diff options
Diffstat (limited to 'lacme')
-rwxr-xr-x | lacme | 18 |
1 files changed, 9 insertions, 9 deletions
@@ -15,7 +15,7 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <https://www.gnu.org/licenses/>. #---------------------------------------------------------------------- use v5.14.2; @@ -75,7 +75,7 @@ sub set_FD_CLOEXEC($$); my $CONFFILENAME = $OPTS{config} // first { -f $_ } ( "./$NAME.conf" , ($ENV{XDG_CONFIG_HOME} // "$ENV{HOME}/.config")."/lacme/$NAME.conf" - , "/etc/lacme/$NAME.conf" + , "@@sysconfdir@@/lacme/$NAME.conf" ); do { die "Error: Can't find configuration file\n" unless defined $CONFFILENAME; @@ -87,30 +87,30 @@ do { my $h = Config::Tiny::->read_string($conf) or die Config::Tiny::->errstr()."\n"; my $defaults = delete $h->{_} // {}; - my $accountd = exists $h->{accountd} ? 1 : 0; + my $accountd = defined $OPTS{socket} ? 0 : exists $h->{accountd} ? 1 : 0; my %valid = ( client => { socket => (defined $ENV{XDG_RUNTIME_DIR} ? "$ENV{XDG_RUNTIME_DIR}/S.lacme" : undef), user => 'nobody', group => 'nogroup', - command => '/usr/lib/lacme/client', + command => '@@libexecdir@@/lacme/client', # the rest is for the ACME client map {$_ => undef} qw/server timeout SSL_verify SSL_version SSL_cipher_list/ }, webserver => { - listen => '/var/run/lacme-www.socket', + listen => '@@runstatedir@@/lacme-www.socket', 'challenge-directory' => undef, user => 'www-data', group => 'www-data', - command => '/usr/lib/lacme/webserver', + command => '@@libexecdir@@/lacme/webserver', iptables => 'No' }, accountd => { user => '', group => '', - command => '/usr/bin/lacme-accountd', - config => '/etc/lacme/lacme-accountd.conf', + command => '@@bindir@@/lacme-accountd', + config => '@@sysconfdir@@/lacme/lacme-accountd.conf', privkey => undef, quiet => 'Yes', } @@ -743,7 +743,7 @@ elsif ($COMMAND eq 'newOrder' or $COMMAND eq 'new-cert') { }; # verify certificate validity against the CA - $conf->{CAfile} //= '/usr/share/lacme/lets-encrypt-x3-cross-signed.pem'; + $conf->{CAfile} //= '@@datadir@@/lacme/lets-encrypt-x3-cross-signed.pem'; if ($conf->{CAfile} ne '' and spawn({in => $x509}, 'openssl', 'verify', '-CAfile', $conf->{CAfile}, qw/-purpose sslserver -x509_strict/)) { print STDERR "[$s] Error: Received invalid X.509 certificate from ACME server!\n"; |