07/07: gnu: Add go-github-com-caddyserver-certmagic.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

07/07: gnu: Add go-github-com-caddyserver-certmagic.

From:	guix-commits
Subject:	07/07: gnu: Add go-github-com-caddyserver-certmagic.
Date:	Fri, 22 Nov 2024 11:01:25 -0500 (EST)

avp pushed a commit to branch master
in repository guix.

commit 043f02462766a913080723ad286028a288b79373
Author: Artyom V. Poptsov <poptsov.artyom@gmail.com>
AuthorDate: Thu Nov 14 23:09:37 2024 +0300

    gnu: Add go-github-com-caddyserver-certmagic.
    
    * gnu/packages/golang-web.scm (go-github-com-caddyserver-certmagic): New 
variable.
    
    Change-Id: I54093acde851c9a73e18f8c557650d72a521c05f
    Reviewed-by: Sharlatan Hellseher <sharlatanus@gmail.com>
---
 gnu/packages/golang-web.scm | 80 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 80 insertions(+)

diff --git a/gnu/packages/golang-web.scm b/gnu/packages/golang-web.scm
index 689048b368..852ea31427 100644
--- a/gnu/packages/golang-web.scm
+++ b/gnu/packages/golang-web.scm
@@ -641,6 +641,86 @@ Manager,NTLM}/Negotiate authentication over HTTP.")
      "This package provides SCSS compiler support for Go applications.")
     (license license:expat)))
 
+(define-public go-github-com-caddyserver-certmagic
+  (package
+    (name "go-github-com-caddyserver-certmagic")
+    (version "0.21.4")
+    (source
+     (origin
+       (method git-fetch)
+       (uri (git-reference
+             (url "https://github.com/caddyserver/certmagic";)
+             (commit (string-append "v" version))))
+       (file-name (git-file-name name version))
+       (sha256
+        (base32 "061whx9p00lpxlfnywizqx5z9b020ggqg5vx5r5v2qhdrprg1gkz"))))
+    (build-system go-build-system)
+    (arguments
+     (list
+      #:test-flags
+      #~(list "-skip"
+              ;; Some tests require networking to run so skip them altogether.
+              (string-join
+               (list "TestLookupNameserversOK/physics.georgetown.edu."
+                     "TestFindZoneByFqdn/domain_is_a_CNAME"
+                     "TestFindZoneByFqdn/domain_is_a_non-existent_subdomain"
+                     "TestFindZoneByFqdn/domain_is_a_eTLD"
+                     "TestFindZoneByFqdn/domain_is_a_cross-zone_CNAME"
+                     "TestFindZoneByFqdn/NXDOMAIN"
+                     "TestFindZoneByFqdn/several_non_existent_nameservers")
+               "|"))
+      #:import-path "github.com/caddyserver/certmagic"))
+    (propagated-inputs
+     (list go-github-com-caddyserver-zerossl
+           go-github-com-klauspost-cpuid-v2
+           go-github-com-libdns-libdns
+           go-github-com-mholt-acmez
+           go-github-com-miekg-dns
+           go-github-com-zeebo-blake3
+           go-go-uber-org-zap
+           go-golang-org-x-crypto
+           go-golang-org-x-net))
+    (home-page "https://github.com/caddyserver/certmagic";)
+    (synopsis "Automatic HTTPS for any Go program")
+    (description
+     "@code{certmagic} provides API for TLS Automation with full control over 
almost
+every aspect of the system.
+
+Main features:
+@itemize
+@item Fully automated certificate management including issuance and renewal, 
with
+support for certificate revocation.  Also works in conjunction with your own
+certificates.
+@item Wildcard certificates.
+@item One-line, fully managed HTTPS servers, with HTTP->HTTPS redirects.
+@item Multiple issuers supported: get certificates from multiple sources/CAs 
for
+redundancy and resiliency.
+@item Solves all 3 common ACME challenges: HTTP, TLS-ALPN, and DNS (and 
capable of
+others.)
+@item Robust error handling:
+@itemize
+@item Challenges are randomized to avoid accidental dependence and rotated to
+overcome certain network blockages.
+@item Robust retries for up to 30 days.
+@item Exponential backoff with carefully-tuned intervals.
+@item Retries with optional test/staging CA endpoint instead of production, to 
avoid
+rate limits.
+@end itemize
+@item All libdns DNS providers work out-of-the-box.
+@item Pluggable storage backends (default: file system) and key sources.
+@item Automatic OCSP stapling.
+@item Distributed solving of all challenges (works behind load balancers.)
+@item Supports @samp{on-demand} issuance of certificates.
+@item Optional event hooks for observation.
+@item One-time private keys by default (new key for each cert) to discourage 
pinning
+and reduce scope of key compromise.
+@item Works with any certificate authority (CA) compliant with the ACME 
specification
+@url{https://tools.ietf.org/html/rfc8555, RFC 8555}.
+@item Must-Staple (optional; not default.)
+@item Full support for draft-ietf-acme-ari (ACME Renewal Information; ARI) 
extension.
+@end itemize")
+    (license license:expat)))
+
 (define-public go-github-com-caddyserver-zerossl
   (package
     (name "go-github-com-caddyserver-zerossl")

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (2fec407b27 -> 043f024627), guix-commits, 2024/11/22
- 02/07: gnu: Add go-github-com-libdns-libdns., guix-commits, 2024/11/22
- 03/07: gnu: Add go-github-com-mholt-acmez., guix-commits, 2024/11/22
- 04/07: gnu: Add go-github-com-zeebo-assert., guix-commits, 2024/11/22
- 06/07: gnu: Add go-github-com-zeebo-blake3., guix-commits, 2024/11/22
- 01/07: gnu: Add go-github-com-caddyserver-zerossl., guix-commits, 2024/11/22
- 05/07: gnu: Add go-github-com-zeebo-pcg., guix-commits, 2024/11/22
- 07/07: gnu: Add go-github-com-caddyserver-certmagic., guix-commits <=

Prev by Date: 05/07: gnu: Add go-github-com-zeebo-pcg.
Next by Date: 01/04: gnu: python-astroid: Update to 3.3.4.
Previous by thread: 05/07: gnu: Add go-github-com-zeebo-pcg.
Next by thread: branch python-team updated (4d37afea90 -> ece7d6d883)
Index(es):
- Date
- Thread