summaryrefslogtreecommitdiff
blob: 0a2ab1bd009a12e03f0a2b4f2022c42d784796c3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$

EAPI=5

inherit depend.apache eutils multilib pax-utils toolchain-funcs user versionator

DESCRIPTION="Nagios Fork - Check daemon, CGIs, docs, IDOutils"
HOMEPAGE="http://www.icinga.org/"
#MY_PV=$(delete_version_separator 3)
#SRC_URI="mirror://sourceforge/${PN}/${PN}-${MY_PV}.tar.gz"
#S=${WORKDIR}/${PN}-${MY_PV}
#SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
SRC_URI="https://github.com/${PN}/${PN}-core/releases/download/v${PV}/${P}.tar.gz
	https://dev.gentoo.org/~prometheanfire/dist/patches/CVEs/CVE-2015-8010_1.13.3.patch"

LICENSE="GPL-2"
SLOT="0"
KEYWORDS="amd64 ~hppa x86"
IUSE="+apache2 contrib eventhandler +idoutils lighttpd +mysql perl +plugins postgres ssl +vim-syntax +web"
DEPEND="idoutils? ( dev-db/libdbi-drivers[mysql?,postgres?] )
	perl? ( dev-lang/perl )
	virtual/mailx
	web? (
		media-libs/gd[jpeg,png]
		lighttpd? ( www-servers/lighttpd )
	)
	!net-analyzer/nagios-core"
RDEPEND="${DEPEND}
	plugins? ( || (
		net-analyzer/monitoring-plugins
		net-analyzer/nagios-plugins
	) )"
RESTRICT="test"

want_apache2

pkg_setup() {
	depend.apache_pkg_setup
	enewgroup icinga
	enewgroup nagios
	enewuser icinga -1 -1 /var/lib/icinga "icinga,nagios"
}

src_prepare() {
	epatch "${FILESDIR}/fix-prestripped-binaries-1.7.0.patch"
	epatch "${DISTDIR}/CVE-2015-8010_1.13.3.patch"
}

src_configure() {
	local myconf

	myconf="$(use_enable perl embedded-perl)
	$(use_with perl perlcache)
	$(use_enable idoutils)
	$(use_enable ssl)
	--with-cgiurl=/icinga/cgi-bin
	--with-log-dir=/var/log/icinga
	--libdir=/usr/$(get_libdir)
	--bindir=/usr/sbin
	--sbindir=/usr/$(get_libdir)/icinga/cgi-bin
	--datarootdir=/usr/share/icinga/htdocs
	--localstatedir=/var/lib/icinga
	--sysconfdir=/etc/icinga
	--with-lockfile=/var/run/icinga/icinga.lock
	--with-temp-dir=/tmp/icinga
	--with-temp-file=/tmp/icinga/icinga.tmp"

	if use idoutils ; then
		myconf+=" --with-ido2db-lockfile=/var/run/icinga/ido2db.lock
		--with-icinga-chkfile=/var/lib/icinga/icinga.chk
		--with-ido-sockfile=/var/lib/icinga/ido.sock
		--with-idomod-tmpfile=/tmp/icinga/idomod.tmp"
	fi

	if use eventhandler ; then
		myconfig+=" --with-eventhandler-dir=/etc/icinga/eventhandlers"
	fi

	if use plugins ; then
		myconf+=" --with-plugin-dir=/usr/$(get_libdir)/nagios/plugins"
	else
		myconf+=" --with-plugin-dir=/usr/$(get_libdir)/nagios/plugins"
	fi

	if use !apache2 && use !lighttpd ; then
		myconf+=" --with-command-group=icinga"
	else
		if use apache2 ; then
			myconf+=" --with-httpd-conf=/etc/apache2/conf.d"
			myconf+=" --with-command-group=apache"
		elif use lighttpd ; then
			myconf+=" --with-command-group=lighttpd"
		fi
	fi

	econf ${myconf}
}

src_compile() {
	tc-export CC

	emake icinga || die "make failed"

	if use web ; then
		emake DESTDIR="${D}" cgis || die
	fi

	if use contrib ; then
		emake DESTDIR="${D}" -C contrib || die
	fi

	if use idoutils ; then
		emake DESTDIR="${D}" idoutils || die
	fi
}

src_install() {
	dodoc Changelog README UPGRADING || die

	if ! use web ; then
		sed -i -e '/cd $(SRC_\(CGI\|HTM\))/d' Makefile || die
	fi

	emake DESTDIR="${D}" install{,-config,-commandmode} || die

	if use idoutils ; then
		 emake DESTDIR="${D}" install-idoutils || die
	fi

	if use contrib ; then
		emake DESTDIR="${D}" -C contrib install || die
	fi

	if use eventhandler ; then
		emake DESTDIR="${D}" install-eventhandlers || die
	fi

