From 626c0418b3d8c3747a7be8e2620d7c85a8c2c613 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sun, 21 Feb 2021 02:55:46 +0100 Subject: Make the ACME API server URL configurable at build time. --- Makefile | 7 +++++-- client | 2 +- config/lacme.conf | 2 +- lacme.8.md | 2 +- test | 6 ++---- 5 files changed, 10 insertions(+), 9 deletions(-) diff --git a/Makefile b/Makefile index a4caff0..16ac04e 100644 --- a/Makefile +++ b/Makefile @@ -49,6 +49,8 @@ lacme_www_group ?= www-data lacme_client_user ?= nobody lacme_client_group ?= nogroup +acmeapi_server ?= https://acme-v02.api.letsencrypt.org/directory + $(BUILDDIR)/%: % mkdir -pv -- $(dir $@) cp --no-dereference --preserve=mode,links,xattr -vfT -- "$<" "$@" @@ -62,8 +64,9 @@ $(BUILDDIR)/%: % s#@@lacme_www_user@@#$(lacme_www_user)#g; \ s#@@lacme_www_group@@#$(lacme_www_group)#g; \ s#@@lacme_client_user@@#$(lacme_client_user)#g; \ - s#@@lacme_client_group@@#$(lacme_client_group)#g;" \ - -- "$@" + s#@@lacme_client_group@@#$(lacme_client_group)#g; \ + s#@@acmeapi_server@@#$(acmeapi_server)#g; \ + " -- "$@" release: @if ! git diff HEAD --quiet -- ./Changelog ./lacme ./lacme-accountd ./client; then \ diff --git a/client b/client index a5490f8..e62541c 100755 --- a/client +++ b/client @@ -210,7 +210,7 @@ sub acme($;$) { }); } -my $SERVER_URI = $CONFIG->{server} // 'https://acme-v02.api.letsencrypt.org/directory'; +my $SERVER_URI = $CONFIG->{server} // '@@acmeapi_server@@'; my %RES; # Get the resource URI from the directory diff --git a/config/lacme.conf b/config/lacme.conf index 198729d..0392be5 100644 --- a/config/lacme.conf +++ b/config/lacme.conf @@ -35,7 +35,7 @@ # for testing # as it has relaxed rate-limiting. # -#server = https://acme-v02.api.letsencrypt.org/directory +#server = @@acmeapi_server@@ # Timeout in seconds after which the client stops polling the ACME # server and considers the request failed. diff --git a/lacme.8.md b/lacme.8.md index 7d66e79..30de221 100644 --- a/lacme.8.md +++ b/lacme.8.md @@ -194,7 +194,7 @@ of [ACME] commands and dialogues with the remote [ACME] server). *server* : Root URI of the [ACME] server. - Default: `https://acme-v02.api.letsencrypt.org/directory`. + Default: `@@acmeapi_server@@`. *timeout* diff --git a/test b/test index 50b7382..2be9303 100755 --- a/test +++ b/test @@ -85,7 +85,8 @@ elif [ "$MODE" = "dev" ]; then lacme_www_user=_lacme-www \ lacme_www_group=nogroup \ lacme_client_user=_lacme-client \ - lacme_client_group=nogroup + lacme_client_group=nogroup \ + acmeapi_server="https://acme-staging-v02.api.letsencrypt.org/directory" fi ACCOUNT_KEY="$BUILDDIR/account.key" @@ -162,9 +163,6 @@ run() { sudo install -oroot -groot -m0644 -vt "$rootdir/usr/share/lacme" certs-staging/*.pem sudo install -oroot -groot -m0644 -vT "$BUILDDIR/certs-staging/ca-certificates.crt" \ "$rootdir/usr/share/lacme/ca-certificates.crt" - sudo schroot -d"/" -c "$CHROOT" -r -- perl -pi -e \ - 's|\b\Qhttps://acme-v02.api.letsencrypt.org/\E\b|https://acme-staging-v02.api.letsencrypt.org/|' \ - "/usr/libexec/lacme/client" "/etc/lacme/lacme.conf" # install account key and configure lacme accordingly sudo install -oroot -groot -m0600 -vT -- "$BUILDDIR/account.key" \ -- cgit v1.2.3