From patchwork Sun Mar 14 13:15:41 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Pierre Langlois X-Patchwork-Id: 27692 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id CDE4E27BC55; Sun, 14 Mar 2021 13:16:09 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, SPF_HELO_PASS,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 2F69C27BC54 for ; Sun, 14 Mar 2021 13:16:09 +0000 (GMT) Received: from localhost ([::1]:58158 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lLQbI-0002vc-EI for patchwork@mira.cbaines.net; Sun, 14 Mar 2021 09:16:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:37644) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lLQbC-0002vQ-1b for guix-patches@gnu.org; Sun, 14 Mar 2021 09:16:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:49782) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lLQbB-0002jd-Qk for guix-patches@gnu.org; Sun, 14 Mar 2021 09:16:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1lLQbB-0004NS-K9 for guix-patches@gnu.org; Sun, 14 Mar 2021 09:16:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#47136] [PATCH 1/3] services: certbot: Remove deprecated --manual-public-ip-logging-ok. Resent-From: Pierre Langlois Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 14 Mar 2021 13:16:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47136 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 47136@debbugs.gnu.org Cc: Pierre Langlois Received: via spool by 47136-submit@debbugs.gnu.org id=B47136.161572776116822 (code B ref 47136); Sun, 14 Mar 2021 13:16:01 +0000 Received: (at 47136) by debbugs.gnu.org; 14 Mar 2021 13:16:01 +0000 Received: from localhost ([127.0.0.1]:33095 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLQbA-0004ND-RX for submit@debbugs.gnu.org; Sun, 14 Mar 2021 09:16:01 -0400 Received: from mout.gmx.net ([212.227.15.18]:40821) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLQb9-0004N0-9i for 47136@debbugs.gnu.org; Sun, 14 Mar 2021 09:15:59 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1615727753; bh=A/6qxzW5+j4pGOz8GtUl8g0WmdXvdVeYbJKIc7JSYp4=; h=X-UI-Sender-Class:From:To:Cc:Subject:Date:In-Reply-To:References; b=d3ta9c6K8hy6VYHAL8WxB5Nr2s/89CFTUKgHwzaOLJyHPrv4/5xqVngN6MzSf6/zy R/e+Bah6SrwiYtZ9Luf+L3Uqsr2EzvNSSFk0OoF/zMOq8SN2czjMkk2/qyel1nraQE hzEuVB6CraP85+zmPh0AQW4DxXV04NmRrD51hrS4= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from localhost.localdomain ([82.69.64.142]) by mail.gmx.net (mrgmx005 [212.227.17.184]) with ESMTPSA (Nemesis) id 1MvsEn-1lbrBe0i0N-00syWG; Sun, 14 Mar 2021 14:15:53 +0100 From: Pierre Langlois Date: Sun, 14 Mar 2021 13:15:41 +0000 Message-Id: <20210314131543.9310-1-pierre.langlois@gmx.