commit f60f554e83fbcd78834169176dc527666b9f549c
Author: Elan Ruusamäe <[email protected]>
Date: Fri Dec 7 12:32:40 2018 +0200
add hook-dns-01.sh
dehydrated.spec | 9 ++++++---
hook-dns-01.sh | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 62 insertions(+), 3 deletions(-)
---
diff --git a/dehydrated.spec b/dehydrated.spec
index abfe85d..bdff567 100644
--- a/dehydrated.spec
+++ b/dehydrated.spec
@@ -1,7 +1,7 @@
Summary: letsencrypt/acme client implemented as a shell-script
Name: dehydrated
Version: 0.6.1
-Release: 1
+Release: 2
License: MIT
Group: Applications/Networking
Source0:
https://github.com/lukas2511/dehydrated/archive/v%{version}/%{name}-%{version}.tar.gz
@@ -11,7 +11,8 @@ Source2: lighttpd.conf
Source3: nginx.conf
Source4: domains.txt
Source5: hook.sh
-Source6: crontab
+Source6: hook-dns-01.sh
+Source7: crontab
Patch0: pld.patch
URL: https://github.com/lukas2511/dehydrated
BuildRequires: rpmbuild(macros) >= 1.713
@@ -61,8 +62,9 @@ cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/lighttpd.conf
cp -p %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/nginx.conf
cp -p docs/examples/config $RPM_BUILD_ROOT%{_sysconfdir}
cp -p %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}
-cp -p %{SOURCE6} $RPM_BUILD_ROOT/etc/cron.d/%{name}
+cp -p %{SOURCE7} $RPM_BUILD_ROOT/etc/cron.d/%{name}
install -p %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}
+install -p %{SOURCE6} $RPM_BUILD_ROOT%{_sysconfdir}
cp -p $RPM_BUILD_ROOT%{_sysconfdir}/{apache,httpd}.conf
%clean
@@ -104,6 +106,7 @@ rm -rf $RPM_BUILD_ROOT
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size)
%{_sysconfdir}/config
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size)
%{_sysconfdir}/domains.txt
%attr(750,root,root) %config(noreplace) %verify(not md5 mtime size)
%{_sysconfdir}/hook.sh
+%attr(750,root,root) %config(noreplace) %verify(not md5 mtime size)
%{_sysconfdir}/hook-dns-01.sh
%attr(755,root,root) %{_sbindir}/%{name}
%dir %attr(751,root,root) /var/lib/%{name}
%dir %attr(700,root,root) /var/lib/%{name}/accounts
diff --git a/hook-dns-01.sh b/hook-dns-01.sh
new file mode 100755
index 0000000..6765936
--- /dev/null
+++ b/hook-dns-01.sh
@@ -0,0 +1,56 @@
+#!/bin/bash
+
+# based on
https://github.com/lukas2511/dehydrated/wiki/example-dns-01-nsupdate-script
+
+set -e
+set -u
+set -o pipefail
+
+case "$1" in
+ "deploy_challenge")
+ echo ""
+ echo "Add the following to the zone definition of ${2}:"
+ echo "'_acme-challenge.${2}:${4}:300"
+ echo ""
+ echo -n "Press enter to continue..."
+ read tmp
+ echo ""
+ ;;
+ "clean_challenge")
+ echo ""
+ echo "Now you can remove the following from the zone definition
of ${2}:"
+ echo "'_acme-challenge.${2}:${4}:300"
+ echo ""
+ echo -n "Press enter to continue..."
+ read tmp
+ echo ""
+ ;;
+ "deploy_cert")
+ DOMAIN="$2"
+ PRIVKEY="$3"
+ CERT="$4"
+ FULLCHAINCERT="$5"
+ CHAINCERT="$6"
+ TIMESTAMP="$7"
+ if [ -x /etc/rc.d/init.d/apache ]; then
+ echo " + Hook: Overwritting
/etc/httpd/ssl/server.{crt,key}, /etc/httpd/ssl/ca.crt and reloading Apache..."
+ cp -a /etc/apache/server.crt
/etc/apache/server.crt.letsencrypt~
+ cp -a /etc/apache/server.key
/etc/apache/server.key.letsencrypt~
+ cp -a /etc/apache/ca.crt /etc/apache/ca.crt.letsencrypt~
+ cat "$CERT" > /etc/apache/server.crt
+ cat "$PRIVKEY" > /etc/apache/server.key
+ cat "$CHAINCERT" > /etc/apache/ca.crt
+ /sbin/service apache restart
+ fi
+ ;;
+ "unchanged_cert")
+ # do nothing for now
+ ;;
+ *)
+ echo "Unknown hook \"${1}\""
+ exit 1
+ ;;
+esac
+
+exit 0
+
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/dehydrated.git/commitdiff/30b951d8c1a66a276c609bd1f7ceaff1f6dd6ec2
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
