# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4
# $Id: Portfile 109824 2013-08-20 15:03:25Z macsforever2000@macports.org $

PortSystem              1.0
PortGroup               github 1.0
PortGroup               python27 1.0

github.setup            fail2ban fail2ban 0.8.10
categories              security python
license                 GPL-2+
maintainers             free.fr:fclaire openmaintainer
platforms               darwin
homepage                http://www.fail2ban.org
supported_archs         noarch

description             Fail2ban protects computer against brute-force attacks

long_description        Fail2ban scans log files (e.g. /var/log/apache/error_log) and \
                        bans IPs that show the malicious signs -- too many password failures, \
                        seeking for exploits, etc. Generally Fail2Ban then used to update \
                        firewall rules to reject the IP addresses for a specified amount \
                        of time, although any arbitrary other action (e.g. sending an email, \
                        or ejecting CD-ROM tray) could also be configured. Out of the box \
                        Fail2Ban comes with filters for various services (apache, curier, ssh, etc).

checksums               rmd160 17f3535a4b92740f5203dfdee874d71d2377e5c9 \
                        sha256 7bed38372a24e35268d9c9ff5b272f7e88e91074f9bb24d5be5c70196f19e7be

set f2bconfdir          ${prefix}/etc/${name}
set f2bbindir           ${prefix}/bin
set f2brundir           ${prefix}/var/run/${name}
set f2bsock             ${f2brundir}/${name}.sock
set f2bpid              ${f2brundir}/${name}.pid

python.link_binaries_suffix

patchfiles              patch-setup.py.diff \
                        patch-setup.cfg.diff \
                        patch-fail2ban-client.diff \
                        patch-fail2ban-regex.diff \
                        patch-fail2ban-server.diff \
                        patch-config-fail2ban.conf.diff \
                        patch-config-jail.conf.diff \
                        patch-client-csocket.py.diff \
                        patch-server-server.py.diff

post-patch   {
    reinplace "s|@@PREFIX@@|${prefix}|g"    ${worksrcpath}/setup.py \
                                            ${worksrcpath}/setup.cfg \
                                            ${worksrcpath}/fail2ban-client \
                                            ${worksrcpath}/fail2ban-regex \
                                            ${worksrcpath}/fail2ban-server \
                                            ${worksrcpath}/client/csocket.py \
                                            ${worksrcpath}/config/fail2ban.conf \
                                            ${worksrcpath}/server/server.py
}

startupitem.create      yes
startupitem.start       "if \[ -r ${f2bsock} && ! -r ${f2bpid} \]; then rm ${f2bsock}; fi; ${f2bbindir}/${name}-client start"
startupitem.stop        "${f2bbindir}/${name}-client stop"

destroot.keepdirs       ${destroot}${f2brundir}

post-destroot {
    # Adding dedicated OSX pf-icefloor action file
    xinstall -m 644 ${filespath}/pf-icefloor.conf ${destroot}${f2bconfdir}/action.d/
    # Adding a suffix to config files
    set cfgfiles [concat [glob ${destroot}${f2bconfdir}/*.conf] [glob ${destroot}${f2bconfdir}/action.d/*.conf] [glob ${destroot}${f2bconfdir}/filter.d/*.conf]]
    foreach cfgfile ${cfgfiles} {
        move ${cfgfile} ${cfgfile}.${version}
    }
}

post-activate {
    # If not already present we put default config files
    set cfgfiles [concat [glob ${f2bconfdir}/*.conf.${version}] [glob ${f2bconfdir}/action.d/*.conf.${version}] [glob ${f2bconfdir}/filter.d/*.conf.${version}]]
    foreach cfgfile ${cfgfiles} {
        regsub "\.${version}" ${cfgfile} {} origcfgfile
        if {![file exists ${origcfgfile}]} {
            file copy ${cfgfile} ${origcfgfile}
        }
    }
}

livecheck.url           ${github.raw}/master/ChangeLog
livecheck.regex         "Fail2Ban \\(version (\[0-9\.\]+)\\)"
