# # spec file for package haproxy # # Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ %if 0%{?suse_version} >= 1230 %bcond_without tcp_fast_open %else %bcond_with tcp_fast_open %endif %if 0%{?suse_version} >= 1310 %bcond_without systemd %else %bcond_with systemd %endif %if 0%{?suse_version} > 1140 %bcond_without pcre_jit %else %bcond_with pcre_jit %endif %bcond_without apparmor Name: haproxy Version: 1.5.1 Release: 0 # # BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: libgcrypt-devel BuildRequires: pcre-devel BuildRequires: zlib-devel BuildRequires: openssl-devel BuildRequires: pkg-config BuildRequires: udev %if %{with systemd} BuildRequires: pkgconfig(systemd) %endif BuildRequires: vim %define pkg_name haproxy %define pkg_home /var/lib/%{pkg_name} # Url: http://haproxy.1wt.eu/ Source: http://haproxy.1wt.eu/download/1.5/src/haproxy-%{version}.tar.gz Source1: %{pkg_name}.init Source2: http://haproxy.1wt.eu/download/contrib/haproxy.vim Source3: usr.sbin.haproxy.apparmor Source4: local.usr.sbin.haproxy.apparmor Patch1: haproxy-1.2.16_config_haproxy_user.patch Patch2: haproxy-makefile_lib.patch Patch3: sec-options.patch Patch4: haproxy-1.5_check_config_before_start.patch # PATCH-FIX-UPSTREAM: http: fetch "base" is not compatible with set-header Patch5: 0001-BUG-MEDIUM-http-fetch-base-is-not-compatible-with-se.patch # PATCH-FIX-UPSTREAM: ssl: Fix external function in order not to return a pointer on an internal trash buffer. Patch6: 0002-BUG-MINOR-ssl-Fix-external-function-in-order-not-to-.patch # PATCH-FIX-UPSTREAM: counters: do not untrack counters before logging Patch7: 0003-BUG-MINOR-counters-do-not-untrack-counters-before-lo.patch # PATCH-FIX-UPSTREAM: sample: correctly reinitialize sample fetch context before calling sample_process() Patch8: 0004-BUG-MAJOR-sample-correctly-reinitialize-sample-fetch.patch # PATCH-FIX-UPSTREAM: stick-table: make stktable_fetch_key() indicate why it failed Patch9: 0005-MINOR-stick-table-make-stktable_fetch_key-indicate-w.patch # PATCH-FIX-UPSTREAM: counters: fix track-sc* to wait on unstable contents Patch10: 0006-BUG-MEDIUM-counters-fix-track-sc-to-wait-on-unstable.patch Source99: haproxy-rpmlintrc # Summary: The Reliable, High Performance TCP/HTTP Load Balancer License: GPL-2.0+ and LGPL-2.1+ Group: Productivity/Networking/Web/Proxy Provides: %{name}-doc = %{version} Obsoletes: %{name}-doc < %{version} Provides: haproxy-1.5 = %{version} Obsoletes: haproxy-1.5 < %{version} # this requires is not strictly needed. we only need it for the ownership of the vim data dir Requires: vim %if %{with systemd} %{?systemd_requires} %endif %{!?vim_data_dir:%global vim_data_dir /usr/share/vim/%(readlink /usr/share/vim/current)} %description HAProxy implements an event-driven, mono-process model which enables support for very high number of simultaneous connections at very high speeds. Multi-process or multi-threaded models can rarely cope with thousands of connections because of memory limits, system scheduler limits, and lock contention everywhere. Event-driven models do not have these problems because implementing all the tasks in user-space allows a finer resource and time management. The down side is that those programs generally don't scale well on multi-processor systems. That's the reason why they must be optimized to get the