From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:48472)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1enuDC-0007hy-Tp
	for guix-patches@gnu.org; Mon, 19 Feb 2018 17:47:07 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1enuD7-0007sz-V4
	for guix-patches@gnu.org; Mon, 19 Feb 2018 17:47:06 -0500
Received: from debbugs.gnu.org ([208.118.235.43]:43892)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1enuD7-0007st-Po
	for guix-patches@gnu.org; Mon, 19 Feb 2018 17:47:01 -0500
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1enuD7-0006m5-JB
	for guix-patches@gnu.org; Mon, 19 Feb 2018 17:47:01 -0500
Subject: [bug#30459] [PATCH 06/11] services: certbot: Get certbot to run
	non-interactively.
Resent-Message-ID: <handler.30459.B30459.151908037325977@debbugs.gnu.org>
References: <20180214213504.29984-1-clement@lassieur.org>
	<20180214213504.29984-6-clement@lassieur.org>
	<87606vvecp.fsf@fastmail.com>
From: =?UTF-8?Q?Cl=C3=A9ment?= Lassieur <clement@lassieur.org>
In-reply-to: <87606vvecp.fsf@fastmail.com>
Date: Mon, 19 Feb 2018 23:46:07 +0100
Message-ID: <874lmc4mz4.fsf@lassieur.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: Marius Bakke <mbakke@fastmail.com>
Cc: 30459@debbugs.gnu.org

Marius Bakke <mbakke@fastmail.com> writes:

> Clément Lassieur <clement@lassieur.org> writes:
>
>> * doc/guix.texi (Certificate Services): Add email field.
>> * gnu/services/certbot.scm (<certbot-configuration>, certbot-command,
>> certbot-activation, certbot-nginx-server-configurations): Add email field.
>> (certbot-command): Add '-n' and '--agree-tos' options.
>> (certbot-service-type): Remove default-value.
>
> Since this effectively hides the ToS from the user, I think we should
> update documentation to link to it.  Something along the lines of
> "By using this service, you agree to the Terms and Conditions laid out
> in URL...".
>
> I'm not a user of certbot currently and thus haven't tested it, but the
> other patches LGTM to me.  Thanks a lot for working on this!

Thank you very much for the review, Marius, I'll update the
documentation as you said.

I won't push right now because I'm unconvinced by certbot-activation:
  - it runs at every reconfigure, whereas I want it to run only when the
    configuration changes
  - it runs at system startup (with no internet access, I think) which I
    obviously don't want
  - it requires internet access

Assuming there is no way to get it to run only on reconfigure when the
configuration has changed, I could make a command that the user would
use manually (wich profile-service-type).  They would use this command
if they add new certificates and if they don't want to wait for the cron
task to happen.  WDYT?