Automatic generation of documentation (#818)

* generate a detailed CLI help
* generate a documentation site
* new readme
This commit is contained in:
Ludovic Fernandez 2019-03-08 19:47:06 +01:00 committed by GitHub
parent 235ab6653f
commit 62fea05e21
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
152 changed files with 9528 additions and 572 deletions

View file

@ -5,3 +5,4 @@ lego.exe
.vscode/
dist/
builds/
docs/

View file

@ -1,12 +1,14 @@
language: go
go:
- 1.10.x
- 1.12.x
- 1.x
services:
- memcached
go_import_path: github.com/xenolf/lego
addons:
hosts:
# for e2e tests
@ -33,6 +35,10 @@ before_install:
- curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | bash -s -- -b $GOPATH/bin v1.15.0
- golangci-lint --version
# Hugo - documentation
- wget -O /tmp/hugo.deb https://github.com/gohugoio/hugo/releases/download/v0.54.0/hugo_0.54.0_Linux-64bit.deb
- sudo dpkg -i /tmp/hugo.deb
install:
- echo "TRAVIS_GO_VERSION=$TRAVIS_GO_VERSION"
- dep status -v
@ -40,6 +46,13 @@ install:
after_success:
- make clean
before_deploy:
- >
if ! [ "$BEFORE_DEPLOY_RUN" ]; then
export BEFORE_DEPLOY_RUN=1;
make docs-build
fi
deploy:
- provider: script
skip_cleanup: true
@ -57,3 +70,11 @@ deploy:
on:
tags: true
condition: $TRAVIS_GO_VERSION =~ ^1\.x$
- provider: pages
local_dir: docs/public
skip_cleanup: true
github_token: ${GITHUB_TOKEN}
on:
tags: true
condition: $TRAVIS_GO_VERSION =~ ^1\.x$

View file

@ -73,62 +73,3 @@ git push -u origin my-feature
## create a pull request on Github ##
```
## DNS Providers: API references
| DNS provider | Code | Documentation | Go client |
|---------------------------|----------------|--------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------|
| Acme DNS | `acmedns` | [documentation](https://github.com/joohoi/acme-dns#api) | [Go client](https://github.com/cpu/goacmedns) |
| Alibaba Cloud | `alidns` | [documentation](https://www.alibabacloud.com/help/doc-detail/42875.htm) | [Go client](https://github.com/aliyun/alibaba-cloud-sdk-go) |
| Aurora DNS | `auroradns` | [documentation](https://libcloud.readthedocs.io/en/latest/dns/drivers/auroradns.html#api-docs) | [Go client](https://github.com/nrdcg/auroradns) |
| Azure | `azure` | [documentation](https://docs.microsoft.com/en-us/go/azure/) | [Go client](https://github.com/Azure/azure-sdk-for-go) |
| Bluecat | `bluecat` | ? | - |
| Cloudflare | `cloudflare` | [documentation](https://api.cloudflare.com/) | [Go client](https://github.com/cloudflare/cloudflare-go) |
| ClouDNS | `cloudns` | [documentation](https://www.cloudns.net/wiki/article/42/) | - |
| CloudXNS | `cloudxns` | [documentation](https://www.cloudxns.net/Public/Doc/CloudXNS_api2.0_doc_zh-cn.zip) | - |
| ConoHa | `conoha` | [documentation](https://www.conoha.jp/docs/) | - |
| Openstack Designate | `designate` | [documentation](https://docs.openstack.org/designate/latest/) | [Go client](https://godoc.org/github.com/gophercloud/gophercloud/openstack/dns/v2) |
| Digital Ocean | `digitalocean` | [documentation](https://developers.digitalocean.com/documentation/v2/#domain-records) | - |
| DNSimple | `dnsimple` | [documentation](https://developer.dnsimple.com/v2/) | [Go client](https://github.com/dnsimple/dnsimple-go) |
| DNS Made Easy | `dnsmadeeasy` | [documentation](https://api-docs.dnsmadeeasy.com/) | - |
| DNSPod | `dnspod` | [documentation](https://www.dnspod.cn/docs/index.html) | [Go client](https://github.com/decker502/dnspod-go) |
| DreamHost | `dreamhost` | [documentation](https://help.dreamhost.com/hc/en-us/articles/217560167-API_overview) | - |
| Duck DNS | `duckdns` | [documentation](https://www.duckdns.org/spec.jsp) | - |
| Dyn | `dyn` | [documentation](https://help.dyn.com/rest/) | - |
| exec | `exec` | - | - |
| Exoscale | `exoscale` | [documentation](https://community.exoscale.com/documentation/dns/api/) | [Go client](https://github.com/exoscale/egoscale) |
| FastDNS | `fastdns` | [documentation](https://developer.akamai.com/api/web_performance/fast_dns_record_management/v1.html) | [Go client](https://github.com/akamai/AkamaiOPEN-edgegrid-golang) |
| Gandi | `gandi` | [documentation](http://doc.rpc.gandi.net/index.html) | - |
| Gandi v5 | `gandiv5` | [documentation](http://doc.livedns.gandi.net) | - |
| Google Cloud | `gcloud` | ? | [Go client](https://github.com/googleapis/google-api-go-client) |
| Glesys | `glesys` | [documentation](https://github.com/GleSYS/API/wiki/API-Documentation) | - |
| Go Daddy | `godaddy` | [documentation](https://developer.godaddy.com/doc/endpoint/domains) | - |
| hosting.de | `hostingde` | [documentation](https://www.hosting.de/api/#dns) | - |
| Internet Initiative Japan | `iij` | [documentation](http://manual.iij.jp/p2/pubapi/) | [Go client](https://github.com/iij/doapi) |
| INWX | `inwx` | [documentation](https://www.inwx.de/en/help/apidoc) | [Go client](https://github.com/nrdcg/goinwx) |
| Lightsail | `lightsail` | ? | [Go client](https://github.com/aws/aws-sdk-go/aws) |
| Linode (deprecated) | `linode` | [documentation](https://www.linode.com/api/dns) | [Go client](https://github.com/timewasted/linode) |
| Linodev4 | `linodev4` | [documentation](https://developers.linode.com/api/v4) | [Go client](https://github.com/linode/linodego) |
| Namecheap | `namecheap` | [documentation](https://www.namecheap.com/support/api/methods.aspx) | - |
| Name.com | `namedotcom` | [documentation](https://www.name.com/api-docs/DNS) | [Go client](https://github.com/namedotcom/go) |
| manual | `manual` | - | - |
| MyDNS.jp | `mydnsjp` | [documentation](https://www.mydns.jp/?MENU=030) | - |
| Netcup | `netcup` | [documentation](https://www.netcup-wiki.de/wiki/DNS_API) | - |
| NIFCloud | `nifcloud` | [documentation](https://mbaas.nifcloud.com/doc/current/rest/common/format.html) | - |
| NS1 | `ns1` | [documentation](https://ns1.com/api) | [Go client](https://github.com/ns1/ns1-go) |
| Open Telekom Cloud | `otc` | [documentation](https://docs.otc.t-systems.com/en-us/dns/index.html) | - |
| Oracle Cloud | `oraclecloud` | [documentation](https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnszonemanagement.htm) | [Go Client](https://github.com/oracle/oci-go-sdk) |
| OVH | `ovh` | [documentation](https://eu.api.ovh.com/) | [Go client](https://github.com/ovh/go-ovh) |
| PowerDNS | `pdns` | [documentation](https://doc.powerdns.com/md/httpapi/README/) | - |
| Rackspace | `rackspace` | [documentation](https://developer.rackspace.com/docs/cloud-dns/v1/) | - |
| RFC2136 | `rfc2136` | [documentation](https://tools.ietf.org/html/rfc2136) | - |
| Route 53 | `route53` | [documentation](https://docs.aws.amazon.com/Route53/latest/APIReference/API_Operations_Amazon_Route_53.html) | [Go client](https://github.com/aws/aws-sdk-go/aws) |
| Sakura Cloud | `sakuracloud` | [documentation](https://developer.sakura.ad.jp/cloud/api/1.1/) | [Go client](https://github.com/sacloud/libsacloud) |
| Selectel | `selectel` | [documentation](https://kb.selectel.com/23136054.html) | - |
| Stackpath | `stackpath` | [documentation](https://developer.stackpath.com/en/api/dns/#tag/Zone) | - |
| TransIP | `transip` | [documentation](https://api.transip.nl/docs/transip.nl/package-Transip.html) | [Go client](https://github.com/transip/gotransip) |
| VegaDNS | `vegadns` | [documentation](https://github.com/shupp/VegaDNS-API) | [Go client](https://github.com/OpenDNS/vegadns2client) |
| Vultr | `vultr` | [documentation](https://www.vultr.com/api/#dns) | [Go client](https://github.com/JamesClonk/vultr) |
| Vscale | `vscale` | [documentation](https://developers.vscale.io/documentation/api/v1/#api-Domains_Records) | - |
| Zone.ee | `zone` | [documentation](https://api.zone.eu/v2) | - |

View file

@ -1,4 +1,4 @@
FROM golang:alpine3.8 as builder
FROM golang:alpine3.9 as builder
RUN apk --update upgrade \
&& apk --no-cache --no-progress add make git \
@ -8,7 +8,7 @@ WORKDIR /go/src/github.com/xenolf/lego
COPY . .
RUN make build
FROM alpine:3.8
FROM alpine:3.9
RUN apk update && apk add --no-cache --virtual ca-certificates
COPY --from=builder /go/src/github.com/xenolf/lego/dist/lego /usr/bin/lego
ENTRYPOINT [ "/usr/bin/lego" ]

9
Gopkg.lock generated
View file

@ -38,6 +38,14 @@
revision = "39013ecb48eaf6ced3f4e3e1d95515140ce6b3cf"
version = "v10.15.2"
[[projects]]
digest = "1:5d72bbcc9c8667b11c3dc3cbe681c5a6f71e5096744c0bf7726ab5c6425d5dc4"
name = "github.com/BurntSushi/toml"
packages = ["."]
pruneopts = "NUT"
revision = "3012a1dbe2e4bd1391d42b32f0577cb7bbc7f005"
version = "v0.3.1"
[[projects]]
digest = "1:ed3fc9992df610d07c85c24e0b792268cc1ce226dd9bf8cb2e6ad9a377b35415"
name = "github.com/JamesClonk/vultr"
@ -671,6 +679,7 @@
"github.com/Azure/go-autorest/autorest/azure",
"github.com/Azure/go-autorest/autorest/azure/auth",
"github.com/Azure/go-autorest/autorest/to",
"github.com/BurntSushi/toml",
"github.com/JamesClonk/vultr/lib",
"github.com/OpenDNS/vegadns2client",
"github.com/akamai/AkamaiOPEN-edgegrid-golang/configdns-v1",

View file

@ -1,4 +1,4 @@
.PHONY: clean checks test build image dependencies
.PHONY: clean checks test build image dependencies e2e fmt
SRCS = $(shell git ls-files '*.go' | grep -v '^vendor/')
@ -10,7 +10,7 @@ TAG_NAME := $(shell git tag -l --contains HEAD)
SHA := $(shell git rev-parse HEAD)
VERSION := $(if $(TAG_NAME),$(TAG_NAME),$(SHA))
default: clean checks test build
default: clean generate-dns checks test build
clean:
rm -rf dist/ builds/ cover.out
@ -39,6 +39,7 @@ fmt:
gofmt -s -l -w $(SRCS)
# Release helper
.PHONY: patch minor major detach
patch:
go run internal/release.go release -m patch
@ -51,3 +52,21 @@ major:
detach:
go run internal/release.go detach
# Docs
.PHONY: docs-build docs-serve docs-themes
docs-build: generate-dns
@make -C ./docs hugo-build
docs-serve: generate-dns
@make -C ./docs hugo
docs-themes:
@make -C ./docs hugo-themes
# Generate DNS
.PHONY: generate-dns
generate-dns:
go generate ./...

313
README.md
View file

@ -1,6 +1,6 @@
# lego
Let's Encrypt client and ACME library written in Go
Let's Encrypt client and ACME library written in Go.
[![GoDoc](https://godoc.org/github.com/xenolf/lego?status.svg)](https://godoc.org/github.com/xenolf/lego/acme)
[![Build Status](https://travis-ci.org/xenolf/lego.svg?branch=master)](https://travis-ci.org/xenolf/lego)
@ -8,37 +8,6 @@ Let's Encrypt client and ACME library written in Go
[![Dev Chat](https://img.shields.io/badge/dev%20chat-gitter-blue.svg?label=dev+chat)](https://gitter.im/xenolf/lego)
[![Beerpay](https://beerpay.io/xenolf/lego/badge.svg)](https://beerpay.io/xenolf/lego)
## Installation
### Binaries
To get the binary just download the latest release for your OS/Arch from [the release page](https://github.com/xenolf/lego/releases) and put the binary somewhere convenient.
lego does not assume anything about the location you run it from.
### From Docker
```bash
docker run xenolf/lego -h
```
### From package managers
- [ArchLinux (AUR)](https://aur.archlinux.org/packages/lego):
```bash
yay -S lego
```
**Note**: only the package manager for Arch Linux is officially supported by the lego team.
### From sources
To install from sources, just run:
```bash
go get -u github.com/xenolf/lego/cmd/lego
```
## Features
- Register with CA
@ -55,266 +24,38 @@ go get -u github.com/xenolf/lego/cmd/lego
- Certificate bundling
- OCSP helper function
Please keep in mind that CLI switches and APIs are still subject to change.
lego introduced support for ACME v2 in [v1.0.0](https://github.com/xenolf/lego/releases/tag/v1.0.0). If you still need to utilize ACME v1, you can do so by using the [v0.5.0](https://github.com/xenolf/lego/releases/tag/v0.5.0) version.
When using the standard `--path` option, all certificates and account configurations are saved to a folder `.lego` in the current working directory.
## Installation
How to [install](https://xenolf.github.io/lego/installation/).
## Usage
```text
NAME:
lego - Let's Encrypt client written in Go
- as a [CLI](https://xenolf.github.io/lego/usage/cli)
- as a [library](https://xenolf.github.io/lego/usage/lib)
USAGE:
lego [global options] command [command options] [arguments...]
## Documentation
COMMANDS:
run Register an account, then create and install a certificate
revoke Revoke a certificate
renew Renew a certificate
dnshelp Shows additional help for the --dns global option
list Display certificates and accounts information.
help, h Shows a list of commands or help for one command
Documentation is hosted live at https://xenolf.github.io/lego/.
GLOBAL OPTIONS:
