import debian & rpm sources (#898)

debian/changelog

@@ -0,0 +1,87 @@
+crowdsec (1.0.13-3) UNRELEASED; urgency=medium
+
+  * Fix small stuff
+
+ -- Manuel Sabban <manuel@crowdsec.net>  Wed, 26 Apr 2021 09:30:14 +0100
+
+crowdsec (1.0.13-2) UNRELEASED; urgency=medium
+
+  * Fix version advertisement
+
+ -- Manuel Sabban <manuel@crowdsec.net>  Wed, 26 Apr 2021 09:30:14 +0100
+
+crowdsec (1.0.13-1) UNRELEASED; urgency=medium
+
+  * Bump to 1.0.13
+
+ -- Manuel Sabban <manuel@crowdsec.net>  Wed, 26 Apr 2021 09:30:14 +0100
+
+crowdsec (1.0.12-1) UNRELEASED; urgency=medium
+
+  * Bump to 1.0.12
+
+ -- Manuel Sabban <manuel@crowdsec.net>  Wed, 07 Apr 2021 15:10:11 +0100
+
+crowdsec (1.0.9-5) UNRELEASED; urgency=medium
+
+  * Fix cleanup on remove --purge
+
+ -- Manuel Sabban <manuel@crowdsec.net>  Wed, 23 Mar 2021 15:17:09 +0100
+
+crowdsec (1.0.9-4) UNRELEASED; urgency=medium
+
+  * Fix a bunch a bugs in package management
+
+ -- Manuel Sabban <manuel@crowdsec.net>  Wed, 23 Mar 2021 15:17:09 +0100
+
+crowdsec (1.0.9-3) UNRELEASED; urgency=medium
+
+  * truly fix error generating acquis.yaml
+
+ -- Manuel Sabban <manuel@crowdsec.net>  Wed, 10 Feb 2021 10:41:06 +0100
+
+crowdsec (1.0.9-2) UNRELEASED; urgency=medium
+
+  * fix error generating acquis.yaml
+
+ -- Manuel Sabban <manuel@crowdsec.net>  Wed, 10 Feb 2021 10:41:06 +0100
+
+crowdsec (1.0.9-1) UNRELEASED; urgency=medium
+
+  * bump to 1.0.9
+
+ -- Manuel Sabban <manuel@crowdsec.net>  Wed, 10 Feb 2021 10:41:06 +0100
+
+crowdsec (1.0.7-4) UNRELEASED; urgency=medium
+
+  * fix crowdsec -version output
+
+ -- Manuel Sabban <manuel@crowdsec.net>  Wed, 10 Feb 2021 10:41:06 +0100
+
+crowdsec (1.0.7-3) UNRELEASED; urgency=medium
+
+  * fix error when docker metabase doesn't exist
+  * fix crowdsec not stopped when uninstalling
+
+ -- Manuel Sabban <manuel@crowdsec.net>  Wed, 10 Feb 2021 10:41:06 +0100
+
+crowdsec (1.0.7-2) UNRELEASED; urgency=medium
+
+  * remove stop metabase docker container
+  * purge removes the metabase container once and for all
+
+ -- Manuel Sabban <manuel@crowdsec.net>  Wed, 10 Feb 2021 10:41:06 +0100
+
+crowdsec (1.0.7-1) UNRELEASED; urgency=medium
+
+  * debian package
+  * bump to 1.0.7
+
+ -- Manuel Sabban <manuel@crowdsec.net>  Wed, 10 Feb 2021 10:41:06 +0100
+
+crowdsec (1.0.4-1) UNRELEASED; urgency=medium
+
+  * debian package
+  * bump to 1.0.4
+
+ -- Manuel Sabban <manuel@crowdsec.net>  Mon, 08 Feb 2021 09:38:06 +0100

debian/compat

@@ -0,0 +1 @@
+11

debian/control

@@ -0,0 +1,7 @@
+Source: crowdsec
+Maintainer: Crowdsec Team <debian@crowdsec.net>
+Build-Depends: debhelper, jq, bash, git
+
+Package: crowdsec
+Architecture: any
+Description: Crowdsec - An open-source, lightweight agent to detect and respond to bad behaviours. It also automatically benefits from our global community-wide IP reputation database

debian/crowdsec.service

@@ -0,0 +1,17 @@
+[Unit]
+Description=Crowdsec agent
+After=syslog.target network.target remote-fs.target nss-lookup.target
+
+[Service]
+Type=notify
+Environment=LC_ALL=C LANG=C
+PIDFile=/run/crowdsec.pid
+ExecStartPre=/usr/bin/crowdsec -c /etc/crowdsec/config.yaml -t
+ExecStart=/usr/bin/crowdsec -c /etc/crowdsec/config.yaml
+#ExecStartPost=/bin/sleep 0.1
+ExecReload=/bin/kill -HUP $MAINPID
+Restart=always
+RestartSec=60
+
+[Install]
+WantedBy=multi-user.target

debian/debhelper-build-stamp

@@ -0,0 +1 @@
+crowdsec

debian/patches/fix-wizard.patch

@@ -0,0 +1,91 @@
+generate acquis.yaml directly in place
+Index: crowdsec/wizard.sh
+===================================================================
+--- crowdsec.orig/wizard.sh
++++ crowdsec/wizard.sh
+@@ -41,7 +41,6 @@
+ fi
+ 
+ ACQUIS_PATH="${CROWDSEC_CONFIG_PATH}"
+-TMP_ACQUIS_FILE="tmp-acquis.yaml"
+ ACQUIS_TARGET="${ACQUIS_PATH}/acquis.yaml"
+ 
+ PID_DIR="${CROWDSEC_RUN_DIR}"
+@@ -265,30 +264,30 @@
+     shift
+     local files=("${@}")
+     
+-    echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${TMP_ACQUIS_FILE}
++    echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${ACQUIS_TARGET}
+     
+-    echo "filenames:"  >> ${TMP_ACQUIS_FILE}
++    echo "filenames:"  >> ${ACQUIS_TARGET}
+     for fd in ${files[@]}; do
+-	echo "  - ${fd}"  >> ${TMP_ACQUIS_FILE}
++	echo "  - ${fd}"  >> ${ACQUIS_TARGET}
+     done
+-    echo "labels:"  >> ${TMP_ACQUIS_FILE}
+-    echo "  "${log_input_tags[${service}]}  >> ${TMP_ACQUIS_FILE}
+-    echo "---"  >> ${TMP_ACQUIS_FILE}
+-    log_dbg "tmp acquisition file generated to: ${TMP_ACQUIS_FILE}"
++    echo "labels:"  >> ${ACQUIS_TARGET}
++    echo "  "${log_input_tags[${service}]}  >> ${ACQUIS_TARGET}
++    echo "---"  >> ${ACQUIS_TARGET}
++    log_dbg "acquisition file generated to: ${ACQUIS_TARGET}"
+ }
+ 
+ genyamljournal() {
+     local service="${1}"
+     shift
+     
+-    echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${TMP_ACQUIS_FILE}
++    echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${ACQUIS_TARGET}
+     
+-    echo "journalctl_filter:"  >> ${TMP_ACQUIS_FILE}
+-    echo " - _SYSTEMD_UNIT="${service}".service"  >> ${TMP_ACQUIS_FILE}
+-    echo "labels:"  >> ${TMP_ACQUIS_FILE}
+-    echo "  "${log_input_tags[${service}]}  >> ${TMP_ACQUIS_FILE}
+-    echo "---"  >> ${TMP_ACQUIS_FILE}
+-    log_dbg "tmp acquisition file generated to: ${TMP_ACQUIS_FILE}"
++    echo "journalctl_filter:"  >> ${ACQUIS_TARGET}
++    echo " - _SYSTEMD_UNIT="${service}".service"  >> ${ACQUIS_TARGET}
++    echo "labels:"  >> ${ACQUIS_TARGET}
++    echo "  "${log_input_tags[${service}]}  >> ${ACQUIS_TARGET}
++    echo "---"  >> ${ACQUIS_TARGET}
++    log_dbg "acquisition file generated to: ${ACQUIS_TARGET}"
+ }
+ 
+ genacquisition() {
+@@ -569,7 +568,6 @@
+         ${CSCLI_BIN_INSTALLED} hub update
+         install_collection
+         genacquisition
+-        mv "${TMP_ACQUIS_FILE}" "${ACQUIS_TARGET}"
+ 
+         return
+     fi
+@@ -628,7 +626,6 @@
+ 
+         # Generate acquisition file and move it to the right folder
+         genacquisition
+-        mv "${TMP_ACQUIS_FILE}" "${ACQUIS_TARGET}"
+         log_info "acquisition file path: ${ACQUIS_TARGET}"
+         # Install collections according to detected services
+         log_dbg "Installing needed collections ..."
+@@ -656,7 +653,6 @@
+ 
+     if [[ "$1" == "detect" ]];
+     then
+-        rm -f "${TMP_ACQUIS_FILE}"
+         detect_services
+         if [[ ${DETECTED_SERVICES} == "" ]] ; then 
+             log_err "No detected or selected services, stopping."
+@@ -664,8 +660,7 @@
+         fi;
+         log_info "Found ${#DETECTED_SERVICES[@]} supported services running:"
+         genacquisition
+-        cat "${TMP_ACQUIS_FILE}"
+-        rm "${TMP_ACQUIS_FILE}"
++        cat "${ACQUIS_TARGET}"
+         return
+     fi

debian/patches/series

@@ -0,0 +1 @@
+fix-wizard.patch

debian/postinst

@@ -0,0 +1,90 @@
+#!/bin/bash
+
+COLLECTIONS=false
+set -e
+
+# Source debconf library.
+. /usr/share/debconf/confmodule
+
+if [ "$1" = configure ]; then
+    if [[ ! -d /var/lib/crowdsec/data ]]; then
+        mkdir -p /var/lib/crowdsec/data
+    fi
+
+    if [[ -d /var/lib/crowdsec/backup ]]; then
+        cscli config restore /var/lib/crowdsec/backup/backup.config
+        rm -rf /var/lib/crowdsec/backup
+        /usr/bin/cscli hub update
+        /usr/bin/cscli hub upgrade
+        systemctl start crowdsec
+    fi
+    
+    . /usr/share/crowdsec/wizard.sh -n
+    if ! [[ -f /etc/crowdsec/config.yaml ]]; then
+        echo Creating crowdsec configuration in /etc/crowdsec
+        cp -a /usr/share/crowdsec/config/* /etc/crowdsec
+
+        echo Creating /etc/crowdsec/acquis.yaml
+        set +e
+        SILENT=true detect_services
+        SILENT=true genacquisition
+        set -e
+        COLLECTIONS=true
+    fi
+    if [[ ! -f /etc/crowdsec/local_api_credentials.yaml ]] || [[ ! -f /etc/crowdsec/online_api_credentials.yaml ]]; then
+        touch /etc/crowdsec/local_api_credentials.yaml
+        touch /etc/crowdsec/online_api_credentials.yaml
+        db_input medium crowdsec/lapi || true
+        db_go || true
+        
+        db_get crowdsec/lapi
+        LAPI=$RET
+
+        if  [ "$LAPI" = true ]; then
+            db_input medium crowdsec/capi || true
+            db_go || true
+            
+            db_get crowdsec/capi
+            CAPI=$RET
+            
+            cscli machines add -a
+        
+            if [ "$CAPI" = true ]; then
+                cscli capi register
+            fi
+           
+        else
+            db_input medium crowdsec/lapi_host || true
+            db_go || true
+            
+            db_get crowdsec/lapi_host
+            LAPI_HOST=$RET
+            sed -i "s/127.0.0.1:8080/$LAPI_HOST/g" /etc/crowdsec/config.yaml
+        fi
+    fi
+    echo Updating hub
+    /usr/bin/cscli hub update
+    if [ $COLLECTIONS=true ]; then
+        set +e
+        CSCLI_BIN_INSTALLED="/usr/bin/cscli" SILENT=true install_collection
+        set -e
+    fi   
+        
+    
+    if [[ -f /var/lib/crowdsec/data/crowdsec.db.backup ]]; then
+        cp /var/lib/crowdsec/data/crowdsec.db.backup /var/lib/crowdsec/data/crowdsec.db
+        rm -f /var/lib/crowdsec/data/crowdsec.db.backup
+    fi
+
+    systemctl --quiet is-enabled crowdsec || systemctl unmask crowdsec && systemctl enable crowdsec
+
+    if [ -z "$(ss -nlt 'sport = 8080' | grep -v ^State)" ]; then
+        systemctl start crowdsec
+    else
+        echo "Not attempting to start crowdsec, port 8080 is already used"
+        echo "This port is configured through /etc/crowdsec/config.yaml and /etc/crowdsec/local_api_credentials.yaml"
+    fi
+fi
+
+
+echo "You always can run the configuration again interactively using '/usr/share/crowdsec/wizard.sh -c"

