ask letsencrypt update email

debian/diaspora-common.config

@@ -18,6 +18,9 @@ set -e
       db_set diaspora-common/url "$SERVERNAME"
       db_set diaspora-common/ssl "${diaspora_https:-true}"
       db_set diaspora-common/letsencrypt "${diaspora_letsencrypt:-false}"
+      if [ -n "$diaspora_letsencrypt_email" ]; then
+        db_set diaspora-common/letsencrypt_email "${diaspora_letsencrypt_email}"
+      fi
   fi
 
 # What is your pod address?
@@ -36,6 +39,14 @@ if command -v letsencrypt >/dev/null; then
   then
     db_input high diaspora-common/letsencrypt || true
     db_go
+    db_get diaspora-common/letsencrypt
+    diaspora_letsencrypt=$RET
+    if [ "$diaspora_letsencrypt" = "true" ]; then
+      # Get email for letsencrypt updates
+      db_input high diaspora-common/letsencrypt_email || true
+      db_go
+    fi
+
   fi
 fi
 

debian/diaspora-common.postinst

@@ -73,6 +73,8 @@ case "$1" in
     fi
     db_get diaspora-common/letsencrypt
     diaspora_letsencrypt=$RET
+    db_get diaspora-common/letsencrypt_email
+    diaspora_letsencrypt_email=$RET
 
     # If the admin deleted or commented some variables but then set
     # them via debconf, (re-)add them to the conffile.
@@ -82,9 +84,12 @@ case "$1" in
         echo "diaspora_https=" >> ${diaspora_conf_private}
     test -z "$diaspora_letsencrypt" || grep -Eq '^ *diaspora_letsencrypt=' ${diaspora_conf_private} || \
         echo "diaspora_letsencrypt=" >> ${diaspora_conf_private}
+    test -z "$diaspora_letsencrypt_email" || grep -Eq '^ *diaspora_letsencrypt_email=' ${diaspora_conf_private} || \
+        echo "diaspora_letsencrypt_email=" >> ${diaspora_conf_private}
     sed -e "s/^ *SERVERNAME=.*/SERVERNAME=\"$SERVERNAME\"/" \
         -e "s/^ *diaspora_https=.*/diaspora_https=\"$diaspora_https\"/" \
         -e "s/^ *diaspora_letsencrypt=.*/diaspora_letsencrypt=\"$diaspora_letsencrypt\"/" \
+        -e "s/^ *diaspora_letsencrypt_email=.*/diaspora_letsencrypt_email=\"$diaspora_letsencrypt_email\"/" \
             < ${diaspora_conf_private} > ${diaspora_conf_private}.tmp
         mv -f ${diaspora_conf_private}.tmp ${diaspora_conf_private}
 
@@ -120,10 +125,11 @@ case "$1" in
 	      echo "Stopping nginx for letsencrypt..."
 	      invoke-rc.d nginx stop
 	    fi
-	    letsencrypt --standalone -d ${SERVERNAME} certonly || {
+	    LETSENCRYPT_CMD="letsencrypt --standalone --agree-tos -m $diaspora_letsencrypt_email -d ${SERVERNAME} certonly"
+            $LETSENCRYPT_CMD || {
 	    echo "letsencrypt auto configuration failed..."
 	    echo "Stop your webserver and try running letsencrypt manually..."
-	    echo "letsencrypt -d ${SERVERNAME} certonly"
+	    echo "$LETSENCRYPT_CMD"
 	    }
 	  fi
         fi

debian/diaspora-common.templates

@@ -59,7 +59,13 @@ _Description: Use Let's Encrypt?
  .
  Note: letsencrypt does not have a usable nginx plugin currently, so
  certificates must be renewed manually after 3 months, when current
- letsencrypt certificate expire.
+ letsencrypt certificate expire. If you choose yes here, you will also be
+ agreeing to letsencrypt terms of service.
+
+Template: diaspora-common/letsencrypt_email
+Type: string
+_Description: Email address for letsencrypt updates:
+ Please provide a valid email address for letsencrypt updates.
 
 Template: diaspora-common/dbbackup
 Type: note