Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE
dehydrated.11707
dehydrated.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File dehydrated.spec of Package dehydrated.11707
# # spec file for package dehydrated # # Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # %define _challengedir %{_localstatedir}/lib/acme-challenge %define _user dehydrated %define _home %{_sysconfdir}/dehydrated %define _postrunhooks %{_home}/postrun-hooks.d %if 0%{?suse_version} > 1230 %define _lock_dir /run/dehydrated %bcond_without systemd %else %define _lock_dir %{_localstatedir}/run/dehydrated %bcond_with systemd %endif %if 0%{?is_opensuse} || %{defined fedora} %bcond_without nginx %bcond_without lighttpd %else %bcond_with nginx %bcond_with lighttpd %endif %{!?_tmpfilesdir: %global _tmpfilesdir %{_prefix}/lib/tmpfiles.d } # See also http://en.opensuse.org/openSUSE:Specfile_guidelines %if 0%{?suse_version} %define _apache apache2 %else %define _apache httpd %endif Name: dehydrated Version: 0.6.5 Release: 0 Summary: A client for signing certificates with an ACME server License: MIT Group: Productivity/Networking/Security Url: https://github.com/lukas2511/dehydrated Source0: %{name}-%{version}.tar.gz Source1: acme-challenge.conf.apache.in Source2: acme-challenge.conf.nginx.in Source3: acme-challenge.conf.lighttpd.in Source4: dehydrated.cron.in Source5: dehydrated.tmpfiles.d Source6: dehydrated.service.in Source7: dehydrated.timer Source9: README.SUSE Source10: README.Fedora Source11: README.hooks Source12: %{name}-%{version}.tar.gz.asc Source13: %{name}.keyring BuildRequires: %{_apache} Requires: coreutils Requires: curl Requires: openssl Requires: sudo Requires(pre): %{_bindir}/getent Requires(pre): %{_sbindir}/groupadd Requires(pre): %{_sbindir}/useradd Obsoletes: letsencrypt.sh < %{version} Provides: letsencrypt.sh = %{version} %if %{with lighttpd} BuildRequires: lighttpd %endif %if %{with nginx} BuildRequires: nginx %endif %if %{defined fedora} BuildRequires: generic-logos BuildRequires: generic-logos-httpd %endif # openSUSE >= 12.3 has shadow, pwdutils is provided but obsoleted. %if 0%{?suse_version} >= 1230 BuildRequires: shadow %endif %if %{with systemd} BuildRequires: systemd BuildRequires: pkgconfig(systemd) %{?systemd_requires} %else #with_systemd %if 0%{?suse_version} Requires: cron %endif %endif #with_systemd %if 0%{?suse_version} Recommends: dehydrated-acmeresponder %endif BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch %description This is a client for signing certificates with an ACME server (currently only provided by letsencrypt) implemented as a relatively simple bash-script. It uses the openssl utility for everything related to actually handling keys and certificates, so you need to have that installed. Other dependencies are: curl, sed, grep, mktemp (all found on almost any system, curl being the only exception) Current features: * Signing of a list of domains * Signing of a CSR * Renewal if a certificate is about to expire or SAN (subdomains) changed * Certificate revocation %package %{_apache} Summary: Apache Integration for dehydrated Group: Productivity/Networking/Security Requires: %{_apache} Requires: %{name} Obsoletes: letsencrypt.sh-%{_apache} < %{version} Provides: letsencrypt.sh-%{_apache} = %{version} %if ! 