From 68dedcf0b088026d6479282312ddd63ea299065a Mon Sep 17 00:00:00 2001
From: Toshaan Bharvani <toshaan@powerel.org>
Date: Tue, 28 May 2024 17:13:15 +0200
Subject: [PATCH] initial package creation

Signed-off-by: Toshaan Bharvani <toshaan@powerel.org>
---
 SOURCES/icingacli            |   7 ++
 SOURCES/icingaweb2.conf      |  35 ++++++
 SOURCES/icingaweb2.fc        |   7 ++
 SOURCES/icingaweb2.if        |  45 +++++++
 SOURCES/icingaweb2.index.php |   4 +
 SOURCES/icingaweb2.te        |  29 +++++
 SPECS/icingaweb2.spec        | 219 +++++++++++++++++++++++++++++++++++
 7 files changed, 346 insertions(+)
 create mode 100755 SOURCES/icingacli
 create mode 100644 SOURCES/icingaweb2.conf
 create mode 100644 SOURCES/icingaweb2.fc
 create mode 100644 SOURCES/icingaweb2.if
 create mode 100644 SOURCES/icingaweb2.index.php
 create mode 100644 SOURCES/icingaweb2.te
 create mode 100644 SPECS/icingaweb2.spec

diff --git a/SOURCES/icingacli b/SOURCES/icingacli
new file mode 100755
index 0000000..4b51e33
--- /dev/null
+++ b/SOURCES/icingacli
@@ -0,0 +1,7 @@
+#!/usr/bin/php
+<?php
+/*! Icinga Web 2 | (c) 2013-2015 Icinga Development Team | GPLv2+ */
+
+require_once '/usr/share/php/Icinga/Application/Cli.php';
+
+Icinga\Application\Cli::start('/usr/share/icingaweb2')->dispatch();
diff --git a/SOURCES/icingaweb2.conf b/SOURCES/icingaweb2.conf
new file mode 100644
index 0000000..859756f
--- /dev/null
+++ b/SOURCES/icingaweb2.conf
@@ -0,0 +1,35 @@
+Alias /icingaweb2 "/usr/share/icingaweb2/public"
+
+<Directory "/usr/share/icingaweb2/public">
+    Options SymLinksIfOwnerMatch
+    AllowOverride None
+    Require all granted
+
+    DirectoryIndex index.php
+
+    SetEnv ICINGAWEB_CONFIGDIR "/etc/icingaweb2"
+
+    EnableSendfile Off
+
+    <IfModule mod_rewrite.c>
+        RewriteEngine on
+        RewriteBase /icingaweb2/
+        RewriteCond %{REQUEST_FILENAME} -s [OR]
+        RewriteCond %{REQUEST_FILENAME} -l [OR]
+        RewriteCond %{REQUEST_FILENAME} -d
+        RewriteRule ^.*$ - [NC,L]
+        RewriteRule ^.*$ index.php [NC,L]
+    </IfModule>
+
+    <IfModule !mod_rewrite.c>
+        DirectoryIndex error_norewrite.html
+        ErrorDocument 404 /icingaweb2/error_norewrite.html
+    </IfModule>
+
+    # Forward PHP requests to FPM
+    SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
+    <FilesMatch "\.php$">
+        SetHandler "proxy:fcgi://127.0.0.1:9000"
+        ErrorDocument 503 /icingaweb2/error_unavailable.html
+    </FilesMatch>
+</Directory>
diff --git a/SOURCES/icingaweb2.fc b/SOURCES/icingaweb2.fc
new file mode 100644
index 0000000..ca5e620
--- /dev/null
+++ b/SOURCES/icingaweb2.fc
@@ -0,0 +1,7 @@
+/etc/icingaweb2(/.*)?           gen_context(system_u:object_r:icingaweb2_config_t,s0)
+
+/usr/share/icingaweb2(/.*)?           gen_context(system_u:object_r:icingaweb2_content_t,s0)
+
+/var/log/icingaweb2(/.*)?         gen_context(system_u:object_r:icingaweb2_rw_content_t,s0)
+/var/cache/icingaweb2(/.*)?         gen_context(system_u:object_r:icingaweb2_rw_content_t,s0)
+/var/lib/icingaweb2(/.*)?         gen_context(system_u:object_r:icingaweb2_rw_content_t,s0)
diff --git a/SOURCES/icingaweb2.if b/SOURCES/icingaweb2.if
new file mode 100644
index 0000000..056ec67
--- /dev/null
+++ b/SOURCES/icingaweb2.if
@@ -0,0 +1,45 @@
+########################################
+## <summary>
+##      Allow the specified domain to read
+##      icingaweb2 configuration files.
