diff --git a/README.md b/README.md index 9d5978c4..46857c2d 100644 --- a/README.md +++ b/README.md @@ -76,7 +76,7 @@ correctly. ### Binary ```bash -pebble -config ./test/config/pebble-config.json +pebble -config ./test/config/default-config.json ``` Afterwards you can access the Pebble server's ACME directory @@ -206,7 +206,7 @@ challenge to observe the state since the CA may send many validation requests. To test issuance "at full speed" with no artificial sleeps set the environment variable `PEBBLE_VA_NOSLEEP` to `1`. E.g. -`PEBBLE_VA_NOSLEEP=1 pebble -config ./test/config/pebble-config.json` +`PEBBLE_VA_NOSLEEP=1 pebble -config ./test/config/default-config.json` The maximal number of seconds to sleep can be configured by defining `PEBBLE_VA_SLEEPTIME`. It must be set to a positive integer. @@ -282,7 +282,7 @@ These endpoints are specific to Pebble and its internal behavior, and are not pa of the RFC 8555 that defines the ACME protocol. The management interface is configured by the `managementListenAddress` field in -`pebble-config.json` that defines the address and the port on which the management +`default-config.json` that defines the address and the port on which the management interface will listen on. Set `managementListenAddress` to an empty string or `null` to disable it. @@ -353,12 +353,12 @@ The endpoint returns the information as a JSON object: Pebble does not support the OCSP protocol as a responder and so does not set the OCSP Responder URL in the issued certificates. However, if you setup a proper OCSP Responder run side by side with Pebble, you may want to set this URL. -This is possible by setting the field `ocspResponderURL` of the `pebble-config.json` +This is possible by setting the field `ocspResponderURL` of the `default-config.json` consummed by Pebble to a non empty string: in this case, this string will be use in the appropriate field of all issued certificates. For instance, to have Pebble issue certificates that instruct a client to check the URL `http://127.0.0.1:4002` -to retrieve the OCSP status of a certificate, run Pebble with a `pebble-config.json` that includes: +to retrieve the OCSP status of a certificate, run Pebble with a `default-config.json` that includes: ``` "ocspResponderURL": "http://127.0.0.1:4002", diff --git a/cmd/pebble/main.go b/cmd/pebble/main.go index bb4bea4b..962e5213 100644 --- a/cmd/pebble/main.go +++ b/cmd/pebble/main.go @@ -29,10 +29,21 @@ type config struct { } } +const DefaultConfigPath = "test/config/default-config.json" + +func getDefaultConfig() config { + var c config + if _, err := os.Stat(DefaultConfigPath); err == nil { + err := cmd.ReadConfigFile(DefaultConfigPath, &c) + cmd.FailOnError(err, "Reading default JSON config file into config structure") + } + return c +} + func main() { configFile := flag.String( "config", - "test/config/pebble-config.json", + DefaultConfigPath, "File path to the Pebble configuration file") strictMode := flag.Bool( "strict", @@ -52,7 +63,7 @@ func main() { logger := log.New(os.Stdout, "Pebble ", log.LstdFlags) logger.Printf("Starting Pebble ACME server") - var c config + c := getDefaultConfig() err := cmd.ReadConfigFile(*configFile, &c) cmd.FailOnError(err, "Reading JSON config file into config structure") diff --git a/docker-compose.yml b/docker-compose.yml index 96170349..199751bf 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,7 +2,7 @@ version: '3' services: pebble: image: letsencrypt/pebble:latest - command: pebble -config /test/config/pebble-config.json -strict -dnsserver 10.30.50.3:8053 + command: pebble -config /test/config/default-config.json -strict -dnsserver 10.30.50.3:8053 environment: # TODO(@cpu): Delete this explicit GODEBUG env var once Pebble is built # with Go 1.13.x which defaults TLS 1.3 to on diff --git a/test/config/pebble-config.json b/test/config/default-config.json similarity index 100% rename from test/config/pebble-config.json rename to test/config/default-config.json