summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--debian/control52
-rw-r--r--debian/open-infrastructure-dehydrated-tools.config60
-rwxr-xr-xdebian/open-infrastructure-dehydrated-tools.postinst160
-rw-r--r--debian/open-infrastructure-dehydrated-tools.templates51
4 files changed, 323 insertions, 0 deletions
diff --git a/debian/control b/debian/control
index d7c8788..6e08ea5 100644
--- a/debian/control
+++ b/debian/control
@@ -29,3 +29,55 @@ Description: additional tools for Apache HTTP server
.
* alternative icons for Apache autoindex (Tango Icons and Font Awesome
based themes)
+
+#Package: open-infrastructure-dehydrated-tools
+#Section: admin
+#Architecture: all
+#Depends:
+# dehydrated,
+# ${misc:Depends},
+#Provides:
+# dehydrated-tools,
+#Enhances:
+# dehydrated,
+#Description: additional tools for dehydrated Letsencrypt client
+# This package contains additional tools for the dehydrated Letsencrypt client.
+
+#Package: open-infrastructure-git-tools
+#Section: admin
+#Architecture: all
+#Depends:
+# git,
+# ${misc:Depends},
+#Provides:
+# git-tools,
+#Enhances:
+# git,
+#Description: additional tools for Git version control system
+# This package contains additional tools for the Git version control system.
+
+#Package: open-infrastructure-irker-tools
+#Section: admin
+#Architecture: all
+#Depends:
+# irker,
+# ${misc:Depends},
+#Provides:
+# irker-tools,
+#Enhances:
+# irker,
+#Description: additional tools for irker IRC notification daemon
+# This package contains additional tools for the irker IRC notification daemon:
+
+#Package: open-infrastructure-knot-resolver-tools
+#Section: admin
+#Architecture: all
+#Depends:
+# knot-resolver,
+# ${misc:Depends},
+#Provides:
+# knot-resolver-tools,
+#Enhances:
+# knot-resolver,
+#Description: additional tools for knot DNS resolver
+# This package contains additional tools for the knot DNS resolver.
diff --git a/debian/open-infrastructure-dehydrated-tools.config b/debian/open-infrastructure-dehydrated-tools.config
new file mode 100644
index 0000000..d2e8cd2
--- /dev/null
+++ b/debian/open-infrastructure-dehydrated-tools.config
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+set -e
+
+for FILE in /etc/dehydrated/config /etc/dehydrated/conf.d/*.sh
+do
+ if [ -e "${FILE}" ]
+ then
+ . ${FILE} || true
+ fi
+done
+
+. /usr/share/debconf/confmodule
+
+if [ -n "${CA}" ]
+then
+ db_set open-infrastructure-dehydrated-tools/ca "${CA}"
+fi
+
+db_settitle open-infrastructure-dehydrated-tools/title
+db_input low open-infrastructure-dehydrated-tools/ca || true
+db_go
+
+if [ -n "${CHALLENGETYPE}" ]
+then
+ db_set open-infrastructure-dehydrated-tools/challengetype "${CHALLENGETYPE}"
+fi
+
+db_settitle open-infrastructure-dehydrated-tools/title
+db_input low open-infrastructure-dehydrated-tools/challengetype || true
+db_go
+
+if [ -n "${CONTACT_EMAIL}" ]
+then
+ db_set open-infrastructure-dehydrated-tools/contact-email "${CONTACT_EMAIL}"
+fi
+
+db_settitle open-infrastructure-dehydrated-tools/title
