summaryrefslogtreecommitdiff
path: root/gnu/services/certbot.scm
Commit message (Collapse)AuthorAge
* services: certbot: Add one-shot service to renew certificates.Carlo Zancanaro2024-01-31
| | | | | | | | | | * gnu/services/certbot.scm (certbot-renewal-one-shot): New procedure. (certbot-service-type)[extensions]: Add it to shepherd-root extension. (certbot-command): Make connection errors return a different exit code. (certbot-activation): Remove message with certificate renewal instructions. Change-Id: I614ac6214a753dba0396e2385a75926c8355caa1 Signed-off-by: Clément Lassieur <clement@lassieur.org>
* services: certbot: Reload nginx in deploy hook.Carlo Zancanaro2024-01-31
| | | | | | | | * gnu/services/certbot.scm (certbot-deploy-hook): Reload nginx. * doc/guix.texi (Certificate services): Remove deploy-hook from example. Change-Id: Ibb10481170a6fda7df72492072b939dd6a6ad176 Signed-off-by: Clément Lassieur <clement@lassieur.org>
* services: certbot: Create self-signed certificates before certbot runs.Carlo Zancanaro2024-01-31
| | | | | | | | | | | | * gnu/services/certbot.scm (<certificate-configuration>): Add start-self-signed? field. (generate-certificate-gexp): New procedure. (certbot-activation): Generate self-signed certificates when start-self-signed? is #t. * doc/guix.texi (Certificate services): Document start-self-signed?. Change-Id: Icfd85ae0c3e29324acbcde6ba283546cf0e27a1d Signed-off-by: Clément Lassieur <clement@lassieur.org>
* services: certbot: Symlink certificates to /etc/certs.Carlo Zancanaro2024-01-31
| | | | | | | | | | * gnu/services/certbot.scm (certbot-deploy-hook): New procedure. (certbot-command): Pass new deploy hook to certbot. * doc/guix.texi: Replace "letsencrypt/live" with "certs" throughout, except in the certbot deploy-hook description. Change-Id: I2ba5e4903d1e293e566b732a84b07d5a134b697d Signed-off-by: Clément Lassieur <clement@lassieur.org>
* services: certbot: Fix nginx crash when certbot is used without domains.Saku Laesvuori2023-06-18
| | | | | | | | | | * gnu/services/certbot.scm (certbot-nginx-server-configurations): Don't return a broken nginx-server-configuration with empty server_name when no certificate domains are configured. Instead add a separate server for every certificate, so 0 certificates adds 0 servers. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Reviewed-by: Bruno Victal <mirai@makinata.eu>
* services: certbot: Fix broken link.jgart2023-01-03
| | | | | | * gnu/services/certbot.scm (certbot-renewal-jobs): Fix broken link. Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
* services: certbot: Create "live" directory during activation.Mája Tomášek2022-09-29
| | | | | | | | | | When trying to run certbot, the mcron command fails, as /etc/letsencrypt/live is missing. This patch adds it into the certbot activation service. * gnu/services/certbot.scm (certbot-activation): Make /etc/letsencrypt/live. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* services: certbot: Add option to use CSR file.Raghav Gururajan2021-06-24
| | | | | | * gnu/services/certbot.scm (<certificate-configuration>): Add csr field. (certbot-command): Modify. * doc/guix.texi (Certificate Services): Document it.
