Centralize webroot mapping

Use a single file to consolidate all FQDNs and their corresponding webroot mappings.
Allow certbot to look for such a file, include the content, and update it as needed.
If an FQDN is NOT in the current webroot mapping “list”, then proceed (as usual) as if it wasn’t in the renewal.conf file.
When --webroot is specifically requested, update all stored webroot settings in that one single file.

As unique FQDNs should be served from unique document roots, it stands to reason that such a global webroot combination would NOT create a conflict.
In the event a conflict should arise, certbot should stop and make it clear to the end user that they have a conflict in there config and that they should correct it before continuing.

– open for discussion –

Perhaps I’m failing to see it, but could you explain why such a single file is better than just putting the webroot map in the renewal configuration file?

  1. Combining can simplify maintenance.
  2. Creates a single point for modifications.
  3. Conflicting names are easy to spot and correct [this is aimed mainly at Apache].
  4. Help address past (and any future) related bugs in certbot regarding webroot mapping.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.