--- rpms/smeserver-letsencrypt/contribs9/smeserver-letsencrypt.spec 2017/02/06 20:50:28 1.1 +++ rpms/smeserver-letsencrypt/contribs9/smeserver-letsencrypt.spec 2018/12/12 16:33:13 1.10 @@ -1,6 +1,6 @@ %define name smeserver-letsencrypt -%define version 0.4 -%define release 1 +%define version 0.5 +%define release 4 Summary: Plugin to enable letsencrypt certificates Name: %{name} Version: %{version} @@ -9,11 +9,14 @@ License: GNU GPL version 2 URL: https://letsencrypt.org/ Group: SMEserver/addon Source: %{name}-%{version}.tar.gz +Patch0: smeserver-letsencrypt-remove-debug-lines.patch +Patch1: smeserver-letsencrypt-remove-licence.patch +Patch2: smeserver-letsencrypt-log-to-file.patch BuildRoot: /var/tmp/%{name}-%{version} BuildArchitectures: noarch BuildRequires: e-smith-devtools -Requires: e-smith-release >= 8.0 -Requires: dehydrated >= 0.3.1 +Requires: e-smith-release >= 9.0 +Requires: dehydrated >= 0.6 AutoReqProv: no %description @@ -21,6 +24,41 @@ Lets Encrypt is a free, automated, and o https://letsencrypt.org/ %changelog +* Wed Dec 12 2018 John Crisp 0.5-4.sme +- log to file rather than /dev/null [SME: 10412] + +* Tue Oct 13 2018 John Crisp 0.5-3.sme +- remove Licence key from config template [SME:10636] + +* Tue Jun 19 2018 John Crisp 0.5-2.sme +- remove debug print lines + +* Tue Jun 12 2018 John Crisp 0.5-1.sme +- Update to v2 API [SME:10595] +- Add key letsencrypt hostOverride to ignore 'Self' host check +- This requires v0.6 of dehydrated + +* Wed Jun 06 2018 John Crisp 0.4-6.sme +- Fix missing event actions [SME: 10315] + +* Thu May 31 2018 John Crisp 0.4-5.sme +- Fix typo in Accept Terms +- add domain-delete to createlinks [SME: 10315] +- Update requires release to SME v9 +- Update requires dehydrated to v0.5 + +* Fri Aug 18 2017 Jean-Philipe Pialasse 0.4-4.sme +- change ACCEPT_TERMS template position to appear after shebang in config file [SME: 10410] + +* Wed Jul 12 2017 Jean-Philipe Pialasse 0.4-3.sme +- remove workaround for curl dns resolution [SME: 10300] +- should be corrected at dnscache level (djbdns-1.05-10) + +* Fri Apr 28 2017 Jean-Philipe Pialasse 0.4-2.sme +- help accept licence [SME: 10253] +- workaround for curl issues +- spec tidying + * Sat Feb 04 2017 John Crisp 0.4-1 - first attempt at using stock letsencrypt script @@ -145,6 +183,9 @@ https://letsencrypt.org/ %prep %setup +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 %build perl createlinks @@ -169,10 +210,27 @@ rm -rf %{name}-%{version} %preun %post -if [[ ! -e /etc/letsencrypt.sh ]]; -then mv -f /etc/letsencrypt.sh /etc/letsencrypt.sh.old; +# if previously installed letsencrypt.sh, but first migration to dehydrated +if [[ -e /etc/letsencrypt.sh ]] && [[ ! -e /etc/dehydrated ]]; +then + # assume in production +# CA="https://acme-v01.api.letsencrypt.org/directory" ; +# CAHASH="$(echo "${CA}" | urlbase64)" +# mkdir /etc/dehydrated; +# mkdir -p /etc/dehydrated/accounts +# cp -a /etc/letsencrypt.sh/private_key.json /etc/dehydrated/accounts/${CAHASH}/registration_info.json +# cp -a /etc/letsencrypt.sh/private_key.pem /etc/dehydrated/accounts/${CAHASH}/account_key.pem +# cp -a /etc/letsencrypt.sh/certs /etc/dehydrated/ + mv -f /etc/letsencrypt.sh /etc/letsencrypt.sh.old; +fi + +# if letsencrypt still there but already migrated to dehydrated +if [[ -e /etc/letsencrypt.sh ]] && [[ -e /etc/dehydrated/certs ]]; +then + mv -f /etc/letsencrypt.sh /etc/letsencrypt.sh.old; fi +# if first installation of dehydrated if [[ ! -e /etc/dehydrated ]]; then mkdir /etc/dehydrated; fi @@ -197,26 +255,5 @@ chmod -R 0775 /home/e-smith/files/ibays chown -R apache:shared /home/e-smith/files/ibays/Primary/html/.well-known -echo "###################################################################" -echo "" -echo "************************************************************" -echo " NOTE ! letsencrypt.sh has had to be renamed to 'dehydrated'" -echo "************************************************************" -echo "" -echo "# After install please set your db keys" -echo "# Make sure you set the letsencrypt status key to test" -echo "# Enable some domains or hosts" -echo "# Then run the following" -echo "# signal-event console-save" -echo "# dehydrated -c" -echo "# Once you are satisfied set the letsencrypt status key to enabled" -echo "# mv /etc/dehydrated/private_key.pem /etc/dehydrated/private_key.test" -echo "# Run the dehydrated file again to generate your keys" -echo "# signal-event console-save" -echo "# dehydrated -c -x" -echo "# Thereafter only use" -echo "# dehydrated -c" -echo "# If you make any key changes run console-save first" -echo "###################################################################" %postun