# # spec file for package letsencrypt # # Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # See also http://en.opensuse.org/openSUSE:Specfile_guidelines Name: letsencrypt Version: 0.git.20151119.e02f26a Release: 109.1 Summary: Let's Encrypt License: Apache-2.0 Group: Productivity/Security Url: https://letsencrypt.org Source0: %{name}-%{version}.tar.xz BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-build BuildRequires: python-setuptools BuildRequires: swig BuildRequires: unzip BuildRequires: pkg-config BuildRequires: pkgconfig(python) >= 2.6.6 BuildRequires: pkgconfig(libffi) BuildRequires: pkgconfig(openssl) BuildRequires: fdupes BuildRequires: dialog # install_requires BuildRequires: acme BuildRequires: augeas-lenses BuildRequires: python-argparse BuildRequires: python-augeas BuildRequires: python-configargparse BuildRequires: python-configobj BuildRequires: python-cryptography >= 0.7 BuildRequires: python-ndg-httpsclient BuildRequires: python-jsonschema BuildRequires: python-mock < 1.1.0 BuildRequires: python-parsedatetime BuildRequires: python-psutil >= 2.1.0 BuildRequires: python-pyasn1 >= 0.1.7 BuildRequires: python-pyasn1-modules BuildRequires: python-pyOpenSSL >= 0.15 BuildRequires: python-pyparsing >= 1.5.5 BuildRequires: python-pyRFC3339 BuildRequires: python-python2-pythondialog >= 3.2.2 BuildRequires: python-pytz BuildRequires: python-requests BuildRequires: python-six BuildRequires: python-werkzeug BuildRequires: python-zope.component BuildRequires: python-zope.interface # dev_extras BuildRequires: python-astroid BuildRequires: python-pylint # docs_extras BuildRequires: python-repoze.sphinx.autointerface BuildRequires: python-Sphinx >= 1.2 BuildRequires: python-sphinx_rtd_theme BuildRequires: python-sphinxcontrib-programoutput # testing_extras BuildRequires: python-coverage BuildRequires: python-nose BuildRequires: python-nosexcover BuildRequires: python-tox #BuildRequires: python-pycrypto #BuildRequires: python-M2Crypto Requires: python-letsencrypt Requires: python-acme Requires: swig Requires: ca-certificates Requires: augeas-lenses Requires: python-augeas Requires: python-zope.component Requires: python-zope.interface Requires: python-python2-pythondialog Requires: python-pyRFC3339 Requires: python-psutil >= 2.1.0 Requires: python-parsedatetime Requires: python-mock < 1.1.0 Requires: python-six Requires: python-cryptography >= 0.7 Requires: python-configobj Requires: python-configargparse Requires: python-werkzeug Requires: python-requests Requires: python-pyOpenSSL >= 0.15 Requires: python-ndg-httpsclient Requires: python-argparse %define _logdir /var/log %description Disclaimer ========== This is a DEVELOPER PREVIEW intended for developers and testers only. DO NOT RUN THIS CODE ON A PRODUCTION SERVER. IT WILL INSTALL CERTIFICATES SIGNED BY A TEST CA, AND WILL CAUSE CERT WARNINGS FOR USERS. Browser-trusted certificates will be available in the coming months. For more information regarding the status of the project, please see https://letsencrypt.org. Be sure to checkout the Frequently Asked Questions (FAQ). About the Let's Encrypt Client ============================== In short: getting and installing SSL/TLS certificates made easy (`watch demo video`_). The Let's Encrypt Client is a tool to automatically receive and install X.509 certificates to enable TLS on servers. The client will interoperate with the Let's Encrypt CA which will be issuing browser-trusted certificates for free beginning the summer of 2015. It's all automated: * The tool will prove domain control to the CA and submit a CSR (Certificate Signing Request). * If domain control has been proven, a certificate will get issued and the tool will automatically install it. All you need to do to sign a single domain is: user@www:~$ sudo letsencrypt -d www.example.org auth For multiple domains (SAN) use: user@www:~$ sudo letsencrypt -d www.example.org -d example.org auth and if you have a compatible web server (Apache or Nginx), Let's Encrypt can not only get a new certificate, but also deploy it and configure your server automatically!: user@www:~$ sudo letsencrypt -d www.example.org run Encrypt ALL the things! Current Features ================ * web servers supported: - apache/2.x (tested and working on Ubuntu Linux) - nginx/0.8.48+ (tested and mostly working on Ubuntu Linux) - standalone (runs its own webserver to prove you control the domain) * the private key is generated locally on your system * can talk to the Let's Encrypt (demo) CA or optionally to other ACME compliant services * can get domain-validated (DV) certificates * can revoke certificates * adjustable RSA key bitlength (2048 (default), 4096, ...) * optionally can install a http->https redirect, so your site effectively runs https only (Apache only) * fully automated * configuration changes are logged and can be reverted using the CLI * text and ncurses UI * Free and Open Source Software, made with Pytho %package doc Summary: Documentation for