+db_input low open-infrastructure-dehydrated-tools/contact-email || true
+db_go
+
+if [ -e /usr/share/dehydrated/hooks ]
+then
+ HOOKS_CHOICES="$(cd /usr/share/dehydrated/hooks && find -maxdepth 1 -not -type d -printf '%P\n' | sort)"
+ db_subst open-infrastructure-dehydrated-tools/hooks HOOKS_CHOICES "$(echo ${HOOKS_CHOICES} | sed -e 's| |, |g')"
+
+ db_settitle open-infrastructure-dehydrated-tools/title
+ db_input low open-infrastructure-dehydrated-tools/hooks || true
+ db_go
+fi
+
+db_settitle open-infrastructure-dehydrated-tools/title
+db_input low open-infrastructure-dehydrated-tools/basedir || true
+db_go
+
+db_settitle open-infrastructure-dehydrated-tools/title
+db_input low open-infrastructure-dehydrated-tools/register || true
+db_go
+
+db_stop
diff --git a/debian/open-infrastructure-dehydrated-tools.postinst b/debian/open-infrastructure-dehydrated-tools.postinst
new file mode 100755
index 0000000..116223f
--- /dev/null
+++ b/debian/open-infrastructure-dehydrated-tools.postinst
@@ -0,0 +1,160 @@
+#!/bin/sh
+
+set -e
+
+Config ()
+{
+ FILE="${1}"
+ KEY="${2}"
+ VALUE="${3}"
+
+ TMPFILE="$(mktemp --dry-run ${FILE}.XXXX)"
+
+ if [ ! -e "${FILE}" ]
+ then
+
+cat > "${FILE}" << EOF
+# ${FILE}
+
+${KEY}="${VALUE}"
+EOF
+
+ fi
+
+ cp -a -f "${FILE}" "${TMPFILE}"
+
+ test -z "${VALUE}" || \
+ grep -Eq "^ *$(echo ${KEY})=" "${FILE}" || \
+ echo "${KEY}=" >> "$FILE}"
+
+ sed -e "s|^ *\($(echo ${KEY})\)=.*|\1=\"${VALUE}\"|" \
+ < "${FILE}" > "${TMPFILE}"
+
+ mv -f "${TMPFILE}" "${FILE}"
+}
+
+Install ()
+{
+ DEFAULT="${1}"
+ TARGET="${2}"
+
+ mkdir -p "${DEFAULT}"
+ mkdir -p "${TARGET}"
+
+ if [ "${TARGET}" != "${DEFAULT}" ]
+ then
+ if [ -h "${DEFAULT}" ]
+ then
+ rm -f "${DEFAULT}"
+ ln -s "${TARGET}" "${DEFAULT}"
+ else
+ if [ -e "${DEFAULT}" ] && [ -z "$(ls -A ${DEFAULT})" ]
+ then
+ rmdir "${DEFAULT}"
+ ln -s "${TARGET}" "${DEFAULT}"
+ fi
+ fi
+ fi
+
+ if ! dpkg-statoverride --list "${DEFAULT}" > /dev/null 2>&1 &&
+ ! dpkg-statoverride --list "${TARGET}" > /dev/null 2>&1
+ then
+ if getent group ssl-cert > /dev/null 2>&1
+ then
+ GROUP="ssl-cert"
+ else
+ GROUP="root"
+ fi
+
+ chmod 0770 "${TARGET}"
+ chown root:"${GROUP}" "${TARGET}"
+
+ chmod 0770 "${DEFAULT}"
+ chown root:"${GROUP}" "${DEFAULT}"
+ fi
+}
+
+case "${1}" in
+ configure)
+ . /usr/share/debconf/confmodule
+
+ db_get open-infrastructure-dehydrated-tools/ca
+ CA="${RET}" # select
+
+ db_get open-infrastructure-dehydrated-tools/challengetype
+ CHALLENGETYPE="${RET}" # select
+
+ db_get open-infrastructure-dehydrated-tools/contact-email
+ CONTACT_EMAIL="${RET}" # string (w/ empty)
+
+ db_get open-infrastructure-dehydrated-tools/hooks
+ HOOKS="${RET}" # multi-select (w/ empty)
+
+ db_get open-infrastructure-dehydrated-tools/basedir
+ NEW_BASEDIR="${RET}" # string (w/o empty)
+
+ db_get open-infrastructure-dehydrated-tools/register
+ REGISTER="${RET}" # boolean
+
+ db_stop
+
+ Config /etc/dehydrated/conf.d/ca.sh CA ${CA}
+ Config /etc/dehydrated/conf.d/challenge.sh CHALLENGETYPE ${CHALLENGETYPE}
+ Config /etc/dehydrated/conf.d/contact.sh CONTACT_EMAIL ${CONTACT_EMAIL}
+
+ for HOOK in $(cd /usr/share/dehydrated/hooks && find -maxdepth 1 -not -type d -printf '%P\n' | sort)
+ do
+ if [ -L "/etc/dehydrated/hook.d/${HOOK}" ]
+ then
+ rm -f "/etc/dehydrated/hook.d/${HOOK}"
+ fi
+ done
+
+ if [ -n "${HOOKS}" ]
+ then
+ Config /etc/dehydrated/conf.d/hook.sh HOOK /usr/bin/dehydrated-hook.d
+
+ HOOKS="$(echo ${HOOKS} | sed -e 's|,| |g')"
+
+ for HOOK in ${HOOKS}
+ do
+ if [ ! -e "/etc/dehydrated/hook.d/${HOOK}" ]
+ then
+ ln -sf "/usr/share/dehydrated/hooks/${HOOK}" "/etc/dehydrated/hook.d/${HOOK}"
+ fi
+ done
+ fi
+
+ for FILE in /etc/dehydrated/config /etc/dehydrated/conf.d/*.sh
+ do
+ if [ -e "${FILE}" ]
+ then
+ . ${FILE} || true
+ fi
+ done
+
+ if [ -n "${NEW_BASEDIR}" ] && [ "${BASEDIR}" != "${NEW_BASEDIR}" ]
+ then
+ Install "${BASEDIR}" "${NEW_BASEDIR}"
+ fi
+
+ case "${REGISTER}" in
+ true)
+ dehydrated --register --accept-terms
+ ;;
+ esac
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`${1}'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/open-infrastructure-dehydrated-tools.templates b/debian/open-infrastructure-dehydrated-tools.templates
new file mode 100644
index 0000000..7f14cb9
--- /dev/null
+++ b/debian/open-infrastructure-dehydrated-tools.templates
@@ -0,0 +1,51 @@
+Template: open-infrastructure-dehydrated-tools/title
+Type: title
+Description: dehydrated-tools: Setup
+
+Template: open-infrastructure-dehydrated-tools/ca
+Type: select
+Choices: letsencrypt, letsencrypt-test, zerossl, buypass, buypass-test
+Default: letsencrypt
+Description: dehydrated Certificate Authority (CA):
+ Please select the Certificate Authority to use with dehydrated.
+ .
+ If unsure, use letsencrypt (default).
+
+Template: open-infrastructure-dehydrated-tools/challengetype
+Type: select
+Choices: dns-01, http-01
+Default: http-01
+Description: dehydrated Challenge Type:
+ Please select the challenge type to use with dehydrated.
+ .
+ If unsure, use http-01 (default).
+
+Template: open-infrastructure-dehydrated-tools/contact-email
+Type: string
+Default:
+Description: dehydrated Contact Email:
+ Please select an optional contact email address for notifications of your CA.
+ .
+ If unsure, leave empty (default).
+
+Template: open-infrastructure-dehydrated-tools/hooks
+Type: multiselect
+Choices: ${HOOKS_CHOICES}
+Default:
+Description: dehydrated hooks:
+ Please select any hooks that should be enabled for dehydrated.
+
+Template: open-infrastructure-dehydrated-tools/basedir
+Type: string
+Default:
+Description: dehydrated base directory:
+ Please enter the base directory where all the certificates are stored.
+ .
+ If unsure, use /var/lib/dehydrated (default).
+
+Template: open-infrastructure-dehydrated-tools/register
+Type: boolean
+Default: false
+Description: dehydrated register:
+ Should a 'dehydrated --register --accept-terms' be executed now to create
+ an account for this system with your CA.