acme-utils: Bump to 0.5.8 to fix cert renewal
Signed-off-by: Stefan Knoblich <stkn@bitplumber.de>
This commit is contained in:
@@ -1,2 +1,3 @@
|
|||||||
AUX apache-challenge.conf 323 BLAKE2B 30f1191efb6e05b6682a967f513b572153595083277526cac9af2b6958e2fbc6241576370a07725fbc8b65c372877c41df0f1c78d87331083797736b24f5b8bb SHA512 4c292d2a31d4b8e59a0dcba2bfc20258e5188bfb6dcffdc02703e916dd0f3ab6ccfb9f43553dd3184b9f68b90358c08c1c1256d2bb3c76c9117b0196a844ab4a
|
AUX apache-challenge.conf 323 BLAKE2B 30f1191efb6e05b6682a967f513b572153595083277526cac9af2b6958e2fbc6241576370a07725fbc8b65c372877c41df0f1c78d87331083797736b24f5b8bb SHA512 4c292d2a31d4b8e59a0dcba2bfc20258e5188bfb6dcffdc02703e916dd0f3ab6ccfb9f43553dd3184b9f68b90358c08c1c1256d2bb3c76c9117b0196a844ab4a
|
||||||
EBUILD acme-utils-0.5.7-r1.ebuild 3117 BLAKE2B 30f855214591775ffc3365f809fe8dc0501d680d2dacce140cb6c0785e71979cab5d6de754ec6b4af47b1c4074a6cbd046d3f98de1cf5d36c4c2d137d4d39a0c SHA512 bd995e2fdcd99d1ddf7bd3b11116b24edbee4e1061092c91d8f11f1eb2164ceb2b837ec3885fd8c38d917e215917966118dfce71bafb25e3343235d88fab075d
|
EBUILD acme-utils-0.5.7-r1.ebuild 3117 BLAKE2B 30f855214591775ffc3365f809fe8dc0501d680d2dacce140cb6c0785e71979cab5d6de754ec6b4af47b1c4074a6cbd046d3f98de1cf5d36c4c2d137d4d39a0c SHA512 bd995e2fdcd99d1ddf7bd3b11116b24edbee4e1061092c91d8f11f1eb2164ceb2b837ec3885fd8c38d917e215917966118dfce71bafb25e3343235d88fab075d
|
||||||
|
EBUILD acme-utils-0.5.8.ebuild 3117 BLAKE2B 30f855214591775ffc3365f809fe8dc0501d680d2dacce140cb6c0785e71979cab5d6de754ec6b4af47b1c4074a6cbd046d3f98de1cf5d36c4c2d137d4d39a0c SHA512 bd995e2fdcd99d1ddf7bd3b11116b24edbee4e1061092c91d8f11f1eb2164ceb2b837ec3885fd8c38d917e215917966118dfce71bafb25e3343235d88fab075d
|
||||||
|
|||||||
120
app-admin/acme-utils/acme-utils-0.5.8.ebuild
Normal file
120
app-admin/acme-utils/acme-utils-0.5.8.ebuild
Normal file
@@ -0,0 +1,120 @@
|
|||||||
|
# Copyright (C) 2016 axsentis GmbH, Stefan Knoblich <s.knoblich@axsentis.de>
|
||||||
|
|
||||||
|
EAPI="7"
|
||||||
|
|
||||||
|
inherit git-r3 autotools
|
||||||
|
|
||||||
|
EGIT_CLONE_TYPE="shallow"
|
||||||
|
EGIT_REPO_URI="https://github.com/stknob/acme-utils.git"
|
||||||
|
EGIT_COMMIT="${PV}"
|
||||||
|
|
||||||
|
DESCRIPTION="ACME certificate helper scripts"
|
||||||
|
LICENSE="MIT"
|
||||||
|
KEYWORDS="amd64 x86"
|
||||||
|
SLOT="0"
|
||||||
|
IUSE="+apache2"
|
||||||
|
|
||||||
|
RDEPEND="
|
||||||
|
app-admin/pwgen
|
||||||
|
dev-lang/python
|
||||||
|
dev-libs/openssl
|
||||||
|
net-misc/wget
|
||||||
|
net-dns/bind-tools
|
||||||
|
"
|
||||||
|
DEPEND="${RDEPEND}
|
||||||
|
acct-group/acme
|
||||||
|
acct-user/acme"
|
||||||
|
|
||||||
|
src_prepare() {
|
||||||
|
eapply_user
|
||||||
|
eautoreconf || die "reconf failed"
|
||||||
|
|
||||||
|
# Update user/group
|
||||||
|
sed -i -e '/^\(ACME_USER\|ACME_GROUP\)/s:letsencrypt:acme:' \
|
||||||
|
"acme.conf.in" || die "Failed to update user/group"
|
||||||
|
}
|
||||||
|
|
||||||
|
src_configure() {
|
||||||
|
econf \
|
||||||
|
--sysconfdir="/etc/acme" \
|
||||||
|
--with-certdir="/etc/ssl/acme" \
|
||||||
|
--with-challengedir="/var/www/acme-challenge" \
|
||||||
|
|| die "econf failed"
|
||||||
|
}
|
||||||
|
|
||||||
|
src_install() {
|
||||||
|
default_src_install
|
||||||
|
|
||||||
|
# Create hook dirs
|
||||||
|
keepdir "/etc/acme/create.d"
|
||||||
|
keepdir "/etc/acme/pre.d"
|
||||||
|
keepdir "/etc/acme/renew.d"
|
||||||
|
keepdir "/etc/acme/post.d"
|
||||||
|
|
||||||
|
# Create cert + challenge directory
|
||||||
|
keepdir "/etc/ssl/acme"
|
||||||
|
keepdir "/var/www/acme-challenge"
|
||||||
|
|
||||||
|
# Fix permissions
|
||||||
|
chown -R root:acme "${D}/etc/acme"
|
||||||
|
chmod 750 "${D}/etc/acme"
|
||||||
|
chown -R root:root "${D}/etc/acme/create.d"
|
||||||
|
chmod 750 "${D}/etc/acme/create.d"
|
||||||
|
chown -R root:root "${D}/etc/acme/pre.d"
|
||||||
|
chmod 750 "${D}/etc/acme/pre.d"
|
||||||
|
chown -R root:root "${D}/etc/acme/renew.d"
|
||||||
|
chmod 750 "${D}/etc/acme/renew.d"
|
||||||
|
chown -R root:root "${D}/etc/acme/post.d"
|
||||||
|
chmod 750 "${D}/etc/acme/post.d"
|
||||||
|
chmod 640 "${D}/etc/acme/acme.conf"
|
||||||
|
chown -R root:acme "${D}/etc/ssl/acme"
|
||||||
|
chmod 750 "${D}/etc/ssl/acme"
|
||||||
|
chown acme:root "${D}/var/www/acme-challenge"
|
||||||
|
chmod 751 "${D}/var/www/acme-challenge"
|
||||||
|
|
||||||
|
# Server-specific config snippts
|
||||||
|
if use apache2
|
||||||
|
then
|
||||||
|
insinto "/etc/apache2/modules.d"
|
||||||
|
newins "${FILESDIR}/apache-challenge.conf" "99_acme-challenge.conf"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
pkg_postinst() {
|
||||||
|
einfo "Use \"emerge =${CATEGORY}/${PF} --config\" to run the initial setup"
|
||||||
|
|
||||||
|
use apache2 && \
|
||||||
|
einfo "To enable apache2 support, set \"-D ACME\" in /etc/conf.d/apache2"
|
||||||
|
}
|
||||||
|
|
||||||
|
pkg_config() {
|
||||||
|
local my_account_key="/etc/acme/account.key"
|
||||||
|
|
||||||
|
[[ -f "${my_account_key}" ]] && {
|
||||||
|
eerror "Existing account key found, aborting"
|
||||||
|
die
|
||||||
|
}
|
||||||
|
|
||||||
|
einfo "Creating ACME account key..."
|
||||||
|
/usr/sbin/acme-setup-account \
|
||||||
|
|| die "Failed to generate account key"
|
||||||
|
|
||||||
|
# Fix permissions
|
||||||
|
einfo "Setting directory and file permissions..."
|
||||||
|
chown -R root:acme "/etc/acme"
|
||||||
|
chmod 750 "/etc/acme"
|
||||||
|
chown -R root:root "/etc/acme/create.d"
|
||||||
|
chmod 750 "/etc/acme/create.d"
|
||||||
|
chown -R root:root "/etc/acme/pre.d"
|
||||||
|
chmod 750 "/etc/acme/pre.d"
|
||||||
|
chown -R root:root "/etc/acme/renew.d"
|
||||||
|
chmod 750 "/etc/acme/renew.d"
|
||||||
|
chown -R root:root "/etc/acme/post.d"
|
||||||
|
chmod 750 "/etc/acme/post.d"
|
||||||
|
chmod 640 "/etc/acme/acme.conf"
|
||||||
|
chmod 440 "${my_account_key}"
|
||||||
|
chown -R root:acme "/etc/ssl/acme"
|
||||||
|
chmod 750 "/etc/ssl/acme"
|
||||||
|
chown acme:root "/var/www/acme-challenge"
|
||||||
|
chmod 751 "/var/www/acme-challenge"
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user