security/acme-client: Rename from letskencrypt, update to 0.1.11

  - Rename security/letskencrypt to security/acme-client
  - Update to 0.1.11
  - Modify periodic and sample scripts to use acme-client
  - Use new 'backup' option by default in renew script

11 files changed, 70 insertions, 70 deletions

diff --git a/security/Makefile b/security/Makefile
index 01906cce1aed..8c8179ad8a93 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -8,6 +8,7 @@
     SUBDIR += R-cran-ROAuth
     SUBDIR += R-cran-digest
     SUBDIR += R-cran-openssl
+    SUBDIR += acme-client
     SUBDIR += aescrypt
     SUBDIR += aespipe
     SUBDIR += afl
@@ -289,7 +290,6 @@
     SUBDIR += lasso
     SUBDIR += lastpass-cli
     SUBDIR += letsencrypt.sh
-    SUBDIR += letskencrypt
     SUBDIR += libadacrypt
     SUBDIR += libargon2
     SUBDIR += libassuan
diff --git a/security/letskencrypt/Makefile b/security/acme-client/Makefile
index e099d167ad33..db308e1880aa 100644
--- a/security/letskencrypt/Makefile
+++ b/security/acme-client/Makefile
@@ -1,11 +1,11 @@
 # Created by: Bernard Spil <brnrd@FreeBSD.org>
 # $FreeBSD$
 
-PORTNAME=	letskencrypt
-PORTVERSION=	0.1.10
+PORTNAME=	acme-client
+PORTVERSION=	0.1.11
 DISTVERSIONPREFIX=	portable-
 CATEGORIES=	security
-MASTER_SITES=	https://kristaps.bsd.lv/letskencrypt/snapshots/ \
+MASTER_SITES=	https://kristaps.bsd.lv/${PORTNAME}/snapshots/ \
 		LOCAL/brnrd
 
 MAINTAINER=	brnrd@FreeBSD.org
@@ -20,22 +20,22 @@ MAKE_ENV=	PREFIX=${STAGEDIR}/${PREFIX}
 
 WWWDIR=		${PREFIX}/www/letsencrypt
 
-SAMPLE_FILES=	letskencrypt.sh.sample deploy.sh.sample
-SUB_FILES=	000.letskencrypt.sh pkg-message ${SAMPLE_FILES}
+SAMPLE_FILES=	acme-client.sh.sample deploy.sh.sample
+SUB_FILES=	000.acme-client.sh pkg-message ${SAMPLE_FILES}
 SUB_LIST=	PORTNAME=${PORTNAME}
 
 PERIODIC_DIRS=	etc/periodic/weekly
-PERIODIC_FILES=	000.letskencrypt.sh
+PERIODIC_FILES=	000.acme-client.sh
 
 post-patch:
 	${REINPLACE_CMD} -e "s|/etc/|${PREFIX}/etc/|" \
 		-e "s|/var/www/letsencrypt|${WWWDIR}|" \
-		${WRKSRC}/main.c ${WRKSRC}/letskencrypt.1
+		${WRKSRC}/main.c ${WRKSRC}/acme-client.1
 
 post-install:
 	${MKDIR} ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS}
 	${INSTALL_SCRIPT} ${WRKDIR}/${PERIODIC_FILES} ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS}/${PERIODIC_FILES}
-	${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/letskencrypt
+	${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/acme-client
 .	for d in etc/ssl/letsencrypt etc/ssl/letsencrypt/private \
 		etc/letsencrypt www/letsencrypt
 		${MKDIR} ${STAGEDIR}${PREFIX}/${d}
diff --git a/security/acme-client/distinfo b/security/acme-client/distinfo
new file mode 100644
index 000000000000..524513e6b78d
--- /dev/null
+++ b/security/acme-client/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1472800677
+SHA256 (acme-client-portable-0.1.11.tgz) = cb197820ad5dbe0f264f96f3b39ba71c295ab07ea6447632ee0f11329dbff126
+SIZE (acme-client-portable-0.1.11.tgz) = 45226
diff --git a/security/acme-client/files/000.acme-client.sh.in b/security/acme-client/files/000.acme-client.sh.in
new file mode 100644
index 000000000000..106fd05cb6d5
--- /dev/null
+++ b/security/acme-client/files/000.acme-client.sh.in
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+if [ -r /etc/defaults/periodic.conf ]
+then
+    . /etc/defaults/periodic.conf
+    source_periodic_confs
+fi
+
+PATH=$PATH:%%LOCALBASE%%/bin:%%LOCALBASE%%/sbin
+export PATH
+
+case "$weekly_acme_client_enable" in
+    [Yy][Ee][Ss])
+	echo
+	echo "Checking Let's Encrypt certificate status:"
+
+	if [ -x "$weekly_acme_client_renewscript" ] ; then
+		$weekly_acme_client_renewscript
+	else
+		if [ -z "$weekly_acme_client_domains" ] ; then
+			weekly_acme-client_domains=$(hostname -f)
+			echo "Using hostname: $weekly_acme_client_domains"
+		fi
+		if [ -n "$weekly_acme_client_challengedir" ] ; then
+			weekly_acme-client_args="$weekly_acme_client_args -C $weekly_acme_client_challengedir"
+		fi
+		%%LOCALBASE%%/bin/acme-client $weekly_acme_client_args $weekly_acme_client_domains
+	fi
+
+	echo "Deploying Let's Encrypt certificates:"
+
+	if [ -x "$weekly_acme_client_deployscript" ] ; then
+		$weekly_acme_client_deployscript
+	else
+		echo 'Skipped, deploy script not set.'
+	fi
+        ;;
+    *)
+        ;;
+esac
diff --git a/security/letskencrypt/files/letskencrypt.sh.sample.in b/security/acme-client/files/acme-client.sh.sample.in
index 7b50871f9809..dc1b7efdf9b0 100644
--- a/security/letskencrypt/files/letskencrypt.sh.sample.in
+++ b/security/acme-client/files/acme-client.sh.sample.in
@@ -5,16 +5,16 @@ SSLDIR="%%PREFIX%%/etc/ssl/letsencrypt"
 DOMAINSFILE="${BASEDIR}/domains.txt"
 CHALLENGEDIR="/usr/jails/http/usr/local/www/.well-known/acme-challenge"
 
-[ ! -d "${SSLDIR}/priv" ] && mkdir -pm700 "${SSLDIR}/private"
+[ ! -d "${SSLDIR}/private" ] && mkdir -pm700 "${SSLDIR}/private"
 
 cat "${DOMAINSFILE}" | while read domain line ; do
    CERTSDIR="${SSLDIR}/${domain}"
    [ ! -d "${CERTSDIR}" ] && mkdir -pm755 "${CERTSDIR}"
    set +e # RC=2 when time to expire > 30 days
-   letskencrypt -C "${CHALLENGEDIR}" \
-                -k "${SSLDIR}/private/${domain}.pem" \
-                -c "${CERTSDIR}" \
-                ${domain} ${line}
+   acme-client -b -C "${CHALLENGEDIR}" \
+               -k "${SSLDIR}/private/${domain}.pem" \
+               -c "${CERTSDIR}" \
+               ${domain} ${line}
    RC=$?
    set -e
    [ $RC -ne 0 -a $RC -ne 2 ] && exit $RC
diff --git a/security/letskencrypt/files/deploy.sh.sample.in b/security/acme-client/files/deploy.sh.sample.in
index 9b44272878aa..9b44272878aa 100644
--- a/security/letskencrypt/files/deploy.sh.sample.in
+++ b/security/acme-client/files/deploy.sh.sample.in
diff --git a/security/letskencrypt/files/pkg-message.in b/security/acme-client/files/pkg-message.in
index e0931f731b91..90a5a00ca2ed 100644
--- a/security/letskencrypt/files/pkg-message.in
+++ b/security/acme-client/files/pkg-message.in
@@ -5,23 +5,23 @@ that you can for renewing and deploying multiple certificates
 In order to run the script regularly to update
 the certificates add this line to /etc/periodic.conf
 
-weekly_letskencrypt_enable="YES"
+weekly_acme_client_enable="YES"
 
 Additionally the following parameters can be added to
 /etc/periodic.conf (showing default values):
 
 To specify the domain name(s) to include in the certificate
-weekly_letskencrypt_domains="$(hostname -f)"
+weekly_acme_client_domains="$(hostname -f)"
 
 To specify the .well-known/acme-challenge directory (full path)
-weekly_letskencrypt_challengedir="/usr/local/www/letsencrypt"
+weekly_acme_client_challengedir="/usr/local/www/letsencrypt"
 
-To set additional letskencrypt arguments (see letskencrypt(1))
-weekly_letskencrypt_args=""
+To set additional acme-client arguments (see acme-client(1))
+weekly_acme_client_args=""
 
