Date: Sun, 02 Oct 2016 21:15:39 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 213163] [patch] security/acme-client: Support integrated renew/deploy script. Message-ID: <bug-213163-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D213163 Bug ID: 213163 Summary: [patch] security/acme-client: Support integrated renew/deploy script. Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: patch Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: brnrd@freebsd.org Reporter: peterj@FreeBSD.org Flags: maintainer-feedback?(brnrd@freebsd.org) Assignee: brnrd@freebsd.org Keywords: patch Created attachment 175373 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D175373&action= =3Dedit Support disabling deployment stage. The acme-client periodic script supports separate renew and deploy scripts = but does not support an integrated renew/deploy script. The latter makes sense because acme-client provides a return code to indicate whether a certificate was updated but this information is not available to a separate deploy scri= pt. Whilst it's possible to include deploy actions in the renew script, the periodic script always produces a "Deploying Let's Encrypt certificates" message and complains if no deploy script is defined. The latter can be disabled by setting weekly_acme_client_deployscript to a dummy value (eg /usr/bin/true) but the former is misleading if the deployment is part of the renew script. The attached patch supports setting weekly_acme_client_deployscript to "no"= as an indication that the deployment section should be skipped. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-213163-13>