openpkg
/
openpkg-packages
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
84393 Commits
1 Branch
2 Tags
575 MiB
 
 
 
 
 
 
Tree: b1dc55e4ac
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b1dc55e4ac'
${ noResults }
openpkg-packages/acmetool/acmetool.spec

200 lines
8.2 KiB
Raw Blame History

##
## acmetool.spec -- OpenPKG RPM Package Specification
## Copyright (c) 2000-2020 OpenPKG Project <http://openpkg.org/>
##
## Permission to use, copy, modify, and distribute this software for
## any purpose with or without fee is hereby granted, provided that
## the above copyright notice and this permission notice appear in all
## copies.
##
## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
## SUCH DAMAGE.
##
# package information
%define V_acmetool_base 0.2.1
%define V_acmetool_snap 20191220
# package information
Name: acmetool
Summary: ACME Client Utility
URL: https://github.com/hlandau/acme
Vendor: Hugo Landau
Packager: OpenPKG Project
Distribution: OpenPKG Community
Class: EVAL
Group: Cryptography
License: MIT
Version: %{V_acmetool_base}.%{V_acmetool_snap}
Release: 20191228
# list of sources
Source0: http://download.openpkg.org/components/versioned/acmetool/acmetool-%{V_acmetool_snap}.tar.xz
Source1: acmetool-apache.conf
Source2: acmetool-nginx.conf
Source3: acmetool-responses.yaml
Source4: acmetool-hook-std.sh
Source5: acmetool-hook-usr.sh
Source6: acmetool-sudoers.txt
Source7: acmetool.c
Source8: rc.acmetool
Patch0: acmetool.patch
# build information
BuildPreReq: OpenPKG, openpkg >= 20160101, go
PreReq: OpenPKG, openpkg >= 20160101, sudo, x509
%description
ACMETool is an easy-to-use command line tool for automatically
acquiring certificates from ACME servers (such as Let's Encrypt).
Designed to flexibly integrate into your webserver setup to enable
automatic verification. Unlike the official Let's Encrypt client,
this doesn't modify your web server configuration.
%track
prog acmetool:base = {
version = %{V_acmetool_base}
url = https://github.com/hlandau/acme/releases
regex = v(__VER__)\.tar\.gz
}
prog acmetool:snap = {
version = %{V_acmetool_snap}
url = http://download.openpkg.org/components/versioned/acmetool/
regex = acmetool-(__VER__)\.tar\.xz
}
%prep
%setup -q -n acmetool
%patch -p0
%build
# build the setuid wrapper
cp %{SOURCE acmetool.c} .
%{l_shtool} subst %{l_value -s -a} acmetool.c
%{l_cc} %{l_cflags} %{l_ldflags} -o acmetool acmetool.c
# build program
%{l_shtool} subst %{l_value -s -a} \
src/github.com/hlandau/acmetool/cli/main.go
export GOPATH=`pwd`
cd $GOPATH/src/github.com/hlandau/acmetool
go build -v \
-ldflags "-X github.com/hlandau/acmetool/hooks.DefaultPath=%{l_prefix}/libexec/acmetool/hook \
-X github.com/hlandau/acmetool/hooks.RecommendedPath=%{l_prefix}/libexec/acmetool/hook \
-X github.com/hlandau/acmetool/storage.RecommendedPath=%{l_prefix}/var/acmetool/state \
-X github.com/hlandau/acmetool/responder.StandardWebrootPath=%{l_prefix}/var/acmetool/root \
-X github.com/hlandau/degoutils/buildinfo.RawBuildInfo=XX" \
.
%install
# create directory hierarchy
%{l_shtool} mkdir -f -p -m 755 \
$RPM_BUILD_ROOT%{l_prefix}/sbin \
$RPM_BUILD_ROOT%{l_prefix}/etc/rc.d \
$RPM_BUILD_ROOT%{l_prefix}/etc/sudo/sudoers.d \
$RPM_BUILD_ROOT%{l_prefix}/etc/acmetool \
$RPM_BUILD_ROOT%{l_prefix}/etc/apache/apache.d \
$RPM_BUILD_ROOT%{l_prefix}/etc/nginx/nginx.d \
$RPM_BUILD_ROOT%{l_prefix}/libexec/acmetool/hook \
$RPM_BUILD_ROOT%{l_prefix}/var/acmetool/root \
$RPM_BUILD_ROOT%{l_prefix}/var/acmetool/state
