On pią, 2016-01-22 at 10:23 -0600, Kent R. Spillner wrote: > On Wed, Jan 20, 2016 at 01:57:43PM -0600, Kent R. Spillner wrote: > > Below is a new diff. We finally tracked down the certificate > > validation > > bug with help from viq and upstream, and the new patch for that has > > already been merged upstream (along with several of our other > > patches > > which can all go away when v1.2.0 is released). In this version of > > the > > diff I've updated the README and also take MAINTAINER. > > > > Ok? > > bump > > I'm not sure how many people use taskd but it'd be nice to get some > test > reports for i386 and other architectures. I've been running this on > amd64 for the past several days, sync'ing with taskwarrior on OpenBSD > as > well as Linux. If anyone uses other clients, or runs taskwarrior on > other OS x, such test reports would be great, too.
I tried to finally have a look at this, and the patch does not apply cleanly, though I guess mostly because of the funky characters. Could you maybe attach the patch instead of having it inline? It would make it easier to make sure I have a version that hasn't been mangled somewhere along the way. > Index: Makefile > =================================================================== > RCS file: /work/cvsroot/ports/productivity/taskd/Makefile,v > retrieving revision 1.4 > diff -p -u -r1.4 Makefile > --- Makefile 25 Aug 2015 07:30:30 -0000 1.4 > +++ Makefile 20 Jan 2016 19:41:51 -0000 > @@ -2,23 +2,27 @@ > > COMMENT = lightweight server providing access to task data > > -DISTNAME = taskd-1.0.0 > +DISTNAME = taskd-1.1.0 > CATEGORIES = productivity net > -REVISION = 1 > > HOMEPAGE = http://www.taskwarrior.org/ > > +MAINTAINER = Kent R. Spillner <[email protected]> > + > MASTER_SITES = ${HOMEPAGE}/download/ > > # MIT > PERMIT_PACKAGE_CDROM = Yes > > -MODULES = devel/cmake > +MODULES = gcc4 \ > + devel/cmake > + > +MODGCC4_LANGS = c++ > +MODGCC4_ARCHS = * > > -WANTLIB += c gnutls m pthread stdc++ uuid > +WANTLIB += c gnutls m pthread > > -LIB_DEPENDS = security/gnutls \ > - sysutils/e2fsprogs>=1.42.7 > +LIB_DEPENDS = security/gnutls > > CONFIGURE_STYLE = cmake > > @@ -33,10 +37,11 @@ NO_TEST = Yes > > post-install: > ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/taskd/pki/ > - ${INSTALL_SCRIPT} ${WRKSRC}/pki/!(*.orig) \ > + ${INSTALL_SCRIPT} ${WRKSRC}/pki/generate!(*.orig) \ > + ${PREFIX}/share/examples/taskd/pki/ > + ${INSTALL_DATA} ${WRKSRC}/pki/README \ > ${PREFIX}/share/examples/taskd/pki/ > ${SUBST_DATA} ${FILESDIR}/config \ > ${PREFIX}/share/examples/taskd/config > - ${INSTALL_DATA} ${FILESDIR}/vars.dist > ${PREFIX}/share/examples/taskd/pki/ > > .include <bsd.port.mk> > Index: distinfo > =================================================================== > RCS file: /work/cvsroot/ports/productivity/taskd/distinfo,v > retrieving revision 1.1.1.1 > diff -p -u -r1.1.1.1 distinfo > --- distinfo 12 Jul 2014 22:08:35 -0000 1.1.1.1 > +++ distinfo 10 Nov 2015 21:12:00 -0000 > @@ -1,2 +1,2 @@ > -SHA256 (taskd-1.0.0.tar.gz) = > Fi7x7sSPgUWHDvDb4BIbeKbamYFbwYr3feB/uwq+AtA= > -SIZE (taskd-1.0.0.tar.gz) = 128191 > +SHA256 (taskd-1.1.0.tar.gz) = > e4SI5oeXGuVnKf9OLlIJ/4gGz4zVdxi/1+UhvhMGIbQ= > +SIZE (taskd-1.1.0.tar.gz) = 120115 > Index: files/config > =================================================================== > RCS file: /work/cvsroot/ports/productivity/taskd/files/config,v > retrieving revision 1.1.1.1 > diff -p -u -r1.1.1.1 config > --- files/config 12 Jul 2014 22:08:35 -0000 1.1.1.1 > +++ files/config 14 Jan 2016 19:56:20 -0000 > @@ -1,12 +1,12 @@ > confirmation=1 > extensions=${TRUEPREFIX}/libexec/taskd > log=/var/log/taskd/taskd.log > -log=/var/log/taskd/taskd.log > pid.file=/var/run/taskd/taskd.pid > queue.size=10 > request.limit=1048576 > root=/var/taskd > -server=*:53589 > +server=127.0.0.1:53589 > +trust=strict > verbose=1 > client.cert=/var/taskd/client.cert.pem > client.key=/var/taskd/client.key.pem > @@ -14,4 +14,3 @@ server.cert=/var/taskd/server.cert.pem > server.key=/var/taskd/server.key.pem > server.crl=/var/taskd/server.crl.pem > ca.cert=/var/taskd/ca.cert.pem > -client.allow=^task [2-9] > Index: files/vars.dist > =================================================================== > RCS file: files/vars.dist > diff -N files/vars.dist > --- files/vars.dist 12 Jul 2014 22:08:35 -0000 1.1.1.1 > +++ /dev/null 1 Jan 1970 00:00:00 -0000 > @@ -1,9 +0,0 @@ > -#dnsnames="example.com example.net" > -#ipaddrs="10.11.12.13 10.20.30.40" > -bits=4096 > -expiration_days=365 > -organization="Göteborg Bit Factory" > -cn="Göteborg Bit Factory" > -country=SE > -state="Västra Götaland" > -locality="Göteborg" > Index: patches/patch-CMakeLists_txt > =================================================================== > RCS file: patches/patch-CMakeLists_txt > diff -N patches/patch-CMakeLists_txt > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ patches/patch-CMakeLists_txt 10 Nov 2015 21:48:36 -0000 > @@ -0,0 +1,25 @@ > +$OpenBSD$ > +--- CMakeLists.txt.orig Tue Nov 10 15:44:28 2015 > ++++ CMakeLists.txt Tue Nov 10 15:44:54 2015 > +@@ -115,10 +115,10 @@ if (GNUTLS_FOUND) > + endif (GNUTLS_FOUND) > + > + message ("-- Looking for libuuid") > +-if (DARWIN OR FREEBSD) > ++if (DARWIN OR FREEBSD OR OPENBSD) > + # Apple and FreeBSD include the uuid functions in their libc, > rather than libuuid > + check_function_exists (uuid_unparse_lower > HAVE_UUID_UNPARSE_LOWER) > +-else (DARWIN OR FREEBSD) > ++else (DARWIN OR FREEBSD OR OPENBSD) > + find_path (UUID_INCLUDE_DIR uuid/uuid.h) > + find_library (UUID_LIBRARY NAMES uuid) > + if (UUID_INCLUDE_DIR AND UUID_LIBRARY) > +@@ -131,7 +131,7 @@ else (DARWIN OR FREEBSD) > + else (UUID_INCLUDE_DIR AND UUID_LIBRARY) > + message (FATAL_ERROR "-- libuuid not found.") > + endif (UUID_INCLUDE_DIR AND UUID_LIBRARY) > +-endif (DARWIN OR FREEBSD) > ++endif (DARWIN OR FREEBSD OR OPENBSD) > + > + if (HAVE_UUID_UNPARSE_LOWER) > + message ("-- Found libuuid") > Index: patches/patch-pki_README > =================================================================== > RCS file: /work/cvsroot/ports/productivity/taskd/patches/patch- > pki_README,v > retrieving revision 1.1.1.1 > diff -p -u -r1.1.1.1 patch-pki_README > --- patches/patch-pki_README 12 Jul 2014 22:08:35 -0000 > 1.1.1.1 > +++ patches/patch-pki_README 10 Nov 2015 21:35:18 -0000 > @@ -1,6 +1,6 @@ > $OpenBSD: patch-pki_README,v 1.1.1.1 2014/07/12 22:08:35 landry Exp > $ > ---- pki/README.orig Fri Jun 20 22:26:36 2014 > -+++ pki/README Fri Jun 20 22:27:24 2014 > +--- pki/README.orig Sun May 10 16:35:22 2015 > ++++ pki/README Tue Nov 10 15:35:03 2015 > @@ -21,7 +21,7 @@ and cert will not be trusted by anyone, for good > reaso > > Note, you can inspect any cert with the command: > @@ -10,3 +10,10 @@ $OpenBSD: patch-pki_README,v 1.1.1.1 201 > > There is a 'generate' script here that will perform the above > steps. Take a > look at it to see the individual