Certbot: How to add DNS plugin?

MasinAD · April 13, 2020, 9:07am

Hi!

I am quite new to Python development so please forgive my noobie questions. I want to add a certbot DNS plugin for the beta API of Core Networks, a German provider for nameserver services. I already wrote a provider plugin for python3-lexicon and now wanted to adapt the DNSimple plugin accordingly.

But I can’t figure out how to tell certbot to use my plugin. Obviously, every plugin installed the official way adds something to different files in the certbot directory but I can’t imagine that there wasn’t some official way of doing so, e.g.calling a certbot setup script for adding a plugin or so.

Help would be great

Masin

MasinAD · April 13, 2020, 9:16am

Additonal details: I installed certbot and certbot_dns_dnsimple using pip3, copied the certbot_dns_dnsimple directory to certbot_dns_corenetworks and worked in this directory on my changes. Obviously, this is not the right approach, but what is?

I know, the certbot team does not accept new DNS plugins at the moment. So I want to use the plugin just for myself or publish it at PyPI. I intended to use a regular and working certbot installation for developing and not the git repo as I want to deploy my plugin on several machines.

_az · April 13, 2020, 9:25am

The key is the entry_points in the plugin’s setup.py:

github.com

certbot/certbot/blob/316e4640f86c7f48a48d194a77e9462d1f50bd34/certbot-dns-dnsimple/setup.py#L88-L92


entry_points={
    'certbot.plugins': [
        'dns-dnsimple = certbot_dns_dnsimple._internal.dns_dnsimple:Authenticator',
    ],
},

If you’ve configured that correctly, and you have installed your plugin with pip, it should appear when you run:

certbot plugins

At that point, you will need to provide the full prefix for your plugin, since it is not one of the whitelisted plugins that can be called without a prefix:

certbot certonly -a certbot-plugin-corenetworks:dns \
--certbot-plugin-corenetworks:some-argument some-value \
-d domain.com

MasinAD · April 13, 2020, 9:44am

There’s a lot of additional info in your response. I’ll go back to my plugin and rework it :-D. I’ll return here when I’m successful.

MasinAD · April 13, 2020, 3:48pm

Just for documentation purposes:

No, just copying a directory of an installed plugin doesn’t work.
Yes, it is necessary to use the skeleton of a PyPI package, e.g. that of certbot-dns-ispconfig, at least as far as I understand.
pip3 can install distribution packages from sources different than PyPI: pip3 install -e git+<repo URL>#<provided package name> [--upgrade]
When using a customized version of a dependency, I should install it just like my plugin using pip3 install -e git+<repo>
pip is for Python 2.x, pip3 is for Python 3.x+. I shall not mismatch those two ever again!
Obviously, the best place to develop such stuff is a virtual environment.
When in a virtual environment, I shall not install Python distribution packages using the OS package manager. At least I should not expect to behave reliably in any way.

system · May 13, 2020, 3:48pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.