diff --git a/www-apache/modsecurity-crs/Manifest b/www-apache/modsecurity-crs/Manifest new file mode 100644 index 0000000..a7819e8 --- /dev/null +++ b/www-apache/modsecurity-crs/Manifest @@ -0,0 +1 @@ +DIST modsecurity-crs-3.3.4.tar.gz 301112 BLAKE2B 0df4b70c5ecc1852fe3cde74783494636c530cc8a2b8ddc0269da25703521532ee3ed6ba1e572b854fe6912f31d2ed1fe4c917b13dc22b37763dbe73ef8c7b72 SHA512 a8b8b210054a9a4e3f8e45a5a9428110bb4075e40430e3fc16f4717e363af141265b1fb5c173ff96abeff0ac61ef5eef667a4b9cb703f8edc15e48deb3342827 diff --git a/www-apache/modsecurity-crs/files/80_mod_security-crs.conf b/www-apache/modsecurity-crs/files/80_mod_security-crs.conf new file mode 100644 index 0000000..c6b767a --- /dev/null +++ b/www-apache/modsecurity-crs/files/80_mod_security-crs.conf @@ -0,0 +1,8 @@ +<IfDefine SECURITY> + # Add your custom CRS configuration here. A copy of upstream's + # crs-setup.conf.example is includes with the documentation of + # modsecurity-crs. + + # Include the rules AFTER your custom configuration. + Include /usr/share/modsecurity-crs/rules/*.conf +</IfDefine> diff --git a/www-apache/modsecurity-crs/modsecurity-crs-3.3.4.ebuild b/www-apache/modsecurity-crs/modsecurity-crs-3.3.4.ebuild new file mode 100644 index 0000000..4290447 --- /dev/null +++ b/www-apache/modsecurity-crs/modsecurity-crs-3.3.4.ebuild @@ -0,0 +1,43 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit optfeature + +DESCRIPTION="OWASP ModSecurity Core Rule Set" +HOMEPAGE="https://coreruleset.org/" +SRC_URI="https://github.com/coreruleset/coreruleset/archive/v${PV}.tar.gz -> ${P}.tar.gz" +S="${WORKDIR}/coreruleset-${PV}" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~x86 ~arm ~arm64" +IUSE="+apache2" + +RDEPEND="apache2? ( >=www-apache/mod_security-2.9.6 )" + +DOCS=( CHANGES CONTRIBUTORS.md crs-setup.conf.example KNOWN_BUGS README.md ) + +src_install() { + insinto "/usr/share/${PN}" + doins -r rules + + einstalldocs + + if use apache2; then + # I don't think it's worth pulling in apache-module.eclass just for + # this path... + insinto /etc/apache2/modules.d + doins "${FILESDIR}/80_mod_security-crs.conf" + fi +} + +pkg_postinst() { + if use apache2; then + einfo "The CRS configuration file has been installed to:" + einfo " ${ROOT}/etc/apache2/modules.d/80_mod_security-crs.conf" + fi + + optfeature "apache-less installations, e.g. nginx" dev-libs/modsecurity +}