Acme-dns support

I’d like to use https://github.com/joohoi/acme-dns so that I don’t have to keep a god-level Gandi API key on the webserver (I’ve sent a support ticket to Gandi but people have been asking them for this since at least 2018)

Sorry - this doesn’t fit in your help template.

Is there a way to do this?

Looking at https://github.com/joohoi/acme-dns/#api, I’d have to interrupt Caddy’s normal DNS verification and get it to send a POST to a server running acme-dns. I am not familiar enough with Golang to make this change myself - but maybe there’s a way to do this without modifying Caddy itself?

Acme-dns for DNS validation references lego, which is now deprecated right?

Using DNS Plugins like "generic" and "httpreq" seems like it might be what I want, but the outcome of that thread is not clear.

Edit: httpreq is deprecated too: https://github.com/caddyserver/dnsproviders/blob/master/httpreq/httpreq.go

1 Like

Unfortunately, certmagic doesn’t have built-in support for challenge delegation right now, but I’d like to see that happen at some point.

What you could do though, in the meantime, is use the duckdns plugin, which would let you do challenge delegation:

Domains from DuckDNS are free, and you don’t need to install anything to use it.

Keep in mind though, DuckDNS only seems to support one TXT record at a time (strange limitation, but :man_shrugging:) so if you have multiple domains to get certs for, make sure to either stagger their issuance (add each domain to your Caddyfile one at a time, with some delay in between) to make sure it’s less likely to overlap, or use multiple DuckDNS domains (there’s a limit of 5 per account, I think, unfortunately).


All that said, it would be great to have a libdns plugin for acme-dns as well if you’d like to take a crack at writing one:

1 Like

Thanks for that info @francislavoie

I’m a little concerned that acme-dns seems to be unmaintained, but maybe I can look at writing a plugin that “just” makes HTTP requests to an external service to do the challenge.