security/crowdsec: Update to 1.4.3

ChangeLog:	https://github.com/crowdsecurity/crowdsec/releases/tag/v1.4.2
PR:		267808

8 files changed, 57 insertions, 36 deletions

diff --git a/security/crowdsec/Makefile b/security/crowdsec/Makefile
index c1d883899860..07a402553fda 100644
--- a/security/crowdsec/Makefile
+++ b/security/crowdsec/Makefile
@@ -1,7 +1,6 @@
 PORTNAME=	crowdsec
 DISTVERSIONPREFIX=	v
-DISTVERSION=	1.4.1
-PORTREVISION=	3
+DISTVERSION=	1.4.3
 CATEGORIES=	security
 
 MAINTAINER=	marco@crowdsec.net
@@ -13,22 +12,24 @@ LICENSE_FILE=	${WRKSRC}/LICENSE
 
 BUILD_DEPENDS=	git:devel/git@lite
 
-USES=		gmake go:no_targets
+USES=		gmake go:1.19,no_targets
 
 USE_GITHUB=	yes
 GH_ACCOUNT=	crowdsecurity
 GH_PROJECT=	crowdsec
 GH_TAGNAME=	${DISTVERSIONFULL}-freebsd
-_BUILD_TAG=	527995f
+_BUILD_TAG=	8a738f5b
 USE_RC_SUBR=	crowdsec
 
-MAKE_ENV=	BUILD_VERSION="${DISTVERSIONFULL}" \
+MAKE_ARGS=	BUILD_VERSION="${DISTVERSIONFULL}" \
 		BUILD_TAG="${_BUILD_TAG}" \
+		BUILD_VENDOR_FLAGS="-mod=vendor -modcacherw" \
 		DEFAULT_CONFIGDIR="${PREFIX}/etc/crowdsec" \
 		DEFAULT_DATADIR="/var/db/crowdsec/data"
+
 ALL_TARGET=	build
 
-SUB_FILES=	pkg-deinstall pkg-install pkg-message
+SUB_FILES=	pkg-deinstall pkg-install pkg-message crowdsec.cron upgrade-hub
 
 OPTIONS_DEFINE=	FIREWALL_BOUNCER
 OPTIONS_DEFAULT=
@@ -42,12 +43,10 @@ STAGE_BIN=	${STAGEDIR}${PREFIX}/bin
 
 post-patch:
 	@${REINPLACE_CMD} 's,/etc/crowdsec/,${ETCDIR}/,g' \
-		${WRKSRC}/config/config.yaml \
-		${WRKSRC}/config/profiles.yaml
+		${WRKSRC}/config/config.yaml
 
 	@${REINPLACE_CMD} 's,/var/lib/,/var/db/,g' \
-		${WRKSRC}/config/config.yaml \
-		${WRKSRC}/config/profiles.yaml
+		${WRKSRC}/config/config.yaml
 
 do-install:
 	#
@@ -125,18 +124,31 @@ do-install:
 	@${MKDIR} ${STAGEDIR}/var/db/crowdsec/data
 
 	#
+	# Cron
+	#
+
+	@${MKDIR} ${STAGEDIR}${PREFIX}/libexec/crowdsec
+	${INSTALL_DATA} ${WRKDIR}/upgrade-hub \
+		${STAGEDIR}${PREFIX}/libexec/crowdsec/upgrade-hub
+
+	#
 	# Cleanup
 	#
 
+	@${RM} ${STAGEDIR}${ETCDIR}/acquis_win.yaml
+	@${RM} ${STAGEDIR}${ETCDIR}/config_win_no_lapi.yaml
+	@${RM} ${STAGEDIR}${ETCDIR}/config_win.yaml
+	@${RM} ${STAGEDIR}${ETCDIR}/crowdsec.cron.daily
 	@${RM} ${STAGEDIR}${ETCDIR}/crowdsec.service
 	@${RM} ${STAGEDIR}${ETCDIR}/dev.yaml
 	@${RM} ${STAGEDIR}${ETCDIR}/user.yaml
-	@${RM} ${STAGEDIR}${ETCDIR}/acquis_win.yaml
-	@${RM} ${STAGEDIR}${ETCDIR}/config_win.yaml
-	@${RM} ${STAGEDIR}${ETCDIR}/config_win_no_lapi.yaml
 	@${RMDIR} ${STAGEDIR}${ETCDIR}/notifications/email
 	@${RMDIR} ${STAGEDIR}${ETCDIR}/notifications/http
 	@${RMDIR} ${STAGEDIR}${ETCDIR}/notifications/slack
 	@${RMDIR} ${STAGEDIR}${ETCDIR}/notifications/splunk
 