* services: certbot: Support registration without email.Timotej Lazar2020-09-13
| | | | | | | | | * gnu/services/certbot.scm (certbot-configuration): Add default for the email option. (certbot-command): Pass email for registration only when specified. * doc/guix.texi (Certificate Services): "mandatory"→"optional" email. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* mailmap: Update entries for Nikita.nikita2020-05-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * .mailmap: change email and name for Nikita. * Makefile.am, doc/guix.texi, etc/completion/fish/guix.fish, gnu/packages/accessibility.scm, gnu/packages/admin.scm, gnu/packages/audio.scm, gnu/packages/autotools.scm, gnu/packages/cdrom.scm, gnu/packages/check.scm, gnu/packages/cinnamon.scm, gnu/packages/compression.scm, gnu/packages/crypto.scm, gnu/packages/databases.scm, gnu/packages/django.scm, gnu/packages/dns.scm, gnu/packages/elixir.scm, gnu/packages/emacs-xyz.scm, gnu/packages/emacs.scm, gnu/packages/enlightenment.scm, gnu/packages/erlang.scm, gnu/packages/fonts.scm, gnu/packages/fontutils.scm, gnu/packages/forth.scm, gnu/packages/fvwm.scm, gnu/packages/games.scm, gnu/packages/gl.scm, gnu/packages/gnome.scm, gnu/packages/gnunet.scm, gnu/packages/gnupg.scm, gnu/packages/gtk.scm, gnu/packages/guile-wm.scm, gnu/packages/guile-xyz.scm, gnu/packages/haskell-apps.scm, gnu/packages/haskell-check.scm, gnu/packages/haskell-crypto.scm, gnu/packages/haskell-xyz.scm, gnu/packages/haskell.scm, gnu/packages/image-viewers.scm, gnu/packages/image.scm, gnu/packages/irc.scm, gnu/packages/language.scm, gnu/packages/libcanberra.scm, gnu/packages/linux.scm, gnu/packages/lisp-xyz.scm, gnu/packages/lisp.scm, gnu/packages/lolcode.scm, gnu/packages/lxde.scm, gnu/packages/lxqt.scm, gnu/packages/mail.scm, gnu/packages/markup.scm, gnu/packages/mate.scm, gnu/packages/maths.scm, gnu/packages/mc.scm, gnu/packages/messaging.scm, gnu/packages/music.scm, gnu/packages/ncurses.scm, gnu/packages/networking.scm, gnu/packages/nickle.scm, gnu/packages/openbox.scm, gnu/packages/pdf.scm, gnu/packages/perl-check.scm, gnu/packages/perl.scm, gnu/packages/python-compression.scm, gnu/packages/python-crypto.scm, gnu/packages/python-web.scm, gnu/packages/python-xyz.scm, gnu/packages/python.scm, gnu/packages/qt.scm, gnu/packages/ruby.scm, gnu/packages/rust.scm, gnu/packages/scheme.scm, gnu/packages/serialization.scm, gnu/packages/shells.scm, gnu/packages/ssh.scm, gnu/packages/suckless.scm, gnu/packages/tbb.scm, gnu/packages/telephony.scm, gnu/packages/text-editors.scm, gnu/packages/textutils.scm, gnu/packages/time.scm, gnu/packages/tls.scm, gnu/packages/tor.scm, gnu/packages/version-control.scm, gnu/packages/video.scm, gnu/packages/vim.scm, gnu/packages/web.scm, gnu/packages/wm.scm, gnu/packages/xdisorg.scm, gnu/packages/xfce.scm, gnu/packages/xml.scm, gnu/packages/xorg.scm, gnu/services/certbot.scm, gnu/services/desktop.scm, gnu/services/version-control.scm, gnu/services/web.scm, guix/import/hackage.scm, guix/licenses.scm: Likewise. Signed-off-by: Efraim Flashner <efraim@flashner.co.il>
* services: certbot: Add server option.Jack Hill2020-03-08
| | | | | | | | | | | * gnu/services/certbot.scm (certbot-configuration): Add server option. (certbot-command): Use server option. (certbot-actication): Use server option. (certbot-nginx-server-configurations): Use server option. * doc/guix.texi (Certificate Services): Document server option. Co-authored-by: Tobias Geerinckx-Rice <me@tobias.gr> Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* services: certbot: Add --manual-public-ip-logging-ok for manual challengesCarlo Zancanaro2019-09-16
| | | | | | | | * gnu/services/certbot.scm (certbot-command): Add --manual-public-ip-logging-ok flag to the certbot command when doing a manual challenge. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* gnu: certbot: Add support for manual plugin.Julien Lepiller2019-04-25
| | | | | | | * gnu/services/certbot.scm (certificate-configuration): Add challenge, auth-hook and cleanup-hook fields. (certbot-command): Use them. * doc/guix.texi (Certificate Services): Document them.
