[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#49213] [PATCH v1] services: certbot: Add option to use CSR file.
|
From: |
Raghav Gururajan |
|
Subject: |
[bug#49213] [PATCH v1] services: certbot: Add option to use CSR file. |
|
Date: |
Thu, 24 Jun 2021 14:51:11 -0400 |
* gnu/services/certbot.scm (<certificate-configuration>): Add csr field.
(certbot-command): Modify.
* doc/guix.texi (Certificate Services): Document it.
---
doc/guix.texi | 6 ++++++
gnu/services/certbot.scm | 6 +++++-
2 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 15e8999447..689d6498a9 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -25934,6 +25934,12 @@ the documentation at
@url{https://certbot.eff.org/docs/using.html#hooks}),
and gives Let's Encrypt permission to log the public IP address of the
requesting machine.
+@item @code{csr} (default: @code{#f})
+Path to a Certificate Signing Request (CSR) in DER or PEM format. If @code{#f}
+is specified, this argument will not be passed to certbot. If a value is
passed,
+certbot uses it to obtain certificate, instead of using randomly generated
+private-key.
+
@item @code{authentication-hook} (default: @code{#f})
Command to be run in a shell once for each certificate challenge to be
answered. For this command, the shell variable @code{$CERTBOT_DOMAIN}
diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm
index 1c67ff63f1..9a3822a679 100644
--- a/gnu/services/certbot.scm
+++ b/gnu/services/certbot.scm
@@ -55,6 +55,8 @@
(default '()))
(challenge certificate-configuration-challenge
(default #f))
+ (csr certificate-configuration-csr
+ (default #f))
(authentication-hook certificate-authentication-hook
(default #f))
(cleanup-hook certificate-cleanup-hook
@@ -95,7 +97,7 @@
(match-lambda
(($ <certificate-configuration> custom-name domains challenge
authentication-hook
cleanup-hook
- deploy-hook)
+ deploy-hook csr)
(let ((name (or custom-name (car domains))))
(if challenge
(append
@@ -110,6 +112,7 @@
'("--register-unsafely-without-email"))
(if server `("--server" ,server) '())
(if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '())
+ (if csr `("--csr" ,csr) '())
(if authentication-hook
`("--manual-auth-hook" ,authentication-hook)
'())
@@ -125,6 +128,7 @@
'("--register-unsafely-without-email"))
(if server `("--server" ,server) '())
(if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '())
+ (if csr `("--csr" ,csr) '())
(if deploy-hook `("--deploy-hook" ,deploy-hook) '()))))))
certificates)))
(program-file
--
2.32.0
- [bug#49213] [PATCH v1] services: certbot: Add option to use CSR file.,
Raghav Gururajan <=
- [bug#49213] [PATCH v2] services: certbot: Add option to use CSR file., Raghav Gururajan, 2021/06/24
- [bug#49213] [PATCH v3] services: certbot: Add option to use CSR file., Raghav Gururajan, 2021/06/24
- [bug#49213] [PATCH v4] services: certbot: Add option to use CSR file., Raghav Gururajan, 2021/06/24
- [bug#49213] [PATCH v5] services: certbot: Add option to use CSR file., Raghav Gururajan, 2021/06/24
- bug#49213: (no subject), Raghav Gururajan, 2021/06/24