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <87k0q9c28e.fsf@gmx.com> References: <87k0q9c28e.fsf@gmx.com> MIME-Version: 1.0 X-Provags-ID: V03:K1:6qd50mVmyDpq/HY7qiodHfywNcca3Ej3U9Ynp0MT0d7oihtEJI7 81+k4Lh2m9qxFdcJXtDZoXxnzrRrjljsK102xshy8HXYy3UCUQNR46H0BwXmcdjqAcW6gmX 8yj6RzflQ1EdJPHCJ8/2pREQWStM/E7n7hwROP1EcR41uLOZ4zs02z8lDqW+TiLhq6Yc9TR +dStp8vtj8/upmygatPUw== X-UI-Out-Filterresults: notjunk:1;V03:K0:GB6HL9YyQtw=:j8Jbc9ip9h+0CgwVXqk/g0 mMpZ47tatfABuOsXbYmaK0Hhuc8d7Jvq1XqmVZoj7Y7tlcMeXMJoKrOo1xVU8tVQpHusdytD5 qgKUKDhllvoT2DgAtLpEhGHOVI1qDlYN+exG4Vph0OlIolZ8lIDFbbo0c4yvrl/ycMBh6YvJG Emj6P/rellJK0rBc+Av7BAFxC2VA9oUkSPZkwk83ko3a+21yxJRrtbLXv3gTpGajezN6/+phq z3+DQ2hUzA8Y98DXnx9L4w4ZrdrFoH7Vrzl09bCOaa/KRfmmcu7Z63jkG0GuE9puxG0T5kuoA Jhveq4H6H+PrYwikc7j9O/HCFzJ3CxeIhRoUadPuY7wXEPJqEJR9+0kU7Mwb6h4J/s0FAyLVB /PaMVmA2IeZ9QAV3COKSMacCjM2Q5rszfuousTyhdgh48/1g3FfedGFOyGuqp7jAYj11cWBos iX1Qzf5c6Er8emRQv5BZLXDZkAhHzqEItuUEt8oo5g9jjtDyf3kx+8lolqPNDPA0aGXUo2mpD jvKHiTO5Oj1Pn2cZC5BictRXkztPx0lCcuEsjVYY7AJo0ug61ec03BA7GnSu1YThZIsmqztTM Qfw1TYIY5M1MIZeatSzTUC/LrvlSK1xHegcOZw4EYjgkZsjokeSdU/Qr5wA09QnivlkUM+LcV JQYWk0F0Dcz7T3XVyjF3FsgNIYWTKPnBVnJH6VOyQ8VhJyDbIdxqe/1AhHDHE/XlR0+U5+NBs LGp6xUev153U0HKxJuiZLWLM89x+m8cwpfcIEZf01cZCloM9hQXPMlBHicod5yqPYj6yFTNtH 5Xat1eJuUFn9cS/NcWd5JhfqhOLNLLKs4vVqSteAHDixqUJWbeSbi3l+pbKQbjgxbhMlKqjLb sgSnhG3k4eJSB+4UT2qg== X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches The --manual-public-ip-logging-ok flag is now a no-op and was deprecated https://github.com/certbot/certbot/pull/8381 * gnu/sevices/certbot.scm (certbot-command): Remove --manual-public-ip-logging-ok when doing a manual challenge. --- gnu/services/certbot.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.30.2 diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm index 1c67ff63f1..1cea68fc2a 100644 --- a/gnu/services/certbot.scm +++ b/gnu/services/certbot.scm @@ -5,6 +5,7 @@ ;;; Copyright © 2019 Julien Lepiller ;;; Copyright © 2020 Jack Hill ;;; Copyright © 2020 Tobias Geerinckx-Rice +;;; Copyright © 2021 Pierre Langlois ;;; ;;; This file is part of GNU Guix. ;;; @@ -103,7 +104,6 @@ "--manual" (string-append "--preferred-challenges=" challenge) "--cert-name" name - "--manual-public-ip-logging-ok" "-d" (string-join domains ",")) (if email `("--email" ,email) From patchwork Sun Mar 14 13:15:42 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pierre Langlois X-Patchwork-Id: 27693 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 0DAD427BC56; Sun, 14 Mar 2021 13:17:31 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, SPF_HELO_PASS,T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 54F0927BC55 for ; Sun, 14 Mar 2021 13:17:29 +0000 (GMT) Received: from localhost ([::1]:58404 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lLQca-00034b-Hh for patchwork@mira.cbaines.net; Sun, 14 Mar 2021 09:17:28 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:37868) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lLQcA-00034P-A6 for guix-patches@gnu.org; Sun, 14 Mar 2021 09:17:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:49789) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lLQcA-0003Rw-2b for guix-patches@gnu.org; Sun, 14 Mar 2021 09:17:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1lLQc9-0004PX-Tk