summary refs log tree commit diff
path: root/doc
diff options
context:
space:
mode:
authorJulien Lepiller <julien@lepiller.eu>2019-04-19 22:28:30 +0200
committerJulien Lepiller <julien@lepiller.eu>2019-04-25 19:46:18 +0200
commitb68aff1f05864a589b62afa44665a99e5cf43718 (patch)
tree70bca19ca5fe12b6a9cf889c8a18fb002cbc7b45 /doc
parentc3634df2a48a5b981a97c85f425784cee9f94bc7 (diff)
downloadguix-b68aff1f05864a589b62afa44665a99e5cf43718.tar.gz
gnu: certbot: Add support for manual plugin.
* gnu/services/certbot.scm (certificate-configuration): Add challenge,
auth-hook and cleanup-hook fields.
(certbot-command): Use them.
* doc/guix.texi (Certificate Services): Document them.
Diffstat (limited to 'doc')
-rw-r--r--doc/guix.texi20
1 files changed, 20 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index 879cb562e9..dbbb811a60 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -19425,6 +19425,26 @@ Its default is the first provided domain.
 The first domain provided will be the subject CN of the certificate, and
 all domains will be Subject Alternative Names on the certificate.
 
+@item @code{challenge} (default: @code{#f})
+The challenge type that has to be run by certbot.  If @code{#f} is specified,
+default to the HTTP challenge.  If a value is specified, defaults to the
+manual plugin (see @code{authentication-hook}, @code{cleanup-hook} and
+the documentation at @url{https://certbot.eff.org/docs/using.html#hooks}).
+
+@item @code{authentication-hook} (default: @code{#f})
+Command to be run in a shell once for each certificate challenge to be
+answered.  For this command, the shell variable @code{$CERTBOT_DOMAIN}
+will contain the domain being authenticated, @code{$CERTBOT_VALIDATION}
+contains the validation string and @code{$CERTBOT_TOKEN} contains the
+file name of the resource requested when performing an HTTP-01 challenge.
+
+@item @code{cleanup-hook} (default: @code{#f})
+Command to be run in a shell once for each certificate challenge that
+have been answered by the @code{auth-hook}.  For this command, the shell
+variables available in the @code{auth-hook} script are still available, and
+additionally @code{$CERTBOT_AUTH_OUTPUT} will contain the standard output
+of the @code{auth-hook} script.
+
 @item @code{deploy-hook} (default: @code{#f})
 Command to be run in a shell once for each successfully issued
 certificate.  For this command, the shell variable