From 76b7d34ddb581a16879bddf153fea22ce6bc2709 Mon Sep 17 00:00:00 2001 From: brnrd Date: Tue, 13 Sep 2016 20:09:17 +0000 Subject: security/dehydrated: Rename from letsencrypt.sh - Add entry to MOVED - Rename/move entry in security/Makefile - Update to 0.3.1 - Replace all filenames and paths containing letsencrypt - Fix error in periodic file (su -m + _flags) - Improve text in periodic file (_deploy) - Add warning to periodic script and pkg-message --- security/dehydrated/Makefile | 82 +++++++++++++++++++++++++++++ security/dehydrated/distinfo | 3 ++ security/dehydrated/files/000.dehydrated.in | 53 +++++++++++++++++++ security/dehydrated/files/pkg-message.in | 29 ++++++++++ security/dehydrated/pkg-descr | 4 ++ 5 files changed, 171 insertions(+) create mode 100644 security/dehydrated/Makefile create mode 100644 security/dehydrated/distinfo create mode 100644 security/dehydrated/files/000.dehydrated.in create mode 100644 security/dehydrated/files/pkg-message.in create mode 100644 security/dehydrated/pkg-descr (limited to 'security/dehydrated') diff --git a/security/dehydrated/Makefile b/security/dehydrated/Makefile new file mode 100644 index 000000000000..fd4444d50677 --- /dev/null +++ b/security/dehydrated/Makefile @@ -0,0 +1,82 @@ +# $FreeBSD$ + +PORTNAME= dehydrated +PORTVERSION= 0.3.1 +DISTVERSIONPREFIX= v +CATEGORIES= security + +MAINTAINER= sascha@root-login.org +COMMENT= Pure BASH/ZSH Lets Encrypt client + +LICENSE= MIT +LICENSE_FILE= ${WRKSRC}/LICENSE + +RUN_DEPENDS= curl:ftp/curl + +USE_GITHUB= yes +GH_ACCOUNT= lukas2511 + +OPTIONS_SINGLE= SHELL +OPTIONS_SINGLE_SHELL= BASH ZSH +BASH_DESC= Use the Bourne Again shell (BASH) +ZSH_DESC= Use the Z shell (ZSH) + +OPTIONS_DEFAULT= BASH + +NO_ARCH= yes +NO_BUILD= yes +USES= shebangfix + +BASH_RUN_DEPENDS= bash:shells/bash +ZSH_RUN_DEPENDS= zsh:shells/zsh + +PERIODIC_DIRS= etc/periodic/weekly +PERIODIC_FILES= 000.dehydrated + +PLIST_DIRS= %%ETCDIR%%/.acme-challenges \ + www/dehydrated +PLIST_FILES= bin/dehydrated \ + %%ETCDIR%%/config.example \ + %%ETCDIR%%/hook.sh.example \ + %%ETCDIR%%/domains.txt.example \ + ${PERIODIC_DIRS}/000.dehydrated +PORTDOCS_PLIST_FILES= %%PORTDOCS%%%%DOCSDIR%%/README.md + +SUB_FILES= 000.dehydrated pkg-message +SUB_LIST= PORTNAME=${PORTNAME} +PORTDOCS= README.md dns-verification.md domains_txt.md ecc.md hook_chain.md \ + import-from-official-client.md per-certificate-config.md staging.md \ + troubleshooting.md wellknown.md + +SHEBANG_FILES= docs/examples/hook.sh dehydrated + +post-patch: +. for f in docs/examples/config dehydrated + ${REINPLACE_CMD} 's|/var/www/dehydrated|${PREFIX}/www/dehydrated|' \ + ${WRKSRC}/${f} +. endfor + +post-patch-ZSH-on: +. for p in docs/examples/config docs/examples/hook.sh dehydrated + ${REINPLACE_CMD} '1 s/bash/zsh/' ${WRKSRC}/${p} +. endfor + +do-install: + @${MKDIR} ${STAGEDIR}${ETCDIR}/.acme-challenges ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS} + ${INSTALL_DATA} ${WRKSRC}/docs/examples/config ${STAGEDIR}${ETCDIR}/config.example + ${INSTALL_DATA} ${WRKSRC}/docs/examples/hook.sh ${STAGEDIR}${ETCDIR}/hook.sh.example + ${INSTALL_DATA} ${WRKSRC}/docs/examples/domains.txt ${STAGEDIR}${ETCDIR}/domains.txt.example + ${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/${PORTNAME} + ${INSTALL_SCRIPT} ${WRKDIR}/${PERIODIC_FILES} ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS}/${PERIODIC_FILES} + + ${MKDIR} ${STAGEDIR}${DOCSDIR} + ${INSTALL_MAN} ${WRKSRC}/README.md ${STAGEDIR}${DOCSDIR} +. for d in dns-verification domains_txt ecc hook_chain import-from-official-client \ + per-certificate-config staging troubleshooting wellknown + ${INSTALL_MAN} ${WRKSRC}/docs/${d}.md ${STAGEDIR}${DOCSDIR} +. endfor + +post-stage: + ${MKDIR} ${STAGEDIR}${PREFIX}/www/dehydrated + +.include