Mirror
/
acmed
mirror of https://github.com/breard-r/acmed.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Add option to customize file extension

pull/154/head
famfo 5 months ago
parent
49e8ea1340
commit
76a5ba885d
Failed to extract signature
4 changed files with 37 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 16
      acmed/src/config.rs
  2. 4
      acmed/src/main_event_loop.rs
  3. 11
      acmed/src/storage.rs
  4. 11
      man/en/acmed.toml.5

16
acmed/src/config.rs
View File

@ -147,6 +147,13 @@ impl Config {
} }
} }
pub fn get_cert_file_ext(&self) -> Option<String> {
match &self.global {
Some(g) => g.cert_file_ext.to_owned(),
None => None,
}
}
pub fn get_pk_file_mode(&self) -> u32 { pub fn get_pk_file_mode(&self) -> u32 {
match &self.global { match &self.global {
Some(g) => match g.pk_file_mode { Some(g) => match g.pk_file_mode {
@ -170,6 +177,13 @@ impl Config {
None => None, None => None,
} }
} }
pub fn get_pk_file_ext(&self) -> Option<String> {
match &self.global {
Some(g) => g.pk_file_ext.to_owned(),
None => None,
}
}
} }
#[derive(Clone, Deserialize)] #[derive(Clone, Deserialize)]
@ -179,6 +193,7 @@ pub struct GlobalOptions {
pub cert_file_group: Option<String>, pub cert_file_group: Option<String>,
pub cert_file_mode: Option<u32>, pub cert_file_mode: Option<u32>,
pub cert_file_user: Option<String>, pub cert_file_user: Option<String>,
pub cert_file_ext: Option<String>,
pub certificates_directory: Option<String>, pub certificates_directory: Option<String>,
#[serde(default)] #[serde(default)]
pub env: HashMap<String, String>, pub env: HashMap<String, String>,
@ -186,6 +201,7 @@ pub struct GlobalOptions {
pub pk_file_group: Option<String>, pub pk_file_group: Option<String>,
pub pk_file_mode: Option<u32>, pub pk_file_mode: Option<u32>,
pub pk_file_user: Option<String>, pub pk_file_user: Option<String>,
pub pk_file_ext: Option<String>,
pub random_early_renew: Option<String>, pub random_early_renew: Option<String>,
pub renew_delay: Option<String>, pub renew_delay: Option<String>,
pub root_certificates: Option<Vec<String>>, pub root_certificates: Option<Vec<String>>,

4
acmed/src/main_event_loop.rs
View File

@ -57,9 +57,11 @@ impl MainEventLoop {
cert_file_mode: cnf.get_cert_file_mode(), cert_file_mode: cnf.get_cert_file_mode(),
cert_file_owner: cnf.get_cert_file_user(), cert_file_owner: cnf.get_cert_file_user(),
cert_file_group: cnf.get_cert_file_group(), cert_file_group: cnf.get_cert_file_group(),
cert_file_ext: cnf.get_cert_file_ext(),
pk_file_mode: cnf.get_pk_file_mode(), pk_file_mode: cnf.get_pk_file_mode(),
pk_file_owner: cnf.get_pk_file_user(), pk_file_owner: cnf.get_pk_file_user(),
pk_file_group: cnf.get_pk_file_group(), pk_file_group: cnf.get_pk_file_group(),
pk_file_ext: cnf.get_pk_file_ext(),
hooks: acc hooks: acc
.get_hooks(&cnf)? .get_hooks(&cnf)?
.iter() .iter()
@ -91,9 +93,11 @@ impl MainEventLoop {
cert_file_mode: cnf.get_cert_file_mode(), cert_file_mode: cnf.get_cert_file_mode(),
cert_file_owner: cnf.get_cert_file_user(), cert_file_owner: cnf.get_cert_file_user(),
cert_file_group: cnf.get_cert_file_group(), cert_file_group: cnf.get_cert_file_group(),
cert_file_ext: cnf.get_cert_file_ext(),
pk_file_mode: cnf.get_pk_file_mode(), pk_file_mode: cnf.get_pk_file_mode(),
pk_file_owner: cnf.get_pk_file_user(), pk_file_owner: cnf.get_pk_file_user(),
pk_file_group: cnf.get_pk_file_group(), pk_file_group: cnf.get_pk_file_group(),
pk_file_ext: cnf.get_pk_file_ext(),
hooks: hooks hooks: hooks
.iter() .iter()
.filter(|h| !h.hook_type.is_disjoint(&file_hooks)) .filter(|h| !h.hook_type.is_disjoint(&file_hooks))

