Replace saved DNS API keys with a hook to retrieve the values when needed

[0xg0nz0]

I noticed that the DNS API key gets stored in .acme.sh/account.conf, e.g. SAVED_GD_Key for GoDaddy's API. Since this API key can be used to modify a domain's DNS, any exposure is quite dangerous. It would be better to offer a command line hook to retrieve API credentials when needed, e.g. using 1Password CLI or some other secret manager, e.g. just an idea:

acme.sh --issue --dns dns_gd -d example.com --dns-api-key-hook="op read op://dev/dns/api_key" --dns-api-secret-hook="op read op://dev/dns/api_secret"

You can then safely store the command to run rather than the actual value.

My guess is it's designed this way to allow for running periodically in a crontab.

I ran acme.sh --upgrade and have the very latest version, and confirmed this behavior in the code.