+post-install:
+	@${MKDIR} ${STAGEDIR}${PREFIX}/etc/cron.d
+	${INSTALL_DATA} ${WRKDIR}/crowdsec.cron ${STAGEDIR}${PREFIX}/etc/cron.d/crowdsec
+
 .include <bsd.port.mk>
diff --git a/security/crowdsec/distinfo b/security/crowdsec/distinfo
index f003aa1d1b01..2700819fc7cc 100644
--- a/security/crowdsec/distinfo
+++ b/security/crowdsec/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1658844897
-SHA256 (crowdsecurity-crowdsec-v1.4.1-v1.4.1-freebsd_GH0.tar.gz) = a05e75838f4c4e87906ab6df846cc73b4701f6460834e35e5b64b7774e16bb63
-SIZE (crowdsecurity-crowdsec-v1.4.1-v1.4.1-freebsd_GH0.tar.gz) = 20805956
+TIMESTAMP = 1669821186
+SHA256 (crowdsecurity-crowdsec-v1.4.3-v1.4.3-freebsd_GH0.tar.gz) = b7341939db304a21c0920bc9b8e89d589dfff5da83ea4c54b3d1fc46b9eea2c3
+SIZE (crowdsecurity-crowdsec-v1.4.3-v1.4.3-freebsd_GH0.tar.gz) = 21310998
diff --git a/security/crowdsec/files/crowdsec.cron.in b/security/crowdsec/files/crowdsec.cron.in
new file mode 100644
index 000000000000..30df05dc2199
--- /dev/null
+++ b/security/crowdsec/files/crowdsec.cron.in
@@ -0,0 +1,2 @@
+#minute	hour	mday	month	wday	who	command
+0       3       *       *       *       root    %%PREFIX%%/libexec/crowdsec/upgrade-hub
diff --git a/security/crowdsec/files/patch-Makefile b/security/crowdsec/files/patch-Makefile
deleted file mode 100644
index 68ea23023ecf..000000000000
--- a/security/crowdsec/files/patch-Makefile
+++ /dev/null
@@ -1,12 +0,0 @@
---- Makefile.orig	2022-02-10 09:11:04 UTC
-+++ Makefile
-@@ -58,8 +58,8 @@ LD_OPTS_VARS= \
- -X github.com/crowdsecurity/crowdsec/pkg/csconfig.defaultConfigDir=$(DEFAULT_CONFIGDIR) \
- -X github.com/crowdsecurity/crowdsec/pkg/csconfig.defaultDataDir=$(DEFAULT_DATADIR)
- 
--export LD_OPTS=-ldflags "-s -w $(LD_OPTS_VARS)"
--export LD_OPTS_STATIC=-ldflags "-s -w $(LD_OPTS_VARS) -extldflags '-static'"
-+export LD_OPTS=-mod vendor -modcacherw -ldflags "-s -w $(LD_OPTS_VARS)"
-+export LD_OPTS_STATIC=-mod vendor -modcacherw -ldflags "-s -w $(LD_OPTS_VARS) -extldflags '-static'"
- 
- RELDIR = crowdsec-$(BUILD_VERSION)
diff --git a/security/crowdsec/files/pkg-deinstall.in b/security/crowdsec/files/pkg-deinstall.in
index 4fdfd0b04d72..4cee7a613b84 100644
--- a/security/crowdsec/files/pkg-deinstall.in
+++ b/security/crowdsec/files/pkg-deinstall.in
@@ -2,8 +2,8 @@
 