--domains value, -d value Add a domain to the process. Can be specified multiple times.
--server value, -s value CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client. (default: "https://acme-v02.api.letsencrypt.org/directory")
--accept-tos, -a By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service.
--email value, -m value Email used for registration and recovery contact.
--csr value, -c value Certificate signing request filename, if an external CSR is to be used.
--eab Use External Account Binding for account registration. Requires --kid and --hmac.
--kid value Key identifier from External CA. Used for External Account Binding.
--hmac value MAC key from External CA. Should be in Base64 URL Encoding without padding format. Used for External Account Binding.
--key-type value, -k value Key type to use for private keys. Supported: rsa2048, rsa4096, rsa8192, ec256, ec384. (default: "rsa2048")
--filename value (deprecated) Filename of the generated certificate.
--path value Directory to use for storing the data. (default: "./.lego")
--http Use the HTTP challenge to solve challenges. Can be mixed with other types of challenges.
--http.port value Set the port and interface to use for HTTP based challenges to listen on.Supported: interface:port or :port. (default: ":80")
--http.webroot value Set the webroot folder to use for HTTP based challenges to write directly in a file in .well-known/acme-challenge.
--http.memcached-host value Set the memcached host(s) to use for HTTP based challenges. Challenges will be written to all specified hosts.
--tls Use the TLS challenge to solve challenges. Can be mixed with other types of challenges.
--tls.port value Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port. (default: ":443")
--dns value Solve a DNS challenge using the specified provider. Can be mixed with other types of challenges. Run 'lego dnshelp' for help on usage.
--dns.disable-cp By setting this flag to true, disables the need to wait the propagation of the TXT record to all authoritative name servers.
--dns.resolvers value Set the resolvers to use for performing recursive DNS queries. Supported: host:port. The default is to use the system resolvers, or Google's DNS resolvers if the system's cannot be determined.
--http-timeout value Set the HTTP timeout value to a specific value in seconds. (default: 0)
--dns-timeout value Set the DNS timeout value to a specific value in seconds. Used only when performing authoritative name servers queries. (default: 10)
--pem Generate a .pem file by concatenating the .key and .crt files together.
--cert.timeout value Set the certificate timeout value to a specific value in seconds. Only used when obtaining certificates. (default: 30)
--help, -h show help
--version, -v print the version
```
## DNS providers
### Sudo
Detailed documentation is available [here](https://xenolf.github.io/lego/dns).
The CLI does not require root permissions but needs to bind to port 80 and 443 for certain challenges.
To run the CLI without sudo, you have four options:
- Use setcap 'cap_net_bind_service=+ep' /path/to/program
- Pass the `--http.port` or/and the `--tls.port` option and specify a custom port to bind to. In this case you have to forward port 80/443 to these custom ports (see [Port Usage](#port-usage)).
- Pass the `--http.webroot` option and specify the path to your webroot folder. In this case the challenge will be written in a file in `.well-known/acme-challenge/` inside your webroot.
- Pass the `--dns` option and specify a DNS provider.
### Port Usage
By default lego assumes it is able to bind to ports 80 and 443 to solve challenges.
If this is not possible in your environment, you can use the `--http.port` and `--tls.port` options to instruct
lego to listen on that interface:port for any incoming challenges.
If you are using this option, make sure you proxy all of the following traffic to these ports.
HTTP Port:
- All plaintext HTTP requests to port 80 which begin with a request path of `/.well-known/acme-challenge/` for the HTTP challenge.
TLS Port:
- All TLS handshakes on port 443 for the TLS-ALPN challenge.
This traffic redirection is only needed as long as lego solves challenges. As soon as you have received your certificates you can deactivate the forwarding.
### CLI Example
Assumes the `lego` binary has permission to bind to ports 80 and 443.
You can get a pre-built binary from the [releases](https://github.com/xenolf/lego/releases) page.
If your environment does not allow you to bind to these ports, please read [Port Usage](#port-usage).
Obtain a certificate:
```bash
lego --email="foo@bar.com" --domains="example.com" --http run
```
(Find your certificate in the `.lego` folder of current working directory.)
To renew the certificate:
```bash
lego --email="foo@bar.com" --domains="example.com" --http renew
```
To renew the certificate only if it expires within 30 days
```bash
lego --email="foo@bar.com" --domains="example.com" --http renew --days 30
```
Obtain a certificate using the DNS challenge and AWS Route 53:
```bash
AWS_REGION=us-east-1 AWS_ACCESS_KEY_ID=my_id AWS_SECRET_ACCESS_KEY=my_key lego --email="foo@bar.com" --domains="example.com" --dns="route53" run
```
Obtain a certificate given a certificate signing request (CSR) generated by something else:
```bash
lego --email="foo@bar.com" --http --csr=/path/to/csr.pem run
```
(lego will infer the domains to be validated based on the contents of the CSR, so make sure the CSR's Common Name and optional SubjectAltNames are set correctly.)
lego defaults to communicating with the production Let's Encrypt ACME server.
If you'd like to test something without issuing real certificates, consider using the staging endpoint instead:
```bash
lego --server=https://acme-staging-v02.api.letsencrypt.org/directory …
```
## ACME Library Usage
A valid, but bare-bones example use of the acme package:
```go
package main
import (
"crypto"
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"fmt"
"log"
"github.com/xenolf/lego/certcrypto"
"github.com/xenolf/lego/certificate"
"github.com/xenolf/lego/challenge/http01"
"github.com/xenolf/lego/challenge/tlsalpn01"
"github.com/xenolf/lego/lego"
"github.com/xenolf/lego/registration"
)
// You'll need a user or account type that implements acme.User
type MyUser struct {
Email string
Registration *registration.Resource
key crypto.PrivateKey
}
func (u *MyUser) GetEmail() string {
return u.Email
}
func (u MyUser) GetRegistration() *registration.Resource {
return u.Registration
}
func (u *MyUser) GetPrivateKey() crypto.PrivateKey {
return u.key
}
func main() {
// Create a user. New accounts need an email and private key to start.
privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
log.Fatal(err)
}
myUser := MyUser{
Email: "you@yours.com",
key: privateKey,
}
config := lego.NewConfig(&myUser)
// This CA URL is configured for a local dev instance of Boulder running in Docker in a VM.
config.CADirURL = "http://192.168.99.100:4000/directory"
config.Certificate.KeyType = certcrypto.RSA2048
// A client facilitates communication with the CA server.
client, err := lego.NewClient(config)
if err != nil {
log.Fatal(err)
}
// We specify an http port of 5002 and an tls port of 5001 on all interfaces
// because we aren't running as root and can't bind a listener to port 80 and 443
// (used later when we attempt to pass challenges). Keep in mind that you still
// need to proxy challenge traffic to port 5002 and 5001.
err = client.Challenge.SetHTTP01Provider(http01.NewProviderServer("", "5002"))
if err != nil {
log.Fatal(err)
}
err = client.Challenge.SetTLSALPN01Provider(tlsalpn01.NewProviderServer("", "5001"))
if err != nil {
log.Fatal(err)
}
// New users will need to register
reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true})
if err != nil {
log.Fatal(err)
}
myUser.Registration = reg
request := certificate.ObtainRequest{
Domains: []string{"mydomain.com"},
Bundle: true,
}
certificates, err := client.Certificate.Obtain(request)
if err != nil {
log.Fatal(err)
}
// Each certificate comes back with the cert bytes, the bytes of the client's
// private key, and a certificate URL. SAVE THESE TO DISK.
fmt.Printf("%#v\n", certificates)
// ... all done.
}
```
## DNS Challenge API Details
### AWS Route 53
The following AWS IAM policy document describes the permissions required for lego to complete the DNS challenge.
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Action": [
"route53:GetChange",
"route53:ChangeResourceRecordSets",
"route53:ListResourceRecordSets"
],
"Resource": [
"arn:aws:route53:::hostedzone/*",
"arn:aws:route53:::change/*"
]
},
{
"Sid": "",
"Effect": "Allow",
"Action": "route53:ListHostedZonesByName",
"Resource": "*"
}
]
}
```
## ACME v1
lego introduced support for ACME v2 in [v1.0.0](https://github.com/xenolf/lego/releases/tag/v1.0.0), if you still need to utilize ACME v1, you can do so by using the [v0.5.0](https://github.com/xenolf/lego/releases/tag/v0.5.0) version.
| | | | |
|----------------------------------------------------------------|--------------------------------------------------------------------------------|-------------------------------------------------------------------|------------------------------------------------------------------|
| [Alibaba Cloud DNS](https://xenolf.github.io/lego/dns/alidns/) | [Amazon Lightsail](https://xenolf.github.io/lego/dns/lightsail/) | [Amazon Route 53](https://xenolf.github.io/lego/dns/route53/) | [Aurora DNS](https://xenolf.github.io/lego/dns/auroradns/) |
| [Azure](https://xenolf.github.io/lego/dns/azure/) | [Bluecat](https://xenolf.github.io/lego/dns/bluecat/) | [ClouDNS](https://xenolf.github.io/lego/dns/cloudns/) | [CloudXNS](https://xenolf.github.io/lego/dns/cloudxns/) |
| [Cloudflare](https://xenolf.github.io/lego/dns/cloudflare/) | [ConoHa](https://xenolf.github.io/lego/dns/conoha/) | [DNS Made Easy](https://xenolf.github.io/lego/dns/dnsmadeeasy/) | [DNSPod](https://xenolf.github.io/lego/dns/dnspod/) |
| [DNSimple](https://xenolf.github.io/lego/dns/dnsimple/) | [Designate DNSaaS for Openstack](https://xenolf.github.io/lego/dns/designate/) | [Digital Ocean](https://xenolf.github.io/lego/dns/digitalocean/) | [DreamHost](https://xenolf.github.io/lego/dns/dreamhost/) |
| [Duck DNS](https://xenolf.github.io/lego/dns/duckdns/) | [Dyn](https://xenolf.github.io/lego/dns/dyn/) | [Exoscale](https://xenolf.github.io/lego/dns/exoscale/) | [External program](https://xenolf.github.io/lego/dns/exec/) |
| [FastDNS](https://xenolf.github.io/lego/dns/fastdns/) | [Gandi](https://xenolf.github.io/lego/dns/gandi/) | [Gandi Live DNS (v5)](https://xenolf.github.io/lego/dns/gandiv5/) | [Glesys](https://xenolf.github.io/lego/dns/glesys/) |
| [Go Daddy](https://xenolf.github.io/lego/dns/godaddy/) | [Google Cloud](https://xenolf.github.io/lego/dns/gcloud/) | [HTTP request](https://xenolf.github.io/lego/dns/httpreq/) | [Hosting.de](https://xenolf.github.io/lego/dns/hostingde/) |
| [INWX](https://xenolf.github.io/lego/dns/inwx/) | [Internet Initiative Japan](https://xenolf.github.io/lego/dns/iij/) | [Joohoi's ACME-DNS](https://xenolf.github.io/lego/dns/acme-dns) | [Linode (deprecated)](https://xenolf.github.io/lego/dns/linode/) |
| [Linode (v4)](https://xenolf.github.io/lego/dns/linodev4/) | [Manual](https://xenolf.github.io/lego/dns/manual/) | [MyDNS.jp](https://xenolf.github.io/lego/dns/mydnsjp/) | [NIFCloud](https://xenolf.github.io/lego/dns/nifcloud/) |
| [NS1](https://xenolf.github.io/lego/dns/ns1/) | [Name.com](https://xenolf.github.io/lego/dns/namedotcom/) | [Namecheap](https://xenolf.github.io/lego/dns/namecheap/) | [Netcup](https://xenolf.github.io/lego/dns/netcup/) |
| [OVH](https://xenolf.github.io/lego/dns/ovh/) | [Open Telekom Cloud](https://xenolf.github.io/lego/dns/otc/) | [Oracle Cloud](https://xenolf.github.io/lego/dns/oraclecloud/) | [PowerDNS](https://xenolf.github.io/lego/dns/pdns/) |
| [RFC2136](https://xenolf.github.io/lego/dns/rfc2136/) | [Rackspace](https://xenolf.github.io/lego/dns/rackspace/) | [Sakura Cloud](https://xenolf.github.io/lego/dns/sakuracloud/) | [Selectel](https://xenolf.github.io/lego/dns/selectel/) |
| [Stackpath](https://xenolf.github.io/lego/dns/stackpath/) | [TransIP](https://xenolf.github.io/lego/dns/transip/) | [VegaDNS](https://xenolf.github.io/lego/dns/vegadns/) | [Vscale](https://xenolf.github.io/lego/dns/vscale/) |
| [Vultr](https://xenolf.github.io/lego/dns/vultr/) | [Zone.ee](https://xenolf.github.io/lego/dns/zoneee/) | | |

