| Message ID | 87imr588wk.fsf@zancanaro.id.au |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [bug#36998] services: certbot: Add --manual-public-ip-logging-ok for manual challenges | expand |
Hi Carlo, Time flies… Carlo Zancanaro <carlo@zancanaro.id.au> skribis: > I recently tried to configure the certbot-service with the dns > challenge type. It failed, because certbot tries to ask whether you're > okay with letsencrypt knowing (and potentially logging) your IP > address, but within an mcron task that just fails. > > The solution is to add the --manual-public-ip-logging-ok flag, so > here's a patch to do that! [...] > --- a/gnu/services/certbot.scm > +++ b/gnu/services/certbot.scm > @@ -99,6 +99,7 @@ > "--manual" > (string-append "--preferred-challenges=" challenge) > "--cert-name" name > + "--manual-public-ip-logging-ok" > "-d" (string-join domains ",")) Perhaps we should pass --manual-public-ip-logging-ok only when ‘challenge’ has the expected value (DNS challenge type; what’s the value for that?), and also document that prominently in the manual? Thanks, Ludo’.
From 4a888155261caba0c4e11f8515a271ba33b92bc6 Mon Sep 17 00:00:00 2001 From: Carlo Zancanaro <carlo@zancanaro.id.au> Date: Sat, 10 Aug 2019 22:52:50 +1000 Subject: [PATCH] services: certbot: Add --manual-public-ip-logging-ok for manual challenges * gnu/services/certbot.scm (certbot-command): Add --manual-public-ip-logging-ok flag to the certbot command when doing a manual challenge. --- gnu/services/certbot.scm | 1 + 1 file changed, 1 insertion(+) diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm index ae34ad17bb..0d3be03383 100644 --- a/gnu/services/certbot.scm +++ b/gnu/services/certbot.scm @@ -99,6 +99,7 @@ "--manual" (string-append "--preferred-challenges=" challenge) "--cert-name" name + "--manual-public-ip-logging-ok" "-d" (string-join domains ",")) (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '()) (if authentication-hook -- 2.22.0