mirror/guix
mirror/guix
1
Fork 0
mirror of https://https.git.savannah.gnu.org/git/guix.git/ synced 2025-07-13 10:30:43 +02:00
Code Releases Activity

gnu: fail2ban: Improve style.

Browse source 
* gnu/packages/admin.scm (fail2ban): Use gexps and run guix style.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This commit is contained in:
Nicolas Graves 2025-05-04 10:56:24 +02:00 committed by Ludovic Courtès
parent 6567fd4072
commit 30f240b034
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
1 changed files with 164 additions and 174 deletions
Download patch file Download diff file Expand all files Collapse all files

338
gnu/packages/admin.scm
View file

@ -6173,182 +6173,172 @@ alias cysdig=sudo csysdig --modern-bpf
(package
(name "fail2ban")
(version "1.1.0")
(source (origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/fail2ban/fail2ban")
(commit version)))
(file-name (git-file-name name version))
(sha256
(base32
"0lfakna6ad2xwz95sjxzkavipcsxiy7ybavkdkf9zzmspf2ws4yk"))
(modules '((guix build utils)))
(snippet
'(begin
;; Replacing those by our own paths-guix.conf
(with-directory-excursion "config"
(for-each delete-file
'("paths-arch.conf"
"paths-debian.conf"
"paths-fedora.conf"
"paths-freebsd.conf"
"paths-opensuse.conf"
"paths-osx.conf")))))
(patches (search-patches "fail2ban-paths-guix-conf.patch"))))
(source
(origin
(method git-fetch)
(uri (git-reference
(url "https://github.com/fail2ban/fail2ban")
(commit version)))
(file-name (git-file-name name version))
(sha256
(base32 "0lfakna6ad2xwz95sjxzkavipcsxiy7ybavkdkf9zzmspf2ws4yk"))
(modules '((guix build utils)))
(snippet #~(begin
;; Replacing those by our own paths-guix.conf
(with-directory-excursion "config"
(for-each delete-file
'("paths-arch.conf" "paths-debian.conf"
"paths-fedora.conf" "paths-freebsd.conf"
"paths-opensuse.conf" "paths-osx.conf")))))
(patches (search-patches "fail2ban-paths-guix-conf.patch"))))
(build-system pyproject-build-system)
(arguments
'(#:phases (modify-phases %standard-phases
(add-after 'unpack 'avoid-external-binary-in-/bin
(lambda _
(delete-file "fail2ban/setup.py")
(substitute* '("bin/fail2ban-testcases"
"setup.py")
((".*updatePyExec.*") ""))))
(add-after 'unpack 'patch-setup.py
(lambda _
;; Get rid of absolute file names.
(substitute* "setup.py"
(("/etc/fail2ban")
"etc/fail2ban")
(("/var/lib/fail2ban")
"var/lib/fail2ban")
(("\"/usr/bin/\"")
"\"usr/bin/\"")
(("\"/usr/lib/fail2ban/\"")
"\"usr/lib/fail2ban/\"")
(("'/usr/share/doc/fail2ban'")
"'usr/share/doc/fail2ban'"))))
(add-after 'unpack 'disable-some-tests
(lambda _
(define (make-suite str)
(string-append "tests.addTest\\(loadTests\\(" str "\\)\\)"))
;; disable tests performing unacceptable side-effects
(substitute* "fail2ban/tests/utils.py"
(((make-suite "actiontestcase.CommandActionTest"))
"")
(((make-suite "misctestcase.SetupTest"))
"")
(((make-suite "filtertestcase.DNSUtilsNetworkTests"))
"")
(((make-suite "filtertestcase.IgnoreIPDNS"))
"")
(((make-suite "filtertestcase.GetFailures"))
"")
(((make-suite "fail2banclienttestcase.Fail2banServerTest"))
"")
(((make-suite "servertestcase.ServerConfigReaderTests"))
""))))
(add-before 'build 'fix-default-config
(lambda* (#:key outputs #:allow-other-keys)
(substitute* '("config/paths-common.conf"
"fail2ban/tests/utils.py"
"fail2ban/client/configreader.py"
"fail2ban/client/fail2bancmdline.py"
"fail2ban/client/fail2banregex.py")
(("/etc/fail2ban")
(string-append (assoc-ref outputs "out")
"/etc/fail2ban")))))
(add-after 'fix-default-config 'set-action-dependencies
(lambda* (#:key inputs #:allow-other-keys)
;; deleting things that are not feasible to fix
;; or won't be used any way
(with-directory-excursion "config/action.d"
(for-each delete-file
'("apf.conf"
"bsd-ipfw.conf"
"dshield.conf"
"ipfilter.conf"
"ipfw.conf"
"firewallcmd-allports.conf"
"firewallcmd-common.conf"
"firewallcmd-ipset.conf"
"firewallcmd-multiport.conf"
"firewallcmd-new.conf"
"firewallcmd-rich-logging.conf"
"firewallcmd-rich-rules.conf"
"osx-afctl.conf"
"osx-ipfw.conf"
"pf.conf"
"nginx-block-map.conf"
"npf.conf"
"shorewall.conf"
"shorewall-ipset-proto6.conf"
"ufw.conf")))
(let* ((lookup-cmd (lambda (i)
(search-input-file inputs i)))
(bin (lambda (i)
(lookup-cmd (string-append "/bin/" i))))
(sbin (lambda (i)
(lookup-cmd (string-append "/sbin/" i))))
(ip (sbin "ip"))
(sendmail (sbin "sendmail")))
(substitute* (find-files "config/action.d" "\\.conf$")
;; TODO: deal with geoiplookup ..
(("(awk|curl|dig|jq)" all cmd)
(bin cmd))
(("(cat|echo|grep|head|printf|wc) " all
cmd)
(string-append (bin cmd) " "))
((" (date|rm|sed|tail|touch|tr) " all
cmd)
(string-append " "
(bin cmd) " "))
(("cut -d")
(string-append (bin "cut") " -d"))
(("`date`")
(string-append "`"
(bin "date") "`"))
(("id -")
(string-append (bin "id") " -"))
(("ip -([46]) addr" all ver)
(string-append ip " -" ver " addr"))
(("ip route")
(string-append ip " route"))
(("ipset ")
(string-append (sbin "ipset") " "))
(("(iptables|ip6tables) <" all cmd)
(string-append (sbin cmd) " <"))
(("/usr/bin/nsupdate")
(bin "nsupdate"))
(("mail -E")
(string-append sendmail " -E"))
(("nftables = nft")
(string-append "nftables = " (sbin "nft")))
(("perl -e")
(string-append (bin "perl") " -e"))
(("/usr/sbin/sendmail")
sendmail)
(("test -e")
(string-append (bin "test") " -e"))
(("_whois = whois")
(string-append "_whois = " (bin "whois")))))
(substitute* "config/jail.conf"
(("before = paths-debian\\.conf")
"before = paths-guix.conf"))))
(add-after 'install 'copy-man-pages
(lambda* (#:key outputs #:allow-other-keys)
(let* ((man (string-append (assoc-ref outputs "out")
"/man"))
(install-man (lambda (m)
(lambda (f)
(install-file (string-append f
"." m)
(string-append man
"/man" m)))))
(install-man1 (install-man "1"))
(install-man5 (install-man "5")))
(with-directory-excursion "man"
(for-each install-man1
'("fail2ban"
"fail2ban-client"
"fail2ban-python"
"fail2ban-regex"
"fail2ban-server"
"fail2ban-testcases"))
(for-each install-man5
'("jail.conf")))))))))
(native-inputs
(list python-setuptools python-wheel))
(list
#:phases
#~(modify-phases %standard-phases
(add-after 'unpack 'avoid-external-binary-in-/bin
(lambda _
(delete-file "fail2ban/setup.py")
(substitute* '("bin/fail2ban-testcases" "setup.py")
((".*updatePyExec.*")
""))))
(add-after 'unpack 'patch-setup.py
(lambda _
;; Get rid of absolute file names.
