1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122

use crate::errors::*;
use std::io::stdout;
use structopt::clap::{AppSettings, Shell};
use structopt::StructOpt;

const LETSENCRYPT: &str = "https://acme-v02.api.letsencrypt.org/directory";
// const LETSENCRYPT_STAGING: &str = "https://acme-staging-v02.api.letsencrypt.org/directory";

#[derive(Debug, StructOpt)]
#[structopt(global_settings = &[AppSettings::ColoredHelp])]
pub struct Args {
    /// Verbose logging output (Can be set multiple times)
    #[structopt(short, long, global = true, parse(from_occurrences))]
    pub verbose: u8,
    /// Silent output (except errors)
    #[structopt(short, long, global = true)]
    pub quiet: bool,
    #[structopt(
        short,
        long,
        value_name = "path",
        default_value = "/etc/acme-redirect.conf",
        env = "ACME_CONFIG"
    )]
    pub config: String,
    #[structopt(
        long,
        value_name = "path",
        default_value = "/etc/acme-redirect.d",
        env = "ACME_CONFIG_DIR"
    )]
    pub config_dir: String,
    #[structopt(
        long,
        value_name = "path",
        default_value = "/run/acme-redirect",
        env = "ACME_CHALL_DIR"
    )]
    pub chall_dir: String,
    #[structopt(
        long,
        value_name = "path",
        default_value = "/var/lib/acme-redirect",
        env = "ACME_DATA_DIR"
    )]
    pub data_dir: String,
    #[structopt(long, default_value=LETSENCRYPT, env="ACME_URL")]
    pub acme_url: String,
    #[structopt(long, env = "ACME_EMAIL")]
    pub acme_email: Option<String>,
    #[structopt(subcommand)]
    pub subcommand: SubCommand,
}

#[derive(Debug, Clone, StructOpt)]
pub enum SubCommand {
    #[structopt(flatten)]
    Cmds(Cmd),
    /// Generate shell completions
    Completions(Completions),
}

#[derive(Debug, Clone, StructOpt)]
pub enum Cmd {
    /// Run the redirect daemon
    Daemon(DaemonArgs),
    /// Show the status of our certificates
    Status,
    /// Request new certificates if needed
    Renew(RenewArgs),
    /// Check if the challenges could be completed
    Check(CheckArgs),
}

#[derive(Debug, Clone, StructOpt)]
pub struct DaemonArgs {
    /// The address to listen on
    #[structopt(short = "B", long, default_value = "[::]:80", env = "ACME_BIND_ADDR")]
    pub bind_addr: String,
    /// Drop from root to this user
    #[structopt(long)]
    pub user: Option<String>,
    /// Chroot into the challenge directory
    #[structopt(long)]
    pub chroot: bool,
}

#[derive(Debug, Clone, StructOpt)]
pub struct RenewArgs {
    /// Do not actually do anything, just show what would happen
    #[structopt(short = "n", long)]
    pub dry_run: bool,
    /// Renew certificates even if they are not about to expire
    #[structopt(long)]
    pub force_renew: bool,
    // TODO: add code to check if the cert actually fulfills the dns_names in the config
    /// Do not execute the configured exec commands
    #[structopt(long)]
    pub skip_restarts: bool,
    /// Don't clean up old certs that are not live anymore
    #[structopt(long)]
    pub skip_cleanup: bool,
    /// Only renew specific certs
    pub certs: Vec<String>,
}

#[derive(Debug, Clone, StructOpt)]
pub struct CheckArgs {
    /// Only check specific certs
    pub certs: Vec<String>,
}

#[derive(Debug, Clone, StructOpt)]
pub struct Completions {
    #[structopt(possible_values=&Shell::variants())]
    pub shell: Shell,
}

pub fn gen_completions(args: &Completions) -> Result<()> {
    Args::clap().gen_completions_to("acme-redirect", args.shell, &mut stdout());
    Ok(())
}