Date: Fri, 2 Sep 2016 09:09:42 +0000 (UTC) From: Bernard Spil <brnrd@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r421258 - in head: . security security/acme-client security/acme-client/files security/letskencrypt Message-ID: <201609020909.u8299g7U031925@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: brnrd Date: Fri Sep 2 09:09:42 2016 New Revision: 421258 URL: https://svnweb.freebsd.org/changeset/ports/421258 Log: security/acme-client: Rename from letskencrypt, update to 0.1.11 - Rename security/letskencrypt to security/acme-client - Update to 0.1.11 - Modify periodic and sample scripts to use acme-client - Use new 'backup' option by default in renew script Added: head/security/acme-client/ - copied from r421257, head/security/letskencrypt/ head/security/acme-client/files/000.acme-client.sh.in - copied, changed from r421257, head/security/letskencrypt/files/000.letskencrypt.sh.in head/security/acme-client/files/acme-client.sh.sample.in - copied, changed from r421257, head/security/letskencrypt/files/letskencrypt.sh.sample.in Deleted: head/security/acme-client/files/000.letskencrypt.sh.in head/security/acme-client/files/letskencrypt.sh.sample.in head/security/letskencrypt/ Modified: head/MOVED head/security/Makefile head/security/acme-client/Makefile head/security/acme-client/distinfo head/security/acme-client/files/pkg-message.in head/security/acme-client/pkg-descr head/security/acme-client/pkg-plist Modified: head/MOVED ============================================================================== --- head/MOVED Fri Sep 2 09:01:25 2016 (r421257) +++ head/MOVED Fri Sep 2 09:09:42 2016 (r421258) @@ -8622,3 +8622,4 @@ net-mgmt/netams||2016-08-18|Has expired: emulators/kqemu-kmod||2016-08-26|Not supported in any qemu version anymore emulators/kqemu-kmod-devel||2016-08-26|Not supported in any qemu version anymore www/varnish-libvmod-saintmode|www/varnish-modules|2016-09-01|Upstream moved this module into the varnish-modules collection +security/letskencrypt|security/acme-client|2016-09-02|Upstream renamed the project Modified: head/security/Makefile ============================================================================== --- head/security/Makefile Fri Sep 2 09:01:25 2016 (r421257) +++ head/security/Makefile Fri Sep 2 09:09:42 2016 (r421258) @@ -8,6 +8,7 @@ SUBDIR += R-cran-ROAuth SUBDIR += R-cran-digest SUBDIR += R-cran-openssl + SUBDIR += acme-client SUBDIR += aescrypt SUBDIR += aespipe SUBDIR += afl @@ -289,7 +290,6 @@ SUBDIR += lasso SUBDIR += lastpass-cli SUBDIR += letsencrypt.sh - SUBDIR += letskencrypt SUBDIR += libadacrypt SUBDIR += libargon2 SUBDIR += libassuan Modified: head/security/acme-client/Makefile ============================================================================== --- head/security/letskencrypt/Makefile Fri Sep 2 09:01:25 2016 (r421257) +++ head/security/acme-client/Makefile Fri Sep 2 09:09:42 2016 (r421258) @@ -1,11 +1,11 @@ # Created by: Bernard Spil <brnrd@FreeBSD.org> # $FreeBSD$ -PORTNAME= letskencrypt -PORTVERSION= 0.1.10 +PORTNAME= acme-client +PORTVERSION= 0.1.11 DISTVERSIONPREFIX= portable- CATEGORIES= security -MASTER_SITES= https://kristaps.bsd.lv/letskencrypt/snapshots/ \ +MASTER_SITES= https://kristaps.bsd.lv/${PORTNAME}/snapshots/ \ LOCAL/brnrd MAINTAINER= brnrd@FreeBSD.org @@ -20,22 +20,22 @@ MAKE_ENV= PREFIX=${STAGEDIR}/${PREFIX} WWWDIR= ${PREFIX}/www/letsencrypt -SAMPLE_FILES= letskencrypt.sh.sample deploy.sh.sample -SUB_FILES= 000.letskencrypt.sh pkg-message ${SAMPLE_FILES} +SAMPLE_FILES= acme-client.sh.sample deploy.sh.sample +SUB_FILES= 000.acme-client.sh pkg-message ${SAMPLE_FILES} SUB_LIST= PORTNAME=${PORTNAME} PERIODIC_DIRS= etc/periodic/weekly -PERIODIC_FILES= 000.letskencrypt.sh +PERIODIC_FILES= 000.acme-client.sh