Crowdsec package added (with dependency) for alma 9

2023-11-04 11:03:01 +01:00
parent 58bc6ace02
commit 56204520f7
2 changed files with 421 additions and 0 deletions
--- a/alma/SPECS/crowdsec.spec
+++ b/alma/SPECS/crowdsec.spec
@@ -0,0 +1,244 @@
+
+Name:           crowdsec
+Version:        1.5.5
+Release:        1%{?dist}
+Summary:        Crowdsec - An open-source, lightweight agent to detect and respond to bad behaviors. It also automatically benefits from our global community-wide IP reputation database
+
+License:        MIT
+URL:            https://crowdsec.net
+Source0:        https://github.com/crowdsecurity/%{name}/archive/%{name}-release.tgz
+Source1:        80-%{name}.preset
+Patch0:         crowdsec.unit.patch
+Patch1:         user.patch
+BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
+%define         debug_package %{nil}
+%define         _build_id_links none 
+
+BuildRequires:  systemd
+Requires: crontabs
+%{?fc33:BuildRequires: systemd-rpm-macros}
+%{?fc34:BuildRequires: systemd-rpm-macros}
+%{?fc35:BuildRequires: systemd-rpm-macros}
+%{?fc36:BuildRequires: systemd-rpm-macros}
+
+
+%description
+
+%define version_number  %(echo $VERSION)
+%define releasever  %(echo $RELEASEVER)
+%global name crowdsec
+%global __mangle_shebangs_exclude_from /usr/bin/env
+
+%prep
+%setup -q -T -b 0 -n %{name}-v%{version}
+
+%patch -P 0
+%patch -P 1
+
+%build
+sed -i "s#/usr/local/lib/crowdsec/plugins/#%{_libdir}/%{name}/plugins/#g" config/config.yaml
+
+%install
+rm -rf %{buildroot}
+mkdir -p %{buildroot}/etc/crowdsec/hub
+mkdir -p %{buildroot}/etc/crowdsec/patterns
+mkdir -p %{buildroot}/etc/crowdsec/console/
+mkdir -p %{buildroot}%{_sharedstatedir}/%{name}/data
+mkdir -p %{buildroot}%{_presetdir}
+
+mkdir -p %{buildroot}%{_sharedstatedir}/%{name}/plugins
+mkdir -p %{buildroot}%{_sysconfdir}/crowdsec/notifications/
+mkdir -p %{buildroot}%{_libdir}/%{name}/plugins/
+
+
+install -m 755 -D cmd/crowdsec/crowdsec %{buildroot}%{_bindir}/%{name}
+install -m 755 -D cmd/crowdsec-cli/cscli %{buildroot}%{_bindir}/cscli
+install -m 755 -D wizard.sh %{buildroot}/usr/share/crowdsec/wizard.sh
+install -m 644 -D config/crowdsec.service %{buildroot}%{_unitdir}/%{name}.service
+install -m 644 -D config/patterns/* -t %{buildroot}%{_sysconfdir}/crowdsec/patterns
+install -m 600 -D config/config.yaml %{buildroot}%{_sysconfdir}/crowdsec
+install -m 644 -D config/simulation.yaml %{buildroot}%{_sysconfdir}/crowdsec
+install -m 644 -D config/profiles.yaml %{buildroot}%{_sysconfdir}/crowdsec
+install -m 644 -D config/console.yaml %{buildroot}%{_sysconfdir}/crowdsec
+install -m 644 -D config/context.yaml %{buildroot}%{_sysconfdir}/crowdsec/console/
+install -m 750 -D config/%{name}.cron.daily %{buildroot}%{_sysconfdir}/cron.daily/%{name}
+install -m 644 -D %{SOURCE1} %{buildroot}%{_presetdir}
+
+install -m 551 cmd/notification-slack/notification-slack %{buildroot}%{_libdir}/%{name}/plugins/
+install -m 551 cmd/notification-http/notification-http %{buildroot}%{_libdir}/%{name}/plugins/
+install -m 551 cmd/notification-splunk/notification-splunk %{buildroot}%{_libdir}/%{name}/plugins/
+install -m 551 cmd/notification-email/notification-email %{buildroot}%{_libdir}/%{name}/plugins/
+install -m 551 cmd/notification-sentinel/notification-sentinel %{buildroot}%{_libdir}/%{name}/plugins/
+
+install -m 600 cmd/notification-slack/slack.yaml %{buildroot}%{_sysconfdir}/crowdsec/notifications/
+install -m 600 cmd/notification-http/http.yaml %{buildroot}%{_sysconfdir}/crowdsec/notifications/