View file

@ -3,6 +3,7 @@ package cmd
import (
"fmt"
"os"
"strings"
"text/tabwriter"
"github.com/urfave/cli"
@ -11,141 +12,37 @@ import (
func createDNSHelp() cli.Command {
return cli.Command{
Name: "dnshelp",
Usage: "Shows additional help for the --dns global option",
Usage: "Shows additional help for the '--dns' global option",
Action: dnsHelp,
Flags: []cli.Flag{
cli.StringFlag{
Name: "code, c",
Usage: fmt.Sprintf("DNS code: %s", allDNSCodes()),
},
},
}
}
func dnsHelp(_ *cli.Context) error {
fmt.Printf(
`Credentials for DNS providers must be passed through environment variables.
Here is an example bash command using the CloudFlare DNS provider:
$ CLOUDFLARE_EMAIL=foo@bar.com \
CLOUDFLARE_API_KEY=b9841238feb177a84330febba8a83208921177bffe733 \
lego --dns cloudflare --domains www.example.com --email me@bar.com run
`)
func dnsHelp(ctx *cli.Context) error {
code := ctx.String("code")
if code == "" {
w := tabwriter.NewWriter(os.Stdout, 0, 8, 1, '\t', 0)
fmt.Fprintln(w, "Valid providers and their associated credential environment variables:")
fmt.Fprintln(w)
fmt.Fprintln(w, "\tacme-dns:\tACME_DNS_API_BASE, ACME_DNS_STORAGE_PATH")
fmt.Fprintln(w, "\talidns:\tALICLOUD_ACCESS_KEY, ALICLOUD_SECRET_KEY")
fmt.Fprintln(w, "\tauroradns:\tAURORA_USER_ID, AURORA_KEY, AURORA_ENDPOINT")
fmt.Fprintln(w, "\tazure:\tAZURE_CLIENT_ID, AZURE_CLIENT_SECRET, AZURE_SUBSCRIPTION_ID, AZURE_TENANT_ID, AZURE_RESOURCE_GROUP")
fmt.Fprintln(w, "\tbluecat:\tBLUECAT_SERVER_URL, BLUECAT_USER_NAME, BLUECAT_PASSWORD, BLUECAT_CONFIG_NAME, BLUECAT_DNS_VIEW")
fmt.Fprintln(w, "\tcloudflare:\tCLOUDFLARE_EMAIL, CLOUDFLARE_API_KEY")
fmt.Fprintln(w, "\tcloudns:\tCLOUDNS_AUTH_ID, CLOUDNS_AUTH_PASSWORD")
fmt.Fprintln(w, "\tcloudxns:\tCLOUDXNS_API_KEY, CLOUDXNS_SECRET_KEY")
fmt.Fprintln(w, "\tconoha:\tCONOHA_TENANT_ID, CONOHA_API_USERNAME, CONOHA_API_PASSWORD")
fmt.Fprintln(w, "\tdesignate:\tOS_AUTH_URL, OS_USERNAME, OS_PASSWORD, OS_TENANT_NAME, OS_REGION_NAME")
fmt.Fprintln(w, "\tdigitalocean:\tDO_AUTH_TOKEN")
fmt.Fprintln(w, "\tdnsimple:\tDNSIMPLE_EMAIL, DNSIMPLE_OAUTH_TOKEN")
fmt.Fprintln(w, "\tdnsmadeeasy:\tDNSMADEEASY_API_KEY, DNSMADEEASY_API_SECRET")
fmt.Fprintln(w, "\tdnspod:\tDNSPOD_API_KEY")
fmt.Fprintln(w, "\tdreamhost:\tDREAMHOST_API_KEY")
fmt.Fprintln(w, "\tduckdns:\tDUCKDNS_TOKEN")
fmt.Fprintln(w, "\tdyn:\tDYN_CUSTOMER_NAME, DYN_USER_NAME, DYN_PASSWORD")
fmt.Fprintln(w, "\texec:\tEXEC_PATH, EXEC_MODE")
fmt.Fprintln(w, "\texoscale:\tEXOSCALE_API_KEY, EXOSCALE_API_SECRET, EXOSCALE_ENDPOINT")
fmt.Fprintln(w, "\tfastdns:\tAKAMAI_HOST, AKAMAI_CLIENT_TOKEN, AKAMAI_CLIENT_SECRET, AKAMAI_ACCESS_TOKEN")
fmt.Fprintln(w, "\tgandi:\tGANDI_API_KEY")
fmt.Fprintln(w, "\tgandiv5:\tGANDIV5_API_KEY")
fmt.Fprintln(w, "\tgcloud:\tGCE_PROJECT, 'Application Default Credentials', [GCE_SERVICE_ACCOUNT_FILE], [GCE_SERVICE_ACCOUNT]")
fmt.Fprintln(w, "\tglesys:\tGLESYS_API_USER, GLESYS_API_KEY")
fmt.Fprintln(w, "\tgodaddy:\tGODADDY_API_KEY, GODADDY_API_SECRET")
fmt.Fprintln(w, "\thostingde:\tHOSTINGDE_API_KEY, HOSTINGDE_ZONE_NAME")
fmt.Fprintln(w, "\thttpreq:\tHTTPREQ_ENDPOINT, HTTPREQ_MODE, HTTPREQ_USERNAME, HTTPREQ_PASSWORD")
fmt.Fprintln(w, "\tiij:\tIIJ_API_ACCESS_KEY, IIJ_API_SECRET_KEY, IIJ_DO_SERVICE_CODE")
fmt.Fprintln(w, "\tinwx:\tINWX_USERNAME, INWX_PASSWORD")
fmt.Fprintln(w, "\tlightsail:\tAWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, DNS_ZONE")
fmt.Fprintln(w, "\tlinode:\tLINODE_API_KEY")
fmt.Fprintln(w, "\tlinodev4:\tLINODE_TOKEN")
fmt.Fprintln(w, "\tmanual:\tnone")
fmt.Fprintln(w, "\tmydnsjp:\tMYDNSJP_MASTER_ID, MYDNSJP_PASSWORD")
fmt.Fprintln(w, "\tnamecheap:\tNAMECHEAP_API_USER, NAMECHEAP_API_KEY")
fmt.Fprintln(w, "\tnamedotcom:\tNAMECOM_USERNAME, NAMECOM_API_TOKEN")
fmt.Fprintln(w, "\tnetcup:\tNETCUP_CUSTOMER_NUMBER, NETCUP_API_KEY, NETCUP_API_PASSWORD")
fmt.Fprintln(w, "\tnifcloud:\tNIFCLOUD_ACCESS_KEY_ID, NIFCLOUD_SECRET_ACCESS_KEY")
fmt.Fprintln(w, "\tns1:\tNS1_API_KEY")
fmt.Fprintln(w, "\toraclecloud:\tOCI_PRIVKEY_FILE, OCI_PRIVKEY_PASS, OCI_TENANCY_OCID, OCI_USER_OCID, OCI_PUBKEY_FINGERPRINT, OCI_REGION, OCI_COMPARTMENT_OCID")
fmt.Fprintln(w, "\totc:\tOTC_USER_NAME, OTC_PASSWORD, OTC_PROJECT_NAME, OTC_DOMAIN_NAME, OTC_IDENTITY_ENDPOINT")
fmt.Fprintln(w, "\tovh:\tOVH_ENDPOINT, OVH_APPLICATION_KEY, OVH_APPLICATION_SECRET, OVH_CONSUMER_KEY")
fmt.Fprintln(w, "\tpdns:\tPDNS_API_KEY, PDNS_API_URL")
fmt.Fprintln(w, "\trackspace:\tRACKSPACE_USER, RACKSPACE_API_KEY")
fmt.Fprintln(w, "\trfc2136:\tRFC2136_TSIG_KEY, RFC2136_TSIG_SECRET,\n\t\tRFC2136_TSIG_ALGORITHM, RFC2136_NAMESERVER")
fmt.Fprintln(w, "\troute53:\tAWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION, AWS_HOSTED_ZONE_ID")
fmt.Fprintln(w, "\tsakuracloud:\tSAKURACLOUD_ACCESS_TOKEN, SAKURACLOUD_ACCESS_TOKEN_SECRET")
fmt.Fprintln(w, "\tselectel:\tSELECTEL_API_TOKEN")
fmt.Fprintln(w, "\tstackpath:\tSTACKPATH_CLIENT_ID, STACKPATH_CLIENT_SECRET, STACKPATH_STACK_ID")
fmt.Fprintln(w, "\ttransip:\tTRANSIP_ACCOUNT_NAME, TRANSIP_PRIVATE_KEY_PATH")
fmt.Fprintln(w, "\tvegadns:\tSECRET_VEGADNS_KEY, SECRET_VEGADNS_SECRET, VEGADNS_URL")
fmt.Fprintln(w, "\tvscale:\tVSCALE_API_TOKEN")
fmt.Fprintln(w, "\tvultr:\tVULTR_API_KEY")
fmt.Fprintln(w, "\tzoneee:\tZONEEE_ENDPOINT, ZONEEE_API_USER, ZONEEE_API_KEY")
fmt.Fprintln(w)
fmt.Fprintln(w, "Additional configuration environment variables:")
fmt.Fprintln(w)
fmt.Fprintln(w, "\talidns:\tALICLOUD_POLLING_INTERVAL, ALICLOUD_PROPAGATION_TIMEOUT, ALICLOUD_TTL, ALICLOUD_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tauroradns:\tAURORA_POLLING_INTERVAL, AURORA_PROPAGATION_TIMEOUT, AURORA_TTL")
fmt.Fprintln(w, "\tazure:\tAZURE_POLLING_INTERVAL, AZURE_PROPAGATION_TIMEOUT, AZURE_TTL, AZURE_METADATA_ENDPOINT")
fmt.Fprintln(w, "\tbluecat:\tBLUECAT_POLLING_INTERVAL, BLUECAT_PROPAGATION_TIMEOUT, BLUECAT_TTL, BLUECAT_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tcloudflare:\tCLOUDFLARE_POLLING_INTERVAL, CLOUDFLARE_PROPAGATION_TIMEOUT, CLOUDFLARE_TTL, CLOUDFLARE_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tcloudns:\tCLOUDNS_POLLING_INTERVAL, CLOUDNS_PROPAGATION_TIMEOUT, CLOUDNS_TTL, CLOUDNS_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tcloudxns:\tCLOUDXNS_POLLING_INTERVAL, CLOUDXNS_PROPAGATION_TIMEOUT, CLOUDXNS_TTL, CLOUDXNS_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tconoha:\tCONOHA_POLLING_INTERVAL, CONOHA_PROPAGATION_TIMEOUT, CONOHA_TTL, CONOHA_HTTP_TIMEOUT, CONOHA_REGION")
fmt.Fprintln(w, "\tdesignate:\tDESIGNATE_POLLING_INTERVAL, DESIGNATE_PROPAGATION_TIMEOUT, DESIGNATE_TTL")
fmt.Fprintln(w, "\tdigitalocean:\tDO_POLLING_INTERVAL, DO_PROPAGATION_TIMEOUT, DO_TTL, DO_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tdnsimple:\tDNSIMPLE_TTL, DNSIMPLE_POLLING_INTERVAL, DNSIMPLE_PROPAGATION_TIMEOUT")
fmt.Fprintln(w, "\tdnsmadeeasy:\tDNSMADEEASY_POLLING_INTERVAL, DNSMADEEASY_PROPAGATION_TIMEOUT, DNSMADEEASY_TTL, DNSMADEEASY_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tdnspod:\tDNSPOD_POLLING_INTERVAL, DNSPOD_PROPAGATION_TIMEOUT, DNSPOD_TTL, DNSPOD_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tdreamhost:\tDREAMHOST_POLLING_INTERVAL, DREAMHOST_PROPAGATION_TIMEOUT, DREAMHOST_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tduckdns:\tDUCKDNS_POLLING_INTERVAL, DUCKDNS_PROPAGATION_TIMEOUT, DUCKDNS_HTTP_TIMEOUT, DUCKDNS_SEQUENCE_INTERVAL")
fmt.Fprintln(w, "\tdyn:\tDYN_POLLING_INTERVAL, DYN_PROPAGATION_TIMEOUT, DYN_TTL, DYN_HTTP_TIMEOUT")
fmt.Fprintln(w, "\texec:\tEXEC_POLLING_INTERVAL, EXEC_PROPAGATION_TIMEOUT")
fmt.Fprintln(w, "\texoscale:\tEXOSCALE_POLLING_INTERVAL, EXOSCALE_PROPAGATION_TIMEOUT, EXOSCALE_TTL, EXOSCALE_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tfastdns:\tAKAMAI_POLLING_INTERVAL, AKAMAI_PROPAGATION_TIMEOUT, AKAMAI_TTL")
fmt.Fprintln(w, "\tgandi:\tGANDI_POLLING_INTERVAL, GANDI_PROPAGATION_TIMEOUT, GANDI_TTL, GANDI_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tgandiv5:\tGANDIV5_POLLING_INTERVAL, GANDIV5_PROPAGATION_TIMEOUT, GANDIV5_TTL, GANDIV5_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tgcloud:\tGCE_POLLING_INTERVAL, GCE_PROPAGATION_TIMEOUT, GCE_TTL")
fmt.Fprintln(w, "\tglesys:\tGLESYS_POLLING_INTERVAL, GLESYS_PROPAGATION_TIMEOUT, GLESYS_TTL, GLESYS_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tgodaddy:\tGODADDY_POLLING_INTERVAL, GODADDY_PROPAGATION_TIMEOUT, GODADDY_TTL, GODADDY_HTTP_TIMEOUT, GODADDY_SEQUENCE_INTERVAL")
fmt.Fprintln(w, "\thostingde:\tHOSTINGDE_POLLING_INTERVAL, HOSTINGDE_PROPAGATION_TIMEOUT, HOSTINGDE_TTL, HOSTINGDE_HTTP_TIMEOUT")
fmt.Fprintln(w, "\thttpreq:\tHTTPREQ_POLLING_INTERVAL, HTTPREQ_PROPAGATION_TIMEOUT, HTTPREQ_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tiij:\tIIJ_POLLING_INTERVAL, IIJ_PROPAGATION_TIMEOUT, IIJ_TTL")
fmt.Fprintln(w, "\tinwx:\tINWX_POLLING_INTERVAL, INWX_PROPAGATION_TIMEOUT, INWX_TTL, INWX_SANDBOX")
fmt.Fprintln(w, "\tlightsail:\tLIGHTSAIL_POLLING_INTERVAL, LIGHTSAIL_PROPAGATION_TIMEOUT")
fmt.Fprintln(w, "\tlinode:\tLINODE_POLLING_INTERVAL, LINODE_TTL, LINODE_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tlinodev4:\tLINODE_POLLING_INTERVAL, LINODE_TTL, LINODE_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tmydnsjp:\tMYDNSJP_PROPAGATION_TIMEOUT, MYDNSJP_POLLING_INTERVAL, MYDNSJP_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tnamecheap:\tNAMECHEAP_POLLING_INTERVAL, NAMECHEAP_PROPAGATION_TIMEOUT, NAMECHEAP_TTL, NAMECHEAP_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tnamedotcom:\tNAMECOM_POLLING_INTERVAL, NAMECOM_PROPAGATION_TIMEOUT, NAMECOM_TTL, NAMECOM_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tnetcup:\tNETCUP_POLLING_INTERVAL, NETCUP_PROPAGATION_TIMEOUT, NETCUP_TTL, NETCUP_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tnifcloud:\tNIFCLOUD_POLLING_INTERVAL, NIFCLOUD_PROPAGATION_TIMEOUT, NIFCLOUD_TTL, NIFCLOUD_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tns1:\tNS1_POLLING_INTERVAL, NS1_PROPAGATION_TIMEOUT, NS1_TTL, NS1_HTTP_TIMEOUT")
fmt.Fprintln(w, "\toraclecloud:\tOCI_TTL, OCI_PROPAGATION_TIMEOUT, OCI_POLLING_INTERVAL")
fmt.Fprintln(w, "\totc:\tOTC_POLLING_INTERVAL, OTC_PROPAGATION_TIMEOUT, OTC_TTL, OTC_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tovh:\tOVH_POLLING_INTERVAL, OVH_PROPAGATION_TIMEOUT, OVH_TTL, OVH_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tpdns:\tPDNS_POLLING_INTERVAL, PDNS_PROPAGATION_TIMEOUT, PDNS_TTL, PDNS_HTTP_TIMEOUT")
fmt.Fprintln(w, "\trackspace:\tRACKSPACE_POLLING_INTERVAL, RACKSPACE_PROPAGATION_TIMEOUT, RACKSPACE_TTL, RACKSPACE_HTTP_TIMEOUT")
fmt.Fprintln(w, "\trfc2136:\tRFC2136_POLLING_INTERVAL, RFC2136_PROPAGATION_TIMEOUT, RFC2136_TTL, RFC2136_SEQUENCE_INTERVAL, RFC2136_DNS_TIMEOUT")
fmt.Fprintln(w, "\troute53:\tAWS_POLLING_INTERVAL, AWS_PROPAGATION_TIMEOUT, AWS_TTL")
fmt.Fprintln(w, "\tsakuracloud:\tSAKURACLOUD_POLLING_INTERVAL, SAKURACLOUD_PROPAGATION_TIMEOUT, SAKURACLOUD_TTL")
fmt.Fprintln(w, "\tselectel:\tSELECTEL_BASE_URL, SELECTEL_TTL, SELECTEL_PROPAGATION_TIMEOUT, SELECTEL_POLLING_INTERVAL, SELECTEL_HTTP_TIMEOUT")
fmt.Fprintln(w, "\ttransip:\tTRANSIP_POLLING_INTERVAL, TRANSIP_PROPAGATION_TIMEOUT, TRANSIP_TTL")
fmt.Fprintln(w, "\tstackpath:\tSTACKPATH_POLLING_INTERVAL, STACKPATH_PROPAGATION_TIMEOUT, STACKPATH_TTL")
fmt.Fprintln(w, "\tvegadns:\tVEGADNS_POLLING_INTERVAL, VEGADNS_PROPAGATION_TIMEOUT, VEGADNS_TTL")
fmt.Fprintln(w, "\tvscale:\tVSCALE_BASE_URL, VSCALE_TTL, VSCALE_PROPAGATION_TIMEOUT, VSCALE_POLLING_INTERVAL, VSCALE_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tvultr:\tVULTR_POLLING_INTERVAL, VULTR_PROPAGATION_TIMEOUT, VULTR_TTL, VULTR_HTTP_TIMEOUT")
fmt.Fprintln(w, "\tzoneee:\tZONEEE_POLLING_INTERVAL, ZONEEE_PROPAGATION_TIMEOUT, ZONEEE_HTTP_TIMEOUT")
w.Flush()
fmt.Fprintln(w, `Credentials for DNS providers must be passed through environment variables.`)
fmt.Fprintln(w)
fmt.Fprintln(w, `To display the documentation for a DNS providers:`)
fmt.Fprintln(w)
fmt.Fprintln(w, "\t$ lego dnshelp -c code")
fmt.Fprintln(w)
fmt.Fprintln(w, "All DNS codes:")
fmt.Fprintf(w, "\t%s\n", allDNSCodes())
fmt.Fprintln(w)
fmt.Fprintln(w, "More information: https://xenolf.github.io/lego/dns")
fmt.Println(`
For a more detailed explanation of a DNS provider's credential variables,
please consult their online documentation.`)
return w.Flush()
}
displayDNSHelp(strings.ToLower(code))
return nil
}

1144
cmd/zz_gen_cmd_dnshelp.go Normal file

File diff suppressed because it is too large Load diff

2
docs/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
themes/
public/

20
docs/Makefile Normal file
View file

@ -0,0 +1,20 @@
.PHONY: default clean hugo hugo-build
default: hugo
clean:
rm -rf public/
hugo-build: clean hugo-themes
hugo --enableGitInfo --source .
hugo:
hugo server --disableFastRender --enableGitInfo --watch --source .
# hugo server -D
hugo-themes:
rm -rf themes
mkdir themes
git clone --depth=1 https://github.com/matcornic/hugo-theme-learn.git themes/hugo-theme-learn
rm -rf themes/hugo-theme-learn/.git

View file

@ -0,0 +1,6 @@
---
title: "{{ replace .Name "-" " " | title }}"
date: {{ .Date }}
draft: true
---

