%define relabel_files() \
restorecon -R /usr/bin/surrogator; \
restorecon -R /var/cache/surrogator; \
restorecon -R /var/lib/surrogator; \

%define selinux_policyver 39.6-1

Name:       surrogator
Summary:    Simple open source Libravatar compatible avatar image server written in PHP
Version:    0.3.0
Release:    10%{?dist}
Group:      System Environment/Daemons
License:    AGPL-3.0-or-later

Source0:    surrogator-%{version}.tar.bz2
Source1:    surrogator.config.php
Source2:    surrogator.conf
Source3:    README-Fedora
Source4:    surrogator.te
Source5:    surrogator.if
Source6:    surrogator.fc


URL:        https://sourceforge.net/p/surrogator/wiki/Home/
Requires:   php >= 5
Requires:   surrogator-selinux
BuildArch:  noarch

%description
Simple open source Libravatar compatible avatar image server written
in PHP.

Features:
* Delivers images for email addresses
* Very easy to setup.
* No graphics processing is done on the server,
  keeping the CPU load low. All avatar images get
  pre-generated for a set of sizes
* If no image at the user requested size is found,
  the next larger image gets returned.
* Supports the mm fallback image (mystery man)

%package httpd
Summary:            A httpd config to enable surrogator on an Apache server
Requires:           surrogator
Requires:           webserver

%description httpd
Simple open source Libravatar compatible avatar image server written
in PHP.
This package contains an http config file that enables the service on
an Apache server.

%package selinux
Summary:            SELinux policy module for surrogator
Group:              System Environment/Base

Requires:           libselinux-utils
Requires(post):     selinux-policy-base >= %{selinux_policyver}, policycoreutils-python-utils
Requires(postun):   policycoreutils-python-utils
BuildRequires:      selinux-policy-devel
BuildArch:          noarch

%description selinux
This package installs and sets up the  SELinux policy security module 
for surrogator.


%prep
%setup -q
cp %{SOURCE1} surrogator.config.php
cp %{SOURCE2} surrogator.conf
cp %{SOURCE3} README-Fedora
cp %{SOURCE4} surrogator.te
cp %{SOURCE5} surrogator.if
cp %{SOURCE6} surrogator.fc

%build selinux
make -f %{_datadir}/selinux/devel/Makefile %{name}.pp
bzip2 -9 %{name}.pp

%install
install -dm 755 %{buildroot}
install -Dm 644 -t %{buildroot}%{_sysconfdir} %{SOURCE1}
install -Dm 644 -t %{buildroot}%{_docdir}/%{name} %{SOURCE3}
install -Dm 644 -t %{buildroot}%{_sysconfdir}/httpd/conf.d %{SOURCE2}
install -Dm 644 -t %{buildroot}%{_datadir}/%{name}/res res/*.png res/*.svg
install -Dm 644 -t %{buildroot}%{_datadir}/%{name}/www www/avatar.php res/www/*
install -dm 755 %{buildroot}%{_var}/cache/%{name}
install -dm 755 %{buildroot}%{_sharedstatedir}/%{name}
install -Dm 755 surrogator.php %{buildroot}%{_bindir}/%{name}
install -Dm 644 -t %{buildroot}%{_datadir}/%{name}/www www/avatar.php res/www/*

install -Dm 644 -t %{buildroot}%{_datadir}/selinux/packages %{name}.pp.bz2
install -Dm 644 -t %{buildroot}%{_datadir}/selinux/devel/include/contrib/ %{SOURCE5}

%post selinux
semodule -n -i %{_datadir}/selinux/packages/surrogator.pp
sepolicy manpage --domain surrogator_t
if /usr/sbin/selinuxenabled ; then
    /usr/sbin/load_policy
    %relabel_files

fi;
exit 0

%postun selinux
if [ $1 -eq 0 ]; then
    semodule -n -r surrogator
    if /usr/sbin/selinuxenabled ; then
       /usr/sbin/load_policy
       %relabel_files

    fi;
fi;
exit 0


%files
%defattr(-,root,root)
%{_datadir}/%{name}
%{_var}/cache/%{name}
%{_sharedstatedir}/%{name}
%{_bindir}/%{name}
%config(noreplace) %{_sysconfdir}/%{name}.config.php
%doc README.rst
%doc data/%{name}.config.php.dist
%doc %{_docdir}/%{name}/*
%license LICENSE

%files httpd
%config(noreplace) %{_sysconfdir}/httpd/conf.d/%{name}.conf
%license LICENSE

%files selinux
%attr(0600,root,root) %{_datadir}/selinux/packages/surrogator.pp.bz2
%{_datadir}/selinux/devel/include/contrib/surrogator.if
%ghost %{_mandir}/man8/surrogator_selinux.8.gz

%changelog
* Mon May 20 2024 Daniel Demus <daniel@demus.dk> - 0.3.0-8
- Add selinux targeted policy
* Sat May 18 2024 Daniel Demus <daniel@demus.dk> - 0.3.0-7
- Add final slash to cache directory path
* Sun Nov 19 2023 Daniel Demus <daniel@demus.dk> - 0.3.0-6
- Correct DocumentRoot
* Sun Nov 19 2023 Daniel Demus <daniel@demus.dk> - 0.3.0-5
- Add Location section to allow all in apache config
* Wed Nov 15 2023 Daniel Demus <daniel@demus.dk> - 0.3.0-4
- Correct license
* Wed Nov 15 2023 Daniel Demus <daniel@demus.dk> - 0.3.0-3
- Remove invalid RewriteBase directive from apache config
* Wed Nov 15 2023 Daniel Demus <daniel@demus.dk> - 0.3.0-2
- Require only webserver in the base package
* Wed Nov 15 2023 Daniel Demus <daniel@demus.dk> - 0.3.0-1
- Require base package in the httpd config package
* Mon Oct 30 2023 Daniel Demus <daniel@demus.dk> - 0.3.0-0
- First package