	newinitd "${FILESDIR}"/icinga-init.d icinga || die
	newconfd "${FILESDIR}"/icinga-conf.d icinga || die
	if use idoutils ; then
		newinitd "${FILESDIR}"/ido2db-init.d ido2db || die
		newconfd "${FILESDIR}"/ido2db-conf.d ido2db || die
		insinto /usr/share/icinga/contrib/db
		doins -r module/idoutils/db/* || die
	fi
	# Apache Module
	if use web ; then
		if use apache2 ; then
			insinto "${APACHE_MODULES_CONFDIR}"
			newins "${FILESDIR}"/icinga-apache.conf 99_icinga.conf || die
		elif use lighttpd ; then
			insinto /etc/lighttpd
			newins "${FILESDIR}"/icinga-lighty.conf lighttpd_icinga.conf || die
		else
			ewarn "${CATEGORY}/${PF} only supports Apache-2.x or Lighttpd webserver"
			ewarn "out-of-the-box. Since you are not using one of them, you"
			ewarn "have to configure your webserver accordingly yourself."
		fi
		fowners -R root:root /usr/$(get_libdir)/icinga || die
		cd "${D}" || die
		find usr/$(get_libdir)/icinga -type d -exec fperms 755 {} +
		find usr/$(get_libdir)/icinga/cgi-bin -type f -exec fperms 755 {} +
	fi

	if use eventhandler ; then
		dodir /etc/icinga/eventhandlers || die
		fowners icinga:icinga /etc/icinga/eventhandlers || die
	fi

	keepdir /etc/icinga
	keepdir /var/lib/icinga
	keepdir /var/lib/icinga/archives
	keepdir /var/lib/icinga/rw
	keepdir /var/lib/icinga/spool/checkresults

	if use apache2 ; then
		webserver=apache
	elif use lighttpd ; then
		webserver=lighttpd
	else
		webserver=icinga
	fi

	fowners icinga:icinga /var/lib/icinga || die "Failed chown of /var/lib/icinga"
	fowners -R icinga:${webserver} /var/lib/icinga/rw || die "Failed chown of /var/lib/icinga/rw"

	fperms 6755 /var/lib/icinga/rw || die "Failed Chmod of ${D}/var/lib/icinga/rw"
	fperms 0750 /etc/icinga || die "Failed chmod of ${D}/etc/icinga"

	# paxmarks
	if use idoutils ; then
		pax-mark m usr/sbin/ido2db
	fi
}

pkg_postinst() {
	if use web ; then
		elog "This does not include cgis that are perl-dependent"
		elog "Currently traceroute.cgi is perl-dependent"
		elog "Note that the user your webserver is running as needs"
		elog "read-access to /etc/icinga."
		elog
		if use apache2 || use lighttpd ; then
			elog "There are several possible solutions to accomplish this,"
			elog "choose the one you are most comfortable with:"
			elog
			if use apache2 ; then
				elog "	usermod -G icinga apache"
				elog "or"
				elog "	chown icinga:apache /etc/icinga"
				elog
				elog "Also edit /etc/conf.d/apache2 and add a line like"
				elog "APACHE2_OPTS=\"\$APACHE2_OPTS -D ICINGA\""
				elog
				elog "Icinga web service needs user authentication. If you"
				elog "use the base configuration, you need a password file"
				elog "with a password for user \"icingaadmin\""
				elog "You can create this file by executing:"
				elog "htpasswd -c /etc/icinga/htpasswd.users icingaadmin"
				elog
				elog "you may want to also add apache to the icinga group"
				elog "to allow it access to the AuthUserFile"
				elog
			elif use lighttpd ; then
				elog "  usermod -G icinga lighttpd "
				elog "or"
				elog "  chown icinga:lighttpd /etc/icinga"
				elog "Also edit /etc/lighttpd/lighttpd.conf and add 'include \"lighttpd_icinga.conf\"'"
			fi
			elog
			elog "That will make icinga's web front end visable via"
			elog "http://localhost/icinga/"
			elog
		else
			elog "IMPORTANT: Do not forget to add the user your webserver"
			elog "is running as to the icinga group!"
		fi
	else
		ewarn "Please note that you have installed Icinga without web interface."
		ewarn "Please don't file any bugs about having no web interface when you do this."
		ewarn "Thank you!"
	fi
	elog
	elog "If you want icinga to start at boot time"
	elog "remember to execute:"
	elog "  rc-update add icinga default"
	elog
	elog "If your kernel has /proc protection, icinga"
	elog "will not be happy as it relies on accessing the proc"
	elog "filesystem. You can fix this by adding icinga into"
	elog "the group wheel, but this is not recomended."
	elog
	if [ -d "${ROOT}"/var/icinga ] ; then
		ewarn
		ewarn "/var/icinga was moved to /var/lib/icinga"
		ewarn "please move the files if this was an upgrade"
		if use idoutils ; then
			ewarn "and edit /etc/ido2db.cfg to change the location of the files"
			ewarn "it accesses"
			ewarn "update your db with the scripts under the directory"
			ewarn "/usr/share/icinga/contrib/db/"
		fi
		ewarn
		ewarn "The \"mv /var/icinga /var/lib/\" command works well to move the files"
		ewarn "remove /var/icinga afterwards to make this warning disappear"
	fi
}