Attachment #230596 for bug #260262




PORTNAME=	crowdsec-firewall-bouncer
PORTVERSION=	0.0.20  # NOTE: change BUILD_VERSION and BUILD_TAG as well
PORTREVISION=	2
DISTVERSIONPREFIX=	v
CATEGORIES=	security


USE_GITHUB=	yes
GH_ACCOUNT=	crowdsecurity
GH_PROJECT=	cs-firewall-bouncer
GH_TAGNAME=	v0.0.20-freebsd
#GH_TAGNAME is automatically set from DISTVERSION

USE_RC_SUBR=	crowdsec_firewall


# BUILD_VERSION=$(git describe --tags $(git rev-list --tags --max-count=1))
# BUILD_TAG=$(git rev-parse HEAD)
MAKE_ENV=	BUILD_VERSION="v0.0.20" \
		BUILD_TAG="a456a4debdf3d3551c89b8490bb942f626027310"

ETCDIR=		${PREFIX}/etc/crowdsec/bouncers

do-patch:
	cd ${WRKSRC} && go mod download github.com/mattn/go-sqlite3

post-patch:
	${REINPLACE_CMD} 's,$${BACKEND},pf,g' \
		${WRKSRC}/config/crowdsec-firewall-bouncer.yaml

Lines 1-3 Link Here

(-)b/security/crowdsec-firewall-bouncer/distinfo (-3 / +3 lines)
1	TIMESTAMP = 1637702397	1	TIMESTAMP = 1640213523
2	SHA256 (crowdsecurity-cs-firewall-bouncer-v0.0.17_GH0.tar.gz) = 53af239b86c6b554da3711e3686d7d3036d33b2e561bfb00e195b6c8a06918c8	2	SHA256 (crowdsecurity-cs-firewall-bouncer-v0.0.20-v0.0.20-freebsd_GH0.tar.gz) = 95f8abf5f44e700e7f0a41edf5367715ce06918cb0de7a5d084bdca277563171
3	SIZE (crowdsecurity-cs-firewall-bouncer-v0.0.17_GH0.tar.gz) = 143037	3	SIZE (crowdsecurity-cs-firewall-bouncer-v0.0.20-v0.0.20-freebsd_GH0.tar.gz) = 3018717




#!/bin/sh
#
# PROVIDE: crowdsec_firewall
# REQUIRE: LOGIN DAEMON NETWORKING crowdsec
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf

            fi
        fi
    fi

    # needs real tabs
    cat <<-EOT | /sbin/pfctl -f /dev/fd/0
	table <crowdsec-blacklists> persist
	table <crowdsec6-blacklists> persist
	block drop in quick from <crowdsec-blacklists> to any
	block drop in quick from <crowdsec6-blacklists> to any
	EOT

}

crowdsec_firewall_start() {




--- Makefile.orig	2021-12-22 22:57:23 UTC
+++ Makefile
@@ -11,7 +11,7 @@ BUILD_VERSION?="$(shell git describe --tags `git rev-l
 BUILD_VERSION?="$(shell git describe --tags `git rev-list --tags --max-count=1`)"
 BUILD_GOVERSION="$(shell go version | cut -d " " -f3 | sed -r 's/[go]+//g')"
 BUILD_TIMESTAMP=$(shell date +%F"_"%T)
 BUILD_TAG?="$(shell git rev-parse HEAD)"
-export LD_OPTS=-ldflags "-s -w -X github.com/crowdsecurity/cs-firewall-bouncer/pkg/version.Version=$(BUILD_VERSION) \
+export LD_OPTS=-mod vendor -modcacherw --ldflags "-s -w -X github.com/crowdsecurity/cs-firewall-bouncer/pkg/version.Version=$(BUILD_VERSION) \
 -X github.com/crowdsecurity/cs-firewall-bouncer/pkg/version.BuildDate=$(BUILD_TIMESTAMP) \
 -X github.com/crowdsecurity/cs-firewall-bouncer/pkg/version.Tag=$(BUILD_TAG) \
 -X github.com/crowdsecurity/cs-firewall-bouncer/pkg/version.GoVersion=$(BUILD_GOVERSION)"




In previous versions, the configuration was in /usr/local/etc/crowdsec-firewall-bouncer, you may need
to check if you made any changes there.

