Date: Fri, 2 Sep 2016 10:31:39 +0000 (UTC) From: Bernard Spil <brnrd@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r421263 - head/security/acme-client/files Message-ID: <201609021031.u82AVdaW063544@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: brnrd Date: Fri Sep 2 10:31:39 2016 New Revision: 421263 URL: https://svnweb.freebsd.org/changeset/ports/421263 Log: security/acme-client: Fall back to letskencrypt periodic vars - Add WARNING to pkg-message for rename - Fall back to weekly_letskencrypt periodic vars - Emit WARNING from periodic when old periodic var is used Reported by: feld Modified: head/security/acme-client/files/000.acme-client.sh.in head/security/acme-client/files/pkg-message.in Modified: head/security/acme-client/files/000.acme-client.sh.in ============================================================================== --- head/security/acme-client/files/000.acme-client.sh.in Fri Sep 2 10:19:05 2016 (r421262) +++ head/security/acme-client/files/000.acme-client.sh.in Fri Sep 2 10:31:39 2016 (r421263) @@ -9,11 +9,31 @@ fi PATH=$PATH:%%LOCALBASE%%/bin:%%LOCALBASE%%/sbin export PATH +case "$weekly_letskencrypt_enable" in + [Yy][Ee][Ss]) + echo '!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!' + echo '!! WARNING: letskencrypt has been renamed to acme-client !!' + echo '!! rename all weekly_letskencrypt_* periodic variables !!' + echo '!! to weekly_acme_client_* in your periodic.conf !!' + echo '!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!' + : ${weekly_acme_client_enable:=$weekly_letskencrypt_enable} + : ${weekly_acme_client_renewscript:=$weekly_letskencrypt_renewscript} + : ${weekly_acme_client_domains:=$weekly_letskencrypt_domains} + : ${weekly_acme_client_challengedir:=$weekly_letskencrypt_challengedir} + : ${weekly_acme_client_args:=$weekly_letskencrypt_args} + : ${weekly_acme_client_deployscript:=$weekly_letskencrypt_deployscript} + ;; + *) + ;; +esac + case "$weekly_acme_client_enable" in [Yy][Ee][Ss]) echo echo "Checking Let's Encrypt certificate status:" + : ${weekly_acme_client_args:="-b"} + if [ -x "$weekly_acme_client_renewscript" ] ; then $weekly_acme_client_renewscript else Modified: head/security/acme-client/files/pkg-message.in ============================================================================== --- head/security/acme-client/files/pkg-message.in Fri Sep 2 10:19:05 2016 (r421262) +++ head/security/acme-client/files/pkg-message.in Fri Sep 2 10:31:39 2016 (r421263) @@ -1,27 +1,33 @@ +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +!! WARNING: letskencrypt has been renamed to acme-client !! +!! rename all weekly_letskencrypt_* periodic variables !! +!! to weekly_acme_client_* in your periodic.conf !! +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + There are example scripts in -%%PREFIX%%/etc/letsencrypt -that you can for renewing and deploying multiple certificates + %%PREFIX%%/etc/letsencrypt +that you can use for renewing and deploying multiple certificates In order to run the script regularly to update the certificates add this line to /etc/periodic.conf -weekly_acme_client_enable="YES" + weekly_acme_client_enable="YES" Additionally the following parameters can be added to /etc/periodic.conf (showing default values): To specify the domain name(s) to include in the certificate -weekly_acme_client_domains="$(hostname -f)" + weekly_acme_client_domains="$(hostname -f)" To specify the .well-known/acme-challenge directory (full path) -weekly_acme_client_challengedir="/usr/local/www/letsencrypt" + weekly_acme_client_challengedir="%%WWWDIR%%" To set additional acme-client arguments (see acme-client(1)) -weekly_acme_client_args="" + weekly_acme_client_args="-b" To run a specific script for the renewal (ignore previously set variables) allows generating/renewing multiple keys/certificates -weekly_acme_client_renewscript=""%%PREFIX%%/etc/letsencrypt/%%PORTNAME%%.sh" + weekly_acme_client_renewscript=""%%PREFIX%%/etc/letsencrypt/%%PORTNAME%%.sh" To run a script after the renewal to deploy changed certs -weekly_acme_client_deployscript="%%PREFIX%%/etc/letsencrypt/deploy.sh" + weekly_acme_client_deployscript="%%PREFIX%%/etc/letsencrypt/deploy.sh"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201609021031.u82AVdaW063544>