From patchwork Sat Apr 17 23:32:33 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Raghav Gururajan <rg@raghavgururajan.name>
X-Patchwork-Id: 28637
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 746FF27BC7A; Sun, 18 Apr 2021 00:33:09 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,
	T_DKIM_INVALID,URIBL_BLOCKED autolearn=unavailable autolearn_force=no
	version=3.4.2
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id EE48827BC79
	for <patchwork@mira.cbaines.net>; Sun, 18 Apr 2021 00:33:08 +0100 (BST)
Received: from localhost ([::1]:41600 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>)
	id 1lXuR2-00041L-7X
	for patchwork@mira.cbaines.net; Sat, 17 Apr 2021 19:33:08 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:37608)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1lXuQw-00041D-Cs
 for guix-patches@gnu.org; Sat, 17 Apr 2021 19:33:02 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:33371)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1lXuQw-0006UP-5b
 for guix-patches@gnu.org; Sat, 17 Apr 2021 19:33:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1lXuQw-0002W4-3C
 for guix-patches@gnu.org; Sat, 17 Apr 2021 19:33:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#47840] [PATCH v2] gnu: Add desec-certbot-hook.
References: <20210417114607.17096-1-rg@raghavgururajan.name>
In-Reply-To: <20210417114607.17096-1-rg@raghavgururajan.name>
Resent-From: Raghav Gururajan <rg@raghavgururajan.name>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Sat, 17 Apr 2021 23:33:02 +0000
Resent-Message-ID: <handler.47840.B47840.16187023699654@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 47840
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 47840@debbugs.gnu.org
Cc: Raghav Gururajan <rg@raghavgururajan.name>
Received: via spool by 47840-submit@debbugs.gnu.org id=B47840.16187023699654
 (code B ref 47840); Sat, 17 Apr 2021 23:33:02 +0000
Received: (at 47840) by debbugs.gnu.org; 17 Apr 2021 23:32:49 +0000
Received: from localhost ([127.0.0.1]:44917 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1lXuQi-0002Ve-TK
 for submit@debbugs.gnu.org; Sat, 17 Apr 2021 19:32:49 -0400
Received: from out1.migadu.com ([91.121.223.63]:64340)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rg@raghavgururajan.name>) id 1lXuQf-0002VR-2P
 for 47840@debbugs.gnu.org; Sat, 17 Apr 2021 19:32:47 -0400
X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and
 include these headers.
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raghavgururajan.name;
 s=key1; t=1618702363;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding;
 bh=wUN3yBCWWDgwKDnWNIjJ5hHPe9TTCb2BCrKNoHfFCic=;
 b=D/XW0Ce8hq74NUia3qBtGEbe1tVJhqth7xe/fA3evrkr4WaWH67ynOioFhP1a6F2Bt1Bp8
 kD3wJIdhj8KBeg+Qv4n4M3myo7WHiRuRSqSE3fODVvzdwNCBE53JrxLDz0LhtZhbENOPdt
 zjQWJlw0MBQX9fMZPKxXHcM84USFcVR4Qv2Y+u2ghretribaz7jl1G7Jub46b5am/SIVs5
 e+UjNc0X3znBV/qWThloPe0E0PNnAMjwFIhRKDekw6gU3/I19dkKnkvEDCEUzHwW0Vcy1j
 9IAFHT4M9eYeweO5PiZ7t5TsfUd3D2lGsriC6c3ZPeAwuui4btj59ak7XYJeXg==
Date: Sat, 17 Apr 2021 19:32:33 -0400
Message-Id: <20210417233233.411-1-rg@raghavgururajan.name>
MIME-Version: 1.0
X-Migadu-Flow: FLOW_OUT
X-Migadu-Auth-User: rg@raghavgururajan.name
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: "Guix-patches"
 <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
Reply-to: Raghav Gururajan <rg@raghavgururajan.name>
X-ACL-Warn: ,  Raghav Gururajan via Guix-patches <guix-patches@gnu.org>
X-Patchwork-Original-From: Raghav Gururajan via Guix-patches via
 <guix-patches@gnu.org>
From: Raghav Gururajan <rg@raghavgururajan.name>
X-getmail-retrieved-from-mailbox: Patches

* gnu/packages/tls.scm (desec-certbot-hook): New variable.
---
 gnu/packages/tls.scm | 50 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 25493cc7ca..40e003d024 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -42,6 +42,7 @@
   #:use-module (guix build-system perl)
   #:use-module (guix build-system python)
   #:use-module (guix build-system cmake)
+  #:use-module (guix build-system copy)
   #:use-module (guix build-system trivial)
   #:use-module (gnu packages compression)
   #:use-module (gnu packages)
@@ -70,6 +71,55 @@
   #:use-module (gnu packages base)
   #:use-module (srfi srfi-1))
 
+(define-public desec-certbot-hook
+  (let ((commit "68da7abc0793602fd336962a7e2348b57c5d6fd6")
+        (revision "21"))
+    (package
+      (name "desec-certbot-hook")
+      (version
+       (git-version "0" revision commit))
+      (source
+       (origin
+         (method git-fetch)
+         (uri
+          (git-reference
+           (url "https://github.com/desec-io/desec-certbot-hook")
+           (commit commit)))
+         (file-name
+          (git-file-name name version))
+         (sha256
+          (base32 "0qjqk6i85b1y7fgzcx74r4gn2i4dkjza34hkzp6kyn9hrb8f2gv2"))))
+      (build-system copy-build-system)
+      (arguments
+       `(#:phases
+         (modify-phases %standard-phases
+           (add-after 'unpack 'patch-script
+             (lambda* (#:key inputs #:allow-other-keys)
+               (substitute* "hook.sh"
+                 ;; The hook-script look for '.dedynauth' file in $PWD.
+                 ;; But users cannot create or edit files in store.
+                 ;; So we patch the hook-script to look for '.dedynauth' file,
+                 ;; in /etc/desec.
+                 (("\\$\\(pwd\\)")
+                  "/etc/desec")
+                 ;; Make absolute references to curl program,
+                 ;; so that users don't have to install it separately.
+                 (("curl")
+                  (string-append (assoc-ref inputs "curl")
+                                 "/bin/curl"))))))
+         #:install-plan
+         '(("." "etc/desec" #:include ("hook.sh")))))
+      (inputs
+       `(("curl" ,curl)))
+      (synopsis "deSEC's certbot DNS challenge automatization")
+      (description "Use deSEC to obtain certificates with certbot DNS ownership
+verification.  With the help of this hook script, you can obtain your Let's
+Encrypt certificate using certbot with authorization provided by the DNS
+challenge mechanism, that is, you will not need a running web server or any port
+forwarding to your local machine.")
+      (home-page "https://desec.io")
+      (license license:expat))))
+
 (define-public libtasn1
   (package
     (name "libtasn1")