2016-02-08 00:59:03 +00:00
|
|
|
// Let's Encrypt client to go!
|
|
|
|
// CLI application for generating Let's Encrypt certificates using the ACME package.
|
2015-06-08 00:36:07 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"log"
|
|
|
|
"os"
|
2015-06-12 21:34:49 +00:00
|
|
|
"path"
|
2016-01-09 01:13:13 +00:00
|
|
|
"strings"
|
2015-06-08 00:36:07 +00:00
|
|
|
|
|
|
|
"github.com/codegangsta/cli"
|
2015-12-30 22:01:21 +00:00
|
|
|
"github.com/xenolf/lego/acme"
|
2015-06-08 00:36:07 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// Logger is used to log errors; if nil, the default log.Logger is used.
|
|
|
|
var Logger *log.Logger
|
|
|
|
|
|
|
|
// logger is an helper function to retrieve the available logger
|
|
|
|
func logger() *log.Logger {
|
|
|
|
if Logger == nil {
|
|
|
|
Logger = log.New(os.Stderr, "", log.LstdFlags)
|
|
|
|
}
|
|
|
|
return Logger
|
|
|
|
}
|
|
|
|
|
2016-01-09 01:13:13 +00:00
|
|
|
var gittag string
|
|
|
|
|
2015-06-08 00:36:07 +00:00
|
|
|
func main() {
|
|
|
|
app := cli.NewApp()
|
|
|
|
app.Name = "lego"
|
|
|
|
app.Usage = "Let's encrypt client to go!"
|
2016-01-09 01:13:13 +00:00
|
|
|
|
|
|
|
version := "0.2.0"
|
|
|
|
if strings.HasPrefix(gittag, "v") {
|
|
|
|
version = gittag
|
|
|
|
}
|
|
|
|
|
|
|
|
app.Version = version
|
2015-06-08 00:36:07 +00:00
|
|
|
|
2015-12-30 22:01:21 +00:00
|
|
|
acme.UserAgent = "lego/" + app.Version
|
|
|
|
|
2015-06-12 21:34:49 +00:00
|
|
|
cwd, err := os.Getwd()
|
|
|
|
if err != nil {
|
|
|
|
logger().Fatal("Could not determine current working directory. Please pass --path.")
|
|
|
|
}
|
|
|
|
defaultPath := path.Join(cwd, ".lego")
|
|
|
|
|
2015-06-08 00:36:07 +00:00
|
|
|
app.Commands = []cli.Command{
|
|
|
|
{
|
|
|
|
Name: "run",
|
2015-09-27 12:50:45 +00:00
|
|
|
Usage: "Register an account, then create and install a certificate",
|
2015-06-08 00:36:07 +00:00
|
|
|
Action: run,
|
2016-02-26 01:57:16 +00:00
|
|
|
Flags: []cli.Flag{
|
|
|
|
cli.BoolFlag{
|
2016-02-27 09:46:13 +00:00
|
|
|
Name: "no-bundle",
|
2016-02-26 01:57:16 +00:00
|
|
|
Usage: "Do not create a certificate bundle by adding the issuers certificate to the new certificate.",
|
|
|
|
},
|
|
|
|
},
|
2015-06-08 00:36:07 +00:00
|
|
|
},
|
|
|
|
{
|
2015-09-27 12:50:45 +00:00
|
|
|
Name: "revoke",
|
|
|
|
Usage: "Revoke a certificate",
|
|
|
|
Action: revoke,
|
2015-06-08 00:36:07 +00:00
|
|
|
},
|
2015-10-18 22:42:04 +00:00
|
|
|
{
|
|
|
|
Name: "renew",
|
|
|
|
Usage: "Renew a certificate",
|
|
|
|
Action: renew,
|
2015-12-06 21:35:52 +00:00
|
|
|
Flags: []cli.Flag{
|
|
|
|
cli.IntFlag{
|
2015-12-24 08:57:09 +00:00
|
|
|
Name: "days",
|
2015-12-06 21:35:52 +00:00
|
|
|
Value: 0,
|
|
|
|
Usage: "The number of days left on a certificate to renew it.",
|
|
|
|
},
|
2016-01-08 09:14:41 +00:00
|
|
|
cli.BoolFlag{
|
|
|
|
Name: "reuse-key",
|
|
|
|
Usage: "Used to indicate you want to reuse your current private key for the new certificate.",
|
|
|
|
},
|
2016-02-26 01:57:16 +00:00
|
|
|
cli.BoolFlag{
|
2016-02-27 09:46:13 +00:00
|
|
|
Name: "no-bundle",
|
2016-02-26 01:57:16 +00:00
|
|
|
Usage: "Do not create a certificate bundle by adding the issuers certificate to the new certificate.",
|
|
|
|
},
|
2015-12-06 21:35:52 +00:00
|
|
|
},
|
2015-10-18 22:42:04 +00:00
|
|
|
},
|
