Mirror
/
acmed
mirror of https://github.com/breard-r/acmed.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Move the account and certificate default directories 

Those directories were located in /etc/acmed/, which is not the best
choice. According to the Filesystem Hierarchy Standard, they should be
located in /var/lib/acmed/.
Because systems may have different conventions, those values are now
configuration at build time.
https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard
pull/47/head
Rodolphe Bréard 4 years ago
parent
2a2e743f6a
commit
90282482d8
7 changed files with 108 additions and 22 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      CHANGELOG.md
  2. 14
      Makefile
  3. 28
      README.md
  4. 45
      acmed/build.rs
  5. 4
      man/en/acmed.toml.5
  6. 33
      tacd/build.rs
  7. 2
      tacd/src/main.rs

4
CHANGELOG.md
View File

@ -18,6 +18,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Added ### Added
- Allow the configuration of some default values at compile time using environment variables. - Allow the configuration of some default values at compile time using environment variables.
### Changed
- The default account directory now is `/var/lib/acmed/accounts`.
- The default certificates and private keys directory now is `/var/lib/acmed/certs`.
## [0.16.0] - 2020-11-11 ## [0.16.0] - 2020-11-11

14
Makefile
View File

@ -6,6 +6,8 @@ DATADIR = $(DATAROOTDIR)
MAN5DIR = $(DATADIR)/man/man5 MAN5DIR = $(DATADIR)/man/man5
MAN8DIR = $(DATADIR)/man/man8 MAN8DIR = $(DATADIR)/man/man8
SYSCONFDIR = /etc SYSCONFDIR = /etc
VARLIBDIR = /var/lib
RUNSTATEDIR = /var/run
TARGET_DIR = ./target/$(TARGET)/release TARGET_DIR = ./target/$(TARGET)/release
MAN_SRC_DIR = ./man/en MAN_SRC_DIR = ./man/en
MAN_DST_DIR = $(TARGET_DIR)/man MAN_DST_DIR = $(TARGET_DIR)/man
@ -19,9 +21,9 @@ update:
acmed: man_dir acmed: man_dir
if test -n "$(TARGET)"; then \ if test -n "$(TARGET)"; then \
cargo build --release --manifest-path "acmed/Cargo.toml" --no-default-features --features "$(FEATURES)" --target "$(TARGET)"; \
VARLIBDIR="$(VARLIBDIR)" SYSCONFDIR="$(SYSCONFDIR)" RUNSTATEDIR="$(RUNSTATEDIR)" cargo build --release --manifest-path "acmed/Cargo.toml" --no-default-features --features "$(FEATURES)" --target "$(TARGET)"; \
else \ else \
cargo build --release --manifest-path "acmed/Cargo.toml" --no-default-features --features "$(FEATURES)"; \