+## </summary>
+## <param name="domain">
+##      <summary>
+##      Domain allowed access.
+##      </summary>
+## </param>
+## <rolecap/>
+#
+interface(`icingaweb2_read_config',`
+        gen_require(`
+                type icingaweb2_config_t;
+        ')
+
+        files_search_etc($1)
+        list_dirs_pattern($1, icingaweb2_config_t, icingaweb2_config_t)
+        read_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t)
+	read_lnk_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t)
+')
+
+########################################
+## <summary>
+##      Allow the specified domain to read
+##      and write icingaweb2 configuration files.
+## </summary>
+## <param name="domain">
+##      <summary>
+##      Domain allowed access.
+##      </summary>
+## </param>
+## <rolecap/>
+#
+interface(`icingaweb2_manage_config',`
+        gen_require(`
+                type icingaweb2_config_t;
+        ')
+
+        files_search_etc($1)
+        manage_dirs_pattern($1, icingaweb2_config_t, icingaweb2_config_t)
+        manage_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t)
+	manage_lnk_files_pattern($1, icingaweb2_config_t, icingaweb2_config_t)
+')
diff --git a/SOURCES/icingaweb2.index.php b/SOURCES/icingaweb2.index.php
new file mode 100644
index 0000000..8ea9e80
--- /dev/null
+++ b/SOURCES/icingaweb2.index.php
@@ -0,0 +1,4 @@
+<?php
+/*! Icinga Web 2 | (c) 2014 Icinga Development Team | GPLv2+ */
+
+require_once '/usr/share/php/Icinga/Application/webrouter.php';
diff --git a/SOURCES/icingaweb2.te b/SOURCES/icingaweb2.te
new file mode 100644
index 0000000..e7c8f9d
--- /dev/null
+++ b/SOURCES/icingaweb2.te
@@ -0,0 +1,29 @@
+policy_module(icingaweb2, 0.0.1)
+
+########################################
+#
+# Declarations
+#
+
+require {
+	type httpd_t;
+}
+
+## <desc>
+## <p>
+## Allow Apache to manage icingaweb2 configuration
+## </p>
+## </desc>
+gen_tunable(httpd_can_manage_icingaweb2_config, true)
+
+type icingaweb2_config_t;
+files_config_file(icingaweb2_config_t)
+
+optional_policy(`
+	apache_content_template(icingaweb2)
+	icingaweb2_read_config(httpd_t)
+	tunable_policy(`httpd_can_manage_icingaweb2_config',`
+		icingaweb2_manage_config(httpd_t)
+	')
+')
+
diff --git a/SPECS/icingaweb2.spec b/SPECS/icingaweb2.spec
new file mode 100644
index 0000000..4fbcb54
--- /dev/null
+++ b/SPECS/icingaweb2.spec
@@ -0,0 +1,219 @@
+%define selinux_variants mls targeted
+%define php              php
+%define php_cli          php-cli
+%define php_common       php-common
+%define wwwconfigdir     %{_sysconfdir}/httpd/conf.d
+%define wwwuser          apache
+%define php_version      8.0.0
+%define basedir          %{_datadir}/%{name}
+%define bindir           %{_bindir}
+%define configdir        %{_sysconfdir}/%{name}
+%define logdir           %{_localstatedir}/log/%{name}
+%define phpdir           %{_datadir}/php
+%define icingawebgroup   icingaweb2
+%define docsdir          %{_datadir}/doc/%{name}
+
+Name:           icingaweb2
+Version:        2.12.1
+Release:        1%{?dist}
+Summary:        Icinga Web 2
