core/rsyslog/rsyslog-5.8.1-r1.smage2

# $Id$

PNAME="rsyslog"
PVER="5.8.1"
PBUILD="r1"

PCATEGORIE="app-admin"
STATE="unstable"

DESCRIPTION="An enhanced multi-threaded syslog daemon with a focus on security and reliability."
HOMEPAGE="http://www.rsyslog.com/"

DEPEND=">= app-admin/logrotate-3.7.9
	>= net-libs/gnutls-2.8.6
	>= sys-libs/zlib-1.2.5"

PROVIDE="virtual/syslog"

SRCFILE="${PNAME}-${PVER}.tar.gz"
SRCDIR="${BUILDDIR}/${PNAME}-${PVER}"

sminclude mbuild mtools

SRC_URI=(
	http://www.rsyslog.com/files/download/${PNAME}/${SRCFILE}
	mirror://${PNAME}/${SRCFILE}
	mirror://${PNAME}/rsyslog.conf
	mirror://${PNAME}/rsyslog.logrotate
	mirror://${PNAME}/ryslog.rc
	mirror://${PNAME}/ryslog.confd
	mirror://${PNAME}/${PNAME}-${PVER}-systemd.patch
)

UP2DATE="updatecmd ${HOMEPAGE}/download/ | grep 'stable' | grep 'Download file' | sed 's:.*\:\ rsyslog\ \(.*\)\ (.*:\1:;q'"

src_prepare()
{
	munpack ${SRCFILE} || die
	cd ${SRCDIR}

	# support /etc/conf.d/rsyslog in systemd units
	mpatch ${PNAME}-${PVER}-systemd.patch || die
}

src_compile()
{
	cd ${SRCDIR}

	mconfigure \
		--with-systemdsystemunitdir=/lib/systemd/system \
		--enable-largefile \
		--enable-mail \
		--enable-imfile \
		--enable-imtemplate \
		--enable-zlib \
		--enable-gnutls \
		--enable-inet \
		--disable-gui \
		--disable-rfc3195 \
		--disable-mysql \
		--disable-pgsql \
		--disable-oracle \
		--disable-snmp \
		|| die

	mmake || die
}

src_install()
{
	cd ${SRCDIR}

	mmake DESTDIR=${BINDIR} install || die
	minstalldocs AUTHORS COPYING ChangeLog NEWS PORTS README* || die

	# rsyslog config
	minstalletc rsyslog.conf || die

	# logrotate config
	minstalletc rsyslog.logrotate syslog-ng /etc/logrotate.d || die

	# sysV initscript
	minstallrc rsyslog.rc rsyslog || die
	minstallconf rsyslog.confd rsyslog || die

	# needed directories
	mkeepdir /var/spool/rsyslog || die
	mkeepdir /etc/ssl/rsyslog || die
	mkeepdir /etc/rsyslog.d || die
}

postinstall()
{
	local CERTDIR
	local CN
	local TMP=$(mktemp)

	# make sure the certificates directory exists
	CERTDIR="${MROOT}/etc/ssl/rsyslog"
	[ ! -d ${CERTDIR} ] && install -d ${CERTDIR}
	echo "Your certificates will be stored in ${CERTDIR}"

	# create a default CA if needed
	if [ ! -f ${CERTDIR}/rsyslog_ca.cert.pem ]
	then
		echo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
		certtool --generate-privkey --outfile ${CERTDIR}/rsyslog_ca.privkey.pem &>/dev/null
		chmod 400 ${CERTDIR}/rsyslog_ca.privkey.pem

		cat > ${TMP} << EOF
cn = Portage automated CA
ca
cert_signing_key
expiration_days = 3650
EOF

		certtool --generate-self-signed \
			--load-privkey ${CERTDIR}/rsyslog_ca.privkey.pem \
			--outfile ${CERTDIR}/rsyslog_ca.cert.pem \
			--template ${TMP} &>/dev/null
		chmod 400 ${CERTDIR}/rsyslog_ca.privkey.pem

		# Create the server certificate

		# use server-hostname as CN!
		CN="server-$(hostname)"
		echo "Creating private key and certificate for server ${CN}..."
		certtool --generate-privkey --outfile ${CERTDIR}/rsyslog_${CN}.key.pem &>/dev/null
		chmod 400 ${CERTDIR}/rsyslog_${CN}.key.pem

		cat > ${TMP} << EOF
cn = ${CN}
tls_www_server
dns_name = ${CN}
expiration_days = 3650
EOF

		certtool --generate-certificate \
			--outfile ${CERTDIR}/rsyslog_${CN}.cert.pem \
			--load-privkey ${CERTDIR}/rsyslog_${CN}.key.pem \
			--load-ca-certificate ${CERTDIR}/rsyslog_ca.cert.pem \
			--load-ca-privkey ${CERTDIR}/rsyslog_ca.privkey.pem \
			--template ${TMP} &>/dev/null
		chmod 400 ${CERTDIR}/rsyslog_${CN}.cert.pem
	else
		echo "Found existing ${CERTDIR}/rsyslog_ca.cert.pem, skipping CA and SERVER creation."
	fi

