bug#32845: guix.info: Missing manual

[Tobias Geerinckx-Rice]

Ludo', Guix,

Ludovic Courtès wrote:
> Ricardo Wurmus <address@hidden> skribis:
> > “certbot” can be used with manual DNS validation, which
> > requires us to deploy a DNS TXT record.  This can be automated 
> > with
> > certbot hooks (scripts that have access to the token that 
> > should be
> > published via environment variables) or through JSON mode, 
> > which returns
> > an object with the token that can be processed through other 
> > means.
>
> I didn’t know about all this!  Looks like our Certbot service 
> doesn’t
> support it though?

Not out of the box, and last time I checked vanilla certbot didn't 
provide an nsupdate (RFC2136) hook alongside all the DNSaaS API 
rubbish.

But it's certainly possible, and wonderfully stable once set 
up. t.gr runs entirely on GuixSD + Knot + DNS-validated LE certs.

Kind regards,

T G-R