 case $2 in
        "DEINSTALL")
-               service crowdsec status && touch /var/run/crowdsec.running
-               service crowdsec stop || :
+               service crowdsec status 2>/dev/null && touch /var/run/crowdsec.running
+               service crowdsec stop 2>/dev/null || :
                ;;
 esac
 
diff --git a/security/crowdsec/files/pkg-message.in b/security/crowdsec/files/pkg-message.in
index 0f59a21a5980..2fa6c08f4b30 100644
--- a/security/crowdsec/files/pkg-message.in
+++ b/security/crowdsec/files/pkg-message.in
@@ -7,7 +7,7 @@ crowdsec is installed.
 You need to check/edit the following files in %%ETCDIR%% as described in https://doc.crowdsec.net/docs/configuration/crowdsec_configuration
 
  - config.yaml: main configuration
- - acquis.yaml: where to find logs to parse (this port does not include automatic discovery of the running services)
+ - acquis.yaml, acquis.d: datasource configuration (this port does not include automatic discovery of the running services)
  - profiles.yaml: remediation policies (ban, duration, etc)
 
 Then you can enable the daemon via sysrc and run it.
diff --git a/security/crowdsec/files/upgrade-hub.in b/security/crowdsec/files/upgrade-hub.in
new file mode 100644
index 000000000000..450dc8af96cc
--- /dev/null
+++ b/security/crowdsec/files/upgrade-hub.in
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+test -x /usr/local/bin/cscli || exit 0
+
+# favor the opnsense plugin's cron if it's there
+test -e /usr/local/etc/cron.d/oscrowdsec.cron && exit 0
+
+/usr/local/bin/cscli --error hub update
+
+upgraded=$(/usr/local/bin/cscli --error hub upgrade)
+if [ -n "$upgraded" ]; then
+    # splay initial metrics push
+    sleep $(jot -r 1 1 60)
+    service crowdsec reload
+fi
+
+exit 0
diff --git a/security/crowdsec/pkg-plist b/security/crowdsec/pkg-plist
index 730535931c6d..3e3566388844 100644
--- a/security/crowdsec/pkg-plist
+++ b/security/crowdsec/pkg-plist
@@ -2,19 +2,20 @@
 bin/crowdsec
 bin/cscli
 bin/crowdsec-cli
+libexec/crowdsec/upgrade-hub
 @mode 0600
+@sample %%ETCDIR%%/config.yaml.sample
 @sample %%ETCDIR%%/local_api_credentials.yaml.sample
 @sample %%ETCDIR%%/online_api_credentials.yaml.sample
+@sample %%ETCDIR%%/notifications/email.yaml.sample
+@sample %%ETCDIR%%/notifications/http.yaml.sample
+@sample %%ETCDIR%%/notifications/slack.yaml.sample
+@sample %%ETCDIR%%/notifications/splunk.yaml.sample
 @mode 0644
 @sample %%ETCDIR%%/acquis.yaml.sample
-@sample %%ETCDIR%%/config.yaml.sample
 @sample %%ETCDIR%%/console.yaml.sample
 @sample %%ETCDIR%%/profiles.yaml.sample
 @sample %%ETCDIR%%/simulation.yaml.sample
-@sample %%ETCDIR%%/notifications/email.yaml.sample
-@sample %%ETCDIR%%/notifications/http.yaml.sample
-@sample %%ETCDIR%%/notifications/slack.yaml.sample
-@sample %%ETCDIR%%/notifications/splunk.yaml.sample
 %%ETCDIR%%/patterns/aws
 %%ETCDIR%%/patterns/bacula
 %%ETCDIR%%/patterns/bro
@@ -39,6 +40,7 @@ bin/crowdsec-cli
 %%ETCDIR%%/patterns/smb
 %%ETCDIR%%/patterns/ssh
 %%ETCDIR%%/patterns/tcpdump
+etc/cron.d/crowdsec
 @mode 0755
 lib/crowdsec/plugins/notification-email
 lib/crowdsec/plugins/notification-http