	# Create a client certificate
	# use client-hostname as CN!
	CN="client-$(hostname)"
	echo "Creating private key and certificate for client ${CN}..."
	certtool --generate-privkey --outfile ${CERTDIR}/rsyslog_${CN}.key.pem &>/dev/null
	chmod 400 ${CERTDIR}/rsyslog_${CN}.key.pem

	cat > ${TMP} << EOF
cn = ${CN}
tls_www_client
dns_name = ${CN}
expiration_days = 3650
EOF

	certtool --generate-certificate \
		--outfile ${CERTDIR}/rsyslog_${CN}.cert.pem \
		--load-privkey ${CERTDIR}/rsyslog_${CN}.key.pem \
		--load-ca-certificate ${CERTDIR}/rsyslog_ca.cert.pem \
		--load-ca-privkey ${CERTDIR}/rsyslog_ca.privkey.pem \
		--template ${TMP} &>/dev/null
	chmod 400 ${CERTDIR}/rsyslog_${CN}.cert.pem

	if [ -f ${TMP} ]
	then
		rm -f ${TMP}
	fi

	echo
	echo "Here is the documentation on how to encrypt your log traffic:"
	echo " http://www.rsyslog.com/doc/rsyslog_tls.html"

	mstartservice rsyslog

	# enable systemd units
	if [[ ${MROOT} = / ]] || [[ -z ${MROOT} ]]
	then
		if [[ -x /bin/systemctl ]]
		then
			systemctl enable rsyslog.service
		fi
	fi
}

postremove()
{
	mstopservice rsyslog

	# disable systemd units
	if [[ ${MROOT} = / ]] || [[ -z ${MROOT} ]]
	then
		if [[ -x /bin/systemctl ]]
		then
			systemctl disable rsyslog.service
		fi
	fi
}
1	# $Id$
2
3	PNAME="rsyslog"
4	PVER="5.8.1"
5	PBUILD="r1"
6
7	PCATEGORIE="app-admin"
8	STATE="unstable"
9
10	DESCRIPTION="An enhanced multi-threaded syslog daemon with a focus on security and reliability."
11	HOMEPAGE="http://www.rsyslog.com/"
12
13	DEPEND=">= app-admin/logrotate-3.7.9
14	>= net-libs/gnutls-2.8.6
15	>= sys-libs/zlib-1.2.5"
16
17	PROVIDE="virtual/syslog"
18
19	SRCFILE="${PNAME}-${PVER}.tar.gz"
20	SRCDIR="${BUILDDIR}/${PNAME}-${PVER}"
21
22	sminclude mbuild mtools
23
24	SRC_URI=(
25	http://www.rsyslog.com/files/download/${PNAME}/${SRCFILE}
26	mirror://${PNAME}/${SRCFILE}
27	mirror://${PNAME}/rsyslog.conf
28	mirror://${PNAME}/rsyslog.logrotate
29	mirror://${PNAME}/ryslog.rc
30	mirror://${PNAME}/ryslog.confd
31	mirror://${PNAME}/${PNAME}-${PVER}-systemd.patch
32	)
33
34	UP2DATE="updatecmd ${HOMEPAGE}/download/ \| grep 'stable' \| grep 'Download file' \| sed 's:.\:\ rsyslog\ \(.\)\ (.*:\1:;q'"
35
36	src_prepare()
37	{
38	munpack ${SRCFILE} \|\| die
39	cd ${SRCDIR}
40
41	# support /etc/conf.d/rsyslog in systemd units
42	mpatch ${PNAME}-${PVER}-systemd.patch \|\| die
43	}
44
45	src_compile()
46	{
47	cd ${SRCDIR}
48
49	mconfigure \
50	--with-systemdsystemunitdir=/lib/systemd/system \
51	--enable-largefile \
52	--enable-mail \
53	--enable-imfile \
54	--enable-imtemplate \
55	--enable-zlib \
56	--enable-gnutls \
57	--enable-inet \
58	--disable-gui \
59	--disable-rfc3195 \
60	--disable-mysql \
61	--disable-pgsql \
62	--disable-oracle \
63	--disable-snmp \
64	\|\| die
65
66	mmake \|\| die
67	}
68
69	src_install()
70	{
71	cd ${SRCDIR}
72
73	mmake DESTDIR=${BINDIR} install \|\| die
74	minstalldocs AUTHORS COPYING ChangeLog NEWS PORTS README* \|\| die
75
76	# rsyslog config
77	minstalletc rsyslog.conf \|\| die
78
79	# logrotate config
80	minstalletc rsyslog.logrotate syslog-ng /etc/logrotate.d \|\| die
81
82	# sysV initscript
83	minstallrc rsyslog.rc rsyslog \|\| die
84	minstallconf rsyslog.confd rsyslog \|\| die
85
86	# needed directories
87	mkeepdir /var/spool/rsyslog \|\| die
88	mkeepdir /etc/ssl/rsyslog \|\| die
89	mkeepdir /etc/rsyslog.d \|\| die
90	}
91
92	postinstall()
93	{
94	local CERTDIR
95	local CN
96	local TMP=$(mktemp)
97
98	# make sure the certificates directory exists
99	CERTDIR="${MROOT}/etc/ssl/rsyslog"
100	[ ! -d ${CERTDIR} ] && install -d ${CERTDIR}
101	echo "Your certificates will be stored in ${CERTDIR}"
102
103	# create a default CA if needed
104	if [ ! -f ${CERTDIR}/rsyslog_ca.cert.pem ]
105	then
106	echo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
107	certtool --generate-privkey --outfile ${CERTDIR}/rsyslog_ca.privkey.pem &>/dev/null
108	chmod 400 ${CERTDIR}/rsyslog_ca.privkey.pem
109
110	cat > ${TMP} << EOF
111	cn = Portage automated CA
112	ca
113	cert_signing_key
114	expiration_days = 3650
115	EOF
116
117	certtool --generate-self-signed \
118	--load-privkey ${CERTDIR}/rsyslog_ca.privkey.pem \
119	--outfile ${CERTDIR}/rsyslog_ca.cert.pem \
120	--template ${TMP} &>/dev/null
121	chmod 400 ${CERTDIR}/rsyslog_ca.privkey.pem
122
123	# Create the server certificate
124
125	# use server-hostname as CN!
126	CN="server-$(hostname)"
127	echo "Creating private key and certificate for server ${CN}..."
128	certtool --generate-privkey --outfile ${CERTDIR}/rsyslog_${CN}.key.pem &>/dev/null
129	chmod 400 ${CERTDIR}/rsyslog_${CN}.key.pem
130
131	cat > ${TMP} << EOF
132	cn = ${CN}
133	tls_www_server
134	dns_name = ${CN}
135	expiration_days = 3650
136	EOF
137
138	certtool --generate-certificate \
139	--outfile ${CERTDIR}/rsyslog_${CN}.cert.pem \
140	--load-privkey ${CERTDIR}/rsyslog_${CN}.key.pem \
141	--load-ca-certificate ${CERTDIR}/rsyslog_ca.cert.pem \
142	--load-ca-privkey ${CERTDIR}/rsyslog_ca.privkey.pem \
143	--template ${TMP} &>/dev/null
144	chmod 400 ${CERTDIR}/rsyslog_${CN}.cert.pem
145	else
146	echo "Found existing ${CERTDIR}/rsyslog_ca.cert.pem, skipping CA and SERVER creation."
147	fi
148
149	# Create a client certificate
150	# use client-hostname as CN!
151	CN="client-$(hostname)"
152	echo "Creating private key and certificate for client ${CN}..."
153	certtool --generate-privkey --outfile ${CERTDIR}/rsyslog_${CN}.key.pem &>/dev/null
154	chmod 400 ${CERTDIR}/rsyslog_${CN}.key.pem
155
156	cat > ${TMP} << EOF
157	cn = ${CN}
158	tls_www_client
159	dns_name = ${CN}
160	expiration_days = 3650
161	EOF
162
163	certtool --generate-certificate \
164	--outfile ${CERTDIR}/rsyslog_${CN}.cert.pem \
165	--load-privkey ${CERTDIR}/rsyslog_${CN}.key.pem \
166	--load-ca-certificate ${CERTDIR}/rsyslog_ca.cert.pem \
167	--load-ca-privkey ${CERTDIR}/rsyslog_ca.privkey.pem \
168	--template ${TMP} &>/dev/null
169	chmod 400 ${CERTDIR}/rsyslog_${CN}.cert.pem
170
171	if [ -f ${TMP} ]
172	then
173	rm -f ${TMP}
174	fi
175
176	echo
177	echo "Here is the documentation on how to encrypt your log traffic:"
178	echo " http://www.rsyslog.com/doc/rsyslog_tls.html"
179
180	mstartservice rsyslog
181
182	# enable systemd units
183	if [[ ${MROOT} = / ]] \|\| [[ -z ${MROOT} ]]
184	then
185	if [[ -x /bin/systemctl ]]
186	then
187	systemctl enable rsyslog.service
188	fi
189	fi
190	}
191
192	postremove()
193	{
194	mstopservice rsyslog
195
196	# disable systemd units
197	if [[ ${MROOT} = / ]] \|\| [[ -z ${MROOT} ]]
198	then
199	if [[ -x /bin/systemctl ]]
200	then
201	systemctl disable rsyslog.service
202	fi
203	fi
204	}