Date: Mon, 16 Dec 2019 06:08:43 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r520218 - in head/www: . pomerium pomerium/files Message-ID: <201912160608.xBG68h41044607@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Mon Dec 16 06:08:43 2019 New Revision: 520218 URL: https://svnweb.freebsd.org/changeset/ports/520218 Log: Add Pomerium, an identity-aware proxy that enables secure access to internal applications. Pomerium provides a standardized interface to add access control to applications regardless of whether the application itself has authorization or authentication baked-in. Pomerium gateways both internal and external requests, and can be used in situations where you'd typically reach for a VPN. Added: head/www/pomerium/ head/www/pomerium/Makefile (contents, props changed) head/www/pomerium/distinfo (contents, props changed) head/www/pomerium/files/ head/www/pomerium/files/pomerium.in (contents, props changed) head/www/pomerium/pkg-descr (contents, props changed) head/www/pomerium/pkg-message (contents, props changed) head/www/pomerium/pkg-plist (contents, props changed) Modified: head/www/Makefile Modified: head/www/Makefile ============================================================================== --- head/www/Makefile Mon Dec 16 05:11:51 2019 (r520217) +++ head/www/Makefile Mon Dec 16 06:08:43 2019 (r520218) @@ -1396,6 +1396,7 @@ SUBDIR += pnews SUBDIR += podcastamatic SUBDIR += polipo + SUBDIR += pomerium SUBDIR += pound SUBDIR += privatebin SUBDIR += privoxy Added: head/www/pomerium/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/pomerium/Makefile Mon Dec 16 06:08:43 2019 (r520218) @@ -0,0 +1,90 @@ +# $FreeBSD$ + +PORTNAME= pomerium +DISTVERSIONPREFIX= v +DISTVERSION= 0.5.2 +CATEGORIES= www + +MAINTAINER= delphij@FreeBSD.org +COMMENT= Identity-aware access proxy + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/LICENSE + +USES= go:modules +GO_TARGET= ./cmd/${PORTNAME}:${PREFIX}/libexec/${PORTNAME} + +GO_PKGNAME= github.com/${GH_ACCOUNT}/${PORTNAME} +LD_FLAG_X_PREFIX= -X ${GO_PKGNAME}/version + +GO_BUILDFLAGS= -ldflags "-s -w \ + -X github.com/pomerium/pomerium/version.Version=${DISTVERSIONPREFIX}${DISTVERSION} \ + -X github.com/pomerium/pomerium/version.ProjectName=${PORTNAME} \ + -X github.com/pomerium/pomerium/version.ProjectURL=${GO_PKGNAME}" +CGO_ENABLED= 0 + +USE_RC_SUBR= ${PORTNAME} + +USE_GITHUB= yes +GH_TUPLE= \ + apache:thrift:v0.12.0:apache_thrift/vendor/github.com/apache/thrift \ + beorn7:perks:v1.0.0:beorn7_perks/vendor/github.com/beorn7/perks \ + census-instrumentation:opencensus-go:v0.22.0:census_instrumentation_opencensus_go/vendor/go.opencensus.io \ + census-ecosystem:opencensus-go-exporter-jaeger:v0.1.0:census_ecosystem_opencensus_go_exporter_jaeger/vendor/contrib.go.opencensus.io/exporter/jaeger \ + census-ecosystem:opencensus-go-exporter-prometheus:v0.1.0:census_ecosystem_opencensus_go_exporter_prometheus/vendor/contrib.go.opencensus.io/exporter/prometheus \ + fsnotify:fsnotify:v1.4.7:fsnotify_fsnotify/vendor/github.com/fsnotify/fsnotify \ + go-yaml:yaml:v2.2.3:go_yaml_yaml/vendor/gopkg.in/yaml.v2 \ + golang:appengine:v1.6.5:golang_appengine/vendor/google.golang.org/appengine \ + golang:crypto:ed6320f186d4:golang_crypto/vendor/golang.org/x/crypto \ + golang:mock:v1.3.1:golang_mock/vendor/github.com/golang/mock \ + golang:net:fe3aa8a45271:golang_net/vendor/golang.org/x/net \ + golang:oauth2:0f29369cfe45:golang_oauth2/vendor/golang.org/x/oauth2 \ + golang:protobuf:v1.3.2:golang_protobuf/vendor/github.com/golang/protobuf \ + golang:sync:112230192c58:golang_sync/vendor/golang.org/x/sync \ + golang:sys:f43be2a4598c:golang_sys/vendor/golang.org/x/sys \ + golang:text:v0.3.2:golang_text/vendor/golang.org/x/text \ + google:go-cmp:v0.3.1:google_go_cmp/vendor/github.com/google/go-cmp \ + google:go-genproto:919d9bdd9fe6:google_go_genproto/vendor/google.golang.org/genproto \ + googleapis:gax-go:v2.0.5:googleapis_gax_go/vendor/github.com/googleapis/gax-go \ + googleapis:google-api-go-client:v0.13.0:googleapis_google_api_go_client/vendor/google.golang.org/api \ + googleapis:google-cloud-go:v0.47.0:googleapis_google_cloud_go/vendor/cloud.google.com/go \ + gorilla:mux:v1.7.3:gorilla_mux/vendor/github.com/gorilla/mux \ + gorilla:securecookie:v1.1.1:gorilla_securecookie/vendor/github.com/gorilla/securecookie \ + grpc:grpc-go:v1.24.0:grpc_grpc_go/vendor/google.golang.org/grpc \ + hashicorp:golang-lru:v0.5.1:hashicorp_golang_lru/vendor/github.com/hashicorp/golang-lru \ + hashicorp:hcl:v1.0.0:hashicorp_hcl/vendor/github.com/hashicorp/hcl \ + magiconair:properties:v1.8.1:magiconair_properties/vendor/github.com/magiconair/properties \ + matttproud:golang_protobuf_extensions:v1.0.1:matttproud_golang_protobuf_extensions/vendor/github.com/matttproud/golang_protobuf_extensions \ + mitchellh:hashstructure:v1.0.0:mitchellh_hashstructure/vendor/github.com/mitchellh/hashstructure \ + mitchellh:mapstructure:v1.1.2:mitchellh_mapstructure/vendor/github.com/mitchellh/mapstructure \ + pelletier:go-toml:v1.4.0:pelletier_go_toml/vendor/github.com/pelletier/go-toml \ + pkg:errors:v0.8.1:pkg_errors/vendor/github.com/pkg/errors \ + pomerium:csrf:f3318380bad3:pomerium_csrf/vendor/github.com/pomerium/csrf \ + pomerium:go-oidc:v2.0.0:pomerium_go_oidc/vendor/github.com/pomerium/go-oidc \ + pquerna:cachecontrol:1555304b9b35:pquerna_cachecontrol/vendor/github.com/pquerna/cachecontrol \ + prometheus:client_golang:v0.9.3:prometheus_client_golang/vendor/github.com/prometheus/client_golang \ + prometheus:client_model:fd36f4220a90:prometheus_client_model/vendor/github.com/prometheus/client_model \ + prometheus:common:v0.4.0:prometheus_common/vendor/github.com/prometheus/common \ + prometheus:procfs:5867b95ac084:prometheus_procfs/vendor/github.com/prometheus/procfs \ + rs:cors:v1.7.0:rs_cors/vendor/github.com/rs/cors \ + rs:zerolog:v1.16.0:rs_zerolog/vendor/github.com/rs/zerolog \ + spf13:afero:v1.2.2:spf13_afero/vendor/github.com/spf13/afero \ + spf13:cast:v1.3.0:spf13_cast/vendor/github.com/spf13/cast \ + spf13:jwalterweatherman:v1.1.0:spf13_jwalterweatherman/vendor/github.com/spf13/jwalterweatherman \ + spf13:pflag:v1.0.5:spf13_pflag/vendor/github.com/spf13/pflag \ + spf13:viper:v1.4.0:spf13_viper/vendor/github.com/spf13/viper \ + square:go-jose:v2.4.0:square_go_jose/vendor/gopkg.in/square/go-jose.v2 + +POMERIUMPIDDIR= /var/run/${PORTNAME}/ +POMERIUM_USER?