ask email for letsencrypt

debian/config

@@ -18,6 +18,9 @@ set -e
       db_set gitlab/user "$gitlab_user"
       db_set gitlab/ssl "${GITLAB_HTTPS:-false}"
       db_set gitlab/letsencrypt "${gitlab_letsencrypt:-false}"
+      if [ -n "$gitlab_letsencrypt_email" ]; then
+        db_set gitlab/letsencrypt_email "${gitlab_letsencrypt_email}"
+      fi
   fi
 
 # What is your fqdn?
@@ -36,6 +39,13 @@ if command -v letsencrypt >/dev/null; then
   then
     db_input high gitlab/letsencrypt || true
     db_go
+    db_get gitlab/letsencrypt
+    gitlab_letsencrypt_email=$RET
+    if [ "$gitlab_letsencrypt" = "true" ]; then
+      # Get email for letsencrypt updates
+      gitlab_letsencrypt_email=$RET
+      db_input high gitlab/letsencrypt_email || true
+    fi
   fi
 fi
 

debian/gitlab.templates

@@ -56,7 +56,13 @@ _Description: Use Let's Encrypt?
  .
  Note: letsencrypt does not have a usable nginx plugin currently, so
  certificates must be renewed manually after 3 months, when current
- letsencrypt certificate expire.
+ letsencrypt certificate expire. If you choose yes here, you will also be
+ agreeing to letsencrypt terms of service.
+
+Template: gitlab/letsencrypt_email
+Type: string
+_Description: Email address for letsencrypt updates:
+ Please provide a valid email address for letsencrypt updates.
 
 Template: gitlab/purge_data
 Type: boolean

debian/postinst

@@ -150,6 +150,8 @@ case "$1" in
     gl_proto="http"
     db_get gitlab/letsencrypt
     gitlab_letsencrypt=$RET
+    db_get gitlab/letsencrypt_email
+    gitlab_letsencrypt_email=$RET
 
     cp -a -f ${gitlab_debian_conf_private} ${gitlab_debian_conf_private}.tmp
 
@@ -169,6 +171,8 @@ case "$1" in
         echo "GITLAB_HTTPS=" >> ${gitlab_debian_conf_private}
     test -z "$gitlab_letsencrypt" || grep -Eq '^ *gitlab_letsencrypt=' ${gitlab_debian_conf_private} || \
         echo "gitlab_letsencrypt=" >> ${gitlab_debian_conf_private}
+    test -z "$gitlab_letsencrypt_email" || grep -Eq '^ *gitlab_letsencrypt_email=' ${gitlab_debian_conf_private} || \
+        echo "gitlab_letsencrypt_email=" >> ${gitlab_debian_conf_private}
     sed -e "s/^ *GITLAB_HOST=.*/GITLAB_HOST=\"$GITLAB_HOST\"/" \
         -e "s/^ *GITLAB_EMAIL_FROM=.*/GITLAB_EMAIL_FROM=\"$GITLAB_EMAIL_FROM\"/" \
         -e "s/^ *GITLAB_EMAIL_DISPLAY_NAME=.*/GITLAB_EMAIL_DISPLAY_NAME=\"$GITLAB_EMAIL_DISPLAY_NAME\"/" \
@@ -176,6 +180,7 @@ case "$1" in
         -e "s/^ *gitlab_user=.*/gitlab_user=\"$gitlab_user\"/" \
         -e "s/^ *GITLAB_HTTPS=.*/GITLAB_HTTPS=\"$GITLAB_HTTPS\"/" \
         -e "s/^ *gitlab_letsencrypt=.*/gitlab_letsencrypt=\"$gitlab_letsencrypt\"/" \
+        -e "s/^ *gitlab_letsencrypt_email=.*/gitlab_letsencrypt_email=\"$gitlab_letsencrypt_email\"/" \
             < ${gitlab_debian_conf_private} > ${gitlab_debian_conf_private}.tmp
         mv -f ${gitlab_debian_conf_private}.tmp ${gitlab_debian_conf_private}
 
@@ -222,11 +227,13 @@ case "$1" in
 	    echo "Stopping nginx for letsencrypt..."
 	    invoke-rc.d nginx stop
 	  fi
-
-	  letsencrypt --standalone -d ${GITLAB_HOST} certonly || {
+          db_get gitlab/letsencrypt_email
+          gitlab_letsencrypt_email=$RET
+          LETSENCRYPT_CMD="letsencrypt --standalone --agree-tos -m $gitlab_letsencrypt_email -d ${GITLAB_HOST} certonly"
+          $LETSENCRYPT_CMD || {
 	    echo "letsencrypt auto configuration failed..."
 	    echo "Stop your webserver and try running letsencrypt manually..."
-	    echo "letsencrypt -d ${GITLAB_HOST} certonly" 
+	    echo "$LETSENCRYPT_CMD"
 	  }
         fi 
       fi