keep certbot 2.11.0

README.md

@@ -1,60 +1,76 @@
 # certbot-dns-ionos
-IONOS DNS Authenticator plugin for Certbot
+
+[IONOS](https://www.ionos.de/) DNS Authenticator plugin for [Certbot](https://certbot.eff.org/)
+
 ![Ionos](https://www.ionos.co.uk/newsroom/wp-content/uploads/sites/7/2021/12/LOGO_IONOS_Blue_RGB-1.png)
+
 This plugin automates the process of completing a ``dns-01`` challenge by
 creating, and subsequently removing, TXT records using the [IONOS Remote API](https://developer.hosting.ionos.com/docs/dns).
+
 ## Configuration of IONOS
+
 In the `System -> Remote Users` you have to have a user, with the following rights
+
 - Client Functions
 - DNS zone functions
 - DNS txt functions
-.. _IONOS: https://www.ionos.de/
+
-.. _Certbot: https://certbot.eff.org/
 ## Installation
+
 ### Snap
+
 [![Get it from the Snap Store](https://snapcraft.io/static/images/badges/en/snap-store-black.svg)](https://snapcraft.io/certbot-dns-ionos)
-Snap version is compatible with certbot 3.0.
+Snap version will be compatible with certbot 3.0. Thanks to [DorianCoding](https://github.com/DorianCoding) to make this plugin avalabe in the Snap Store.
+
 ### Pip
+
 `pip install certbot-dns-ionos`
+
 ## Named Arguments
-To start using DNS authentication for ionos, pass the following arguments on
+
-certbot's command line:
+To start using DNS authentication for ionos, pass the following arguments on certbot's command line:
+
 | Command args | Command definition |
 | --- | --- |
 |``--authenticator dns-ionos`` | select the authenticator plugin (Required) |
 |``--dns-ionos-credentials`` |ionos Remote User credentials INI file. (Required) |
-|``--dns-ionos-propagation-seconds``|waiting time for DNS to propagate before asking the ACME server to verify the DNS record. (Default: 30, Recommended: 60) |
+|``--dns-ionos-propagation-seconds``|waiting time for DNS to propagate before asking the ACME server to verify the DNS record. (Default: 10, Recommended: 60) |
+
 ## Credentials
+
 An example ``credentials.ini`` file:
+
 ```ini
 dns_ionos_prefix = myapikeyprefix
 dns_ionos_secret = verysecureapikeysecret
 dns_ionos_endpoint = https://api.hosting.ionos.com
 ```
-The key can be managed under the following link:  https://developer.hosting.ionos.de/?source=IonosControlPanel
+
+The key can be managed under the following link:  <https://developer.hosting.ionos.de/?source=IonosControlPanel>
+
 The path to this file can be provided interactively or using the
 `--dns-ionos-credentials` command-line argument. Certbot
-records the path to this file for use during renewal, but does not store the
+records the path to this file for use during renewal, but does not store the file's contents.
-file's contents.
+
 > [!CAUTION]
 > You should protect these API credentials as you would the
-password to your ionos account. Users who can read this file can use these
+password to your ionos account. Users who can read this file can use these credentials to issue arbitrary API calls
-credentials to issue arbitrary API calls on your behalf. Users who can cause
+on your behalf. Users who can cause Certbot to run using these credentials can complete a ``dns-01`` challenge
-Certbot to run using these credentials can complete a ``dns-01`` challenge to
+to acquire new certificates or revoke existing certificates for associated domains, even if those domains aren't
-acquire new certificates or revoke existing certificates for associated
+being managed by this server.
-domains, even if those domains aren't being managed by this server.
 
