letsencrypt: Add Infomaniak DNS provider (home-assistant#3320)

moovy2 · Dec 9, 2023 · b217bb6 · b217bb6
1 parent 50feb91
commit b217bb6
Show file tree

Hide file tree

Showing 7 changed files with 43 additions and 4 deletions.
diff --git a/letsencrypt/CHANGELOG.md b/letsencrypt/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## 5.0.6
+
+- Add Infomaniak DNS challenge support
+
 ## 5.0.5
 
 - Fix DirectAdmin DNS challenge support

diff --git a/letsencrypt/DOCS.md b/letsencrypt/DOCS.md
@@ -65,6 +65,7 @@ google_domains_zone: ''
 hetzner_api_token: ''
 gehirn_api_token: ''
 gehirn_api_secret: ''
+infomaniak_api_token: ''
 linode_key: ''
 linode_version: ''
 luadns_email: ''
@@ -238,6 +239,29 @@ on the DNS zone to be used for authentication.
 
 </details>
 
+<details>
+  <summary>Infomaniak DNS challenge</summary>
+
+  ```yaml
+  email: your.email@example.com
+  domains:
+    - subdomain.home-assistant.io
+  certfile: fullchain.pem
+  keyfile: privkey.pem
+  challenge: dns
+  dns:
+    provider: dns-infomaniak
+    infomaniak_api_token: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+  ```
+
+  To obtain the DNS API token follow the instructions here:
+
+  <https://manager.infomaniak.com/v3/infomaniak-api>
+
+  Choose "Domain" as the scope.
+
+</details>
+
 <details>
   <summary>route53 DNS challenge</summary>
 
@@ -558,6 +582,7 @@ dns-duckdns
 dns-gehirn
 dns-google
 dns-hetzner
+dns-infomaniak
 dns-linode
 dns-luadns
 dns-njalla

diff --git a/letsencrypt/Dockerfile b/letsencrypt/Dockerfile
@@ -12,6 +12,7 @@ ARG \
     CERTBOT_DNS_DUCKDNS_VERSION \
     CERTBOT_DNS_GOOGLE_DOMAINS_VERSION \
     CERTBOT_DNS_HETZNER_VERSION \
+    CERTBOT_DNS_INFOMANIAK_VERSION \
     CERTBOT_DNS_INWX_VERSION \
     CERTBOT_DNS_NAMECHEAP_VERSION \
     CERTBOT_DNS_TRANSIP_VERSION \
@@ -48,6 +49,7 @@ RUN \
         certbot-dns-google==${CERTBOT_VERSION} \
         certbot-dns-google-domains==${CERTBOT_DNS_GOOGLE_DOMAINS_VERSION} \
         certbot-dns-hetzner==${CERTBOT_DNS_HETZNER_VERSION} \
+        certbot-dns-infomaniak==${CERTBOT_DNS_INFOMANIAK_VERSION} \
         certbot-dns-linode==${CERTBOT_VERSION} \
         certbot-dns-luadns==${CERTBOT_VERSION} \
         certbot-dns-njalla==${CERTBOT_NJALLA_VERSION} \

diff --git a/letsencrypt/build.yaml b/letsencrypt/build.yaml
@@ -15,6 +15,7 @@ args:
   CERTBOT_DNS_DIRECTADMIN_VERSION: 1.0.3
   CERTBOT_DNS_DUCKDNS_VERSION: 1.3
   CERTBOT_DNS_HETZNER_VERSION: 2.0.0
+  CERTBOT_DNS_INFOMANIAK_VERSION: 0.2.1
   CERTBOT_DNS_INWX_VERSION: 2.2.0
   CERTBOT_DNS_NAMECHEAP_VERSION: 1.0.0
   CERTBOT_DNS_GOOGLE_DOMAINS_VERSION: 0.1.11

diff --git a/letsencrypt/config.yaml b/letsencrypt/config.yaml
@@ -1,5 +1,5 @@
 ---
-version: 5.0.5
+version: 5.0.6
 slug: letsencrypt
 name: Let's Encrypt
 description: Manage certificate from Let's Encrypt
@@ -59,6 +59,7 @@ schema:
     google_domains_access_token: str?
     google_domains_zone: str?
     hetzner_api_token: str?
+    infomaniak_api_token: str?
     linode_key: str?
     linode_version: str?
     luadns_email: email?
@@ -78,9 +79,9 @@ schema:
     provider: "list(dns-azure|dns-cloudflare|dns-desec|dns-digitalocean|\
       dns-directadmin|dns-dnsimple|dns-dnsmadeeasy|dns-duckdns|\
       dns-gehirn|dns-google|dns-google-domains|\
-      dns-hetzner|dns-linode|dns-luadns|dns-njalla|dns-nsone|dns-ovh|\
-      dns-rfc2136|dns-route53|dns-sakuracloud|dns-namecheap|dns-netcup|\
-      dns-gandi|dns-transip|dns-inwx)?"
+      dns-hetzner|dns-infomaniak|dns-linode|dns-luadns|dns-njalla|dns-nsone|\
+      dns-ovh|dns-rfc2136|dns-route53|dns-sakuracloud|dns-namecheap|\
+      dns-netcup|dns-gandi|dns-transip|dns-inwx)?"
     rfc2136_algorithm: str?
     rfc2136_name: str?
     rfc2136_port: str?

diff --git a/letsencrypt/rootfs/etc/cont-init.d/file-structure.sh b/letsencrypt/rootfs/etc/cont-init.d/file-structure.sh
@@ -18,6 +18,7 @@ echo -e "dns_desec_token = $(bashio::config 'dns.desec_token')\n" \
       "dns_gehirn_api_token = $(bashio::config 'dns.gehirn_api_token')\n" \
       "dns_gehirn_api_secret = $(bashio::config 'dns.gehirn_api_secret')\n" \
       "dns_hetzner_api_token = $(bashio::config 'dns.hetzner_api_token')\n" \
+      "dns_infomaniak_token = $(bashio::config 'dns.infomaniak_api_token')\n" \
       "dns_linode_key = $(bashio::config 'dns.linode_key')\n" \
       "dns_linode_version = $(bashio::config 'dns.linode_version')\n" \
       "dns_luadns_email = $(bashio::config 'dns.luadns_email')\n" \

diff --git a/letsencrypt/rootfs/etc/services.d/lets-encrypt/run b/letsencrypt/rootfs/etc/services.d/lets-encrypt/run
@@ -116,6 +116,11 @@ elif [ "${CHALLENGE}" == "dns" ] && [ "${DNS_PROVIDER}" == "dns-hetzner" ]; then
     bashio::config.require 'dns.hetzner_api_token'
     PROVIDER_ARGUMENTS+=("--authenticator" "dns-hetzner" "--dns-hetzner-credentials" "/data/dnsapikey" "--dns-hetzner-propagation-seconds" "${PROPAGATION_SECONDS}")
 
+# Infomaniak
+elif [ "${CHALLENGE}" == "dns" ] && [ "${DNS_PROVIDER}" == "dns-infomaniak" ]; then
+    bashio::config.require 'dns.infomaniak_api_token'
+    PROVIDER_ARGUMENTS+=("--authenticator" "${DNS_PROVIDER}" "--${DNS_PROVIDER}-credentials" /data/dnsapikey "--${DNS_PROVIDER}-propagation-seconds" "${PROPAGATION_SECONDS}")
+
 # Njalla
 elif [ "${CHALLENGE}" == "dns" ] && [ "${DNS_PROVIDER}" == "dns-njalla" ]; then
     bashio::config.require 'dns.njalla_token'