system/letsencrypt: Updated for version 0.21.0.

Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>

4 files changed, 46 insertions, 39 deletions

diff --git a/system/letsencrypt/README.Slackware b/system/letsencrypt/README.Slackware
index 25d059ca39..0558cc5ba7 100644
--- a/system/letsencrypt/README.Slackware
+++ b/system/letsencrypt/README.Slackware
@@ -1,44 +1,18 @@
 PLUGINS SUPPORT
 letsencrypt support five plugins to obtain/install certificates and many more to come in the future.
-However, we will only cover standalone and apache plugin. Using apache plugin is the recommended way
-as it doesn't require the webserver to be taken offline causing downtime during validation.
+Using apache plugin is the recommended way as it doesn't require the webserver to be taken offline
+causing downtime during validation.
 
 All domain-spesific configuration files are stored in /etc/letsencrypt/live/<DOMAIN-NAME>
 Once certificate is created, you need to enable SSL module in httpd.conf and configure httpd-ssl.conf
 
-OBTAINING CERTIFICATE USING STANDALONE PLUGIN
-Here's what i use to create a certificate using port 443 for domain validation
-certbot certonly --webroot-path=<DOCUMENT-ROOT> --preferred-challenges tls-sni-01 -d <DOMAIN-NAME> \
---email <ADMIN-EMAIL> --renew-by-default --agree-tos --text --standalone
-
-If you want to use port 80 for domain validation, replace
---preferred-challenges tls-sni-01
-with
---preferred-challenges http-01
-
 Since 0.14.1, letsencrypt is able to generate/renew all certificates for all of your configured vhost domains.
 Just run letsencrypt or certbot and you will see all domains are available.
 
-NOTE:
-You need to make sure that the port (80 or 443) is NOT USED before running above command (ie. you may need to
-temporarily stop your exising webserver)
-
-OBTAINING CERTIFICATE USING APACHE PLUGIN
-Thanks to Eric Pratt, certbot/letsencrypt's Apache Plugin is now working well with Slackware.
-
-Here's what i use to create a certificate using port 443 for domain validation
-certbot certonly --apache --webroot-path=<DOCUMENT-ROOT> --preferred-challenges tls-sni-01 -d <DOMAIN-NAME> \
---email <ADMIN-EMAIL> --renew-by-default --agree-tos --text
-
 RENEWAL PROCESS
 Best way to automate the certificate renewal is by using cron service.
-Create a bash script in /etc/cron.monthly that does the following actions (depending on which plugin you used):
-Standalone: - turn off httpd service
-            - give some delay (2s is enough)
-            - run the same command generate the certificate to renew automatically
-            - start httpd service
-Apache Plugin: run the same command to generate the certificate to renew automatically or use
-               letsencrypt renew (it will automatically renew when the expired date is less than few weeks).
+Create a bash script in /etc/cron.monthly that does the following actions:
+  letsencrypt renew (it will automatically renew when the expired date is less than few weeks).
 
 RATE LIMIT
 Rate limit on registrations per IP is now 500 per 3 hours.
@@ -67,9 +41,8 @@ rsa-key-size = 4096
 # Uncomment to use a text interface instead of ncurses
 # text = True
 
-# Uncomment to use the standalone or apache authenticator on port 443
-# authenticator = standalone / apache
-# preferred-challenges = tls-sni-01
+# Uncomment to use the apache authenticator
+# authenticator = apache
 
