ngompa / rpms / haproxy

Forked from rpms/haproxy 4 years ago
Clone

Blame SPECS/haproxy.spec

819a9f
%define haproxy_user    haproxy
819a9f
%define haproxy_group   %{haproxy_user}
819a9f
%define haproxy_home    %{_localstatedir}/lib/haproxy
819a9f
%define haproxy_confdir %{_sysconfdir}/haproxy
819a9f
%define haproxy_datadir %{_datadir}/haproxy
819a9f
819a9f
%global _hardened_build 1
819a9f
819a9f
Name:           haproxy
7991a0
Version:        1.5.2
d58b22
Release:        3%{?dist}
819a9f
Summary:        HA-Proxy is a TCP/HTTP reverse proxy for high availability environments
819a9f
819a9f
Group:          System Environment/Daemons
819a9f
License:        GPLv2+
819a9f
819a9f
URL:            http://haproxy.1wt.eu/
7991a0
Source0:        http://haproxy.1wt.eu/download/1.5/src/haproxy-%{version}.tar.gz
819a9f
Source1:        %{name}.service
819a9f
Source2:        %{name}.cfg
819a9f
Source3:        %{name}.logrotate
819a9f
7991a0
Patch0:         halog-unused-variables.patch
d58b22
Patch1:         haproxy-dont-update-msg-sov.patch
7991a0
819a9f
BuildRequires:  pcre-devel
7991a0
BuildRequires:  zlib-devel
7991a0
BuildRequires:  openssl-devel
819a9f
BuildRequires:  systemd-units
819a9f
819a9f
Requires(pre):      shadow-utils
819a9f
Requires(post):     systemd
819a9f
Requires(preun):    systemd
819a9f
Requires(postun):   systemd
819a9f
819a9f
%description
819a9f
HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high
819a9f
availability environments. Indeed, it can:
819a9f
- route HTTP requests depending on statically assigned cookies
819a9f
- spread the load among several servers while assuring server persistence
819a9f
  through the use of HTTP cookies
819a9f
- switch to backup servers in the event a main one fails
819a9f
- accept connections to special ports dedicated to service monitoring
819a9f
- stop accepting connections without breaking existing ones
819a9f
- add/modify/delete HTTP headers both ways
819a9f
- block requests matching a particular pattern
819a9f
819a9f
819a9f
%prep
7991a0
%setup -q
7991a0
%patch0 -p0
d58b22
%patch1 -p1
819a9f
819a9f
%build
819a9f
# No configure script is present, it is all done via make flags
819a9f
# Kernels of Fedora 11 and up and EL 6 and up are newer than 2.6.28,
819a9f
# so using linux2628 as target.
819a9f
819a9f
# Recommended optimization option for x86 builds
819a9f
regparm_opts=
819a9f
%ifarch %ix86 x86_64
819a9f
regparm_opts="USE_REGPARM=1"
819a9f
%endif
819a9f
7991a0
make %{?_smp_mflags} CPU="generic" TARGET="linux2628" USE_OPENSSL=1 USE_PCRE=1 USE_ZLIB=1 ${regparm_opts} ADDINC="%{optflags}" USE_LINUX_TPROXY=1 ADDLIB="%{__global_ldflags}"
819a9f
819a9f
# build the halog contrib program.
819a9f
pushd contrib/halog
819a9f
make ${halog} OPTIMIZE="%{optflags}"
819a9f
popd
819a9f
819a9f
%install
819a9f
make install-bin DESTDIR=%{buildroot} PREFIX=%{_prefix}
819a9f
make install-man DESTDIR=%{buildroot} PREFIX=%{_prefix}
819a9f
819a9f
%{__install} -p -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
819a9f
%{__install} -p -D -m 0644 %{SOURCE2} %{buildroot}%{haproxy_confdir}/%{name}.cfg
819a9f
%{__install} -p -D -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
819a9f
%{__install} -d -m 0755 %{buildroot}%{haproxy_home}
819a9f
%{__install} -d -m 0755 %{buildroot}%{haproxy_datadir}
819a9f
%{__install} -d -m 0755 %{buildroot}%{_bindir}
819a9f
%{__install} -p -m 0755 ./contrib/halog/halog %{buildroot}%{_bindir}/halog
819a9f
819a9f
for httpfile in $(find ./examples/errorfiles/ -type f) 
819a9f
do
819a9f
    %{__install} -p -m 0644 $httpfile %{buildroot}%{haproxy_datadir}
819a9f
done
819a9f
819a9f
# convert all text files to utf8
819a9f
for textfile in $(find ./ -type f -name '*.txt')
819a9f
do
819a9f
    mv $textfile $textfile.old
819a9f
    iconv --from-code ISO8859-1 --to-code UTF-8 --output $textfile $textfile.old
819a9f
    rm -f $textfile.old
819a9f
done
819a9f
819a9f
819a9f
%pre
dc512f
getent group %{haproxy_group} >/dev/null || groupadd \
dc512f
    -g 188 -r %{haproxy_group}
dc512f
getent passwd %{haproxy_user} >/dev/null || useradd \
dc512f
    -u 188 -r -g %{haproxy_group} -d %{haproxy_home} \
dc512f
    -s /sbin/nologin -c "haproxy" %{haproxy_user}
819a9f
exit 0
819a9f
819a9f
819a9f
%post
819a9f
%systemd_post %{name}.service
819a9f
dc512f
819a9f
%preun
819a9f
%systemd_preun %{name}.service
819a9f
819a9f
819a9f
%postun
819a9f
%systemd_postun_with_restart %{name}.service
819a9f
819a9f
819a9f
%files
819a9f
%doc doc/*
819a9f
%doc examples/url-switching.cfg
819a9f
%doc examples/acl-content-sw.cfg
819a9f
%doc examples/content-sw-sample.cfg
819a9f
%doc examples/cttproxy-src.cfg
819a9f
%doc examples/haproxy.cfg
819a9f
%doc examples/tarpit.cfg
819a9f
%doc CHANGELOG LICENSE README
819a9f
%dir %{haproxy_datadir}
819a9f
%{haproxy_datadir}/*
819a9f
%dir %{haproxy_confdir}
819a9f
%config(noreplace) %{haproxy_confdir}/%{name}.cfg
819a9f
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
819a9f
%{_unitdir}/%{name}.service
819a9f
%{_sbindir}/%{name}
dc512f
%{_sbindir}/%{name}-systemd-wrapper
819a9f
%{_bindir}/halog
819a9f
%{_mandir}/man1/%{name}.1.gz
819a9f
%attr(-,%{haproxy_user},%{haproxy_group}) %dir %{haproxy_home}
819a9f
819a9f
%changelog
d58b22
* Thu Sep 04 2014 Ryan O'Hara <rohara@redhat.com> - 1.5.2-3
d58b22
- Fix remote client denial of service vulnerability (#1138191)
d58b22
7991a0
* Thu Jul 31 2014 Ryan O'Hara <rohara@redhat.com> - 1.5.2-2
7991a0
- Bump release number (#1120228)
7991a0
7991a0
* Thu Jul 17 2014 Ryan O'Hara <rohara@redhat.com> - 1.5.2-1
7991a0
- Update to stable release 1.5.2 (#1120228)
7991a0
7991a0
* Tue Jul 17 2014 Ryan O'Hara <rohara@redhat.com> - 1.5.1-2
7991a0
- Build with openssl and zlib (#1120673)
7991a0
7991a0
* Thu Jul 17 2014 Ryan O'Hara <rohara@redhat.com> - 1.5.1-1
7991a0
- Update to stable release 1.5.1 (#1120228)
7991a0
dc512f
* Fri Feb 28 2014 Ryan O'Hara <rohara@redhat.com> - 1.5-0.3.dev22
dc512f
- Use haproxy-systemd-wrapper in service file (#1067060)
dc512f
dc512f
* Wed Feb 12 2014 Ryan O'Hara <rohara@redhat.com> - 1.5-0.2.dev22
dc512f
- Specify assigned UID in useradd
dc512f
dc512f
* Mon Feb 10 2014 Ryan O'Hara <rohara@redhat.com> - 1.5-0.1.dev22
dc512f
- Update to development release 1.5-dev22 (#1043658)
dc512f
dc512f
* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 1.4.24-3
dc512f
- Mass rebuild 2014-01-24
dc512f
dc512f
* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 1.4.24-2
dc512f
- Mass rebuild 2013-12-27
dc512f
819a9f
* Mon Jun 17 2013 Ryan O'Hara <rohara@redhat.com> - 1.4.24-1
819a9f
- Update to 1.4.24 (CVE-2013-2174, #975160)
819a9f
819a9f
* Tue Apr 30 2013 Ryan O'Hara <rohara@redhat.com> - 1.4.23-3
819a9f
- Build with PIE flags (#955182)
819a9f
819a9f
* Mon Apr 22 2013 Ryan O'Hara <rohara@redhat.com> - 1.4.23-2
819a9f
- Build with PIE flags (#955182)
819a9f
819a9f
* Tue Apr 02 2013 Ryan O'Hara <rohara@redhat.com> - 1.4.23-1
819a9f
- Update to 1.4.23 (CVE-2013-1912, #947697)
819a9f
- Drop supplementary groups after setuid/setgid (#894626)
819a9f
819a9f
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.22-2
819a9f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
819a9f
819a9f
* Fri Oct 12 2012 Robin Lee <cheeselee@fedoraproject.org> - 1.4.22-1
819a9f
- Update to 1.4.22 (CVE-2012-2942, #824544)
819a9f
- Use linux2628 build target
819a9f
- No separate x86_64 build target for halog
819a9f
- halog build honors rpmbuild optflags
819a9f
- Specfile cleanup
819a9f
819a9f
* Mon Sep 17 2012 Václav Pavlín <vpavlin@redhat.com> - 1.4.20-3
819a9f
- Scriptlets replaced with new systemd macros (#850143)
819a9f
819a9f
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.20-2
819a9f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
819a9f
819a9f
* Tue Apr 03 2012 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.4.20-1
819a9f
- Update to 1.4.20
819a9f
819a9f
* Sun Feb 19 2012 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.4.19-4
819a9f
- fix haproxy.services file
819a9f
819a9f
* Sun Feb 19 2012 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.4.19-3
819a9f
- Update to use systemd fixing bug #770305
819a9f
819a9f
* Fri Feb 10 2012 Petr Pisar <ppisar@redhat.com> - 1.4.19-2
819a9f
- Rebuild against PCRE 8.30
819a9f
819a9f
* Sun Jan 29 2012 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.4.19-1
819a9f
- Update to 1.4.19
819a9f
819a9f
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.18-2
819a9f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
819a9f
819a9f
* Thu Sep 22 2011 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.4.18-1
819a9f
- Update to 1.4.18
819a9f
819a9f
* Tue Apr 26 2011 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.4.15-1
819a9f
- Update to 1.4.15
819a9f
819a9f
* Sun Feb 27 2011 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.4.11-1
819a9f
- update to 1.4.11
819a9f
819a9f
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.8-2
