Attachment #174531 for bug #212485




# $FreeBSD: head/security/letsencrypt.sh/Makefile 418767 2016-07-19 11:04:13Z mat $

PORTNAME=	letsencrypt.sh
PORTVERSION=	0.3.0
DISTVERSIONPREFIX=	v
CATEGORIES=	security


PERIODIC_DIRS=	etc/periodic/weekly
PERIODIC_FILES=	000.letsencrypt.sh

PLIST_DIRS=	%%ETCDIR%%/.acme-challenges \
		www/letsencrypt
PLIST_FILES=	bin/letsencrypt.sh \
		%%ETCDIR%%/config.example \
		%%ETCDIR%%/hook.sh.example \
		%%ETCDIR%%/domains.txt.example \
		${PERIODIC_DIRS}/000.letsencrypt.sh

SUB_FILES=	000.letsencrypt.sh pkg-message
SUB_LIST=	PORTNAME=${PORTNAME}
PORTDOCS=	README.md dns-verification.md domains_txt.md ecc.md hook_chain.md \
		import-from-official-client.md per-certificate-config.md staging.md \
		troubleshooting.md wellknown.md

SHEBANG_FILES=	docs/examples/hook.sh letsencrypt.sh

post-patch:
.	for f in docs/examples/config letsencrypt.sh
		${REINPLACE_CMD} 's|/var/www/letsencrypt|${PREFIX}/www/letsencrypt|' \
		    ${WRKSRC}/${f}
.	endfor

post-patch-ZSH-on:
.	for p in docs/examples/config docs/examples/hook.sh letsencrypt.sh
		${REINPLACE_CMD} '1 s/bash/zsh/' ${WRKSRC}/${p}
.	endfor

do-install:
	@${MKDIR} ${STAGEDIR}${ETCDIR}/.acme-challenges ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS}
	${INSTALL_DATA} ${WRKSRC}/docs/examples/config ${STAGEDIR}${ETCDIR}/config.example
	${INSTALL_DATA} ${WRKSRC}/docs/examples/hook.sh ${STAGEDIR}${ETCDIR}/hook.sh.example
	${INSTALL_DATA} ${WRKSRC}/docs/examples/domains.txt ${STAGEDIR}${ETCDIR}/domains.txt.example
	${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/${PORTNAME}
	${INSTALL_SCRIPT} ${WRKDIR}/${PERIODIC_FILES} ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS}/${PERIODIC_FILES}

	${MKDIR} ${STAGEDIR}${DOCSDIR}
	${INSTALL_MAN} ${WRKSRC}/README.md ${STAGEDIR}${DOCSDIR}
.	for d in dns-verification domains_txt ecc hook_chain import-from-official-client \
		per-certificate-config staging troubleshooting wellknown
		${INSTALL_MAN} ${WRKSRC}/docs/${d}.md ${STAGEDIR}${DOCSDIR}
.	endfor

post-stage:
	${MKDIR} ${STAGEDIR}${PREFIX}/www/letsencrypt

.include <bsd.port.mk>

Lines 1-3 Link Here

(-)letsencrypt.sh/distinfo (-3 / +3 lines)
1	TIMESTAMP = 1463941305	1	TIMESTAMP = 1473333268
2	SHA256 (lukas2511-letsencrypt.sh-v0.2.0_GH0.tar.gz) = d6e25bbbfa14b87dea4999ecddfd441bbcdc1fd8b3160fa4c4a8ed412ee664e1	2	SHA256 (lukas2511-letsencrypt.sh-v0.3.0_GH0.tar.gz) = c04ada782c93082e760c89122c9fdf68802c67c86a38b3fd5a83bb66dc0701d0
3	SIZE (lukas2511-letsencrypt.sh-v0.2.0_GH0.tar.gz) = 19314	3	SIZE (lukas2511-letsencrypt.sh-v0.3.0_GH0.tar.gz) = 21530

Lines 16-24 Link Here

(-)letsencrypt.sh/files/000.letsencrypt.sh.in (-2 / +2 lines)
16		16
17	if [ -z "$weekly_letsencrypt_user" ]	17	if [ -z "$weekly_letsencrypt_user" ]
18	then	18	then
19	%%PREFIX%%/bin/letsencrypt.sh -c	19	%%PREFIX%%/bin/letsencrypt.sh -c $weekly_letsencrypt_flags
20	else	20	else
21	su -m "$weekly_letsencrypt_user" -c '%%PREFIX%%/bin/letsencrypt.sh -c'	21	su -m "$weekly_letsencrypt_user" -c "%%PREFIX%%/bin/letsencrypt.sh -c $daily_status_disks_df_flags"
22	fi	22	fi
23		23
24	echo "Deploying Let's Encrypt certificates:"	24	echo "Deploying Let's Encrypt certificates:"




%%PREFIX%%/etc/%%PORTNAME%%/ and at least add a
domain and a contact mail address.

