~ruther/guix-local

a2cb2bbc0ba984398dd79ff7bd37af8960f67ced — ClĂ©ment Lassieur 8 years ago 0420a29 
services: certbot: Allow to set RSA key size.

* doc/guix.texi (Certificate Services): Document it.
* gnu/services/certbot.scm (<cerbot-configuration>, certbot-command,
certbot-activation, certbot-nginx-server-configurations): Add it.
patch browse .tar.gz 
2 files changed, 16 insertions(+), 8 deletions(-)

M doc/guix.texi
M gnu/services/certbot.scm

M doc/guix.texi => doc/guix.texi +3 -0
@@ 15785,6 15785,9 @@ and several @code{domains}.
Mandatory email used for registration, recovery contact, and important
account notifications.

@item @code{rsa-key-size} (default: @code{2048})
Size of the RSA key.

@item @code{default-location} (default: @i{see below})
The default @code{nginx-location-configuration}.  Because @code{certbot}
needs to be able to serve challenges and responses, it needs to be able


M gnu/services/certbot.scm => gnu/services/certbot.scm +13 -8
@@ 60,6 60,8 @@
  (certificates        certbot-configuration-certificates
                       (default '()))
  (email               certbot-configuration-email)
  (rsa-key-size        certbot-configuration-rsa-key-size
                       (default #f))
  (default-location    certbot-configuration-default-location
                       (default
                         (nginx-location-configuration


@@ 70,17 72,20 @@
(define certbot-command
  (match-lambda
    (($ <certbot-configuration> package webroot certificates email
                                default-location)
                                rsa-key-size default-location)
     (let* ((certbot (file-append package "/bin/certbot"))
            (rsa-key-size (and rsa-key-size (number->string rsa-key-size)))
            (commands
             (map
              (match-lambda
                (($ <certificate-configuration> name domains)
                 (list certbot "certonly" "-n" "--agree-tos"
                       "-m" email
                       "--webroot" "-w" webroot
                       "--cert-name" (or name (car domains))
                       "-d" (string-join domains ","))))
                 (append
                  (list certbot "certonly" "-n" "--agree-tos"
                        "-m" email
                        "--webroot" "-w" webroot
                        "--cert-name" (or name (car domains))
                        "-d" (string-join domains ","))
                  (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '()))))
              certificates)))
       (program-file
        "certbot-command"


@@ 100,7 105,7 @@
(define (certbot-activation config)
  (match config
    (($ <certbot-configuration> package webroot certificates email
                                default-location)
                                rsa-key-size default-location)
     (with-imported-modules '((guix build utils))
       #~(begin
           (use-modules (guix build utils))


@@ 110,7 115,7 @@
(define certbot-nginx-server-configurations
  (match-lambda
    (($ <certbot-configuration> package webroot certificates email
                                default-location)
                                rsa-key-size default-location)
     (list
      (nginx-server-configuration
       (listen '("80" "[::]:80"))