1PORTNAME=	crowdsec
2DISTVERSIONPREFIX=	v
3DISTVERSION=	1.6.3
4PORTREVISION=	0
5CATEGORIES=	security
6
7MAINTAINER=	ports@MidnightBSD.org
8COMMENT=	CrowdSec lightweight and collaborative security engine
9WWW=		https://github.com/crowdsecurity/crowdsec
10
11LICENSE=	mit
12LICENSE_FILE=	${WRKSRC}/LICENSE
13
14LIB_DEPENDS=	libabsl_base.so:devel/abseil \
15		libre2.so:devel/re2
16
17NO_TEST=	yes
18
19USES=		go:1.23,modules pkgconfig
20_COMMIT=	4851945a
21_BUILD_DATE=	$$(date -u "+%F_%T")
22USE_RC_SUBR=	crowdsec
23
24GO_MODULE=	github.com/crowdsecurity/crowdsec
25GO_TARGET=	./cmd/crowdsec \
26		./cmd/crowdsec-cli \
27		./cmd/notification-email \
28		./cmd/notification-http \
29		./cmd/notification-sentinel \
30		./cmd/notification-slack \
31		./cmd/notification-splunk
32
33GO_BUILDFLAGS=	-v -trimpath -tags netgo,osusergo,sqlite_omit_load_extension,re2_cgo \
34		-ldflags="\
35		-a -s -w \
36		-X github.com/crowdsecurity/go-cs-lib/version.Version=${DISTVERSIONPREFIX}${DISTVERSION} \
37		-X github.com/crowdsecurity/go-cs-lib/version.BuildDate=${_BUILD_DATE} \
38		-X github.com/crowdsecurity/go-cs-lib/version.Tag=${_COMMIT} \
39		-X ${GO_MODULE}/pkg/cwversion.Codename=alphaga \
40		-X ${GO_MODULE}/pkg/csconfig.defaultConfigDir=${PREFIX}/etc/crowdsec \
41		-X ${GO_MODULE}/pkg/csconfig.defaultDataDir=/var/db/crowdsec/data \
42		-X ${GO_MODULE}/pkg/cwversion.Libre2=C++"
43
44SUB_FILES=	pkg-deinstall pkg-install pkg-message crowdsec.cron upgrade-hub
45
46OPTIONS_DEFINE=	FIREWALL_BOUNCER
47OPTIONS_DEFAULT=
48
49FIREWALL_BOUNCER_DESC=	Depend on security/crowdsec-firewall-bouncer
50FIREWALL_BOUNCER_RUN_DEPENDS=	crowdsec-firewall-bouncer>=0.0.27:security/crowdsec-firewall-bouncer
51
52PLUGIN_DIR=	${PREFIX}/lib/crowdsec/plugins
53STAGE_PLUGINS=	${PLUGIN_DIR}
54STAGE_BIN=	${PREFIX}/bin
55
56post-patch:
57	@${REINPLACE_CMD} 's,/etc/crowdsec/,${ETCDIR}/,g' \
58		${WRKSRC}/config/config.yaml
59
60	@${REINPLACE_CMD} 's,/var/lib/,/var/db/,g' \
61		${WRKSRC}/config/config.yaml
62
63do-install:
64	#
65	# Binaries
66	#
67
68	${INSTALL_PROGRAM} ${WRKDIR}/bin/crowdsec ${STAGE_BIN}/
69	${INSTALL_PROGRAM} ${WRKDIR}/bin/crowdsec-cli ${STAGE_BIN}/cscli
70
71	# keep this around for compatibility
72	${LN} -s cscli ${STAGE_BIN}/crowdsec-cli
73
74	@${MKDIR} ${STAGE_PLUGINS}
75	${INSTALL_PROGRAM} ${WRKDIR}/bin/notification-email ${STAGE_PLUGINS}/
76	${INSTALL_PROGRAM} ${WRKDIR}/bin/notification-http ${STAGE_PLUGINS}/
77	${INSTALL_PROGRAM} ${WRKDIR}/bin/notification-sentinel ${STAGE_PLUGINS}/
78	${INSTALL_PROGRAM} ${WRKDIR}/bin/notification-slack ${STAGE_PLUGINS}/
79	${INSTALL_PROGRAM} ${WRKDIR}/bin/notification-splunk ${STAGE_PLUGINS}/
80
81	#
82	# Configuration
83	#
84
85	@${MKDIR} ${ETCDIR}