steps it takes to generate the > proper set of > +@@ -32,5 +32,5 @@ chosen parameters. > + > + VAlidate a certificate with: > + > +- $ gnutls-certtool --verify --infile client.cert.pem --load-ca- > certificate ca.cert.pem > ++ $ certtool --verify --infile client.cert.pem --load-ca- > certificate ca.cert.pem > + > Index: patches/patch-pki_generate > =================================================================== > RCS file: patches/patch-pki_generate > diff -N patches/patch-pki_generate > --- patches/patch-pki_generate 12 Jul 2014 22:08:35 -0000 > 1.1.1.1 > +++ /dev/null 1 Jan 1970 00:00:00 -0000 > @@ -1,9 +0,0 @@ > -$OpenBSD: patch-pki_generate,v 1.1.1.1 2014/07/12 22:08:35 landry > Exp $ > ---- pki/generate.orig Fri Jun 20 22:26:36 2014 > -+++ pki/generate Fri Jun 20 21:52:57 2014 > -@@ -1,4 +1,4 @@ > --#!/bin/bash > -+#!/bin/sh > - > - # For a public or production server, purchase a cert from a known > CA, and skip > - # the next step. > Index: patches/patch-pki_generate_ca > =================================================================== > RCS file: /work/cvsroot/ports/productivity/taskd/patches/patch- > pki_generate_ca,v > retrieving revision 1.1.1.1 > diff -p -u -r1.1.1.1 patch-pki_generate_ca > --- patches/patch-pki_generate_ca 12 Jul 2014 22:08:35 -0000 > 1.1.1.1 > +++ patches/patch-pki_generate_ca 20 Jan 2016 15:46:08 -0000 > @@ -1,41 +1,16 @@ > -$OpenBSD: patch-pki_generate_ca,v 1.1.1.1 2014/07/12 22:08:35 landry > Exp $ > ---- pki/generate.ca.orig Fri Jun 20 22:26:36 2014 > -+++ pki/generate.ca Fri Jun 20 21:59:50 2014 > -@@ -1,27 +1,30 @@ > --#!/bin/bash > -+#!/bin/sh > - > - # Take the correct binary to create the certificates > --CERTTOOL=$(which gnutls-certtool || which certtool) > -+CERTTOOL=$(which certtool) > - if [[ -z "${CERTTOOL}" ]] > - then > - echo "ERROR: No certtool found" >&2 > - exit 1 > - fi > - > -+. ./vars > -+ > - # Create a CA key. > - ${CERTTOOL} \ > - --generate-privkey \ > -+ --bits=$bits \ > - --outfile ca.key.pem > - > - chmod 600 ca.key.pem > - > - # Sign a CA cert. > - cat <<EOF >ca.info > --organization = Göteborg Bit Factory > --cn = Göteborg Bit Factory > --country = SE > --state = Västra Götaland > --locality = Göteborg > -+organization = $organization > -+cn = $cn > -+country = $country > -+state = $state > -+locality = $locality > +$OpenBSD$ > + > +Fix CA certificate generation for GNUTLS v3.3.20 and later. > +When this option was present clients failed to validate the > +server's certificate when trust=strict with "certificate > +violates signer's constraints" errors. > +--- pki/generate.ca.orig Wed Jan 20 09:43:57 2016 > ++++ pki/generate.ca Wed Jan 20 09:44:09 2016 > +@@ -26,7 +26,6 @@ country = $COUNTRY > + state = $STATE > + locality = $LOCALITY > ca > - cert_signing_key > +-cert_signing_key > EOF > + > + $CERTTOOL \ > Index: patches/patch-pki_generate_client > =================================================================== > RCS file: patches/patch-pki_generate_client > diff -N patches/patch-pki_generate_client > --- patches/patch-pki_generate_client 12 Jul 2014 22:08:35 > -0000 1.1.1.1 > +++ /dev/null 1 Jan 1970 00:00:00 -0000 > @@ -1,39 +0,0 @@ > -$OpenBSD: patch-pki_generate_client,v 1.1.1.1 2014/07/12 22:08:35 > landry Exp $ > ---- pki/generate.client.orig Fri Jun 20 22:26:36 2014 > -+++ pki/generate.client Fri Jun 20 22:00:23 2014 > -@@ -1,4 +1,4 @@ > --#!/bin/bash > -+#!