From dc032ea1dcbaa33d0ad2281fb500c132106e6136 Mon Sep 17 00:00:00 2001
From: Fernandez Ludovic <ldez@users.noreply.github.com>
Date: Fri, 30 Jan 2026 23:55:22 +0100
Subject: [PATCH] review: one flag for ACME server

---
 cmd/cmd_register.go |  2 +-
 cmd/flags.go        | 45 ++++++++++++++-------------------------------
 cmd/setup.go        |  2 +-
 cmd/storages.go     |  2 +-
 4 files changed, 17 insertions(+), 34 deletions(-)

diff --git a/cmd/cmd_register.go b/cmd/cmd_register.go
index 974d3719c..48fa77f44 100644
--- a/cmd/cmd_register.go
+++ b/cmd/cmd_register.go
@@ -95,7 +95,7 @@ func registerAccount(ctx context.Context, cmd *cli.Command, client *lego.Client)
 			Kid:                  kid,
 			HmacEncoded:          hmacEncoded,
 		})
-	} else if zerossl.IsZeroSSL(getCA(cmd)) {
+	} else if zerossl.IsZeroSSL(cmd.String(flgServer)) {
 		return registration.RegisterWithZeroSSL(ctx, client.Registration, cmd.String(flgEmail))
 	}
 
diff --git a/cmd/flags.go b/cmd/flags.go
index 3b6421196..60ec49d60 100644
--- a/cmd/flags.go
+++ b/cmd/flags.go
@@ -1,6 +1,7 @@
 package cmd
 
 import (
+	"context"
 	"fmt"
 	"log/slog"
 	"os"
@@ -64,7 +65,6 @@ const (
 // Flag names related to the ACME client.
 const (
 	flgServer              = "server"
-	flgServerCode          = "server-code"
 	flgDisableCommonName   = "disable-cn"
 	flgKeyType             = "key-type"
 	flgHTTPTimeout         = "http-timeout"
@@ -159,27 +159,27 @@ const (
 	envPFXFormat   = "LEGO_PFX_FORMAT"
 	envPFXPassword = "LEGO_PFX_PASSWORD"
 	envServer      = "LEGO_SERVER"
-	envServerCode  = "LEGO_SERVER_CODE"
 )
 
 func createACMEClientFlags() []cli.Flag {
 	return []cli.Flag{
 		&cli.StringFlag{
+			// NOTE(ldez): if Required is true, then the default value is not display in the help.
 			Name:    flgServer,
 			Aliases: []string{"s"},
 			Sources: cli.EnvVars(envServer),
-			Usage:   "CA (ACME server) URL. Overrides --ca-code.",
-		},
-		&cli.StringFlag{
-			// NOTE(ldez): if Required is true, then the default value is not display in the help.
-			Name:    flgServerCode,
-			Sources: cli.EnvVars(envServerCode),
-			Usage: fmt.Sprintf("CA (ACME server) code. Shortcode to define the server URL."+
-				"\n\t(available codes: %s)", strings.Join(lego.GetAllCodes(), ", ")),
-			Value: lego.CodeLetsEncrypt,
-			Validator: func(s string) error {
-				_, err := lego.GetDirectoryURL(s)
-				return err
+			Usage: fmt.Sprintf("CA (ACME server). It can be either a URL or a shortcode."+
+				"\n\t(available shortcodes: %s)", strings.Join(lego.GetAllCodes(), ", ")),
+			Value: lego.DirectoryURLLetsEncrypt,
+			Action: func(ctx context.Context, cmd *cli.Command, s string) error {
+				directoryURL, err := lego.GetDirectoryURL(s)
+				if err != nil {
+					log.Debug("Server shortcode not found. Use the value as URL.", slog.String("value", s), log.ErrorAttr(err))
+
+					directoryURL = s
+				}
+
+				return cmd.Set(flgServer, directoryURL)
 			},
 		},
 		&cli.BoolFlag{
@@ -669,23 +669,6 @@ func createPathFlag(forceCreation bool) cli.Flag {
 	}
 }
 
-func getCA(cmd *cli.Command) string {
-	if cmd.String(flgServer) != "" {
-		return cmd.String(flgServer)
-	}
-
-	directoryURL, err := lego.GetDirectoryURL(cmd.String(flgServerCode))
-	if err != nil {
-		// The flag is already validated during flag parsing.
-		log.Debug("Invalid server code, fallback to Let's Encrypt staging server.",
-			slog.String("code", cmd.String(flgServerCode)))
-
-		return lego.DirectoryURLLetsEncryptStaging
-	}
-
-	return directoryURL
-}
-
 // defaultPathValueSource gets the default path based on the current working directory.
 // The field value is only here because clihelp/generator.
 type defaultPathValueSource struct{}
diff --git a/cmd/setup.go b/cmd/setup.go
index 1a65bbe26..b480519d1 100644
--- a/cmd/setup.go
+++ b/cmd/setup.go
@@ -37,7 +37,7 @@ func newClient(cmd *cli.Command, account registration.User, keyType certcrypto.K
 
 func newClientConfig(cmd *cli.Command, account registration.User, keyType certcrypto.KeyType) *lego.Config {
 	config := lego.NewConfig(account)
-	config.CADirURL = getCA(cmd)
+	config.CADirURL = cmd.String(flgServer)
 
 	config.Certificate = lego.CertificateConfig{
 		KeyType:             keyType,
diff --git a/cmd/storages.go b/cmd/storages.go
index 247304109..204ab8a3a 100644
--- a/cmd/storages.go
+++ b/cmd/storages.go
@@ -8,7 +8,7 @@ import (
 func newAccountsStorageConfig(cmd *cli.Command) storage.AccountsStorageConfig {
 	return storage.AccountsStorageConfig{
 		BasePath:  cmd.String(flgPath),
-		Server:    getCA(cmd),
+		Server:    cmd.String(flgServer),
 		UserAgent: getUserAgent(cmd),
 	}
 }