X-Loop: help-debbugs@HIDDEN Subject: [bug#47136] [PATCH 0/3] services: certbot: Add dry-run? option and a couple of other minor fixes. Resent-From: Pierre Langlois <pierre.langlois@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: guix-patches@HIDDEN Resent-Date: Sun, 14 Mar 2021 13:09:02 +0000 Resent-Message-ID: <handler.47136.B.161572729216120 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: report 47136 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 47136 <at> debbugs.gnu.org X-Debbugs-Original-To: Guix-patches <guix-patches@HIDDEN> Received: via spool by submit <at> debbugs.gnu.org id=B.161572729216120 (code B ref -1); Sun, 14 Mar 2021 13:09:02 +0000 Received: (at submit) by debbugs.gnu.org; 14 Mar 2021 13:08:12 +0000 Received: from localhost ([127.0.0.1]:33088 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lLQTc-0004Bv-0R for submit <at> debbugs.gnu.org; Sun, 14 Mar 2021 09:08:12 -0400 Received: from lists.gnu.org ([209.51.188.17]:59068) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <pierre.langlois@HIDDEN>) id 1lLQTa-0004Bo-W6 for submit <at> debbugs.gnu.org; Sun, 14 Mar 2021 09:08:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36244) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <pierre.langlois@HIDDEN>) id 1lLQTa-00024A-RM for guix-patches@HIDDEN; Sun, 14 Mar 2021 09:08:10 -0400 Received: from mout.gmx.net ([212.227.17.20]:54905) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <pierre.langlois@HIDDEN>) id 1lLQTY-0006Ib-UG for guix-patches@HIDDEN; Sun, 14 Mar 2021 09:08:10 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1615727285; bh=AKd0DgC8pwail4GfSdvKbn1PtFF9G+GHTGmg5elnuYw=; h=X-UI-Sender-Class:From:To:Subject:Date; b=NO0OgnH0l+TtxeD1IDbmiuuvWZZcVJEAHyZhOZ7/AXBmFq2nhSlOOGB4wSjVhGG0h Y14x55evC/sEPh1EmeEvxrkJaTzfI4bZXccnj0JhnYhycMivOW2djKVhW+qjj6r62k 9Yor/3QcLUsepv40d1XlLjvr/wPnWfMa3qs6Hh4U= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from labiere ([82.69.64.142]) by mail.gmx.net (mrgmx104 [212.227.17.174]) with ESMTPSA (Nemesis) id 1M1HZi-1lIfK32HzG-002sop for <guix-patches@HIDDEN>; Sun, 14 Mar 2021 14:08:05 +0100 User-agent: mu4e 1.4.15; emacs 27.1 From: Pierre Langlois <pierre.langlois@HIDDEN> Date: Sun, 14 Mar 2021 13:08:01 +0000 Message-ID: <87k0q9c28e.fsf@HIDDEN> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Provags-ID: V03:K1:H2UKDQ/hBM4+pjJUEg8IeeAy5gL7kRDSgPXFYFGEvxlCcTUViDd 8A7q9fvtNRx3Ov4Na/ofsP3WGK1pUzHrcOyxwnkWXe2b+jsLpCF1izEv5BsFzt7ktwUru3W K9YO9bQMRdZFk/Kbfl40ceH1vruwjBqG4KyHy9o7pY7T4mpgiWQChfDUbqRlB9EO5NmoJO8 1F20Lg2WNTCDr3t2Ws5cA== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:6Li9SQjvEBs=:+tu5F5iOGeAKmOQeHK24jk 55uT0GsFZgdqEZ1LXLbIg99td0I7CFYbtnVzy2hmsoe4JILlRvHm2Kp2RjTNRvnNONldHGaA8 2gVZHL5MSAfQbXZ74dWDCGe7rD5zuRMysm8a8zWFIyCH4W868K7VW00l9gIwtqgcN64jeCUQX r8PbAxochqq1wHQkB5+ov4HfBYGVhIu9WJWgNYm8gvf72takWs+1sF8bLanFlGGSua8MSbzHG lCTJKqaDBStBZC6M+k2/2hSDuuiIyzFaMJXxEiDSsEcoLMlGuZQlA4J4LkdlkDRcGA8krEtxQ zY5qdkiWtdPc6AWpbrYYTFVXRtS5xuXezlu9P/A+uDP4Bqbwqp67IF5xvnaC+eL6OaVUcQtgg NGNkMfXy7FnT3zDtAYHPwhKq7CRA8dK9hQaMVwctQK0S2IaPEFSUzNG1M2JNQ9KVcO2aHlQd9 JQTgjBlJZqR60v5+3YtmLfmFvONIHD+GNzPSuGPq8TyMoYhG1Xj8L1kCblk8tgfCAf8B1dlLM yhE470DShU8SXxvYFZucPsS3qk6j12iEtjO3fZNYjKTPV8PwzifDmvVMtAd4A+Avi2SMQLcYo vhfBe4AsfWBqwD2JKHpyMLzrGOuZziylwXsM1QewNKZe29SNv38cGi3VeQcWlS0jnGvbALZ5p 0EMg3lTGoRH93OpUI978ZRcOKZTZWfoG3ASfE0bwbcSWSJkc8fQ/N1lDX53+qeszrxeoeL81J AV55wlCbUmCECaIgoSHzgE8zNwB9cPyc+1MXgxr0SD44mtfBWSKfx6ptgCnvLVIahCbBiVz5j K0Uz/xfp+mZRbSj2/xw3Y32X+cOAgFzhsN4F1OqDCaf0WtVIn/+AyBl1AV+k/Jjk2YS62i1yY GAPx+Ehv97slWvdrCr4A== Received-SPF: pass client-ip=212.227.17.20; envelope-from=pierre.langlois@HIDDEN; helo=mout.gmx.net X-Spam_score_int: -25 X-Spam_score: -2.6 X-Spam_bar: -- X-Spam_report: (-2.6 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 0.1 (/) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.4 (--) --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hi Guix! I was recently updating my certbot definition to use a manual DNS challenge, and I found using the Let's Encrypt staging server along with the --dry-run option to be really useful. Especially given it can take a few attempts to correctly build your own hooks. So I've added the option to set dry-run? in the certificate configuration, let me know what you think! I've also included a couple of patches in the series for minor fixes, removing a now deprecated flag and a small fix in the docs. Thanks, Pierre Pierre Langlois (3): services: certbot: Remove deprecated --manual-public-ip-logging-ok. services: certbot: Refer to authentication-hook in documentation. services: certbot: Add dry-run? certificate option. doc/guix.texi | 43 ++++++++++++++++++++++++++++++++++++---- gnu/services/certbot.scm | 12 +++++++---- 2 files changed, 47 insertions(+), 8 deletions(-) =2D-=20 2.30.2 --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFMBAEBCgA2FiEEctU9gYy29KFyWDdMqPyeRH9PfVQFAmBOCrEYHHBpZXJyZS5s YW5nbG9pc0BnbXguY29tAAoJEKj8nkR/T31UrW8H/0Y9qqX7dgdEOgzDMIiZRGWg EPI4Tk0iWJvGYpVm293GTgpFmeo1s1z2IxnHyaglwH/LjhLaLL3NK9MHQHJwTWcd IalUdCaKPHUpjLuslRe6xNshnroWdQnvjlv/vsCXlInCzhSOmrDfPEkQER6RfxKx 39Zt77GNx9kaP4DRRnETt9Y7qEj8bppJU1x7DcbCt9pEi9YwUvq0HYECoh2dV2ju tjCnEBXLDb1iZ+V6GOqVVzz0TZ18phk9WBfJndRUK65ym1fjTEadKiVSwXqPCbXE B93vyvbswjhDawpSMpKyy10xFLs+Vg2W3JcJn7lvL4+SVpsqzVLfeJNnw17q+bQ= =M9CA -----END PGP SIGNATURE----- --=-=-=--
Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) Content-Type: text/plain; charset=utf-8 X-Loop: help-debbugs@HIDDEN From: help-debbugs@HIDDEN (GNU bug Tracking System) To: Pierre Langlois <pierre.langlois@HIDDEN> Subject: bug#47136: Acknowledgement ([PATCH 0/3] services: certbot: Add dry-run? option and a couple of other minor fixes.) Message-ID: <handler.47136.B.161572729216120.ack <at> debbugs.gnu.org> References: <87k0q9c28e.fsf@HIDDEN> X-Gnu-PR-Message: ack 47136 X-Gnu-PR-Package: guix-patches X-Gnu-PR-Keywords: patch Reply-To: 47136 <at> debbugs.gnu.org Date: Sun, 14 Mar 2021 13:09:02 +0000 Thank you for filing a new bug report with debbugs.gnu.org. This is an automatically generated reply to let you know your message has been received. Your message is being forwarded to the package maintainers and other interested parties for their attention; they will reply in due course. Your message has been sent to the package maintainer(s): guix-patches@HIDDEN If you wish to submit further information on this problem, please send it to 47136 <at> debbugs.gnu.org. Please do not send mail to help-debbugs@HIDDEN unless you wish to report a problem with the Bug-tracking system. --=20 47136: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D47136 GNU Bug Tracking System Contact help-debbugs@HIDDEN with problems
X-Loop: help-debbugs@HIDDEN Subject: [bug#47136] [PATCH 1/3] services: certbot: Remove deprecated --manual-public-ip-logging-ok. Resent-From: Pierre Langlois <pierre.langlois@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: guix-patches@HIDDEN Resent-Date: Sun, 14 Mar 2021 13:16:01 +0000 Resent-Message-ID: <handler.47136.B47136.161572776116822 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 47136 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 47136 <at> debbugs.gnu.org Cc: Pierre Langlois <pierre.langlois@HIDDEN> Received: via spool by 47136-submit <at> debbugs.gnu.org id=B47136.161572776116822 (code B ref 47136); Sun, 14 Mar 2021 13:16:01 +0000 Received: (at 47136) by debbugs.gnu.org; 14 Mar 2021 13:16:01 +0000 Received: from localhost ([127.0.0.1]:33095 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lLQbA-0004ND-RX for submit <at> debbugs.gnu.org; Sun, 14 Mar 2021 09:16:01 -0400 Received: from mout.gmx.net ([212.227.15.18]:40821) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <pierre.langlois@HIDDEN>) id 1lLQb9-0004N0-9i for 47136 <at> debbugs.gnu.org; Sun, 14 Mar 2021 09:15:59 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1615727753; bh=A/6qxzW5+j4pGOz8GtUl8g0WmdXvdVeYbJKIc7JSYp4=; h=X-UI-Sender-Class:From:To:Cc:Subject:Date:In-Reply-To:References; b=d3ta9c6K8hy6VYHAL8WxB5Nr2s/89CFTUKgHwzaOLJyHPrv4/5xqVngN6MzSf6/zy R/e+Bah6SrwiYtZ9Luf+L3Uqsr2EzvNSSFk0OoF/zMOq8SN2czjMkk2/qyel1nraQE hzEuVB6CraP85+zmPh0AQW4DxXV04NmRrD51hrS4= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from localhost.localdomain ([82.69.64.142]) by mail.gmx.net (mrgmx005 [212.227.17.184]) with ESMTPSA (Nemesis) id 1MvsEn-1lbrBe0i0N-00syWG; Sun, 14 Mar 2021 14:15:53 +0100 From: Pierre Langlois <pierre.langlois@HIDDEN> Date: Sun, 14 Mar 2021 13:15:41 +0000 Message-Id: <20210314131543.9310-1-pierre.langlois@HIDDEN> X-Mailer: git-send-email 2.30.2 In-Reply-To: <87k0q9c28e.fsf@HIDDEN> References: <87k0q9c28e.fsf@HIDDEN> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Provags-ID: V03:K1:6qd50mVmyDpq/HY7qiodHfywNcca3Ej3U9Ynp0MT0d7oihtEJI7 81+k4Lh2m9qxFdcJXtDZoXxnzrRrjljsK102xshy8HXYy3UCUQNR46H0BwXmcdjqAcW6gmX 8yj6RzflQ1EdJPHCJ8/2pREQWStM/E7n7hwROP1EcR41uLOZ4zs02z8lDqW+TiLhq6Yc9TR +dStp8vtj8/upmygatPUw== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:GB6HL9YyQtw=:j8Jbc9ip9h+0CgwVXqk/g0 mMpZ47tatfABuOsXbYmaK0Hhuc8d7Jvq1XqmVZoj7Y7tlcMeXMJoKrOo1xVU8tVQpHusdytD5 qgKUKDhllvoT2DgAtLpEhGHOVI1qDlYN+exG4Vph0OlIolZ8lIDFbbo0c4yvrl/ycMBh6YvJG Emj6P/rellJK0rBc+Av7BAFxC2VA9oUkSPZkwk83ko3a+21yxJRrtbLXv3gTpGajezN6/+phq z3+DQ2hUzA8Y98DXnx9L4w4ZrdrFoH7Vrzl09bCOaa/KRfmmcu7Z63jkG0GuE9puxG0T5kuoA Jhveq4H6H+PrYwikc7j9O/HCFzJ3CxeIhRoUadPuY7wXEPJqEJR9+0kU7Mwb6h4J/s0FAyLVB /PaMVmA2IeZ9QAV3COKSMacCjM2Q5rszfuousTyhdgh48/1g3FfedGFOyGuqp7jAYj11cWBos iX1Qzf5c6Er8emRQv5BZLXDZkAhHzqEItuUEt8oo5g9jjtDyf3kx+8lolqPNDPA0aGXUo2mpD