Initial commit

* Add renewal timer

* Install libaugeas0 in python-augeas part build

This part needs libaugeas0 to build.

* Bump to 0.26.1

* Always act directly on upstream master

I want to keep this always working, so move to master. We can
reintroduce upstream stable releases when we are ready for general use.

Closes: #5

That particular issue seems to no longer happen. Presumably something
changed in upstream git or in PyPI. If it happens again, hopefully I'll
have CI against upstream master up by then and I'll be able to pin it
down.

* Add empty Travis build

* Add Travis automatic snap edge publication

* Add integration test

This uses upstream's test suite from their source tree to check the
built snap to make sure it behaves as expected, before attempting upload
to the store.

* Point Augeas to its lens library

Augeas defaults to looking in /usr/share/augeas/lenses, which in a snap
isn't found at this path, but inside $SNAP. So set AUGEAS_LENS_LIB to
where the lenses can be found within the snap.

This fixes the Apache plugin that uses Augeas.

snap/.travis.yml

@@ -0,0 +1,11 @@
+language: bash
+script: docker run -v $(pwd):$(pwd) -t snapcore/snapcraft sh -c "apt-get update -qq && cd $(pwd) && snapcraft" && sudo apt-get -y install snapd && sudo snap install --dangerous --classic *.snap && sudo bash test.bash
+sudo: required
+services:
+- docker
+deploy:
+  'on':
+    branch: master
+  provider: script
+  script: openssl aes-256-cbc -K $encrypted_edc9d3b1405a_key -iv $encrypted_edc9d3b1405a_iv -in .snapcraft/travis_snapcraft.cfg -out .snapcraft/snapcraft.cfg -d && docker run -v $(pwd):$(pwd) -t snapcore/snapcraft sh -c "cd $(pwd) && snapcraft push *.snap --release edge"
+  skip_cleanup: true

snap/snapcraft.yaml

@@ -0,0 +1,67 @@
+name: certbot
+version: script
+version-script: cd parts/certbot/src && git describe|sed s/^v//
+summary: Automatically configure HTTPS using Let's Encrypt
+description: |
+ The objective of Certbot, Let's Encrypt, and the ACME (Automated
+ Certificate Management Environment) protocol is to make it possible
+ to set up an HTTPS server and have it automatically obtain a
+ browser-trusted certificate, without any human intervention. This is
+ accomplished by running a certificate management agent on the web
+ server.
+ 
+ This agent is used to:
+   - Automatically prove to the Let's Encrypt CA that you control the website
+   - Obtain a browser-trusted certificate and set it up on your web server
+   - Keep track of when your certificate is going to expire, and renew it
+   - Help you revoke the certificate if that ever becomes necessary.
+confinement: classic
+grade: devel
+
+apps:
+  certbot:
+    command: certbot
+    environment:
+      PATH: "$SNAP/bin:$SNAP/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games"
+      AUGEAS_LENS_LIB: $SNAP/usr/share/augeas/lenses/dist
+  renew:
+    command: certbot -q renew
+    daemon: oneshot
+    environment:
+      PATH: "$SNAP/bin:$SNAP/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games"
+      AUGEAS_LENS_LIB: $SNAP/usr/share/augeas/lenses/dist
+    passthrough:
+        # Run approximately twice a day with randomization
+        timer: 00:00~24:00/2
+
+parts:
+  python-augeas:
+    plugin: python
+    source: git://github.com/basak/python-augeas
+    source-branch: snap
+    python-version: python2
+    build-packages: [libaugeas0]
+  certbot:
+    plugin: python
+    source: git://github.com/certbot/certbot
+    source-branch: master
+    python-version: python2
+    after: [python-augeas]
+  certbot-nginx:
+    plugin: python
+    source: git://github.com/certbot/certbot
+    source-branch: master
+    source-subdir: certbot-nginx
+    build-packages: [libaugeas-dev]
+    stage-packages: [libaugeas0]
+    after: [certbot]
+    python-version: python2
+  certbot-apache:
+    plugin: python
+    source: git://github.com/certbot/certbot
+    source-branch: master
+    source-subdir: certbot-apache
+    build-packages: [libaugeas-dev]
+    stage-packages: [libaugeas0]
+    after: [certbot]
+    python-version: python2

snap/test.bash

@@ -0,0 +1,34 @@
+#!/bin/bash
+
+set -ex
+
+apt-get -y install lsb-release net-tools wget python nginx
+
+wget https://github.com/docker/compose/releases/download/1.15.0-rc1/docker-compose-Linux-x86_64 -O /usr/local/bin/docker-compose
+chmod +x /usr/local/bin/docker-compose
+
+cat << EOF > /usr/local/bin/coverage
+#!/bin/bash -xe
+
+if [ "\$1" != "run" ]; then
+    exit 0;
+fi
+
+"\${@:7}"
+EOF
+chmod +x /usr/local/bin/coverage
+
+certbot_version=$(certbot --version 2>&1 | grep "^certbot" | cut -d " " -f 2)
+
+cd parts/certbot/src
+
+tests/boulder-fetch.sh
+until curl http://localhost:4000/directory 2>/dev/null; do
+  echo waiting for boulder
+  sleep 1
+done
+# Not needed under Travis Trusty?
+#sed -i "s/'1.3.6.1.5.5.7.1.24'/-e '1.3.6.1.5.5.7.1.24' -e 'status_request'/g" tests/certbot-boulder-integration.sh
+tests/boulder-integration.sh
+
+echo "Success!"