(substitute* "setup.py"
(("/etc/fail2ban")
"etc/fail2ban")
(("/var/lib/fail2ban")
"var/lib/fail2ban")
(("\"/usr/bin/\"")
"\"usr/bin/\"")
(("\"/usr/lib/fail2ban/\"")
"\"usr/lib/fail2ban/\"")
(("'/usr/share/doc/fail2ban'")
"'usr/share/doc/fail2ban'"))))
(add-after 'unpack 'disable-some-tests
(lambda _
(define (make-suite str)
(string-append "tests.addTest\\(loadTests\\(" str "\\)\\)"))
;; disable tests performing unacceptable side-effects
(substitute* "fail2ban/tests/utils.py"
(((make-suite "actiontestcase.CommandActionTest"))
"")
(((make-suite "misctestcase.SetupTest"))
"")
(((make-suite "filtertestcase.DNSUtilsNetworkTests"))
"")
(((make-suite "filtertestcase.IgnoreIPDNS"))
"")
(((make-suite "filtertestcase.GetFailures"))
"")
(((make-suite "fail2banclienttestcase.Fail2banServerTest"))
"")
(((make-suite "servertestcase.ServerConfigReaderTests"))
""))))
(add-before 'build 'fix-default-config
(lambda* (#:key outputs #:allow-other-keys)
(substitute* '("config/paths-common.conf"
"fail2ban/tests/utils.py"
"fail2ban/client/configreader.py"
"fail2ban/client/fail2bancmdline.py"
"fail2ban/client/fail2banregex.py")
(("/etc/fail2ban")
(string-append (assoc-ref outputs "out") "/etc/fail2ban")))))
(add-after 'fix-default-config 'set-action-dependencies
(lambda* (#:key inputs #:allow-other-keys)
;; deleting things that are not feasible to fix
;; or won't be used any way
(with-directory-excursion "config/action.d"
(for-each delete-file
'("apf.conf" "bsd-ipfw.conf"
"dshield.conf"
"ipfilter.conf"
"ipfw.conf"
"firewallcmd-allports.conf"
"firewallcmd-common.conf"
"firewallcmd-ipset.conf"
"firewallcmd-multiport.conf"
"firewallcmd-new.conf"
"firewallcmd-rich-logging.conf"
"firewallcmd-rich-rules.conf"
"osx-afctl.conf"
"osx-ipfw.conf"
"pf.conf"
"nginx-block-map.conf"
"npf.conf"
"shorewall.conf"
"shorewall-ipset-proto6.conf"
"ufw.conf")))
(let* ((lookup-cmd (lambda (i)
(search-input-file inputs i)))
(bin (lambda (i)
(lookup-cmd (string-append "/bin/" i))))
(sbin (lambda (i)
(lookup-cmd (string-append "/sbin/" i))))
(ip (sbin "ip"))
(sendmail (sbin "sendmail")))
(substitute* (find-files "config/action.d" "\\.conf$")
;; TODO: deal with geoiplookup ..
(("(awk|curl|dig|jq)" all cmd)
(bin cmd))
(("(cat|echo|grep|head|printf|wc) " all cmd)
(string-append (bin cmd) " "))
((" (date|rm|sed|tail|touch|tr) " all cmd)
(string-append " "
(bin cmd) " "))
(("cut -d")
(string-append (bin "cut") " -d"))
(("`date`")
(string-append "`"
(bin "date") "`"))
(("id -")
(string-append (bin "id") " -"))
(("ip -([46]) addr" all ver)
(string-append ip " -" ver " addr"))
(("ip route")
(string-append ip " route"))
(("ipset ")
(string-append (sbin "ipset") " "))
(("(iptables|ip6tables) <" all cmd)
(string-append (sbin cmd) " <"))
(("/usr/bin/nsupdate")
(bin "nsupdate"))
(("mail -E")
(string-append sendmail " -E"))
(("nftables = nft")
(string-append "nftables = "
(sbin "nft")))
(("perl -e")
(string-append (bin "perl") " -e"))
(("/usr/sbin/sendmail")
sendmail)
(("test -e")
(string-append (bin "test") " -e"))
(("_whois = whois")
(string-append "_whois = "
(bin "whois")))))
(substitute* "config/jail.conf"
(("before = paths-debian\\.conf")
"before = paths-guix.conf"))))
(add-after 'install 'copy-man-pages
(lambda* (#:key outputs #:allow-other-keys)
(let* ((man (string-append (assoc-ref outputs "out") "/man"))
(install-man (lambda (m)
(lambda (f)
(install-file (string-append f "." m)
(string-append man "/man"
m)))))
(install-man1 (install-man "1"))
(install-man5 (install-man "5")))
(with-directory-excursion "man"
(for-each install-man1
'("fail2ban" "fail2ban-client" "fail2ban-python"
"fail2ban-regex" "fail2ban-server"
"fail2ban-testcases"))
(for-each install-man5
'("jail.conf")))))))))
(native-inputs (list python-setuptools python-wheel))
(inputs (list gawk
coreutils-minimal
curl