Site Navigation

Date:      Mon, 18 Oct 2021 16:54:37 GMT
From:      Yuri Victorovich <yuri@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
Subject:   git: a6dddfbc3b25 - main - security/cfssl: Add the RC script to start as a daemon to run the HTTP-based API server
Message-ID:  <202110181654.19IGsbJE091988@gitrepo.freebsd.org>

---

next in thread | raw e-mail | index | archive | help

---

The branch main has been updated by yuri:

URL: https://cgit.FreeBSD.org/ports/commit/?id=a6dddfbc3b259aaec389e8314b703851e7c8eb68

commit a6dddfbc3b259aaec389e8314b703851e7c8eb68
Author:     Tomoyuki Sakurai <trombik1973@gmail.com>
AuthorDate: 2021-10-18 16:38:27 +0000
Commit:     Yuri Victorovich <yuri@FreeBSD.org>
CommitDate: 2021-10-18 16:54:28 +0000

    security/cfssl: Add the RC script to start as a daemon to run the HTTP-based API server
    
    The API endpoint is 127.0.0.1:8888.
    
    PR:             259247
---
 GIDs                          |  2 +-
 UIDs                          |  2 +-
 security/cfssl/Makefile       | 20 +++++++++++++++++++-
 security/cfssl/files/cfssl.in | 38 ++++++++++++++++++++++++++++++++++++++
 security/cfssl/pkg-plist      |  9 +++++++++
 5 files changed, 68 insertions(+), 3 deletions(-)

diff --git a/GIDs b/GIDs
index 3bb5c1e4ada0..4cb40984b169 100644
--- a/GIDs
+++ b/GIDs
@@ -815,7 +815,7 @@ opensearch:*:855:
 bitmark:*:872:
 bitmark-recorder:*:873:
 librespeed:*:874:
-# free: 875
+cfssl:*:875:
 _lms:*:876:
 gemserv:*:877:
 gerbera:*:878:
diff --git a/UIDs b/UIDs
index f490764e29d5..4adfd141d0bc 100644
--- a/UIDs
+++ b/UIDs
@@ -820,7 +820,7 @@ archiva:*:871:871::0:0:Apache Archiva Daemon:/nonexistent:/usr/sbin/nologin
 bitmark:*:872:872::0:0:Bitmark Property System:/var/lib/bitmarkd:/usr/sbin/nologin
 bitmark-recorder:*:873:873::0:0:Bitmark Property Recorder:/var/lib/recorderd:/usr/sbin/nologin
 librespeed:*:874:874::0:0:LibreSpeed user:/nonexistent:/usr/sbin/nologin
-# free: 875
+cfssl:*:875:875::0:0:cfssl user:/nonexistent:/usr/sbin/nologin
 _lms:*:876:876::0:0:Lightweight Music Server user:/nonexistent:/usr/sbin/nologin
 gemserv:*:877:877::0:0:gemserv user:/nonexistent:/usr/sbin/nologin
 gerbera:*:878:878::0:0:Gerbera DLNA Media Server:/nonexistent:/usr/sbin/nologin
diff --git a/security/cfssl/Makefile b/security/cfssl/Makefile
index b01b21076a1c..1aa20f12bd19 100644
--- a/security/cfssl/Makefile
+++ b/security/cfssl/Makefile
@@ -1,6 +1,7 @@
 PORTNAME=	cfssl
 DISTVERSIONPREFIX=	v
 DISTVERSION=	1.6.1
+PORTREVISION=	1
 CATEGORIES=	security
 
 MAINTAINER=	yuri@FreeBSD.org
@@ -19,12 +20,20 @@ EXES=		cfssl cfssl-bundle cfssl-certinfo cfssl-newkey cfssl-scan cfssljson mkbun
 
