mirror of
https://https.git.savannah.gnu.org/git/guix.git/
synced 2025-07-13 02:20:53 +02:00
gnu: fail2ban: Improve style.
* gnu/packages/admin.scm (fail2ban): [arguments]<phases>: Rewrite phases 'set-action-dependencies and copy-man-pages for readability. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
This commit is contained in:
Nicolas Graves
Ludovic Courtès
parent
30f240b034
commit
bbae08827f
1 changed files with 54 additions and 67 deletions
|
|
@ -6237,21 +6237,22 @@ alias cysdig=sudo csysdig --modern-bpf
|
|||
(((make-suite "servertestcase.ServerConfigReaderTests"))
|
||||
""))))
|
||||
(add-before 'build 'fix-default-config
|
||||
(lambda* (#:key outputs #:allow-other-keys)
|
||||
(lambda _
|
||||
(substitute* '("config/paths-common.conf"
|
||||
"fail2ban/tests/utils.py"
|
||||
"fail2ban/client/configreader.py"
|
||||
"fail2ban/client/fail2bancmdline.py"
|
||||
"fail2ban/client/fail2banregex.py")
|
||||
(("/etc/fail2ban")
|
||||
(string-append (assoc-ref outputs "out") "/etc/fail2ban")))))
|
||||
(string-append #$output "/etc/fail2ban")))))
|
||||
(add-after 'fix-default-config 'set-action-dependencies
|
||||
(lambda* (#:key inputs #:allow-other-keys)
|
||||
;; deleting things that are not feasible to fix
|
||||
;; or won't be used any way
|
||||
(with-directory-excursion "config/action.d"
|
||||
(for-each delete-file
|
||||
'("apf.conf" "bsd-ipfw.conf"
|
||||
'("apf.conf"
|
||||
"bsd-ipfw.conf"
|
||||
"dshield.conf"
|
||||
"ipfilter.conf"
|
||||
"ipfw.conf"
|
||||
|
|
@ -6270,74 +6271,60 @@ alias cysdig=sudo csysdig --modern-bpf
|
|||
"shorewall.conf"
|
||||
"shorewall-ipset-proto6.conf"
|
||||
"ufw.conf")))
|
||||
(let* ((lookup-cmd (lambda (i)
|
||||
(search-input-file inputs i)))
|
||||
(bin (lambda (i)
|
||||
(lookup-cmd (string-append "/bin/" i))))
|
||||
(sbin (lambda (i)
|
||||
(lookup-cmd (string-append "/sbin/" i))))
|
||||
(ip (sbin "ip"))
|
||||
(sendmail (sbin "sendmail")))
|
||||
(substitute* (find-files "config/action.d" "\\.conf$")
|
||||
;; TODO: deal with geoiplookup ..
|
||||
(("(awk|curl|dig|jq)" all cmd)
|
||||
(bin cmd))
|
||||
(("(cat|echo|grep|head|printf|wc) " all cmd)
|
||||
(string-append (bin cmd) " "))
|
||||
((" (date|rm|sed|tail|touch|tr) " all cmd)
|
||||
(string-append " "
|
||||
(bin cmd) " "))
|
||||
(("cut -d")
|
||||
(string-append (bin "cut") " -d"))
|
||||
(("`date`")
|
||||
(string-append "`"
|
||||
(bin "date") "`"))
|
||||
(("id -")
|
||||
(string-append (bin "id") " -"))
|
||||
(("ip -([46]) addr" all ver)
|
||||
(string-append ip " -" ver " addr"))
|
||||
(("ip route")
|
||||
(string-append ip " route"))
|
||||
(("ipset ")
|
||||
(string-append (sbin "ipset") " "))
|
||||
(("(iptables|ip6tables) <" all cmd)
|
||||
(string-append (sbin cmd) " <"))
|
||||
(("/usr/bin/nsupdate")
|
||||
(bin "nsupdate"))
|
||||
(("mail -E")
|
||||
(string-append sendmail " -E"))
|
||||
(("nftables = nft")
|
||||
(string-append "nftables = "
|
||||
(sbin "nft")))
|
||||
(("perl -e")
|
||||
(string-append (bin "perl") " -e"))
|
||||
(("/usr/sbin/sendmail")
|
||||
sendmail)
|
||||
(("test -e")
|
||||
(string-append (bin "test") " -e"))
|
||||
(("_whois = whois")
|
||||
(string-append "_whois = "
|
||||
(bin "whois")))))
|
||||
(define (lookup dir file)
|
||||
(search-input-file inputs (string-append "/" dir "/" file)))
|
||||
|
||||
(substitute* (find-files "config/action.d" "\\.conf$")
|
||||
;; TODO: deal with geoiplookup ..
|
||||
(("(awk|curl|dig|jq)" all cmd)
|
||||
(lookup "bin" cmd))
|
||||
(("(cat|echo|grep|head|printf|wc) " all cmd)
|
||||
(string-append (lookup "bin" cmd) " "))
|
||||
((" (date|rm|sed|tail|touch|tr) " all cmd)
|
||||
(string-append " " (lookup "bin" cmd) " "))
|
||||
(("cut -d")
|
||||
(string-append (lookup "bin" "cut") " -d"))
|
||||
(("`date`")
|
||||
(string-append "`" (lookup "bin" "date") "`"))
|
||||
(("id -")
|
||||
(string-append (lookup "bin" "id") " -"))
|
||||
(("ip (route|-[46] addr)" all rest)
|
||||
(string-append (lookup "sbin" "ip") rest))
|
||||
(("ipset ")
|
||||
(string-append (lookup "sbin" "ipset") " "))
|
||||
(("(iptables|ip6tables) <" all cmd)
|
||||
(string-append (lookup "sbin" cmd) " <"))
|
||||
(("/usr/bin/nsupdate")
|
||||
(lookup "bin" "nsupdate"))
|
||||
(("mail -E")
|
||||
(string-append (lookup "sbin" "sendmail") " -E"))
|
||||
(("nftables = nft")
|
||||
(string-append "nftables = " (lookup "sbin" "nft")))
|
||||
(("perl -e")
|
||||
(string-append (lookup "bin" "perl") " -e"))
|
||||
(("/usr/sbin/sendmail")
|
||||
(lookup "sbin" "sendmail"))
|
||||
(("test -e")
|
||||
(string-append (lookup "bin" "test") " -e"))
|
||||
(("_whois = whois")
|
||||
(string-append "_whois = " (lookup "bin" "whois"))))
|
||||
|
||||
(substitute* "config/jail.conf"
|
||||
(("before = paths-debian\\.conf")
|
||||
"before = paths-guix.conf"))))
|
||||
(add-after 'install 'copy-man-pages
|
||||
(lambda* (#:key outputs #:allow-other-keys)
|
||||
(let* ((man (string-append (assoc-ref outputs "out") "/man"))
|
||||
(install-man (lambda (m)
|
||||
(lambda (f)
|
||||
(install-file (string-append f "." m)
|
||||
(string-append man "/man"
|
||||
m)))))
|
||||
(install-man1 (install-man "1"))
|
||||
(install-man5 (install-man "5")))
|
||||
(with-directory-excursion "man"
|
||||
(for-each install-man1
|
||||
'("fail2ban" "fail2ban-client" "fail2ban-python"
|
||||
"fail2ban-regex" "fail2ban-server"
|
||||
"fail2ban-testcases"))
|
||||
(for-each install-man5
|
||||
'("jail.conf")))))))))
|
||||
(lambda _
|
||||
(define (install-man m)
|
||||
(lambda (f)
|
||||
(install-file (string-append f "." m)
|
||||
(string-append #$output "man/man" m))))
|
||||
|
||||
(with-directory-excursion "man"
|
||||
(for-each (install-man "1")
|
||||
'("fail2ban" "fail2ban-client" "fail2ban-python"
|
||||
"fail2ban-regex" "fail2ban-server"
|
||||
"fail2ban-testcases"))
|
||||
((install-man "5") "jail.conf")))))))
|
||||
(native-inputs (list python-setuptools python-wheel))
|
||||
(inputs (list gawk
|
||||
coreutils-minimal
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue