integrates :acme with %eyre (receive new domains/orders, install certificates)

app/acme.hoon

@@ -1172,6 +1172,7 @@
 +=  card
   $%  [%hiss wire [~ ~] %httr %hiss hiss:eyre]
       [%well wire path (unit mime)]
+      [%rule wire %cert (unit [wain wain])]
   ==
 :: +nonce-next: next effect to emit upon receiving nonce
 ::
@@ -1501,6 +1502,15 @@
     ?.  ?=(^ rod)      ~|(%no-active-order !!)
     =/  hed  (my accept+['applicate/x-pem-file' ~] ~)
     (emit (request /acme/certificate/(scot %da now.bow) url %get hed ~))
+  :: +install: tell %eyre about our certificate
+  ::
+  ++  install
+    ^+  this
+    ~|  %install-effect-fail
+    ?>  ?=(^ liv)
+    :: XX use pkcs8
+    =/  key=wain  (ring:en:pem:pkcs1 key.u.liv)
+    (emit %rule /install %cert `[key `wain`cer.u.liv])
   :: +get-authz: get next ACME service domain authorization object
   ::
   ++  get-authz
@@ -1743,11 +1753,10 @@
     =/  cer=wain  (to-wain:format q:(need r.rep))
     =/  fig=config
       :: XX expiration date
-      [dom.u.rod key.u.rod cer *@da ego.u.rod]
+      [dom.u.rod key.u.rod cer (add now.bow ~d90) ego.u.rod]
     =?  fig.hit  ?=(^ liv)  [u.liv fig.hit]
-    this(liv `fig, rod ~)
-    :: XX send configuration to eyre
-    :: XX other subscribers?
+    :: XX set renewal timer
+    install:effect(liv `fig, rod ~)
   :: +get-authz: accept ACME service authorization object
   ::
   ++  get-authz
@@ -1864,6 +1873,11 @@
     %finalize-trial  finalize-trial:event
     ::  XX delete-trial?
   ==
+:: +poke-acme-order: create new order for a set of domains
+::
+++  poke-acme-order
+  |=(a=(set turf) abet:(add-order ~(tap in a)))
+:: +poke-noun: for debugging
 ::
 ++  poke-noun
   |=  a=*
@@ -1882,8 +1896,10 @@
     %final  finalize-order:effect
     %poll   check-order:effect
     %our    (add-order /org/urbit/(crip +:(scow %p our.bow)) ~)
+    %rule   install:effect
     %test   test
   ==
+:: +poke-path: for debugging
 ::
 ++  poke-path
   |=(a=path abet:(add-order a ~))

mar/acme/order.hoon

@@ -0,0 +1,9 @@
+::
+::::  /mar/acme/order/hoon
+  ::
+|_  a=(set (list @t))
+++  grab
+  |%
+  ++  noun  (set (list @t))
+  --
+--

sys/vane/eyre.hoon

@@ -671,10 +671,9 @@
         |=(a=host ?>(?=(%& -.a) p.a))
       =/  dif/(set (list @t))  (~(dif in mod) dom)
       =?  dom  ?=(^ dif)  (~(uni in dom) mod)
-      ~&  [%eyre %acme-order dom]
-      :: =?  mow  ?=(^ dif)
-      ::   =/  cmd  [%acme %poke `cage`[%acme-order !>(dom)]]
-      ::   [[hen %pass ~ %g %deal [our our] cmd] mow]
+      =?  mow  ?=(^ dif)
+        =/  cmd  [%acme %poke `cage`[%acme-order !>(dom)]]
+        :_(mow [hen %pass /acme/order %g %deal [our our] cmd])
       %=  +>.$
         ged  hen                                        ::  register external
         mow  :_(mow [hen [%give %form fig]])
@@ -687,10 +686,8 @@
       ?-  -.p.kyz
           $cert
         ?:  =(secure.fig p.p.kyz)  +>.$
-        %=  +>.$
-          secure.fig  p.p.kyz
-          mow         :_(mow [hen [%give %form fig]])
-        ==
+        =.  secure.fig  p.p.kyz
+        +>.$(mow :_(mow [ged [%give %form fig]]))
       ::
           $turf
         =/  mod/(set (list @t))
@@ -698,13 +695,10 @@
             (~(put in dom) q.p.kyz)
           (~(del in dom) q.p.kyz)
         ?:  =(dom mod)  +>.$
-        ~&  [%eyre %acme-order dom]
-        :: =.  mow
-        ::   =/  cmd  [%acme %poke `cage`[%acme-order !>(dom)]]
-        ::   [[hen %pass ~ %g %deal [our our] cmd] mow]
+        =/  cmd  [%acme %poke `cage`[%acme-order !>(mod)]]
         %=  +>.$
           dom  mod
-          mow  :_(mow [hen [%give %form fig]])
+          mow  :_(mow [hen %pass /acme/order %g %deal [our our] cmd])
         ==
       ==
     ::