[bug#49213] [PATCH v1] services: certbot: Add option to use CSR file.

unofficial mirror of guix-patches@gnu.org 
 help / color / mirror / code / Atom feed

From: Raghav Gururajan via Guix-patches via <guix-patches@gnu.org>
To: 49213@debbugs.gnu.org
Cc: Raghav Gururajan <rg@raghavgururajan.name>
Subject: [bug#49213] [PATCH v1] services: certbot: Add option to use CSR file.
Date: Thu, 24 Jun 2021 14:51:11 -0400	[thread overview]
Message-ID: <20210624185111.5959-1-rg@raghavgururajan.name> (raw)

* gnu/services/certbot.scm (<certificate-configuration>): Add csr field.
(certbot-command): Modify.
* doc/guix.texi (Certificate Services): Document it.
---
 doc/guix.texi            | 6 ++++++
 gnu/services/certbot.scm | 6 +++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 15e8999447..689d6498a9 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -25934,6 +25934,12 @@ the documentation at @url{https://certbot.eff.org/docs/using.html#hooks}),
 and gives Let's Encrypt permission to log the public IP address of the
 requesting machine.
 
+@item @code{csr} (default: @code{#f})
+Path to a Certificate Signing Request (CSR) in DER or PEM format.  If @code{#f}
+is specified, this argument will not be passed to certbot.  If a value is passed,
+certbot uses it to obtain certificate, instead of using randomly generated
+private-key.
+
 @item @code{authentication-hook} (default: @code{#f})
 Command to be run in a shell once for each certificate challenge to be
 answered.  For this command, the shell variable @code{$CERTBOT_DOMAIN}
diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm
index 1c67ff63f1..9a3822a679 100644
--- a/gnu/services/certbot.scm
+++ b/gnu/services/certbot.scm
@@ -55,6 +55,8 @@
                        (default '()))
   (challenge           certificate-configuration-challenge
                        (default #f))
+  (csr                     certificate-configuration-csr
+                       (default #f))
   (authentication-hook certificate-authentication-hook
                        (default #f))
   (cleanup-hook        certificate-cleanup-hook
@@ -95,7 +97,7 @@
               (match-lambda
                 (($ <certificate-configuration> custom-name domains challenge
                                                 authentication-hook cleanup-hook
-                                                deploy-hook)
+                                                deploy-hook csr)
                  (let ((name (or custom-name (car domains))))
                    (if challenge
                      (append
@@ -110,6 +112,7 @@
                           '("--register-unsafely-without-email"))
                       (if server `("--server" ,server) '())
                       (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '())
+                      (if csr `("--csr" ,csr) '())
                       (if authentication-hook
                           `("--manual-auth-hook" ,authentication-hook)
                           '())
@@ -125,6 +128,7 @@
                           '("--register-unsafely-without-email"))
                       (if server `("--server" ,server) '())
                       (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '())
+                      (if csr `("--csr" ,csr) '())
                       (if deploy-hook `("--deploy-hook" ,deploy-hook) '()))))))
               certificates)))
        (program-file
-- 
2.32.0

next             reply	other threads:[~2021-06-24 18:52 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-06-24 18:51 Raghav Gururajan via Guix-patches via [this message]
2021-06-24 19:18 ` [bug#49213] [PATCH v2] services: certbot: Add option to use CSR file Raghav Gururajan via Guix-patches via
2021-06-24 21:58 ` [bug#49213] [PATCH v3] " Raghav Gururajan via Guix-patches via
2021-06-24 21:59 ` [bug#49213] [PATCH v4] " Raghav Gururajan via Guix-patches via
2021-06-24 22:20 ` [bug#49213] [PATCH v5] " Raghav Gururajan via Guix-patches via
2021-06-24 22:39 ` bug#49213: (no subject) Raghav Gururajan via Guix-patches via
2021-06-30 19:56   ` [bug#49213] " Maxime Devos
2021-06-30 20:16     ` Raghav Gururajan via Guix-patches via
2021-06-30 20:20       ` Jonathan Brielmaier
2021-07-01  8:05         ` Maxime Devos

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:15e899944 dfblob:1c67ff63f dfblob:689d6498a dfblob:9a3822a67
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://guix.gnu.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210624185111.5959-1-rg@raghavgururajan.name \
    --to=guix-patches@gnu.org \
    --cc=49213@debbugs.gnu.org \
    --cc=rg@raghavgururajan.name \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).