File crowdsec.spec of Package crowdsec
#
# spec file for package crowdsec
#
# Copyright (c) 2025 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: crowdsec
Version: 1.6.11
Release: 0
Summary: Crowdsourced protection against malicious IPs
License: MIT
URL: https://github.com/crowdsecurity/crowdsec
Source: %{name}-%{version}.tar.gz
Source1: vendor.tar.gz
Source2: %{name}.service
Source3: prepare-%{name}
Source4: %{name}-hub-update.service
Source5: %{name}-hub-update.timer
Source6: %{name}-hub-update
Patch0: suse-config.patch
BuildRequires: bash-completion
BuildRequires: c++_compiler
BuildRequires: fish
BuildRequires: zsh
BuildRequires: golang(API) >= 1.24
BuildRequires: pkgconfig(re2)
BuildRequires: pkgconfig(sqlite3)
Recommends: crowdsec-plugin-email
Recommends: crowdsec-plugin-file
Recommends: crowdsec-plugin-http
Recommends: crowdsec-plugin-sentinel
Recommends: crowdsec-plugin-slack
Recommends: crowdsec-plugin-splunk
%{?systemd_requires}
%description
CrowdSec is a free, modern & collaborative behavior detection engine, coupled
with a global IP reputation network. It stacks on fail2ban's philosophy but is
IPV6 compatible and 60x faster (Go vs Python), it uses Grok patterns to parse
logs and YAML scenarios to identify behaviors. CrowdSec is engineered for
modern Cloud / Containers / VM-based infrastructures (by decoupling detection
and remediation). Once detected you can remedy threats with various bouncers
(firewall block, nginx http 403, Captchas, etc.) while the aggressive IP can be
sent to CrowdSec for curation before being shared among all users to further
improve everyone's security.
%package bash-completion
Summary: Bash Completion for %{name}
Requires: %{name} = %{version}
Supplements: (%{name} and bash-completion)
BuildArch: noarch
%description bash-completion
Bash command line completion support for %{name}.
%package fish-completion
Summary: Fish Completion for %{name}
Requires: %{name} = %{version}
Supplements: (%{name} and fish)
BuildArch: noarch
%description fish-completion
Fish command line completion support for %{name}.
%package zsh-completion
Summary: Zsh Completion for %{name}
Requires: %{name} = %{version}
Supplements: (%{name} and zsh)
BuildArch: noarch
%description zsh-completion
zsh command line completion support for %{name}.
%package plugin-email
Summary: Email plugin for %{name}
Requires: %{name} = %{version}
%description plugin-email
%{summary}.
%package plugin-file
Summary: File plugin for %{name}
Requires: %{name} = %{version}
%description plugin-file
%{summary}.
%package plugin-http
Summary: Http plugin for %{name}
Requires: %{name} = %{version}
%description plugin-http
%{summary}.
%package plugin-sentinel
Summary: Sentinel plugin for %{name}
Requires: %{name} = %{version}
%description plugin-sentinel
%{summary}.
%package plugin-slack
Summary: Slack plugin for %{name}
Requires: %{name} = %{version}
%description plugin-slack
%{summary}.
%package plugin-splunk
Summary: Splunk plugin for %{name}
Requires: %{name} = %{version}
%description plugin-splunk
%{summary}.
%prep
%autosetup -a1 -p1
%build
COMMIT_HASH="$(sed -n 's/commit: \(.*\)/\1/p' %_sourcedir/%{name}.obsinfo)"
DATE_FMT="+%%Y-%%m-%%dT%%H:%%M:%%SZ"
BUILD_DATE=$(date -u -d "@${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u -r "${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u "${DATE_FMT}")
for i in %{name} %{name}-cli notification-{dummy,email,file,http,sentinel,slack,splunk}
do
go build \
-mod=vendor \
-buildmode=pie \
-trimpath \
-tags='netgo,osusergo,sqlite_omit_load_extension,re2_cgo,libsqlite3' \
-ldflags=" \
-X github.com/crowdsecurity/crowdsec/pkg/cwversion.Libre2=C++ \
-X github.com/crowdsecurity/go-cs-lib/version.Version=v%{version} \
-X github.com/crowdsecurity/go-cs-lib/version.Tag=${COMMIT_HASH:0:8} \
-X github.com/crowdsecurity/go-cs-lib/version.BuildDate=${BUILD_DATE} \
-X 'github.com/crowdsecurity/crowdsec/pkg/cwversion.Codename=alphaga' \
-X 'github.com/crowdsecurity/crowdsec/pkg/csconfig.defaultConfigDir=/etc/crowdsec/' \
-X 'github.com/crowdsecurity/crowdsec/pkg/csconfig.defaultDataDir=%{_sharedstatedir}/%{name}/data/'" \
-o bin/"${i}" ./cmd/"${i}"
done
#generating completions
for i in bash fish zsh
do
bin/%{name}-cli completion "$i" > completions."$i"
done
%install
#directories
install -d %{buildroot}%{_sysconfdir}/%{name}/{acquis.d,bouncers,console,hub}
install -d %{buildroot}%{_sharedstatedir}/%{name}/{data,plugins}
install -d %{buildroot}%{_libdir}/%{name}/plugins
install -d %{buildroot}%{_datadir}/%{name}/{notifications,patterns}
#files
install -Dm0755 bin/%{name} %{buildroot}%{_bindir}/%{name}
install -Dm0755 bin/%{name}-cli %{buildroot}%{_bindir}/cscli
for i in slack http splunk email sentinel file
do
install -Dm0551 bin/notification-"$i" %{buildroot}%{_libdir}/%{name}/plugins/notification-"$i"
install -Dm0600 cmd/notification-"$i"/"$i".yaml %{buildroot}%{_datadir}/%{name}/notifications/"$i".yaml
done
install -Dm0644 completions.bash %{buildroot}%{_datadir}/bash-completion/completions/cscli
install -Dm0644 completions.fish %{buildroot}%{_datadir}/fish/vendor_completions.d/cscli.fish
install -Dm0644 completions.zsh %{buildroot}%{_datadir}/zsh/site-functions/_cscli
install -Dm0644 config/{acquis,config,profiles,simulation}.yaml %{buildroot}%{_sysconfdir}/%{name}
install -Dm0644 config/context.yaml %{buildroot}%{_sysconfdir}/%{name}/console
install -Dm0644 config/patterns/* %{buildroot}%{_datadir}/%{name}/patterns/
install -Dm0755 %{SOURCE3} %{buildroot}%{_libexecdir}/%{name}/prepare-%{name}
install -Dm0755 %{SOURCE6} %{buildroot}%{_libexecdir}/%{name}/%{name}-hub-update
install -Dm0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.service
install -Dm0644 %{SOURCE4} %{buildroot}%{_unitdir}/%{name}-hub-update.service
install -Dm0644 %{SOURCE5} %{buildroot}%{_unitdir}/%{name}-hub-update.timer
# %%{_libexecdir} resolves differently on Tumbleweed and Leap 15.x
sed -i 's#PLACEHOLDER_LIBEXEC#%{_libexecdir}#g' %{buildroot}%{_unitdir}/%{name}.service
sed -i 's#PLACEHOLDER_LIBEXEC#%{_libexecdir}#g' %{buildroot}%{_unitdir}/%{name}-hub-update.service
%pre
%service_add_pre %{name}.service
%service_add_pre %{name}-hub-update.service
%post
%service_add_post %{name}.service
%service_add_post %{name}-hub-update.service
%preun
%service_del_preun %{name}.service
%service_del_preun %{name}-hub-update.service
%postun
%service_del_postun %{name}.service
%service_del_postun %{name}-hub-update.service
%files
%license LICENSE
%doc README.md
%config(noreplace) %{_sysconfdir}/%{name}/console/context.yaml
%config(noreplace) %{_sysconfdir}/%{name}/{acquis,config,profiles,simulation}.yaml
%ghost %config(noreplace) %{_sysconfdir}/%{name}/{local_api_credentials,online_api_credentials}.yaml
%{_bindir}/%{name}
%{_bindir}/cscli
%{_datadir}/%{name}/patterns/*
%{_libexecdir}/%{name}/prepare-%{name}
%{_libexecdir}/%{name}/%{name}-hub-update
%{_unitdir}/%{name}.service
%{_unitdir}/%{name}-hub-update.service
%{_unitdir}/%{name}-hub-update.timer
#dir
%dir %{_datadir}/%{name}
%dir %{_datadir}/%{name}/notifications
%dir %{_datadir}/%{name}/patterns
%dir %{_libdir}/%{name}
%dir %{_libdir}/%{name}/plugins
%dir %{_libexecdir}/%{name}
%dir %{_sharedstatedir}/%{name}
%dir %{_sharedstatedir}/%{name}/data
%dir %{_sharedstatedir}/%{name}/plugins
%dir %{_sysconfdir}/%{name}
%dir %{_sysconfdir}/%{name}/acquis.d
%dir %{_sysconfdir}/%{name}/bouncers
%dir %{_sysconfdir}/%{name}/console
%dir %{_sysconfdir}/%{name}/hub
%files bash-completion
%{_datadir}/bash-completion/completions/cscli
%files fish-completion
%{_datadir}/fish/vendor_completions.d/cscli.fish
%files zsh-completion
%{_datadir}/zsh/site-functions/_cscli
%files plugin-email
%{_datadir}/crowdsec/notifications/email.yaml
%{_libdir}/crowdsec/plugins/notification-email
%files plugin-file
%{_datadir}/crowdsec/notifications/file.yaml
%{_libdir}/crowdsec/plugins/notification-file
%files plugin-http
%{_datadir}/crowdsec/notifications/http.yaml
%{_libdir}/crowdsec/plugins/notification-http
%files plugin-sentinel
%{_datadir}/crowdsec/notifications/sentinel.yaml
%{_libdir}/crowdsec/plugins/notification-sentinel
%files plugin-slack
%{_datadir}/crowdsec/notifications/slack.yaml
%{_libdir}/crowdsec/plugins/notification-slack
%files plugin-splunk
%{_datadir}/crowdsec/notifications/splunk.yaml
%{_libdir}/crowdsec/plugins/notification-splunk
%changelog