67
docs/config.toml Normal file
View file

@ -0,0 +1,67 @@
baseURL = "https://xenolf.github.io/lego/"
languageCode = "en-us"
title = "Lego"
theme = "hugo-theme-learn"
# Code higlighting settings
pygmentsCodefences = true
pygmentsCodeFencesGuesSsyntax = false
pygmentsOptions = ""
pygmentsStyle = "monokai"
# The monokai stylesheet is included in the base template.
pygmentsUseClasses = true
[permalinks]
dns = "/dns/:slug/"
[params]
# Prefix URL to edit current page. Will display an "Edit this page" button on top right hand corner of every page.
# Useful to give opportunity to people to create merge request for your doc.
# See the config.toml file from this documentation site to have an example.
# editURL = ""
# Author of the site, will be used in meta information
author = "Lego Team"
# Description of the site, will be used in meta information
# description = ""
# Shows a checkmark for visited pages on the menu
showVisitedLinks = true
# Disable search function. It will hide search bar
# disableSearch = false
# Javascript and CSS cache are automatically busted when new version of site is generated.
# Set this to true to disable this behavior (some proxies don't handle well this optimization)
# disableAssetsBusting = false
# Set this to true to disable copy-to-clipboard button for inline code.
# disableInlineCopyToClipBoard = true
# A title for shortcuts in menu is set by default. Set this to true to disable it.
# disableShortcutsTitle = false
# When using mulitlingual website, disable the switch language button.
# disableLanguageSwitchingButton = false
# Hide breadcrumbs in the header and only show the current page title
# disableBreadcrumb = true
# Hide Next and Previous page buttons normally displayed full height beside content
# disableNextPrev = true
# Order sections in menu by "weight" or "title". Default to "weight"
# ordersectionsby = "weight"
# Change default color scheme with a variant one. Can be "red", "blue", "green".
themeVariant = "blue"
[Languages]
[Languages.en]
title = "Lets Encrypt client and ACME library written in Go."
weight = 1
languageName = "English"
[[Languages.en.menu.shortcuts]]
name = "<i class='fab fa-fw fa-github'></i> Github repo"
identifier = "ds"
url = "https://github.com/xenof/lego"
weight = 10
[[Languages.en.menu.shortcuts]]
name = "<i class='fas fa-fw fa-bug'></i> Issues"
url = "https://github.com/xenolf/lego/issues"
weight = 11
[outputs]
home = [ "HTML", "RSS", "JSON"]

30
docs/content/_index.md Normal file
View file

@ -0,0 +1,30 @@
---
title: "Welcome"
date: 2019-03-03T16:39:46+01:00
draft: false
chapter: true
---
# Lego
Let's Encrypt client and ACME library written in Go.
## Features
- Register with CA
- Obtain certificates, both from scratch or with an existing CSR
- Renew certificates
- Revoke certificates
- Robust implementation of all ACME challenges
- HTTP (http-01)
- DNS (dns-01)
- TLS (tls-alpn-01)
- SAN certificate support
- Comes with multiple optional [DNS providers](dns)
- [Custom challenge solvers](usage/library/writing-a-challenge-solver/)
- Certificate bundling
- OCSP helper function
lego introduced support for ACME v2 in [v1.0.0](https://github.com/xenolf/lego/releases/tag/v1.0.0).
If you still need to utilize ACME v1, you can do so by using the [v0.5.0](https://github.com/xenolf/lego/releases/tag/v0.5.0) version.

View file

@ -0,0 +1,18 @@
---
title: "DNS Providers"
date: 2019-03-03T16:39:46+01:00
draft: false
weight: 3
---
Credentials for DNS providers must be passed through environment variables.
Here is an example bash command using the CloudFlare DNS provider:
```bash
CLOUDFLARE_EMAIL=foo@bar.com \
CLOUDFLARE_API_KEY=b9841238feb177a84330febba8a83208921177bffe733 \
lego --dns cloudflare --domains www.example.com --email me@bar.com run
```
{{%children style="h2" description="true" %}}

View file

@ -0,0 +1,59 @@
---
title: "Manual"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: manual
---
Solving the DNS-01 challenge using CLI prompt.
<!--more-->
## Example
```txt
Do you accept the TOS? Y/n
[INFO] acme: Registering account for test@test.com
!!!! HEADS UP !!!!
Your account credentials have been saved in your Let's Encrypt
configuration directory at "~/.lego/accounts".
You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from Let's Encrypt so making regular
backups of this folder is ideal.
[INFO] [test.com] acme: Obtaining bundled SAN certificate
[INFO] [test.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/lornkZmVYjsh5wLHpxdQcZDPekGf_TYUM-MTJk3-yrA
[INFO] [test.com] acme: Could not find solver for: tls-alpn-01
[INFO] [test.com] acme: Could not find solver for: http-01
[INFO] [test.com] acme: use dns-01 solver
[INFO] [test.com] acme: Preparing to solve DNS-01
lego: Please create the following TXT record in your test.com. zone:
_acme-challenge.test.com. 120 IN TXT "VP-dby1RBuUOnDZg1n9sF-cwicLsognMzJb0Vx8ttAI"
lego: Press 'Enter' when you are done
Do you accept the TOS? Y/n
[INFO] acme: Registering account for test@test.com
!!!! HEADS UP !!!!
Your account credentials have been saved in your Let's Encrypt
configuration directory at "~/.lego/accounts".
You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from Let's Encrypt so making regular
backups of this folder is ideal.
[INFO] [test.com] acme: Obtaining bundled SAN certificate
[INFO] [test.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz/lornkZmVYjsh5wLHpxdQcZDPekGf_TYUM-MTJk3-yrA
[INFO] [test.com] acme: Could not find solver for: tls-alpn-01
[INFO] [test.com] acme: Could not find solver for: http-01
[INFO] [test.com] acme: use dns-01 solver
[INFO] [test.com] acme: Preparing to solve DNS-01
lego: Please create the following TXT record in your test.com. zone:
_acme-challenge.test.com. 120 IN TXT "VP-dby1RBuUOnDZg1n9sF-cwicLsognMzJb0Vx8ttAI"
lego: Press 'Enter' when you are done
```

