|
|
|
%define version 0.1.10
|
|
|
|
%define release 1
|
|
|
|
%define name smeserver-letsencrypt-client
|
|
|
|
|
|
|
|
Summary: Letencrypt client for SME Server
|
|
|
|
Name: %{name}
|
|
|
|
Version: %{version}
|
|
|
|
Release: %{release}%{?dist}
|
|
|
|
License: GPL
|
|
|
|
Group: Applications/System
|
|
|
|
Source: %{name}-%{version}.tar.gz
|
|
|
|
|
|
|
|
BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
|
|
|
|
BuildArchitectures: noarch
|
|
|
|
BuildRequires: e-smith-devtools
|
|
|
|
|
|
|
|
Requires: e-smith-base
|
|
|
|
Requires: dehydrated
|
|
|
|
|
|
|
|
%description
|
|
|
|
Automatically get certificates from letsencrypt
|
|
|
|
Using https://github.com/lukas2511/dehydrated
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
* Mon Jun 27 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.10-1.sme
|
|
|
|
- Fix deploy hook for sme8
|
|
|
|
|
|
|
|
* Fri Jun 24 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.9-1.sme
|
|
|
|
- Fix cron job syntax
|
|
|
|
|
|
|
|
* Mon Jun 6 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.8-1.sme
|
|
|
|
- Add a new ProxyPassACMEChallengesDisableOnRenew prop to allow disabling
|
|
|
|
ACME proxypass during renewal
|
|
|
|
- Always enable /.well-known alias on vhosts
|
|
|
|
|
|
|
|
* Tue May 31 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.7-1.sme
|
|
|
|
- Rename config.sh to config
|
|
|
|
- set DOMAINS_TXT path in config
|
|
|
|
|
|
|
|
* Mon Apr 11 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.6-2.sme
|
|
|
|
- Define %clean before %files
|
|
|
|
|
|
|
|
* Mon Apr 11 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.6-1.sme
|
|
|
|
- Use chain.pem instead of fullchain.pem
|
|
|
|
|
|
|
|
* Sun Jan 31 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.5-1.sme
|
|
|
|
- Fix old certs revocation
|
|
|
|
- Make renewal configuratble
|
|
|
|
|
|
|
|
* Fri Jan 29 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.4-1.sme
|
|
|
|
- Better AltName selection and dedup
|
|
|
|
|
|
|
|
* Fri Jan 29 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.3-1.sme
|
|
|
|
- Rename le-update event to letsencrypt-update
|
|
|
|
|
|
|
|
* Fri Jan 29 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.2-1.sme
|
|
|
|
- Add an Uri prop to choose between production and staging CA
|
|
|
|
|
|
|
|
* Mon Jan 25 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.1-1.sme
|
|
|
|
- Change the way hooks are called to make it more flexible
|
|
|
|
|
|
|
|
* Fri Jan 22 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.0-1.sme
|
|
|
|
- Initial release
|
|
|
|
|
|
|
|
%prep
|
|
|
|
%setup -q -n %{name}-%{version}
|
|
|
|
|
|
|
|
%build
|
|
|
|
%{__mkdir_p} root/home/e-smith/db/dehydrated
|
|
|
|
perl createlinks
|
|
|
|
|
|
|
|
%install
|
|
|
|
/bin/rm -rf $RPM_BUILD_ROOT
|
|
|
|
(cd root; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
|
|
|
|
/bin/rm -f %{name}-%{version}-filelist
|
|
|
|
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
|
|
|
|
--dir /home/e-smith/db/dehydrated 'attr(0750,root,root)' \
|
|
|
|
--file /etc/dehydrated/hooks_deploy_cert.d/10smeserver.sh 'attr(0755,root,root)' \
|
|
|
|
--file /etc/dehydrated/hooks_clean_challenge.d/10smeserver.sh 'attr(0755,root,root)' \
|
|
|
|
> %{name}-%{version}-filelist
|
|
|
|
|
|
|
|
%clean
|
|
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
|
|
|
|
%files -f %{name}-%{version}-filelist
|
|
|
|
%defattr(-,root,root)
|
|
|
|
|
|
|
|
%pre
|
|
|
|
|
|
|
|
%post
|
|
|
|
# Migrate from letsencrypt.sh to dehydrated
|
|
|
|
if [ -d /home/e-smith/db/letsencrypt.sh/ ]; then
|
|
|
|
mv /home/e-smith/db/letsencrypt.sh/* /home/e-smith/db/dehydrated/
|
|
|
|
rmdir /home/e-smith/db/letsencrypt.sh/
|
|
|
|
fi
|