Overview

File cranix-radius-cert.spec of Package cranix-radius-cert

#
# spec file for package cranix-radius-cert
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#

%define cert_version %( date +%Y%m%d )
Name:           cranix-radius-cert
Version:        %cert_version
Release:        0
Summary:	Let's Encrypt Certificat for Radius Server
# FIXME: Select a correct license from https://github.com/openSUSE/spec-cleaner#spdx-licenses
License:        GPL-3.0+
Vendor:		%{_cranix_vendor}
URL:            https://wiki.cephalix.eu
Source:         server.pem
PreReq:		at findutils freeradius-server
BuildRequires:  at
BuildArch:	noarch

%description
Official certificat for the freeradius-server for the domain "radius.cranix.eu".
This is necessary since the android 13 version.

%prep

%build

%install
mkdir -p %{buildroot}/etc/raddb/certs/
mkdir -p %{buildroot}/usr/share/doc/packages/cranix-radius-cert
echo -n "The certificat is valide until " > %{buildroot}/usr/share/doc/packages/cranix-radius-cert/README
openssl x509 -in %{buildroot}/etc/raddb/certs/server.pem -text  | grep 'Not After :' | sed 's/.*Not After : //' >> %{buildroot}/usr/share/doc/packages/cranix-radius-cert/README
echo "Don't forget to update the certificate package about a week before expiration!" >> %{buildroot}/usr/share/doc/packages/cranix-radius-cert/README

cp %{SOURCE0} %{buildroot}/etc/raddb/certs/

%post
echo "Creating job to update the certificate automaticaly 5 days befor certfikate expires."
UNTIL=$( /usr/bin/date -d "$(/usr/bin/openssl x509 -in /etc/raddb/certs/server.pem -text | grep 'Not After :' | sed 's/.*Not After : //')" +%s )
echo "/usr/bin/zypper -n up cranix-radius-cert" | at -t $( date -d @$((UNTIL-432000)) +%Y%m%d0100 )
echo "/usr/bin/zypper -n up cranix-radius-cert" | at -t $( date -d @$((UNTIL-36000)) +%Y%m%d0100 )
/usr/bin/systemctl restart radiusd.service

%files
%dir /usr/share/doc/packages/cranix-radius-cert
/usr/share/doc/packages/cranix-radius-cert/README
%defattr(640,root,radiusd,750)
%dir /etc/raddb/
%dir /etc/raddb/certs/
/etc/raddb/certs/server.pem

%changelog
openSUSE Build Service is sponsored by
Places