From unknown Sun Jun 15 08:50:40 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#35330] [PATCH] gnu: certbot: Add support for manual plugin. Resent-From: Julien Lepiller Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 19 Apr 2019 21:28:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 35330 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 35330@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.15557092374157 (code B ref -1); Fri, 19 Apr 2019 21:28:02 +0000 Received: (at submit) by debbugs.gnu.org; 19 Apr 2019 21:27:17 +0000 Received: from localhost ([127.0.0.1]:44814 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hHb2T-00014u-Dq for submit@debbugs.gnu.org; Fri, 19 Apr 2019 17:27:17 -0400 Received: from eggs.gnu.org ([209.51.188.92]:40218) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hHb2Q-00014U-22 for submit@debbugs.gnu.org; Fri, 19 Apr 2019 17:27:15 -0400 Received: from lists.gnu.org ([209.51.188.17]:57682) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hHb2K-000573-T2 for submit@debbugs.gnu.org; Fri, 19 Apr 2019 17:27:08 -0400 Received: from eggs.gnu.org ([209.51.188.92]:54466) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hHb2J-0000YG-Km for guix-patches@gnu.org; Fri, 19 Apr 2019 17:27:08 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_20 autolearn=disabled version=3.3.2 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hHayr-0003Te-B6 for guix-patches@gnu.org; Fri, 19 Apr 2019 17:23:34 -0400 Received: from lepiller.eu ([2a00:5884:8208::1]:50396) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hHayq-0003Sy-I0 for guix-patches@gnu.org; Fri, 19 Apr 2019 17:23:33 -0400 Received: from localhost.localdomain (89-92-10-229.hfc.dyn.abo.bbox.fr [89.92.10.229]) by lepiller.eu (OpenSMTPD) with ESMTPSA id 72de940e (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO) for ; Fri, 19 Apr 2019 21:23:30 +0000 (UTC) From: Julien Lepiller Date: Fri, 19 Apr 2019 23:23:20 +0200 Message-Id: <20190419212320.20256-1-julien@lepiller.eu> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:5884:8208::1 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) * gnu/services/certbot.scm (certificate-configuration): Add challenge, auth-hook and cleanup-hook fields. (certbot-command): Use them. * doc/guix.texi (Certificate Services): Document them. --- doc/guix.texi | 19 +++++++++++++++++++ gnu/services/certbot.scm | 38 ++++++++++++++++++++++++++++---------- 2 files changed, 47 insertions(+), 10 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 8c7522f286..7bbec33d10 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -19416,6 +19416,25 @@ Its default is the first provided domain. The first domain provided will be the subject CN of the certificate, and all domains will be Subject Alternative Names on the certificate. +@item @code{challenge} (default: @code{#f}) +The challenge type that has to be run by certbot. If @code{#f} is specified, +default to the http challenge. If a value is specified, defaults to the +manual plugin (see @code{auth-hook} and @code{cleanup-hook}). + +@item @code{auth-hook} (default: @code{#f}) +Command to be run in a shell once for each certificate challenge to be +answered. For this command, the shell variable @code{$CERTBOT_DOMAIN} +will contain the domain being authenticated, @code{$CERTBOT_VALIDATION} +contains the validation string and @code{$CERTBOT_TOKEN} contains the +filename of the resource requested when performing an HTTP-01 challenge. + +@item @code{cleanup-hook} (default: @code{#f}) +Command to be run in a shell once for each certificate challenge that +have been answered by the @code{auth-hook}. For this command, the shell +variables available in the @code{auth-hook} script are still available, and +additionally @code{$CERTBOT_AUTH_OUTPUT} will contain the standard output +of the @code{auth-hook} script. + @item @code{deploy-hook} (default: @code{#f}) Command to be run in a shell once for each successfully issued certificate. For this command, the shell variable diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm index 7565bc97ca..95c39684cf 100644 --- a/gnu/services/certbot.scm +++ b/gnu/services/certbot.scm @@ -50,6 +50,12 @@ (default #f)) (domains certificate-configuration-domains (default '())) + (challenge