{"id":13928766,"url":"https://github.com/mecodia/cert-manager-webhook-hetzner","last_synced_at":"2025-07-19T10:31:59.025Z","repository":{"id":72531296,"uuid":"267585469","full_name":"mecodia/cert-manager-webhook-hetzner","owner":"mecodia","description":"A cert-manager integration with Hetzner DNS","archived":true,"fork":true,"pushed_at":"2024-06-24T09:39:21.000Z","size":214,"stargazers_count":17,"open_issues_count":4,"forks_count":12,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-08-08T18:19:59.073Z","etag":null,"topics":["cert-manager","cert-manager-webhook","hcloud","hetzner","hetzner-cloud","kubernetes"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"cert-manager/webhook-example","license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mecodia.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2020-05-28T12:34:55.000Z","updated_at":"2024-06-24T09:39:51.000Z","dependencies_parsed_at":"2023-10-04T16:20:03.701Z","dependency_job_id":null,"html_url":"https://github.com/mecodia/cert-manager-webhook-hetzner","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mecodia%2Fcert-manager-webhook-hetzner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mecodia%2Fcert-manager-webhook-hetzner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mecodia%2Fcert-manager-webhook-hetzner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mecodia%2Fcert-manager-webhook-hetzner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mecodia","download_url":"https://codeload.github.com/mecodia/cert-manager-webhook-hetzner/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":226588817,"owners_count":17655794,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cert-manager","cert-manager-webhook","hcloud","hetzner","hetzner-cloud","kubernetes"],"created_at":"2024-08-07T18:01:38.127Z","updated_at":"2024-11-26T17:30:57.103Z","avatar_url":"https://github.com/mecodia.png","language":"Go","funding_links":[],"categories":["kubernetes"],"sub_categories":[],"readme":"**ARCHIVED PROJECT**\n\nWe recommend using \u003chttps://github.com/vadimkim/cert-manager-webhook-hetzner\u003e instead.\n\n# ACME Webhook for Hetzner DNS\n\nThis project provides a [cert-manager](https://cert-manager.io) ACME Webhook for [Hetzner DNS](https://hetzner.de/) \nand is based on the [Example Webhook](https://github.com/jetstack/cert-manager-webhook-example)\n\nThis README and the inspiration for this webhook was mostly taken from [Stephan Müllers INWX Webhook](https://gitlab.com/smueller18/cert-manager-webhook-inwx).\n\nThe Helm Chart is automatically published via [github pages](https://mecodia.github.io/cert-manager-webhook-hetzner/).\n\n## Requirements\n\n- [helm](https://helm.sh/) \u003e= v3.0.0\n- [kubernetes](https://kubernetes.io/)\n- [cert-manager](https://cert-manager.io/)\n\n### Last tested version combination\n\n- webhook image: v0.4.0\n- cert-manager: v1.12.5\n- kubernetes: v1.26.7\n\n## Configuration\n\nThe following table lists the configurable parameters of the cert-manager chart and their default values.\n\n| Parameter | Description | Default |\n| --------- | ----------- | ------- |\n| `groupName` | Group name of the API service. | `dns.hetzner.cloud` |\n| `certManager.namespace` | Namespace where cert-manager is deployed to. | `kube-system` |\n| `certManager.serviceAccountName` | Service account of cert-manager installation. | `cert-manager` |\n| `image.repository` | Image repository | `mecodia/cert-manager-webhook-hetzner` |\n| `image.tag` | Image tag | `latest` |\n| `image.pullPolicy` | Image pull policy | `Always` |\n| `service.type` | API service type | `ClusterIP` |\n| `service.port` | API service port | `443` |\n| `resources` | CPU/memory resource requests/limits | `{}` |\n| `nodeSelector` | Node labels for pod assignment | `{}` |\n| `affinity` | Node affinity for pod assignment | `{}` |\n| `tolerations` | Node tolerations for pod assignment | `[]` |\n\n## Installation\n\n### cert-manager\n\nFollow the [instructions](https://cert-manager.io/docs/installation/) using the cert-manager documentation to install it within your cluster.\n\n### Webhook\n\n```bash\ngit clone https://github.com/mecodia/cert-manager-webhook-hetzner.git\ncd cert-manager-webhook-hetzner\nhelm install --namespace kube-system cert-manager-webhook-hetzner ./charts/cert-manager-webhook-hetzner\n```\n\n**Note**: The kubernetes resources used to install the Webhook should be deployed within the same namespace as the cert-manager.\n\nTo uninstall the webhook run\n```bash\nhelm uninstall --namespace kube-system cert-manager-webhook-hetzner\n```\n\n## Issuer\n\nCreate a `ClusterIssuer` or `Issuer` resource as following:\n```yaml\napiVersion: cert-manager.io/v1\nkind: ClusterIssuer\nmetadata:\n name: letsencrypt-staging\nspec:\n acme:\n # The ACME server URL (attention, this is the staging one!)\n server: https://acme-staging-v02.api.letsencrypt.org/directory\n\n # Email address used for ACME registration\n email: mail@example.com # REPLACE THIS WITH YOUR EMAIL!!!\n\n # Name of a secret used to store the ACME account private key\n privateKeySecretRef:\n name: letsencrypt-staging-account-key\n\n solvers:\n - dns01:\n webhook:\n groupName: dns.hetzner.cloud\n solverName: hetzner\n config:\n APIKey: \u003cYOUR-DNS-API-KEY-HERE\u003e\n```\n\n### Credentials\n\nFor accessing the Hetzner DNS API, you need an API Token which you can create in the [DNS Console](https://dns.hetzner.com/settings/api-token).\n\nCurrently, we don't provide a way to use secrets for you API KEY.\n\n### Create a certificate\n\nFinally, you can create certificates, for example:\n\n```yaml\napiVersion: cert-manager.io/v1\nkind: Certificate\nmetadata:\n name: example-wildcard-cert\n namespace: cert-manager\nspec:\n commonName: \"*.example.com\"\n dnsNames:\n - \"*.example.com\"\n issuerRef:\n kind: ClusterIssuer\n name: letsencrypt-staging\n secretName: example-cert\n```\n\n## Development\n\n### Requirements\n\n- [go](https://golang.org/) \u003e= 1.21\n\n### Running the test suite\n\n1. Create a new test account at [Hetzner DNS Console](https://dns.hetzner.com/) or use an existing account\n\n1. Go to `testdata/hcloud-dns/config.json` and replace your api key.\n\n1. Download dependencies\n ```bash\n go mod download\n ```\n1. Run tests (replace zone name with one of your zones)\n ```bash\n env TEST_ZONE_NAME='warbl.net.' make test\n ```\n \n## Releases\n\nDockerhub is set up to automatically build images from tagged commits.\n\nExample tags are:\n\n```text\ncert-manager-webhook-hetzner-0.3.0-rc4\ncert-manager-webhook-hetzner-0.3.0\ncert-manager-webhook-hetzner-0.1\ncert-manager-webhook-hetzner-1.1\n```\n\nGithub should take care of the helm chart updates.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmecodia%2Fcert-manager-webhook-hetzner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmecodia%2Fcert-manager-webhook-hetzner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmecodia%2Fcert-manager-webhook-hetzner/lists"}