Date: Mon, 9 Sep 2019 19:50:42 +0000 (UTC) From: Alan Somers <asomers@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r511693 - in head/security/py-certbot: . files Message-ID: <201909091950.x89JogYe066394@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: asomers (src committer) Date: Mon Sep 9 19:50:42 2019 New Revision: 511693 URL: https://svnweb.freebsd.org/changeset/ports/511693 Log: security/py-certbot: Add periodic script for renewing certificates PR: 221043 Submitted by: Dmitry Marakasov, asomers, Yasuhiro KIMURA Approved by: koobs (maintainer timeout) Added: head/security/py-certbot/files/500.certbot.in (contents, props changed) Modified: head/security/py-certbot/Makefile head/security/py-certbot/pkg-message Modified: head/security/py-certbot/Makefile ============================================================================== --- head/security/py-certbot/Makefile Mon Sep 9 19:34:59 2019 (r511692) +++ head/security/py-certbot/Makefile Mon Sep 9 19:50:42 2019 (r511693) @@ -3,6 +3,7 @@ PORTNAME= certbot PORTVERSION= ${ACME_VERSION} +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= security python MASTER_SITES= CHEESESHOP @@ -34,9 +35,16 @@ USES= python USE_PYTHON= autoplist concurrent distutils NO_ARCH= yes +SUB_FILES= 500.certbot +PLIST_FILES= etc/periodic/weekly/500.certbot post-patch: @${REINPLACE_CMD} -e 's|/usr/local|${LOCALBASE}|' ${WRKSRC}/certbot/compat/misc.py + +post-install: + ${MKDIR} ${STAGEDIR}${PREFIX}/etc/periodic/weekly + ${INSTALL_SCRIPT} ${WRKDIR}/500.certbot \ + ${STAGEDIR}${PREFIX}/etc/periodic/weekly do-test: @cd ${WRKSRC} && ${PYTHON_CMD} ${PYDISTUTILS_SETUP} test Added: head/security/py-certbot/files/500.certbot.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/py-certbot/files/500.certbot.in Mon Sep 9 19:50:42 2019 (r511693) @@ -0,0 +1,53 @@ +#!/bin/sh +# +# $FreeBSD$ +# +# Automatically renew Let's Encrypt certificates each week +# +# Add the following lines to /etc/periodic.conf: +# +# weekly_certbot_enable (bool): Set to "NO" by default +# weekly_certbot_service (str): If defined, certbot will try to +# shutdown this this service before +# renewing the certificate, and restart +# it afterwards. For example, set to +# "nginx" or "apache24" + +# If there is a global system configuration file, suck it in. +# +if [ -r /etc/defaults/periodic.conf ] +then + . /etc/defaults/periodic.conf + source_periodic_confs +fi + +case "$weekly_certbot_enable" in + [Yy][Ee][Ss]) + echo + echo "Renewing Let's Encrypt certificates:" + + PRE_HOOK="" + POST_HOOK="" + if [ -n "$weekly_certbot_service" ] + then + if service "$weekly_certbot_service" onestatus + then + PRE_HOOK="service $weekly_certbot_service onestop" + POST_HOOK="service $weekly_certbot_service onestart" + fi + fi + + anticongestion + if %%LOCALBASE%%/bin/certbot renew --pre-hook "$PRE_HOOK" \ + --post-hook "$POST_HOOK" \ + --no-random-sleep-on-renew + then + rc=0 + else + rc=1 + fi + ;; + *) rc=0;; +esac + +exit $rc Modified: head/security/py-certbot/pkg-message ============================================================================== --- head/security/py-certbot/pkg-message Mon Sep 9 19:34:59 2019 (r511692) +++ head/security/py-certbot/pkg-message Mon Sep 9 19:50:42 2019 (r511693) @@ -24,6 +24,11 @@ will be made available in the following ports: * Apache plugin: security/py-certbot-apache * Nginx plugin: security/py-certbot-nginx + +In order to automatically renew the certificates, add this line to +/etc/periodic.conf: + + weekly_certbot_enable="YES" EOM } ]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201909091950.x89JogYe066394>