File cfssl.spec of Package cfssl
#
# spec file for package cfssl
#
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
%define configdir /etc/cfssl
%define datadir /var/lib/cfssl
%define services cfssl-serve.service cfssl-ocspserve.service
Name: cfssl
Version: 0
Release: 0
Summary: CloudFlare's PKI/TLS toolkit
License: BSD-3-Clause
Group: Productivity/Networking/Security
Url: https://cfssl.org/
Source: %{name}-%{version}.tar.xz
Source2: cfssl-ocspserve.service
Source3: cfssl-serve.service
Source4: cfssl.sysconfig
Source5: configs.tar.xz
Source6: cfssl-serve
Source7: cfssl-ocspserve
Source9: generatesysconfig.rb
BuildRequires: golang-packaging
BuildRequires: golang(API) >= 1.17
BuildRequires: go.rice
BuildRequires: pkgconfig(systemd)
Requires(pre): %fillup_prereq
%{systemd_ordering}
%go_nostrip
%description
CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool
and an HTTP API server for signing, verifying, and bundling TLS certificates.
%prep
%autosetup -p1 -a 5
%build
pushd cli/serve
rice embed-go
popd
VERSION="%{version}"
REV="${VERSION#*+git[0-9]*.}"
perl -p -i -e "s|dev|$REV|g" ./cli/version/version_dev.go
%goprep github.com/cloudflare/cfssl/
%gobuild -mod=vendor cmd/...
%install
%goinstall
install -m 0750 -d \
%{buildroot}%{datadir} \
%{buildroot}%{configdir} \
%{buildroot}%{configdir}/certs \
%{buildroot}%{configdir}/certs/ca \
%{buildroot}%{configdir}/certs/users \
%{buildroot}%{configdir}/certs/hosts \
%{buildroot}%{configdir}/certs/intermediates \
%{buildroot}%{_sbindir} \
%{buildroot}%{_unitdir} \
%{buildroot}%{_fillupdir}
install -m 0644 %{SOURCE2} %{buildroot}%{_unitdir}/cfssl-ocspserve.service
install -m 0644 %{SOURCE3} %{buildroot}%{_unitdir}/cfssl-serve.service
install -m 0644 %{SOURCE4} %{buildroot}%{_fillupdir}/sysconfig.%{name}
install -m 0755 %{SOURCE6} %{buildroot}%{_sbindir}/cfssl-serve
install -m 0755 %{SOURCE7} %{buildroot}%{_sbindir}/cfssl-ocspserve
cp -av configs/* %{buildroot}%{configdir}/
chmod -R u=rwX,g=rX,o= %{buildroot}%{configdir}/
ln -sf /sbin/service %{buildroot}%{_sbindir}/rccfssl-ocspserve
ln -sf /sbin/service %{buildroot}%{_sbindir}/rccfssl-serve
rm -rv certdb/testdb/
%pre
%{_sbindir}/groupadd -r %{name} &>/dev/null || :
%{_sbindir}/useradd -g %{name} -s /bin/false -r -c "CloudFlare PKI/TLS toolkit" -d %{datadir} %{name} &>/dev/null || :
%service_add_pre %{services}
%post
%fillup_only %{name}
%service_add_post %{services}
%preun
%service_del_preun %{services}
%postun
%service_del_postun %{services}
%files
%config(noreplace) %attr(-,root,%{name}) %{configdir}
%dir %attr(-,%{name},%{name}) %{datadir}
%license LICENSE
%doc README.md configs/README.SUSE
%doc doc/
%doc certdb/
%{_bindir}/%{name}*
%{_bindir}/mkbundle
%{_bindir}/multirootca
%{_fillupdir}/sysconfig.%{name}
%{_unitdir}/cfssl*.service
%{_sbindir}/rccfssl*
%{_sbindir}/cfssl*
