summaryrefslogtreecommitdiff
path: root/gnu/services/certbot.scm
AgeCommit message (Collapse)Author
2024-01-31services: certbot: Add one-shot service to renew certificates.Carlo Zancanaro
* gnu/services/certbot.scm (certbot-renewal-one-shot): New procedure. (certbot-service-type)[extensions]: Add it to shepherd-root extension. (certbot-command): Make connection errors return a different exit code. (certbot-activation): Remove message with certificate renewal instructions. Change-Id: I614ac6214a753dba0396e2385a75926c8355caa1 Signed-off-by: Clément Lassieur <clement@lassieur.org>
2024-01-31services: certbot: Reload nginx in deploy hook.Carlo Zancanaro
* gnu/services/certbot.scm (certbot-deploy-hook): Reload nginx. * doc/guix.texi (Certificate services): Remove deploy-hook from example. Change-Id: Ibb10481170a6fda7df72492072b939dd6a6ad176 Signed-off-by: Clément Lassieur <clement@lassieur.org>
2024-01-31services: certbot: Create self-signed certificates before certbot runs.Carlo Zancanaro
* gnu/services/certbot.scm (<certificate-configuration>): Add start-self-signed? field. (generate-certificate-gexp): New procedure. (certbot-activation): Generate self-signed certificates when start-self-signed? is #t. * doc/guix.texi (Certificate services): Document start-self-signed?. Change-Id: Icfd85ae0c3e29324acbcde6ba283546cf0e27a1d Signed-off-by: Clément Lassieur <clement@lassieur.org>
2024-01-31services: certbot: Symlink certificates to /etc/certs.Carlo Zancanaro
* gnu/services/certbot.scm (certbot-deploy-hook): New procedure. (certbot-command): Pass new deploy hook to certbot. * doc/guix.texi: Replace "letsencrypt/live" with "certs" throughout, except in the certbot deploy-hook description. Change-Id: I2ba5e4903d1e293e566b732a84b07d5a134b697d Signed-off-by: Clément Lassieur <clement@lassieur.org>
2023-06-18services: certbot: Fix nginx crash when certbot is used without domains.Saku Laesvuori
* gnu/services/certbot.scm (certbot-nginx-server-configurations): Don't return a broken nginx-server-configuration with empty server_name when no certificate domains are configured. Instead add a separate server for every certificate, so 0 certificates adds 0 servers. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Reviewed-by: Bruno Victal <mirai@makinata.eu>
2023-01-03services: certbot: Fix broken link.jgart
* gnu/services/certbot.scm (certbot-renewal-jobs): Fix broken link. Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2022-09-29services: certbot: Create "live" directory during activation.Mája Tomášek
When trying to run certbot, the mcron command fails, as /etc/letsencrypt/live is missing. This patch adds it into the certbot activation service. * gnu/services/certbot.scm (certbot-activation): Make /etc/letsencrypt/live. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2021-06-24services: certbot: Add option to use CSR file.Raghav Gururajan
* gnu/services/certbot.scm (<certificate-configuration>): Add csr field. (certbot-command): Modify. * doc/guix.texi (Certificate Services): Document it.
2020-09-13services: certbot: Support registration without email.Timotej Lazar
* gnu/services/certbot.scm (certbot-configuration): Add default for the email option. (certbot-command): Pass email for registration only when specified. * doc/guix.texi (Certificate Services): "mandatory"→"optional" email. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2020-05-13mailmap: Update entries for Nikita.nikita
* .mailmap: change email and name for Nikita. * Makefile.am, doc/guix.texi, etc/completion/fish/guix.fish, gnu/packages/accessibility.scm, gnu/packages/admin.scm, gnu/packages/audio.scm, gnu/packages/autotools.scm, gnu/packages/cdrom.scm, gnu/packages/check.scm, gnu/packages/cinnamon.scm, gnu/packages/compression.scm, gnu/packages/crypto.scm, gnu/packages/databases.scm, gnu/packages/django.scm, gnu/packages/dns.scm, gnu/packages/elixir.scm, gnu/packages/emacs-xyz.scm, gnu/packages/emacs.scm, gnu/packages/enlightenment.scm, gnu/packages/erlang.scm, gnu/packages/fonts.scm, gnu/packages/fontutils.scm, gnu/packages/forth.scm, gnu/packages/fvwm.scm, gnu/packages/games.scm, gnu/packages/gl.scm, gnu/packages/gnome.scm, gnu/packages/gnunet.scm, gnu/packages/gnupg.scm, gnu/packages/gtk.scm, gnu/packages/guile-wm.scm, gnu/packages/guile-xyz.scm, gnu/packages/haskell-apps.scm, gnu/packages/haskell-check.scm, gnu/packages/haskell-crypto.scm, gnu/packages/haskell-xyz.scm, gnu/packages/haskell.scm, gnu/packages/image-viewers.scm, gnu/packages/image.scm, gnu/packages/irc.scm, gnu/packages/language.scm, gnu/packages/libcanberra.scm, gnu/packages/linux.scm, gnu/packages/lisp-xyz.scm, gnu/packages/lisp.scm, gnu/packages/lolcode.scm, gnu/packages/lxde.scm, gnu/packages/lxqt.scm, gnu/packages/mail.scm, gnu/packages/markup.scm, gnu/packages/mate.scm, gnu/packages/maths.scm, gnu/packages/mc.scm, gnu/packages/messaging.scm, gnu/packages/music.scm, gnu/packages/ncurses.scm, gnu/packages/networking.scm, gnu/packages/nickle.scm, gnu/packages/openbox.scm, gnu/packages/pdf.scm, gnu/packages/perl-check.scm, gnu/packages/perl.scm, gnu/packages/python-compression.scm, gnu/packages/python-crypto.scm, gnu/packages/python-web.scm, gnu/packages/python-xyz.scm, gnu/packages/python.scm, gnu/packages/qt.scm, gnu/packages/ruby.scm, gnu/packages/rust.scm, gnu/packages/scheme.scm, gnu/packages/serialization.scm, gnu/packages/shells.scm, gnu/packages/ssh.scm, gnu/packages/suckless.scm, gnu/packages/tbb.scm, gnu/packages/telephony.scm, gnu/packages/text-editors.scm, gnu/packages/textutils.scm, gnu/packages/time.scm, gnu/packages/tls.scm, gnu/packages/tor.scm, gnu/packages/version-control.scm, gnu/packages/video.scm, gnu/packages/vim.scm, gnu/packages/web.scm, gnu/packages/wm.scm, gnu/packages/xdisorg.scm, gnu/packages/xfce.scm, gnu/packages/xml.scm, gnu/packages/xorg.scm, gnu/services/certbot.scm, gnu/services/desktop.scm, gnu/services/version-control.scm, gnu/services/web.scm, guix/import/hackage.scm, guix/licenses.scm: Likewise. Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
2020-03-08services: certbot: Add server option.Jack Hill
* gnu/services/certbot.scm (certbot-configuration): Add server option. (certbot-command): Use server option. (certbot-actication): Use server option. (certbot-nginx-server-configurations): Use server option. * doc/guix.texi (Certificate Services): Document server option. Co-authored-by: Tobias Geerinckx-Rice <me@tobias.gr> Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2019-09-16services: certbot: Add --manual-public-ip-logging-ok for manual challengesCarlo Zancanaro
* gnu/services/certbot.scm (certbot-command): Add --manual-public-ip-logging-ok flag to the certbot command when doing a manual challenge. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
2019-04-25gnu: certbot: Add support for manual plugin.Julien Lepiller
* gnu/services/certbot.scm (certificate-configuration): Add challenge, auth-hook and cleanup-hook fields. (certbot-command): Use them. * doc/guix.texi (Certificate Services): Document them.
2019-03-18Correct name and email address for ng0.ng0
* .mailmap, Makefile.am, doc/guix.de.texi, doc/guix.fr.texi, doc/guix.texi, etc/completion/fish/guix.fish, gnu/packages/accessibility.scm, gnu/packages/admin.scm, gnu/packages/audio.scm, gnu/packages/autotools.scm, gnu/packages/cdrom.scm, gnu/packages/check.scm, gnu/packages/cinnamon.scm, gnu/packages/compression.scm, gnu/packages/crypto.scm, gnu/packages/databases.scm, gnu/packages/django.scm, gnu/packages/dns.scm, gnu/packages/elixir.scm, gnu/packages/emacs-xyz.scm, gnu/packages/emacs.scm, gnu/packages/enlightenment.scm, gnu/packages/erlang.scm, gnu/packages/fonts.scm, gnu/packages/fontutils.scm, gnu/packages/forth.scm, gnu/packages/fvwm.scm, gnu/packages/games.scm, gnu/packages/gl.scm, gnu/packages/gnome.scm, gnu/packages/gnunet.scm, gnu/packages/gnupg.scm, gnu/packages/gnuzilla.scm, gnu/packages/gtk.scm, gnu/packages/guile-wm.scm,gnu/packages/guile-xyz.scm, gnu/packages/haskell-check.scm, gnu/packages/haskell-crypto.scm, gnu/packages/haskell.scm, gnu/packages/image-viewers.scm, gnu/packages/image.scm, gnu/packages/irc.scm, gnu/packages/language.scm, gnu/packages/libcanberra.scm, gnu/packages/linux.scm, gnu/packages/lisp.scm, gnu/packages/lolcode.scm, gnu/packages/lxde.scm, gnu/packages/lxqt.scm, gnu/packages/mail.scm, gnu/packages/markup.scm, gnu/packages/mate.scm, gnu/packages/maths.scm, gnu/packages/mc.scm, gnu/packages/messaging.scm, gnu/packages/music.scm, gnu/packages/ncurses.scm, gnu/packages/networking.scm, gnu/packages/nickle.scm, gnu/packages/openbox.scm, gnu/packages/pdf.scm, gnu/packages/perl-check.scm, gnu/packages/perl.scm, gnu/packages/python-compression.scm, gnu/packages/python-crypto.scm, gnu/packages/python-web.scm, gnu/packages/python-xyz.scm, gnu/packages/python.scm, gnu/packages/qt.scm, gnu/packages/ruby.scm, gnu/packages/rust.scm, gnu/packages/scheme.scm, gnu/packages/serialization.scm, gnu/packages/shells.scm, gnu/packages/ssh.scm, gnu/packages/suckless.scm, gnu/packages/tbb.scm, gnu/packages/telephony.scm, gnu/packages/text-editors.scm, gnu/packages/textutils.scm, gnu/packages/time.scm, gnu/packages/tls.scm, gnu/packages/tor.scm, gnu/packages/version-control.scm, gnu/packages/video.scm, gnu/packages/vim.scm, gnu/packages/web.scm, gnu/packages/wm.scm, gnu/packages/xdisorg.scm, gnu/packages/xfce.scm, gnu/packages/xml.scm, gnu/packages/xorg.scm, gnu/services/certbot.scm, gnu/services/desktop.scm, gnu/services/version-control.scm, gnu/services/web.scm, guix/import/hackage.scm, guix/licenses.scm: Correct name and email address for ng0. Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
2018-04-03services: certbot: Don't try to renew certificates on activation.Clément Lassieur
Because it takes too much time and it requires networking. Thanks to Mathieu Othacehe for suggesting this. * gnu/services/certbot.scm (certbot-activation): Do not run the renewal command, copy its path to a fixed location, display it, so that the user can run the command when they want.
2018-03-20Correct name and Email for ng0.ng0
* .mailmap: Correct name and Email for ng0. * Makefile.am, doc/guix.texi, etc/completion/fish/guix.fish gnu/packages/accessibility.scm, gnu/packages/admin.scm, gnu/packages/audio.scm, gnu/packages/autotools.scm, gnu/packages/cdrom.scm, gnu/packages/check.scm, gnu/packages/cinnamon.scm, gnu/packages/compression.scm, gnu/packages/crypto.scm, gnu/packages/databases.scm, gnu/packages/django.scm, gnu/packages/dns.scm, gnu/packages/emacs.scm, gnu/packages/enlightenment.scm, gnu/packages/fonts.scm, gnu/packages/fontutils.scm, gnu/packages/forth.scm, gnu/packages/fvwm.scm, gnu/packages/games.scm, gnu/packages/gl.scm, gnu/packages/gnome.scm, gnu/packages/gnunet.scm, gnu/packages/gnupg.scm, gnu/packages/gnuzilla.scm, gnu/packages/gtk.scm, gnu/packages/guile-wm.scm, gnu/packages/guile.scm, gnu/packages/haskell-check.scm, gnu/packages/haskell-crypto.scm, gnu/packages/haskell.scm, gnu/packages/image-viewers.scm, gnu/packages/image.scm, gnu/packages/irc.scm, gnu/packages/language.scm, gnu/packages/libcanberra.scm, gnu/packages/linux.scm, gnu/packages/lisp.scm, gnu/packages/lolcode.scm, gnu/packages/lxde.scm, gnu/packages/lxqt.scm, gnu/packages/mail.scm, gnu/packages/markup.scm, gnu/packages/mate.scm, gnu/packages/maths.scm, gnu/packages/mc.scm, gnu/packages/messaging.scm, gnu/packages/music.scm, gnu/packages/ncurses.scm, gnu/packages/networking.scm, gnu/packages/nickle.scm, gnu/packages/openbox.scm, gnu/packages/pdf.scm, gnu/packages/perl-check.scm, gnu/packages/perl.scm, gnu/packages/python-crypto.scm, gnu/packages/python-web.scm, gnu/packages/python.scm, gnu/packages/qt.scm, gnu/packages/ruby.scm, gnu/packages/rust.scm, gnu/packages/scheme.scm, gnu/packages/serialization.scm, gnu/packages/shells.scm, gnu/packages/ssh.scm, gnu/packages/suckless.scm, gnu/packages/tbb.scm, gnu/packages/telephony.scm, gnu/packages/text-editors.scm, gnu/packages/textutils.scm, gnu/packages/time.scm, gnu/packages/tls.scm, gnu/packages/tor.scm, gnu/packages/version-control.scm, gnu/packages/video.scm, gnu/packages/vim.scm, gnu/packages/web.scm, gnu/packages/wm.scm, gnu/packages/xdisorg.scm, gnu/packages/xfce.scm, gnu/packages/xml.scm, gnu/packages/xorg.scm, gnu/services/certbot.scm, gnu/services/desktop.scm, gnu/services/version-control.scm, gnu/services/web.scm, guix/import/hackage.scm, guix/licenses.scm: Likewise. Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
2018-02-22services: certbot: Allow to set a deploy hook.Clément Lassieur
* doc/guix.texi (Certificate Services): Document it. * gnu/services/certbot.scm (<certificate-configuration>, certbot-command): Add it.
2018-02-22services: certbot: Add verbosity.Clément Lassieur
The certificate name wasn't displayed if it wasn't being renewed. * gnu/services/certbot.scm (certbot-command): Print certificate name before running the associated command.
2018-02-22services: certbot: Allow to set RSA key size.Clément Lassieur
* doc/guix.texi (Certificate Services): Document it. * gnu/services/certbot.scm (<cerbot-configuration>, certbot-command, certbot-activation, certbot-nginx-server-configurations): Add it.
2018-02-22services: certbot: Associate one certificate with several domains.Clément Lassieur
* doc/guix.texi (Certificate Services): Document <certificate-configuration>, the change from domains to certificates and the fact that their path is now derived from their name. * gnu/services/certbot.scm (<certificate-configuration>): Add and export it. (certbot-configuration, certbot-command, certbot-activation, certbot-nginx-server-configurations, certbot-service-type): Replace 'domains' with 'certificates'. (certbot-nginx-server-configurations): Use only one nginx-server-configuration and use all certificate domains as the server-name.
2018-02-22services: certbot: Get certbot to run non-interactively.Clément Lassieur
* doc/guix.texi (Certificate Services): Add email field and link to the ACME Subscriber Agreement. * gnu/services/certbot.scm (<certbot-configuration>, certbot-command, certbot-activation, certbot-nginx-server-configurations): Add email field. (certbot-command): Add '-n' and '--agree-tos' options. (certbot-service-type): Remove default-value.
2018-02-22services: certbot: Refactor certbot command.Clément Lassieur
* gnu/services/certbot.scm (certbot-renewal-jobs, certbot-activation): Refactor common code into certbot-command.
2018-02-22services: certbot: Rename 'host' to 'domain'.Clément Lassieur
* doc/guix.texi (Certificate Services): Rename 'host' to 'domain'. * gnu/services/certbot.scm (<certbot-configuration>, certbot-renewal-jobs, certbot-activation, certbot-nginx-server-configurations, certbot-service-type): Rename 'host' to 'domain'.
2018-02-22services: certbot: Fix indentation.Clément Lassieur
* gnu/services/certbot.scm (certbot-activation): Fix indentation.
2018-02-22services: certbot: Run certbot twice a day at a random minute.Clément Lassieur
* doc/guix.texi (Certificate Services): Document it. * gnu/services/certbot.scm (certbot-renewal-jobs): Change job's time specification.
2018-02-22services: certbot: Listen on IPv6.Clément Lassieur
* gnu/services/certbot.scm (certbot-nginx-server-configurations): Listen on IPv6 too.
2017-12-18services: nginx: Replace 'http-port' and 'https-port' with 'listen'.Clément Lassieur
* doc/guix.texi (Web Services, Version Control Services): Update accordingly. * gnu/services/certbot.scm (certbot-nginx-server-configurations): Likewise. * gnu/services/version-control.scm (%cgit-configuration-nginx): Likewise. * gnu/services/web.scm (<nginx-server-configuration>, emit-nginx-server-config): Likewise. * gnu/tests/version-control.scm (%cgit-configuration-nginx, %git-nginx-configuration): Likewise. * gnu/tests/web.scm (%nginx-servers, %php-fpm-nginx-server-blocks): Likewise.
2017-12-17services: certbot: Fix certbot renewal job.Christopher Baines
Quote the list of hosts, to avoid generating a broken job definition. * gnu/services/certbot.scm (certbot-renewal-jobs): Quote the hosts when passing them in to the job gexp.
2017-11-28services: certbot: Add default value and description.Ludovic Courtès
* gnu/services/certbot.scm (certbot-service-type) [default-value, description]: New fields. * po/packages/POTFILES.in: Add it.
2017-11-28services: Add certbot service.Andy Wingo
* gnu/services/certbot.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add new file. * doc/guix.texi (Certificate Services): New section. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
generated by cgit v1.2.3 (git 2.44.0) at 2024-07-01 07:18:29 +0000