jvKHiTO5Oj1Pn2cZC5BictRXkztPx0lCcuEsjVYY7AJo0ug61ec03BA7GnSu1YThZIsmqztTM Qfw1TYIY5M1MIZeatSzTUC/LrvlSK1xHegcOZw4EYjgkZsjokeSdU/Qr5wA09QnivlkUM+LcV JQYWk0F0Dcz7T3XVyjF3FsgNIYWTKPnBVnJH6VOyQ8VhJyDbIdxqe/1AhHDHE/XlR0+U5+NBs LGp6xUev153U0HKxJuiZLWLM89x+m8cwpfcIEZf01cZCloM9hQXPMlBHicod5yqPYj6yFTNtH 5Xat1eJuUFn9cS/NcWd5JhfqhOLNLLKs4vVqSteAHDixqUJWbeSbi3l+pbKQbjgxbhMlKqjLb sgSnhG3k4eJSB+4UT2qg== X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) The --manual-public-ip-logging-ok flag is now a no-op and was deprecated https://github.com/certbot/certbot/pull/8381 * gnu/sevices/certbot.scm (certbot-command): Remove =2D-manual-public-ip-logging-ok when doing a manual challenge. =2D-- gnu/services/certbot.scm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm index 1c67ff63f1..1cea68fc2a 100644 =2D-- a/gnu/services/certbot.scm +++ b/gnu/services/certbot.scm @@ -5,6 +5,7 @@ ;;; Copyright =C2=A9 2019 Julien Lepiller <julien@HIDDEN> ;;; Copyright =C2=A9 2020 Jack Hill <jackhill@HIDDEN> ;;; Copyright =C2=A9 2020 Tobias Geerinckx-Rice <me@HIDDEN> +;;; Copyright =C2=A9 2021 Pierre Langlois <pierre.langlois@HIDDEN> ;;; ;;; This file is part of GNU Guix. ;;; @@ -103,7 +104,6 @@ "--manual" (string-append "--preferred-challenges=3D" ch= allenge) "--cert-name" name - "--manual-public-ip-logging-ok" "-d" (string-join domains ",")) (if email `("--email" ,email) =2D- 2.30.2
X-Loop: help-debbugs@HIDDEN Subject: [bug#47136] [PATCH 2/3] services: certbot: Refer to authentication-hook in documentation. Resent-From: Pierre Langlois <pierre.langlois@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: guix-patches@HIDDEN Resent-Date: Sun, 14 Mar 2021 13:17:01 +0000 Resent-Message-ID: <handler.47136.B47136.161572777316888 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 47136 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 47136 <at> debbugs.gnu.org Cc: Pierre Langlois <pierre.langlois@HIDDEN> Received: via spool by 47136-submit <at> debbugs.gnu.org id=B47136.161572777316888 (code B ref 47136); Sun, 14 Mar 2021 13:17:01 +0000 Received: (at 47136) by debbugs.gnu.org; 14 Mar 2021 13:16:13 +0000 Received: from localhost ([127.0.0.1]:33100 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lLQbN-0004OK-2t for submit <at> debbugs.gnu.org; Sun, 14 Mar 2021 09:16:13 -0400 Received: from mout.gmx.net ([212.227.15.19]:32831) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <pierre.langlois@HIDDEN>) id 1lLQbL-0004O0-Gw for 47136 <at> debbugs.gnu.org; Sun, 14 Mar 2021 09:16:11 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1615727765; bh=za6rhhTiHnfIzbR+BWYhZQvVPf4tlcG3iArYGNCquno=; h=X-UI-Sender-Class:From:To:Cc:Subject:Date:In-Reply-To:References; b=TFE2rkodQLB4VxSVQBkQ74eUHy0InlxH5/KfPYwE0gReONGvMphn9OW9lHeXCQN1L rB3RaDNbzcyttIl1L8Lg1NtXIGeNFbBflksSg//wHw9b6xUR98ros2Ti3BUpUtoq2g K/P7WFBQiWWRuvIgnIYOOu0EVeuRkrXFmqy4owqg= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from localhost.localdomain ([82.69.64.142]) by mail.gmx.net (mrgmx005 [212.227.17.184]) with ESMTPSA (Nemesis) id 1M5fMe-1lN5Yd1gxm-007CWL; Sun, 14 Mar 2021 14:16:05 +0100 From: Pierre Langlois <pierre.langlois@HIDDEN> Date: Sun, 14 Mar 2021 13:15:42 +0000 Message-Id: <20210314131543.9310-2-pierre.langlois@HIDDEN> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210314131543.9310-1-pierre.langlois@HIDDEN> References: <87k0q9c28e.fsf@HIDDEN> <20210314131543.9310-1-pierre.langlois@HIDDEN> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Provags-ID: V03:K1:JxzMG17QjfrT/MKpZuUz6UB/JXLa4pCUY/Xvm34MPzMOkkzwIIS ruuOTEG8qgp4Sr9rCv/+ud5Qc7MPWRGVJDLn4SuaE5aD3K6miXq9WvLwmloj4GSKqlgFMok MWeApe8o84Sd2Rm118t32nySEq/5DBDQwUwrgaqJsi2vUOYJtTy3AanYajDZ3wgqoe8FYPl 3IxJr9bDDaMlzs7F/kcGQ== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:rt1+nAy0F3Y=:y8R804fqzsCtgbT3M+LMpn y502Sfw47BBsIcdEzf1e6YlQZY3JPD3drP4FvsTMKelToyT6KCaeb20xeCPDsrRqI8sVsOCQN Vsz5+rq1WmRPx8WWy4ToyG5O1cyeafuL2njWRBplDJ53ElWmfTBLq3QZXzRBX+aFyYcP86lN3 NwBhj8vBIYk4S48qdpvLaV3v4DuUxzCLvqsH5KmXOfhnr8087n8CYCSth8iUKP7g6akeOp7Pr G2GreELGxtWNQ6o65CDZkQRdn29O2bpUUrlOYL2PU6Yl6W0XBl4ICHpK+PyIXLhssAEqv8ZG5 Nu1h0DGoPrWdT3EbGKico4oECiZ+LnPRxN7tccrn96PhDKG/ikEww/Fx8/+73wRxFZffBlABv lOZgc6s67v6UWkf0Y8wIyEzjUdcgmQVLZ7cLU18cfJOSr5VHeGYLYC4s9ewUCoG45kfUsLErs HFn9NrH5fuK05AI52d5LHaYmGnSigHbfNVDCUqsokPkP/dXViTgexTVZuRqEBg4vCM922k3L/ OKnjEQkjQhOD+irikfQkTg3/wfvA+1WI9nkL+SxVVGZ7+cymB7Ww+UGdANF/JSSSawze8023J SOu5HtU9lEojA5mqGQlQIpU33nfFA5gWIKe6HxdiQD8leg5eWnEcUWwBSdOiTmfl5usl/SMWs oVh3Wxk5u2XuXujmn8u9lk8sXjIwA8FvDdqiA4qEzk2uyCUF8vdR18jou4QqY59RsX4xtA4+8 7bs6ahsXzubSi1b455MvNctY2UTeh3vQOkBnnqzBDFYOITvM0wsGE9YtNd5uKeUgjR5/kW7UW R9Vimnh6sBm4LUdpvavKG3Q9EEnELB8oiaxb7fMktSq9yfeuiFZ3DwOqLyQtw/K7X+PCZ3THA ZVB/euPLIEeSvdGyVNIX0713DnTPp02bC6iPW8fqY= X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) * doc/guix.texi (Cerfiticate