 # Uncomment to use the webroot authenticator. Replace webroot-path with the
 # path to the public_html / webroot folder being served by your web server.
diff --git a/system/letsencrypt/configurator.patch b/system/letsencrypt/configurator.patch
new file mode 100644
index 0000000000..cca84f2518
--- /dev/null
+++ b/system/letsencrypt/configurator.patch
@@ -0,0 +1,33 @@
+--- certbot-0.21.0/certbot-apache/certbot_apache/configurator.py.old	2018-01-19 05:16:48.965843221 +0700
++++ certbot-0.21.0/certbot-apache/certbot_apache/configurator.py	2018-01-19 05:35:24.916445040 +0700
+@@ -89,20 +89,20 @@
+     description = "Apache Web Server plugin - Beta"
+ 
+     OS_DEFAULTS = dict(
+-        server_root="/etc/apache2",
+-        vhost_root="/etc/apache2/sites-available",
+-        vhost_files="*",
+-        logs_root="/var/log/apache2",
+-        version_cmd=['apache2ctl', '-v'],
+-        apache_cmd="apache2ctl",
+-        restart_cmd=['apache2ctl', 'graceful'],
+-        conftest_cmd=['apache2ctl', 'configtest'],
++        server_root="/etc/httpd",
++        vhost_root="/etc/httpd/extra",
++        vhost_files="httpd-vhosts.conf",
++        logs_root="/var/log/httpd",
++        version_cmd=['apachectl', '-v'],
++        apache_cmd="apachectl",
++        restart_cmd=['apachectl', 'graceful'],
++        conftest_cmd=['apachectl', 'configtest'],
+         enmod=None,
+         dismod=None,
+-        le_vhost_ext="-le-ssl.conf",
++        le_vhost_ext="",
+         handle_mods=False,
+         handle_sites=False,
+-        challenge_location="/etc/apache2",
++        challenge_location="/etc/httpd",
+         MOD_SSL_CONF_SRC=pkg_resources.resource_filename(
+             "certbot_apache", "options-ssl-apache.conf")
+     )
diff --git a/system/letsencrypt/letsencrypt.SlackBuild b/system/letsencrypt/letsencrypt.SlackBuild
index 5f9097d3c3..b68a4159fb 100644
--- a/system/letsencrypt/letsencrypt.SlackBuild
+++ b/system/letsencrypt/letsencrypt.SlackBuild
@@ -2,7 +2,7 @@
 
 # Slackware build script for letsencrypt
 
-# Copyright 2015-2017 Willy Sudiarto Raharjo <willysr@slackbuilds.org>
+# Copyright 2015-2018 Willy Sudiarto Raharjo <willysr@slackbuilds.org>
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -24,7 +24,7 @@
 
 PRGNAM=letsencrypt
 SRCNAM=certbot
-VERSION=${VERSION:-0.19.0}
+VERSION=${VERSION:-0.21.0}
 BUILD=${BUILD:-1}
 TAG=${TAG:-_SBo}
 
@@ -73,6 +73,7 @@ find -L . \
 sed -i "/'argparse',/d" setup.py
 sed -i "/'argparse',/d" acme/setup.py
 sed -i 's/apache2ctl/apachectl/' certbot-apache/certbot_apache/constants.py
+patch -p1 < $CWD/configurator.patch
 
 for i in $(grep -ri /apache2 * | cut -d: -f1 | sort -u)
 do
diff --git a/system/letsencrypt/letsencrypt.info b/system/letsencrypt/letsencrypt.info
index fd775f552c..605a4d6ff1 100644
--- a/system/letsencrypt/letsencrypt.info
+++ b/system/letsencrypt/letsencrypt.info
@@ -1,10 +1,10 @@
 PRGNAM="letsencrypt"
-VERSION="0.19.0"
+VERSION="0.21.0"
 HOMEPAGE="https://letsencrypt.org/"
-DOWNLOAD="https://github.com/certbot/certbot/archive/v0.19.0/certbot-0.19.0.tar.gz"
-MD5SUM="3eeaceb7fe5b514807d8b7f4af57edc1"
+DOWNLOAD="https://github.com/certbot/certbot/archive/v0.21.0/certbot-0.21.0.tar.gz"
+MD5SUM="d95c4aca9e3e19f5c4a87975283245a4"
 DOWNLOAD_x86_64=""
 MD5SUM_x86_64=""
-REQUIRES="configobj mock python-requests pytz python2-pythondialog zope.component pyrfc3339 psutil python-parsedatetime python-configargparse werkzeug ndg_httpsclient python-augeas pyparsing"
+REQUIRES="configobj mock python-requests pytz python2-pythondialog zope.component pyrfc3339 psutil python-parsedatetime python-configargparse werkzeug ndg_httpsclient python-augeas pyparsing josepy"
 MAINTAINER="Willy Sudiarto Raharjo"
 EMAIL="willysr@slackbuilds.org"