git: 4c913ef6e182 - main - security/lfacme: a simple ACME client based on uacme
Date: Tue, 17 Jun 2025 17:13:40 UTC
The branch main has been updated by ivy:
URL: https://cgit.FreeBSD.org/ports/commit/?id=4c913ef6e182a4505171518025cc855b593cd498
commit 4c913ef6e182a4505171518025cc855b593cd498
Author: Lexi Winter <ivy@FreeBSD.org>
AuthorDate: 2025-06-17 17:12:50 +0000
Commit: Lexi Winter <ivy@FreeBSD.org>
CommitDate: 2025-06-17 17:12:50 +0000
security/lfacme: a simple ACME client based on uacme
Reviewed by: arrowd, des
Approved by: arrowd (ports), des (mentor)
Differential Revision: https://reviews.freebsd.org/D50701
---
security/lfacme/Makefile | 20 ++++++++++++++++++++
security/lfacme/distinfo | 3 +++
security/lfacme/files/pkg-message.in | 17 +++++++++++++++++
security/lfacme/pkg-descr | 6 ++++++
security/lfacme/pkg-plist | 24 ++++++++++++++++++++++++
5 files changed, 70 insertions(+)
diff --git a/security/lfacme/Makefile b/security/lfacme/Makefile
new file mode 100644
index 000000000000..6368e43e2ab5
--- /dev/null
+++ b/security/lfacme/Makefile
@@ -0,0 +1,20 @@
+PORTNAME= lfacme
+DISTVERSIONPREFIX=v
+DISTVERSION= 1.0
+CATEGORIES= security www
+
+MAINTAINER= ivy@FreeBSD.org
+COMMENT= Simple ACME client based on uacme
+WWW= https://github.com/llfw/lfacme
+
+LICENSE= PD
+
+RUN_DEPENDS= uacme:security/uacme
+
+USE_GITHUB= yes
+GH_ACCOUNT= llfw
+GH_PROJECT= lfacme
+
+SUB_FILES= pkg-message
+
+.include <bsd.port.mk>
diff --git a/security/lfacme/distinfo b/security/lfacme/distinfo
new file mode 100644
index 000000000000..59d6ce161439
--- /dev/null
+++ b/security/lfacme/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1749137518
+SHA256 (llfw-lfacme-v1.0_GH0.tar.gz) = 9d96ccf30781de6c436d1846144b944a487de9b754573ecb6c7ed3e1e7ede33d
+SIZE (llfw-lfacme-v1.0_GH0.tar.gz) = 14226
diff --git a/security/lfacme/files/pkg-message.in b/security/lfacme/files/pkg-message.in
new file mode 100644
index 000000000000..05ed50a35268
--- /dev/null
+++ b/security/lfacme/files/pkg-message.in
@@ -0,0 +1,17 @@
+[
+{ type: install
+ message: <<EOM
+Sample configuration files have been installed in %%PREFIX%%/etc/lfacme.
+Edit these as required, then run "lfacme setup" to create an ACME account.
+Run "lfacme renew" to issue certificates.
+
+To enable the daily periodic script to renew certificates, set:
+
+ daily_lfacme_enable=YES
+
+in /etc/periodic.conf.
+
+Refer to lfacme(8) for further documentation.
+EOM
+}
+]
diff --git a/security/lfacme/pkg-descr b/security/lfacme/pkg-descr
new file mode 100644
index 000000000000..1ed3e4e495f2
--- /dev/null
+++ b/security/lfacme/pkg-descr
@@ -0,0 +1,6 @@
+lfacme is a simple ACME client based on uacme. It allows TLS certificates
+to be issued and renewed using an ACME-based certificate provider, such as
+Let's Encrypt.
+
+lfacme includes support for HTTP- and DNS-based ACME domain validation,
+including Kerberos-authenticated Dynamic DNS updates.
diff --git a/security/lfacme/pkg-plist b/security/lfacme/pkg-plist
new file mode 100644
index 000000000000..102b3ec663e8
--- /dev/null
+++ b/security/lfacme/pkg-plist
@@ -0,0 +1,24 @@
+@sample %%ETCDIR%%/acme.conf.sample
+@sample %%ETCDIR%%/domains.conf.sample
+%%ETCDIR%%/hooks/example-hook
+etc/periodic/daily/900.lfacme
+sbin/lfacme
+%%DATADIR%%/challenge/dns
+%%DATADIR%%/challenge/http
+%%DATADIR%%/challenge/kerberos
+%%DATADIR%%/challenge/ualpn
+%%DATADIR%%/command/cert.sh
+%%DATADIR%%/command/renew.sh
+%%DATADIR%%/command/setup.sh
+%%DATADIR%%/dnsutils.sh
+%%DATADIR%%/init.sh
+share/man/man5/acme.conf.5.gz
+share/man/man5/domains.conf.5.gz
+share/man/man7/lfacme-dns.7.gz
+share/man/man7/lfacme-http.7.gz
+share/man/man7/lfacme-kerberos.7.gz
+share/man/man7/lfacme-ualpn.7.gz
+share/man/man8/lfacme-cert.8.gz
+share/man/man8/lfacme-renew.8.gz
+share/man/man8/lfacme-setup.8.gz
+share/man/man8/lfacme.8.gz