This would probably be better continued in the discussion thread for acme-dns (Acme-dns on Nethserver (now with RPM-y goodness!)), but here’s the overview:
When Let’s Encrypt attempts DNS validation for $FQDN, it looks for a DNS record for _acme-challenge.$FQDN. If there’s a TXT record there, Let’s Encrypt reads the value and determines if validation succeeds or fails. If there’s a CNAME record instead, Let’s Encrypt will follow that CNAME and see what its target says. So, if you have a record of _acme-challenge.$FQDN CNAME somethingelse.acme.$OTHERFQDN, Let’s Encrypt will query somethingelse.acme.$OTHERFQDN for the TXT record.
When you configure acme-dns, you’re setting it up as the authoritative DNS server for a subdomain of one of your domains. If you have a domain of example.com, the subdomain is acme.example.com. So the NS records above make ns{1|2}.acme.example.com the authoritative nameservers for that subdomain, and then set your external IP address is the IP address for both of them (it isn’t essential to set two nameservers, but it seems to be common practice).
The real magic happens in the CNAME records. The python hook script keeps track of which hostnames already have issued certs. When you request a cert for a hostname that you haven’t previously issued, it will ask you to create a CNAME record for that host, which you’ll only need to do once.
So, no, you don’t need to set the NS records for each domain. Set them for one (pick one, it doesn’t really matter, though I think my module works best if you use your primary domain). Then set CNAME records for all the other hostnames as you need them.