1 |
# Based on work from Julien Pivotto <roidelapluie@inuits.eu> at https://github.com/roidelapluie/haproxy-rpm/blob/master/haproxy.spec |
%define luaver 5.3 |
2 |
|
%define adminpassword %(apg -m 32 -n 1 -a 0 -E '"#$\\'\\') |
3 |
Name: haproxy |
%define operatorpassword %(apg -m 32 -n 1 -a 0 -E '"#$\\'\\') |
4 |
Version: 2.4.0 |
|
5 |
Release: %mkrel 1 |
Summary: Reliable High Performance TCP/HTTP Load Balancer |
6 |
Epoch: 1 |
Name: haproxy |
7 |
Summary: TCP/HTTP proxy and load balancer for high availability environments |
Version: 2.4.2 |
8 |
License: GPLv2+ |
Release: %mkrel 1 |
9 |
Group: System/Networking |
License: GPLv2 and LGPLv2 |
10 |
Url: http://www.haproxy.org/ |
Group: System/Servers |
11 |
Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz |
URL: https://www.haproxy.org |
12 |
Source2: %{name}.cfg |
Source0: https://www.haproxy.org/download/2.4/src/%{name}-%{version}.tar.gz |
13 |
Source3: %{name}.logrotate |
Source1: https://www.haproxy.org/download/2.4/src/%{name}-%{version}.tar.gz.sha256 |
14 |
Source4: %{name}.sysconfig |
Source2: https://www.haproxy.org/download/2.4/src/%{name}-%{version}.tar.gz.md5 |
15 |
Source5: halog.1 |
Source3: %{name}.service |
16 |
|
Source4: %{name}.tmpfiles |
17 |
%ifarch armv7hl aarch64 |
Source5: %{name}.logrotate |
18 |
BuildRequires: atomic-devel |
Source6: %{name}.sysconfig |
19 |
%endif |
Source7: %{name}.conf |
20 |
BuildRequires: lua-devel >= 5.3 |
Patch0: haproxy-2.4.2-rapsys-key-private.patch |
21 |
BuildRequires: pcre-devel |
BuildRequires: pcre2-devel |
22 |
BuildRequires: pcreposix-devel |
BuildRequires: pkgconfig(libcrypt) |
23 |
BuildRequires: zlib-devel |
BuildRequires: pkgconfig(lua) >= %{luaver} |
24 |
BuildRequires: openssl-devel |
BuildRequires: pkgconfig(openssl) |
25 |
BuildRequires: systemd-units |
BuildRequires: pkgconfig(systemd) |
26 |
BuildRequires: systemd-devel |
BuildRequires: pkgconfig(zlib) |
27 |
Requires(pre): shadow-utils |
BuildRequires: perl |
28 |
Requires(post): systemd |
BuildRequires: apg |
29 |
Requires(preun): systemd |
Requires: lua%{luaver} >= %{luaver} |
|
Requires(postun): systemd |
|
30 |
|
|
31 |
%description |
%description |
32 |
HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high |
HAProxy is free, open source software that provides a high availability load |
33 |
availability environments |
balancer and proxy server for TCP and HTTP-based applications that spreads |
34 |
|
requests across multiple servers. It is written in C and has a reputation for |
35 |
|
being fast and efficient. |
36 |
|
|
37 |
|
%package utils |
38 |
|
Summary: Utilities for working with HAProxy servers |
39 |
|
Group: Networking/Other |
40 |
|
|
41 |
|
%description utils |
42 |
|
HAProxy-utils contains a couple of command line utilities for working with |
43 |
|
haproxy servers. |
44 |
|
|
45 |
|
You should install haproxy-utils if you need to get information from HAProxy |
46 |
|
servers. |
47 |
|
|
48 |
%prep |
%prep |
49 |
%setup -q -n %{name}-%{version} |
%setup -q -n %{name}-%{version} |
50 |
