]> git.pld-linux.org Git - packages/dehydrated.git/blob - pld.patch
projects / packages / dehydrated.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
hook: move each webserver logic to function; use atomic concat to avoid mitm problems
[packages/dehydrated.git] / pld.patch
1 --- dehydrated-0.3.1/dehydrated 2016-11-22 19:57:26.978516490 +0200
2 +++ dehydrated-0.3.1/dehydrated 2016-11-22 20:01:59.118747292 +0200
3 @@ -1,4 +1,4 @@
4 -#!/usr/bin/env bash
5 +#!/bin/bash
6  
7  # letsencrypt.sh by lukas2511
8  # Source: https://github.com/lukas2511/letsencrypt.sh
9 @@ -94,7 +94,7 @@
10  load_config() {
11    # Check for config in various locations
12    if [[ -z "${CONFIG:-}" ]]; then
13 -    for check_config in "/etc/dehydrated" "/usr/local/etc/dehydrated" "${PWD}" "${SCRIPTDIR}"; do
14 +    for check_config in "/etc/dehydrated" "/etc/webapps/dehydrated" "/usr/local/etc/dehydrated" "/etc/webapps/letsencrypt.sh" "${PWD}" "${SCRIPTDIR}"; do
15        if [[ -f "${check_config}/config" ]]; then
16          BASEDIR="${check_config}"
17          CONFIG="${check_config}/config"
18 @@ -164,7 +164,7 @@
19    [[ -d "${BASEDIR}" ]] || _exiterr "BASEDIR does not exist: ${BASEDIR}"
20  
21    CAHASH="$(echo "${CA}" | urlbase64)"
22 -  [[ -z "${ACCOUNTDIR}" ]] && ACCOUNTDIR="${BASEDIR}/accounts"
23 +  [[ -z "${ACCOUNTDIR}" ]] && ACCOUNTDIR="/var/lib/dehydrated/accounts"
24    mkdir -p "${ACCOUNTDIR}/${CAHASH}"
25    [[ -f "${ACCOUNTDIR}/${CAHASH}/config" ]] && . "${ACCOUNTDIR}/${CAHASH}/config"
26    ACCOUNT_KEY="${ACCOUNTDIR}/${CAHASH}/account_key.pem"
27 @@ -179,9 +179,9 @@
28      mv "${BASEDIR}/private_key.json" "${ACCOUNT_KEY_JSON}"
29    fi
30  
31 -  [[ -z "${CERTDIR}" ]] && CERTDIR="${BASEDIR}/certs"
32 +  [[ -z "${CERTDIR}" ]] && CERTDIR="/var/lib/dehydrated/certs"
33    [[ -z "${DOMAINS_TXT}" ]] && DOMAINS_TXT="${BASEDIR}/domains.txt"
34 -  [[ -z "${WELLKNOWN}" ]] && WELLKNOWN="/var/www/dehydrated"
35 +  [[ -z "${WELLKNOWN}" ]] && WELLKNOWN="/var/lib/dehydrated/acme-challenge"
36    [[ -z "${LOCKFILE}" ]] && LOCKFILE="${BASEDIR}/lock"
37    [[ -n "${PARAM_NO_LOCK:-}" ]] && LOCKFILE=""
38  
39 --- dehydrated-0.3.1/docs/examples/config       2016-10-17 22:32:37.370663315 +0300
40 +++ dehydrated-0.3.1/docs/examples/config       2016-11-22 20:02:34.173827857 +0200
41 @@ -37,13 +37,13 @@
42  #DOMAINS_TXT="${BASEDIR}/domains.txt"
43  
44  # Output directory for generated certificates
45 -#CERTDIR="${BASEDIR}/certs"
46 +#CERTDIR="/var/lib/dehydrated/certs"
47  
48  # Directory for account keys and registration information
49  #ACCOUNTDIR="${BASEDIR}/accounts"
50  
51  # Output directory for challenge-tokens to be served by webserver or deployed in HOOK (default: /var/www/dehydrated)
52 -#WELLKNOWN="/var/www/dehydrated"
53 +#WELLKNOWN="/var/lib/dehydrated/acme-challenge"
54  
55  # Default keysize for private keys (default: 4096)
56  #KEYSIZE="4096"
57 @@ -61,7 +61,7 @@
58  #
59  # BASEDIR and WELLKNOWN variables are exported and can be used in an external program
60  # default: <unset>
61 -#HOOK=
62 +HOOK=/etc/webapps/dehydrated/hook.sh
63  
64  # Chain clean_challenge|deploy_challenge arguments together into one hook call per certificate (default: no)
65  #HOOK_CHAIN="no"
letsencrypt/acme client implemented as a shell-script
This page took 0.023801 seconds and 3 git commands to generate.