Use currently-maintained Hurricane Electric certbot plugin

letsencrypt/CHANGELOG.md

@@ -1,5 +1,10 @@
 # Changelog
 
+## 5.2.11
+
+- Use a newer, maintained Hurricane Electric plugin.
+- Note that this requires the provider name to be updated from dns-he to dns-hurricane_electric
+
 ## 5.2.10
 
 - Add transip global_key parameter to config.yaml

letsencrypt/Dockerfile

@@ -15,7 +15,7 @@ ARG \
     CERTBOT_DNS_DUCKDNS_VERSION \
     CERTBOT_DNS_DYNU_VERSION \
     CERTBOT_DNS_EASYDNS_VERSION \
-    CERTBOT_DNS_HE_VERSION \
+    CERTBOT_DNS_HURRICANE_ELECTRIC_VERSION \
     CERTBOT_DNS_HETZNER_VERSION \
     CERTBOT_DNS_INFOMANIAK_VERSION \
     CERTBOT_DNS_INWX_VERSION \
@@ -90,7 +90,7 @@ RUN \
         certbot-dns-transip==${CERTBOT_DNS_TRANSIP_VERSION} \
         certbot-dns-inwx==${CERTBOT_DNS_INWX_VERSION} \
         certbot-dns-dreamhost==${CERTBOT_DNS_DREAMHOST_VERSION} \
-        certbot-dns-he==${CERTBOT_DNS_HE_VERSION} \
+        certbot-dns-hurricane-electric==${CERTBOT_DNS_HURRICANE_ELECTRIC_VERSION} \
         certbot-dns-easydns==${CERTBOT_DNS_EASYDNS_VERSION} \
         certbot-dns-domainoffensive==${CERTBOT_DNS_DOMAINOFFENSIVE_VERSION} \
         certbot-dns-websupport==${CERTBOT_DNS_WEBSUPPORT_VERSION} \

letsencrypt/build.yaml

@@ -19,7 +19,7 @@ args:
   CERTBOT_DNS_DUCKDNS_VERSION: 1.3
   CERTBOT_DNS_DYNU_VERSION: 0.0.5
   CERTBOT_DNS_EASYDNS_VERSION: 0.1.4
-  CERTBOT_DNS_HE_VERSION: 1.0.0
+  CERTBOT_DNS_HURRICANE_ELECTRIC_VERSION: 0.1.0
   CERTBOT_DNS_HETZNER_VERSION: 2.0.1
   CERTBOT_DNS_INFOMANIAK_VERSION: 0.2.3
   CERTBOT_DNS_INWX_VERSION: 2.2.0

letsencrypt/config.yaml

@@ -1,5 +1,5 @@
 ---
-version: 5.2.10
+version: 5.2.11
 slug: letsencrypt
 name: Let's Encrypt
 description: Manage certificate from Let's Encrypt
@@ -109,7 +109,7 @@ schema:
       dns-hetzner|dns-infomaniak|dns-ionos|dns-joker|dns-linode|dns-loopia|dns-luadns|\
       dns-mijn-host|dns-njalla|dns-nsone|dns-porkbun|dns-ovh|dns-rfc2136|dns-route53|\
       dns-sakuracloud|dns-namecheap|dns-netcup|dns-simply|dns-gandi|dns-transip|dns-inwx|\
-      dns-dreamhost|dns-he|dns-easydns|dns-domainoffensive|dns-websupport|dns-noris|\
+      dns-dreamhost|dns-hurricane_electric|dns-easydns|dns-domainoffensive|dns-websupport|dns-noris|\
       dns-plesk)?"
     rfc2136_algorithm: str?
     rfc2136_name: str?

