Dustin C. Hatch
47ba62f208
The *ssh-host-cert-sign@.service* unit does what it says on the tin: requests a signed host certificate from an SSHCA server. It is a template unit, whose instances correspond to SSH key types (RSA, ECDSA, and Ed25519). The *ssh-host-certs.target* unit depends on the three instances of the template unit, so they can all be activated together. This target is only activated on the first boot of the system, to initially request the certificates. The *ssh-host-certs-renew.timer* unit periodically renews the SSH hosts certificates. Its corresponding target unit depends on the three instances of *ssh-host-cert-sign@.service*, so each certificate will be renewed independently.
94 lines
2.1 KiB
RPMSpec
94 lines
2.1 KiB
RPMSpec
# Generated by rust2rpm 25
|
|
%bcond_without check
|
|
|
|
# prevent library files from being installed
|
|
%global __cargo_is_lib() 0
|
|
|
|
%global crate sshca-cli
|
|
|
|
Name: sshca-cli
|
|
Version: 0.1.0
|
|
Release: 1%{?dist}
|
|
Summary: CLI client for SSHCA
|
|
|
|
SourceLicense: MIT OR Apache-2.0
|
|
License: MIT OR Apache-2.0
|
|
# LICENSE.dependencies contains a full license breakdown
|
|
|
|
URL: https://git.pyrocufflink.net/dustin/sshca
|
|
Source: sshca-cli-%{version}.tar.xz
|
|
Source: sshca-cli-%{version}-vendor.tar.xz
|
|
Source: ssh-host-cert-sign@.service
|
|
Source: ssh-host-certs.target
|
|
Source: ssh-host-certs-renew.target
|
|
Source: ssh-host-certs-renew.timer
|
|
|
|
ExclusiveArch: %{rust_arches}
|
|
|
|
BuildRequires: cargo-rpm-macros >= 25
|
|
BuildRequires: openssl-devel
|
|
BuildRequires: systemd-rpm-macros
|
|
|
|
%global _description %{expand:
|
|
CLI client for SSHCA.}
|
|
|
|
%description %{_description}
|
|
|
|
%package systemd
|
|
Summary: systemd units for managing SSH host certificates with SSHCA
|
|
Requires: %{name} = %{version}
|
|
|
|
%description systemd
|
|
A collection of systemd service, timer, and target units that automatically
|
|
request and renew SSH host certificates from an SSHCA server.
|
|
|
|
%prep
|
|
%autosetup -n %{crate}-%{version} -p1 -a1
|
|
%cargo_prep -v vendor
|
|
|
|
|
|
%build
|
|
%cargo_build
|
|
%{cargo_license_summary}
|
|
%{cargo_license} > LICENSE.dependencies
|
|
%{cargo_vendor_manifest}
|
|
|
|
%install
|
|
%cargo_install
|
|
|
|
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
|
|
install -m u=rw,go=r \
|
|
%{SOURCE2} \
|
|
%{SOURCE3} \
|
|
%{SOURCE4} \
|
|
%{SOURCE5} \
|
|
$RPM_BUILD_ROOT%{_unitdir}
|
|
|
|
%if %{with check}
|
|
%check
|
|
%cargo_test
|
|
%endif
|
|
|
|
%post systemd
|
|
%systemd_post ssh-host-certs.target ssh-host-certs-renew.timer
|
|
|
|
%preun systemd
|
|
%systemd_preun ssh-host-certs.target ssh-host-certs-renew.timer
|
|
|
|
%postun systemd
|
|
%systemd_postun ssh-host-certs.target ssh-host-certs-renew.timer
|
|
|
|
%files
|
|
%license LICENSE-Apache-2.0.txt
|
|
%license LICENSE-MIT.txt
|
|
%license LICENSE.dependencies
|
|
%license cargo-vendor.txt
|
|
%{_bindir}/sshca-cli
|
|
|
|
%files systemd
|
|
%{_unitdir}/*
|
|
|
|
%changelog
|
|
* Sun Nov 05 2023 Dustin C. Hatch <dustin@hatch.name> - 0.1.0-1
|
|
- Initial package
|