From 4bf2ac4fc135858787ca2c9a6d339d30dd09ab95 Mon Sep 17 00:00:00 2001
From: Mark Wooding <mdw@distorted.org.uk>
Date: Fri, 22 Sep 2017 10:39:29 +0100
Subject: [PATCH] Inhibit IPv6, in an attempt to prevent
 `urn:acme:error:badNonce' reports.

---
 bin/make-cert        | 4 ++++
 dehydrated-config.sh | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/bin/make-cert b/bin/make-cert
index fd0cdf5..9dcf15b 100755
--- a/bin/make-cert
+++ b/bin/make-cert
@@ -14,6 +14,10 @@ case $# in 0) ;; *) fail_usage ;; esac
 
 prepare_tmp $tag
 
+## Make sure there's no proxy.  I get `urn:acme:error:badNonce' with high
+## probability if I use IPv6, so avoid rolling the dice.
+unset http_proxy
+
 ## Let's go.
 cert=$home/cert/$tag
 cd $cert
diff --git a/dehydrated-config.sh b/dehydrated-config.sh
index 3dbf84b..985ce24 100644
--- a/dehydrated-config.sh
+++ b/dehydrated-config.sh
@@ -7,4 +7,8 @@ PRIVATE_KEY_RENEW=no
 ACCOUNTDIR=$BASEDIR/etc/account
 LOCKFILE=$BASEDIR/etc/lock
 
+## For some reason, I get `urn:acme:error:badNonce' errors if I try to use
+## IPv6.  This causes sadness.
+IP_VERSION=4
+
 ##CA="https://acme-staging.api.letsencrypt.org/directory"
-- 
2.11.0