diff --git a/Dockerfile b/Dockerfile index eab4093..eea3d74 100755 --- a/Dockerfile +++ b/Dockerfile @@ -104,7 +104,6 @@ RUN \ certbot-dns-domeneshop \ certbot-dns-dreamhost \ certbot-dns-duckdns \ - certbot-dns-dynu \ certbot-dns-freedns \ certbot-dns-gehirn \ certbot-dns-godaddy \ diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index a98ee69..b183d89 100755 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -104,7 +104,6 @@ RUN \ certbot-dns-domeneshop \ certbot-dns-dreamhost \ certbot-dns-duckdns \ - certbot-dns-dynu \ certbot-dns-freedns \ certbot-dns-gehirn \ certbot-dns-godaddy \ diff --git a/readme-vars.yml b/readme-vars.yml index 277c47b..01f7830 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -50,7 +50,7 @@ opt_param_usage_include_env: true opt_param_env_vars: - { env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)" } - { env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt." } - - { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynu`, `freedns`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." } + - { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `freedns`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." } - { env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins." } - { env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." } - { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" } @@ -90,6 +90,21 @@ app_setup_block: | * After setup, navigate to `https://yourdomain.url` to access the default homepage (http access through port 80 is disabled by default, you can enable it by editing the default site config at `/config/nginx/site-confs/default.conf`). * Certs are checked nightly and if expiration is within 30 days, renewal is attempted. If your cert is about to expire in less than 30 days, check the logs under `/config/log/letsencrypt` to see why the renewals have been failing. It is recommended to input your e-mail in docker parameters so you receive expiration notices from Let's Encrypt in those circumstances. + ### Certbot Plugins + + SWAG includes many Certbot plugins out of the box, but not all plugins can be includes. + If you need a plugin that is not included, the quickest way to have the plugin available is to use our [Universal Package Install Docker Mod](https://github.com/linuxserver/docker-mods/tree/universal-package-install). + + Set the following environment variables on your container: + + ```yaml + DOCKER_MODS=linuxserver/mods:universal-package-install + INSTALL_PIP_PACKAGES=certbot-dns- + ``` + + Set the required credentials (usually found in the plugin documentation) in `/config/dns-conf/.ini`. + It is recommended to attempt obtaining a certificate with `STAGING=true` first to make sure the plugin is working as expected. + ### Security and password protection * The container detects changes to url and subdomains, revokes existing certs and generates new ones during start. @@ -153,6 +168,7 @@ app_setup_block: | # changelog changelogs: + - { date: "11.12.23:", desc: "Deprecate certbot-dns-dynu to resolve dependency conflicts with other plugins." } - { date: "30.11.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) site-confs/default.conf - Fix index.php being downloaded on 404." } - { date: "23.11.23:", desc: "Run certbot as root to allow fix http validation." } - { date: "01.10.23:", desc: "Fix \"unrecognized arguments\" issue in DirectAdmin DNS plugin." } diff --git a/root/defaults/dns-conf/dynu.ini b/root/defaults/dns-conf/dynu.ini deleted file mode 100644 index 9c4db55..0000000 --- a/root/defaults/dns-conf/dynu.ini +++ /dev/null @@ -1,3 +0,0 @@ -# Instructions: https://github.com/bikram990/certbot-dns-dynu#configuration -# Replace with your API token from your dynu account. -dns_dynu_auth_token = AbCbASsd!@34