# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4
# $Id$

PortSystem              1.0
PortGroup               github 1.0
PortGroup               python27 1.0

github.setup            fail2ban fail2ban 0.8.7.1
categories              security python
license                 GPL-2+
maintainers             free.fr:fclaire openmaintainer
platforms               darwin
homepage                http://www.fail2ban.org
supported_archs         noarch

description             Fail2ban protects computer against brute-force attacks

long_description        Fail2ban scans log files (e.g. /var/log/apache/error_log) and \
                        bans IPs that show the malicious signs -- too many password failures, \
                        seeking for exploits, etc. Generally Fail2Ban then used to update \
                        firewall rules to reject the IP addresses for a specified amount \
                        of time, although any arbitrary other action (e.g. sending an email, \
                        or ejecting CD-ROM tray) could also be configured. Out of the box \
                        Fail2Ban comes with filters for various services (apache, curier, ssh, etc).

checksums               rmd160  fe995a047e373e24474b11b842332b0cfe96f6b1 \
                        sha256  2804a789347b1274e343a33fcca659b37d40bb5f99e77546997c96a425f6fc9b

set f2bconfdir          ${prefix}/etc/${name}
set f2bbindir           ${prefix}/bin

python.link_binaries_suffix

patchfiles              patch-setup.py.diff \
                        patch-setup.cfg.diff \
                        patch-fail2ban-client.diff \
                        patch-fail2ban-regex.diff \
                        patch-fail2ban-server.diff \
                        patch-config-fail2ban.conf.diff \
                        patch-client-csocket.py.diff \
                        patch-server-server.py.diff

post-patch   {
    reinplace "s|@@PREFIX@@|${prefix}|g"    ${worksrcpath}/setup.py \
                                            ${worksrcpath}/setup.cfg \
                                            ${worksrcpath}/fail2ban-client \
                                            ${worksrcpath}/fail2ban-regex \
                                            ${worksrcpath}/fail2ban-server \
                                            ${worksrcpath}/client/csocket.py \
                                            ${worksrcpath}/config/fail2ban.conf \
                                            ${worksrcpath}/server/server.py
}

startupitem.create      yes
startupitem.start       "${f2bbindir}/${name}-client start"
startupitem.stop        "${f2bbindir}/${name}-client stop"

destroot.keepdirs       ${destroot}${prefix}/var/run/fail2ban

post-destroot {
    # Adding a suffix to config files
    set cfgfiles [concat [glob ${destroot}${f2bconfdir}/*.conf] [glob ${destroot}${f2bconfdir}/action.d/*.conf] [glob ${destroot}${f2bconfdir}/filter.d/*.conf]]
    foreach cfgfile ${cfgfiles} {
        move ${cfgfile} ${cfgfile}.${version}
    }
}

post-activate {
    # If not already present we put default config files
    set cfgfiles [concat [glob ${f2bconfdir}/*.conf.${version}] [glob ${f2bconfdir}/action.d/*.conf.${version}] [glob ${f2bconfdir}/filter.d/*.conf.${version}]]
    foreach cfgfile ${cfgfiles} {
        regsub "\.${version}" ${cfgfile} {} origcfgfile
        if {![file exists ${origcfgfile}]} {
            file copy ${cfgfile} ${origcfgfile}
        }
    }
}