aljaz/addons
1
0
Fork 0
mirror of https://github.com/aljazceru/addons.git synced 2025-12-17 05:04:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

cloudflare selected and streamline propagation seconds (#1099)

Browse Source 
* cloudflare-selected

* Update config.json

* Update README.md

* Update CHANGELOG.md

* Update README.md

* Update run.sh

* Fix lint

* Update run.sh

* address comments
This commit is contained in:
Pascal Vizeli
2020-02-18 15:47:36 +01:00
committed by GitHub
parent b645b7abbe
commit c0d92d33dc
4 changed files with 60 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
letsencrypt/CHANGELOG.md
View File

@@ -1,5 +1,10 @@
# Changelog
## 4.6
- Streamline propagation seconds
- Add propagation seconds to CloudFlare / option selection
## 4.5
- Update cerbot to 1.2.0

6
letsencrypt/README.md
View File

@@ -55,6 +55,7 @@ In addition add the fields according to the credentials required by your dns pro
```yaml
propagation_seconds: 60
cloudflare_email: ''
cloudflare_api_key: ''
cloudflare_api_token: ''
@@ -88,7 +89,6 @@ sakuracloud_api_secret: ''
netcup_customer_id: ''
netcup_api_key: ''
netcup_api_password: ''
netcup_propagation_seconds: 60
```
## Example Configurations
@@ -154,14 +154,14 @@ However, due to some shortcomings in Cloudflares implementation of Tokens, To
Example credentials file using restricted API Token (recommended):
```yaml
dns:
provider: dns-clooudflare
provider: dns-cloudflare
dns_cloudflare_api_token: 0123456789abcdef0123456789abcdef01234
```
Example credentials file using Global API Key (not recommended):
```yaml
dns:
provider: dns-clooudflare
provider: dns-cloudflare
dns_cloudflare_email: cloudflare@example.com
dns_cloudflare_api_key: 0123456789abcdef0123456789abcdef01234
```

6
letsencrypt/config.json
View File

@@ -1,6 +1,6 @@
{
"name": "Let's Encrypt",
"version": "4.5",
"version": "4.6",
"slug": "letsencrypt",
"description": "Manage certificate from Let's Encrypt",
"url": "https://github.com/home-assistant/hassio-addons/tree/master/letsencrypt",
@@ -30,6 +30,7 @@
"challenge": "list(dns|http)",
"dns": {
"provider": "list(dns-cloudflare|dns-cloudxns|dns-digitalocean|dns-dnsimple|dns-dnsmadeeasy|dns-gehirn|dns-google|dns-linode|dns-luadns|dns-nsone|dns-ovh|dns-rfc2136|dns-route53|dns-sakuracloud|dns-netcup)?",
"propagation_seconds": "int(60,3600)?",
"cloudflare_email": "email?",
"cloudflare_api_key": "str?",
"cloudflare_api_token": "str?",
@@ -62,8 +63,7 @@
"sakuracloud_api_secret": "str?",
"netcup_customer_id": "str?",
"netcup_api_key": "str?",
"netcup_api_password": "str?",
"netcup_propagation_seconds": "int(60,3600)?"
"netcup_api_password": "str?"
}
},
"image": "homeassistant/{arch}-addon-letsencrypt"

89
letsencrypt/data/run.sh
View File

@@ -5,12 +5,17 @@ DOMAINS=$(bashio::config 'domains')
KEYFILE=$(bashio::config 'keyfile')
CERTFILE=$(bashio::config 'certfile')
CHALLENGE=$(bashio::config 'challenge')
DNS_PROVIDER=$(bashio::config 'dns.provider')
if [[ "$CHALLENGE" == "dns" ]]; then
bashio::log.info "Selected DNS Provider: $(bashio::config 'dns.provider')"
bashio::log.info "Selected DNS Provider: $(bashio::config 'dns.provider')"
PROPAGATION_SECONDS=60
if bashio::config.exists 'dns.propagation_seconds'; then
PROPAGATION_SECONDS="$(bashio::config 'dns.propagation_seconds')"
fi
bashio::log.info "Use propagation seconds: ${PROPAGATION_SECONDS}"
else
bashio::log.info "Selected http verification"
bashio::log.info "Selected http verification"
fi
CERT_DIR=/data/letsencrypt
@@ -23,38 +28,35 @@ chmod +x /run.sh
touch /data/dnsapikey
PROVIDER_ARGUMENTS=()
echo -e "dns_cloudflare_email = $(bashio::config 'dns.cloudflare_email')\n" \
"dns_cloudflare_api_key = $(bashio::config 'dns.cloudflare_api_key')\n" \
"dns_cloudflare_api_token = $(bashio::config 'dns.cloudflare_api_token')\n" \
"dns_cloudxns_api_key = $(bashio::config 'dns.cloudxns_api_key')\n" \
"dns_cloudxns_secret_key = $(bashio::config 'dns.cloudxns_secret_key')\n" \
"dns_digitalocean_token = $(bashio::config 'dns.digitalocean_token')\n" \
"dns_dnsimple_token = $(bashio::config 'dns.dnsimple_token')\n" \
"dns_dnsmadeeasy_api_key = $(bashio::config 'dns.dnsmadeeasy_api_key')\n" \
"dns_dnsmadeeasy_secret_key = $(bashio::config 'dns.dnsmadeeasy_secret_key')\n" \
"dns_gehirn_api_token = $(bashio::config 'dns.gehirn_api_token')\n" \
"dns_gehirn_api_secret = $(bashio::config 'dns.gehirn_api_secret')\n" \
"dns_linode_key = $(bashio::config 'dns.linode_key')\n" \
"dns_linode_version = $(bashio::config 'dns.linode_version')\n" \
"dns_luadns_email = $(bashio::config 'dns.luadns_email')\n" \
"dns_luadns_token = $(bashio::config 'dns.luadns_token')\n" \
"certbot_dns_netcup:dns_netcup_customer_id = $(bashio::config 'dns.netcup_customer_id')\n" \
"certbot_dns_netcup:dns_netcup_api_key = $(bashio::config 'dns.netcup_api_key')\n" \
"certbot_dns_netcup:dns_netcup_api_password = $(bashio::config 'dns.netcup_api_password')\n" \
"dns_nsone_api_key = $(bashio::config 'dns.nsone_api_key')\n" \
"dns_ovh_endpoint = $(bashio::config 'dns.ovh_endpoint')\n" \
"dns_ovh_application_key = $(bashio::config 'dns.ovh_application_key')\n" \
"dns_ovh_application_secret = $(bashio::config 'dns.ovh_application_secret')\n" \
"dns_ovh_consumer_key = $(bashio::config 'dns.ovh_consumer_key')\n" \
"dns_rfc2136_server = $(bashio::config 'dns.rfc2136_server')\n" \
"dns_rfc2136_port = $(bashio::config 'dns.rfc2136_port')\n" \
"dns_rfc2136_name = $(bashio::config 'dns.rfc2136_name')\n" \
"dns_rfc2136_secret = $(bashio::config 'dns.rfc2136_secret')\n" \
"dns_rfc2136_algorithm = $(bashio::config 'dns.rfc2136_algorithm')\n" \
"aws_access_key_id = $(bashio::config 'dns.aws_access_key_id')\n" \
"aws_secret_access_key = $(bashio::config 'dns.aws_secret_access_key')\n" \
"dns_sakuracloud_api_token = $(bashio::config 'dns.sakuracloud_api_token')\n" \
"dns_sakuracloud_api_secret = $(bashio::config 'dns.sakuracloud_api_secret')" > /data/dnsapikey
echo -e "dns_cloudxns_api_key = $(bashio::config 'dns.cloudxns_api_key')\n" \
"dns_cloudxns_secret_key = $(bashio::config 'dns.cloudxns_secret_key')\n" \
"dns_digitalocean_token = $(bashio::config 'dns.digitalocean_token')\n" \
"dns_dnsimple_token = $(bashio::config 'dns.dnsimple_token')\n" \
"dns_dnsmadeeasy_api_key = $(bashio::config 'dns.dnsmadeeasy_api_key')\n" \
"dns_dnsmadeeasy_secret_key = $(bashio::config 'dns.dnsmadeeasy_secret_key')\n" \
"dns_gehirn_api_token = $(bashio::config 'dns.gehirn_api_token')\n" \
"dns_gehirn_api_secret = $(bashio::config 'dns.gehirn_api_secret')\n" \
"dns_linode_key = $(bashio::config 'dns.linode_key')\n" \
"dns_linode_version = $(bashio::config 'dns.linode_version')\n" \
"dns_luadns_email = $(bashio::config 'dns.luadns_email')\n" \
"dns_luadns_token = $(bashio::config 'dns.luadns_token')\n" \
"certbot_dns_netcup:dns_netcup_customer_id = $(bashio::config 'dns.netcup_customer_id')\n" \
"certbot_dns_netcup:dns_netcup_api_key = $(bashio::config 'dns.netcup_api_key')\n" \
"certbot_dns_netcup:dns_netcup_api_password = $(bashio::config 'dns.netcup_api_password')\n" \
"dns_nsone_api_key = $(bashio::config 'dns.nsone_api_key')\n" \
"dns_ovh_endpoint = $(bashio::config 'dns.ovh_endpoint')\n" \
"dns_ovh_application_key = $(bashio::config 'dns.ovh_application_key')\n" \
"dns_ovh_application_secret = $(bashio::config 'dns.ovh_application_secret')\n" \
"dns_ovh_consumer_key = $(bashio::config 'dns.ovh_consumer_key')\n" \
"dns_rfc2136_server = $(bashio::config 'dns.rfc2136_server')\n" \
"dns_rfc2136_port = $(bashio::config 'dns.rfc2136_port')\n" \
"dns_rfc2136_name = $(bashio::config 'dns.rfc2136_name')\n" \
"dns_rfc2136_secret = $(bashio::config 'dns.rfc2136_secret')\n" \
"dns_rfc2136_algorithm = $(bashio::config 'dns.rfc2136_algorithm')\n" \
"aws_access_key_id = $(bashio::config 'dns.aws_access_key_id')\n" \
"aws_secret_access_key = $(bashio::config 'dns.aws_secret_access_key')\n" \
"dns_sakuracloud_api_token = $(bashio::config 'dns.sakuracloud_api_token')\n" \
"dns_sakuracloud_api_secret = $(bashio::config 'dns.sakuracloud_api_secret')" > /data/dnsapikey
chmod 600 /data/dnsapikey
# AWS
@@ -77,16 +79,23 @@ elif bashio::config.exists 'dns.google_creds'; then
bashio::log.info "Google Credentials File doesnt exists in folder share."
fi
PROVIDER_ARGUMENTS+=("--${DNS_PROVIDER}" "--${DNS_PROVIDER}-credentials" "/data/${GOOGLE_CREDS}")
#Netcup
elif bashio::config.exists 'dns.netcup_customer_id' && bashio::config.exists 'dns.netcup_api_key' && bashio::config.exists 'dns.netcup_api_password'; then
if bashio::config.exists 'dns.netcup_propagation_seconds'; then
NETCUP_DNS_PROPAGATION_SECONDS="$(bashio::config 'dns.netcup_propagation_seconds')"
PROVIDER_ARGUMENTS+=("--authenticator" "certbot-dns-netcup:dns-netcup" "--certbot-dns-netcup:dns-netcup-credentials" /data/dnsapikey "--certbot-dns-netcup:dns-netcup-propagation-seconds" "${PROPAGATION_SECONDS}")
# CloudFlare
elif [[ "${DNS_PROVIDER}" == "dns-cloudflare" ]]; then
if bashio::config.exists 'dns.cloudflare_api_token'; then
bashio::log.info "Use CloudFlare token"
echo "dns_cloudflare_api_token = $(bashio::config 'dns.cloudflare_api_token')" >> /data/dnsapikey
else
NETCUP_DNS_PROPAGATION_SECONDS=600
bashio::log.info "no propagation time found for netcup, using default value"
bashio::log.warning "Use CloudFlare global key (not recommended!)"
echo -e "dns_cloudflare_email = $(bashio::config 'dns.cloudflare_email')\n" \
"dns_cloudflare_api_key = $(bashio::config 'dns.cloudflare_api_key')\n" >> /data/dnsapikey
fi
PROVIDER_ARGUMENTS+=("--authenticator" "certbot-dns-netcup:dns-netcup" "--certbot-dns-netcup:dns-netcup-credentials" /data/dnsapikey "--certbot-dns-netcup:dns-netcup-propagation-seconds" "${NETCUP_DNS_PROPAGATION_SECONDS}")
PROVIDER_ARGUMENTS+=("--${DNS_PROVIDER}" "--${DNS_PROVIDER}-credentials" /data/dnsapikey "--dns-cloudflare-propagation-seconds" "${PROPAGATION_SECONDS}")
#All others
else