 PLIST_FILES=	${EXES:S/^/bin\//}
 
+CFSSL_EXTRA_TARGETS=	bin/goose
+PLIST_FILES+=	${CFSSL_EXTRA_TARGETS}
+USE_RC_SUBR=	${PORTNAME}
+USERS=	cfssl
+GROUPS=	cfssl
+# installs a file to the same path
+CONFLICTS=	goose
+
 pre-configure:
 	${REINPLACE_CMD} -e 's|%%DISTVERSION%%|${DISTVERSION}|g' ${WRKSRC}/cli/version/version.go
 
 # the project uses Makefile for build and installation
 do-build:
-	@cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${GO_ENV} ${MAKE_CMD} ${MAKE_FLAGS} ${MAKEFILE} ${_MAKE_JOBS} all
+	@cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${GO_ENV} ${MAKE_CMD} ${MAKE_FLAGS} ${MAKEFILE} ${_MAKE_JOBS} all ${CFSSL_EXTRA_TARGETS}
 
 do-install:
 	# Makefile is used but the install target uses go install.
@@ -33,4 +42,13 @@ do-install:
 	${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/${F}
 .endfor
 
+	${INSTALL} -d ${STAGEDIR}${DATADIR}
+.for D in certdb/sqlite certdb/pg certdb/mysql
+	cd ${WRKSRC} && ${COPYTREE_SHARE} ${D} ${STAGEDIR}${DATADIR}
+.endfor
+
+.for F in ${CFSSL_EXTRA_TARGETS}
+	${INSTALL_PROGRAM} ${WRKSRC}/${F} ${STAGEDIR}/${PREFIX}/${F}
+.endfor
+
 .include <bsd.port.mk>
diff --git a/security/cfssl/files/cfssl.in b/security/cfssl/files/cfssl.in
new file mode 100644
index 000000000000..1779ae0252c0
--- /dev/null
+++ b/security/cfssl/files/cfssl.in
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+# PROVIDE: cfssl
+# REQUIRE: LOGIN
+# KEYWORD: shutdown
+
+# Add the following lines to /etc/rc.conf to enable `cfssl':
+#
+# cfssl_enable="YES"
+#
+# An example cfssl_flags:
+# cfssl_flags="-db-config /usr/local/etc/ssl/db.json -ca /usr/local/etc/ssl/ca.pem -ca-key /usr/local/etc/ssl/ca-key.pem -config /usr/local/etc/ssl/ca-config.json"
+#
+
+. /etc/rc.subr
+
+name="cfssl"
+rcvar=cfssl_enable
+
+load_rc_config "$name"
+: ${cfssl_enable="NO"}
+: ${cfssl_flags:=""}
+
+command="/usr/sbin/daemon"
+cfssl_command="%%PREFIX%%/bin/cfssl"
+cfssl_user="cfssl"
+pidfile="/var/run/$name.pid"
+flags=" "
+command_args="-S -p ${pidfile} ${cfssl_command} serve ${cfssl_flags}"
+procname="%%PREFIX%%/bin/cfssl"
+start_precmd="cfssl_precmd"
+
+cfssl_precmd()
+{
+	install -o ${cfssl_user} /dev/null ${pidfile}
+}
+
+run_rc_command "$1"
diff --git a/security/cfssl/pkg-plist b/security/cfssl/pkg-plist
new file mode 100644
index 000000000000..5612f39af661
--- /dev/null
+++ b/security/cfssl/pkg-plist
@@ -0,0 +1,9 @@
+%%DATADIR%%/certdb/mysql/dbconf.yml
+%%DATADIR%%/certdb/mysql/migrations/001_CreateCertificates.sql
+%%DATADIR%%/certdb/mysql/migrations/002_AddMetadataToCertificates.sql
+%%DATADIR%%/certdb/pg/dbconf.yml
+%%DATADIR%%/certdb/pg/migrations/001_CreateCertificates.sql
+%%DATADIR%%/certdb/pg/migrations/002_AddMetadataToCertificates.sql
+%%DATADIR%%/certdb/sqlite/dbconf.yml
+%%DATADIR%%/certdb/sqlite/migrations/001_CreateCertificates.sql
+%%DATADIR%%/certdb/sqlite/migrations/002_AddMetadataToCertificates.sql

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202110181654.19IGsbJE091988>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact