diff --git a/src/_certbot b/src/_certbot new file mode 100644 index 0000000..7df0c79 --- /dev/null +++ b/src/_certbot @@ -0,0 +1,262 @@ +#compdef certbot +# ------------------------------------------------------------------------------ +# Copyright (c) 2025 Github zsh-users - https://github.com/zsh-users +# +# Permission is hereby granted, free of charge, to any person obtaining +# a copy of this software and associated documentation files (the +# "Software"), to deal in the Software without restriction, including +# without limitation the rights to use, copy, modify, merge, publish, +# distribute, sublicense, and/or sell copies of the Software, and to +# permit persons to whom the Software is furnished to do so, subject to +# the following conditions: +# +# The above copyright notice and this permission notice shall be included +# in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL +# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. +# ------------------------------------------------------------------------------ +# Description +# ----------- +# +# Completion script for certbot 5.1.0 (https://github.com/certbot/certbot) +# +# ------------------------------------------------------------------------------ +# Authors +# ------- +# +# * Shohei Yoshida (https://github.com/syohex) +# +# ------------------------------------------------------------------------------ + +_certbot() { + typeset -A opt_args + local context state line + local curcontext="$curcontext" + local ret=1 + + _arguments -C -A "-*" \ + '(- *)'{-h,--help}'[Print help message]:topic:_certbot_help_topics' \ + '(- *)--version[Print version and exit]' \ + '1: :_certbot_subcommands' \ + '*::arg:->args' \ + && ret=0 + + case "$state" in + (args) + local -a opts=( + '(- *)'{-h,--help}'[Show help message and exit]' + '(-c --config)'{-c,--config}'[Path to config file]:config_file:_files' + ) + case $words[1] in + (run|certonly|renew|enhance|certificates|delete|reconfigure) + opts+=( + '--cert-name[Certificate name to apply]:name' + ) + ;| + (run|certonly|renew|reconfigure) + opts+=( + '--deploy-hook[Command to be run once for each successfully issued certificate]:hook' + ) + ;| + (run|certonly|renew) + opts+=( + '(-q --quiet)'{-q,--quiet}'[Silence all output except errors]' + '--required-profile[Request the given profile name from the ACME server]:profile' + '--preferred-profile[Request the given profile name from the ACME server]:profile' + '--preferred-chain[Set the preferred certificate chain]:chain' + ) + ;| + (run|certonly|enhance|certificates) + opts+=( + '(-d --domains --domain)'{-d,--domains,--domain}'[Domain names to include]' + ) + ;| + (run|certonly|enhance|register) + opts+=( + '--force-interactive[Force Certbot to be interactive even not in a terminal]' + ) + ;| + (run|certonly|enhance) + opts+=( + '(-n --non-interactive --noninteractive)'{-n,--non-interactive,--noninteractive}'[Run without ever asking for user input]' + ) + ;| + (run|certonly|register) + opts+=( + '--eab-kid[Key identifier for External Account Binding]:eab_kid' + '--eab-hmac-key[HMAC key for External Account Binding]:eab_hmac_key' + '--eab-hmac-alg[HMAC algorithm for External Account Binding(default: HS256)]:algorithm:(HS256 HS384 HS512)' + ) + ;| + (run|certonly) + opts+=( + '(--keep-until-expiring --keep --reinstall)'{--keep-until-expiring,--keep,--reinstall}'[Always keep the existing one until it is due for renewal]' + + '--debug-challenges[After setting up challenges, wait for user input before submitting to CA]' + + '--issuance-timeout[How many seconds Certbot will wait for the server to issue a certificate]:seconds' + '--apache[Obtain and install certificates using Apache]' + '--nginx[Obtain and install certificates using Nginx]' + ) + ;| + (certonly|renew|reconfigure) + opts+=( + '--run-deploy-hooks[run any applicable deploy hooks]' + ) + ;| + (certonly|renew) + opts+=( + "--dry-run[Perform a test run against the Let's Encrypt staging server]" + '--allow-subset-of-names[When performing domain validation, do not consider it a failure]' + '--preferred-challenges[A sorted, comma delimited list of the preferred challenge]:challenges' + ) + ;| + (run|revoke) + opts+=( + '(--test-cert --staging)'{--test-cert,--staging}"[Use the Let's Encrypt staging server to obtain or revoke test]" + ) + ;| + (certonly|revoke) + opts+=( + '--cert-path[Path to where certificate is saved]:cert:_files' + ) + ;| + (certonly|reconfigure) + opts+=( + '--webroot[Obtain certificates by placing files in a webroot directory]' + ) + ;| + (certonly) + opts+=( + '--csr[Path to a Certificate Signing Request (CSR) in DER or PEM format]:csr:_files' + '--standalone[Obtain certificates using a "standalone" webserver]' + '--manual[Provide