hendrik-hog/certbot-dns-corenetworks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Compare commits

base: hendrik-hog:06924213d21d056da50716009b5bbf4ebcb8b12a
Branches Tags
hendrik-hog:main
hendrik-hog:1.0.0 hendrik-hog:1.0.0-beta.1
...
compare: hendrik-hog:1.0.0
Branches Tags
hendrik-hog:main
hendrik-hog:1.0.0 hendrik-hog:1.0.0-beta.1

17 Commits
06924213d2 ... 1.0.0

Author SHA1 Message Date
Hendrik Hogertz
83fb4460bc Merge pull request 'ci: 👷 Add deployment workflow' (#2) from ci/deploy into main
All checks were successful
Build and Publish Release / build-and-publish (release) Successful in 23s
Details 
Reviewed-on: #2
 2025-11-24 10:06:44 +01:00
Hendrik Hogertz
ab399e740a ci: 👷 Add deployment workflow
All checks were successful
Build and Publish Release / build-and-publish (release) Successful in 49s
Details
2025-11-24 10:02:56 +01:00
Hendrik Hogertz
2aebaba299 README.md aktualisiert 2025-11-23 21:50:20 +01:00
Hendrik Hogertz
2a4b4609fc Update README.md 2025-11-21 08:34:51 +01:00
Hendrik Hogertz
6d758d8d97 Support Python 3.8+ 2025-11-20 05:27:50 +01:00
Hendrik Hogertz
095c8e75d4 Remove legacy build tools 2025-11-20 05:25:55 +01:00
Hendrik Hogertz
f62c10aa52 Update README.md 2025-11-20 04:00:34 +01:00
Hendrik Hogertz
17903fe6ee Update license 2025-11-20 03:41:33 +01:00
Hendrik Hogertz
a9cc8dc5c6 Rename License file 2025-11-20 03:40:36 +01:00
Hendrik Hogertz
d315bd4ca1 Merge pull request 'Update for modern Python compatibility' (#1) from update into master 
Reviewed-on: #1
 2025-11-20 03:38:16 +01:00
Hendrik Hogertz
4356289bd5 Update license string 2025-11-20 03:35:24 +01:00
Hendrik Hogertz
d66a7159b7 Don't print credentials 2025-11-20 03:21:58 +01:00
Hendrik Hogertz
308d9ffbe6 Remove egg-info 2025-11-20 03:19:17 +01:00
Hendrik Hogertz
504f375fed Update README.md 2025-11-20 03:17:32 +01:00
Hendrik Hogertz
6cbaf08cfc Fix login 2025-11-20 03:12:07 +01:00
Hendrik Hogertz
2e24f0edf9 Rename login to username 2025-11-20 03:00:02 +01:00
Hendrik Hogertz
edc55a5b0d Update for modern Python compatibility 2025-11-20 02:47:11 +01:00
21 changed files with 2692 additions and 573 deletions
Expand all files Collapse all files

71
.gitea/workflows/release.yml Normal file
View File

@@ -0,0 +1,71 @@
name: Build and Publish Release
on:
release:
types: [published]
jobs:
build-and-publish:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: https://git.hogertz.eu/actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd
- name: Set up Python
uses: https://git.hogertz.eu/actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c
with:
python-version: '3.13'
- name: Install uv
run: |
curl -LsSf https://astral.sh/uv/install.sh | sh
echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- name: Extract version from release tag
id: get_version
run: |
# Remove 'v' prefix if present (e.g., v1.0.0 -> 1.0.0)
VERSION=${GITHUB_REF#refs/tags/}
VERSION=${VERSION#v}
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "Extracted version: $VERSION"
- name: Update version in pyproject.toml
run: |
VERSION="${{ steps.get_version.outputs.version }}"
sed -i "s/^version = .*/version = \"$VERSION\"/" pyproject.toml
echo "Updated pyproject.toml to version $VERSION"
cat pyproject.toml | grep "^version"
- name: Install build dependencies
run: |
uv sync --extra build
- name: Build package
run: |
uv run python -m build
- name: Create .pypirc
run: |
cat > ~/.pypirc << EOF
[distutils]
index-servers = gitea
[gitea]
repository = https://git.hogertz.eu/api/packages/hendrik-hog/pypi
username = ${{ secrets.USERNAME }}
password = ${{ secrets.PAT }}
EOF
chmod 600 ~/.pypirc
- name: Publish to Gitea PyPI
run: |
uv run python -m twine upload --repository gitea dist/*
- name: Commit version update
run: |
git config --local user.email "action@gitea.local"
git config --local user.name "Gitea Actions"
git add pyproject.toml
git diff --staged --quiet || git commit -m "chore: bump version to ${{ steps.get_version.outputs.version }}"
git push origin HEAD:main || echo "No changes to push or push failed"

8
.gitignore vendored Normal file
View File

@@ -0,0 +1,8 @@
.venv
corenetworks-credentials.ini
.python-version
**.pyc
certbot-test
*.egg-info
build
dist

