%global selinuxtype targeted
%global semodulename %{name}

Name:           scaleway-ecosystem
Version:        0.0.10
Release:        1
Summary:        Scaleway Cloud Ecosystem

Group:          System Environment/Base
License:        Dual-licensed GPLv3 or Apache 2.0
URL:            https://www.scaleway.com

Source0:        scaleway-ecosystem-%{version}.tgz

BuildArch:      noarch
BuildRoot:      %{_tmppath}

Requires:       cloud-init >= 23.2, curl, systemd
Requires:       (%{name}-selinux if selinux-policy-%{selinuxtype})
%if 0%{?rhel} == 8
Requires:       python36
%else
Requires:       python3
%endif
%{?systemd_requires}

BuildRequires:  systemd-rpm-macros

%description
Scaleway Ecosystem is a set of scripts and systemd units designed to
customize the Cloud image to fit Scaleway's environment.

%prep
%setup -q -n scaleway-ecosystem-%{version}

%if 0%{?fedora} >= 40
pushd _resources/selinux/modules/
sed -i 's#^/var/run#/run#' %{semodulename}/*.fc
popd
%endif

%build
pushd _resources/selinux/modules/%{semodulename}
make -f %{_datadir}/selinux/devel/Makefile %{semodulename}.pp
bzip2 -9 %{semodulename}.pp
popd

%install
cp -pr etc $RPM_BUILD_ROOT
cp -pr usr $RPM_BUILD_ROOT
cp -pr lib $RPM_BUILD_ROOT

pushd _resources/selinux/modules/%{semodulename}
install -D -m 0644 %{semodulename}.pp.bz2 \
    $RPM_BUILD_ROOT/%{_datadir}/selinux/packages/%{selinuxtype}/%{semodulename}.pp.bz2
install -D -p -m 0644 %{semodulename}.if \
    $RPM_BUILD_ROOT/%{_datadir}/selinux/devel/include/distributed/%{semodulename}.if
popd

%clean
rm -rf $RPM_BUILD_ROOT

%post
systemd-tmpfiles --create scaleway-ecosystem.conf

%systemd_post scw-net-reconfig.path
%systemd_post scw-signal-booted.service
%systemd_post scw-generate-ssh-keys.service
%systemd_post scw-fetch-ssh-keys.service
%systemd_post vpc-iface@.service

#
#  Make sure that the gateway to api-metadata is present
#
ip r | grep -q 169.254.42.42
ret=$?
if [ "$ret" = "0" ];then
    exit 0
fi
proto="$(grep net_in_use /run/cloud-init/instance-data.json | cut -d":" -f2)"
PRIVATE_IP=$(grep private_ip /run/cloud-init/instance-data.json | cut -d":" -f2 | sed 's/[", ]//g')
if [ -z "$proto" ] && [ "$PRIVATE_IP" = "null" ];then        # No public IP
    gw_route=""
    vpc_nic=""
fi
if [ "$PRIVATE_IP" != "null" ];then
    if [ "${proto# \"ipv4}" != "$proto" ];then
        gw_route=$(ip r | grep "169.254.42.42" || true)
        PREFIX=${PRIVATE_IP%.*}
        # On some Fedora distro the gateway is wrongly set on the VPC nic
        priv_nic=$(ip a | grep inet | grep $PREFIX | awk '{print $NF}' || true)
        vpc_nic=$(ip l | grep "ether 02:00" || true)
        eth0_in_route=$(echo $gw_route | grep $priv_nic || true)
        if [ "$eth0_in_route" = "" ] && [ "$vpc_nic" != "" ];then
            SUFFIX=${PRIVATE_IP#${PREFIX}.}
            last=`expr $SUFFIX - 1`
            gateway4="$PREFIX.$last"
            ip route del 169.254.42.42 || true
            ip route add 169.254.42.42/32 via ${gateway4} dev $priv_nic || true
        fi
    fi
fi

%preun
%systemd_preun scw-net-reconfig.path
%systemd_preun scw-signal-booted.service
%systemd_preun scw-generate-ssh-keys.service
%systemd_preun scw-fetch-ssh-keys.service

%files
%defattr(0644,root,root,0755)

%config /etc/cloud/cloud.cfg.d/90_scaleway.cfg
%config /etc/sysctl.d/99-scaleway.conf
%config /etc/systemd/system-preset/00-scaleway-ecosystem.preset
%config /etc/hosts.default
%attr(0755,-,-) /etc/NetworkManager/dispatcher.d/pre-up.d/scw-update_vpc_metric.sh
%attr(0755,-,-) /etc/NetworkManager/dispatcher.d/scw-metadata

%attr(0755,-,-) /usr/bin/scw*
%attr(0755,-,-) /usr/sbin/ifup-local
%attr(0755,-,-) /usr/sbin/scw*
/usr/bin/oc*
/usr/sbin/oc*

/lib/systemd/system/scw-net-reconfig.*
/lib/systemd/system/scw-fetch-ssh-keys.service
/lib/systemd/system/scw-generate-ssh-keys.service
/lib/systemd/system/scw-signal-booted.service
/lib/systemd/system/scw-vpc-iface@.service
/lib/tmpfiles.d/scaleway-ecosystem.conf
/lib/udev/rules.d/72-scw-vpc-iface.rules

%package selinux
Summary: SELinux policy modules for %{name}
Requires: selinux-policy-%{selinuxtype}
Requires(post): selinux-policy-%{selinuxtype}
BuildRequires: selinux-policy-devel
%{?selinux_requires}

%description selinux
SELinux policy modules for %{name}

%pre selinux
%selinux_relabel_pre -s %{selinuxtype}

%post selinux
%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/%{semodulename}.pp.bz2

%postun selinux
if [ $1 -eq 0 ]; then
    %selinux_modules_uninstall -s %{selinuxtype} %{semodulename}
fi

%posttrans selinux
%selinux_relabel_post -s %{selinuxtype}

%files selinux
%defattr(0644,root,root,0755)
%{_datadir}/selinux/packages/%{selinuxtype}/%{semodulename}.pp.*
%{_datadir}/selinux/devel/include/distributed/%{semodulename}.if
%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{semodulename}

%changelog
* Thu Dec 19 2024 Fabien Malfoy <fmalfoy@scaleway.com> - 0.0.10-1
- fix(net-reconf): support new logging mechanism in cloud-init >= 24.4

* Wed Oct 30 2024 Fabien Malfoy <fmalfoy@scaleway.com> - 0.0.9-1
- fix: Fix curl writeout variable http_code character case

* Thu Oct 10 2024 Fabien Malfoy <fmalfoy@scaleway.com> - 0.0.8-1
- fix(vpc): remove BindsTo from the scw-vpc-iface systemd unit

* Tue Oct 1 2024 Fabien Malfoy <fmalfoy@scaleway.com> - 0.0.7-1
- feat: Implement network hot-reconfiguration

* Mon Apr 22 2024 Louis Bouchard <lbouchard@scaleway.com> - 0.0.6-15
- No Change release to sync with powershell package changes

* Thu Mar 14 2024 Fabien Malfoy <fmalfoy@scaleway.com> - 0.0.6-14
- fix(scw-metadata): Exit successfully despite unfound key

* Thu Feb 29 2024 Fabien Malfoy <fmalfoy@scaleway.com> - 0.0.6-13
- No change release to stay in sync with the Debian package

* Tue Feb 27 2024 Alexis Dambricourt <adambricourt@scaleway.com> - 0.0.6-12
- No change release to stay in sync with the Debian package

* Mon Jan 29 2024 Fabien Malfoy <fmalfoy@scaleway.com> - 0.0.6-11
- refactor: Remove wget support, use curl only
- feat: Add the scw-get-metadata-host script
- refactor: Rely on scw-get-metadata-host in scripts
- refactor: Remove empty PRIVATE_IP tests
- refactor: Use bash for scripts

* Tue Jan 9 2024 Fabien Malfoy <fmalfoy@scaleway.com> - 0.0.6-10
- fix: Remove the scw-set-hostname.service systemd unit
- feat: Let cloud-init handle the /etc/hosts file
- Rework the scw-metadata and related scripts
- Mark relevant files as configuration files
- style: Standardize indentation in scripts
- feat: Use a finite retry loop for scripts reaching API metadata

* Mon Nov 27 2023 Louis Bouchard <lbouchard@scaleway.com> - 0.0.6-9
- fix: Remove useless PRIVATE_IP test

* Fri Oct 27 2023 Louis Bouchard <lbouchard@scaleway.com> - 0.0.6-8
- fix: Add api-metadata timeout when unreachable
- feat: Add support for missing curl in scw-metadata-json

* Fri Jul 28 2023 Louis Bouchard <lbouchard@scaleway.com> - 0.0.6-3
- only re-up the connection if the metric is incorrect
- simplify api-metadata route install
- Add metadata fix for VPC in CentOS 7

* Wed Jun 14 2023 Louis Bouchard <lbouchard@scaleway.com> - 0.0.6-2
- Reinstate BindsTo removal patch

* Tue Feb 7 2023 Louis Bouchard <lbouchard@scaleway.com> - 0.0.6-1
- Use separate repository to host scaleway-ecosystem scripts

* Tue Aug 30 2022 Maxime Corbin <mcorbin@scaleway.com> - 0.0.5-7
- Fix issue with VPC without Public Gateways in NM dispatcher scripts

* Thu Jul 28 2022 Maxime Corbin <mcorbin@scaleway.com> - 0.0.5-7
- Replace metadata api route instead of adding it in ifupdown scripts

* Fri Jul 22 2022 Maxime Corbin <mcorbin@scaleway.com> - 0.0.5-6
- Update vpc scripts to use nmcli in cases where ifup isn't available.

* Tue Apr 19 2022 Louis Bouchard <lbouchard@scaleway.com> - 0.0.5-5
- No change release to stay in sync with debian packaging

* Fri Feb 25 2022 Maxime Corbin <mcorbin@scaleway.com> - 0.0.5-4
- Improve scw-fetch-ssh-keys to be atomic.

* Thu Jan 20 2022 Louis Bouchard <lbouchard@scaleway.com> - 0.0.5-3
- Remove BindTo statement from scw-vpc-iface@.service :
  The NIC does not come up on Ubuntu Focal otherwise. Tested
  OK on other distributions.

* Tue Sep 28 2021 Louis Bouchard <lbouchard@scaleway.com> - 0.0.5-1
- No change release to stay in sync with debian packaging

* Fri Aug 27 2021 Mathieu Poussin <mpoussin@scaleway.com> - 0.0.4-2
- Remove dependencies on systemd-units (fix broken dependencies for openSUSE)

* Thu Apr 15 2021 Louis Bouchard <lbouchard@scaleway.com> - 0.0.4
- Implement support for VPC GW
  - Add vpc-gateway config scripts
  - include alternative udev rules in install
  - Parametrize file name for centos udev rules
  - Use only ifup for vpc iface scripts, detect ifupdown file extension
    to be set or not
  - Make vpc udev rules run before any ifupdown rules
  - Disabling cloud-init's udev rules for ifupdown as it conflicts with
    our boot process when a vpc iface is plugged
- Remove root password generation

* Fri Nov 20 2020 Louis Bouchard <lbouchard@scaleway.com> - 0.0.3
- No change release to raise the version number to stay in sync
  with the DEV version

* Tue Oct 20 2020 Louis Bouchard <lbouchard@scaleway.com> - 0.0.2
- Move files out of /usr/local
- Move systemd units for proper installation
- Handle cleanup to prior version if pkg removed

* Mon Sep 21 2020 Louis Bouchard <lbouchard@scaleway.com> - 0.0.1
- Set ownership on Scaleway specific files
- Force 0755 on /usr