* gnu/services/certbot.scm (certbot-command): Add
--manual-public-ip-logging-ok flag to the certbot command when doing a
manual challenge.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Because it takes too much time and it requires networking.
Thanks to Mathieu Othacehe for suggesting this.
* gnu/services/certbot.scm (certbot-activation): Do not run the renewal
command, copy its path to a fixed location, display it, so that the user can
run the command when they want.
The certificate name wasn't displayed if it wasn't being renewed.
* gnu/services/certbot.scm (certbot-command): Print certificate name before
running the associated command.
* doc/guix.texi (Certificate Services): Document <certificate-configuration>,
the change from domains to certificates and the fact that their path is now
derived from their name.
* gnu/services/certbot.scm (<certificate-configuration>): Add and export it.
(certbot-configuration, certbot-command, certbot-activation,
certbot-nginx-server-configurations, certbot-service-type): Replace 'domains'
with 'certificates'.
(certbot-nginx-server-configurations): Use only one nginx-server-configuration
and use all certificate domains as the server-name.
Quote the list of hosts, to avoid generating a broken job definition.
* gnu/services/certbot.scm (certbot-renewal-jobs): Quote the hosts when
passing them in to the job gexp.