 To run a specific script for the renewal (ignore previously set variables)
 allows generating/renewing multiple keys/certificates
-weekly_letskencrypt_renewscript=""%%PREFIX%%/etc/letsencrypt/%%PORTNAME%%.sh"
+weekly_acme_client_renewscript=""%%PREFIX%%/etc/letsencrypt/%%PORTNAME%%.sh"
 
 To run a script after the renewal to deploy changed certs
-weekly_letskencrypt_deployscript="%%PREFIX%%/etc/letsencrypt/deploy.sh"
+weekly_acme_client_deployscript="%%PREFIX%%/etc/letsencrypt/deploy.sh"
diff --git a/security/letskencrypt/pkg-descr b/security/acme-client/pkg-descr
index c3ed40ddff89..92ee37643cf8 100644
--- a/security/letskencrypt/pkg-descr
+++ b/security/acme-client/pkg-descr
@@ -1,5 +1,5 @@
-letskencrypt is a client for Let's Encrypt users, but one designed for
+acme-client is a client for Let's Encrypt users, but one designed for
 security. No Python. No Ruby. No Bash. A straightforward, open source
 implementation in C that isolates each step of the sequence.
 
-WWW: https://kristaps.bsd.lv/letskencrypt/
+WWW: https://kristaps.bsd.lv/acme-client/
diff --git a/security/letskencrypt/pkg-plist b/security/acme-client/pkg-plist
index 89d0ea6b76b0..609809b5dff8 100644
--- a/security/letskencrypt/pkg-plist
+++ b/security/acme-client/pkg-plist
@@ -1,10 +1,10 @@
-bin/letskencrypt
-man/man1/letskencrypt.1.gz
-etc/periodic/weekly/000.letskencrypt.sh
+bin/acme-client
+man/man1/acme-client.1.gz
+etc/periodic/weekly/000.acme-client.sh
 @dir(,,0700) etc/letsencrypt
 @dir(,,0755) etc/ssl
 @dir(,,0755) etc/ssl/letsencrypt
 @dir(,,0700) etc/ssl/letsencrypt/private
 @dir(,www,) %%WWWDIR%%
 @sample etc/letsencrypt/deploy.sh.sample
-@sample etc/letsencrypt/letskencrypt.sh.sample
+@sample etc/letsencrypt/acme-client.sh.sample
diff --git a/security/letskencrypt/distinfo b/security/letskencrypt/distinfo
deleted file mode 100644
index af0b91b21d1a..000000000000
--- a/security/letskencrypt/distinfo
+++ /dev/null
@@ -1,3 +0,0 @@
-TIMESTAMP = 1471626870
-SHA256 (letskencrypt-portable-0.1.10.tgz) = 7e902e2dd087d6137188d8b382190fd0decd67e9e7afbc630e96841e7e369c2e
-SIZE (letskencrypt-portable-0.1.10.tgz) = 44534
diff --git a/security/letskencrypt/files/000.letskencrypt.sh.in b/security/letskencrypt/files/000.letskencrypt.sh.in
deleted file mode 100644
index a5713a18389b..000000000000
--- a/security/letskencrypt/files/000.letskencrypt.sh.in
+++ /dev/null
@@ -1,40 +0,0 @@
-#!/bin/sh
-
-if [ -r /etc/defaults/periodic.conf ]
-then
-    . /etc/defaults/periodic.conf
-    source_periodic_confs
-fi
-
-PATH=$PATH:%%LOCALBASE%%/bin:%%LOCALBASE%%/sbin
-export PATH
-
-case "$weekly_letskencrypt_enable" in
-    [Yy][Ee][Ss])
-	echo
-	echo "Checking Let's Encrypt certificate status:"
-
-	if [ -x "$weekly_letskencrypt_renewscript" ] ; then
-		$weekly_letskencrypt_renewscript
-	else
-		if [ -z "$weekly_letskencrypt_domains" ] ; then
-			weekly_letskencrypt_domains=$(hostname -f)
-			echo "Using hostname: $weekly_letskencrypt_domains"
-		fi
-		if [ -n "$weekly_letskencrypt_challengedir" ] ; then
-			weekly_letskencrypt_args="$weekly_letskencrypt_args -C $weekly_letskencrypt_challengedir"
-		fi
-		%%LOCALBASE%%/bin/letskencrypt $weekly_letskencrypt_args $weekly_letskencrypt_domains
-	fi
-
-	echo "Deploying Let's Encrypt certificates:"
-
-	if [ -x "$weekly_letskencrypt_deployscript" ] ; then
-		$weekly_letskencrypt_deployscript
-	else
-		echo 'Skipped, deploy script not set.'
-	fi
-        ;;
-    *)
-        ;;
-esac