From 2198863d0e6461e09da59df9156ee1db484cf56c Mon Sep 17 00:00:00 2001 From: Paul Wouters Date: Tue, 21 Mar 2017 10:38:21 -0400 Subject: [PATCH 1/3] - Initial package --- .gitignore | 1 + dehydrated.spec | 86 +++++++++++++++++++++++++++++++++++++++++++++++++ sources | 1 + 3 files changed, 88 insertions(+) create mode 100644 dehydrated.spec diff --git a/.gitignore b/.gitignore index e69de29..714ae61 100644 --- a/.gitignore +++ b/.gitignore @@ -0,0 +1 @@ +/dehydrated-0.4.0.tar.gz diff --git a/dehydrated.spec b/dehydrated.spec new file mode 100644 index 0000000..5f7770f --- /dev/null +++ b/dehydrated.spec @@ -0,0 +1,86 @@ +Summary: A client for signing certificates with an ACME server +Name: dehydrated +Version: 0.4.0 +Release: 1%{?dist} +License: MIT +URL: https://github.com/lukas2511/dehydrated +Group: System Environment/Daemons +Source0: https://github.com/lukas2511/dehydrated/archive/v%{version}/%{name}-%{version}.tar.gz +Requires: openssl +Requires: curl +BuildArch: noarch + +%description +This is a client for signing certificates with an ACME-server +(currently only provided by Let's Encrypt) implemented as a relatively +simple bash-script. + +It uses the openssl utility for everything related to actually +handling keys and certificates, so you need to have that installed. + +Current features: +* Signing of a list of domains +* Signing of a CSR +* Renewal if a certificate is about to expire or SAN (subdomains) changed +* Certificate revocation + +%prep +%setup -q + +%build +: nothing to do + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot}%{_sysconfdir}/dehydrated/accounts +mkdir -p %{buildroot}%{_sysconfdir}/dehydrated/archive +mkdir -p %{buildroot}%{_sysconfdir}/dehydrated/certs +mkdir -p %{buildroot}%{_sysconfdir}/dehydrated/conf.d +mkdir -p %{buildroot}%{_bindir} +mkdir -p %{buildroot}%{_rundir}/dehydrated +sed \ + -e 's|^#LOCKFILE="\${BASEDIR}/lock"|LOCKFILE="%{_rundir}/dehydrated/lock"|' \ + -e 's|^#CONFIG_D=|CONFIG_D="\${BASEDIR}/conf.d"|' \ + -e 's|^#HOOK=|HOOK="\${BASEDIR}/hook.sh"|' \ + -e 's|^#PRIVATE_KEY_RENEW="yes"|PRIVATE_KEY_RENEW="no"|' \ + docs/examples/config >%{buildroot}%{_sysconfdir}/dehydrated/config +install docs/examples/hook.sh %{buildroot}%{_sysconfdir}/dehydrated/ +install dehydrated %{buildroot}%{_bindir}/dehydrated + +%clean +rm -rf %{buildroot} + +%post +if [ ! -f %{_sysconfdir}/cron.d/dehydrated ]; then + echo "$(($RANDOM % 60)) $(($RANDOM % 6)) * * $(($RANDOM % 7)) root test -s %{_sysconfdir}/dehydrated/domains.txt && %{_bindir}/dehydrated --cron" \ + >%{_sysconfdir}/cron.d/dehydrated +fi +umask=$(umask) +umask 027 +if [ -z "$(ls %{_sysconfdir}/dehydrated/conf.d/*.sh 2>/dev/null)" ]; then + touch %{_sysconfdir}/dehydrated/conf.d/local.sh +fi +if [ ! -e %{_sysconfdir}/dehydrated/domains.txt ]; then + touch %{_sysconfdir}/dehydrated/domains.txt +fi +umask ${umask} || : + +%files +%defattr(-,root,root) +%attr(0644,root,root) %doc README.md docs/* +%doc LICENSE +%attr(0644,root,root) %ghost %{_sysconfdir}/cron.d/dehydrated +%attr(0750,root,root) %dir %{_sysconfdir}/dehydrated +%attr(0640,root,root) %config(noreplace) %{_sysconfdir}/dehydrated/config +%attr(0750,root,root) %config(noreplace) %{_sysconfdir}/dehydrated/hook.sh +%attr(0750,root,root) %dir %{_sysconfdir}/dehydrated/accounts +%attr(0750,root,root) %dir %{_sysconfdir}/dehydrated/archive +%attr(0750,root,root) %dir %{_sysconfdir}/dehydrated/certs +%attr(0750,root,root) %dir %{_sysconfdir}/dehydrated/conf.d +%attr(0640,root,root) %ghost %{_sysconfdir}/dehydrated/conf.d/local.sh +%attr(0640,root,root) %ghost %{_sysconfdir}/dehydrated/domains.txt +%{_bindir}/dehydrated + +%changelog +* Tue Mar 21 2017 Paul Wouters - 0.4.0-1 +- Initial package diff --git a/sources b/sources index e69de29..fc02235 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +SHA512 (dehydrated-0.4.0.tar.gz) = 3c8c0f2fab57a432b69451f8372c02666dd953985679d12a2af9f6b917335b5b10a1196699106e317660039178ce1139a4d5455d4825a152b6911596fba16738 From 0d01f447981103fadc857236f5310889d280c44f Mon Sep 17 00:00:00 2001 From: Paul Wouters Date: Mon, 2 Apr 2018 14:49:19 +0200 Subject: [PATCH 2/3] - Resolves: rhbz#1554153 Updated to 0.6.1 with ACME v2 support --- dehydrated.spec | 47 +++++++++++++++++++++++++++++------------------ 1 file changed, 29 insertions(+), 18 deletions(-) diff --git a/dehydrated.spec b/dehydrated.spec index 5f7770f..236093f 100644 --- a/dehydrated.spec +++ b/dehydrated.spec @@ -1,22 +1,26 @@ +%{!?