From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 8A8901582EF for ; Fri, 07 Mar 2025 13:39:22 +0000 (UTC) Received: from lists.gentoo.org (bobolink.gentoo.org [140.211.166.189]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) (Authenticated sender: relay-lists.gentoo.org@gentoo.org) by smtp.gentoo.org (Postfix) with ESMTPSA id 71A91342FFB for ; Fri, 07 Mar 2025 13:39:22 +0000 (UTC) Received: from bobolink.gentoo.org (localhost [127.0.0.1]) by bobolink.gentoo.org (Postfix) with ESMTP id 191571103E1; Fri, 07 Mar 2025 13:38:40 +0000 (UTC) Received: from ciao.gmane.io (ciao.gmane.io [116.202.254.214]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bobolink.gentoo.org (Postfix) with ESMTPS id 58DCA1102D2 for ; Fri, 07 Mar 2025 13:38:39 +0000 (UTC) Received: from list by ciao.gmane.io with local (Exim 4.92) (envelope-from ) id 1tqXuO-0005Jm-P0 for gentoo-dev@lists.gentoo.org; Fri, 07 Mar 2025 14:38:36 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-dev@lists.gentoo.org From: Duncan <1i5t5.duncan@cox.net> Subject: [gentoo-dev] Re: [RFC] News Item: Certbot rework and transition Date: Fri, 7 Mar 2025 13:38:31 -0000 (UTC) Message-ID: References: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit User-Agent: Pan/0.162 (Pokrosvk; 0a913ba36f6ce7a58fc950ca885cd9fb4c87f016) X-Archives-Salt: a1edff96-b785-4f0f-a316-c5da3fd93ba1 X-Archives-Hash: d7f55d8e0a24ee1c06d1459c029e0cd4 Thibaud CANALE posted on Tue, 4 Mar 2025 19:37:46 +0100 as excerpted: > First iteration of news item about Certbot rework. > For ease of maintenance and faster and more reliable delivery for > Gentoo’s users, Certbot and its modules have been reworked into a single > package. I'd suggest putting (the more important) "what" first, then why: Certbot and it modules are being reworked into a single package. This should ease maintenance and make delivery faster and more reliable. > Starting from app-crypt/certbot-3.2.0-r100, only this package is > necessary to install Certbot and its modules thanks to the help of USE > flags. Some block statements are enforced for modules packages to avoid > collisions. Good as-is... > However this creates issues for users and requires them to take action > to update their Portage configuration and world set. Hence why this news > item and the introduction of transition packages. (Concisify, omitting a bit as implied, and explicitly name the config changes:) Action required: @world set and package.use changes. > > Currently supported Certbot modules will have transition packages which > are simply meta-package with their corresponding USE flag to the main > package, but it still requires users to update their package.use, as > describe below. Temporary transition metapackages activate the appropriate USE flags to keep things working for now, but users must update package.use and their @world set to complete the transition before , after which these temporary transition packages will be removed. (Decide on and substitute the removal date as appropriate.) > As a reminder, there is a Wiki page for Certbot: > https://wiki.gentoo.org/wiki/Let%27s_Encrypt :^) > So this news item introduces step-by-step actions to ensure proper > update: Step by step: > 1. Add an entry under package.use with the modules of your choice based > on the list provided by this new package. Example: 1. In package.use: (Should that be the full path, /etc/portage/package.use?) Add an entry for the modules of your choice based on the USE flags of the new unified package. Example: > app-crypt/certbot certbot-apache certbot-dns-rfc2136 :^) > 2. If you decide to go ahead of time by accepting "non stable" version > from Gentoo’s main Portage tree, continue with the following steps, or > simply stop here, your work is done for now. Step 3 will be done later. If you wish to stick with stable you may stop here. The below steps (skipping step 2) will be completed later once the unified package stabilizes. Should you wish to complete the transition now: (Note that the step number was removed. New step 2, (path?)package.accept_keywords step.) 2. In package.accept_keywords (skip this step and continue with step 3 if completing after the unified package stabilizes): Add a keyword entry for the new unified package. Example: ~app-crypt/certbot-3.2.0 ~amd64 > 3. You can decide to clean now your world set, or other sets, of > Certbot’s module packages: 3. Clean the old module packages out of your @world or other sets: > emerge --ask --deselect app-crypt/acme app-crypt/certbot-apache \ > app-crypt/certbot-dns-cloudflare app-crypt/certbot-dns-desec \ > app-crypt/certbot-dns-dnsimple app-crypt/certbot-dns-nsone \ > app-crypt/certbot-dns-rfc2136 app-crypt/certbot-nginx > > 4. Emerge or update app-crypt/certbot if necessary. This should remove > previous packages: > > emerge --verbose --ask --changed-use --noreplace app-crypt/certbot :^) -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman