Use the environment more

This commit is contained in:
Přemysl Eric Janouch 2017-05-16 18:07:37 +02:00
parent 30faa3e60e
commit 25b48baa79
Signed by: p
GPG Key ID: B715679E3A361BE6

View File

@ -9,11 +9,12 @@ use JSON::PP;
use Digest::SHA qw(sha256); use Digest::SHA qw(sha256);
use IPC::Open2; use IPC::Open2;
my $ca = 'https://acme-staging.api.letsencrypt.org'; # https://acme-staging.api.letsencrypt.org
# 'https://acme-v01.api.letsencrypt.org' # https://acme-v01.api.letsencrypt.org
my $account_key = 'account.key'; my $ca = $ENV{ACME_CA} || die 'ACME_CA not set';
my $csr_file = shift; my $account_key = $ENV{ACCOUNT_KEY} || die 'ACCOUNT_KEY not set';
my $public_dir = '/srv/http/htdocs/acme-challenge'; my $csr_file = shift || die 'no file was given';
my $acme_dir = $ENV{ACME_DIR} || die 'ACME_DIR not set';
# Prepare some values derived from account key for the ACME protocol # Prepare some values derived from account key for the ACME protocol
sub b64 { encode_base64url(shift, '') =~ s/=//gr } sub b64 { encode_base64url(shift, '') =~ s/=//gr }
@ -106,7 +107,7 @@ for my $domain (@domains) {
@{$json->decode($result)->{challenges}}; @{$json->decode($result)->{challenges}};
my $token = $challenge->{token} =~ s/[^A-Za-z0-9_-]/_/r; my $token = $challenge->{token} =~ s/[^A-Za-z0-9_-]/_/r;
my $key_auth = "$token.$thumbprint"; my $key_auth = "$token.$thumbprint";
my $known_path = "$public_dir/$token"; my $known_path = "$acme_dir/$token";
# Make the challenge file and check that it can be retrieved # Make the challenge file and check that it can be retrieved
open(my $fh, '>', $known_path) or die "cannot write $known_path: $!"; open(my $fh, '>', $known_path) or die "cannot write $known_path: $!";