certificate-configuration-challenge + (default #f)) + (auth-hook certificate-auth-hook + (default #f)) + (cleanup-hook certificate-cleanup-hook + (default #f)) (deploy-hook certificate-configuration-deploy-hook (default #f))) @@ -81,17 +87,29 @@ (commands (map (match-lambda - (($ custom-name domains - deploy-hook) + (($ custom-name domains challenge + auth-hook cleanup-hook deploy-hook) (let ((name (or custom-name (car domains)))) - (append - (list name certbot "certonly" "-n" "--agree-tos" - "-m" email - "--webroot" "-w" webroot - "--cert-name" name - "-d" (string-join domains ",")) - (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '()) - (if deploy-hook `("--deploy-hook" ,deploy-hook) '()))))) + (if challenge + (append + (list name certbot "certonly" "-n" "--agree-tos" + "-m" email + "--manual" + (string-append "--preferred-challenges=" challenge) + "--cert-name" name + "-d" (string-join domains ",")) + (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '()) + (if auth-hook `("--manual-auth-hook" ,auth-hook) '()) + (if cleanup-hook `("--manual-cleanup-hook" ,cleanup-hook) '()) + (if deploy-hook `("--deploy-hook" ,deploy-hook) '())) + (append + (list name certbot "certonly" "-n" "--agree-tos" + "-m" email + "--webroot" "-w" webroot + "--cert-name" name + "-d" (string-join domains ",")) + (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '()) + (if deploy-hook `("--deploy-hook" ,deploy-hook) '())))))) certificates))) (program-file "certbot-command" -- 2.21.0 From unknown Sun Jun 15 08:50:40 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#35330] [PATCH] gnu: certbot: Add support for manual plugin. Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 24 Apr 2019 12:30:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 35330 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Julien Lepiller Cc: 35330@debbugs.gnu.org Received: via spool by 35330-submit@debbugs.gnu.org id=B35330.15561089662685 (code B ref 35330); Wed, 24 Apr 2019 12:30:01 +0000 Received: (at 35330) by debbugs.gnu.org; 24 Apr 2019 12:29:26 +0000 Received: from localhost ([127.0.0.1]:55261 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hJH1i-0000hD-2t for submit@debbugs.gnu.org; Wed, 24 Apr 2019 08:29:26 -0400 Received: from eggs.gnu.org ([209.51.188.92]:54615) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hJH1f-0000gw-KM for 35330@debbugs.gnu.org; Wed, 24 Apr 2019 08:29:24 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:56353) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hJH1Y-0003aH-31; Wed, 24 Apr 2019 08:29:16 -0400 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=44462 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1hJH1X-0006py-Av; Wed, 24 Apr 2019 08:29:15 -0400 From: Ludovic =?UTF-8?Q?Court=C3=A8s?= References: <20190419212320.20256-1-julien@lepiller.eu> Date: Wed, 24 Apr 2019 14:29:12 +0200 In-Reply-To: <20190419212320.20256-1-julien@lepiller.eu> (Julien Lepiller's message of "Fri, 19 Apr 2019 23:23:20 +0200") Message-ID: <875zr3egdj.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Hello, Julien Lepiller skribis: > * gnu/services/certbot.scm (certificate-configuration): Add challenge, > auth-hook and cleanup-hook fields. > (certbot-command): Use them. > * doc/guix.texi (Certificate Services): Document them. Neat! Nitpick: - s/http/HTTP/ - two spaces after end-of-sentence period - s/filename/file name/ > +@item @code{challenge} (default: @code{#f}) > +The challenge type that has to be run by certbot. If @code{#f} is specif= ied, > +default to the http challenge. If a value is specified, defaults to the > +manual plugin (see @code{auth-hook} and @code{cleanup-hook}). If there=E2=80=99s a stable URL to upstream documentation, perhaps you could insert it here. > +@item @code{auth-hook} (default: @code{#f}) Should it be called =E2=80=98authentication-hook=E2=80=99? I=E2=80=99m definitely no expert, but I=E2=80=99d say go for it! Thanks for working on it! Ludo=E2=80=99. From unknown Sun Jun 15 08:50:40 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Julien Lepiller Subject: bug#35330: closed (Re: [bug#35330] [PATCH] gnu: certbot: Add support for manual plugin.) Message-ID: References: <20190425194821.191f4b22@sybil.lepiller.eu> <20190419212320.20256-1-julien@lepiller.eu> X-Gnu-PR-Message: they-closed 35330 X-Gnu-PR-Package: guix-patches X-Gnu-PR-Keywords: patch Reply-To: 35330@debbugs.gnu.org Date: Thu, 25 Apr 2019 17:49:02 +0000 Content-Type: multipart/mixed; boundary="----------=_1556214542-4983-1" This is a multi-part message in MIME format... ------------=_1556214542-4983-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #35330: [PATCH] gnu: certbot: Add support for manual plugin. which was filed against the guix-patches package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 35330@debbugs.gnu.org. --=20 35330: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D35330 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1556214542-4983-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 35330-done) by debbugs.gnu.org; 25 Apr 2019 17:48:40 +0000 Received: from localhost ([127.0.0.1]:59268 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hJiUB-0001Hl-Ur for submit@debbugs.gnu.org; Thu, 25 Apr 2019 13:48:40 -0400 Received: from lepiller.eu ([89.234.186.109]:60140) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hJiUA-0001Hd-Ej for 35330-done@debbugs.gnu.org; Thu, 25 Apr 2019 13:48:39 -0400 Received: from sybil.lepiller.eu (89-92-10-229.hfc.dyn.abo.bbox.fr [89.92.10.229]) by lepiller.eu (OpenSMTPD) with ESMTPSA id 3b1c4c02 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO) for <35330-done@debbugs.gnu.org>; Thu, 25 Apr 2019 17:48:35 +0000 (UTC) Date: Thu, 25 Apr 2019 19:48:21 +0200 From: Julien Lepiller To: 35330-done@debbugs.gnu.org Subject: Re: [bug#35330] [PATCH] gnu: certbot: Add support for manual plugin. Message-ID: <20190425194821.191f4b22@sybil.lepiller.eu> In-Reply-To: <875zr3egdj.fsf@gnu.org> References: <20190419212320.20256-1-julien@lepiller.eu> <875zr3egdj.fsf@gnu.org> X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.32; x86_64-unknown-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 35330-done X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Le Wed, 24 Apr 2019 14:29:12 +0200, Ludovic Court=C3=A8s a =C3=A9crit : > Hello, >=20 > Julien Lepiller skribis: >=20 > > * gnu/services/certbot.scm (certificate-configuration): Add > > challenge, auth-hook and cleanup-hook fields. > > (certbot-command): Use them. > > * doc/guix.texi (Certificate Services): Document them. =20 >=20 > Neat! >=20 > Nitpick: >=20 > - s/http/HTTP/ > - two spaces after end-of-sentence period > - s/filename/file name/ >=20 > > +@item @code{challenge} (default: @code{#f}) > > +The challenge type that has to be run by certbot. If @code{#f} is > > specified, +default to the http challenge. If a value is specified, > > defaults to the +manual plugin (see @code{auth-hook} and > > @code{cleanup-hook}). =20 >=20 > If there=E2=80=99s a stable URL to upstream documentation, perhaps you co= uld > insert it here. >=20 > > +@item @code{auth-hook} (default: @code{#f}) =20 >=20 > Should it be called =E2=80=98authentication-hook=E2=80=99? >=20 > I=E2=80=99m definitely no expert, but I=E2=80=99d say go for it! >=20 > Thanks for working on it! >=20 > Ludo=E2=80=99. Thanks, pushed as b68aff1f05864a589b62afa44665a99e5cf43718. ------------=_1556214542-4983-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 19 Apr 2019 21:27:17 +0000 Received: from localhost ([127.0.0.1]:44814 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hHb2T-00014u-Dq for submit@debbugs.gnu.org; Fri, 19 Apr 2019 17:27:17 -0400 Received: from eggs.gnu.org ([209.51.188.92]:40218) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hHb2Q-00014U-22 for submit@debbugs.gnu.org; Fri, 19 Apr 2019 17:27:15 -0400 Received: from lists.gnu.org ([209.51.188.17]:57682) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hHb2K-000573-T2 for submit@debbugs.gnu.org; Fri, 19 Apr 2019 17:27:08 -0400 Received: from eggs.gnu.org ([209.51.188.92]:54466) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hHb2J-0000YG-Km for guix-patches@gnu.org; Fri, 19 Apr 2019 17:27:08 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_20 autolearn=disabled version=3.3.2 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hHayr-0003Te-B6 for guix-patches@gnu.org; Fri, 19 Apr 2019 17:23:34 -0400 Received: from lepiller.eu ([2a00:5884:8208::1]:50396) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hHayq-0003Sy-I0 for guix-patches@gnu.org; Fri, 19 Apr 2019 17:23:33 -0400 Received: from localhost.localdomain (89-92-10-229.hfc.dyn.abo.bbox.fr [89.92.10.229]) by lepiller.eu (OpenSMTPD) with ESMTPSA id 72de940e (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO) for ; Fri, 19 Apr 2019 21:23:30 +0000 (UTC) From: Julien Lepiller To: guix-patches@gnu.org Subject: [PATCH] gnu: certbot: Add support for manual plugin. Date: Fri, 19 Apr 2019 23:23:20 +0200 Message-Id: <20190419212320.20256-1-julien@lepiller.eu> X-Mailer: git-send-email 2.21.