nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-29 10:23:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

certbot: 0.31.0 -> 0.39.0

Browse Source 
Updating:

- nixos module to use the new `account_reg.json` file.
- use nixpkgs pebble for integration tests.

Co-authored-by: Florian Klink <flokli@flokli.de>

Replace certbot-embedded pebble
This commit is contained in:
Félix Baylac-Jacqué 2019-10-18 19:11:49 +02:00
parent 6ac0e34161
commit 38e84151e0
3 changed files with 56 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
nixos/modules/security/acme.nix
View File

@ -69,9 +69,9 @@ let
plugins = mkOption { plugins = mkOption {
type = types.listOf (types.enum [ type = types.listOf (types.enum [
"cert.der" "cert.pem" "chain.pem" "external.sh" "cert.der" "cert.pem" "chain.pem" "external.sh"
"fullchain.pem" "full.pem" "key.der" "key.pem" "account_key.json" "fullchain.pem" "full.pem" "key.der" "key.pem" "account_key.json" "account_reg.json"
]); ]);
default = [ "fullchain.pem" "full.pem" "key.pem" "account_key.json" ]; default = [ "fullchain.pem" "full.pem" "key.pem" "account_key.json" "account_reg.json" ];
description = '' description = ''
Plugins to enable. With default settings simp_le will Plugins to enable. With default settings simp_le will
store public certificate bundle in <filename>fullchain.pem</filename>, store public certificate bundle in <filename>fullchain.pem</filename>,

24
pkgs/tools/admin/certbot/0001-pebble_artifacts-hardcode-pebble-location.patch Normal file
View File

@ -0,0 +1,24 @@
From 8ddf2697508eca514a0dde4646ad14ac3ba34b2a Mon Sep 17 00:00:00 2001
From: Florian Klink <flokli@flokli.de>
Date: Fri, 18 Oct 2019 16:06:50 +0200
Subject: [PATCH] pebble_artifacts: hardcode pebble location
---
certbot-ci/certbot_integration_tests/utils/pebble_artifacts.py | 1 +
1 file changed, 1 insertion(+)
diff --git a/certbot-ci/certbot_integration_tests/utils/pebble_artifacts.py b/certbot-ci/certbot_integration_tests/utils/pebble_artifacts.py
index 2b1557928..d2603c51a 100644
--- a/certbot-ci/certbot_integration_tests/utils/pebble_artifacts.py
+++ b/certbot-ci/certbot_integration_tests/utils/pebble_artifacts.py
@@ -22,6 +22,7 @@ def fetch(workspace):
def _fetch_asset(asset, suffix):
+ return "@pebble@"
asset_path = os.path.join(ASSETS_PATH, '{0}_{1}_{2}'.format(asset, PEBBLE_VERSION, suffix))
if not os.path.exists(asset_path):
asset_url = ('https://github.com/letsencrypt/pebble/releases/download/{0}/{1}_{2}'
--
2.23.0

38
pkgs/tools/admin/certbot/default.nix
View File

@ -1,21 +1,27 @@
{ stdenv, python3Packages, fetchFromGitHub, dialog }: { stdenv, python37Packages, fetchFromGitHub, fetchurl, dialog, autoPatchelfHook, nginx, pebble }:
python3Packages.buildPythonApplication rec {
python37Packages.buildPythonApplication rec {
pname = "certbot"; pname = "certbot";
version = "0.31.0"; version = "0.39.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = pname; owner = pname;
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
sha256 = "0rwjxmkpicyc9a5janvj1lfi430nq6ha94nyfgp11ds9fyydbh1s"; sha256 = "1s32xg2ljz7ci78wc8rqkjvgrz7vprb7fkznrlf9a4blm55pp54c";
}; };
propagatedBuildInputs = with python3Packages; [ patches = [
./0001-pebble_artifacts-hardcode-pebble-location.patch
];
propagatedBuildInputs = with python37Packages; [
ConfigArgParse ConfigArgParse
acme acme
configobj configobj
cryptography cryptography
distro
josepy josepy
parsedatetime parsedatetime
psutil psutil
@ -26,11 +32,19 @@ python3Packages.buildPythonApplication rec {
zope_component zope_component
zope_interface zope_interface
]; ];
buildInputs = [ dialog ] ++ (with python3Packages; [ mock gnureadline ]);
patchPhase = '' buildInputs = [ dialog ] ++ (with python37Packages; [ mock gnureadline ]);
checkInputs = with python37Packages; [
pytest_xdist
pytest
dateutil
];
postPatch = ''
substituteInPlace certbot/notify.py --replace "/usr/sbin/sendmail" "/run/wrappers/bin/sendmail" substituteInPlace certbot/notify.py --replace "/usr/sbin/sendmail" "/run/wrappers/bin/sendmail"
substituteInPlace certbot/util.py --replace "sw_vers" "/usr/bin/sw_vers" substituteInPlace certbot/util.py --replace "sw_vers" "/usr/bin/sw_vers"
substituteInPlace certbot-ci/certbot_integration_tests/utils/pebble_artifacts.py --replace "@pebble@" "${pebble}/bin/pebble"
''; '';
postInstall = '' postInstall = ''
@ -40,7 +54,15 @@ python3Packages.buildPythonApplication rec {
done done
''; '';
doCheck = !stdenv.isDarwin; # On Hydra Darwin tests fail with "Too many open files". # tests currently time out, because they're trying to do network access
# Upstream issue: https://github.com/certbot/certbot/issues/7450
doCheck = false;
checkPhase = ''
PATH="$out/bin:${nginx}/bin:$PATH" pytest certbot-ci/certbot_integration_tests
'';
dontUseSetuptoolsCheck = true;
meta = with stdenv.lib; { meta = with stdenv.lib; {
homepage = src.meta.homepage; homepage = src.meta.homepage;