add --no-email for disabling email in ACME query

Signed-off-by: schou <pschou@users.noreply.github.com>
2025-01-22 05:39:28 +02:00 · 2023-12-05 14:05:19 -05:00 · 2023-12-05 14:05:19 -05:00 · 6a0a788d35
commit 6a0a788d35
parent 7186ebb6f1
3 changed files with 16 additions and 4 deletions
--- a/cmd/accounts_storage.go
+++ b/cmd/accounts_storage.go
@ -68,8 +68,13 @@ type AccountsStorage struct {

 // NewAccountsStorage Creates a new AccountsStorage.
 func NewAccountsStorage(ctx *cli.Context) *AccountsStorage {
-	// TODO: move to account struct? Currently MUST pass email.
-	email := getEmail(ctx)
+	var userID string
+	if ctx.IsSet("no-email") {
+		userID = "default"
+	} else {
+		// TODO: move to account struct?
+		userID = getEmail(ctx)
+	}

 	serverURL, err := url.Parse(ctx.String("server"))
 	if err != nil {
@ -79,10 +84,10 @@ func NewAccountsStorage(ctx *cli.Context) *AccountsStorage {
 	rootPath := filepath.Join(ctx.String("path"), baseAccountsRootFolderName)
 	serverPath := strings.NewReplacer(":", "_", "/", string(os.PathSeparator)).Replace(serverURL.Host)
 	accountsPath := filepath.Join(rootPath, serverPath)
-	rootUserPath := filepath.Join(accountsPath, email)
+	rootUserPath := filepath.Join(accountsPath, userID)

 	return &AccountsStorage{
-		userID:          email,
+		userID:          userID,
 		rootPath:        rootPath,
 		rootUserPath:    rootUserPath,
 		keysPath:        filepath.Join(rootUserPath, baseKeysFolderName),
--- a/cmd/flags.go
+++ b/cmd/flags.go
@ -31,6 +31,12 @@ func CreateFlags(defaultPath string) []cli.Flag {
 			Aliases: []string{"m"},
 			Usage:   "Email used for registration and recovery contact.",
 		},
+		&cli.BoolFlag{
+			Name:    "no-email",
+			Aliases: []string{"M"},
+			EnvVars: []string{"LEGO_NO_EMAIL"},
+			Usage:   "Create an ACME request not including an email address.",
+		},
 		&cli.StringFlag{
 			Name:    "csr",
 			Aliases: []string{"c"},
--- a/docs/data/zz_cli_help.toml
+++ b/docs/data/zz_cli_help.toml
@ -23,6 +23,7 @@ GLOBAL OPTIONS:
   --server value, -s value                                     CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client. (default: "https://acme-v02.api.letsencrypt.org/directory")
   --accept-tos, -a                                             By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service. (default: false)
   --email value, -m value                                      Email used for registration and recovery contact.
+   --no-email, -M                                               Create an ACME request not including an email address. (default: false) [$LEGO_NO_EMAIL]
   --csr value, -c value                                        Certificate signing request filename, if an external CSR is to be used.
   --eab                                                        Use External Account Binding for account registration. Requires --kid and --hmac. (default: false) [$LEGO_EAB]
   --kid value                                                  Key identifier from External CA. Used for External Account Binding. [$LEGO_EAB_KID]