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:5884:8208::1 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) * gnu/services/certbot.scm (certificate-configuration): Add challenge, auth-hook and cleanup-hook fields. (certbot-command): Use them. * doc/guix.texi (Certificate Services): Document them. --- doc/guix.texi | 19 +++++++++++++++++++ gnu/services/certbot.scm | 38 ++++++++++++++++++++++++++++---------- 2 files changed, 47 insertions(+), 10 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 8c7522f286..7bbec33d10 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -19416,6 +19416,25 @@ Its default is the first provided domain. The first domain provided will be the subject CN of the certificate, and all domains will be Subject Alternative Names on the certificate. +@item @code{challenge} (default: @code{#f}) +The challenge type that has to be run by certbot. If @code{#f} is specified, +default to the http challenge. If a value is specified, defaults to the +manual plugin (see @code{auth-hook} and @code{cleanup-hook}). + +@item @code{auth-hook} (default: @code{#f}) +Command to be run in a shell once for each certificate challenge to be +answered. For this command, the shell variable @code{$CERTBOT_DOMAIN} +will contain the domain being authenticated, @code{$CERTBOT_VALIDATION} +contains the validation string and @code{$CERTBOT_TOKEN} contains the +filename of the resource requested when performing an HTTP-01 challenge. + +@item @code{cleanup-hook} (default: @code{#f}) +Command to be run in a shell once for each certificate challenge that +have been answered by the @code{auth-hook}. For this command, the shell +variables available in the @code{auth-hook} script are still available, and +additionally @code{$CERTBOT_AUTH_OUTPUT} will contain the standard output +of the @code{auth-hook} script. + @item @code{deploy-hook} (default: @code{#f}) Command to be run in a shell once for each successfully issued certificate. For this command, the shell variable diff --git a/gnu/services/certbot.scm b/gnu/services/certbot.scm index 7565bc97ca..95c39684cf 100644 --- a/gnu/services/certbot.scm +++ b/gnu/services/certbot.scm @@ -50,6 +50,12 @@ (default #f)) (domains certificate-configuration-domains (default '())) + (challenge certificate-configuration-challenge + (default #f)) + (auth-hook certificate-auth-hook + (default #f)) + (cleanup-hook certificate-cleanup-hook + (default #f)) (deploy-hook certificate-configuration-deploy-hook (default #f))) @@ -81,17 +87,29 @@ (commands (map (match-lambda - (($ custom-name domains - deploy-hook) + (($ custom-name domains challenge + auth-hook cleanup-hook deploy-hook) (let ((name (or custom-name (car domains)))) - (append - (list name certbot "certonly" "-n" "--agree-tos" - "-m" email - "--webroot" "-w" webroot - "--cert-name" name - "-d" (string-join domains ",")) - (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '()) - (if deploy-hook `("--deploy-hook" ,deploy-hook) '()))))) + (if challenge + (append + (list name certbot "certonly" "-n" "--agree-tos" + "-m" email + "--manual" + (string-append "--preferred-challenges=" challenge) + "--cert-name" name + "-d" (string-join domains ",")) + (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '()) + (if auth-hook `("--manual-auth-hook" ,auth-hook) '()) + (if cleanup-hook `("--manual-cleanup-hook" ,cleanup-hook) '()) + (if deploy-hook `("--deploy-hook" ,deploy-hook) '())) + (append + (list name certbot "certonly" "-n" "--agree-tos" + "-m" email + "--webroot" "-w" webroot + "--cert-name" name + "-d" (string-join domains ",")) + (if rsa-key-size `("--rsa-key-size" ,rsa-key-size) '()) + (if deploy-hook `("--deploy-hook" ,deploy-hook) '())))))) certificates))) (program-file "certbot-command" -- 2.21.0 ------------=_1556214542-4983-1--