Index: head/security/letsencrypt.sh/Makefile =================================================================== --- head/security/letsencrypt.sh/Makefile (revision 421707) +++ head/security/letsencrypt.sh/Makefile (revision 421708) @@ -1,71 +1,82 @@ # $FreeBSD$ PORTNAME= letsencrypt.sh -PORTVERSION= 0.2.0 +PORTVERSION= 0.3.0 DISTVERSIONPREFIX= v CATEGORIES= security MAINTAINER= sascha@root-login.org COMMENT= Pure BASH/ZSH Lets Encrypt client LICENSE= MIT LICENSE_FILE= ${WRKSRC}/LICENSE RUN_DEPENDS= curl:ftp/curl USE_GITHUB= yes GH_ACCOUNT= lukas2511 OPTIONS_SINGLE= SHELL OPTIONS_SINGLE_SHELL= BASH ZSH BASH_DESC= Use the Bourne Again shell (BASH) ZSH_DESC= Use the Z shell (ZSH) OPTIONS_DEFAULT= BASH NO_ARCH= yes NO_BUILD= yes USES= shebangfix BASH_RUN_DEPENDS= bash:shells/bash ZSH_RUN_DEPENDS= zsh:shells/zsh PERIODIC_DIRS= etc/periodic/weekly PERIODIC_FILES= 000.letsencrypt.sh -PLIST_DIRS= %%ETCDIR%%/.acme-challenges +PLIST_DIRS= %%ETCDIR%%/.acme-challenges \ + www/letsencrypt PLIST_FILES= bin/letsencrypt.sh \ - %%ETCDIR%%/config.sh.example \ + %%ETCDIR%%/config.example \ %%ETCDIR%%/hook.sh.example \ %%ETCDIR%%/domains.txt.example \ ${PERIODIC_DIRS}/000.letsencrypt.sh PORTDOCS_PLIST_FILES= %%PORTDOCS%%%%DOCSDIR%%/README.md SUB_FILES= 000.letsencrypt.sh pkg-message SUB_LIST= PORTNAME=${PORTNAME} PORTDOCS= README.md dns-verification.md domains_txt.md ecc.md hook_chain.md \ - import-from-official-client.md staging.md troubleshooting.md wellknown.md + import-from-official-client.md per-certificate-config.md staging.md \ + troubleshooting.md wellknown.md -SHEBANG_FILES= docs/examples/config.sh.example docs/examples/hook.sh.example letsencrypt.sh +SHEBANG_FILES= docs/examples/hook.sh letsencrypt.sh +post-patch: +. for f in docs/examples/config letsencrypt.sh + ${REINPLACE_CMD} 's|/var/www/letsencrypt|${PREFIX}/www/letsencrypt|' \ + ${WRKSRC}/${f} +. endfor + post-patch-ZSH-on: -. for p in docs/examples/config.sh.example docs/examples/hook.sh.example letsencrypt.sh +. for p in docs/examples/config docs/examples/hook.sh letsencrypt.sh ${REINPLACE_CMD} '1 s/bash/zsh/' ${WRKSRC}/${p} . endfor do-install: @${MKDIR} ${STAGEDIR}${ETCDIR}/.acme-challenges ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS} - ${INSTALL_DATA} ${WRKSRC}/docs/examples/config.sh.example ${STAGEDIR}${ETCDIR}/config.sh.example - ${INSTALL_DATA} ${WRKSRC}/docs/examples/hook.sh.example ${STAGEDIR}${ETCDIR}/hook.sh.example - ${INSTALL_DATA} ${WRKSRC}/docs/examples/domains.txt.example ${STAGEDIR}${ETCDIR}/domains.txt.example + ${INSTALL_DATA} ${WRKSRC}/docs/examples/config ${STAGEDIR}${ETCDIR}/config.example + ${INSTALL_DATA} ${WRKSRC}/docs/examples/hook.sh ${STAGEDIR}${ETCDIR}/hook.sh.example + ${INSTALL_DATA} ${WRKSRC}/docs/examples/domains.txt ${STAGEDIR}${ETCDIR}/domains.txt.example ${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/${PORTNAME} ${INSTALL_SCRIPT} ${WRKDIR}/${PERIODIC_FILES} ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS}/${PERIODIC_FILES} ${MKDIR} ${STAGEDIR}${DOCSDIR} ${INSTALL_MAN} ${WRKSRC}/README.md ${STAGEDIR}${DOCSDIR} . for d in