diff --git a/security/dehydrated/distinfo b/security/dehydrated/distinfo new file mode 100644 index 000000000000..66df6df6e81f --- /dev/null +++ b/security/dehydrated/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1473795613 +SHA256 (lukas2511-dehydrated-v0.3.1_GH0.tar.gz) = 7c9b9475b442dd19dbc33a26426444054781e14a2f122d2a2405f81093484239 +SIZE (lukas2511-dehydrated-v0.3.1_GH0.tar.gz) = 71375 diff --git a/security/dehydrated/files/000.dehydrated.in b/security/dehydrated/files/000.dehydrated.in new file mode 100644 index 000000000000..c286075de705 --- /dev/null +++ b/security/dehydrated/files/000.dehydrated.in @@ -0,0 +1,53 @@ +#!/bin/sh + +if [ -r /etc/defaults/periodic.conf ] +then + . /etc/defaults/periodic.conf + source_periodic_confs +fi + +PATH=$PATH:%%LOCALBASE%%/bin:%%LOCALBASE%%/sbin +export PATH + +case "$weekly_letsencrypt_enable" in + [Yy][Ee][Ss]) + echo '!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!' + echo '!! WARNING: letsencrypt.sh has been renamed to dehydrated !!' + echo '!! rename all weekly_letsencrypt_* periodic variables !!' + echo '!! to weekly_dehydrated_* in your periodic.conf !!' + echo '|| and mv /usr/local/etc/{letsencrypt,dehydrated} ||' + echo '|| default challenge path has been renamed as well ||' + echo '!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!' + : ${weekly_dehydrated_enable:=$weekly_letsencrypt_enable} + : ${weekly_dehydrated_user:=$weekly_letsencrypt_user} + : ${weekly_dehydrated_flags:=$weekly_letsencrypt_flags} + : ${weekly_dehydrated_deployscript:=$weekly_letsencrypt_deployscript} + ;; + *) + ;; +esac + +case "$weekly_dehydrated_enable" in + [Yy][Ee][Ss]) + echo + echo "Checking Let's Encrypt certificate status:" + + if [ -z "$weekly_dehydrated_user" ] + then + %%PREFIX%%/bin/dehydrated -c $weekly_dehydrated_flags + else + su -m "$weekly_dehydrated_user" -c "%%PREFIX%%/bin/dehydrated" -c $weekly_dehydrated_flags + fi + + echo "Deploying Let's Encrypt certificates:" + + if [ -x "$weekly_dehydrated_deployscript" ] + then + $weekly_dehydrated_deployscript + else + echo 'Skipped, deploy script not set or not executable.' + fi + ;; + *) + ;; +esac diff --git a/security/dehydrated/files/pkg-message.in b/security/dehydrated/files/pkg-message.in new file mode 100644 index 000000000000..fed57d8cdfb3 --- /dev/null +++ b/security/dehydrated/files/pkg-message.in @@ -0,0 +1,29 @@ +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +!! WARNING: letsencrypt.sh has been renamed to dehydrated !! +!! rename all weekly_letsencrypt_* periodic variables !! +!! to weekly_dehydrated_* in your periodic.conf !! +|| and mv /usr/local/etc/{letsencrypt,dehydrated} || +|| default challenge path has been renamed as well || +!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +To use this script you should copy the examples in +%%PREFIX%%/etc/%%PORTNAME%%/ and at least add a +domain and a contact mail address. + +In order to run the script regularly to update +the certificates add this line to /etc/periodic.conf + +weekly_dehydrated_enable="YES" + +Additionally the following parameters can be added to +/etc/periodic.conf + +To run the certification renenewal as a different user +weekly_dehydrated_user="_letsencrypt" + +To run a script after the renewal (as root) +weekly_dehydrated_deployscript="%%PREFIX%%/etc/%%PORTNAME%%/deploy.sh" + +Additional flags for the periodic run go into +weekly_dehydrated_flags="-g" + diff --git a/security/dehydrated/pkg-descr b/security/dehydrated/pkg-descr new file mode 100644 index 000000000000..3088a140e705 --- /dev/null +++ b/security/dehydrated/pkg-descr @@ -0,0 +1,4 @@ +dehydrated is a pure BASH implementation of the ACME +protocol used by Lets Encrypt. + +WWW: https://github.com/lukas2511/dehydrated -- cgit