post-patch: ${REINPLACE_CMD} -e "s|/etc/|${PREFIX}/etc/|" \ -e "s|/var/www/letsencrypt|${WWWDIR}|" \ - ${WRKSRC}/main.c ${WRKSRC}/letskencrypt.1 + ${WRKSRC}/main.c ${WRKSRC}/acme-client.1 post-install: ${MKDIR} ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS} ${INSTALL_SCRIPT} ${WRKDIR}/${PERIODIC_FILES} ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS}/${PERIODIC_FILES} - ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/letskencrypt + ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/acme-client . for d in etc/ssl/letsencrypt etc/ssl/letsencrypt/private \ etc/letsencrypt www/letsencrypt ${MKDIR} ${STAGEDIR}${PREFIX}/${d} Modified: head/security/acme-client/distinfo ============================================================================== --- head/security/letskencrypt/distinfo Fri Sep 2 09:01:25 2016 (r421257) +++ head/security/acme-client/distinfo Fri Sep 2 09:09:42 2016 (r421258) @@ -1,3 +1,3 @@ -TIMESTAMP = 1471626870 -SHA256 (letskencrypt-portable-0.1.10.tgz) = 7e902e2dd087d6137188d8b382190fd0decd67e9e7afbc630e96841e7e369c2e -SIZE (letskencrypt-portable-0.1.10.tgz) = 44534 +TIMESTAMP = 1472800677 +SHA256 (acme-client-portable-0.1.11.tgz) = cb197820ad5dbe0f264f96f3b39ba71c295ab07ea6447632ee0f11329dbff126 +SIZE (acme-client-portable-0.1.11.tgz) = 45226 Copied and modified: head/security/acme-client/files/000.acme-client.sh.in (from r421257, head/security/letskencrypt/files/000.letskencrypt.sh.in) ============================================================================== --- head/security/letskencrypt/files/000.letskencrypt.sh.in Fri Sep 2 09:01:25 2016 (r421257, copy source) +++ head/security/acme-client/files/000.acme-client.sh.in Fri Sep 2 09:09:42 2016 (r421258) @@ -9,28 +9,28 @@ fi PATH=$PATH:%%LOCALBASE%%/bin:%%LOCALBASE%%/sbin export PATH -case "$weekly_letskencrypt_enable" in +case "$weekly_acme_client_enable" in [Yy][Ee][Ss]) echo echo "Checking Let's Encrypt certificate status:" - if [ -x "$weekly_letskencrypt_renewscript" ] ; then - $weekly_letskencrypt_renewscript + if [ -x "$weekly_acme_client_renewscript" ] ; then + $weekly_acme_client_renewscript else - if [ -z "$weekly_letskencrypt_domains" ] ; then - weekly_letskencrypt_domains=$(hostname -f) - echo "Using hostname: $weekly_letskencrypt_domains" + if [ -z "$weekly_acme_client_domains" ] ; then + weekly_acme-client_domains=$(hostname -f) + echo "Using hostname: $weekly_acme_client_domains" fi - if [ -n "$weekly_letskencrypt_challengedir" ] ; then - weekly_letskencrypt_args="$weekly_letskencrypt_args -C $weekly_letskencrypt_challengedir" + if [ -n "$weekly_acme_client_challengedir" ] ; then + weekly_acme-client_args="$weekly_acme_client_args -C $weekly_acme_client_challengedir" fi - %%LOCALBASE%%/bin/letskencrypt $weekly_letskencrypt_args $weekly_letskencrypt_domains + %%LOCALBASE%%/bin/acme-client $weekly_acme_client_args $weekly_acme_client_domains fi echo "Deploying Let's Encrypt certificates:" - if [ -x "$weekly_letskencrypt_deployscript" ] ; then - $weekly_letskencrypt_deployscript + if [ -x "$weekly_acme_client_deployscript" ] ; then + $weekly_acme_client_deployscript else echo 'Skipped, deploy script not set.' fi Copied and modified: head/security/acme-client/files/acme-client.sh.sample.in (from r421257, head/security/letskencrypt/files/letskencrypt.sh.sample.in) ============================================================================== --- head/security/letskencrypt/files/letskencrypt.sh.sample.in Fri Sep 2 09:01:25 2016 (r421257, copy source) +++ head/security/acme-client/files/acme-client.sh.sample.in Fri Sep 2 09:09:42 2016 (r421258) @@ -5,16 +5,16 @@ SSLDIR="%%PREFIX%%/etc/ssl/letsencrypt" DOMAINSFILE="${BASEDIR}/domains.txt" CHALLENGEDIR="/usr/jails/http/usr/local/www/.well-known/acme-challenge" -[ ! -d "${SSLDIR}/priv" ] && mkdir -pm700 "${SSLDIR}/private" +[ ! -d "${SSLDIR}/private" ] && mkdir -pm700 "${SSLDIR}/private" cat "${DOMAINSFILE}" | while read domain line ; do CERTSDIR="${SSLDIR}/${domain}" [ ! -d "${CERTSDIR}" ] && mkdir -pm755 "${CERTSDIR}" set +e # RC=2 when time to expire > 30 days - letskencrypt -C "${CHALLENGEDIR}" \ - -k "${SSLDIR}/private/${domain}.pem" \ - -c "${CERTSDIR}" \ - ${domain} ${line} + acme-client -b -C "${CHALLENGEDIR}" \ + -k "${SSLDIR}/private/${domain}.pem" \ + -c "${CERTSDIR}" \ + ${domain} ${line} RC=$? set -e [ $RC -ne 0 -a $RC -ne 2 ] && exit $RC Modified: head/security/acme-client/files/pkg-message.in ============================================================================== --- head/security/letskencrypt/files/pkg-message.in Fri Sep 2 09:01:25 2016 (r421257) +++ head/security/acme-client/files/pkg-message.in Fri Sep 2 09:09:42 2016 (r421258) @@ -5,23 +5,23 @@ that you can for renewing and deploying In order to run the script regularly to update the certificates add this line to /etc/periodic.conf -weekly_letskencrypt_enable="YES" +weekly_acme_client_enable="YES" Additionally the following parameters can be added to /etc/periodic.conf (showing default values): To specify the domain name(s) to include in the certificate -weekly_letskencrypt_domains="$(hostname -f)" +weekly_acme_client_domains="$(hostname -f)" To specify the .well-known/acme-challenge directory (full path) -weekly_letskencrypt_challengedir="/usr/local/www/letsencrypt" +weekly_acme_client_challengedir="/usr/local/www/letsencrypt" -To set additional letskencrypt arguments (see letskencrypt(1)) -weekly_letskencrypt_args="" +To set additional acme-client arguments (see acme-client(1)) +weekly_acme_client_args="" To run a specific script for the renewal (ignore previously set variables) allows generating/renewing multiple keys/certificates -weekly_letskencrypt_renewscript=""%%PREFIX%%/etc/letsencrypt/%%PORTNAME%%.sh" +weekly_acme_client_renewscript=""%%PREFIX%%/etc/letsencrypt/%%PORTNAME%%.sh" To run a script after the renewal to deploy changed certs -weekly_letskencrypt_deployscript="%%PREFIX%%/etc/letsencrypt/deploy.sh" +weekly_acme_client_deployscript="%%PREFIX%%/etc/letsencrypt/deploy.sh" Modified: head/security/acme-client/pkg-descr ============================================================================== --- head/security/letskencrypt/pkg-descr Fri Sep 2 09:01:25 2016 (r421257) +++ head/security/acme-client/pkg-descr Fri Sep 2 09:09:42 2016 (r421258) @@ -1,5 +1,5 @@ -letskencrypt is a client for Let's Encrypt users, but one designed for +acme-client is a client for Let's Encrypt users, but one designed for security. No Python. No Ruby. No Bash. A straightforward, open source implementation in C that isolates each step of the sequence. -WWW: https://kristaps.bsd.lv/letskencrypt/ +WWW: https://kristaps.bsd.lv/acme-client/ Modified: head/security/acme-client/pkg-plist ============================================================================== --- head/security/letskencrypt/pkg-plist Fri Sep 2 09:01:25 2016 (r421257) +++ head/security/acme-client/pkg-plist Fri Sep 2 09:09:42 2016 (r421258) @@ -1,10 +1,10 @@ -bin/letskencrypt -man/man1/letskencrypt.1.gz -etc/periodic/weekly/000.letskencrypt.sh +bin/acme-client +man/man1/acme-client.1.gz +etc/periodic/weekly/000.acme-client.sh @dir(,,0700) etc/letsencrypt @dir(,,0755) etc/ssl @dir(,,0755) etc/ssl/letsencrypt @dir(,,0700) etc/ssl/letsencrypt/private @dir(,www,) %%WWWDIR%% @sample etc/letsencrypt/deploy.sh.sample -@sample etc/letsencrypt/letskencrypt.sh.sample +@sample etc/letsencrypt/acme-client.sh.sample
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201609020909.u8299g7U031925>