From 60133e74d7171e663e39da1a02d71ba4c4fb6c85 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Tue, 24 Oct 2017 22:49:54 +0000 Subject: [PATCH] - don't hardcode /var/lib/dehydrated, use BASEDIR - we've switched to /etc/dehydrated, this is not webapp --- tld.patch | 78 ++++++++++++++++++++++--------------------------------- 1 file changed, 31 insertions(+), 47 deletions(-) diff --git a/tld.patch b/tld.patch index 2c6448e..3a85259 100644 --- a/tld.patch +++ b/tld.patch @@ -1,21 +1,21 @@ diff -ur dehydrated-0.4.0.orig/dehydrated dehydrated-0.4.0/dehydrated ---- dehydrated-0.4.0.orig/dehydrated 2017-02-05 14:33:17.000000000 +0000 -+++ dehydrated-0.4.0/dehydrated 2017-10-24 00:24:53.662801025 +0000 +--- dehydrated-0.4.0.orig/dehydrated 2017-02-05 15:33:17.000000000 +0100 ++++ dehydrated-0.4.0/dehydrated 2017-10-24 16:58:33.761256185 +0200 @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/bin/bash # dehydrated by lukas2511 # Source: https://github.com/lukas2511/dehydrated -@@ -94,7 +94,7 @@ - load_config() { - # Check for config in various locations - if [[ -z "${CONFIG:-}" ]]; then -- for check_config in "/etc/dehydrated" "/usr/local/etc/dehydrated" "${PWD}" "${SCRIPTDIR}"; do -+ for check_config in "/etc/dehydrated" "/etc/webapps/dehydrated" "/usr/local/etc/dehydrated" "/etc/webapps/letsencrypt.sh" "${PWD}" "${SCRIPTDIR}"; do - if [[ -f "${check_config}/config" ]]; then - BASEDIR="${check_config}" - CONFIG="${check_config}/config" +@@ -20,7 +20,7 @@ + done + SCRIPTDIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )" + +-BASEDIR="${SCRIPTDIR}" ++BASEDIR="/var/lib/dehydrated" + + # Create (identifiable) temporary files + _mktemp() { @@ -115,7 +115,7 @@ DOMAINS_TXT= HOOK= @@ -25,66 +25,50 @@ diff -ur dehydrated-0.4.0.orig/dehydrated dehydrated-0.4.0/dehydrated KEYSIZE="4096" WELLKNOWN= PRIVATE_KEY_RENEW="yes" -@@ -166,7 +166,7 @@ - [[ -d "${BASEDIR}" ]] || _exiterr "BASEDIR does not exist: ${BASEDIR}" - - CAHASH="$(echo "${CA}" | urlbase64)" -- [[ -z "${ACCOUNTDIR}" ]] && ACCOUNTDIR="${BASEDIR}/accounts" -+ [[ -z "${ACCOUNTDIR}" ]] && ACCOUNTDIR="/var/lib/dehydrated/accounts" - mkdir -p "${ACCOUNTDIR}/${CAHASH}" - [[ -f "${ACCOUNTDIR}/${CAHASH}/config" ]] && . "${ACCOUNTDIR}/${CAHASH}/config" - ACCOUNT_KEY="${ACCOUNTDIR}/${CAHASH}/account_key.pem" -@@ -181,9 +181,9 @@ - mv "${BASEDIR}/private_key.json" "${ACCOUNT_KEY_JSON}" +@@ -182,8 +182,8 @@ fi -- [[ -z "${CERTDIR}" ]] && CERTDIR="${BASEDIR}/certs" + [[ -z "${CERTDIR}" ]] && CERTDIR="${BASEDIR}/certs" - [[ -z "${DOMAINS_TXT}" ]] && DOMAINS_TXT="${BASEDIR}/domains.txt" - [[ -z "${WELLKNOWN}" ]] && WELLKNOWN="/var/www/dehydrated" -+ [[ -z "${CERTDIR}" ]] && CERTDIR="/var/lib/dehydrated/certs" -+ [[ -z "${DOMAINS_TXT}" ]] && DOMAINS_TXT="/etc/webapps/dehydrated/domains.txt" -+ [[ -z "${WELLKNOWN}" ]] && WELLKNOWN="/var/lib/dehydrated/acme-challenges" ++ [[ -z "${DOMAINS_TXT}" ]] && DOMAINS_TXT="/etc/dehydrated/domains.txt" ++ [[ -z "${WELLKNOWN}" ]] && WELLKNOWN="${BASEDIR}/acme-challenges" [[ -z "${LOCKFILE}" ]] && LOCKFILE="${BASEDIR}/lock" [[ -n "${PARAM_LOCKFILE_SUFFIX:-}" ]] && LOCKFILE="${LOCKFILE}-${PARAM_LOCKFILE_SUFFIX}" [[ -n "${PARAM_NO_LOCK:-}" ]] && LOCKFILE="" diff -ur dehydrated-0.4.0.orig/docs/examples/config dehydrated-0.4.0/docs/examples/config ---- dehydrated-0.4.0.orig/docs/examples/config 2017-02-05 14:33:17.000000000 +0000 -+++ dehydrated-0.4.0/docs/examples/config 2017-10-24 00:23:06.163807433 +0000 -@@ -21,6 +21,7 @@ - # Path to certificate authority license terms redirect (default: https://acme-v01.api.letsencrypt.org/terms) - #CA_TERMS="https://acme-v01.api.letsencrypt.org/terms" - -+ - # Path to license agreement (default: ) - #LICENSE="" +--- dehydrated-0.4.0.orig/docs/examples/config 2017-02-05 15:33:17.000000000 +0100 ++++ dehydrated-0.4.0/docs/examples/config 2017-10-24 16:58:47.821256753 +0200 +@@ -33,11 +33,11 @@ + # default: + #CONFIG_D= -@@ -37,16 +38,16 @@ - #BASEDIR=$SCRIPTDIR +-# Base directory for account key, generated certificates and list of domains (default: $SCRIPTDIR -- uses config directory if undefined) +-#BASEDIR=$SCRIPTDIR ++# Base directory for account key, generated certificates and list of domains (default: /var/lib/dehydrated) ++#BASEDIR="/var/lib/dehydrated" # File containing the list of domains to request certificates for (default: $BASEDIR/domains.txt) -#DOMAINS_TXT="${BASEDIR}/domains.txt" -+#DOMAINS_TXT="/etc/webapps/dehydrated/domains.txt" ++#DOMAINS_TXT="/etc/dehydrated/domains.txt" # Output directory for generated certificates --#CERTDIR="${BASEDIR}/certs" -+#CERTDIR="/var/lib/dehydrated/certs" - - # Directory for account keys and registration information --#ACCOUNTDIR="${BASEDIR}/accounts" -+#ACCOUNTDIR="/var/lib/dehydrated/accounts" + #CERTDIR="${BASEDIR}/certs" +@@ -46,7 +46,7 @@ + #ACCOUNTDIR="${BASEDIR}/accounts" # Output directory for challenge-tokens to be served by webserver or deployed in HOOK (default: /var/www/dehydrated) -#WELLKNOWN="/var/www/dehydrated" -+#WELLKNOWN="/var/lib/dehydrated/acme-challenges" ++#WELLKNOWN="${BASEDIR}/acme-challenges" # Default keysize for private keys (default: 4096) #KEYSIZE="4096" -@@ -64,13 +65,13 @@ +@@ -64,13 +64,13 @@ # # BASEDIR and WELLKNOWN variables are exported and can be used in an external program # default: -#HOOK= -+#HOOK=/etc/webapps/dehydrated/hook.sh ++#HOOK="/etc/dehydrated/hook.sh" # Chain clean_challenge|deploy_challenge arguments together into one hook call per certificate (default: no) #HOOK_CHAIN="no" -- 2.46.0