HyperOne :: Let’s Encrypt client and ACME library written in Go. (original) (raw)
Configuration for HyperOne.
- Code:
hyperone - Since: v3.9.0
Here is an example bash command using the HyperOne provider:
lego --email you@example.com --dns hyperone -d '*.example.com' -d example.com runAdditional Configuration
| Environment Variable Name | Description |
|---|---|
| HYPERONE_API_URL | Allows to pass custom API Endpoint to be used in the challenge (default https://api.hyperone.com/v2) |
| HYPERONE_HTTP_TIMEOUT | API request timeout in seconds (Default: 30) |
| HYPERONE_LOCATION_ID | Specifies location (region) to be used in API calls. (default pl-waw-1) |
| HYPERONE_PASSPORT_LOCATION | Allows to pass custom passport file location (default ~/.h1/passport.json) |
| HYPERONE_POLLING_INTERVAL | Time between DNS propagation check in seconds (Default: 60) |
| HYPERONE_PROPAGATION_TIMEOUT | Maximum waiting time for DNS propagation in seconds (Default: 2) |
| HYPERONE_TTL | The TTL of the TXT record used for the DNS challenge in seconds (Default: 120) |
The environment variable names can be suffixed by _FILE to reference a file instead of a value. More information here.
Description
Default configuration does not require any additional environment variables, just a passport file in ~/.h1/passport.json location.
Generating passport file using H1 CLI
To use this application you have to generate passport file for sa:
h1 iam project sa credential generate --name my-passport --project <project ID> --sa <sa ID> --passport-output-file ~/.h1/passport.jsonRequired permissions
The application requires following permissions:
dns/zone/listdns/zone.recordset/listdns/zone.recordset/createdns/zone.recordset/deletedns/zone.record/createdns/zone.record/listdns/zone.record/delete
All required permissions are available via platform role tool.lego.