Re: Scripts with PHP shebang & mbedtls (wip/hiawatha)

[Greg Troxel <gdt%lexort.com@localhost>]

Kevin Bloom <ktnb%posteo.net@localhost> writes:

Regarding LE and TLS: I have machines where I run webservers that have
LE certs, but I do not use any webserver-provided scripts, and do not
use any PHP, to generate/manage.  I just use certbot.  My particular
choice of mechanism is perhaps unorthodox, but I just don't run a server
on port 80 at all, and let certbot answer challenges with no webserver
integration.    certbot does have 'webroot' integration where you point
it at a dir that is served, and it puts the challenge responses there,
so you can use certbot with hiawatha and have LE certs, and not use the
hiawatha code.

There is of course certs from other than LE, but I don't run into that
on machines running pkgsrc much.

> Thank you for your input on your distaste in requiring php by default!
> What you say makes sense.

I wasn't clear enough about C.  What I meant was to create a package
'hiawatha-scripts' (name not critical) that contains, for now, only the
LE php script, and depends on both php and hiawatha.  Thus people that
want that can install it, and people that don't want php can not install
it, and other than you doing more work, everyone could be happy.

> Also, it appears that hauke@ had been working on hiawatha for some
> time so I will likely stop my works on this to let Hauke finish.

Perhaps, but Hauke has declined to put temporary work in wip, so it's
really hard to tell where things are and how close it is.    If your
package just doesn't install the script, it might be close to ready or
even ready -- I haven't really looked.