lego/providers/dns/yandexcloud/yandexcloud.toml

49 lines
1.7 KiB
TOML
Raw Normal View History

Name = "Yandex Cloud"
Description = ''''''
URL = "https://cloud.yandex.com"
Code = "yandexcloud"
Since = "v4.9.0"
Example = '''
YANDEX_CLOUD_IAM_TOKEN=<base64_IAM_token> \
YANDEX_CLOUD_FOLDER_ID=<folder/project_id> \
lego --email you@example.com --dns yandexcloud --domains "example.org" --domains "*.example.org" run
# ---
YANDEX_CLOUD_IAM_TOKEN=$(echo '{ \
"id": "<string id>", \
"service_account_id": "<string id>", \
"created_at": "<datetime>", \
"key_algorithm": "RSA_2048", \
"public_key": "-----BEGIN PUBLIC KEY-----<rsa public key>-----END PUBLIC KEY-----", \
"private_key": "-----BEGIN PRIVATE KEY-----<rsa private key>-----END PRIVATE KEY-----" \
}' | base64) \
YANDEX_CLOUD_FOLDER_ID=<yandex cloud folder(project) id> \
lego --email you@example.com --dns yandexcloud --domains "example.org" --domains "*.example.org" run
'''
Additional = '''
## IAM Token
The simplest way to retrieve IAM access token is usage of yc-cli,
follow [docs](https://cloud.yandex.ru/docs/iam/operations/iam-token/create-for-sa) to get it
```bash
yc iam key create --service-account-name my-robot --output key.json
cat key.json | base64
```
'''
[Configuration]
[Configuration.Credentials]
YANDEX_CLOUD_IAM_TOKEN = "The base64 encoded json which contains information about iam token of serivce account with `dns.admin` permissions"
YANDEX_CLOUD_FOLDER_ID = "The string id of folder (aka project) in Yandex Cloud"
[Configuration.Additional]
YANDEX_CLOUD_POLLING_INTERVAL = "Time between DNS propagation check"
YANDEX_CLOUD_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
YANDEX_CLOUD_TTL = "The TTL of the TXT record used for the DNS challenge"
[Links]
API = "https://cloud.yandex.com/en/docs/dns/quickstart"