/bin/sh > - > - NAME=client > - if [ $# -gt 0 ] ; then > -@@ -6,23 +6,26 @@ if [ $# -gt 0 ] ; then > - fi > - > - # Take the correct binary to create the certificates > --CERTTOOL=$(which gnutls-certtool || which certtool) > -+CERTTOOL=$(which certtool) > - if [[ -z "${CERTTOOL}" ]] > - then > - echo "ERROR: No certtool found" >&2 > - exit 1 > - fi > - > -+. ./vars > -+ > - # Create a client key. > - ${CERTTOOL} \ > - --generate-privkey \ > -+ --bits=$bits \ > - --outfile ${NAME}.key.pem > - > - # Sign a client cert with the key. > - chmod 600 ${NAME}.key.pem > - cat <<EOF >client.info > --organization = Göteborg Bit Factory > --cn = Göteborg Bit Factory > -+organization = $organization > -+cn = $cn > - tls_www_client > - encryption_key > - signing_key > Index: patches/patch-pki_generate_crl > =================================================================== > RCS file: patches/patch-pki_generate_crl > diff -N patches/patch-pki_generate_crl > --- patches/patch-pki_generate_crl 12 Jul 2014 22:08:35 -0000 > 1.1.1.1 > +++ /dev/null 1 Jan 1970 00:00:00 -0000 > @@ -1,21 +0,0 @@ > -$OpenBSD: patch-pki_generate_crl,v 1.1.1.1 2014/07/12 22:08:35 > landry Exp $ > ---- pki/generate.crl.orig Fri Jun 20 22:26:36 2014 > -+++ pki/generate.crl Fri Jun 20 22:00:47 2014 > -@@ -1,12 +1,14 @@ > --#!/bin/bash > -+#!/bin/sh > - > -+. ./vars > -+ > - # CRL - Certificate Revocation List > - cat <<EOF >crl.info > --expiration_days = 365 > -+expiration_days = $expiration_days > - EOF > - > - # Take the correct binary to create the certificates > --CERTTOOL=$(which gnutls-certtool || which certtool) > -+CERTTOOL=$(which certtool) > - if [[ -z "${CERTTOOL}" ]] > - then > - echo "ERROR: No certtool found" >&2 > Index: patches/patch-pki_generate_server > =================================================================== > RCS file: patches/patch-pki_generate_server > diff -N patches/patch-pki_generate_server > --- patches/patch-pki_generate_server 12 Jul 2014 22:08:35 > -0000 1.1.1.1 > +++ /dev/null 1 Jan 1970 00:00:00 -0000 > @@ -1,48 +0,0 @@ > -$OpenBSD: patch-pki_generate_server,v 1.1.1.1 2014/07/12 22:08:35 > landry Exp $ > ---- pki/generate.server.orig Wed Jan 15 23:47:49 2014 > -+++ pki/generate.server Tue Jun 24 11:25:44 2014 > -@@ -1,26 +1,38 @@ > --#!/bin/bash > -+#!/bin/sh > - > - # Take the correct binary to create the certificates > --CERTTOOL=$(which gnutls-certtool || which certtool) > -+CERTTOOL=$(which certtool) > - if [[ -z "${CERTTOOL}" ]] > - then > - echo "ERROR: No certtool found" >&2 > - exit 1 > - fi > - > -+dnsnames="`hostname`" > -+ipaddrs=$(for ip in `ifconfig -A | awk '/inet/ {print $2}' | egrep > -v '(^::1$|^fe80:|^127\.)'` ; do > -+ echo -n "$ip " > -+done) > -+ > -+. ./vars > -+ > - # Create a server key. > - ${CERTTOOL} \ > - --generate-privkey \ > -+ --bits=$bits \ > - --outfile server.key.pem > - > - chmod 600 server.key.pem > - > - # Sign a server cert using the key. > - cat <<EOF >server.info > --organization = Göteborg Bit Factory > --cn = Göteborg Bit Factory > --dns_name = "tasktools.org" > --ip_address = "97.107.141.107" > -+organization = $organization > -+cn = $cn > -+$(for host in $dnsnames ; do > -+ echo dns_name = $host > -+done) > -+$(for ip in $ipaddrs ; do > -+ echo ip_address = $ip > -+done) > - tls_www_server > - encryption_key > - signing_key > Index: patches/patch-src_util_cpp > =================================================================== > RCS file: patches/patch-src_util_cpp > diff -N patches/patch-src_util_cpp > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ patches/patch-src_util_cpp 10 Nov 2015 21:48:30 -0000 > @@ -0,0 +1,12 @@ > +$OpenBSD$ > +--- src/util.cpp.orig Tue Nov 10 15:46:44 2015 > ++++ src/util.cpp Tue Nov 10 15:47:54 2015 > +@@ -136,7 +136,7 @@ int autoComplete ( > + // representation is always lowercase anyway. > + // For the implementation details, refer to > + // http://svnweb.freebsd.org/base/head/sys/kern/kern_uuid.c > +-#ifdef FREEBSD > ++#if defined(FREEBSD) || defined(OPENBSD) > + const std::string uuid () > + { > + uuid_t id; > Index: patches/patch-src_util_h > =================================================================== > RCS file: patches/patch-src_util_h > diff -N patches/patch-src_util_h > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ patches/patch-src_util_h 10 Nov 2015 21:48:27 -0000 > @@ -0,0 +1,12 @@ > +$OpenBSD$ > +--- src/util.h.orig Tue Nov 10 15:46:30 2015 > ++++ src/util.h Tue Nov 10 15:45:58 2015 > +@@ -29,7 +29,7 @@ > + > + #include <string> > + #include <vector> > +-#ifdef FREEBSD > ++#if defined(FREEBSD) || defined(OPENBSD) > + #include <uuid.h> > + #else > + #include <uuid/uuid.h> > Index: pkg/PLIST > =================================================================== > RCS file: /work/cvsroot/ports/productivity/taskd/pkg/PLIST,v > retrieving revision 1.2 > diff -p -u -r1.2 PLIST > --- pkg/PLIST 25 Aug 2015 07:30:30 -0000 1.2 > +++ pkg/PLIST 20 Jan 2016 19:41:36 -0000 > @@ -16,6 +16,7 @@ > @bin bin/taskd > bin/taskdctl > @man man/man1/taskd.1 > +@man man/man1/taskdctl.1 > @man man/man5/taskdrc.5 > share/examples/taskd/ > share/examples/taskd/config > @@ -34,7 +35,6 @@ share/examples/taskd/pki/generate.ca > share/examples/taskd/pki/generate.client > share/examples/taskd/pki/generate.crl > share/examples/taskd/pki/generate.server > -share/examples/taskd/pki/vars.dist > @sample share/examples/taskd/pki/vars > share/taskd/ > share/taskd/AUTHORS > Index: pkg/README > =================================================================== > RCS file: /work/cvsroot/ports/productivity/taskd/pkg/README,v > retrieving revision 1.2 > diff -p -u -r1.2 README > --- pkg/README 18 Jul 2015 21:13:41 -0000 1.2 > +++ pkg/README 20 Jan 2016 19:30:38 -0000 > @@ -4,29 +4,33 @@ $OpenBSD: README,v 1.2 2015/07/18 21:13: > | Running ${FULLPKGNAME} on OpenBSD > +------------------------------------------------------------------- > ---- > > +NOTE: > +===== > +When running the taskd commands below you must either append the > command > +line argument '--data /var/taskd' to every taskd command, or else > export > +the TASKDDATA environment variable: > + > + # export TASKDDATA=/var/taskd > + > + > Generate certificates > ===================== > Before starting taskd you need to generate certificates for it to > use. > -The procedure is described at > -http://taskwarrior.org/docs/server_configure.html but has been > somewhat > -simplified on OpenBSD: > +This procedure is described at: > + > +http://taskwarrior.org/docs/taskserver/configure.html > > Generate certificate files > -------------------------- > -In ${PREFIX}/share/examples/taskd/pki/ is a set of scripts that can > be > -used to generate necessary files. Copy that directory somewhere safe > and > -adjust vars to your liking. > -generate.server will automatically generate certificate with the > -hostname and IPs of machine it is ran on, adjust the vars file to > -override this. > -Once you're satisfied with settings, run: > +Copy everything under ${PREFIX}/share/examples/taskd/pki to a > directory > +where you have write permission, edit the contents of the var file > to > +match your needs, and then run the generate script: > > $ ./generate > > - > Copy certificates in place > -------------------------- > -Copy resulting certificates into taskd's directory: > +Copy the following certificate files and keys to /var/taskd: > > # cp {client,server}.