-
Notifications
You must be signed in to change notification settings - Fork 35
/
omd.spec.in
268 lines (239 loc) · 9 KB
/
omd.spec.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
Summary: OMD Labs Edition - OpenSource Monitoring Distribution (Labs Edition)
Name: omd-%{version}
Version: SET BY MAKEFILE
Release: SET BY MAKEFILE
License: GPL
URL: https://omd.consol.de/docs/omd/
Group: Application/System
Source: %{name}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
AutoReq: off
AutoProv: off
Provides: omd
Requires:
%if 0%{?systemd_requires}
BuildRequires: systemd
%endif
#%define _missing_doc_files_terminate_build 0
#%define _unpackaged_files_terminate_build 0
# disable binary striping
%global __os_install_post %{nil}
# disable creating debug packages
%global debug_package %{nil}
%global _build_id_links none
%description
OMD Labs Edition - Open Source Monitoring Distribution (Labs Edition)
containing Naemon, Icinga 2 (Nagios compatible), Prometheus, Grafana,
Thruk, Mod-Gearman, PNP4Nagios and many more...
Maintained by https://omd.consol.de/docs/omd/
%package debug
Summary: OMD Labs Edition debug binaries
Group: Application/System
Requires: %{name}
%description debug
Open Source Monitoring Distribution (Labs Edition) debug binaries.
%prep
# make builds reproducable and cacheable by not changing build root every day
rm -rf omd-%{version} omd
ln -s omd-%{version} omd
%setup -q -D -n omd
cd ..
rm omd
mv omd-%{version} omd
cd omd
%build
make -j 4
make pack
%install
mkdir -p $RPM_BUILD_ROOT
tar xzf omd-bin-%{version}.tar.gz -C $RPM_BUILD_ROOT
# Remove all global symbolic links from package. They are shared
# among all versions and must be handled in %post und %postun
# in order to avoid RPM conflicts
rm -f $RPM_BUILD_ROOT/opt/omd/versions/default
rm -f $RPM_BUILD_ROOT/omd
rm -f $RPM_BUILD_ROOT/usr/bin/omd
rm -f $RPM_BUILD_ROOT/usr/share/man/man8/omd.8.gz
rm -f $RPM_BUILD_ROOT/@APACHE_CONFDIR@/*
rm -f $RPM_BUILD_ROOT/etc/init.d/omd
rm -rf $RPM_BUILD_ROOT/usr/lib/systemd
find \
$RPM_BUILD_ROOT/opt/omd/versions/%{version}/bin/ \
$RPM_BUILD_ROOT/opt/omd/versions/%{version}/lib/ \
-type f \
\( \
-not -name "*.dbg" \
-not -name "waitmax" \
-not -name "agent_modbus" \
-not -path "*/.local-chromium/*" \
\) \
-print0 \
| xargs -0 -n 500 strip 2>&1 \
| grep -ivP 'File format not recognized|File truncated' \
|| :
%files
%defattr(-,root,root)
/opt/omd
%caps(cap_net_raw,cap_net_bind_service+ep) /opt/omd/versions/%{version}/lib/monitoring-plugins/check_dhcp
%caps(cap_net_raw+ep) /opt/omd/versions/%{version}/lib/monitoring-plugins/check_icmp
%caps(cap_net_raw+ep) /opt/omd/versions/%{version}/bin/blackbox_exporter
#%exclude /opt/omd/versions/%{version}/bin/*.dbg
#%exclude /opt/omd/versions/%{version}/lib/*.dbg
#%exclude /opt/omd/versions/%{version}/lib/mod_gearman/*.dbg
#%exclude /opt/omd/versions/%{version}/lib/naemon/*.dbg
#%files debug
#%defattr(-,root,root)
#/opt/omd/versions/%{version}/bin/*.dbg
#/opt/omd/versions/%{version}/lib/*.dbg
#/opt/omd/versions/%{version}/lib/mod_gearman/*.dbg
#/opt/omd/versions/%{version}/lib/naemon/*.dbg
%pre
groupadd -r omd 2>/dev/null || true
# create symlink if not exists
if [ ! -e /omd ]
then
ln -sfn /opt/omd /omd
fi
%post
# Activate init script for OMD, but only the first
# time an OMD package is being installed. The admin
# might have deactivated the script himself and does
# not want to make it implicitely active again.
ACTIVATE_INIT=0
if [ ! -e /omd/versions/default ] ; then
echo "Activating omd systemd service"
ACTIVATE_INIT=1
fi
echo "New default version is %{version}."
ln -sfn "%{version}" /omd/versions/default
ln -sfn /omd/versions/default/bin/omd /usr/bin/omd
ln -sfn /omd/versions/default/share/man/man8/omd.8.gz /usr/share/man/man8/omd.8.gz
ln -sfn /omd/versions/default/share/omd/apache.conf @APACHE_CONFDIR@/zzz_omd.conf
mkdir -p /etc/bash_completion.d
ln -sfn /omd/versions/default/lib/omd/omd_bash_completion /etc/bash_completion.d/omd
rm -f %{_unitdir}/omd.service
cp -fp /omd/versions/default/share/omd/omd.service %{_unitdir}/omd.service
%systemd_post omd.service
systemctl daemon-reload
systemctl enable omd.service
# SLES: make sure apache modules are activated
if which a2enmod >/dev/null 2>&1
then
echo "Makeing sure that Apache modules proxy, http_proxy and rewrite are activated."
a2enmod proxy 2>/dev/null || true
a2enmod proxy_http 2>/dev/null || true
a2enmod rewrite 2>/dev/null || true
%if 0%{?suse_version} > 1200
# Only relevant for SLES12 or newer (having apache 2.4)
# This still allows old permission configs like "Order: ..."
a2enmod mod_access_compat 2>/dev/null || true
a2enmod socache_shmcb 2>/dev/null || true
%endif
%if 0%{?suse_version} > 0
a2enmod ssl 2>/dev/null || true
a2enflag SSL 2>/dev/null || true
# prepare ssl webserver
serverkey=/etc/apache2/ssl.key/server.key
if ! test -f /etc/apache2/vhosts.d/vhost-ssl.conf && ! test -f /etc/apache2/vhosts.d/vhost-ssl-omd.conf; then
cp /etc/apache2/vhosts.d/vhost-ssl.template /etc/apache2/vhosts.d/vhost-ssl-omd.conf
sed -i -e 's|vhost-example.crt|server.crt|g' -e 's|vhost-example.key|server.key|g' /etc/apache2/vhosts.d/vhost-ssl-omd.conf
fi
if ! test -f $serverkey || grep -q 'THIS FILE HAS TO BE REPLACED' $serverkey; then
openssl req -new -config /omd/versions/%{version}/share/omd/openssl.cnf -keyout /etc/apache2/privkey.pem -batch > /etc/apache2/ssl.csr/omd.csr 2>/dev/null
openssl rsa -in /etc/apache2/privkey.pem -out $serverkey -passin pass:selfsigned 2> /dev/null
openssl x509 -in /etc/apache2/ssl.csr/omd.csr -out /etc/apache2/ssl.crt/server.crt -req -signkey $serverkey -days 3650 2> /dev/null
fi
%endif
fi
ls -1 /etc/apache2/vhosts.d/vhost-ssl-omd.conf /etc/httpd/conf.d/ssl.conf 2>/dev/null | \
while read file; do
if ! grep /omd/apache/ $file >/dev/null 2>&1; then
sed -i -e 's|</VirtualHost>|\n @APACHE_INCLUDEOPT@ /omd/apache/*.include\n</VirtualHost>|g' $file
fi
done
# SLES: make sure that the following file exists:
if [ -d /etc/apache2/sysconfig.d ]
then
touch /etc/apache2/sysconfig.d/include.conf
fi
# Make sure, global apache startscript is activated on first installation
if [ $ACTIVATE_INIT -eq 1 ]; then
chkconfig --add @APACHE_NAME@ >/dev/null 2>&1
chkconfig @APACHE_NAME@ on >/dev/null 2>&1
# ensure apache is running
service @APACHE_NAME@ start >/dev/null 2>&1
fi
# enable required selinux booleans
setsebool -P httpd_can_network_relay on >/dev/null 2>&1
setsebool -P httpd_can_network_connect on >/dev/null 2>&1
exit 0
%preun
# on run if uninstalled, not during updates
if [ $1 = 0 ] ; then
for link in /omd/sites/*/version
do
target=$(readlink $link 2>/dev/null) || continue
version=${target##*/}
if [ "$version" = %{version} ]
then
site=${link#/omd/sites/}
site=${site%/version}
echo "Site $site is still using this version, saving skel/ folder for later upgrade" >&2
omd stop $site >/dev/null 2>&1 || :
rm -rf /omd/sites/$site/.backup_meta
mkdir /omd/sites/$site/.backup_meta
cp /omd/versions/$version/share/omd/skel.permissions /omd/sites/$site/.backup_meta/skel.permissions
cp -r /omd/versions/$version/skel /omd/sites/$site/.backup_meta/
chown -R $site:$site /omd/sites/$site/.backup_meta
fi
done
fi
exit 0
%postun
# on run if uninstalled, not during updates
if [ $1 = 0 ] ; then
# sles12 sometimes does not remove some empty folders
rm -rf /omd/versions/%{version}
rm -f /omd/versions/default
rm -f %{_unitdir}/omd.service
%systemd_postun omd.service
systemctl daemon-reload
v=$(ls -A /omd/versions 2>/dev/null| sort -n | tail -n 1)
if [ -n "$v" ]; then
echo "New default version is $v"
ln -sfn "$v" /omd/versions/default
rm -f %{_unitdir}/omd.service
cp -fp /omd/versions/default/share/omd/omd.service %{_unitdir}/omd.service
%systemd_post omd.service
systemctl daemon-reload
systemctl enable omd.service
else
echo "Removing system group 'omd'"
groupdel omd
echo "Removing global symbolic links"
rm -f /usr/bin/omd
rm -f /usr/share/man/man8/omd.8.gz
rm -f /etc/init.d/omd
rm -f /etc/bash_completion.d/omd
rmdir /opt/omd/versions
rm -f @APACHE_CONFDIR@/zzz_omd.conf
rm -f /etc/apache2/vhosts.d/vhost-ssl-omd.conf
rm -f /omd
ls -1 /etc/apache2/vhosts.d/vhost-ssl-omd.conf /etc/httpd/conf.d/ssl.conf 2>/dev/null | \
while read file; do
if grep /omd/apache/ $file >/dev/null 2>&1; then
sed -i -e '/Include.*\/omd\/apache/d' $file
fi
done
# Try to remove empty directories
rmdir /opt/omd/sites 2>/dev/null || true
rmdir /opt/omd 2>/dev/null || true
if type setsebool >/dev/null 2>&1; then
echo "OMD enabled two SELinux booleans, since this is the last OMD package beeing removed, you"
echo "might want to disable them again if you don't need these rules anymore:"
echo "#> setsebool -P httpd_can_network_relay off"
echo "#> setsebool -P httpd_can_network_connect off"
fi
fi
fi
exit 0