diff --git a/net/acme-acmesh/Makefile b/net/acme-acmesh/Makefile index fcbb563fce..7cb5ba4ee2 100644 --- a/net/acme-acmesh/Makefile +++ b/net/acme-acmesh/Makefile @@ -58,7 +58,6 @@ endef define Package/acme-acmesh-dnsapi/description This package provides DNS API integration for ACME (Letsencrypt) client. - scripts are from acme.sh endef define Package/acme-acmesh-dnsapi/install diff --git a/net/uacme/Makefile b/net/uacme/Makefile index 7f348613df..0e81ca1bf6 100644 --- a/net/uacme/Makefile +++ b/net/uacme/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=uacme -PKG_VERSION:=1.7.6 +PKG_VERSION:=1.8.1 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/ndilieto/uacme/tar.gz/upstream/$(PKG_VERSION)? -PKG_HASH:=d11a86ac2a0dbf285de27dff4193c65f7f3736da3d0480049af50d305940e0d6 +PKG_HASH:=de7588577f8298dcb0d42dfaa9452a918fa692c4e165060207ac22f72fb0425d PKG_MAINTAINER:=Lucian Cristian PKG_LICENSE:=GPL-3.0-or-later @@ -111,6 +111,7 @@ define Package/uacme/install $(INSTALL_BIN) ./files/hook.sh $(1)/usr/lib/acme/hook $(INSTALL_BIN) ./files/httpchalhook.sh $(1)/usr/lib/acme/client/httpchalhook.sh + $(INSTALL_BIN) ./files/dns_persist.sh $(1)/usr/lib/acme/client/dns_persist.sh $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/uacme $(1)/usr/sbin/uacme endef @@ -128,9 +129,10 @@ define Package/uacme-dnsapi-adapter/install $(INSTALL_DIR) \ $(1)/usr/lib/acme/client - $(INSTALL_BIN) ./files/dnschalhook.sh $(1)/usr/lib/acme/client/dnschalhook.sh - $(INSTALL_BIN) ./files/dnsapi_helper.sh $(1)/usr/lib/acme/client/dnsapi_helper.sh + $(INSTALL_BIN) ./files/dnschalhook.sh $(1)/usr/lib/acme/client/dnschalhook.sh + $(INSTALL_BIN) ./files/dnsapi_helper.sh $(1)/usr/lib/acme/client/dnsapi_helper.sh endef $(eval $(call BuildPackage,uacme)) $(eval $(call BuildPackage,uacme-ualpn)) +$(eval $(call BuildPackage,uacme-dnsapi-adapter)) diff --git a/net/uacme/files/dns_persist.sh b/net/uacme/files/dns_persist.sh new file mode 100644 index 0000000000..3b8058c1b2 --- /dev/null +++ b/net/uacme/files/dns_persist.sh @@ -0,0 +1,48 @@ +#!/bin/sh +# Copyright (C) 2019-2024 Nicola Di Lieto +# +# This file is part of uacme. +# +# uacme is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# uacme is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# Part of this is copied from acme.sh +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# noop challange 'solver' for challenge type select + +ARGS=5 +E_BADARGS=85 +LOG_TAG=acme-uacme-dns-persist + +if test $# -ne "$ARGS" +then + echo "Usage: $(basename "$0") method type ident token auth" 1>&2 + exit $E_BADARGS +fi + +METHOD=$1 +TYPE=$2 +IDENT=$3 +TOKEN=$4 +AUTH=$5 + +if [ "$TYPE" != "dns-persist-01" ]; then + echo "skipping $TYPE" 1>&2 + exit 1 +fi + +if [ "$METHOD" = "failed" ]; then + logger -t "$LOG_TAG" -p "daemon.info" -- "Create TXT record $AUTH at _validation-persist.$IDENT to authorize domain" +fi + +exit 0 diff --git a/net/uacme/files/hook.sh b/net/uacme/files/hook.sh index e090312ca4..2c0421255d 100755 --- a/net/uacme/files/hook.sh +++ b/net/uacme/files/hook.sh @@ -85,7 +85,6 @@ get) fi set -- [ "$debug" = 1 ] && set -- "$@" -v -#uacme doesn't rotate privkey case $key_type in ec*) keylength=${key_type#ec} @@ -130,6 +129,10 @@ get) set -- "$@" --days "$days" fi + if [ "$cert_profile" ]; then + set -- "$@" --profile "$cert_profile" + fi + # uacme handles challange select by hook script case "$validation_method" in "alpn") @@ -151,6 +154,9 @@ get) export dns_wait fi ;; + "dns-persist") + set -- "$@" -h "$HOOKDIR/client/dns_persist.sh" + ;; "standalone") set -- "$@" --standalone --listen-v6 log err "standalone server is not implmented for uacme" @@ -173,7 +179,7 @@ get) log info "$ACME $*" trap '$NOTIFY issue-failed;exit 1' INT - "$ACME" "$@" 2>&1 + "$ACME" "$@" -k 2>&1 status=$? trap - INT