haproxy/haproxy.spec

#
# spec file for package haproxy
#
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
%if 0%{?suse_version} >= 1230
%bcond_without tcp_fast_open
%else
%bcond_with tcp_fast_open
%endif

%if 0%{?suse_version} >= 1310
%bcond_without systemd
%else
%bcond_with systemd
%endif

%if 0%{?suse_version} > 1140
%bcond_without pcre_jit
%else
%bcond_with pcre_jit
%endif
%bcond_without  apparmor

Name:           haproxy
Version:        1.5.14
Release:        0
#
#
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
BuildRequires:  libgcrypt-devel
BuildRequires:  pcre-devel
BuildRequires:  zlib-devel
BuildRequires:  openssl-devel
BuildRequires:  pkg-config
BuildRequires:  udev
%if %{with systemd}
BuildRequires:  pkgconfig(systemd)
%endif
BuildRequires:  vim
%define pkg_name haproxy
%define pkg_home /var/lib/%{pkg_name}
#
Url:            http://www.haproxy.org/
Source:         http://www.haproxy.org/download/1.5/src/haproxy-%{version}.tar.gz
Source1:        %{pkg_name}.init
Source2:        http://www.haproxy.org/download/contrib/haproxy.vim
Source3:        usr.sbin.haproxy.apparmor
Source4:        local.usr.sbin.haproxy.apparmor
Patch1:         haproxy-1.2.16_config_haproxy_user.patch
Patch2:         haproxy-makefile_lib.patch
Patch3:         sec-options.patch
Patch4:         haproxy-1.5.8-fix-bashisms.patch
# BUG/MINOR: log: missing some ARGC_* entries in fmt_directives()
Patch5:         0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch
# DOC: usesrc root privileges requirements
Patch6:         0002-DOC-usesrc-root-privileges-requirements.patch
# BUILD: ssl: Allow building against libssl without SSLv3.
Patch7:         0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch
# DOC/MINOR: fix OpenBSD versions where haproxy works
Patch8:         0004-DOC-MINOR-fix-OpenBSD-versions-where-haproxy-works.patch
# BUG/MINOR: http/sample: gmtime/localtime can fail
Patch9:         0005-BUG-MINOR-http-sample-gmtime-localtime-can-fail.patch
# DOC: typo in 'redirect', 302 code meaning
Patch10:        0006-DOC-typo-in-redirect-302-code-meaning.patch
# DOC: mention that %ms is left-padded with zeroes.
Patch11:        0007-DOC-mention-that-ms-is-left-padded-with-zeroes.patch
# CLEANUP: .gitignore: ignore more test files
Patch12:        0008-CLEANUP-.gitignore-ignore-more-test-files.patch
# CLEANUP: .gitignore: finally ignore everything but what is known.
Patch13:        0009-CLEANUP-.gitignore-finally-ignore-everything-but-wha.patch
# MEDIUM: config: emit a warning on a frontend without listener
Patch14:        0010-MEDIUM-config-emit-a-warning-on-a-frontend-without-l.patch
# BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry
Patch15:        0011-BUG-MEDIUM-counters-ensure-that-src_-inc-clr-_gpc0-c.patch
# DOC: ssl: missing LF
Patch16:        0012-DOC-ssl-missing-LF.patch
# DOC: fix example of http-request using ssl_fc_session_id
Patch17:        0013-DOC-fix-example-of-http-request-using-ssl_fc_session.patch
# BUG/MINOR: http: remove stupid HTTP_METH_NONE entry
Patch18:        0014-BUG-MINOR-http-remove-stupid-HTTP_METH_NONE-entry.patch
# BUG/MAJOR: http: don't call http_send_name_header() after an error
Patch19:        0015-BUG-MAJOR-http-don-t-call-http_send_name_header-afte.patch

#
Source99:       haproxy-rpmlintrc
#
Summary:        The Reliable, High Performance TCP/HTTP Load Balancer
License:        GPL-2.0+ and LGPL-2.1+
Group:          Productivity/Networking/Web/Proxy
Provides:       %{name}-doc = %{version}
Obsoletes:      %{name}-doc < %{version}
Provides:       haproxy-1.5 = %{version}
Obsoletes:      haproxy-1.5 < %{version}
# this requires is not strictly needed. we only need it for the ownership of the vim data dir
Requires:       vim
%if %{with systemd}
%{?systemd_requires}
%endif
%{!?vim_data_dir:%global vim_data_dir /usr/share/vim/%(readlink /usr/share/vim/current)}

%description
HAProxy implements an event-driven, mono-process model which enables support
for very high number of simultaneous connections at very high speeds.
Multi-process or multi-threaded models can rarely cope with thousands of
connections because of memory limits, system scheduler limits, and lock
contention everywhere. Event-driven models do not have these problems because
implementing all the tasks in user-space allows a finer resource and time
management. The down side is that those programs generally don't scale well on
multi-processor systems. That's the reason why they must be optimized to get
the most work done from every CPU cycle.

