From 120874af757a7d2a0bc904c144eac4634b8c2713 Mon Sep 17 00:00:00 2001
From: Calin Crisan <ccrisan@gmail.com>
Date: Thu, 31 Oct 2019 23:23:20 +0200
Subject: [PATCH 1/7] Busybox: enable mktemp applet

---
 board/common/busybox.config | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/board/common/busybox.config b/board/common/busybox.config
index f70c01fc58..5e4ecca396 100644
--- a/board/common/busybox.config
+++ b/board/common/busybox.config
@@ -1,7 +1,7 @@
 #
 # Automatically generated make config: don't edit
-# Busybox version: 1.29.2
-# Fri Feb  1 22:19:53 2019
+# Busybox version: 1.29.3
+# Thu Oct 31 23:22:38 2019
 #
 CONFIG_HAVE_DOT_CONFIG=y
 
@@ -266,7 +266,7 @@ CONFIG_FEATURE_MD5_SHA1_SUM_CHECK=y
 CONFIG_MKDIR=y
 CONFIG_MKFIFO=y
 CONFIG_MKNOD=y
-# CONFIG_MKTEMP is not set
+CONFIG_MKTEMP=y
 CONFIG_MV=y
 CONFIG_NICE=y
 CONFIG_NL=y
@@ -500,7 +500,7 @@ CONFIG_FEATURE_SHADOWPASSWDS=y
 # CONFIG_USE_BB_PWD_GRP is not set
 # CONFIG_USE_BB_SHADOW is not set
 CONFIG_USE_BB_CRYPT=y
-# CONFIG_USE_BB_CRYPT_SHA is not set
+CONFIG_USE_BB_CRYPT_SHA=y
 # CONFIG_ADDGROUP is not set
 # CONFIG_FEATURE_ADDUSER_TO_GROUP is not set
 # CONFIG_ADD_SHELL is not set

From 24200be6a255bfb6947c23bf6f9188a857efe72e Mon Sep 17 00:00:00 2001
From: Calin Crisan <ccrisan@gmail.com>
Date: Thu, 31 Oct 2019 23:57:44 +0200
Subject: [PATCH 2/7] Add /etc/dehydrated/config

---
 board/common/overlay/etc/dehydrated/config | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 board/common/overlay/etc/dehydrated/config

diff --git a/board/common/overlay/etc/dehydrated/config b/board/common/overlay/etc/dehydrated/config
new file mode 100644
index 0000000000..fa322f8dd2
--- /dev/null
+++ b/board/common/overlay/etc/dehydrated/config
@@ -0,0 +1,6 @@
+BASEDIR="/var/lib/dehydrated"
+DOMAINS_TXT="/data/etc/ssl/domain"
+WELLKNOWN="/tmp/dehydrated"
+HOOK="/usr/libexec/dehydrated-hook"
+CONTACT_EMAIL="$(</data/etc/ssl/email)"
+AUTO_CLEANUP="yes"

From 822c04d4243b69864c26730ae19d2bf10249eb23 Mon Sep 17 00:00:00 2001
From: Calin Crisan <ccrisan@gmail.com>
Date: Thu, 31 Oct 2019 23:58:11 +0200
Subject: [PATCH 3/7] Dehydrated: add libexec helpers

---
 .../overlay/usr/libexec/dehydrated-dumb-httpd | 27 +++++++++++++++++++
 .../overlay/usr/libexec/dehydrated-hook       | 15 +++++++++++
 2 files changed, 42 insertions(+)
 create mode 100755 board/common/overlay/usr/libexec/dehydrated-dumb-httpd
 create mode 100755 board/common/overlay/usr/libexec/dehydrated-hook

