I don’t know what to say other than: “yes it is”?
- Deploy the cert on TrueNAS Core Server
…
If you run acme.sh on a system other than the TrueNAS server then you will need to set the DEPLOY_TRUENAS_HOSTNAME to the IP or Hostname of the TrueNAS server. If the setting “Web Interface HTTP → HTTPS-Redirect” in the TrueNAS web interface is checked then DEPLOY_TRUENAS_SCHEME will be set to https by default.
acme.sh --insecure --deploy -d truenas.example.com --deploy-hook truenas
You use the deploy-hook you want/need. They are all in the deploy directory.
Protocol v script? Wait. What does that have to do with anything (how did the conversation switch to that)? I mean, of course I understand what a protocol is but I don’t understand why you’re asking/talking to me about it.
I honestly don’t know what you mean by readability. …both are ‘easy’?
The first statement is assigning a variable from the result of a (piped) command(s).
The second is assigning a variable to the value of an “array element”.
The statements are fundamentally different in nature (partly because they are two different languages, and each have different methods) but I suppose I can sort of answer to the common thread to both.
Speaking about “programming syntax/method reliability”. On the face, the first one, is typically “less reliable” because there more conditions where _ui_certificate_id
could be not correctly set (like: jq
isn’t on the system or…) so, you’d just need to validate/assert the variable gets assigned properly. In programming you typically employ the “try/catch” method if you can or just use a simple “assert” type function (depends on the language you use).
So you’d use:
MyVariable=$(command)
if assert $MyVariable; then
Most programmers will do these types of checks automatically (becomes second nature). However, it’s worth mentioning that some people try to crunch-down syntax because they have this weird misconception about number of lines being better but for the most part, it’s better to be more descriptive.
In C you get into situations where it’s better to crunch your syntax down into short one-liners (like when using pre-increment vs post-increment) and I think that sort of made people think that crunching down syntax into one liners is better in all languages but in reality, C programmers were/are/can employing different tools to different tasks and some area very elegant. But I certainly do not see the first example you gave as unnecessary crunching (I would have done it the same way) but I would have verified jq
exists and _ui_certificate_id
is valid before it’s used.
The second method about assigning the variable to a list element is more general (broad) depending how cert
is defined but can be just as ‘unreliable’ depending on the programmer. For example if cert
is a struct
/class
/object
then a programmer should typically build these validations into the getters
and setterts
. …this also leads to a very interesting programming problem which I don’t think you’re actually asking or care about so I’ll leave that one alone.
I guess, I’m not really sure what your point is about readability, but those two statements/examples are sort of apples and oranges, and both are readable.
However, generally speaking (if you’re truly wondering about programming methodology to improve your script or something like that), if you want to learn programming, I highly recommend: Structure and Interpretation of Computer Programs (SICP). Very good book/class.
Why do you need a python lib to verify a cert? Isn’t the command something like:
openssl x509 -in <CERT> -text -noout
But?! Why would the deploy script (truenas_ws.sh
, for example) need to verify the cert at all?
Why do you keep switching topics (which is very frustrating!)? I mean I don’t understand the programming syntax/methods sidebar or the protocol sidebar or a cert verification method in a subscript sidebar.