summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Cady <d@jerkface.net>2016-04-09 19:42:31 -0400
committerAndrew Cady <d@jerkface.net>2016-04-09 19:42:31 -0400
commit70137d8dba49353f525b4d3e93a919df80e81765 (patch)
tree1b51f8f48d28298ff93a6605394a2676d7e24ee0
parent5ccdc88c25f9a94e7b5db135a0876d606685a690 (diff)
implement remote file http provisioner
Diffstat
-rw-r--r--acme-certify.cabal3
-rw-r--r--acme-certify.hs42
2 files changed, 29 insertions, 16 deletions
diff --git a/acme-certify.cabal b/acme-certify.cabal
index 5c89233..364e269 100644
--- a/acme-certify.cabal
+++ b/acme-certify.cabal
@@ -29,7 +29,8 @@ executable acme
29 cryptonite, aeson, bytestring, base64-bytestring, SHA, 29 cryptonite, aeson, bytestring, base64-bytestring, SHA,
30 text, HsOpenSSL, optparse-applicative, time, 30 text, HsOpenSSL, optparse-applicative, time,
31 email-validate, network-uri, directory, yaml-config, 31 email-validate, network-uri, directory, yaml-config,
32 yaml, unordered-containers, lens, lens-aeson, process, posix-escape 32 yaml, unordered-containers, lens, lens-aeson, process,
33 posix-escape, transformers, resourcet
33 default-language: Haskell2010 34 default-language: Haskell2010
34 35
35-- test-suite acme-certify-test 36-- test-suite acme-certify-test
diff --git a/acme-certify.hs b/acme-certify.hs
index 1e9655c..5f4613f 100644
--- a/acme-certify.hs
+++ b/acme-certify.hs
@@ -6,6 +6,7 @@
6{-# LANGUAGE RecordWildCards #-} 6{-# LANGUAGE RecordWildCards #-}
7{-# LANGUAGE ScopedTypeVariables #-} 7{-# LANGUAGE ScopedTypeVariables #-}
8{-# LANGUAGE TypeSynonymInstances #-} 8{-# LANGUAGE TypeSynonymInstances #-}
9{-# LANGUAGE ViewPatterns #-}
9 10
10-------------------------------------------------------------------------------- 11--------------------------------------------------------------------------------
11-- | Get a certificate from Let's Encrypt using the ACME protocol. 12-- | Get a certificate from Let's Encrypt using the ACME protocol.
@@ -15,31 +16,35 @@
15module Main where 16module Main where
16 17
17import BasePrelude 18import BasePrelude
18import Control.Lens hiding ((&)) 19import Control.Lens hiding ((&))
20import Control.Monad.IO.Class
21import Control.Monad.Trans.Resource
19import Data.Aeson.Lens 22import Data.Aeson.Lens
20import qualified Data.HashMap.Strict as HashMap 23import qualified Data.HashMap.Strict as HashMap
21import Data.Text (Text, unpack) 24import Data.Text (Text, unpack)
22import Data.Yaml (Object) 25import Data.Text.Encoding (decodeUtf8)
23import qualified Data.Yaml.Config as Config 26import Data.Yaml (Object)
24import Data.Yaml.Config.Internal (Config (..)) 27import qualified Data.Yaml.Config as Config
25import Network.ACME (HttpProvisioner, Keys (..), 28import Data.Yaml.Config.Internal (Config (..))
26 canProvision, certify, 29import Network.ACME (HttpProvisioner, Keys (..),
27 ensureWritableDir, provisionViaFile, 30 canProvision, certify,
28 readKeys, (</>)) 31 ensureWritableDir,
29import Network.ACME.Issuer (letsEncryptX1CrossSigned) 32 provisionViaFile, readKeys,
33 (</>))
34import Network.ACME.Issuer (letsEncryptX1CrossSigned)
30import Network.URI 35import Network.URI
31import OpenSSL 36import OpenSSL
32import OpenSSL.DH 37import OpenSSL.DH
33import OpenSSL.PEM 38import OpenSSL.PEM
34import OpenSSL.RSA 39import OpenSSL.RSA
35import OpenSSL.X509 (X509) 40import OpenSSL.X509 (X509)
36import Options.Applicative hiding (header) 41import Options.Applicative hiding (header)
37import qualified Options.Applicative as Opt 42import qualified Options.Applicative as Opt
38import System.Directory 43import System.Directory
39import System.IO 44import System.IO
40import System.Posix.Escape 45import System.Posix.Escape
41import System.Process 46import System.Process
42import Text.Domain.Validate hiding (validate) 47import Text.Domain.Validate hiding (validate)
43import Text.Email.Validate 48import Text.Email.Validate
44 49
45stagingDirectoryUrl, liveDirectoryUrl, defaultTerms :: URI 50stagingDirectoryUrl, liveDirectoryUrl, defaultTerms :: URI
@@ -217,6 +222,13 @@ remoteTemp host fileName content = do
217 where 222 where
218 ssh cmd = runInteractiveProcess "ssh" (host : words "-- sh -c" ++ [escape cmd]) Nothing Nothing 223 ssh cmd = runInteractiveProcess "ssh" (host : words "-- sh -c" ++ [escape cmd]) Nothing Nothing
219 224
225provisionViaRemoteFile :: String -> FilePath -> HttpProvisioner
226provisionViaRemoteFile = provision
227 where
228 provision host dir (bsToS -> tok) (bsToS -> thumbtoken) =
229 void $ allocate (liftIO $ remoteTemp host (dir </> tok) thumbtoken) removeTemp
230 bsToS = unpack . decodeUtf8
231
220runCertify :: CertifyOpts -> IO (Either String ()) 232runCertify :: CertifyOpts -> IO (Either String ())
221runCertify CertifyOpts{..} = do 233runCertify CertifyOpts{..} = do
222 let terms = fromMaybe defaultTerms (join $ parseAbsoluteURI <$> optTerms) 234 let terms = fromMaybe defaultTerms (join $ parseAbsoluteURI <$> optTerms)
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-02 14:18:36 +0000