diff options
author | Carlo Zancanaro <carlo@zancanaro.id.au> | 2019-08-10 22:52:50 +1000 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2019-09-16 10:22:35 +0200 |
commit | ec36339dfd2241cd518bb86b6714fc3b340afa95 (patch) | |
tree | 10445470dd0a2ab22f9352a10cabb1aeb7443d74 | |
parent | fb6e550d6b054371bff5d27f4c368a8cd977bb40 (diff) | |
download | guix-ec36339dfd2241cd518bb86b6714fc3b340afa95.tar guix-ec36339dfd2241cd518bb86b6714fc3b340afa95.tar.gz |
services: certbot: Add --manual-public-ip-logging-ok for manual challenges
* gnu/services/certbot.scm (certbot-command): Add
--manual-public-ip-logging-ok flag to the certbot command when doing a
manual challenge.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
-rw-r--r-- | doc/guix.texi | 4 | ||||
-rw-r--r-- | gnu/services/certbot.scm | 1 |
2 files changed, 4 insertions, 1 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index 39d4b865f6..55935b3794 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -20302,7 +20302,9 @@ all domains will be Subject Alternative Names on the certificate. The challenge type that has to be run by certbot. If @code{#f} is specified, default to the HTTP challenge. If a value is specified, defaults to the manual plugin (see @code{authentication-hook}, @code{cleanup-hook} and -the documentation at @url{https://certbot.eff.org/docs/using.html#hooks}). +the documentation at @url{https://certbot.eff.org/docs/using.html#hooks}), +and gives Let's Encrypt permission to log the public IP address of the +requesting machine. @item @code{authentication-hook} (default: @code{#f}) Command to be run in a shell once for each certificate challenge to be diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm index ae34ad17bb..0d3be03383 100644 --- a/gnu/services/certbot.scm +++ b/gnu/services/certbot.scm @@ -99,6 +99,7 @@ "--manual" (string-append "--preferred-challenges=" challenge) "--cert-name" name + "--manual-public-ip-logging-ok" "-d" (string-join domains ",")) (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '()) (if authentication-hook |