-# Path to certificate authority (default: https://acme-v02.api.letsencrypt.org/directory)
-#CA="https://acme-v02.api.letsencrypt.org/directory"
-
-# Path to staging certificate authority (for testing purposes)
-#CA="https://acme-staging-v02.api.letsencrypt.org/directory"
+# URL to certificate authority or internal preset
+# Presets: letsencrypt, letsencrypt-test, zerossl, buypass, buypass-test
+# default: letsencrypt
+#CA="letsencrypt"
-# Which challenge should be used? Currently http-01 and dns-01 are supported
+# Which challenge should be used? Currently http-01, dns-01 and tls-alpn-01 are supported
#CHALLENGETYPE="http-01"
#PRIVATE_KEY_ROLLOVER="no"
# Which public key algorithm should be used? Supported: rsa, prime256v1 and secp384r1
-#KEY_ALGO=rsa
+#KEY_ALGO=secp384r1
# Option to add CSR-flag indicating OCSP stapling to be mandatory (default: no)
#OCSP_MUST_STAPLE="no"
+
+# Fetch OCSP responses (default: no)
+#OCSP_FETCH="no"
+
+# OCSP refresh interval (default: 5 days)
+#OCSP_DAYS=5
--- /dev/null
+# Extra options passed to the curl binary (default: <unset>)
+#CURL_OPTS=
Summary: letsencrypt/acme client implemented as a shell-script
Name: dehydrated
-Version: 0.6.5
+Version: 0.7.0
Release: 1
License: MIT
Group: Applications/Networking
Source0: https://github.com/lukas2511/dehydrated/archive/v%{version}/%{name}-%{version}.tar.gz
-# Source0-md5: cedf07369517c317c4e1075540b94699
+# Source0-md5: a23c9f7a475b9d690e788ee13dd8f14a
Source1: httpd.conf
Source2: lighttpd.conf
Source3: nginx.conf
Source11: 05-ocsp.sh
Source12: 06-hook.sh
Source13: 07-contact.sh
-Source14: hook.sh
-Source15: hook.functions
-Source16: hook.custom_functions
-Source17: hook.global
-Source18: sudoers
+Source14: 08-curl.sh
+Source30: hook.sh
+Source31: hook.functions
+Source32: hook.custom_functions
+Source33: hook.global
+Source34: sudoers
Patch0: tld.patch
URL: https://github.com/lukas2511/dehydrated
BuildRequires: rpmbuild(macros) >= 1.713
cp -p %{SOURCE5} $RPM_BUILD_ROOT/etc/cron.d/%{name}
cp -p %{SOURCE6} $RPM_BUILD_ROOT/etc/%{name}/config
cp -p %{SOURCE7} %{SOURCE8} %{SOURCE9} %{SOURCE10} \
- %{SOURCE11} %{SOURCE12} %{SOURCE13} \
+ %{SOURCE11} %{SOURCE12} %{SOURCE13} %{SOURCE14} \
$RPM_BUILD_ROOT/etc/%{name}/conf.d/
-install -p %{SOURCE14} $RPM_BUILD_ROOT/etc/%{name}/hooks/hook.sh
-cp -p %{SOURCE15} $RPM_BUILD_ROOT/etc/%{name}/hooks/functions
-cp -p %{SOURCE16} $RPM_BUILD_ROOT/etc/%{name}/hooks/custom_functions
-cp -p %{SOURCE17} $RPM_BUILD_ROOT/etc/%{name}/hooks.d/global
-cp -p %{SOURCE18} $RPM_BUILD_ROOT/etc/sudoers.d/%{name}
+install -p %{SOURCE30} $RPM_BUILD_ROOT/etc/%{name}/hooks/hook.sh
+cp -p %{SOURCE31} $RPM_BUILD_ROOT/etc/%{name}/hooks/functions
