diff options
Diffstat (limited to 'app-crypt/dehydrated')
-rw-r--r-- | app-crypt/dehydrated/Manifest | 4 | ||||
-rw-r--r-- | app-crypt/dehydrated/dehydrated-0.6.5.ebuild | 68 | ||||
-rw-r--r-- | app-crypt/dehydrated/dehydrated-0.7.0-r1.ebuild | 50 | ||||
-rw-r--r-- | app-crypt/dehydrated/dehydrated-0.7.1.ebuild | 61 | ||||
-rw-r--r-- | app-crypt/dehydrated/files/00_gentoo.sh-r1 | 4 | ||||
-rw-r--r-- | app-crypt/dehydrated/files/cron | 2 | ||||
-rw-r--r-- | app-crypt/dehydrated/files/cron-r1 | 2 | ||||
-rw-r--r-- | app-crypt/dehydrated/files/dehydrated-0.7.0-fix-CN-extraction-for-older-openssl-versions.patch | 30 | ||||
-rw-r--r-- | app-crypt/dehydrated/metadata.xml | 9 |
9 files changed, 153 insertions, 77 deletions
diff --git a/app-crypt/dehydrated/Manifest b/app-crypt/dehydrated/Manifest index e13b79053a90..a35814a589cb 100644 --- a/app-crypt/dehydrated/Manifest +++ b/app-crypt/dehydrated/Manifest @@ -1 +1,3 @@ -DIST dehydrated-0.6.5.tar.gz 82274 BLAKE2B 3c8138bafdaab9c60db1463860d6c16dd0fb8e686f368e55a4fa010d004f350d03cdd161dde38361411506959f896a25ef802b76432c0fcd89a69d75fe1be9c9 SHA512 da8ff3ecb7ddeb25356469fa272aef4e7c3705049caf88d09656dbc4baf29e0efa135e6f154c78cec82da17a27a78f2145ee3b7bd71521a080e10550d09b8a53 +DIST dehydrated-0.7.0.tar.gz 86574 BLAKE2B 35a3b0b7592126ca65003a6c9eb8934a76584710d028057e5add7f77bb2fa3799e89a060306da3b98a62d291229a2a78f23e0f95f19e033796aee31e97b94488 SHA512 47740d2d31ca73482a4fc5ed0dfce986af907dd5449cb3a5230bf9683845686c8122fc32e6219a4439574ef11d6fb104ee09591c5ff667927a2c9c13ba005511 +DIST dehydrated-0.7.1.tar.gz 119992 BLAKE2B 0b287537206936ceff33bde8bbb8ab7b13f28bf58cd29c898348db0cf5a83157fed4535da218ac48a810a93b99474e96334a27c062c157e2f164b0e516b47111 SHA512 b7ac078d6034e784f3f485e8ce56b5fa2f1e2a3b5ef014d260046b5f1d5cbd99727501e95a9530d0d1b2f300003d3fa5bf7e7f532092041597236d92fbeb0f3c +DIST dehydrated-0.7.1.tar.gz.asc 488 BLAKE2B 0dd678976f897e8684695bce1742e498bcbec0f78781a53dae7f715a1a379f85eba3531c0f3181dcab9bd7005f086e82889dad6d26f7d2075c877eef3d653acf SHA512 f03872b7e087b3f719a76aaebd46f017f47595feb03a29f5fcbe33796655cdcd0a34580ae34a85e3280c8305a2fe2ada47e4436bfbec294b7dbf67768df86394 diff --git a/app-crypt/dehydrated/dehydrated-0.6.5.ebuild b/app-crypt/dehydrated/dehydrated-0.6.5.ebuild deleted file mode 100644 index fab5c7c8615d..000000000000 --- a/app-crypt/dehydrated/dehydrated-0.6.5.ebuild +++ /dev/null @@ -1,68 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" - -inherit user - -DESCRIPTION="a client for signing certificates with an ACME-server" -HOMEPAGE="https://github.com/lukas2511/dehydrated" -SRC_URI="https://github.com/lukas2511/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" - -LICENSE="MIT" -SLOT="0" -KEYWORDS="amd64 arm arm64 x86" -IUSE="+cron" - -DEPEND="cron? ( virtual/cron )" -RDEPEND=" - ${DEPEND} - app-shells/bash - net-misc/curl -" - -src_configure() { - default - sed -i 's,^#CONFIG_D=.*,CONFIG_D="/etc/dehydrated/config.d",' docs/examples/config || die "could not set config (CONFIG_D)" -} - -src_install() { - dobin "${PN}" - insinto "/etc/${PN}" - doins docs/examples/{config,domains.txt,hook.sh} - fperms u+x "/etc/${PN}/hook.sh" - dodoc docs/*.md - - insinto /etc/"${PN}"/config.d - doins "${FILESDIR}"/00_gentoo.sh - - if use cron ; then - insinto "/etc/cron.d" - newins "${FILESDIR}"/cron "${PN}" - fi - - dodir /etc/"${PN}"/config.d - keepdir /etc/"${PN}"/config.d - - default -} - -pkg_preinst() { - enewgroup "${PN}" - enewuser "${PN}" -1 -1 /var/lib/"${PN}" "${PN}" -} - -pkg_postinst() { - if [[ "${REPLACING_VERSIONS}" =~ (0\.3\.1|0\.4\.0) ]]; then - ewarn "" - ewarn "The new default BASEDIR is now '/var/lib/dehydrated'" - ewarn "Please consider migrating your data with a command like" - ewarn "" - ewarn " 'mv -v /etc/dehydrated/{accounts,archive,certs,lock} /var/lib/dehydrated'" - ewarn "" - ewarn "and make sure BASEDIR is set to '/var/lib/dehydrated'" - ewarn "" - fi - einfo "See /etc/dehydrated/config for configuration." - use cron && einfo "After finishing setup you should enable the cronjob in /etc/cron.d/dehydrated." -} diff --git a/app-crypt/dehydrated/dehydrated-0.7.0-r1.ebuild b/app-crypt/dehydrated/dehydrated-0.7.0-r1.ebuild new file mode 100644 index 000000000000..120ac925e81f --- /dev/null +++ b/app-crypt/dehydrated/dehydrated-0.7.0-r1.ebuild @@ -0,0 +1,50 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="7" + +DESCRIPTION="A client for signing certificates with an ACME-server" +HOMEPAGE="https://github.com/dehydrated-io/dehydrated" +SRC_URI="https://github.com/dehydrated-io/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="amd64 arm arm64 ~ppc64 ~riscv x86" +IUSE="+cron" + +RDEPEND="acct-group/dehydrated + acct-user/dehydrated + app-shells/bash + net-misc/curl + cron? ( virtual/cron )" + +PATCHES=( "${FILESDIR}"/${P}-fix-CN-extraction-for-older-openssl-versions.patch ) + +src_configure() { + default + sed -i 's,^#CONFIG_D=.*,CONFIG_D="/etc/dehydrated/config.d",' docs/examples/config || die "could not set config (CONFIG_D)" +} + +src_install() { + dobin ${PN} + insinto /etc/${PN} + doins docs/examples/{config,domains.txt,hook.sh} + fperms u+x /etc/${PN}/hook.sh + dodoc docs/*.md + + insinto /etc/${PN}/config.d + doins "${FILESDIR}"/00_gentoo.sh + + if use cron ; then + insinto /etc/cron.d + newins "${FILESDIR}"/cron-r1 ${PN} + fi +} + +pkg_postinst() { + if [[ -z "${REPLACING_VERSIONS}" ]] ; then + einfo "See /etc/dehydrated/config for configuration." + + use cron && einfo "After finishing setup you should enable the cronjob in /etc/cron.d/dehydrated." + fi +} diff --git a/app-crypt/dehydrated/dehydrated-0.7.1.ebuild b/app-crypt/dehydrated/dehydrated-0.7.1.ebuild new file mode 100644 index 000000000000..c760e927efba --- /dev/null +++ b/app-crypt/dehydrated/dehydrated-0.7.1.ebuild @@ -0,0 +1,61 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="8" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/dehydrated.asc + +inherit verify-sig + +DESCRIPTION="A client for signing certificates with an ACME-server" +HOMEPAGE="https://dehydrated.io/" +SRC_URI=" + https://github.com/dehydrated-io/${PN}/releases/download/v${PV}/${P}.tar.gz + verify-sig? ( https://github.com/dehydrated-io/${PN}/releases/download/v${PV}/${P}.tar.gz.asc ) +" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="+cron" + +BDEPEND="verify-sig? ( sec-keys/openpgp-keys-dehydrated )" +RDEPEND="acct-group/dehydrated + acct-user/dehydrated + app-shells/bash + net-misc/curl + cron? ( virtual/cron )" + +src_configure() { + default + sed -i 's,^#CONFIG_D=.*,CONFIG_D="/etc/dehydrated/config.d",' docs/examples/config \ + || die "could not set config (CONFIG_D)" +} + +src_install() { + dobin ${PN} + insinto /etc/${PN} + doins docs/examples/{config,domains.txt,hook.sh} + fperms u+x /etc/${PN}/hook.sh + dodoc docs/*.md + + insinto /etc/${PN}/config.d + newins "${FILESDIR}"/00_gentoo.sh-r1 00_gentoo.sh + + keepdir /etc/${PN}/domains.d + + doman docs/man/dehydrated.1 + + if use cron ; then + insinto /etc/cron.d + newins "${FILESDIR}"/cron-r1 ${PN} + fi +} + +pkg_postinst() { + if [[ -z "${REPLACING_VERSIONS}" ]] ; then + einfo "See /etc/dehydrated/config for configuration." + + use cron && einfo "After finishing setup you should enable the cronjob in /etc/cron.d/dehydrated." + fi +} diff --git a/app-crypt/dehydrated/files/00_gentoo.sh-r1 b/app-crypt/dehydrated/files/00_gentoo.sh-r1 new file mode 100644 index 000000000000..53e9c0dfe538 --- /dev/null +++ b/app-crypt/dehydrated/files/00_gentoo.sh-r1 @@ -0,0 +1,4 @@ +# base config required for gentoo defaults +BASEDIR="/var/lib/dehydrated" +DOMAINS_TXT="/etc/dehydrated/domains.txt" +DOMAINS_D="/etc/dehydrated/domains.d" diff --git a/app-crypt/dehydrated/files/cron b/app-crypt/dehydrated/files/cron deleted file mode 100644 index df03b5fcee13..000000000000 --- a/app-crypt/dehydrated/files/cron +++ /dev/null @@ -1,2 +0,0 @@ -# dehydrated cron job -#0 2 * * * dehydrated /usr/bin/dehydrated --cron diff --git a/app-crypt/dehydrated/files/cron-r1 b/app-crypt/dehydrated/files/cron-r1 new file mode 100644 index 000000000000..31d1bb805a3e --- /dev/null +++ b/app-crypt/dehydrated/files/cron-r1 @@ -0,0 +1,2 @@ +# dehydrated cron job +#27 2 * * * dehydrated /usr/bin/dehydrated --cron diff --git a/app-crypt/dehydrated/files/dehydrated-0.7.0-fix-CN-extraction-for-older-openssl-versions.patch b/app-crypt/dehydrated/files/dehydrated-0.7.0-fix-CN-extraction-for-older-openssl-versions.patch new file mode 100644 index 000000000000..91188fbe3587 --- /dev/null +++ b/app-crypt/dehydrated/files/dehydrated-0.7.0-fix-CN-extraction-for-older-openssl-versions.patch @@ -0,0 +1,30 @@ +From 29b67962ac07d5d2b24f69c863a9ef31e8ac53ee Mon Sep 17 00:00:00 2001 +From: Lukas Schauer <lukas@schauer.so> +Date: Fri, 11 Dec 2020 18:02:51 +0100 +Subject: [PATCH] fix CN extraction for older openssl versions + +--- + dehydrated | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/dehydrated b/dehydrated +index 622165e..37e0ab6 100755 +--- a/dehydrated ++++ b/dehydrated +@@ -926,14 +926,14 @@ extract_altnames() { + printf "%s" "${altnames}" | tr '\n' ' ' + else + # No SANs, extract CN +- altnames="$( <<<"${reqtext}" grep '^[[:space:]]*Subject:' | _sed -e 's/.* CN ?= ?([^ /,]*).*/\1/' )" ++ altnames="$( <<<"${reqtext}" grep '^[[:space:]]*Subject:' | _sed -e 's/.*[ /]CN ?= ?([^ /,]*).*/\1/' )" + printf "%s" "${altnames}" + fi + } + + # Get last issuer CN in certificate chain + get_last_cn() { +- <<<"${1}" _sed 'H;/-----BEGIN CERTIFICATE-----/h;$!d;x' | "${OPENSSL}" x509 -noout -issuer | head -n1 | _sed -e 's/.* CN ?= ?([^/,]*).*/\1/' ++ <<<"${1}" _sed 'H;/-----BEGIN CERTIFICATE-----/h;$!d;x' | "${OPENSSL}" x509 -noout -issuer | head -n1 | _sed -e 's/.*[ /]CN ?= ?([^/,]*).*/\1/' + } + + # Create certificate for domain(s) and outputs it FD 3 diff --git a/app-crypt/dehydrated/metadata.xml b/app-crypt/dehydrated/metadata.xml index f2198d055c2f..d4974e2fd2d8 100644 --- a/app-crypt/dehydrated/metadata.xml +++ b/app-crypt/dehydrated/metadata.xml @@ -1,13 +1,10 @@ -<?xml version='1.0' encoding='UTF-8'?> -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> <maintainer type="person"> <email>mschiff@gentoo.org</email> </maintainer> - <maintainer type="person"> - <email>whissi@gentoo.org</email> - <name>Thomas Deutschmann</name> - </maintainer> + <stabilize-allarches/> <use> <flag name="cron">Install cron job to sign/renew non-existent/changed/expiring certificates</flag> </use> |