diff --git a/README.rst b/README.rst index 0c81d6d..4ab2f04 100644 --- a/README.rst +++ b/README.rst @@ -33,19 +33,17 @@ Named Arguments To start using DNS authentication for ionos, pass the following arguments on certbot's command line: -============================================================= ============================================== -``--authenticator certbot-dns-ionos:dns-ionos`` select the authenticator plugin (Required) +======================================== ============================================== +``--authenticator dns-ionos`` select the authenticator plugin (Required) -``--certbot-dns-ionos:dns-ionos-credentials`` ionos Remote User credentials - INI file. (Required) +``--dns-ionos-credentials`` ionos Remote User credentials + INI file. (Required) -``--certbot-dns-ionos:dns-ionos-propagation-seconds`` | waiting time for DNS to propagate before asking - | the ACME server to verify the DNS record. - | (Default: 10, Recommended: >= 600) -============================================================= ============================================== +``--dns-ionos-propagation-seconds`` | waiting time for DNS to propagate before asking + | the ACME server to verify the DNS record. + | (Default: 10, Recommended: >= 600) +======================================== ============================================== -(Note that the verbose and seemingly redundant ``certbot-dns-ionos:`` prefix -is currently imposed by certbot for external plugins.) Credentials @@ -60,7 +58,7 @@ An example ``credentials.ini`` file: dns_ionos_endpoint = https://api.hosting.ionos.com The path to this file can be provided interactively or using the -``--certbot-dns-ionos:dns-ionos-credentials`` command-line argument. Certbot +``--dns-ionos-credentials`` command-line argument. Certbot records the path to this file for use during renewal, but does not store the file's contents. @@ -88,9 +86,9 @@ To acquire a single certificate for both ``example.com`` and .. code-block:: bash certbot certonly \ - --authenticator certbot-dns-ionos:dns-ionos \ - --certbot-dns-ionos:dns-ionos-credentials /etc/letsencrypt/.secrets/domain.tld.ini \ - --certbot-dns-ionos:dns-ionos-propagation-seconds 900 \ + --authenticator dns-ionos \ + --dns-ionos-credentials /etc/letsencrypt/.secrets/domain.tld.ini \ + --dns-ionos-propagation-seconds 900 \ --server https://acme-v02.api.letsencrypt.org/directory \ --agree-tos \ --rsa-key-size 4096 \ @@ -120,9 +118,9 @@ Once that's finished, the application can be run as follows:: -v /etc/letsencrypt:/etc/letsencrypt \ --cap-drop=all \ certbot/dns-ionos certonly \ - --authenticator certbot-dns-ionos:dns-ionos \ - --certbot-dns-ionos:dns-ionos-propagation-seconds 900 \ - --certbot-dns-ionos:dns-ionos-credentials \ + --authenticator dns-ionos \ + --dns-ionos-propagation-seconds 900 \ + --dns-ionos-credentials \ /etc/letsencrypt/.secrets/domain.tld.ini \ --no-self-upgrade \ --keep-until-expiring --non-interactive --expand \ diff --git a/certbot_dns_ionos/dns_ionos.py b/certbot_dns_ionos/dns_ionos.py index 87afd8f..30bd1ec 100644 --- a/certbot_dns_ionos/dns_ionos.py +++ b/certbot_dns_ionos/dns_ionos.py @@ -88,7 +88,7 @@ class _ionosClient(object): :param str domain: The domain for which to find the managed zone. :returns: The ID of the managed zone, if found. - :rtype: str + :rtype: str zone id, str zone name """ logger.debug("get zones") zones = self._api_request(type='get', action="/dns/v1/zones") @@ -151,15 +151,15 @@ class _ionosClient(object): if zone_id is None: raise errors.PluginError("Domain not known") logger.debug("domain found: %s with id: %s", zone_name, zone_id) - record = self.get_existing_txt(zone_id, record_name) - if record is not None: - if record["content"] == record_content: - logger.info("already there, id {0}".format(record["id"])) + content, id = self.get_existing_txt(zone_id, record_name) + if content is not None: + if content == record_content: + logger.info("already there, id {0}".format(id)) return else: logger.info("update txt record") self._update_txt_record( - zone_id, record["id"], record_content, record_ttl + zone_id, id, record_content, record_ttl ) else: logger.info("insert new txt record") @@ -179,16 +179,11 @@ class _ionosClient(object): if zone_id is None: raise errors.PluginError("Domain not known") logger.debug("domain found: %s with id: %s", zone_name, zone_id) - record = self.get_existing_txt(zone_id, record_name) - if record is not None: - #seem record "content" is double quoted. Remove quotes - content = record["content"] - # or, if they only occur at start... - content = content.lstrip('\"') - content = content.rstrip('\"') + content, id = self.get_existing_txt(zone_id, record_name) + if content is not None: if content == record_content: - logger.debug("delete TXT record: %s", record["id"]) - self._delete_txt_record(zone_id, record["id"]) + logger.debug("delete TXT record: %s", id) + self._delete_txt_record(zone_id, id) def _update_txt_record(self, zone_id, primary_id, record_content, record_ttl): data = {} @@ -226,8 +221,8 @@ class _ionosClient(object): :param str zone_id: The ID of the managed zone. :param str record_name: The record name (typically beginning with '_acme-challenge.'). - :returns: TXT record value or None - :rtype: `string` or `None` + :returns: TXT record value or None, record id or None + :rtype: `string` or `None`, `string` or `None` """ zone_data = self._api_request(type='get', action='/dns/v1/zones/{0}'.format(zone_id)) @@ -236,5 +231,9 @@ class _ionosClient(object): entry["name"] == record_name and entry["type"] == "TXT" ): - return entry - return None + #seems "content" is double quoted. Remove quotes + content = entry["content"] + content = content.lstrip('\"') + content = content.rstrip('\"') + return content, entry["id"] + return None, None