Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 2 Nov 2016 20:08:33 +0000 (UTC)
From:      Bernard Spil <brnrd@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r425172 - in head: . security/acme-client security/acme-client/files
Message-ID:  <201611022008.uA2K8XbW074472@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: brnrd
Date: Wed Nov  2 20:08:33 2016
New Revision: 425172
URL: https://svnweb.freebsd.org/changeset/ports/425172

Log:
  security/acme-client: Update to 0.1.13
  
    - Update to 0.1.13
    - Modify all configuration paths from letsencrypt to acme
    - Update periodic script to reflect path changes
    - Update sample scripts to reflect path changes
    - Add warning to pkg-message for changed paths
    - Add UPDATING entry for changed paths
    - Remove warning for old periodic.conf variable names
    - Remove warning for letskencrypt rename

Modified:
  head/UPDATING
  head/security/acme-client/Makefile
  head/security/acme-client/distinfo
  head/security/acme-client/files/000.acme-client.sh.in
  head/security/acme-client/files/acme-client.sh.sample.in
  head/security/acme-client/files/deploy.sh.sample.in
  head/security/acme-client/files/pkg-message.in
  head/security/acme-client/pkg-plist

Modified: head/UPDATING
==============================================================================
--- head/UPDATING	Wed Nov  2 19:47:27 2016	(r425171)
+++ head/UPDATING	Wed Nov  2 20:08:33 2016	(r425172)
@@ -5,6 +5,19 @@ they are unavoidable.
 You should get into the habit of checking this file for changes each time
 you update your ports collection, before attempting any port upgrades.
 
+20161102:
+  AFFECTS: users of security/acme-client
+  AUTHOR: brnrd@FreeBSD.org
+
+  The default configuration paths have changed from 'letsencrypt' to
+  'acme'. Rename the directories used accordingly
+
+        mv /usr/local/etc/letsencrypt /usr/local/etc/acme
+        mv /usr/local/etc/ssl/letsencrypt /usr/local/etc/ssl/acme
+        mv /usr/local/www/letsencrypt /usr/local/www/acme
+
+  Check your scripts to ensure proper operation.
+
 20161030:
   AFFECTS: users of mail/squirrelmail
   AUTHOR: adamw@FreeBSD.org

Modified: head/security/acme-client/Makefile
==============================================================================
--- head/security/acme-client/Makefile	Wed Nov  2 19:47:27 2016	(r425171)
+++ head/security/acme-client/Makefile	Wed Nov  2 20:08:33 2016	(r425172)
@@ -2,8 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	acme-client
-PORTVERSION=	0.1.11
-PORTREVISION=	2
+PORTVERSION=	0.1.13
 DISTVERSIONPREFIX=	portable-
 CATEGORIES=	security
 MASTER_SITES=	https://kristaps.bsd.lv/${PORTNAME}/snapshots/ \
@@ -26,7 +25,7 @@ STATIC_ACMECLIENT_EXTRA_PATCHES=	${PATCH
 MAKEFILE=	GNUmakefile
 MAKE_ENV=	PREFIX=${STAGEDIR}/${PREFIX}
 
-WWWDIR=		${PREFIX}/www/letsencrypt
+WWWDIR=		${PREFIX}/www/acme
 
 SAMPLE_FILES=	acme-client.sh.sample deploy.sh.sample
 SUB_FILES=	000.acme-client.sh pkg-message ${SAMPLE_FILES}
@@ -36,20 +35,20 @@ PERIODIC_DIRS=	etc/periodic/weekly
 PERIODIC_FILES=	000.acme-client.sh
 
 post-patch:
-	${REINPLACE_CMD} -e "s|/etc/|${PREFIX}/etc/|" \
-		-e "s|/var/www/letsencrypt|${WWWDIR}|" \
+	${REINPLACE_CMD} -e "s|/etc/|${PREFIX}/etc/|g" \
+		-e "s|/var/www/acme|${WWWDIR}|" \
 		${WRKSRC}/main.c ${WRKSRC}/acme-client.1
 
 post-install:
 	${MKDIR} ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS}
 	${INSTALL_SCRIPT} ${WRKDIR}/${PERIODIC_FILES} ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS}/${PERIODIC_FILES}
 	${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/acme-client
-.	for d in etc/ssl/letsencrypt etc/ssl/letsencrypt/private \
-		etc/letsencrypt www/letsencrypt
+.	for d in etc/ssl/acme etc/ssl/acme/private \
+		etc/acme www/acme
 		${MKDIR} ${STAGEDIR}${PREFIX}/${d}
 .	endfor
 .	for d in ${SAMPLE_FILES}
-		${INSTALL_SCRIPT} ${WRKDIR}/${d} ${STAGEDIR}${PREFIX}/etc/letsencrypt/${d}
+		${INSTALL_SCRIPT} ${WRKDIR}/${d} ${STAGEDIR}${PREFIX}/etc/acme/${d}
 .	endfor
 
 .include <bsd.port.pre.mk>

Modified: head/security/acme-client/distinfo
==============================================================================
--- head/security/acme-client/distinfo	Wed Nov  2 19:47:27 2016	(r425171)
+++ head/security/acme-client/distinfo	Wed Nov  2 20:08:33 2016	(r425172)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1472800677
-SHA256 (acme-client-portable-0.1.11.tgz) = cb197820ad5dbe0f264f96f3b39ba71c295ab07ea6447632ee0f11329dbff126
-SIZE (acme-client-portable-0.1.11.tgz) = 45226
+TIMESTAMP = 1478115236
+SHA256 (acme-client-portable-0.1.13.tgz) = d364e68ef1590783d8e73196185c557b162805fefdbc92edf07289d5b32228c6
+SIZE (acme-client-portable-0.1.13.tgz) = 48641

Modified: head/security/acme-client/files/000.acme-client.sh.in
==============================================================================
--- head/security/acme-client/files/000.acme-client.sh.in	Wed Nov  2 19:47:27 2016	(r425171)
+++ head/security/acme-client/files/000.acme-client.sh.in	Wed Nov  2 20:08:33 2016	(r425172)
@@ -9,24 +9,6 @@ fi
 PATH=$PATH:%%LOCALBASE%%/bin:%%LOCALBASE%%/sbin
 export PATH
 
-case "$weekly_letskencrypt_enable" in
-    [Yy][Ee][Ss])
-        echo '!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!'
-        echo '!! WARNING: letskencrypt has been renamed to acme-client !!'
-        echo '!! rename all weekly_letskencrypt_* periodic variables   !!'
-        echo '!! to         weekly_acme_client_* in your periodic.conf !!'
-        echo '!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!'
-        : ${weekly_acme_client_enable:=$weekly_letskencrypt_enable}
-        : ${weekly_acme_client_renewscript:=$weekly_letskencrypt_renewscript}
-        : ${weekly_acme_client_domains:=$weekly_letskencrypt_domains}
-        : ${weekly_acme_client_challengedir:=$weekly_letskencrypt_challengedir}
-        : ${weekly_acme_client_args:=$weekly_letskencrypt_args}
-        : ${weekly_acme_client_deployscript:=$weekly_letskencrypt_deployscript}
-        ;;
-    *)
-        ;;
-esac
-
 case "$weekly_acme_client_enable" in
     [Yy][Ee][Ss])
 	echo

Modified: head/security/acme-client/files/acme-client.sh.sample.in
==============================================================================
--- head/security/acme-client/files/acme-client.sh.sample.in	Wed Nov  2 19:47:27 2016	(r425171)
+++ head/security/acme-client/files/acme-client.sh.sample.in	Wed Nov  2 20:08:33 2016	(r425172)
@@ -1,7 +1,7 @@
 #!/bin/sh -e
 
-BASEDIR="%%PREFIX%%/etc/letsencrypt"
-SSLDIR="%%PREFIX%%/etc/ssl/letsencrypt"
+BASEDIR="%%PREFIX%%/etc/acme"
+SSLDIR="%%PREFIX%%/etc/ssl/acme"
 DOMAINSFILE="${BASEDIR}/domains.txt"
 CHALLENGEDIR="/usr/jails/http/usr/local/www/.well-known/acme-challenge"
 

Modified: head/security/acme-client/files/deploy.sh.sample.in
==============================================================================
--- head/security/acme-client/files/deploy.sh.sample.in	Wed Nov  2 19:47:27 2016	(r425171)
+++ head/security/acme-client/files/deploy.sh.sample.in	Wed Nov  2 20:08:33 2016	(r425172)
@@ -3,15 +3,15 @@
 set -e
 
