From nobody Thu Dec 22 08:04:19 2022
X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Nd2rz4dXhz1G5Ts;
	Thu, 22 Dec 2022 08:04:19 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Nd2rz4BF7z3qxl;
	Thu, 22 Dec 2022 08:04:19 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1671696259;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=6UhvDFeys3EgnkHLStidGuGnmgQOXekX3+N9E+P9x0Q=;
	b=aFefQHI6FXMOo26iGnjSaWXhhcAx3f0zRjGywT8ZDw1UynxxbhNzetmLZVvA6j2ytBGsot
	k0M4FX/qOyXy1oJcR5/XnFMbXh0VVs3Id6YEbjLzDr7rsdlZrcklmjZJ1COcZu86DMlkCv
	sKwBWZttiKvay6KR6KvpEMVXZdVSydq0cUY7bl08HLpRp2zsYLXjheyhNJRiwUBd2Ctcb1
	2rPKaB0dXrCAXYTSeD1ey0mIC7siF0InkbtYOAF6+U26vozppf0oszJBPkpFpeykt+FvOQ
	I7Gkpe5L33q3rQubLN8K4GB5gzi9ACMDdtI5LPrrG9LcYvSX3gtro7E/JfpFKw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1671696259;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=6UhvDFeys3EgnkHLStidGuGnmgQOXekX3+N9E+P9x0Q=;
	b=sRY8nFUbTifJr0pFk8Qa5zTVocBOBSwjtO/YsPzUoTr9e2rgKsuqQlVHUmVo8FpzuvTpkQ
	rDWfM+9xGJCJxYYF0+4b7yPyNmyVYxnzUgbuWNtZNedKKfmSSsHDQEg9DcggCEw6zM3EvD
	vTa8R8YEjZ3zK52/Pcv7VcOnKBzHaniv8Zp8gFimknfK0XKiX4pEa2uZpBGyATtx4ez73j
	2Ter5r/shXCMRbu4qpT2/6+SZ4SEKho+hrBPWBm6kjIsDxtKTM7bx2oS76LyGeoA+PfJIe
	RCy5A1o2wFCpaSjU9KtgiWUpPAlaura1UrlWqI092eyFcq0PIUKowqtznqovnw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1671696259; a=rsa-sha256; cv=none;
	b=WlJKbwEULzseNyzRsdxwQaefMw3dyuTmDfnk47BBJ00WQnw+7TkjEE8OooZNs5c0jceEoZ
	HDWW+ZWsQDqSpscpDybzqszbUEaqlFL61xeZ7SVTL/XPiW+dpSajn8gPbIKYzIypMsP8Sr
	rmo6GmnipJhlRAqDBhArH2cH4aRuy1a8rE/JWvbrMy4owsYsmlZF3/cD0sPdWplDVBAJsH
	tabG6Fv70riEqZcslk9CESr1NBzFkeahp5JIwHHdCBxjjgFQR0J8zYCgAiRgbCwNXwV2XT
	mp2/J90ELqvSCo6Jf266YdTkksHOCxKVcRnJprJAfJbkp028QMOxWyH09gofXg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Nd2rz37v3znKL;
	Thu, 22 Dec 2022 08:04:19 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 2BM84JHS025033;
	Thu, 22 Dec 2022 08:04:19 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 2BM84JAV025032;
	Thu, 22 Dec 2022 08:04:19 GMT
	(envelope-from git)
Date: Thu, 22 Dec 2022 08:04:19 GMT
Message-Id: <202212220804.2BM84JAV025032@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: Nuno Teixeira <eduardo@FreeBSD.org>
Subject: git: 50118f50cae2 - main - security/crowdsec: Update to 1.4.3
List-Id: Commits to the main branch of the FreeBSD ports repository <dev-commits-ports-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main
List-Help: <mailto:dev-commits-ports-main+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-ports-main@freebsd.org
X-BeenThere: dev-commits-ports-main@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: eduardo
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 50118f50cae2c4f607603c661fc1eb24431cb9c6
Auto-Submitted: auto-generated
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by eduardo:

