]>
Commit | Line | Data |
---|---|---|
1 | Summary: letsencrypt/acme client implemented as a shell-script | |
2 | Name: dehydrated | |
3 | Version: 0.6.2 | |
4 | Release: 1 | |
5 | License: MIT | |
6 | Group: Applications/Networking | |
7 | Source0: https://github.com/lukas2511/dehydrated/archive/v%{version}/%{name}-%{version}.tar.gz | |
8 | # Source0-md5: d4db13d5965054b0a231bf95285c6cf0 | |
9 | Source1: apache.conf | |
10 | Source2: lighttpd.conf | |
11 | Source3: nginx.conf | |
12 | Source5: hook.sh | |
13 | Source6: hook-dns-01.sh | |
14 | Source7: crontab | |
15 | Patch0: pld.patch | |
16 | URL: https://dehydrated.io/ | |
17 | BuildRequires: rpmbuild(macros) >= 1.713 | |
18 | Requires: ca-certificates | |
19 | Requires: crondaemon | |
20 | Requires: curl | |
21 | Requires: diffutils | |
22 | Requires: grep | |
23 | Requires: mktemp | |
24 | Requires: openssl-tools | |
25 | Requires: sed | |
26 | Requires: webapps | |
27 | Suggests: webserver(access) | |
28 | Suggests: webserver(alias) | |
29 | BuildArch: noarch | |
30 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) | |
31 | ||
32 | %define _webapps /etc/webapps | |
33 | %define _webapp %{name} | |
34 | %define _sysconfdir %{_webapps}/%{_webapp} | |
35 | %define _appdir %{_datadir}/%{_webapp} | |
36 | ||
37 | %description | |
38 | This is a client for signing certificates with an ACME-server | |
39 | (currently only provided by letsencrypt) implemented as a relatively | |
40 | simple bash-script. | |
41 | ||
42 | Current features: | |
43 | - Signing of a list of domains | |
44 | - Signing of a CSR | |
45 | - Renewal if a certificate is about to expire or SAN (subdomains) | |
46 | changed | |
47 | - Certificate revocation | |
48 | ||
49 | %prep | |
50 | %setup -q | |
51 | %patch0 -p1 | |
52 | ||
53 | %install | |
54 | rm -rf $RPM_BUILD_ROOT | |
55 | install -d $RPM_BUILD_ROOT{%{_sbindir},%{_sysconfdir}/certs,/etc/cron.d} \ | |
56 | $RPM_BUILD_ROOT/var/lib/%{name}/{accounts,acme-challenge,certs} | |
57 | ||
58 | install -p %{name} $RPM_BUILD_ROOT%{_sbindir} | |
59 | cp -p %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/apache.conf | |
60 | cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/lighttpd.conf | |
61 | cp -p %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/nginx.conf | |
62 | cp -p docs/examples/config $RPM_BUILD_ROOT%{_sysconfdir} | |
63 | cp -p docs/examples/domains.txt $RPM_BUILD_ROOT%{_sysconfdir} | |
64 | cp -p %{SOURCE7} $RPM_BUILD_ROOT/etc/cron.d/%{name} | |
65 | install -p %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir} | |
66 | install -p %{SOURCE6} $RPM_BUILD_ROOT%{_sysconfdir} | |
67 | cp -p $RPM_BUILD_ROOT%{_sysconfdir}/{apache,httpd}.conf | |
68 | ||
69 | %clean | |
70 | rm -rf $RPM_BUILD_ROOT | |
71 | ||
72 | %triggerin -- apache1 < 1.3.37-3, apache1-base | |
73 | %webapp_register apache %{_webapp} | |
74 | ||
75 | %triggerun -- apache1 < 1.3.37-3, apache1-base | |
76 | %webapp_unregister apache %{_webapp} | |
77 | ||
78 | %triggerin -- apache < 2.2.0, apache-base | |
79 | %webapp_register httpd %{_webapp} | |
80 | ||
81 | %triggerun -- apache < 2.2.0, apache-base | |
82 | %webapp_unregister httpd %{_webapp} | |
83 | ||
84 | %triggerin -- lighttpd | |
85 | %webapp_register lighttpd %{_webapp} | |
86 | ||
87 | %triggerun -- lighttpd | |
88 | %webapp_unregister lighttpd %{_webapp} | |
89 | ||
90 | %triggerin -- nginx | |
91 | %webapp_register nginx %{_webapp} | |
92 | ||
93 | %triggerun -- nginx | |
94 | %webapp_unregister nginx %{_webapp} | |
95 | ||
96 | %files | |
97 | %defattr(644,root,root,755) | |
98 | %doc README.md CHANGELOG LICENSE | |
99 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/cron.d/%{name} | |
100 | %dir %attr(750,root,http) %{_sysconfdir} | |
101 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/apache.conf | |
102 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/httpd.conf | |
103 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/lighttpd.conf | |
104 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nginx.conf | |
105 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/config | |
106 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/domains.txt | |
107 | %attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/hook.sh | |
108 | %attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/hook-dns-01.sh | |
109 | %attr(755,root,root) %{_sbindir}/%{name} | |
110 | %dir %attr(751,root,root) /var/lib/%{name} | |
111 | %dir %attr(700,root,root) /var/lib/%{name}/accounts | |
112 | %dir %attr(700,root,root) /var/lib/%{name}/certs | |
113 | # challenges written here, need to be readable by webserver | |
114 | %dir %attr(751,root,root) /var/lib/%{name}/acme-challenge |