diff --git a/Dockerfile b/Dockerfile index ebb6cae3..b829a5fb 100755 --- a/Dockerfile +++ b/Dockerfile @@ -114,6 +114,7 @@ RUN \ certbot-dns-google \ certbot-dns-he \ certbot-dns-hetzner \ + certbot-dns-hetzner-cloud \ certbot-dns-infomaniak \ certbot-dns-inwx \ certbot-dns-ionos \ diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index 81987892..fdb4c9df 100755 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -114,6 +114,7 @@ RUN \ certbot-dns-google \ certbot-dns-he \ certbot-dns-hetzner \ + certbot-dns-hetzner-cloud \ certbot-dns-infomaniak \ certbot-dns-inwx \ certbot-dns-ionos \ diff --git a/readme-vars.yml b/readme-vars.yml index edad8cc8..6a124c22 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -32,7 +32,7 @@ opt_param_usage_include_env: true opt_param_env_vars: - {env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)"} - {env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt."} - - {env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynu`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`."} + - {env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynu`, `freedns`, `gandi`, `gehirn`, `glesys`, `godaddy`, `google`, `he`, `hetzner`, hetzner-cloud`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`."} - {env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins."} - {env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)."} - {env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`"} @@ -218,6 +218,7 @@ init_diagram: | "swag:latest" <- Base Images # changelog changelogs: + - {date: "21.12.25:", desc: "Add support for hetzner-cloud dns validation."} - {date: "04.11.25:", desc: "Switch default Gandi credentials from API Key to Token, allow DNS propagation time for Azure DNS plugin."} - {date: "18.07.25:", desc: "Rebase to Alpine 3.22 with PHP 8.4. Add QUIC support. Drop PHP bindings for mcrypt as it is no longer maintained."} - {date: "05.05.25:", desc: "Disable Certbot's built in log rotation."} diff --git a/root/defaults/dns-conf/hetzner-cloud.ini b/root/defaults/dns-conf/hetzner-cloud.ini new file mode 100644 index 00000000..dea6f6c5 --- /dev/null +++ b/root/defaults/dns-conf/hetzner-cloud.ini @@ -0,0 +1,2 @@ +# Hetzner Cloud API Token +dns_hetzner_cloud_api_token = your_api_token_here