GNU bug report logs -
#43333
[PATCH] services: certbot: Support registration without email.
Previous Next
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 43333 in the body.
You can then email your comments to 43333 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
guix-patches <at> gnu.org
:
bug#43333
; Package
guix-patches
.
(Fri, 11 Sep 2020 11:59:01 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Timotej Lazar <timotej.lazar <at> araneo.si>
:
New bug report received and forwarded. Copy sent to
guix-patches <at> gnu.org
.
(Fri, 11 Sep 2020 11:59:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
* gnu/services/certbot.scm (certbot-configuration): Add default for the
email option.
(certbot-command): Pass email for registration only when specified.
* doc/guix.texi (Certificate Services): "mandatory"→"optional" email.
---
Allow registering a Let’s Encrypt account without an email address,
which is dicouraged but possible. I tried factoring out the common
options for HTTP/manual challenges but it turned out quite messy, so I
just added the option for both cases.
Thanks!
doc/guix.texi | 7 ++++---
gnu/services/certbot.scm | 11 ++++++++---
2 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index bad2d36e42..a8e7b27349 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -22469,9 +22469,10 @@ A list of @code{certificates-configuration}s for which to generate
certificates and request signatures. Each certificate has a @code{name}
and several @code{domains}.
-@item @code{email}
-Mandatory email used for registration, recovery contact, and important
-account notifications.
+@item @code{email} (default: @code{#f})
+Optional email address used for registration and recovery contact.
+Setting this is encouraged as it allows you to receive important
+notifications about the account and issued certificates.
@item @code{server} (default: @code{#f})
Optional URL of ACME server. Setting this overrides certbot's default,
diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm
index 5643340799..1c67ff63f1 100644
--- a/gnu/services/certbot.scm
+++ b/gnu/services/certbot.scm
@@ -71,7 +71,8 @@
(default "/var/www"))
(certificates certbot-configuration-certificates
(default '()))
- (email certbot-configuration-email)
+ (email certbot-configuration-email
+ (default #f))
(server certbot-configuration-server
(default #f))
(rsa-key-size certbot-configuration-rsa-key-size
@@ -99,12 +100,14 @@
(if challenge
(append
(list name certbot "certonly" "-n" "--agree-tos"
- "-m" email
"--manual"
(string-append "--preferred-challenges=" challenge)
"--cert-name" name
"--manual-public-ip-logging-ok"
"-d" (string-join domains ","))
+ (if email
+ `("--email" ,email)
+ '("--register-unsafely-without-email"))
(if server `("--server" ,server) '())
(if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '())
(if authentication-hook
@@ -114,10 +117,12 @@
(if deploy-hook `("--deploy-hook" ,deploy-hook) '()))
(append
(list name certbot "certonly" "-n" "--agree-tos"
- "-m" email
"--webroot" "-w" webroot
"--cert-name" name
"-d" (string-join domains ","))
+ (if email
+ `("--email" ,email)
+ '("--register-unsafely-without-email"))
(if server `("--server" ,server) '())
(if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '())
(if deploy-hook `("--deploy-hook" ,deploy-hook) '()))))))
--
2.28.0
Reply sent
to
Ludovic Courtès <ludo <at> gnu.org>
:
You have taken responsibility.
(Sun, 13 Sep 2020 21:22:01 GMT)
Full text and
rfc822 format available.
Notification sent
to
Timotej Lazar <timotej.lazar <at> araneo.si>
:
bug acknowledged by developer.
(Sun, 13 Sep 2020 21:22:01 GMT)
Full text and
rfc822 format available.
Message #10 received at 43333-done <at> debbugs.gnu.org (full text, mbox):
Hi Timotej,
Timotej Lazar <timotej.lazar <at> araneo.si> skribis:
> * gnu/services/certbot.scm (certbot-configuration): Add default for the
> email option.
> (certbot-command): Pass email for registration only when specified.
> * doc/guix.texi (Certificate Services): "mandatory"→"optional" email.
> ---
> Allow registering a Let’s Encrypt account without an email address,
> which is dicouraged but possible. I tried factoring out the common
> options for HTTP/manual challenges but it turned out quite messy, so I
> just added the option for both cases.
Good. Applied, thanks!
Ludo’.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org
.
(Mon, 12 Oct 2020 11:24:05 GMT)
Full text and
rfc822 format available.
This bug report was last modified 3 years and 196 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.