From f4b6e14cb9f74d837da2eaff8c563caa20e431ba Mon Sep 17 00:00:00 2001
From: Mechiel Lukkien <mechiel@ueber.net>
Date: Thu, 11 Apr 2024 23:58:40 +0200
Subject: [PATCH] quickstart: if initial address has non-ascii localpart, use
 "postmaster@" for registering with let's encrypt

because let's encrypt won't create an account for contact addresses with non-ascii characters.
we'll get an error message like:

	400 urn:ietf:params:acme:error:invalidContact: Error creating new account :: contact email [\"mailto:...\"] contains non-ASCII characters

found & reported by arnt, thanks!
---
 quickstart.go | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/quickstart.go b/quickstart.go
index c519a24..3748eac 100644
--- a/quickstart.go
+++ b/quickstart.go
@@ -650,15 +650,26 @@ many authentication failures).
 		Hostname:          dnshostname.Name(),
 		AdminPasswordFile: "adminpasswd",
 	}
+
+	// todo: let user specify an alternative fallback address?
+	// Don't attempt to use a non-ascii localpart with Let's Encrypt, it won't work.
+	// Messages to postmaster will get to the account too.
+	var contactEmail string
+	if addr.Localpart.IsInternational() {
+		contactEmail = smtp.Address{Localpart: "postmaster", Domain: addr.Domain}.Pack(false)
+	} else {
+		contactEmail = addr.Pack(false)
+	}
 	if !existingWebserver {
 		sc.ACME = map[string]config.ACME{
 			"letsencrypt": {
 				DirectoryURL:     "https://acme-v02.api.letsencrypt.org/directory",
-				ContactEmail:     args[0], // todo: let user specify an alternative fallback address?
+				ContactEmail:     contactEmail,
 				IssuerDomainName: "letsencrypt.org",
 			},
 		}
 	}
+
 	dataDir := "data" // ../data is relative to config/
 	os.MkdirAll(dataDir, 0770)
 	adminpw := pwgen()