Hi,
On Thu, Jun 02, 2016 at 19:57:23 +0000, Mattia Rizzolo wrote:
> On Thu, Jun 02, 2016 at 06:25:48PM +0200, Elrond wrote:
> > could you consider to provide the attached file as
> > /etc/lighttpd/conf-available/10-letsencrypt.sh-challenge.conf
>
> Yes! we were waiting for somebody to provide such file :)
Cool!
> > You might leave activating it to the admin. But having the
> > file already in place might make the admin's live easier.
> [..]
> > I don't think, it's needed to put this in its own package
> > like the -apache2 one.
>
> the apache2 one activates itself when installing, and I find that a
> feature.
I think, both views are possible.
For nginx (I *might* provide the snippet in an upcoming
wishlist bug) the case is ever harder: The admin needs to
add a "include ..." by hand.
> > It's just a file you ship, that wont
> > hurt anyone.
>
> and I find shipping unused/useless files in /etc sad. /etc is already
> bloated enouhg.
Well, they are there to "enhance" another package, namely
lighttpd. Most packages having an "Enhances:" tag ship
stuff that only gets used, if the appropiate enhanced
package is installed.
> Is there some thing like dh-apache2 to enable/deal with that conf, etc?
Sadly, there is not.
BUT:
javascript-common:postinst,prerm,postrm have snippets for
lighttpd to do what you want!
> > alias.url += (
> > "/.well-known/acme-challenge" =>
> > "/var/lib/letsencrypt.sh/acme-challenges"
> > )
>
> I'm not a lighttpd guy, is this apache2 conf snippet needed/wanted here
> too?
>
> <Directory /var/lib/letsencrypt.sh/acme-challenges/>
> Options FollowSymlinks
> Options -Indexes
> AllowOverride None
> Require all granted
> </Directory>
I *think* most of those should be the default.
I will check that and let you know.
That said, I wonder, whether FollowSymlinks is needed at
all? /var/lib/letsencrypt.sh/acme-challenges should be a
normal directory and the created files in there are files,
not symlinks?
Cheers
Elrond
