Summary: letsencrypt/acme client implemented as a shell-script
Name: dehydrated
-Version: 0.3.1
-Release: 0.10
+Version: 0.6.2
+Release: 3
License: MIT
Group: Applications/Networking
Source0: https://github.com/lukas2511/dehydrated/archive/v%{version}/%{name}-%{version}.tar.gz
-# Source0-md5: 7a3b92b963da6469c4a53f051d6efa24
+# Source0-md5: d4db13d5965054b0a231bf95285c6cf0
Source1: apache.conf
Source2: lighttpd.conf
Source3: nginx.conf
-Source4: domains.txt
Source5: hook.sh
-Source6: crontab
+Source6: hook-dns-01.sh
+Source7: crontab
+Source8: sudoers
Patch0: pld.patch
-URL: https://github.com/lukas2511/dehydrated
+URL: https://dehydrated.io/
BuildRequires: rpmbuild(macros) >= 1.713
+Requires: ca-certificates
Requires: crondaemon
Requires: curl
+Requires: diffutils
Requires: grep
Requires: mktemp
Requires: openssl-tools
Requires: sed
+Requires: sudo
Requires: webapps
+Requires(postun): /usr/sbin/groupdel
+Requires(pre): /usr/bin/getgid
+Requires(pre): /usr/sbin/groupadd
Suggests: webserver(access)
Suggests: webserver(alias)
-Provides: letsencrypt.sh = %{version}
-Obsoletes: letsencrypt.sh < 0.3
BuildArch: noarch
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT{%{_sbindir},%{_sysconfdir}/certs,/etc/cron.d} \
+install -d $RPM_BUILD_ROOT{%{_sbindir},%{_sysconfdir}/certs,/etc/{cron,sudoers}.d} \
$RPM_BUILD_ROOT/var/lib/%{name}/{accounts,acme-challenge,certs}
install -p %{name} $RPM_BUILD_ROOT%{_sbindir}
cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/lighttpd.conf
cp -p %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/nginx.conf
cp -p docs/examples/config $RPM_BUILD_ROOT%{_sysconfdir}
-cp -p %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}
-cp -p %{SOURCE6} $RPM_BUILD_ROOT/etc/cron.d/%{name}
+cp -p docs/examples/domains.txt $RPM_BUILD_ROOT%{_sysconfdir}
+cp -p %{SOURCE7} $RPM_BUILD_ROOT/etc/cron.d/%{name}
+cp -p %{SOURCE8} $RPM_BUILD_ROOT/etc/sudoers.d/%{name}
install -p %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}
+install -p %{SOURCE6} $RPM_BUILD_ROOT%{_sysconfdir}
cp -p $RPM_BUILD_ROOT%{_sysconfdir}/{apache,httpd}.conf
+%pre
+%groupadd -g 184 dehydrated
+
+%postun
+if [ "$1" = "0" ]; then
+ %groupremove dehydrated
+fi
+
%clean
rm -rf $RPM_BUILD_ROOT
%defattr(644,root,root,755)
%doc README.md CHANGELOG LICENSE
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/cron.d/%{name}
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sudoers.d/%{name}
%dir %attr(750,root,http) %{_sysconfdir}
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/apache.conf
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/httpd.conf
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/config
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/domains.txt
%attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/hook.sh
+%attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/hook-dns-01.sh
%attr(755,root,root) %{_sbindir}/%{name}
%dir %attr(751,root,root) /var/lib/%{name}
%dir %attr(700,root,root) /var/lib/%{name}/accounts
-%dir %attr(700,root,root) /var/lib/%{name}/certs
+%dir %attr(750,root,dehydrated) /var/lib/%{name}/certs
# challenges written here, need to be readable by webserver
-%dir %attr(751,root,root) /var/lib/%{name}/acme-challenge
+%dir %attr(751,root,dehydrated) /var/lib/%{name}/acme-challenge