VARLIBDIR="$(VARLIBDIR)" SYSCONFDIR="$(SYSCONFDIR)" RUNSTATEDIR="$(RUNSTATEDIR)" cargo build --release --manifest-path "acmed/Cargo.toml" --no-default-features --features "$(FEATURES)"; \
fi fi
strip "$(TARGET_DIR)/acmed" strip "$(TARGET_DIR)/acmed"
gzip <"$(MAN_SRC_DIR)/acmed.8" >"$(MAN_DST_DIR)/acmed.8.gz" gzip <"$(MAN_SRC_DIR)/acmed.8" >"$(MAN_DST_DIR)/acmed.8.gz"
@ -29,9 +31,9 @@ acmed: man_dir
tacd: man_dir tacd: man_dir
if test -n "$(TARGET)"; then \ if test -n "$(TARGET)"; then \
cargo build --release --manifest-path "tacd/Cargo.toml" --no-default-features --features "$(FEATURES)" --target "$(TARGET)"; \
VARLIBDIR="$(VARLIBDIR)" SYSCONFDIR="$(SYSCONFDIR)" RUNSTATEDIR="$(RUNSTATEDIR)" cargo build --release --manifest-path "tacd/Cargo.toml" --no-default-features --features "$(FEATURES)" --target "$(TARGET)"; \
else \ else \
cargo build --release --manifest-path "tacd/Cargo.toml" --no-default-features --features "$(FEATURES)"; \
VARLIBDIR="$(VARLIBDIR)" SYSCONFDIR="$(SYSCONFDIR)" RUNSTATEDIR="$(RUNSTATEDIR)" cargo build --release --manifest-path "tacd/Cargo.toml" --no-default-features --features "$(FEATURES)"; \
fi fi
strip "$(TARGET_DIR)/tacd" strip "$(TARGET_DIR)/tacd"
gzip <"$(MAN_SRC_DIR)/tacd.8" >"$(MAN_DST_DIR)/tacd.8.gz" gzip <"$(MAN_SRC_DIR)/tacd.8" >"$(MAN_DST_DIR)/tacd.8.gz"
@ -44,8 +46,8 @@ install:
install -d -m 0755 $(DESTDIR)$(MAN8DIR) install -d -m 0755 $(DESTDIR)$(MAN8DIR)
if test -f "$(TARGET_DIR)/acmed"; then \ if test -f "$(TARGET_DIR)/acmed"; then \
install -d -m 0755 $(DESTDIR)$(MAN5DIR); \ install -d -m 0755 $(DESTDIR)$(MAN5DIR); \
install -d -m 0755 $(DESTDIR)$(SYSCONFDIR)/acmed/certs; \
install -d -m 0700 $(DESTDIR)$(SYSCONFDIR)/acmed/accounts; \
install -d -m 0755 $(DESTDIR)$(VARLIBDIR)/acmed/certs; \
install -d -m 0700 $(DESTDIR)$(VARLIBDIR)/acmed/accounts; \
install -m 0755 $(TARGET_DIR)/acmed $(DESTDIR)$(BINDIR)/acmed; \ install -m 0755 $(TARGET_DIR)/acmed $(DESTDIR)$(BINDIR)/acmed; \
install -m 0644 $(TARGET_DIR)/man/acmed.8.gz $(DESTDIR)$(MAN8DIR)/acmed.8.gz; \ install -m 0644 $(TARGET_DIR)/man/acmed.8.gz $(DESTDIR)$(MAN8DIR)/acmed.8.gz; \
install -m 0644 $(TARGET_DIR)/man/acmed.toml.5.gz $(DESTDIR)$(MAN5DIR)/acmed.toml.5.gz; \ install -m 0644 $(TARGET_DIR)/man/acmed.toml.5.gz $(DESTDIR)$(MAN5DIR)/acmed.toml.5.gz; \

28
README.md
View File

@ -110,13 +110,29 @@ For example, you can build statically linked binaries using the `openssl_vendore
make FEATURES="openssl_vendored" TARGET="x86_64-unknown-linux-musl" make FEATURES="openssl_vendored" TARGET="x86_64-unknown-linux-musl"
``` ```
The following environment variables can be used to change default values at compile time:
The following environment variables can be used to change default values at compile and/or install time:
- `PREFIX` (install): system user prefix (default to `/usr`)
- `BINDIR` (install): system binary directory (default to `$PREFIX/bin`)
- `DATADIR` (install): system data directory (default to `$PREFIX/share`)
- `MAN5DIR` (install): system directory where pages 5 manuals are located (default to `$DATADIR/man/man5`)
- `MAN8DIR` (install): system directory where pages 8 manuals are located (default to `$DATADIR/man/man8`)
- `SYSCONFDIR` (compile and install): system configuration directory (default to `/etc`)
- `VARLIBDIR` (compile and install): directory for persistent data modified by ACMEd (default to `/var/lib`)
- `RUNSTATEDIR` (compile): system run-time variable data (default to `/var/run`)
- `ACMED_DEFAULT_ACCOUNTS_DIR` (compile): directory where account files are stored (default to `$VARLIBDIR/acmed/accounts`)
- `ACMED_DEFAULT_CERT_DIR` (compile): directory where certificates and private keys are stored (default to `$VARLIBDIR/acmed/certs`)
- `ACMED_DEFAULT_CERT_FORMAT` (compile): format for certificates and private keys files names (default to `{{name}}_{{key_type}}.{{file_type}}.{{ext}}`)
- `ACMED_DEFAULT_CONFIG_FILE` (compile): main configuration file (default to `$SYSCONFDIR/acmed/acmed.toml`)
- `ACMED_DEFAULT_PID_FILE` (compile): PID file for the main acmed process (default to `$RUNSTATEDIR/acmed.pid`)
- `TACD_DEFAULT_PID_FILE` (compile): PID file for the tacd process (default to `$RUNSTATEDIR/tacd.pid`)
For example, the following will compile a binary that will use the `/usr/share/etc/acmed/acmed.toml` configuration file and will be installed in the `/usr/local/bin` directory :
- `ACMED_DEFAULT_ACCOUNTS_DIR`: directory where account files are stored (default to `/etc/acmed/accounts`)
- `ACMED_DEFAULT_CERT_DIR`: directory where certificates and private keys are stored (default to `/etc/acmed/certs`)
- `ACMED_DEFAULT_CERT_FORMAT`: format for certificates and private keys files names (default to `{{name}}_{{key_type}}.{{file_type}}.{{ext}}`)
- `ACMED_DEFAULT_CONFIG_FILE`: main configuration file (default to `/etc/acmed/acmed.toml`)
- `ACMED_DEFAULT_PID_FILE`: main process PID file (default to `/var/run/acmed.pid`)
```
make SYSCONFDIR="/usr/share/etc"
make BINDIR="/usr/local/bin" install
```
### Packaging ### Packaging

45
acmed/build.rs
View File

@ -7,6 +7,12 @@ use std::fs::File;
use std::io::prelude::*; use std::io::prelude::*;
use std::path::PathBuf; use std::path::PathBuf;
macro_rules! set_rustc_env_var {
($name: expr, $value: expr) => {{
println!("cargo:rustc-env={}={}", $name, $value);
}};
}
macro_rules! set_env_var_if_absent { macro_rules! set_env_var_if_absent {
($name: expr, $default_value: expr) => {{ ($name: expr, $default_value: expr) => {{
if let Err(_) = env::var($name) { if let Err(_) = env::var($name) {
@ -15,9 +21,34 @@ macro_rules! set_env_var_if_absent {
}}; }};
} }
macro_rules! set_rustc_env_var {
($name: expr, $value: expr) => {{
println!("cargo:rustc-env={}={}", $name, $value);
macro_rules! set_specific_path_if_absent {
($env_name: expr, $env_default: expr, $with_dir: expr, $name: expr, $default_value: expr) => {{
let prefix = env::var($env_name).unwrap_or(String::from($env_default));
let mut value = PathBuf::new();
value.push(prefix);
if ($with_dir) {
value.push("acmed");
}
value.push($default_value);
set_env_var_if_absent!($name, value.to_str().unwrap());
}};
}
macro_rules! set_data_path_if_absent {
($name: expr, $default_value: expr) => {{
set_specific_path_if_absent!("VARLIBDIR", "/var/lib", true, $name, $default_value);