for guix-patches@gnu.org; Sun, 14 Mar 2021 09:17:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#47136] [PATCH 2/3] services: certbot: Refer to authentication-hook in documentation. Resent-From: Pierre Langlois Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 14 Mar 2021 13:17:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47136 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 47136@debbugs.gnu.org Cc: Pierre Langlois Received: via spool by 47136-submit@debbugs.gnu.org id=B47136.161572777316888 (code B ref 47136); Sun, 14 Mar 2021 13:17:01 +0000 Received: (at 47136) by debbugs.gnu.org; 14 Mar 2021 13:16:13 +0000 Received: from localhost ([127.0.0.1]:33100 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLQbN-0004OK-2t for submit@debbugs.gnu.org; Sun, 14 Mar 2021 09:16:13 -0400 Received: from mout.gmx.net ([212.227.15.19]:32831) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLQbL-0004O0-Gw for 47136@debbugs.gnu.org; Sun, 14 Mar 2021 09:16:11 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1615727765; bh=za6rhhTiHnfIzbR+BWYhZQvVPf4tlcG3iArYGNCquno=; h=X-UI-Sender-Class:From:To:Cc:Subject:Date:In-Reply-To:References; b=TFE2rkodQLB4VxSVQBkQ74eUHy0InlxH5/KfPYwE0gReONGvMphn9OW9lHeXCQN1L rB3RaDNbzcyttIl1L8Lg1NtXIGeNFbBflksSg//wHw9b6xUR98ros2Ti3BUpUtoq2g K/P7WFBQiWWRuvIgnIYOOu0EVeuRkrXFmqy4owqg= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from localhost.localdomain ([82.69.64.142]) by mail.gmx.net (mrgmx005 [212.227.17.184]) with ESMTPSA (Nemesis) id 1M5fMe-1lN5Yd1gxm-007CWL; Sun, 14 Mar 2021 14:16:05 +0100 From: Pierre Langlois Date: Sun, 14 Mar 2021 13:15:42 +0000 Message-Id: <20210314131543.9310-2-pierre.langlois@gmx.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210314131543.9310-1-pierre.langlois@gmx.com> References: <87k0q9c28e.fsf@gmx.com> <20210314131543.9310-1-pierre.langlois@gmx.com> MIME-Version: 1.0 X-Provags-ID: V03:K1:JxzMG17QjfrT/MKpZuUz6UB/JXLa4pCUY/Xvm34MPzMOkkzwIIS ruuOTEG8qgp4Sr9rCv/+ud5Qc7MPWRGVJDLn4SuaE5aD3K6miXq9WvLwmloj4GSKqlgFMok MWeApe8o84Sd2Rm118t32nySEq/5DBDQwUwrgaqJsi2vUOYJtTy3AanYajDZ3wgqoe8FYPl 3IxJr9bDDaMlzs7F/kcGQ== X-UI-Out-Filterresults: notjunk:1;V03:K0:rt1+nAy0F3Y=:y8R804fqzsCtgbT3M+LMpn y502Sfw47BBsIcdEzf1e6YlQZY3JPD3drP4FvsTMKelToyT6KCaeb20xeCPDsrRqI8sVsOCQN Vsz5+rq1WmRPx8WWy4ToyG5O1cyeafuL2njWRBplDJ53ElWmfTBLq3QZXzRBX+aFyYcP86lN3 NwBhj8vBIYk4S48qdpvLaV3v4DuUxzCLvqsH5KmXOfhnr8087n8CYCSth8iUKP7g6akeOp7Pr G2GreELGxtWNQ6o65CDZkQRdn29O2bpUUrlOYL2PU6Yl6W0XBl4ICHpK+PyIXLhssAEqv8ZG5 Nu1h0DGoPrWdT3EbGKico4oECiZ+LnPRxN7tccrn96PhDKG/ikEww/Fx8/+73wRxFZffBlABv lOZgc6s67v6UWkf0Y8wIyEzjUdcgmQVLZ7cLU18cfJOSr5VHeGYLYC4s9ewUCoG45kfUsLErs HFn9NrH5fuK05AI52d5LHaYmGnSigHbfNVDCUqsokPkP/dXViTgexTVZuRqEBg4vCM922k3L/ OKnjEQkjQhOD+irikfQkTg3/wfvA+1WI9nkL+SxVVGZ7+cymB7Ww+UGdANF/JSSSawze8023J SOu5HtU9lEojA5mqGQlQIpU33nfFA5gWIKe6HxdiQD8leg5eWnEcUWwBSdOiTmfl5usl/SMWs oVh3Wxk5u2XuXujmn8u9lk8sXjIwA8FvDdqiA4qEzk2uyCUF8vdR18jou4QqY59RsX4xtA4+8 