most work done from every CPU cycle. %prep %setup -q %patch1 %patch2 %patch3 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch7 -p1 %patch8 -p1 %patch9 -p1 %patch10 -p1 %build %{__make} \ TARGET=linux26 \ CPU="%{_target_cpu}" \ USE_PCRE=1 \ %if %{with pcre_jit} USE_PCRE_JIT=1 \ %endif USE_LIBCRYPT=1 \ USE_OPENSSL=1 \ USE_ZLIB=1 \ USE_NETFILTER=1 \ %ifarch %ix86 USE_REGPARM=1 \ %endif USE_TPROXY=1 \ USE_LINUX_TPROXY=1 \ USE_LINUX_SPLICE=1 \ USE_ACCEPT4=1 \ USE_CPU_AFFINITY=1 \ USE_GETADDRINFO=1 \ USE_GETSOCKNAME=1 \ USE_PIE=1 \ USE_STACKPROTECTOR=1 \ USE_RELRO_NOW=1 \ %if %{with tcp_fast_open} USE_TFO=1 \ %endif LIB="%{_lib}" \ PREFIX="%{_prefix}" \ DEBUG_CFLAGS="%{optflags}" make -C contrib/systemd PREFIX="%{_prefix}" make -C contrib/halog PREFIX="%{_prefix}" \ DEFINE="%{optflags} -pie -fpie -fstack-protector -Wl,-z,relro,-z,now" %install %{__install} -D -m 0755 %{pkg_name} %{buildroot}%{_sbindir}/%{pkg_name} %{__install} -D -m 0644 examples/%{pkg_name}.cfg %{buildroot}%{_sysconfdir}/%{pkg_name}/%{pkg_name}.cfg %{__install} -D -m 0755 contrib/halog/halog %{buildroot}%{_sbindir}/haproxy-halog %if %{with systemd} %{__install} -D -m 0755 haproxy-systemd-wrapper %{buildroot}%{_sbindir}/haproxy-systemd-wrapper %{__install} -D -m 0644 contrib/systemd/%{pkg_name}.service %{buildroot}%{_unitdir}/%{pkg_name}.service ln -sf /sbin/service %{buildroot}%{_sbindir}/rc%{pkg_name} %else %{__install} -D -m 0755 %{S:1} %{buildroot}%{_sysconfdir}/init.d/%{pkg_name} %{__ln_s} -f %{_sysconfdir}/init.d/%{pkg_name} %{buildroot}%{_sbindir}/rc%{pkg_name} %endif %{__install} -d -m 0755 %{buildroot}%{pkg_home} %{__install} -D -m 0644 %{S:2} %{buildroot}%{vim_data_dir}/syntax/%{pkg_name}.vim %{__install} -D -m 0644 doc/%{pkg_name}.1 %{buildroot}%{_mandir}/man1/%{pkg_name}.1 %if %{with apparmor} %{__install} -D -m 0644 %{S:3} %{buildroot}/etc/apparmor.d/usr.sbin.haproxy %{__install} -D -m 0644 %{S:4} %{buildroot}/etc/apparmor.d/local/usr.sbin.haproxy %endif %{__rm} examples/haproxy.spec %if 0%{?suse_version} < 1230 %clean %{?buildroot:%{__rm} -rf %{buildroot}} %endif %pre /usr/sbin/groupadd -r %{pkg_name} &>/dev/null ||: /usr/sbin/useradd -g %{pkg_name} -s /bin/false -r -c "user for %{pkg_name}" -d %{pkg_home} %{pkg_name} &>/dev/null ||: %if %{with systemd} %service_add_pre %{pkg_name}.service %post %service_add_post %{pkg_name}.service %preun %service_del_preun %{pkg_name}.service %postun %service_del_postun %{pkg_name}.service %else %post %fillup_and_insserv %{pkg_name} %preun %stop_on_removal %{pkg_name} %postun %restart_on_update %{pkg_name} %{insserv_cleanup} %endif %files %defattr(-,root,root,-) %doc CHANGELOG README LICENSE %doc ROADMAP doc/* examples/ %doc contrib/netsnmp-perl/ contrib/selinux/ %dir %{_sysconfdir}/%{pkg_name} %config(noreplace) %{_sysconfdir}/%{pkg_name}/%{pkg_name}.cfg %if %{with systemd} %{_unitdir}/%{pkg_name}.service %{_sbindir}/haproxy-systemd-wrapper %else %config(noreplace) %{_sysconfdir}/init.d/%{pkg_name} %endif %{_sbindir}/haproxy %{_sbindir}/haproxy-halog %{_sbindir}/rchaproxy %{pkg_home} %{_mandir}/man1/%{pkg_name}.1.gz %{vim_data_dir}/syntax/%{pkg_name}.vim %if %{with apparmor} %dir /etc/apparmor.d/ %dir /etc/apparmor.d/local/ %config(noreplace) /etc/apparmor.d/usr.sbin.haproxy %config(noreplace) /etc/apparmor.d/local/usr.sbin.haproxy %endif %changelog