 > [!WARNING]
-> Certbot will emit a warning if it detects that the credentials file can be
+> Certbot will emit a warning if it detects that the credentials file can be accessed by other users on your system.
-accessed by other users on your system. The warning reads "Unsafe permissions
+The warning reads "Unsafe permissions on credentials configuration file", followed by the path to the
-on credentials configuration file", followed by the path to the credentials
+credentials file. This warning will be emitted each time Certbot uses the credentials file, including for renewal,
-file. This warning will be emitted each time Certbot uses the credentials file,
+and cannot be silenced except by addressing the issue (e.g., by using a command like ``chmod 600`` to 
-including for renewal, and cannot be silenced except by addressing the issue
+restrict access to the file and ``chmod 700`` to restrict access to the folder).
-(e.g., by using a command like ``chmod 600`` to restrict access to the file and 
+
-``chmod 700`` to restrict access to the folder).
 ## Examples
+
 To acquire a single certificate for both ``example.com`` and
 ``*.example.com``, waiting 900 seconds for DNS propagation:
+
 ```bash
 certbot certonly \
 --authenticator dns-ionos \
@@ -66,18 +82,25 @@ certbot certonly \
 -d 'example.com' \
 -d '*.example.com'
 ```
+
 ## Docker
+
 In order to create a docker container with a certbot-dns-ionos installation,
 create an empty directory with the following ``Dockerfile``:
+
 ```docker
 FROM certbot/certbot
 RUN pip install certbot-dns-ionos
 ```
+
 Proceed to build the image
+
 ```docker
 docker build -t certbot/dns-ionos .
 ```
+
 Once that's finished, the application can be run as follows::
+
 ```docker
 docker run --rm \
 -v /var/lib/letsencrypt:/var/lib/letsencrypt \
@@ -93,31 +116,41 @@ certbot/dns-ionos certonly \
 --server https://acme-v02.api.letsencrypt.org/directory \
 -d example.com -d '*.example.com'
 ```
+
 It is suggested to secure the folder as follows
+
 ```bash
 chown root:root /etc/letsencrypt/.secrets
 chmod 700 /etc/letsencrypt/.secrets
 ```
-The file 'domain.tld.ini' must be replaced with the version of the example 'credentials.ini' adapted to your provider. 
+
+The file 'domain.tld.ini' must be replaced with the version of the example 'credentials.ini' adapted to your provider.
+
 ## Changelog
-* 2024.10.17
+
-  * Update for Certbot 3.0
+- 2024.10.19
-* 2024.10.15
+  - Update for Certbot 2.11.0
-  * Update README.md, changed from README.rst
+  - Update README.md, changed from README.rst
-  * Addition of a snap
+  - Addition of a snap
-  * Correction in case of API error 
+  - Correction in case of API error
-* 2024.01.08
+- 2024.01.08
-  * Update README.rst
+  - Update README.rst
-  * Add Link to IONOS control panel and reference between credentials.ini and domain.tld.ini
+  - Add Link to IONOS control panel and reference between credentials.ini and domain.tld.ini
-* 2023.11.13
+- 2023.11.13
-  * Fix managed zone lookup to ensure correct domain is selected where there are two domains with the same ending e.g. example.com and thisisanexample.com (PR #22)
+  - Fix managed zone lookup to ensure correct domain is selected where there are two domains with the same ending e.g. example.com and thisisanexample.com (PR #22)
-* 2022.11.24
+- 2022.11.24
-  * Remove zope to fix compatibility with Certbot 2.x (Fixes #19)
+  - Remove zope to fix compatibility with Certbot 2.x (Fixes #19)
-  * As a reminder, Certbot will default to issuing ECDSA certificates from release 2.0.0.
+  - As a reminder, Certbot will default to issuing ECDSA certificates from release 2.0.0.
-  * If you update from a prior certbot release, run the plugin once manually. You will be prompted to update RSA key type to ECDSA.
+  - If you update from a prior certbot release, run the plugin once manually. You will be prompted to update RSA key type to ECDSA.
-* 2022.05.15
+- 2022.05.15
-  * Added capability to handle multiple domain validations #16
+  - Added capability to handle multiple domain validations #16
-* 2021.09.20.post1
+- 2021.09.20.post1
-  * Fix version number
+  - Fix version number
-* 2021.09.20
+- 2021.09.20
-  * Fix #9 Domain not known when using subdomain
+  - Fix #9 Domain not known when using subdomain
+
+## Related Plugins
+
+It's important to note that this plugin targets [IONOS Developer DNS API](https://developer.hosting.ionos.com/docs/dns>).
+If you are using IONOS [Cloud DNS service](https://cloud.ionos.com/network/cloud-dns>),
+there is a different plugin provided by IONOS: <https://github.com/ionos-cloud/certbot-dns-ionos-cloud>

certbot_dns_ionos/dns_ionos.py

@@ -26,7 +26,7 @@ class Authenticator(dns_common.DNSAuthenticator):
     @classmethod
     def add_parser_arguments(cls, add):  # pylint: disable=arguments-differ
         super(Authenticator, cls).add_parser_arguments(
-            add, default_propagation_seconds=30
+            add, default_propagation_seconds=10
         )
         add("credentials", help="IONOS credentials INI file.")
 
@@ -125,7 +125,8 @@ class _ionosClient(object):
             content = json.loads(resp.content) # on error content is array with 1 element
             error_msg = "" if content['message'] is None else content['message']
             raise errors.PluginError(
-                "HTTP Error during request {0}: {1}".format(resp.reason, error_msg)
+                "HTTP Error during request {0}({1}): {2}".format(
+                    resp.reason, resp.status_code, error_msg)
             )
         result = None
         if type == 'get':

setup.py

@@ -1,11 +1,11 @@
 from setuptools import setup
 from setuptools import find_packages
 
-version = '20241017'
+version = '2024.10.19'
 
 install_requires = [
     "acme>=1.8.0",
-    "certbot>=3.0.0",
+    "certbot>=2.11.0",
     "setuptools",
     "requests",
     "mock",
@@ -29,7 +29,7 @@ setup(
     author="Helge Erbe",
     author_email="helge@erbehome.de",
     license="Apache License 2.0",
-    python_requires=">=3.12",
+    python_requires=">=3.8",
     classifiers=[
         "Development Status :: 5 - Production/Stable",
         "Environment :: Plugins",
@@ -37,6 +37,11 @@ setup(
         "License :: OSI Approved :: Apache Software License",
         "Operating System :: POSIX :: Linux",
         "Programming Language :: Python",
+        "Programming Language :: Python :: 3",
+        "Programming Language :: Python :: 3.8",
+        "Programming Language :: Python :: 3.9",
+        "Programming Language :: Python :: 3.10",
+        "Programming Language :: Python :: 3.11",
         "Programming Language :: Python :: 3.12",
         "Topic :: Internet :: WWW/HTTP",
         "Topic :: Security",