From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:56668) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1em4il-0005Do-Ia for guix-patches@gnu.org; Wed, 14 Feb 2018 16:36:08 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1em4ii-00010A-Hc for guix-patches@gnu.org; Wed, 14 Feb 2018 16:36:07 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:35482) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1em4ii-0000zx-D9 for guix-patches@gnu.org; Wed, 14 Feb 2018 16:36:04 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1em4ii-0001xp-6S for guix-patches@gnu.org; Wed, 14 Feb 2018 16:36:04 -0500 Subject: [bug#30459] [PATCH 05/11] services: certbot: Refactor certbot command. Resent-Message-ID: From: =?UTF-8?Q?Cl=C3=A9ment?= Lassieur Date: Wed, 14 Feb 2018 22:34:58 +0100 Message-Id: <20180214213504.29984-5-clement@lassieur.org> In-Reply-To: <20180214213504.29984-1-clement@lassieur.org> References: <20180214213504.29984-1-clement@lassieur.org> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 30459@debbugs.gnu.org * gnu/services/certbot.scm (certbot-renewal-jobs, certbot-activation): Refactor common code into certbot-command. --- gnu/services/certbot.scm | 53 ++++++++++++++++++++++++------------------------ 1 file changed, 26 insertions(+), 27 deletions(-) diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm index 0b425bab9..661e17498 100644 --- a/gnu/services/certbot.scm +++ b/gnu/services/certbot.scm @@ -57,41 +57,40 @@ (body (list "return 301 https://$host$request_uri;")))))) -(define certbot-renewal-jobs +(define certbot-command (match-lambda (($ package webroot domains default-location) - (match domains - ;; Avoid pinging certbot if we have no domains. - (() '()) - (_ - (list - ;; Attempt to renew the certificates twice per day, at a random - ;; minute within the hour. See - ;; https://certbot.eff.org/all-instructions/. - #~(job '(next-minute-from (next-hour '(0 12)) (list (random 60))) - (string-append #$package "/bin/certbot renew" - (string-concatenate - (map (lambda (domain) - (string-append " -d " domain)) - '#$domains)))))))))) + (let* ((certbot (file-append package "/bin/certbot")) + (commands + (map + (lambda (domain) + (list certbot "certonly" + "--webroot" "-w" webroot + "-d" domain)) + domains))) + (program-file + "certbot-command" + #~(let ((code 0)) + (for-each + (lambda (command) + (set! code (or (apply system* command) code))) + '#$commands) code)))))) -(define certbot-activation - (match-lambda +(define (certbot-renewal-jobs config) + (list + ;; Attempt to renew the certificates twice per day, at a random minute + ;; within the hour. See https://certbot.eff.org/all-instructions/. + #~(job '(next-minute-from (next-hour '(0 12)) (list (random 60))) + #$(certbot-command config)))) + +(define (certbot-activation config) + (match config (($ package webroot domains default-location) (with-imported-modules '((guix build utils)) #~(begin (use-modules (guix build utils)) (mkdir-p #$webroot) - (for-each - (lambda (domain) - (unless (file-exists? - (in-vicinity "/etc/letsencrypt/live" domain)) - (unless (zero? (system* - (string-append #$certbot "/bin/certbot") - "certonly" "--webroot" "-w" #$webroot - "-d" domain)) - (error "failed to acquire cert for domain" domain)))) - '#$domains)))))) + (zero? (system* #$(certbot-command config)))))))) (define certbot-nginx-server-configurations (match-lambda -- 2.16.1