|
%autopatch -p1 |
51 |
|
|
52 |
%build |
%build |
53 |
%{__make} %{?_smp_mflags} CPU="generic" TARGET="linux-glibc" USE_LUA=1 USE_OPENSSL=1 USE_PCRE=1 USE_PCRE_JIT=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_LIBCRYPT=1 USE_CRYPT_H=1 USE_GETADDRINFO=1 USE_TFO=1 USE_NS=1 USE_PROMEX=1 %{name} admin/halog/halog admin/iprange/iprange dev/tcploop/tcploop dev/poll/poll dev/flags/flags dev/hpack/{decode,gen-enc,gen-rht} |
|
54 |
|
# Build haproxy |
55 |
|
%make_build \ |
56 |
|
CPU="generic" \ |
57 |
|
TARGET="linux-glibc" \ |
58 |
|
USE_LUA="1" \ |
59 |
|
LUA_LIB="/usr/lib64/lua/5.3" \ |
60 |
|
LUA_INC="/usr/include/lua" \ |
61 |
|
USE_CRYPT_H="1" \ |
62 |
|
USE_DL="1" \ |
63 |
|
USE_GETADDRINFO="1" \ |
64 |
|
USE_LIBCRYPT="1" \ |
65 |
|
USE_NS="1" \ |
66 |
|
USE_OPENSSL="1" \ |
67 |
|
USE_PCRE2="1" \ |
68 |
|
USE_PCRE2_JIT="1" \ |
69 |
|
USE_PROMEX="1" \ |
70 |
|
USE_PTHREAD_PSHARED="1" \ |
71 |
|
USE_RT="1" \ |
72 |
|
USE_SYSTEMD="1" \ |
73 |
|
USE_TFO="1" \ |
74 |
|
USE_ZLIB="1" \ |
75 |
|
PREFIX=/usr \ |
76 |
|
MANDIR=%{_mandir} \ |
77 |
|
DOCDIR=%{_pkgdocdir} |
78 |
|
|
79 |
|
# Build utils |
80 |
|
%make_build \ |
81 |
|
admin/halog/halog \ |
82 |
|
admin/iprange/iprange \ |
83 |
|
dev/tcploop/tcploop \ |
84 |
|
dev/poll/poll \ |
85 |
|
dev/flags/flags \ |
86 |
|
dev/hpack/{decode,gen-enc,gen-rht} |
87 |
|
|
88 |
%install |
%install |
89 |
# Fix wrong DOCDIR |
%make_install \ |
90 |
%make_install PREFIX=/usr DOCDIR=/usr/share/doc/%{name} |
PREFIX=/usr \ |
91 |
|
MANDIR=%{_mandir} \ |
92 |
|
DOCDIR=%{_pkgdocdir} |
93 |
|
|
94 |
%{__install} -d -m 0755 %{buildroot}%{_localstatedir}/lib/%{name} |
# Install sysconfdirs |
95 |
%{__install} -p -D -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/%{name}/%{name}.cfg |
install -d 0755 %{buildroot}%{_sysconfdir} |
96 |
%{__install} -p -D -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} |
install -d 0755 %{buildroot}%{_sysconfdir}/%{name} |
97 |
%{__install} -p -D -m 0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/%{name} |
install -d 0755 %{buildroot}%{_sysconfdir}/sysconfig |
|
%{__install} -p -D -m 0644 %{SOURCE5} %{buildroot}%{_mandir}/man1/halog.1 |
|
|
%{__install} -d -m 0755 %{buildroot}%{_unitdir}/ |
|
|
%{__sed} -e 's|@SBINDIR@|%{_sbindir}|' ./admin/systemd/%{name}.service.in > %{buildroot}%{_unitdir}/%{name}.service |
|
|
%{__chmod} 644 %{buildroot}%{_unitdir}/%{name}.service |
|
|
%{__install} -d -m 0755 %{buildroot}%{_bindir}/ |
|
|
%{__install} -p -m 0755 ./admin/halog/halog %{buildroot}%{_bindir}/halog |
|
|
%{__install} -p -m 0755 ./admin/iprange/iprange %{buildroot}%{_bindir}/iprange |
|
|
%{__install} -p -m 0755 ./dev/flags/flags %{buildroot}%{_bindir}/flags |
|
|
%{__install} -p -m 0755 ./dev/poll/poll %{buildroot}%{_bindir}/poll |
|
|
%{__install} -p -m 0755 ./dev/tcploop/tcploop %{buildroot}%{_bindir}/tcploop |
|
|
%{__install} -p -m 0755 ./dev/hpack/gen-rht %{buildroot}%{_bindir}/gen-rht |
|
|
%{__install} -p -m 0755 ./dev/hpack/gen-enc %{buildroot}%{_bindir}/gen-enc |
|
|
