From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:470:142:3::10]:54328)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1i7o6J-0001pr-1P
 for guix-patches@gnu.org; Tue, 10 Sep 2019 17:55:03 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1i7o6I-0003kN-4I
 for guix-patches@gnu.org; Tue, 10 Sep 2019 17:55:03 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:32959)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1i7o6I-0003kF-1Y
 for guix-patches@gnu.org; Tue, 10 Sep 2019 17:55:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1i7o6H-0005pe-V1
 for guix-patches@gnu.org; Tue, 10 Sep 2019 17:55:01 -0400
Subject: [bug#36998] [PATCH] services: certbot: Add
 --manual-public-ip-logging-ok for manual challenges
Resent-Message-ID: <handler.36998.B36998.156815248522386@debbugs.gnu.org>
From: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
References: <87imr588wk.fsf@zancanaro.id.au>
Date: Tue, 10 Sep 2019 23:54:33 +0200
In-Reply-To: <87imr588wk.fsf@zancanaro.id.au> (Carlo Zancanaro's message of
 "Sat, 10 Aug 2019 23:08:59 +1000")
Message-ID: <87a7bb24x2.fsf@gnu.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: Carlo Zancanaro <carlo@zancanaro.id.au>
Cc: 36998@debbugs.gnu.org

Hi Carlo,

Time flies=E2=80=A6

Carlo Zancanaro <carlo@zancanaro.id.au> skribis:

> I recently tried to configure the certbot-service with the dns
> challenge type. It failed, because certbot tries to ask whether you're
> okay with letsencrypt knowing (and potentially logging) your IP
> address, but within an mcron task that just fails.
>
> The solution is to add the --manual-public-ip-logging-ok flag, so
> here's a patch to do that!

[...]

> --- a/gnu/services/certbot.scm
> +++ b/gnu/services/certbot.scm
> @@ -99,6 +99,7 @@
>                              "--manual"
>                              (string-append "--preferred-challenges=3D" c=
hallenge)
>                              "--cert-name" name
> +                            "--manual-public-ip-logging-ok"
>                              "-d" (string-join domains ","))

Perhaps we should pass --manual-public-ip-logging-ok only when
=E2=80=98challenge=E2=80=99 has the expected value (DNS challenge type; wha=
t=E2=80=99s the value
for that?), and also document that prominently in the manual?

Thanks,
Ludo=E2=80=99.