From: "Clément Lassieur" <clement@lassieur.org>
To: 30459@debbugs.gnu.org
Subject: [bug#30459] [PATCH 09/11] services: certbot: Allow to set RSA key size.
Date: Wed, 14 Feb 2018 22:35:02 +0100 [thread overview]
Message-ID: <20180214213504.29984-9-clement@lassieur.org> (raw)
In-Reply-To: <20180214213504.29984-1-clement@lassieur.org>
* doc/guix.texi (Certificate Services): Document it.
* gnu/services/certbot.scm (<cerbot-configuration>, certbot-command,
certbot-activation, certbot-nginx-server-configurations): Add it.
---
doc/guix.texi | 3 +++
gnu/services/certbot.scm | 21 +++++++++++++--------
2 files changed, 16 insertions(+), 8 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 4f6f9e9c7..8500cda6d 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -15716,6 +15716,9 @@ and several @code{domains}.
Mandatory email used for registration, recovery contact, and important
account notifications.
+@item @code{rsa-key-size} (default: @code{2048})
+Size of the RSA key.
+
@item @code{default-location} (default: @i{see below})
The default @code{nginx-location-configuration}. Because @code{certbot}
needs to be able to serve challenges and responses, it needs to be able
diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm
index a70a36591..51f5d719a 100644
--- a/gnu/services/certbot.scm
+++ b/gnu/services/certbot.scm
@@ -60,6 +60,8 @@
(certificates certbot-configuration-certificates
(default '()))
(email certbot-configuration-email)
+ (rsa-key-size certbot-configuration-rsa-key-size
+ (default #f))
(default-location certbot-configuration-default-location
(default
(nginx-location-configuration
@@ -70,17 +72,20 @@
(define certbot-command
(match-lambda
(($ <certbot-configuration> package webroot certificates email
- default-location)
+ rsa-key-size default-location)
(let* ((certbot (file-append package "/bin/certbot"))
+ (rsa-key-size (and rsa-key-size (number->string rsa-key-size)))
(commands
(map
(match-lambda
(($ <certificate-configuration> name domains)
- (list certbot "certonly" "-n" "--agree-tos"
- "-m" email
- "--webroot" "-w" webroot
- "--cert-name" (or name (car domains))
- "-d" (string-join domains ","))))
+ (append
+ (list certbot "certonly" "-n" "--agree-tos"
+ "-m" email
+ "--webroot" "-w" webroot
+ "--cert-name" (or name (car domains))
+ "-d" (string-join domains ","))
+ (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '()))))
certificates)))
(program-file
"certbot-command"
@@ -100,7 +105,7 @@
(define (certbot-activation config)
(match config
(($ <certbot-configuration> package webroot certificates email
- default-location)
+ rsa-key-size default-location)
(with-imported-modules '((guix build utils))
#~(begin
(use-modules (guix build utils))
@@ -110,7 +115,7 @@
(define certbot-nginx-server-configurations
(match-lambda
(($ <certbot-configuration> package webroot certificates email
- default-location)
+ rsa-key-size default-location)
(list
(nginx-server-configuration
(listen '("80" "[::]:80"))
--
2.16.1
next prev parent reply other threads:[~2018-02-14 21:36 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-14 21:33 [bug#30459] Certbot service patches Clément Lassieur
2018-02-14 21:34 ` [bug#30459] [PATCH 01/11] services: certbot: Listen on IPv6 Clément Lassieur
2018-02-14 21:34 ` [bug#30459] [PATCH 02/11] services: certbot: Run certbot twice a day at a random minute Clément Lassieur
2018-02-14 21:34 ` [bug#30459] [PATCH 03/11] services: certbot: Fix indentation Clément Lassieur
2018-02-14 21:34 ` [bug#30459] [PATCH 04/11] services: certbot: Rename 'host' to 'domain' Clément Lassieur
2018-02-14 21:34 ` [bug#30459] [PATCH 05/11] services: certbot: Refactor certbot command Clément Lassieur
2018-02-14 21:34 ` [bug#30459] [PATCH 06/11] services: certbot: Get certbot to run non-interactively Clément Lassieur
2018-02-17 15:13 ` Marius Bakke
2018-02-19 22:46 ` Clément Lassieur
2018-02-22 13:57 ` Marius Bakke
2018-02-22 20:49 ` Clément Lassieur
2018-03-03 21:52 ` bug#30459: " Ludovic Courtès
2018-03-03 22:09 ` [bug#30459] " Clément Lassieur
2018-02-14 21:35 ` [bug#30459] [PATCH 07/11] services: certbot: Associate one certificate with several domains Clément Lassieur
2018-02-14 21:35 ` [bug#30459] [PATCH 08/11] doc: Fix typo in certbot-configuration description Clément Lassieur
2018-02-14 21:35 ` Clément Lassieur [this message]
2018-02-14 21:35 ` [bug#30459] [PATCH 10/11] services: certbot: Add verbosity Clément Lassieur
2018-02-14 21:35 ` [bug#30459] [PATCH 11/11] services: certbot: Allow to set a deploy hook Clément Lassieur
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180214213504.29984-9-clement@lassieur.org \
--to=clement@lassieur.org \
--cc=30459@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.