%prep
%setup -q
%patch1
%patch2
%patch3
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch18 -p1
%patch19 -p1

%build
%{__make} \
    TARGET=linux26 \
    CPU="%{_target_cpu}" \
    USE_PCRE=1 \
    %if %{with pcre_jit}
    USE_PCRE_JIT=1 \
    %endif
    USE_LIBCRYPT=1 \
    USE_OPENSSL=1 \
    USE_ZLIB=1 \
    USE_NETFILTER=1 \
    %ifarch %ix86
    USE_REGPARM=1 \
    %endif
    USE_TPROXY=1 \
    USE_LINUX_TPROXY=1 \
    USE_LINUX_SPLICE=1 \
    USE_ACCEPT4=1 \
    USE_CPU_AFFINITY=1 \
    USE_GETADDRINFO=1 \
    USE_GETSOCKNAME=1 \
    USE_PIE=1 \
    USE_STACKPROTECTOR=1 \
    USE_RELRO_NOW=1 \
%if %{with tcp_fast_open}
    USE_TFO=1 \
%endif
    LIB="%{_lib}" \
    PREFIX="%{_prefix}" \
    DEBUG_CFLAGS="%{optflags}"
make -C contrib/systemd  PREFIX="%{_prefix}"
make -C contrib/halog    PREFIX="%{_prefix}" \
    DEFINE="%{optflags} -pie -fpie -fstack-protector -Wl,-z,relro,-z,now"

%install
%{__install} -D -m 0755 %{pkg_name}              %{buildroot}%{_sbindir}/%{pkg_name}
%{__install} -D -m 0644 examples/%{pkg_name}.cfg %{buildroot}%{_sysconfdir}/%{pkg_name}/%{pkg_name}.cfg

%{__install} -D -m 0755 contrib/halog/halog       %{buildroot}%{_sbindir}/haproxy-halog
%if %{with systemd}
%{__install} -D -m 0755 haproxy-systemd-wrapper  %{buildroot}%{_sbindir}/haproxy-systemd-wrapper
%{__install} -D -m 0644 contrib/systemd/%{pkg_name}.service  %{buildroot}%{_unitdir}/%{pkg_name}.service
ln -sf /sbin/service   %{buildroot}%{_sbindir}/rc%{pkg_name}
%else
%{__install} -D -m 0755 %{S:1}                   %{buildroot}%{_sysconfdir}/init.d/%{pkg_name}
%{__ln_s} -f %{_sysconfdir}/init.d/%{pkg_name}   %{buildroot}%{_sbindir}/rc%{pkg_name}
%endif

%{__install} -d -m 0755                          %{buildroot}%{pkg_home}
%{__install} -D -m 0644 %{S:2}                   %{buildroot}%{vim_data_dir}/syntax/%{pkg_name}.vim
%{__install} -D -m 0644 doc/%{pkg_name}.1        %{buildroot}%{_mandir}/man1/%{pkg_name}.1
%if %{with apparmor}
%{__install} -D -m 0644 %{S:3}                   %{buildroot}/etc/apparmor.d/usr.sbin.haproxy
%{__install} -D -m 0644 %{S:4}                   %{buildroot}/etc/apparmor.d/local/usr.sbin.haproxy
%endif

%{__rm} examples/haproxy.spec

%if 0%{?suse_version} < 1230
%clean
%{?buildroot:%{__rm} -rf %{buildroot}}
%endif

%pre
/usr/sbin/groupadd -r %{pkg_name} >/dev/null 2>&1 ||:
/usr/sbin/useradd  -g %{pkg_name} -s /bin/false -r -c "user for %{pkg_name}" -d %{pkg_home} %{pkg_name} >/dev/null 2>&1 || :

%if %{with systemd}
%service_add_pre %{pkg_name}.service

%post
%service_add_post %{pkg_name}.service

%preun
%service_del_preun %{pkg_name}.service

%postun
%service_del_postun %{pkg_name}.service

%else

%post
%fillup_and_insserv %{pkg_name}

%preun
%stop_on_removal %{pkg_name}

%postun
%restart_on_update %{pkg_name}
%{insserv_cleanup}

%endif

%files
%defattr(-,root,root,-)
%doc CHANGELOG README LICENSE
%doc ROADMAP doc/* examples/
%doc contrib/netsnmp-perl/ contrib/selinux/
%dir %{_sysconfdir}/%{pkg_name}
%config(noreplace) %{_sysconfdir}/%{pkg_name}/%{pkg_name}.cfg
%if %{with systemd}
%{_unitdir}/%{pkg_name}.service
%{_sbindir}/haproxy-systemd-wrapper

%else

%config(noreplace) %{_sysconfdir}/init.d/%{pkg_name}

%endif

%{_sbindir}/haproxy
%{_sbindir}/haproxy-halog
%{_sbindir}/rchaproxy
%{pkg_home}
%{_mandir}/man1/%{pkg_name}.1.gz
%{vim_data_dir}/syntax/%{pkg_name}.vim
%if %{with apparmor}
%dir /etc/apparmor.d/
%dir /etc/apparmor.d/local/
%config(noreplace) /etc/apparmor.d/usr.sbin.haproxy
%config(noreplace) /etc/apparmor.d/local/usr.sbin.haproxy
%endif

%changelog