-
Notifications
You must be signed in to change notification settings - Fork 0
/
nginx-mod-modsecurity.spec
99 lines (83 loc) · 3.43 KB
/
nginx-mod-modsecurity.spec
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
%global _hardened_build 1
%global nginx_user nginx
%global debug_package %{nil}
%global with_aio 1
%global nginx_version 1.24.0
%if 0%{?fedora} > 22
%global with_mailcap_mimetypes 1
%endif
%ifnarch s390 s390x ppc64 ppc64le
%global with_gperftools 1
%endif
%undefine _strict_symbol_defs_build
%bcond_with geoip
Name: modsecurity-nginx
Version: 1.0.3
Release: 11%{?dist}
Summary: ModSecurity v3 Nginx Connector
License: ASL 2.0
URL: https://www.modsecurity.org/
Source0: https://github.com/SpiderLabs/ModSecurity-nginx/releases/download/v%{version}/modsecurity-nginx-v%{version}.tar.gz
Source1: https://github.com/SpiderLabs/ModSecurity-nginx/releases/download/v%{version}/modsecurity-nginx-v%{version}.tar.gz.asc
Source2: https://nginx.org/download/nginx-%{nginx_version}.tar.gz
Source3: https://nginx.org/download/nginx-%{nginx_version}.tar.gz.asc
Source4: mod-modsecurity.conf
Source101: https://nginx.org/keys/thresh.key
Source102: https://nginx.org/keys/maxim.key
Source103: https://nginx.org/keys/mdounin.key
Source104: https://nginx.org/keys/sb.key
Source105: modsecurity.gpg
Patch0: nginx-auto-cc-gcc.patch
%if 0%{?with_gperftools}
BuildRequires: gperftools-devel
%endif
BuildRequires: gcc
BuildRequires: sed
BuildRequires: openssl-devel
BuildRequires: pcre-devel
BuildRequires: zlib-devel
BuildRequires: libxslt-devel
BuildRequires: gd-devel
BuildRequires: GeoIP-devel
BuildRequires: libcurl-devel
BuildRequires: yajl-devel
BuildRequires: lmdb-devel
BuildRequires: automake
BuildRequires: libtool
BuildRequires: perl-ExtUtils-Embed
BuildRequires: libmodsecurity-nginx-devel
BuildRequires: gnupg
BuildRequires: nginx
Requires: nginx = 1:%{nginx_version}
Requires: libmodsecurity-nginx
%description
The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity (ModSecurity v3).
Said another way, this project provides a communication channel between nginx and libmodsecurity.
This connector is required to use LibModSecurity with nginx.
%prep
cat %{S:101} %{S:102} %{S:103} %{S:104} > %{_builddir}/nginx.gpg
cat %{SOURCE105} > %{_builddir}/modsecurity.gpg
cat %{SOURCE4} > %{_builddir}/mod-modsecurity.conf
%{gpgverify} --keyring='%{_builddir}/modsecurity.gpg' --signature='%{SOURCE1}' --data='%{SOURCE0}'
%{gpgverify} --keyring='%{_builddir}/nginx.gpg' --signature='%{SOURCE3}' --data='%{SOURCE2}'
sed -i "s#MODULE_PATH#%{_prefix}/%{_lib}/nginx/modules/ngx_http_modsecurity_module.so#g" %{_builddir}/mod-modsecurity.conf
# extract modsecurity-nginx
%setup -n modsecurity-nginx-v%{version}
# extract nginx next to modsecurity-nginx
%setup -T -b 2 -n nginx-%{nginx_version}
%patch0 -p 0
%build
export DESTDIR=%{buildroot}
./configure %(nginx -V 2>&1 | grep 'configure arguments' | sed -r 's@^[^:]+: @@') --add-dynamic-module="../modsecurity-nginx-v%{version}"
$configure
make modules %{?_smp_mflags}
%install
%{__install} -p -D -m 0755 objs/ngx_http_modsecurity_module.so %{buildroot}%{_libdir}/nginx/modules/ngx_http_modsecurity_module.so
%{__install} -p -D -m 0644 %{_builddir}/mod-modsecurity.conf %{buildroot}%{_datadir}/nginx/modules/mod-modsecurity.conf
%files
%{_libdir}/nginx/modules/ngx_http_modsecurity_module.so
%{_datadir}/nginx/modules/mod-modsecurity.conf
%license ../modsecurity-nginx-v%{version}/LICENSE
%changelog
* Sun Mar 5 2023 Silvan Nagl <[email protected]> 1.0.3-10
- Use a more generic build