11
acmed/src/storage.rs
View File

@ -22,9 +22,11 @@ pub struct FileManager {
pub cert_file_mode: u32, pub cert_file_mode: u32,
pub cert_file_owner: Option<String>, pub cert_file_owner: Option<String>,
pub cert_file_group: Option<String>, pub cert_file_group: Option<String>,
pub cert_file_ext: Option<String>,
pub pk_file_mode: u32, pub pk_file_mode: u32,
pub pk_file_owner: Option<String>, pub pk_file_owner: Option<String>,
pub pk_file_group: Option<String>, pub pk_file_group: Option<String>,
pub pk_file_ext: Option<String>,
pub hooks: Vec<Hook>, pub hooks: Vec<Hook>,
pub env: HashMap<String, String>, pub env: HashMap<String, String>,
} }
@ -93,17 +95,22 @@ fn get_file_full_path(
FileType::PrivateKey => &fm.crt_directory, FileType::PrivateKey => &fm.crt_directory,
FileType::Certificate => &fm.crt_directory, FileType::Certificate => &fm.crt_directory,
}; };
let ext = match file_type {
FileType::Account => "bin".to_string(),
FileType::PrivateKey => fm.pk_file_ext.clone().unwrap_or("pem".to_string()),
FileType::Certificate => fm.cert_file_ext.clone().unwrap_or("pem".to_string()),
};
let file_name = match file_type { let file_name = match file_type {
FileType::Account => format!( FileType::Account => format!(
"{account}.{file_type}.{ext}", "{account}.{file_type}.{ext}",
account = b64_encode(&fm.account_name), account = b64_encode(&fm.account_name),
file_type = file_type, file_type = file_type,
ext = "bin"
ext = ext
), ),
FileType::PrivateKey | FileType::Certificate => { FileType::PrivateKey | FileType::Certificate => {
let fmt_data = CertFileFormat { let fmt_data = CertFileFormat {
key_type: fm.crt_key_type.to_string(), key_type: fm.crt_key_type.to_string(),
ext: "pem".into(),
ext,
file_type: file_type.to_string(), file_type: file_type.to_string(),
name: fm.crt_name.to_owned(), name: fm.crt_name.to_owned(),
}; };

11
man/en/acmed.toml.5
View File

@ -136,9 +136,10 @@ element, is used. Default is
Possible variables are: Possible variables are:
.Bl -tag .Bl -tag
.It Ic ext Ar string .It Ic ext Ar string
File extension. Currently, only
.Dq pem
is supported.
File extension. See
.Xr cert_file_ext
and
.Xr pk_file_ext
.It Ic file_type Ar string .It Ic file_type Ar string
Contains Contains
.Dq pk .Dq pk
@ -285,6 +286,8 @@ for more details.
Specify the user who will own newly-created certificates files. See Specify the user who will own newly-created certificates files. See
.Xr chown 2 .Xr chown 2
for more details. for more details.
.It Cm cert_file_ext Ft string
Specify the file extension of certificate files.
.It Cm certificates_directory Ar string .It Cm certificates_directory Ar string
Specify the directory where the certificates and their associated private keys are stored. Specify the directory where the certificates and their associated private keys are stored.
.It Ic env Ar table .It Ic env Ar table
@ -307,6 +310,8 @@ for more details.
Specify the user who will own newly-created private-key files. See Specify the user who will own newly-created private-key files. See
.Xr chown 2 .Xr chown 2
for more details. for more details.
.It Cm pk_file_ext Ft string
Specify the file extension of private-key files.
.It Cm random_early_renew Ar string .It Cm random_early_renew Ar string
Period of time before the usual certificate renewal, in which the certificate will renew at a random time. This is useful for when Period of time before the usual certificate renewal, in which the certificate will renew at a random time. This is useful for when
you want to even out your certificate orders when you're dealing with very large numbers of certificates. The format is described in the you want to even out your certificate orders when you're dealing with very large numbers of certificates. The format is described in the

Write Preview
Loading…
Cancel
Save