From 8ca0f2478213d5b2995480355c5384238980bb1f Mon Sep 17 00:00:00 2001 From: LinuxServer-CI Date: Wed, 8 Mar 2023 23:19:11 -0600 Subject: [PATCH 1/3] Bot Updating Package Versions --- package_versions.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package_versions.txt b/package_versions.txt index 4c1d573..b295fec 100755 --- a/package_versions.txt +++ b/package_versions.txt @@ -21,8 +21,8 @@ azure-mgmt-core 1.3.2 python azure-mgmt-dns 8.0.0 python bash 5.2.15-r0 apk beautifulsoup4 4.11.2 python -boto3 1.26.86 python -botocore 1.29.86 python +boto3 1.26.87 python +botocore 1.29.87 python brotli-libs 1.0.9-r9 apk bs4 0.0.1 python busybox 1.35.0 binary From 94d9ec6ef192eb744ac1410c62936e0a71cff236 Mon Sep 17 00:00:00 2001 From: Roxedus Date: Thu, 9 Mar 2023 21:41:56 +0100 Subject: [PATCH 2/3] Add Google Domains --- Dockerfile | 3 ++- Dockerfile.aarch64 | 3 ++- Dockerfile.armhf | 3 ++- README.md | 3 ++- readme-vars.yml | 3 ++- root/defaults/dns-conf/google-domains.ini | 4 ++++ root/etc/s6-overlay/s6-rc.d/init-certbot-config/run | 2 +- 7 files changed, 15 insertions(+), 6 deletions(-) create mode 100644 root/defaults/dns-conf/google-domains.ini diff --git a/Dockerfile b/Dockerfile index 19e2953..d2fa0e1 100755 --- a/Dockerfile +++ b/Dockerfile @@ -113,6 +113,7 @@ RUN \ certbot-dns-gehirn \ certbot-dns-godaddy \ certbot-dns-google \ + certbot-dns-google-domains \ certbot-dns-he \ certbot-dns-hetzner \ certbot-dns-infomaniak \ @@ -147,7 +148,7 @@ RUN \ 's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \ /defaults/nginx/ssl.conf.sample && \ echo "**** correct ip6tables legacy issue ****" && \ - rm \ + rm \ /sbin/ip6tables && \ ln -s \ /sbin/ip6tables-nft /sbin/ip6tables && \ diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index cd455f4..0b11152 100755 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -113,6 +113,7 @@ RUN \ certbot-dns-gehirn \ certbot-dns-godaddy \ certbot-dns-google \ + certbot-dns-google-domains \ certbot-dns-he \ certbot-dns-hetzner \ certbot-dns-infomaniak \ @@ -147,7 +148,7 @@ RUN \ 's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \ /defaults/nginx/ssl.conf.sample && \ echo "**** correct ip6tables legacy issue ****" && \ - rm \ + rm \ /sbin/ip6tables && \ ln -s \ /sbin/ip6tables-nft /sbin/ip6tables && \ diff --git a/Dockerfile.armhf b/Dockerfile.armhf index 1ac580e..84c8e33 100755 --- a/Dockerfile.armhf +++ b/Dockerfile.armhf @@ -113,6 +113,7 @@ RUN \ certbot-dns-gehirn \ certbot-dns-godaddy \ certbot-dns-google \ + certbot-dns-google-domains \ certbot-dns-he \ certbot-dns-hetzner \ certbot-dns-infomaniak \ @@ -147,7 +148,7 @@ RUN \ 's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \ /defaults/nginx/ssl.conf.sample && \ echo "**** correct ip6tables legacy issue ****" && \ - rm \ + rm \ /sbin/ip6tables && \ ln -s \ /sbin/ip6tables-nft /sbin/ip6tables && \ diff --git a/README.md b/README.md index e691258..95a52d7 100644 --- a/README.md +++ b/README.md @@ -215,7 +215,7 @@ Container images are configured using parameters passed at runtime (such as thos | `-e VALIDATION=http` | Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set). | | `-e SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only) | | `-e