Re: Scripts with PHP shebang & mbedtls (wip/hiawatha)

To: Greg Troxel <gdt%lexort.com@localhost>
Subject: Re: Scripts with PHP shebang & mbedtls (wip/hiawatha)
From: Kevin Bloom <ktnb%posteo.net@localhost>
Date: Mon, 25 Mar 2024 01:37:08 +0000

Greg Troxel <gdt%lexort.com@localhost> wrote:

> Regarding LE and TLS: I have machines where I run webservers that have
> LE certs, but I do not use any webserver-provided scripts, and do not
> use any PHP, to generate/manage.  I just use certbot.  My particular
> choice of mechanism is perhaps unorthodox, but I just don't run a server
> on port 80 at all, and let certbot answer challenges with no webserver
> integration.    certbot does have 'webroot' integration where you point
> it at a dir that is served, and it puts the challenge responses there,
> so you can use certbot with hiawatha and have LE certs, and not use the
> hiawatha code.
>
> There is of course certs from other than LE, but I don't run into that
> on machines running pkgsrc much.

Yes, makes sense. I wonder if it would be "incorrect" to just install
the script but not require PHP. Maybe just put something in the MESSAGE?
(I've haven't read up on what the MESSAGE is for or if this would make
sense)

> > Thank you for your input on your distaste in requiring php by default!
> > What you say makes sense.
> 
> I wasn't clear enough about C.  What I meant was to create a package
> 'hiawatha-scripts' (name not critical) that contains, for now, only the
> LE php script, and depends on both php and hiawatha.  Thus people that
> want that can install it, and people that don't want php can not install
> it, and other than you doing more work, everyone could be happy.

Oh, that seems like a nice solution. Doesn't seem overly complicated.
Would the scripts package do something like a meta-package?

> > Also, it appears that hauke@ had been working on hiawatha for some
> > time so I will likely stop my works on this to let Hauke finish.
> 
> Perhaps, but Hauke has declined to put temporary work in wip, so it's
> really hard to tell where things are and how close it is.    If your
> package just doesn't install the script, it might be close to ready or
> even ready -- I haven't really looked.

I just don't want to step on any toes. Plus, there are some options
that I was thinking about adding in and his recipe already does it.
For example, there is a hiawatha monitor that would make sense as an
option. That being said, there are other things that still need
work: CONF_FILES, rc script, & questions about using $PREFIX/var or
/var).

Follow-Ups:
- Re: Scripts with PHP shebang & mbedtls (wip/hiawatha)
  - From: Greg Troxel

References:
- Scripts with PHP shebang & mbedtls (wip/hiawatha)
  - From: Kevin Bloom
- Re: Scripts with PHP shebang & mbedtls (wip/hiawatha)
  - From: Greg Troxel
- Re: Scripts with PHP shebang & mbedtls (wip/hiawatha)
  - From: Kevin Bloom
- Re: Scripts with PHP shebang & mbedtls (wip/hiawatha)
  - From: Martin Husemann
- Re: Scripts with PHP shebang & mbedtls (wip/hiawatha)
  - From: Kevin Bloom
- Re: Scripts with PHP shebang & mbedtls (wip/hiawatha)
  - From: Greg Troxel

Prev by Date: daily pkgsrc CVS update output
Next by Date: Re: 2024Q1 freeze planning
Previous by Thread: Re: Scripts with PHP shebang & mbedtls (wip/hiawatha)
Next by Thread: Re: Scripts with PHP shebang & mbedtls (wip/hiawatha)
Indexes:

Home | Main Index | Thread Index | Old Index