73
LICENSE Normal file
View File

@@ -0,0 +1,73 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files.
"Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions:
(a) You must give any other recipients of the Work or Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License.
You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives.
Copyright 2025 hendrik-hog
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

190
LICENSE.txt
View File

@@ -1,190 +0,0 @@
Copyright 2015 Electronic Frontier Foundation and others
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS

110
README.md Normal file
View File

@@ -0,0 +1,110 @@
# certbot-dns-corenetworks
Core Networks DNS Authenticator plugin for Certbot
This plugin automates the process of completing a `dns-01` challenge by creating, and subsequently removing, TXT records using the Core Networks beta API.
## Requirements
- Python >= 3.8
- certbot >= 2.0.0
## Configuration of Core Networks
In the `Allgemein -> Profil -> API-Benutzer` you have to have a user with a login name and password.
See [Core Networks API Documentation](https://beta.api.core-networks.de/doc/) for more information.
## Installation
### From Gitea PyPI
```bash
pip3 install certbot-dns-corenetworks --index-url https://git.hogertz.eu/api/packages/hendrik-hog/pypi/simple
```
### From source
```bash
pip3 install git+https://git.hogertz.eu/hendrik-hog/certbot-dns-corenetworks.git
```
## Named Arguments
To start using DNS authentication for Core Networks, pass the following arguments on certbot's command line:
| Argument | Description |
| ---------------------------------------- | -------------------------------------------------------------------------------------------------------------------------- |
| `--authenticator dns-corenetworks` | Select the authenticator plugin (Required) |
| `--dns-corenetworks-credentials` | Core Networks credentials INI file (Required) |
| `--dns-corenetworks-propagation-seconds` | Waiting time for DNS to propagate before asking the ACME server to verify the DNS record (Default: 30, Recommended: >= 60) |
## Credentials
An example `credentials.ini` file:
```ini
dns_corenetworks_username = myremoteuser
dns_corenetworks_password = verysecureremoteuserpassword
```
The path to this file can be provided interactively or using the `--dns-corenetworks-credentials` command-line argument. Certbot records the path to this file for use during renewal, but does not store the file's contents.
**CAUTION:** You should protect these API credentials as you would the password to your Core Networks account. Users who can read this file can use these credentials to issue arbitrary API calls on your behalf. Users who can cause Certbot to run using these credentials can complete a `dns-01` challenge to acquire new certificates or revoke existing certificates for associated domains, even if those domains aren't being managed by this server.
Certbot will emit a warning if it detects that the credentials file can be accessed by other users on your system. The warning reads "Unsafe permissions on credentials configuration file", followed by the path to the credentials file. This warning will be emitted each time Certbot uses the credentials file, including for renewal, and cannot be silenced except by addressing the issue (e.g., by using a command like `chmod 600` to restrict access to the file).
## Examples
### Acquire a certificate for a domain
To acquire a single certificate for `example.com`:
```bash
certbot certonly \
--authenticator dns-corenetworks \
--dns-corenetworks-credentials /etc/letsencrypt/.secrets/corenetworks.ini \
--dns-corenetworks-propagation-seconds 60 \
--agree-tos \
-d example.com
```
### Acquire a wildcard certificate
To acquire a certificate for both `example.com` and `*.example.com`, waiting 60 seconds for DNS propagation:
```bash
certbot certonly \
--authenticator dns-corenetworks \
--dns-corenetworks-credentials /etc/letsencrypt/.secrets/corenetworks.ini \
--dns-corenetworks-propagation-seconds 60 \
--agree-tos \
-d 'example.com' \
-d '*.example.com'
```
## Development
### Setup development environment
```bash
# Clone the repository
git clone https://git.hogertz.eu/hendrik-hog/certbot-dns-corenetworks.git
cd certbot-dns-corenetworks
uv sync --all-extras
```
### Running tests
```bash
# Run tests with pytest
pytest
# Run tests with coverage
pytest --cov=certbot_dns_corenetworks --cov-report=html
```
## Credits
Original author: Masin Al-Dujaili
Maintainer: Hendrik Hogertz