View file

@ -0,0 +1,46 @@
---
title: "Joohoi's ACME-DNS"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: acme-dns
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/acmedns/acmedns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Joohoi's ACME-DNS](https://github.com/joohoi/acme-dns).
<!--more-->
- Code: `acme-dns`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `ACME_DNS_API_BASE` | The ACME-DNS API address |
| `ACME_DNS_STORAGE_PATH` | The ACME-DNS JSON account data file. A per-domain account will be registered/persisted to this file and used for TXT updates. |
## More information
- [API documentation](https://github.com/joohoi/acme-dns#api)
- [Go client](https://github.com/cpu/goacmedns)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/acmedns/acmedns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,54 @@
---
title: "Alibaba Cloud DNS"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: alidns
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/alidns/alidns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Alibaba Cloud DNS](https://www.alibabacloud.com/product/dns).
<!--more-->
- Code: `alidns`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `ALICLOUD_ACCESS_KEY` | Access key ID |
| `ALICLOUD_SECRET_KEY` | Access Key secret |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `ALICLOUD_HTTP_TIMEOUT` | API request timeout |
| `ALICLOUD_POLLING_INTERVAL` | Time between DNS propagation check |
| `ALICLOUD_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `ALICLOUD_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://www.alibabacloud.com/help/doc-detail/42875.htm)
- [Go client](https://github.com/aliyun/alibaba-cloud-sdk-go)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/alidns/alidns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,54 @@
---
title: "Aurora DNS"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: auroradns
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/auroradns/auroradns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Aurora DNS](https://www.pcextreme.com/aurora/dns).
<!--more-->
- Code: `auroradns`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `AURORA_ENDPOINT` | API endpoint URL |
| `AURORA_KEY` | User API key |
| `AURORA_USER_ID` | User ID |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `AURORA_POLLING_INTERVAL` | Time between DNS propagation check |
| `AURORA_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `AURORA_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://libcloud.readthedocs.io/en/latest/dns/drivers/auroradns.html#api-docs)
- [Go client](https://github.com/nrdcg/auroradns)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/auroradns/auroradns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,58 @@
---
title: "Azure"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: azure
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/azure/azure.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Azure](https://azure.microsoft.com/services/dns/).
<!--more-->
- Code: `azure`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `AZURE_CLIENT_ID` | Client ID |
| `AZURE_CLIENT_SECRET` | Client secret |
| `AZURE_RESOURCE_GROUP` | Resource group |
| `AZURE_SUBSCRIPTION_ID` | Subscription ID |
| `AZURE_TENANT_ID` | Tenant ID |
| `instance metadata service` | If the credentials are **not** set via the environment, then it will attempt to get a bearer token via the [instance metadata service](https://docs.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service). |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `AZURE_METADATA_ENDPOINT` | Metadata Service endpoint URL |
| `AZURE_POLLING_INTERVAL` | Time between DNS propagation check |
| `AZURE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `AZURE_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://docs.microsoft.com/en-us/go/azure/)
- [Go client](https://github.com/Azure/azure-sdk-for-go)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/azure/azure.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "Bluecat"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: bluecat
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/bluecat/bluecat.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Bluecat](https://www.bluecatnetworks.com).
<!--more-->
- Code: `bluecat`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `BLUECAT_CONFIG_NAME` | Configuration name |
| `BLUECAT_DNS_VIEW` | External DNS View Name |
| `BLUECAT_PASSWORD` | API password |
| `BLUECAT_SERVER_URL` | The server URL, should have scheme, hostname, and port (if required) of the authoritative Bluecat BAM serve |
| `BLUECAT_USER_NAME` | API username |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `BLUECAT_HTTP_TIMEOUT` | API request timeout |
| `BLUECAT_POLLING_INTERVAL` | Time between DNS propagation check |
| `BLUECAT_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `BLUECAT_TTL` | The TTL of the TXT record used for the DNS challenge |
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/bluecat/bluecat.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,58 @@
---
title: "Cloudflare"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: cloudflare
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/cloudflare/cloudflare.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Cloudflare](https://www.cloudflare.com/dns/).
<!--more-->
- Code: `cloudflare`
Here is an example bash command using the Cloudflare provider:
```bash
CLOUDFLARE_EMAIL=foo@bar.com \
CLOUDFLARE_API_KEY=b9841238feb177a84330febba8a83208921177bffe733 \
lego --dns cloudflare --domains my.domain.com --email my@email.com run
```
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `CLOUDFLARE_API_KEY` | API key |
| `CLOUDFLARE_EMAIL` | Account email |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `CLOUDFLARE_HTTP_TIMEOUT` | API request timeout |
| `CLOUDFLARE_POLLING_INTERVAL` | Time between DNS propagation check |
| `CLOUDFLARE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `CLOUDFLARE_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://api.cloudflare.com/)
- [Go client](https://github.com/cloudflare/cloudflare-go)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/cloudflare/cloudflare.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "ClouDNS"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: cloudns
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/cloudns/cloudns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [ClouDNS](https://www.cloudns.net).
<!--more-->
- Code: `cloudns`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `CLOUDNS_AUTH_ID` | The API user ID |
| `CLOUDNS_AUTH_PASSWORD` | The password for API user ID |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `CLOUDNS_HTTP_TIMEOUT` | API request timeout |
| `CLOUDNS_POLLING_INTERVAL` | Time between DNS propagation check |
| `CLOUDNS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `CLOUDNS_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://www.cloudns.net/wiki/article/42/)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/cloudns/cloudns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "CloudXNS"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: cloudxns
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/cloudxns/cloudxns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [CloudXNS](https://www.cloudxns.net/).
<!--more-->
- Code: `cloudxns`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `CLOUDXNS_API_KEY` | The API key |
| `CLOUDXNS_SECRET_KEY` | THe API secret key |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `CLOUDXNS_HTTP_TIMEOUT` | API request timeout |
| `CLOUDXNS_POLLING_INTERVAL` | Time between DNS propagation check |
| `CLOUDXNS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `CLOUDXNS_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://www.cloudxns.net/Public/Doc/CloudXNS_api2.0_doc_zh-cn.zip)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/cloudxns/cloudxns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,55 @@
---
title: "ConoHa"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: conoha
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/conoha/conoha.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [ConoHa](https://www.conoha.jp/).
<!--more-->
- Code: `conoha`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `CONOHA_API_PASSWORD` | The API password |
| `CONOHA_API_USERNAME` | The API username |
| `CONOHA_TENANT_ID` | Tenant ID |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `CONOHA_HTTP_TIMEOUT` | API request timeout |
| `CONOHA_POLLING_INTERVAL` | Time between DNS propagation check |
| `CONOHA_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `CONOHA_REGION` | The region |
| `CONOHA_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://www.conoha.jp/docs/)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/conoha/conoha.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,56 @@
---
title: "Designate DNSaaS for Openstack"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: designate
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/designate/designate.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Designate DNSaaS for Openstack](https://docs.openstack.org/designate/latest/).
<!--more-->
- Code: `designate`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `OS_AUTH_URL` | Identity endpoint URL |
| `OS_PASSWORD` | Password |
| `OS_REGION_NAME` | Region name |
| `OS_TENANT_NAME` | Tenant name |
| `OS_USERNAME` | Username |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `DESIGNATE_POLLING_INTERVAL` | Time between DNS propagation check |
| `DESIGNATE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `DESIGNATE_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://docs.openstack.org/designate/latest/)
- [Go client](https://godoc.org/github.com/gophercloud/gophercloud/openstack/dns/v2)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/designate/designate.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,52 @@
---
title: "Digital Ocean"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: digitalocean
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/digitalocean/digitalocean.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Digital Ocean](https://www.digitalocean.com/docs/networking/dns/).
<!--more-->
- Code: `digitalocean`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `DO_AUTH_TOKEN` | Authentication token |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `DO_HTTP_TIMEOUT` | API request timeout |
| `DO_POLLING_INTERVAL` | Time between DNS propagation check |
| `DO_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `DO_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://developers.digitalocean.com/documentation/v2/#domain-records)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/digitalocean/digitalocean.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "DNSimple"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: dnsimple
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/dnsimple/dnsimple.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [DNSimple](https://dnsimple.com/).
<!--more-->
- Code: `dnsimple`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `DNSIMPLE_BASE_URL` | API endpoint URL |
| `DNSIMPLE_OAUTH_TOKEN` | OAuth token |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `DNSIMPLE_POLLING_INTERVAL` | Time between DNS propagation check |
| `DNSIMPLE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `DNSIMPLE_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://developer.dnsimple.com/v2/)
- [Go client](https://github.com/dnsimple/dnsimple-go)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/dnsimple/dnsimple.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,54 @@
---
title: "DNS Made Easy"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: dnsmadeeasy
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/dnsmadeeasy/dnsmadeeasy.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [DNS Made Easy](https://dnsmadeeasy.com/).
<!--more-->
- Code: `dnsmadeeasy`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `DNSMADEEASY_API_KEY` | The API key |
| `DNSMADEEASY_API_SECRET` | The API Secret key |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `DNSMADEEASY_HTTP_TIMEOUT` | API request timeout |
| `DNSMADEEASY_POLLING_INTERVAL` | Time between DNS propagation check |
| `DNSMADEEASY_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `DNSMADEEASY_SANDBOX` | Activate the sandbox (boolean) |
| `DNSMADEEASY_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://api-docs.dnsmadeeasy.com/)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/dnsmadeeasy/dnsmadeeasy.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "DNSPod"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: dnspod
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/dnspod/dnspod.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [DNSPod](http://www.dnspod.com/).
<!--more-->
- Code: `dnspod`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `DNSPOD_API_KEY` | The user token |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `DNSPOD_HTTP_TIMEOUT` | API request timeout |
| `DNSPOD_POLLING_INTERVAL` | Time between DNS propagation check |
| `DNSPOD_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `DNSPOD_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://www.dnspod.com/docs/index.html)
- [Go client](https://github.com/decker502/dnspod-go)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/dnspod/dnspod.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,52 @@
---
title: "DreamHost"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: dreamhost
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/dreamhost/dreamhost.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [DreamHost](https://www.dreamhost.com).
<!--more-->
- Code: `dreamhost`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `DREAMHOST_API_KEY` | The API key |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `DREAMHOST_HTTP_TIMEOUT` | API request timeout |
| `DREAMHOST_POLLING_INTERVAL` | Time between DNS propagation check |
| `DREAMHOST_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `DREAMHOST_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://help.dreamhost.com/hc/en-us/articles/217560167-API_overview)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/dreamhost/dreamhost.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "Duck DNS"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: duckdns
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/duckdns/duckdns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Duck DNS](https://www.duckdns.org/).
<!--more-->
- Code: `duckdns`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `DUCKDNS_TOKEN` | Account token |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `DUCKDNS_HTTP_TIMEOUT` | API request timeout |
| `DUCKDNS_POLLING_INTERVAL` | Time between DNS propagation check |
| `DUCKDNS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `DUCKDNS_SEQUENCE_INTERVAL` | Interval between iteration |
| `DUCKDNS_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://www.duckdns.org/spec.jsp)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/duckdns/duckdns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,54 @@
---
title: "Dyn"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: dyn
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/dyn/dyn.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Dyn](https://dyn.com/).
<!--more-->
- Code: `dyn`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `DYN_CUSTOMER_NAME` | Customer name |
| `DYN_PASSWORD` | Paswword |
| `DYN_USER_NAME` | User name |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `DYN_HTTP_TIMEOUT` | API request timeout |
| `DYN_POLLING_INTERVAL` | Time between DNS propagation check |
| `DYN_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `DYN_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://help.dyn.com/rest/)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/dyn/dyn.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,133 @@
---
title: "External program"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: exec
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/exec/exec.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Solving the DNS-01 challenge using an external program.
<!--more-->
- Code: `exec`
Here is an example bash command using the External program provider:
```bash
EXEC_PATH=/the/path/to/myscript.sh \
lego --dns exec --domains my.domain.com --email my@email.com run
```
## Base Configuration
| Environment Variable Name | Description |
|-----------------------|-------------|
| `EXEC_MODE` | `RAW`, none |
| `EXEC_PATH` | TODO |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `EXEC_POLLING_INTERVAL` | Time between DNS propagation check |
| `EXEC_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
## Description
The file name of the external program is specified in the environment variable `EXEC_PATH`.
When it is run by lego, three command-line parameters are passed to it:
The action ("present" or "cleanup"), the fully-qualified domain name and the value for the record.
For example, requesting a certificate for the domain 'foo.example.com' can be achieved by calling lego as follows:
```bash
EXEC_PATH=./update-dns.sh \
lego --dns exec \
--domains foo.example.com \
--email invalid@example.com run
```
It will then call the program './update-dns.sh' with like this:
```bash
./update-dns.sh "present" "_acme-challenge.foo.example.com." "MsijOYZxqyjGnFGwhjrhfg-Xgbl5r68WPda0J9EgqqI"
```
The program then needs to make sure the record is inserted.
When it returns an error via a non-zero exit code, lego aborts.
When the record is to be removed again,
the program is called with the first command-line parameter set to `cleanup` instead of `present`.
If you want to use the raw domain, token, and keyAuth values with your program, you can set `EXEC_MODE=RAW`:
```bash
EXEC_MODE=RAW \
EXEC_PATH=./update-dns.sh \
lego --dns exec \
--domains foo.example.com \
--email invalid@example.com run
```
It will then call the program `./update-dns.sh` like this:
```bash
./update-dns.sh "present" "foo.example.com." "--" "some-token" "KxAy-J3NwUmg9ZQuM-gP_Mq1nStaYSaP9tYQs5_-YsE.ksT-qywTd8058G-SHHWA3RAN72Pr0yWtPYmmY5UBpQ8"
```
## Commands
{{% notice note %}}
The `--` is because the token MAY start with a `-`, and the called program may try and interpret a `-` as indicating a flag.
In the case of urfave, which is commonly used,
you can use the `--` delimiter to specify the start of positional arguments, and handle such a string safely.
{{% /notice %}}
### Present
| Mode | Command |
|---------|----------------------------------------------------|
| default | `myprogram present -- <FQDN> <record>` |
| `RAW` | `myprogram present -- <domain> <token> <key_auth>` |
### Cleanup
| Mode | Command |
|---------|----------------------------------------------------|
| default | `myprogram cleanup -- <FQDN> <record>` |
| `RAW` | `myprogram cleanup -- <domain> <token> <key_auth>` |
### Timeout
The command have to display propagation timeout and polling interval into Stdout.
The values must be formatted as JSON, and times are in seconds.
Example: `{"timeout": 30, "interval": 5}`
If an error occurs or if the command is not provided:
the default display propagation timeout and polling interval are used.
| Mode | Command |
|---------|----------------------------------------------------|
| default | `myprogram timeout` |
| `RAW` | `myprogram timeout` |
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/exec/exec.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,55 @@
---
title: "Exoscale"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: exoscale
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/exoscale/exoscale.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Exoscale](https://www.exoscale.com/).
<!--more-->
- Code: `exoscale`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `EXOSCALE_API_KEY` | API key |
| `EXOSCALE_API_SECRET` | API secret |
| `EXOSCALE_ENDPOINT` | API endpoint URL |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `EXOSCALE_HTTP_TIMEOUT` | API request timeout |
| `EXOSCALE_POLLING_INTERVAL` | Time between DNS propagation check |
| `EXOSCALE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `EXOSCALE_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://community.exoscale.com/documentation/dns/api/)
- [Go client](https://github.com/exoscale/egoscale)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/exoscale/exoscale.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,55 @@
---
title: "FastDNS"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: fastdns
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/fastdns/fastdns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [FastDNS](https://www.akamai.com/us/en/products/security/fast-dns.jsp).
<!--more-->
- Code: `fastdns`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `AKAMAI_ACCESS_TOKEN` | Access token |
| `AKAMAI_CLIENT_SECRET` | Client secret |
| `AKAMAI_CLIENT_TOKEN` | Client token |
| `AKAMAI_HOST` | API host |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `AKAMAI_POLLING_INTERVAL` | Time between DNS propagation check |
| `AKAMAI_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `AKAMAI_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://developer.akamai.com/api/web_performance/fast_dns_record_management/v1.html)
- [Go client](https://github.com/akamai/AkamaiOPEN-edgegrid-golang)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/fastdns/fastdns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,52 @@
---
title: "Gandi"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: gandi
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/gandi/gandi.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Gandi](https://www.gandi.net).
<!--more-->
- Code: `gandi`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `GANDI_API_KEY` | API key |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `GANDI_HTTP_TIMEOUT` | API request timeout |
| `GANDI_POLLING_INTERVAL` | Time between DNS propagation check |
| `GANDI_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `GANDI_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](http://doc.rpc.gandi.net/index.html)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/gandi/gandi.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,52 @@
---
title: "Gandi Live DNS (v5)"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: gandiv5
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/gandiv5/gandiv5.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Gandi Live DNS (v5)](https://www.gandi.net).
<!--more-->
- Code: `gandiv5`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `GANDIV5_API_KEY` | API key |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `GANDIV5_HTTP_TIMEOUT` | API request timeout |
| `GANDIV5_POLLING_INTERVAL` | Time between DNS propagation check |
| `GANDIV5_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `GANDIV5_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](http://doc.livedns.gandi.net)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/gandiv5/gandiv5.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,55 @@
---
title: "Google Cloud"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: gcloud
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/gcloud/gcloud.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Google Cloud](https://cloud.google.com).
<!--more-->
- Code: `gcloud`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `Application Default Credentials` | [Documentation](https://cloud.google.com/docs/authentication/production#providing_credentials_to_your_application) |
| `GCE_PROJECT` | Project name |
| `GCE_SERVICE_ACCOUNT` | Account |
| `GCE_SERVICE_ACCOUNT_FILE` | Account file path |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `GCE_POLLING_INTERVAL` | Time between DNS propagation check |
| `GCE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `GCE_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://community.exoscale.com/documentation/dns/api/)
- [Go client](https://github.com/googleapis/google-api-go-client)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/gcloud/gcloud.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "Glesys"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: glesys
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/glesys/glesys.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Glesys](https://glesys.com/).
<!--more-->
- Code: `glesys`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `GLESYS_API_KEY` | API key |
| `GLESYS_API_USER` | API user |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `GLESYS_HTTP_TIMEOUT` | API request timeout |
| `GLESYS_POLLING_INTERVAL` | Time between DNS propagation check |
| `GLESYS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `GLESYS_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://github.com/GleSYS/API/wiki/API-Documentation)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/glesys/glesys.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,54 @@
---
title: "Go Daddy"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: godaddy
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/godaddy/godaddy.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Go Daddy](https://godaddy.com).
<!--more-->
- Code: `godaddy`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `GODADDY_API_KEY` | **TODO** |
| `GODADDY_API_SECRET` | **TODO** |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `GODADDY_HTTP_TIMEOUT` | API request timeout |
| `GODADDY_POLLING_INTERVAL` | Time between DNS propagation check |
| `GODADDY_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `GODADDY_SEQUENCE_INTERVAL` | Interval between iteration |
| `GODADDY_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://developer.godaddy.com/doc/endpoint/domains)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/godaddy/godaddy.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "Hosting.de"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: hostingde
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/hostingde/hostingde.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Hosting.de](https://www.hosting.de/).
<!--more-->
- Code: `hostingde`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `HOSTINGDE_API_KEY` | **TODO** |
| `HOSTINGDE_ZONE_NAME` | **TODO** |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `HOSTINGDE_HTTP_TIMEOUT` | API request timeout |
| `HOSTINGDE_POLLING_INTERVAL` | Time between DNS propagation check |
| `HOSTINGDE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `HOSTINGDE_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://www.hosting.de/api/#dns)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/hostingde/hostingde.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,91 @@
---
title: "HTTP request"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: httpreq
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/httpreq/httpreq.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [HTTP request](/dns/httpreq/).
<!--more-->
- Code: `httpreq`
Here is an example bash command using the HTTP request provider:
```bash
HTTPREQ_ENDPOINT=http://my.server.com:9090 \
lego --dns httpreq --domains my.domain.com --email my@email.com run
```
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `HTTPREQ_ENDPOINT` | The URL of the server |
| `HTTPREQ_MODE` | `RAW`, none |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `HTTPREQ_HTTP_TIMEOUT` | API request timeout |
| `HTTPREQ_PASSWORD` | **TODO** |
| `HTTPREQ_POLLING_INTERVAL` | Time between DNS propagation check |
| `HTTPREQ_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `HTTPREQ_USERNAME` | **TODO** |
## Description
The server must provide:
- `POST` `/present`
- `POST` `/cleanup`
The URL of the server must be define by `HTTPREQ_ENDPOINT`.
### Mode
There are 2 modes (`HTTPREQ_MODE`):
- default mode:
```json
{
"fqdn": "_acme-challenge.domain.",
"value": "LHDhK3oGRvkiefQnx7OOczTY5Tic_xZ6HcMOc_gmtoM"
}
```
- `RAW`
```json
{
"domain": "domain",
"token": "token",
"keyAuth": "key"
}
```
### Authentication
Basic authentication (optional) can be set with some environment variables:
- `HTTPREQ_USERNAME` and `HTTPREQ_PASSWORD`
- both values must be set, otherwise basic authentication is not defined.
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/httpreq/httpreq.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,54 @@
---
title: "Internet Initiative Japan"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: iij
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/iij/iij.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Internet Initiative Japan](https://www.iij.ad.jp/en/).
<!--more-->
- Code: `iij`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `IIJ_API_ACCESS_KEY` | API access key |
| `IIJ_API_SECRET_KEY` | API secret key |
| `IIJ_DO_SERVICE_CODE` | DO service code |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `IIJ_POLLING_INTERVAL` | Time between DNS propagation check |
| `IIJ_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `IIJ_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](http://manual.iij.jp/p2/pubapi/http://manual.iij.jp/p2/pubapi/)
- [Go client](https://github.com/iij/doapi)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/iij/iij.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,54 @@
---
title: "INWX"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: inwx
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/inwx/inwx.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [INWX](https://www.inwx.de/en).
<!--more-->
- Code: `inwx`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `INWX_PASSWORD` | Password |
| `INWX_USERNAME` | Username |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `INWX_POLLING_INTERVAL` | Time between DNS propagation check |
| `INWX_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `INWX_SANDBOX` | Activate the sandbox (boolean) |
| `INWX_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://www.inwx.de/en/help/apidoc)
- [Go client](https://github.com/nrdcg/goinwx)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/inwx/inwx.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "Amazon Lightsail"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: lightsail
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/lightsail/lightsail.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Amazon Lightsail](https://aws.amazon.com/lightsail/).
<!--more-->
- Code: `lightsail`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `AWS_ACCESS_KEY_ID` | Access key ID |
| `AWS_SECRET_ACCESS_KEY` | Secret access key |
| `DNS_ZONE` | DNS zone |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `LIGHTSAIL_POLLING_INTERVAL` | Time between DNS propagation check |
| `LIGHTSAIL_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
## More information
- [Go client](https://github.com/aws/aws-sdk-go/aws)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/lightsail/lightsail.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,52 @@
---
title: "Linode (deprecated)"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: linode
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/linode/linode.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Linode (deprecated)](https://www.linode.com/).
<!--more-->
- Code: `linode`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `LINODE_API_KEY` | API key |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `LINODE_HTTP_TIMEOUT` | API request timeout |
| `LINODE_POLLING_INTERVAL` | Time between DNS propagation check |
| `LINODE_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://www.linode.com/api/dns)
- [Go client](https://github.com/timewasted/linode)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/linode/linode.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,52 @@
---
title: "Linode (v4)"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: linodev4
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/linodev4/linodev4.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Linode (v4)](https://www.linode.com/).
<!--more-->
- Code: `linodev4`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `LINODE_TOKEN` | API token |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `LINODE_HTTP_TIMEOUT` | API request timeout |
| `LINODE_POLLING_INTERVAL` | Time between DNS propagation check |
| `LINODE_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://developers.linode.com/api/v4)
- [Go client](https://github.com/linode/linodego)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/linodev4/linodev4.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "MyDNS.jp"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: mydnsjp
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/mydnsjp/mydnsjp.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [MyDNS.jp](https://www.mydns.jp).
<!--more-->
- Code: `mydnsjp`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `MYDNSJP_MASTER_ID` | Master ID |
| `MYDNSJP_PASSWORD` | Password |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `MYDNSJP_HTTP_TIMEOUT` | API request timeout |
| `MYDNSJP_POLLING_INTERVAL` | Time between DNS propagation check |
| `MYDNSJP_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `MYDNSJP_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://www.mydns.jp/?MENU=030)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/mydnsjp/mydnsjp.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "Namecheap"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: namecheap
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/namecheap/namecheap.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Namecheap](https://www.namecheap.com).
<!--more-->
- Code: `namecheap`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `NAMECHEAP_API_KEY` | API key |
| `NAMECHEAP_API_USER` | API user |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `NAMECHEAP_HTTP_TIMEOUT` | API request timeout |
| `NAMECHEAP_POLLING_INTERVAL` | Time between DNS propagation check |
| `NAMECHEAP_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `NAMECHEAP_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://www.namecheap.com/support/api/methods.aspx)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/namecheap/namecheap.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,54 @@
---
title: "Name.com"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: namedotcom
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/namedotcom/namedotcom.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Name.com](https://www.name.com).
<!--more-->
- Code: `namedotcom`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `NAMECOM_API_TOKEN` | API token |
| `NAMECOM_USERNAME` | Username |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `NAMECOM_HTTP_TIMEOUT` | API request timeout |
| `NAMECOM_POLLING_INTERVAL` | Time between DNS propagation check |
| `NAMECOM_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `NAMECOM_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://www.name.com/api-docs/DNS)
- [Go client](https://github.com/namedotcom/go)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/namedotcom/namedotcom.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,54 @@
---
title: "Netcup"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: netcup
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/netcup/netcup.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Netcup](https://www.netcup.eu/).
<!--more-->
- Code: `netcup`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `NETCUP_API_KEY` | API key |
| `NETCUP_API_PASSWORD` | API password |
| `NETCUP_CUSTOMER_NUMBER` | Customer number |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `NETCUP_HTTP_TIMEOUT` | API request timeout |
| `NETCUP_POLLING_INTERVAL` | Time between DNS propagation check |
| `NETCUP_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `NETCUP_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://www.netcup-wiki.de/wiki/DNS_API)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/netcup/netcup.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "NIFCloud"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: nifcloud
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/nifcloud/nifcloud.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [NIFCloud](https://www.nifcloud.com/).
<!--more-->
- Code: `nifcloud`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `NIFCLOUD_ACCESS_KEY_ID` | Access key |
| `NIFCLOUD_SECRET_ACCESS_KEY` | Secret access key |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `NIFCLOUD_HTTP_TIMEOUT` | API request timeout |
| `NIFCLOUD_POLLING_INTERVAL` | Time between DNS propagation check |
| `NIFCLOUD_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `NIFCLOUD_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://mbaas.nifcloud.com/doc/current/rest/common/format.html)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/nifcloud/nifcloud.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "NS1"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: ns1
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/ns1/ns1.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [NS1](https://ns1.com).
<!--more-->
- Code: `ns1`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `NS1_API_KEY` | API key |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `NS1_HTTP_TIMEOUT` | API request timeout |
| `NS1_POLLING_INTERVAL` | Time between DNS propagation check |
| `NS1_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `NS1_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://ns1.com/api)
- [Go client](https://github.com/ns1/ns1-go)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/ns1/ns1.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,67 @@
---
title: "Oracle Cloud"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: oraclecloud
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/oraclecloud/oraclecloud.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Oracle Cloud](https://cloud.oracle.com/home).
<!--more-->
- Code: `oraclecloud`
Here is an example bash command using the Oracle Cloud provider:
```bash
OCI_PRIVKEY_FILE="~/.oci/oci_api_key.pem" \
OCI_PRIVKEY_PASS="secret" \
OCI_TENANCY_OCID="ocid1.tenancy.oc1..secret" \
OCI_USER_OCID="ocid1.user.oc1..secret" \
OCI_PUBKEY_FINGERPRINT="00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" \
OCI_REGION="us-phoenix-1" \
OCI_COMPARTMENT_OCID="ocid1.tenancy.oc1..secret" \
lego --dns oraclecloud --domains my.domain.com --email my@email.com run
```
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `OCI_COMPARTMENT_OCID` | Compartment OCID |
| `OCI_PRIVKEY_FILE` | Private key file |
| `OCI_PRIVKEY_PASS` | Private key password |
| `OCI_PUBKEY_FINGERPRINT` | Public key fingerprint |
| `OCI_REGION` | Region |
| `OCI_TENANCY_OCID` | Tenanct OCID |
| `OCI_USER_OCID` | User OCID |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `OCI_POLLING_INTERVAL` | Time between DNS propagation check |
| `OCI_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `OCI_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://docs.cloud.oracle.com/iaas/Content/DNS/Concepts/dnszonemanagement.htm)
- [Go client](https://github.com/oracle/oci-go-sdk)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/oraclecloud/oraclecloud.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,56 @@
---
title: "Open Telekom Cloud"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: otc
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/otc/otc.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Open Telekom Cloud](https://cloud.telekom.de/en).
<!--more-->
- Code: `otc`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `OTC_DOMAIN_NAME` | Domain name |
| `OTC_IDENTITY_ENDPOINT` | Identity endpoint URL |
| `OTC_PASSWORD` | Password |
| `OTC_PROJECT_NAME` | Project name |
| `OTC_USER_NAME` | User name |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `OTC_HTTP_TIMEOUT` | API request timeout |
| `OTC_POLLING_INTERVAL` | Time between DNS propagation check |
| `OTC_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `OTC_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://docs.otc.t-systems.com/en-us/dns/index.html)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/otc/otc.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,56 @@
---
title: "OVH"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: ovh
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/ovh/ovh.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [OVH](https://www.ovh.com/).
<!--more-->
- Code: `ovh`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `OVH_APPLICATION_KEY` | Application key |
| `OVH_APPLICATION_SECRET` | Application secret |
| `OVH_CONSUMER_KEY` | Consumer key |
| `OVH_ENDPOINT` | Endpoint URL (ovh-eu or ovh-ca) |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `OVH_HTTP_TIMEOUT` | API request timeout |
| `OVH_POLLING_INTERVAL` | Time between DNS propagation check |
| `OVH_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `OVH_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://eu.api.ovh.com/)
- [Go client](https://github.com/ovh/go-ovh)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/ovh/ovh.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,60 @@
---
title: "PowerDNS"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: pdns
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/pdns/pdns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [PowerDNS](https://www.powerdns.com/).
<!--more-->
- Code: `pdns`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `PDNS_API_KEY` | API key |
| `PDNS_API_URL` | API url |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `PDNS_HTTP_TIMEOUT` | API request timeout |
| `PDNS_POLLING_INTERVAL` | Time between DNS propagation check |
| `PDNS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `PDNS_TTL` | The TTL of the TXT record used for the DNS challenge |
## Information
Tested and confirmed to work with PowerDNS authoritative server 3.4.8 and 4.0.1. Refer to [PowerDNS documentation](https://doc.powerdns.com/md/httpapi/README/) instructions on how to enable the built-in API interface.
PowerDNS Notes:
- PowerDNS API does not currently support SSL, therefore you should take care to ensure that traffic between lego and the PowerDNS API is over a trusted network, VPN etc.
- In order to have the SOA serial automatically increment each time the `_acme-challenge` record is added/modified via the API, set `SOA-EDIT-API` to `INCEPTION-INCREMENT` for the zone in the `domainmetadata` table
## More information
- [API documentation](https://doc.powerdns.com/md/httpapi/README/)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/pdns/pdns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "Rackspace"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: rackspace
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/rackspace/rackspace.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Rackspace](https://www.rackspace.com/).
<!--more-->
- Code: `rackspace`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `RACKSPACE_API_KEY` | API key |
| `RACKSPACE_USER` | API user |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `RACKSPACE_HTTP_TIMEOUT` | API request timeout |
| `RACKSPACE_POLLING_INTERVAL` | Time between DNS propagation check |
| `RACKSPACE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `RACKSPACE_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://developer.rackspace.com/docs/cloud-dns/v1/)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/rackspace/rackspace.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,56 @@
