1 |
%define luaver 5.3 |
2 |
%define adminpassword %(apg -m 32 -n 1 -a 0 -E '"#$\\'\\') |
3 |
%define operatorpassword %(apg -m 32 -n 1 -a 0 -E '"#$\\'\\') |
4 |
|
5 |
Summary: Reliable High Performance TCP/HTTP Load Balancer |
6 |
Name: haproxy |
7 |
Version: 2.4.2 |
8 |
Release: %mkrel 4 |
9 |
License: GPLv2 and LGPLv2 |
10 |
Group: System/Servers |
11 |
URL: https://www.haproxy.org |
12 |
Source0: https://www.haproxy.org/download/2.4/src/%{name}-%{version}.tar.gz |
13 |
Source1: https://www.haproxy.org/download/2.4/src/%{name}-%{version}.tar.gz.sha256 |
14 |
Source2: https://www.haproxy.org/download/2.4/src/%{name}-%{version}.tar.gz.md5 |
15 |
Source3: %{name}.service |
16 |
Source4: %{name}.tmpfiles |
17 |
Source5: %{name}.logrotate |
18 |
Source6: %{name}.sysconfig |
19 |
Source7: %{name}.conf |
20 |
Patch0: haproxy-2.4.2-rapsys-key-private.patch |
21 |
%ifarch armv7hl aarch64 |
22 |
BuildRequires: libatomic-devel |
23 |
%endif |
24 |
BuildRequires: pcre2-devel |
25 |
BuildRequires: pkgconfig(libcrypt) |
26 |
BuildRequires: pkgconfig(lua) >= %{luaver} |
27 |
BuildRequires: pkgconfig(openssl) |
28 |
BuildRequires: pkgconfig(systemd) |
29 |
BuildRequires: pkgconfig(zlib) |
30 |
BuildRequires: perl |
31 |
BuildRequires: apg |
32 |
Requires: lua%{luaver} >= %{luaver} |
33 |
|
34 |
%description |
35 |
HAProxy is free, open source software that provides a high availability load |
36 |
balancer and proxy server for TCP and HTTP-based applications that spreads |
37 |
requests across multiple servers. It is written in C and has a reputation for |
38 |
being fast and efficient. |
39 |
|
40 |
%package utils |
41 |
Summary: Utilities for working with HAProxy servers |
42 |
Group: Networking/Other |
43 |
|
44 |
%description utils |
45 |
HAProxy-utils contains a couple of command line utilities for working with |
46 |
haproxy servers. |
47 |
|
48 |
You should install haproxy-utils if you need to get information from HAProxy |
49 |
servers. |
50 |
|
51 |
%prep |
52 |
%setup -q -n %{name}-%{version} |
53 |
%autopatch -p1 |
54 |
|
55 |
%build |
56 |
|
57 |
# Build haproxy |
58 |
%make_build \ |
59 |
CPU="generic" \ |
60 |
TARGET="linux-glibc" \ |
61 |
USE_LUA="1" \ |
62 |
LUA_LIB="/usr/lib64/lua/5.3" \ |
63 |
LUA_INC="/usr/include/lua" \ |
64 |
USE_CRYPT_H="1" \ |
65 |
USE_DL="1" \ |
66 |
USE_GETADDRINFO="1" \ |
67 |
USE_LIBCRYPT="1" \ |
68 |
USE_NS="1" \ |
69 |
USE_OPENSSL="1" \ |
70 |
USE_PCRE2="1" \ |
71 |
USE_PCRE2_JIT="1" \ |
72 |
USE_PROMEX="1" \ |
73 |
USE_PTHREAD_PSHARED="1" \ |
74 |
USE_RT="1" \ |
75 |
USE_SYSTEMD="1" \ |
76 |
USE_TFO="1" \ |
77 |
USE_ZLIB="1" \ |
78 |
PREFIX=/usr \ |
79 |
MANDIR=%{_mandir} \ |
80 |
DOCDIR=%{_pkgdocdir} |
81 |
|
82 |
# Build utils |
83 |
%make_build \ |
84 |
admin/halog/halog \ |
85 |
admin/iprange/iprange \ |
86 |
dev/tcploop/tcploop \ |
87 |
dev/poll/poll \ |
88 |
dev/flags/flags \ |
89 |
dev/hpack/{decode,gen-enc,gen-rht} |
90 |
|
91 |
%install |
92 |
%make_install \ |
93 |
PREFIX=/usr \ |
94 |
MANDIR=%{_mandir} \ |
95 |
DOCDIR=%{_pkgdocdir} |
96 |
|
97 |
# Install sysconfdirs |
98 |
install -d 0755 %{buildroot}%{_sysconfdir} |
99 |
install -d 0755 %{buildroot}%{_sysconfdir}/%{name} |
100 |
install -d 0755 %{buildroot}%{_sysconfdir}/sysconfig |
101 |
|
102 |
# Install shared state dir |
103 |
install -d 0755 %{buildroot}%{_sharedstatedir}/%{name} |
104 |
|
105 |
# Install service |
106 |
install -D -p -m 0644 %{SOURCE3} %{buildroot}%{_unitdir}/%{name}.service |
107 |
|
108 |
# Install tmpfiles |
109 |
install -D -p -m 0644 %{SOURCE4} %{buildroot}%{_tmpfilesdir}/%{name}.conf |
110 |
|
111 |
# Install log rotation stuff |
112 |
install -D -p -m 0644 %{SOURCE5} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} |
113 |
