git: 50118f50cae2 - main - security/crowdsec: Update to 1.4.3
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 22 Dec 2022 08:04:19 UTC
The branch main has been updated by eduardo:
URL: https://cgit.FreeBSD.org/ports/commit/?id=50118f50cae2c4f607603c661fc1eb24431cb9c6
commit 50118f50cae2c4f607603c661fc1eb24431cb9c6
Author: Marco <marco@crowdsec.net>
AuthorDate: 2022-12-22 08:01:22 +0000
Commit: Nuno Teixeira <eduardo@FreeBSD.org>
CommitDate: 2022-12-22 08:03:50 +0000
security/crowdsec: Update to 1.4.3
ChangeLog: https://github.com/crowdsecurity/crowdsec/releases/tag/v1.4.2
PR: 267808
---
security/crowdsec/Makefile | 38 +++++++++++++++++++++-----------
security/crowdsec/distinfo | 6 ++---
security/crowdsec/files/crowdsec.cron.in | 2 ++
security/crowdsec/files/patch-Makefile | 12 ----------
security/crowdsec/files/pkg-deinstall.in | 4 ++--
security/crowdsec/files/pkg-message.in | 2 +-
security/crowdsec/files/upgrade-hub.in | 17 ++++++++++++++
security/crowdsec/pkg-plist | 12 +++++-----
8 files changed, 57 insertions(+), 36 deletions(-)
diff --git a/security/crowdsec/Makefile b/security/crowdsec/Makefile
index c1d883899860..07a402553fda 100644
--- a/security/crowdsec/Makefile
+++ b/security/crowdsec/Makefile
@@ -1,7 +1,6 @@
PORTNAME= crowdsec
DISTVERSIONPREFIX= v
-DISTVERSION= 1.4.1
-PORTREVISION= 3
+DISTVERSION= 1.4.3
CATEGORIES= security
MAINTAINER= marco@crowdsec.net
@@ -13,22 +12,24 @@ LICENSE_FILE= ${WRKSRC}/LICENSE
BUILD_DEPENDS= git:devel/git@lite
-USES= gmake go:no_targets
+USES= gmake go:1.19,no_targets
USE_GITHUB= yes
GH_ACCOUNT= crowdsecurity
GH_PROJECT= crowdsec
GH_TAGNAME= ${DISTVERSIONFULL}-freebsd
-_BUILD_TAG= 527995f
+_BUILD_TAG= 8a738f5b
USE_RC_SUBR= crowdsec
-MAKE_ENV= BUILD_VERSION="${DISTVERSIONFULL}" \
+MAKE_ARGS= BUILD_VERSION="${DISTVERSIONFULL}" \
BUILD_TAG="${_BUILD_TAG}" \
+ BUILD_VENDOR_FLAGS="-mod=vendor -modcacherw" \
DEFAULT_CONFIGDIR="${PREFIX}/etc/crowdsec" \
DEFAULT_DATADIR="/var/db/crowdsec/data"
+
ALL_TARGET= build
-SUB_FILES= pkg-deinstall pkg-install pkg-message
+SUB_FILES= pkg-deinstall pkg-install pkg-message crowdsec.cron upgrade-hub
OPTIONS_DEFINE= FIREWALL_BOUNCER
OPTIONS_DEFAULT=
@@ -42,12 +43,10 @@ STAGE_BIN= ${STAGEDIR}${PREFIX}/bin
post-patch:
@${REINPLACE_CMD} 's,/etc/crowdsec/,${ETCDIR}/,g' \
- ${WRKSRC}/config/config.yaml \
- ${WRKSRC}/config/profiles.yaml
+ ${WRKSRC}/config/config.yaml
@${REINPLACE_CMD} 's,/var/lib/,/var/db/,g' \
- ${WRKSRC}/config/config.yaml \
- ${WRKSRC}/config/profiles.yaml
+ ${WRKSRC}/config/config.yaml
do-install:
#
@@ -124,19 +123,32 @@ do-install:
@${MKDIR} ${STAGEDIR}${ETCDIR}/hub
@${MKDIR} ${STAGEDIR}/var/db/crowdsec/data
+ #
+ # Cron
+ #
+
+ @${MKDIR} ${STAGEDIR}${PREFIX}/libexec/crowdsec
+ ${INSTALL_DATA} ${WRKDIR}/upgrade-hub \
+ ${STAGEDIR}${PREFIX}/libexec/crowdsec/upgrade-hub
+
#
# Cleanup
#
+ @${RM} ${STAGEDIR}${ETCDIR}/acquis_win.yaml
+ @${RM} ${STAGEDIR}${ETCDIR}/config_win_no_lapi.yaml
+ @${RM} ${STAGEDIR}${ETCDIR}/config_win.yaml
+ @${RM} ${STAGEDIR}${ETCDIR}/crowdsec.cron.daily
@${RM} ${STAGEDIR}${ETCDIR}/crowdsec.service
@${RM} ${STAGEDIR}${ETCDIR}/dev.yaml
