From c06cb6aad7195393fd016ff13c6c043feeff544b Mon Sep 17 00:00:00 2001
From: Rodolphe Breard <rodolphe@what.tf>
Date: Thu, 9 May 2019 22:29:46 +0200
Subject: [PATCH] Add env variable definition in the global section

---
 CHANGELOG.md        |  2 +-
 acmed/src/config.rs | 19 ++++++++++++++++++-
 man/en/acmed.toml.5 |  2 ++
 3 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 624d0e2..6cef257 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -19,7 +19,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - ACMEd now displays a warning when the server indicates an error in an order or an authorization.
 - A configuration file can now include several other files.
 - Hooks have access to environment variables.
-- In the configuration, certificates and domains can define environment variables for the hooks.
+- In the configuration, the global section, certificates and domains can define environment variables for the hooks.
 - tacd is now able to listen on a unix socket.
 
 
diff --git a/acmed/src/config.rs b/acmed/src/config.rs
index 20b1e8c..3fbbdf3 100644
--- a/acmed/src/config.rs
+++ b/acmed/src/config.rs
@@ -135,6 +135,8 @@ pub struct GlobalOptions {
     pub pk_file_mode: Option<u32>,
     pub pk_file_user: Option<String>,
     pub pk_file_group: Option<String>,
+    #[serde(default)]
+    pub env: HashMap<String, String>,
 }
 
 #[derive(Clone, Deserialize)]
@@ -367,9 +369,24 @@ fn read_cnf(path: &PathBuf) -> Result<Config, Error> {
     Ok(config)
 }
 
+fn dispatch_global_env_vars(config: &mut Config) {
+    if let Some(glob) = &config.global {
+        if !glob.env.is_empty() {
+            for mut cert in config.certificate.iter_mut() {
+                let mut new_vars = glob.env.clone();
+                for (k, v) in cert.env.iter() {
+                    new_vars.insert(k.to_string(), v.to_string());
+                }
+                cert.env = new_vars;
+            }
+        }
+    }
+}
+
 pub fn from_file(file_name: &str) -> Result<Config, Error> {
     let path = PathBuf::from(file_name);
-    let config = read_cnf(&path)?;
+    let mut config = read_cnf(&path)?;
+    dispatch_global_env_vars(&mut config);
     init_directories(&config)?;
     Ok(config)
 }
diff --git a/man/en/acmed.toml.5 b/man/en/acmed.toml.5
index 56e9d78..21fe4b4 100644
--- a/man/en/acmed.toml.5
+++ b/man/en/acmed.toml.5
@@ -48,6 +48,8 @@ for more details.
 Specify the group who will own newly-created certificates files. See
 .Xr chown 2
 for more details.
+.It Ic env Ar table
+Table of environment variables that will be accessible from hooks.
 .It Cm pk_file_mode Ar integer
 Specify the permissions to use for newly-created private-key files. See
 .Xr chmod 2