Add option to customize file extension

5 months ago · 76a5ba885d
4 changed files with 37 additions and 5 deletions
--- a/acmed/src/config.rs
+++ b/acmed/src/config.rs
@ -147,6 +147,13 @@ impl Config {
 		}
 	}

+	pub fn get_cert_file_ext(&self) -> Option<String> {
+		match &self.global {
+			Some(g) => g.cert_file_ext.to_owned(),
+			None => None,
+		}
+	}
+
 	pub fn get_pk_file_mode(&self) -> u32 {
 		match &self.global {
 			Some(g) => match g.pk_file_mode {
@ -170,6 +177,13 @@ impl Config {
 			None => None,
 		}
 	}
+
+	pub fn get_pk_file_ext(&self) -> Option<String> {
+		match &self.global {
+			Some(g) => g.pk_file_ext.to_owned(),
+			None => None,
+		}
+	}
 }

 #[derive(Clone, Deserialize)]
@ -179,6 +193,7 @@ pub struct GlobalOptions {
 	pub cert_file_group: Option<String>,
 	pub cert_file_mode: Option<u32>,
 	pub cert_file_user: Option<String>,
+	pub cert_file_ext: Option<String>,
 	pub certificates_directory: Option<String>,
 	#[serde(default)]
 	pub env: HashMap<String, String>,
@ -186,6 +201,7 @@ pub struct GlobalOptions {
 	pub pk_file_group: Option<String>,
 	pub pk_file_mode: Option<u32>,
 	pub pk_file_user: Option<String>,
+	pub pk_file_ext: Option<String>,
 	pub random_early_renew: Option<String>,
 	pub renew_delay: Option<String>,
 	pub root_certificates: Option<Vec<String>>,
--- a/acmed/src/main_event_loop.rs
+++ b/acmed/src/main_event_loop.rs
@ -57,9 +57,11 @@ impl MainEventLoop {
 				cert_file_mode: cnf.get_cert_file_mode(),
 				cert_file_owner: cnf.get_cert_file_user(),
 				cert_file_group: cnf.get_cert_file_group(),
+				cert_file_ext: cnf.get_cert_file_ext(),
 				pk_file_mode: cnf.get_pk_file_mode(),
 				pk_file_owner: cnf.get_pk_file_user(),
 				pk_file_group: cnf.get_pk_file_group(),
+				pk_file_ext: cnf.get_pk_file_ext(),
 				hooks: acc
 					.get_hooks(&cnf)?
 					.iter()
@ -91,9 +93,11 @@ impl MainEventLoop {
 				cert_file_mode: cnf.get_cert_file_mode(),
 				cert_file_owner: cnf.get_cert_file_user(),
 				cert_file_group: cnf.get_cert_file_group(),
+				cert_file_ext: cnf.get_cert_file_ext(),
 				pk_file_mode: cnf.get_pk_file_mode(),
 				pk_file_owner: cnf.get_pk_file_user(),
 				pk_file_group: cnf.get_pk_file_group(),
+				pk_file_ext: cnf.get_pk_file_ext(),
 				hooks: hooks
 					.iter()
 					.filter(|h| !h.hook_type.is_disjoint(&file_hooks))
--- a/acmed/src/storage.rs
+++ b/acmed/src/storage.rs
@ -22,9 +22,11 @@ pub struct FileManager {
 	pub cert_file_mode: u32,
 	pub cert_file_owner: Option<String>,
 	pub cert_file_group: Option<String>,
+	pub cert_file_ext: Option<String>,
 	pub pk_file_mode: u32,
 	pub pk_file_owner: Option<String>,
 	pub pk_file_group: Option<String>,
+	pub pk_file_ext: Option<String>,
 	pub hooks: Vec<Hook>,
 	pub env: HashMap<String, String>,
 }
@ -93,17 +95,22 @@ fn get_file_full_path(
 		FileType::PrivateKey => &fm.crt_directory,
 		FileType::Certificate => &fm.crt_directory,
 	};
+	let ext = match file_type {
+		FileType::Account => "bin".to_string(),
+		FileType::PrivateKey => fm.pk_file_ext.clone().unwrap_or("pem".to_string()),
+		FileType::Certificate => fm.cert_file_ext.clone().unwrap_or("pem".to_string()),
+	};
 	let file_name = match file_type {
 		FileType::Account => format!(
 			"{account}.{file_type}.{ext}",
 			account = b64_encode(&fm.account_name),
 			file_type = file_type,
-			ext = "bin"
+			ext = ext
 		),
 		FileType::PrivateKey | FileType::Certificate => {
 			let fmt_data = CertFileFormat {
 				key_type: fm.crt_key_type.to_string(),
-				ext: "pem".into(),
+				ext,
 				file_type: file_type.to_string(),
 				name: fm.crt_name.to_owned(),
 			};
--- a/man/en/acmed.toml.5
+++ b/man/en/acmed.toml.5
@ -136,9 +136,10 @@ element, is used. Default is
 Possible variables are:
 .Bl -tag
 .It Ic ext Ar string
-File extension. Currently, only
-.Dq pem
-is supported.
+File extension. See
+.Xr cert_file_ext
+and
+.Xr pk_file_ext
 .It Ic file_type Ar string
 Contains
 .Dq pk
@ -285,6 +286,8 @@ for more details.
 Specify the user who will own newly-created certificates files. See
 .Xr chown 2
 for more details.
+.It Cm cert_file_ext Ft string
+Specify the file extension of certificate files.
 .It Cm certificates_directory Ar string
 Specify the directory where the certificates and their associated private keys are stored.
 .It Ic env Ar table
@ -307,6 +310,8 @@ for more details.
 Specify the user who will own newly-created private-key files. See
 .Xr chown 2
 for more details.
+.It Cm pk_file_ext Ft string
+Specify the file extension of private-key files.
 .It Cm random_early_renew Ar string
 Period of time before the usual certificate renewal, in which the certificate will renew at a random time. This is useful for when
 you want to even out your certificate orders when you're dealing with very large numbers of certificates. The format is described in the