diff --git a/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/general.xml b/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/general.xml
index 573fbce1d6..88d4e7aab9 100644
--- a/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/general.xml
+++ b/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/general.xml
@@ -108,7 +108,7 @@
caddy.general.TlsDnsProvider
dropdown
-
+
header
@@ -118,37 +118,193 @@
caddy.general.TlsDnsApiKey
text
-
+
+
+
caddy.general.TlsDnsSecretApiKey
text
-
+
+
+
caddy.general.TlsDnsOptionalField1
text
-
+
+
+
caddy.general.TlsDnsOptionalField2
text
-
+
+
+
caddy.general.TlsDnsOptionalField3
text
-
+
+
+
caddy.general.TlsDnsOptionalField4
text
-
+
+
+
header
diff --git a/www/caddy/src/opnsense/mvc/app/models/OPNsense/Caddy/Caddy.xml b/www/caddy/src/opnsense/mvc/app/models/OPNsense/Caddy/Caddy.xml
index 7a851ce706..0a7fd90fd8 100644
--- a/www/caddy/src/opnsense/mvc/app/models/OPNsense/Caddy/Caddy.xml
+++ b/www/caddy/src/opnsense/mvc/app/models/OPNsense/Caddy/Caddy.xml
@@ -62,6 +62,33 @@
EasyDNS (optional)
Hosttech (optional)
ClouDNS (optional)
+ Gcore (optional)
+ Huawei Cloud (optional)
+ DNSExit (optional)
+ Nanelo (optional)
+ Katapult (optional)
+ Regfish (optional)
+ Leaseweb (optional)
+ DreamHost (optional)
+ Exoscale (optional)
+ TransIP (optional)
+ Selectel (optional)
+ DNSimple (optional)
+ LuaDNS (optional)
+ Hurricane Electric (optional)
+ Namesilo (optional)
+ Dode (optional)
+ Dynu (optional)
+ Glesys (optional)
+ NFSN (optional)
+ GoDaddy (optional)
+ Vercel (optional)
+ Loopia (optional)
+ DNSPod (optional)
+ Mythic Beasts (optional)
+ Dynv6 (optional)
+ AliDNS (optional)
+ Metaname (optional)
diff --git a/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/Caddyfile b/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/Caddyfile
index afe9898087..33ffc9cc03 100644
--- a/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/Caddyfile
+++ b/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/Caddyfile
@@ -174,12 +174,8 @@
{% endfor %}
{% endfor %}
- {#
- # Define special DNS Providers that have more than one API key, or special requirements that do not allow the use of the default.
- # The same providers have to be added to "OPNsense/Caddy/includeDnsProvider", best in the same order as in this array for maintainability.
- # For a new provider to work, it has to be compiled into the caddy binary.
- #}
- {% set dnsProviderSpecialConfig = ['duckdns', 'porkbun', 'desec', 'route53', 'acmedns', 'googleclouddns', 'azure', 'ovh', 'namecheap', 'powerdns', 'ddnss', 'linode', 'tencentcloud', 'dinahosting', 'hexonet', 'mailinabox', 'netcup', 'rfc2136', 'dnsmadeeasy', 'civo', 'scaleway', 'acmeproxy', 'inwx', 'namedotcom', 'easydns', 'directadmin', 'cloudns'] %}
+ {% import "OPNsense/Caddy/includeDnsProvider" as dns_includes %}
+ {% set dnsProviderSpecialConfig = dns_includes.dnsProviderSpecialConfig() %}
{# Conditionally add the dynamic_dns section, acmedns provider is special, it does not support dynamic_dns. #}
{% if dnsProvider and dynDnsDomains|length > 0 and dnsProvider != "acmedns" %}
@@ -187,6 +183,7 @@
{# duckdns provider is special, it has a different configuration for dynamic dns than for the dns-01 challenge. #}
{% if dnsProvider in dnsProviderSpecialConfig and dnsProvider != "duckdns" %}
provider {{ dnsProvider }} {
+ {% set context_var = 'dnsProviderSpecialLogic' %}
{% include "OPNsense/Caddy/includeDnsProvider" %}
}
{% else %}
@@ -332,6 +329,7 @@ http://{{ domain }} {
tls {% if customCert %}/var/db/caddy/data/caddy/certificates/temp/{{ customCert }}.pem /var/db/caddy/data/caddy/certificates/temp/{{ customCert }}.key{% endif %} {% if not customCert and dnsChallenge == "1" and dnsProvider %}{
issuer acme {
dns {{ dnsProvider }} {% if dnsProvider not in dnsProviderSpecialConfig %}{{ dnsApiKey }}{% else %}{
+ {% set context_var = 'dnsProviderSpecialLogic' %}
{% include "OPNsense/Caddy/includeDnsProvider" %}
}
{% endif %}
diff --git a/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/includeDnsProvider b/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/includeDnsProvider
index e771a66b74..aa76b2ef76 100644
--- a/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/includeDnsProvider
+++ b/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/includeDnsProvider
@@ -6,6 +6,53 @@
# It only includes DNS Providers that need specific settings and do not default to
# "dns {{ dnsProvider }} {{ dnsApiKey }}"
#}
+{% macro dnsProviderSpecialConfig() %}
+ [
+ 'duckdns',
+ 'porkbun',
+ 'desec',
+ 'route53',
+ 'acmedns',
+ 'googleclouddns',
+ 'azure',
+ 'ovh',
+ 'namecheap',
+ 'powerdns',
+ 'ddnss',
+ 'linode',
+ 'tencentcloud',
+ 'dinahosting',
+ 'hexonet',
+ 'mailinabox',
+ 'netcup',
+ 'rfc2136',
+ 'dnsmadeeasy',
+ 'civo',
+ 'scaleway',
+ 'acmeproxy',
+ 'inwx',
+ 'namedotcom',
+ 'easydns',
+ 'directadmin',
+ 'cloudns',
+ 'huaweicloud',
+ 'regfish',
+ 'dreamhost',
+ 'exoscale',
+ 'transip',
+ 'selectel',
+ 'luadns',
+ 'he',
+ 'dynu',
+ 'glesys',
+ 'nfsn',
+ 'loopia',
+ 'mythicbeasts',
+ 'alidns',
+ 'metaname'
+ ]
+{% endmacro %}
+{% if context_var == 'dnsProviderSpecialLogic' %}
{% if dnsProvider == 'duckdns' %}
{% if dnsApiKey %}api_token {{ dnsApiKey }}
{% endif %}
@@ -190,4 +237,78 @@
{% endif %}
{% if dnsOptionalField1 %}sub_auth_id {{ dnsOptionalField1 }}
{% endif %}
+{% elif dnsProvider == 'huaweicloud' %}
+ {% if dnsApiKey %}access_key_id {{ dnsApiKey }}
+ {% endif %}
+ {% if dnsSecretApiKey %}secret_access_key {{ dnsSecretApiKey }}
+ {% endif %}
+{% elif dnsProvider == 'regfish' %}
+ {% if dnsApiKey %}api_key {{ dnsApiKey }}
+ {% endif %}
+{% elif dnsProvider == 'dreamhost' %}
+ {% if dnsApiKey %}api_key {{ dnsApiKey }}
+ {% endif %}
+{% elif dnsProvider == 'exoscale' %}
+ {% if dnsApiKey %}api_key {{ dnsApiKey }}
+ {% endif %}
+ {% if dnsSecretApiKey %}api_secret {{ dnsSecretApiKey }}
+ {% endif %}
+{% elif dnsProvider == 'transip' %}
+ {% if dnsApiKey %}account_name {{ dnsApiKey }}
+ {% endif %}
+ {% if dnsSecretApiKey %}private_key_path {{ dnsSecretApiKey }}
+ {% endif %}
+{% elif dnsProvider == 'selectel' %}
+ {% if dnsApiKey %}user {{ dnsApiKey }}
+ {% endif %}
+ {% if dnsSecretApiKey %}password {{ dnsSecretApiKey }}
+ {% endif %}
+ {% if dnsOptionalField1 %}account_id {{ dnsOptionalField1 }}
+ {% endif %}
+ {% if dnsOptionalField2 %}project_name {{ dnsOptionalField2 }}
+ {% endif %}
+{% elif dnsProvider == 'luadns' %}
+ {% if dnsApiKey %}email {{ dnsApiKey }}
+ {% endif %}
+ {% if dnsSecretApiKey %}api_key {{ dnsSecretApiKey }}
+ {% endif %}
+{% elif dnsProvider == 'he' %}
+ {% if dnsApiKey %}api_key {{ dnsApiKey }}
+ {% endif %}
+{% elif dnsProvider == 'dynu' %}
+ {% if dnsApiKey %}api_token {{ dnsApiKey }}
+ {% endif %}
+ {% if dnsSecretApiKey %}own_domain {{ dnsSecretApiKey }}
+ {% endif %}
+{% elif dnsProvider == 'glesys' %}
+ {% if dnsApiKey %}project {{ dnsApiKey }}
+ {% endif %}
+ {% if dnsSecretApiKey %}api_key {{ dnsSecretApiKey }}
+ {% endif %}
+{% elif dnsProvider == 'nfsn' %}
+ {% if dnsApiKey %}login {{ dnsApiKey }}
+ {% endif %}
+ {% if dnsSecretApiKey %}api_key {{ dnsSecretApiKey }}
+ {% endif %}
+{% elif dnsProvider == 'loopia' %}
+ {% if dnsApiKey %}username {{ dnsApiKey }}
+ {% endif %}
+ {% if dnsSecretApiKey %}password {{ dnsSecretApiKey }}
+ {% endif %}
+{% elif dnsProvider == 'mythicbeasts' %}
+ {% if dnsApiKey %}key_id {{ dnsApiKey }}
+ {% endif %}
+ {% if dnsSecretApiKey %}secret {{ dnsSecretApiKey }}
+ {% endif %}
+{% elif dnsProvider == 'alidns' %}
+ {% if dnsApiKey %}access_key_id {{ dnsApiKey }}
+ {% endif %}
+ {% if dnsSecretApiKey %}access_key_secret {{ dnsSecretApiKey }}
+ {% endif %}
+{% elif dnsProvider == 'metaname' %}
+ {% if dnsApiKey %}api_key {{ dnsApiKey }}
+ {% endif %}
+ {% if dnsSecretApiKey %}account_reference {{ dnsSecretApiKey }}
+ {% endif %}
+{% endif %}
{% endif %}