CERTPROVIDER=` | Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt. | -| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. | +| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. | | `-e PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. | | `-e EMAIL=` | Optional e-mail address used for cert expiration notifications (Required for ZeroSSL). | | `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` | @@ -336,6 +336,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64 ## Versions +* **09.03.23:** - Add Google Domains DNS support, `google-domains`. * **02.03.23:** - Set permissions on crontabs during init. * **09.02.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) proxy.conf, authelia-location.conf and authelia-server.conf - Add Authentik configs, update Authelia configs. * **06.02.23:** - Add porkbun support back in. diff --git a/readme-vars.yml b/readme-vars.yml index 9aa2f82..2dc09e7 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -51,7 +51,7 @@ opt_param_usage_include_env: true opt_param_env_vars: - { env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)" } - { env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt." } - - { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." } + - { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." } - { env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins." } - { env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." } - { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" } @@ -154,6 +154,7 @@ app_setup_block: | # changelog changelogs: + - { date: "09.03.23:", desc: "Add Google Domains DNS support, `google-domains`." } - { date: "02.03.23:", desc: "Set permissions on crontabs during init." } - { date: "09.02.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) proxy.conf, authelia-location.conf and authelia-server.conf - Add Authentik configs, update Authelia configs." } - { date: "06.02.23:", desc: "Add porkbun support back in." } diff --git a/root/defaults/dns-conf/google-domains.ini b/root/defaults/dns-conf/google-domains.ini new file mode 100644 index 0000000..0979bdd --- /dev/null +++ b/root/defaults/dns-conf/google-domains.ini @@ -0,0 +1,4 @@ +# Instructions: https://github.com/aaomidi/certbot-dns-google-domains#credentials +# Replace with your value +dns_google_domains_access_token = abcdef +dns_google_domains_zone = example.com diff --git a/root/etc/s6-overlay/s6-rc.d/init-certbot-config/run b/root/etc/s6-overlay/s6-rc.d/init-certbot-config/run index 3ad4284..50815d9 100755 --- a/root/etc/s6-overlay/s6-rc.d/init-certbot-config/run +++ b/root/etc/s6-overlay/s6-rc.d/init-certbot-config/run @@ -24,7 +24,7 @@ for i in "${SANED_VARS[@]}"; do done # check to make sure DNSPLUGIN is selected if dns validation is used -if [[ "${VALIDATION}" = "dns" ]] && [[ ! "${DNSPLUGIN}" =~ ^(acmedns|aliyun|azure|cloudflare|cpanel|desec|digitalocean|directadmin|dnsimple|dnsmadeeasy|dnspod|do|domeneshop|duckdns|dynu|gandi|gehirn|godaddy|google|he|hetzner|infomaniak|inwx|ionos|linode|loopia|luadns|netcup|njalla|nsone|ovh|porkbun|rfc2136|route53|sakuracloud|standalone|transip|vultr)$ ]]; then +if [[ "${VALIDATION}" = "dns" ]] && [[ ! "${DNSPLUGIN}" =~ ^(acmedns|aliyun|azure|cloudflare|cpanel|desec|digitalocean|directadmin|dnsimple|dnsmadeeasy|dnspod|do|domeneshop|duckdns|dynu|gandi|gehirn|godaddy|google|google-domains|he|hetzner|infomaniak|inwx|ionos|linode|loopia|luadns|netcup|njalla|nsone|ovh|porkbun|rfc2136|route53|sakuracloud|standalone|transip|vultr)$ ]]; then echo "Please set the DNSPLUGIN variable to a valid plugin name. See docker info for more details." sleep infinity fi From 8a1793ac6b715f46c4ebbd294c96dc489b93ab55 Mon Sep 17 00:00:00 2001 From: LinuxServer-CI Date: Thu, 9 Mar 2023 15:09:49 -0600 Subject: [PATCH 3/3] Bot Updating Package Versions --- package_versions.txt | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/package_versions.txt b/package_versions.txt index b295fec..e77930d 100755 --- a/package_versions.txt +++ b/package_versions.txt @@ -8,7 +8,7 @@ alpine-baselayout-data 3.4.0-r0 apk alpine-keys 2.4-r1 apk alpine-release 3.17.2-r0 apk aom-libs 3.5.0-r0 apk -apache2-utils 2.4.55-r0 apk +apache2-utils 2.4.56-r0 apk apk-tools 2.12.10-r1 apk apr 1.7.2-r0 apk apr-util 1.6.3-r0 apk @@ -21,8 +21,8 @@ azure-mgmt-core 1.3.2 python azure-mgmt-dns 8.0.0 python bash 5.2.15-r0 apk beautifulsoup4 4.11.2 python -boto3 1.26.87 python -botocore 1.29.87 python +boto3 1.26.88 python +botocore 1.29.88 python brotli-libs 1.0.9-r9 apk bs4 0.0.1 python busybox 1.35.0 binary @@ -51,6 +51,7 @@ certbot-dns-dynu 0.0.4 python certbot-dns-gehirn 2.4.0 python certbot-dns-godaddy 0.2.2 python certbot-dns-google 2.4.0 python +certbot-dns-google-domains 0.1.6 python certbot-dns-he 1.0.0 python certbot-dns-hetzner 2.0.0 python certbot-dns-infomaniak 0.2.1 python @@ -79,6 +80,7 @@ configobj 5.0.8 python coreutils 9.1-r0 apk cryptography 39.0.2 python curl 7.88.1-r0 apk +dataclasses-json 0.5.7 python distro 1.8.0 python dns-lexicon 3.11.7 python dnslib 0.9.23 python @@ -91,7 +93,8 @@ fontconfig 2.14.1-r0 apk freetype 2.12.1-r0 apk future 0.18.3 python gdbm 1.23-r0 apk -git 2.38.4-r0 apk +git 2.38.4-r1 apk +git-perl 2.38.4-r1 apk gmp 6.2.1-r2 apk gnupg 2.2.40-r0 apk gnupg-dirmngr 2.2.40-r0 apk @@ -180,6 +183,8 @@ logrotate 3.20.1-r3 apk loopialib 0.2.0 python lxml 4.9.2 python lz4-libs 1.9.4-r1 apk +marshmallow 3.19.0 python +marshmallow-enum 1.5.1 python memcached 1.6.17 binary memcached 1.6.17-r0 apk mock 5.0.1 python @@ -189,6 +194,7 @@ msal-extensions 1.0.0 python msrest 0.7.1 python musl 1.2.3-r4 apk musl-utils 1.2.3-r4 apk +mypy-extensions 1.0.0 python nano 7.0-r0 apk ncurses-libs 6.3_p20221119-r0 apk ncurses-terminfo-base 6.3_p20221119-r0 apk @@ -220,10 +226,13 @@ oauthlib 3.2.2 python oniguruma 6.9.8-r0 apk openssl 3.0.8-r0 apk p11-kit 0.24.1-r1 apk +packaging 23.0 python parsedatetime 2.6 python pcre 8.45-r2 apk pcre2 10.42-r0 apk perl 5.36.0-r0 apk +perl-error 0.17029-r1 apk +perl-git 2.38.4-r1 apk php-cli 8.1.16 binary php-fpm 8.1.16 binary php81 8.1.16-r0 apk @@ -283,6 +292,7 @@ popt 1.19-r0 apk portalocker 2.7.0 python procps 3.3.17-r2 apk protobuf 4.22.1 python +publicsuffixlist 0.9.3 python pyOpenSSL 23.0.0 python pyRFC3339 1.1 python pyacmedns 0.4 python @@ -313,6 +323,7 @@ sqlite-libs 3.40.1-r0 apk ssl_client 1.35.0-r29 apk tiff 4.4.0-r1 apk tldextract 3.4.0 python +typing-inspect 0.8.0 python typing_extensions 4.5.0 python tzdata 2022f-r1 apk unixodbc 2.3.11-r0 apk