1name: ossec-hids
2version: latest
3version-script: cat $SNAPCRAFT_STAGE/version
4summary: Security tool.
5description: An Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
6
7
8grade: devmode
9base: core18
10
11architectures:
12  - build-on: amd64
13
14parts:
15  gnome:
16    plugin: nil
17    build-packages:
18      - software-properties-common
19    override-pull: |
20      add-apt-repository -y ppa:ubuntu-desktop/gnome-3-28
21      apt -y update
22      apt -y upgrade
23
24  ossec-hids:
25    after:
26      - gnome
27    plugin: dump
28    source:
29      # ossec-hids is only available for i386 (x86) and amd64 (x86_64),
30      # so fail the build on other architectures.
31      - on amd64: https://updates.atomicorp.com/ossec-hids-agent_3.3.0-7681bionic_amd64.deb
32
33    source-type: deb
34    override-build: |
35      ARCHITECTURE=$(dpkg --print-architecture)
36      if [ "${ARCHITECTURE}" = "amd64" ]; then
37        DEB_API="https://updates.atomicorp.com/ossec-hids-agent_3.3.0-7681bionic_amd64.deb"
38      else
39        echo "ERROR! ossec-hids agent produces debs for amd64. Failing the build here."
40        exit 1
41      fi
42
43      DEB_URL=$(curl -w "%{url_effective}\n" -I -L -s -S "${DEB_API}" -o /dev/null)
44      VERSION=$(echo "${DEB_URL}" | cut -d'_' -f2)
45      echo $VERSION > $SNAPCRAFT_STAGE/version
46
47     - on amd64: https://updates.atomicorp.com/ossec-hids-server_3.3.0-6515bionic_amd64.deb
48
49    source-type: deb
50    override-build: |
51      ARCHITECTURE=$(dpkg --print-architecture)
52      if [ "${ARCHITECTURE}" = "amd64" ]; then
53        DEB_API="https://updates.atomicorp.com/ossec-hids-server_3.3.0-6515bionic_amd64.deb"
54      else
55        echo "ERROR! ossec-hids server produces debs for amd64. Failing the build here."
56        exit 1
57      fi
58
59      DEB_URL=$(curl -w "%{url_effective}\n" -I -L -s -S "${DEB_API}" -o /dev/null)
60      VERSION=$(echo "${DEB_URL}" | cut -d'_' -f2)
61      echo $VERSION > $SNAPCRAFT_STAGE/version
62
63      snapcraftctl build
64    build-packages:
65      - curl
66      - dpkg
67      - sed
68    stage-packages:
69      - fcitx-frontend-gtk3
70      - gvfs-libs
71      - libasound2
72      - libgconf-2-4
73      - libglib2.0-bin
74      - libgnome-keyring0
75      - libgtk-3-0
76      - libnotify4
77      - libnspr4
78      - libnss3
79      - libpcre3
80      - libpulse0
81      - libsecret-1-0
82      - libxss1
83      - libxtst6
84      - yad
85      - zlib1g
86    prime:
87      - -usr/share/doc
88      - -usr/share/fonts
89      - -usr/share/icons
90      - -usr/share/lintian
91      - -usr/share/man
92
93  wrapper:
94    after:
95      - ossec-hids
96    plugin: dump
97    source: files/
98
99apps:
100  ossec-hids:
101    command: bin/wrapper $SNAP/usr/share/ossec/bin/ossec
102    desktop: usr/share/applications/ossec.desktop
103    environment:
104      # Fallback to XWayland if running in a Wayland session.
105      DISABLE_WAYLAND: 1
106      GSETTINGS_SCHEMA_DIR: $SNAP/usr/share/glib-2.0/schemas
107
108  url-handler:
109    command: bin/wrapper $SNAP/usr/share/ossec/bin/ossec --open-url
110    desktop: usr/share/applications/ossec-url-handler.desktop
111    environment:
112      # Fallback to XWayland if running in a Wayland session.
113      DISABLE_WAYLAND: 1
114      GSETTINGS_SCHEMA_DIR: $SNAP/usr/share/glib-2.0/schemas
115