%{__install} -p -m 0755 ./dev/hpack/decode %{buildroot}%{_bindir}/hadecode |
|
|
%{__install} -d -m 0755 %{buildroot}%{_datadir}/%{name} |
|
|
%{__install} -p -m 0644 ./examples/errorfiles/* %{buildroot}%{_datadir}/%{name} |
|
|
%{__install} -d -m 0755 %{buildroot}%{_datadir}/vim/syntax |
|
|
%{__install} -p -m 0644 ./admin/syntax-highlight/%{name}.vim %{buildroot}%{_datadir}/vim/syntax/%{name}.vim |
|
98 |
|
|
99 |
%pre |
# Install shared state dir |
100 |
getent group %{name} >/dev/null || groupadd -f -g 188 -r %{name} |
install -d 0755 %{buildroot}%{_sharedstatedir}/%{name} |
|
if ! getent passwd %{name} >/dev/null ; then |
|
|
if ! getent passwd 188 >/dev/null ; then |
|
|
useradd -r -u 188 -g %{name} -d %{_localstatedir}/lib/%{name} -s /sbin/nologin -c "haproxy" %{name} |
|
|
else |
|
|
useradd -r -g %{name} -d %{_localstatedir}/lib/%{name} -s /sbin/nologin -c "haproxy" %{name} |
|
|
fi |
|
|
fi |
|
101 |
|
|
102 |
%post |
# Install service |
103 |
%systemd_post %{name}.service |
install -D -p -m 0644 %{SOURCE3} %{buildroot}%{_unitdir}/%{name}.service |
104 |
|
|
105 |
|
# Install tmpfiles |
106 |
|
install -D -p -m 0644 %{SOURCE4} %{buildroot}%{_tmpfilesdir}/%{name}.conf |
107 |
|
|
108 |
|
# Install log rotation stuff |
109 |
|
install -D -p -m 0644 %{SOURCE5} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} |
110 |
|
|
111 |
|
# Install sysconfig |
112 |
|
install -D -p -m 0644 %{SOURCE6} %{buildroot}%{_sysconfdir}/sysconfig/%{name} |
113 |
|
|
114 |
|
# Install configuration |
115 |
|
#TODO: implement https://github.com/janeczku/haproxy-acme-validation-plugin/blob/master/acme-http01-webroot.lua ? |
116 |
|
install -D -p -m 0644 %{SOURCE7} %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf |
117 |
|
|
118 |
|
# Replace admin password |
119 |
|
perl -pne 's/ADMINPASSWORD/%{adminpassword}/' -i %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf |
120 |
|
|
121 |
|
# Replace operator password |
122 |
|
perl -pne 's/OPERATORPASSWORD/%{operatorpassword}/' -i %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf |
123 |
|
|
124 |
|
# Copy errors files |
125 |
|
cp -r examples/errorfiles %{buildroot}%{_pkgdocdir}/error |
126 |
|
|
127 |
|
# Install vim syntax |
128 |
|
install -D -p -m 0644 admin/syntax-highlight/%{name}.vim %{buildroot}%{_datadir}/vim/syntax/%{name}.vim |
129 |
|
|
130 |
|
# Install README.urpmi |
131 |
|
cat << EOF | perl -pe 'chomp if eof' > README.urpmi |
132 |
|
Haproxy is now installed. |
133 |
|
|
134 |
|
Configuration file is %{_sysconfdir}/%{name}/%{name}.conf |
135 |
|
|
136 |
|
The server listen on any:8080 and 8443 by default. |
137 |
|
|
138 |
|
Add to %{_sysconfdir}/shorewall/rules.haproxy these shorewall rules for a transparent proxy: |
139 |
|
# Redirect tcp traffic from net on port 80 to 8080 |
140 |
|
REDIRECT net 8080 tcp 80 |
141 |
|
# Redirect tcp traffic from net on port 443 to 8443 |
142 |
|
REDIRECT net 8443 tcp 443 |
143 |
|
|
144 |
|
Enable the service with: |
145 |
|
# systemctl enable haproxy.service |
146 |
|
|
147 |
|