0%{?suse_version} Requires: mod_ssl %endif %description %{_apache} This adds a configuration file for dehydrated's acme-challenge to Apache. %if %{with nginx} %package nginx Summary: Nginx Integration for dehydrated Group: Productivity/Networking/Security Requires: %{name} Requires: nginx Obsoletes: letsencrypt.sh-nginx < %{version} Provides: letsencrypt.sh-nginx = %{version} %description nginx This adds a configuration file for dehydrated's acme-challenge to nginx. %endif #with nginx %if %{with lighttpd} %package lighttpd Summary: Lighttpd Integration for dehydrated Group: Productivity/Networking/Security Requires: %{name} Requires: lighttpd %description lighttpd This adds a configuration file for dehydrated's acme-challenge to lighttpd. %endif #with lighttpd %pre getent group %{_user} >/dev/null || %{_sbindir}/groupadd -r %{_user} getent passwd %{_user} >/dev/null || %{_sbindir}/useradd -g %{_user} \ -s /bin/false -r -c "%{_user}" -d %{_home} %{_user} if [ -d %{_sysconfdir}/letsencrypt.sh ]; then mv %{_sysconfdir}/letsencrypt.sh %{_sysconfdir}/dehydrated; chown -R %{_user} %{_sysconfdir}/dehydrated; fi if [ -e %{_sysconfdir}/dehydrated/config.sh ]; then mv %{_sysconfdir}/dehydrated/config.sh %{_sysconfdir}/dehydrated/config; fi %if %{with systemd} %service_add_pre dehydrated.service dehydrated.timer %post systemd-tmpfiles --create %{_tmpfilesdir}/%{name}.conf ||: %service_add_post dehydrated.service dehydrated.timer %preun %service_del_preun dehydrated.service dehydrated.timer %postun %service_del_postun dehydrated.service dehydrated.timer %endif %prep %setup -q cp %{SOURCE9} . cp %{SOURCE10} . %build %install # sensitive keys mkdir -p %{buildroot}%{_home}/{accounts,certs,chains} mkdir -p %{buildroot}%{_sbindir} mkdir -p %{buildroot}%{_mandir}/man1 mkdir -p %{buildroot}%{_home}/config.d mkdir -p %{buildroot}%{_postrunhooks} cat docs/man/dehydrated.1 | gzip > %{buildroot}%{_mandir}/man1/dehydrated.1.gz # Silence E: env-script-interpreter find \( -name \*.sh -o -name dehydrated \) -exec sed -i "s,#!/usr/bin/env bash,#!$(command -v bash),g" {} \; sed -i "s,#WELLKNOWN=.*,WELLKNOWN=%{_challengedir},g" docs/examples/config install -m 0644 docs/examples/* %{buildroot}%{_home} install -m 0644 %{SOURCE11} %{buildroot}%{_postrunhooks} install -m 0755 -d %{buildroot}%{_bindir} install -m 0755 dehydrated %{buildroot}%{_bindir} install -m 0755 -d %{buildroot}%{_challengedir} install -m 0755 -d %{buildroot}%{_sysconfdir}/%{_apache}/conf.d sed "s,@CHALLENGEDIR@,%{_challengedir},g" %{SOURCE1} > acme-challenge.conf install -m 0644 acme-challenge.conf %{buildroot}%{_sysconfdir}/%{_apache}/conf.d %if %{with nginx} install -m 0755 -d %{buildroot}%{_sysconfdir}/nginx sed "s,@CHALLENGEDIR@,%{_challengedir},g" %{SOURCE2} > acme-challenge install -m 0644 acme-challenge %{buildroot}%{_sysconfdir}/nginx %endif #with nginx %if %{with lighttpd} install -m 0755 -d %{buildroot}%{_sysconfdir}/lighttpd/conf.d sed "s,@CHALLENGEDIR@,%{_challengedir},g" %{SOURCE3} > acme-challenge install -m 