debian/postrm

@@ -0,0 +1,4 @@
+if [ "$1" = "purge" ]; then
+   find /etc/crowdsec -maxdepth 1 -mindepth 1 | grep -v "bouncer" | xargs rm -rf || echo ""
+   rm -rf /var/lib/crowdsec
+fi

debian/preinst

@@ -0,0 +1,43 @@
+#!/bin/bash
+
+set -e
+
+# Source debconf library.
+. /usr/share/debconf/confmodule
+
+
+OLD_MAJOR_VERSION=$(echo $2 | cut -d'.' -f1)
+OLD_MINOR_VERSION=$(echo $2 | cut -d'.' -f2)
+OLD_PATCH_VERSION=$(echo $2 | cut -d'.' -f3|cut -d'-' -f1)
+
+NEW_MAJOR_VERSION=$(echo $3 | cut -d'.' -f1)
+NEW_MINOR_VERSION=$(echo $3 | cut -d'.' -f2)
+NEW_PATCH_VERSION=$(echo $3 | cut -d'.' -f3|cut -d'-' -f1)
+
+
+
+if [ "$1" = upgrade ]; then
+
+    OLD_MAJOR_VERSION=$(echo $2 | cut -d'.' -f1)
+    OLD_MINOR_VERSION=$(echo $2 | cut -d'.' -f2)
+    OLD_PATCH_VERSION=$(echo $2 | cut -d'.' -f3|cut -d'-' -f1)
+
+    NEW_MAJOR_VERSION=$(echo $3 | cut -d'.' -f1)
+    NEW_MINOR_VERSION=$(echo $3 | cut -d'.' -f2)
+    NEW_PATCH_VERSION=$(echo $3 | cut -d'.' -f3|cut -d'-' -f1)
+
+    
+   if [[ $OLD_MAJOR_VERSION -eq "1" ]] && [[ $OLD_MINOR_VERSION -eq "0" ]] && [[ $OLD_PATCH_VERSION -lt "9" ]]; then
+       if [[ -f /var/lib/crowdsec/data/crowdsec.db ]]; then
+          cp /var/lib/crowdsec/data/crowdsec.db  /var/lib/crowdsec/data/crowdsec.db.backup
+       fi
+   fi
+
+   if [[ $NEW_MAJOR_VERSION -gt  $OLD_MAJOR_VERSION ]]; then
+      echo "Stopping crowdsec"
+      systemctl stop crowdsec || true
+      cscli config backup /var/lib/crowdsec/backup
+   fi   
+fi
+
+echo "You always can run the configuration again interactively using '/usr/share/crowdsec/wizard.sh -c"

debian/prerm

@@ -0,0 +1,9 @@
+if [ "$1" = "remove" ]; then
+   cscli dashboard remove -f -y || true
+   systemctl stop crowdsec
+   systemctl disable crowdsec
+fi
+
+if [ "$1" = "upgrade" ]; then
+   systemctl stop crowdsec
+fi