+install -m 600 cmd/notification-splunk/splunk.yaml %{buildroot}%{_sysconfdir}/crowdsec/notifications/
+install -m 600 cmd/notification-email/email.yaml %{buildroot}%{_sysconfdir}/crowdsec/notifications/
+install -m 600 cmd/notification-sentinel/sentinel.yaml %{buildroot}%{_sysconfdir}/crowdsec/notifications/
+
+
+%clean
+rm -rf %{buildroot}
+
+%files
+%defattr(-,root,root,-)
+%{_bindir}/%{name}
+%{_bindir}/cscli
+%{_datadir}/%{name}/wizard.sh
+%{_libdir}/%{name}/plugins/notification-slack
+%{_libdir}/%{name}/plugins/notification-http
+%{_libdir}/%{name}/plugins/notification-splunk
+%{_libdir}/%{name}/plugins/notification-email
+%{_libdir}/%{name}/plugins/notification-sentinel
+%{_sysconfdir}/%{name}/patterns/linux-syslog
+%{_sysconfdir}/%{name}/patterns/ruby
+%{_sysconfdir}/%{name}/patterns/nginx
+%{_sysconfdir}/%{name}/patterns/junos
+%{_sysconfdir}/%{name}/patterns/cowrie_honeypot
+%{_sysconfdir}/%{name}/patterns/redis
+%{_sysconfdir}/%{name}/patterns/firewalls
+%{_sysconfdir}/%{name}/patterns/paths
+%{_sysconfdir}/%{name}/patterns/java
+%{_sysconfdir}/%{name}/patterns/postgresql
+%{_sysconfdir}/%{name}/patterns/bacula
+%{_sysconfdir}/%{name}/patterns/mcollective
+%{_sysconfdir}/%{name}/patterns/rails
+%{_sysconfdir}/%{name}/patterns/haproxy
+%{_sysconfdir}/%{name}/patterns/nagios
+%{_sysconfdir}/%{name}/patterns/mysql
+%{_sysconfdir}/%{name}/patterns/ssh
+%{_sysconfdir}/%{name}/patterns/tcpdump
+%{_sysconfdir}/%{name}/patterns/exim
+%{_sysconfdir}/%{name}/patterns/bro
+%{_sysconfdir}/%{name}/patterns/modsecurity
+%{_sysconfdir}/%{name}/patterns/aws
+%{_sysconfdir}/%{name}/patterns/smb
+%{_sysconfdir}/%{name}/patterns/mongodb
+%config(noreplace) %{_sysconfdir}/%{name}/config.yaml
+%config(noreplace) %{_sysconfdir}/%{name}/simulation.yaml
+%config(noreplace) %{_sysconfdir}/%{name}/profiles.yaml
+%config(noreplace) %{_sysconfdir}/%{name}/console.yaml
+%config(noreplace) %{_sysconfdir}/%{name}/console/context.yaml
+%config(noreplace) %{_presetdir}/80-%{name}.preset
+%config(noreplace) %{_sysconfdir}/%{name}/notifications/http.yaml
+%config(noreplace) %{_sysconfdir}/%{name}/notifications/slack.yaml
+%config(noreplace) %{_sysconfdir}/%{name}/notifications/splunk.yaml
+%config(noreplace) %{_sysconfdir}/%{name}/notifications/email.yaml
+%config(noreplace) %{_sysconfdir}/%{name}/notifications/sentinel.yaml
+%config(noreplace) %{_sysconfdir}/cron.daily/%{name}
+
+%{_unitdir}/%{name}.service
+
+%ghost %{_sysconfdir}/%{name}/hub/.index.json
+%ghost %{_localstatedir}/log/%{name}.log
+%dir /var/lib/%{name}/data/
+%dir %{_sysconfdir}/%{name}/hub
+
+%ghost %{_sysconfdir}/crowdsec/local_api_credentials.yaml
+%ghost %{_sysconfdir}/crowdsec/online_api_credentials.yaml
+%ghost %{_sysconfdir}/crowdsec/acquis.yaml
+
+%pre
+
+#systemctl stop crowdsec || true
+
+if [ $1 == 2 ];then  
+    if [[ ! -d /var/lib/crowdsec/backup ]]; then
+        cscli config backup /var/lib/crowdsec/backup
+    fi
+fi
+
+
+%post -p /bin/bash
+
+#install
+if [ $1 == 1 ]; then
+
+    if [ ! -f "/var/lib/crowdsec/data/crowdsec.db" ] ; then
+        touch /var/lib/crowdsec/data/crowdsec.db
+    fi
+
+    echo $SHELL
+    . /usr/share/crowdsec/wizard.sh -n
+
+    echo Creating acquisition configuration
+    if [ ! -f "/etc/crowsec/acquis.yaml" ] ; then
+        set +e
+        SILENT=true detect_services
+        SILENT=true TMP_ACQUIS_FILE_SKIP=skip genacquisition
+        set +e
+    fi
+    if [ ! -f "%{_sysconfdir}/crowdsec/online_api_credentials.yaml" ] && [ ! -f "%{_sysconfdir}/crowdsec/local_api_credentials.yaml" ] ; then