0644 acme-challenge %{buildroot}%{_sysconfdir}/lighttpd/conf.d %endif #with lighttpd %if %{with systemd} install -D -m 0644 %{SOURCE5} %{buildroot}%{_tmpfilesdir}/%{name}.conf # Use timer sed "s,@POSTRUNHOOKS_DIR@,%{_postrunhooks},g" %{SOURCE6} > dehydrated.service install -D -m 644 dehydrated.service %{buildroot}%{_unitdir}/dehydrated.service install -D -m 644 %{SOURCE7} %{buildroot}%{_unitdir}/dehydrated.timer if [ $(rpm -q --queryformat='%{VERSION}' systemd) -lt 229 ]; then # No support for this attribute in systemd < v229 sed -i 's/^RandomizedDelaySec/#&/' %{buildroot}%{_unitdir}/dehydrated.timer fi %if 0%{?suse_version} ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcdehydrated %endif %else #with systemd install -D -d -m 0750 %{buildroot}%{_lock_dir} # Use cron install -m 0755 -d %{buildroot}%{_sysconfdir}/cron.d sed "s,@POSTRUNHOOKS_DIR@,%{_postrunhooks},g" %{SOURCE4} > dehydrated.cron install -m 0644 dehydrated.cron %{buildroot}%{_sysconfdir}/cron.d/dehydrated %endif #with systemd # Adjust config file perl -p -i -e 's|#LOCKFILE="\$\{BASEDIR\}/lock"|LOCKFILE="%{_lock_dir}/lock"|' %{buildroot}%{_home}/config perl -p -i -e 's|#CONFIG_D=|CONFIG_D="%{_home}/config.d"|' %{buildroot}%{_home}/config perl -p -i -e 's|#DEHYDRATED_USER=|DEHYDRATED_USER="%{_user}"|' %{buildroot}%{_home}/config perl -p -i -e 's|#DEHYDRATED_GROUP=|DEHYDRATED_GROUP="%{_user}"|' %{buildroot}%{_home}/config diff -urN docs/examples/config %{buildroot}%{_home}/config ||: %files %defattr(-,root,root) %attr(750,root,%{_user}) %dir %{_sysconfdir}/dehydrated %attr(700,%{_user},%{_user}) %dir %{_sysconfdir}/dehydrated/accounts %attr(700,%{_user},%{_user}) %dir %{_sysconfdir}/dehydrated/certs %attr(700,%{_user},%{_user}) %dir %{_sysconfdir}/dehydrated/chains %config(noreplace) %attr(640,root,%{_user}) %{_sysconfdir}/dehydrated/config %config(noreplace) %attr(750,root,%{_user}) %{_sysconfdir}/dehydrated/config.d %config(noreplace) %attr(640,root,%{_user}) %{_sysconfdir}/dehydrated/domains.txt %config(noreplace) %attr(750,root,%{_user}) %{_sysconfdir}/dehydrated/hook.sh %dir %attr(750,root,%{_user}) %{_postrunhooks} %config(noreplace) %attr(640,root,%{_user}) %{_postrunhooks}/README.hooks %{_bindir}/dehydrated %attr(-,%{_user},root) %dir %{_localstatedir}/lib/acme-challenge %{_mandir}/man1/* %doc LICENSE README.md docs/*.md docs/*.jpg %doc README.SUSE %if %{defined redhat} %doc README.Fedora %endif %if %{with systemd} %{_tmpfilesdir}/%{name}.conf %{_unitdir}/dehydrated.service %{_unitdir}/dehydrated.timer %{_sbindir}/rcdehydrated %ghost %attr(700,%{_user},%{_user}) %dir %{_lock_dir} %else %config %{_sysconfdir}/cron.d/dehydrated %attr(700,%{_user},%{_user}) %dir %{_lock_dir} %endif %files %{_apache} %defattr(-,root,root) %config %{_sysconfdir}/%{_apache}/conf.d/acme-challenge.conf %if %{with nginx} %files nginx %defattr(-,root,root) %config %attr(640,root,nginx) %{_sysconfdir}/nginx/acme-challenge %endif #with nginx %if %{with lighttpd} %files lighttpd %defattr(-,root,root) %config %attr(640,root,lighttpd) %{_sysconfdir}/lighttpd/conf.d/acme-challenge %endif #with lighttpd %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor