diff options
-rwxr-xr-x | acmeman | 8 | ||||
-rw-r--r-- | lib/App/Acmeman/Source/Apache.pm | 15 |
2 files changed, 19 insertions, 4 deletions
@@ -224,3 +224,3 @@ Use this source if all domains are described in the configuration file. The B<apache> source module is the default. It scans B<httpd> configuration -files as described in section B<APACHE>. One argument is allowed. If supplied, +files as described in section B<apache>. One argument is allowed. If supplied, it defines the apache configuration layout. Allowed values are: B<debian>, @@ -367,3 +367,3 @@ setting. [core] - source = apache [LAYOUT] + source = apache [--server-root=DIR] [LAYOUT] @@ -375,2 +375,6 @@ B<rh> (for Red Hat). If not supplied, the layout is determined automatically. +Use the B<--server-root> option to supply the name of the server root +directory, if for some reason the module is unable to determine it +automatically. + A special directory should be configured for receiving ACME challenges. diff --git a/lib/App/Acmeman/Source/Apache.pm b/lib/App/Acmeman/Source/Apache.pm index 2041bb1..b429f89 100644 --- a/lib/App/Acmeman/Source/Apache.pm +++ b/lib/App/Acmeman/Source/Apache.pm @@ -11,2 +11,3 @@ use App::Acmeman::Apache::Layout; use parent 'App::Acmeman::Source'; +use Getopt::Long qw(GetOptionsFromArray :config gnu_getopt no_ignore_case); @@ -14,3 +15,8 @@ sub new { my $class = shift; - bless { _layout => new App::Acmeman::Apache::Layout(@_) }, $class; + my $server_root; + GetOptionsFromArray(\@_, + 'server-root=s' => \$server_root); + my $self = bless { _layout => new App::Acmeman::Apache::Layout(@_) }, $class; + $self->server_root($server_root) if $server_root; + return $self; } @@ -240,3 +246,3 @@ sub setup { SSLHonorCipherOrder on - SSLCipherSuite EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:EECDH+RC4:RSA+RC4:!MD5 + SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:!DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA SSLCertificateFile /etc/ssl/acme/\$domain/cert.pem @@ -291,2 +297,7 @@ sub probe { close $nullout; + unless ($self->server_root) { + ::error("can't deduce server root directory"); + ::error("use `source = apache --server-root=DIR' in [core] section of /etc/acmeman.conf to declare it"); + exit(1); + } } |