diff options
author | Tomoyuki Sakurai <trombik1973@gmail.com> | 2021-10-18 16:38:27 +0000 |
---|---|---|
committer | Yuri Victorovich <yuri@FreeBSD.org> | 2021-10-18 16:54:28 +0000 |
commit | a6dddfbc3b259aaec389e8314b703851e7c8eb68 (patch) | |
tree | ad59449011d72a9b1847d66dafd91ca505a0299d | |
parent | e6b9ebac9ebb06ae964e1680fcdb6f2bdf6b35ee (diff) | |
download | ports-a6dddfbc3b259aaec389e8314b703851e7c8eb68.tar.gz ports-a6dddfbc3b259aaec389e8314b703851e7c8eb68.zip |
security/cfssl: Add the RC script to start as a daemon to run the HTTP-based API server
The API endpoint is 127.0.0.1:8888.
PR: 259247
-rw-r--r-- | GIDs | 2 | ||||
-rw-r--r-- | UIDs | 2 | ||||
-rw-r--r-- | security/cfssl/Makefile | 20 | ||||
-rw-r--r-- | security/cfssl/files/cfssl.in | 38 | ||||
-rw-r--r-- | security/cfssl/pkg-plist | 9 |
5 files changed, 68 insertions, 3 deletions
@@ -815,7 +815,7 @@ opensearch:*:855: bitmark:*:872: bitmark-recorder:*:873: librespeed:*:874: -# free: 875 +cfssl:*:875: _lms:*:876: gemserv:*:877: gerbera:*:878: @@ -820,7 +820,7 @@ archiva:*:871:871::0:0:Apache Archiva Daemon:/nonexistent:/usr/sbin/nologin bitmark:*:872:872::0:0:Bitmark Property System:/var/lib/bitmarkd:/usr/sbin/nologin bitmark-recorder:*:873:873::0:0:Bitmark Property Recorder:/var/lib/recorderd:/usr/sbin/nologin librespeed:*:874:874::0:0:LibreSpeed user:/nonexistent:/usr/sbin/nologin -# free: 875 +cfssl:*:875:875::0:0:cfssl user:/nonexistent:/usr/sbin/nologin _lms:*:876:876::0:0:Lightweight Music Server user:/nonexistent:/usr/sbin/nologin gemserv:*:877:877::0:0:gemserv user:/nonexistent:/usr/sbin/nologin gerbera:*:878:878::0:0:Gerbera DLNA Media Server:/nonexistent:/usr/sbin/nologin diff --git a/security/cfssl/Makefile b/security/cfssl/Makefile index b01b21076a1c..1aa20f12bd19 100644 --- a/security/cfssl/Makefile +++ b/security/cfssl/Makefile @@ -1,6 +1,7 @@ PORTNAME= cfssl DISTVERSIONPREFIX= v DISTVERSION= 1.6.1 +PORTREVISION= 1 CATEGORIES= security MAINTAINER= yuri@FreeBSD.org @@ -19,12 +20,20 @@ EXES= cfssl cfssl-bundle cfssl-certinfo cfssl-newkey cfssl-scan cfssljson mkbun PLIST_FILES= ${EXES:S/^/bin\//} +CFSSL_EXTRA_TARGETS= bin/goose +PLIST_FILES+= ${CFSSL_EXTRA_TARGETS} +USE_RC_SUBR= ${PORTNAME} +USERS= cfssl +GROUPS= cfssl +# installs a file to the same path +CONFLICTS= goose + pre-configure: ${REINPLACE_CMD} -e 's|%%DISTVERSION%%|${DISTVERSION}|g' ${WRKSRC}/cli/version/version.go # the project uses Makefile for build and installation do-build: - @cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${GO_ENV} ${MAKE_CMD} ${MAKE_FLAGS} ${MAKEFILE} ${_MAKE_JOBS} all + @cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${GO_ENV} ${MAKE_CMD} ${MAKE_FLAGS} ${MAKEFILE} ${_MAKE_JOBS} all ${CFSSL_EXTRA_TARGETS} do-install: # Makefile is used but the install target uses go install. @@ -33,4 +42,13 @@ do-install: ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/${F} .endfor + ${INSTALL} -d ${STAGEDIR}${DATADIR} +.for D in certdb/sqlite certdb/pg certdb/mysql + cd ${WRKSRC} && ${COPYTREE_SHARE} ${D} ${STAGEDIR}${DATADIR} +.endfor + +.for F in ${CFSSL_EXTRA_TARGETS} + ${INSTALL_PROGRAM} ${WRKSRC}/${F} ${STAGEDIR}/${PREFIX}/${F} +.endfor + .include <bsd.port.mk> diff --git a/security/cfssl/files/cfssl.in b/security/cfssl/files/cfssl.in new file mode 100644 index 000000000000..1779ae0252c0 --- /dev/null +++ b/security/cfssl/files/cfssl.in @@ -0,0 +1,38 @@ +#!/bin/sh + +# PROVIDE: cfssl +# REQUIRE: LOGIN +# KEYWORD: shutdown + +# Add the following lines to /etc/rc.conf to enable `cfssl': +# +# cfssl_enable="YES" +# +# An example cfssl_flags: +# cfssl_flags="-db-config /usr/local/etc/ssl/db.json -ca /usr/local/etc/ssl/ca.pem -ca-key /usr/local/etc/ssl/ca-key.pem -config /usr/local/etc/ssl/ca-config.json" +# + +. /etc/rc.subr + +name="cfssl" +rcvar=cfssl_enable + +load_rc_config "$name" +: ${cfssl_enable="NO"} +: ${cfssl_flags:=""} + +command="/usr/sbin/daemon" +cfssl_command="%%PREFIX%%/bin/cfssl" +cfssl_user="cfssl" +pidfile="/var/run/$name.pid" +flags=" " +command_args="-S -p ${pidfile} ${cfssl_command} serve ${cfssl_flags}" +procname="%%PREFIX%%/bin/cfssl" +start_precmd="cfssl_precmd" + +cfssl_precmd() +{ + install -o ${cfssl_user} /dev/null ${pidfile} +} + +run_rc_command "$1" diff --git a/security/cfssl/pkg-plist b/security/cfssl/pkg-plist new file mode 100644 index 000000000000..5612f39af661 --- /dev/null +++ b/security/cfssl/pkg-plist @@ -0,0 +1,9 @@ +%%DATADIR%%/certdb/mysql/dbconf.yml +%%DATADIR%%/certdb/mysql/migrations/001_CreateCertificates.sql +%%DATADIR%%/certdb/mysql/migrations/002_AddMetadataToCertificates.sql +%%DATADIR%%/certdb/pg/dbconf.yml +%%DATADIR%%/certdb/pg/migrations/001_CreateCertificates.sql +%%DATADIR%%/certdb/pg/migrations/002_AddMetadataToCertificates.sql +%%DATADIR%%/certdb/sqlite/dbconf.yml +%%DATADIR%%/certdb/sqlite/migrations/001_CreateCertificates.sql +%%DATADIR%%/certdb/sqlite/migrations/002_AddMetadataToCertificates.sql |