--- rpms/smeserver-letsencrypt/contribs9/smeserver-letsencrypt.spec 2017/02/06 20:50:28 1.1 +++ rpms/smeserver-letsencrypt/contribs9/smeserver-letsencrypt.spec 2017/08/18 15:36:06 1.4 @@ -1,6 +1,6 @@ %define name smeserver-letsencrypt %define version 0.4 -%define release 1 +%define release 4 Summary: Plugin to enable letsencrypt certificates Name: %{name} Version: %{version} @@ -9,6 +9,8 @@ License: GNU GPL version 2 URL: https://letsencrypt.org/ Group: SMEserver/addon Source: %{name}-%{version}.tar.gz +Patch0: smeserver-letsencrypt-0.4-bz10253.patch + BuildRoot: /var/tmp/%{name}-%{version} BuildArchitectures: noarch BuildRequires: e-smith-devtools @@ -21,6 +23,18 @@ Lets Encrypt is a free, automated, and o https://letsencrypt.org/ %changelog +* Fri Aug 18 2017 Jean-Philipe Pialasse 0.4-4.sme +- change ACCEPT_TERMS template position to appear after shebang in config file [SME: 10410] + +* Wed Jul 12 2017 Jean-Philipe Pialasse 0.4-3.sme +- remove workaround for curl dns resolution [SME: 10300] +- should be corrected at dnscache level (djbdns-1.05-10) + +* Fri Apr 28 2017 Jean-Philipe Pialasse 0.4-2.sme +- help accept licence [SME: 10253] +- workaround for curl issues +- spec tidying + * Sat Feb 04 2017 John Crisp 0.4-1 - first attempt at using stock letsencrypt script @@ -145,6 +159,7 @@ https://letsencrypt.org/ %prep %setup +%patch0 -p1 %build perl createlinks @@ -169,10 +184,27 @@ rm -rf %{name}-%{version} %preun %post -if [[ ! -e /etc/letsencrypt.sh ]]; -then mv -f /etc/letsencrypt.sh /etc/letsencrypt.sh.old; +# if previously installed letsencrypt.sh, but first migration to dehydrated +if [[ -e /etc/letsencrypt.sh ]] && [[ ! -e /etc/dehydrated ]]; +then + # assume in production +# CA="https://acme-v01.api.letsencrypt.org/directory" ; +# CAHASH="$(echo "${CA}" | urlbase64)" +# mkdir /etc/dehydrated; +# mkdir -p /etc/dehydrated/accounts +# cp -a /etc/letsencrypt.sh/private_key.json /etc/dehydrated/accounts/${CAHASH}/registration_info.json +# cp -a /etc/letsencrypt.sh/private_key.pem /etc/dehydrated/accounts/${CAHASH}/account_key.pem +# cp -a /etc/letsencrypt.sh/certs /etc/dehydrated/ + mv -f /etc/letsencrypt.sh /etc/letsencrypt.sh.old; +fi + +# if letsencrypt still there but already migrated to dehydrated +if [[ -e /etc/letsencrypt.sh ]] && [[ -e /etc/dehydrated/certs ]]; +then + mv -f /etc/letsencrypt.sh /etc/letsencrypt.sh.old; fi +# if first installation of dehydrated if [[ ! -e /etc/dehydrated ]]; then mkdir /etc/dehydrated; fi @@ -197,26 +229,5 @@ chmod -R 0775 /home/e-smith/files/ibays chown -R apache:shared /home/e-smith/files/ibays/Primary/html/.well-known -echo "###################################################################" -echo "" -echo "************************************************************" -echo " NOTE ! letsencrypt.sh has had to be renamed to 'dehydrated'" -echo "************************************************************" -echo "" -echo "# After install please set your db keys" -echo "# Make sure you set the letsencrypt status key to test" -echo "# Enable some domains or hosts" -echo "# Then run the following" -echo "# signal-event console-save" -echo "# dehydrated -c" -echo "# Once you are satisfied set the letsencrypt status key to enabled" -echo "# mv /etc/dehydrated/private_key.pem /etc/dehydrated/private_key.test" -echo "# Run the dehydrated file again to generate your keys" -echo "# signal-event console-save" -echo "# dehydrated -c -x" -echo "# Thereafter only use" -echo "# dehydrated -c" -echo "# If you make any key changes run console-save first" -echo "###################################################################" %postun