A dehydrated (ACME client) integration on SME Server
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

119 lines
4.0 KiB

Summary: Let's Encrypt client for SME Server based on dehydrated
Name: smeserver-letsencrypt-client
Version: 0.2.7
Release: 1%{?dist}
License: GPL
Group: Applications/System
Source: %{name}-%{version}.tar.gz
BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
BuildArchitectures: noarch
BuildRequires: e-smith-devtools
Requires: e-smith-base
Requires: dehydrated
%description
Automatically get certificates from letsencrypt
Using https://github.com/lukas2511/dehydrated
%changelog
* Thu Sep 30 2021 Daniel Berteaud <daniel@firewall-services.com> 0.2.7-1
- Specify ISRG X1 as preferred chain (daniel@firewall-services.com)
* Fri Oct 23 2020 Daniel Berteaud <daniel@firewall-services.com> 0.2.6-1
- Don't restrict ACME challenges to the clear text vhost (daniel@firewall-
services.com)
- Cleanup spec file for tito (daniel@firewall-services.com)
* Wed Jul 15 2020 Daniel Berteaud <daniel@firewall-services.com> 0.2.5-1
- Bump version
* Wed Jul 15 2020 Daniel Berteaud <daniel@firewall-services.com> 0.2.4-1
- Build with tito
- Switch to the v02 API
* Thu May 4 2017 Daniel Berteaud <daniel@firewall-services.com> - 0.2.4-1.sme
- Expand cron file in bootstarp-cnsole-save
* Wed Mar 15 2017 Daniel Berteaud <daniel@firewall-services.com> - 0.2.3-1.sme
- Set default Uri to prod
* Wed Nov 23 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.2.2-1.sme
- Correctly update cert for the imaps service on SME8
* Mon Oct 24 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.2.1-1.sme
- Rename cron template metadata
* Thu Sep 15 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.2.0-1.sme
- Adapt for the rename of letsencrypt.sh to dehydrated
* Mon Jun 27 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.10-1.sme
- Fix deploy hook for sme8
* Fri Jun 24 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.9-1.sme
- Fix cron job syntax
* Mon Jun 6 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.8-1.sme
- Add a new ProxyPassACMEChallengesDisableOnRenew prop to allow disabling
ACME proxypass during renewal
- Always enable /.well-known alias on vhosts
* Tue May 31 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.7-1.sme
- Rename config.sh to config
- set DOMAINS_TXT path in config
* Mon Apr 11 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.6-2.sme
- Define %clean before %files
* Mon Apr 11 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.6-1.sme
- Use chain.pem instead of fullchain.pem
* Sun Jan 31 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.5-1.sme
- Fix old certs revocation
- Make renewal configuratble
* Fri Jan 29 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.4-1.sme
- Better AltName selection and dedup
* Fri Jan 29 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.3-1.sme
- Rename le-update event to letsencrypt-update
* Fri Jan 29 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.2-1.sme
- Add an Uri prop to choose between production and staging CA
* Mon Jan 25 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.1-1.sme
- Change the way hooks are called to make it more flexible
* Fri Jan 22 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.1.0-1.sme
- Initial release
%prep
%setup -q -n %{name}-%{version}
%build
%{__mkdir_p} root/home/e-smith/db/dehydrated
perl createlinks
%install
/bin/rm -rf $RPM_BUILD_ROOT
(cd root; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
/bin/rm -f %{name}-%{version}-filelist
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
--dir /home/e-smith/db/dehydrated 'attr(0750,root,root)' \
--file /etc/dehydrated/hooks_deploy_cert.d/10smeserver.sh 'attr(0755,root,root)' \
--file /etc/dehydrated/hooks_clean_challenge.d/10smeserver.sh 'attr(0755,root,root)' \
> %{name}-%{version}-filelist
%clean
rm -rf $RPM_BUILD_ROOT
%files -f %{name}-%{version}-filelist
%defattr(-,root,root)
%pre
%post
# Migrate from letsencrypt.sh to dehydrated
if [ -d /home/e-smith/db/letsencrypt.sh/ ]; then
mv /home/e-smith/db/letsencrypt.sh/* /home/e-smith/db/dehydrated/
fi