acme-common: migrate deprecated options

Add to uci-defaults script a migration from old deprecated options to new:
  use_staging to staging
  keylength to key_type
  remove standalone
  add missing validation_method

We still support the old options in the acme.init if old config was copied after installing of the newer version of the acme-common.

Signed-off-by: Sergey Ponomarev <redacted>

diff --git a/net/acme-common/Makefile b/net/acme-common/Makefile
index 2543830f8f40f9a9a36eeb9b0bb9a38e0835c928..8e012dfb072a58d5dd73bf1d49e7369cb7aa6235 100644 (file)
--- a/net/acme-common/Makefile
+++ b/net/acme-common/Makefile
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=acme-common
-PKG_VERSION:=1.3.0
+PKG_VERSION:=1.4.0
 
 PKG_MAINTAINER:=Toke Høiland-Jørgensen <toke@toke.dk>
 PKG_LICENSE:=GPL-3.0-only

diff --git a/net/acme-common/files/acme.uci-defaults b/net/acme-common/files/acme.uci-defaults
index 578cc6effa0aa6fca1f3eceefe17cc3c6248ec9c..ca383653147232eb871ac8b701eb82c605ba4bb1 100644 (file)
--- a/net/acme-common/files/acme.uci-defaults
+++ b/net/acme-common/files/acme.uci-defaults
@@ -1,9 +1,57 @@
 #!/bin/sh
+. /lib/functions.sh
+
 # Create a symlink to webroot
 if [ -d /www/ ] && [ ! -L /www/.well-known/acme-challenge ] && [ ! -d /www/.well-known/acme-challenge/ ]; then
        mkdir -p /www/.well-known/
        ln -s /var/run/acme/challenge/ /www/.well-known/acme-challenge
 fi
 
+# migrate deprecated opts
+# shellcheck disable=SC2155
+handle_cert() {
+       local section="$1"
+       local use_staging=$(uci_get acme "$section" use_staging)
+       if [ -n "$use_staging" ]; then
+               uci_remove acme "$section" use_staging
+               local staging=$(uci_get acme "$section" staging)
+               if [ -z "$staging" ]; then
+                       uci_set acme "$section" staging "$use_staging"
+               fi
+       fi
+
+       local keylength=$(uci_get acme "$section" keylength)
+       if [ -n "$keylength" ]; then
+               uci_remove acme "$section" keylength
+               local key_type=$(uci_get acme "$section" key_type)
+               if [ -z "$key_type" ]; then
+                       case $keylength in
+                       ec-*) key_type=${keylength/-/} ;;
+                       *) key_type=rsa$keylength ;;
+                       esac
+                       uci_set acme "$section" key_type "$key_type"
+               fi
+       fi
+
+       local standalone=$(uci_get acme "$section" standalone)
+       [ -n "$standalone" ] && uci_remove acme "$section" standalone
+       local dns=$(uci_get acme "$section" dns)
+       local validation_method=$(uci_get acme "$section" validation_method)
+       if [ -z "$validation_method" ]; then
+               if [ -n "$dns" ]; then
+                       validation_method="dns"
+               elif [ "$standalone" = 1 ]; then
+                       validation_method="standalone"
+               else
+                       validation_method="webroot"
+               fi
+               uci_set acme "$section" validation_method "$validation_method"
+       fi
+}
+
+config_load acme
+config_foreach handle_cert cert
+uci_commit
+
 grep -q '/etc/init.d/acme' /etc/crontabs/root 2>/dev/null && exit 0
 echo "0 0 * * * /etc/init.d/acme start" >>/etc/crontabs/root