2015-06-08 00:36:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
app.Flags = []cli.Flag{
|
|
|
|
cli.StringSliceFlag{
|
|
|
|
Name: "domains, d",
|
|
|
|
Usage: "Add domains to the process",
|
|
|
|
},
|
|
|
|
cli.StringFlag{
|
|
|
|
Name: "server, s",
|
2015-12-03 18:37:54 +00:00
|
|
|
Value: "https://acme-v01.api.letsencrypt.org/directory",
|
2015-06-08 00:36:07 +00:00
|
|
|
Usage: "CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client.",
|
|
|
|
},
|
|
|
|
cli.StringFlag{
|
|
|
|
Name: "email, m",
|
|
|
|
Usage: "Email used for registration and recovery contact.",
|
|
|
|
},
|
2016-02-15 02:51:59 +00:00
|
|
|
cli.BoolFlag{
|
|
|
|
Name: "accept-tos, a",
|
|
|
|
Usage: "By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service.",
|
|
|
|
},
|
2016-01-27 01:01:39 +00:00
|
|
|
cli.StringFlag{
|
|
|
|
Name: "key-type, k",
|
|
|
|
Value: "rsa2048",
|
|
|
|
Usage: "Key type to use for private keys. Supported: rsa2048, rsa4096, rsa8192, ec256, ec384",
|
2015-06-08 00:36:07 +00:00
|
|
|
},
|
|
|
|
cli.StringFlag{
|
2015-06-12 21:34:49 +00:00
|
|
|
Name: "path",
|
|
|
|
Usage: "Directory to use for storing the data",
|
|
|
|
Value: defaultPath,
|
2015-06-08 00:36:07 +00:00
|
|
|
},
|
2015-12-05 21:01:08 +00:00
|
|
|
cli.StringSliceFlag{
|
2015-12-27 17:30:04 +00:00
|
|
|
Name: "exclude, x",
|
|
|
|
Usage: "Explicitly disallow solvers by name from being used. Solvers: \"http-01\", \"tls-sni-01\".",
|
|
|
|
},
|
2016-02-10 11:19:29 +00:00
|
|
|
cli.StringFlag{
|
|
|
|
Name: "webroot",
|
|
|
|
Usage: "Set the webroot folder to use for HTTP based challenges to write directly in a file in .well-known/acme-challenge",
|
|
|
|
},
|
2015-12-27 17:30:04 +00:00
|
|
|
cli.StringFlag{
|
2016-01-08 07:05:07 +00:00
|
|
|
Name: "http",
|
|
|
|
Usage: "Set the port and interface to use for HTTP based challenges to listen on. Supported: interface:port or :port",
|
2015-12-27 17:30:04 +00:00
|
|
|
},
|
|
|
|
cli.StringFlag{
|
2016-01-08 07:05:07 +00:00
|
|
|
Name: "tls",
|
|
|
|
Usage: "Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port",
|
2015-06-12 22:16:49 +00:00
|
|
|
},
|
2016-01-30 01:40:57 +00:00
|
|
|
cli.StringFlag{
|
|
|
|
Name: "dns",
|
2016-02-14 00:42:47 +00:00
|
|
|
Usage: "Solve a DNS challenge using the specified provider. Disables all other challenges." +
|
2016-01-30 01:40:57 +00:00
|
|
|
"\n\tCredentials for providers have to be passed through environment variables." +
|
|
|
|
"\n\tFor a more detailed explanation of the parameters, please see the online docs." +
|
|
|
|
"\n\tValid providers:" +
|
|
|
|
"\n\tcloudflare: CLOUDFLARE_EMAIL, CLOUDFLARE_API_KEY" +
|
|
|
|
"\n\tdigitalocean: DO_AUTH_TOKEN" +
|
|
|
|
"\n\tdnsimple: DNSIMPLE_EMAIL, DNSIMPLE_API_KEY" +
|
2016-03-12 16:13:24 +00:00
|
|
|
"\n\tgandi: GANDI_API_KEY" +
|
2016-03-14 21:28:40 +00:00
|
|
|
"\n\tnamecheap: NAMECHEAP_API_USER, NAMECHEAP_API_KEY" +
|
2016-01-30 23:10:46 +00:00
|
|
|
"\n\troute53: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION" +
|
2016-02-28 14:42:09 +00:00
|
|
|
"\n\trfc2136: RFC2136_TSIG_KEY, RFC2136_TSIG_SECRET, RFC2136_TSIG_ALGORITHM, RFC2136_NAMESERVER" +
|
2016-01-30 01:40:57 +00:00
|
|
|
"\n\tmanual: none",
|
|
|
|
},
|
2015-06-08 00:36:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
app.Run(os.Args)
|
|
|
|
}
|