Summary: letsencrypt/acme client implemented as a shell-script
Name: dehydrated
-Version: 0.4.0
-Release: 2
+Version: 0.6.5
+Release: 1
License: MIT
Group: Applications/Networking
Source0: https://github.com/lukas2511/dehydrated/archive/v%{version}/%{name}-%{version}.tar.gz
-# Source0-md5: 8114ba0144a158d5ad1bdf02e6f43195
-Source1: apache.conf
+# Source0-md5: cedf07369517c317c4e1075540b94699
+Source1: httpd.conf
Source2: lighttpd.conf
Source3: nginx.conf
Source4: domains.txt
-Source5: hook.sh
-Source6: crontab
+Source5: crontab
+Source6: config.sh
+Source7: 01-ca-path.sh
+Source8: 02-challenge-type.sh
+Source9: 03-keys.sh
+Source10: 04-renew.sh
+Source11: 05-ocsp.sh
+Source12: 06-hook.sh
+Source13: 07-contact.sh
+Source14: hook.sh
+Source15: hook.functions
+Source16: hook.custom_functions
+Source17: hook.global
+Source18: sudoers
Patch0: tld.patch
URL: https://github.com/lukas2511/dehydrated
BuildRequires: rpmbuild(macros) >= 1.713
Requires: mktemp
Requires: openssl-tools
Requires: sed
+Requires: sudo
Requires: webapps
+Requires(postun): /usr/sbin/groupdel
+Requires(pre): /usr/bin/getgid
+Requires(pre): /usr/sbin/groupadd
Suggests: webserver(access)
Suggests: webserver(alias)
BuildArch: noarch
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%define _webapps /etc/webapps
-%define _webapp %{name}
-%define _sysconfdir %{_webapps}/%{_webapp}
-%define _appdir %{_datadir}/%{_webapp}
%description
This is a client for signing certificates with an ACME-server
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT{%{_sbindir},%{_sysconfdir}/certs,/etc/cron.d} \
- $RPM_BUILD_ROOT/var/lib/%{name}/{accounts,acme-challenges,certs}
+install -d $RPM_BUILD_ROOT{%{_sbindir},{/etc/%{name},%{_webapps}/%{name}}/{conf.d,hooks,hooks.d},/etc/{cron,sudoers}.d} \
+ $RPM_BUILD_ROOT/var/lib/%{name}/{accounts,acme-challenges,alpn-certs,certs}
install -p %{name} $RPM_BUILD_ROOT%{_sbindir}
-cp -p %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/apache.conf
-cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/lighttpd.conf
-cp -p %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/nginx.conf
-cp -p docs/examples/config $RPM_BUILD_ROOT%{_sysconfdir}
-cp -p %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}
-cp -p %{SOURCE6} $RPM_BUILD_ROOT/etc/cron.d/%{name}
-install -p %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}
-cp -p $RPM_BUILD_ROOT%{_sysconfdir}/{apache,httpd}.conf
+cp -p %{SOURCE1} $RPM_BUILD_ROOT%{_webapps}/%{name}/httpd.conf
+cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_webapps}/%{name}/lighttpd.conf
+cp -p %{SOURCE3} $RPM_BUILD_ROOT%{_webapps}/%{name}/nginx.conf
+cp -p %{SOURCE4} $RPM_BUILD_ROOT/etc/%{name}/domains.txt
+cp -p %{SOURCE5} $RPM_BUILD_ROOT/etc/cron.d/%{name}
+cp -p %{SOURCE6} $RPM_BUILD_ROOT/etc/%{name}/config
+cp -p %{SOURCE7} %{SOURCE8} %{SOURCE9} %{SOURCE10} \
+ %{SOURCE11} %{SOURCE12} %{SOURCE13} \
+ $RPM_BUILD_ROOT/etc/%{name}/conf.d/
+install -p %{SOURCE14} $RPM_BUILD_ROOT/etc/%{name}/hooks/hook.sh
+cp -p %{SOURCE15} $RPM_BUILD_ROOT/etc/%{name}/hooks/functions
+cp -p %{SOURCE16} $RPM_BUILD_ROOT/etc/%{name}/hooks/custom_functions
+cp -p %{SOURCE17} $RPM_BUILD_ROOT/etc/%{name}/hooks.d/global
+cp -p %{SOURCE18} $RPM_BUILD_ROOT/etc/sudoers.d/%{name}
+
+%pre
+%groupadd -g 184 dehydrated
+
+%postun
+if [ "$1" = "0" ]; then
+ %groupremove dehydrated
+fi
%clean
rm -rf $RPM_BUILD_ROOT
-%triggerin -- apache1 < 1.3.37-3, apache1-base
-%webapp_register apache %{_webapp}
-
-%triggerun -- apache1 < 1.3.37-3, apache1-base
-%webapp_unregister apache %{_webapp}
-
%triggerin -- apache < 2.2.0, apache-base
-%webapp_register httpd %{_webapp}
+%webapp_register httpd %{name}
%triggerun -- apache < 2.2.0, apache-base
-%webapp_unregister httpd %{_webapp}
+%webapp_unregister httpd %{name}
%triggerin -- lighttpd
-%webapp_register lighttpd %{_webapp}
+%webapp_register lighttpd %{name}
%triggerun -- lighttpd
-%webapp_unregister lighttpd %{_webapp}
+%webapp_unregister lighttpd %{name}
%triggerin -- nginx
-%webapp_register nginx %{_webapp}
+%webapp_register nginx %{name}
%triggerun -- nginx
-%webapp_unregister nginx %{_webapp}
+%webapp_unregister nginx %{name}
%files
%defattr(644,root,root,755)
-%doc README.md CHANGELOG LICENSE
+%doc README.md CHANGELOG LICENSE docs/*.md docs/examples/config
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/cron.d/%{name}
-%dir %attr(750,root,http) %{_sysconfdir}
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/apache.conf
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/httpd.conf
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/lighttpd.conf
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/nginx.conf
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/config
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/domains.txt
-%attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/hook.sh
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sudoers.d/%{name}
+%dir %attr(750,root,http) %{_webapps}/%{name}
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_webapps}/%{name}/httpd.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_webapps}/%{name}/lighttpd.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_webapps}/%{name}/nginx.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/%{name}/config
+%dir %attr(755,root,root) /etc/%{name}
+%dir %attr(755,root,root) /etc/%{name}/conf.d
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/%{name}/conf.d/*.sh
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/%{name}/domains.txt
+%dir %attr(755,root,root) /etc/%{name}/hooks
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/%{name}/hooks/custom_functions
+%attr(640,root,root) /etc/%{name}/hooks/functions
+%attr(750,root,root) /etc/%{name}/hooks/hook.sh
+%dir %attr(755,root,root) /etc/%{name}/hooks.d
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/%{name}/hooks.d/global
%attr(755,root,root) %{_sbindir}/%{name}
%dir %attr(751,root,root) /var/lib/%{name}
%dir %attr(700,root,root) /var/lib/%{name}/accounts
-%dir %attr(700,root,root) /var/lib/%{name}/certs
-# challenges written here, need to be readable by webserver
-%dir %attr(751,root,root) /var/lib/%{name}/acme-challenges
+%dir %attr(750,root,dehydrated) /var/lib/%{name}/alpn-certs
+%dir %attr(750,root,dehydrated) /var/lib/%{name}/certs
+# challenges are written here, need to be readable by webserver
+%dir %attr(751,root,dehydrated) /var/lib/%{name}/acme-challenges