me
/
guix
Archived
1
0
Fork 0
Code

services: certbot: Support registration without email. 

* gnu/services/certbot.scm (certbot-configuration): Add default for the
email option.
(certbot-command): Pass email for registration only when specified.
* doc/guix.texi (Certificate Services): "mandatory"→"optional" email.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
master
Timotej Lazar 2020-09-11 13:55:55 +02:00 committed by Ludovic Courtès
parent 0f918908eb
commit 11a962e653
No known key found for this signature in database
GPG Key ID: 090B11993D9AEBB5
2 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
doc/guix.texi
View File

@ -22478,9 +22478,10 @@ A list of @code{certificates-configuration}s for which to generate
certificates and request signatures. Each certificate has a @code{name} certificates and request signatures. Each certificate has a @code{name}
and several @code{domains}. and several @code{domains}.
@item @code{email} @item @code{email} (default: @code{#f})
Mandatory email used for registration, recovery contact, and important Optional email address used for registration and recovery contact.
account notifications. Setting this is encouraged as it allows you to receive important
notifications about the account and issued certificates.
@item @code{server} (default: @code{#f}) @item @code{server} (default: @code{#f})
Optional URL of ACME server. Setting this overrides certbot's default, Optional URL of ACME server. Setting this overrides certbot's default,

11
gnu/services/certbot.scm
View File

@ -71,7 +71,8 @@
(default "/var/www")) (default "/var/www"))
(certificates certbot-configuration-certificates (certificates certbot-configuration-certificates
(default '())) (default '()))
(email certbot-configuration-email) (email certbot-configuration-email
(default #f))
(server certbot-configuration-server (server certbot-configuration-server
(default #f)) (default #f))
(rsa-key-size certbot-configuration-rsa-key-size (rsa-key-size certbot-configuration-rsa-key-size
@ -99,12 +100,14 @@
(if challenge (if challenge
(append (append
(list name certbot "certonly" "-n" "--agree-tos" (list name certbot "certonly" "-n" "--agree-tos"
"-m" email
"--manual" "--manual"
(string-append "--preferred-challenges=" challenge) (string-append "--preferred-challenges=" challenge)
"--cert-name" name "--cert-name" name
"--manual-public-ip-logging-ok" "--manual-public-ip-logging-ok"
"-d" (string-join domains ",")) "-d" (string-join domains ","))
(if email
`("--email" ,email)
'("--register-unsafely-without-email"))
(if server `("--server" ,server) '()) (if server `("--server" ,server) '())
(if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '()) (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '())
(if authentication-hook (if authentication-hook
@ -114,10 +117,12 @@
(if deploy-hook `("--deploy-hook" ,deploy-hook) '())) (if deploy-hook `("--deploy-hook" ,deploy-hook) '()))
(append (append
(list name certbot "certonly" "-n" "--agree-tos" (list name certbot "certonly" "-n" "--agree-tos"
"-m" email
"--webroot" "-w" webroot "--webroot" "-w" webroot
"--cert-name" name "--cert-name" name
"-d" (string-join domains ",")) "-d" (string-join domains ","))
(if email
`("--email" ,email)
'("--register-unsafely-without-email"))
(if server `("--server" ,server) '()) (if server `("--server" ,server) '())
(if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '()) (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '())
(if deploy-hook `("--deploy-hook" ,deploy-hook) '())))))) (if deploy-hook `("--deploy-hook" ,deploy-hook) '()))))))