diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2021-02-21 02:55:46 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2021-02-21 03:00:48 +0100 |
commit | 626c0418b3d8c3747a7be8e2620d7c85a8c2c613 (patch) | |
tree | d4b148cbd5b143238448eab1346a9cd603299f31 | |
parent | 74c0a11722cf1e01b9a9834e89a07b55eaf01080 (diff) |
Make the ACME API server URL configurable at build time.
-rw-r--r-- | Makefile | 7 | ||||
-rwxr-xr-x | client | 2 | ||||
-rw-r--r-- | config/lacme.conf | 2 | ||||
-rw-r--r-- | lacme.8.md | 2 | ||||
-rwxr-xr-x | test | 6 |
5 files changed, 10 insertions, 9 deletions
@@ -49,6 +49,8 @@ lacme_www_group ?= www-data lacme_client_user ?= nobody lacme_client_group ?= nogroup +acmeapi_server ?= https://acme-v02.api.letsencrypt.org/directory + $(BUILDDIR)/%: % mkdir -pv -- $(dir $@) cp --no-dereference --preserve=mode,links,xattr -vfT -- "$<" "$@" @@ -62,8 +64,9 @@ $(BUILDDIR)/%: % s#@@lacme_www_user@@#$(lacme_www_user)#g; \ s#@@lacme_www_group@@#$(lacme_www_group)#g; \ s#@@lacme_client_user@@#$(lacme_client_user)#g; \ - s#@@lacme_client_group@@#$(lacme_client_group)#g;" \ - -- "$@" + s#@@lacme_client_group@@#$(lacme_client_group)#g; \ + s#@@acmeapi_server@@#$(acmeapi_server)#g; \ + " -- "$@" release: @if ! git diff HEAD --quiet -- ./Changelog ./lacme ./lacme-accountd ./client; then \ @@ -210,7 +210,7 @@ sub acme($;$) { }); } -my $SERVER_URI = $CONFIG->{server} // 'https://acme-v02.api.letsencrypt.org/directory'; +my $SERVER_URI = $CONFIG->{server} // '@@acmeapi_server@@'; my %RES; # Get the resource URI from the directory diff --git a/config/lacme.conf b/config/lacme.conf index 198729d..0392be5 100644 --- a/config/lacme.conf +++ b/config/lacme.conf @@ -35,7 +35,7 @@ # <https://acme-staging-v02.api.letsencrypt.org/directory> for testing # as it has relaxed rate-limiting. # -#server = https://acme-v02.api.letsencrypt.org/directory +#server = @@acmeapi_server@@ # Timeout in seconds after which the client stops polling the ACME # server and considers the request failed. @@ -194,7 +194,7 @@ of [ACME] commands and dialogues with the remote [ACME] server). *server* : Root URI of the [ACME] server. - Default: `https://acme-v02.api.letsencrypt.org/directory`. + Default: `@@acmeapi_server@@`. *timeout* @@ -85,7 +85,8 @@ elif [ "$MODE" = "dev" ]; then lacme_www_user=_lacme-www \ lacme_www_group=nogroup \ lacme_client_user=_lacme-client \ - lacme_client_group=nogroup + lacme_client_group=nogroup \ + acmeapi_server="https://acme-staging-v02.api.letsencrypt.org/directory" fi ACCOUNT_KEY="$BUILDDIR/account.key" @@ -162,9 +163,6 @@ run() { sudo install -oroot -groot -m0644 -vt "$rootdir/usr/share/lacme" certs-staging/*.pem sudo install -oroot -groot -m0644 -vT "$BUILDDIR/certs-staging/ca-certificates.crt" \ "$rootdir/usr/share/lacme/ca-certificates.crt" - sudo schroot -d"/" -c "$CHROOT" -r -- perl -pi -e \ - 's|\b\Qhttps://acme-v02.api.letsencrypt.org/\E\b|https://acme-staging-v02.api.letsencrypt.org/|' \ - "/usr/libexec/lacme/client" "/etc/lacme/lacme.conf" # install account key and configure lacme accordingly sudo install -oroot -groot -m0600 -vT -- "$BUILDDIR/account.key" \ |