From: Sergey Ponomarev Date: Sat, 1 Jun 2024 11:07:37 +0000 (+0300) Subject: acme-common: migrate deprecated options X-Git-Url: http://git.99rst.org/?a=commitdiff_plain;h=56e98f78b851bda0f709025b9aebbe0e2fbd04a4;p=openwrt-packages.git acme-common: migrate deprecated options Add to uci-defaults script a migration from old deprecated options to new: use_staging to staging keylength to key_type remove standalone add missing validation_method We still support the old options in the acme.init if old config was copied after installing of the newer version of the acme-common. Signed-off-by: Sergey Ponomarev --- diff --git a/net/acme-common/Makefile b/net/acme-common/Makefile index 2543830f8..8e012dfb0 100644 --- a/net/acme-common/Makefile +++ b/net/acme-common/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=acme-common -PKG_VERSION:=1.3.0 +PKG_VERSION:=1.4.0 PKG_MAINTAINER:=Toke Høiland-Jørgensen PKG_LICENSE:=GPL-3.0-only diff --git a/net/acme-common/files/acme.uci-defaults b/net/acme-common/files/acme.uci-defaults index 578cc6eff..ca3836531 100644 --- a/net/acme-common/files/acme.uci-defaults +++ b/net/acme-common/files/acme.uci-defaults @@ -1,9 +1,57 @@ #!/bin/sh +. /lib/functions.sh + # Create a symlink to webroot if [ -d /www/ ] && [ ! -L /www/.well-known/acme-challenge ] && [ ! -d /www/.well-known/acme-challenge/ ]; then mkdir -p /www/.well-known/ ln -s /var/run/acme/challenge/ /www/.well-known/acme-challenge fi +# migrate deprecated opts +# shellcheck disable=SC2155 +handle_cert() { + local section="$1" + local use_staging=$(uci_get acme "$section" use_staging) + if [ -n "$use_staging" ]; then + uci_remove acme "$section" use_staging + local staging=$(uci_get acme "$section" staging) + if [ -z "$staging" ]; then + uci_set acme "$section" staging "$use_staging" + fi + fi + + local keylength=$(uci_get acme "$section" keylength) + if [ -n "$keylength" ]; then + uci_remove acme "$section" keylength + local key_type=$(uci_get acme "$section" key_type) + if [ -z "$key_type" ]; then + case $keylength in + ec-*) key_type=${keylength/-/} ;; + *) key_type=rsa$keylength ;; + esac + uci_set acme "$section" key_type "$key_type" + fi + fi + + local standalone=$(uci_get acme "$section" standalone) + [ -n "$standalone" ] && uci_remove acme "$section" standalone + local dns=$(uci_get acme "$section" dns) + local validation_method=$(uci_get acme "$section" validation_method) + if [ -z "$validation_method" ]; then + if [ -n "$dns" ]; then + validation_method="dns" + elif [ "$standalone" = 1 ]; then + validation_method="standalone" + else + validation_method="webroot" + fi + uci_set acme "$section" validation_method "$validation_method" + fi +} + +config_load acme +config_foreach handle_cert cert +uci_commit + grep -q '/etc/init.d/acme' /etc/crontabs/root 2>/dev/null && exit 0 echo "0 0 * * * /etc/init.d/acme start" >>/etc/crontabs/root