# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4

PortSystem          1.0
PortGroup           bitbucket 1.0

bitbucket.setup     sshguard sshguard 2.5.1 v
revision            0

categories          net security
platforms           darwin
maintainers         {mps @Schamschula} openmaintainer
license             BSD

description         Sshguard protects networked hosts from brute force attacks.

long_description    Sshguard monitors servers from their logging activity. When logs convey \
                    that someone is doing a Bad Thing, sshguard reacts by blocking he/she/it \
                    for a bit. Sshguard has a touchy personality: when a naughty tyke \
                    insists disturbing your host, it reacts firmer and firmer.

homepage            http://www.sshguard.net/

checksums           rmd160  bcffb585534c504cd9fbf950c3802fda334d255a \
                    sha256  2d2d32f4599161e02bcf24f7cb396359c45a1d7a46936dfd64f10f0bdbd10d2f \
                    size    75102

use_autoreconf      yes

set python.version  313
set python.branch   [string index ${python.version} 0].[string range ${python.version} 1 end]

depends_build-append \
                    port:py${python.version}-docutils

# we need to add the path to rst2man.py
set path $::env(PATH):${frameworks_dir}/Python.framework/Versions/${python.branch}/bin/
configure.env-append \
                    PATH=${path}
build.env-append    PATH=${path}

post-extract {

    copy ${filespath}/sshguard-options-wrapper \
        ${worksrcpath}/sshguard-options-wrapper
    copy ${filespath}/options.example \
        ${worksrcpath}/options.example
    reinplace "s|@PREFIX@|${prefix}|" \
        ${worksrcpath}/sshguard-options-wrapper \
        ${worksrcpath}/options.example
    reinplace "s|@NAME@|${name}|" \
        ${worksrcpath}/options.example
}

post-destroot {

    xinstall -d ${destroot}${prefix}/etc/${name}
    xinstall -d ${destroot}${prefix}/libexec/${name}
    xinstall -d ${destroot}${prefix}/share/${name}
    xinstall -d ${destroot}${prefix}/var/db/${name}
    xinstall -m 644 ${worksrcpath}/options.example \
        ${destroot}${prefix}/etc/${name}/options.example
    xinstall -m 755 ${worksrcpath}/sshguard-options-wrapper \
        ${destroot}${prefix}/libexec/${name}/sshguard-options-wrapper
    xinstall -m 544 ${worksrcpath}/README.rst \
        ${destroot}${prefix}/share/${name}/README.rst
    touch ${destroot}${prefix}/var/db/${name}/keepdir
}

post-activate {

    if {![file exists ${prefix}/etc/${name}/options]} {
        xinstall -m 644 ${prefix}/etc/${name}/options.example \
            ${prefix}/etc/${name}/options
    }
    if {![file exists ${prefix}/etc/${name}/whitelist]} {
        touch ${prefix}/etc/${name}/whitelist
    }
}

startupitem.create      yes
startupitem.executable  "${prefix}/libexec/${name}/sshguard-options-wrapper"

livecheck.type      regex
livecheck.url       http://sourceforge.net/projects/sshguard/files/sshguard/
livecheck.regex     "/sshguard-(\\d+(?:\\.\\d+)*)"

notes "

* This port installs a wrapper script \"sshguard-options-wrapper\" to
facilitate the use of an options file with launchd.

* You can add log files to monitor by adding '-l /path/to/file.log'
lines to ${prefix}/etc/${name}/options.

* You can white list ip addresses and hostnames by editing
${prefix}/etc/${name}/whitelist.
Example:
    # comment line (a '#' as very first character)
    #   a single ip address
    1.2.3.4
    #   address blocks in CIDR notation
    127.0.0.0/8
    10.11.128.0/17
    192.168.0.0/24
    #   hostnames
    rome-fw.enterprise.com
    hosts.friends.com

* You can load ${name} with this command:
$ sudo port load ${name}

"
