feat: make DNS provider configurable

.env.example

@@ -11,6 +11,7 @@ PIA_PASS=
 PIA_LOCAL_NETWORK="192.168.0.0/16"
 HOSTNAME=
 ADGUARD_HOSTNAME=
+DNS_CHALLENGE_PROVIDER=cloudflare
 LETS_ENCRYPT_EMAIL=
 CLOUDFLARE_EMAIL=
 CLOUDFLARE_DNS_API_TOKEN=

README.md

@@ -69,7 +69,7 @@ For the first time, run `./update-config.sh` to update the applications base URL
 ## Environment Variables
 
 | Variable                    | Description                                                                                          | Default                 |
-|-----------------------------|------------------------------------------------------------------------------|-------------------------|
+|-----------------------------|------------------------------------------------------------------------------------------------------|-------------------------|
 | `COMPOSE_FILE`              | Docker compose files to load                                                                         | `docker-compose.yml`    |
 | `COMPOSE_PATH_SEPARATOR`    | Path separator between compose files to load                                                         | `:`                     |
 | `USER_ID`                   | ID of the user to use in Docker containers                                                           | `1000`                  |
@@ -83,6 +83,7 @@ For the first time, run `./update-config.sh` to update the applications base URL
 | `PIA_LOCAL_NETWORK`         | PIA local network                                                                                    | `192.168.0.0/16`        |
 | `HOSTNAME`                  | Hostname of the NAS, could be a local IP or a domain name                                            |                         |
 | `ADGUARD_HOSTNAME`          | AdGuard Home hostname used, if enabled                                                               |                         |
+| `DNS_CHALLENGE_PROVIDER`    | Provider for DNS01 challenge, [see list here](https://doc.traefik.io/traefik/https/acme/#providers). | `cloudflare`             |
 | `LETS_ENCRYPT_EMAIL`        | E-mail address used to send expiration notifications                                                 |                         |
 | `CLOUDFLARE_EMAIL`          | CloudFlare Account email                                                                             |                         |
 | `CLOUDFLARE_DNS_API_TOKEN`  | API token with `DNS:Edit` permission                                                                 |                         |
@@ -199,6 +200,10 @@ If you want to test your configuration first, use the Let's Encrypt staging serv
 If it worked, you will see the staging certificate at https://nas.domain.com.
 You may remove the `./letsencrypt/acme.json` file and restart the services to issue the real certificate.
 
+You are free to use any DNS01 provider. Simply replace `DNS_CHALLENGE_PROVIDER` with your own provider, 
+[see complete list here](https://doc.traefik.io/traefik/https/acme/#providers). 
+You will also need to inject the environments variables specific to your provider.
+
 ### Accessing from the outside with Tailscale
 
 If we want to make it reachable from outside the network without opening ports or exposing it to the internet, I found

docker-compose.yml

@@ -18,7 +18,7 @@ services:
       - --entrypoints.web.http.redirections.entryPoint.scheme=https
       - --entrypoints.web.http.redirections.entrypoint.permanent=true
       - --certificatesresolvers.myresolver.acme.dnschallenge=true
-      - --certificatesresolvers.myresolver.acme.dnschallenge.provider=cloudflare
+      - --certificatesresolvers.myresolver.acme.dnschallenge.provider=${DNS_CHALLENGE_PROVIDER}
       # Uncomment to test your configuration by using Let's Encrypt staging certificates
      #- --certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
       - --certificatesresolvers.myresolver.acme.email=${LETS_ENCRYPT_EMAIL}