7bs6ahsXzubSi1b455MvNctY2UTeh3vQOkBnnqzBDFYOITvM0wsGE9YtNd5uKeUgjR5/kW7UW R9Vimnh6sBm4LUdpvavKG3Q9EEnELB8oiaxb7fMktSq9yfeuiFZ3DwOqLyQtw/K7X+PCZ3THA ZVB/euPLIEeSvdGyVNIX0713DnTPp02bC6iPW8fqY= X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches * doc/guix.texi (Cerfiticate Services): Refer to non-abbreviated authentication-hook instead of auth-hook. --- doc/guix.texi | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) -- 2.30.2 diff --git a/doc/guix.texi b/doc/guix.texi index 4cf241c56a..ec449b1772 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -25651,10 +25651,10 @@ file name of the resource requested when performing an HTTP-01 challenge. @item @code{cleanup-hook} (default: @code{#f}) Command to be run in a shell once for each certificate challenge that -have been answered by the @code{auth-hook}. For this command, the shell -variables available in the @code{auth-hook} script are still available, and -additionally @code{$CERTBOT_AUTH_OUTPUT} will contain the standard output -of the @code{auth-hook} script. +have been answered by the @code{authentication-hook}. For this command, +the shell variables available in the @code{authentication-hook} script +are still available, and additionally @code{$CERTBOT_AUTH_OUTPUT} will +contain the standard output of the @code{authentication-hook} script. @item @code{deploy-hook} (default: @code{#f}) Command to be run in a shell once for each successfully issued From patchwork Sun Mar 14 13:15:43 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pierre Langlois X-Patchwork-Id: 27694 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 7B90227BC54; Sun, 14 Mar 2021 13:17:32 +0000 (GMT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, SPF_HELO_PASS,T_DKIM_INVALID,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 2DA6527BC52 for ; Sun, 14 Mar 2021 13:17:30 +0000 (GMT) Received: from localhost ([::1]:58438 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lLQcb-00035r-Ck for patchwork@mira.cbaines.net; Sun, 14 Mar 2021 09:17:29 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:37872) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lLQcA-00034V-Ky for guix-patches@gnu.org; Sun, 14 Mar 2021 09:17:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:49790) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lLQcA-0003Sa-Dg for guix-patches@gnu.org; Sun, 14 Mar 2021 09:17:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1lLQcA-0004Pe-9x for guix-patches@gnu.org; Sun, 14 Mar 2021 09:17:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#47136] [PATCH 3/3] services: certbot: Add dry-run? certificate option. Resent-From: Pierre Langlois Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sun, 14 Mar 2021 13:17:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47136 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 47136@debbugs.gnu.org Cc: Pierre Langlois Received: via spool by 47136-submit@debbugs.gnu.org id=B47136.161572777616898 (code B ref 47136); Sun, 14 Mar 2021 13:17:02 +0000 Received: (at 47136) by debbugs.gnu.org; 14 Mar 2021 13:16:16 +0000 Received: from localhost ([127.0.0.1]:33102 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLQbQ-0004OU-BP for submit@debbugs.gnu.org; Sun, 14 Mar 2021 09:16:16 -0400 Received: from mout.gmx.net ([212.227.15.19]:32863) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLQbM-0004O1-0G for 47136@debbugs.gnu.org; Sun, 14 Mar 2021 09:16:12 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1615727766; bh=EU6xYOaISSXdlHQLjTsubW5kWM1pju6Ko0rkIcCY5Hw=; h=X-UI-Sender-Class:From:To:Cc:Subject:Date:In-Reply-To:References; b=YT3pQ22xv4uWp4WXxZ68Z/UgNdmmofcghQZWRyXgWIMuS6pukQolnvp2LMdCFSZfE GzVwhpt8w77j9sgC1B/biH/xu9e4Zxuczz6XutAJPN0jzqrI/0FNI6/RTm4rQGztPR O9SebaEWPRGOh6waViJte0nbwu/v8L8oWFTlAPeA= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from localhost.localdomain ([82.69.64.142]) by mail.gmx.net (mrgmx005 [212.227.17.184]) with ESMTPSA (Nemesis) id 1N79yQ-1lnAfC0zGe-017WaR; Sun, 14 Mar 2021 14:16:06 +0100 From: Pierre Langlois Date: Sun, 14 Mar 2021 13:15:43 +0000 Message-Id: <20210314131543.9310-3-pierre.langlois@gmx.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210314131543.9310-1-pierre.langlois@gmx.com> References: <87k0q9c28e.fsf@gmx.com> <20210314131543.9310-1-pierre.langlois@gmx.com> MIME-Version: 1.0 X-Provags-ID: V03:K1:SphTZ69P723XQ5eUVpIaKqoXjNt33oC6Ovx0cK12l4BPipz5INJ BcIy073LIJVbfUKy9gsU78En03inA2tlTkfbwQVJMyT98a24g42svlchBgDcirdVx0PrKX3 xOGr7JrxSATsu/TGh3QSnxanJLlxZH5JyRfqI6dORFI4mVgDaPk6sqORYuWhPrZfHMJpaGb OEYXs/yGGpCavI7Hi4C9g== X-UI-Out-Filterresults: notjunk:1;V03:K0:CJfL0eMpY3M=:BUVjLBnTjun28let1p7L+9 3MXvYqwYSQUCWFfBn286CUljSVta6tlxcXn93PfDp/iH/JukasiLoQxM0ht5N2o6gydbmmKbU 9naK3Dwuz1acuEeAxOXkwS5x9tWxJ9x6gGP385F5rCdS0lm9NVkXIbu3oWAoDOYIiIoATAR8O oMkVgTegp8rnp8p3YtqY56wYPxe5dNwlFHlHq09vb9riM/U/zSMxBNeDatBs92zw+ZygaffsD utKm6NeqchH/Wf5HmhYOSoHHxsPqQOJ8Ux7DC5REUG7V6UryB82AW4Xf4Qdo/q9hdU5YgRMsh zbX7O7kUVGdCAo81/XF7ZeJfLJE4Jtu6zXSSfiWSSg+ilklpATgGTWBmp9IxwUHfuRib4HEaB tzq+xNWjymh0ZzBNr1fBScQAnEeYCuzVBbeuDbbxwm/u4fHk269s3mC/b+qXrNP2ZoR9fV7hF WeKmdz46uERtwR5ShWV1iVMfBTClLI69Hz6r0CmDHkIp7l9gH10R59YIy34GUMLTQ7/97WXmP xLJpkCmxyPVEOrF3bpCazJOcy/ju+7BGFpvxK4xn4SEn6/W4Aw86Rm4ZUl3uOiUX9kzy4/KkU nufdGOir6F0ZmUgRvm7Tk+DHAkNq8yGllwqZJDFoOonLXtnNHzm4211UKMV8gFiIhssN6a3Lq J1lwORpEOdHMSGqWZKncgFTKlGglHAGmJjuCu6lRKvd5+a8+DjCcbb7nqMcrxKnbLGw5ewZtb I4DvGvF16rUvAgRzQ4mEITyLT2Vy4ug9Yql/OmzJ/WJaE5bDdXxBMQ6aJJcApq7s04Vv+mEsr LFX38mFT+fOjnBRSKG3UIm9hTAbaiuTDUusiY8O5lWcRsFrxQj+awO6RBwS9/oByFEaHIrt8p 52ZxaoYU0RlLdPHmNNGA== X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches * gnu/services/certbot.scm (certificate-configuration): Add dry-run? field. (certbot-command): Use it to pass --dry-run to certbot. * doc/guix.texi (Certificate Services): Document dry-run? option. --- doc/guix.texi | 35 +++++++++++++++++++++++++++++++++++ gnu/services/certbot.scm | 10 +++++++--- 2 files changed, 42 insertions(+), 3 deletions(-) -- 2.30.2 diff --git a/doc/guix.texi b/doc/guix.texi index ec449b1772..322c717941 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -25665,6 +25665,41 @@ certificates and keys; the shell variable @code{$RENEWED_DOMAINS} will contain a space-delimited list of renewed certificate domains (for example, @samp{"example.com www.example.com"}. +@item @code{dry-run?