You should also copy the openssl.cnf.sample file in
%%PREFIX%%/openssl so you won't get warnings about
it missing.

In order to run the script regularly to update
the certificates add this line to /etc/periodic.conf



To run the certification renenewal as a different user
weekly_letsencrypt_user="_letsencrypt"

To run a script after the renewal (as root)
weekly_letsencrypt_deployscript="%%PREFIX%%/etc/%%PORTNAME%%/deploy.sh"

Additional flags for the periodic run go into
weekly_letsencrypt_flags="-g"


Return to bug 212485

Lines 1-7 Link Here

(-)letsencrypt.sh/Makefile (-10 / +21 lines)
1	# $FreeBSD: head/security/letsencrypt.sh/Makefile 418767 2016-07-19 11:04:13Z mat $	1	# $FreeBSD: head/security/letsencrypt.sh/Makefile 418767 2016-07-19 11:04:13Z mat $
2		2
3	PORTNAME= letsencrypt.sh	3	PORTNAME= letsencrypt.sh
4	PORTVERSION= 0.2.0	4	PORTVERSION= 0.3.0
5	DISTVERSIONPREFIX= v	5	DISTVERSIONPREFIX= v
6	CATEGORIES= security	6	CATEGORIES= security
7		7
Lines 33-41 Link Here
33	PERIODIC_DIRS= etc/periodic/weekly	33	PERIODIC_DIRS= etc/periodic/weekly
34	PERIODIC_FILES= 000.letsencrypt.sh	34	PERIODIC_FILES= 000.letsencrypt.sh
35		35
36	PLIST_DIRS= %%ETCDIR%%/.acme-challenges	36	PLIST_DIRS= %%ETCDIR%%/.acme-challenges \
		37	www/letsencrypt
37	PLIST_FILES= bin/letsencrypt.sh \	38	PLIST_FILES= bin/letsencrypt.sh \
38	%%ETCDIR%%/config.sh.example \	39	%%ETCDIR%%/config.example \
39	%%ETCDIR%%/hook.sh.example \	40	%%ETCDIR%%/hook.sh.example \
40	%%ETCDIR%%/domains.txt.example \	41	%%ETCDIR%%/domains.txt.example \
41	${PERIODIC_DIRS}/000.letsencrypt.sh	42	${PERIODIC_DIRS}/000.letsencrypt.sh
Lines 44-71 Link Here
44	SUB_FILES= 000.letsencrypt.sh pkg-message	45	SUB_FILES= 000.letsencrypt.sh pkg-message
45	SUB_LIST= PORTNAME=${PORTNAME}	46	SUB_LIST= PORTNAME=${PORTNAME}
46	PORTDOCS= README.md dns-verification.md domains_txt.md ecc.md hook_chain.md \	47	PORTDOCS= README.md dns-verification.md domains_txt.md ecc.md hook_chain.md \
47	import-from-official-client.md staging.md troubleshooting.md wellknown.md	48	import-from-official-client.md per-certificate-config.md staging.md \
		49	troubleshooting.md wellknown.md
48		50
49	SHEBANG_FILES= docs/examples/config.sh.example docs/examples/hook.sh.example letsencrypt.sh	51	SHEBANG_FILES= docs/examples/hook.sh letsencrypt.sh
		52
		53	post-patch:
		54	. for f in docs/examples/config letsencrypt.sh
		55	${REINPLACE_CMD} 's\|/var/www/letsencrypt\|${PREFIX}/www/letsencrypt\|' \
		56	${WRKSRC}/${f}
		57	. endfor
50		58
51	post-patch-ZSH-on:	59	post-patch-ZSH-on:
52	. for p in docs/examples/config.sh.example docs/examples/hook.sh.example letsencrypt.sh	60	. for p in docs/examples/config docs/examples/hook.sh letsencrypt.sh
53	${REINPLACE_CMD} '1 s/bash/zsh/' ${WRKSRC}/${p}	61	${REINPLACE_CMD} '1 s/bash/zsh/' ${WRKSRC}/${p}
54	. endfor	62	. endfor
55		63
56	do-install:	64	do-install:
57	@${MKDIR} ${STAGEDIR}${ETCDIR}/.acme-challenges ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS}	65	@${MKDIR} ${STAGEDIR}${ETCDIR}/.acme-challenges ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS}
58	${INSTALL_DATA} ${WRKSRC}/docs/examples/config.sh.example ${STAGEDIR}${ETCDIR}/config.sh.example	66	${INSTALL_DATA} ${WRKSRC}/docs/examples/config ${STAGEDIR}${ETCDIR}/config.example
59	${INSTALL_DATA} ${WRKSRC}/docs/examples/hook.sh.example ${STAGEDIR}${ETCDIR}/hook.sh.example	67	${INSTALL_DATA} ${WRKSRC}/docs/examples/hook.sh ${STAGEDIR}${ETCDIR}/hook.sh.example
60	${INSTALL_DATA} ${WRKSRC}/docs/examples/domains.txt.example ${STAGEDIR}${ETCDIR}/domains.txt.example	68	${INSTALL_DATA} ${WRKSRC}/docs/examples/domains.txt ${STAGEDIR}${ETCDIR}/domains.txt.example
61	${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/${PORTNAME}	69	${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/${PORTNAME}
62	${INSTALL_SCRIPT} ${WRKDIR}/${PERIODIC_FILES} ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS}/${PERIODIC_FILES}	70	${INSTALL_SCRIPT} ${WRKDIR}/${PERIODIC_FILES} ${STAGEDIR}${PREFIX}/${PERIODIC_DIRS}/${PERIODIC_FILES}
63		71
64	${MKDIR} ${STAGEDIR}${DOCSDIR}	72	${MKDIR} ${STAGEDIR}${DOCSDIR}
65	${INSTALL_MAN} ${WRKSRC}/README.md ${STAGEDIR}${DOCSDIR}	73	${INSTALL_MAN} ${WRKSRC}/README.md ${STAGEDIR}${DOCSDIR}
66	. for d in dns-verification domains_txt ecc hook_chain import-from-official-client \	74	. for d in dns-verification domains_txt ecc hook_chain import-from-official-client \
67	staging troubleshooting wellknown	75	per-certificate-config staging troubleshooting wellknown
68	${INSTALL_MAN} ${WRKSRC}/docs/${d}.md ${STAGEDIR}${DOCSDIR}	76	${INSTALL_MAN} ${WRKSRC}/docs/${d}.md ${STAGEDIR}${DOCSDIR}
69	. endfor	77	. endfor
70		78
		79	post-stage:
		80	${MKDIR} ${STAGEDIR}${PREFIX}/www/letsencrypt
		81
71	.include <bsd.port.mk>	82	.include <bsd.port.mk>

