Use the environment more

acme-tinier.pl

@@ -9,11 +9,12 @@ use JSON::PP;
 use Digest::SHA qw(sha256);
 use IPC::Open2;
 
-my $ca = 'https://acme-staging.api.letsencrypt.org';
-# 'https://acme-v01.api.letsencrypt.org'
-my $account_key = 'account.key';
-my $csr_file = shift;
-my $public_dir = '/srv/http/htdocs/acme-challenge';
+# https://acme-staging.api.letsencrypt.org
+# https://acme-v01.api.letsencrypt.org
+my $ca          = $ENV{ACME_CA}     || die 'ACME_CA not set';
+my $account_key = $ENV{ACCOUNT_KEY} || die 'ACCOUNT_KEY not set';
+my $csr_file    = shift             || die 'no file was given';
+my $acme_dir    = $ENV{ACME_DIR}    || die 'ACME_DIR not set';
 
 # Prepare some values derived from account key for the ACME protocol
 sub b64 { encode_base64url(shift, '') =~ s/=//gr }
@@ -106,7 +107,7 @@ for my $domain (@domains) {
 		@{$json->decode($result)->{challenges}};
 	my $token = $challenge->{token} =~ s/[^A-Za-z0-9_-]/_/r;
 	my $key_auth = "$token.$thumbprint";
-	my $known_path = "$public_dir/$token";
+	my $known_path = "$acme_dir/$token";
 
 	# Make the challenge file and check that it can be retrieved
 	open(my $fh, '>', $known_path) or die "cannot write $known_path: $!";