diff options
| author | Tomoyuki Sakurai <trombik1973@gmail.com> | 2021-10-18 16:38:27 +0000 |
|---|---|---|
| committer | Yuri Victorovich <yuri@FreeBSD.org> | 2021-10-18 16:54:28 +0000 |
| commit | a6dddfbc3b259aaec389e8314b703851e7c8eb68 (patch) | |
| tree | ad59449011d72a9b1847d66dafd91ca505a0299d /security/cfssl | |
| parent | e6b9ebac9ebb06ae964e1680fcdb6f2bdf6b35ee (diff) | |
| download | ports-a6dddfbc3b259aaec389e8314b703851e7c8eb68.tar.gz ports-a6dddfbc3b259aaec389e8314b703851e7c8eb68.zip | |
security/cfssl: Add the RC script to start as a daemon to run the HTTP-based API server
The API endpoint is 127.0.0.1:8888.
PR: 259247
Diffstat (limited to 'security/cfssl')
| -rw-r--r-- | security/cfssl/Makefile | 20 | ||||
| -rw-r--r-- | security/cfssl/files/cfssl.in | 38 | ||||
| -rw-r--r-- | security/cfssl/pkg-plist | 9 |
3 files changed, 66 insertions, 1 deletions
diff --git a/security/cfssl/Makefile b/security/cfssl/Makefile index b01b21076a1c..1aa20f12bd19 100644 --- a/security/cfssl/Makefile +++ b/security/cfssl/Makefile @@ -1,6 +1,7 @@ PORTNAME= cfssl DISTVERSIONPREFIX= v DISTVERSION= 1.6.1 +PORTREVISION= 1 CATEGORIES= security MAINTAINER= yuri@FreeBSD.org @@ -19,12 +20,20 @@ EXES= cfssl cfssl-bundle cfssl-certinfo cfssl-newkey cfssl-scan cfssljson mkbun PLIST_FILES= ${EXES:S/^/bin\//} +CFSSL_EXTRA_TARGETS= bin/goose +PLIST_FILES+= ${CFSSL_EXTRA_TARGETS} +USE_RC_SUBR= ${PORTNAME} +USERS= cfssl +GROUPS= cfssl +# installs a file to the same path +CONFLICTS= goose + pre-configure: ${REINPLACE_CMD} -e 's|%%DISTVERSION%%|${DISTVERSION}|g' ${WRKSRC}/cli/version/version.go # the project uses Makefile for build and installation do-build: - @cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${GO_ENV} ${MAKE_CMD} ${MAKE_FLAGS} ${MAKEFILE} ${_MAKE_JOBS} all + @cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${GO_ENV} ${MAKE_CMD} ${MAKE_FLAGS} ${MAKEFILE} ${_MAKE_JOBS} all ${CFSSL_EXTRA_TARGETS} do-install: # Makefile is used but the install target uses go install. @@ -33,4 +42,13 @@ do-install: ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/${F} .endfor + ${INSTALL} -d ${STAGEDIR}${DATADIR} +.for D in certdb/sqlite certdb/pg certdb/mysql + cd ${WRKSRC} && ${COPYTREE_SHARE} ${D} ${STAGEDIR}${DATADIR} +.endfor + +.for F in ${CFSSL_EXTRA_TARGETS} + ${INSTALL_PROGRAM} ${WRKSRC}/${F} ${STAGEDIR}/${PREFIX}/${F} +.endfor + .include <bsd.port.mk> diff --git a/security/cfssl/files/cfssl.in b/security/cfssl/files/cfssl.in new file mode 100644 index 000000000000..1779ae0252c0 --- /dev/null +++ b/security/cfssl/files/cfssl.in @@ -0,0 +1,38 @@ +#!/bin/sh + +# PROVIDE: cfssl +# REQUIRE: LOGIN +# KEYWORD: shutdown + +# Add the following lines to /etc/rc.conf to enable `cfssl': +# +# cfssl_enable="YES" +# +# An example cfssl_flags: +# cfssl_flags="-db-config /usr/local/etc/ssl/db.json -ca /usr/local/etc/ssl/ca.pem -ca-key /usr/local/etc/ssl/ca-key.pem -config /usr/local/etc/ssl/ca-config.json" +# + +. /etc/rc.subr + +name="cfssl" +rcvar=cfssl_enable + +load_rc_config "$name" +: ${cfssl_enable="NO"} +: ${cfssl_flags:=""} + +command="/usr/sbin/daemon" +cfssl_command="%%PREFIX%%/bin/cfssl" +cfssl_user="cfssl" +pidfile="/var/run/$name.pid" +flags=" " +command_args="-S -p ${pidfile} ${cfssl_command} serve ${cfssl_flags}" +procname="%%PREFIX%%/bin/cfssl" +start_precmd="cfssl_precmd" + +cfssl_precmd() +{ + install -o ${cfssl_user} /dev/null ${pidfile} +} + +run_rc_command "$1" diff --git a/security/cfssl/pkg-plist b/security/cfssl/pkg-plist new file mode 100644 index 000000000000..5612f39af661 --- /dev/null +++ b/security/cfssl/pkg-plist @@ -0,0 +1,9 @@ +%%DATADIR%%/certdb/mysql/dbconf.yml +%%DATADIR%%/certdb/mysql/migrations/001_CreateCertificates.sql +%%DATADIR%%/certdb/mysql/migrations/002_AddMetadataToCertificates.sql +%%DATADIR%%/certdb/pg/dbconf.yml +%%DATADIR%%/certdb/pg/migrations/001_CreateCertificates.sql +%%DATADIR%%/certdb/pg/migrations/002_AddMetadataToCertificates.sql +%%DATADIR%%/certdb/sqlite/dbconf.yml +%%DATADIR%%/certdb/sqlite/migrations/001_CreateCertificates.sql +%%DATADIR%%/certdb/sqlite/migrations/002_AddMetadataToCertificates.sql |