%global git a7dd7b4ee76442b367f1b980c9d704de36a55b6f Name: vpn-user-portal Version: 2.0.15 Release: 0.10%{?dist} Summary: VPN User Portal Group: Applications/Internet License: AGPLv3+ URL: https://github.com/eduvpn/vpn-user-portal %if %{defined git} Source0: https://github.com/eduvpn/vpn-user-portal/archive/%{git}/vpn-user-portal-%{version}-%{git}.tar.gz %else Source0: https://github.com/eduvpn/vpn-user-portal/releases/download/%{version}/vpn-user-portal-%{version}.tar.xz Source1: https://github.com/eduvpn/vpn-user-portal/releases/download/%{version}/vpn-user-portal-%{version}.tar.xz.minisig Source2: minisign-8466FFE127BCDC82.pub %endif Source3: vpn-user-portal-httpd.conf Source4: vpn-user-portal.cron Patch0: vpn-user-portal-autoload.patch # we do not wish to depend on paragonie/sodium_compat as we'll always require # php-pecl(libsodium) on CentOS 7, instead we have a small mapping wrapper that # converts calls to the Sodium namespaced php-pecl(libsodium) 1.x # constants/functions Patch1: vpn-user-portal-sodium.patch BuildArch: noarch BuildRequires: minisign BuildRequires: php-fedora-autoloader-devel BuildRequires: %{_bindir}/phpab # "require-dev": { # "ext-json": "*", # "phpunit/phpunit": "^4.8.35|^5|^6|^7" # }, BuildRequires: php-json %if 0%{?fedora} >= 28 || 0%{?rhel} >= 8 BuildRequires: phpunit7 %global phpunit %{_bindir}/phpunit7 %else BuildRequires: phpunit %global phpunit %{_bindir}/phpunit %endif # "require": { # "bacon/bacon-qr-code": "^1.0", # "ext-curl": "*", # "ext-date": "*", # "ext-hash": "*", # "ext-pcre": "*", # "ext-pdo": "*", # "ext-spl": "*", # "fkooman/jwt": "^1", # "fkooman/oauth2-server": "^5", # "fkooman/php-saml-sp": "^0.2", # "fkooman/secookie": "^2", # "fkooman/sqlite-migrate": "^0", # "lc/common": "v2.x-dev", # "paragonie/constant_time_encoding": "^1|^2", # "paragonie/random_compat": "^1|^2", # "paragonie/sodium_compat": "^1", # "php": ">=5.4.0" # }, BuildRequires: php(language) >= 5.4.0 BuildRequires: php-composer(bacon/bacon-qr-code) < 2.0.0 BuildRequires: php-curl BuildRequires: php-date BuildRequires: php-hash BuildRequires: php-pcre BuildRequires: php-pdo BuildRequires: php-spl BuildRequires: php-composer(fkooman/jwt) BuildRequires: php-composer(fkooman/oauth2-server) BuildRequires: php-composer(fkooman/secookie) BuildRequires: php-composer(fkooman/sqlite-migrate) BuildRequires: php-composer(lc/common) BuildRequires: php-composer(paragonie/constant_time_encoding) BuildRequires: php-composer(fkooman/saml-sp) %if 0%{?fedora} < 28 && 0%{?rhel} < 8 BuildRequires: php-composer(paragonie/random_compat) %endif %if 0%{?fedora} >= 28 || 0%{?rhel} >= 8 BuildRequires: php-sodium %else BuildRequires: php-pecl(libsodium) %endif %if 0%{?fedora} >= 24 Requires: httpd-filesystem %else # EL7 does not have httpd-filesystem Requires: httpd %endif Requires: crontabs # "require": { # "bacon/bacon-qr-code": "^1.0", # "ext-curl": "*", # "ext-date": "*", # "ext-hash": "*", # "ext-pcre": "*", # "ext-pdo": "*", # "ext-spl": "*", # "fkooman/jwt": "^1", # "fkooman/oauth2-server": "^5", # "fkooman/php-saml-sp": "^0.2", # "fkooman/secookie": "^2", # "fkooman/sqlite-migrate": "^0", # "lc/common": "v2.x-dev", # "paragonie/constant_time_encoding": "^1|^2", # "paragonie/random_compat": "^1|^2", # "paragonie/sodium_compat": "^1", # "php": ">=5.4.0" # }, Requires: php(language) >= 5.4.0 Requires: php-cli Requires: php-composer(bacon/bacon-qr-code) < 2.0.0 Requires: php-curl Requires: php-date Requires: php-hash Requires: php-pcre Requires: php-pdo Requires: php-spl Requires: php-composer(fkooman/jwt) Requires: php-composer(fkooman/oauth2-server) Requires: php-composer(fkooman/secookie) Requires: php-composer(fkooman/sqlite-migrate) Requires: php-composer(lc/common) Requires: php-composer(paragonie/constant_time_encoding) Requires: php-composer(fkooman/saml-sp) %if 0%{?fedora} < 28 && 0%{?rhel} < 8 Requires: php-composer(paragonie/random_compat) %endif %if 0%{?fedora} >= 28 || 0%{?rhel} >= 8 Requires: php-sodium %else Requires: php-pecl(libsodium) %endif Requires(post): /usr/sbin/semanage Requires(post): /usr/bin/openssl Requires(postun): /usr/sbin/semanage %description VPN User Portal. %prep %if %{defined git} %setup -qn vpn-user-portal-%{git} %else /usr/bin/minisign -V -m %{SOURCE0} -x %{SOURCE1} -p %{SOURCE2} %setup -qn vpn-user-portal-%{version} %endif %patch0 -p1 %if 0%{?fedora} < 28 && 0%{?rhel} < 8 %patch1 -p1 %endif %build %{_bindir}/phpab -t fedora -o src/autoload.php src cat <<'AUTOLOAD' | tee -a src/autoload.php require_once '%{_datadir}/php/BaconQrCode/autoload.php'; require_once '%{_datadir}/php/LC/Common/autoload.php'; require_once '%{_datadir}/php/fkooman/Jwt/autoload.php'; require_once '%{_datadir}/php/fkooman/OAuth/Server/autoload.php'; require_once '%{_datadir}/php/fkooman/SeCookie/autoload.php'; require_once '%{_datadir}/php/fkooman/SqliteMigrate/autoload.php'; require_once '%{_datadir}/php/ParagonIE/ConstantTime/autoload.php'; require_once '%{_datadir}/php/fkooman/SAML/SP/autoload.php'; AUTOLOAD %if 0%{?fedora} < 28 && 0%{?rhel} < 8 cat <<'AUTOLOAD' | tee -a src/autoload.php require_once sprintf('%s/sodium_compat.php', __DIR__); require_once '%{_datadir}/php/random_compat/autoload.php'; AUTOLOAD %endif %install mkdir -p %{buildroot}%{_datadir}/vpn-user-portal mkdir -p %{buildroot}%{_datadir}/php/LC/Portal cp -pr src/* %{buildroot}%{_datadir}/php/LC/Portal for i in add-user foreign-key-list-fetcher init generate-oauth-key show-oauth-key do install -m 0755 -D -p bin/${i}.php %{buildroot}%{_bindir}/vpn-user-portal-${i} sed -i '1s/^/#!\/usr\/bin\/php\n/' %{buildroot}%{_bindir}/vpn-user-portal-${i} done cp -pr schema web views locale %{buildroot}%{_datadir}/vpn-user-portal mkdir -p %{buildroot}%{_sysconfdir}/vpn-user-portal cp -pr config/config.php.example %{buildroot}%{_sysconfdir}/vpn-user-portal/config.php ln -s ../../../etc/vpn-user-portal %{buildroot}%{_datadir}/vpn-user-portal/config mkdir -p %{buildroot}%{_localstatedir}/lib/vpn-user-portal ln -s ../../../var/lib/vpn-user-portal %{buildroot}%{_datadir}/vpn-user-portal/data # cron mkdir -p %{buildroot}%{_sysconfdir}/cron.d %{__install} -p -D -m 0640 %{SOURCE4} %{buildroot}%{_sysconfdir}/cron.d/vpn-user-portal # httpd install -m 0644 -D -p %{SOURCE3} %{buildroot}%{_sysconfdir}/httpd/conf.d/vpn-user-portal.conf %check %{_bindir}/phpab -o tests/autoload.php tests cat <<'AUTOLOAD' | tee -a tests/autoload.php require_once 'src/autoload.php'; AUTOLOAD %{phpunit} tests --verbose --bootstrap=tests/autoload.php %post semanage fcontext -a -t httpd_sys_rw_content_t '%{_localstatedir}/lib/vpn-user-portal(/.*)?' 2>/dev/null || : restorecon -R %{_localstatedir}/lib/vpn-user-portal || : # generate SAML keys if they do not yet exist if [ ! -f "%{_sysconfdir}/%{name}/sp.key" ] then /usr/bin/openssl \ req \ -nodes \ -subj "/CN=SAML SP" \ -x509 \ -sha256 \ -newkey rsa:3072 \ -keyout "%{_sysconfdir}/%{name}/sp.key" \ -out "%{_sysconfdir}/%{name}/sp.crt" \ -days 1825 \ 2>/dev/null # allow web server to read the private key /usr/bin/chmod 0644 %{_sysconfdir}/%{name}/sp.key fi # Generate OAuth key if it not yet exists if [ ! -f "%{_sysconfdir}/%{name}/oauth.key" ] then %{_bindir}/vpn-user-portal-generate-oauth-key fi %postun if [ $1 -eq 0 ] ; then # final removal semanage fcontext -d -t httpd_sys_rw_content_t '%{_localstatedir}/lib/vpn-user-portal(/.*)?' 2>/dev/null || : fi %files %defattr(-,root,root,-) %config(noreplace) %{_sysconfdir}/httpd/conf.d/vpn-user-portal.conf %dir %attr(0750,root,apache) %{_sysconfdir}/vpn-user-portal %config(noreplace) %{_sysconfdir}/vpn-user-portal/config.php %config(noreplace) %{_sysconfdir}/cron.d/vpn-user-portal %{_bindir}/* %dir %{_datadir}/php/LC %{_datadir}/php/LC/Portal %dir %{_datadir}/vpn-user-portal %{_datadir}/vpn-user-portal/data %{_datadir}/vpn-user-portal/web %{_datadir}/vpn-user-portal/schema %{_datadir}/vpn-user-portal/views %{_datadir}/vpn-user-portal/config %{_datadir}/vpn-user-portal/locale %dir %attr(0700,apache,apache) %{_localstatedir}/lib/vpn-user-portal %doc README.md CHANGES.md composer.json config/config.php.example CONFIG_CHANGES.md %license LICENSE LICENSE.spdx %changelog * Tue Oct 22 2019 François Kooman - 2.0.15-0.10 - rebuilt * Tue Oct 22 2019 François Kooman - 2.0.15-0.9 - rebuilt * Tue Oct 22 2019 François Kooman - 2.0.15-0.8 - rebuilt * Tue Oct 22 2019 François Kooman - 2.0.15-0.7 - rebuilt * Sat Oct 19 2019 François Kooman - 2.0.15-0.6 - rebuilt * Thu Oct 17 2019 François Kooman - 2.0.15-0.5 - rebuilt * Thu Oct 17 2019 François Kooman - 2.0.15-0.4 - rebuilt * Wed Oct 16 2019 François Kooman - 2.0.15-0.3 - rebuilt * Wed Oct 16 2019 François Kooman - 2.0.15-0.2 - rebuilt * Wed Oct 16 2019 François Kooman - 2.0.15-0.1 - update to 2.0.15 * Mon Oct 14 2019 François Kooman - 2.0.14-1 - update to 2.0.14 * Wed Sep 25 2019 François Kooman - 2.0.13-1 - update to 2.0.13 * Thu Aug 29 2019 François Kooman - 2.0.12-1 - update to 2.0.12 * Mon Aug 19 2019 François Kooman - 2.0.11-1 - update to 2.0.11 * Tue Aug 13 2019 François Kooman - 2.0.10-1 - update to 2.0.10 * Thu Aug 08 2019 François Kooman - 2.0.9-2 - use /usr/bin/php instead of /usr/bin/env php * Thu Aug 08 2019 François Kooman - 2.0.9-1 - update to 2.0.9 - switch to minisign signature verification for release builds - add CONFIG_CHANGES to documentation * Wed Jul 31 2019 François Kooman - 2.0.8-1 - update to 2.0.8 * Sat Jul 20 2019 François Kooman - 2.0.7-1 - update to 2.0.7 * Thu Jun 27 2019 François Kooman - 2.0.6-1 - update to 2.0.6 * Fri Jun 07 2019 François Kooman - 2.0.5-1 - update to 2.0.5 * Tue May 21 2019 François Kooman - 2.0.4-1 - update to 2.0.4 * Tue May 14 2019 François Kooman - 2.0.3-1 - update to 2.0.3 * Wed May 01 2019 François Kooman - 2.0.2-1 - update to 2.0.2 * Fri Apr 26 2019 François Kooman - 2.0.1-1 - update to 2.0.1 * Mon Apr 01 2019 François Kooman - 2.0.0-1 - update to 2.0.0