debian/rules

@@ -0,0 +1,37 @@
+#!/usr/bin/make -f
+
+export DEB_VERSION=$(shell dpkg-parsechangelog | egrep '^Version:' | cut -f 2 -d ' ')
+export BUILD_VERSION=v${DEB_VERSION}-debian-pragmatic
+export GO111MODULE=on
+
+# LD_OPTS=-ldflags "-s -w -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Version=$(BUILD_VERSION) \
+# -X github.com/crowdsecurity/crowdsec/pkg/cwversion.BuildDate=$(BUILD_TIMESTAMP) \
+# -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Codename=$(BUILD_CODENAME)  \
+# -X github.com/crowdsecurity/crowdsec/pkg/cwversion.Tag=$(BUILD_TAG) \
+# -X github.com/crowdsecurity/crowdsec/pkg/cwversion.GoVersion=$(BUILD_GOVERSION)"
+
+%:
+	dh $@
+
+override_dh_auto_clean:
+override_dh_auto_test:
+override_dh_auto_build:
+override_dh_auto_install:
+# mkdir /tmp/go
+# echo $(go version)
+# echo $($GOCMD version)
+# cd cmd/crowdsec && GOROOT=/tmp/go GO111MODULE=on $(GOBUILD) $(LD_OPTS) -o $(CROWDSEC_BIN) -v && cd ..
+# cd cmd/crowdsec-cli  && GOROOT=/tmp/go GO111MODULE=on $(GOBUILD) $(LD_OPTS) -o cscli -v && cd ..
+	make
+	mkdir -p debian/crowdsec/usr/bin
+	mkdir -p debian/crowdsec/etc/crowdsec
+	mkdir -p debian/crowdsec/usr/share/crowdsec
+	mkdir -p debian/crowdsec/etc/crowdsec/hub/
+	mkdir -p debian/crowdsec/usr/share/crowdsec/config
+	cp cmd/crowdsec/crowdsec debian/crowdsec/usr/bin
+	cp cmd/crowdsec-cli/cscli debian/crowdsec/usr/bin
+	cp wizard.sh debian/crowdsec/usr/share/crowdsec
+	cp config/config.yaml debian/crowdsec/usr/share/crowdsec/config/config.yaml
+	cp config/simulation.yaml debian/crowdsec/usr/share/crowdsec/config/simulation.yaml
+	cp config/profiles.yaml debian/crowdsec/usr/share/crowdsec/config/profiles.yaml
+	cp -a config/patterns debian/crowdsec/usr/share/crowdsec/config

debian/templates

@@ -0,0 +1,23 @@
+Template: crowdsec/lapi
+Type: boolean
+Default: true
+Description: Do you want to run the local API server ?
+ A local API is required to run crowdsec, but another installation can be used. 
+ .
+ If you don't know what to do, consider answer yes.
+
+Template: crowdsec/lapi_host
+Type: string
+Default: 127.0.0.1:8080
+Description: Address of the local API server
+ A local API is required to run crowdsec, but another installation can be used. 
+ .
+ Please add the address of the local API server
+
+Template: crowdsec/capi
+Type: boolean
+Default: true
+Description: Do you want to the centralized remote API server ?
+ To share information with other crowdsec you can register to the centralized remote API server.
+ .
+ If you don't know what to do, consider answer yes. 

rpm/SOURCES/80-crowdsec.preset

@@ -0,0 +1,3 @@
+# This file is part of crowdsec
+
+enable crowdsec.service

rpm/SOURCES/config.patch

@@ -0,0 +1,10 @@
+--- config/config.yaml-orig	2021-05-10 20:52:35.540560498 +0200
++++ config/config.yaml	2021-05-10 20:54:36.909254007 +0200
+@@ -16,6 +16,7 @@
+   parser_routines: 1
+ cscli:
+   output: human
++  hub_branch: master
+ db_config:
+   log_level: info
+   type: sqlite

rpm/SOURCES/crowdsec.unit.patch

@@ -0,0 +1,14 @@
+--- config/crowdsec.service-orig	2021-06-29 09:35:15.945984145 +0200
++++ config/crowdsec.service	2021-06-29 09:35:45.338024681 +0200
+@@ -5,9 +5,9 @@
+ [Service]
+ Type=notify
+ Environment=LC_ALL=C LANG=C
+-PIDFile=/var/run/crowdsec.pid
+-ExecStartPre=/usr/local/bin/crowdsec -c /etc/crowdsec/config.yaml -t
+-ExecStart=/usr/local/bin/crowdsec -c /etc/crowdsec/config.yaml
++PIDFile=/run/crowdsec.pid
++ExecStartPre=/usr//bin/crowdsec -c /etc/crowdsec/config.yaml -t
++ExecStart=/usr/bin/crowdsec -c /etc/crowdsec/config.yaml
+ #ExecStartPost=/bin/sleep 0.1
+ ExecReload=/bin/kill -HUP $MAINPID

rpm/SOURCES/fix-wizard.patch

@@ -0,0 +1,91 @@
+generate acquis.yaml directly in place
+Index: crowdsec/wizard.sh
+===================================================================
+--- crowdsec.orig/wizard.sh
++++ crowdsec/wizard.sh
+@@ -41,7 +41,6 @@
+ fi
+ 
+ ACQUIS_PATH="${CROWDSEC_CONFIG_PATH}"
+-TMP_ACQUIS_FILE="tmp-acquis.yaml"
+ ACQUIS_TARGET="${ACQUIS_PATH}/acquis.yaml"
+ 
+ PID_DIR="${CROWDSEC_RUN_DIR}"
+@@ -265,30 +264,30 @@
+     shift
+     local files=("${@}")
+     
+-    echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${TMP_ACQUIS_FILE}
++    echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${ACQUIS_TARGET}
+     
+-    echo "filenames:"  >> ${TMP_ACQUIS_FILE}
++    echo "filenames:"  >> ${ACQUIS_TARGET}
+     for fd in ${files[@]}; do
+-	echo "  - ${fd}"  >> ${TMP_ACQUIS_FILE}
++	echo "  - ${fd}"  >> ${ACQUIS_TARGET}
+     done
+-    echo "labels:"  >> ${TMP_ACQUIS_FILE}
+-    echo "  "${log_input_tags[${service}]}  >> ${TMP_ACQUIS_FILE}
+-    echo "---"  >> ${TMP_ACQUIS_FILE}
+-    log_dbg "tmp acquisition file generated to: ${TMP_ACQUIS_FILE}"
++    echo "labels:"  >> ${ACQUIS_TARGET}
++    echo "  "${log_input_tags[${service}]}  >> ${ACQUIS_TARGET}
++    echo "---"  >> ${ACQUIS_TARGET}
++    log_dbg "acquisition file generated to: ${ACQUIS_TARGET}"
+ }
+ 
+ genyamljournal() {
+     local service="${1}"
+     shift
+     
+-    echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${TMP_ACQUIS_FILE}
++    echo "#Generated acquisition file - wizard.sh (service: ${service}) / files : ${files[@]}" >> ${ACQUIS_TARGET}
+     
+-    echo "journalctl_filter:"  >> ${TMP_ACQUIS_FILE}
+-    echo " - _SYSTEMD_UNIT="${service}".service"  >> ${TMP_ACQUIS_FILE}
+-    echo "labels:"  >> ${TMP_ACQUIS_FILE}
+-    echo "  "${log_input_tags[${service}]}  >> ${TMP_ACQUIS_FILE}
+-    echo "---"  >> ${TMP_ACQUIS_FILE}
+-    log_dbg "tmp acquisition file generated to: ${TMP_ACQUIS_FILE}"
++    echo "journalctl_filter:"  >> ${ACQUIS_TARGET}
++    echo " - _SYSTEMD_UNIT="${service}".service"  >> ${ACQUIS_TARGET}
++    echo "labels:"  >> ${ACQUIS_TARGET}
++    echo "  "${log_input_tags[${service}]}  >> ${ACQUIS_TARGET}
++    echo "---"  >> ${ACQUIS_TARGET}
++    log_dbg "acquisition file generated to: ${ACQUIS_TARGET}"
+ }
+ 
+ genacquisition() {
+@@ -569,7 +568,6 @@
+         ${CSCLI_BIN_INSTALLED} hub update
+         install_collection
+         genacquisition
+-        mv "${TMP_ACQUIS_FILE}" "${ACQUIS_TARGET}"
+ 
+         return
+     fi
+@@ -628,7 +626,6 @@
+ 
+         # Generate acquisition file and move it to the right folder
+         genacquisition
+-        mv "${TMP_ACQUIS_FILE}" "${ACQUIS_TARGET}"
+         log_info "acquisition file path: ${ACQUIS_TARGET}"
+         # Install collections according to detected services
+         log_dbg "Installing needed collections ..."
+@@ -656,7 +653,6 @@
+ 
+     if [[ "$1" == "detect" ]];
+     then
+-        rm -f "${TMP_ACQUIS_FILE}"
+         detect_services
+         if [[ ${DETECTED_SERVICES} == "" ]] ; then 
+             log_err "No detected or selected services, stopping."
+@@ -664,8 +660,7 @@
+         fi;
+         log_info "Found ${#DETECTED_SERVICES[@]} supported services running:"
+         genacquisition
+-        cat "${TMP_ACQUIS_FILE}"
+-        rm "${TMP_ACQUIS_FILE}"
++        cat "${ACQUIS_TARGET}"
+         return
+     fi

