FreeBSD embedded systems like nas4free, FreeNAS etc. usually don't have curl and wget installed. The fetch(1) utility can't replace them, because it doesn't support POST and PUT requests. So I used this workaround to get curl running on this platform.
Full story in Issue #194.
Requirements
You need:
- a persistent storage (to save some files)
- your FreeBSD version and architecture (e.g. FreeBSD 10, x86-64)
1. Find curl and ca-root-nss packages
You need to get the curl binary and the ca-root-nss.crt containing trusted certificate authorities.
Search for the packages in the download archives: http://distcache.freebsd.org/
E.g., currently these would be for FreeBSD 10 x86-64:
- http://distcache.freebsd.org/freebsd:10:x86:64/latest/All/curl-7.49.0.txz
- http://distcache.freebsd.org/freebsd:10:x86:64/latest/All/ca_root_nss-3.22.2.txz
2. Download and extract
Replace the URLs found in step 1 above.
$ cd <path on your persistent storage> # e.g. nas4free: somewhere in /mnt/pool0
$ fetch -o curl.txz http://distcache.freebsd.org/freebsd:10:x86:64/latest/All/curl-7.49.0.txz
$ tar xvf curl.txz /usr/local/bin/curl
$ mv usr/local/bin/curl .
$ rm curl.txz
$ fetch -o carootnss.txz http://distcache.freebsd.org/freebsd:10:x86:64/latest/All/ca_root_nss-3.22.2.txz
$ tar xvf carootnss.txz /usr/local/share/certs/ca-root-nss.crt
$ mv /usr/local/share/certs/ca-root-nss.crt .
$ rm carootnss.txz
$ # rm -r usr # be sure you're not in / ;-)
3. Configure your shell
Your shell needs to know how to use the new curl binary. Create a file _shell_profile
in same directory as above:
_shell_profile
:
export CURL_CA_BUNDLE=<path on your persistent storage>/ca-root-nss.crt
export PATH=$PATH:<path on your persistent storage>
Load it in your current shell session:
$ . _shell_profile
4. Install acme.sh
Now download and install acme.sh using the advanced configuration.
./acme.sh --install --home <path on your persistent storage>
You can now use it as usual.
5. Certificate renewal with cronjob
Usually, acme.sh can't create the automatic cronjob for certificate renewal on those platforms. I use a script like this:
acme-renew.sh
:
. <path on your persistent storage>/_shell_profile
acme.sh --cron --home <path on your persistent storage>
Don't forget to chmod +x acme-renew.sh
.
Now find out how to create the cronjob on your system. For nas4free, you can do it in the web interface under System -> Advanced -> Cron. I scheduled it for running on the 1st of every month.
Buy me a beer, Donate to acme.sh if it saves your time. Your donation makes acme.sh better: https://donate.acme.sh/
如果 acme.sh 帮你节省了时间,请考虑赏我一杯啤酒🍺, 捐助: https://donate.acme.sh/ 你的支持将会使得 acme.sh 越来越好. 感谢