Services): Refer to non-abbreviated authentication-hook instead of auth-hook. =2D-- doc/guix.texi | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 4cf241c56a..ec449b1772 100644 =2D-- a/doc/guix.texi +++ b/doc/guix.texi @@ -25651,10 +25651,10 @@ file name of the resource requested when perform= ing an HTTP-01 challenge. @item @code{cleanup-hook} (default: @code{#f}) Command to be run in a shell once for each certificate challenge that -have been answered by the @code{auth-hook}. For this command, the shell -variables available in the @code{auth-hook} script are still available, a= nd -additionally @code{$CERTBOT_AUTH_OUTPUT} will contain the standard output -of the @code{auth-hook} script. +have been answered by the @code{authentication-hook}. For this command, +the shell variables available in the @code{authentication-hook} script +are still available, and additionally @code{$CERTBOT_AUTH_OUTPUT} will +contain the standard output of the @code{authentication-hook} script. @item @code{deploy-hook} (default: @code{#f}) Command to be run in a shell once for each successfully issued =2D- 2.30.2
X-Loop: help-debbugs@HIDDEN Subject: [bug#47136] [PATCH 3/3] services: certbot: Add dry-run? certificate option. Resent-From: Pierre Langlois <pierre.langlois@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: guix-patches@HIDDEN Resent-Date: Sun, 14 Mar 2021 13:17:02 +0000 Resent-Message-ID: <handler.47136.B47136.161572777616898 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 47136 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 47136 <at> debbugs.gnu.org Cc: Pierre Langlois <pierre.langlois@HIDDEN> Received: via spool by 47136-submit <at> debbugs.gnu.org id=B47136.161572777616898 (code B ref 47136); Sun, 14 Mar 2021 13:17:02 +0000 Received: (at 47136) by debbugs.gnu.org; 14 Mar 2021 13:16:16 +0000 Received: from localhost ([127.0.0.1]:33102 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lLQbQ-0004OU-BP for submit <at> debbugs.gnu.org; Sun, 14 Mar 2021 09:16:16 -0400 Received: from mout.gmx.net ([212.227.15.19]:32863) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <pierre.langlois@HIDDEN>) id 1lLQbM-0004O1-0G for 47136 <at> debbugs.gnu.org; Sun, 14 Mar 2021 09:16:12 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1615727766; bh=EU6xYOaISSXdlHQLjTsubW5kWM1pju6Ko0rkIcCY5Hw=; h=X-UI-Sender-Class:From:To:Cc:Subject:Date:In-Reply-To:References; b=YT3pQ22xv4uWp4WXxZ68Z/UgNdmmofcghQZWRyXgWIMuS6pukQolnvp2LMdCFSZfE GzVwhpt8w77j9sgC1B/biH/xu9e4Zxuczz6XutAJPN0jzqrI/0FNI6/RTm4rQGztPR O9SebaEWPRGOh6waViJte0nbwu/v8L8oWFTlAPeA= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from localhost.localdomain ([82.69.64.142]) by mail.gmx.net (mrgmx005 [212.227.17.184]) with ESMTPSA (Nemesis) id 1N79yQ-1lnAfC0zGe-017WaR; Sun, 14 Mar 2021 14:16:06 +0100 From: Pierre Langlois <pierre.langlois@HIDDEN> Date: Sun, 14 Mar 2021 13:15:43 +0000 Message-Id: <20210314131543.9310-3-pierre.langlois@HIDDEN> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210314131543.9310-1-pierre.langlois@HIDDEN> References: <87k0q9c28e.fsf@HIDDEN> <20210314131543.9310-1-pierre.langlois@HIDDEN> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Provags-ID: V03:K1:SphTZ69P723XQ5eUVpIaKqoXjNt33oC6Ovx0cK12l4BPipz5INJ BcIy073LIJVbfUKy9gsU78En03inA2tlTkfbwQVJMyT98a24g42svlchBgDcirdVx0PrKX3 xOGr7JrxSATsu/TGh3QSnxanJLlxZH5JyRfqI6dORFI4mVgDaPk6sqORYuWhPrZfHMJpaGb OEYXs/yGGpCavI7Hi4C9g== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:CJfL0eMpY3M=:BUVjLBnTjun28let1p7L+9 3MXvYqwYSQUCWFfBn286CUljSVta6tlxcXn93PfDp/iH/JukasiLoQxM0ht5N2o6gydbmmKbU 9naK3Dwuz1acuEeAxOXkwS5x9tWxJ9x6gGP385F5rCdS0lm9NVkXIbu3oWAoDOYIiIoATAR8O oMkVgTegp8rnp8p3YtqY56wYPxe5dNwlFHlHq09vb9riM/U/zSMxBNeDatBs92zw+ZygaffsD utKm6NeqchH/Wf5HmhYOSoHHxsPqQOJ8Ux7DC5REUG7V6UryB82AW4Xf4Qdo/q9hdU5YgRMsh zbX7O7kUVGdCAo81/XF7ZeJfLJE4Jtu6zXSSfiWSSg+ilklpATgGTWBmp9IxwUHfuRib4HEaB tzq+xNWjymh0ZzBNr1fBScQAnEeYCuzVBbeuDbbxwm/u4fHk269s3mC/b+qXrNP2ZoR9fV7hF WeKmdz46uERtwR5ShWV1iVMfBTClLI69Hz6r0CmDHkIp7l9gH10R59YIy34GUMLTQ7/97WXmP xLJpkCmxyPVEOrF3bpCazJOcy/ju+7BGFpvxK4xn4SEn6/W4Aw86Rm4ZUl3uOiUX9kzy4/KkU nufdGOir6F0ZmUgRvm7Tk+DHAkNq8yGllwqZJDFoOonLXtnNHzm4211UKMV8gFiIhssN6a3Lq J1lwORpEOdHMSGqWZKncgFTKlGglHAGmJjuCu6lRKvd5+a8+DjCcbb7nqMcrxKnbLGw5ewZtb I4DvGvF16rUvAgRzQ4mEITyLT2Vy4ug9Yql/OmzJ/WJaE5bDdXxBMQ6aJJcApq7s04Vv+mEsr LFX38mFT+fOjnBRSKG3UIm9hTAbaiuTDUusiY8O5lWcRsFrxQj+awO6RBwS9/oByFEaHIrt8p 52ZxaoYU0RlLdPHmNNGA== X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) * gnu/services/certbot.scm (certificate-configuration): Add dry-run? field= . (certbot-command): Use it to pass --dry-run to certbot. * doc/guix.texi (Certificate Services): Document dry-run? option. =2D-- doc/guix.texi | 35 +++++++++++++++++++++++++++++++++++ gnu/services/certbot.scm | 10 +++++++--- 2 files changed, 42 insertions(+), 3 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index ec449b1772..322c717941 100644 =2D-- a/doc/guix.texi +++ b/doc/guix.texi @@ -25665,6 +25665,41 @@ certificates and keys; the shell variable @code{$= RENEWED_DOMAINS} will contain a space-delimited list of renewed certificate domains (for example, @samp{"example.com www.example.com"}. +@item @code{dry-run?