* Correct name and email address for ng0.ng02019-03-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * .mailmap, Makefile.am, doc/guix.de.texi, doc/guix.fr.texi, doc/guix.texi, etc/completion/fish/guix.fish, gnu/packages/accessibility.scm, gnu/packages/admin.scm, gnu/packages/audio.scm, gnu/packages/autotools.scm, gnu/packages/cdrom.scm, gnu/packages/check.scm, gnu/packages/cinnamon.scm, gnu/packages/compression.scm, gnu/packages/crypto.scm, gnu/packages/databases.scm, gnu/packages/django.scm, gnu/packages/dns.scm, gnu/packages/elixir.scm, gnu/packages/emacs-xyz.scm, gnu/packages/emacs.scm, gnu/packages/enlightenment.scm, gnu/packages/erlang.scm, gnu/packages/fonts.scm, gnu/packages/fontutils.scm, gnu/packages/forth.scm, gnu/packages/fvwm.scm, gnu/packages/games.scm, gnu/packages/gl.scm, gnu/packages/gnome.scm, gnu/packages/gnunet.scm, gnu/packages/gnupg.scm, gnu/packages/gnuzilla.scm, gnu/packages/gtk.scm, gnu/packages/guile-wm.scm,gnu/packages/guile-xyz.scm, gnu/packages/haskell-check.scm, gnu/packages/haskell-crypto.scm, gnu/packages/haskell.scm, gnu/packages/image-viewers.scm, gnu/packages/image.scm, gnu/packages/irc.scm, gnu/packages/language.scm, gnu/packages/libcanberra.scm, gnu/packages/linux.scm, gnu/packages/lisp.scm, gnu/packages/lolcode.scm, gnu/packages/lxde.scm, gnu/packages/lxqt.scm, gnu/packages/mail.scm, gnu/packages/markup.scm, gnu/packages/mate.scm, gnu/packages/maths.scm, gnu/packages/mc.scm, gnu/packages/messaging.scm, gnu/packages/music.scm, gnu/packages/ncurses.scm, gnu/packages/networking.scm, gnu/packages/nickle.scm, gnu/packages/openbox.scm, gnu/packages/pdf.scm, gnu/packages/perl-check.scm, gnu/packages/perl.scm, gnu/packages/python-compression.scm, gnu/packages/python-crypto.scm, gnu/packages/python-web.scm, gnu/packages/python-xyz.scm, gnu/packages/python.scm, gnu/packages/qt.scm, gnu/packages/ruby.scm, gnu/packages/rust.scm, gnu/packages/scheme.scm, gnu/packages/serialization.scm, gnu/packages/shells.scm, gnu/packages/ssh.scm, gnu/packages/suckless.scm, gnu/packages/tbb.scm, gnu/packages/telephony.scm, gnu/packages/text-editors.scm, gnu/packages/textutils.scm, gnu/packages/time.scm, gnu/packages/tls.scm, gnu/packages/tor.scm, gnu/packages/version-control.scm, gnu/packages/video.scm, gnu/packages/vim.scm, gnu/packages/web.scm, gnu/packages/wm.scm, gnu/packages/xdisorg.scm, gnu/packages/xfce.scm, gnu/packages/xml.scm, gnu/packages/xorg.scm, gnu/services/certbot.scm, gnu/services/desktop.scm, gnu/services/version-control.scm, gnu/services/web.scm, guix/import/hackage.scm, guix/licenses.scm: Correct name and email address for ng0. Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
* services: certbot: Don't try to renew certificates on activation.Clément Lassieur2018-04-03
| | | | | | | | | | Because it takes too much time and it requires networking. Thanks to Mathieu Othacehe for suggesting this. * gnu/services/certbot.scm (certbot-activation): Do not run the renewal command, copy its path to a fixed location, display it, so that the user can run the command when they want.
