# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4

PortSystem          1.0
PortGroup           cmake 1.1
PortGroup           openssl 1.0

name                zeek
version             6.0.3
revision            0
categories          net security
maintainers         {mps @Schamschula} openmaintainer
license             BSD

description         Zeek is a powerful network analysis framework that is much different \
                    from the typical IDS you may know.

long_description    {*}${description} Zeek is the new name for the long-established Bro \
                    system. Note that parts of the system retain the "Bro" name, and it \
                    also often appears in the documentation and distributions.

homepage            https://www.zeek.org/
master_sites        https://download.zeek.org/

checksums           rmd160  f76b5385a6847cd3d10c4556da3c87d9af52fc8a \
                    sha256  227edf0e1e6b54dc9893cfd1ecd8621291cc85d1d06808874394aad555f8a8a4 \
                    size    60225127

openssl.branch      3

subport ${name} {
    conflicts   ${name}-devel
}

subport ${name}-devel {
    conflicts   ${name}

    version         6.2.0
    revision        0

    checksums       rmd160  720380420eaebfc5854578bc03cbaf038009145a \
                    sha256  63567e8f9f857ea868e50d8ef2e420371b313c4ee0a876b17b54991090c0d286 \
                    size    67816650
}

depends_build-append \
                    port:flex \
                    port:swig \
                    port:swig-python

depends_lib-append  port:bison \
                    port:curl \
                    port:libmagic \
                    port:libmaxminddb \
                    port:libpcap \
                    port:perl5 \
                    port:readline \
                    port:zlib

configure.args-append \
                    -DCMAKE_BUILD_WITH_INSTALL_RPATH:BOOL=OFF \
                    -DZEEK_ETC_INSTALL_DIR=${prefix}/etc/zeek \
                    -DZEEK_LOG_DIR=${prefix}/var/log/zeek \
                    -DZEEK_SPOOL_DIR=${prefix}/var/spool

variant universal   {}

compiler.cxx_standard   2017

# see https://trac.macports.org/ticket/60252
platforms {darwin >= 19}

configure.args-append \
                    -DCMAKE_VERBOSE_MAKEFILE:BOOL=ON

variant python38 conflicts python311 python39 python310 python312 description {Build using Python 3.8} {
    configure.args-append \
                    -DPYTHON_EXECUTABLE=${prefix}/bin/python3.8 \
                    -DPYTHON_CONFIG=${frameworks_dir}/Python.framework/Versions/3.8/lib/python3.8/config-3.8-darwin/python-config.py
    depends_lib-append  \
                    port:python38
}

variant python39 conflicts python311 python38 python310 python312 description {Build using Python 3.9} {
    configure.args-append \
                    -DPYTHON_EXECUTABLE=${prefix}/bin/python3.9 \
                    -DPYTHON_CONFIG=${frameworks_dir}/Python.framework/Versions/3.9/lib/python3.9/config-3.9-darwin/python-config.py
    depends_lib-append  \
                    port:python39
}

variant python310 conflicts python311 python38 python39 python312 description {Build using Python 3.10} {
    configure.args-append \
                    -DPYTHON_EXECUTABLE=${prefix}/bin/python3.10 \
                    -DPYTHON_CONFIG=${frameworks_dir}/Python.framework/Versions/3.10/lib/python3.10/config-3.10-darwin/python-config.py
    depends_lib-append  \
                    port:python310
}

variant python311 conflicts python38 python39 python310 python312 description {Build using Python 3.11} {
    configure.args-append \
                    -DPYTHON_EXECUTABLE=${prefix}/bin/python3.11 \
                    -DPYTHON_CONFIG=${frameworks_dir}/Python.framework/Versions/3.11/lib/python3.11/config-3.11-darwin/python-config.py
    depends_lib-append  \
                    port:python311
}

variant python312 conflicts python38 python39 python310 python311 description {Build using Python 3.12} {
    configure.args-append \
                    -DPYTHON_EXECUTABLE=${prefix}/bin/python3.12 \
                    -DPYTHON_CONFIG=${frameworks_dir}/Python.framework/Versions/3.12/lib/python3.12/config-3.12-darwin/python-config.py
    depends_lib-append  \
                    port:python312
}

if {![variant_isset python38] && ![variant_isset python39] && ![variant_isset python310] && ![variant_isset python311]} {
    default_variants \
                    +python312
}

post-destroot {
    delete {*}[glob ${destroot}${prefix}/etc/zeek/*.cfg]

    xinstall -d ${destroot}${prefix}/share/examples/${name}
    copy ${worksrcpath}/auxil/zeekctl/etc/node.cfg ${destroot}${prefix}/share/examples/${name}/
    copy ${worksrcpath}/auxil/zeekctl/etc/networks.cfg ${destroot}${prefix}/share/examples/${name}/
    copy ${worksrcpath}/auxil/zeekctl/etc/zeekctl.cfg.in ${destroot}${prefix}/share/examples/${name}/

    xinstall -d ${destroot}${prefix}/Library/LaunchDaemons/
    copy ${filespath}/org.macports.zeek.plist ${destroot}${prefix}/Library/LaunchDaemons/
    reinplace "s|%%PREFIX%%|${prefix}|g" ${destroot}${prefix}/Library/LaunchDaemons/org.macports.zeek.plist

    xinstall -d ${destroot}${prefix}/etc/${name}
    xinstall -d ${destroot}${prefix}/var/log/${name}
    xinstall -d ${destroot}${prefix}/var/spool/${name}
    destroot.keepdirs ${destroot}${prefix}/etc/${name} \
        ${destroot}${prefix}/var/log/${name} \
        ${destroot}${prefix}/var/spool/${name}
}

startupitem.create      yes
startupitem.netchange   yes
startupitem.start       "${prefix}/bin/zeekctl start"
startupitem.stop        "${prefix}/bin/zeekctl stop"
startupitem.restart     "${prefix}/bin/zeekctl restart"

post-activate {
    if {![file exists ${prefix}/etc/zeek/node.cfg]} {
        copy ${prefix}/share/examples/${name}/node.cfg ${prefix}/etc/zeek/node.cfg
    }
    if {![file exists ${prefix}/etc/zeek/networks.cfg]} {
        copy ${prefix}/share/examples/${name}/networks.cfg ${prefix}/etc/zeek/networks.cfg
    }
    if {![file exists ${prefix}/etc/zeek/zeekctl.cfg]} {
        copy ${prefix}/share/examples/${name}/zeekctl.cfg.in ${prefix}/etc/zeek/zeekctl.cfg
    }
}

# This doesn't work due to error: error: AF_UNIX path too long
# To manual test:
# sudo port build
# cd ${worksrcpath}/aux/btest/testing
# sudo make all
#
#test.run            yes
#test.target         all
#test.dir            ${worksrcpath}/aux/btest/testing

notes "
You'll need to set your ZEEKHOME to ${prefix}/share/zeek and your
ZEEKPATH to ${prefix}/share/zeek/site:${prefix}/share/zeek/policy
to use the provided policies.

Check online documentation to finish install
https://docs.zeek.org/en/stable/quickstart/index.html

1) review config: node.cfg, network.cfg, zeekctl.cfg
   especially network interface, MailTo
   Existing files have not been modified

2) Run as root or with sudo
     # zeekctl
     \[ZeekControl\] > install
     \[ZeekControl\] > start

3) Use scheduled task for maintenance
  # ln -s ${prefix}/Library/LaunchDaemons/org.macports.zeek.plist /Library/LaunchDaemons/
  # launchctl load -w /Library/LaunchDaemons/org.macports.zeek.plist


**** UPGRADING ****

Paths have been changed to respect macports hierarchy
${prefix}/etc -> ${prefix}/etc/zeek
${prefix}/spool -> ${prefix}/var/spool/zeek
${prefix}/logs -> ${prefix}/var/log/zeek
"

livecheck.type      regex
livecheck.url       https://zeek.org/get-zeek/
if {${subport} eq ${name}} {
    livecheck.regex     org/${name}-(6\.0\.\[0-9a-z.\]+)${extract.suffix}
} else {
    livecheck.regex     org/${name}-(\[0-9a-z.\]+)${extract.suffix}
}