aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2021-02-21 02:55:46 +0100
committerGuilhem Moulin <guilhem@fripost.org>2021-02-21 03:00:48 +0100
commit626c0418b3d8c3747a7be8e2620d7c85a8c2c613 (patch)
treed4b148cbd5b143238448eab1346a9cd603299f31
parent74c0a11722cf1e01b9a9834e89a07b55eaf01080 (diff)
Make the ACME API server URL configurable at build time.
-rw-r--r--Makefile7
-rwxr-xr-xclient2
-rw-r--r--config/lacme.conf2
-rw-r--r--lacme.8.md2
-rwxr-xr-xtest6
5 files changed, 10 insertions, 9 deletions
diff --git a/Makefile b/Makefile
index a4caff0..16ac04e 100644
--- a/Makefile
+++ b/Makefile
@@ -49,6 +49,8 @@ lacme_www_group ?= www-data
lacme_client_user ?= nobody
lacme_client_group ?= nogroup
+acmeapi_server ?= https://acme-v02.api.letsencrypt.org/directory
+
$(BUILDDIR)/%: %
mkdir -pv -- $(dir $@)
cp --no-dereference --preserve=mode,links,xattr -vfT -- "$<" "$@"
@@ -62,8 +64,9 @@ $(BUILDDIR)/%: %
s#@@lacme_www_user@@#$(lacme_www_user)#g; \
s#@@lacme_www_group@@#$(lacme_www_group)#g; \
s#@@lacme_client_user@@#$(lacme_client_user)#g; \
- s#@@lacme_client_group@@#$(lacme_client_group)#g;" \
- -- "$@"
+ s#@@lacme_client_group@@#$(lacme_client_group)#g; \
+ s#@@acmeapi_server@@#$(acmeapi_server)#g; \
+ " -- "$@"
release:
@if ! git diff HEAD --quiet -- ./Changelog ./lacme ./lacme-accountd ./client; then \
diff --git a/client b/client
index a5490f8..e62541c 100755
--- a/client
+++ b/client
@@ -210,7 +210,7 @@ sub acme($;$) {
});
}
-my $SERVER_URI = $CONFIG->{server} // 'https://acme-v02.api.letsencrypt.org/directory';
+my $SERVER_URI = $CONFIG->{server} // '@@acmeapi_server@@';
my %RES;
# Get the resource URI from the directory
diff --git a/config/lacme.conf b/config/lacme.conf
index 198729d..0392be5 100644
--- a/config/lacme.conf
+++ b/config/lacme.conf
@@ -35,7 +35,7 @@
# <https://acme-staging-v02.api.letsencrypt.org/directory> for testing
# as it has relaxed rate-limiting.
#
-#server = https://acme-v02.api.letsencrypt.org/directory
+#server = @@acmeapi_server@@
# Timeout in seconds after which the client stops polling the ACME
# server and considers the request failed.
diff --git a/lacme.8.md b/lacme.8.md
index 7d66e79..30de221 100644
--- a/lacme.8.md
+++ b/lacme.8.md
@@ -194,7 +194,7 @@ of [ACME] commands and dialogues with the remote [ACME] server).
*server*
: Root URI of the [ACME] server.
- Default: `https://acme-v02.api.letsencrypt.org/directory`.
+ Default: `@@acmeapi_server@@`.
*timeout*
diff --git a/test b/test
index 50b7382..2be9303 100755
--- a/test
+++ b/test
@@ -85,7 +85,8 @@ elif [ "$MODE" = "dev" ]; then
lacme_www_user=_lacme-www \
lacme_www_group=nogroup \
lacme_client_user=_lacme-client \
- lacme_client_group=nogroup
+ lacme_client_group=nogroup \
+ acmeapi_server="https://acme-staging-v02.api.letsencrypt.org/directory"
fi
ACCOUNT_KEY="$BUILDDIR/account.key"
@@ -162,9 +163,6 @@ run() {
sudo install -oroot -groot -m0644 -vt "$rootdir/usr/share/lacme" certs-staging/*.pem
sudo install -oroot -groot -m0644 -vT "$BUILDDIR/certs-staging/ca-certificates.crt" \
"$rootdir/usr/share/lacme/ca-certificates.crt"
- sudo schroot -d"/" -c "$CHROOT" -r -- perl -pi -e \
- 's|\b\Qhttps://acme-v02.api.letsencrypt.org/\E\b|https://acme-staging-v02.api.letsencrypt.org/|' \
- "/usr/libexec/lacme/client" "/etc/lacme/lacme.conf"
# install account key and configure lacme accordingly
sudo install -oroot -groot -m0600 -vT -- "$BUILDDIR/account.key" \