93
README.rst
View File

@@ -1,93 +0,0 @@
certbot-dns-corenetworks
=====================
Core_Networks_ DNS Authenticator plugin for Certbot
This plugin automates the process of completing a ``dns-01`` challenge by
creating, and subsequently removing, TXT records using the Core Networks beta API.
Configuration of Core Networks
---------------------------
In the `Allgemein -> Profil -> API-Benutzer` you have to have a user with a login name and password
.. _Core_Networks: https://beta.api.core-networks.de/doc/
.. _certbot: https://certbot.eff.org/
Installation
------------
::
pip install certbot-dns-corenetworks
Named Arguments
---------------
To start using DNS authentication for Core Networks, pass the following arguments on
certbot's command line:
=================================================================== ==============================================
``--authenticator certbot-dns-corenetworks:dns-corenetworks`` select the authenticator plugin (Required)
``--certbot-dns-corenetworks:dns-corenetworks-credentials`` Core Networks Remote User credentials
INI file. (Required)
``--certbot-dns-corenetworks:dns-corenetworks-propagation-seconds`` | waiting time for DNS to propagate before asking
| the ACME server to verify the DNS record.
| (Default: 10, Recommended: >= 600)
=================================================================== ==============================================
(Note that the verbose and seemingly redundant ``certbot-dns-corenetworks:``
prefix is currently imposed by certbot for external plugins.)
Credentials
-----------
An example ``credentials.ini`` file:
.. code-block:: ini
certbot_dns_corenetworks:dns_corenetworks_username = myremoteuser
certbot_dns_corenetworks:dns_corenetworks_password = verysecureremoteuserpassword
The path to this file can be provided interactively or using the
``--certbot-dns-corenetworks:dns-corenetworks-credentials`` command-line argument. Certbot
records the path to this file for use during renewal, but does not store the
file's contents.
**CAUTION:** You should protect these API credentials as you would the
password to your Core Networks account. Users who can read this file can use these
credentials to issue arbitrary API calls on your behalf. Users who can cause
Certbot to run using these credentials can complete a ``dns-01`` challenge to
acquire new certificates or revoke existing certificates for associated
domains, even if those domains aren't being managed by this server.
Certbot will emit a warning if it detects that the credentials file can be
accessed by other users on your system. The warning reads "Unsafe permissions
on credentials configuration file", followed by the path to the credentials
file. This warning will be emitted each time Certbot uses the credentials file,
including for renewal, and cannot be silenced except by addressing the issue
(e.g., by using a command like ``chmod 600`` to restrict access to the file).
Examples
--------
To acquire a single certificate for both ``example.com`` and
``*.example.com``, waiting 900 seconds for DNS propagation:
.. code-block:: bash
certbot certonly \
--authenticator certbot-dns-corenetworks:dns-corenetworks \
--certbot-dns-corenetworks:dns-corenetworks-credentials /etc/letsencrypt/.secrets/domain.tld.ini \
--certbot-dns-corenetworks:dns-corenetworks-propagation-seconds 900 \
--server https://acme-v02.api.letsencrypt.org/directory \
--agree-tos \
--rsa-key-size 4096 \
-d 'example.com' \
-d '*.example.com'

124
certbot_dns_corenetworks.egg-info/PKG-INFO
View File

@@ -1,124 +0,0 @@
Metadata-Version: 2.1
Name: certbot-dns-corenetworks
Version: 0.2.0
Summary: Core Networks DNS Authenticator plugin for Certbot
Home-page: https://github.com/MasinAD/certbot-dns-corenetworks
Author: Masin Al-Dujaili
Author-email: masin.aldujaili@googlemail.com
License: Apache License 2.0
Description: certbot-dns-corenetworks
=====================
Core_Networks_ DNS Authenticator plugin for Certbot
This plugin automates the process of completing a ``dns-01`` challenge by
creating, and subsequently removing, TXT records using the Core Networks beta API.
Configuration of Core Networks
---------------------------
In the `Allgemein -> Profil -> API-Benutzer` you have to have a user with a login name and password
.. _Core_Networks: https://beta.api.core-networks.de/doc/
.. _certbot: https://certbot.eff.org/
Installation
------------
::
pip install certbot-dns-corenetworks
Named Arguments
---------------
To start using DNS authentication for Core Networks, pass the following arguments on
certbot's command line:
============================================================= ==============================================
``--authenticator certbot-dns-corenetworks:dns-corenetworks`` select the authenticator plugin (Required)
``--certbot-dns-corenetworks:dns-corenetworks-credentials`` Core Networks Remote User credentials
INI file. (Required)
``--certbot-dns-corenetworks:dns-corenetworks-propagation-seconds`` | waiting time for DNS to propagate before asking
| the ACME server to verify the DNS record.
| (Default: 10, Recommended: >= 600)
============================================================= ==============================================
(Note that the verbose and seemingly redundant ``certbot-dns-corenetworks:``
prefix is currently imposed by certbot for external plugins.)
Credentials
-----------
An example ``credentials.ini`` file:
.. code-block:: ini
certbot_dns_corenetworks:dns_corenetworks_username = myremoteuser
certbot_dns_corenetworks:dns_corenetworks_password = verysecureremoteuserpassword
The path to this file can be provided interactively or using the
``--certbot-dns-corenetworks:dns-corenetworks-credentials`` command-line argument. Certbot
records the path to this file for use during renewal, but does not store the
file's contents.
**CAUTION:** You should protect these API credentials as you would the
password to your Core Networks account. Users who can read this file can use these
credentials to issue arbitrary API calls on your behalf. Users who can cause
Certbot to run using these credentials can complete a ``dns-01`` challenge to
acquire new certificates or revoke existing certificates for associated
domains, even if those domains aren't being managed by this server.
Certbot will emit a warning if it detects that the credentials file can be
accessed by other users on your system. The warning reads "Unsafe permissions
on credentials configuration file", followed by the path to the credentials
file. This warning will be emitted each time Certbot uses the credentials file,
including for renewal, and cannot be silenced except by addressing the issue
(e.g., by using a command like ``chmod 600`` to restrict access to the file).
Examples
--------
To acquire a single certificate for both ``example.com`` and
``*.example.com``, waiting 900 seconds for DNS propagation:
.. code-block:: bash
certbot certonly \
--authenticator certbot-dns-corenetworks:dns-corenetworks \
--certbot-dns-corenetworks:dns-corenetworks-credentials /etc/letsencrypt/.secrets/domain.tld.ini \
--certbot-dns-corenetworks:dns-corenetworks-propagation-seconds 900 \
--server https://acme-v02.api.letsencrypt.org/directory \
--agree-tos \
--rsa-key-size 4096 \
-d 'example.com' \
-d '*.example.com'
Platform: UNKNOWN
Classifier: Development Status :: 3 - Alpha
Classifier: Environment :: Plugins
Classifier: Intended Audience :: System Administrators
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Operating System :: POSIX :: Linux
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Topic :: Security
Classifier: Topic :: System :: Installation/Setup
Classifier: Topic :: System :: Networking
Classifier: Topic :: System :: Systems Administration
Classifier: Topic :: Utilities
Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*
Description-Content-Type: text/x-rst

12
certbot_dns_corenetworks.egg-info/SOURCES.txt
View File

@@ -1,12 +0,0 @@
README.rst
setup.cfg
setup.py
certbot_dns_corenetworks/__init__.py
certbot_dns_corenetworks/dns_corenetworks.py
certbot_dns_corenetworks/dns_corenetworks_test.py
certbot_dns_corenetworks.egg-info/PKG-INFO
certbot_dns_corenetworks.egg-info/SOURCES.txt
certbot_dns_corenetworks.egg-info/dependency_links.txt
certbot_dns_corenetworks.egg-info/entry_points.txt
certbot_dns_corenetworks.egg-info/requires.txt
certbot_dns_corenetworks.egg-info/top_level.txt

1
certbot_dns_corenetworks.egg-info/dependency_links.txt
View File

@@ -1 +0,0 @@

3
certbot_dns_corenetworks.egg-info/entry_points.txt
View File

@@ -1,3 +0,0 @@
[certbot.plugins]
dns-corenetworks = certbot_dns_corenetworks.dns_corenetworks:Authenticator

7
certbot_dns_corenetworks.egg-info/requires.txt
View File

@@ -1,7 +0,0 @@
acme>=0.29.0
certbot>=0.34.0
setuptools
requests
mock
requests-mock
dns-lexicon

1
certbot_dns_corenetworks.egg-info/top_level.txt
View File

@@ -1 +0,0 @@
certbot_dns_corenetworks

BIN
certbot_dns_corenetworks/__init__.pyc
View File

Binary file not shown.

