git: 6713efec42d4 - main - security/crowdsec: update to 1.2.1
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 17 Dec 2021 12:39:41 UTC
The branch main has been updated by sbz:
URL: https://cgit.FreeBSD.org/ports/commit/?id=6713efec42d49e664024afb6af6ecf696aa6dc21
commit 6713efec42d49e664024afb6af6ecf696aa6dc21
Author: Sofian Brabez <sbz@FreeBSD.org>
AuthorDate: 2021-12-16 18:13:45 +0000
Commit: Sofian Brabez <sbz@FreeBSD.org>
CommitDate: 2021-12-17 12:32:56 +0000
security/crowdsec: update to 1.2.1
Update to 1.2.1 release and pass the maintainership to the submitter.
PR: 260262
---
security/crowdsec/Makefile | 107 ++++++++++++++++++++++++++-----
security/crowdsec/distinfo | 8 +--
security/crowdsec/files/crowdsec.in | 48 ++++++++++----
security/crowdsec/files/patch-Makefile | 11 ++++
security/crowdsec/files/pkg-deinstall.in | 8 +++
security/crowdsec/files/pkg-message.in | 11 +++-
security/crowdsec/pkg-plist | 30 ++++++---
7 files changed, 178 insertions(+), 45 deletions(-)
diff --git a/security/crowdsec/Makefile b/security/crowdsec/Makefile
index 9a6aa7ada379..f3683aee9c30 100644
--- a/security/crowdsec/Makefile
+++ b/security/crowdsec/Makefile
@@ -1,45 +1,122 @@
PORTNAME= crowdsec
-PORTVERSION= 1.1.1
+PORTVERSION= 1.2.1 # NOTE: change BUILD_VERSION and BUILD_TAG as well
DISTVERSIONPREFIX= v
CATEGORIES= security
-MAINTAINER= sbz@FreeBSD.org
-COMMENT= Crowdsec lightweight and collaborative security engine
+MAINTAINER= marco@crowdsec.net
+COMMENT= CrowdSec lightweight and collaborative security engine
LICENSE= MIT
LICENSE_FILE= ${WRKSRC}/LICENSE
-USES= go:modules
+BUILD_DEPENDS= git:devel/git@lite \
+ go:lang/go \
+ jq:textproc/jq
+
+USES= gmake
+
+USE_GITHUB= yes
+GH_ACCOUNT= crowdsecurity
+GH_PROJECT= crowdsec
+#GH_TAGNAME is automatically set from DISTVERSION
USE_RC_SUBR= crowdsec
-GO_MODULE= github.com/crowdsecurity/crowdsec
+USE_RC_SUBR= crowdsec
-GO_BUILDFLAGS= -ldflags "-s -w \
- -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=v${PORTVERSION} \
- -X github.com/crowdsecurity/crowdsec/pkg/cwversion.System=freebsd \
- -X github.com/crowdsecurity/crowdsec/pkg/cwversion.BuildDate=`date -u '+%Y-%m-%d_%I:%M:%S%p'`"
+SUB_FILES= pkg-message \
+ pkg-deinstall
-GO_TARGET= ./cmd/crowdsec \
- ./cmd/crowdsec-cli
+# BUILD_VERSION=$(git describe --tags $(git rev-list --tags --max-count=1))
+# BUILD_TAG=$(git rev-parse HEAD)
+MAKE_ENV= BUILD_VERSION="v1.2.1" \
+ BUILD_TAG="dd03d073558e380c283afe66942f537c3da647ff"
-SUB_FILES= pkg-message
+PLUGIN_DIR= ${PREFIX}/lib/crowdsec/plugins
+STAGE_PLUGINS= ${STAGEDIR}${PLUGIN_DIR}
+STAGE_BIN= ${STAGEDIR}${PREFIX}/bin
post-patch:
@${REINPLACE_CMD} 's,/etc/crowdsec/,${ETCDIR}/,g' \
${WRKSRC}/pkg/csconfig/config.go \
+ ${WRKSRC}/pkg/cstest/hubtest_item.go \
${WRKSRC}/cmd/crowdsec-cli/machines.go \
${WRKSRC}/cmd/crowdsec-cli/main.go \
- ${WRKSRC}/cmd/crowdsec/main.go
+ ${WRKSRC}/cmd/crowdsec/main.go \
+ ${WRKSRC}/config/config.yaml \
+ ${WRKSRC}/config/profiles.yaml
+
+ @${REINPLACE_CMD} 's,/var/lib/,/var/db/,g' \
+ ${WRKSRC}/pkg/csconfig/config.go \
+ ${WRKSRC}/pkg/metabase/database.go \
+ ${WRKSRC}/config/config.yaml \
+ ${WRKSRC}/config/profiles.yaml
do-install:
+ #
+ # Binaries
+ #
+
+ ${INSTALL_PROGRAM} ${WRKSRC}/cmd/crowdsec/crowdsec ${STAGE_BIN}/
+ ${INSTALL_PROGRAM} ${WRKSRC}/cmd/crowdsec-cli/cscli ${STAGE_BIN}/
+ ${LN} -s cscli ${STAGE_BIN}/crowdsec-cli
+
+ @${MKDIR} ${STAGE_PLUGINS}
+ ${INSTALL_PROGRAM} ${WRKSRC}/plugins/notifications/http/notification-http ${STAGE_PLUGINS}/
+ ${INSTALL_PROGRAM} ${WRKSRC}/plugins/notifications/slack/notification-slack ${STAGE_PLUGINS}/
+ ${INSTALL_PROGRAM} ${WRKSRC}/plugins/notifications/splunk/notification-splunk ${STAGE_PLUGINS}/
+
+ #
+ # Configuration
+ #
+
@${MKDIR} ${STAGEDIR}${ETCDIR}
@(cd ${WRKSRC}/config && ${COPYTREE_SHARE} . ${STAGEDIR}${ETCDIR})
+ @${MV} ${STAGEDIR}${ETCDIR}/acquis.yaml \
+ ${STAGEDIR}${ETCDIR}/acquis.yaml.sample
+
@${MV} ${STAGEDIR}${ETCDIR}/config.yaml \
${STAGEDIR}${ETCDIR}/config.yaml.sample
- ${INSTALL_PROGRAM} ${WRKDIR}/bin/crowdsec ${STAGEDIR}${PREFIX}/bin
- ${INSTALL_PROGRAM} ${WRKDIR}/bin/crowdsec-cli ${STAGEDIR}${PREFIX}/bin
+ @${MV} ${STAGEDIR}${ETCDIR}/profiles.yaml \
+ ${STAGEDIR}${ETCDIR}/profiles.yaml.sample
+
+ # managed by "cscli simulation"
+ @${MV} ${STAGEDIR}${ETCDIR}/simulation.yaml \
+ ${STAGEDIR}${ETCDIR}/simulation.yaml.sample
+
+ #
+ # Plugin configuration
+ #
+
+ @${MKDIR} ${STAGEDIR}${ETCDIR}/notifications
+
+ @${MKDIR} ${STAGEDIR}${ETCDIR}/notifications/http
+ @${MV} ${WRKSRC}/plugins/notifications/http/http.yaml \
+ ${STAGEDIR}${ETCDIR}/notifications/http/http.yaml.sample
+
+ @${MKDIR} ${STAGEDIR}${ETCDIR}/notifications/slack
+ @${MV} ${WRKSRC}/plugins/notifications/slack/slack.yaml \
+ ${STAGEDIR}${ETCDIR}/notifications/slack/slack.yaml.sample
+
+ @${MKDIR} ${STAGEDIR}${ETCDIR}/notifications/splunk
+ @${MV} ${WRKSRC}/plugins/notifications/splunk/splunk.yaml \
+ ${STAGEDIR}${ETCDIR}/notifications/splunk/splunk.yaml.sample
+
+ # updated by "cscli machines" at first service start
+ @${MV} ${STAGEDIR}${ETCDIR}/local_api_credentials.yaml \
+ ${STAGEDIR}${ETCDIR}/local_api_credentials.yaml.sample
+
+ # updated by "cscli capi" at first service start
+ @${MV} ${STAGEDIR}${ETCDIR}/online_api_credentials.yaml \
+ ${STAGEDIR}${ETCDIR}/online_api_credentials.yaml.sample
+
+ #
+ # Data
+ #
+
+ @${MKDIR} ${STAGEDIR}${ETCDIR}/hub
+ @${MKDIR} ${STAGEDIR}/var/db/crowdsec/data
.include <bsd.port.mk>
diff --git a/security/crowdsec/distinfo b/security/crowdsec/distinfo
index 2d309c313933..1eecdf198266 100644
--- a/security/crowdsec/distinfo
+++ b/security/crowdsec/distinfo
@@ -1,5 +1,3 @@
-TIMESTAMP = 1626257804
-SHA256 (go/security_crowdsec/crowdsec-v1.1.1/v1.1.1.mod) = f764f7d850f1e2306f6764e534ace7261f7dc99f3b4884c2b0f617cb791b35de
-SIZE (go/security_crowdsec/crowdsec-v1.1.1/v1.1.1.mod) = 3295
-SHA256 (go/security_crowdsec/crowdsec-v1.1.1/v1.1.1.zip) = f7e63641a67392d57412ab1ff86a26ae4deeb9fc8460542f6258f7c9f56238e9
-SIZE (go/security_crowdsec/crowdsec-v1.1.1/v1.1.1.zip) = 640252
+TIMESTAMP = 1637702390
+SHA256 (crowdsecurity-crowdsec-v1.2.1_GH0.tar.gz) = e3a9bbb70b1995a83c5001d06dbbcb5f59d43e4d7c18b60548f305a62d2dd6a3
+SIZE (crowdsecurity-crowdsec-v1.2.1_GH0.tar.gz) = 659398
diff --git a/security/crowdsec/files/crowdsec.in b/security/crowdsec/files/crowdsec.in
index 59219b42aa19..04b7c02130f9 100644
--- a/security/crowdsec/files/crowdsec.in
+++ b/security/crowdsec/files/crowdsec.in
@@ -22,9 +22,9 @@ rcvar=crowdsec_enable
load_rc_config $name
-: ${crowdsec_enable:="NO"}
-: ${crowdsec_config:="%%PREFIX%%/etc/crowdsec/config.yaml"}
-: ${crowdsec_flags:=""}
+: "${crowdsec_enable:=NO}"
+: "${crowdsec_config:=%%PREFIX%%/etc/crowdsec/config.yaml}"
+: "${crowdsec_flags:=}"
pidfile=/var/run/${name}.pid
required_files="$crowdsec_config"
@@ -35,27 +35,49 @@ configtest_cmd="${name}_configtest"
extra_commands="configtest reload"
crowdsec_precmd() {
- if [ ! -d %%PREFIX%%/etc/crowdsec/hub ]; then
- %%PREFIX%%/bin/crowdsec-cli hub update || :
+ cs_cli() {
+ "%%PREFIX%%/bin/cscli" -c "${crowdsec_config}" "$@"
+ }
+ Config() {
+ cs_cli config show --key "Config.$1"
+ }
+
+ HUB_DIR=$(Config ConfigPaths.HubDir)
+ if ! ls -1qA "$HUB_DIR/*" >/dev/null 2>&1; then
+ echo "Fetching hub inventory"
+ cs_cli hub update || :
+ fi
+
+ if [ -z "$(cs_cli machines list -o raw)" ]; then
+ echo "Registering LAPI"
+ cs_cli machines add --auto || :
fi
- if [ -z "`%%PREFIX%%/bin/crowdsec-cli machines list -o raw`" ]; then
- %%PREFIX%%/bin/crowdsec-cli machines add --auto || :
+
+ CONFIG_DIR=$(Config ConfigPaths.ConfigDir)
+ if [ ! -s "${CONFIG_DIR}/online_api_credentials.yaml" ]; then
+ echo "Registering CAPI"
+ cs_cli capi register || :
fi
- if [ ! -s %%PREFIX%%/etc/crowdsec/online_api_credentials.yaml ]; then
- %%PREFIX%%/bin/crowdsec-cli capi register || :
+
+ cs_cli collections inspect crowdsecurity/linux >/dev/null || cs_cli collections install crowdsecurity/linux || :
+
+ DATA_DIR=$(Config ConfigPaths.DataDir)
+ if [ ! -f "${DATA_DIR}/GeoLite2-City.mmdb" ]; then
+ echo "Installing GeoIP enricher"
+ cs_cli parsers install crowdsecurity/geoip-enrich || :
fi
}
crowdsec_start()
{
- /usr/sbin/daemon -f -p ${pidfile} -t "${desc}" \
- ${command} -c ${crowdsec_config} ${crowdsec_flags}
+ /usr/sbin/daemon -f -p ${pidfile} -t "${desc}" -- \
+ ${command} -c ${crowdsec_config} ${crowdsec_flags}
}
crowdsec_configtest()
{
- echo "Performing sanity check on ${name} configuration."
- eval ${command} -c ${crowdsec_config} -t
+ echo "Performing sanity check on ${name} configuration."
+ eval ${command} -c ${crowdsec_config} -t
}
run_rc_command "$1"
diff --git a/security/crowdsec/files/patch-Makefile b/security/crowdsec/files/patch-Makefile
new file mode 100644
index 000000000000..909dceada263
--- /dev/null
+++ b/security/crowdsec/files/patch-Makefile
@@ -0,0 +1,11 @@
+--- Makefile.orig 2021-11-17 09:15:38 UTC
++++ Makefile
+@@ -42,7 +42,7 @@ BUILD_VERSION?="$(shell git describe --tags `git rev-l
+ BUILD_GOVERSION="$(shell go version | cut -d " " -f3 | sed -E 's/[go]+//g')"
+ BUILD_CODENAME=$(shell cat RELEASE.json | jq -r .CodeName)
+ BUILD_TIMESTAMP=$(shell date +%F"_"%T)
+-BUILD_TAG="$(shell git rev-parse HEAD)"
++BUILD_TAG?="$(shell git rev-parse HEAD)"
+
+ export LD_OPTS=-ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=$(BUILD_VERSION) \
+ -X github.com/crowdsecurity/crowdsec/pkg/cwversion.System=$(SYSTEM) \
diff --git a/security/crowdsec/files/pkg-deinstall.in b/security/crowdsec/files/pkg-deinstall.in
new file mode 100644
index 000000000000..1f067c828536
--- /dev/null
+++ b/security/crowdsec/files/pkg-deinstall.in
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+case $2 in
+ DEINSTALL)
+ service crowdsec stop || :
+ ;;
+esac
+
diff --git a/security/crowdsec/files/pkg-message.in b/security/crowdsec/files/pkg-message.in
index 93da4e2c4dae..0f59a21a5980 100644
--- a/security/crowdsec/files/pkg-message.in
+++ b/security/crowdsec/files/pkg-message.in
@@ -4,10 +4,17 @@
crowdsec is installed.
-You need to edit the agent config file %%ETCDIR%%/crowdsec.yaml and
-enable rc via sysrc.
+You need to check/edit the following files in %%ETCDIR%% as described in https://doc.crowdsec.net/docs/configuration/crowdsec_configuration
+
+ - config.yaml: main configuration
+ - acquis.yaml: where to find logs to parse (this port does not include automatic discovery of the running services)
+ - profiles.yaml: remediation policies (ban, duration, etc)
+
+Then you can enable the daemon via sysrc and run it.
# sysrc crowdsec_enable="YES"
+crowdsec_enable: NO -> YES
+# service crowdsec start
EOM
}
]
diff --git a/security/crowdsec/pkg-plist b/security/crowdsec/pkg-plist
index b3555470e374..5a02566e9cf2 100644
--- a/security/crowdsec/pkg-plist
+++ b/security/crowdsec/pkg-plist
@@ -1,12 +1,18 @@
-@sample %%ETCDIR%%/config.yaml.sample
+@mode 0755
bin/crowdsec
+bin/cscli
bin/crowdsec-cli
-%%ETCDIR%%/acquis.yaml
-%%ETCDIR%%/crowdsec.service
-%%ETCDIR%%/crowdsec_pull
-%%ETCDIR%%/dev.yaml
-%%ETCDIR%%/local_api_credentials.yaml
-%%ETCDIR%%/online_api_credentials.yaml
+@mode 0600
+@sample %%ETCDIR%%/local_api_credentials.yaml.sample
+@sample %%ETCDIR%%/online_api_credentials.yaml.sample
+@mode 0644
+@sample %%ETCDIR%%/acquis.yaml.sample
+@sample %%ETCDIR%%/config.yaml.sample
+@sample %%ETCDIR%%/profiles.yaml.sample
+@sample %%ETCDIR%%/simulation.yaml.sample
+@sample %%ETCDIR%%/notifications/http/http.yaml.sample
+@sample %%ETCDIR%%/notifications/slack/slack.yaml.sample
+@sample %%ETCDIR%%/notifications/splunk/splunk.yaml.sample
%%ETCDIR%%/patterns/aws
%%ETCDIR%%/patterns/bacula
%%ETCDIR%%/patterns/bro
@@ -31,6 +37,10 @@ bin/crowdsec-cli
%%ETCDIR%%/patterns/smb
%%ETCDIR%%/patterns/ssh
%%ETCDIR%%/patterns/tcpdump
-%%ETCDIR%%/profiles.yaml
-%%ETCDIR%%/simulation.yaml
-%%ETCDIR%%/user.yaml
+@mode 0755
+lib/crowdsec/plugins/notification-http
+lib/crowdsec/plugins/notification-slack
+lib/crowdsec/plugins/notification-splunk
+@dir %%ETCDIR%%/hub
+@dir /var/db/crowdsec/data
+@dir /var/db/crowdsec