aljaz/addons
1
0
Fork 0
mirror of https://github.com/aljazceru/addons.git synced 2025-12-18 13:44:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Allow api token for cloudflare (#1073)

Browse Source 
* Allow api token for cloudflare

* Update build.json

* Update CHANGELOG.md

* Update run.sh

* Update README.md

* Update README.md

* Update README.md
This commit is contained in:
Pascal Vizeli
2020-02-14 12:02:00 +01:00
committed by GitHub
parent 3c42e0a025
commit f6d0ddb398
5 changed files with 40 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
letsencrypt/CHANGELOG.md
View File

@@ -1,5 +1,11 @@
# Changelog # Changelog
## 4.5
- Update cerbot to 1.2.0
- Update image to Alpine 3.11
- Support CloudFlare API Token
## 4.4 ## 4.4
- Added support for nectup dns - Added support for nectup dns

25
letsencrypt/README.md
View File

@@ -57,6 +57,7 @@ In addition add the fields according to the credentials required by your dns pro
```yaml ```yaml
cloudflare_email: '' cloudflare_email: ''
cloudflare_api_key: '' cloudflare_api_key: ''
cloudflare_api_token: ''
cloudxns_api_key: '' cloudxns_api_key: ''
cloudxns_secret_key: '' cloudxns_secret_key: ''
digitalocean_token: '' digitalocean_token: ''
@@ -142,6 +143,30 @@ You can find additional information in regards to the required permissions in th
<https://github.com/certbot/certbot/blob/master/certbot-dns-google/certbot_dns_google/__init__.py> <https://github.com/certbot/certbot/blob/master/certbot-dns-google/certbot_dns_google/__init__.py>
### CloudFlare
Previously, Cloudflares “Global API Key” was used for authentication, however this key can access the entire Cloudflare API for all domains in your account, meaning it could cause a lot of damage if leaked.
Cloudflares newer API Tokens can be restricted to specific domains and operations, and are therefore now the recommended authentication option.
However, due to some shortcomings in Cloudflares implementation of Tokens, Tokens created for Certbot currently require `Zone:Zone:Read` and `Zone:DNS:Edit` permissions for all zones in your account.
Example credentials file using restricted API Token (recommended):
```yaml
dns:
provider: dns-clooudflare
dns_cloudflare_api_token: 0123456789abcdef0123456789abcdef01234
```
Example credentials file using Global API Key (not recommended):
```yaml
dns:
provider: dns-clooudflare
dns_cloudflare_email: cloudflare@example.com
dns_cloudflare_api_key: 0123456789abcdef0123456789abcdef01234
```
## Certificate files ## Certificate files
The certificate files will be available within the "ssl" share after successful request of the certificates. The certificate files will be available within the "ssl" share after successful request of the certificates.

12
letsencrypt/build.json
View File

@@ -1,13 +1,13 @@
{ {
"build_from": { "build_from": {
"aarch64": "homeassistant/aarch64-base-python:3.7-alpine3.10", "aarch64": "homeassistant/aarch64-base-python:3.7-alpine3.11",
"amd64": "homeassistant/amd64-base-python:3.7-alpine3.10", "amd64": "homeassistant/amd64-base-python:3.7-alpine3.11",
"armhf": "homeassistant/armhf-base-python:3.7-alpine3.10", "armhf": "homeassistant/armhf-base-python:3.7-alpine3.11",
"armv7": "homeassistant/armv7-base-python:3.7-alpine3.10", "armv7": "homeassistant/armv7-base-python:3.7-alpine3.11",
"i386": "homeassistant/i386-base-python:3.7-alpine3.10" "i386": "homeassistant/i386-base-python:3.7-alpine3.11"
}, },
"args": { "args": {
"CERTBOT_VERSION": "1.0.0", "CERTBOT_VERSION": "1.2.0",
"CERTBOT_NETCUP_VERSION": "0.31.0.1" "CERTBOT_NETCUP_VERSION": "0.31.0.1"
} }
} }

3
letsencrypt/config.json
View File

@@ -1,6 +1,6 @@
{ {
"name": "Let's Encrypt", "name": "Let's Encrypt",
"version": "4.4", "version": "4.5",
"slug": "letsencrypt", "slug": "letsencrypt",
"description": "Manage certificate from Let's Encrypt", "description": "Manage certificate from Let's Encrypt",
"url": "https://github.com/home-assistant/hassio-addons/tree/master/letsencrypt", "url": "https://github.com/home-assistant/hassio-addons/tree/master/letsencrypt",
@@ -32,6 +32,7 @@
"provider": "list(dns-cloudflare|dns-cloudxns|dns-digitalocean|dns-dnsimple|dns-dnsmadeeasy|dns-gehirn|dns-google|dns-linode|dns-luadns|dns-nsone|dns-ovh|dns-rfc2136|dns-route53|dns-sakuracloud|dns-netcup)?", "provider": "list(dns-cloudflare|dns-cloudxns|dns-digitalocean|dns-dnsimple|dns-dnsmadeeasy|dns-gehirn|dns-google|dns-linode|dns-luadns|dns-nsone|dns-ovh|dns-rfc2136|dns-route53|dns-sakuracloud|dns-netcup)?",
"cloudflare_email": "email?", "cloudflare_email": "email?",
"cloudflare_api_key": "str?", "cloudflare_api_key": "str?",
"cloudflare_api_token": "str?",
"cloudxns_api_key": "str?", "cloudxns_api_key": "str?",
"cloudxns_secret_key": "str?", "cloudxns_secret_key": "str?",
"digitalocean_token": "str?", "digitalocean_token": "str?",

1
letsencrypt/data/run.sh
View File

@@ -25,6 +25,7 @@ PROVIDER_ARGUMENTS=()
echo -e "dns_cloudflare_email = $(bashio::config 'dns.cloudflare_email')\n" \ echo -e "dns_cloudflare_email = $(bashio::config 'dns.cloudflare_email')\n" \
"dns_cloudflare_api_key = $(bashio::config 'dns.cloudflare_api_key')\n" \ "dns_cloudflare_api_key = $(bashio::config 'dns.cloudflare_api_key')\n" \
"dns_cloudflare_api_token = $(bashio::config 'dns.cloudflare_api_token')\n" \
"dns_cloudxns_api_key = $(bashio::config 'dns.cloudxns_api_key')\n" \ "dns_cloudxns_api_key = $(bashio::config 'dns.cloudxns_api_key')\n" \
"dns_cloudxns_secret_key = $(bashio::config 'dns.cloudxns_secret_key')\n" \ "dns_cloudxns_secret_key = $(bashio::config 'dns.cloudxns_secret_key')\n" \
"dns_digitalocean_token = $(bashio::config 'dns.digitalocean_token')\n" \ "dns_digitalocean_token = $(bashio::config 'dns.digitalocean_token')\n" \