255
certbot_dns_corenetworks/dns_corenetworks.py
View File

@@ -1,97 +1,244 @@
"""DNS Authenticator for Core Networks DNS."""
import logging
import zope.interface
from lexicon.providers import corenetworks
import logging
import requests
from certbot import errors
from certbot import interfaces
from certbot.plugins import dns_common
from certbot.plugins import dns_common_lexicon
logger = logging.getLogger(__name__)
ACCOUNT_URL = 'https://beta.api.core-networks.de/doc/#functon_auth_token'
ACCOUNT_URL = "https://beta.api.core-networks.de/doc/#functon_auth_token"
API_BASE_URL = "https://beta.api.core-networks.de"
@zope.interface.implementer(interfaces.IAuthenticator)
@zope.interface.provider(interfaces.IPluginFactory)
class Authenticator(dns_common.DNSAuthenticator):
"""DNS Authenticator for Core Networks
This Authenticator uses the Core Networks beta API to fulfill a dns-01 challenge.
"""
description = 'Obtain certificates using a DNS TXT record (if you are using Core Networks for DNS).'
description = "Obtain certificates using a DNS TXT record (if you are using Core Networks for DNS)."
ttl = 60
def __init__(self, *args, **kwargs):
# l = open('corenetworks.log', 'a')
# for arg in args:
# l.write("Arg: %s\n" % arg)
# for kwarg in kwargs:
# l.write("KWarg: %s\n" % kwarg)
# l.write(str(config))
# l.write("Authenticator instantiated with args %s and kwargs %s" % (*args, **kwargs))
# l.close()
super(Authenticator, self).__init__(*args, **kwargs)
self.credentials = None
@classmethod
def add_parser_arguments(cls, add): # pylint: disable=arguments-differ
super(Authenticator, cls).add_parser_arguments(add, default_propagation_seconds=30)
add('credentials', help='Core Networks credentials INI file.')
def add_parser_arguments(cls, add):
super(Authenticator, cls).add_parser_arguments(
add, default_propagation_seconds=30
)
add("credentials", help="Core Networks credentials INI file.")
def more_info(self): # pylint: disable=missing-docstring,no-self-use
return 'This plugin configures a DNS TXT record to respond to a dns-01 challenge using ' + \
'the Core Networks beta API.'
def more_info(self):
return (
"This plugin configures a DNS TXT record to respond to a dns-01 challenge using "
+ "the Core Networks beta API."
)
def _setup_credentials(self):
self.credentials = self._configure_credentials(
'credentials',
'Core Networks credentials INI file',
"credentials",
"Core Networks credentials INI file",
{
'login': 'API user name for Core Networks beta API. (See {0}.)'.format(ACCOUNT_URL),
'password': 'Password for API user'
}
"username": "API user name for Core Networks beta API. (See {0}.)".format(
ACCOUNT_URL
),
"password": "Password for API user",
},
)
# l = open('corenetworks.log', 'a')
# l.write("_setup_credentials configured these credentials: %s\n" % str(self.credentials) )
# l.close()
def _perform(self, domain, validation_name, validation):
self._get_corenetworks_client().add_txt_record(domain, validation_name, validation)
self._get_corenetworks_client().add_txt_record(
domain, validation_name, validation
)
def _cleanup(self, domain, validation_name, validation):
self._get_corenetworks_client().del_txt_record(domain, validation_name, validation)
self._get_corenetworks_client().del_txt_record(
domain, validation_name, validation
)
def _get_corenetworks_client(self):
return _CoreNetworksLexiconClient(self.credentials.conf('login'), self.credentials.conf('password'), self.ttl)
return _CoreNetworksAPIClient(
self.credentials.conf("username"),
self.credentials.conf("password"),
self.ttl,
)
class _CoreNetworksLexiconClient(dns_common_lexicon.LexiconClient):
class _CoreNetworksAPIClient:
"""
Encapsulates all communication with the Core Networks API via Lexicon.
Encapsulates all communication with the Core Networks API.
"""
def __init__(self, login, password, ttl):
super(_CoreNetworksLexiconClient, self).__init__()
# l = open('corenetworks.log', 'a')
# l.write("_CoreNetworksLexiconClient instantiated with login {0} and password {1}".format(login, password))
# l.close()
config = dns_common_lexicon.build_lexicon_config('corenetworks', {
'ttl': ttl,
}, {
'auth_username': login,
'auth_password': password
})
def __init__(self, username, password, ttl):
self.username = username
self.password = password
self.ttl = ttl
self.token = None
self.provider = corenetworks.Provider(config)
def _authenticate(self):
"""Authenticate with Core Networks API and get token."""
if self.token:
return self.token
def _handle_http_error(self, e, domain_name):
hint = None
if str(e).startswith('401 Client Error: Unauthorized for url:'):
hint = 'Is your API token value correct?'
try:
response = requests.post(