rpm/SPECS/crowdsec.spec

@@ -0,0 +1,180 @@
+
+Name:           crowdsec
+Version:        %(echo $VERSION)
+Release:        %(echo $PACKAGE_NUMBER)%{?dist}
+Summary:        Crowdsec - An open-source, lightweight agent to detect and respond to bad behaviours. It also automatically benefits from our global community-wide IP reputation database
+
+License:        MIT
+URL:            https://crowdsec.net
+Source0:        https://github.com/crowdsecurity/%{name}/archive/v%(echo $VERSION).tar.gz
+Source1:        80-%{name}.preset
+Patch0:         crowdsec.unit.patch
+Patch1:         fix-wizard.patch
+Patch2:         config.patch
+BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
+BuildRequires:  git
+BuildRequires:  golang >= 1.14
+BuildRequires:  make
+BuildRequires:  jq
+BuildRequires:  systemd
+%{?fc33:BuildRequires: systemd-rpm-macros}
+%{?fc34:BuildRequires: systemd-rpm-macros}
+
+%define debug_package %{nil}
+
+%description
+
+%define version_number  %(echo $VERSION)
+%define releasever  %(echo $RELEASEVER)
+%global local_version v%{version_number}-%{releasever}-rpm
+%global name crowdsec
+%global __mangle_shebangs_exclude_from /usr/bin/env
+
+%prep
+%setup -q -T -b 0
+
+%patch0
+%patch1
+%patch2
+
+%build
+BUILD_VERSION=%{local_version} make
+
+%install
+rm -rf %{buildroot}
+mkdir -p %{buildroot}/etc/crowdsec/hub
+mkdir -p %{buildroot}/etc/crowdsec/patterns
+mkdir -p %{buildroot}%{_sharedstatedir}/%{name}/data
+mkdir -p %{buildroot}%{_presetdir}
+install -m 755 -D cmd/crowdsec/crowdsec %{buildroot}%{_bindir}/%{name}
+install -m 755 -D cmd/crowdsec-cli/cscli %{buildroot}%{_bindir}/cscli
+install -m 755 -D wizard.sh %{buildroot}/usr/share/crowdsec/wizard.sh
+install -m 644 -D config/crowdsec.service %{buildroot}%{_unitdir}/%{name}.service
+install -m 644 -D config/patterns/* -t %{buildroot}%{_sysconfdir}/crowdsec/patterns
+install -m 644 -D config/config.yaml %{buildroot}%{_sysconfdir}/crowdsec
+install -m 644 -D config/simulation.yaml %{buildroot}%{_sysconfdir}/crowdsec
+install -m 644 -D config/profiles.yaml %{buildroot}%{_sysconfdir}/crowdsec
+install -m 644 -D %{SOURCE1} %{buildroot}%{_presetdir}
+
+%clean
+rm -rf %{buildroot}
+
+%files
+%defattr(-,root,root,-)
+/usr/bin/%{name}
+/usr/bin/cscli
+/usr/share/%{name}/wizard.sh
+%{_sysconfdir}/%{name}/patterns/linux-syslog
+%{_sysconfdir}/%{name}/patterns/ruby
+%{_sysconfdir}/%{name}/patterns/nginx
+%{_sysconfdir}/%{name}/patterns/junos
+%{_sysconfdir}/%{name}/patterns/cowrie_honeypot
+%{_sysconfdir}/%{name}/patterns/redis
+%{_sysconfdir}/%{name}/patterns/firewalls
+%{_sysconfdir}/%{name}/patterns/paths
+%{_sysconfdir}/%{name}/patterns/java
+%{_sysconfdir}/%{name}/patterns/postgresql
+%{_sysconfdir}/%{name}/patterns/bacula
+%{_sysconfdir}/%{name}/patterns/mcollective
+%{_sysconfdir}/%{name}/patterns/rails
+%{_sysconfdir}/%{name}/patterns/haproxy
+%{_sysconfdir}/%{name}/patterns/nagios
+%{_sysconfdir}/%{name}/patterns/mysql