|
114 |
# Install sysconfig |
115 |
install -D -p -m 0644 %{SOURCE6} %{buildroot}%{_sysconfdir}/sysconfig/%{name} |
116 |
|
117 |
# Install configuration |
118 |
#TODO: implement https://github.com/janeczku/haproxy-acme-validation-plugin/blob/master/acme-http01-webroot.lua ? |
119 |
install -D -p -m 0644 %{SOURCE7} %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf |
120 |
|
121 |
# Replace admin password |
122 |
perl -pne 's/ADMINPASSWORD/%{adminpassword}/' -i %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf |
123 |
|
124 |
# Replace operator password |
125 |
perl -pne 's/OPERATORPASSWORD/%{operatorpassword}/' -i %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf |
126 |
|
127 |
# Copy errors files |
128 |
cp -r examples/errorfiles %{buildroot}%{_pkgdocdir}/error |
129 |
|
130 |
# Install vim syntax |
131 |
install -D -p -m 0644 admin/syntax-highlight/%{name}.vim %{buildroot}%{_datadir}/vim/syntax/%{name}.vim |
132 |
|
133 |
# Install README.urpmi |
134 |
cat << EOF | perl -pe 'chomp if eof' > README.urpmi |
135 |
Haproxy is now installed. |
136 |
|
137 |
Configuration file is %{_sysconfdir}/%{name}/%{name}.conf |
138 |
|
139 |
The server listen on any:8080 and 8443 by default. |
140 |
|
141 |
Add to %{_sysconfdir}/shorewall/rules.haproxy these shorewall rules for a transparent proxy: |
142 |
# Redirect tcp traffic from net on port 80 to 8080 |
143 |
REDIRECT net 8080 tcp 80 |
144 |
# Redirect tcp traffic from net on port 443 to 8443 |
145 |
REDIRECT net 8443 tcp 443 |
146 |
|
147 |
Enable the service with: |
148 |
# systemctl enable haproxy.service |
149 |
|
150 |
Start the service with: |
151 |
# systemctl start haproxy.service |
152 |
EOF |
153 |
|
154 |
# Install log dir |
155 |
install -d -m 755 %{buildroot}%{_logdir}/%{name} |
156 |
|
157 |
# Install bin dir |
158 |
install -d 0755 %{buildroot}%{_bindir} |
159 |
|
160 |
# Install haproxy utils |
161 |
install -p -m 0755 admin/halog/halog %{buildroot}%{_bindir}/halog |
162 |
install -p -m 0755 admin/iprange/iprange %{buildroot}%{_bindir}/iprange |
163 |
install -p -m 0755 dev/flags/flags %{buildroot}%{_bindir}/flags |
164 |
install -p -m 0755 dev/poll/poll %{buildroot}%{_bindir}/poll |
165 |
install -p -m 0755 dev/tcploop/tcploop %{buildroot}%{_bindir}/tcploop |
166 |
install -p -m 0755 dev/hpack/gen-rht %{buildroot}%{_bindir}/gen-rht |
167 |
install -p -m 0755 dev/hpack/gen-enc %{buildroot}%{_bindir}/gen-enc |
168 |
install -p -m 0755 dev/hpack/decode %{buildroot}%{_bindir}/hadecode |
169 |
|
170 |
%pre |
171 |
%_pre_useradd %{name} %{_sharedstatedir}/%{name} /bin/false |
172 |
%_pre_groupadd %{name} %{name} |
173 |
|
174 |
%preun |
175 |
%_preun_service %{name} |
176 |
|
177 |
%post |
178 |
%_tmpfilescreate %{name} |
179 |
%_post_service %{name} |
180 |
%_create_ssl_certificate %{name} |
181 |
|
182 |
%postun |
183 |
%_postun_userdel %{name} |
184 |
%_postun_groupdel %{name} |
185 |
|
186 |
%files |
187 |
%dir %{_logdir}/%{name} |
188 |
%dir %{_sysconfdir}/%{name} |
189 |
%config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf |
190 |
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name} |
191 |
%config(noreplace) %{_sysconfdir}/sysconfig/%{name} |
192 |
%{_sbindir}/%{name} |
193 |
%{_pkgdocdir}/*.txt |
194 |
%{_pkgdocdir}/error/* |
195 |
%{_mandir}/man1/* |
196 |
%{_tmpfilesdir}/%{name}.conf |
197 |
%{_unitdir}/%{name}.service |
198 |
%{_datadir}/vim/syntax/%{name}.vim |
199 |
%attr(0750, %{name}, %{name}) %{_sharedstatedir}/%{name} |
200 |
|
201 |
%files utils |
202 |
%{_bindir}/flags |
203 |
%{_bindir}/gen-enc |
204 |
%{_bindir}/gen-rht |
205 |
%{_bindir}/hadecode |
206 |
%{_bindir}/halog |
207 |
%{_bindir}/iprange |
208 |
%{_bindir}/poll |
209 |
%{_bindir}/tcploop |