Let's Encrypt Group: Documentation/Other %description doc epub and html documentation for Let's Encrypt %package -n python-letsencrypt Summary: Let's Encrypt Group: Development/Libraries/Python Requires: %{name}-%{version} %description -n python-letsencrypt letsencrypt modul for Let's Encrypt %package -n python-letsencrypt-apache Summary: Let's Encrypt Group: Development/Libraries/Python Requires: %{name}-%{version} %description -n python-letsencrypt-apache letsencrypt-apache modul for Let's Encrypt %package -n python-letsencrypt-nginx Summary: Let's Encrypt Group: Development/Libraries/Python Requires: %{name}-%{version} %description -n python-letsencrypt-nginx letsencrypt-nginx modul for Let's Encrypt %package -n python-acme Summary: Let's Encrypt Group: Development/Libraries/Python Requires: %{name}-%{version} %description -n python-acme acme modul for Let's Encrypt %prep %setup -q -n %{name}-%{version} %{__sed} -i 's|PyOpenSSL>=0.15|pyOpenSSL>=0.15|g' setup.py %build # docs pushd docs make html make epub make text # man make man gzip _build/man/letsencrypt-renewer.1 gzip _build/man/letsencrypt.1 gzip _build/man/letsencrypt.7 # not needed rm -f _build/html/.buildinfo rm -f _build/epub/.buildinfo popd # acme pushd acme python setup.py build popd # apache pushd letsencrypt-apache python setup.py build popd # nginx pushd letsencrypt-nginx python setup.py build popd # letsencrypt python setup.py build %install # acme pushd acme python setup.py install --prefix=%{_prefix} --root=%{buildroot} popd # apache pushd letsencrypt-apache python setup.py install --prefix=%{_prefix} --root=%{buildroot} popd # nginx pushd letsencrypt-nginx python setup.py install --prefix=%{_prefix} --root=%{buildroot} popd # letsencrypt python setup.py install --prefix=%{_prefix} --root=%{buildroot} %fdupes %{buildroot} # config install -d -m 0755 %{buildroot}%{_sysconfdir} install -d -m 0755 %{buildroot}%{_sysconfdir}/letsencrypt install -d -m 0755 %{buildroot}%{_sysconfdir}/letsencrypt/archive install -d -m 0755 %{buildroot}%{_sysconfdir}/letsencrypt/keys install -d -m 0755 %{buildroot}%{_sysconfdir}/letsencrypt/live # man install -d -m 0775 %{buildroot}%{_mandir} install -d -m 0775 %{buildroot}%{_mandir}/man1 install -d -m 0775 %{buildroot}%{_mandir}/man7 cp -a docs/_build/man/*.1.gz %{buildroot}%{_mandir}/man1/ cp -a docs/_build/man/*.7.gz %{buildroot}%{_mandir}/man7/ # log install -d -m 0775 %{buildroot}%{_logdir}/%{name} # cli.ini cat > %{buildroot}%{_sysconfdir}/%{name}/cli.ini << EOF # This is an example of the kind of things you can do in a configuration file. # All flags used by the client can be configured here. Run Let's Encrypt with # "--help" to learn more about the available options. # Use a 4096 bit RSA key instead of 2048 rsa-key-size = 4096 # Always use the staging/testing server server = https://acme-staging.api.letsencrypt.org/directory # Uncomment and update to register with the specified e-mail address # email = foo@example.com # Uncomment to use a text interface instead of ncurses # text = True # Uncomment to use the standalone authenticator on port 443 # authenticator = standalone # standalone-supported-challenges = tls-sni-01 # Uncomment to use the webroot authenticator. Replace webroot-path with the # path to the public_html / webroot folder being served by your web server. # authenticator = webroot # webroot-path = /srv/www/htdocs EOF mv %{buildroot}%{_bindir}/jws %{buildroot}%{_bindir}/jws-%{py_ver} mv %{buildroot}%{_bindir}/letsencrypt %{buildroot}%{_bindir}/letsencrypt-%{py_ver} mv %{buildroot}%{_bindir}/letsencrypt-renewer %{buildroot}%{_bindir}/letsencrypt-renewer-%{py_ver} pushd %{buildroot}%{_bindir} ln -s jws-%{py_ver} jws ln -s letsencrypt-%{py_ver} letsencrypt ln -s letsencrypt-renewer-%{py_ver} letsencrypt-renewer popd %check #python setup.py test %files %defattr(-,root,root) %doc CHANGES.rst README.rst %dir %{_sysconfdir}/%{name} %dir %{_sysconfdir}/%{name}/archive %dir %{_sysconfdir}/%{name}/keys %dir %{_sysconfdir}/%{name}/live %config(noreplace) %{_sysconfdir}/%{name}/cli.ini %{_mandir}/*/* %{_bindir}/jws %{_bindir}/jws-%{py_ver} %{_bindir}/%{name} %{_bindir}/%{name}-%{py_ver} %{_bindir}/%{name}-renewer %{_bindir}/%{name}-renewer-%{py_ver} %dir %{_logdir}/%{name} %files doc %defattr(-,root,root) %doc docs/_build/epub/LetsEncrypt.epub %doc docs/_build/html %doc docs/_build/text %files -n python-letsencrypt %defattr(-,root,root) %{python_sitelib}/%{name} %{python_sitelib}/%{name}-* %files -n python-letsencrypt-apache %defattr(-,root,root) %{python_sitelib}/%{name}_apache* %files -n python-letsencrypt-nginx %defattr(-,root,root) %{python_sitelib}/%{name}_nginx* %files -n python-acme %defattr(-,root,root) %{python_sitelib}/acme* %changelog * Sat Sep 5 2015 ecsos@opensuse.org - add man pages - add python-letsencrypt-apache and python-letsencrypt-nginx * Fri Sep 4 2015 ecsos@opensuse.org - add missing requirements * Fri Aug 7 2015 ecsos@opensuse.org - inititial version: developer preview