1 Summary: letsencrypt/acme client implemented as a shell-script
6 Group: Applications/Networking
7 Source0: https://github.com/lukas2511/dehydrated/archive/v%{version}/%{name}-%{version}.tar.gz
8 # Source0-md5: 7a3b92b963da6469c4a53f051d6efa24
10 Source2: lighttpd.conf
16 URL: https://github.com/lukas2511/dehydrated
17 BuildRequires: rpmbuild(macros) >= 1.713
23 Requires: openssl-tools
26 Suggests: webserver(access)
27 Suggests: webserver(alias)
29 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
31 %define _webapps /etc/webapps
32 %define _webapp %{name}
33 %define _sysconfdir %{_webapps}/%{_webapp}
34 %define _appdir %{_datadir}/%{_webapp}
37 This is a client for signing certificates with an ACME-server
38 (currently only provided by letsencrypt) implemented as a relatively
42 - Signing of a list of domains
44 - Renewal if a certificate is about to expire or SAN (subdomains)
46 - Certificate revocation
53 rm -rf $RPM_BUILD_ROOT
54 install -d $RPM_BUILD_ROOT{%{_sbindir},%{_sysconfdir}/certs,/etc/cron.d} \
55 $RPM_BUILD_ROOT/var/lib/%{name}/{accounts,acme-challenge,certs}
57 install -p %{name} $RPM_BUILD_ROOT%{_sbindir}
58 cp -p %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/apache.conf
59 cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/lighttpd.conf
60 cp -p %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/nginx.conf
61 cp -p docs/examples/config $RPM_BUILD_ROOT%{_sysconfdir}
62 cp -p %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}
63 cp -p %{SOURCE6} $RPM_BUILD_ROOT/etc/cron.d/%{name}
64 install -p %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}
65 cp -p $RPM_BUILD_ROOT%{_sysconfdir}/{apache,httpd}.conf
68 rm -rf $RPM_BUILD_ROOT
70 %triggerin -- apache1 < 1.3.37-3, apache1-base
71 %webapp_register apache %{_webapp}
73 %triggerun -- apache1 < 1.3.37-3, apache1-base
74 %webapp_unregister apache %{_webapp}
76 %triggerin -- apache < 2.2.0, apache-base
77 %webapp_register httpd %{_webapp}
79 %triggerun -- apache < 2.2.0, apache-base
80 %webapp_unregister httpd %{_webapp}
82 %triggerin -- lighttpd
83 %webapp_register lighttpd %{_webapp}
85 %triggerun -- lighttpd
86 %webapp_unregister lighttpd %{_webapp}
89 %webapp_register nginx %{_webapp}
92 %webapp_unregister nginx %{_webapp}
95 %defattr(644,root,root,755)
96 %doc README.md CHANGELOG LICENSE
97 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/cron.d/%{name}
98 %dir %attr(750,root,http) %{_sysconfdir}
99 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/apache.conf
100 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/httpd.conf
101 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/lighttpd.conf
102 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nginx.conf
103 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/config
104 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/domains.txt
105 %attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/hook.sh
106 %attr(755,root,root) %{_sbindir}/%{name}
107 %dir %attr(751,root,root) /var/lib/%{name}
108 %dir %attr(700,root,root) /var/lib/%{name}/accounts
109 %dir %attr(700,root,root) /var/lib/%{name}/certs
110 # challenges written here, need to be readable by webserver
111 %dir %attr(751,root,root) /var/lib/%{name}/acme-challenge