mirror of
https://github.com/certbot/certbot.git
synced 2026-06-03 13:59:02 -04:00
132 lines
4.8 KiB
YAML
132 lines
4.8 KiB
YAML
name: certbot
|
|
summary: Automatically configure HTTPS using Let's Encrypt
|
|
description: |
|
|
The objective of Certbot, Let's Encrypt, and the ACME (Automated
|
|
Certificate Management Environment) protocol is to make it possible
|
|
to set up an HTTPS server and have it automatically obtain a
|
|
browser-trusted certificate, without any human intervention. This is
|
|
accomplished by running a certificate management agent on the web
|
|
server.
|
|
|
|
This agent is used to:
|
|
- Automatically prove to the Let's Encrypt CA that you control the website
|
|
- Obtain a browser-trusted certificate and set it up on your web server
|
|
- Keep track of when your certificate is going to expire, and renew it
|
|
- Help you revoke the certificate if that ever becomes necessary.
|
|
confinement: classic
|
|
base: core24
|
|
grade: stable
|
|
adopt-info: certbot
|
|
|
|
environment:
|
|
PYTHONPATH: "$SNAP/lib/python3.12/site-packages:${PYTHONPATH}"
|
|
|
|
apps:
|
|
certbot:
|
|
command: bin/python3-dbg -s $SNAP/bin/certbot
|
|
environment:
|
|
PATH: "$SNAP/bin:$SNAP/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games"
|
|
AUGEAS_LENS_LIB: "$SNAP/usr/share/augeas/lenses/dist"
|
|
CERTBOT_SNAPPED: "True"
|
|
renew:
|
|
command: bin/python3 -s $SNAP/bin/certbot -q renew
|
|
daemon: oneshot
|
|
environment:
|
|
PATH: "$SNAP/bin:$SNAP/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games"
|
|
AUGEAS_LENS_LIB: $SNAP/usr/share/augeas/lenses/dist
|
|
CERTBOT_SNAPPED: "True"
|
|
# Run approximately twice a day with randomization
|
|
timer: 00:00~24:00/2
|
|
|
|
|
|
parts:
|
|
certbot:
|
|
plugin: python
|
|
source: .
|
|
python-packages:
|
|
- git+https://github.com/certbot/python-augeas.git@certbot-patched
|
|
- ./acme
|
|
- ./certbot
|
|
- ./certbot-apache
|
|
- ./certbot-nginx
|
|
stage:
|
|
- -usr/lib/python3.12/sitecustomize.py # maybe unnecessary
|
|
- -pyvenv.cfg
|
|
# Old versions of this file used to unstage
|
|
# lib/python3.8/site-packages/augeas.py to avoid conflicts between
|
|
# python-augeas 0.5.0 which was pinned in snap-constraints.txt and
|
|
# our python-augeas fork which creates an auto-generated cffi file at
|
|
# the same path. Since we've combined things in one part and removed the
|
|
# python-augeas pinning, unstaging this file had a different, unintended
|
|
# effect so we now stage the file to keep the auto-generated cffi file.
|
|
stage-packages:
|
|
- libaugeas0
|
|
- libpython3.12-dev
|
|
# added to stage python:
|
|
- libpython3-stdlib
|
|
- libpython3.12-stdlib
|
|
- libpython3.12-minimal
|
|
- python3-pip
|
|
- python3-wheel
|
|
- python3-venv
|
|
- python3-minimal
|
|
- python3-pkg-resources
|
|
- python3.12-minimal
|
|
- libpython3-all-dbg
|
|
- python3-dbg
|
|
- python3.12-dbg
|
|
build-packages:
|
|
- gcc
|
|
- git
|
|
- libaugeas-dev
|
|
- build-essential
|
|
- libssl-dev
|
|
- libffi-dev
|
|
- libpython3-all-dbg
|
|
- python3-dbg
|
|
- python3-venv
|
|
- cargo
|
|
- pkg-config
|
|
build-environment:
|
|
# We set this environment variable while building to try and increase the
|
|
# stability of fetching the rust crates needed to build the cryptography
|
|
# library.
|
|
- CARGO_NET_GIT_FETCH_WITH_CLI: "true"
|
|
- PARTS_PYTHON_VENV_ARGS: --upgrade
|
|
# Constraints are passed through the environment variable PIP_CONSTRAINTS instead of using the
|
|
# parts.[part_name].constraints option available in snapcraft.yaml when the Python plugin is
|
|
# used. This is done to let these constraints be applied not only on the certbot package
|
|
# build, but also on any isolated build that pip could trigger when building wheels for
|
|
# dependencies. See https://github.com/certbot/certbot/pull/8443 for more info.
|
|
- PIP_CONSTRAINT: $CRAFT_PART_SRC/snap-constraints.txt
|
|
- PARTS_PYTHON_INTERPRETER: "python3-dbg"
|
|
override-build: |
|
|
python3-dbg -m venv "${CRAFT_PART_INSTALL}"
|
|
"${CRAFT_PART_INSTALL}/bin/python3-dbg" "${CRAFT_PART_SRC}/tools/pipstrap.py"
|
|
craftctl default
|
|
override-pull: |
|
|
craftctl default
|
|
grep -v python-augeas "${CRAFT_PART_SRC}/tools/requirements.txt" >> "${CRAFT_PART_SRC}/snap-constraints.txt"
|
|
craftctl set version=$(grep -oP "__version__ = '\K.*(?=')" "${CRAFT_PART_SRC}/certbot/certbot/__init__.py")
|
|
build-attributes:
|
|
- enable-patchelf
|
|
shared-metadata:
|
|
plugin: dump
|
|
source: .
|
|
override-pull: |
|
|
craftctl default
|
|
mkdir -p certbot-metadata
|
|
grep -oP "__version__ = '\K.*(?=')" $CRAFT_PART_SRC/certbot/certbot/__init__.py > certbot-metadata/certbot-version.txt
|
|
stage: [certbot-metadata/certbot-version.txt]
|
|
|
|
plugs:
|
|
plugin:
|
|
interface: content
|
|
content: certbot-1
|
|
target: $SNAP/certbot-plugin
|
|
|
|
slots:
|
|
certbot-metadata:
|
|
interface: content
|
|
content: metadata-1
|
|
read: [$SNAP/certbot-metadata]
|