mirror/guix
mirror/guix
1
Fork 0
mirror of https://https.git.savannah.gnu.org/git/guix.git/ synced 2025-07-14 02:50:45 +02:00
Code Releases Activity

gnu: fail2ban: Improve style.

Browse source 
* gnu/packages/admin.scm (fail2ban): Use gexps and run guix style.

Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This commit is contained in:
Nicolas Graves 2025-05-04 10:56:24 +02:00 committed by Ludovic Courtès
parent 6567fd4072
commit 30f240b034
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
1 changed files with 164 additions and 174 deletions
Download patch file Download diff file Expand all files Collapse all files

338
gnu/packages/admin.scm
View file

@ -6173,182 +6173,172 @@ alias cysdig=sudo csysdig --modern-bpf
(package (package
(name "fail2ban") (name "fail2ban")
(version "1.1.0") (version "1.1.0")
(source (origin (source
(method git-fetch) (origin
(uri (git-reference (method git-fetch)
(url "https://github.com/fail2ban/fail2ban") (uri (git-reference
(commit version))) (url "https://github.com/fail2ban/fail2ban")
(file-name (git-file-name name version)) (commit version)))
(sha256 (file-name (git-file-name name version))
(base32 (sha256
"0lfakna6ad2xwz95sjxzkavipcsxiy7ybavkdkf9zzmspf2ws4yk")) (base32 "0lfakna6ad2xwz95sjxzkavipcsxiy7ybavkdkf9zzmspf2ws4yk"))
(modules '((guix build utils))) (modules '((guix build utils)))
(snippet (snippet #~(begin
'(begin ;; Replacing those by our own paths-guix.conf
;; Replacing those by our own paths-guix.conf (with-directory-excursion "config"
(with-directory-excursion "config" (for-each delete-file
(for-each delete-file '("paths-arch.conf" "paths-debian.conf"
'("paths-arch.conf" "paths-fedora.conf" "paths-freebsd.conf"
"paths-debian.conf" "paths-opensuse.conf" "paths-osx.conf")))))
"paths-fedora.conf" (patches (search-patches "fail2ban-paths-guix-conf.patch"))))
"paths-freebsd.conf"
"paths-opensuse.conf"
"paths-osx.conf")))))
(patches (search-patches "fail2ban-paths-guix-conf.patch"))))
(build-system pyproject-build-system) (build-system pyproject-build-system)
(arguments (arguments
'(#:phases (modify-phases %standard-phases (list
(add-after 'unpack 'avoid-external-binary-in-/bin #:phases
(lambda _ #~(modify-phases %standard-phases
(delete-file "fail2ban/setup.py") (add-after 'unpack 'avoid-external-binary-in-/bin
(substitute* '("bin/fail2ban-testcases" (lambda _
"setup.py") (delete-file "fail2ban/setup.py")
((".*updatePyExec.*") "")))) (substitute* '("bin/fail2ban-testcases" "setup.py")
(add-after 'unpack 'patch-setup.py ((".*updatePyExec.*")
(lambda _ ""))))
;; Get rid of absolute file names. (add-after 'unpack 'patch-setup.py
(substitute* "setup.py" (lambda _
(("/etc/fail2ban") ;; Get rid of absolute file names.
"etc/fail2ban") (substitute* "setup.py"
(("/var/lib/fail2ban") (("/etc/fail2ban")
"var/lib/fail2ban") "etc/fail2ban")
(("\"/usr/bin/\"") (("/var/lib/fail2ban")
"\"usr/bin/\"") "var/lib/fail2ban")
(("\"/usr/lib/fail2ban/\"") (("\"/usr/bin/\"")
"\"usr/lib/fail2ban/\"") "\"usr/bin/\"")
(("'/usr/share/doc/fail2ban'") (("\"/usr/lib/fail2ban/\"")
"'usr/share/doc/fail2ban'")))) "\"usr/lib/fail2ban/\"")
(add-after 'unpack 'disable-some-tests (("'/usr/share/doc/fail2ban'")
(lambda _ "'usr/share/doc/fail2ban'"))))
(define (make-suite str) (add-after 'unpack 'disable-some-tests
(string-append "tests.addTest\\(loadTests\\(" str "\\)\\)")) (lambda _
;; disable tests performing unacceptable side-effects (define (make-suite str)