Lines 3-12 Link Here

(-)letsencrypt.sh/files/pkg-message.in (-4 / +4 lines)
3	%%PREFIX%%/etc/%%PORTNAME%%/ and at least add a	3	%%PREFIX%%/etc/%%PORTNAME%%/ and at least add a
4	domain and a contact mail address.	4	domain and a contact mail address.
5		5
6	You should also copy the openssl.cnf.sample file in
7	%%PREFIX%%/openssl so you won't get warnings about
8	it missing.
9
10	In order to run the script regularly to update	6	In order to run the script regularly to update
11	the certificates add this line to /etc/periodic.conf	7	the certificates add this line to /etc/periodic.conf
12		8
Lines 17-22 Link Here
17		13
18	To run the certification renenewal as a different user	14	To run the certification renenewal as a different user
19	weekly_letsencrypt_user="_letsencrypt"	15	weekly_letsencrypt_user="_letsencrypt"
		16
20	To run a script after the renewal (as root)	17	To run a script after the renewal (as root)
21	weekly_letsencrypt_deployscript="%%PREFIX%%/etc/%%PORTNAME%%/deploy.sh"	18	weekly_letsencrypt_deployscript="%%PREFIX%%/etc/%%PORTNAME%%/deploy.sh"
22		19
		20	Additional flags for the periodic run go into
		21	weekly_letsencrypt_flags="-g"
		22