} (default: @code{#f}) +Communitcate with the ACME server but do not update certificates nor +trigger @code{deploy-hook}. This is useful as a temporary setting to +test the challenge procedure, especially the @code{authentication-hook} +and @code{cleanup-hook} while working on them. It's also a good idea to +use Let's Encrypt's staging server at +@url{https://acme-staging-v02.api.letsencrypt.org/directory} while +testing, which allows for higher rate limits, but with which +@code{certbot} will helpfully refuse to update certificates and +recommend the @code{dry-run?} option. For example: + +@lisp +(define %authentication-hook + (program-file "authentication-hook" + #~(let ((domain (getenv "CERTBOT_DOMAIN")) + (token (getenv "CERTBOT_TOKEN"))) + (format #t "Hey, can you authenticate ~a with ~a for me?" + domain token)))) + +(define %cleanup-hook + (program-file "authentication-hook" + #~(display "Bye") + +(service certbot-service-type + (certbot-configuration + (server "https://acme-staging-v02.api.letsencrypt.org/directory") + (certificates + (list + (certificate-configuration + (dry-run? #t) + (authentication-hook %authentication-hook) + (cleanup-hook %cleanup-hook) + (domains '("example.net" "www.example.net"))))))) +@end lisp + @end table @end deftp diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm index 1cea68fc2a..15274cf0ed 100644 --- a/gnu/services/certbot.scm +++ b/gnu/services/certbot.scm @@ -61,6 +61,8 @@ (cleanup-hook certificate-cleanup-hook (default #f)) (deploy-hook certificate-configuration-deploy-hook + (default #f)) + (dry-run? certbot-configuration-dry-run? (default #f))) (define-record-type* @@ -96,7 +98,7 @@ (match-lambda (($ custom-name domains challenge authentication-hook cleanup-hook - deploy-hook) + deploy-hook dry-run?) (let ((name (or custom-name (car domains)))) (if challenge (append @@ -114,7 +116,8 @@ `("--manual-auth-hook" ,authentication-hook) '()) (if cleanup-hook `("--manual-cleanup-hook" ,cleanup-hook) '()) - (if deploy-hook `("--deploy-hook" ,deploy-hook) '())) + (if deploy-hook `("--deploy-hook" ,deploy-hook) '()) + (if dry-run? '("--dry-run"))) (append (list name certbot "certonly" "-n" "--agree-tos" "--webroot" "-w" webroot @@ -125,7 +128,8 @@ '("--register-unsafely-without-email")) (if server `("--server" ,server) '()) (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '()) - (if deploy-hook `("--deploy-hook" ,deploy-hook) '())))))) + (if deploy-hook `("--deploy-hook" ,deploy-hook) '()) + (if dry-run? '("--dry-run") '())))))) certificates))) (program-file "certbot-command"