+        install -m 600 /dev/null %{_sysconfdir}/crowdsec/online_api_credentials.yaml
+        install -m 600 /dev/null %{_sysconfdir}/crowdsec/local_api_credentials.yaml
+        cscli capi register
+        cscli machines add -a
+    fi
+    if [ ! -f "%{_sysconfdir}/crowdsec/online_api_credentials.yaml" ] ; then
+        touch %{_sysconfdir}/crowdsec/online_api_credentials.yaml
+        cscli capi register
+    fi
+    if [ ! -f "%{_sysconfdir}/crowdsec/local_api_credentials.yaml" ] ; then
+        touch %{_sysconfdir}/crowdsec/local_api_credentials.yaml
+        cscli machines add -a
+    fi
+
+    cscli hub update
+    CSCLI_BIN_INSTALLED="/usr/bin/cscli" SILENT=true install_collection
+
+#upgrade
+elif [ $1 == 2 ] && [ -d /var/lib/crowdsec/backup ]; then
+    cscli config restore /var/lib/crowdsec/backup
+    if [ $? == 0 ]; then
+       rm -rf /var/lib/crowdsec/backup
+    fi
+
+    if [[ -f %{_sysconfdir}/crowdsec/online_api_credentials.yaml ]] ; then
+        chmod 600 %{_sysconfdir}/crowdsec/online_api_credentials.yaml
+    fi
+    
+    if [[ -f %{_sysconfdir}/crowdsec/local_api_credentials.yaml ]] ; then
+        chmod 600 %{_sysconfdir}/crowdsec/local_api_credentials.yaml
+    fi
+fi
+
+%systemd_post %{name}.service
+
+if [ $1 == 1 ]; then
+    API=$(cscli config show --key "Config.API.Server")
+    if [ "$API" = "<nil>" ] ; then
+        LAPI=false
+    else
+        PORT=$(cscli config show --key "Config.API.Server.ListenURI"|cut -d ":" -f2)
+    fi
+    if [ "$LAPI" = false ] || [ -z "$(ss -nlt "sport = ${PORT}" | grep -v ^State)" ]  ; then
+        %if 0%{?fc35} || 0%{?fc36}
+        systemctl enable crowdsec 
+        %endif
+        systemctl start crowdsec || echo "crowdsec is not started"
+    else
+        echo "Not attempting to start crowdsec, port ${PORT} is already used or lapi was disabled"
+        echo "This port is configured through /etc/crowdsec/config.yaml and /etc/crowdsec/local_api_credentials.yaml"
+    fi
+fi
+
+%preun
+
+#systemctl stop crowdsec || echo "crowdsec was not started"
+
+%systemd_preun %{name}.service
+
+%postun
+
+%systemd_postun_with_restart %{name}.service
+
+if [ $1 == 0 ]; then
+    rm -rf /etc/crowdsec/hub
+fi
+
+#systemctl stop crowdsec || echo "crowdsec was not started"
+
+%changelog
+* Sat Nov 4 2023 Daniel Steiner <daniel.steiner@dsteiner.ch>
+- First initial packaging
--- a/alma/SPECS/perl-Sort-Versions.spec
+++ b/alma/SPECS/perl-Sort-Versions.spec
@@ -0,0 +1,177 @@
+Name:           perl-Sort-Versions
+Version:        1.62
+Release:        13%{?dist}
+Summary:        Perl module for sorting of revision-like numbers
+License:        GPL+ or Artistic
+URL:            https://metacpan.org/release/Sort-Versions
+Source0:        https://cpan.metacpan.org/modules/by-module/Sort/Sort-Versions-%{version}.tar.gz
+
+BuildArch:      noarch
+BuildRequires:  perl-generators
+BuildRequires:  perl(ExtUtils::MakeMaker)
+BuildRequires:  perl(strict)
+BuildRequires:  perl(warnings)
+BuildRequires:  perl-Test-Simple
+Requires:       perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
+
+%description
+A perl 5 module for sorting of revision-like numbers
+
+Sort::Versions allows easy sorting of mixed non-numeric and numeric strings,
+like the 'version numbers' that many shared library systems and revision
+control packages use. This is quite useful if you are trying to deal with
+shared libraries. It can also be applied to applications that intersperse
+variable-width numeric fields within text. Other applications can
+undoubtedly be found.
+
+%prep
+%setup -q -n Sort-Versions-%{version}
+
+%build
+%{__perl} Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1
+make %{?_smp_mflags}
+
+%install
+make pure_install PERL_INSTALL_ROOT=$RPM_BUILD_ROOT
+%{_fixperms} $RPM_BUILD_ROOT/*
+
+%check
+make test
+
+%files
+%doc Changes
+%license LICENSE
+%{perl_vendorlib}/Sort
+%{_mandir}/man3/*
+
+%changelog
+* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.62-13
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Thu May 30 2019 Jitka Plesnikova <jplesnik@redhat.com> - 1.62-12
+- Perl 5.30 rebuild
+
+* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.62-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.62-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Wed Jun 27 2018 Jitka Plesnikova <jplesnik@redhat.com> - 1.62-9
+- Perl 5.28 rebuild
+
+* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.62-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.62-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Sun Jun 04 2017 Jitka Plesnikova <jplesnik@redhat.com> - 1.62-6
+- Perl 5.26 rebuild
+
+* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.62-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Sun May 15 2016 Jitka Plesnikova <jplesnik@redhat.com> - 1.62-4
+- Perl 5.24 rebuild
+
+* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.62-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Sat Jan 30 2016 Ralf Corsépius <corsepiu@fedoraproject.org> - 1.62-2
+- Modernize spec.
+
+* Thu Dec 17 2015 Ralf Corsépius <corsepiu@fedoraproject.org> - 1.62-1
+- Update to 1.62.
+- Remove iconv.
+
+* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.61-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Wed Jun 03 2015 Jitka Plesnikova <jplesnik@redhat.com> - 1.61-2
+- Perl 5.22 rebuild
+
+* Sun May 03 2015 Ralf Corsépius <corsepiu@fedoraproject.org> - 1.61-1
+- Upstream update.
+- Add %%license.
+
+* Tue Aug 26 2014 Jitka Plesnikova <jplesnik@redhat.com> - 1.60-2
+- Perl 5.20 rebuild
+
+* Tue Jun 24 2014 Ralf Corsépius <corsepiu@fedoraproject.org> - 1.60-1
+- Upstream update.
+- Modernize spec.
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5-24
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5-23
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Wed Jul 17 2013 Petr Pisar <ppisar@redhat.com> - 1.5-22
+- Perl 5.18 rebuild
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5-21
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5-20
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Fri Jun 08 2012 Petr Pisar <ppisar@redhat.com> - 1.5-19
+- Perl 5.16 rebuild
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5-18
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Fri Jun 17 2011 Marcela Mašláňová <mmaslano@redhat.com> - 1.5-17
+- Perl mass rebuild
+
+* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5-16
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Wed Dec 22 2010 Marcela Maslanova <mmaslano@redhat.com> - 1.5-15
+- 661697 rebuild for fixing problems with vendorach/lib
+
+* Thu May 06 2010 Marcela Maslanova <mmaslano@redhat.com> - 1.5-14
+- Mass rebuild with perl-5.12.0
+
+* Mon Dec  7 2009 Stepan Kasal <skasal@redhat.com> - 1.5-13
+- rebuild against perl 5.10.1
+
+* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Thu Mar 19 2009 Stepan Kasal <skasal@redhat.com> - 1.5-11
+- fix timestamps of the recoded text files
+
+* Mon Mar 16 2009 Stepan Kasal <skasal@redhat.com> - 1.5-10
+- Recode as UTF-8, fix argument order find with -depth (both by Paul Howarth)
+- Other minor cleanups
+
+* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Fri Feb  8 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 1.5-8
+- rebuild for new perl
+
+* Fri Aug 17 2007 Ralf Corsépius <rc040203@freenet.de> - 1.5-7
+- Add BR: perl(Test::More).
+
+* Fri Aug 17 2007 Ralf Corsépius <rc040203@freenet.de> - 1.5-6
+- Update license tag.
+- Reflect perl split.
+
+* Tue Sep 05 2006 Ralf Corsépius <rc040203@freenet.de> - 1.5-5
+- Mass rebuild.
+
+* Tue Feb 28 2006 Ralf Corsépius <rc040203@freenet.de> - 1.5-4
+- Rebuild for perl-5.8.8.
+
+* Wed Aug 17 2005 Ralf Corsepius <ralf@links2linux.de> - 1.5-3
+- Spec cleanup.
+
+* Wed Aug 10 2005 Ralf Corsepius <ralf@links2linux.de> - 1.5-2
+- FE re-submission.
+
+* Fri Jul 01 2005 Ralf Corsepius <ralf@links2linux.de> - 1.5-1
+- FE submission.