From 98c570899b9e0abed5046295517071637072376e Mon Sep 17 00:00:00 2001 From: benno <> Date: Sun, 18 Sep 2016 20:18:25 +0000 Subject: [PATCH] add a config file parser to acme-client (unused at the moment, so that it can be worked on in the tree). ok florian@ deraadt@ --- src/etc/Makefile | 15 +++++++-------- src/etc/acme-client.conf | 21 +++++++++++++++++++++ 2 files changed, 28 insertions(+), 8 deletions(-) create mode 100644 src/etc/acme-client.conf diff --git a/src/etc/Makefile b/src/etc/Makefile index f3c1dfbb..bbaa38f4 100644 --- a/src/etc/Makefile +++ b/src/etc/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.432 2016/09/11 19:44:32 natano Exp $ +# $OpenBSD: Makefile,v 1.433 2016/09/18 20:18:25 benno Exp $ TZDIR= /usr/share/zoneinfo LOCALTIME= Canada/Mountain @@ -30,16 +30,15 @@ kernels: bootblocks ${ALL_KERNELS} # -rw-r--r-- BINOWN= root BINGRP= wheel -MUTABLE=changelist daily etc.${MACHINE}/disktab etc.${MACHINE}/login.conf \ - ftpusers gettytab group ksh.kshrc locate.rc mailer.conf \ - moduli monthly netstart networks newsyslog.conf ntpd.conf \ +MUTABLE=acme-client.conf changelist daily etc.${MACHINE}/disktab \ + etc.${MACHINE}/login.conf ftpusers gettytab group ksh.kshrc locate.rc \ + mailer.conf moduli monthly netstart networks newsyslog.conf ntpd.conf \ pf.os protocols rc rc.conf rpc services shells syslog.conf weekly # -rw-r--r-- -EXAMPLES=chio.conf dhclient.conf dhcpd.conf exports \ - httpd.conf ifstated.conf inetd.conf \ - man.conf mixerctl.conf mrouted.conf \ - ntpd.conf pkg.conf printcap rbootd.conf \ +EXAMPLES=acme-client.conf chio.conf dhclient.conf dhcpd.conf exports \ + httpd.conf ifstated.conf inetd.conf man.conf mixerctl.conf \ + mrouted.conf ntpd.conf pkg.conf printcap rbootd.conf \ remote sensorsd.conf wsconsctl.conf # -rw------- diff --git a/src/etc/acme-client.conf b/src/etc/acme-client.conf new file mode 100644 index 00000000..2a4baa2a --- /dev/null +++ b/src/etc/acme-client.conf @@ -0,0 +1,21 @@ +# +# $OpenBSD: acme-client.conf,v 1.1 2016/09/18 20:18:25 benno Exp $ +# +authority letsencrypt { + agreement url https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf + api url "https://acme-v01.api.letsencrypt.org/directory" + account key /etc/ssl/private/my-acme.key +} + +authority letsencrypt-staging { + agreement url https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf + api url https://acme-staging.api.letsencrypt.org/directory + account key /etc/ssl/private/my-acme-stage.key +} + +domain example.com { + alternative names { secure.example.com } + domain key /etc/ssl/private/example.com.key + domain certificate /etc/ssl/example.com.crt + sign with letsencrypt +}