Index: head/security/acme-client/files/000.acme-client.sh.in =================================================================== --- head/security/acme-client/files/000.acme-client.sh.in (revision 421262) +++ head/security/acme-client/files/000.acme-client.sh.in (revision 421263) @@ -1,40 +1,60 @@ #!/bin/sh if [ -r /etc/defaults/periodic.conf ] then . /etc/defaults/periodic.conf source_periodic_confs fi PATH=$PATH:%%LOCALBASE%%/bin:%%LOCALBASE%%/sbin export PATH +case "$weekly_letskencrypt_enable" in + [Yy][Ee][Ss]) + echo '!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!' + echo '!! WARNING: letskencrypt has been renamed to acme-client !!' + echo '!! rename all weekly_letskencrypt_* periodic variables !!' + echo '!! to weekly_acme_client_* in your periodic.conf !!' + echo '!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!' + : ${weekly_acme_client_enable:=$weekly_letskencrypt_enable} + : ${weekly_acme_client_renewscript:=$weekly_letskencrypt_renewscript} + : ${weekly_acme_client_domains:=$weekly_letskencrypt_domains} + : ${weekly_acme_client_challengedir:=$weekly_letskencrypt_challengedir} + : ${weekly_acme_client_args:=$weekly_letskencrypt_args} + : ${weekly_acme_client_deployscript:=$weekly_letskencrypt_deployscript} + ;; + *) + ;; +esac + case "$weekly_acme_client_enable" in [Yy][Ee][Ss]) echo echo "Checking Let's Encrypt certificate status:" + + : ${weekly_acme_client_args:="-b"} if [ -x "$weekly_acme_client_renewscript" ] ; then $weekly_acme_client_renewscript else if [ -z "$weekly_acme_client_domains" ] ; then weekly_acme-client_domains=$(hostname -f) echo "Using hostname: $weekly_acme_client_domains" fi if [ -n "$weekly_acme_client_challengedir" ] ; then weekly_acme-client_args="$weekly_acme_client_args -C $weekly_acme_client_challengedir" fi %%LOCALBASE%%/bin/acme-client $weekly_acme_client_args $weekly_acme_client_domains fi echo "Deploying Let's Encrypt certificates:" if [ -x "$weekly_acme_client_deployscript" ] ; then $weekly_acme_client_deployscript else echo 'Skipped, deploy script not set.' fi ;; *) ;; esac Index: head/security/acme-client/files/pkg-message.in =================================================================== --- head/security/acme-client/files/pkg-message.in (revision 421262) +++ head/security/acme-client/files/pkg-message.in (revision 421263) @@ -1,27 +1,33 @@ +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +!! WARNING: letskencrypt has been renamed to acme-client !! +!! rename all weekly_letskencrypt_* periodic variables !! +!! to weekly_acme_client_* in your periodic.conf !! +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + There are example scripts in -%%PREFIX%%/etc/letsencrypt -that you can for renewing and deploying multiple certificates + %%PREFIX%%/etc/letsencrypt +that you can use for renewing and deploying multiple certificates In order to run the script regularly to update the certificates add this line to /etc/periodic.conf -weekly_acme_client_enable="YES" + weekly_acme_client_enable="YES" Additionally the following parameters can be added to /etc/periodic.conf (showing default values): To specify the domain name(s) to include in the certificate -weekly_acme_client_domains="$(hostname -f)" + weekly_acme_client_domains="$(hostname -f)" To specify the .well-known/acme-challenge directory (full path) -weekly_acme_client_challengedir="/usr/local/www/letsencrypt" + weekly_acme_client_challengedir="%%WWWDIR%%" To set additional acme-client arguments (see acme-client(1)) -weekly_acme_client_args="" + weekly_acme_client_args="-b" To run a specific script for the renewal (ignore previously set variables) allows generating/renewing multiple keys/certificates -weekly_acme_client_renewscript=""%%PREFIX%%/etc/letsencrypt/%%PORTNAME%%.sh" + weekly_acme_client_renewscript=""%%PREFIX%%/etc/letsencrypt/%%PORTNAME%%.sh" To run a script after the renewal to deploy changed certs -weekly_acme_client_deployscript="%%PREFIX%%/etc/letsencrypt/deploy.sh" + weekly_acme_client_deployscript="%%PREFIX%%/etc/letsencrypt/deploy.sh"