diff options
author | Clément Lassieur <clement@lassieur.org> | 2018-02-10 16:06:12 +0100 |
---|---|---|
committer | Clément Lassieur <clement@lassieur.org> | 2018-02-22 21:43:53 +0100 |
commit | c1dfcfdf58b4a05903d6b4266ca3c04f1c4cb6e2 (patch) | |
tree | 9a502fa90ea82a908b8de211fd5a57709f6b14f3 | |
parent | 966fd7b7e9f321a02e740659ab1c1853e34533b5 (diff) | |
download | patches-c1dfcfdf58b4a05903d6b4266ca3c04f1c4cb6e2.tar patches-c1dfcfdf58b4a05903d6b4266ca3c04f1c4cb6e2.tar.gz |
services: certbot: Refactor certbot command.
* gnu/services/certbot.scm (certbot-renewal-jobs, certbot-activation):
Refactor common code into certbot-command.
-rw-r--r-- | gnu/services/certbot.scm | 53 |
1 files changed, 26 insertions, 27 deletions
diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm index 0b425bab90..661e174980 100644 --- a/gnu/services/certbot.scm +++ b/gnu/services/certbot.scm @@ -57,41 +57,40 @@ (body (list "return 301 https://$host$request_uri;")))))) -(define certbot-renewal-jobs +(define certbot-command (match-lambda (($ <certbot-configuration> package webroot domains default-location) - (match domains - ;; Avoid pinging certbot if we have no domains. - (() '()) - (_ - (list - ;; Attempt to renew the certificates twice per day, at a random - ;; minute within the hour. See - ;; https://certbot.eff.org/all-instructions/. - #~(job '(next-minute-from (next-hour '(0 12)) (list (random 60))) - (string-append #$package "/bin/certbot renew" - (string-concatenate - (map (lambda (domain) - (string-append " -d " domain)) - '#$domains)))))))))) + (let* ((certbot (file-append package "/bin/certbot")) + (commands + (map + (lambda (domain) + (list certbot "certonly" + "--webroot" "-w" webroot + "-d" domain)) + domains))) + (program-file + "certbot-command" + #~(let ((code 0)) + (for-each + (lambda (command) + (set! code (or (apply system* command) code))) + '#$commands) code)))))) -(define certbot-activation - (match-lambda +(define (certbot-renewal-jobs config) + (list + ;; Attempt to renew the certificates twice per day, at a random minute + ;; within the hour. See https://certbot.eff.org/all-instructions/. + #~(job '(next-minute-from (next-hour '(0 12)) (list (random 60))) + #$(certbot-command config)))) + +(define (certbot-activation config) + (match config (($ <certbot-configuration> package webroot domains default-location) (with-imported-modules '((guix build utils)) #~(begin (use-modules (guix build utils)) (mkdir-p #$webroot) - (for-each - (lambda (domain) - (unless (file-exists? - (in-vicinity "/etc/letsencrypt/live" domain)) - (unless (zero? (system* - (string-append #$certbot "/bin/certbot") - "certonly" "--webroot" "-w" #$webroot - "-d" domain)) - (error "failed to acquire cert for domain" domain)))) - '#$domains)))))) + (zero? (system* #$(certbot-command config)))))))) (define certbot-nginx-server-configurations (match-lambda |