dnsmadeeasy|dns-gehirn|dns-google|dns-linode|dns-luadns|dns-nsone|dns-ovh|dns-rfc2136|dns-route53|dns-sakuracloud|dns-netcup)?",
      "cloudflare_email": "email?",
      "cloudflare_api_key": "str?",
      "cloudxns_api_key": "str?",
@@ -58,7 +58,11 @@
      "aws_access_key_id": "str?",
      "aws_secret_access_key": "str?",
      "sakuracloud_api_token": "str?",
-      "sakuracloud_api_secret": "str?"
+      "sakuracloud_api_secret": "str?",
+      "netcup_customer_id": "str?",
+      "netcup_api_key": "str?",
+      "netcup_api_password": "str?",
+      "netcup_propagation_seconds": "int(60,3600)?"
    }
  },
  "image": "homeassistant/{arch}-addon-letsencrypt"
--- a/letsencrypt/data/run.sh
+++ b/letsencrypt/data/run.sh
@@ -37,6 +37,9 @@ echo -e "dns_cloudflare_email = $(bashio::config 'dns.cloudflare_email')\n" \
  "dns_linode_version = $(bashio::config 'dns.linode_version')\n" \
  "dns_luadns_email = $(bashio::config 'dns.luadns_email')\n" \
  "dns_luadns_token = $(bashio::config 'dns.luadns_token')\n" \
+  "certbot_dns_netcup:dns_netcup_customer_id = $(bashio::config 'dns.netcup_customer_id')\n" \
+  "certbot_dns_netcup:dns_netcup_api_key = $(bashio::config 'dns.netcup_api_key')\n" \
+  "certbot_dns_netcup:dns_netcup_api_password = $(bashio::config 'dns.netcup_api_password')\n" \
  "dns_nsone_api_key = $(bashio::config 'dns.nsone_api_key')\n" \
  "dns_ovh_endpoint = $(bashio::config 'dns.ovh_endpoint')\n" \
  "dns_ovh_application_key = $(bashio::config 'dns.ovh_application_key')\n" \
@@ -73,6 +76,17 @@ elif bashio::config.exists 'dns.google_creds'; then
      bashio::log.info "Google Credentials File doesnt exists in folder share."
    fi
    PROVIDER_ARGUMENTS+=("--${DNS_PROVIDER}" "--${DNS_PROVIDER}-credentials" "/data/${GOOGLE_CREDS}")
+#Netcup
+elif bashio::config.exists 'dns.netcup_customer_id' && bashio::config.exists 'dns.netcup_api_key' && bashio::config.exists 'dns.netcup_api_password'; then
+    if bashio::config.exists 'dns.netcup_propagation_seconds'; then
+      NETCUP_DNS_PROPAGATION_SECONDS="$(bashio::config 'dns.netcup_propagation_seconds')"
+    else
+      NETCUP_DNS_PROPAGATION_SECONDS=600
+      bashio::log.info "no propagation time found for netcup, using default value"
+    fi
+
+    PROVIDER_ARGUMENTS+=("--authenticator" "certbot-dns-netcup:dns-netcup" "--certbot-dns-netcup:dns-netcup-credentials" /data/dnsapikey "--certbot-dns-netcup:dns-netcup-propagation-seconds" "${NETCUP_DNS_PROPAGATION_SECONDS}")
+
 #All others
 else
    PROVIDER_ARGUMENTS+=("--${DNS_PROVIDER}" "--${DNS_PROVIDER}-credentials" /data/dnsapikey)