URL: https://cgit.FreeBSD.org/ports/commit/?id=50118f50cae2c4f607603c661fc1eb24431cb9c6

commit 50118f50cae2c4f607603c661fc1eb24431cb9c6
Author:     Marco <marco@crowdsec.net>
AuthorDate: 2022-12-22 08:01:22 +0000
Commit:     Nuno Teixeira <eduardo@FreeBSD.org>
CommitDate: 2022-12-22 08:03:50 +0000

    security/crowdsec: Update to 1.4.3
    
    ChangeLog:      https://github.com/crowdsecurity/crowdsec/releases/tag/v1.4.2
    PR:             267808
---
 security/crowdsec/Makefile               | 38 +++++++++++++++++++++-----------
 security/crowdsec/distinfo               |  6 ++---
 security/crowdsec/files/crowdsec.cron.in |  2 ++
 security/crowdsec/files/patch-Makefile   | 12 ----------
 security/crowdsec/files/pkg-deinstall.in |  4 ++--
 security/crowdsec/files/pkg-message.in   |  2 +-
 security/crowdsec/files/upgrade-hub.in   | 17 ++++++++++++++
 security/crowdsec/pkg-plist              | 12 +++++-----
 8 files changed, 57 insertions(+), 36 deletions(-)

diff --git a/security/crowdsec/Makefile b/security/crowdsec/Makefile
index c1d883899860..07a402553fda 100644
--- a/security/crowdsec/Makefile
+++ b/security/crowdsec/Makefile
@@ -1,7 +1,6 @@
 PORTNAME=	crowdsec
 DISTVERSIONPREFIX=	v
-DISTVERSION=	1.4.1
-PORTREVISION=	3
+DISTVERSION=	1.4.3
 CATEGORIES=	security
 
 MAINTAINER=	marco@crowdsec.net
@@ -13,22 +12,24 @@ LICENSE_FILE=	${WRKSRC}/LICENSE
 
 BUILD_DEPENDS=	git:devel/git@lite
 
-USES=		gmake go:no_targets
+USES=		gmake go:1.19,no_targets
 
 USE_GITHUB=	yes
 GH_ACCOUNT=	crowdsecurity
 GH_PROJECT=	crowdsec
 GH_TAGNAME=	${DISTVERSIONFULL}-freebsd
-_BUILD_TAG=	527995f
+_BUILD_TAG=	8a738f5b
 USE_RC_SUBR=	crowdsec
 
-MAKE_ENV=	BUILD_VERSION="${DISTVERSIONFULL}" \
+MAKE_ARGS=	BUILD_VERSION="${DISTVERSIONFULL}" \
 		BUILD_TAG="${_BUILD_TAG}" \
+		BUILD_VENDOR_FLAGS="-mod=vendor -modcacherw" \
 		DEFAULT_CONFIGDIR="${PREFIX}/etc/crowdsec" \
 		DEFAULT_DATADIR="/var/db/crowdsec/data"
+
 ALL_TARGET=	build
 
-SUB_FILES=	pkg-deinstall pkg-install pkg-message
+SUB_FILES=	pkg-deinstall pkg-install pkg-message crowdsec.cron upgrade-hub
 
 OPTIONS_DEFINE=	FIREWALL_BOUNCER
 OPTIONS_DEFAULT=
@@ -42,12 +43,10 @@ STAGE_BIN=	${STAGEDIR}${PREFIX}/bin
 
 post-patch:
 	@${REINPLACE_CMD} 's,/etc/crowdsec/,${ETCDIR}/,g' \
-		${WRKSRC}/config/config.yaml \
-		${WRKSRC}/config/profiles.yaml
+		${WRKSRC}/config/config.yaml
 
 	@${REINPLACE_CMD} 's,/var/lib/,/var/db/,g' \
-		${WRKSRC}/config/config.yaml \
-		${WRKSRC}/config/profiles.yaml
+		${WRKSRC}/config/config.yaml
 
 do-install:
 	#
@@ -124,19 +123,32 @@ do-install:
 	@${MKDIR} ${STAGEDIR}${ETCDIR}/hub
 	@${MKDIR} ${STAGEDIR}/var/db/crowdsec/data
 
+	#
+	# Cron
+	#
+
+	@${MKDIR} ${STAGEDIR}${PREFIX}/libexec/crowdsec
+	${INSTALL_DATA} ${WRKDIR}/upgrade-hub \
+		${STAGEDIR}${PREFIX}/libexec/crowdsec/upgrade-hub
+
 	#
 	# Cleanup
 	#
 
