{"id":13567316,"url":"https://github.com/siilike/certbot-dns-standalone","last_synced_at":"2025-05-15T13:07:28.824Z","repository":{"id":43050968,"uuid":"178613929","full_name":"siilike/certbot-dns-standalone","owner":"siilike","description":"Standalone DNS server plugin for certbot verification","archived":false,"fork":false,"pushed_at":"2025-02-24T12:53:10.000Z","size":45,"stargazers_count":100,"open_issues_count":4,"forks_count":15,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-05-11T10:52:21.037Z","etag":null,"topics":["certbot","certbot-client","certbot-configurator","certbot-dns","certbot-plugin","certbot-ssl"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/siilike.png","metadata":{"files":{"readme":"README.rst","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2019-03-30T21:37:03.000Z","updated_at":"2025-04-28T13:20:09.000Z","dependencies_parsed_at":"2025-04-11T20:39:03.169Z","dependency_job_id":"afc35f6c-350d-4a9a-94dc-6bd89288b7e6","html_url":"https://github.com/siilike/certbot-dns-standalone","commit_stats":{"total_commits":17,"total_committers":3,"mean_commits":5.666666666666667,"dds":"0.23529411764705888","last_synced_commit":"cc0942944fabbc8c4880593eb738a9e4299817dc"},"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siilike%2Fcertbot-dns-standalone","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siilike%2Fcertbot-dns-standalone/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siilike%2Fcertbot-dns-standalone/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siilike%2Fcertbot-dns-standalone/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/siilike","download_url":"https://codeload.github.com/siilike/certbot-dns-standalone/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254346624,"owners_count":22055808,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["certbot","certbot-client","certbot-configurator","certbot-dns","certbot-plugin","certbot-ssl"],"created_at":"2024-08-01T13:02:28.271Z","updated_at":"2025-05-15T13:07:27.114Z","avatar_url":"https://github.com/siilike.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"Standalone DNS Authenticator plugin for Certbot\n===============================================\n\nThis is a Certbot plugin that uses an integrated DNS server to respond to the\n``_acme-challenge`` records, so the domain's records do not have to be\nmodified.\n\nInstallation\n============\n\npip\n---\n\n::\n\n    # pip3 install certbot certbot-dns-standalone\n\nsnap\n----\n\n::\n\n    # snap install certbot certbot-dns-standalone\n    # snap set certbot trust-plugin-with-root=ok\n    # snap connect certbot:plugin certbot-dns-standalone\n    # snap connect certbot-dns-standalone:certbot-metadata certbot:certbot-metadata\n\nDebian\n------\n\n::\n\n    # apt-get install certbot python3-certbot-dns-standalone\n\nDocker\n------\n\nSee below.\n\nUsage\n=====\n\nFirst, you need to pick a central address for certbot, e.g.\n``acme.example.com``.\n\nNext, the ``_acme-challenge`` records need to be pointed to\n``$domain.acme.example.com`` using CNAME records, e.g. for ``example.net``:\n\n::\n\n    _acme-challenge  IN  CNAME  example.net.acme.example.com.\n\nFinally, you need to point ``*.acme.example.com`` to certbot. There are two\noptions for that.\n\nFirstly, if you have an IP address with port ``53`` available, you could\nconfigure it as the nameserver for ``acme.example.com``:\n\n::\n\n    acme     IN  NS  ns.acme.example.com.\n    ns.acme  IN  A   1.2.3.4\n\nwhere ``1.2.3.4`` is the IP of the server where certbot will be run. This\nconfiguration directs any requests to ``*.acme.example.com`` to ``1.2.3.4``\nwhere the plugin will respond with the relevant challenge.\n\nAny server can be used as long as port ``53`` is available which means that\na DNS server cannot be run at that particular IP at the same time.\n\nYou can then run certbot as follows:\n\n::\n\n    certbot --non-interactive --agree-tos --email certmaster@example.com certonly \\\n      --authenticator dns-standalone \\\n      --dns-standalone-address=1.2.3.4 \\\n      -d example.net -d '*.example.net'\n\nSecondly, if you already run a DNS server you could configure it to forward\nall requests to ``*.acme.example.com`` to another IP/port instead where you\nwould run certbot.\n\nWith Knot DNS you can use ``mod-dnsproxy``:\n\n::\n\n    remote:\n      - id: certbot\n        address: 127.0.0.1@5555\n\n    mod-dnsproxy:\n      - id: certbot\n        remote: certbot\n        fallback: off\n\n    zone:\n      - domain: acme.example.com\n        module: mod-dnsproxy/certbot\n\nUsing this configuration all requests to ``*.acme.example.com`` are directed\nto ``127.0.0.1`` port ``5555``.\n\nYou can then run certbot as follows:\n\n::\n\n    certbot --non-interactive --agree-tos --email certmaster@example.com certonly \\\n      --authenticator dns-standalone \\\n      --dns-standalone-address=127.0.0.1 \\\n      --dns-standalone-port=5555 \\\n      -d example.net -d '*.example.net'\n\nBy default the plugin binds to all available interfaces. The validation usually\ntakes less than a second.\n\nTo renew the certificates add ``certbot renew`` to ``crontab``.\n\nUsage with Docker\n=================\n\nIn order to use the latest image published in Docker Hub, run:\n\n::\n\n    docker run -it --rm --name certbot-dns-standalone \\\n      -v \"/etc/letsencrypt:/etc/letsencrypt\" \\\n      -v \"/var/lib/letsencrypt:/var/lib/letsencrypt\" \\\n      -p 8080:80 -p 1.2.3.4:53:53/tcp -p 1.2.3.4:53:53/udp \\\n      laurik/certbot-dns-standalone:latest certonly\n\nwhere ``1.2.3.4`` is the IP address to use for responding the challenges. HTTP\nchallenges should be directed to port ``8080``.\n\n``/etc/letsencrypt`` and ``/var/lib/letsencrypt`` need to be mapped to\npermanent storage.\n\nAlternatively, you may also build the plugin image locally by running:\n\n::\n\n    docker build -t certbot-dns-standalone-local /path/to/certbot-dns-standalone/\n\nand then:\n\n::\n\n    docker run -it --rm \\\n      -v \"/etc/letsencrypt:/etc/letsencrypt\" \\\n      -v \"/var/lib/letsencrypt:/var/lib/letsencrypt\" \\\n      -p 8080:80 -p 1.2.3.4:53:53/tcp -p 1.2.3.4:53:53/udp \\\n      certbot-dns-standalone-local certonly\n\nSupported parameters\n====================\n\nParameters can be specified as ``--dns-standalone-PARAMETER=VALUE``. For older\ncertbot versions it should be\n``--certbot-dns-standalone:dns-standalone-PARAMETER=VALUE``.\n\nSupported parameters are:\n\n* ``address`` -- IPv4 address to bind to, defaults to ``0.0.0.0``\n* ``ipv6-address`` -- IPv6 address to bind to, defaults to ``::``\n* ``port`` -- port to use, defaults to ``53``\n\nThe relevant parameters in ``/etc/letsencrypt/renewal/*.conf`` are\n``dns_standalone_address``, ``dns_standalone_port`` and\n``dns_standalone_ipv6_address``.\n\nThird party projects\n====================\n\nThird party projects integrating certbot-dns-standalone:\n\n* `CertCache \u003chttps://github.com/93million/certcache\u003e`_\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsiilike%2Fcertbot-dns-standalone","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsiilike%2Fcertbot-dns-standalone","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsiilike%2Fcertbot-dns-standalone/lists"}