diff --git a/board/common/overlay/usr/libexec/dehydrated-dumb-httpd b/board/common/overlay/usr/libexec/dehydrated-dumb-httpd
new file mode 100755
index 0000000000..9130f7a7a4
--- /dev/null
+++ b/board/common/overlay/usr/libexec/dehydrated-dumb-httpd
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+CHALLENGE="$1"
+PORT=80
+LIFETIME=10
+
+if [[ -z "${CHALLENGE}" ]]; then
+    echo "Usage $0 <challenge>"
+    exit 1
+fi
+
+function make_response() {
+    echo -en "HTTP/1.1 200 OK\r\n"
+    echo -en "Content-Length: ${#CHALLENGE}\r\n"
+    echo -en "Content-Type: text/plain\r\n"
+    echo -en "Connection: close\r\n\r\n${CHALLENGE}"
+}
+
+start_time=$(date +%s)
+echo "Dumb httpd started"
+while true; do
+    make_response | nc -l -w "${LIFETIME}" -p ${PORT} >/dev/null
+    if (( $(date +%s) - ${start_time} > ${LIFETIME} )); then
+        break
+    fi
+done
+echo "Dumb httpd exit"
diff --git a/board/common/overlay/usr/libexec/dehydrated-hook b/board/common/overlay/usr/libexec/dehydrated-hook
new file mode 100755
index 0000000000..020150f294
--- /dev/null
+++ b/board/common/overlay/usr/libexec/dehydrated-hook
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+SSL_DIR="/data/etc/ssl"
+CERT_FILE="${SSL_DIR}/cert.pem"
+KEY_FILE="${SSL_DIR}/privkey.pem"
+
+if [[ "$1" == "deploy_challenge" ]]; then
+    /usr/libexec/dehydrated-dumb-httpd "$4" &
+elif [[ "$1" == "deploy_cert" ]]; then
+    logger -t dehydrated "deploying certificate & rebooting"
+    mkdir -p "${SSL_DIR}"
+    cp "$3" "${KEY_FILE}"
+    cp "$4" "${CERT_FILE}"
+    reboot
+fi

From 250857f10f52c2f5b0d427adc2c7ad3eb60bc7ad Mon Sep 17 00:00:00 2001
From: Calin Crisan <ccrisan@gmail.com>
Date: Thu, 31 Oct 2019 23:58:29 +0200
Subject: [PATCH 4/7] Dehydrated: add cron helper

---
 board/common/overlay/etc/crontabs/root           |  2 +-
 board/common/overlay/usr/sbin/dehydrated-wrapper | 16 ++++++++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100755 board/common/overlay/usr/sbin/dehydrated-wrapper

diff --git a/board/common/overlay/etc/crontabs/root b/board/common/overlay/etc/crontabs/root
index b106e1c3a3..bf0d404956 100644
--- a/board/common/overlay/etc/crontabs/root
+++ b/board/common/overlay/etc/crontabs/root
@@ -1,2 +1,2 @@
 14 3 * * * /usr/sbin/logrotate /etc/logrotate.conf
-
+0 2 * * 0 /usr/sbin/dehydrated-wrapper
diff --git a/board/common/overlay/usr/sbin/dehydrated-wrapper b/board/common/overlay/usr/sbin/dehydrated-wrapper
new file mode 100755
index 0000000000..2d31c273af
--- /dev/null
+++ b/board/common/overlay/usr/sbin/dehydrated-wrapper
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+PROG="/usr/bin/dehydrated"
+BASE_DIR="/var/lib/dehydrated"
+TMP_DIR="/tmp/dehydrated"
+SSL_DIR="/data/etc/ssl"
+
+if ! [[ -x "${PROG}" && -r "${SSL_DIR}/domain" && -r "${SSL_DIR}/email" ]]; then
+    exit 0  # not installed or not configured
+fi
+
+mkdir -p "${BASE_DIR}"
+mkdir -p "${TMP_DIR}"
+
+logger -t dehydrated "checking for certificate renewal"
+dehydrated -c

From 354c7872ff5bca6df705199aa9bc9b70ce6a803b Mon Sep 17 00:00:00 2001
From: Calin Crisan <ccrisan@gmail.com>
Date: Fri, 1 Nov 2019 19:54:34 +0200
Subject: [PATCH 5/7] Add dynamic DNS update helper

---
 board/common/overlay/etc/crontabs/root      |  1 +
 board/common/overlay/usr/sbin/dyndns-update | 10 ++++++++++
 2 files changed, 11 insertions(+)
 create mode 100644 board/common/overlay/usr/sbin/dyndns-update

diff --git a/board/common/overlay/etc/crontabs/root b/board/common/overlay/etc/crontabs/root
index bf0d404956..9572f6559f 100644
--- a/board/common/overlay/etc/crontabs/root
+++ b/board/common/overlay/etc/crontabs/root
@@ -1,2 +1,3 @@
 14 3 * * * /usr/sbin/logrotate /etc/logrotate.conf
 0 2 * * 0 /usr/sbin/dehydrated-wrapper
+*/15 * * * * /usr/sbin/dyndns-update
diff --git a/board/common/overlay/usr/sbin/dyndns-update b/board/common/overlay/usr/sbin/dyndns-update
new file mode 100644
index 0000000000..d44c23ecb3
--- /dev/null
+++ b/board/common/overlay/usr/sbin/dyndns-update
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+SCRIPT="/data/etc/dyndns-update.sh"
+
+if ! [[ -f "${SCRIPT}" ]]; then
+    exit 0
+fi
+
+logger -t dyndns "updating dynamic DNS"
+bash "${SCRIPT}" 2>&1 | logger -t dyndns

