Project state?

[bain3]

Hi! I'd just like to ask what the current state of the project is? It does what it's supposed to, but I'd like to know if it is still actively used / if it is maintained. The fork acme-dns-tiny seems a lot more active...

Thanks for this script! I haven't found anything similar to it, and I love that it doesn't use any external packages.

[qyanu]

Hi,

i am in no way related to this project other than i am a user of this software. But in general i would recommend measuring the quality of a project on the basis of known open bugs and number of users [1]. The absence of known bugs might very well be a sign of very good quality. Since it's a project gratis to use, i would not recommend measuring based on it-support (like giving a quick answer to this github issue) or a perceived lack of feature-development [2].

just my two cents, cheers! ~~ qyanu

[1] For the operating system of my choice, popcon gives a very biased view into the number of users: https://qa.debian.org/popcon.php?package=acme-tiny bias includes, that popcon is probably not installed on most hosts running debian; and that maybe some users use other installation methods besides the package.

[2] for example, the unix utility cp does receive very little new features per year. however, it's still a software very useful for its stated purpose.

[bain3]

I completely understand and agree with what you're saying. The thing is that bugs can crop up at any time, maybe the ACME protocol changes, maybe Let's Encrypt starts doing something differently, so I just wanted to know if the project isn't abandoned... if I can reasonably count on it getting updated when something happens.

If not, that's completely fine, and I am still grateful that it is available for free :)

[qyanu]

Yes, i understand and i see a small risk in that. My solution is to have good monitoring in place. And if for some reason the certificates don't get renewed in time, i still have like 7 days to do a quick&dirty-fix and then a real solution. Monitoring of the SSL-certs need to be done anyways, since any configuration in any component might suddenly fail.

However, i observe a reasonable github-issue activity on this project anyways -- so no worries (except maybe when the acme-protocol changes in a big way, but this will distrupt any other software as well).

[Trim]

The fork acme-dns-tiny seems a lot more active...

Hello,

I'm the author of the acme-dns-tiny project. Please note, the acme-dns-tiny project has been created from the acme-tiny project (that's why you see it as a fork), but is a different project working with DNS challenges instead of HTTP ones (challenges are the way a client validate you own the domain).

About the support of both project, the basis of the work is the RFC 8555. So if the protocol needs to evolve, it will take time and won't happen in short term.

Personally, I follow the blog of Let's Encrypt to be aware of midterm updates in their services. You should do the same with your ACME service provider and open issues in your client bug tracker if update is needed.

[diafygi]

Just to chime in here. I still use this project for many servers that I run, and if there is ever a breaking change by Let's Encrypt to cause acme-tiny to stop working, I'll patch it and release a new version. So in that sense, it's still actively maintained.

I just haven't focused on adding new features or expanding scope since it does what I need it to do for my projects. I totally encourage others to fork or add their own features (like @Trim with acme-dns-tiny), and maybe one day I'll dedicate some time to revisiting some of the features or changes that folks have proposed over the years.