define Package/acme-acmesh-dnsapi/description
This package provides DNS API integration for ACME (Letsencrypt) client.
- scripts are from acme.sh
endef
define Package/acme-acmesh-dnsapi/install
include $(TOPDIR)/rules.mk
PKG_NAME:=uacme
-PKG_VERSION:=1.7.6
+PKG_VERSION:=1.8.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/ndilieto/uacme/tar.gz/upstream/$(PKG_VERSION)?
-PKG_HASH:=d11a86ac2a0dbf285de27dff4193c65f7f3736da3d0480049af50d305940e0d6
+PKG_HASH:=de7588577f8298dcb0d42dfaa9452a918fa692c4e165060207ac22f72fb0425d
PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
PKG_LICENSE:=GPL-3.0-or-later
$(INSTALL_BIN) ./files/hook.sh $(1)/usr/lib/acme/hook
$(INSTALL_BIN) ./files/httpchalhook.sh $(1)/usr/lib/acme/client/httpchalhook.sh
+ $(INSTALL_BIN) ./files/dns_persist.sh $(1)/usr/lib/acme/client/dns_persist.sh
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/uacme $(1)/usr/sbin/uacme
endef
$(INSTALL_DIR) \
$(1)/usr/lib/acme/client
- $(INSTALL_BIN) ./files/dnschalhook.sh $(1)/usr/lib/acme/client/dnschalhook.sh
- $(INSTALL_BIN) ./files/dnsapi_helper.sh $(1)/usr/lib/acme/client/dnsapi_helper.sh
+ $(INSTALL_BIN) ./files/dnschalhook.sh $(1)/usr/lib/acme/client/dnschalhook.sh
+ $(INSTALL_BIN) ./files/dnsapi_helper.sh $(1)/usr/lib/acme/client/dnsapi_helper.sh
endef
$(eval $(call BuildPackage,uacme))
$(eval $(call BuildPackage,uacme-ualpn))
+$(eval $(call BuildPackage,uacme-dnsapi-adapter))
--- /dev/null
+#!/bin/sh
+# Copyright (C) 2019-2024 Nicola Di Lieto <nicola.dilieto@gmail.com>
+#
+# This file is part of uacme.
+#
+# uacme is free software: you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# uacme is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# Part of this is copied from acme.sh
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+# noop challange 'solver' for challenge type select
+
+ARGS=5
+E_BADARGS=85
+LOG_TAG=acme-uacme-dns-persist
+
+if test $# -ne "$ARGS"
+then
+ echo "Usage: $(basename "$0") method type ident token auth" 1>&2
+ exit $E_BADARGS
+fi
+
+METHOD=$1
+TYPE=$2
+IDENT=$3
+TOKEN=$4
+AUTH=$5
+
+if [ "$TYPE" != "dns-persist-01" ]; then
+ echo "skipping $TYPE" 1>&2
+ exit 1
+fi
+
+if [ "$METHOD" = "failed" ]; then
+ logger -t "$LOG_TAG" -p "daemon.info" -- "Create TXT record $AUTH at _validation-persist.$IDENT to authorize domain"
+fi
+
+exit 0
fi
set --
[ "$debug" = 1 ] && set -- "$@" -v
-#uacme doesn't rotate privkey
case $key_type in
ec*)
keylength=${key_type#ec}
set -- "$@" --days "$days"
fi
+ if [ "$cert_profile" ]; then
+ set -- "$@" --profile "$cert_profile"
+ fi
+
# uacme handles challange select by hook script
case "$validation_method" in
"alpn")
export dns_wait
fi
;;
+ "dns-persist")
+ set -- "$@" -h "$HOOKDIR/client/dns_persist.sh"
+ ;;
"standalone")
set -- "$@" --standalone --listen-v6
log err "standalone server is not implmented for uacme"
log info "$ACME $*"
trap '$NOTIFY issue-failed;exit 1' INT
- "$ACME" "$@" 2>&1
+ "$ACME" "$@" -k 2>&1
status=$?
trap - INT
git.99rst.org / openwrt-packages.git / commitdiff