From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:53475)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1eoxoe-0006q9-EP
	for guix-patches@gnu.org; Thu, 22 Feb 2018 15:50:09 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1eoxoZ-0006wc-IX
	for guix-patches@gnu.org; Thu, 22 Feb 2018 15:50:08 -0500
Received: from debbugs.gnu.org ([208.118.235.43]:48995)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1eoxoZ-0006w1-E6
	for guix-patches@gnu.org; Thu, 22 Feb 2018 15:50:03 -0500
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1eoxoY-0000QM-Hq
	for guix-patches@gnu.org; Thu, 22 Feb 2018 15:50:02 -0500
Subject: [bug#30459] [PATCH 06/11] services: certbot: Get certbot to run
	non-interactively.
Resent-Message-ID: <handler.30459.B30459.15193325941611@debbugs.gnu.org>
References: <20180214213504.29984-1-clement@lassieur.org>
	<20180214213504.29984-6-clement@lassieur.org>
	<87606vvecp.fsf@fastmail.com>
	<874lmc4mz4.fsf@lassieur.org> <874lm9b00c.fsf@fastmail.com>
From: =?UTF-8?Q?Cl=C3=A9ment?= Lassieur <clement@lassieur.org>
In-reply-to: <874lm9b00c.fsf@fastmail.com>
Date: Thu, 22 Feb 2018 21:49:46 +0100
Message-ID: <87inao4umt.fsf@lassieur.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: Marius Bakke <mbakke@fastmail.com>
Cc: 30459@debbugs.gnu.org

Marius Bakke <mbakke@fastmail.com> writes:

>> I won't push right now because I'm unconvinced by certbot-activation:
>>   - it runs at every reconfigure, whereas I want it to run only when the
>>     configuration changes
>>   - it runs at system startup (with no internet access, I think) which I
>>     obviously don't want
>>   - it requires internet access
>
> I haven't studied the code, but perhaps certbot-activation could be made
> a "proper" Shepherd service (e.g. simple-service)?  That way it can have
> a dependency on networking, at least.  It also would not run on every
> reconfigure.

Good idea!

>> Assuming there is no way to get it to run only on reconfigure when the
>> configuration has changed, I could make a command that the user would
>> use manually (wich profile-service-type).  They would use this command
>> if they add new certificates and if they don't want to wait for the cron
>> task to happen.  WDYT?
>
> This sounds great, but don't know if it should block this series.
> Perhaps you can push it to a 'wip-certbot' branch on Savannah for easier
> access and testing?
>
> Also, hopefully some of our newfound Shepherd experts can chime in on
> this thread :)

I pushed the series as is in the master branch, because it changes the
API and it's better that the potential users use the new API as soon as
possible.  (And it works anyway.)  I'll add a patch implementing the
certbot-activation as a Shepherd service.

Thank you for the review!

Clément