rpms / dehydrated

Clone
Source Code
GIT

Files

el6 epel7 epel8 epel9 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 main rawhide
  1.   epel8
  2.   dehydrated.spec
Blob Blame History Raw 
Summary: Client for signing certificates with an ACME server
Name: dehydrated
Version: 0.7.1
Release: 1%{?dist}
License: MIT
URL: https://github.com/dehydrated-io/dehydrated
Source0: https://github.com/dehydrated-io/dehydrated/releases/download/v%{version}/dehydrated-%{version}.tar.gz
Source1: https://github.com/dehydrated-io/dehydrated/releases/download/v%{version}/dehydrated-%{version}.tar.gz.asc
Source2: https://keys.openpgp.org/vks/v1/by-fingerprint/3C2F2605E078A1E18F4793909C4DBE6CF438F333
Source3: dehydrated.tmpfiles
Source4: dehydrated.timer
Source5: dehydrated.service
Source6: 50-dehydrated.preset
Source7: dehydrated-cron

Patch0: dehydrated-autowash.patch
Patch1: dehydrated-improve-trap-handling.patch
Patch2: dehydrated-hook.sh-defaults.patch

BuildArch: noarch
BuildRequires: gnupg2
BuildRequires: systemd
%{?systemd_requires}
Requires: coreutils
Requires: curl
Requires: grep
# provided by either mailx or s-nail
Requires: /usr/bin/mailx
Requires: openssl
Requires: sed

%description
This is a client for signing certificates with an ACME-server (currently
only provided by Let's Encrypt) implemented as a relatively simple bash-
script. Dehydrated supports both ACME v1 and the new ACME v2 including
support for wildcard certificates!

Current features:
- Signing of a list of domains (including wildcard domains!)
- Signing of a custom CSR (either standalone or completely automated using
  hooks!)
- Renewal if a certificate is about to expire or defined set of domains changed
- Certificate revocation

%prep
%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
%setup -q
%patch0 -p1 -b .autowash
%patch1 -p1 -b .improve-trap-handling
%patch2 -p1

%build
: nothing to do

%install
mkdir -p %{buildroot}%{_libexecdir}
mkdir -p %{buildroot}%{_rundir}/dehydrated
mkdir -p %{buildroot}%{_sysconfdir}/dehydrated/accounts
mkdir -p %{buildroot}%{_sysconfdir}/dehydrated/archive
mkdir -p %{buildroot}%{_sysconfdir}/dehydrated/certs
mkdir -p %{buildroot}%{_sysconfdir}/dehydrated/conf.d
mkdir -p %{buildroot}%{_sysconfdir}/dehydrated/domains.txt.d
mkdir -p %{buildroot}%{_sysconfdir}/dehydrated/hook.d
install -D -p -m 0644 %{SOURCE3} %{buildroot}%{_tmpfilesdir}/dehydrated.conf
install -D -p -m 0644 %{SOURCE4} %{buildroot}%{_unitdir}/dehydrated.timer
install -D -p -m 0644 %{SOURCE5} %{buildroot}%{_unitdir}/dehydrated.service
install -D -p -m 0644 %{SOURCE6} %{buildroot}%{_presetdir}/50-dehydrated.preset
install -D -p -m 0755 %{SOURCE7} %{buildroot}%{_libexecdir}/dehydrated-cron
sed \
    -e 's|^#LOCKFILE="\${BASEDIR}/lock"|LOCKFILE="%{_rundir}/dehydrated/lock"|' \
    -e 's|^#CONFIG_D=|CONFIG_D="\${BASEDIR}/conf.d"|' \
    -e 's|^#HOOK=|HOOK="\${BASEDIR}/hook.sh"|' \
    -e 's|^#PRIVATE_KEY_RENEW="yes"|PRIVATE_KEY_RENEW="no"|' \
    -e 's|^#AUTO_CLEANUP="no"|AUTO_CLEANUP="yes"|' \
    -e 's|^#KEY_ALGO=secp384r1|KEY_ALGO=rsa|' \
    docs/examples/config >%{buildroot}%{_sysconfdir}/dehydrated/config
touch --reference=docs/examples/config \
    %{buildroot}%{_sysconfdir}/dehydrated/config
sed -i.orig -e 's|^\#!/usr/bin/env bash|#!/bin/bash|' \
    docs/examples/hook.sh
touch --reference=docs/examples/hook.sh.orig \
    docs/examples/hook.sh && rm docs/examples/hook.sh.orig
install -p docs/examples/hook.sh %{buildroot}%{_sysconfdir}/dehydrated/hook.sh
sed -i.orig -e 's|^\#!/usr/bin/env bash|#!/bin/bash|' \
    dehydrated
touch --reference=dehydrated.orig dehydrated && \
    rm dehydrated.orig

install -D -p -m 0755 dehydrated %{buildroot}%{_bindir}/dehydrated
install -D -p -m 0644 docs/man/dehydrated.1 \
    %{buildroot}%{_mandir}/man1/dehydrated.1
rm -rf docs/man/
# remove execute bits from documentation
chmod a-x docs/examples/hook.sh

