1 Summary: letsencrypt/acme client implemented as a shell-script
6 Group: Applications/Networking
7 Source0: https://github.com/lukas2511/dehydrated/archive/v%{version}/%{name}-%{version}.tar.gz
8 # Source0-md5: 8114ba0144a158d5ad1bdf02e6f43195
10 Source2: lighttpd.conf
15 Source7: 01-ca-path.sh
16 Source8: 02-challenge-type.sh
21 Source13: 07-contact.sh
23 Source15: hook.functions
24 Source16: hook.custom_functions
27 URL: https://github.com/lukas2511/dehydrated
28 BuildRequires: rpmbuild(macros) >= 1.713
29 Requires: ca-certificates
35 Requires: openssl-tools
38 Suggests: webserver(access)
39 Suggests: webserver(alias)
41 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
43 %define _webapps /etc/webapps
46 This is a client for signing certificates with an ACME-server
47 (currently only provided by letsencrypt) implemented as a relatively
51 - Signing of a list of domains
53 - Renewal if a certificate is about to expire or SAN (subdomains)
55 - Certificate revocation
62 rm -rf $RPM_BUILD_ROOT
63 install -d $RPM_BUILD_ROOT{%{_sbindir},{/etc/%{name},%{_webapps}/%{name}}/{conf.d,hooks,hooks.d},/etc/cron.d} \
64 $RPM_BUILD_ROOT/var/lib/%{name}/{accounts,acme-challenges,certs}
66 install -p %{name} $RPM_BUILD_ROOT%{_sbindir}
67 cp -p %{SOURCE1} $RPM_BUILD_ROOT%{_webapps}/%{name}/httpd.conf
68 cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_webapps}/%{name}/lighttpd.conf
69 cp -p %{SOURCE3} $RPM_BUILD_ROOT%{_webapps}/%{name}/nginx.conf
70 cp -p %{SOURCE4} $RPM_BUILD_ROOT/etc/%{name}/domains.txt
71 cp -p %{SOURCE5} $RPM_BUILD_ROOT/etc/cron.d/%{name}
72 cp -p %{SOURCE6} $RPM_BUILD_ROOT/etc/%{name}/config
73 cp -p %{SOURCE7} %{SOURCE8} %{SOURCE9} %{SOURCE10} \
74 %{SOURCE11} %{SOURCE12} %{SOURCE13} \
75 $RPM_BUILD_ROOT/etc/%{name}/conf.d/
76 install -p %{SOURCE14} $RPM_BUILD_ROOT/etc/%{name}/hooks/hook.sh
77 cp -p %{SOURCE15} $RPM_BUILD_ROOT/etc/%{name}/hooks/functions
78 cp -p %{SOURCE16} $RPM_BUILD_ROOT/etc/%{name}/hooks/custom_functions
79 cp -p %{SOURCE17} $RPM_BUILD_ROOT/etc/%{name}/hooks.d/global
82 rm -rf $RPM_BUILD_ROOT
84 %triggerin -- apache < 2.2.0, apache-base
85 %webapp_register httpd %{name}
87 %triggerun -- apache < 2.2.0, apache-base
88 %webapp_unregister httpd %{name}
90 %triggerin -- lighttpd
91 %webapp_register lighttpd %{name}
93 %triggerun -- lighttpd
94 %webapp_unregister lighttpd %{name}
97 %webapp_register nginx %{name}
100 %webapp_unregister nginx %{name}
103 %defattr(644,root,root,755)
104 %doc README.md CHANGELOG LICENSE
105 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/cron.d/%{name}
106 %dir %attr(750,root,http) %{_webapps}/%{name}
107 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_webapps}/%{name}/httpd.conf
108 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_webapps}/%{name}/lighttpd.conf
109 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_webapps}/%{name}/nginx.conf
110 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/%{name}/config
111 %attr(755,root,root) /etc/%{name}/conf.d
112 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/%{name}/conf.d/*.sh
113 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/%{name}/domains.txt
114 %dir %attr(755,root,root) /etc/%{name}/hooks
115 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/%{name}/hooks/custom_functions
116 %attr(640,root,root) /etc/%{name}/hooks/functions
117 %attr(750,root,root) /etc/%{name}/hooks/hook.sh
118 %dir %attr(755,root,root) /etc/%{name}/hooks.d
119 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/%{name}/hooks.d/global
120 %attr(755,root,root) %{_sbindir}/%{name}
121 %dir %attr(751,root,root) /var/lib/%{name}
122 %dir %attr(700,root,root) /var/lib/%{name}/accounts
123 %dir %attr(700,root,root) /var/lib/%{name}/certs
124 # challenges written here, need to be readable by webserver
125 %dir %attr(751,root,root) /var/lib/%{name}/acme-challenges