---
title: "RFC2136"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: rfc2136
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/rfc2136/rfc2136.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [RFC2136](https://tools.ietf.org/html/rfc2136).
<!--more-->
- Code: `rfc2136`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `RFC2136_NAMESERVER` | Network address in the form "host" or "host:port" |
| `RFC2136_TSIG_ALGORITHM` | TSIG algorythm. See [miekg/dns#tsig.go](https://github.com/miekg/dns/blob/master/tsig.go) for supported values. To disable TSIG authentication, leave the `RFC2136_TSIG*` variables unset. |
| `RFC2136_TSIG_KEY` | Name of the secret key as defined in DNS server configuration. To disable TSIG authentication, leave the `RFC2136_TSIG*` variables unset. |
| `RFC2136_TSIG_SECRET` | Secret key payload. To disable TSIG authentication, leave the` RFC2136_TSIG*` variables unset. |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `RFC2136_DNS_TIMEOUT` | API request timeout |
| `RFC2136_POLLING_INTERVAL` | Time between DNS propagation check |
| `RFC2136_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `RFC2136_SEQUENCE_INTERVAL` | Interval between iteration |
| `RFC2136_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://tools.ietf.org/html/rfc2136)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/rfc2136/rfc2136.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,98 @@
---
title: "Amazon Route 53"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: route53
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/route53/route53.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Amazon Route 53](https://aws.amazon.com/route53/).
<!--more-->
- Code: `route53`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `AWS_ACCESS_KEY_ID` | |
| `AWS_HOSTED_ZONE_ID` | |
| `AWS_REGION` | |
| `AWS_SECRET_ACCESS_KEY` | |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `AWS_POLLING_INTERVAL` | Time between DNS propagation check |
| `AWS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `AWS_TTL` | The TTL of the TXT record used for the DNS challenge |
## Description
AWS Credentials are automatically detected in the following locations and prioritized in the following order:
1. Environment variables: `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, `AWS_REGION`, [`AWS_SESSION_TOKEN`]
2. Shared credentials file (defaults to `~/.aws/credentials`)
3. Amazon EC2 IAM role
If `AWS_HOSTED_ZONE_ID` is not set, Lego tries to determine the correct public hosted zone via the FQDN.
See also: [configuring-sdk](https://github.com/aws/aws-sdk-go/wiki/configuring-sdk)
## Policy
The following AWS IAM policy document describes the permissions required for lego to complete the DNS challenge.
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Action": [
"route53:GetChange",
"route53:ChangeResourceRecordSets",
"route53:ListResourceRecordSets"
],
"Resource": [
"arn:aws:route53:::hostedzone/*",
"arn:aws:route53:::change/*"
]
},
{
"Sid": "",
"Effect": "Allow",
"Action": "route53:ListHostedZonesByName",
"Resource": "*"
}
]
}
```
## More information
- [API documentation](https://docs.aws.amazon.com/Route53/latest/APIReference/API_Operations_Amazon_Route_53.html)
- [Go client](https://github.com/aws/aws-sdk-go/aws)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/route53/route53.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "Sakura Cloud"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: sakuracloud
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/sakuracloud/sakuracloud.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Sakura Cloud](https://cloud.sakura.ad.jp/).
<!--more-->
- Code: `sakuracloud`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `SAKURACLOUD_ACCESS_TOKEN` | Access token |
| `SAKURACLOUD_ACCESS_TOKEN_SECRET` | Access token secret |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `SAKURACLOUD_POLLING_INTERVAL` | Time between DNS propagation check |
| `SAKURACLOUD_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `SAKURACLOUD_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://developer.sakura.ad.jp/cloud/api/1.1/)
- [Go client](https://github.com/sacloud/libsacloud)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/sakuracloud/sakuracloud.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "Selectel"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: selectel
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/selectel/selectel.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Selectel](https://kb.selectel.com/).
<!--more-->
- Code: `selectel`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `SELECTEL_API_TOKEN` | API token |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `SELECTEL_BASE_URL` | API endpoint URL |
| `SELECTEL_HTTP_TIMEOUT` | API request timeout |
| `SELECTEL_POLLING_INTERVAL` | Time between DNS propagation check |
| `SELECTEL_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `SELECTEL_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://kb.selectel.com/23136054.html)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/selectel/selectel.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "Stackpath"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: stackpath
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/stackpath/stackpath.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Stackpath](https://www.stackpath.com/).
<!--more-->
- Code: `stackpath`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `STACKPATH_CLIENT_ID` | Client ID |
| `STACKPATH_CLIENT_SECRET` | Client secret |
| `STACKPATH_STACK_ID` | Stack ID |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `STACKPATH_POLLING_INTERVAL` | Time between DNS propagation check |
| `STACKPATH_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `STACKPATH_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://developer.stackpath.com/en/api/dns/#tag/Zone)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/stackpath/stackpath.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "TransIP"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: transip
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/transip/transip.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [TransIP](https://www.transip.nl/).
<!--more-->
- Code: `transip`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `TRANSIP_ACCOUNT_NAME` | Account name |
| `TRANSIP_PRIVATE_KEY_PATH` | Private key path |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `TRANSIP_POLLING_INTERVAL` | Time between DNS propagation check |
| `TRANSIP_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `TRANSIP_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://api.transip.nl/docs/transip.nl/package-Transip.html)
- [Go client](https://github.com/transip/gotransip)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/transip/transip.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,54 @@
---
title: "VegaDNS"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: vegadns
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/vegadns/vegadns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [VegaDNS](https://github.com/shupp/VegaDNS-API).
<!--more-->
- Code: `vegadns`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `SECRET_VEGADNS_KEY` | API key |
| `SECRET_VEGADNS_SECRET` | API secret |
| `VEGADNS_URL` | API endpoint URL |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `VEGADNS_POLLING_INTERVAL` | Time between DNS propagation check |
| `VEGADNS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `VEGADNS_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://github.com/shupp/VegaDNS-API)
- [Go client](https://github.com/OpenDNS/vegadns2client)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/vegadns/vegadns.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "Vscale"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: vscale
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/vscale/vscale.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Vscale](https://vscale.io/).
<!--more-->
- Code: `vscale`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `VSCALE_API_TOKEN` | API token |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `VSCALE_BASE_URL` | API enddpoint URL |
| `VSCALE_HTTP_TIMEOUT` | API request timeout |
| `VSCALE_POLLING_INTERVAL` | Time between DNS propagation check |
| `VSCALE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `VSCALE_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://developers.vscale.io/documentation/api/v1/#api-Domains_Records)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/vscale/vscale.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,53 @@
---
title: "Vultr"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: vultr
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/vultr/vultr.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Vultr](https://www.vultr.com/).
<!--more-->
- Code: `vultr`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `VULTR_API_KEY` | API key |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `VULTR_HTTP_TIMEOUT` | API request timeout |
| `VULTR_POLLING_INTERVAL` | Time between DNS propagation check |
| `VULTR_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `VULTR_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://www.vultr.com/api/#dns)
- [Go client](https://github.com/JamesClonk/vultr)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/vultr/vultr.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,54 @@
---
title: "Zone.ee"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: zoneee
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/zoneee/zoneee.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
Configuration for [Zone.ee](https://www.zone.ee/).
<!--more-->
- Code: `zoneee`
{{% notice note %}}
_Please contribute by adding a CLI example._
{{% /notice %}}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
| `ZONEEE_API_KEY` | API key |
| `ZONEEE_API_USER` | API user |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `ZONEEE_ENDPOINT` | API endpoint URL |
| `ZONEEE_HTTP_TIMEOUT` | API request timeout |
| `ZONEEE_POLLING_INTERVAL` | Time between DNS propagation check |
| `ZONEEE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `ZONEEE_TTL` | The TTL of the TXT record used for the DNS challenge |
## More information
- [API documentation](https://api.zone.eu/v2)
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- providers/dns/zoneee/zoneee.toml -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,35 @@
---
title: "Installation"
date: 2019-03-03T16:39:46+01:00
weight: 1
draft: false
---
## Binaries
To get the binary just download the latest release for your OS/Arch from [the release page](https://github.com/xenolf/lego/releases) and put the binary somewhere convenient.
lego does not assume anything about the location you run it from.
## From Docker
```bash
docker run xenolf/lego -h
```
## From package managers
- [ArchLinux (AUR)](https://aur.archlinux.org/packages/lego):
```bash
yay -S lego
```
**Note**: only the package manager for Arch Linux is officially supported by the lego team.
## From sources
To install from sources, just run:
```bash
go get -u github.com/xenolf/lego/cmd/lego
```

View file

@ -0,0 +1,8 @@
---
title: "Usage"
date: 2019-03-03T16:39:46+01:00
draft: false
weight: 2
---
{{%children style="h2" description="true" %}}

View file

@ -0,0 +1,94 @@
---
title: "CLI"
date: 2019-03-03T16:39:46+01:00
draft: false
---
Lego can be use as a CLI.
<!--more-->
## Usage
{{%expand "CLI help" %}}
```slim
NAME:
lego - Let's Encrypt client written in Go
USAGE:
lego [global options] command [command options] [arguments...]
COMMANDS:
run Register an account, then create and install a certificate
revoke Revoke a certificate
renew Renew a certificate
dnshelp Shows additional help for the --dns global option
list Display certificates and accounts information.
help, h Shows a list of commands or help for one command
GLOBAL OPTIONS:
--domains value, -d value Add a domain to the process. Can be specified multiple times.
--server value, -s value CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client. (default: "https://acme-v02.api.letsencrypt.org/directory")
--accept-tos, -a By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service.
--email value, -m value Email used for registration and recovery contact.
--csr value, -c value Certificate signing request filename, if an external CSR is to be used.
--eab Use External Account Binding for account registration. Requires --kid and --hmac.
--kid value Key identifier from External CA. Used for External Account Binding.
--hmac value MAC key from External CA. Should be in Base64 URL Encoding without padding format. Used for External Account Binding.
--key-type value, -k value Key type to use for private keys. Supported: rsa2048, rsa4096, rsa8192, ec256, ec384. (default: "rsa2048")
--filename value (deprecated) Filename of the generated certificate.
--path value Directory to use for storing the data. (default: "./.lego")
--http Use the HTTP challenge to solve challenges. Can be mixed with other types of challenges.
--http.port value Set the port and interface to use for HTTP based challenges to listen on.Supported: interface:port or :port. (default: ":80")
--http.webroot value Set the webroot folder to use for HTTP based challenges to write directly in a file in .well-known/acme-challenge.
--http.memcached-host value Set the memcached host(s) to use for HTTP based challenges. Challenges will be written to all specified hosts.
--tls Use the TLS challenge to solve challenges. Can be mixed with other types of challenges.
--tls.port value Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port. (default: ":443")
--dns value Solve a DNS challenge using the specified provider. Can be mixed with other types of challenges. Run 'lego dnshelp' for help on usage.
--dns.disable-cp By setting this flag to true, disables the need to wait the propagation of the TXT record to all authoritative name servers.
--dns.resolvers value Set the resolvers to use for performing recursive DNS queries. Supported: host:port. The default is to use the system resolvers, or Google's DNS resolvers if the system's cannot be determined.
--http-timeout value Set the HTTP timeout value to a specific value in seconds. (default: 0)
--dns-timeout value Set the DNS timeout value to a specific value in seconds. Used only when performing authoritative name servers queries. (default: 10)
--pem Generate a .pem file by concatenating the .key and .crt files together.
--cert.timeout value Set the certificate timeout value to a specific value in seconds. Only used when obtaining certificates. (default: 30)
--help, -h show help
--version, -v print the version
```
{{% /expand%}}
When using the standard `--path` option, all certificates and account configurations are saved to a folder `.lego` in the current working directory.
## Let's Encrypt ACME server
lego defaults to communicating with the production Let's Encrypt ACME server.
If you'd like to test something without issuing real certificates, consider using the staging endpoint instead:
```bash
lego --server=https://acme-staging-v02.api.letsencrypt.org/directory …
```
## Sudo
The CLI does not require root permissions but needs to bind to port 80 and 443 for certain challenges.
To run the CLI without sudo, you have four options:
- Use setcap 'cap_net_bind_service=+ep' /path/to/program
- Pass the `--http.port` or/and the `--tls.port` option and specify a custom port to bind to. In this case you have to forward port 80/443 to these custom ports (see [Port Usage](usage/cli#port-usage)).
- Pass the `--http.webroot` option and specify the path to your webroot folder. In this case the challenge will be written in a file in `.well-known/acme-challenge/` inside your webroot.
- Pass the `--dns` option and specify a DNS provider.
## Port Usage
By default lego assumes it is able to bind to ports 80 and 443 to solve challenges.
If this is not possible in your environment, you can use the `--http.port` and `--tls.port` options to instruct
lego to listen on that interface:port for any incoming challenges.
If you are using this option, make sure you proxy all of the following traffic to these ports.
**HTTP Port:** All plaintext HTTP requests to port **80** which begin with a request path of `/.well-known/acme-challenge/` for the HTTP challenge.
**TLS Port:** All TLS handshakes on port **443** for the TLS-ALPN challenge.
This traffic redirection is only needed as long as lego solves challenges. As soon as you have received your certificates you can deactivate the forwarding.

View file

@ -0,0 +1,48 @@
---
title: "Examples"
date: 2019-03-03T16:39:46+01:00
draft: false
---
## CLI Examples
Assumes the `lego` binary has permission to bind to ports 80 and 443.
You can get a pre-built binary from the [releases](https://github.com/xenolf/lego/releases) page.
If your environment does not allow you to bind to these ports, please read [Port Usage](usage/cli#port-usage).
### Obtain a certificate
```bash
lego --email="foo@bar.com" --domains="example.com" --http run
```
(Find your certificate in the `.lego` folder of current working directory.)
### To renew the certificate
```bash
lego --email="foo@bar.com" --domains="example.com" --http renew
```
### To renew the certificate only if it expires within 45 days
```bash
lego --email="foo@bar.com" --domains="example.com" --http renew --days 45
```
### Obtain a certificate using the DNS challenge
```bash
AWS_REGION=us-east-1 \
AWS_ACCESS_KEY_ID=my_id \
AWS_SECRET_ACCESS_KEY=my_key \
lego --email="foo@bar.com" --domains="example.com" --dns="route53" run
```
### Obtain a certificate given a certificate signing request (CSR) generated by something else
```bash
lego --email="foo@bar.com" --http --csr=/path/to/csr.pem run
```
(lego will infer the domains to be validated based on the contents of the CSR, so make sure the CSR's Common Name and optional SubjectAltNames are set correctly.)

View file

@ -0,0 +1,103 @@
---
title: "Writing a Challenge Solver"
date: 2019-03-03T16:39:46+01:00
draft: false
---
Lego can solve multiple ACME challenge types out of the box, but sometimes you have custom requirements.
<!--more-->
For example, you may want to write a solver for the DNS-01 challenge that works with a different DNS provider (lego already supports CloudFlare, AWS, DigitalOcean, and others).
The DNS-01 challenge is advantageous when other challenge types are impossible.
For example, the HTTP-01 challenge doesn't work well behind a load balancer or CDN and the TLS-ALPN-01 challenge breaks behind TLS termination.
But even if using HTTP-01 or TLS-ALPN-01 challenges, you may have specific needs that lego does not consider by default.
You can write something called a `challenge.Provider` that implements [this interface](https://godoc.org/github.com/xenolf/lego/challenge#Provider):
```go
type Provider interface {
Present(domain, token, keyAuth string) error
CleanUp(domain, token, keyAuth string) error
}
```
This provides the means to solve a challenge.
First you present a token to the ACME server in a way defined by the challenge type you're solving for, then you "clean up" after the challenge finishes.
## Writing a challenge.Provider
Pretend we want to write our own DNS-01 challenge provider (other challenge types have different requirements but the same principles apply).
This will let us prove ownership of domain names parked at a new, imaginary DNS service called BestDNS without having to start our own HTTP server.
BestDNS has an API that, given an authentication token, allows us to manipulate DNS records.
This simplistic example has only one field to store the auth token, but in reality you may need to keep more state.
```go
type DNSProviderBestDNS struct {
apiAuthToken string
}
```
We should provide a constructor that returns a *pointer* to the `struct`.
This is important in case we need to maintain state in the `struct`.
```go
func NewDNSProviderBestDNS(apiAuthToken string) (*DNSProviderBestDNS, error) {
return &DNSProviderBestDNS{apiAuthToken: apiAuthToken}, nil
}
```
Now we need to implement the interface.
We'll start with the `Present` method.
You'll be passed the `domain` name for which you're proving ownership, a `token`, and a `keyAuth` string.
How your provider uses `token` and `keyAuth`, or if you even use them at all, depends on the challenge type.
For DNS-01, we'll just use `domain` and `keyAuth`.
```go
func (d *DNSProviderBestDNS) Present(domain, token, keyAuth string) error {
fqdn, value := dns01.GetRecord(domain, keyAuth)
// make API request to set a TXT record on fqdn with value and ttl
return nil
}
```
After calling `dns01.GetRecord(domain, keyAuth)`, we now have the information we need to make our API request and set the TXT record:
- `fqdn` is the fully qualified domain name on which to set the TXT record.
- `value` is the record's value to set on the record.
So then you make an API request to the DNS service according to their docs.
Once the TXT record is set on the domain, you may return and the challenge will proceed.
The ACME server will then verify that you did what it required you to do, and once it is finished, lego will call your `CleanUp` method.
In our case, we want to remove the TXT record we just created.
```go
func (d *DNSProviderBestDNS) CleanUp(domain, token, keyAuth string) error {
// clean up any state you created in Present, like removing the TXT record
}
```
In our case, we'd just make another API request to have the DNS record deleted; no need to keep it and clutter the zone file.
## Using your new challenge.Provider
To use your new challenge provider, call [`client.Challenge.SetDNS01Provider`](https://godoc.org/github.com/xenolf/lego/challenge/resolver#SolverManager.SetDNS01Provider) to tell lego, "For this challenge, use this provider".
In our case:
```go
bestDNS, err := NewDNSProviderBestDNS("my-auth-token")
if err != nil {
return err
}
client.Challenge.SetDNS01Provider(bestDNS)
```
Then, when this client tries to solve the DNS-01 challenge, it will use our new provider, which sets TXT records on a domain name hosted by BestDNS.
That's really all there is to it.
Go make awesome things!

View file

@ -0,0 +1,115 @@
---
title: "Library"
date: 2019-03-03T16:39:46+01:00
draft: false
---
Lego can be use as a Go Library.
<!--more-->
## GoDoc
The GoDoc can be found here: [GoDoc](https://godoc.org/github.com/xenolf/lego/acme)
## Usage
A valid, but bare-bones example use of the acme package:
```go
package main
import (
"crypto"
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"fmt"
"log"
"github.com/xenolf/lego/certcrypto"
"github.com/xenolf/lego/certificate"
"github.com/xenolf/lego/challenge/http01"
"github.com/xenolf/lego/challenge/tlsalpn01"
"github.com/xenolf/lego/lego"
"github.com/xenolf/lego/registration"
)
// You'll need a user or account type that implements acme.User
type MyUser struct {
Email string
Registration *registration.Resource
key crypto.PrivateKey
}
func (u *MyUser) GetEmail() string {
return u.Email
}
func (u MyUser) GetRegistration() *registration.Resource {
return u.Registration
}
func (u *MyUser) GetPrivateKey() crypto.PrivateKey {
return u.key
}
func main() {
// Create a user. New accounts need an email and private key to start.
privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
log.Fatal(err)
}
myUser := MyUser{
Email: "you@yours.com",
key: privateKey,
}
config := lego.NewConfig(&myUser)
// This CA URL is configured for a local dev instance of Boulder running in Docker in a VM.
config.CADirURL = "http://192.168.99.100:4000/directory"
config.Certificate.KeyType = certcrypto.RSA2048
// A client facilitates communication with the CA server.
client, err := lego.NewClient(config)
if err != nil {
log.Fatal(err)
}
// We specify an http port of 5002 and an tls port of 5001 on all interfaces
// because we aren't running as root and can't bind a listener to port 80 and 443
// (used later when we attempt to pass challenges). Keep in mind that you still
// need to proxy challenge traffic to port 5002 and 5001.
err = client.Challenge.SetHTTP01Provider(http01.NewProviderServer("", "5002"))
if err != nil {
log.Fatal(err)
}
err = client.Challenge.SetTLSALPN01Provider(tlsalpn01.NewProviderServer("", "5001"))
if err != nil {
log.Fatal(err)
}
// New users will need to register
reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true})
if err != nil {
log.Fatal(err)
}
myUser.Registration = reg
request := certificate.ObtainRequest{
Domains: []string{"mydomain.com"},
Bundle: true,
}
certificates, err := client.Certificate.Obtain(request)
if err != nil {
log.Fatal(err)
}
// Each certificate comes back with the cert bytes, the bytes of the client's
// private key, and a certificate URL. SAVE THESE TO DISK.
fmt.Printf("%#v\n", certificates)
// ... all done.
}
```

View file

@ -0,0 +1 @@
<a id="logo" href="/lego"><img src="/lego/images/logo-white.png"></a>

BIN
docs/static/images/logo-white.png vendored Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 15 KiB

BIN
docs/static/images/logo.png vendored Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 9.8 KiB

View file

@ -0,0 +1,53 @@
package cmd
// CODE GENERATED AUTOMATICALLY
// THIS FILE MUST NOT BE EDITED BY HAND
import (
"fmt"
"os"
"strings"
"text/tabwriter"
"github.com/xenolf/lego/log"
)
func allDNSCodes() string {
return strings.Join([]string{
{{- range $provider := .Providers }}
"{{ $provider.Code }}",
{{- end}}
}, ", ")
}
func displayDNSHelp(name string) {
w := tabwriter.NewWriter(os.Stdout, 0, 8, 1, '\t', 0)
switch name {
{{ range $provider := .Providers }}
case "{{ $provider.Code }}":
// generated from: {{ .GeneratedFrom }}
fmt.Fprintln(w, `Configuration for {{ $provider.Name }}.`)
fmt.Fprintln(w, `Code: '{{ $provider.Code }}'`)
fmt.Fprintln(w)
{{if $provider.Configuration }}{{if $provider.Configuration.Credentials }}
fmt.Fprintln(w, `Credentials:`)
{{- range $k, $v := $provider.Configuration.Credentials }}
fmt.Fprintln(w,` - "{{ $k }}": {{ safe $v }}`)
{{- end}}
fmt.Fprintln(w)
{{end}}{{if $provider.Configuration.Additional }}
fmt.Fprintln(w, `Additional Configuration:`)
{{- range $k, $v := $provider.Configuration.Additional }}
fmt.Fprintln(w, ` - "{{ $k }}": {{ safe $v }}`)
{{- end}}
{{end}}{{end}}
fmt.Fprintln(w)
fmt.Fprintln(w, `More information: https://xenolf.github.io/lego/dns/{{ $provider.Code }}`)
{{end}}
case "manual":
fmt.Fprintln(w, `Solving the DNS-01 challenge using CLI prompt.`)
default:
log.Fatalf("%q is not yet supported.", name)
}
w.Flush()
}

View file

@ -0,0 +1,73 @@
---
title: "{{ .Name }}"
date: 2019-03-03T16:39:46+01:00
draft: false
slug: {{ .Code }}
---
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- {{ .GeneratedFrom }} -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
{{if .Description -}}
{{ .Description }}
{{else}}
Configuration for [{{ .Name }}]({{ .URL }}).
{{end}}
<!--more-->
- Code: `{{ .Code }}`
{{if .Example }}
Here is an example bash command using the {{ .Name }} provider:
```bash
{{ .Example -}}
```
{{else}}
{{ "{{" }}% notice note %}}
_Please contribute by adding a CLI example._
{{ "{{" }}% /notice %}}
{{end}}
{{if .Configuration }}
{{if .Configuration.Credentials }}
## Credentials
| Environment Variable Name | Description |
|-----------------------|-------------|
{{- range $k, $v := .Configuration.Credentials }}
| `{{$k}}` | {{$v}} |
{{- end}}
{{- end}}
{{if .Configuration.Additional }}
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
{{- range $k, $v := .Configuration.Additional }}
| `{{$k}}` | {{$v}} |
{{- end}}
{{- end}}
{{- end}}
{{ .Additional }}
{{if .Links }}
## More information
{{if .Links.API -}}
- [API documentation]({{ .Links.API }})
{{- end}}
{{- if .Links.GoClient }}
- [Go client]({{ .Links.GoClient }})
{{- end}}
{{- end}}
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->
<!-- {{ .GeneratedFrom }} -->
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

View file

@ -0,0 +1,136 @@
package main
//go:generate go run .
import (
"bytes"
"go/format"
"log"
"os"
"path/filepath"
"strings"
"text/template"
"github.com/BurntSushi/toml"
)
const (
root = "../../"
dnsPackage = root + "providers/dns"
mdTemplate = root + "internal/dnsdocs/dns.md.tmpl"
cliTemplate = root + "internal/dnsdocs/dns.go.tmpl"
cliOutput = root + "cmd/zz_gen_cmd_dnshelp.go"
docOutput = root + "docs/content/dns"
)
type Model struct {
Name string // Real name of the DNS provider
Code string // DNS code
URL string // DNS provider URL
Description string // Provider summary
Example string // CLI example
Configuration *Configuration // Environment variables
Links *Links // Links
Additional string // Extra documentation
GeneratedFrom string // Source file
}
type Configuration struct {
Credentials map[string]string
Additional map[string]string
}
type Links struct {
API string
GoClient string
}
type Providers struct {
Providers []Model
}
func main() {
models := &Providers{}
err := filepath.Walk(dnsPackage, walker(models))
if err != nil {
log.Fatal(err)
}
// generate CLI help
err = generateCLIHelp(models)
if err != nil {
log.Fatal(err)
}
}
func walker(prs *Providers) func(string, os.FileInfo, error) error {
return func(path string, _ os.FileInfo, err error) error {
if err != nil {
return err
}
if filepath.Ext(path) == ".toml" {
m := Model{}
m.GeneratedFrom, err = filepath.Rel(root, path)
if err != nil {
return err
}
_, err := toml.DecodeFile(path, &m)
if err != nil {
return err
}
prs.Providers = append(prs.Providers, m)
// generate documentation
return generateDocumentation(m)
}
return nil
}
}
func generateDocumentation(m Model) error {
filename := filepath.Join(docOutput, "zz_gen_"+m.Code+".md")
file, err := os.Create(filename)
if err != nil {
return err
}
return template.Must(template.ParseFiles(mdTemplate)).Execute(file, m)
}
func generateCLIHelp(models *Providers) error {
filename := filepath.Join(cliOutput)
file, err := os.Create(filename)
if err != nil {
return err
}
tlt := template.New(filepath.Base(cliTemplate)).Funcs(map[string]interface{}{
"safe": func(src string) string {
return strings.ReplaceAll(src, "`", "'")
},
})
b := &bytes.Buffer{}
err = template.Must(tlt.ParseFiles(cliTemplate)).Execute(b, models)
if err != nil {
return err
}
// gofmt
source, err := format.Source(b.Bytes())
if err != nil {
return err
}
_, err = file.Write(source)
return err
}

View file

@ -0,0 +1,15 @@
Name = "Joohoi's ACME-DNS"
Description = ''''''
URL = "https://github.com/joohoi/acme-dns"
Code = "acme-dns"
Example = ''''''
[Configuration]
[Configuration.Credentials]
ACME_DNS_API_BASE = "The ACME-DNS API address"
ACME_DNS_STORAGE_PATH = "The ACME-DNS JSON account data file. A per-domain account will be registered/persisted to this file and used for TXT updates."
[Links]
API = "https://github.com/joohoi/acme-dns#api"
GoClient = "https://github.com/cpu/goacmedns"

View file

@ -0,0 +1,20 @@
Name = "Alibaba Cloud DNS"
Description = ''''''
URL = "https://www.alibabacloud.com/product/dns"
Code = "alidns"
Example = ''''''
[Configuration]
[Configuration.Credentials]
ALICLOUD_ACCESS_KEY = "Access key ID"
ALICLOUD_SECRET_KEY = "Access Key secret"
[Configuration.Additional]
ALICLOUD_POLLING_INTERVAL = "Time between DNS propagation check"
ALICLOUD_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
ALICLOUD_TTL = "The TTL of the TXT record used for the DNS challenge"
ALICLOUD_HTTP_TIMEOUT = "API request timeout"
[Links]
API = "https://www.alibabacloud.com/help/doc-detail/42875.htm"
GoClient = "https://github.com/aliyun/alibaba-cloud-sdk-go"

View file

@ -0,0 +1,20 @@
Name = "Aurora DNS"
Description = ''''''
URL = "https://www.pcextreme.com/aurora/dns"
Code = "auroradns"
Example = ''''''
[Configuration]
[Configuration.Credentials]
AURORA_USER_ID = "User ID"
AURORA_KEY = "User API key"
AURORA_ENDPOINT = "API endpoint URL"
[Configuration.Additional]
AURORA_POLLING_INTERVAL = "Time between DNS propagation check"
AURORA_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
AURORA_TTL = "The TTL of the TXT record used for the DNS challenge"
[Links]
API = "https://libcloud.readthedocs.io/en/latest/dns/drivers/auroradns.html#api-docs"
GoClient = "https://github.com/nrdcg/auroradns"

View file

@ -0,0 +1,24 @@
Name = "Azure"
Description = ''''''
URL = "https://azure.microsoft.com/services/dns/"
Code = "azure"
Example = ''''''
[Configuration]
[Configuration.Credentials]
AZURE_CLIENT_ID = "Client ID"
AZURE_CLIENT_SECRET = "Client secret"
AZURE_SUBSCRIPTION_ID = "Subscription ID"
AZURE_TENANT_ID = "Tenant ID"
AZURE_RESOURCE_GROUP = "Resource group"
'instance metadata service' = "If the credentials are **not** set via the environment, then it will attempt to get a bearer token via the [instance metadata service](https://docs.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service)."
[Configuration.Additional]
AZURE_POLLING_INTERVAL = "Time between DNS propagation check"
AZURE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
AZURE_TTL = "The TTL of the TXT record used for the DNS challenge"
AZURE_METADATA_ENDPOINT = "Metadata Service endpoint URL"
[Links]
API = "https://docs.microsoft.com/en-us/go/azure/"
GoClient = "https://github.com/Azure/azure-sdk-for-go"

View file

@ -0,0 +1,19 @@
Name = "Bluecat"
Description = ''''''
URL = "https://www.bluecatnetworks.com"
Code = "bluecat"
Example = ''''''
[Configuration]
[Configuration.Credentials]
BLUECAT_SERVER_URL = "The server URL, should have scheme, hostname, and port (if required) of the authoritative Bluecat BAM serve"
BLUECAT_USER_NAME = "API username"
BLUECAT_PASSWORD = "API password"
BLUECAT_CONFIG_NAME = "Configuration name"
BLUECAT_DNS_VIEW = "External DNS View Name"
[Configuration.Additional]
BLUECAT_POLLING_INTERVAL = "Time between DNS propagation check"
BLUECAT_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
BLUECAT_TTL = "The TTL of the TXT record used for the DNS challenge"
BLUECAT_HTTP_TIMEOUT = "API request timeout"

View file

@ -0,0 +1,24 @@
Name = "Cloudflare"
Description = ''''''
URL = "https://www.cloudflare.com/dns/"
Code = "cloudflare"
Example = '''
CLOUDFLARE_EMAIL=foo@bar.com \
CLOUDFLARE_API_KEY=b9841238feb177a84330febba8a83208921177bffe733 \
lego --dns cloudflare --domains my.domain.com --email my@email.com run
'''
[Configuration]
[Configuration.Credentials]
CLOUDFLARE_EMAIL = "Account email"
CLOUDFLARE_API_KEY = "API key"
[Configuration.Additional]
CLOUDFLARE_POLLING_INTERVAL = "Time between DNS propagation check"
CLOUDFLARE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
CLOUDFLARE_TTL = "The TTL of the TXT record used for the DNS challenge"
CLOUDFLARE_HTTP_TIMEOUT = "API request timeout"
[Links]
API = "https://api.cloudflare.com/"
GoClient = "https://github.com/cloudflare/cloudflare-go"

View file

@ -0,0 +1,19 @@
Name = "ClouDNS"
Description = ''''''
URL = "https://www.cloudns.net"
Code = "cloudns"
Example = ''''''
[Configuration]
[Configuration.Credentials]
CLOUDNS_AUTH_ID = "The API user ID"
CLOUDNS_AUTH_PASSWORD = "The password for API user ID"
[Configuration.Additional]
CLOUDNS_POLLING_INTERVAL = "Time between DNS propagation check"
CLOUDNS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
CLOUDNS_TTL = "The TTL of the TXT record used for the DNS challenge"
CLOUDNS_HTTP_TIMEOUT = "API request timeout"
[Links]
API = "https://www.cloudns.net/wiki/article/42/"

View file

@ -0,0 +1,19 @@
Name = "CloudXNS"
Description = """"""
URL = "https://www.cloudxns.net/"
Code = "cloudxns"
Example = ''''''
[Configuration]
[Configuration.Credentials]
CLOUDXNS_API_KEY = "The API key"
CLOUDXNS_SECRET_KEY = "THe API secret key"
[Configuration.Additional]
CLOUDXNS_POLLING_INTERVAL = "Time between DNS propagation check"
CLOUDXNS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
CLOUDXNS_TTL = "The TTL of the TXT record used for the DNS challenge"
CLOUDXNS_HTTP_TIMEOUT = "API request timeout"
[Links]
API = "https://www.cloudxns.net/Public/Doc/CloudXNS_api2.0_doc_zh-cn.zip"

View file

@ -0,0 +1,21 @@
Name = "ConoHa"
Description = ''''''
URL = "https://www.conoha.jp/"
Code = "conoha"
Example = ''''''
[Configuration]
[Configuration.Credentials]
CONOHA_TENANT_ID = "Tenant ID"
CONOHA_API_USERNAME = "The API username"
CONOHA_API_PASSWORD = "The API password"
[Configuration.Additional]
CONOHA_POLLING_INTERVAL = "Time between DNS propagation check"
CONOHA_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
CONOHA_TTL = "The TTL of the TXT record used for the DNS challenge"
CONOHA_HTTP_TIMEOUT = "API request timeout"
CONOHA_REGION = "The region"
[Links]
API = "https://www.conoha.jp/docs/"

View file

@ -0,0 +1,22 @@
Name = "Designate DNSaaS for Openstack"
Description = ''''''
URL = "https://docs.openstack.org/designate/latest/"
Code = "designate"
Example = ''''''
[Configuration]
[Configuration.Credentials]
OS_AUTH_URL = "Identity endpoint URL"
OS_USERNAME = "Username"
OS_PASSWORD = "Password"
OS_TENANT_NAME = "Tenant name"
OS_REGION_NAME = "Region name"
[Configuration.Additional]
DESIGNATE_POLLING_INTERVAL = "Time between DNS propagation check"
DESIGNATE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
DESIGNATE_TTL = "The TTL of the TXT record used for the DNS challenge"
[Links]
API = "https://docs.openstack.org/designate/latest/"
GoClient = "https://godoc.org/github.com/gophercloud/gophercloud/openstack/dns/v2"

View file

@ -0,0 +1,18 @@
Name = "Digital Ocean"
Description = ''''''
URL = "https://www.digitalocean.com/docs/networking/dns/"
Code = "digitalocean"
Example = ''''''
[Configuration]
[Configuration.Credentials]
DO_AUTH_TOKEN = "Authentication token"
[Configuration.Additional]
DO_POLLING_INTERVAL = "Time between DNS propagation check"
DO_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
DO_TTL = "The TTL of the TXT record used for the DNS challenge"
DO_HTTP_TIMEOUT = "API request timeout"
[Links]
API = "https://developers.digitalocean.com/documentation/v2/#domain-records"

View file

@ -0,0 +1,19 @@
Name = "DNSimple"
Description = ''''''
URL = "https://dnsimple.com/"
Code = "dnsimple"
Example = ''''''
[Configuration]
[Configuration.Credentials]
DNSIMPLE_OAUTH_TOKEN = "OAuth token"
DNSIMPLE_BASE_URL = "API endpoint URL"
[Configuration.Additional]
DNSIMPLE_POLLING_INTERVAL = "Time between DNS propagation check"
DNSIMPLE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
DNSIMPLE_TTL = "The TTL of the TXT record used for the DNS challenge"
[Links]
API = "https://developer.dnsimple.com/v2/"
GoClient = "https://github.com/dnsimple/dnsimple-go"

View file

@ -0,0 +1,20 @@
Name = "DNS Made Easy"
Description = ''''''
URL = "https://dnsmadeeasy.com/"
Code = "dnsmadeeasy"
Example = ''''''
[Configuration]
[Configuration.Credentials]
DNSMADEEASY_API_KEY = "The API key"
DNSMADEEASY_API_SECRET = "The API Secret key"
[Configuration.Additional]
DNSMADEEASY_SANDBOX = "Activate the sandbox (boolean)"
DNSMADEEASY_POLLING_INTERVAL = "Time between DNS propagation check"
DNSMADEEASY_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
DNSMADEEASY_TTL = "The TTL of the TXT record used for the DNS challenge"
DNSMADEEASY_HTTP_TIMEOUT = "API request timeout"
[Links]
API = "https://api-docs.dnsmadeeasy.com/"

View file

@ -0,0 +1,19 @@
Name = "DNSPod"
Description = ''''''
URL = "http://www.dnspod.com/"
Code = "dnspod"
Example = ''''''
[Configuration]
[Configuration.Credentials]
DNSPOD_API_KEY = "The user token"
[Configuration.Additional]
DNSPOD_POLLING_INTERVAL = "Time between DNS propagation check"
DNSPOD_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
DNSPOD_TTL = "The TTL of the TXT record used for the DNS challenge"
DNSPOD_HTTP_TIMEOUT = "API request timeout"
[Links]
API = "https://www.dnspod.com/docs/index.html"
GoClient = "https://github.com/decker502/dnspod-go"

View file

@ -0,0 +1,18 @@
Name = "DreamHost"
Description = ''''''
URL = "https://www.dreamhost.com"
Code = "dreamhost"
Example = ''''''
[Configuration]
[Configuration.Credentials]
DREAMHOST_API_KEY = "The API key"
[Configuration.Additional]
DREAMHOST_POLLING_INTERVAL = "Time between DNS propagation check"
DREAMHOST_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
DREAMHOST_TTL = "The TTL of the TXT record used for the DNS challenge"
DREAMHOST_HTTP_TIMEOUT = "API request timeout"
[Links]
API = "https://help.dreamhost.com/hc/en-us/articles/217560167-API_overview"

View file

@ -0,0 +1,19 @@
Name = "Duck DNS"
Description = ''''''
URL = "https://www.duckdns.org/"
Code = "duckdns"
Example = ''''''
[Configuration]
[Configuration.Credentials]
DUCKDNS_TOKEN = "Account token"
[Configuration.Additional]
DUCKDNS_POLLING_INTERVAL = "Time between DNS propagation check"
DUCKDNS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
DUCKDNS_TTL = "The TTL of the TXT record used for the DNS challenge"
DUCKDNS_HTTP_TIMEOUT = "API request timeout"
DUCKDNS_SEQUENCE_INTERVAL = "Interval between iteration"
[Links]
API = "https://www.duckdns.org/spec.jsp"

View file

@ -0,0 +1,20 @@
Name = "Dyn"
Description = ''''''
URL = "https://dyn.com/"
Code = "dyn"
Example = ''''''
[Configuration]
[Configuration.Credentials]
DYN_CUSTOMER_NAME = "Customer name"
DYN_USER_NAME = "User name"
DYN_PASSWORD = "Paswword"
[Configuration.Additional]
DYN_POLLING_INTERVAL = "Time between DNS propagation check"
DYN_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
DYN_TTL = "The TTL of the TXT record used for the DNS challenge"
DYN_HTTP_TIMEOUT = "API request timeout"
[Links]
API = "https://help.dyn.com/rest/"

View file

@ -1,6 +1,30 @@
# Execute an external program
Name = "External program"
Description = "Solving the DNS-01 challenge using an external program."
URL = "/dns/exec"
Code = "exec"
Example = '''
EXEC_PATH=/the/path/to/myscript.sh \
lego --dns exec --domains my.domain.com --email my@email.com run
'''
Additional = '''
## Base Configuration
| Environment Variable Name | Description |
|-----------------------|-------------|
| `EXEC_MODE` | `RAW`, none |
| `EXEC_PATH` | TODO |
## Additional Configuration
| Environment Variable Name | Description |
|--------------------------------|-------------|
| `EXEC_POLLING_INTERVAL` | Time between DNS propagation check |
| `EXEC_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
Solving the DNS-01 challenge using an external program.
## Description
@ -48,6 +72,12 @@ It will then call the program `./update-dns.sh` like this:
## Commands
{{% notice note %}}
The `--` is because the token MAY start with a `-`, and the called program may try and interpret a `-` as indicating a flag.
In the case of urfave, which is commonly used,
you can use the `--` delimiter to specify the start of positional arguments, and handle such a string safely.
{{% /notice %}}
### Present
| Mode | Command |
@ -77,10 +107,4 @@ the default display propagation timeout and polling interval are used.
| default | `myprogram timeout` |
| `RAW` | `myprogram timeout` |
## NOTE
The `--` is because the token MAY start with a `-`, and the called program may try and interpret a - as indicating a flag.
In the case of urfave, which is commonly used,
you can use the `--` delimiter to specify the start of positional arguments, and handle such a string safely.
'''

View file

@ -0,0 +1,21 @@
Name = "Exoscale"
Description = ''''''
URL = "https://www.exoscale.com/"
Code = "exoscale"
Example = ''''''
[Configuration]
[Configuration.Credentials]
EXOSCALE_API_KEY = "API key"
EXOSCALE_API_SECRET = "API secret"
EXOSCALE_ENDPOINT = "API endpoint URL"
[Configuration.Additional]
EXOSCALE_POLLING_INTERVAL = "Time between DNS propagation check"
EXOSCALE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
EXOSCALE_TTL = "The TTL of the TXT record used for the DNS challenge"
EXOSCALE_HTTP_TIMEOUT = "API request timeout"
[Links]
API = "https://community.exoscale.com/documentation/dns/api/"
GoClient = "https://github.com/exoscale/egoscale"

Some files were not shown because too many files have changed in this diff Show more