# install program
%{l_shtool} install -c -s -m 755 \
src/github.com/hlandau/acmetool/acmetool \
$RPM_BUILD_ROOT%{l_prefix}/libexec/acmetool/
# install setuid wrapper script
%{l_shtool} install -c -m 755 \
acmetool $RPM_BUILD_ROOT%{l_prefix}/sbin/
# install hook script
%{l_shtool} install -c -m 755 %{l_value -s -a} \
%{SOURCE acmetool-hook-std.sh} \
$RPM_BUILD_ROOT%{l_prefix}/libexec/acmetool/hook/life-updated
%{l_shtool} install -c -m 755 %{l_value -s -a} \
%{SOURCE acmetool-hook-usr.sh} \
$RPM_BUILD_ROOT%{l_prefix}/etc/acmetool/hook.sh
# install sudo(8) configuration
%{l_shtool} install -c -m 644 %{l_value -s -a} \
%{SOURCE acmetool-sudoers.txt} \
$RPM_BUILD_ROOT%{l_prefix}/etc/sudo/sudoers.d/acmetool
# install responses file
%{l_shtool} install -c -m 644 %{l_value -s -a} \
%{SOURCE acmetool-responses.yaml} \
$RPM_BUILD_ROOT%{l_prefix}/etc/acmetool/responses.yaml
# install Apache config
%{l_shtool} install -c -m 644 %{l_value -s -a} \
%{SOURCE acmetool-apache.conf} \
$RPM_BUILD_ROOT%{l_prefix}/etc/apache/apache.d/acmetool.conf
# install NGINX config
%{l_shtool} install -c -m 644 %{l_value -s -a} \
%{SOURCE acmetool-nginx.conf} \
$RPM_BUILD_ROOT%{l_prefix}/etc/nginx/nginx.d/acmetool.conf
# install run-command script
%{l_shtool} install -c -m 755 %{l_value -s -a} \
%{SOURCE rc.acmetool} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/
# determine installation files
%{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
%{l_files_std} \
'%config %{l_prefix}/etc/acmetool/*' \
'%attr(0600,%{l_susr},%{l_sgrp}) %{l_prefix}/etc/sudo/sudoers.d/acmetool' \
'%not %dir %{l_prefix}/etc/sudo/sudoers.d' \
'%not %dir %{l_prefix}/etc/sudo' \
'%attr(4755,%{l_rusr},%{l_rgrp}) %{l_prefix}/sbin/acmetool' \
'%attr(-,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/acmetool/*'
%files -f files
%clean
%post
if [ $1 -eq 1 ]; then
# after install, show hint
( echo "First configure the ACMETool response file:"
echo " \$ vi $RPM_INSTALL_PREFIX/etc/acmetool/responses.yaml"
echo "Edit especially the acme-enter-email and acmetool-quickstart-choose-server"
echo "variables. The following directory servers are known:"
echo " https://acme-staging.api.letsencrypt.org/directory (Test, RSA or ECDSA)"
echo " https://acme-v01.api.letsencrypt.org/directory (Live, RSA only)"
echo "Then perform the initial setup with it:"
echo " \$ $RPM_INSTALL_PREFIX/sbin/acmetool quickstart \\%{l_nil}"
echo " [--batch] --response-file=$RPM_INSTALL_PREFIX/etc/acmetool/responses.yaml"
echo "Then you can request your certificate:"
echo " \$ $RPM_INSTALL_PREFIX/sbin/acmetool want example.com"
echo "The resulting certificate/private-key you can find under:"
echo " $RPM_INSTALL_PREFIX/var/acmetool/state/live/example.com/cert"
echo " $RPM_INSTALL_PREFIX/var/acmetool/state/live/example.com/chain"
echo " $RPM_INSTALL_PREFIX/var/acmetool/state/live/example.com/privkey"
echo "For Apache/mod_ssl use them with:"
echo " SSLCertificateFile $RPM_INSTALL_PREFIX/var/acmetool/state/live/example.com/cert"
echo " SSLCertificateChainFile $RPM_INSTALL_PREFIX/var/acmetool/state/live/example.com/chain"
echo " SSLCertificateKeyFile $RPM_INSTALL_PREFIX/var/acmetool/state/live/example.com/privkey"
) | %{l_rpmtool} msg -b -t notice
fi
exit 0
%preun
# before erase, stop service and remove log files
if [ $1 -eq 0 ]; then
rm -rf $RPM_INSTALL_PREFIX/var/acmetool/root/* >/dev/null 2>&1 || true
rm -rf $RPM_INSTALL_PREFIX/var/acmetool/state/* >/dev/null 2>&1 || true
fi
exit 0