Merge pull request #154 from famfo/feat/file_ext

Add option to customize file extension
breard-r · Dec 20, 2024 · 01203d0 · 01203d0
2 parents 9609c34 + 76a5ba8
commit 01203d0
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 5 deletions.
diff --git a/acmed/src/config.rs b/acmed/src/config.rs
@@ -147,6 +147,13 @@ impl Config {
 		}
 	}
 
+	pub fn get_cert_file_ext(&self) -> Option<String> {
+		match &self.global {
+			Some(g) => g.cert_file_ext.to_owned(),
+			None => None,
+		}
+	}
+
 	pub fn get_pk_file_mode(&self) -> u32 {
 		match &self.global {
 			Some(g) => match g.pk_file_mode {
@@ -170,6 +177,13 @@ impl Config {
 			None => None,
 		}
 	}
+
+	pub fn get_pk_file_ext(&self) -> Option<String> {
+		match &self.global {
+			Some(g) => g.pk_file_ext.to_owned(),
+			None => None,
+		}
+	}
 }
 
 #[derive(Clone, Deserialize)]
@@ -179,13 +193,15 @@ pub struct GlobalOptions {
 	pub cert_file_group: Option<String>,
 	pub cert_file_mode: Option<u32>,
 	pub cert_file_user: Option<String>,
+	pub cert_file_ext: Option<String>,
 	pub certificates_directory: Option<String>,
 	#[serde(default)]
 	pub env: HashMap<String, String>,
 	pub file_name_format: Option<String>,
 	pub pk_file_group: Option<String>,
 	pub pk_file_mode: Option<u32>,
 	pub pk_file_user: Option<String>,
+	pub pk_file_ext: Option<String>,
 	pub random_early_renew: Option<String>,
 	pub renew_delay: Option<String>,
 	pub root_certificates: Option<Vec<String>>,

diff --git a/acmed/src/main_event_loop.rs b/acmed/src/main_event_loop.rs
@@ -57,9 +57,11 @@ impl MainEventLoop {
 				cert_file_mode: cnf.get_cert_file_mode(),
 				cert_file_owner: cnf.get_cert_file_user(),
 				cert_file_group: cnf.get_cert_file_group(),
+				cert_file_ext: cnf.get_cert_file_ext(),
 				pk_file_mode: cnf.get_pk_file_mode(),
 				pk_file_owner: cnf.get_pk_file_user(),
 				pk_file_group: cnf.get_pk_file_group(),
+				pk_file_ext: cnf.get_pk_file_ext(),
 				hooks: acc
 					.get_hooks(&cnf)?
 					.iter()
@@ -91,9 +93,11 @@ impl MainEventLoop {
 				cert_file_mode: cnf.get_cert_file_mode(),
 				cert_file_owner: cnf.get_cert_file_user(),
 				cert_file_group: cnf.get_cert_file_group(),
+				cert_file_ext: cnf.get_cert_file_ext(),
 				pk_file_mode: cnf.get_pk_file_mode(),
 				pk_file_owner: cnf.get_pk_file_user(),
 				pk_file_group: cnf.get_pk_file_group(),
+				pk_file_ext: cnf.get_pk_file_ext(),
 				hooks: hooks
 					.iter()
 					.filter(|h| !h.hook_type.is_disjoint(&file_hooks))

diff --git a/acmed/src/storage.rs b/acmed/src/storage.rs
@@ -22,9 +22,11 @@ pub struct FileManager {
 	pub cert_file_mode: u32,
 	pub cert_file_owner: Option<String>,
 	pub cert_file_group: Option<String>,
+	pub cert_file_ext: Option<String>,
 	pub pk_file_mode: u32,
 	pub pk_file_owner: Option<String>,
 	pub pk_file_group: Option<String>,
+	pub pk_file_ext: Option<String>,
 	pub hooks: Vec<Hook>,
 	pub env: HashMap<String, String>,
 }
@@ -93,17 +95,22 @@ fn get_file_full_path(
 		FileType::PrivateKey => &fm.crt_directory,
 		FileType::Certificate => &fm.crt_directory,
 	};
+	let ext = match file_type {
+		FileType::Account => "bin".to_string(),
+		FileType::PrivateKey => fm.pk_file_ext.clone().unwrap_or("pem".to_string()),
+		FileType::Certificate => fm.cert_file_ext.clone().unwrap_or("pem".to_string()),
+	};
 	let file_name = match file_type {
 		FileType::Account => format!(
 			"{account}.{file_type}.{ext}",
 			account = b64_encode(&fm.account_name),
 			file_type = file_type,
-			ext = "bin"
+			ext = ext
 		),
 		FileType::PrivateKey | FileType::Certificate => {
 			let fmt_data = CertFileFormat {
 				key_type: fm.crt_key_type.to_string(),
-				ext: "pem".into(),
+				ext,
 				file_type: file_type.to_string(),
 				name: fm.crt_name.to_owned(),
 			};

diff --git a/man/en/acmed.toml.5 b/man/en/acmed.toml.5
@@ -136,9 +136,10 @@ element, is used. Default is
 Possible variables are:
 .Bl -tag
 .It Ic ext Ar string
-File extension. Currently, only
-.Dq pem
-is supported.
+File extension. See
+.Xr cert_file_ext
+and
+.Xr pk_file_ext
 .It Ic file_type Ar string
 Contains
 .Dq pk
@@ -285,6 +286,8 @@ for more details.
 Specify the user who will own newly-created certificates files. See
 .Xr chown 2
 for more details.
+.It Cm cert_file_ext Ft string
+Specify the file extension of certificate files.
 .It Cm certificates_directory Ar string
 Specify the directory where the certificates and their associated private keys are stored.
 .It Ic env Ar table
@@ -307,6 +310,8 @@ for more details.
 Specify the user who will own newly-created private-key files. See
 .Xr chown 2
 for more details.
+.It Cm pk_file_ext Ft string
+Specify the file extension of private-key files.
 .It Cm random_early_renew Ar string
 Period of time before the usual certificate renewal, in which the certificate will renew at a random time. This is useful for when
 you want to even out your certificate orders when you're dealing with very large numbers of certificates. The format is described in the