}};
}
macro_rules! set_cfg_path_if_absent {
($name: expr, $default_value: expr) => {{
set_specific_path_if_absent!("SYSCONFDIR", "/etc", true, $name, $default_value);
}};
}
macro_rules! set_runstate_path_if_absent {
($name: expr, $default_value: expr) => {{
set_specific_path_if_absent!("RUNSTATEDIR", "/var/run", false, $name, $default_value);
}}; }};
} }
@ -82,14 +113,14 @@ fn set_target() {
} }
fn set_default_values() { fn set_default_values() {
set_env_var_if_absent!("ACMED_DEFAULT_ACCOUNTS_DIR", "/etc/acmed/accounts");
set_env_var_if_absent!("ACMED_DEFAULT_CERT_DIR", "/etc/acmed/certs");
set_data_path_if_absent!("ACMED_DEFAULT_ACCOUNTS_DIR", "accounts");
set_data_path_if_absent!("ACMED_DEFAULT_CERT_DIR", "certs");
set_env_var_if_absent!( set_env_var_if_absent!(
"ACMED_DEFAULT_CERT_FORMAT", "ACMED_DEFAULT_CERT_FORMAT",
"{{name}}_{{key_type}}.{{file_type}}.{{ext}}" "{{name}}_{{key_type}}.{{file_type}}.{{ext}}"
); );
set_env_var_if_absent!("ACMED_DEFAULT_CONFIG_FILE", "/etc/acmed/acmed.toml");
set_env_var_if_absent!("ACMED_DEFAULT_PID_FILE", "/var/run/acmed.pid");
set_cfg_path_if_absent!("ACMED_DEFAULT_CONFIG_FILE", "acmed.toml");
set_runstate_path_if_absent!("ACMED_DEFAULT_PID_FILE", "acmed.pid");
} }
fn main() { fn main() {

4
man/en/acmed.toml.5
View File

@ -671,13 +671,13 @@ and
both represents a period of one day and forty-two seconds. both represents a period of one day and forty-two seconds.
.Sh FILES .Sh FILES
.Bl -tag .Bl -tag
.It Pa /etc/acmed/accounts
.It Pa /var/lib/acmed/accounts
Default accounts private and public keys directory. Default accounts private and public keys directory.
.It Pa /etc/acmed/acmed.toml .It Pa /etc/acmed/acmed.toml
Default Default
.Xr acmed 8 .Xr acmed 8
configuration file. configuration file.
.It Pa /etc/acmed/certs
.It Pa /var/lib/acmed/certs
Default certificates and associated private keys directory. Default certificates and associated private keys directory.
.El .El
.Sh EXAMPLES .Sh EXAMPLES

33
tacd/build.rs
View File

@ -1,7 +1,40 @@
use std::env; use std::env;
use std::path::PathBuf;
macro_rules! set_rustc_env_var {
($name: expr, $value: expr) => {{
println!("cargo:rustc-env={}={}", $name, $value);
}};
}
macro_rules! set_env_var_if_absent {
($name: expr, $default_value: expr) => {{
if let Err(_) = env::var($name) {
set_rustc_env_var!($name, $default_value);
}
}};
}
macro_rules! set_specific_path_if_absent {
($env_name: expr, $env_default: expr, $name: expr, $default_value: expr) => {{
let prefix = env::var($env_name).unwrap_or(String::from($env_default));
let mut value = PathBuf::new();
value.push(prefix);
value.push($default_value);
set_env_var_if_absent!($name, value.to_str().unwrap());
}};
}
macro_rules! set_runstate_path_if_absent {
($name: expr, $default_value: expr) => {{
set_specific_path_if_absent!("RUNSTATEDIR", "/var/run", $name, $default_value);
}};
}
fn main() { fn main() {
if let Ok(target) = env::var("TARGET") { if let Ok(target) = env::var("TARGET") {
println!("cargo:rustc-env=TACD_TARGET={}", target); println!("cargo:rustc-env=TACD_TARGET={}", target);
}; };
set_runstate_path_if_absent!("TACD_DEFAULT_PID_FILE", "tacd.pid");
} }

2
tacd/src/main.rs
View File

@ -14,7 +14,7 @@ use std::io::{self, Read};
const APP_NAME: &str = env!("CARGO_PKG_NAME"); const APP_NAME: &str = env!("CARGO_PKG_NAME");
const APP_VERSION: &str = env!("CARGO_PKG_VERSION"); const APP_VERSION: &str = env!("CARGO_PKG_VERSION");
const DEFAULT_PID_FILE: &str = "/var/run/tacd.pid";
const DEFAULT_PID_FILE: &str = env!("TACD_DEFAULT_PID_FILE");
const DEFAULT_LISTEN_ADDR: &str = "127.0.0.1:5001"; const DEFAULT_LISTEN_ADDR: &str = "127.0.0.1:5001";
const DEFAULT_CRT_KEY_TYPE: KeyType = KeyType::EcdsaP256; const DEFAULT_CRT_KEY_TYPE: KeyType = KeyType::EcdsaP256;
const DEFAULT_CRT_DIGEST: HashFunction = HashFunction::Sha256; const DEFAULT_CRT_DIGEST: HashFunction = HashFunction::Sha256;

Write Preview
Loading…
Cancel
Save