This package depends on the Packet Filter service.
To make sure it's active:

----------
# sysrc pf_enable=YES
pf_enable: NO -> YES
# service pf start
Enabling pf.
----------

Then activate the bouncer via sysrc:
table <crowdsec6-blacklists> persist

----------
# sysrc crowdsec_firewall_enable="YES"
crowdsec_firewall_enable: NO -> YES
# service start crowdsec_firewall
----------

After a few seconds, the bouncer should have created the tables and rules:

# pfctl -f /etc/pf.conf

----------
# pfctl -s Tables
crowdsec-blacklists
crowdsec6-blacklists
# pfctl -s Tables -s rules
block drop in quick from <crowdsec-blacklists> to any
block drop in quick from <crowdsec6-blacklists> to any
----------

# sysrc crowdsec_firewall_enable="YES"
EOM
}
]




PORTNAME=	crowdsec
PORTVERSION=	1.2.2	# NOTE: change BUILD_VERSION and BUILD_TAG as well
PORTREVISION=	2
DISTVERSIONPREFIX=	v
CATEGORIES=	security


USE_GITHUB=	yes
GH_ACCOUNT=	crowdsecurity
GH_PROJECT=	crowdsec
GH_TAGNAME=	v1.2.2-freebsd
#GH_TAGNAME is automatically set from DISTVERSION

USE_RC_SUBR=	crowdsec

USE_RC_SUBR=	crowdsec

SUB_FILES=	pkg-message \
		pkg-deinstall

# BUILD_VERSION=$(git describe --tags $(git rev-list --tags --max-count=1))
# BUILD_TAG=$(git rev-parse HEAD)
MAKE_ENV=	BUILD_VERSION="v1.2.2" \
		BUILD_TAG="7865ec368e54e28b23b54a187b9f96999f361f12"

PLUGIN_DIR=	${PREFIX}/lib/crowdsec/plugins
STAGE_PLUGINS=	${STAGEDIR}${PLUGIN_DIR}

Lines 1-3 Link Here

(-)b/security/crowdsec/distinfo (-3 / +3 lines)
1	TIMESTAMP = 1637702390	1	TIMESTAMP = 1640118841
2	SHA256 (crowdsecurity-crowdsec-v1.2.1_GH0.tar.gz) = e3a9bbb70b1995a83c5001d06dbbcb5f59d43e4d7c18b60548f305a62d2dd6a3	2	SHA256 (crowdsecurity-crowdsec-v1.2.2-v1.2.2-freebsd_GH0.tar.gz) = 25f8503122b38e10f837c4eb8cf7e43ceb15de9a05ea7e89384715a7567ad8cd
3	SIZE (crowdsecurity-crowdsec-v1.2.1_GH0.tar.gz) = 659398	3	SIZE (crowdsecurity-crowdsec-v1.2.2-v1.2.2-freebsd_GH0.tar.gz) = 16571481




    }

    HUB_DIR=$(Config ConfigPaths.HubDir)
    if ! ls -1qA "$HUB_DIR"/* >/dev/null 2>&1; then
        echo "Fetching hub inventory"
        cs_cli hub update || :
    fi

    if [ "$(cs_cli machines list -o json)" = "[]" ]; then
        echo "Registering LAPI"
        cs_cli machines add --auto || :
    fi

        cs_cli capi register || :
    fi

    # This would work but takes 30secs to timeout while reading the metrics, because crowdsec is not running yet.
    #    cs_cli collections inspect crowdsecurity/freebsd 2>/dev/null | grep ^installed | grep -q true || \
    #        cs_cli collections install crowdsecurity/freebsd || :

