From acfa55a581ca4e688ee4b8f860fe365b1f153ef9 Mon Sep 17 00:00:00 2001 From: Raghav Gururajan Date: Wed, 23 Jun 2021 12:47:59 -0400 Subject: gnu: Add desec-certbot-hook. * gnu/packages/serts.scm (desec-certbot-hook): New variable. --- gnu/packages/certs.scm | 51 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) (limited to 'gnu/packages/certs.scm') diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm index 9dcd733ffe..e15a9660df 100644 --- a/gnu/packages/certs.scm +++ b/gnu/packages/certs.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2016, 2017 Ludovic Courtès ;;; Copyright © 2017 Leo Famulari ;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice +;;; Copyright © 2021 Raghav Gururajan ;;; ;;; This file is part of GNU Guix. ;;; @@ -24,13 +25,63 @@ #:use-module ((guix licenses) #:prefix license:) #:use-module (guix packages) #:use-module (guix download) + #:use-module (guix git-download) + #:use-module (guix build-system copy) #:use-module (guix build-system gnu) #:use-module (guix build-system trivial) #:use-module (gnu packages) + #:use-module (gnu packages curl) #:use-module (gnu packages python) #:use-module (gnu packages perl) #:use-module (gnu packages tls)) +(define-public desec-certbot-hook + (let ((commit "68da7abc0793602fd336962a7e2348b57c5d6fd6") + (revision "0")) + (package + (name "desec-certbot-hook") + (version + (git-version "0" revision commit)) + (source + (origin + (method git-fetch) + (uri + (git-reference + (url "https://github.com/desec-io/desec-certbot-hook") + (commit commit))) + (file-name (git-file-name name version)) + (sha256 + (base32 "0qjqk6i85b1y7fgzcx74r4gn2i4dkjza34hkzp6kyn9hrb8f2gv2")))) + (build-system copy-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'patch-script + (lambda* (#:key inputs #:allow-other-keys) + (substitute* "hook.sh" + ;; The hook-script look for '.dedynauth' file in $PWD. + ;; But users cannot create or edit files in store. + ;; So we patch the hook-script to look for '.dedynauth' file, + ;; in /etc/desec. + (("\\$\\(pwd\\)") + "/etc/desec") + ;; Make absolute reference to curl program. + (("curl") + (string-append (assoc-ref inputs "curl") + "/bin/curl")))))) + #:install-plan + '(("." "etc/desec" #:include ("hook.sh"))))) + (inputs + `(("curl" ,curl))) + (synopsis "Certbot DNS challenge automatization for deSEC") + (description "The deSEC can be used to obtain certificates with certbot +DNS ownership verification. With the help of this hook script, you can obtain +your Let's Encrypt certificate using certbot with authorization provided by the +DNS challenge mechanism, that is, you will not need a running web server or any +port forwarding to your local machine.") + (home-page "https://desec.io") + (license license:expat)))) + (define certdata2pem (package (name "certdata2pem") -- cgit 1.4.1