+cp -p %{SOURCE32} $RPM_BUILD_ROOT/etc/%{name}/hooks/custom_functions
+cp -p %{SOURCE33} $RPM_BUILD_ROOT/etc/%{name}/hooks.d/global
+cp -p %{SOURCE34} $RPM_BUILD_ROOT/etc/sudoers.d/%{name}
%pre
%groupadd -g 184 dehydrated
-diff -ur dehydrated-0.6.5.orig/dehydrated dehydrated-0.6.5/dehydrated
---- dehydrated-0.6.5.orig/dehydrated 2019-06-26 12:33:35.000000000 +0200
-+++ dehydrated-0.6.5/dehydrated 2020-08-16 15:17:01.872293508 +0200
+diff -ur dehydrated-0.7.0.orig/dehydrated dehydrated-0.7.0/dehydrated
+--- dehydrated-0.7.0.orig/dehydrated 2020-12-10 16:54:26.000000000 +0100
++++ dehydrated-0.7.0/dehydrated 2021-01-01 18:41:50.608417166 +0100
@@ -1,4 +1,4 @@
-#!/usr/bin/env bash
+#!/bin/bash
-BASEDIR="${SCRIPTDIR}"
+BASEDIR="/var/lib/dehydrated"
- ORIGARGS="$@"
+ ORIGARGS=("${@}")
- # Create (identifiable) temporary files
-@@ -135,7 +135,7 @@
- DOMAINS_TXT=
+ # Generate json.sh path matching string
+@@ -340,7 +340,7 @@
HOOK=
+ PREFERRED_CHAIN=
HOOK_CHAIN="no"
- RENEW_DAYS="30"
+ RENEW_DAYS="10"
KEYSIZE="4096"
WELLKNOWN=
PRIVATE_KEY_RENEW="yes"
-@@ -151,8 +151,8 @@
+@@ -356,8 +356,8 @@
IP_VERSION=
CHAINCACHE=
AUTO_CLEANUP="no"
API="auto"
if [[ -z "${CONFIG:-}" ]]; then
-@@ -260,8 +260,8 @@
+@@ -495,8 +495,8 @@
[[ -z "${CERTDIR}" ]] && CERTDIR="${BASEDIR}/certs"
[[ -z "${ALPNCERTDIR}" ]] && ALPNCERTDIR="${BASEDIR}/alpn-certs"
[[ -z "${CHAINCACHE}" ]] && CHAINCACHE="${BASEDIR}/chains"
[[ -z "${LOCKFILE}" ]] && LOCKFILE="${BASEDIR}/lock"
[[ -z "${OPENSSL_CNF}" ]] && OPENSSL_CNF="$("${OPENSSL}" version -d | cut -d\" -f2)/openssl.cnf"
[[ -n "${PARAM_LOCKFILE_SUFFIX:-}" ]] && LOCKFILE="${LOCKFILE}-${PARAM_LOCKFILE_SUFFIX}"
-diff -ur dehydrated-0.6.5.orig/docs/examples/config dehydrated-0.6.5/docs/examples/config
---- dehydrated-0.6.5.orig/docs/examples/config 2019-06-26 12:33:35.000000000 +0200
-+++ dehydrated-0.6.5/docs/examples/config 2020-08-16 15:17:01.872293508 +0200
-@@ -45,11 +45,11 @@
+diff -ur dehydrated-0.7.0.orig/docs/examples/config dehydrated-0.7.0/docs/examples/config
+--- dehydrated-0.7.0.orig/docs/examples/config 2020-12-10 16:54:26.000000000 +0100
++++ dehydrated-0.7.0/docs/examples/config 2021-01-01 18:41:13.934417166 +0100
+@@ -47,11 +47,11 @@
# default: <unset>
#DOMAINS_D=
# Output directory for generated certificates
#CERTDIR="${BASEDIR}/certs"
-@@ -61,7 +61,7 @@
+@@ -63,7 +63,7 @@
#ACCOUNTDIR="${BASEDIR}/accounts"
# Output directory for challenge-tokens to be served by webserver or deployed in HOOK (default: /var/www/dehydrated)
# Default keysize for private keys (default: 4096)
#KEYSIZE="4096"
-@@ -85,13 +85,13 @@
+@@ -87,13 +87,13 @@
#
# BASEDIR and WELLKNOWN variables are exported and can be used in an external program
# default: <unset>
TLD / packages / dehydrated.git / commitdiff