86	@(cd ${WRKSRC}/config && ${COPYTREE_SHARE} . ${ETCDIR})
87
88	@${MV} ${ETCDIR}/acquis.yaml \
89		${ETCDIR}/acquis.yaml.sample
90
91	@${MV} ${ETCDIR}/config.yaml \
92		${ETCDIR}/config.yaml.sample
93
94	@${MV} ${ETCDIR}/console.yaml \
95		${ETCDIR}/console.yaml.sample
96
97	@${MV} ${ETCDIR}/profiles.yaml \
98		${ETCDIR}/profiles.yaml.sample
99
100	# managed by "cscli simulation"
101	@${MV} ${ETCDIR}/simulation.yaml \
102		${ETCDIR}/simulation.yaml.sample
103
104	#
105	# Plugin configuration
106	#
107
108	@${MKDIR} ${ETCDIR}/notifications
109
110	@${MKDIR} ${ETCDIR}/notifications/email
111	@${MV} ${WRKSRC}/cmd/notification-email/email.yaml \
112		${ETCDIR}/notifications/email.yaml.sample
113
114	@${MKDIR} ${ETCDIR}/notifications/http
115	@${MV} ${WRKSRC}/cmd/notification-http/http.yaml \
116		${ETCDIR}/notifications/http.yaml.sample
117
118	@${MKDIR} ${ETCDIR}/notifications/sentinel
119	@${MV} ${WRKSRC}/cmd/notification-sentinel/sentinel.yaml \
120		${ETCDIR}/notifications/sentinel.yaml.sample
121
122	@${MKDIR} ${ETCDIR}/notifications/slack
123	@${MV} ${WRKSRC}/cmd/notification-slack/slack.yaml \
124		${ETCDIR}/notifications/slack.yaml.sample
125
126	@${MKDIR} ${ETCDIR}/notifications/splunk
127	@${MV} ${WRKSRC}/cmd/notification-splunk/splunk.yaml \
128		${ETCDIR}/notifications/splunk.yaml.sample
129
130	# updated by "cscli machines" at first service start
131	@${MV} ${ETCDIR}/local_api_credentials.yaml \
132		${ETCDIR}/local_api_credentials.yaml.sample
133
134	# updated by "cscli capi" at first service start
135	@${MV} ${ETCDIR}/online_api_credentials.yaml \
136		${ETCDIR}/online_api_credentials.yaml.sample
137
138	#
139	# Data
140	#
141
142	@${MKDIR} ${ETCDIR}/hub
143	@${MKDIR} ${ETCDIR}/acquis.d
144	@${MKDIR} /var/db/crowdsec/data
145	@${MKDIR} /var/db/crowdsec/data/trace
146
147	#
148	# Cron
149	#
150
151	@${MKDIR} ${PREFIX}/libexec/crowdsec
152	${INSTALL_DATA} ${WRKDIR}/upgrade-hub \
153		${PREFIX}/libexec/crowdsec/upgrade-hub
154
155	#
156	# Cleanup
157	#
158
159	@${RM} ${ETCDIR}/acquis_win.yaml
160	@${RM} ${ETCDIR}/config_win_no_lapi.yaml
161	@${RM} ${ETCDIR}/config_win.yaml
162	@${RM} ${ETCDIR}/crowdsec.cron.daily
163	@${RM} ${ETCDIR}/crowdsec.service
164	@${RM} ${ETCDIR}/context.yaml
165	@${RM} ${ETCDIR}/detect.yaml
166	@${RM} ${ETCDIR}/dev.yaml
167	@${RM} ${ETCDIR}/user.yaml
168	@${RMDIR} ${ETCDIR}/notifications/email
169	@${RMDIR} ${ETCDIR}/notifications/http
170	@${RMDIR} ${ETCDIR}/notifications/sentinel
171	@${RMDIR} ${ETCDIR}/notifications/slack
172	@${RMDIR} ${ETCDIR}/notifications/splunk
173
174post-install:
175	@${MKDIR} ${PREFIX}/etc/cron.d
176	${INSTALL_DATA} ${WRKDIR}/crowdsec.cron ${PREFIX}/etc/cron.d/crowdsec
177
178.include <bsd.port.mk>
179