* Correct name and Email for ng0.ng02018-03-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * .mailmap: Correct name and Email for ng0. * Makefile.am, doc/guix.texi, etc/completion/fish/guix.fish gnu/packages/accessibility.scm, gnu/packages/admin.scm, gnu/packages/audio.scm, gnu/packages/autotools.scm, gnu/packages/cdrom.scm, gnu/packages/check.scm, gnu/packages/cinnamon.scm, gnu/packages/compression.scm, gnu/packages/crypto.scm, gnu/packages/databases.scm, gnu/packages/django.scm, gnu/packages/dns.scm, gnu/packages/emacs.scm, gnu/packages/enlightenment.scm, gnu/packages/fonts.scm, gnu/packages/fontutils.scm, gnu/packages/forth.scm, gnu/packages/fvwm.scm, gnu/packages/games.scm, gnu/packages/gl.scm, gnu/packages/gnome.scm, gnu/packages/gnunet.scm, gnu/packages/gnupg.scm, gnu/packages/gnuzilla.scm, gnu/packages/gtk.scm, gnu/packages/guile-wm.scm, gnu/packages/guile.scm, gnu/packages/haskell-check.scm, gnu/packages/haskell-crypto.scm, gnu/packages/haskell.scm, gnu/packages/image-viewers.scm, gnu/packages/image.scm, gnu/packages/irc.scm, gnu/packages/language.scm, gnu/packages/libcanberra.scm, gnu/packages/linux.scm, gnu/packages/lisp.scm, gnu/packages/lolcode.scm, gnu/packages/lxde.scm, gnu/packages/lxqt.scm, gnu/packages/mail.scm, gnu/packages/markup.scm, gnu/packages/mate.scm, gnu/packages/maths.scm, gnu/packages/mc.scm, gnu/packages/messaging.scm, gnu/packages/music.scm, gnu/packages/ncurses.scm, gnu/packages/networking.scm, gnu/packages/nickle.scm, gnu/packages/openbox.scm, gnu/packages/pdf.scm, gnu/packages/perl-check.scm, gnu/packages/perl.scm, gnu/packages/python-crypto.scm, gnu/packages/python-web.scm, gnu/packages/python.scm, gnu/packages/qt.scm, gnu/packages/ruby.scm, gnu/packages/rust.scm, gnu/packages/scheme.scm, gnu/packages/serialization.scm, gnu/packages/shells.scm, gnu/packages/ssh.scm, gnu/packages/suckless.scm, gnu/packages/tbb.scm, gnu/packages/telephony.scm, gnu/packages/text-editors.scm, gnu/packages/textutils.scm, gnu/packages/time.scm, gnu/packages/tls.scm, gnu/packages/tor.scm, gnu/packages/version-control.scm, gnu/packages/video.scm, gnu/packages/vim.scm, gnu/packages/web.scm, gnu/packages/wm.scm, gnu/packages/xdisorg.scm, gnu/packages/xfce.scm, gnu/packages/xml.scm, gnu/packages/xorg.scm, gnu/services/certbot.scm, gnu/services/desktop.scm, gnu/services/version-control.scm, gnu/services/web.scm, guix/import/hackage.scm, guix/licenses.scm: Likewise. Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
* services: certbot: Allow to set a deploy hook.Clément Lassieur2018-02-22
| | | | | | * doc/guix.texi (Certificate Services): Document it. * gnu/services/certbot.scm (<certificate-configuration>, certbot-command): Add it.
* services: certbot: Add verbosity.Clément Lassieur2018-02-22
| | | | | | | The certificate name wasn't displayed if it wasn't being renewed. * gnu/services/certbot.scm (certbot-command): Print certificate name before running the associated command.