Start the service with: |
148 |
|
# systemctl start haproxy.service |
149 |
|
EOF |
150 |
|
|
151 |
|
# Install log dir |
152 |
|
install -d -m 755 %{buildroot}%{_logdir}/%{name} |
153 |
|
|
154 |
|
# Install bin dir |
155 |
|
install -d 0755 %{buildroot}%{_bindir} |
156 |
|
|
157 |
|
# Install haproxy utils |
158 |
|
install -p -m 0755 admin/halog/halog %{buildroot}%{_bindir}/halog |
159 |
|
install -p -m 0755 admin/iprange/iprange %{buildroot}%{_bindir}/iprange |
160 |
|
install -p -m 0755 dev/flags/flags %{buildroot}%{_bindir}/flags |
161 |
|
install -p -m 0755 dev/poll/poll %{buildroot}%{_bindir}/poll |
162 |
|
install -p -m 0755 dev/tcploop/tcploop %{buildroot}%{_bindir}/tcploop |
163 |
|
install -p -m 0755 dev/hpack/gen-rht %{buildroot}%{_bindir}/gen-rht |
164 |
|
install -p -m 0755 dev/hpack/gen-enc %{buildroot}%{_bindir}/gen-enc |
165 |
|
install -p -m 0755 dev/hpack/decode %{buildroot}%{_bindir}/hadecode |
166 |
|
|
167 |
|
%pre |
168 |
|
%_pre_useradd %{name} %{_sharedstatedir}/%{name} /bin/false |
169 |
|
%_pre_groupadd %{name} %{name} |
170 |
|
|
171 |
%preun |
%preun |
172 |
%systemd_preun %{name}.service |
%_preun_service %{name} |
173 |
|
|
174 |
|
%post |
175 |
|
%_tmpfilescreate %{name} |
176 |
|
%_post_service %{name} |
177 |
|
%_create_ssl_certificate %{name} |
178 |
|
|
179 |
%postun |
%postun |
180 |
%systemd_postun_with_restart %{name}.service |
%_postun_userdel %{name} |
181 |
|
%_postun_groupdel %{name} |
182 |
|
|
183 |
%files |
%files |
184 |
%defattr(-,root,root,-) |
%dir %{_logdir}/%{name} |
|
%doc doc/* examples/*.cfg |
|
|
%doc CHANGELOG LICENSE README ROADMAP VERSION |
|
|
%{_unitdir}/%{name}.service |
|
185 |
%dir %{_sysconfdir}/%{name} |
%dir %{_sysconfdir}/%{name} |
186 |
%config(noreplace) %{_sysconfdir}/%{name}/%{name}.cfg |
%config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf |
187 |
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name} |
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name} |
188 |
%config(noreplace) %{_sysconfdir}/sysconfig/%{name} |
%config(noreplace) %{_sysconfdir}/sysconfig/%{name} |
|
%dir %{_datadir}/%{name} |
|
|
%{_datadir}/%{name}/* |
|
|
%attr(-,%{name},%{name}) %dir %{_localstatedir}/lib/%{name} |
|
189 |
%{_sbindir}/%{name} |
%{_sbindir}/%{name} |
190 |
|
%{_pkgdocdir}/*.txt |
191 |
|
%{_pkgdocdir}/error/* |
192 |
|
%{_mandir}/man1/* |
193 |
|
%{_tmpfilesdir}/%{name}.conf |
194 |
|
%{_unitdir}/%{name}.service |
195 |
|
%{_datadir}/vim/syntax/%{name}.vim |
196 |
|
%attr(0750, %{name}, %{name}) %{_sharedstatedir}/%{name} |
197 |
|
|
198 |
|
%files utils |
199 |
|
%{_bindir}/flags |
200 |
|
%{_bindir}/gen-enc |
201 |
|
%{_bindir}/gen-rht |
202 |
|
%{_bindir}/hadecode |
203 |
%{_bindir}/halog |
%{_bindir}/halog |
204 |
%{_bindir}/iprange |
%{_bindir}/iprange |
|
%{_bindir}/flags |
|
205 |
%{_bindir}/poll |
%{_bindir}/poll |
206 |
%{_bindir}/tcploop |
%{_bindir}/tcploop |
|
%{_bindir}/gen-rht |
|
|
%{_bindir}/gen-enc |
|
|
%{_bindir}/hadecode |
|
|
%{_mandir}/man1/* |
|
|
%{_datadir}/vim/syntax/%{name}.vim |
|