@${RM} ${STAGEDIR}${ETCDIR}/user.yaml
- @${RM} ${STAGEDIR}${ETCDIR}/acquis_win.yaml
- @${RM} ${STAGEDIR}${ETCDIR}/config_win.yaml
- @${RM} ${STAGEDIR}${ETCDIR}/config_win_no_lapi.yaml
@${RMDIR} ${STAGEDIR}${ETCDIR}/notifications/email
@${RMDIR} ${STAGEDIR}${ETCDIR}/notifications/http
@${RMDIR} ${STAGEDIR}${ETCDIR}/notifications/slack
@${RMDIR} ${STAGEDIR}${ETCDIR}/notifications/splunk
+post-install:
+ @${MKDIR} ${STAGEDIR}${PREFIX}/etc/cron.d
+ ${INSTALL_DATA} ${WRKDIR}/crowdsec.cron ${STAGEDIR}${PREFIX}/etc/cron.d/crowdsec
+
.include <bsd.port.mk>
diff --git a/security/crowdsec/distinfo b/security/crowdsec/distinfo
index f003aa1d1b01..2700819fc7cc 100644
--- a/security/crowdsec/distinfo
+++ b/security/crowdsec/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1658844897
-SHA256 (crowdsecurity-crowdsec-v1.4.1-v1.4.1-freebsd_GH0.tar.gz) = a05e75838f4c4e87906ab6df846cc73b4701f6460834e35e5b64b7774e16bb63
-SIZE (crowdsecurity-crowdsec-v1.4.1-v1.4.1-freebsd_GH0.tar.gz) = 20805956
+TIMESTAMP = 1669821186
+SHA256 (crowdsecurity-crowdsec-v1.4.3-v1.4.3-freebsd_GH0.tar.gz) = b7341939db304a21c0920bc9b8e89d589dfff5da83ea4c54b3d1fc46b9eea2c3
+SIZE (crowdsecurity-crowdsec-v1.4.3-v1.4.3-freebsd_GH0.tar.gz) = 21310998
diff --git a/security/crowdsec/files/crowdsec.cron.in b/security/crowdsec/files/crowdsec.cron.in
new file mode 100644
index 000000000000..30df05dc2199
--- /dev/null
+++ b/security/crowdsec/files/crowdsec.cron.in
@@ -0,0 +1,2 @@
+#minute hour mday month wday who command
+0 3 * * * root %%PREFIX%%/libexec/crowdsec/upgrade-hub
diff --git a/security/crowdsec/files/patch-Makefile b/security/crowdsec/files/patch-Makefile
deleted file mode 100644
index 68ea23023ecf..000000000000
--- a/security/crowdsec/files/patch-Makefile
+++ /dev/null
@@ -1,12 +0,0 @@
---- Makefile.orig 2022-02-10 09:11:04 UTC
-+++ Makefile
-@@ -58,8 +58,8 @@ LD_OPTS_VARS= \
- -X github.com/crowdsecurity/crowdsec/pkg/csconfig.defaultConfigDir=$(DEFAULT_CONFIGDIR) \
- -X github.com/crowdsecurity/crowdsec/pkg/csconfig.defaultDataDir=$(DEFAULT_DATADIR)
-
--export LD_OPTS=-ldflags "-s -w $(LD_OPTS_VARS)"
--export LD_OPTS_STATIC=-ldflags "-s -w $(LD_OPTS_VARS) -extldflags '-static'"
-+export LD_OPTS=-mod vendor -modcacherw -ldflags "-s -w $(LD_OPTS_VARS)"
-+export LD_OPTS_STATIC=-mod vendor -modcacherw -ldflags "-s -w $(LD_OPTS_VARS) -extldflags '-static'"
-
- RELDIR = crowdsec-$(BUILD_VERSION)
diff --git a/security/crowdsec/files/pkg-deinstall.in b/security/crowdsec/files/pkg-deinstall.in
index 4fdfd0b04d72..4cee7a613b84 100644
--- a/security/crowdsec/files/pkg-deinstall.in
+++ b/security/crowdsec/files/pkg-deinstall.in
@@ -2,8 +2,8 @@
case $2 in
"DEINSTALL")
- service crowdsec status && touch /var/run/crowdsec.running
- service crowdsec stop || :
+ service crowdsec status 2>/dev/null && touch /var/run/crowdsec.running
+ service crowdsec stop 2>/dev/null || :
;;
esac
diff --git a/security/crowdsec/files/pkg-message.in b/security/crowdsec/files/pkg-message.in
index 0f59a21a5980..2fa6c08f4b30 100644
--- a/security/crowdsec/files/pkg-message.in
+++ b/security/crowdsec/files/pkg-message.in
@@ -7,7 +7,7 @@ crowdsec is installed.