_rundir:%global _rundir %%{_localstatedir}/run} + Summary: A client for signing certificates with an ACME server Name: dehydrated -Version: 0.4.0 +Version: 0.6.1 Release: 1%{?dist} License: MIT URL: https://github.com/lukas2511/dehydrated -Group: System Environment/Daemons Source0: https://github.com/lukas2511/dehydrated/archive/v%{version}/%{name}-%{version}.tar.gz Requires: openssl Requires: curl +Requires: sed +%if 0%{?fedora} || 0%{?rhel} >= 7 +Source1: dehydrated.tmpfiles +BuildRequires: systemd +%endif BuildArch: noarch %description -This is a client for signing certificates with an ACME-server -(currently only provided by Let's Encrypt) implemented as a relatively -simple bash-script. - -It uses the openssl utility for everything related to actually -handling keys and certificates, so you need to have that installed. +This is a client for signing certificates with an ACME-server (currently +only provided by Let's Encrypt) implemented as a relatively simple bash- +script. Dehydrated supports both ACME v1 and the new ACME v2 including +support for wildcard certificates! Current features: * Signing of a list of domains @@ -31,24 +35,24 @@ Current features: : nothing to do %install -rm -rf %{buildroot} mkdir -p %{buildroot}%{_sysconfdir}/dehydrated/accounts mkdir -p %{buildroot}%{_sysconfdir}/dehydrated/archive mkdir -p %{buildroot}%{_sysconfdir}/dehydrated/certs mkdir -p %{buildroot}%{_sysconfdir}/dehydrated/conf.d -mkdir -p %{buildroot}%{_bindir} mkdir -p %{buildroot}%{_rundir}/dehydrated +%if 0%{?fedora} || 0%{?rhel} >= 7 +install -D -p -m 0644 %{SOURCE1} %{buildroot}%{_tmpfilesdir}/dehydrated.conf +%endif sed \ -e 's|^#LOCKFILE="\${BASEDIR}/lock"|LOCKFILE="%{_rundir}/dehydrated/lock"|' \ -e 's|^#CONFIG_D=|CONFIG_D="\${BASEDIR}/conf.d"|' \ -e 's|^#HOOK=|HOOK="\${BASEDIR}/hook.sh"|' \ -e 's|^#PRIVATE_KEY_RENEW="yes"|PRIVATE_KEY_RENEW="no"|' \ docs/examples/config >%{buildroot}%{_sysconfdir}/dehydrated/config -install docs/examples/hook.sh %{buildroot}%{_sysconfdir}/dehydrated/ -install dehydrated %{buildroot}%{_bindir}/dehydrated - -%clean -rm -rf %{buildroot} +install -p docs/examples/hook.sh %{buildroot}%{_sysconfdir}/dehydrated/ +install -D -p -m 0755 dehydrated %{buildroot}%{_bindir}/dehydrated +install -D -p -m 0644 docs/man/dehydrated.1 %{buildroot}%{_mandir}/man1/dehydrated.1 +rm -rf docs/man/ %post if [ ! -f %{_sysconfdir}/cron.d/dehydrated ]; then @@ -66,9 +70,8 @@ fi umask ${umask} || : %files -%defattr(-,root,root) -%attr(0644,root,root) %doc README.md docs/* -%doc LICENSE +%doc README.md docs/* +%license LICENSE %attr(0644,root,root) %ghost %{_sysconfdir}/cron.d/dehydrated %attr(0750,root,root) %dir %{_sysconfdir}/dehydrated %attr(0640,root,root) %config(noreplace) %{_sysconfdir}/dehydrated/config @@ -79,8 +82,16 @@ umask ${umask} || : %attr(0750,root,root) %dir %{_sysconfdir}/dehydrated/conf.d %attr(0640,root,root) %ghost %{_sysconfdir}/dehydrated/conf.d/local.sh %attr(0640,root,root) %ghost %{_sysconfdir}/dehydrated/domains.txt +%attr(0750,root,root) %dir %{_rundir}/dehydrated +%if 0%{?fedora} || 0%{?rhel} >= 7 +%{_tmpfilesdir}/dehydrated.conf +%endif %{_bindir}/dehydrated +%{_mandir}/man1/dehydrated.1* %changelog +* Sat Mar 31 2018 Robert Scheck - 0.6.1-1 +- Resolves: rhbz#1554153 Updated to 0.6.1 with ACME v2 support + * Tue Mar 21 2017 Paul Wouters - 0.4.0-1 - Initial package From 3791c0c9052cf0e292c11a58c8035b9ecf706498 Mon Sep 17 00:00:00 2001 From: Paul Wouters Date: Mon, 2 Apr 2018 15:04:09 +0200 Subject: [PATCH 3/3] new sources --- .gitignore | 1 + sources | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 714ae61..9a1e769 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ /dehydrated-0.4.0.tar.gz +/dehydrated-0.6.1.tar.gz diff --git a/sources b/sources index fc02235..b119b04 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (dehydrated-0.4.0.tar.gz) = 3c8c0f2fab57a432b69451f8372c02666dd953985679d12a2af9f6b917335b5b10a1196699106e317660039178ce1139a4d5455d4825a152b6911596fba16738 +SHA512 (dehydrated-0.6.1.tar.gz) = c3ef92da4e0e12100d267422eb2667607842f6fb0fe10cbc4d10aee9b5137d292db2348eca34b1f492e21c6c325dcbb595a9ab4de634e4d4a43346be1e2ce0ad