f"{API_BASE_URL}/auth/token",
json={"login": self.username, "password": self.password},
timeout=30,
)
response.raise_for_status()
data = response.json()
self.token = data["token"]
logger.debug("Successfully authenticated with Core Networks API")
return self.token
except requests.exceptions.RequestException as e:
raise errors.PluginError(
f"Failed to authenticate with Core Networks API: {e}"
)
return errors.PluginError('Error determining zone identifier for {0}: {1}.{2}'
.format(domain_name, e, ' ({0})'.format(hint) if hint else ''))
def _get_headers(self):
"""Get headers with authentication token."""
token = self._authenticate()
return {"Authorization": f"Bearer {token}", "Content-Type": "application/json"}
def _find_zone(self, domain):
"""
Find the DNS zone for the given domain.
:param str domain: The domain to find the zone for
:returns: The zone name
:rtype: str
"""
try:
response = requests.get(
f"{API_BASE_URL}/dnszones/", headers=self._get_headers(), timeout=30
)
response.raise_for_status()
zones = response.json()
# Find the longest matching zone
domain_parts = domain.rstrip(".").split(".")
for i in range(len(domain_parts)):
potential_zone = ".".join(domain_parts[i:])
for zone in zones:
if zone["name"] == potential_zone:
logger.debug(f"Found zone {potential_zone} for domain {domain}")
return potential_zone
raise errors.PluginError(
f"Could not find DNS zone for domain {domain}. "
f"Available zones: {', '.join([z['name'] for z in zones])}"
)
except requests.exceptions.RequestException as e:
raise errors.PluginError(f"Failed to list DNS zones: {e}")
def _get_relative_name(self, record_name, zone):
"""
Get the relative record name for the zone.
:param str record_name: The full record name (FQDN)
:param str zone: The zone name
:returns: The relative record name
:rtype: str
"""
# Remove trailing dots
record_name = record_name.rstrip(".")
zone = zone.rstrip(".")
# If record_name equals zone, return "@" for apex
if record_name == zone:
return "@"
# Remove zone from record_name to get relative name
if record_name.endswith("." + zone):
return record_name[: -(len(zone) + 1)]
# If it doesn't end with the zone, it might already be relative
return record_name
def add_txt_record(self, domain, record_name, record_content):
"""
Add a TXT record using the supplied information.
:param str domain: The domain to use to look up the managed zone.
:param str record_name: The record name (typically beginning with '_acme-challenge.').
:param str record_content: The record content (typically the challenge validation).
:raises errors.PluginError: if an error occurs communicating with the Core Networks API
"""
zone = self._find_zone(domain)
relative_name = self._get_relative_name(record_name, zone)
try:
# Add the TXT record
response = requests.post(
f"{API_BASE_URL}/dnszones/{zone}/records/",
headers=self._get_headers(),
json={
"name": relative_name,
"type": "TXT",
"data": record_content,
"ttl": self.ttl,
},
timeout=30,
)
response.raise_for_status()
logger.info(f"Successfully added TXT record {relative_name} to zone {zone}")
# Commit the changes
commit_response = requests.post(
f"{API_BASE_URL}/dnszones/{zone}/records/commit",
headers=self._get_headers(),
timeout=30,
)
commit_response.raise_for_status()
logger.info(f"Successfully committed changes to zone {zone}")
except requests.exceptions.RequestException as e:
raise errors.PluginError(f"Error adding TXT record to Core Networks: {e}")
def del_txt_record(self, domain, record_name, record_content):
"""
Delete a TXT record using the supplied information.
:param str domain: The domain to use to look up the managed zone.
:param str record_name: The record name (typically beginning with '_acme-challenge.').
:param str record_content: The record content (typically the challenge validation).
:raises errors.PluginError: if an error occurs communicating with the Core Networks API
"""
zone = self._find_zone(domain)
relative_name = self._get_relative_name(record_name, zone)
try:
# Delete the TXT record
response = requests.post(
f"{API_BASE_URL}/dnszones/{zone}/records/delete",
headers=self._get_headers(),
json={
"name": relative_name,
"type": "TXT",
"data": record_content,
},
timeout=30,
)
response.raise_for_status()
logger.info(
f"Successfully deleted TXT record {relative_name} from zone {zone}"
)
# Commit the changes
commit_response = requests.post(
f"{API_BASE_URL}/dnszones/{zone}/records/commit",
headers=self._get_headers(),
timeout=30,
)
commit_response.raise_for_status()
logger.info(f"Successfully committed changes to zone {zone}")
except requests.exceptions.RequestException as e:
raise errors.PluginError(
f"Error deleting TXT record from Core Networks: {e}"
)

