| MODULES+= modsecurity |
| |
| MODULE_SUMMARY_modsecurity= 3rd-party ModSecurity dynamic module |
| |
| include $(CONTRIB)/src/modsecurity/version |
| include $(CONTRIB)/src/modsecurity-nginx/version |
| |
| MODULE_VERSION_modsecurity= $(MODSECURITY_NGINX_VERSION) |
| MODULE_RELEASE_modsecurity= 2 |
| LIBMODSECURITY_SOVER= $(MODSECURITY_VERSION) |
| |
| MODULE_VERSION_PREFIX_modsecurity=$(MODULE_TARGET_PREFIX) |
| |
| MODULE_SOURCES_modsecurity= modsecurity-v$(MODSECURITY_VERSION).tar.gz \ |
| modsecurity-nginx-$(MODSECURITY_NGINX_GITHASH).tar.xz |
| |
| MODULE_PATCHES_modsecurity= $(CONTRIB)/src/modsecurity/older-libmaxminddb-compatibility.patch |
| |
| MODULE_CONFARGS_modsecurity= --add-dynamic-module=$(MODSRC_PREFIX)modsecurity-nginx-$(MODSECURITY_NGINX_GITHASH) |
| |
| .deps-module-modsecurity: |
| cd $(CONTRIB) && make \ |
| .sum-modsecurity \ |
| .sum-modsecurity-nginx |
| touch $@ |
| |
| MODULE_BUILD_DEPENDS_modsecurity=,libxml2-dev,libyajl-dev,libcurl4-openssl-dev |
| |
| define MODULE_PREBUILD_modsecurity |
| cd $$(BUILDDIR_nginx)/extra/modsecurity-v$(MODSECURITY_VERSION) \&\& \ |
| ./configure --prefix $$(BUILDDIR_nginx)/extra/modsecurity-v$(MODSECURITY_VERSION)/local --without-lmdb --without-lua \&\& \ |
| $$(MAKE) -j$$(NUMJOBS) install \&\& $$(MAKE) check-TESTS |
| rm -f /tmp/audit_test.log /tmp/audit_test_parallel.log |
| rm -rf /tmp/test |
| endef |
| export MODULE_PREBUILD_modsecurity |
| |
| define MODULE_ENV_modsecurity |
| MODSECURITY_INC="$$(BUILDDIR_$$(shell echo $$@ | cut -d '.' -f 3))/extra/modsecurity-v$(MODSECURITY_VERSION)/local/include" \ |
| MODSECURITY_LIB="$$(BUILDDIR_$$(shell echo $$@ | cut -d '.' -f 3))/extra/modsecurity-v$(MODSECURITY_VERSION)/local/lib" \ |
| NGX_IGNORE_RPATH=YES |
| endef |
| export MODULE_ENV_modsecurity |
| |
| MODULE_CC_OPT_DEBUG_modsecurity=-DMODSECURITY_DDEBUG=1 |
| |
| define MODULE_PREINSTALL_modsecurity |
| mkdir -p $$(INSTALLDIR)/usr/bin |
| install -m755 -s $$(BUILDDIR_nginx)/extra/modsecurity-v$(MODSECURITY_VERSION)/local/bin/modsec-rules-check $$(INSTALLDIR)/usr/bin/ |
| mkdir -p $$(INSTALLDIR)/usr/lib/$$(DEB_HOST_MULTIARCH) |
| install -m755 $$(BUILDDIR_nginx)/extra/modsecurity-v$(MODSECURITY_VERSION)/local/lib/libmodsecurity.so.$(LIBMODSECURITY_SOVER) $$(INSTALLDIR)/usr/lib/$$(DEB_HOST_MULTIARCH) |
| ln -fs libmodsecurity.so.$(LIBMODSECURITY_SOVER) $$(INSTALLDIR)/usr/lib/$$(DEB_HOST_MULTIARCH)/libmodsecurity.so.3 |
| ln -fs libmodsecurity.so.$(LIBMODSECURITY_SOVER) $$(INSTALLDIR)/usr/lib/$$(DEB_HOST_MULTIARCH)/libmodsecurity.so |
| mkdir -p $$(INSTALLDIR)/etc/nginx/modsec |
| install -m644 $$(BUILDDIR_nginx)/extra/modsecurity-v$(MODSECURITY_VERSION)/modsecurity.conf-recommended $$(INSTALLDIR)/etc/nginx/modsec/modsecurity.conf |
| install -m644 $$(BUILDDIR_nginx)/extra/modsecurity-v$(MODSECURITY_VERSION)/unicode.mapping $$(INSTALLDIR)/etc/nginx/modsec/ |
| endef |
| export MODULE_PREINSTALL_modsecurity |
| |
| MODULE_TESTS_modsecurity=modsecurity-nginx-$(MODSECURITY_NGINX_GITHASH)/tests |
| |
| define MODULE_POST_modsecurity |
| cat <<BANNER |
| ---------------------------------------------------------------------- |
| |
| The $(MODULE_SUMMARY_modsecurity) for $(MODULE_SUMMARY_PREFIX) has been installed. |
| To enable this module, add the following to /etc/nginx/nginx.conf |
| and reload nginx: |
| |
| load_module modules/ngx_http_modsecurity_module.so; |
| |
| Please refer to the module documentation for further details: |
| https://github.com/SpiderLabs/ModSecurity-nginx |
| |
| ---------------------------------------------------------------------- |
| BANNER |
| |
| /sbin/ldconfig |
| endef |
| export MODULE_POST_modsecurity |