* services: certbot: Allow to set RSA key size.Clément Lassieur2018-02-22
| | | | | | * doc/guix.texi (Certificate Services): Document it. * gnu/services/certbot.scm (<cerbot-configuration>, certbot-command, certbot-activation, certbot-nginx-server-configurations): Add it.
* services: certbot: Associate one certificate with several domains.Clément Lassieur2018-02-22
| | | | | | | | | | | | * doc/guix.texi (Certificate Services): Document <certificate-configuration>, the change from domains to certificates and the fact that their path is now derived from their name. * gnu/services/certbot.scm (<certificate-configuration>): Add and export it. (certbot-configuration, certbot-command, certbot-activation, certbot-nginx-server-configurations, certbot-service-type): Replace 'domains' with 'certificates'. (certbot-nginx-server-configurations): Use only one nginx-server-configuration and use all certificate domains as the server-name.
* services: certbot: Get certbot to run non-interactively.Clément Lassieur2018-02-22
| | | | | | | | | * doc/guix.texi (Certificate Services): Add email field and link to the ACME Subscriber Agreement. * gnu/services/certbot.scm (<certbot-configuration>, certbot-command, certbot-activation, certbot-nginx-server-configurations): Add email field. (certbot-command): Add '-n' and '--agree-tos' options. (certbot-service-type): Remove default-value.
* services: certbot: Refactor certbot command.Clément Lassieur2018-02-22
| | | | | * gnu/services/certbot.scm (certbot-renewal-jobs, certbot-activation): Refactor common code into certbot-command.
* services: certbot: Rename 'host' to 'domain'.Clément Lassieur2018-02-22
| | | | | | | * doc/guix.texi (Certificate Services): Rename 'host' to 'domain'. * gnu/services/certbot.scm (<certbot-configuration>, certbot-renewal-jobs, certbot-activation, certbot-nginx-server-configurations, certbot-service-type): Rename 'host' to 'domain'.
* services: certbot: Fix indentation.Clément Lassieur2018-02-22
| | | | * gnu/services/certbot.scm (certbot-activation): Fix indentation.
* services: certbot: Run certbot twice a day at a random minute.Clément Lassieur2018-02-22
| | | | | | * doc/guix.texi (Certificate Services): Document it. * gnu/services/certbot.scm (certbot-renewal-jobs): Change job's time specification.
* services: certbot: Listen on IPv6.Clément Lassieur2018-02-22
| | | | | * gnu/services/certbot.scm (certbot-nginx-server-configurations): Listen on IPv6 too.
* services: nginx: Replace 'http-port' and 'https-port' with 'listen'.Clément Lassieur2017-12-18
| | | | | | | | | | | * doc/guix.texi (Web Services, Version Control Services): Update accordingly. * gnu/services/certbot.scm (certbot-nginx-server-configurations): Likewise. * gnu/services/version-control.scm (%cgit-configuration-nginx): Likewise. * gnu/services/web.scm (<nginx-server-configuration>, emit-nginx-server-config): Likewise. * gnu/tests/version-control.scm (%cgit-configuration-nginx, %git-nginx-configuration): Likewise. * gnu/tests/web.scm (%nginx-servers, %php-fpm-nginx-server-blocks): Likewise.
* services: certbot: Fix certbot renewal job.Christopher Baines2017-12-17
| | | | | | | Quote the list of hosts, to avoid generating a broken job definition. * gnu/services/certbot.scm (certbot-renewal-jobs): Quote the hosts when passing them in to the job gexp.
* services: certbot: Add default value and description.Ludovic Courtès2017-11-28
| | | | | | * gnu/services/certbot.scm (certbot-service-type) [default-value, description]: New fields. * po/packages/POTFILES.in: Add it.
* services: Add certbot service.Andy Wingo2017-11-28
* gnu/services/certbot.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add new file. * doc/guix.texi (Certificate Services): New section. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
generated by cgit v1.2.3 (git 2.45.2) at 2024-07-12 16:45:56 +0000