Date: Sun, 22 Jun 2025 21:56:33 GMT From: =?utf-8?Q?Jes=C3=BAs?= Daniel Colmenares Oviedo <dtxdf@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 8a7b9a26bcf9 - main - www/pocket-id: New port: OIDC provider that allows users to authenticate with their passkeys Message-ID: <202506222156.55MLuXeY059381@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by dtxdf: URL: https://cgit.FreeBSD.org/ports/commit/?id=8a7b9a26bcf925a5a037f7c4806e4e9ae2210830 commit 8a7b9a26bcf925a5a037f7c4806e4e9ae2210830 Author: Jesús Daniel Colmenares Oviedo <dtxdf@FreeBSD.org> AuthorDate: 2025-06-22 21:38:47 +0000 Commit: Jesús Daniel Colmenares Oviedo <dtxdf@FreeBSD.org> CommitDate: 2025-06-22 21:53:27 +0000 www/pocket-id: New port: OIDC provider that allows users to authenticate with their passkeys Pocket ID is a simple OIDC provider that allows users to authenticate with their passkeys to your services. The goal of Pocket ID is to be a simple and easy-to-use. There are other self-hosted OIDC providers like Keycloak or ORY Hydra but they are often too complex for simple use cases. Additionally, what makes Pocket ID special is that it only supports passkey authentication, which means you don't need a password. Some people might not like this idea at first, but I believe passkeys are the future, and once you try them, you'll love them. For example, you can now use a physical Yubikey to sign in to all your self-hosted services easily and securely Approved by: acm (mentor) --- GIDs | 2 +- UIDs | 2 +- www/Makefile | 1 + www/pocket-id/Makefile | 39 ++++++++++++++++++++++++++++++++++++++ www/pocket-id/distinfo | 7 +++++++ www/pocket-id/files/pkg-message.in | 17 +++++++++++++++++ www/pocket-id/files/pocket-id.in | 36 +++++++++++++++++++++++++++++++++++ www/pocket-id/pkg-descr | 13 +++++++++++++ 8 files changed, 115 insertions(+), 2 deletions(-) diff --git a/GIDs b/GIDs index 47fa16129409..7c6869b21d21 100644 --- a/GIDs +++ b/GIDs @@ -775,7 +775,7 @@ cirrus:*:828: # free: 831 beehive:*:832: # free: 833 -# free: 834 +pocket-id:*:834: filebrowser:*:835: # free: 836 # free: 837 diff --git a/UIDs b/UIDs index c92b5e45e010..0b243bb7eb27 100644 --- a/UIDs +++ b/UIDs @@ -781,7 +781,7 @@ cirrus:*:828:828::0:0:Cirrus CI:/usr/local/cirrus:/bin/sh # free: 831 beehive:*:832:832::0:0:beehive user:/nonexistent:/usr/sbin/nologin # free: 833 -# free: 834 +pocket-id:*:834:834::0:0:OIDC provider that allows users to authenticate with their passkeys:/var/db/pocket-id:/usr/sbin/nologin filebrowser:*:835:835::0:0:Web File Browser:/var/db/filebrowser:/usr/sbin/nologin # free: 836 # free: 837 diff --git a/www/Makefile b/www/Makefile index e2d4e07e535e..6e56ffb734b4 100644 --- a/www/Makefile +++ b/www/Makefile @@ -1453,6 +1453,7 @@ SUBDIR += plasma6-plasma-browser-integration SUBDIR += pmwiki SUBDIR += pnews + SUBDIR += pocket-id SUBDIR += podcastamatic SUBDIR += pomerium SUBDIR += pound diff --git a/www/pocket-id/Makefile b/www/pocket-id/Makefile new file mode 100644 index 000000000000..641ca2d03c15 --- /dev/null +++ b/www/pocket-id/Makefile @@ -0,0 +1,39 @@ +PORTNAME= pocket-id +DISTVERSIONPREFIX= v +DISTVERSION= 1.4.0 +CATEGORIES= www +MASTER_SITES= LOCAL/dtxdf/${PORTNAME}/ +DISTFILES= ${PORTNAME}-${DISTVERSION}.frontend${EXTRACT_SUFX} + +MAINTAINER= dtxdf@FreeBSD.org +COMMENT= OIDC provider that allows users to authenticate with their passkeys +WWW= https://pocket-id.org + +LICENSE= BSD2CLAUSE + +USES= go:modules +USE_GITHUB= yes +USE_RC_SUBR= ${PORTNAME} + +GO_MOD_DIST= github +GO_MODULE= https://github.com/pocket-id/${PORTNAME} +GO_TARGET= ./cmd:${PORTNAME} +GO_BUILDFLAGS= -ldflags "-X github.com/pocket-id/pocket-id/backend/internal/common.Version=${DISTVERSION} -buildid=${DISTVERSION}" + +SUB_FILES= pkg-message +SUB_LIST= USER=${USERS:[1]} + +WRKSRC_SUBDIR= backend + +USERS= ${POCKET_ID_USER} +GROUPS= ${POCKET_ID_GROUP} + +PLIST_FILES= bin/${PORTNAME} + +POCKET_ID_USER= ${PORTNAME} +POCKET_ID_GROUP= ${POCKET_ID_USER} + +pre-build: + @cd ${WRKDIR}/pocket-id-frontend && ${COPYTREE_SHARE} . ${WRKSRC}/frontend/dist + +.include <bsd.port.mk> diff --git a/www/pocket-id/distinfo b/www/pocket-id/distinfo new file mode 100644 index 000000000000..dea750785956 --- /dev/null +++ b/www/pocket-id/distinfo @@ -0,0 +1,7 @@ +TIMESTAMP = 1750475934 +SHA256 (go/www_pocket-id/pocket-id-pocket-id-v1.4.0_GH0/pocket-id-1.4.0.frontend.tar.gz) = 28d9a1e390d4caa1d210fb1cd36c2f2839d89e82905e88953847b18a25aeb44d +SIZE (go/www_pocket-id/pocket-id-pocket-id-v1.4.0_GH0/pocket-id-1.4.0.frontend.tar.gz) = 940695 +SHA256 (go/www_pocket-id/pocket-id-pocket-id-v1.4.0_GH0/go.mod) = 746b88f292ef6becb08abe2aa09185c44bf44d7679e281534821b0d8cfc4828c +SIZE (go/www_pocket-id/pocket-id-pocket-id-v1.4.0_GH0/go.mod) = 6612 +SHA256 (go/www_pocket-id/pocket-id-pocket-id-v1.4.0_GH0/pocket-id-pocket-id-v1.4.0_GH0.tar.gz) = ad76903ab02cd739fb3171df8d18a3192b131dc55dd52fe223634c79d9d82f53 +SIZE (go/www_pocket-id/pocket-id-pocket-id-v1.4.0_GH0/pocket-id-pocket-id-v1.4.0_GH0.tar.gz) = 5506002 diff --git a/www/pocket-id/files/pkg-message.in b/www/pocket-id/files/pkg-message.in new file mode 100644 index 000000000000..f97cc825952b --- /dev/null +++ b/www/pocket-id/files/pkg-message.in @@ -0,0 +1,17 @@ +[ +{ type: install + message: <<EOM +Pocket ID is installed + +1) Configure it in %%PREFIX%%/etc/pocket-id.env + +2) Enable it with + + sysrc pocket_id_enable=YES + +3) Start it with + + service pocket-id start +EOM +} +] diff --git a/www/pocket-id/files/pocket-id.in b/www/pocket-id/files/pocket-id.in new file mode 100644 index 000000000000..04a26a82a74e --- /dev/null +++ b/www/pocket-id/files/pocket-id.in @@ -0,0 +1,36 @@ +#!/bin/sh + +# PROVIDE: pocket_id +# REQUIRE: LOGIN +# KEYWORD: shutdown +# +# Configuration settings for pocket-id in /etc/rc.conf +# +# pocket_id_enable (bool): Enable pocket-id. (Default=NO) +# pocket_id_env_file (str): Path containing the environment variables +# to be used by pocket-id. (Default: /usr/local/etc/pocket-id.env) +# pocket_id_logfile (str): Log file used to store the pocket-id's output. (Default: /var/log/pocket-id.log) +# pocket_id_pidfile (str): File used by pocket-id to store the process ID. (Default: /var/run/pocket-id.pid) +# pocket_id_runas (str): User to run pocket-id as. (Default: %%USER%%) + +. /etc/rc.subr + +name="pocket_id" +desc="OIDC provider that allows users to authenticate with their passkeys" +rcvar="pocket_id_enable" + +load_rc_config $name + +: ${pocket_id_enable:="NO"} +: ${pocket_id_env_file:="/usr/local/etc/pocket-id.env"} +: ${pocket_id_logfile:="/var/log/pocket-id.log"} +: ${pocket_id_pidfile:="/var/run/pocket-id.pid"} +: ${pocket_id_runas:="%%USER%%"} + +pocket_id_chdir="/var/db/pocket-id" +pidfile="${pocket_id_pidfile}" +procname="/usr/local/bin/pocket-id" +command="/usr/sbin/daemon" +command_args="-o '${pocket_id_logfile}' -p '${pidfile}' -u '${pocket_id_runas}' -t '${desc}' -- '${procname}'" + +run_rc_command "$1" diff --git a/www/pocket-id/pkg-descr b/www/pocket-id/pkg-descr new file mode 100644 index 000000000000..904737283fae --- /dev/null +++ b/www/pocket-id/pkg-descr @@ -0,0 +1,13 @@ +Pocket ID is a simple OIDC provider that allows users to authenticate +with their passkeys to your services. + +The goal of Pocket ID is to be a simple and easy-to-use. There are +other self-hosted OIDC providers like Keycloak or ORY Hydra but +they are often too complex for simple use cases. + +Additionally, what makes Pocket ID special is that it only supports +passkey authentication, which means you don't need a password. Some +people might not like this idea at first, but I believe passkeys +are the future, and once you try them, you'll love them. For example, +you can now use a physical Yubikey to sign in to all your self-hosted +services easily and securelyhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202506222156.55MLuXeY059381>