+	@${RM} ${STAGEDIR}${ETCDIR}/acquis_win.yaml
+	@${RM} ${STAGEDIR}${ETCDIR}/config_win_no_lapi.yaml
+	@${RM} ${STAGEDIR}${ETCDIR}/config_win.yaml
+	@${RM} ${STAGEDIR}${ETCDIR}/crowdsec.cron.daily
 	@${RM} ${STAGEDIR}${ETCDIR}/crowdsec.service
 	@${RM} ${STAGEDIR}${ETCDIR}/dev.yaml
 	@${RM} ${STAGEDIR}${ETCDIR}/user.yaml
-	@${RM} ${STAGEDIR}${ETCDIR}/acquis_win.yaml
-	@${RM} ${STAGEDIR}${ETCDIR}/config_win.yaml
-	@${RM} ${STAGEDIR}${ETCDIR}/config_win_no_lapi.yaml
 	@${RMDIR} ${STAGEDIR}${ETCDIR}/notifications/email
 	@${RMDIR} ${STAGEDIR}${ETCDIR}/notifications/http
 	@${RMDIR} ${STAGEDIR}${ETCDIR}/notifications/slack
 	@${RMDIR} ${STAGEDIR}${ETCDIR}/notifications/splunk
 
+post-install:
+	@${MKDIR} ${STAGEDIR}${PREFIX}/etc/cron.d
+	${INSTALL_DATA} ${WRKDIR}/crowdsec.cron ${STAGEDIR}${PREFIX}/etc/cron.d/crowdsec
+
 .include <bsd.port.mk>
diff --git a/security/crowdsec/distinfo b/security/crowdsec/distinfo
index f003aa1d1b01..2700819fc7cc 100644
--- a/security/crowdsec/distinfo
+++ b/security/crowdsec/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1658844897
-SHA256 (crowdsecurity-crowdsec-v1.4.1-v1.4.1-freebsd_GH0.tar.gz) = a05e75838f4c4e87906ab6df846cc73b4701f6460834e35e5b64b7774e16bb63
-SIZE (crowdsecurity-crowdsec-v1.4.1-v1.4.1-freebsd_GH0.tar.gz) = 20805956
+TIMESTAMP = 1669821186
+SHA256 (crowdsecurity-crowdsec-v1.4.3-v1.4.3-freebsd_GH0.tar.gz) = b7341939db304a21c0920bc9b8e89d589dfff5da83ea4c54b3d1fc46b9eea2c3
+SIZE (crowdsecurity-crowdsec-v1.4.3-v1.4.3-freebsd_GH0.tar.gz) = 21310998
diff --git a/security/crowdsec/files/crowdsec.cron.in b/security/crowdsec/files/crowdsec.cron.in
new file mode 100644
index 000000000000..30df05dc2199
--- /dev/null
+++ b/security/crowdsec/files/crowdsec.cron.in
@@ -0,0 +1,2 @@
+#minute	hour	mday	month	wday	who	command
+0       3       *       *       *       root    %%PREFIX%%/libexec/crowdsec/upgrade-hub
diff --git a/security/crowdsec/files/patch-Makefile b/security/crowdsec/files/patch-Makefile
deleted file mode 100644
index 68ea23023ecf..000000000000
--- a/security/crowdsec/files/patch-Makefile
+++ /dev/null
@@ -1,12 +0,0 @@
---- Makefile.orig	2022-02-10 09:11:04 UTC
-+++ Makefile
-@@ -58,8 +58,8 @@ LD_OPTS_VARS= \
- -X github.com/crowdsecurity/crowdsec/pkg/csconfig.defaultConfigDir=$(DEFAULT_CONFIGDIR) \
- -X github.com/crowdsecurity/crowdsec/pkg/csconfig.defaultDataDir=$(DEFAULT_DATADIR)
- 
--export LD_OPTS=-ldflags "-s -w $(LD_OPTS_VARS)"
--export LD_OPTS_STATIC=-ldflags "-s -w $(LD_OPTS_VARS) -extldflags '-static'"
-+export LD_OPTS=-mod vendor -modcacherw -ldflags "-s -w $(LD_OPTS_VARS)"
-+export LD_OPTS_STATIC=-mod vendor -modcacherw -ldflags "-s -w $(LD_OPTS_VARS) -extldflags '-static'"
- 
- RELDIR = crowdsec-$(BUILD_VERSION)
diff --git a/security/crowdsec/files/pkg-deinstall.in b/security/crowdsec/files/pkg-deinstall.in
index 4fdfd0b04d72..4cee7a613b84 100644
--- a/security/crowdsec/files/pkg-deinstall.in
+++ b/security/crowdsec/files/pkg-deinstall.in
@@ -2,8 +2,8 @@
 