 DOMAIN="example.net"
-LEDIR="%%PREFIX%%/etc/ssl/letsencrypt"
+ACMEDIR="%%PREFIX%%/etc/ssl/acme"
 JAILSDIR="/usr/jails"
 TARGETS="mail http"
 for jail in ${targets}; do
   targetdir="${JAILSDIR}/${jail}/etc/ssl"
   # Check if the certificate has changed
-  [[ -z "`diff -rq ${LEDIR}/${domain}/fullchain.pem ${targetdir}/certs/${domain}.pem`" ]] && continue
-  cp -L "${LEDIR}/private/${domain}.pem"   "${targetdir}/priv/${domain}.pem"
-  cp -L "${LEDIR}/${domain}/fullchain.pem" "${targetdir}/certs/${domain}.pem"
+  [[ -z "`diff -rq ${ACMEDIR}/${domain}/fullchain.pem ${targetdir}/certs/${domain}.pem`" ]] && continue
+  cp -L "${ACMEDIR}/private/${domain}.pem"   "${targetdir}/priv/${domain}.pem"
+  cp -L "${ACMEDIR}/${domain}/fullchain.pem" "${targetdir}/certs/${domain}.pem"
   chmod 400 "${targetdir}/priv/${domain}.pem"
   chmod 644 "${targetdir}/certs/${domain}.pem"
   # Restart/-load relevant services
@@ -25,9 +25,9 @@ done
 #for jail in ${targets}; do
 #  targetdir="${JAILSDIR}/${jail}/etc/ssl"
 #  # Check if the certificate has changed
-#  [[ -z "`diff -rq ${LEDIR}/${domain}/fullchain.pem ${targetdir}/certs/${domain}.pem`" ]] && continue
-#  cp -L "${LEDIR}/private/${domain}.pem"   "${targetdir}/priv/${domain}.pem"
-#  cp -L "${LEDIR}/${domain}/fullchain.pem" "${targetdir}/certs/${domain}.pem"
+#  [[ -z "`diff -rq ${ACMEDIR}/${domain}/fullchain.pem ${targetdir}/certs/${domain}.pem`" ]] && continue
+#  cp -L "${ACMEDIR}/private/${domain}.pem"   "${targetdir}/priv/${domain}.pem"
+#  cp -L "${ACMEDIR}/${domain}/fullchain.pem" "${targetdir}/certs/${domain}.pem"
 #  chmod 400 "${targetdir}/priv/${domain}.pem"
 #  chmod 644 "${targetdir}/certs/${domain}.pem"
 #  # Restart/-load relevant services

Modified: head/security/acme-client/files/pkg-message.in
==============================================================================
--- head/security/acme-client/files/pkg-message.in	Wed Nov  2 19:47:27 2016	(r425171)
+++ head/security/acme-client/files/pkg-message.in	Wed Nov  2 20:08:33 2016	(r425172)
@@ -1,11 +1,14 @@
-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-!! WARNING: letskencrypt has been renamed to acme-client !!
-!! rename all weekly_letskencrypt_* periodic variables   !!
-!! to         weekly_acme_client_* in your periodic.conf !!
-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!! WARNING: The default configuration paths have changed,    !!
+!! rename                                                    !!
+!! /usr/local/www/letsencrypt to /usr/local/www/acme,        !!
+!! /usr/local/etc/letsencrypt to /usr/local/etc/acme and     !!
+!! /usr/local/etc/ssl/letsencrypt to /usr/local/etc/ssl/acme !!
+!! and verify paths in your scripts                          !!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
 There are example scripts in
-    %%PREFIX%%/etc/letsencrypt
+    %%PREFIX%%/etc/acme
 that you can use for renewing and deploying multiple certificates
 
 In order to run the script regularly to update
@@ -27,7 +30,7 @@ To set additional acme-client arguments 
 
 To run a specific script for the renewal (ignore previously set variables)
 allows generating/renewing multiple keys/certificates
-    weekly_acme_client_renewscript=""%%PREFIX%%/etc/letsencrypt/%%PORTNAME%%.sh"
+    weekly_acme_client_renewscript=""%%PREFIX%%/etc/acme/%%PORTNAME%%.sh"
 
 To run a script after the renewal to deploy changed certs
-    weekly_acme_client_deployscript="%%PREFIX%%/etc/letsencrypt/deploy.sh"
+    weekly_acme_client_deployscript="%%PREFIX%%/etc/acme/deploy.sh"

Modified: head/security/acme-client/pkg-plist
==============================================================================
--- head/security/acme-client/pkg-plist	Wed Nov  2 19:47:27 2016	(r425171)
+++ head/security/acme-client/pkg-plist	Wed Nov  2 20:08:33 2016	(r425172)
@@ -1,10 +1,10 @@
 bin/acme-client
 man/man1/acme-client.1.gz
 etc/periodic/weekly/000.acme-client.sh
-@dir(,,0700) etc/letsencrypt
+@dir(,,0700) etc/acme
 @dir(,,0755) etc/ssl
-@dir(,,0755) etc/ssl/letsencrypt
-@dir(,,0700) etc/ssl/letsencrypt/private
+@dir(,,0755) etc/ssl/acme
+@dir(,,0700) etc/ssl/acme/private
 @dir(,www,) %%WWWDIR%%
-@sample etc/letsencrypt/deploy.sh.sample
-@sample etc/letsencrypt/acme-client.sh.sample
+@sample etc/acme/deploy.sh.sample
+@sample etc/acme/acme-client.sh.sample



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201611022008.uA2K8XbW074472>