[packages/dehydrated.git] / dehydrated.spec

Summary:	letsencrypt/acme client implemented as a shell-script
Name:		dehydrated
Version:	0.6.2
Release:	1
License:	MIT
Group:		Applications/Networking
Source0:	https://github.com/lukas2511/dehydrated/archive/v%{version}/%{name}-%{version}.tar.gz
# Source0-md5:	d4db13d5965054b0a231bf95285c6cf0
Source1:	apache.conf
Source2:	lighttpd.conf
Source3:	nginx.conf
Source5:	hook.sh
Source6:	hook-dns-01.sh
Source7:	crontab
Patch0:		pld.patch
URL:		https://dehydrated.io/
BuildRequires:	rpmbuild(macros) >= 1.713
Requires:	ca-certificates
Requires:	crondaemon
Requires:	curl
Requires:	diffutils
Requires:	grep
Requires:	mktemp
Requires:	openssl-tools
Requires:	sed
Requires:	webapps
Suggests:	webserver(access)
Suggests:	webserver(alias)
BuildArch:	noarch
BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)

%define		_webapps	/etc/webapps
%define		_webapp		%{name}
%define		_sysconfdir	%{_webapps}/%{_webapp}
%define		_appdir		%{_datadir}/%{_webapp}

%description
This is a client for signing certificates with an ACME-server
(currently only provided by letsencrypt) implemented as a relatively
simple bash-script.

Current features:
- Signing of a list of domains
- Signing of a CSR
- Renewal if a certificate is about to expire or SAN (subdomains)
  changed
- Certificate revocation

%prep
%setup -q
%patch0 -p1

%install
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT{%{_sbindir},%{_sysconfdir}/certs,/etc/cron.d} \
	$RPM_BUILD_ROOT/var/lib/%{name}/{accounts,acme-challenge,certs}

install -p %{name} $RPM_BUILD_ROOT%{_sbindir}
cp -p %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/apache.conf
cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/lighttpd.conf
cp -p %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/nginx.conf
cp -p docs/examples/config $RPM_BUILD_ROOT%{_sysconfdir}
cp -p docs/examples/domains.txt $RPM_BUILD_ROOT%{_sysconfdir}
cp -p %{SOURCE7} $RPM_BUILD_ROOT/etc/cron.d/%{name}
install -p %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}
install -p %{SOURCE6} $RPM_BUILD_ROOT%{_sysconfdir}
cp -p $RPM_BUILD_ROOT%{_sysconfdir}/{apache,httpd}.conf

%clean
rm -rf $RPM_BUILD_ROOT

%triggerin -- apache1 < 1.3.37-3, apache1-base
%webapp_register apache %{_webapp}

%triggerun -- apache1 < 1.3.37-3, apache1-base
%webapp_unregister apache %{_webapp}

%triggerin -- apache < 2.2.0, apache-base
%webapp_register httpd %{_webapp}

%triggerun -- apache < 2.2.0, apache-base
%webapp_unregister httpd %{_webapp}

%triggerin -- lighttpd
%webapp_register lighttpd %{_webapp}

%triggerun -- lighttpd
%webapp_unregister lighttpd %{_webapp}

%triggerin -- nginx
%webapp_register nginx %{_webapp}

%triggerun -- nginx
%webapp_unregister nginx %{_webapp}

%files
%defattr(644,root,root,755)
%doc README.md CHANGELOG LICENSE
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/cron.d/%{name}
%dir %attr(750,root,http) %{_sysconfdir}
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/apache.conf
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/httpd.conf
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/lighttpd.conf
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nginx.conf
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/config
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/domains.txt
%attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/hook.sh
%attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/hook-dns-01.sh
%attr(755,root,root) %{_sbindir}/%{name}
%dir %attr(751,root,root) /var/lib/%{name}
%dir %attr(700,root,root) /var/lib/%{name}/accounts
%dir %attr(700,root,root) /var/lib/%{name}/certs
# challenges written here, need to be readable by webserver
%dir %attr(751,root,root) /var/lib/%{name}/acme-challenge
Commit	Line	Data
	1	Summary: letsencrypt/acme client implemented as a shell-script
	2	Name: dehydrated
	3	Version: 0.6.2
	4	Release: 1
	5	License: MIT
	6	Group: Applications/Networking
	7	Source0: https://github.com/lukas2511/dehydrated/archive/v%{version}/%{name}-%{version}.tar.gz
	8	# Source0-md5: d4db13d5965054b0a231bf95285c6cf0
	9	Source1: apache.conf
	10	Source2: lighttpd.conf
	11	Source3: nginx.conf
	12	Source5: hook.sh
	13	Source6: hook-dns-01.sh
	14	Source7: crontab
	15	Patch0: pld.patch
	16	URL: https://dehydrated.io/
	17	BuildRequires: rpmbuild(macros) >= 1.713
	18	Requires: ca-certificates
	19	Requires: crondaemon
	20	Requires: curl
	21	Requires: diffutils
	22	Requires: grep
	23	Requires: mktemp
	24	Requires: openssl-tools
	25	Requires: sed
	26	Requires: webapps
	27	Suggests: webserver(access)
	28	Suggests: webserver(alias)
	29	BuildArch: noarch
	30	BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
	31
	32	%define _webapps /etc/webapps
	33	%define _webapp %{name}
	34	%define _sysconfdir %{_webapps}/%{_webapp}
	35	%define _appdir %{_datadir}/%{_webapp}
	36
	37	%description
	38	This is a client for signing certificates with an ACME-server
	39	(currently only provided by letsencrypt) implemented as a relatively
	40	simple bash-script.
	41
	42	Current features:
	43	- Signing of a list of domains
	44	- Signing of a CSR
	45	- Renewal if a certificate is about to expire or SAN (subdomains)
	46	changed
	47	- Certificate revocation
	48
	49	%prep
	50	%setup -q
	51	%patch0 -p1
	52
	53	%install
	54	rm -rf $RPM_BUILD_ROOT
	55	install -d $RPM_BUILD_ROOT{%{_sbindir},%{_sysconfdir}/certs,/etc/cron.d} \
	56	$RPM_BUILD_ROOT/var/lib/%{name}/{accounts,acme-challenge,certs}
	57
	58	install -p %{name} $RPM_BUILD_ROOT%{_sbindir}
	59	cp -p %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/apache.conf
	60	cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/lighttpd.conf
	61	cp -p %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/nginx.conf
	62	cp -p docs/examples/config $RPM_BUILD_ROOT%{_sysconfdir}
	63	cp -p docs/examples/domains.txt $RPM_BUILD_ROOT%{_sysconfdir}
	64	cp -p %{SOURCE7} $RPM_BUILD_ROOT/etc/cron.d/%{name}
	65	install -p %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}
	66	install -p %{SOURCE6} $RPM_BUILD_ROOT%{_sysconfdir}
	67	cp -p $RPM_BUILD_ROOT%{_sysconfdir}/{apache,httpd}.conf
	68
	69	%clean
	70	rm -rf $RPM_BUILD_ROOT
	71
	72	%triggerin -- apache1 < 1.3.37-3, apache1-base
	73	%webapp_register apache %{_webapp}
	74
	75	%triggerun -- apache1 < 1.3.37-3, apache1-base
	76	%webapp_unregister apache %{_webapp}
	77
	78	%triggerin -- apache < 2.2.0, apache-base
	79	%webapp_register httpd %{_webapp}
	80
	81	%triggerun -- apache < 2.2.0, apache-base
	82	%webapp_unregister httpd %{_webapp}
	83
	84	%triggerin -- lighttpd
	85	%webapp_register lighttpd %{_webapp}
	86
	87	%triggerun -- lighttpd
	88	%webapp_unregister lighttpd %{_webapp}
	89
	90	%triggerin -- nginx
	91	%webapp_register nginx %{_webapp}
	92
	93	%triggerun -- nginx
	94	%webapp_unregister nginx %{_webapp}
	95
	96	%files
	97	%defattr(644,root,root,755)
	98	%doc README.md CHANGELOG LICENSE
	99	%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/cron.d/%{name}
	100	%dir %attr(750,root,http) %{_sysconfdir}
	101	%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/apache.conf
	102	%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/httpd.conf
	103	%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/lighttpd.conf
	104	%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nginx.conf
	105	%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/config
	106	%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/domains.txt
	107	%attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/hook.sh
	108	%attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/hook-dns-01.sh
	109	%attr(755,root,root) %{_sbindir}/%{name}
	110	%dir %attr(751,root,root) /var/lib/%{name}
	111	%dir %attr(700,root,root) /var/lib/%{name}/accounts
	112	%dir %attr(700,root,root) /var/lib/%{name}/certs
	113	# challenges written here, need to be readable by webserver
	114	%dir %attr(751,root,root) /var/lib/%{name}/acme-challenge