+Group:          Applications/System
+License:        GPLv2+ and MIT and BSD
+URL:            https://icinga.com
+Source0:        https://github.com/Icinga/icingaweb2/archive/refs/tags/v%{version}.tar.gz
+Source1:        icingaweb2.te
+Source2:        icingaweb2.if
+Source3:        icingaweb2.fc
+Source4:        icingacli
+Source5:        icingaweb2.conf
+Source6:        icingaweb2.index.php
+BuildArch:      noarch
+BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}
+Requires:       %{php}-mysqlnd
+Requires:       %{php}-pgsql
+Requires:       %{php}-ldap
+Requires(pre):  shadow-utils
+Requires:       php >= %{php_version}
+Requires:       php-common >= %{php_version}
+Requires:       icinga-l10n >= 1.0.0
+Requires:       icingacli = %{version}-%{release}
+Requires:       %{name}-common = %{version}-%{release}
+Requires:       php-icinga = %{version}-%{release}
+
+
+%description
+Icinga Web 2
+
+
+%package common
+Summary:                Common files for Icinga Web 2 and the Icinga CLI
+Group:                  Applications/System
+Requires(pre):          shadow-utils
+%description common
+Common files for Icinga Web 2 and the Icinga CLI
+
+
+%package -n php-icinga
+Summary:                Icinga Web 2 PHP library
+Group:                  Development/Libraries
+Requires:               php-common >= %{php_version}
+Requires:               php-gd
+Requires:               php-intl
+Requires:               php-mbstring
+Requires:               php-json
+#Requires:              php-pecl-imagick
+Provides:               php-Icinga
+%description -n php-icinga
+Icinga Web 2 PHP library
+
+
+%package -n icingacli
+Summary:                    Icinga CLI
+Group:                      Applications/System
+Requires:                   icinga-l10n
+Requires:                   %{name}-common = %{version}-%{release}
+Requires:                   php-icinga = %{version}-%{release}
+Requires:                   bash-completion
+Requires:                   php-cli >= %{php_version}
+%description -n icingacli
+Icinga CLI
+
+
+
+%package selinux
+Summary:        SELinux policy for Icinga Web 2
+BuildRequires:  checkpolicy, selinux-policy-devel, hardlink
+Requires:           %{name} = %{version}-%{release}
+Requires(post):     policycoreutils
+Requires(postun):   policycoreutils
+%description selinux
+SELinux policy for Icinga Web 2
+
+
+%prep
+%setup -q
+mkdir selinux
+cp -p %{SOURCE1} selinux
+cp -p %{SOURCE2} selinux
+cp -p %{SOURCE3} selinux
+
+
+%build
+cd selinux
+for selinuxvariant in %{selinux_variants}
+do
+  make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile
+  mv icingaweb2.pp icingaweb2.pp.${selinuxvariant}
+  make NAME=${selinuxvariant} -f /usr/share/selinux/devel/Makefile clean
+done
+cd -
+
+
+%install
+rm -rf %{buildroot}
+mkdir -p %{buildroot}/{%{basedir}/{modules,library/vendor,public},%{bindir},%{configdir}/modules,%{logdir},%{phpdir},%{wwwconfigdir},%{_sysconfdir}/bash_completion.d,%{docsdir}}
+cp -prv application doc %{buildroot}/%{basedir}
+cp -pv etc/bash_completion.d/icingacli %{buildroot}/%{_sysconfdir}/bash_completion.d/icingacli