BIN
certbot_dns_corenetworks/dns_corenetworks.pyc
View File

Binary file not shown.

208
certbot_dns_corenetworks/dns_corenetworks_test.py
View File

@@ -2,50 +2,214 @@
import os
import unittest
from unittest import mock
import mock
from requests.exceptions import HTTPError
from certbot import errors
from certbot.plugins import dns_test_common
from certbot.plugins import dns_test_common_lexicon
from certbot.tests import util as test_util
LOGIN = 'foo'
PASSWORD = 'bar'
LOGIN = "foo"
PASSWORD = "bar"
class AuthenticatorTest(test_util.TempDirTestCase,
dns_test_common_lexicon.BaseLexiconAuthenticatorTest):
class AuthenticatorTest(test_util.TempDirTestCase):
def setUp(self):
super(AuthenticatorTest, self).setUp()
from certbot_dns_corenetworks.dns_corenetworks import Authenticator
path = os.path.join(self.tempdir, 'file.ini')
dns_test_common.write({"corenetworks_login": LOGIN, "corenetworks_password": PASSWORD }, path)
path = os.path.join(self.tempdir, "file.ini")
dns_test_common.write(
{"corenetworks_login": LOGIN, "corenetworks_password": PASSWORD}, path
)
self.config = mock.MagicMock(corenetworks_credentials=path,
corenetworks_propagation_seconds=0) # don't wait during tests
self.config = mock.MagicMock(
corenetworks_credentials=path,
corenetworks_propagation_seconds=0, # don't wait during tests
)
self.auth = Authenticator(self.config, "corenetworks")
self.mock_client = mock.MagicMock()
# _get_corenetworks_client | pylint: disable=protected-access
self.auth._get_corenetworks_client = mock.MagicMock(return_value=self.mock_client)
self.auth._get_corenetworks_client = mock.MagicMock(
return_value=self.mock_client
)
@mock.patch("certbot.display.util.notify")
def test_perform(self, mock_notify):
self.auth.perform([self.achall])
expected = [
mock.call.add_txt_record(
"example.com", "_acme-challenge.example.com", mock.ANY
)
]
self.assertEqual(expected, self.mock_client.mock_calls)
def test_cleanup(self):
self.auth._attempt_cleanup = True # pylint: disable=protected-access
self.auth.cleanup([self.achall])
expected = [
mock.call.del_txt_record(
"example.com", "_acme-challenge.example.com", mock.ANY
)
]
self.assertEqual(expected, self.mock_client.mock_calls)
@property
def achall(self):
from acme import challenges
domain = "example.com"
key = challenges.KeyAuthorizationChallengeResponse(
key_authorization="foo"
).key_authorization
return mock.MagicMock(
domain=domain,
validation_domain_name=lambda x: "_acme-challenge." + domain,
validation=lambda x: key,
)
class CoreNetworksLexiconClientTest(unittest.TestCase, dns_test_common_lexicon.BaseLexiconClientTest):
LOGIN_ERROR = HTTPError('401 Client Error: Unauthorized for url: ...')
class CoreNetworksAPIClientTest(unittest.TestCase):
def setUp(self):
from certbot_dns_corenetworks.dns_corenetworks import _CoreNetworksLexiconClient
from certbot_dns_corenetworks.dns_corenetworks import _CoreNetworksAPIClient
self.client = _CoreNetworksLexiconClient(LOGIN, PASSWORD, 0)
self.client = _CoreNetworksAPIClient(LOGIN, PASSWORD, 60)
self.provider_mock = mock.MagicMock()
self.client.provider = self.provider_mock
@mock.patch("certbot_dns_corenetworks.dns_corenetworks.requests.post")
def test_authenticate(self, mock_post):
mock_response = mock.MagicMock()
mock_response.json.return_value = {"token": "test-token", "expires": 3600}
mock_post.return_value = mock_response
token = self.client._authenticate()
self.assertEqual(token, "test-token")
self.assertEqual(self.client.token, "test-token")
mock_post.assert_called_once()
@mock.patch("certbot_dns_corenetworks.dns_corenetworks.requests.post")
def test_authenticate_error(self, mock_post):
import requests
mock_post.side_effect = requests.exceptions.RequestException("API Error")
with self.assertRaises(errors.PluginError) as context:
self.client._authenticate()
self.assertIn("Failed to authenticate", str(context.exception))
@mock.patch("certbot_dns_corenetworks.dns_corenetworks.requests.get")
@mock.patch("certbot_dns_corenetworks.dns_corenetworks.requests.post")
def test_find_zone(self, mock_post, mock_get):
# Mock authentication
mock_auth_response = mock.MagicMock()
mock_auth_response.json.return_value = {"token": "test-token", "expires": 3600}
mock_post.return_value = mock_auth_response
# Mock zone list
mock_zone_response = mock.MagicMock()
mock_zone_response.json.return_value = [
{"name": "example.com", "type": "master"},
{"name": "test.com", "type": "master"},
]
mock_get.return_value = mock_zone_response
zone = self.client._find_zone("sub.example.com")
self.assertEqual(zone, "example.com")
@mock.patch("certbot_dns_corenetworks.dns_corenetworks.requests.post")
@mock.patch("certbot_dns_corenetworks.dns_corenetworks.requests.get")
def test_add_txt_record(self, mock_get, mock_post):
# Mock authentication
mock_auth_response = mock.MagicMock()
mock_auth_response.json.return_value = {"token": "test-token", "expires": 3600}
# Mock zone list
mock_zone_response = mock.MagicMock()
mock_zone_response.json.return_value = [
{"name": "example.com", "type": "master"}
]
# Mock add record response
mock_add_response = mock.MagicMock()
# Mock commit response
mock_commit_response = mock.MagicMock()
mock_get.return_value = mock_zone_response
mock_post.side_effect = [
mock_auth_response,
mock_add_response,
mock_commit_response,
]
self.client.add_txt_record(
"example.com", "_acme-challenge.example.com", "test-validation"
)
# Verify authentication, add record, and commit were called
self.assertEqual(mock_post.call_count, 3)
@mock.patch("certbot_dns_corenetworks.dns_corenetworks.requests.post")
@mock.patch("certbot_dns_corenetworks.dns_corenetworks.requests.get")
def test_del_txt_record(self, mock_get, mock_post):
# Mock authentication
mock_auth_response = mock.MagicMock()
mock_auth_response.json.return_value = {"token": "test-token", "expires": 3600}
# Mock zone list
mock_zone_response = mock.MagicMock()
mock_zone_response.json.return_value = [
{"name": "example.com", "type": "master"}
]
# Mock delete record response
mock_del_response = mock.MagicMock()
# Mock commit response
mock_commit_response = mock.MagicMock()
mock_get.return_value = mock_zone_response
mock_post.side_effect = [
mock_auth_response,
mock_del_response,
mock_commit_response,
]
self.client.del_txt_record(
"example.com", "_acme-challenge.example.com", "test-validation"
)
# Verify authentication, delete record, and commit were called
self.assertEqual(mock_post.call_count, 3)
def test_get_relative_name(self):
# Test apex domain
self.assertEqual(
self.client._get_relative_name("example.com", "example.com"), "@"
)
# Test subdomain
self.assertEqual(
self.client._get_relative_name("www.example.com", "example.com"), "www"
)
# Test with trailing dots
self.assertEqual(
self.client._get_relative_name("www.example.com.", "example.com."), "www"
)
# Test ACME challenge
self.assertEqual(
self.client._get_relative_name(
"_acme-challenge.example.com", "example.com"
),
"_acme-challenge",
)
if __name__ == "__main__":
unittest.main() # pragma: no cover
unittest.main()

6
main.py Normal file
View File

@@ -0,0 +1,6 @@
def main():
print("Hello from certbot-dns-corenetworks!")
if __name__ == "__main__":
main()

56
pyproject.toml Normal file
View File

@@ -0,0 +1,56 @@
[build-system]
requires = ["setuptools>=61.0", "wheel"]
build-backend = "setuptools.build_meta"
[project]
name = "certbot-dns-corenetworks"
version = "1.0.0"
description = "Core Networks DNS Authenticator plugin for Certbot"
readme = "README.md"
requires-python = ">=3.8"
license = { text = "Apache License 2.0" }
authors = [{ name = "Hendrik Hogertz", email = "info@hogertz.eu" }]
keywords = ["certbot", "dns", "corenetworks", "letsencrypt"]
classifiers = [
"Development Status :: 4 - Beta",
"Environment :: Plugins",
"Intended Audience :: System Administrators",
"License :: OSI Approved :: Apache-2.0",
"Operating System :: POSIX :: Linux",
"Programming Language :: Python",
"Programming Language :: Python :: 3",
"Programming Language :: Python :: 3.8",
"Programming Language :: Python :: 3.9",
"Programming Language :: Python :: 3.10",
"Programming Language :: Python :: 3.11",
"Programming Language :: Python :: 3.12",
"Programming Language :: Python :: 3.13",
"Programming Language :: Python :: 3.14",
"Topic :: Internet :: WWW/HTTP",
"Topic :: Security",
"Topic :: System :: Installation/Setup",
"Topic :: System :: Networking",
"Topic :: System :: Systems Administration",
"Topic :: Utilities",
]
dependencies = ["certbot>=2.0.0", "acme>=2.0.0", "requests>=2.20.0"]
[project.optional-dependencies]
dev = ["pytest>=7.0.0", "pytest-cov>=4.0.0"]
build = ["build>=1.0.0", "twine>=4.0.0"]
[project.urls]
Homepage = "https://git.hogertz.eu/hendrik-hog/certbot-dns-corenetworks"
Repository = "https://git.hogertz.eu/hendrik-hog/certbot-dns-corenetworks"
[project.entry-points."certbot.plugins"]
dns-corenetworks = "certbot_dns_corenetworks.dns_corenetworks:Authenticator"
[tool.setuptools]
packages = ["certbot_dns_corenetworks"]
[tool.setuptools.package-data]
certbot_dns_corenetworks = ["py.typed"]
[tool.pytest.ini_options]
testpaths = ["certbot_dns_corenetworks"]

2
setup.cfg
View File

@@ -1,2 +0,0 @@
[bdist_wheel]
universal = 1

64
setup.py
View File

@@ -1,64 +0,0 @@
from setuptools import setup
from setuptools import find_packages
version = "0.2.0"
install_requires = [
"acme>=0.29.0",
"certbot>=0.34.0",
"setuptools",
"requests",
"mock",
"requests-mock",
"dns-lexicon"
]
# read the contents of your README file
from os import path
this_directory = path.abspath(path.dirname(__file__))
with open(path.join(this_directory, "README.rst")) as f:
long_description = f.read()
setup(
name="certbot-dns-corenetworks",
version=version,
description="Core Networks DNS Authenticator plugin for Certbot",
long_description=long_description,
long_description_content_type="text/x-rst",
url="https://github.com/MasinAD/certbot-dns-corenetworks",
author="Masin Al-Dujaili",
author_email="masin.aldujaili@googlemail.com",
license="Apache License 2.0",
python_requires=">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*",
classifiers=[
"Development Status :: 3 - Alpha",
"Environment :: Plugins",
"Intended Audience :: System Administrators",
"License :: OSI Approved :: Apache Software License",
"Operating System :: POSIX :: Linux",
"Programming Language :: Python",
"Programming Language :: Python :: 2",
"Programming Language :: Python :: 2.7",
"Programming Language :: Python :: 3",
"Programming Language :: Python :: 3.4",
"Programming Language :: Python :: 3.5",
"Programming Language :: Python :: 3.6",
"Programming Language :: Python :: 3.7",
"Topic :: Internet :: WWW/HTTP",
"Topic :: Security",
"Topic :: System :: Installation/Setup",
"Topic :: System :: Networking",
"Topic :: System :: Systems Administration",
"Topic :: Utilities",
],
packages=find_packages(),
include_package_data=True,
install_requires=install_requires,
entry_points={
"certbot.plugins": [
"dns-corenetworks = certbot_dns_corenetworks.dns_corenetworks:Authenticator"
]
},
test_suite="certbot_dns_corenetworks",
)

1981
uv.lock generated Normal file
View File

File diff suppressed because it is too large Load Diff