laborious manual instructions for obtaining a certificate]' + '--dns-cloudflare[Obtain certificates using a Cloudflare DNS TXT record]' + '--dns-digitalocean[Obtain certificates using a DigitalOcean DNS TXT record]' + '--dns-dnsimple[Obtain certificates using a DNSimple DNS TXT record]' + '--dns-dnsmadeeasy[Obtain certificates using a DNS Made Easy DNS TXT record]' + '--dns-gehirn[Obtain certificates using a Gehirn DNS TXT record]' + '--dns-google[Obtain certificates using a Google Cloud DNS TXT record]' + '--dns-linode[Obtain certificates using a Linode DNS TXT record]' + '--dns-luadns[Obtain certificates using a LuaDNS DNS TXT record]' + '--dns-nsone[Obtain certificates using a NS1 DNS TXT record]' + '--dns-ovh[Obtain certificates using a OVH DNS TXT record]' + '--dns-rfc2136[Obtain certificates using a BIND DNS TXT record]' + '--dns-route53[Obtain certificates using a Route53 DNS TXT record]' + '--dns-sakuracloud[Obtain certificates using a Sakura Cloud DNS TXT record]' + ) + ;| + (renew|reconfigure) + opts+=( + '--pre-hook[Command to be run before obtaining any certificates]:pre_hook' + '--post-hook[Command to be run after attempting to obtain/renew certificates]:post_hook' + ) + ;| + (renew) + opts+=( + '(--force-renewal --renew-by-default)'{--force-renewal,--renew-by-default}'[renew now regardless of whether it is near expiry]' + '--disable-hook-validation[Disable command validation for hook commands]' + "--no-directory-hooks[Disable running executables found in Certbot's hook directories]" + '--disable-renew-updates[Disable automatic updates to your server configuration]' + '--no-autorenew[Disable auto renewal of certificates]' + ) + ;| + (enhance) + opts+=( + '--redirect[Automatically redirect all HTTP traffic to HTTPS]' + '--hsts[Add Strict-Transport-Security header to every HTTP response]' + '--uir[Add "Content-Security-Policy: upgrade-insecure-requests" header to every HTTP response]' + '--auto-hsts[Gradually increasing max-age value for HTTP Strict Transport Security security header]' + ) + ;| + (revoke) + opts+=( + '--reason[Specify reason for revoking certificates]:reason:(unspecified keycompromise affiliationchanged superseded cessationofoperation)' + '(--delete-after-revoke --no-delete-after-revoke)--delete-after-revoke[Delete certificates after revoking them]' + '(--delete-after-revoke --no-delete-after-revoke)--no-delete-after-revoke[Do not delete certificates after revoking them]' + '--key-path[Path to private key for certificates instructions or revocation]:key_path:_files' + ) + ;| + (reconfigure) + opts+=( + '(-a --authenticator)'{-a,--authenticator}'[Authenticator plugin name]:plugin' + '(-i --installer)'{-i,--installer}'[Installer plugin name]:plugin' + ) + ;| + (register|unregister|update_account) + opts+=( + '(-m --email)'{-m,--email}'[Email used for registration and recovery contact]:email') + ;| + (register|update_account) + opts+=( + '(--eff-email --no-eff-email)--eff-email[Share your e-mail address with EFF]' + '(--eff-email --no-eff-email)--no-eff-email[Do not share your email address with EFF]' + ) + ;| + (unregister) + opts+=( + '--account[Account ID to use]:account_id' + ) + ;| + (show_account) + opts+=( + '--server[ACME Directory Resource URI]:server' + ) + ;| + esac + + _arguments "$opts[@]" && ret=0 + ;; + esac + + return ret +} + +(( $+functions[_certbot_subcommands] )) || +_certbot_subcommands() { + local -a commands=( + "run:Obtain & install a certificate in your current webserver" + "certonly:Obtain or renew a certificate, but do not install it" + "renew:Renew all previously obtained certificates that are near" + "enhance:Add security enhancements to your existing configuration" + "certificates:Display information about certificates you have from Certbot" + "revoke:Revoke a certificate (supply --cert-name or --cert-path)" + "delete:Delete a certificate (supply --cert-name)" + "reconfigure:Update a certificate's configuration (supply --cert-name)" + "register:Create an ACME account" + "unregister:Deactivate an ACME account" + "update_account:Update an ACME account" + "show_account:Display account details" + ) + _describe -t commands 'command' commands "$@" +} + +(( $+functions[_certbot_help_topics] )) || +_certbot_help_topics() { + local -a topics=( + # topics + all automation commands paths security testing + # subcommands + run certonly renew enhance certificates revoke delete reconfigure register unregister + update_account show_account + # plugins + nginx apache standalone webroot + ) + _values topics $topics +} + +_certbot "$@" + +# Local Variables: +# mode: Shell-Script +# sh-indentation: 2 +# indent-tabs-mode: nil +# sh-basic-offset: 2 +# End: +# vim: ft=zsh sw=2 ts=2 et