letsencrypt/rootfs/etc/cont-init.d/file-structure.sh

@@ -74,8 +74,8 @@ echo -e "dns_desec_token = $(bashio::config 'dns.desec_token')\n" \
       "dns_cloudns_auth_password = $(bashio::config 'dns.cloudns_auth_password')\n" \
       "dns_dreamhost_baseurl = $(bashio::config 'dns.dreamhost_baseurl')\n" \
       "dns_dreamhost_api_key = $(bashio::config 'dns.dreamhost_api_key')\n" \
-      "dns_he_user = $(bashio::config 'dns.he_user')\n" \
-      "dns_he_pass = $(bashio::config 'dns.he_pass')\n" \
+      "dns_hurricane_electric_user = $(bashio::config 'dns.he_user')\n" \
+      "dns_hurricane_electric_pass = $(bashio::config 'dns.he_pass')\n" \
       "dns_easydns_endpoint = $(bashio::config 'dns.easydns_endpoint')\n" \
       "dns_easydns_usertoken = $(bashio::config 'dns.easydns_token')\n" \
       "dns_easydns_userkey = $(bashio::config 'dns.easydns_key')\n" \

letsencrypt/rootfs/etc/services.d/lets-encrypt/run

@@ -63,12 +63,12 @@ elif [ "${CHALLENGE}" == "dns" ] && [ "${DNS_PROVIDER}" == "dns-namecheap" ]; th
     bashio::config.require 'dns.namecheap_username'
     bashio::config.require 'dns.namecheap_api_key'
     PROVIDER_ARGUMENTS+=("--authenticator" "${DNS_PROVIDER}" "--${DNS_PROVIDER}-credentials" "/data/dnsapikey" "--${DNS_PROVIDER}-propagation-seconds" "${PROPAGATION_SECONDS}")
-    
+
 #mijn.host
 elif [ "${CHALLENGE}" == "dns" ] && [ "${DNS_PROVIDER}" == "dns-mijn-host" ]; then
     bashio::config.require 'dns.mijn_host_api_key'
     PROVIDER_ARGUMENTS+=("--authenticator" "${DNS_PROVIDER}" "--${DNS_PROVIDER}-credentials" "/data/dnsapikey" "--${DNS_PROVIDER}-propagation-seconds" "${PROPAGATION_SECONDS}")
-    
+
 #Netcup
 elif [ "${CHALLENGE}" == "dns" ] && [ "${DNS_PROVIDER}" == "dns-netcup" ]; then
     bashio::config.require 'dns.netcup_customer_id'
@@ -245,7 +245,7 @@ elif [ "${CHALLENGE}" == "dns" ] && [ "${DNS_PROVIDER}" == "dns-dreamhost" ]; th
     PROVIDER_ARGUMENTS+=("--authenticator" "${DNS_PROVIDER}" "--dns-dreamhost-credentials" "/data/dnsapikey")
 
 # Hurricane Electric
-elif [ "${CHALLENGE}" == "dns" ] && [ "${DNS_PROVIDER}" == "dns-he" ]; then
+elif [ "${CHALLENGE}" == "dns" ] && [ "${DNS_PROVIDER}" == "dns-hurricane_electric" ]; then
     bashio::config.require 'dns.he_user'
     bashio::config.require 'dns.he_pass'
     PROVIDER_ARGUMENTS+=("--authenticator" "${DNS_PROVIDER}" "--${DNS_PROVIDER}-credentials" "/data/dnsapikey" "--${DNS_PROVIDER}-propagation-seconds" "${PROPAGATION_SECONDS}")
@@ -310,7 +310,7 @@ if bashio::config.exists 'key_type'; then
     fi
 else
     bashio::log.info "Detecting existing certificate type for ${DOMAIN_ARR[1]}"
-    readarray -t CBCERTS < <(certbot certificates --non-interactive --cert-name "${DOMAIN_ARR[1]}" --config-dir "$CERT_DIR" --work-dir "$WORK_DIR") 
+    readarray -t CBCERTS < <(certbot certificates --non-interactive --cert-name "${DOMAIN_ARR[1]}" --config-dir "$CERT_DIR" --work-dir "$WORK_DIR")
     for output in "${CBCERTS[@]}"; do
         # shellcheck disable=SC2076
         if [[ $output =~ "No certificates found." ]]; then