Using the Namecheap API despite assigned dynamic IP
If you are hosting your own services locally and have the need for Let's Encrypt certificates, you might come across a problem while attempting to solve the DNS challenge using traefik / lego and the namecheap provider.
Namecheap forces you to allow list every IP that should use the API. That is a problem if you don't have a residential static IP and do not want to regularly update your allow listed namecheap IP's.
Solution:
Use a proxy.
Example using Docker:
A prerequisite is to host your own proxy server on a server which has a static IP assigned.
For this example i'm using https://github.com/3proxy/3proxy
All you need to do is assign the following environment variables:
HTTP_PROXY
Your proxy connection for HTTP requests.
HTTPS_PROXY
Your proxy connection for HTTPS requests.
NO_RPOXY
All domains, IPs and IP ranges (CIDR notation), which should not be sent through your proxy.
For more information, see the go documentation.
Using docker compose this could look like this:
docker-compose.yml
...
environment:
- "NAMECHEAP_API_USER=${NAMECHEAP_API_USER}"
- "NAMECHEAP_API_KEY=${NAMECHEAP_API_KEY}"
- "HTTP_PROXY=${PROXY}"
- "HTTPS_PROXY=${PROXY}"
- "http_proxy=${PROXY}"
- "https_proxy=${PROXY}"
- "NO_PROXY=${NO_PROXY}"
- "no_proxy=${NO_PROXY}"
....env
NAMECHEAP_API_USER = your_username
NAMECHEAP_API_KEY = your_api_key
PROXY = http://username:[email protected]:1234
NO_PROXY = 172.20.0.0 / 16Note:
While possible, i don't recommend to use any public proxies / VPN, because you will fully sacrifice the extra security of the IP allow list.