Index: head/security/py-certbot/Makefile
===================================================================
--- head/security/py-certbot/Makefile	(revision 511692)
+++ head/security/py-certbot/Makefile	(revision 511693)
@@ -1,45 +1,53 @@
 # Created by: Kubilay Kocak <koobs@FreeBSD.org>
 # $FreeBSD$
 
 PORTNAME=	certbot
 PORTVERSION=	${ACME_VERSION}
+PORTREVISION=	1
 PORTEPOCH=	1
 CATEGORIES=	security python
 MASTER_SITES=	CHEESESHOP
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
 
 MAINTAINER=	python@FreeBSD.org
 COMMENT=	Let's Encrypt client #'
 
 LICENSE=	APACHE20
 LICENSE_FILE=	${WRKSRC}/LICENSE.txt
 
 RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}acme>=${ACME_VERSION},1:security/py-acme@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}configargparse>=0.9.3:devel/py-configargparse@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}configobj>0:devel/py-configobj@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}cryptography>=1.2.3:security/py-cryptography@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}distro>=1.0.1:sysutils/py-distro@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}josepy>=1.1.0:security/py-josepy@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}parsedatetime>=1.3:devel/py-parsedatetime@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}openssl>0:security/py-openssl@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}pyrfc3339>0:devel/py-pyrfc3339@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}pytz>0:devel/py-pytz@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}setuptools>=1.0:devel/py-setuptools@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}six>0:devel/py-six@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}zope.component>0:devel/py-zope.component@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}zope.interface>0:devel/py-zope.interface@${PY_FLAVOR}
 TEST_DEPENDS=	${PYTHON_PKGNAMEPREFIX}mock>0:devel/py-mock@${PY_FLAVOR}
 
 USES=		python
 USE_PYTHON=	autoplist concurrent distutils
 
 NO_ARCH=	yes
+SUB_FILES=	500.certbot
+PLIST_FILES=	etc/periodic/weekly/500.certbot
 
 post-patch:
 	@${REINPLACE_CMD} -e 's|/usr/local|${LOCALBASE}|' ${WRKSRC}/certbot/compat/misc.py
+
+post-install:
+	${MKDIR} ${STAGEDIR}${PREFIX}/etc/periodic/weekly
+	${INSTALL_SCRIPT} ${WRKDIR}/500.certbot \
+		${STAGEDIR}${PREFIX}/etc/periodic/weekly
 
 do-test:
 	@cd ${WRKSRC} && ${PYTHON_CMD} ${PYDISTUTILS_SETUP} test
 
 .include "${.CURDIR}/../py-acme/version.mk"
 .include <bsd.port.mk>
Index: head/security/py-certbot/files/500.certbot.in
===================================================================
--- head/security/py-certbot/files/500.certbot.in	(nonexistent)
+++ head/security/py-certbot/files/500.certbot.in	(revision 511693)
@@ -0,0 +1,53 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+# Automatically renew Let's Encrypt certificates each week
+#
+# Add the following lines to /etc/periodic.conf:
+#
+# weekly_certbot_enable (bool):	Set to "NO" by default
+# weekly_certbot_service (str):	If defined, certbot will try to
+#					shutdown this this service before
+#					renewing the certificate, and restart
+#					it afterwards.  For example, set to
+#					"nginx" or "apache24"
+
+# If there is a global system configuration file, suck it in.
+#
+if [ -r /etc/defaults/periodic.conf ]
+then
+    . /etc/defaults/periodic.conf
+    source_periodic_confs
+fi
+
+case "$weekly_certbot_enable" in
+    [Yy][Ee][Ss])
+	echo
+	echo "Renewing Let's Encrypt certificates:"
+
+	PRE_HOOK=""
+	POST_HOOK=""
+	if [ -n "$weekly_certbot_service" ]
+	then
+	    if service "$weekly_certbot_service" onestatus
+	    then
+		PRE_HOOK="service $weekly_certbot_service onestop"
+		POST_HOOK="service $weekly_certbot_service onestart"
+	    fi
+	fi
+
+	anticongestion
+	if %%LOCALBASE%%/bin/certbot renew --pre-hook "$PRE_HOOK" \
+	                             --post-hook "$POST_HOOK" \
+	   			     --no-random-sleep-on-renew
+	then
+	    rc=0
+	else
+	    rc=1
+	fi
+	;;
+    *)  rc=0;;
+esac
+
+exit $rc

Property changes on: head/security/py-certbot/files/500.certbot.in
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+FreeBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/security/py-certbot/pkg-message
===================================================================
--- head/security/py-certbot/pkg-message	(revision 511692)
+++ head/security/py-certbot/pkg-message	(revision 511693)
@@ -1,29 +1,34 @@
 [
 { type: install
   message: <<EOM
 This port installs the "standalone" client only, which does not use and
 is not the certbot-auto bootstrap/wrapper script.
 
 The simplest form of usage to obtain certificates is:
 
  # sudo certbot certonly --standalone -d <domain>, [domain2, ... domainN]>
 
 NOTE:
 
 The client requires the ability to bind on TCP port 80 or 443 (depending
 on the --preferred-challenges option used). If a server is running on that
 port, it will need to be temporarily stopped so that the standalone server
 can listen on that port to complete the challenge authentication process.
 
 For more information on the 'standalone' mode, see:
 
   https://certbot.eff.org/docs/using.html#standalone
 
 The certbot plugins to support apache and nginx certificate installation
 will be made available in the following ports:
 
  * Apache plugin: security/py-certbot-apache
  * Nginx plugin: security/py-certbot-nginx
+
+In order to automatically renew the certificates, add this line to
+/etc/periodic.conf:
+
+    weekly_certbot_enable="YES"
 EOM
 }
 ]