diff options
author | Andrew Cady <d@jerkface.net> | 2016-01-21 15:53:04 -0500 |
---|---|---|
committer | Andrew Cady <d@jerkface.net> | 2016-01-21 15:55:00 -0500 |
commit | 56fe46ef1d40d6da12b52728ee3a8263eba2f7a7 (patch) | |
tree | 6e6637d920ade8782547f32364cdac6620efb51a | |
parent | 71cff90ba42b49ea81d8c92adbbf8bd0f1343499 (diff) |
add option --domain-dir
also renamed --dir to --challenge-dir
-rw-r--r-- | README.md | 12 | ||||
-rw-r--r-- | acme.hs | 52 |
2 files changed, 45 insertions, 19 deletions
@@ -1,15 +1,21 @@ | |||
1 | # Let's Encrypt ACME protocol | 1 | # Let's Encrypt ACME protocol |
2 | 2 | ||
3 | ``` | 3 | ``` |
4 | Usage: acme-encrypt-exe --key FILE --domain DOMAIN --dir DIR [--email ADDRESS] | 4 | Let's Encrypt! ACME client |
5 | [--terms URL] [--staging] | 5 | |
6 | Usage: acme-encrypt-exe --key FILE --domain DOMAIN --challenge-dir DIR | ||
7 | [--domain-dir DIR] [--email ADDRESS] [--terms URL] | ||
8 | [--staging] | ||
6 | This is a work in progress. | 9 | This is a work in progress. |
7 | 10 | ||
8 | Available options: | 11 | Available options: |
9 | -h,--help Show this help text | 12 | -h,--help Show this help text |
10 | --key FILE filename of your private RSA key | 13 | --key FILE filename of your private RSA key |
11 | --domain DOMAIN the domain name to certify | 14 | --domain DOMAIN the domain name to certify |
12 | --dir DIR output directory for ACME challenges | 15 | --challenge-dir DIR output directory for ACME challenges |
16 | --domain-dir DIR directory in which to domain certificates and keys | ||
17 | are stored; the default is to use the domain name as | ||
18 | a directory name | ||
13 | --email ADDRESS an email address with which to register an account | 19 | --email ADDRESS an email address with which to register an account |
14 | --terms URL the terms param of the registration request | 20 | --terms URL the terms param of the registration request |
15 | --staging use staging servers instead of live servers | 21 | --staging use staging servers instead of live servers |
@@ -61,6 +61,7 @@ data CmdOpts = CmdOpts { | |||
61 | optKeyFile :: String, | 61 | optKeyFile :: String, |
62 | optDomain :: String, | 62 | optDomain :: String, |
63 | optChallengeDir :: String, | 63 | optChallengeDir :: String, |
64 | optDomainDir :: Maybe String, | ||
64 | optEmail :: Maybe String, | 65 | optEmail :: Maybe String, |
65 | optTerms :: Maybe String, | 66 | optTerms :: Maybe String, |
66 | optStaging :: Bool | 67 | optStaging :: Bool |
@@ -70,12 +71,33 @@ defaultTerms :: String | |||
70 | defaultTerms = "https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf" | 71 | defaultTerms = "https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf" |
71 | 72 | ||
72 | cmdopts :: Parser CmdOpts | 73 | cmdopts :: Parser CmdOpts |
73 | cmdopts = CmdOpts <$> strOption (long "key" <> metavar "FILE" <> help "filename of your private RSA key") | 74 | cmdopts = CmdOpts <$> strOption |
74 | <*> strOption (long "domain" <> metavar "DOMAIN" <> help "the domain name to certify") | 75 | (long "key" <> metavar "FILE" <> help "filename of your private RSA key") |
75 | <*> strOption (long "dir" <> metavar "DIR" <> help "output directory for ACME challenges") | 76 | <*> strOption |
76 | <*> optional (strOption (long "email" <> metavar "ADDRESS" <> help "an email address with which to register an account")) | 77 | (long "domain" <> metavar "DOMAIN" <> help "the domain name to certify") |
77 | <*> optional (strOption (long "terms" <> metavar "URL" <> help "the terms param of the registration request")) | 78 | <*> strOption |
78 | <*> switch (long "staging" <> help "use staging servers instead of live servers (certificates will not be real!)") | 79 | (long "challenge-dir" <> |
80 | metavar "DIR" <> | ||
81 | help "output directory for ACME challenges") | ||
82 | <*> optional | ||
83 | (strOption | ||
84 | (long "domain-dir" <> | ||
85 | metavar "DIR" <> | ||
86 | help | ||
87 | "directory in which to domain certificates and keys are stored; the default is to use the domain name as a directory name")) | ||
88 | <*> optional | ||
89 | (strOption | ||
90 | (long "email" <> | ||
91 | metavar "ADDRESS" <> | ||
92 | help "an email address with which to register an account")) | ||
93 | <*> optional | ||
94 | (strOption | ||
95 | (long "terms" <> | ||
96 | metavar "URL" <> | ||
97 | help "the terms param of the registration request")) | ||
98 | <*> switch | ||
99 | (long "staging" <> help | ||
100 | "use staging servers instead of live servers (certificates will not be real!)") | ||
79 | 101 | ||
80 | genKey :: String -> IO () | 102 | genKey :: String -> IO () |
81 | genKey privKeyFile = withOpenSSL $ do | 103 | genKey privKeyFile = withOpenSSL $ do |
@@ -107,19 +129,17 @@ readKeys privKeyFile = do | |||
107 | data ChallengeRequest = ChallengeRequest { crUri :: String, crToken :: ByteString, crThumbToken :: ByteString } | 129 | data ChallengeRequest = ChallengeRequest { crUri :: String, crToken :: ByteString, crThumbToken :: ByteString } |
108 | 130 | ||
109 | go :: CmdOpts -> IO () | 131 | go :: CmdOpts -> IO () |
110 | go (CmdOpts privKeyFile domain challengeDir email termOverride staging) = do | 132 | go (CmdOpts privKeyFile domain challengeDir altDomainDir email termOverride staging) = do |
111 | let terms = fromMaybe defaultTerms termOverride | 133 | let terms = fromMaybe defaultTerms termOverride |
112 | directoryUrl = if staging | 134 | directoryUrl = if staging then stagingDirectoryUrl else liveDirectoryUrl |
113 | then stagingDirectoryUrl | 135 | domainKeyFile = domainDir </> "rsa.key" |
114 | else liveDirectoryUrl | 136 | domainCSRFile = domainDir </> "csr.der" |
137 | domainCertFile = domainDir </> "cert.der" | ||
138 | domainDir = fromMaybe domain altDomainDir | ||
115 | 139 | ||
116 | doesFileExist privKeyFile >>= flip unless (genKey privKeyFile) | 140 | doesFileExist privKeyFile >>= flip unless (genKey privKeyFile) |
117 | 141 | ||
118 | let domainKeyFile = domain </> "rsa.key" | 142 | doesDirectoryExist domain >>= flip unless (createDirectory domainDir) |
119 | domainCSRFile = domain </> "csr.der" | ||
120 | domainCertFile = domain </> "cert.der" | ||
121 | |||
122 | doesDirectoryExist domain >>= flip unless (createDirectory domain) | ||
123 | doesFileExist domainKeyFile >>= flip unless (genKey domainKeyFile) | 143 | doesFileExist domainKeyFile >>= flip unless (genKey domainKeyFile) |
124 | 144 | ||
125 | keys <- readKeys privKeyFile | 145 | keys <- readKeys privKeyFile |