On Wed, Jan 31 2024, Clément Lassieur wrote:
Removing guix-devel.
I've also removed Brice.
On Tue, Jan 30 2024, Carlo Zancanaro wrote:
(format #t "Acquiring or renewing
certificate: ~a~%" name)
Here we could add ‘(force-output)’, because otherwise those logs
arrive
after the certbot logs, and it's hard to understand anything.
Done.
+ ;; If we have a connection error,
then bail early
+ ;; with exit code 2. We don't expect
this to
+ ;; resolve within the timespan of
this script.
Could we have a (log + force-output) here too? (I imagine
within a
‘begin’)
Done.
+ ;; If we have any other type of
error, then continue
+ ;; but exit with a failing status
code in the end.
and here?
Done.
And maybe a log also in case the command succeeds. (So that
would mean
to replace ‘unless’ with ‘if’).
Done.
+ (< attempt 12)) ; 12 * 10 seconds =
2 minutes
^------
This comment is not true because certbot takes time to execute
(around 15s on my vm). I don't think there is a need to be that
precise.
I haven't extracted/named the max-attempts value, but I have
removed the comments that imply that the time frame is bounded.
Also could you update the example in the docs?
I have removed the %certbot-deploy-hook in the example in the
manual.
... However, we could add a nginx-service-type and a
dhcp-client-service-type so that people have an idea of what the
minimal config is, maybe like I did in my first review:
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=46961#23.
I have not added this. I understand the desire, but I'm wary of
providing an example that's "too involved". The current example
demonstrates a minimal config of certbot itself. I think you are
looking to include an example of a minimal system that hosts a
website using certbot provided certificates. I don't know where an
example like that belongs, but I'm not yet convinced it belongs in
the certbot service documentation.
Carlo