{cert,key}.pem server.crl.pem ca.cert.pem \ > /var/taskd > @@ -35,96 +39,110 @@ Copy resulting certificates into taskd's > > Running taskd > ============= > -taskd by default listens on all interfaces on port 53589. You can > change > -this with a command like: > +taskd by default listens on 127.0.0.1 port 53589. You can change > this > +by editing /var/taskd/config, or with a command like: > > # su -m _taskd -c \ > "taskd config --force server localhost:12345 --data > /var/taskd" > > -To enable automatic startup on boot for taskd, add it to pkg_scripts > -in ${BASESYSCONFDIR}/rc.conf.local, for example: > - > - pkg_scripts="${pkg_scripts} taskd" > - > -To start taskd, reboot or start it manually: > +taskd comes with an rc.d script that can be used to start it > manually, > +or enable it to start automatically on boot. > > - # rcctl restart taskd > + # rcctl start taskd > + # rcctl enable taskd > > > Adding users > ============ > -As described at http://taskwarrior.org/docs/server_user.html > - > -For most operations here you'll either have to > - # export TASKDDATA=/var/taskd > +Before you can sync with the server you must create at least one > user > +and organization. This procedure is described at: > > -or run taskd with '--data /var/taskd' appended to it's options. > +http://taskwarrior.org/docs/taskserver/user.html > > -Create organization and user > ----------------------------- > -First you need to create an organization to put user(s) into: > +Create organization > +------------------- > +First, you must create an organization (in this example it is named > +Public): > > # su -m _taskd -c "taskd add org Public --data /var/taskd" > > - Created organization 'Public' > +Create user > +----------- > +Next, create a user as part of that organization: > > + # su -m _taskd -c \ > + "taskd add user Public 'First Last' --data /var/taskd" > > -Then you can proceed with creating a user: > - > - # su -m _taskd -c "taskd add user 'Public' 'First Last' --data > /var/taskd" > - New user key: cf31f287-ee9e-43a8-843e-e8bbd5de4294 > - Created user 'First Last' for organization 'Public' > - > +Be sure to remember the user key mentioned in the output of that > +command. It is required by the client configuration later in order > +to authenticate with the server. > > Create user certificate > ----------------------- > -Go again to the directory where you copied the pki scripts, and run: > +Finally, you must generate a certificate for that user. Go back to > the > +directory where you copied everything from > +${PREFIX}/share/examples/taskd/pki and run (replacing first_last > with > +the filename you want for this user's certificate and key): > > $ ./generate.client first_last > > -This will generate a new key and cert, named first_last.cert.pem and > -first_last.key.pem. It is not important that 'first_last' was used > here, > -just that it is something unique, and valid for use in a file name. > - > > Configure taskwarrior > ===================== > -As