819a9f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
819a9f
819a9f
* Sun Dec 12 2010 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.4.9-1
819a9f
- update to 1.4.9
819a9f
819a9f
* Sun Jun 20 2010 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.4.8-1
819a9f
- update to 1.4.8
819a9f
819a9f
* Sun May 30 2010 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.4.6-1
819a9f
- update to 1.4.6
819a9f
819a9f
* Thu Feb 18 2010 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.23-1
819a9f
- update to 1.3.23
819a9f
819a9f
* Sat Oct 17 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.22-1
819a9f
- update to 1.3.22
819a9f
- added logrotate configuration
819a9f
819a9f
* Mon Oct 12 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.21-1
819a9f
- update to 1.3.21
819a9f
819a9f
* Sun Oct 11 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.20-1
819a9f
- update to 1.3.20
819a9f
819a9f
* Sun Aug 02 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.19-1
819a9f
- update to 1.3.19
819a9f
819a9f
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.18-2
819a9f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
819a9f
819a9f
* Sun May 17 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.18-1
819a9f
- update to 1.3.18
819a9f
819a9f
* Sat Apr 11 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.17-1
819a9f
-  Update to 1.3.17
819a9f
819a9f
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.15.7-2
819a9f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
819a9f
819a9f
* Tue Dec 30 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.15.7-1
819a9f
- update to 1.3.15.7
819a9f
- remove upstream patches, they are now part of source distribution
819a9f
819a9f
* Sat Nov 22 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.15.6-2
819a9f
- apply upstream patches 
819a9f
819a9f
* Sat Nov 15 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.15.6-1
819a9f
- update to 1.3.15.6
819a9f
- use new build targets from upstream
819a9f
- add in recommended build options for x86 from upstream
819a9f
819a9f
* Sat Jun 28 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.14.6-1
819a9f
- update to 1.3.14.6
819a9f
- remove gcc 4.3 patch, it has been applied upstream
819a9f
- remove MIT license as that code has been removed from upstream
819a9f
819a9f
* Mon Apr 14 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.14.4-1
819a9f
- update to 1.3.14.4
819a9f
819a9f
* Sun Mar 16 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.14.3-1
819a9f
- update to 1.3.14.3
819a9f
819a9f
* Sat Mar 01 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.14.2-4
819a9f
- apply the gcc 4.3 patch to the build process
819a9f
819a9f
* Sat Mar 01 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.14.2-3
819a9f
- fix gcc 4.3 bug [#434144]
819a9f
- update init script to properly reload configuration
819a9f
819a9f
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 1.3.14.2-2
819a9f
- Autorebuild for GCC 4.3
819a9f
819a9f
* Sun Jan 20 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.14.2-1
819a9f
- update to 1.3.14.2
819a9f
- update make flags that changed with this upstream release
819a9f
- added man page installation
819a9f
819a9f
* Sun Dec 16 2007 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.3.14-1
819a9f
- update to 1.3.14
819a9f
819a9f
* Mon Nov 05 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 1.3.12.4-1
819a9f
- update to 1.3.12.4
819a9f
819a9f
* Thu Nov 01 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 1.3.12.3-1
819a9f
- update to 1.3.12.3
819a9f
819a9f
* Fri Sep 21 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 1.3.12.2-3
819a9f
- fix init script 'reload' task
819a9f
819a9f
* Thu Sep 20 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 1.3.12.2-2
819a9f
- update License field
819a9f
819a9f
* Thu Sep 20 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 1.3.12.2-1
819a9f
- update to 1.3.12.2
819a9f
- remove the upstream patch
819a9f
819a9f
* Tue Sep 18 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 1.3.12.1-1
819a9f
- switch to 1.3.12.1 branch
819a9f
- add patch from upstream with O'Reilly licensing updates.
819a9f
- convert ISO-8859-1 doc files to UTF-8
819a9f
819a9f
* Sat Mar 24 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 1.2.17-2
819a9f
- addition of haproxy user
819a9f
- add license information
819a9f
819a9f
* Fri Mar 23 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 1.2.17-1
819a9f
- initial packaging