acme: add support for user-provided setup and cleanup scripts

Add possibility for user to provide setup and cleanup scripts for
additional flexibility. Setup-script takes precedence over the built-in
behavior of acme.

This helps users with more complex use-cases to utilize acme to update
certificates without adding complexity to the provided run.sh script.

Signed-off-by: Antti Seppälä <a.seppala@gmail.com>

diff --git a/net/acme/Makefile b/net/acme/Makefile
index bc09029102d9b0ebfffd14e544c3f5c383d3aef0..e3a4e13161a895d696efad89b1c441622cb30f2c 100644 (file)
--- a/net/acme/Makefile
+++ b/net/acme/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=acme
 PKG_VERSION:=2.8.5
-PKG_RELEASE:=3
+PKG_RELEASE:=4
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/Neilpang/acme.sh/tar.gz/$(PKG_VERSION)?

diff --git a/net/acme/files/acme.config b/net/acme/files/acme.config
index 313481f3b30e1d1fcf47fccf55605d9901ef8dd9..7231d7b4238bbd9335e088658fba9f7f8f3fa203 100644 (file)
--- a/net/acme/files/acme.config
+++ b/net/acme/files/acme.config
@@ -11,4 +11,6 @@ config cert 'example'
        option update_nginx 1
        option webroot ""
        option dns ""
+       # option user_setup "path-to-custom-setup.script"
+       # option user_cleanup "path-to-custom-cleanup.script"
        list domains example.org

diff --git a/net/acme/files/run.sh b/net/acme/files/run.sh
index bec94bcceaf4182108a42957699447eeccc16507..a903277fbf84f3fcf010c84b4de6e4d3dfceb7d0 100644 (file)
--- a/net/acme/files/run.sh
+++ b/net/acme/files/run.sh
@@ -20,6 +20,7 @@ DEBUG=0
 NGINX_WEBSERVER=0
 UPDATE_NGINX=0
 UPDATE_UHTTPD=0
+USER_CLEANUP=
 
 . /lib/functions.sh
 
@@ -148,6 +149,11 @@ post_checks()
         NGINX_WEBSERVER=0
         /etc/init.d/nginx restart
     fi
+
+    if [ -n "$USER_CLEANUP" ] && [ -f "$USER_CLEANUP" ]; then
+        log "Running user-provided cleanup script from $USER_CLEANUP."
+        "$USER_CLEANUP" || return 1
+    fi
 }
 
 err_out()
@@ -190,6 +196,8 @@ issue_cert()
     local failed_dir
     local webroot
     local dns
+    local user_setup
+    local user_cleanup
     local ret
     local domain_dir
 
@@ -201,9 +209,12 @@ issue_cert()
     config_get keylength "$section" keylength
     config_get webroot "$section" webroot
     config_get dns "$section" dns
+    config_get user_setup "$section" user_setup
+    config_get user_cleanup "$section" user_cleanup
 
     UPDATE_NGINX=$update_nginx
     UPDATE_UHTTPD=$update_uhttpd
+    USER_CLEANUP=$user_cleanup
 
     [ "$enabled" -eq "1" ] || return
 
@@ -212,7 +223,12 @@ issue_cert()
     set -- $domains
     main_domain=$1
 
-    [ -n "$webroot" ] || [ -n "$dns" ] || pre_checks "$main_domain" || return 1
+    if [ -n "$user_setup" ] && [ -f "$user_setup" ]; then
+        log "Running user-provided setup script from $user_setup."
+        "$user_setup" "$main_domain" || return 1
+    else
+        [ -n "$webroot" ] || [ -n "$dns" ] || pre_checks "$main_domain" || return 1
+    fi
 
     if echo $keylength | grep -q "^ec-"; then
         domain_dir="$STATE_DIR/${main_domain}_ecc"