    # So we just check for the file
    if [ ! -e "${CONFIG_DIR}/collections/freebsd.yaml" ]; then
        cs_cli collections install crowdsecurity/freebsd || :
        cs_cli parsers install crowdsecurity/geoip-enrich || :
    fi
}





--- Makefile.orig	2021-12-21 21:18:22 UTC
+++ Makefile
@@ -44,14 +44,14 @@ BUILD_CODENAME=$(shell cat RELEASE.json | jq -r .CodeN
 BUILD_GOVERSION="$(shell go version | cut -d " " -f3 | sed -E 's/[go]+//g')"
 BUILD_CODENAME=$(shell cat RELEASE.json | jq -r .CodeName)
 BUILD_TIMESTAMP=$(shell date +%F"_"%T)
 BUILD_TAG?="$(shell git rev-parse HEAD)"
+BUILD_TAG?="$(shell git rev-parse HEAD)"
 
-export LD_OPTS=-ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=$(BUILD_VERSION) \
+export LD_OPTS=-mod vendor -modcacherw -ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=$(BUILD_VERSION) \
 -X github.com/crowdsecurity/crowdsec/pkg/cwversion.System=$(SYSTEM) \
 -X github.com/crowdsecurity/crowdsec/pkg/cwversion.BuildDate=$(BUILD_TIMESTAMP) \
 -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Codename=$(BUILD_CODENAME)  \
 -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Tag=$(BUILD_TAG) \
 -X github.com/crowdsecurity/crowdsec/pkg/cwversion.GoVersion=$(BUILD_GOVERSION)"
 
-export LD_OPTS_STATIC=-ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=$(BUILD_VERSION) \
+export LD_OPTS_STATIC=-mod vendor -modcacherw -ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=$(BUILD_VERSION) \
 -X github.com/crowdsecurity/crowdsec/pkg/cwversion.BuildDate=$(BUILD_TIMESTAMP) \
 -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Codename=$(BUILD_CODENAME)  \
 -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Tag=$(BUILD_TAG) \
@@ -176,4 +176,4 @@ check_release:
 release: check_release build package
 
 .PHONY:
-release_static: check_release static package_static
\ No newline at end of file
+release_static: check_release static package_static




--- config/acquis.yaml.orig	2021-12-15 10:39:37 UTC
+++ config/acquis.yaml
@@ -11,6 +11,8 @@ filenames:
 labels:
   type: syslog
 ---
-filename: /var/log/apache2/*.log
+filenames:
+ - /var/log/httpd-access.log
+ - /var/log/httpd-error.log
 labels:
   type: apache2

