1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69
|
#!/usr/bin/make -f
export DH_VERBOSE = 1
%:
dh ${@} --with autoreconf,python2
override_dh_auto_configure:
dh_auto_configure -- \
--sysconfdir=/etc/nufw/ --with-mysql-log --with-pgsql-log --with-system-auth --with-ldap \
--with-utf8 --with-nfqueue --with-nfconntrack --without-fixedtimeout --enable-pam-nufw \
--with-prelude-log --with-mysql-auth
override_dh_auto_clean:
dh_auto_clean
find . -name "*.pyc" -delete
override_dh_auto_install:
dh_auto_install
$(MAKE) install-conf DESTDIR=$(CURDIR)/debian/tmp/ sysconfdir=$(CURDIR)/debian/tmp/etc/nufw/
#default certificates
# cp $(CURDIR)/conf/certs/nufw-key.pem $(CURDIR)/debian/tmp/etc/nufw/certs
# cp $(CURDIR)/conf/certs/nufw-cert.pem $(CURDIR)/debian/tmp/etc/nufw/certs
# cp $(CURDIR)/conf/certs/nuauth-key.pem $(CURDIR)/debian/tmp/etc/nufw/certs
# cp $(CURDIR)/conf/certs/nuauth-cert.pem $(CURDIR)/debian/tmp/etc/nufw/certs
# move nuauth config files to /usr/share/nuauth, we will handle them using ucf in nuauth.postinst file
install -d -m0755 $(CURDIR)/debian/tmp/usr/share/nuauth
mv $(CURDIR)/debian/tmp/etc/nufw/nuauth.conf $(CURDIR)/debian/tmp/etc/nufw/nuauth.d $(CURDIR)/debian/tmp/usr/share/nuauth/
for file in `find $(CURDIR)/debian/tmp/usr/share/nuauth/ -type f`; do \
sed -e "s+^#\? *nuauth_tls_key=.*+nuauth_tls_key=\"/etc/nufw/certs/nuauth-key.pem\"+" \
-e "s+^#\? *nuauth_tls_cert=.*+nuauth_tls_cert=\"/etc/nufw/certs/nuauth-cert.pem\"+" \
-e "s+^#\? *nuauth_tls_cacert=.*+nuauth_tls_cacert=\"/etc/ssl/certs/ssl-cert-snakeoil.pem\"+" \
-e "s+^#\? *nuauth_tls_dh_params=.*+nuauth_tls_dh_params=\"/etc/nufw/certs/nuauth-dh_params.pem\"+" \
-e "s+^ *plaintext_aclfile=.*+plaintext_aclfile=\"/etc/nufw/acls.nufw\"+" \
-e "s+^ *plaintext_userfile=.*+plaintext_userfile=\"/etc/nufw/users.nufw\"+" \
-e "s+^ *nuauth_user_check_module=.*+nuauth_user_check_module=\"system\"+" \
-e "s+^ *nuauth_tls_request_cert=.*+nuauth_tls_request_cert=1+" \
-e "s+^#\? *nuauth_tls_disable_nufw_fqdn_check=.*+nuauth_tls_disable_nufw_fqdn_check=1+" \
-i $$file; \
done
#
# do the same for nufw.conf
install -d -m0755 $(CURDIR)/debian/tmp/usr/share/nufw
mv $(CURDIR)/debian/tmp/etc/nufw/nufw.conf $(CURDIR)/debian/tmp/usr/share/nufw/
for file in `find $(CURDIR)/debian/tmp/usr/share/nufw/ -type f`; do \
sed -e "s+^#\? *nufw_tls_key=.*+nufw_tls_key=\"/etc/nufw/certs/nufw-key.pem\"+" \
-e "s+^#\? *nufw_tls_cert=.*+nufw_tls_cert=\"/etc/nufw/certs/nufw-cert.pem\"+" \
-e "s+^#\? *nufw_tls_cacert=.*+nufw_tls_cacert=\"/etc/ssl/certs/ssl-cert-snakeoil.pem\"+" \
-i $$file; \
done
#
install -m0755 $(CURDIR)/scripts/nuaclgen $(CURDIR)/debian/tmp/usr/bin
install -m0755 $(CURDIR)/scripts/nutop $(CURDIR)/debian/tmp/usr/bin
install -m0755 $(CURDIR)/scripts/clean_conntrack.pl $(CURDIR)/debian/tmp/usr/sbin
install -m0640 $(CURDIR)/conf/nuaclgen.conf $(CURDIR)/debian/tmp/etc/nufw/
install -m0640 $(CURDIR)/conf/nutop.conf $(CURDIR)/debian/tmp/etc/nufw/
#
# remove extra files
find $(CURDIR)/debian/tmp -name "*.egg-info" -delete
find $(CURDIR)/debian/tmp -name "*.a" -delete
find $(CURDIR)/debian/tmp -name "libnobuffer*" -delete
find $(CURDIR)/debian/tmp -name "*.pem" -delete
find $(CURDIR)/debian/tmp -name "*.pyc" -delete
override_dh_install:
dh_install -X.la --fail-missing --sourcedir=debian/tmp
|