ACME Plugin - Hetzner "DNS Console is moving to the Hetzner Console"

T

touro411

New Member
Apr 22, 2024
1
0
1
Hello,

Hetzner is migrating DNS management to the Cloud Console. This means new API keys must be created.

Has anyone had any experience with whether the new API keys also work with the current ACME plugin?

Kind Regards
touro411
 
Maybe this link will help:
https://github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_hetznercloud

Update:
Actually it is not merged. I hope it will be soon. I'm also waiting for this :-)

https://github.com/acmesh-official/acme.sh/pull/6563

Update:
Hacky workaround...

1. Download the file from the merge request and put it into the folder /usr/share/proxmox-acme/dnsapi/
2. add following to the file /usr/share/proxmox-acme/dns-challenge-schema.json
Code: 
"hetznercloud": {},
I put i directly after the hetzer entry...
3. Reboot Proxmox. Just rebooting the pveproxy didn't work for me
4. After this you can configure hetznercloud from the UI

But as mentioned: no recommendation... I don't know what it will break in the future. For the moment it work just fine for me
 
Last edited:
  • Like
Reactions: Der Harry
There is some urgency now to this topic, as you can't create new Domains in the legacy system.

I can confirm your patch is working. We updated our Ansible scripts to add the hack as temporary solution
 
  • Like
Reactions: bobaflash
Hi guys.
I've also have my domains at hetzner moving to hetzner cloud, and I can make it work on my PFsense, but can not add it as described as a hacky workaround above.

System is running : pve-manager/9.1.2/9d436f37a0ac4172 (running kernel: 6.8.12-15-pve)

But after adding the dns_hetznercloud.sh and change rights as the other plugins, and adding the line to dns-challenge-schema.json - as described
I can choose the plugin in the dropdown(Token is generated in the new DNS console at hetzner)
1765026291611.png
But when trying to add the plugin as available I'm getting this error:
1765026214160.png

Accoording to acme github page https://github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_hetznercloud its should be possible to run - but on this server the only acme.sh is /usr/share/proxmox-acme - but following this information in the bottom make no sense
Code: 
 call setup and teardown direct
# the parameter must be set in the correct order
# $1 <String> DNS Plugin name
# $2 <String> Fully Qualified Domain Name
# $3 <String> value for TXT record
# $4 <String> DNS plugin auth and config parameter separated by ","
# $5 <Integer> 0 is off, and the default all others are on.

So not sure what to do from here - to get the hetznecloud up and running - so any help is appriciated
TIA
U
 
That was what I meant - I've created the token in the New Console - under Security - API token - set as read/write
So I followed that as described
Screenshot_2025-12-06_14-34-55.png
 
I have the same only - HETZNER_TOKEN=XXXXXXXXXXXXXX no "" - still the same error
And afterwards i'm seeing this - where the hetznercloud is marked as red?
1765033628607.png
So my guess its something with the dns_hetznercloud.sh. So don't know why - same size yours file and just downloaded.
 
Udbytossen said:
Hi guys.
I've also have my domains at hetzner moving to hetzner cloud, and I can make it work on my PFsense, but can not add it as described as a hacky workaround above.

System is running : pve-manager/9.1.2/9d436f37a0ac4172 (running kernel: 6.8.12-15-pve)

But after adding the dns_hetznercloud.sh and change rights as the other plugins, and adding the line to dns-challenge-schema.json - as described
I can choose the plugin in the dropdown(Token is generated in the new DNS console at hetzner)
View attachment 93678
But when trying to add the plugin as available I'm getting this error:
View attachment 93676

Accoording to acme github page https://github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_hetznercloud its should be possible to run - but on this server the only acme.sh is /usr/share/proxmox-acme - but following this information in the bottom make no sense
Code: 
 call setup and teardown direct
# the parameter must be set in the correct order
# $1 <String> DNS Plugin name
# $2 <String> Fully Qualified Domain Name
# $3 <String> value for TXT record
# $4 <String> DNS plugin auth and config parameter separated by ","
# $5 <Integer> 0 is off, and the default all others are on.

So not sure what to do from here - to get the hetznecloud up and running - so any help is appriciated
TIA
U
Click to expand...
Proxmox itself has not yet integrated the plugin, is that correct? You have integrated the plugin provided by Hetzner.
 
  • Like
Reactions: Der Harry
Hello,
Yes, I saw that no update was installed for it yesterday. That's a real shame. I manually configured it on our test system for testing purposes, and it worked. However, I don't want to do that manually on the other 13 systems.
 
CarstenMartens said:
... That's a real shame. ..
Click to expand...

No blaming. Also being a developer - their #1 Priority (that what makes money) was on the Proxmox Datacenter Manager.

I just kindly asked asked about the plans to update acme.sh in the bugzilla ticket. At some time I just post a bash script here for mitigation.

There are way to many servers I have to manage and this breaks my automation at the moment.
 
That wasn't the intention – my English isn't as good as it should be after nine years of school – but it's simply time-consuming when multiple systems have to be manually updated instead of using patches. And if we switch the Hetzner DNS, we'll have to change other systems besides the Proxmox servers – which, fortunately, have already implemented the changes.
 
You must log in or register to reply here.
Top Bottom