v2.3.4 (Patch)
- New: DuckDNS DNS-01 provider — first-class support for free
*.duckdns.orgsubdomains viacertbot-dns-duckdns. Enables publicly-trusted Let's Encrypt certificates for homelabs, self-hosted services and IoT devices without owning a domain. Includes UI integration (provider tile + dedicated config section + multi-account modal), settings/API/Swagger wiring, and 14 unit tests covering strategy, INI format, validation and certbot-arg shape. Smoke-tested end-to-end against Let's Encrypt staging. - Fix #99: Akamai Edge DNS (
edgedns) configuration could not be saved via the web UI or API —save_settings()rejected it withInvalid dns_provider: edgednsbecause the provider was not registered insupported_providers, the propagation defaults, the multi-account migration map, or the Swagger/REST enums. Reported by @SpeeDFireCZE. - Fix: DuckDNS plugin selection now uses
--authenticator dns-duckdnsinstead of the bare--dns-duckdnsflag, which certbot rejected as ambiguous (the plugin exposes multiple--dns-duckdns-*options). - Fix:
CertificateManager.create_certificate()no longer raisesUnboundLocalErrorfrom its finally block when an early failure occurs (e.g. plugin-not-installed). The originalRuntimeErrornow surfaces correctly to API clients. Regression tests pinned. - Test: New cross-validation suite (
tests/test_provider_wiring_consistency.py) breaks the build the moment a future DNS provider is registered in the strategy factory but missed in the settings or credential validation surfaces — preventing any recurrence of the #99 wiring gap.