described at http://taskwarrior.org/docs/server_taskwarrior.html > +Now taskwarrior must be configured to connect to this taskd server > and > +authenticate as this user. This procedure is described at: > + > +http://taskwarrior.org/docs/taskserver/taskwarrior.html > > -You will need following information from above processes: > - CA ca.cert.pem > - Client certificate: first_last.cert.pem > - Client key: first_last.key.pem > - User key (yours will be different): cf31f287-ee9e-43a8-843e- > e8bbd5de4294 > - Organization: Public > - Account name: First Last > - Server:port host.domain:53589 > +Copy the ca.cert.pem file and user certificate and key files > +(first_last.cert.pem and first_last.key.pem in the example above) > that > +you just generated to the users' local task directory, ~./task: > > $ cp first_last.cert.pem ~/.task > $ cp first_last.key.pem ~/.task > $ cp ca.cert.pem ~/.task > + > +Configure taskwarrior to use these certificates and connect to this > +server by either editing ~/.taskrc, or with commands like: > + > $ task config taskd.certificate ~/.task/first_last.cert.pem > $ task config taskd.key ~/.task/first_last.key.pem > $ task config taskd.ca ~/.task/ca.cert.pem > $ task config taskd.server host.domain:53589 > - $ task config taskd.credentials 'Public/First Last/cf31f287-ee9e- > 43a8-843e-e8bbd5de4294' > + > +Finally, configure taskwarrior to authenticate as the user created > +above, replacing "Public" with the name of the organization you > created, > +"First Last" with the name of the user, and "cf31f287-..." with the > +value of the user key that you remembered from the output of the > "taskd > +add user" command: > + > + $ task config taskd.credentials \ > + 'Public/First Last/cf31f287-ee9e-43a8-843e-e8bbd5de4294' > > > Syncing Taskwarrior > =================== > -As described at http://taskwarrior.org/docs/server_sync.html > +You should now be able to sync with this taskd server. This > procedure > +is described at: http://taskwarrior.org/docs/taskserver/sync.html > > -First time sync is special, and needs to be done only once: > +Very first sync > +--------------- > +The very first sync is special, but only needs to be done once: > > $ task sync init > - Please confirm that you wish to upload all your pending tasks to > the > - Task Server (yes/no) yes > - Syncing with host.domain:53589 > - Sync successful. 2 changes uploaded. > > +This will prompt you to confirm that you want to sync your existing > +tasks with this server. > > -Afterwards you simply run: > +Subsequent syncs > +---------------- > +After the very first sync you can sync again at any time by simply > +running: > > $ task sync > - Syncing with : > - Sync successful. 1 changes uploaded. > + > +Troubleshooting > +--------------- > +If you encounter any problems syncing with this taskd server you > +should check if your problem is already described at > +http://taskwarrior.org/docs/taskserver/troubleshooting-sync.html > Index: pkg/taskd.rc > =================================================================== > RCS file: /work/cvsroot/ports/productivity/taskd/pkg/taskd.rc,v > retrieving revision 1.1.1.1 > diff -p -u -r1.1.1.1 taskd.rc > --- pkg/taskd.rc 12 Jul 2014 22:08:35 -0000 1.1.1.1 > +++ pkg/taskd.rc 15 Jan 2016 15:19:47 -0000 > @@ -7,4 +7,8 @@ daemon_user="_taskd" > > . /etc/rc.d/rc.subr > > +rc_pre() { > + install -d -o _taskd /var/run/taskd > +} > + > rc_cmd $1 > -- viq <[email protected]>
