From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:470:142:3::10]:58667) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hwR8E-0005O5-Vo for guix-patches@gnu.org; Sat, 10 Aug 2019 09:10:03 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hwR8E-0003jx-23 for guix-patches@gnu.org; Sat, 10 Aug 2019 09:10:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:34719) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hwR8D-0003jt-V9 for guix-patches@gnu.org; Sat, 10 Aug 2019 09:10:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hwR8D-0005fj-Op for guix-patches@gnu.org; Sat, 10 Aug 2019 09:10:01 -0400 Subject: [bug#36998] [PATCH] services: certbot: Add --manual-public-ip-logging-ok for manual challenges Resent-Message-ID: Received: from eggs.gnu.org ([2001:470:142:3::10]:58599) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hwR7L-0005LE-E0 for guix-patches@gnu.org; Sat, 10 Aug 2019 09:09:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hwR7J-0003RO-EJ for guix-patches@gnu.org; Sat, 10 Aug 2019 09:09:07 -0400 Received: from zancanaro.com.au ([45.76.117.151]:43646) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hwR7I-0003PX-LY for guix-patches@gnu.org; Sat, 10 Aug 2019 09:09:05 -0400 Received: from jolteon (210-1-202-160-cpe.spintel.net.au [210.1.202.160]) by zancanaro.com.au (Postfix) with ESMTPSA id 0E7C0294B4 for ; Sat, 10 Aug 2019 13:09:00 +0000 (UTC) From: Carlo Zancanaro Date: Sat, 10 Aug 2019 23:08:59 +1000 Message-ID: <87imr588wk.fsf@zancanaro.id.au> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 36998@debbugs.gnu.org --=-=-= Content-Type: text/plain; format=flowed I recently tried to configure the certbot-service with the dns challenge type. It failed, because certbot tries to ask whether you're okay with letsencrypt knowing (and potentially logging) your IP address, but within an mcron task that just fails. The solution is to add the --manual-public-ip-logging-ok flag, so here's a patch to do that! --=-=-= Content-Type: text/x-diff Content-Disposition: inline; filename=0001-services-certbot-Add-manual-public-ip-logging-ok-for.patch >From 4a888155261caba0c4e11f8515a271ba33b92bc6 Mon Sep 17 00:00:00 2001 From: Carlo Zancanaro Date: Sat, 10 Aug 2019 22:52:50 +1000 Subject: [PATCH] services: certbot: Add --manual-public-ip-logging-ok for manual challenges * gnu/services/certbot.scm (certbot-command): Add --manual-public-ip-logging-ok flag to the certbot command when doing a manual challenge. --- gnu/services/certbot.scm | 1 + 1 file changed, 1 insertion(+) diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm index ae34ad17bb..0d3be03383 100644 --- a/gnu/services/certbot.scm +++ b/gnu/services/certbot.scm @@ -99,6 +99,7 @@ "--manual" (string-append "--preferred-challenges=" challenge) "--cert-name" name + "--manual-public-ip-logging-ok" "-d" (string-join domains ",")) (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '()) (if authentication-hook -- 2.22.0 --=-=-=--