On 2018/01/15 19:34, Alexander Hall wrote: > > > On January 15, 2018 6:11:24 PM GMT+01:00, Stuart Henderson > <s...@spacehopper.org> wrote: > >On 2018/01/15 12:16, Stuart Henderson wrote: > >> I generally prefer to use acme-client than the python or > >bash+openssl(1) > >> monstrosities to fetch SSL certificates, but I have some systems > >where > >> I need to use the DNS-01 challenge type which was removed from the > >> version in base. > >> > >> Any objections or OKs to adding a port for Kristaps' original version > >> (attached)? > >> > > > > > > > >Hrrmmmm. Now I've tried to actually run dns-01 from a shell script > >rather > >than faking it with copy-and-paste, I'm not sure if it's actually going > >to > >be all that useful... > > > >The mechanism requires > > > >1. read from acme-client's stdout. > >2. run a command based on that output. > >3. when the command has run, echo the line back to acme-client's stdin. > > > >(repeat until EOF from acme-client.) > > > >I've tried with "eacme-client | (while read... )", various ways with > >fifos, and coroutines, but it all blocks somewhere. Now I started > >reading the expect(1) manual to try and do it that way which is never > >a good sign... > > A good recipe for lockups, but did you try sth like > > $ dns-01 |& acme-client <&p >&p > > ?
Awesome! That works well enough, thank you very much.
