Summary: letsencrypt/acme client implemented as a shell-script Name: dehydrated Version: 0.6.2 Release: 1 License: MIT Group: Applications/Networking Source0: https://github.com/lukas2511/dehydrated/archive/v%{version}/%{name}-%{version}.tar.gz # Source0-md5: d4db13d5965054b0a231bf95285c6cf0 Source1: httpd.conf Source2: lighttpd.conf Source3: nginx.conf Source4: domains.txt Source5: crontab Source6: config.sh Source7: 01-ca-path.sh Source8: 02-challenge-type.sh Source9: 03-keys.sh Source10: 04-renew.sh Source11: 05-ocsp.sh Source12: 06-hook.sh Source13: 07-contact.sh Source14: hook.sh Source15: hook.functions Source16: hook.custom_functions Source17: hook.global Patch0: tld.patch URL: https://github.com/lukas2511/dehydrated BuildRequires: rpmbuild(macros) >= 1.713 Requires: ca-certificates Requires: crondaemon Requires: curl Requires: diffutils Requires: grep Requires: mktemp Requires: openssl-tools Requires: sed Requires: webapps Suggests: webserver(access) Suggests: webserver(alias) BuildArch: noarch BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) %define _webapps /etc/webapps %description This is a client for signing certificates with an ACME-server (currently only provided by letsencrypt) implemented as a relatively simple bash-script. Current features: - Signing of a list of domains - Signing of a CSR - Renewal if a certificate is about to expire or SAN (subdomains) changed - Certificate revocation %prep %setup -q %patch0 -p1 %install rm -rf $RPM_BUILD_ROOT install -d $RPM_BUILD_ROOT{%{_sbindir},{/etc/%{name},%{_webapps}/%{name}}/{conf.d,hooks,hooks.d},/etc/cron.d} \ $RPM_BUILD_ROOT/var/lib/%{name}/{accounts,acme-challenges,certs} install -p %{name} $RPM_BUILD_ROOT%{_sbindir} cp -p %{SOURCE1} $RPM_BUILD_ROOT%{_webapps}/%{name}/httpd.conf cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_webapps}/%{name}/lighttpd.conf cp -p %{SOURCE3} $RPM_BUILD_ROOT%{_webapps}/%{name}/nginx.conf cp -p %{SOURCE4} $RPM_BUILD_ROOT/etc/%{name}/domains.txt cp -p %{SOURCE5} $RPM_BUILD_ROOT/etc/cron.d/%{name} cp -p %{SOURCE6} $RPM_BUILD_ROOT/etc/%{name}/config cp -p %{SOURCE7} %{SOURCE8} %{SOURCE9} %{SOURCE10} \ %{SOURCE11} %{SOURCE12} %{SOURCE13} \ $RPM_BUILD_ROOT/etc/%{name}/conf.d/ install -p %{SOURCE14} $RPM_BUILD_ROOT/etc/%{name}/hooks/hook.sh cp -p %{SOURCE15} $RPM_BUILD_ROOT/etc/%{name}/hooks/functions cp -p %{SOURCE16} $RPM_BUILD_ROOT/etc/%{name}/hooks/custom_functions cp -p %{SOURCE17} $RPM_BUILD_ROOT/etc/%{name}/hooks.d/global %clean rm -rf $RPM_BUILD_ROOT %triggerin -- apache < 2.2.0, apache-base %webapp_register httpd %{name} %triggerun -- apache < 2.2.0, apache-base %webapp_unregister httpd %{name} %triggerin -- lighttpd %webapp_register lighttpd %{name} %triggerun -- lighttpd %webapp_unregister lighttpd %{name} %triggerin -- nginx %webapp_register nginx %{name} %triggerun -- nginx %webapp_unregister nginx %{name} %files %defattr(644,root,root,755) %doc README.md CHANGELOG LICENSE %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/cron.d/%{name} %dir %attr(750,root,http) %{_webapps}/%{name} %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_webapps}/%{name}/httpd.conf %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_webapps}/%{name}/lighttpd.conf %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_webapps}/%{name}/nginx.conf %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/%{name}/config %dir %attr(755,root,root) /etc/%{name}/conf.d %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/%{name}/conf.d/*.sh %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/%{name}/domains.txt %dir %attr(755,root,root) /etc/%{name}/hooks %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/%{name}/hooks/custom_functions %attr(640,root,root) /etc/%{name}/hooks/functions %attr(750,root,root) /etc/%{name}/hooks/hook.sh %dir %attr(755,root,root) /etc/%{name}/hooks.d %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/%{name}/hooks.d/global %attr(755,root,root) %{_sbindir}/%{name} %dir %attr(751,root,root) /var/lib/%{name} %dir %attr(700,root,root) /var/lib/%{name}/accounts %dir %attr(700,root,root) /var/lib/%{name}/certs # challenges written here, need to be readable by webserver %dir %attr(751,root,root) /var/lib/%{name}/acme-challenges