diff options
-rw-r--r-- | debian/control | 52 | ||||
-rw-r--r-- | debian/open-infrastructure-dehydrated-tools.config | 60 | ||||
-rwxr-xr-x | debian/open-infrastructure-dehydrated-tools.postinst | 160 | ||||
-rw-r--r-- | debian/open-infrastructure-dehydrated-tools.templates | 51 |
4 files changed, 323 insertions, 0 deletions
diff --git a/debian/control b/debian/control index d7c8788..6e08ea5 100644 --- a/debian/control +++ b/debian/control @@ -29,3 +29,55 @@ Description: additional tools for Apache HTTP server . * alternative icons for Apache autoindex (Tango Icons and Font Awesome based themes) + +#Package: open-infrastructure-dehydrated-tools +#Section: admin +#Architecture: all +#Depends: +# dehydrated, +# ${misc:Depends}, +#Provides: +# dehydrated-tools, +#Enhances: +# dehydrated, +#Description: additional tools for dehydrated Letsencrypt client +# This package contains additional tools for the dehydrated Letsencrypt client. + +#Package: open-infrastructure-git-tools +#Section: admin +#Architecture: all +#Depends: +# git, +# ${misc:Depends}, +#Provides: +# git-tools, +#Enhances: +# git, +#Description: additional tools for Git version control system +# This package contains additional tools for the Git version control system. + +#Package: open-infrastructure-irker-tools +#Section: admin +#Architecture: all +#Depends: +# irker, +# ${misc:Depends}, +#Provides: +# irker-tools, +#Enhances: +# irker, +#Description: additional tools for irker IRC notification daemon +# This package contains additional tools for the irker IRC notification daemon: + +#Package: open-infrastructure-knot-resolver-tools +#Section: admin +#Architecture: all +#Depends: +# knot-resolver, +# ${misc:Depends}, +#Provides: +# knot-resolver-tools, +#Enhances: +# knot-resolver, +#Description: additional tools for knot DNS resolver +# This package contains additional tools for the knot DNS resolver. diff --git a/debian/open-infrastructure-dehydrated-tools.config b/debian/open-infrastructure-dehydrated-tools.config new file mode 100644 index 0000000..d2e8cd2 --- /dev/null +++ b/debian/open-infrastructure-dehydrated-tools.config @@ -0,0 +1,60 @@ +#!/bin/sh + +set -e + +for FILE in /etc/dehydrated/config /etc/dehydrated/conf.d/*.sh +do + if [ -e "${FILE}" ] + then + . ${FILE} || true + fi +done + +. /usr/share/debconf/confmodule + +if [ -n "${CA}" ] +then + db_set open-infrastructure-dehydrated-tools/ca "${CA}" +fi + +db_settitle open-infrastructure-dehydrated-tools/title +db_input low open-infrastructure-dehydrated-tools/ca || true +db_go + +if [ -n "${CHALLENGETYPE}" ] +then + db_set open-infrastructure-dehydrated-tools/challengetype "${CHALLENGETYPE}" +fi + +db_settitle open-infrastructure-dehydrated-tools/title +db_input low open-infrastructure-dehydrated-tools/challengetype || true +db_go + +if [ -n "${CONTACT_EMAIL}" ] +then + db_set open-infrastructure-dehydrated-tools/contact-email "${CONTACT_EMAIL}" +fi + +db_settitle open-infrastructure-dehydrated-tools/title +db_input low open-infrastructure-dehydrated-tools/contact-email || true +db_go + +if [ -e /usr/share/dehydrated/hooks ] +then + HOOKS_CHOICES="$(cd /usr/share/dehydrated/hooks && find -maxdepth 1 -not -type d -printf '%P\n' | sort)" + db_subst open-infrastructure-dehydrated-tools/hooks HOOKS_CHOICES "$(echo ${HOOKS_CHOICES} | sed -e 's| |, |g')" + + db_settitle open-infrastructure-dehydrated-tools/title + db_input low open-infrastructure-dehydrated-tools/hooks || true + db_go +fi + +db_settitle open-infrastructure-dehydrated-tools/title +db_input low open-infrastructure-dehydrated-tools/basedir || true +db_go + +db_settitle open-infrastructure-dehydrated-tools/title +db_input low open-infrastructure-dehydrated-tools/register || true +db_go + +db_stop diff --git a/debian/open-infrastructure-dehydrated-tools.postinst b/debian/open-infrastructure-dehydrated-tools.postinst new file mode 100755 index 0000000..116223f --- /dev/null +++ b/debian/open-infrastructure-dehydrated-tools.postinst @@ -0,0 +1,160 @@ +#!/bin/sh + +set -e + +Config () +{ + FILE="${1}" + KEY="${2}" + VALUE="${3}" + + TMPFILE="$(mktemp --dry-run ${FILE}.XXXX)" + + if [ ! -e "${FILE}" ] + then + +cat > "${FILE}" << EOF +# ${FILE} + +${KEY}="${VALUE}" +EOF + + fi + + cp -a -f "${FILE}" "${TMPFILE}" + + test -z "${VALUE}" || \ + grep -Eq "^ *$(echo ${KEY})=" "${FILE}" || \ + echo "${KEY}=" >> "$FILE}" + + sed -e "s|^ *\($(echo ${KEY})\)=.