132 lines
4.1 KiB
Ruby
132 lines
4.1 KiB
Ruby
class Fail2ban < Formula
|
|
desc "Scan log files and ban IPs showing malicious signs"
|
|
homepage "https://www.fail2ban.org/"
|
|
url "https://github.com/fail2ban/fail2ban/archive/0.10.4.tar.gz"
|
|
sha256 "d6ca1bbc7e7944f7acb2ba7c1065953cd9837680bc4d175f30ed155c6a372449"
|
|
|
|
bottle do
|
|
sha256 "8a94f2acb50779d21bf5f419ef4ab65692d03e827d1d618a878b14b5174fba59" => :mojave
|
|
sha256 "96f7b39c78cab991ea75e7c68e65b764fe1ce0299ce82281e25800a255662bb9" => :high_sierra
|
|
sha256 "96f7b39c78cab991ea75e7c68e65b764fe1ce0299ce82281e25800a255662bb9" => :sierra
|
|
end
|
|
|
|
depends_on "help2man" => :build
|
|
depends_on "sphinx-doc" => :build
|
|
uses_from_macos "python@2"
|
|
|
|
def install
|
|
ENV.prepend_create_path "PYTHONPATH", libexec/"lib/python2.7/site-packages"
|
|
|
|
rm "setup.cfg"
|
|
Dir["config/paths-*.conf"].each do |r|
|
|
next if File.basename(r) =~ /paths-common\.conf|paths-osx\.conf/
|
|
|
|
rm r
|
|
end
|
|
|
|
# Replace hardcoded paths
|
|
inreplace "setup.py" do |s|
|
|
s.gsub! %r{/etc}, etc
|
|
s.gsub! %r{/var}, var
|
|
end
|
|
|
|
inreplace Dir["config/{action,filter}.d/**/*"].select { |ff| File.file?(ff) }.each do |s|
|
|
s.gsub! %r{/etc}, etc, false
|
|
s.gsub! %r{/var}, var, false
|
|
end
|
|
|
|
inreplace ["config/fail2ban.conf", "config/paths-common.conf", "doc/run-rootless.txt"].each do |s|
|
|
s.gsub! %r{/etc}, etc
|
|
s.gsub! %r{/var}, var
|
|
end
|
|
|
|
inreplace Dir["fail2ban/client/*"].each do |s|
|
|
s.gsub! %r{/etc}, etc, false
|
|
s.gsub! %r{/var}, var, false
|
|
end
|
|
|
|
inreplace "fail2ban/server/asyncserver.py", "/var/run/fail2ban/fail2ban.sock",
|
|
var/"run/fail2ban/fail2ban.sock"
|
|
|
|
inreplace Dir["fail2ban/tests/**/*"].select { |ff| File.file?(ff) }.each do |s|
|
|
s.gsub! %r{/etc}, etc, false
|
|
s.gsub! %r{/var}, var, false
|
|
end
|
|
|
|
inreplace Dir["man/*"].each do |s|
|
|
s.gsub! %r{/etc}, etc, false
|
|
s.gsub! %r{/var}, var, false
|
|
end
|
|
|
|
# Fix doc compilation
|
|
inreplace "setup.py", "/usr/share/doc/fail2ban", (share/"doc")
|
|
inreplace "setup.py", "if os.path.exists('#{var}/run')", "if True"
|
|
inreplace "setup.py", "platform_system in ('linux',", "platform_system in ('linux', 'darwin',"
|
|
|
|
system "python", "setup.py", "install", "--prefix=#{libexec}"
|
|
|
|
cd "doc" do
|
|
system "make", "dirhtml", "SPHINXBUILD=sphinx-build"
|
|
(share/"doc").install "build/dirhtml"
|
|
end
|
|
|
|
bin.install Dir[libexec/"bin/*"]
|
|
bin.env_script_all_files(libexec/"bin", :PYTHONPATH => ENV["PYTHONPATH"])
|
|
man1.install Dir["man/*.1"]
|
|
man5.install "man/jail.conf.5"
|
|
end
|
|
|
|
def post_install
|
|
(etc/"fail2ban").mkpath
|
|
(var/"run/fail2ban").mkpath
|
|
end
|
|
|
|
def caveats
|
|
<<~EOS
|
|
Before using Fail2Ban for the first time you should edit the jail
|
|
configuration and enable the jails that you want to use, for instance
|
|
ssh-ipfw. Also, make sure that they point to the correct configuration
|
|
path. I.e. on Mountain Lion the sshd logfile should point to
|
|
/var/log/system.log.
|
|
|
|
* #{etc}/fail2ban/jail.conf
|
|
|
|
The Fail2Ban wiki has two pages with instructions for macOS Server that
|
|
describes how to set up the Jails for the standard macOS Server
|
|
services for the respective releases.
|
|
|
|
10.4: https://www.fail2ban.org/wiki/index.php/HOWTO_Mac_OS_X_Server_(10.4)
|
|
10.5: https://www.fail2ban.org/wiki/index.php/HOWTO_Mac_OS_X_Server_(10.5)
|
|
|
|
Please do not forget to update your configuration files.
|
|
They are in #{etc}/fail2ban.
|
|
EOS
|
|
end
|
|
|
|
plist_options :startup => true
|
|
|
|
def plist
|
|
<<~EOS
|
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
|
<plist version="1.0">
|
|
<dict>
|
|
<key>Label</key>
|
|
<string>#{plist_name}</string>
|
|
<key>ProgramArguments</key>
|
|
<array>
|
|
<string>#{opt_bin}/fail2ban-client</string>
|
|
<string>-x</string>
|
|
<string>start</string>
|
|
</array>
|
|
<key>RunAtLoad</key>
|
|
<true/>
|
|
</dict>
|
|
</plist>
|
|
EOS
|
|
end
|
|
|
|
test do
|
|
system "#{bin}/fail2ban-client", "--test"
|
|
end
|
|
end
|