} (default: @code{#f}) +Communitcate with the ACME server but do not update certificates nor +trigger @code{deploy-hook}. This is useful as a temporary setting to +test the challenge procedure, especially the @code{authentication-hook} +and @code{cleanup-hook} while working on them. It's also a good idea to +use Let's Encrypt's staging server at +@url{https://acme-staging-v02.api.letsencrypt.org/directory} while +testing, which allows for higher rate limits, but with which +@code{certbot} will helpfully refuse to update certificates and +recommend the @code{dry-run?} option. For example: + +@lisp +(define %authentication-hook + (program-file "authentication-hook" + #~(let ((domain (getenv "CERTBOT_DOMAIN")) + (token (getenv "CERTBOT_TOKEN"))) + (format #t "Hey, can you authenticate ~a with ~a for me?" + domain token)))) + +(define %cleanup-hook + (program-file "authentication-hook" + #~(display "Bye") + +(service certbot-service-type + (certbot-configuration + (server "https://acme-staging-v02.api.letsencrypt.org/directory= ") + (certificates + (list + (certificate-configuration + (dry-run? #t) + (authentication-hook %authentication-hook) + (cleanup-hook %cleanup-hook) + (domains '("example.net" "www.example.net"))))))) +@end lisp + @end table @end deftp diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm index 1cea68fc2a..15274cf0ed 100644 =2D-- a/gnu/services/certbot.scm +++ b/gnu/services/certbot.scm @@ -61,6 +61,8 @@ (cleanup-hook certificate-cleanup-hook (default #f)) (deploy-hook certificate-configuration-deploy-hook + (default #f)) + (dry-run? certbot-configuration-dry-run? (default #f))) (define-record-type* <certbot-configuration> @@ -96,7 +98,7 @@ (match-lambda (($ <certificate-configuration> custom-name domains chall= enge authentication-hook clean= up-hook - deploy-hook) + deploy-hook dry-run?) (let ((name (or custom-name (car domains)))) (if challenge (append @@ -114,7 +116,8 @@ `("--manual-auth-hook" ,authentication-hook) '()) (if cleanup-hook `("--manual-cleanup-hook" ,cleanup= -hook) '()) - (if deploy-hook `("--deploy-hook" ,deploy-hook) '()= )) + (if deploy-hook `("--deploy-hook" ,deploy-hook) '()= ) + (if dry-run? '("--dry-run"))) (append (list name certbot "certonly" "-n" "--agree-tos" "--webroot" "-w" webroot @@ -125,7 +128,8 @@ '("--register-unsafely-without-email")) (if server `("--server" ,server) '()) (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) = '()) - (if deploy-hook `("--deploy-hook" ,deploy-hook) '()= )))))) + (if deploy-hook `("--deploy-hook" ,deploy-hook) '()= ) + (if dry-run? '("--dry-run") '())))))) certificates))) (program-file "certbot-command" =2D- 2.30.2
X-Loop: help-debbugs@HIDDEN Subject: [bug#47136] [PATCH 1/3] services: certbot: Remove deprecated --manual-public-ip-logging-ok. Resent-From: Pierre Langlois <pierre.langlois@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: guix-patches@HIDDEN Resent-Date: Sun, 14 Mar 2021 13:23:02 +0000 Resent-Message-ID: <handler.47136.B47136.161572815417468 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 47136 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 47136 <at> debbugs.gnu.org Cc: Pierre Langlois <pierre.langlois@HIDDEN> Received: via spool by 47136-submit <at> debbugs.gnu.org id=B47136.161572815417468 (code B ref 47136); Sun, 14 Mar 2021 13:23:02 +0000 Received: (at 47136) by debbugs.gnu.org; 14 Mar 2021 13:22:34 +0000 Received: from localhost ([127.0.0.1]:33108 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lLQhW-0004Xf-6A for submit <at> debbugs.gnu.org; Sun, 14 Mar 2021 09:22:34 -0400 Received: from mout.gmx.net ([212.227.17.20]:35241) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <pierre.langlois@HIDDEN>) id 1lLQhV-0004XT-15 for 47136 <at> debbugs.gnu.org; Sun, 14 Mar 2021 09:22:33 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1615728147; bh=FlXi+x7+gTiRVRTM2fR2+4ER7/C2dab/m7HYvKbaf6g=; h=X-UI-Sender-Class:References:From:To:Cc:Subject:In-reply-to:Date; b=HMEZVreBJxMLPenMzifEXCFtuO0hyjvBXxXpJlAFPkwzSTH1yjE0qavEsU65mehQ7 OV1w0GqN6jgH55JLqREK6aeeEBJlU0T2+1wWkDs/Ljbj6vlH6IyP5Wivd6Y4eI59LG aibkDi4X67OUFP4XKMaV77H+ginAJIurOfF6O/eo= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from labiere ([82.69.64.142]) by mail.gmx.net (mrgmx105 [212.227.17.174]) with ESMTPSA (Nemesis) id 1MzhjF-1lhvcp3b5V-00vgFz; Sun, 14 Mar 2021 14:22:26 +0100 References: <87k0q9c28e.fsf@HIDDEN> <20210314131543.9310-1-pierre.langlois@HIDDEN> User-agent: mu4e 1.4.15; emacs 27.1 From: Pierre Langlois <pierre.langlois@HIDDEN> In-reply-to: <20210314131543.9310-1-pierre.langlois@HIDDEN> Date: Sun, 14 Mar 2021 13:22:25 +0000 Message-ID: <87ft0xc1ke.fsf@HIDDEN> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Provags-ID: V03:K1:SJ8wZLrQq1k9e5h0Q6iAUeyv5fyR4tBEHadHqgE/Tr+IbD3UeTs NA70yQPoC4yOeTs7syFywFiyTIup/tTJTVavrGuUwiE8PqUAFD4PGQN6YWikJrAApGThEsh JS7gYk3w/Njm5qZ07+5mXfqP87B38xlTW/NgCXaccHPWnqxA1NYNvod+HGCXdoD0+8HCZMD jnBrcPF0mHBRRcpKiGhlg== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:SmcbT+iJyN4=:GaJPC5wOuBxs8fcNlTm1da O7Ac2O7Ux6X9Gve7JrxxP2v8NTnXZHKxYRrjE+uDCA4GyvPosJKXFW/CyRhdQVJwWgx6Fc+N0 1Cfeu1vSQeSGKmZA3LdvJlAWRJQBzirznn9vqHjsC9zPT24VmeWjMZottDCndgpDnGm4SPOeC Zk4JnZjnSDIgEvKVYQ8mTg11NjmwKPzrYkMmBrqz9t2r82OGwdhBjyBLpeIXi7tbowY88Da8q nEpfIu+j7acW8/gMV7cHrk0reCQq/uUKR5vj/a1foK5Vf2VoxMpHE7kVtBTpw/ibq7R9iYh7N KlP1iNt0ZHpuiU25FjekD4gOlbFTbgtsC1ye0IdxRD6JPoBcNgrBcPERbETuP0QBg9o5o6ebp I+fOqANuMzKcf8uxTb/tm3guZAbrdT/Egb0kxBaYj2rmxF2Cc8UEZKUVgRWgPG/wGl0DdRBmJ ggcEPdq7vvWHLBC9MkHAk140+4KMCc5cCeqzbOHSxdUNTFXc0jhL/s8q4FCs+UpFgo4xdnCiH w9OtVkPKHA1mhZZKizMwa6MHyPLtQLIlSA8/LYLngagaREY3f9JuSsBvu8yGXtY1hF+S3BND2 mCRqvMGSwGO72wA5Z8WLB1jQy+E1c8Druwxm2ojq/rhdeln0W2qalVWCVXkyxsjaxz6UzFYeZ npDuGz/3r3qjYBV+SEm99gAuRc67mpL0PtbSH213zZw2qKZ8d+o8vmWmi+uY0poFmV8PKWElU R0mu2UbkjZXRpH07UiRe22C6lsUGARA/0w4ao/d+l72yJMuY5iVVLGUmgt4zc0qXE0NcpGCVv rnvH1BWDbv8xcr4NTU9O/c4UJa2qi4NEHHvxA6TAP0y4SyCET9kJewmnli/jus2beCF92rnjN xeCJwQ8CJHV8jvSRM/Aw== X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) --=-=-= Content-Type: text/plain Pierre Langlois writes: > The --manual-public-ip-logging-ok flag is now a no-op and was deprecated > https://github.com/certbot/certbot/pull/8381 > > * gnu/sevices/certbot.scm (certbot-command): Remove ^ | Oups, I've got a typo here, fixed locally! Thanks, Pierre --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFMBAEBCgA2FiEEctU9gYy29KFyWDdMqPyeRH9PfVQFAmBODhEYHHBpZXJyZS5s YW5nbG9pc0BnbXguY29tAAoJEKj8nkR/T31UqisIAKyUih266Bl9DjIfLRrx9yMW ccybgA6Dy9hkl3fcibZ41b1lMS6zOy/3s4wgvMgl6lcsM77xXHjkjThiIXhjuzzj jxociBeYIcw1iEbq4M01MdcqgqVgfdOAaLT6os6MOvgDed/KJ6XLmDfq8HODW/Aa 2J6fJP2mfRy6oJEQw0hp/tyuoU2iZalfeSTU5MQ5z34yldMEuD8ShPg55QTzJy90 I9M20/qDsCAI+RXNKuXUnB2Kun9KiLxnzrArSxL4IB83dImOL9O92YUaxhE9imOI vXCTiFPYUlpcN+WIBsOXrNrSqrI4W3d1rryVZA7Rg20fCxhFs/J9yTg9etHm1qA= =f4Aq -----END PGP SIGNATURE----- --=-=-=--
X-Loop: help-debbugs@HIDDEN Subject: [bug#47136] [PATCH 3/3] services: certbot: Add dry-run? certificate option. Resent-From: Pierre Langlois <pierre.langlois@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: guix-patches@HIDDEN Resent-Date: Sat, 17 Apr 2021 16:52:02 +0000 Resent-Message-ID: <handler.47136.B47136.161867832019581 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 47136 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 47136 <at> debbugs.gnu.org Cc: Pierre Langlois <pierre.langlois@HIDDEN> Received: via spool by 47136-submit <at> debbugs.gnu.org id=B47136.161867832019581 (code B ref 47136); Sat, 17 Apr 2021 16:52:02 +0000 Received: (at 47136) by debbugs.gnu.org; 17 Apr 2021 16:52:00 +0000 Received: from localhost ([127.0.0.1]:44245 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lXoAq-00055k-Cx for submit <at> debbugs.gnu.org; Sat, 17 Apr 2021 12:52:00 -0400 Received: from mout.gmx.net ([212.227.15.19]:57007) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <pierre.langlois@HIDDEN>) id 1lXoAk-00055G-3M for 47136 <at> debbugs.gnu.org; Sat, 17 Apr 2021 12:51:54 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1618678308; bh=0IAZpz3eZdEIaPy9QZGT+8oCHD1MIRKR3Z4gbj660QY=; h=X-UI-Sender-Class:References:From:To:Cc:Subject:In-reply-to:Date; b=N1VtpsQN0gY68NAPIa2UqkcFI3J05RAHf0rg+qseB+ukgnLbjIVoQawyz4eLJNi3A kapy0e+3JOKkB+s1CJw7blU5tkHFT4Q30t/cHobCQlta9C7yUlmB1JOHcqQa+b3J1M RHJepoFYD1lQlESL5qj0sCI1L1+okVmoOUb7CzlQ= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from labiere ([82.69.64.142]) by mail.gmx.net (mrgmx004 [212.227.17.184]) with ESMTPSA (Nemesis) id 1MkYXs-1lwjvB3Hxu-00m5k7; Sat, 17 Apr 2021 18:51:47 +0200 References: <87k0q9c28e.fsf@HIDDEN> <20210314131543.9310-1-pierre.langlois@HIDDEN> <20210314131543.9310-3-pierre.langlois@HIDDEN> User-agent: mu4e 1.4.15; emacs 27.2 From: Pierre Langlois <pierre.langlois@HIDDEN> In-reply-to: <20210314131543.9310-3-pierre.langlois@HIDDEN> Date: Sat, 17 Apr 2021 17:51:46 +0100 Message-ID: <87blacluql.fsf@HIDDEN> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Provags-ID: V03:K1:6Ft4R+ttWluWyPpq+1+X596LoirIfMXOpcJUxeEd/M1SPq506T/ 5Q3kbtTTJc4DBH65ygAOPXUNdyFAmB0dKh8MRBi6S1ahvy6IiZ5ZiYkcmkSMFAoctDeLhge 5yr5pOdOWVHBCgBhsZ81McWbZGcDdFuubv7qNDpc7xItklajkyz8BqD8829mg43eNyWEpAw 