*|\1=\"${VALUE}\"|" \ + < "${FILE}" > "${TMPFILE}" + + mv -f "${TMPFILE}" "${FILE}" +} + +Install () +{ + DEFAULT="${1}" + TARGET="${2}" + + mkdir -p "${DEFAULT}" + mkdir -p "${TARGET}" + + if [ "${TARGET}" != "${DEFAULT}" ] + then + if [ -h "${DEFAULT}" ] + then + rm -f "${DEFAULT}" + ln -s "${TARGET}" "${DEFAULT}" + else + if [ -e "${DEFAULT}" ] && [ -z "$(ls -A ${DEFAULT})" ] + then + rmdir "${DEFAULT}" + ln -s "${TARGET}" "${DEFAULT}" + fi + fi + fi + + if ! dpkg-statoverride --list "${DEFAULT}" > /dev/null 2>&1 && + ! dpkg-statoverride --list "${TARGET}" > /dev/null 2>&1 + then + if getent group ssl-cert > /dev/null 2>&1 + then + GROUP="ssl-cert" + else + GROUP="root" + fi + + chmod 0770 "${TARGET}" + chown root:"${GROUP}" "${TARGET}" + + chmod 0770 "${DEFAULT}" + chown root:"${GROUP}" "${DEFAULT}" + fi +} + +case "${1}" in + configure) + . /usr/share/debconf/confmodule + + db_get open-infrastructure-dehydrated-tools/ca + CA="${RET}" # select + + db_get open-infrastructure-dehydrated-tools/challengetype + CHALLENGETYPE="${RET}" # select + + db_get open-infrastructure-dehydrated-tools/contact-email + CONTACT_EMAIL="${RET}" # string (w/ empty) + + db_get open-infrastructure-dehydrated-tools/hooks + HOOKS="${RET}" # multi-select (w/ empty) + + db_get open-infrastructure-dehydrated-tools/basedir + NEW_BASEDIR="${RET}" # string (w/o empty) + + db_get open-infrastructure-dehydrated-tools/register + REGISTER="${RET}" # boolean + + db_stop + + Config /etc/dehydrated/conf.d/ca.sh CA ${CA} + Config /etc/dehydrated/conf.d/challenge.sh CHALLENGETYPE ${CHALLENGETYPE} + Config /etc/dehydrated/conf.d/contact.sh CONTACT_EMAIL ${CONTACT_EMAIL} + + for HOOK in $(cd /usr/share/dehydrated/hooks && find -maxdepth 1 -not -type d -printf '%P\n' | sort) + do + if [ -L "/etc/dehydrated/hook.d/${HOOK}" ] + then + rm -f "/etc/dehydrated/hook.d/${HOOK}" + fi + done + + if [ -n "${HOOKS}" ] + then + Config /etc/dehydrated/conf.d/hook.sh HOOK /usr/bin/dehydrated-hook.d + + HOOKS="$(echo ${HOOKS} | sed -e 's|,| |g')" + + for HOOK in ${HOOKS} + do + if [ ! -e "/etc/dehydrated/hook.d/${HOOK}" ] + then + ln -sf "/usr/share/dehydrated/hooks/${HOOK}" "/etc/dehydrated/hook.d/${HOOK}" + fi + done + fi + + for FILE in /etc/dehydrated/config /etc/dehydrated/conf.d/*.sh + do + if [ -e "${FILE}" ] + then + . ${FILE} || true + fi + done + + if [ -n "${NEW_BASEDIR}" ] && [ "${BASEDIR}" != "${NEW_BASEDIR}" ] + then + Install "${BASEDIR}" "${NEW_BASEDIR}" + fi + + case "${REGISTER}" in + true) + dehydrated --register --accept-terms + ;; + esac + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + + ;; + + *) + echo "postinst called with unknown argument \`${1}'" >&2 + exit 1 + ;; +esac + +#DEBHELPER# + +exit 0 diff --git a/debian/open-infrastructure-dehydrated-tools.templates b/debian/open-infrastructure-dehydrated-tools.templates new file mode 100644 index 0000000..7f14cb9 --- /dev/null +++ b/debian/open-infrastructure-dehydrated-tools.templates @@ -0,0 +1,51 @@ +Template: open-infrastructure-dehydrated-tools/title +Type: title +Description: dehydrated-tools: Setup + +Template: open-infrastructure-dehydrated-tools/ca +Type: select +Choices: letsencrypt, letsencrypt-test, zerossl, buypass, buypass-test +Default: letsencrypt +Description: dehydrated Certificate Authority (CA): + Please select the Certificate Authority to use with dehydrated. + . + If unsure, use letsencrypt (default). + +Template: open-infrastructure-dehydrated-tools/challengetype +Type: select +Choices: dns-01, http-01 +Default: http-01 +Description: dehydrated Challenge Type: + Please select the challenge type to use with dehydrated. + . + If unsure, use http-01 (default). + +Template: open-infrastructure-dehydrated-tools/contact-email +Type: string +Default: +Description: dehydrated Contact Email: + Please select an optional contact email address for notifications of your CA. + . + If unsure, leave empty (default). + +Template: open-infrastructure-dehydrated-tools/hooks +Type: multiselect +Choices: ${HOOKS_CHOICES} +Default: +Description: dehydrated hooks: + Please select any hooks that should be enabled for dehydrated. + +Template: open-infrastructure-dehydrated-tools/basedir +Type: string +Default: +Description: dehydrated base directory: + Please enter the base directory where all the certificates are stored. + . + If unsure, use /var/lib/dehydrated (default). + +Template: open-infrastructure-dehydrated-tools/register +Type: boolean +Default: false +Description: dehydrated register: + Should a 'dehydrated --register --accept-terms' be executed now to create + an account for this system with your CA. |