Process by which the pfSense ACME plugin is updated



  • Hi,

    What is the process by which this pfSense package is updated from the acme.sh upstream project?

    Some colleagues and I use the Linode DNS v4 plugin on several devices and want to also use it on our pfSense firewall. A few days ago I created a PR on acme.sh which was finally merged into master which would allow everyone who uses Linode DNS to get a Let's Encrypt certificate on their own firewalls. Temporarily we can place the updated dns_linode_v4.sh script into place on our pfSense filesystem to get the fix.

    I did some grepping in FreeBSD-ports/security/pfSense-pkg-acme/, but couldn't find an upstream commit hash or some other tell. Could an upstream commit hash be added to one of the metadata files such as FreeBSD-ports/security/pfSense-pkg-acme/files/usr/local/share/pfSense-pkg-acme/info.xml ?


  • Rebel Alliance Developer Netgate

    I keep a personal copy of the acme.sh repo with our changes applied which gets copied into the pfSense package when I update.

    Trying to keep an upstream commit reference would be a pain to maintain and would too easily be forgotten. You can get a good idea of when the last update was by looking at the commit log for the package Makefile.



  • Thanks Jim! Would you be open to receiving help to make acme.sh work natively with pfSense rather than having to keep a separate fork? I imagine that must be a maintenance burden for the team.


  • Rebel Alliance Developer Netgate

    We have a few changes that I doubt they'd want or accept. It's not a big deal really. Things rarely conflict. I just merge from upstream, copy the files over, and test.


Log in to reply