Return to bug 260262

Lines 1-5 Link Here

(-)b/security/crowdsec-firewall-bouncer/Makefile (-6 / +5 lines)
1	PORTNAME= crowdsec-firewall-bouncer	1	PORTNAME= crowdsec-firewall-bouncer
2	PORTVERSION= 0.0.17 # NOTE: change BUILD_VERSION and BUILD_TAG as well	2	PORTVERSION= 0.0.20 # NOTE: change BUILD_VERSION and BUILD_TAG as well
		3	PORTREVISION= 2
3	DISTVERSIONPREFIX= v	4	DISTVERSIONPREFIX= v
4	CATEGORIES= security	5	CATEGORIES= security
5		6
Lines 19-24 RUN_DEPENDS= crowdsec>0:security/crowdsec Link Here
19	USE_GITHUB= yes	20	USE_GITHUB= yes
20	GH_ACCOUNT= crowdsecurity	21	GH_ACCOUNT= crowdsecurity
21	GH_PROJECT= cs-firewall-bouncer	22	GH_PROJECT= cs-firewall-bouncer
		23	GH_TAGNAME= v0.0.20-freebsd
22	#GH_TAGNAME is automatically set from DISTVERSION	24	#GH_TAGNAME is automatically set from DISTVERSION
23		25
24	USE_RC_SUBR= crowdsec_firewall	26	USE_RC_SUBR= crowdsec_firewall
Lines 28-41 SUB_FILES= pkg-message \ Link Here
28		30
29	# BUILD_VERSION=$(git describe --tags $(git rev-list --tags --max-count=1))	31	# BUILD_VERSION=$(git describe --tags $(git rev-list --tags --max-count=1))
30	# BUILD_TAG=$(git rev-parse HEAD)	32	# BUILD_TAG=$(git rev-parse HEAD)
31	MAKE_ENV= BUILD_VERSION="v0.0.17" \	33	MAKE_ENV= BUILD_VERSION="v0.0.20" \
32	BUILD_TAG="b330209afcdefd0046fd6790999bbb342c02f1b3"	34	BUILD_TAG="a456a4debdf3d3551c89b8490bb942f626027310"
33		35
34	ETCDIR= ${PREFIX}/etc/crowdsec/bouncers	36	ETCDIR= ${PREFIX}/etc/crowdsec/bouncers
35		37
36	do-patch:
37	cd ${WRKSRC} && go mod download github.com/mattn/go-sqlite3
38
39	post-patch:	38	post-patch:
40	${REINPLACE_CMD} 's,$${BACKEND},pf,g' \	39	${REINPLACE_CMD} 's,$${BACKEND},pf,g' \
41	${WRKSRC}/config/crowdsec-firewall-bouncer.yaml	40	${WRKSRC}/config/crowdsec-firewall-bouncer.yaml

Lines 1-7 Link Here

(-)b/security/crowdsec-firewall-bouncer/files/crowdsec_firewall.in (-1 / +10 lines)
1	#!/bin/sh	1	#!/bin/sh
2	#	2	#
3	# PROVIDE: crowdsec_firewall	3	# PROVIDE: crowdsec_firewall
4	# REQUIRE: LOGIN DAEMON NETWORKING	4	# REQUIRE: LOGIN DAEMON NETWORKING crowdsec
5	# KEYWORD: shutdown	5	# KEYWORD: shutdown
6	#	6	#
7	# Add the following lines to /etc/rc.conf.local or /etc/rc.conf	7	# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
Lines 41-46 crowdsec_firewall_precmd() { Link Here
41	fi	41	fi
42	fi	42	fi
43	fi	43	fi
		44
		45	# needs real tabs
		46	cat <<-EOT \| /sbin/pfctl -f /dev/fd/0
		47	table <crowdsec-blacklists> persist
		48	table <crowdsec6-blacklists> persist
		49	block drop in quick from <crowdsec-blacklists> to any
		50	block drop in quick from <crowdsec6-blacklists> to any
		51	EOT
		52
44	}	53	}
45		54
46	crowdsec_firewall_start() {	55	crowdsec_firewall_start() {

Lines 1-11 Link Here

(-)b/security/crowdsec-firewall-bouncer/files/patch-Makefile (-6 / +6 lines)
1	--- Makefile.orig 2021-12-07 09:00:17 UTC	1	--- Makefile.orig 2021-12-22 22:57:23 UTC
2	+++ Makefile	2	+++ Makefile
3	@@ -11,7 +11,7 @@ GOGET=$(GOCMD) get	3	@@ -11,7 +11,7 @@ BUILD_VERSION?="$(shell git describe --tags `git rev-l
4	BUILD_VERSION?="$(shell git describe --tags `git rev-list --tags --max-count=1`)"
5	BUILD_GOVERSION="$(shell go version \| cut -d " " -f3 \| sed -r 's/[go]+//g')"	4	BUILD_GOVERSION="$(shell go version \| cut -d " " -f3 \| sed -r 's/[go]+//g')"
6	BUILD_TIMESTAMP=$(shell date +%F"_"%T)	5	BUILD_TIMESTAMP=$(shell date +%F"_"%T)
7	-BUILD_TAG="$(shell git rev-parse HEAD)"	6	BUILD_TAG?="$(shell git rev-parse HEAD)"
8	+BUILD_TAG?="$(shell git rev-parse HEAD)"	7	-export LD_OPTS=-ldflags "-s -w -X github.com/crowdsecurity/cs-firewall-bouncer/pkg/version.Version=$(BUILD_VERSION) \
9	export LD_OPTS=-ldflags "-s -w -X github.com/crowdsecurity/cs-firewall-bouncer/pkg/version.Version=$(BUILD_VERSION) \	8	+export LD_OPTS=-mod vendor -modcacherw --ldflags "-s -w -X github.com/crowdsecurity/cs-firewall-bouncer/pkg/version.Version=$(BUILD_VERSION) \
10	-X github.com/crowdsecurity/cs-firewall-bouncer/pkg/version.BuildDate=$(BUILD_TIMESTAMP) \	9	-X github.com/crowdsecurity/cs-firewall-bouncer/pkg/version.BuildDate=$(BUILD_TIMESTAMP) \
11	-X github.com/crowdsecurity/cs-firewall-bouncer/pkg/version.Tag=$(BUILD_TAG) \	10	-X github.com/crowdsecurity/cs-firewall-bouncer/pkg/version.Tag=$(BUILD_TAG) \
		11	-X github.com/crowdsecurity/cs-firewall-bouncer/pkg/version.GoVersion=$(BUILD_GOVERSION)"

Lines 11-37 configuration file, which is now in %%ETCDIR%%/crowdsec-firewall-bouncer.yaml Link Here

(-)b/security/crowdsec-firewall-bouncer/files/pkg-message.in (-13 / +21 lines)
11	In previous versions, the configuration was in /usr/local/etc/crowdsec-firewall-bouncer, you may need	11	In previous versions, the configuration was in /usr/local/etc/crowdsec-firewall-bouncer, you may need
12	to check if you made any changes there.	12	to check if you made any changes there.
13		13
14	If it's the first time, you need to edit your Packet Filter configuration.	14	This package depends on the Packet Filter service.
15	Add the following in /etc/pf.conf to create the tables:	15	To make sure it's active:
16		16
17	----------	17	----------
18	# create crowdsec ipv4 table	18	# sysrc pf_enable=YES
19	table <crowdsec-blacklists> persist	19	pf_enable: NO -> YES
		20	# service pf start
		21	Enabling pf.
		22	----------
20		23
21	# create crowdsec ipv6 table	24	Then activate the bouncer via sysrc:
22	table <crowdsec6-blacklists> persist
23		25
24	block drop in quick from <crowdsec-blacklists> to any	26	----------
25	block drop in quick from <crowdsec6-blacklists> to any	27	# sysrc crowdsec_firewall_enable="YES"
		28	crowdsec_firewall_enable: NO -> YES
		29	# service start crowdsec_firewall
26	----------	30	----------
27		31
28	To apply the file:	32	After a few seconds, the bouncer should have created the tables and rules:
29
30	# pfctl -f /etc/pf.conf
31		33
32	Then activate the bouncer via sysrc:	34	----------
		35	# pfctl -s Tables
		36	crowdsec-blacklists
		37	crowdsec6-blacklists
		38	# pfctl -s Tables -s rules
		39	block drop in quick from <crowdsec-blacklists> to any
		40	block drop in quick from <crowdsec6-blacklists> to any
		41	----------
33		42
34	# sysrc crowdsec_firewall_enable="YES"
35	EOM	43	EOM
36	}	44	}
37	]	45	]

Lines 1-5 Link Here

(-)b/security/crowdsec/Makefile (-5 / +5 lines)
1	PORTNAME= crowdsec	1	PORTNAME= crowdsec
2	PORTVERSION= 1.2.1 # NOTE: change BUILD_VERSION and BUILD_TAG as well	2	PORTVERSION= 1.2.2 # NOTE: change BUILD_VERSION and BUILD_TAG as well
		3	PORTREVISION= 2
3	DISTVERSIONPREFIX= v	4	DISTVERSIONPREFIX= v
4	CATEGORIES= security	5	CATEGORIES= security
5		6
Lines 18-36 USES= gmake Link Here
18	USE_GITHUB= yes	19	USE_GITHUB= yes
19	GH_ACCOUNT= crowdsecurity	20	GH_ACCOUNT= crowdsecurity
20	GH_PROJECT= crowdsec	21	GH_PROJECT= crowdsec
		22	GH_TAGNAME= v1.2.2-freebsd
21	#GH_TAGNAME is automatically set from DISTVERSION	23	#GH_TAGNAME is automatically set from DISTVERSION
22		24
23	USE_RC_SUBR= crowdsec	25	USE_RC_SUBR= crowdsec
24		26
25	USE_RC_SUBR= crowdsec
26
27	SUB_FILES= pkg-message \	27	SUB_FILES= pkg-message \
28	pkg-deinstall	28	pkg-deinstall
29		29
30	# BUILD_VERSION=$(git describe --tags $(git rev-list --tags --max-count=1))	30	# BUILD_VERSION=$(git describe --tags $(git rev-list --tags --max-count=1))
31	# BUILD_TAG=$(git rev-parse HEAD)	31	# BUILD_TAG=$(git rev-parse HEAD)
32	MAKE_ENV= BUILD_VERSION="v1.2.1" \	32	MAKE_ENV= BUILD_VERSION="v1.2.2" \
33	BUILD_TAG="dd03d073558e380c283afe66942f537c3da647ff"	33	BUILD_TAG="7865ec368e54e28b23b54a187b9f96999f361f12"
34		34
35	PLUGIN_DIR= ${PREFIX}/lib/crowdsec/plugins	35	PLUGIN_DIR= ${PREFIX}/lib/crowdsec/plugins
36	STAGE_PLUGINS= ${STAGEDIR}${PLUGIN_DIR}	36	STAGE_PLUGINS= ${STAGEDIR}${PLUGIN_DIR}

Lines 43-54 crowdsec_precmd() { Link Here

(-)b/security/crowdsec/files/crowdsec.in (-7 / +8 lines)
43	}	43	}
44		44
45	HUB_DIR=$(Config ConfigPaths.HubDir)	45	HUB_DIR=$(Config ConfigPaths.HubDir)
46	if ! ls -1qA "$HUB_DIR/*" >/dev/null 2>&1; then	46	if ! ls -1qA "$HUB_DIR"/* >/dev/null 2>&1; then
47	echo "Fetching hub inventory"	47	echo "Fetching hub inventory"
48	cs_cli hub update \|\| :	48	cs_cli hub update \|\| :
49	fi	49	fi
50		50
51	if [ -z "$(cs_cli machines list -o raw)" ]; then	51	if [ "$(cs_cli machines list -o json)" = "[]" ]; then
52	echo "Registering LAPI"	52	echo "Registering LAPI"
53	cs_cli machines add --auto \|\| :	53	cs_cli machines add --auto \|\| :
54	fi	54	fi
Lines 59-70 crowdsec_precmd() { Link Here
59	cs_cli capi register \|\| :	59	cs_cli capi register \|\| :
60	fi	60	fi
61		61
62	cs_cli collections inspect crowdsecurity/linux >/dev/null \|\| cs_cli collections install crowdsecurity/linux \|\| :	62	# This would work but takes 30secs to timeout while reading the metrics, because crowdsec is not running yet.
		63	# cs_cli collections inspect crowdsecurity/freebsd 2>/dev/null \| grep ^installed \| grep -q true \|\| \
		64	# cs_cli collections install crowdsecurity/freebsd \|\| :
63		65
64	DATA_DIR=$(Config ConfigPaths.DataDir)	66	# So we just check for the file
65	if [ ! -f "${DATA_DIR}/GeoLite2-City.mmdb" ]; then	67	if [ ! -e "${CONFIG_DIR}/collections/freebsd.yaml" ]; then
66	echo "Installing GeoIP enricher"	68	cs_cli collections install crowdsecurity/freebsd \|\| :
67	cs_cli parsers install crowdsecurity/geoip-enrich \|\| :
68	fi	69	fi
69	}	70	}
70		71

Lines 1-11 Link Here

(-)b/security/crowdsec/files/patch-Makefile (-7 / +22 lines)
1	--- Makefile.orig 2021-11-17 09:15:38 UTC	1	--- Makefile.orig 2021-12-21 21:18:22 UTC
2	+++ Makefile	2	+++ Makefile
3	@@ -42,7 +42,7 @@ BUILD_VERSION?="$(shell git describe --tags `git rev-l	3	@@ -44,14 +44,14 @@ BUILD_CODENAME=$(shell cat RELEASE.json \| jq -r .CodeN
4	BUILD_GOVERSION="$(shell go version \| cut -d " " -f3 \| sed -E 's/[go]+//g')"
5	BUILD_CODENAME=$(shell cat RELEASE.json \| jq -r .CodeName)
6	BUILD_TIMESTAMP=$(shell date +%F"_"%T)	4	BUILD_TIMESTAMP=$(shell date +%F"_"%T)
7	-BUILD_TAG="$(shell git rev-parse HEAD)"	5	BUILD_TAG?="$(shell git rev-parse HEAD)"
8	+BUILD_TAG?="$(shell git rev-parse HEAD)"
9		6
10	export LD_OPTS=-ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=$(BUILD_VERSION) \	7	-export LD_OPTS=-ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=$(BUILD_VERSION) \
		8	+export LD_OPTS=-mod vendor -modcacherw -ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=$(BUILD_VERSION) \
11	-X github.com/crowdsecurity/crowdsec/pkg/cwversion.System=$(SYSTEM) \	9	-X github.com/crowdsecurity/crowdsec/pkg/cwversion.System=$(SYSTEM) \
		10	-X github.com/crowdsecurity/crowdsec/pkg/cwversion.BuildDate=$(BUILD_TIMESTAMP) \
		11	-X github.com/crowdsecurity/crowdsec/pkg/cwversion.Codename=$(BUILD_CODENAME) \
		12	-X github.com/crowdsecurity/crowdsec/pkg/cwversion.Tag=$(BUILD_TAG) \
		13	-X github.com/crowdsecurity/crowdsec/pkg/cwversion.GoVersion=$(BUILD_GOVERSION)"
		14
		15	-export LD_OPTS_STATIC=-ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=$(BUILD_VERSION) \
		16	+export LD_OPTS_STATIC=-mod vendor -modcacherw -ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=$(BUILD_VERSION) \
		17	-X github.com/crowdsecurity/crowdsec/pkg/cwversion.BuildDate=$(BUILD_TIMESTAMP) \
		18	-X github.com/crowdsecurity/crowdsec/pkg/cwversion.Codename=$(BUILD_CODENAME) \
		19	-X github.com/crowdsecurity/crowdsec/pkg/cwversion.Tag=$(BUILD_TAG) \
		20	@@ -176,4 +176,4 @@ check_release:
		21	release: check_release build package
		22
		23	.PHONY:
		24	-release_static: check_release static package_static
		25	\ No newline at end of file
		26	+release_static: check_release static package_static

Added Link Here

(-)b/security/crowdsec/files/patch-config_acquis.yaml (-1 / +12 lines)
0	-	1	--- config/acquis.yaml.orig 2021-12-15 10:39:37 UTC
		2	+++ config/acquis.yaml
		3	@@ -11,6 +11,8 @@ filenames:
		4	labels:
		5	type: syslog
		6	---
		7	-filename: /var/log/apache2/*.log
		8	+filenames:
		9	+ - /var/log/httpd-access.log
		10	+ - /var/log/httpd-error.log
		11	labels:
		12	type: apache2