cert-manager-cpanel-dns-webhook

command module

v0.2.0 Latest Latest Go to latest Published: Oct 9, 2022 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jamesorlakin/cert-manager-cpanel-dns-webhook

Links

Open Source Insights

README ¶

cert-manager CPanel DNS Webhook

A simple webhook DNS solver for cert-manager using the CPanel UAPI for those of us stuck using their webhost's CPanel for DNS.

This is based off the example webhook.

Getting started

Install cert-manager. This was developed when running v1.8 but it should work reasonably across versions. This is assumed to be in the cert-manager namespace, if not you'll need to tweak the Helm values.
Install this webhook. There's a Helm chart in deploy/chart (helm install cpanel-webhook .), or kubectl apply https://raw.githubusercontent.com/jamesorlakin/cert-manager-cpanel-dns-webhook/master/deploy/v0.1.0.yaml for the cert-manager namespace.

Create a secret containing your CPanel credentials.

apiVersion: v1
kind: Secret
type: Opaque
metadata:
  name: some-cpanel-credentials
  namespace: cert-manager
stringData:
  username: my-cpanel-user
  password: my-cpanel-password
  # Or, instead of a password in v0.2.0+, create and use an API token from CPanel's Security section:
  apiToken: ABCDEF1234567890ABCDEFABCDEF1234567890

Create an ACME issuer referencing the webhook, e.g.:

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-staging
spec:
  acme:
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    email: my-acme-email@yourself.com
    privateKeySecretRef:
      name: letsencrypt-staging
    solvers:
    - dns01:
        # The fun bit:
        webhook:
          groupName: jameslakin.co.uk # Must match the group name in the Helm chart (this is the default and shouldn't need changing to your own domain)
          solverName: cpanel-solver # Don't change
          config:
            cpanelUrl: https://cpanel.my-super-website.com # No trailing slash
            secretRef: cert-manager/some-cpanel-credentials # In the form namespace/secret-name

...issue certificates:

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: example-cpanel-cert-5
spec:
  secretName: example-cpanel-cert-5
  issuerRef:
    name: letsencrypt-staging
    kind: ClusterIssuer
  dnsNames:
  - '*.whatever.my-super-website.com'

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
cpanel

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL