Browse Source

Merge ACME fixes

Closes #8149

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
lilik-openwrt-22.03
Toke Høiland-Jørgensen 6 years ago
parent
commit
56cc1423c6
2 changed files with 13 additions and 10 deletions
  1. +1
    -1
      net/acme/Makefile
  2. +12
    -9
      net/acme/files/run.sh

+ 1
- 1
net/acme/Makefile View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=acme PKG_NAME:=acme
PKG_VERSION:=2.7.9 PKG_VERSION:=2.7.9
PKG_RELEASE:=6
PKG_RELEASE:=7
PKG_LICENSE:=GPLv3 PKG_LICENSE:=GPLv3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz


+ 12
- 9
net/acme/files/run.sh View File

@ -132,9 +132,9 @@ post_checks()
if [ -e /etc/init.d/uhttpd ] && ( [ -n "$UHTTPD_LISTEN_HTTP" ] || [ $UPDATE_UHTTPD -eq 1 ] ); then if [ -e /etc/init.d/uhttpd ] && ( [ -n "$UHTTPD_LISTEN_HTTP" ] || [ $UPDATE_UHTTPD -eq 1 ] ); then
if [ -n "$UHTTPD_LISTEN_HTTP" ]; then if [ -n "$UHTTPD_LISTEN_HTTP" ]; then
uci set uhttpd.main.listen_http="$UHTTPD_LISTEN_HTTP" uci set uhttpd.main.listen_http="$UHTTPD_LISTEN_HTTP"
uci commit uhttpd
UHTTPD_LISTEN_HTTP= UHTTPD_LISTEN_HTTP=
fi fi
uci commit uhttpd
/etc/init.d/uhttpd reload /etc/init.d/uhttpd reload
fi fi
@ -180,6 +180,7 @@ issue_cert()
local failed_dir local failed_dir
local webroot local webroot
local dns local dns
local ret
config_get_bool enabled "$section" enabled 0 config_get_bool enabled "$section" enabled 0
config_get_bool use_staging "$section" use_staging config_get_bool use_staging "$section" use_staging
@ -203,6 +204,12 @@ issue_cert()
[ -n "$webroot" ] || [ -n "$dns" ] || pre_checks "$main_domain" || return 1 [ -n "$webroot" ] || [ -n "$dns" ] || pre_checks "$main_domain" || return 1
log "Running ACME for $main_domain" log "Running ACME for $main_domain"
handle_credentials() {
local credential="$1"
eval export $credential
}
config_list_foreach "$section" credentials handle_credentials
if [ -e "$STATE_DIR/$main_domain" ]; then if [ -e "$STATE_DIR/$main_domain" ]; then
if [ "$use_staging" -eq "0" ] && is_staging "$main_domain"; then if [ "$use_staging" -eq "0" ] && is_staging "$main_domain"; then
@ -211,8 +218,9 @@ issue_cert()
moved_staging=1 moved_staging=1
else else
log "Found previous cert config. Issuing renew." log "Found previous cert config. Issuing renew."
$ACME --home "$STATE_DIR" --renew -d "$main_domain" $acme_args || return 1
return 0
$ACME --home "$STATE_DIR" --renew -d "$main_domain" $acme_args && ret=0 || ret=1
post_checks
return $ret
fi fi
fi fi
@ -231,18 +239,13 @@ issue_cert()
else else
if [ ! -d "$webroot" ]; then if [ ! -d "$webroot" ]; then
err "$main_domain: Webroot dir '$webroot' does not exist!" err "$main_domain: Webroot dir '$webroot' does not exist!"
post_checks
return 1 return 1
fi fi
log "Using webroot dir: $webroot" log "Using webroot dir: $webroot"
acme_args="$acme_args --webroot $webroot" acme_args="$acme_args --webroot $webroot"
fi fi
handle_credentials() {
local credential="$1"
eval export $credential
}
config_list_foreach "$section" credentials handle_credentials
if ! $ACME --home "$STATE_DIR" --issue $acme_args; then if ! $ACME --home "$STATE_DIR" --issue $acme_args; then
failed_dir="$STATE_DIR/${main_domain}.failed-$(date +%s)" failed_dir="$STATE_DIR/${main_domain}.failed-$(date +%s)"
err "Issuing cert for $main_domain failed. Moving state to $failed_dir" err "Issuing cert for $main_domain failed. Moving state to $failed_dir"


Loading…
Cancel
Save