(substitute* "fail2ban/tests/utils.py" (string-append "tests.addTest\\(loadTests\\(" str "\\)\\)"))
(((make-suite "actiontestcase.CommandActionTest")) ;; disable tests performing unacceptable side-effects
"") (substitute* "fail2ban/tests/utils.py"
(((make-suite "misctestcase.SetupTest")) (((make-suite "actiontestcase.CommandActionTest"))
"") "")
(((make-suite "filtertestcase.DNSUtilsNetworkTests")) (((make-suite "misctestcase.SetupTest"))
"") "")
(((make-suite "filtertestcase.IgnoreIPDNS")) (((make-suite "filtertestcase.DNSUtilsNetworkTests"))
"") "")
(((make-suite "filtertestcase.GetFailures")) (((make-suite "filtertestcase.IgnoreIPDNS"))
"") "")
(((make-suite "fail2banclienttestcase.Fail2banServerTest")) (((make-suite "filtertestcase.GetFailures"))
"") "")
(((make-suite "servertestcase.ServerConfigReaderTests")) (((make-suite "fail2banclienttestcase.Fail2banServerTest"))
"")))) "")
(add-before 'build 'fix-default-config (((make-suite "servertestcase.ServerConfigReaderTests"))
(lambda* (#:key outputs #:allow-other-keys) ""))))
(substitute* '("config/paths-common.conf" (add-before 'build 'fix-default-config
"fail2ban/tests/utils.py" (lambda* (#:key outputs #:allow-other-keys)
"fail2ban/client/configreader.py" (substitute* '("config/paths-common.conf"
"fail2ban/client/fail2bancmdline.py" "fail2ban/tests/utils.py"
"fail2ban/client/fail2banregex.py") "fail2ban/client/configreader.py"
(("/etc/fail2ban") "fail2ban/client/fail2bancmdline.py"
(string-append (assoc-ref outputs "out") "fail2ban/client/fail2banregex.py")
"/etc/fail2ban"))))) (("/etc/fail2ban")
(add-after 'fix-default-config 'set-action-dependencies (string-append (assoc-ref outputs "out") "/etc/fail2ban")))))
(lambda* (#:key inputs #:allow-other-keys) (add-after 'fix-default-config 'set-action-dependencies
;; deleting things that are not feasible to fix (lambda* (#:key inputs #:allow-other-keys)
;; or won't be used any way ;; deleting things that are not feasible to fix
(with-directory-excursion "config/action.d" ;; or won't be used any way
(for-each delete-file (with-directory-excursion "config/action.d"
'("apf.conf" (for-each delete-file
"bsd-ipfw.conf" '("apf.conf" "bsd-ipfw.conf"
"dshield.conf" "dshield.conf"
"ipfilter.conf" "ipfilter.conf"
"ipfw.conf" "ipfw.conf"
"firewallcmd-allports.conf" "firewallcmd-allports.conf"
"firewallcmd-common.conf" "firewallcmd-common.conf"
"firewallcmd-ipset.conf" "firewallcmd-ipset.conf"
"firewallcmd-multiport.conf" "firewallcmd-multiport.conf"
"firewallcmd-new.conf" "firewallcmd-new.conf"
"firewallcmd-rich-logging.conf" "firewallcmd-rich-logging.conf"
"firewallcmd-rich-rules.conf" "firewallcmd-rich-rules.conf"
"osx-afctl.conf" "osx-afctl.conf"
"osx-ipfw.conf" "osx-ipfw.conf"
"pf.conf" "pf.conf"
"nginx-block-map.conf" "nginx-block-map.conf"
"npf.conf" "npf.conf"
"shorewall.conf" "shorewall.conf"
"shorewall-ipset-proto6.conf" "shorewall-ipset-proto6.conf"
"ufw.conf"))) "ufw.conf")))
(let* ((lookup-cmd (lambda (i) (let* ((lookup-cmd (lambda (i)
(search-input-file inputs i))) (search-input-file inputs i)))
(bin (lambda (i) (bin (lambda (i)
(lookup-cmd (string-append "/bin/" i)))) (lookup-cmd (string-append "/bin/" i))))
(sbin (lambda (i) (sbin (lambda (i)
(lookup-cmd (string-append "/sbin/" i)))) (lookup-cmd (string-append "/sbin/" i))))
(ip (sbin "ip")) (ip (sbin "ip"))
(sendmail (sbin "sendmail"))) (sendmail (sbin "sendmail")))
(substitute* (find-files "config/action.d" "\\.conf$") (substitute* (find-files "config/action.d" "\\.conf$")
;; TODO: deal with geoiplookup .. ;; TODO: deal with geoiplookup ..
(("(awk|curl|dig|jq)" all cmd) (("(awk|curl|dig|jq)" all cmd)
(bin cmd)) (bin cmd))
(("(cat|echo|grep|head|printf|wc) " all (("(cat|echo|grep|head|printf|wc) " all cmd)
cmd) (string-append (bin cmd) " "))
(string-append (bin cmd) " ")) ((" (date|rm|sed|tail|touch|tr) " all cmd)
((" (date|rm|sed|tail|touch|tr) " all (string-append " "
cmd) (bin cmd) " "))
(string-append " " (("cut -d")
(bin cmd) " ")) (string-append (bin "cut") " -d"))
(("cut -d") (("`date`")
(string-append (bin "cut") " -d")) (string-append "`"
(("`date`") (bin "date") "`"))
(string-append "`" (("id -")
(bin "date") "`")) (string-append (bin "id") " -"))
(("id -") (("ip -([46]) addr" all ver)
(string-append (bin "id") " -")) (string-append ip " -" ver " addr"))
(("ip -([46]) addr" all ver) (("ip route")
(string-append ip " -" ver " addr")) (string-append ip " route"))
(("ip route") (("ipset ")
(string-append ip " route")) (string-append (sbin "ipset") " "))
(("ipset ") (("(iptables|ip6tables) <" all cmd)
(string-append (sbin "ipset") " ")) (string-append (sbin cmd) " <"))
(("(iptables|ip6tables) <" all cmd) (("/usr/bin/nsupdate")
(string-append (sbin cmd) " <")) (bin "nsupdate"))
(("/usr/bin/nsupdate") (("mail -E")
(bin "nsupdate")) (string-append sendmail " -E"))
(("mail -E") (("nftables = nft")
(string-append sendmail " -E")) (string-append "nftables = "
(("nftables = nft") (sbin "nft")))
(string-append "nftables = " (sbin "nft"))) (("perl -e")
(("perl -e") (string-append (bin "perl") " -e"))
(string-append (bin "perl") " -e")) (("/usr/sbin/sendmail")
(("/usr/sbin/sendmail") sendmail)
sendmail) (("test -e")
(("test -e") (string-append (bin "test") " -e"))
(string-append (bin "test") " -e")) (("_whois = whois")
(("_whois = whois") (string-append "_whois = "
(string-append "_whois = " (bin "whois"))))) (bin "whois")))))
(substitute* "config/jail.conf" (substitute* "config/jail.conf"
(("before = paths-debian\\.conf") (("before = paths-debian\\.conf")
"before = paths-guix.conf")))) "before = paths-guix.conf"))))
(add-after 'install 'copy-man-pages (add-after 'install 'copy-man-pages
(lambda* (#:key outputs #:allow-other-keys) (lambda* (#:key outputs #:allow-other-keys)
(let* ((man (string-append (assoc-ref outputs "out") (let* ((man (string-append (assoc-ref outputs "out") "/man"))
"/man")) (install-man (lambda (m)
(install-man (lambda (m) (lambda (f)
(lambda (f) (install-file (string-append f "." m)
(install-file (string-append f (string-append man "/man"
"." m) m)))))
(string-append man (install-man1 (install-man "1"))
"/man" m))))) (install-man5 (install-man "5")))
(install-man1 (install-man "1")) (with-directory-excursion "man"
(install-man5 (install-man "5"))) (for-each install-man1
(with-directory-excursion "man" '("fail2ban" "fail2ban-client" "fail2ban-python"
(for-each install-man1 "fail2ban-regex" "fail2ban-server"
'("fail2ban" "fail2ban-testcases"))
"fail2ban-client" (for-each install-man5
"fail2ban-python" '("jail.conf")))))))))
"fail2ban-regex" (native-inputs (list python-setuptools python-wheel))
"fail2ban-server"
"fail2ban-testcases"))
(for-each install-man5
'("jail.conf")))))))))
(native-inputs
(list python-setuptools python-wheel))
(inputs (list gawk (inputs (list gawk
coreutils-minimal coreutils-minimal
curl curl