How to use DNS provider modules in Caddy 2

Caddy 2 uses a new and improved DNS provider interface for solving the ACME DNS challenge. You can plug in just the providers you need.

  1. Find your DNS provider in the caddy-dns repositories. If you do not see yours, that means nobody has implemented it yet and you have two options: either implement your DNS provider (recommended! - it’s not difficult), or use lego-deprecated which supports all of lego’s 75+ DNS providers, but without certain advantages.

  2. Build caddy with your DNS provider plugged in. This is a single xcaddy command: xcaddy build --with github.com/caddy-dns/REPOSITORY (see link for details).

  3. Configure your DNS provider in your Caddy config, and you’re all set!

Enabling the DNS challenge in the Caddyfile looks like this, using the tls directive:

tls {
    dns <provider> ...
}

for example:

tls {
    dns cloudflare {env.CLOUDFLARE_AUTH_TOKEN}
}

(You do not have to store your credentials in an environment variable, but this example shows you how to reference them if you do.)

Or, if you use JSON, configure an automation policy with an acme issuer that sets the DNS challenge, for example:

{
	"module": "acme",
	"challenges": {
        "dns": {
            "provider": {
                "name": "cloudflare",
                "api_token": "YOUR_CLOUDFLARE_API_TOKEN"
            }
        }
    }
}
7 Likes

A post was split to a new topic: How to get Cloudflare API token?