diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..5b4601c --- /dev/null +++ b/.gitignore @@ -0,0 +1,8 @@ +Pound-2.5.tgz +/Pound-2.6c.tgz +/Pound-2.6f.tgz +/Pound-2.6.tgz +/Pound-2.7b.tgz +/Pound-2.7c.tgz +/Pound-2.7d.tgz +/Pound-2.7.tgz diff --git a/Pound.spec b/Pound.spec new file mode 100644 index 0000000..a612585 --- /dev/null +++ b/Pound.spec @@ -0,0 +1,299 @@ +%global pound_user pound +%global pound_group pound +%global pound_home %{_localstatedir}/lib/pound +%global _hardened_build 1 + +Name: Pound +Version: 2.7 +Release: 10%{?dist} +Epoch: 1 +Summary: Reverse proxy and load balancer +License: GPLv3 +URL: http://www.apsis.ch/pound + +BuildRequires: gcc +BuildRequires: openssl-devel, pcre-devel +# We actually need the openssl binary, not just the libs and headers +BuildRequires: openssl +BuildRequires: systemd-units + +# tcmalloc exists only on selected arches +%ifarch %{ix86} x86_64 aarch64 %{power64} +BuildRequires: gperftools-devel +%endif + +Requires(pre): %{_sbindir}/useradd +Requires(pre): %{_sbindir}/groupadd +Requires(post): systemd-sysv +Requires(post): systemd-units +Requires(preun): systemd-units +Requires(postun): systemd-units + +Source0: http://www.apsis.ch/pound/%{name}-%{version}.tgz +Source1: pound.service +Source2: pound.cfg +Patch0: pound-remove-owner.patch + +%description +The Pound program is a reverse proxy, load balancer and +HTTPS front-end for Web server(s). Pound was developed +to enable distributing the load among several Web-servers +and to allow for a convenient SSL wrapper for those Web +servers that do not offer it natively. Pound is distributed +under the GPL - no warranty, it's free to use, copy and +give away + +%prep +%setup -q -n %{name}-%{version} +%patch0 -p1 -b .remove-owner + +%build +%configure +make %{?_smp_mflags} + +%install +make install DESTDIR=%{buildroot} + +%{__install} -d %{buildroot}%{pound_home} +%{__install} -p -D -m 644 %{SOURCE1} %{buildroot}%{_unitdir}/pound.service +%{__install} -p -D -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/pound.cfg + +mkdir -p %{buildroot}%{_sysconfdir}/pki/tls/certs +touch %{buildroot}%{_sysconfdir}/pki/tls/certs/pound.pem + +%pre +%{_sbindir}/groupadd -f -r %{pound_group} +id %{pound_user} >/dev/null 2>&1 || \ + %{_sbindir}/useradd -r -g %{pound_group} -d %{pound_home} -s /sbin/nologin \ + -c "Pound user" %{pound_user} + +%post +%systemd_post pound.service +# generate dummy certificate +exec > /dev/null 2> /dev/null +if [ ! -f %{_sysconfdir}/pki/tls/certs/pound.pem ] ; then +pushd %{_sysconfdir}/pki/tls/certs +umask 077 +cat << EOF | make pound.pem +-- +SomeState +SomeCity +Pound Example Certificate +SomeOrganizationalUnit +localhost.localdomain +root@localhost.localdomain +EOF +chown root:pound pound.pem +chmod 640 pound.pem +popd +fi +exit 0 + +%preun +%systemd_preun pound.service + +%postun +%systemd_postun_with_restart pound.service + +%triggerun -- pound < 2.6-0.2.c +# Save the current service runlevel info +# User must manually run systemd-sysv-convert --apply pound +# to migrate them to systemd targets +/usr/bin/systemd-sysv-convert --save pound >/dev/null 2>&1 ||: + +# Run these because the SysV package being removed won't do them +/sbin/chkconfig --del pound >/dev/null 2>&1 || : +/bin/systemctl try-restart pound.service >/dev/null 2>&1 || : + +%files +%doc CHANGELOG FAQ GPL.txt README +%{_mandir}/man8/pound.8* +%{_mandir}/man8/poundctl.8* +%{_sbindir}/pound +%{_sbindir}/poundctl +%{_unitdir}/pound.service +%config(noreplace) %{_sysconfdir}/pound.cfg +%ghost %config(noreplace) %{_sysconfdir}/pki/tls/certs/pound.pem +%attr(-,%{pound_user},%{pound_group}) %dir %{pound_home} + +%changelog +* Wed Jul 24 2019 Fedora Release Engineering - 1:2.7-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Thu Jan 31 2019 Fedora Release Engineering - 1:2.7-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Thu Jul 12 2018 Fedora Release Engineering - 