From 0d9d4089e4bc062660e86022d6ef9162e479dbb2 Mon Sep 17 00:00:00 2001
From: Calin Crisan <ccrisan@gmail.com>
Date: Fri, 1 Nov 2019 20:04:23 +0200
Subject: [PATCH 6/7] Add S97dyndns init script

---
 board/common/overlay/etc/init.d/S97dyndns   | 27 +++++++++++++++++++++
 board/common/overlay/usr/sbin/dyndns-update |  1 +
 2 files changed, 28 insertions(+)
 create mode 100755 board/common/overlay/etc/init.d/S97dyndns

diff --git a/board/common/overlay/etc/init.d/S97dyndns b/board/common/overlay/etc/init.d/S97dyndns
new file mode 100755
index 0000000000..4b8e515315
--- /dev/null
+++ b/board/common/overlay/etc/init.d/S97dyndns
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+PROG="/usr/sbin/dyndns-update"
+SCRIPT="/data/etc/dyndns-update.sh"
+
+
+test -s ${SCRIPT} || exit 0
+
+test -n "${OS_VERSION}" || source /etc/init.d/base
+
+case "$1" in
+    start)
+        msg_begin "Updating dynamic DNS"
+        ${PROG} &>/dev/null
+        test $? == 0 && msg_done || msg_fail
+        ;;
+
+    stop)
+        true
+        ;;
+
+    *)
+        echo "Usage: $0 {start}"
+        exit 1
+esac
+
+exit $?
diff --git a/board/common/overlay/usr/sbin/dyndns-update b/board/common/overlay/usr/sbin/dyndns-update
index d44c23ecb3..dde7a7e8b7 100644
--- a/board/common/overlay/usr/sbin/dyndns-update
+++ b/board/common/overlay/usr/sbin/dyndns-update
@@ -8,3 +8,4 @@ fi
 
 logger -t dyndns "updating dynamic DNS"
 bash "${SCRIPT}" 2>&1 | logger -t dyndns
+exit ${PIPESTATUS[0]}

From 02aa7aa1912af8e14c18de3e588773d82a46d1bc Mon Sep 17 00:00:00 2001
From: Calin Crisan <ccrisan@gmail.com>
Date: Sun, 3 Nov 2019 11:04:34 +0200
Subject: [PATCH 7/7] dehydrated: update to 0.6.5

---
 package/dehydrated/dehydrated.hash | 4 ++--
 package/dehydrated/dehydrated.mk   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/dehydrated/dehydrated.hash b/package/dehydrated/dehydrated.hash
index 1d194e5a7d..388dd24749 100644
--- a/package/dehydrated/dehydrated.hash
+++ b/package/dehydrated/dehydrated.hash
@@ -1,6 +1,6 @@
 # Locally computed after verifying
-# https://github.com/lukas2511/dehydrated/releases/download/v0.6.2/dehydrated-0.6.2.tar.gz.asc
+# https://github.com/lukas2511/dehydrated/releases/download/v0.6.5/dehydrated-0.6.5.tar.gz.asc
 # with key 3C2F2605E078A1E18F4793909C4DBE6CF438F333 from https://keybase.io/lukas2511
-sha256  163384479199f06f59382ceb6291a299567a2f4f0b963b9b61f2db65a407e80e  dehydrated-0.6.2.tar.gz
+sha256  10aabd0027450bc70a18e49acaca7a9697e0cfb92368d3e508b7a4d6d69bfa35 dehydrated-0.6.5.tar.gz
 # License, locally computed
 sha256  b4583b7dd07e3e2a08906de38e7e329d41f921ed9dcb6310b3886e013a6b8723  LICENSE
diff --git a/package/dehydrated/dehydrated.mk b/package/dehydrated/dehydrated.mk
index b7de27a407..17c67b8478 100644
--- a/package/dehydrated/dehydrated.mk
+++ b/package/dehydrated/dehydrated.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-DEHYDRATED_VERSION = 0.6.2
+DEHYDRATED_VERSION = 0.6.5
 DEHYDRATED_SITE = https://github.com/lukas2511/dehydrated/releases/download/v$(DEHYDRATED_VERSION)
 
 DEHYDRATED_LICENSE = MIT