 case $2 in
        "DEINSTALL")
-               service crowdsec status && touch /var/run/crowdsec.running
-               service crowdsec stop || :
+               service crowdsec status 2>/dev/null && touch /var/run/crowdsec.running
+               service crowdsec stop 2>/dev/null || :
                ;;
 esac
 
diff --git a/security/crowdsec/files/pkg-message.in b/security/crowdsec/files/pkg-message.in
index 0f59a21a5980..2fa6c08f4b30 100644
--- a/security/crowdsec/files/pkg-message.in
+++ b/security/crowdsec/files/pkg-message.in
@@ -7,7 +7,7 @@ crowdsec is installed.
 You need to check/edit the following files in %%ETCDIR%% as described in https://doc.crowdsec.net/docs/configuration/crowdsec_configuration
 
  - config.yaml: main configuration
- - acquis.yaml: where to find logs to parse (this port does not include automatic discovery of the running services)
+ - acquis.yaml, acquis.d: datasource configuration (this port does not include automatic discovery of the running services)
  - profiles.yaml: remediation policies (ban, duration, etc)
 
 Then you can enable the daemon via sysrc and run it.
diff --git a/security/crowdsec/files/upgrade-hub.in b/security/crowdsec/files/upgrade-hub.in
new file mode 100644
index 000000000000..450dc8af96cc
--- /dev/null
+++ b/security/crowdsec/files/upgrade-hub.in
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+test -x /usr/local/bin/cscli || exit 0
+
+# favor the opnsense plugin's cron if it's there
+test -e /usr/local/etc/cron.d/oscrowdsec.cron && exit 0
+
+/usr/local/bin/cscli --error hub update
+
+upgraded=$(/usr/local/bin/cscli --error hub upgrade)
+if [ -n "$upgraded" ]; then
+    # splay initial metrics push
+    sleep $(jot -r 1 1 60)
+    service crowdsec reload
+fi
+
+exit 0
diff --git a/security/crowdsec/pkg-plist b/security/crowdsec/pkg-plist
index 730535931c6d..3e3566388844 100644
--- a/security/crowdsec/pkg-plist
+++ b/security/crowdsec/pkg-plist
@@ -2,19 +2,20 @@
 bin/crowdsec
 bin/cscli
 bin/crowdsec-cli
+libexec/crowdsec/upgrade-hub
 @mode 0600
+@sample %%ETCDIR%%/config.yaml.sample
 @sample %%ETCDIR%%/local_api_credentials.yaml.sample
 @sample %%ETCDIR%%/online_api_credentials.yaml.sample
+@sample %%ETCDIR%%/notifications/email.yaml.sample
+@sample %%ETCDIR%%/notifications/http.yaml.sample
+@sample %%ETCDIR%%/notifications/slack.yaml.sample
+@sample %%ETCDIR%%/notifications/splunk.yaml.sample
 @mode 0644
 @sample %%ETCDIR%%/acquis.yaml.sample
-@sample %%ETCDIR%%/config.yaml.sample
 @sample %%ETCDIR%%/console.yaml.sample
 @sample %%ETCDIR%%/profiles.yaml.sample
 @sample %%ETCDIR%%/simulation.yaml.sample
-@sample %%ETCDIR%%/notifications/email.yaml.sample
-@sample %%ETCDIR%%/notifications/http.yaml.sample
-@sample %%ETCDIR%%/notifications/slack.yaml.sample
-@sample %%ETCDIR%%/notifications/splunk.yaml.sample
 %%ETCDIR%%/patterns/aws
 %%ETCDIR%%/patterns/bacula
 %%ETCDIR%%/patterns/bro
@@ -39,6 +40,7 @@ bin/crowdsec-cli
 %%ETCDIR%%/patterns/smb
 %%ETCDIR%%/patterns/ssh
 %%ETCDIR%%/patterns/tcpdump
+etc/cron.d/crowdsec
 @mode 0755
 lib/crowdsec/plugins/notification-email
 lib/crowdsec/plugins/notification-http