+%{_sysconfdir}/%{name}/patterns/ssh
+%{_sysconfdir}/%{name}/patterns/tcpdump
+%{_sysconfdir}/%{name}/patterns/exim
+%{_sysconfdir}/%{name}/patterns/bro
+%{_sysconfdir}/%{name}/patterns/modsecurity
+%{_sysconfdir}/%{name}/patterns/aws
+%{_sysconfdir}/%{name}/patterns/smb
+%{_sysconfdir}/%{name}/patterns/mongodb
+%config(noreplace) %{_sysconfdir}/%{name}/config.yaml
+%config(noreplace) %{_sysconfdir}/%{name}/simulation.yaml
+%config(noreplace) %{_sysconfdir}/%{name}/profiles.yaml
+%config(noreplace) %{_presetdir}/80-%{name}.preset
+
+%{_unitdir}/%{name}.service
+
+%ghost %{_sysconfdir}/%{name}/hub/.index.json
+%ghost %{_localstatedir}/log/%{name}.log
+%dir /var/lib/%{name}/data/
+
+%ghost %{_sysconfdir}/crowdsec/local_api_credentials.yaml
+%ghost %{_sysconfdir}/crowdsec/online_api_credentials.yaml
+%ghost %{_sysconfdir}/crowdsec/acquis.yaml
+
+%pre
+
+#systemctl stop crowdsec || true
+
+if [ $1 == 2 ];then  
+    if [[ ! -d /var/lib/crowdsec/backup ]]; then
+        cscli config backup /var/lib/crowdsec/backup
+    fi
+fi
+
+
+%post -p /bin/bash
+
+if [ $1 == 1 ]; then
+
+    if [ ! -f "/var/lib/crowdsec/data/crowdsec.db" ] ; then
+        touch /var/lib/crowdsec/data/crowdsec.db
+    fi
+
+    echo $SHELL
+    . /usr/share/crowdsec/wizard.sh -n
+
+    echo Creating acquisition configuration
+    if [ ! -f "/etc/crowsec/acquis.yaml" ] ; then
+        set +e
+        SILENT=true detect_services
+        SILENT=true genacquisition
+        set +e
+    fi
+    if [ ! -f "%{_sysconfdir}/crowdsec/online_api_credentials.yaml" ] && [ ! -f "%{_sysconfdir}/crowdsec/local_api_credentials.yaml" ] ; then
+        touch %{_sysconfdir}/crowdsec/online_api_credentials.yaml
+        touch %{_sysconfdir}/crowdsec/local_api_credentials.yaml
+        cscli capi register
+        cscli machines add -a
+    fi
+    if [ ! -f "%{_sysconfdir}/crowdsec/online_api_credentials.yaml" ] ; then
+        touch %{_sysconfdir}/crowdsec/online_api_credentials.yaml
+        cscli capi register
+    fi
+    if [ ! -f "%{_sysconfdir}/crowdsec/local_api_credentials.yaml" ] ; then
+        touch %{_sysconfdir}/crowdsec/local_api_credentials.yaml
+        cscli machines add -a
+    fi
+
+    cscli hub update
+    CSCLI_BIN_INSTALLED="/usr/bin/cscli" SILENT=true install_collection
+
+    systemctl start crowdsec || echo "crowdsec is not started"
+    
+elif [ $1 == 2 ] && [ -d /var/lib/crowdsec/backup ]; then
+    cscli config restore /var/lib/crowdsec/backup
+    if [ $? == 0 ]; then
+       rm -rf /var/lib/crowdsec/backup
+    fi
+
+fi
+
+%systemd_post %{name}.service
+
+%preun
+
+#systemctl stop crowdsec || echo "crowdsec was not started"
+
+%systemd_preun %{name}.service
+
+%postun
+
+%systemd_postun_with_restart %{name}.service
+
+#systemctl stop crowdsec || echo "crowdsec was not started"
+
+%changelog
+* Tue Feb 16 2021 Manuel Sabban <manuel@crowdsec.net>
+- First initial packaging