smeserver-openvpn-routed/contribs10/smeserver-openvpn-routed.spec

# Authority: vip-ire
# Name: Daniel Berteaud

Summary: OpenVPN, a strong VPN solution build over SSL, pre-configured for routed mode
Name: smeserver-openvpn-routed
%define version 0.1.6
%define release 3
Version: %{version}
Release: %{release}%{?dist}
License: GPL
Group: Networking/Remote access
Source: %{name}-%{version}.tar.gz

BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
BuildArchitectures: noarch

BuildRequires: e-smith-devtools

Requires: e-smith-base
Requires: openvpn
#Requires: perl(Net::OpenVPN::Manage)
Patch0:smeserver-openvpn-routed-0.1.6-Add-in-systemd-startup.patch
Patch1: smeserver-openvpn-routed-0.1.6-bz11336-sme10compatible.patch

%description
This package contains all the needed scripts and templates
to have a full working openvpn server running in routed mode.


%changelog
* Thu Apr 01 2021 Jean-Philippe Pialasse <tests@pialasse.com> 0.1.6-3.sme
- autoconfiguration if openvpn-bridge is isntalled and configured [SME: 11336]
- reworked systemd unit and scripts
- new property HMAC forced to SHA256, instead of insecure default SHA1 [SME: 9925]
- Cipher now enforced to AES-128-CBC, instead of insecure default Blowfish [SME: 9919]
- possibility to exclude networks to push [SME: 10548]

* Thu Feb 04 2021 Brian Read <brianr@bjsystems.co.uk> 0.1.6-2.sme
- Initial import to SME10 [SME: 11336]
- Add-in-systemd-startup

* Mon Apr 10 2017 Daniel Berteaud <daniel@firewall-services.com> 0.1.6-1
- Update pam plugin path [SME: 10220]

* Mon Feb 8 2016 Daniel Berteaud <daniel@firewall-services.com> 0.1.5-1
- Create /etc/openvpn/routed/dev/urandom [SME: 9238]

* Tue Sep 29 2015 Daniel Berteaud <daniel@firewall-services.com> 0.1.4-1
- Make crl verification optional
- Set a default Network if none is set
- restrict permission on the management-pass.txt file

* Wed Dec 3 2014 Daniel Berteaud <daniel@firewall-services.com> 0.1.3-1
- Correctly push route to local network when not redirecting gw

* Mon Jun 23 2014 Daniel Berteaud <daniel@firewall-services.com> 0.1.2-1
- Fix plugin path on x86_64

* Wed Aug 21 2013 Daniel Berteaud <daniel@firewall-services.com> 0.1.1-1
- Use full path to the up script

* Tue Jun 11 2013 Daniel Berteaud <daniel@firewall-services.com> 0.1.0-1
- initial release

%prep
%setup -q -n %{name}-%{version}
%patch0 -p1
%patch1 -p1

%build
perl createlinks

%{__mkdir_p} root/etc/openvpn/routed/ccd
%{__mkdir_p} root/etc/openvpn/routed/priv
%{__mkdir_p} root/etc/openvpn/routed/pub
%{__mkdir_p} root/etc/openvpn/routed/tmp
%{__mkdir_p} root/etc/openvpn/routed/dev
%{__mkdir_p} root/var/log/openvpn-routed

%install
/bin/rm -rf $RPM_BUILD_ROOT
(cd root   ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
/bin/chmod +x $RPM_BUILD_ROOT/usr/sbin/systemd/openvpn-routed
/bin/rm -f %{name}-%{version}-filelist
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
  --file /var/service/openvpn-routed/run 'attr(0755,root,root)' \
  --file /var/service/openvpn-routed/log/run 'attr(0755,root,root)' \
  --dir /var/log/openvpn-routed 'attr(0750,smelog,smelog)' \
  --dir /etc/openvpn/routed/pub 'attr(0755,root,root)' \
  --dir /etc/openvpn/routed/priv 'attr(0750,root,root)' \
  --dir /etc/openvpn/routed/ccd 'attr(0755,root,root)' \
  --dir /etc/openvpn/routed/tmp 'attr(0770,root,openvpn)' \
  --file /usr/bin/ovpn-routed-update-crl  'attr(0750,root,root)' \
  --file /etc/openvpn/routed/bin/up 'attr(755,root,root)' \
  > %{name}-%{version}-filelist

%files -f %{name}-%{version}-filelist
%defattr(-,root,root)

%clean
rm -rf $RPM_BUILD_ROOT

%post
if [ \! -c /etc/openvpn/routed/dev/urandom ]; then
    mknod -m 0444 /etc/openvpn/routed/dev/urandom c 1 9
fi

%preun

1	# Authority: vip-ire
2	# Name: Daniel Berteaud
3
4	Summary: OpenVPN, a strong VPN solution build over SSL, pre-configured for routed mode
5	Name: smeserver-openvpn-routed
6	%define version 0.1.6
7	%define release 3
8	Version: %{version}
9	Release: %{release}%{?dist}
10	License: GPL
11	Group: Networking/Remote access
12	Source: %{name}-%{version}.tar.gz
13
14	BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
15	BuildArchitectures: noarch
16
17	BuildRequires: e-smith-devtools
18
19	Requires: e-smith-base
20	Requires: openvpn
21	#Requires: perl(Net::OpenVPN::Manage)
22	Patch0:smeserver-openvpn-routed-0.1.6-Add-in-systemd-startup.patch
23	Patch1: smeserver-openvpn-routed-0.1.6-bz11336-sme10compatible.patch
24
25	%description
26	This package contains all the needed scripts and templates
27	to have a full working openvpn server running in routed mode.
28
29
30	%changelog
31	* Thu Apr 01 2021 Jean-Philippe Pialasse <tests@pialasse.com> 0.1.6-3.sme
32	- autoconfiguration if openvpn-bridge is isntalled and configured [SME: 11336]
33	- reworked systemd unit and scripts
34	- new property HMAC forced to SHA256, instead of insecure default SHA1 [SME: 9925]
35	- Cipher now enforced to AES-128-CBC, instead of insecure default Blowfish [SME: 9919]
36	- possibility to exclude networks to push [SME: 10548]
37
38	* Thu Feb 04 2021 Brian Read <brianr@bjsystems.co.uk> 0.1.6-2.sme
39	- Initial import to SME10 [SME: 11336]
40	- Add-in-systemd-startup
41
42	* Mon Apr 10 2017 Daniel Berteaud <daniel@firewall-services.com> 0.1.6-1
43	- Update pam plugin path [SME: 10220]
44
45	* Mon Feb 8 2016 Daniel Berteaud <daniel@firewall-services.com> 0.1.5-1
46	- Create /etc/openvpn/routed/dev/urandom [SME: 9238]
47
48	* Tue Sep 29 2015 Daniel Berteaud <daniel@firewall-services.com> 0.1.4-1
49	- Make crl verification optional
50	- Set a default Network if none is set
51	- restrict permission on the management-pass.txt file
52
53	* Wed Dec 3 2014 Daniel Berteaud <daniel@firewall-services.com> 0.1.3-1
54	- Correctly push route to local network when not redirecting gw
55
56	* Mon Jun 23 2014 Daniel Berteaud <daniel@firewall-services.com> 0.1.2-1
57	- Fix plugin path on x86_64
58
59	* Wed Aug 21 2013 Daniel Berteaud <daniel@firewall-services.com> 0.1.1-1
60	- Use full path to the up script
61
62	* Tue Jun 11 2013 Daniel Berteaud <daniel@firewall-services.com> 0.1.0-1
63	- initial release
64
65	%prep
66	%setup -q -n %{name}-%{version}
67	%patch0 -p1
68	%patch1 -p1
69
70	%build
71	perl createlinks
72
73	%{__mkdir_p} root/etc/openvpn/routed/ccd
74	%{__mkdir_p} root/etc/openvpn/routed/priv
75	%{__mkdir_p} root/etc/openvpn/routed/pub
76	%{__mkdir_p} root/etc/openvpn/routed/tmp
77	%{__mkdir_p} root/etc/openvpn/routed/dev
78	%{__mkdir_p} root/var/log/openvpn-routed
79
80	%install
81	/bin/rm -rf $RPM_BUILD_ROOT
82	(cd root ; /usr/bin/find . -depth -print \| /bin/cpio -dump $RPM_BUILD_ROOT)
83	/bin/chmod +x $RPM_BUILD_ROOT/usr/sbin/systemd/openvpn-routed
84	/bin/rm -f %{name}-%{version}-filelist
85	/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
86	--file /var/service/openvpn-routed/run 'attr(0755,root,root)' \
87	--file /var/service/openvpn-routed/log/run 'attr(0755,root,root)' \
88	--dir /var/log/openvpn-routed 'attr(0750,smelog,smelog)' \
89	--dir /etc/openvpn/routed/pub 'attr(0755,root,root)' \
90	--dir /etc/openvpn/routed/priv 'attr(0750,root,root)' \
91	--dir /etc/openvpn/routed/ccd 'attr(0755,root,root)' \
92	--dir /etc/openvpn/routed/tmp 'attr(0770,root,openvpn)' \
93	--file /usr/bin/ovpn-routed-update-crl 'attr(0750,root,root)' \
94	--file /etc/openvpn/routed/bin/up 'attr(755,root,root)' \
95	> %{name}-%{version}-filelist
96
97	%files -f %{name}-%{version}-filelist
98	%defattr(-,root,root)
99
100	%clean
101	rm -rf $RPM_BUILD_ROOT
102
103	%post
104	if [ \! -c /etc/openvpn/routed/dev/urandom ]; then
105	mknod -m 0444 /etc/openvpn/routed/dev/urandom c 1 9
106	fi
107
108	%preun
109