dns-verification domains_txt ecc hook_chain import-from-official-client \ - staging troubleshooting wellknown + per-certificate-config staging troubleshooting wellknown ${INSTALL_MAN} ${WRKSRC}/docs/${d}.md ${STAGEDIR}${DOCSDIR} . endfor + +post-stage: + ${MKDIR} ${STAGEDIR}${PREFIX}/www/letsencrypt .include Index: head/security/letsencrypt.sh/distinfo =================================================================== --- head/security/letsencrypt.sh/distinfo (revision 421707) +++ head/security/letsencrypt.sh/distinfo (revision 421708) @@ -1,3 +1,3 @@ -TIMESTAMP = 1463941305 -SHA256 (lukas2511-letsencrypt.sh-v0.2.0_GH0.tar.gz) = d6e25bbbfa14b87dea4999ecddfd441bbcdc1fd8b3160fa4c4a8ed412ee664e1 -SIZE (lukas2511-letsencrypt.sh-v0.2.0_GH0.tar.gz) = 19314 +TIMESTAMP = 1473333268 +SHA256 (lukas2511-letsencrypt.sh-v0.3.0_GH0.tar.gz) = c04ada782c93082e760c89122c9fdf68802c67c86a38b3fd5a83bb66dc0701d0 +SIZE (lukas2511-letsencrypt.sh-v0.3.0_GH0.tar.gz) = 21530 Index: head/security/letsencrypt.sh/files/000.letsencrypt.sh.in =================================================================== --- head/security/letsencrypt.sh/files/000.letsencrypt.sh.in (revision 421707) +++ head/security/letsencrypt.sh/files/000.letsencrypt.sh.in (revision 421708) @@ -1,35 +1,35 @@ #!/bin/sh if [ -r /etc/defaults/periodic.conf ] then . /etc/defaults/periodic.conf source_periodic_confs fi PATH=$PATH:%%LOCALBASE%%/bin:%%LOCALBASE%%/sbin export PATH case "$weekly_letsencrypt_enable" in [Yy][Ee][Ss]) echo echo "Checking Let's Encrypt certificate status:" if [ -z "$weekly_letsencrypt_user" ] then - %%PREFIX%%/bin/letsencrypt.sh -c + %%PREFIX%%/bin/letsencrypt.sh -c $weekly_letsencrypt_flags else - su -m "$weekly_letsencrypt_user" -c '%%PREFIX%%/bin/letsencrypt.sh -c' + su -m "$weekly_letsencrypt_user" -c "%%PREFIX%%/bin/letsencrypt.sh -c $daily_status_disks_df_flags" fi echo "Deploying Let's Encrypt certificates:" if [ -x "$weekly_letsencrypt_deployscript" ] then $weekly_letsencrypt_deployscript else echo 'Skipped, deploy script not set.' fi ;; *) ;; esac Index: head/security/letsencrypt.sh/files/pkg-message.in =================================================================== --- head/security/letsencrypt.sh/files/pkg-message.in (revision 421707) +++ head/security/letsencrypt.sh/files/pkg-message.in (revision 421708) @@ -1,22 +1,22 @@ To use this script you should copy the examples in %%PREFIX%%/etc/%%PORTNAME%%/ and at least add a domain and a contact mail address. -You should also copy the openssl.cnf.sample file in -%%PREFIX%%/openssl so you won't get warnings about -it missing. - In order to run the script regularly to update the certificates add this line to /etc/periodic.conf weekly_letsencrypt_enable="YES" Additionally the following parameters can be added to /etc/periodic.conf To run the certification renenewal as a different user weekly_letsencrypt_user="_letsencrypt" + To run a script after the renewal (as root) weekly_letsencrypt_deployscript="%%PREFIX%%/etc/%%PORTNAME%%/deploy.sh" + +Additional flags for the periodic run go into +weekly_letsencrypt_flags="-g"