upgpkg: acme-client 0.1.16

author: surefire 2017-02-04 22:04:13 +0300
committer: surefire 2017-02-04 22:04:13 +0300
commit: 6d5f71e755aa36553ec4a3a6f4d48bf48745f482 (patch)
tree: 3774076653193bcacc9138be187e72e116e59808
parent: 6820a7d6e86e8826f2777150520eba583a645749 (diff)
download: aur-6d5f71e755aa36553ec4a3a6f4d48bf48745f482.tar.gz
6 files changed, 54 insertions, 31 deletions
diff --git a/.SRCINFO b/.SRCINFO
index b2e692836376..14efc421e8e1 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,12 +1,12 @@
 pkgbase = acme-client-git
 	pkgdesc = Yet another ACME client, specifically for Let's Encrypt, but one with a strong focus on security. Written in C.
-	pkgver = 0.1.15.r2.g1613a32
+	pkgver = 0.1.16+2+g94f9e1e
 	pkgrel = 1
 	url = https://kristaps.bsd.lv/acme-client/
 	arch = x86_64
 	arch = i686
 	arch = armv7h
-	license = BSD
+	license = custom:ISC
 	makedepends = git
 	depends = libbsd
 	provides = acme-client
@@ -15,15 +15,17 @@ pkgbase = acme-client-git
 	conflicts = letskencrypt
 	options = emptydirs
 	source = acme-client-git::git+https://github.com/kristapsdz/acme-client-portable.git
-	source = http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.5.0.tar.gz
+	source = http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.5.1.tar.gz
 	source = acme@.timer
 	source = acme@.service
 	source = example.conf
+	source = example.hook
 	sha256sums = SKIP
-	sha256sums = 8652bf6b55ab51fb37b686a3f604a2643e0e8fde2c56e6a936027d12afda6eae
+	sha256sums = f71ae0a824b78fb1a47ffa23c9c26e9d96c5c9b29234eacedce6b4c7740287cd
 	sha256sums = c7d852229ae8a1b816ec476554c5d703a5513e6578a38672a52f7e7fca653b73
-	sha256sums = d6e274929979a385308f29b4f15a923ce888b57faca9925b6f46a995b2bfd662
-	sha256sums = 7ba2721a5eba7eaa10b5fdc1dea213f6e08ab29f3b69c49a2310c7a9a349bc9d
+	sha256sums = ddaccc43724be3b89d154aced64c6b04089047345c71dcbd60dc41719faae1f6
+	sha256sums = d9716504c4c8eb9f1e238ecca6e691cb645657ae0bc32621e9ff10c6791dc978
+	sha256sums = 05f97e21e3807fa48e048a56b393bf9fe7e450ded978ccdfb04923b460ec62d1
 
 pkgname = acme-client-git
 
diff --git a/.gitignore b/.gitignore
index c470a9e7ae07..c1b2cd8f752a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
 acme-client-git/
-*.tgz
+pkg/
+src/
+*.pkg.tar.*
 *.tar.gz
-*.tar.xz
diff --git a/PKGBUILD b/PKGBUILD
index f03e906c6542..1c21c434219a 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,26 +1,27 @@
 # Maintainer: surefire@cryptomile.net
-
 pkgname=acme-client-git
-pkgver=0.1.15.r2.g1613a32
+pkgver=0.1.16+2+g94f9e1e
 pkgrel=1
 arch=('x86_64' 'i686' 'armv7h')
-license=('BSD')
+license=('custom:ISC')
 pkgdesc="Yet another ACME client, specifically for Let's Encrypt, but one with a strong focus on security. Written in C."
 url='https://kristaps.bsd.lv/acme-client/'
 
-_sslver=2.5.0
+_sslver=2.5.1
 
 source=(${pkgname}::'git+https://github.com/kristapsdz/acme-client-portable.git'
         "http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-${_sslver}.tar.gz"
         'acme@.timer'
         'acme@.service'
-        'example.conf')
+        'example.conf'
+        'example.hook')
 
 sha256sums=('SKIP'
-            '8652bf6b55ab51fb37b686a3f604a2643e0e8fde2c56e6a936027d12afda6eae'
+            'f71ae0a824b78fb1a47ffa23c9c26e9d96c5c9b29234eacedce6b4c7740287cd'
             'c7d852229ae8a1b816ec476554c5d703a5513e6578a38672a52f7e7fca653b73'
-            'd6e274929979a385308f29b4f15a923ce888b57faca9925b6f46a995b2bfd662'
-            '7ba2721a5eba7eaa10b5fdc1dea213f6e08ab29f3b69c49a2310c7a9a349bc9d')
+            'ddaccc43724be3b89d154aced64c6b04089047345c71dcbd60dc41719faae1f6'
+            'd9716504c4c8eb9f1e238ecca6e691cb645657ae0bc32621e9ff10c6791dc978'
+            '05f97e21e3807fa48e048a56b393bf9fe7e450ded978ccdfb04923b460ec62d1')
 
 depends=('libbsd')
 makedepends=('git')
@@ -32,22 +33,15 @@ options=('emptydirs')
 
 pkgver() {
 	cd "${pkgname}"
-	git describe --long --tags | sed 's/VERSION_//;s/\([^-]*-g\)/r\1/;s/[-_]/./g'
-}
-
-prepare() {
-	cd "${pkgname}"
-
-	# Disable libseccomp
-	sed -i GNUmakefile -e '/pkg-config --exists libseccomp/ s/echo 1/echo 0/'
+	git describe --long --tags | sed 's/^VERSION_//; s/_/./g; s/-/+/g'
 }
 
 build() {
-	cd "libressl-${_sslver}"
+	cd "$srcdir/libressl-${_sslver}"
 	./configure --disable-shared --enable-static
 	make
 
-	cd "../${pkgname}"
+	cd "$srcdir/$pkgname"
 	make \
 		CPPFLAGS="-I../libressl-${_sslver}/include" \
 		LDFLAGS="-L../libressl-${_sslver}/{tls,ssl,crypto}/.libs"
@@ -62,6 +56,7 @@ package() {
 
 	install -Dm644 -t "${pkgdir}/usr/lib/systemd/system" ../acme@.{timer,service}
 	install -Dm644 -t "${pkgdir}/etc/acme" ../example.conf
+	install -Dm755 -t "${pkgdir}/etc/acme" ../example.hook
 
-	install -dm0755 "${pkgdir}/var/lib/acme"/{accounts,certs}
+	install -dm755 "${pkgdir}/var/lib/acme"/{accounts,certs}
 }
diff --git a/acme@.service b/acme@.service
index 5103ef9a16da..4371fd089963 100644
--- a/acme@.service
+++ b/acme@.service
@@ -5,7 +5,9 @@ Requires=network.target
 AssertFileNotEmpty=/etc/acme/%I.conf
 
 [Service]
-# You need to configure http server so that directory "/run/acme-challenge" was the alias of "/.well-known/acme-challenge"
+# You need to configure http server
+# so that directory "/run/acme-challenge"
+# was the alias of "/.well-known/acme-challenge"
 #
 # Nginx example:
 #
@@ -25,8 +27,14 @@ Environment="ACME_ACCOUNT=letsencrypt"
 EnvironmentFile=/etc/acme/%I.conf
 
 ExecStartPre=/usr/bin/install -dm0700 "${ACME_DIR}/certs/%I"
-
-ExecStart=/usr/bin/acme-client $ACME_ARGS -f "${ACME_DIR}/accounts/${ACME_ACCOUNT}.pem" -c "${ACME_DIR}/certs/%I" -k "${ACME_DIR}/certs/%I/privkey.pem" -C /run/acme-challenge $ACME_DOMAINS
+ExecStopPost=/usr/bin/sh -c "[ ! -x '/etc/acme/%I.hook' ] || exec '/etc/acme/%I.hook'"
+
+ExecStart=/usr/bin/acme-client $ACME_ARGS         \
+	-f "${ACME_DIR}/accounts/${ACME_ACCOUNT}.pem" \
+	-c "${ACME_DIR}/certs/%I"                     \
+	-k "${ACME_DIR}/certs/%I/privkey.pem"         \
+	-C /run/acme-challenge                        \
+	$ACME_DOMAINS
 
 CapabilityBoundingSet=CAP_SYS_CHROOT CAP_SETUID CAP_SETGID
 NoNewPrivileges=true
diff --git a/example.conf b/example.conf
index 10082bf73b82..c6552fdb3a89 100644
--- a/example.conf
+++ b/example.conf
@@ -1,4 +1,7 @@
-# Before first run you need to configure http server so that directory "/run/acme-challenge" was the alias of "/.well-known/acme-challenge"
+# Before first run you need to configure http server
+# so that directory "/run/acme-challenge"
+# was the alias of "/.well-known/acme-challenge"
+#
 # Nginx example:
 #  location /.well-known/acme-challenge {
 #    alias /run/acme-challenge;
diff --git a/example.hook b/example.hook
new file mode 100755
index 000000000000..807de8863c69
--- /dev/null
+++ b/example.hook
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+#  https://www.freedesktop.org/software/systemd/man/systemd.exec.html#%24EXIT_CODE
+#  > $EXIT_STATUS contains the numeric exit code formatted as string if $EXIT_CODE is "exited",
+#  > and the signal name in all other cases.
+#
+#  $EXIT_STATUS of acme-client
+#	1 on failure
+#	2 if the certificates didn't change (up to date)
+#	0 if certificates were changed (revoked or updated).
+
+if [ 0 = "$EXIT_STATUS" ]; then
+	systemctl reload nginx.service
+fi
author	surefire	2017-02-04 22:04:13 +0300
committer	surefire	2017-02-04 22:04:13 +0300
commit	6d5f71e755aa36553ec4a3a6f4d48bf48745f482 (patch)
tree	3774076653193bcacc9138be187e72e116e59808
parent	6820a7d6e86e8826f2777150520eba583a645749 (diff)
download	aur-6d5f71e755aa36553ec4a3a6f4d48bf48745f482.tar.gz