+cp -prv modules/{monitoring,setup,doc,translation} %{buildroot}/%{basedir}/modules
+cp -prv library/Icinga %{buildroot}/%{phpdir}
+cp -prv public/{css,font,img,js,error_norewrite.html,error_unavailable.html} %{buildroot}/%{basedir}/public
+cp -pv %{SOURCE5} %{buildroot}/%{wwwconfigdir}/icingaweb2.conf
+cp -pv %{SOURCE4} %{buildroot}/%{bindir}
+%if 0%{?php_bin:1}
+sed -i '1 s~#!.*~#!%{php_bin}~' %{buildroot}/%{bindir}/icingacli
+%endif
+cp -pv %{SOURCE6} %{buildroot}/%{basedir}/public
+cp -prv schema %{buildroot}/%{docsdir}
+#cp -prv packages/files/config/modules/{setup,translation} %{buildroot}/%{configdir}/modules
+cd selinux
+for selinuxvariant in %{selinux_variants}
+do
+  install -d %{buildroot}%{_datadir}/selinux/${selinuxvariant}
+  install -p -m 644 icingaweb2.pp.${selinuxvariant} %{buildroot}%{_datadir}/selinux/${selinuxvariant}/icingaweb2.pp
+done
+cd -
+
+
+%pre
+getent group icingacmd >/dev/null || groupadd -r icingacmd
+usermod -a -G icingacmd,%{icingawebgroup} %{wwwuser}
+exit 0
+
+
+%clean
+rm -rf %{buildroot}
+
+
+%files
+%defattr(-,root,root)
+%{basedir}/application/controllers
+%{basedir}/application/fonts
+%{basedir}/application/forms
+%{basedir}/application/layouts
+%{basedir}/application/views
+%{basedir}/application/VERSION
+%{basedir}/doc
+%{basedir}/modules
+%{basedir}/public
+%config(noreplace) %{wwwconfigdir}/icingaweb2.conf
+%attr(2775,root,%{icingawebgroup}) %dir %{logdir}
+%{docsdir}
+%docdir %{docsdir}
+
+
+%pre common
+getent group %{icingawebgroup} >/dev/null || groupadd -r %{icingawebgroup}
+exit 0
+
+
+%files common
+%defattr(-,root,root)
+%dir %{basedir}
+%dir %{basedir}/application
+%dir %{basedir}/library
+%dir %{basedir}/library/vendor
+%dir %{basedir}/modules
+#%{basedir}/application/locale
+%attr(2770,root,%{icingawebgroup}) %config(noreplace) %dir %{configdir}
+%attr(2770,root,%{icingawebgroup}) %config(noreplace) %dir %{configdir}/modules
+
+
+%files -n php-icinga
+%defattr(-,root,root)
+%{phpdir}/Icinga
+
+
+%files -n icingacli
+%defattr(-,root,root)
+%{basedir}/application/clicommands
+%{_sysconfdir}/bash_completion.d/icingacli
+%attr(0755,root,root) %{bindir}/icingacli
+
+
+%post selinux
+for selinuxvariant in %{selinux_variants}
+do
+  %{_sbindir}/semodule -s ${selinuxvariant} -i %{_datadir}/selinux/${selinuxvariant}/icingaweb2.pp &> /dev/null || :
+done
+%{_sbindir}/restorecon -R %{basedir} &> /dev/null || :
+%{_sbindir}/restorecon -R %{configdir} &> /dev/null || :
+%{_sbindir}/restorecon -R %{logdir} &> /dev/null || :
+
+%postun selinux
+if [ $1 -eq 0 ] ; then
+  for selinuxvariant in %{selinux_variants}
+  do
+     %{_sbindir}/semodule -s ${selinuxvariant} -r icingaweb2 &> /dev/null || :
+  done
+  [ -d %{basedir} ] && %{_sbindir}/restorecon -R %{basedir} &> /dev/null || :
+  [ -d %{configdir} ] && %{_sbindir}/restorecon -R %{configdir} &> /dev/null || :
+  [ -d %{logdir} ] && %{_sbindir}/restorecon -R %{logdir} &> /dev/null || :
+fi
+
+%files selinux
+%defattr(-,root,root,0755)
+%doc selinux/*
+%{_datadir}/selinux/*/icingaweb2.pp
+
+
+%changelog