0V1Va+ezcVIr98Btvy8xA== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:+Q1FHaEHPtU=:403D7buq61GMq6MJCYHPAB +iWBoPolhIVckMXpDZ96xZ/1MoOLnPjeozbh5dutBsy9Nk7o8kc+WXXA1ZaDrTIIG4SVfMcwG +YHSKyveH/lIolVaXd1/w+4io7V5Km55yq0T6cQ78mT46DX75ASozWknF9DJhu5V0mV61ViyJ BWnXZKmHbHmyQk6nohY4U0wL8js2yKroFVvng5xHJYw6nwr5fMGdI2inTW1/fvWU/LrvHk6JI /Ruuv2c8w79GVjga7kDpWiJ58mtiRhOe5FsUmR854N4QW1oVq0wMTzlOQYZ70L4oTCvav4znI ZSqh9JUsVLU170iv2eOr6DxxM7wy7WqQyNb3YF7oOug/bwYk8fmfgDCmVgrGsNA59Y4pC5CQL IQ65tiwfcq0bRfb29pVX1ImnGUMnT/EBRBup/uQmeyBTNswXmboiKPtvVp8Kv4CtdNCo76gkp EgehNIGbU8MJQOnO0CgAMUuv8mQy45zxed/giJ465kMGoUbuAPGOJuQYttuI0PkKhSzZjsIWZ cUcpo+Hf3cm5gBsgrgBe64/kh0wQu942meifDkYHcD4mWyMe1RgVEha8pDugpX6K4cvRCjWkf Pb/v477UlPfMxYQ3YT4gwhEuckF9O5y3vKWdf7yvYQqMAIEH9wlm1g1bs6AXshy28jMBRXlu0 Lt1+mM6K4BzY5JfnkwJRgAVSYvYFGfKcxqTmyw31sGDd+M9B5//3SyvIJdOTqGX34zfC2R5SE u5OuKMbhhNBNBSpQJ+tLLgkK1JlcYpDWfTkdYaC5/mvWELRqbAu9JzIvognVR7QUjOCQ+IcEN sq9deBTnu3+gfzeRnO0RwgQ+WkQgMlcz84xTCvvFdsmuNgy0n3OG6BPnyvd2DH55w4Z+26E5Z tua/+ZVBf2rxmQ8h5/eMB8oQJR2RLaDRMQi9mDWgCJOtZ9wGWaXF/g7rqMDO22o5T68pVjTZR fw0SHVzayRf/bymT2H1uqDoxcuwfmAEqX0g6/oUH7HgDxcXHAOX+8PEigZLhaAQ7myjm/eOSz 7MgzTRyonGKg8BvCnEaISfdF/kQA3vl2YuxylGE3ie5NM4SXeT5MpIsd0hMvALc9NxGzwVZm+ aN7aAH+vBm2rwjSTJEIxtfdiyNsXoIGihJ8BXUGmVlOHOSrSqe1xxk9L7tuyb5mnrNvY3R/Nw gIXz8zNkT2qSKgHHJxSpuwGlWEoYNXvaAeD2StMdz2OfK4XlFkADK5Oi86zw4X4TWYrqcmGai xYAXleUd3UesXbB9x X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) --=-=-= Content-Type: text/plain Hi all, Friendly ping on this series :-). Thanks, Pierre Pierre Langlois writes: > * gnu/services/certbot.scm (certificate-configuration): Add dry-run? field. > (certbot-command): Use it to pass --dry-run to certbot. > * doc/guix.texi (Certificate Services): Document dry-run? option. > --- > doc/guix.texi | 35 +++++++++++++++++++++++++++++++++++ > gnu/services/certbot.scm | 10 +++++++--- > 2 files changed, 42 insertions(+), 3 deletions(-) > > diff --git a/doc/guix.texi b/doc/guix.texi > index ec449b1772..322c717941 100644 > --- a/doc/guix.texi > +++ b/doc/guix.texi > @@ -25665,6 +25665,41 @@ certificates and keys; the shell variable @code{$RENEWED_DOMAINS} will > contain a space-delimited list of renewed certificate domains (for > example, @samp{"example.com www.example.com"}. > > +@item @code{dry-run?} (default: @code{#f}) > +Communitcate with the ACME server but do not update certificates nor note-to-self, typo here: Communicate > +trigger @code{deploy-hook}. This is useful as a temporary setting to > +test the challenge procedure, especially the @code{authentication-hook} > +and @code{cleanup-hook} while working on them. It's also a good idea to > +use Let's Encrypt's staging server at > +@url{https://acme-staging-v02.api.letsencrypt.org/directory} while > +testing, which allows for higher rate limits, but with which > +@code{certbot} will helpfully refuse to update certificates and > +recommend the @code{dry-run?} option. For example: > + > +@lisp > +(define %authentication-hook > + (program-file "authentication-hook" > + #~(let ((domain (getenv "CERTBOT_DOMAIN")) > + (token (getenv "CERTBOT_TOKEN"))) > + (format #t "Hey, can you authenticate ~a with ~a for me?" > + domain token)))) > + > +(define %cleanup-hook > + (program-file "authentication-hook" > + #~(display "Bye") > + > +(service certbot-service-type > + (certbot-configuration > + (server "https://acme-staging-v02.api.letsencrypt.org/directory") > + (certificates > + (list > + (certificate-configuration > + (dry-run? #t) > + (authentication-hook %authentication-hook) > + (cleanup-hook %cleanup-hook) > + (domains '("example.net" "www.example.net"))))))) > +@end lisp > + > @end table > @end deftp > > diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm > index 1cea68fc2a..15274cf0ed 100644 > --- a/gnu/services/certbot.scm > +++ b/gnu/services/certbot.scm > @@ -61,6 +61,8 @@ > (cleanup-hook certificate-cleanup-hook > (default #f)) > (deploy-hook certificate-configuration-deploy-hook > + (default #f)) > + (dry-run? certbot-configuration-dry-run? > (default #f))) > > (define-record-type* <certbot-configuration> > @@ -96,7 +98,7 @@ > (match-lambda > (($ <certificate-configuration> custom-name domains challenge > authentication-hook cleanup-hook > - deploy-hook) > + deploy-hook dry-run?) > (let ((name (or custom-name (car domains)))) > (if challenge > (append > @@ -114,7 +116,8 @@ > `("--manual-auth-hook" ,authentication-hook) > '()) > (if cleanup-hook `("--manual-cleanup-hook" ,cleanup-hook) '()) > - (if deploy-hook `("--deploy-hook" ,deploy-hook) '())) > + (if deploy-hook `("--deploy-hook" ,deploy-hook) '()) > + (if dry-run? '("--dry-run"))) > (append > (list name certbot "certonly" "-n" "--agree-tos" > "--webroot" "-w" webroot > @@ -125,7 +128,8 @@ > '("--register-unsafely-without-email")) > (if server `("--server" ,server) '()) > (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '()) > - (if deploy-hook `("--deploy-hook" ,deploy-hook) '())))))) > + (if deploy-hook `("--deploy-hook" ,deploy-hook) '()) > + (if dry-run? '("--dry-run") '())))))) > certificates))) > (program-file > "certbot-command" --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFMBAEBCgA2FiEEctU9gYy29KFyWDdMqPyeRH9PfVQFAmB7EiIYHHBpZXJyZS5s YW5nbG9pc0BnbXguY29tAAoJEKj8nkR/T31URn0H/jzvrCTtinIasaCpaG00f6st f5BGaNO2gKLeHHf8rze1gKaA7Sb8cG3FxnRDwGfIV97pN4rhPQzDLOFfseLQ//ZE mQOS5hdCLu88jJVm/FACXg+6K+ZWCaRdmI3IKvWOluRWrpljXUkFL3Id6Pm7I5sV bSIGkHVkwqbr5njMKRdVOcFZV15SiBVTbl14jh1tHT0/jvncLw7MyLuYypUt0FmO SYxHoVEz9HAdVCell3gWcO5Qj+sCuJEI3JVV7dPxm3iSStBLv6m95Q1f7l55TCI2 XUK0630vJJdBg1bS6mBvB6JJtaNv/XXXoJUy0dsb9aJvZpMl6/grnamBiFQHTSg= =b8V1 -----END PGP SIGNATURE----- --=-=-=--
X-Loop: help-debbugs@HIDDEN Subject: [bug#47136] [PATCH 3/3] services: certbot: Add dry-run? certificate option. Resent-From: Leo Famulari <leo@HIDDEN> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> Resent-CC: guix-patches@HIDDEN Resent-Date: Sat, 17 Apr 2021 17:39:02 +0000 Resent-Message-ID: <handler.47136.B47136.161868113124785 <at> debbugs.gnu.org> Resent-Sender: help-debbugs@HIDDEN X-GNU-PR-Message: followup 47136 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Pierre Langlois <pierre.langlois@HIDDEN> Cc: 47136 <at> debbugs.gnu.org Received: via spool by 47136-submit <at> debbugs.gnu.org id=B47136.161868113124785 (code B ref 47136); Sat, 17 Apr 2021 17:39:02 +0000 Received: (at 47136) by debbugs.gnu.org; 17 Apr 2021 17:38:51 +0000 Received: from localhost ([127.0.0.1]:44471 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lXouB-0006Rh-7m for submit <at> debbugs.gnu.org; Sat, 17 Apr 2021 13:38:51 -0400 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:60131) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <leo@HIDDEN>) id 1lXou9-0006RT-FU for 47136 <at> debbugs.gnu.org; Sat, 17 Apr 2021 13:38:49 -0400 Received: from compute7.internal (compute7.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 5E7865C0304; Sat, 17 Apr 2021 13:38:44 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute7.internal (MEProxy); Sat, 17 Apr 2021 13:38:44 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-transfer-encoding:in-reply-to; s=mesmtp; bh=SPF+YL6TN5r9DSE+Huo0AWCxLcsX4UaheyH3piEmHlo=; b=JrhmTrPMUlT7 9agJTt6g6mXNt8KFqnmisHiY2jbmJ91GkWwus+5YaIY09aZuy/v/R1Dy82t2vHUb QR2kCNDkJ4KQwp9yKYEHjArvURK/er+uFp1NhnszGh3+i3W1z0UanOXWC+ljQ1/Z 8O46CWixN1P1i6OJ58L/xSenK/Q8Af8= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=SPF+YL6TN5r9DSE+Huo0AWCxLcsX4UaheyH3piEmH lo=; b=KsSCQ3ZCmVkf4nkDbHV/4RysHY18Wzxcpg5Q1oeYDnp9jFkf0miEsp6ST N8PH9gC3zMVbiFa7cxoXoqre+L4O0anEDQmfWki/9MU4XPLw4O0fBxvRkSUuQh5O 9TcQ4XwFrBDztfuTKMAmB+wK2fpczz1bakSX83vZRz+LDreu4IaKYVJHQSXf28GK Gj6ziUAeHrffBRrXSuCJJx+jOVODr2EVEGPtyRlEk7ZvCsFQFNOG7d6KCJ+c9rT2 riY3k4jgPcUDeA964JGFD9szLAcWuPeJ8ZiboMHFjYDSBE9X12N+dS0w72wBNJME f6+pGCLTVFHSSwYg52lAtk7wfiRAw== X-ME-Sender: <xms:JB17YGBNPqFy9JzmxGnU-VMPkfxa8IsdXVwmh-PDPg0PaNlbTVMReQ> <xme:JB17YAezAJ4VAjQ3SzmgjN5kPwDH1Ft9KKhMH8_E25WxChTn07NdNpPIfeAzLAGRn dqSQC94-ySq98e-Jg> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrudeliedgvdeggecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpeffhffvuffkfhggtggugfgjsehtqhertddttddvnecuhfhrohhmpefnvgho ucfhrghmuhhlrghrihcuoehlvghosehfrghmuhhlrghrihdrnhgrmhgvqeenucggtffrrg htthgvrhhnpedtleekjeevgefgveeuudefteffvdffhedtieetjeffhefgieefjeeiteek ieehveenucfkphepuddttddruddurdduieelrdduudeknecuvehluhhsthgvrhfuihiivg eptdenucfrrghrrghmpehmrghilhhfrhhomheplhgvohesfhgrmhhulhgrrhhirdhnrghm vg X-ME-Proxy: <xmx:JB17YGd5vaTrWZX8PifSvnoU99l3Ua8RAK8lGZi2rZYUHWhbAo1Lzw> <xmx:JB17YMgnXl4i1zD00hTLX_VMbDZi5epJgzxA2mzM6Osma8ZOCd0IdA> <xmx:JB17YKSpM_Hmt2FRpvrdYHPXJilr0PmlAVzcn-ECqPvt7dCIZpfH9Q> <xmx:JB17YLqK8OenJ9-UP4RuS3QKBMGwPyD8Qp7t77YpdlTzhYRmAoK0rg> Received: from localhost (pool-100-11-169-118.phlapa.fios.verizon.net [100.11.169.118]) by mail.messagingengine.com (Postfix) with ESMTPA id EEE20108005B; Sat, 17 Apr 2021 13:38:43 -0400 (EDT) Date: Sat, 17 Apr 2021 13:38:42 -0400 From: Leo Famulari <leo@HIDDEN> Message-ID: <YHsdItiKkIZK5Rzo@HIDDEN> References: <87k0q9c28e.fsf@HIDDEN> <20210314131543.9310-1-pierre.langlois@HIDDEN> <20210314131543.9310-3-pierre.langlois@HIDDEN> <87blacluql.fsf@HIDDEN> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable In-Reply-To: <87blacluql.fsf@HIDDEN> X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) On Sat, Apr 17, 2021 at 05:51:46PM +0100, Pierre Langlois wrote: > Hi all, >=20 > Friendly ping on this series :-). Just FYI, we are in "string freeze" until Guix 1.2.1 is released. This means no changes to the manual or other translatable parts of Guix until then.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.