letsencrypt: add check for dns.provider, cleanup build cache files (#4438)

Fail if DNS challenge is selected and the provider is not configured.

Also clean up the cache files created by pip and Go build to significantly
reduce image bloat.

Fixes #4436

Author: sairon

letsencrypt/CHANGELOG.md

@@ -1,5 +1,10 @@
 # Changelog
 
+## 6.0.4
+
+- Require `dns.provider` if DNS challenge is set
+- Clean up cache files from the build to reduce image size
+
 ## 6.0.3
 
 - Fix issuing certificates when `acme_root_ca_cert` is set

letsencrypt/Dockerfile

@@ -54,7 +54,8 @@ RUN \
         python3-dev \
         python3-pip \
         rustc \
-    && rm -rf /var/lib/apt/lists/*
+    && rm -rf /var/lib/apt/lists/* \
+    && rm -rf /root/.cache
 
 # Copy data
 COPY rootfs /

letsencrypt/config.yaml

@@ -1,5 +1,5 @@
 ---
-version: 6.0.3
+version: 6.0.4
 breaking_versions: [5.3.0, 6.0.0]
 slug: letsencrypt
 name: Let's Encrypt

letsencrypt/rootfs/etc/services.d/lets-encrypt/run

@@ -34,6 +34,7 @@ LEGACY_PROVIDERS="dns-eurodns dns-gehirn dns-noris"
 DEPRECATED_PROVIDERS="dns-azure dns-he"
 
 if [ "${CHALLENGE}" == "dns" ]; then
+    bashio::config.require 'dns.provider'
     bashio::log.info "Selected DNS Provider: ${DNS_PROVIDER}"
 
     PROPAGATION_SECONDS=60