# Copyright 2018 gordonb3 # Distributed under the terms of the GNU General Public License v2 # $Header$ EAPI="5" inherit eutils perl-module systemd MY_PV=${PV/_*/} DESCRIPTION="Excito B3 administrative scripts" HOMEPAGE="http://www.excito.com/" SRC_URI="http://b3.update.excito.org/pool/main/b/${PN}/${PN}_${MY_PV}.tar.gz" RESTRICT="mirror" LICENSE="GPL-3" SLOT="0" KEYWORDS="~arm ~ppc" IUSE="+apache2 nginx systemd +iptables nftables" REQUIRED_USE="^^ ( apache2 nginx ) ?? ( iptables nftables ) " DEPEND=" dev-lang/perl:= iptables? ( net-firewall/iptables ) nftables? ( net-firewall/nftables ) " RDEPEND="${DEPEND} app-admin/bubba-diskmanager app-admin/bubba-networkmanager app-arch/zip dev-perl/Config-Simple dev-perl/Config-Tiny dev-perl/Crypt-PasswdMD5 dev-perl/Crypt-SSLeay dev-perl/Expect dev-perl/File-Slurp dev-perl/IPC-Run dev-perl/IPC-Run3 >=dev-perl/JSON-2.900.0 >=dev-perl/JSON-XS-3.10.0 dev-perl/List-MoreUtils dev-perl/Try-Tiny dev-perl/XML-Parser dev-perl/XML-Simple dev-python/pycups dev-python/pyyaml >=sys-apps/bubba-info-1.4[php,perl] >=sys-libs/timezone-data-2015e systemd? ( sys-apps/systemd ) " S=${WORKDIR}/${PN} src_prepare() { epatch ${FILESDIR}/gentoo.patch epatch ${FILESDIR}/bubba-firewall.patch epatch ${FILESDIR}/change_tz.patch epatch ${FILESDIR}/use_fixed_paths.patch if use systemd; then if use nftables; then # this will cause a fuzz with the next patch, but it will pass cp -a ${FILESDIR}/bubba-nft.initd ${S}/bubba-firewall.sh else cp -a ${FILESDIR}/bubba-firewall.initd ${S}/bubba-firewall.sh fi epatch ${FILESDIR}/systemd.patch fi # inconsistent service names if use systemd; then sed -i "s/cupsd/cups/" web-admin/lib/Bubba.pm sed -i "s/cups\.conf/cupsd.conf/" web-admin/lib/Bubba.pm else sed -i "s/forked-daapd/daapd/" web-admin/lib/Bubba.pm sed -i "s/forked-daapd/daapd/" web-admin/bin/diskdaemon.pl sed -i "s/forked-daapd/daapd/" web-admin/bin/adminfunctions.php fi if ! use iptables; then sed -i "/firewall.pl/d" web-admin/Makefile.PL fi # systemd binaries have moved from /usr/bin to /bin with later versions if use systemd; then SYSTEMCTL=$(equery f systemd | grep "bin/systemctl$") sed -e "s#/usr/bin/systemctl#${SYSTEMCTL}#g" -i web-admin/bin/diskdaemon.pl sed -e "s#/usr/bin/systemctl#${SYSTEMCTL}#g" -i web-admin/bin/adminfunctions.php sed -e "s#/usr/bin/systemctl#${SYSTEMCTL}#g" -i web-admin/lib/Bubba.pm fi } src_configure() { perl Makefile.PL NAME="Bubba" } src_compile() { make DESTDIR=${ED} } src_install() { make DESTDIR=${ED} install exeinto /opt/bubba/bin doexe airprint-generate new_printer_init.sh cups-list-printers smbd-reload ${FILESDIR}/identify_box bubba-run-backupjobs ${FILESDIR}/dpkg-query dosym /opt/bubba/bin/dpkg-query /usr/bin/dpkg-query if use nftables; then newexe "${FILESDIR}/nftfirewall.pl" firewall.pl fi insinto /var/lib/bubba if use iptables; then doins iptables.xslt fi doins hosts.in personal-setting-files.txt #firewall support if use iptables; then if use systemd; then systemd_dounit "${FILESDIR}/bubba-firewall.service" exeinto /opt/bubba/sbin doexe bubba-firewall.sh else newinitd ${FILESDIR}/bubba-firewall.initd bubba-firewall fi newconfd ${FILESDIR}/bubba-firewall.confd bubba-firewall fi if use nftables; then if use systemd; then systemd_dounit "${FILESDIR}/bubba-firewall.service" exeinto /opt/bubba/sbin doexe bubba-firewall.sh else newinitd ${FILESDIR}/bubba-nft.initd bubba-firewall fi newconfd ${FILESDIR}/bubba-nft.confd bubba-firewall fi # documentation dodoc "${S}/debian/copyright" ${FILESDIR}/Changelog newdoc "${S}/debian/changelog" changelog.debian insinto /usr/share/doc/${PF}/examples docompress -x /usr/share/doc/${PF}/examples doins services/* if use iptables; then doins ${FILESDIR}/firewall.conf fi if use nftables; then doins ${FILESDIR}/firewall.nft fi doins sysctl.conf auth_template.xml # cron targets insinto /etc/cron.d newins ${FILESDIR}/excito-backup.crond excito-backup newins ${FILESDIR}/bubba-notify.crond bubba-notify keepdir /var/spool/bubba-notify insinto /etc/bubba-notify/ doins bubba-notify.conf keepdir /etc/bubba-notify/available keepdir /etc/bubba-notify/enabled } pkg_postinst() { if ! getent passwd admin >/dev/null; then elog "Adding administrator user \"admin\""; /usr/sbin/useradd -m -c "Administrator" -s "/bin/bash" -U -G users,lpadmin -p `perl -MCrypt::PasswdMD5 -e 'print unix_md5_crypt("admin")'` admin; fi if [ ! -f /home/admin/.bubbacfg ]; then echo "default_lang=en" > /home/admin/.bubbacfg echo "default_locale=en_US" >> /home/admin/.bubbacfg echo "network_profile=router" >> /home/admin/.bubbacfg echo "run_wizard=no" >> /home/admin/.bubbacfg use apache2 && chown root.apache /home/admin/.bubbacfg use nginx && chown root.nginx /home/admin/.bubbacfg fi if [ ! -e /etc/bubba/auth.xml ]; then elog "Installing default auth config" cp /usr/share/doc/${PF}/examples/auth_template.xml /etc/bubba/auth.xml fi if use iptables; then ewarn "" ewarn "If you like to be able to use the Bubba web interface to manage your firewall," ewarn "then please make sure to save your current state to /etc/bubba/firewall.conf" ewarn "and that the following rules are included:" ewarn "" ewarn "iptables -N Bubba_IN" ewarn "iptables -A INPUT -j Bubba_IN" ewarn "iptables -N Bubba_FWD" ewarn "iptables -A FORWARD -j Bubba_FWD" ewarn "iptables -t nat -N Bubba_DNAT" ewarn "iptables -t nat -A PREROUTING -j Bubba_DNAT" ewarn "iptables -t nat -N Bubba_SNAT" ewarn "iptables -t nat -A POSTROUTING -j Bubba_SNAT" fi if use nftables; then ewarn "" ewarn "If you like to be able to use the Bubba web interface to manage your firewall," ewarn "then please make sure to save your current state to /etc/bubba/firewall.nft" ewarn "and that the following rules are included:" ewarn "" ewarn "nftables add chain ip filter Bubba_IN" ewarn "nftables add rule ip filter INPUT jump Bubba_IN" ewarn "nftables add chain ip filter Bubba_FWD" ewarn "nftables add rule ip filter FORWARD jump Bubba_FWD" ewarn "nftables add chain ip nat Bubba_DNAT" ewarn "nftables add rule ip nat PREROUTING jump Bubba_DNAT" ewarn "nftables add chain ip nat Bubba_SNAT" ewarn "nftables add rule ip nat POSTROUTING jump Bubba_SNAT" fi # At present, the forked-daapd install does not provide a systemd service file, so # we cannot control the service. If /etc/forked-daapd.conf exists, either through # forked-daapd installer or our bubba-install we provide our own service file. if use systemd; then if [ -e /etc/forked-daapd.conf ] && [ ! -e /usr/lib/systemd/system/forked-daapd.service ]; then cp ${FILESDIR}/forked-daapd.service /usr/lib/systemd/system/ fi fi }