You need to check/edit the following files in %%ETCDIR%% as described in https://doc.crowdsec.net/docs/configuration/crowdsec_configuration
- config.yaml: main configuration
- - acquis.yaml: where to find logs to parse (this port does not include automatic discovery of the running services)
+ - acquis.yaml, acquis.d: datasource configuration (this port does not include automatic discovery of the running services)
- profiles.yaml: remediation policies (ban, duration, etc)
Then you can enable the daemon via sysrc and run it.
diff --git a/security/crowdsec/files/upgrade-hub.in b/security/crowdsec/files/upgrade-hub.in
new file mode 100644
index 000000000000..450dc8af96cc
--- /dev/null
+++ b/security/crowdsec/files/upgrade-hub.in
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+test -x /usr/local/bin/cscli || exit 0
+
+# favor the opnsense plugin's cron if it's there
+test -e /usr/local/etc/cron.d/oscrowdsec.cron && exit 0
+
+/usr/local/bin/cscli --error hub update
+
+upgraded=$(/usr/local/bin/cscli --error hub upgrade)
+if [ -n "$upgraded" ]; then
+ # splay initial metrics push
+ sleep $(jot -r 1 1 60)
+ service crowdsec reload
+fi
+
+exit 0
diff --git a/security/crowdsec/pkg-plist b/security/crowdsec/pkg-plist
index 730535931c6d..3e3566388844 100644
--- a/security/crowdsec/pkg-plist
+++ b/security/crowdsec/pkg-plist
@@ -2,19 +2,20 @@
bin/crowdsec
bin/cscli
bin/crowdsec-cli
+libexec/crowdsec/upgrade-hub
@mode 0600
+@sample %%ETCDIR%%/config.yaml.sample
@sample %%ETCDIR%%/local_api_credentials.yaml.sample
@sample %%ETCDIR%%/online_api_credentials.yaml.sample
+@sample %%ETCDIR%%/notifications/email.yaml.sample
+@sample %%ETCDIR%%/notifications/http.yaml.sample
+@sample %%ETCDIR%%/notifications/slack.yaml.sample
+@sample %%ETCDIR%%/notifications/splunk.yaml.sample
@mode 0644
@sample %%ETCDIR%%/acquis.yaml.sample
-@sample %%ETCDIR%%/config.yaml.sample
@sample %%ETCDIR%%/console.yaml.sample
@sample %%ETCDIR%%/profiles.yaml.sample
@sample %%ETCDIR%%/simulation.yaml.sample
-@sample %%ETCDIR%%/notifications/email.yaml.sample
-@sample %%ETCDIR%%/notifications/http.yaml.sample
-@sample %%ETCDIR%%/notifications/slack.yaml.sample
-@sample %%ETCDIR%%/notifications/splunk.yaml.sample
%%ETCDIR%%/patterns/aws
%%ETCDIR%%/patterns/bacula
%%ETCDIR%%/patterns/bro
@@ -39,6 +40,7 @@ bin/crowdsec-cli
%%ETCDIR%%/patterns/smb
%%ETCDIR%%/patterns/ssh
%%ETCDIR%%/patterns/tcpdump
+etc/cron.d/crowdsec
@mode 0755
lib/crowdsec/plugins/notification-email
lib/crowdsec/plugins/notification-http