%post
%systemd_post dehydrated.timer dehydrated.service
if [ $1 -eq 1 ]; then
    systemctl start dehydrated.timer >/dev/null 2>&1 || :
fi
umask=$(umask)
umask 027
if [ -z "$(ls -1 %{_sysconfdir}/dehydrated/conf.d/*.sh 2>/dev/null)" ]; then
    touch %{_sysconfdir}/dehydrated/conf.d/local.sh
fi
if [ ! -e %{_sysconfdir}/dehydrated/domains.txt ]; then
    touch %{_sysconfdir}/dehydrated/domains.txt
fi
umask ${umask} || :

%preun
%systemd_preun dehydrated.timer dehydrated.service

%postun
%systemd_postun_with_restart dehydrated.timer
%systemd_postun dehydrated.service

%triggerun -- dehydrated <= 0.7.0-2
systemctl preset dehydrated.timer dehydrated.service >/dev/null 2>&1 || :
systemctl start dehydrated.timer >/dev/null 2>&1 || :

%files
%doc README.md CHANGELOG docs/*
%license LICENSE
%{_presetdir}/50-dehydrated.preset
%{_unitdir}/dehydrated.service
%{_unitdir}/dehydrated.timer
%{_tmpfilesdir}/dehydrated.conf
%{_libexecdir}/dehydrated-cron
%attr(0750,root,root) %dir %{_sysconfdir}/dehydrated
%attr(0640,root,root) %config(noreplace) %{_sysconfdir}/dehydrated/config
%attr(0750,root,root) %config(noreplace) %{_sysconfdir}/dehydrated/hook.sh
%attr(0750,root,root) %dir %{_sysconfdir}/dehydrated/accounts
%attr(0750,root,root) %dir %{_sysconfdir}/dehydrated/archive
%attr(0750,root,root) %dir %{_sysconfdir}/dehydrated/certs
%attr(0750,root,root) %dir %{_sysconfdir}/dehydrated/conf.d
%attr(0640,root,root) %ghost %{_sysconfdir}/dehydrated/conf.d/local.sh
%attr(0640,root,root) %ghost %{_sysconfdir}/dehydrated/domains.txt
%attr(0750,root,root) %dir %{_sysconfdir}/dehydrated/domains.txt.d
%attr(0750,root,root) %dir %{_sysconfdir}/dehydrated/hook.d
%attr(0750,root,root) %dir %{_rundir}/dehydrated
%{_bindir}/dehydrated
%{_mandir}/man1/dehydrated.1*

%changelog
* Wed May 31 2023 Robert Scheck <robert@fedoraproject.org> - 0.7.1-1
- Resolved: rhbz#2139056 dehydrated-0.7.1 is available
- Resolved: rhbz#2035549 genkey ecparam - ECDSA key, P-384 (secp384r1)

* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.0-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild

* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild

* Fri Feb 04 2022 Carl George <carl@george.computer> - 0.7.0-5
- Require path instead of package name for mailx rhbz#2050852

* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild

* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild

* Tue Jun 01 2021 Paul Wouters <paul.wouters@aiven.io> - 0.7.0-2
- Update trigger to proper version

* Tue Jun 01 2021 Paul Wouters <paul.wouters@aiven.io> - 0.7.0-1
- Resolved: rhbz#1872621 [RFE] Ship systemd units for auto-renewal
- Resolved: rhbz#1906674 dehydrated-0.7.0 is available

* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.5-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild

* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

* Wed Jun 26 2019 Paul Wouters <pwouters@redhat.com> - 0.6.5-1
- Resolves: rhbz#1723766 Updated to 0.6.5

* Tue Jun 25 2019 Robert Scheck <robert@fedoraproject.org> - 0.6.4-1
- Upgrade to 0.6.4 (#1723766)
- Update source link

* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

* Sun Apr 29 2018 Robert Scheck <robert@fedoraproject.org> - 0.6.2-1
- Resolves: rhbz#1572609 Updated to 0.6.2

* Sat Mar 31 2018 Robert Scheck <robert@fedoraproject.org> - 0.6.1-1
- Resolves: rhbz#1554153 Updated to 0.6.1 with ACME v2 support

* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

* Sun Jan 14 2018 Paul Wouters <pwouters@redhat.com> - 0.5.0-1
- Resolves: rhbz#1534189 dehydrated-0.5.0 is available

* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.4.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

* Mon Mar 20 2017 Paul Wouters <pwouters@redhat.com> - 0.4.0-5
- Include license with proper macros

* Mon Mar 20 2017 Paul Wouters <pwouters@redhat.com> - 0.4.0-4
- Set PRIVATE_KEY_RENEW=no so pubkeys are re-used, allowing TLSA DNS records

* Sat Mar 18 2017 Tuomo Soini <tis@foobar.fi> - 0.4.0-3
- Fix file mode of crontab entry

* Sat Mar 18 2017 Kim B. Heino <b@bbbs.net> - 0.4.0-2
- Add archive directory, cleanup

* Sat Mar 18 2017 Tuomo Soini <tis@foobar.fi> - 0.4.0-1
- Initial build
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.