1:2.7-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Wed Feb 07 2018 Fedora Release Engineering - 1:2.7-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Wed Aug 02 2017 Fedora Release Engineering - 1:2.7-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 1:2.7-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Feb 10 2017 Fedora Release Engineering - 1:2.7-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Feb 03 2016 Fedora Release Engineering - 1:2.7-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Tue Sep 15 2015 Marcin Juszkiewicz - 1:2.7-2 +- Enable gperftools use on aarch64 and ppc64le + +* Tue Sep 01 2015 Adam Tkac - 1:2.7-1 +- update to 2.7 final (#1258262) + +* Tue Jun 16 2015 Fedora Release Engineering - 1:2.7-0.5.d +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Fri Oct 24 2014 Lubomir Rintel - 1:2.7-0.4.d +- Update to 2.7d: +- added "Disable PROTO" directives (fix for Poodle vulnerability) +- added Cert, Disable and Cipher directives for HTTPS back-ends. The + directive HTTPS "cert" no longer supported. +- fixed address comparison for RewriteLocation (IPv4/IPv6 problem - + +* Fri Sep 19 2014 Pete Zaitcev - 1:2.7-0.4.c +- chmod 644 pound.service # avoids warnings in messages + +* Fri Aug 15 2014 Fedora Release Engineering - 1:2.7-0.3.c +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Fri Jun 06 2014 Fedora Release Engineering - 1:2.7-0.2.c +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Wed Apr 23 2014 Lubomir Rintel (GoodData) - 1:2.7-0.1.c +- Rebased to new upstream release +- Bump epoch; the prerelease tag was added incorrectly. Sigh. + +* Mon Oct 14 2013 Pete Zaitcev - 2.7b-1 +- Upstream 2.7b (includes ./configure for autoconf 2.69, required for ARM 64) +- Rebuild for PIE (954334) + +* Fri Aug 02 2013 Fedora Release Engineering - 2.6-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Wed Feb 13 2013 Fedora Release Engineering - 2.6-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Sun Aug 19 2012 Tom Callaway - 2.6-5 +- update scriptlets to use new systemd macros + +* Wed Jul 18 2012 Fedora Release Engineering - 2.6-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Sat Feb 18 2012 Ruben Kerkhof 2.6-3 +- Rebuild against gperftools + +* Thu Jan 12 2012 Fedora Release Engineering - 2.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Mon Jan 09 2012 Ruben Kerkhof 2.6-1 +- Fix Release + +* Mon Jan 09 2012 Ruben Kerkhof 2.6-0.5 +- Upstream released new version + +* Mon Oct 17 2011 Dan HorĂ¡k 2.6-0.4.f +- switch to positive arch list for BR: google-perftools + +* Sat Sep 17 2011 Ruben Kerkhof 2.6-0.3.f +- Upstream released new version + +* Fri Sep 16 2011 Tom Callaway 2.6-0.2.c +- convert to systemd + +* Wed Feb 09 2011 Ruben Kerkhof 2.6-0.1.c +- Upstream released new version +- Drop upstreamed OpenSSL patch + +* Mon Feb 07 2011 Fedora Release Engineering - 2.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Wed Feb 10 2010 Ruben Kerkhof 2.5-1 +- Upstream released new version + +* Wed Nov 11 2009 Lubomir Rintel (GoodData) - 2.4.5-1 +- Rebased to new upstream release + +* Wed Aug 26 2009 Tomas Mraz - 2.4.4-4 +- rebuilt with new openssl + +* Fri Jul 24 2009 Fedora Release Engineering - 2.4.4-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Mon Feb 23 2009 Fedora Release Engineering - 2.4.4-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Thu Jan 15 2009 Ruben Kerkhof 2.4.4-1 +- upstream released new version + +* Mon Oct 13 2008 Ruben Kerkhof 2.4.3-1 +- Upstream released new version + +* Fri Jun 27 2008 Dennis Gilmore 2.4-2 +- sparc arches dont have tcmalloc + +* Sat Feb 16 2008 Ruben Kerkhof 2.4-1 +- New stable version + +* Sat Feb 09 2008 Ruben Kerkhof - 2.4-0.2f +- Upstream released new version + +* Wed Dec 05 2007 Release Engineering - 2.4-0.2 +- Rebuild for deps + +* Sun Dec 02 2007 Ruben Kerkhof 2.4.0-1e +- Update to experimental version 2.4e +* Thu Aug 16 2007 Ruben Kerkhof 2.4.0-1d +- Update to experimental version 2.4d +- Upstream changed license to GPLv3 +* Wed Jun 06 2007 Ruben Kerkhof 2.4.0-1c +- Upstream released new version +* Sat May 26 2007 Ruben Kerkhof 2.4.0-2b +- Disable linking with tcmalloc on ppc (#238390) +* Fri May 25 2007 Ruben Kerkhof 2.4-0.1b +- Update to experimental version 2.4b +- Better handling of user creation +- Build with tcmalloc for increased performance +* Wed Apr 11 2007 Ruben Kerkhof 2.3-1 +- Update to 2.3 +* Thu Apr 05 2007 2.2.8-1 +- Sync with upstream +* Mon Mar 12 2007 2.2.7-1 +- Sync with upstream +* Sun Mar 04 2007 2.2.6-1 +- Sync with upstream +* Wed Feb 21 2007 2.2.5-1 +- Sync with upstream +* Sat Feb 10 2007 2.2.4-1 +- Sync with upstream +* Sat Jan 20 2007 2.2.3-1 +- Fix problems in bad 2.2.2 release +* Mon Jan 15 2007 2.2.2-1 +- Sync with upstream +* Wed Jan 03 2007 2.2.1-1 +- Sync with new beta release from upstream +* Sun Dec 17 2006 2.2-2 +- Fixed empty debuginfo rpm (bz 219942) +* Sat Dec 16 2006 2.2-1 +- Sync with upstream +* Sat Dec 09 2006 2.1.8-1 +- Sync with upstream +* Thu Dec 07 2006 2.1.7-1 +- Sync with upstream +* Wed Nov 08 2006 2.1.6-2 +- Changed hardcoded paths into rpmmacros +* Mon Nov 06 2006 2.1.6-1 +- Synced with upstream version +- Changed Summary +- Added an init script +- Added pound.cfg with an example configuration +- Added pound user and group +- A self-signed ssl certificate is created in %%post +* Fri Nov 03 2006 2.1.5-1 +- initial version diff --git a/dead.package b/dead.package deleted file mode 100644 index 8531e0d..0000000 --- a/dead.package +++ /dev/null @@ -1 +0,0 @@ -Pound fails to build from source: https://bugzilla.redhat.com/show_bug.cgi?id=1674583 diff --git a/pound-remove-owner.patch b/pound-remove-owner.patch new file mode 100644 index 0000000..6e05a51 --- /dev/null +++ b/pound-remove-owner.patch @@ -0,0 +1,18 @@ +--- Pound-2.2.3/Makefile.in.remove-owner 2007-01-21 01:45:44.000000000 +0100 ++++ Pound-2.2.3/Makefile.in 2007-01-21 01:46:59.000000000 +0100 +@@ -50,11 +50,11 @@ + + install: all + @INSTALL@ -d ${DESTDIR}@sbindir@ +- @INSTALL@ -o @I_OWNER@ -g @I_GRP@ -m 555 pound ${DESTDIR}@sbindir@/pound +- @INSTALL@ -o @I_OWNER@ -g @I_GRP@ -m 555 poundctl ${DESTDIR}@sbindir@/poundctl ++ @INSTALL@ -p -m 755 pound ${DESTDIR}@sbindir@/pound ++ @INSTALL@ -p -m 755 poundctl ${DESTDIR}@sbindir@/poundctl + @INSTALL@ -d ${DESTDIR}@mandir@/man8 +- @INSTALL@ -o @I_OWNER@ -g @I_GRP@ -m 644 pound.8 ${DESTDIR}@mandir@/man8/pound.8 +- @INSTALL@ -o @I_OWNER@ -g @I_GRP@ -m 644 poundctl.8 ${DESTDIR}@mandir@/man8/poundctl.8 ++ @INSTALL@ -p -m 644 pound.8 ${DESTDIR}@mandir@/man8/pound.8 ++ @INSTALL@ -p -m 644 poundctl.8 ${DESTDIR}@mandir@/man8/poundctl.8 + + clean: + rm -f pound $(OBJS) poundctl poundctl.o diff --git a/pound.cfg b/pound.cfg new file mode 100644 index 0000000..681b359 --- /dev/null +++ b/pound.cfg @@ -0,0 +1,35 @@ +# +# Default pound.cfg +# +# Pound listens on port 80 for HTTP and port 443 for HTTPS +# and distributes requests to 2 backends running on localhost. +# see pound(8) for configuration directives. +# You can enable/disable backends with poundctl(8). +# + +User "pound" +Group "pound" +Control "/var/lib/pound/pound.cfg" + +ListenHTTP + Address 0.0.0.0 + Port 80 +End + +ListenHTTPS + Address 0.0.0.0 + Port 443 + Cert "/etc/pki/tls/certs/pound.pem" +End + +Service + BackEnd + Address 127.0.0.1 + Port 8000 + End + + BackEnd + Address 127.0.0.1 + Port 8001 + End +End diff --git a/pound.service b/pound.service new file mode 100644 index 0000000..fd50f1b --- /dev/null +++ b/pound.service @@ -0,0 +1,11 @@ +[Unit] +Description=Pound Reverse Proxy And Load-balancer +After=syslog.target network.target + +[Service] +Type=forking +PIDFile=/var/run/pound.pid +ExecStart=/usr/sbin/pound + +[Install] +WantedBy=multi-user.target diff --git a/sources b/sources new file mode 100644 index 0000000..dcb7c34 --- /dev/null +++ b/sources @@ -0,0 +1 @@ +ec8298aa3e4aee3ffbecdc0639d7f14a Pound-2.7.tgz