From 6135deb3192938e1666d55d4c7bdb0d01b5b4642 Mon Sep 17 00:00:00 2001
From: hiska <hiska@hiska.net>
Date: Mon, 6 Mar 2017 11:43:27 +0900
Subject: [PATCH 1/3] deploy for strongswan

---
 deploy/strongswan.sh | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 deploy/strongswan.sh

diff --git a/deploy/strongswan.sh b/deploy/strongswan.sh
new file mode 100644
index 00000000..a577a981
--- /dev/null
+++ b/deploy/strongswan.sh
@@ -0,0 +1,34 @@
+#!/usr/bin/env sh
+
+#Here is a sample custom api script.
+#This file name is "myapi.sh"
+#So, here must be a method   myapi_deploy()
+#Which will be called by acme.sh to deploy the cert
+#returns 0 means success, otherwise error.
+
+########  Public functions #####################
+
+#domain keyfile certfile cafile fullchain
+strongswan_deploy() {
+  _cdomain="$1"
+  _ckey="$2"
+  _ccert="$3"
+  _cca="$4"
+  _cfullchain="$5"
+
+  _debug _cdomain "$_cdomain"
+  _debug _ckey "$_ckey"
+  _debug _ccert "$_ccert"
+  _debug _cca "$_cca"
+  _debug _cfullchain "$_cfullchain"
+
+  cat "$_ckey"       > "/etc/ipsec.d/private/$(basename "$_ckey")"
+  cat "$_ccert"      > "/etc/ipsec.d/certs/$(basename "$_ccert")"
+  cat "$_cca"        > "/etc/ipsec.d/cacerts/$(basename "$_cca")"
+  cat "$_cfullchain" > "/etc/ipsec.d/cacerts/$(basename "$_cfullchain")"
+
+  ipsec secrets
+
+  return 0
+
+}

From 6fa8160a7d9eadc66063fc2316ef32cd05bc4de2 Mon Sep 17 00:00:00 2001
From: hiska <hiska@hiska.net>
Date: Wed, 29 Mar 2017 10:32:19 +0900
Subject: [PATCH 2/3] Fix CI Fails

---
 deploy/strongswan.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/deploy/strongswan.sh b/deploy/strongswan.sh
index a577a981..628e6079 100644
--- a/deploy/strongswan.sh
+++ b/deploy/strongswan.sh
@@ -22,10 +22,10 @@ strongswan_deploy() {
   _debug _cca "$_cca"
   _debug _cfullchain "$_cfullchain"
 
-  cat "$_ckey"       > "/etc/ipsec.d/private/$(basename "$_ckey")"
-  cat "$_ccert"      > "/etc/ipsec.d/certs/$(basename "$_ccert")"
-  cat "$_cca"        > "/etc/ipsec.d/cacerts/$(basename "$_cca")"
-  cat "$_cfullchain" > "/etc/ipsec.d/cacerts/$(basename "$_cfullchain")"
+  cat "$_ckey" >"/etc/ipsec.d/private/$(basename "$_ckey")"
+  cat "$_ccert" >"/etc/ipsec.d/certs/$(basename "$_ccert")"
+  cat "$_cca" >"/etc/ipsec.d/cacerts/$(basename "$_cca")"
+  cat "$_cfullchain" >"/etc/ipsec.d/cacerts/$(basename "$_cfullchain")"
 
   ipsec secrets
 

From 59db10445523dbad6ce297cf0efc6ddd7f50e679 Mon Sep 17 00:00:00 2001
From: hiska <hiska@hiska.net>
Date: Wed, 29 Mar 2017 11:45:40 +0900
Subject: [PATCH 3/3] Update README.md

---
 deploy/README.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/deploy/README.md b/deploy/README.md
index 4a13e096..d0235667 100644
--- a/deploy/README.md
+++ b/deploy/README.md
@@ -72,3 +72,8 @@ export DEPLOY_EXIM4_RELOAD="/etc/init.d/exim4 restart"
 acme.sh --deploy -d ftp.example.com --deploy-hook exim4
 ```
 
+## 6. Deploy the cert to local strongswan server.
+
+```sh
+acme.sh --deploy -d ftp.example.com --deploy-hook strongswan
+```