ContextQMD
Back to Lego

SelfHost.(de|eu)

docs/content/dns/zz_gen_selfhostde.md

4.35.23.2 KB
Original Source
<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. --> <!-- providers/dns/selfhostde/selfhostde.toml --> <!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->

Configuration for SelfHost.(de|eu).

<!--more-->
  • Code: selfhostde
  • Since: v4.19.0

Here is an example bash command using the SelfHost.(de|eu) provider:

bash
SELFHOSTDE_USERNAME=xxx \
SELFHOSTDE_PASSWORD=yyy \
SELFHOSTDE_RECORDS_MAPPING=my.example.com:123 \
lego --dns selfhostde -d '*.example.com' -d example.com run

Credentials

Environment Variable NameDescription
SELFHOSTDE_PASSWORDPassword
SELFHOSTDE_RECORDS_MAPPINGRecord IDs mapping with domains (ex: example.com:123:456,example.org:789,foo.example.com:147)
SELFHOSTDE_USERNAMEUsername

The environment variable names can be suffixed by _FILE to reference a file instead of a value. More information [here]({{% ref "dns#configuration-and-credentials" %}}).

Additional Configuration

Environment Variable NameDescription
SELFHOSTDE_HTTP_TIMEOUTAPI request timeout in seconds (Default: 30)
SELFHOSTDE_POLLING_INTERVALTime between DNS propagation check in seconds (Default: 30)
SELFHOSTDE_PROPAGATION_TIMEOUTMaximum waiting time for DNS propagation in seconds (Default: 240)
SELFHOSTDE_TTLThe TTL of the TXT record used for the DNS challenge in seconds (Default: 120)

The environment variable names can be suffixed by _FILE to reference a file instead of a value. More information [here]({{% ref "dns#configuration-and-credentials" %}}).

SelfHost.de doesn't have an API to create or delete TXT records, there is only an "unofficial" and undocumented endpoint to update an existing TXT record.

So, before using lego to request a certificate for a given domain or wildcard (such as my.example.org or *.my.example.org), you must create:

  • one TXT record named _acme-challenge.my.example.org if you are not using wildcard for this domain.
  • two TXT records named _acme-challenge.my.example.org if you are using wildcard for this domain.

After that you must edit the TXT record(s) to get the ID(s).

You then must prepare the SELFHOSTDE_RECORDS_MAPPING environment variable with the following format:

<domain_A>:<record_id_A1>:<record_id_A2>,<domain_B>:<record_id_B1>:<record_id_B2>,<domain_C>:<record_id_C1>:<record_id_C2>

where each group of domain + record ID(s) is separated with a comma (,), and the domain and record ID(s) are separated with a colon (:).

For example, if you want to create or renew a certificate for my.example.org, *.my.example.org, and other.example.org, you would need:

  • two separate records for _acme-challenge.my.example.org
  • and another separate record for _acme-challenge.other.example.org

The resulting environment variable would then be: SELFHOSTDE_RECORDS_MAPPING=my.example.com:123:456,other.example.com:789

<!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. --> <!-- providers/dns/selfhostde/selfhostde.toml --> <!-- THIS DOCUMENTATION IS AUTO-GENERATED. PLEASE DO NOT EDIT. -->