= www + +SUB_LIST+= POMERIUM_USER=${POMERIUM_USER} \ + POMERIUMPIDDIR=${POMERIUMPIDDIR} +PLIST_SUB+= ${SUB_LIST} + +post-install: + @${MKDIR} ${STAGEDIR}${PREFIX}/etc/${PORTNAME} + @${MKDIR} ${STAGEDIR}${POMERIUMPIDDIR} + ${INSTALL_DATA} ${WRKSRC}/docs/configuration/examples/config/config.example.yaml ${STAGEDIR}${PREFIX}/etc/${PORTNAME}/config.yaml.sample + +.include <bsd.port.mk> Added: head/www/pomerium/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/pomerium/distinfo Mon Dec 16 06:08:43 2019 (r520218) @@ -0,0 +1,97 @@ +TIMESTAMP = 1576401038 +SHA256 (pomerium-pomerium-v0.5.2_GH0.tar.gz) = 43c19d7ab1d3848cea63fad176252d4bf3293375f239fd6d1ff0db8faea30adc +SIZE (pomerium-pomerium-v0.5.2_GH0.tar.gz) = 19754080 +SHA256 (apache-thrift-v0.12.0_GH0.tar.gz) = b7452d1873c6c43a580d2b4ae38cfaf8fa098ee6dc2925bae98dce0c010b1366 +SIZE (apache-thrift-v0.12.0_GH0.tar.gz) = 2960476 +SHA256 (beorn7-perks-v1.0.0_GH0.tar.gz) = b69d92e2e84b7d510dfa6110d3ac4ada0096a6c81190c5e174aa888bfe475cbc +SIZE (beorn7-perks-v1.0.0_GH0.tar.gz) = 10866 +SHA256 (census-instrumentation-opencensus-go-v0.22.0_GH0.tar.gz) = 4213d120fd3b7f9c39470babed3cfe5770d6d16be252cdcf4c62a747f19b8ca9 +SIZE (census-instrumentation-opencensus-go-v0.22.0_GH0.tar.gz) = 162290 +SHA256 (census-ecosystem-opencensus-go-exporter-jaeger-v0.1.0_GH0.tar.gz) = 41e06442130f845651afde0c6e1da3d9f5cc286870fcd3ee9eb8a66a97b62169 +SIZE (census-ecosystem-opencensus-go-exporter-jaeger-v0.1.0_GH0.tar.gz) = 26965 +SHA256 (census-ecosystem-opencensus-go-exporter-prometheus-v0.1.0_GH0.tar.gz) = c389c45c15d16affd09e9e0da70070ef2f3bed58e3de782a0f2d9d45f3a6391d +SIZE (census-ecosystem-opencensus-go-exporter-prometheus-v0.1.0_GH0.tar.gz) = 15079 +SHA256 (fsnotify-fsnotify-v1.4.7_GH0.tar.gz) = b7530d973d0ab0e58ad8ce1b9a4b963d6f57b3d72f2f9e13d49846976361b1cd +SIZE (fsnotify-fsnotify-v1.4.7_GH0.tar.gz) = 31139 +SHA256 (go-yaml-yaml-v2.2.3_GH0.tar.gz) = 47211277d63e284c7196e6b402598e4ba42d8d14ea286c9981fe6e19ad2ea9da +SIZE (go-yaml-yaml-v2.2.3_GH0.tar.gz) = 70910 +SHA256 (golang-appengine-v1.6.5_GH0.tar.gz) = 4e7df5d4ec2dda0f59f26925b36a087843fd1a165adb938712068376bf791316 +SIZE (golang-appengine-v1.6.5_GH0.tar.gz) = 332903 +SHA256 (golang-crypto-ed6320f186d4_GH0.tar.gz) = dda8715c73d00353aeea4e2f72a22c6d477a503ebf602f0ec8fb66f77b89194a +SIZE (golang-crypto-ed6320f186d4_GH0.tar.gz) = 1709329 +SHA256 (golang-mock-v1.3.1_GH0.tar.gz) = c70de449e2fe826047a87bf25a81517dd3ac0665cdbdfd94ded69b49fe1b0361 +SIZE (golang-mock-v1.3.1_GH0.tar.gz) = 48942 +SHA256 (golang-net-fe3aa8a45271_GH0.tar.gz) = 0a2d88f2fdf3b6951db507318de3e2bf7cd07800be0260a57f829040dc86d3f4 +SIZE (golang-net-fe3aa8a45271_GH0.tar.gz) = 1103254 +SHA256 (golang-oauth2-0f29369cfe45_GH0.tar.gz) = 468421ddfe905216454006b309ebda6e97aa6089265b995bce4259d6a9efd141 +SIZE (golang-oauth2-0f29369cfe45_GH0.tar.gz) = 45498 +SHA256 (golang-protobuf-v1.3.2_GH0.tar.gz) = c9cda622857a17cf0877c5ba76688a931883e505f40744c9495638b6e3da1f65 +SIZE (golang-protobuf-v1.3.2_GH0.tar.gz) = 312285 +SHA256 (golang-sync-112230192c58_GH0.tar.gz) = 6d98880ea18369550cb12d7011df8e4b21c5b7588268a412b863b5c9d2fa0313 +SIZE (golang-sync-112230192c58_GH0.tar.gz) = 16832 +SHA256 (golang-sys-f43be2a4598c_GH0.tar.gz) = 120cfab17111e93b3513a42bf0db20634552c85ae48d1fd3c5d7859fc5603356 +SIZE (golang-sys-f43be2a4598c_GH0.tar.gz) = 1513901 +SHA256 (golang-text-v0.3.2_GH0.tar.gz) = 0b9309698f5708531c5377ab1e29b423a6d9e20c55a8d386c3b8283428212f22 +SIZE (golang-text-v0.3.2_GH0.tar.gz) = 7168069 +SHA256 (google-go-cmp-v0.3.1_GH0.tar.gz) = a95fa266e5c2283b813102f265c1bdf5b78100f9889b984aef828eb094efe6e3 +SIZE (google-go-cmp-v0.3.1_GH0.tar.gz) = 76403 +SHA256 (google-go-genproto-919d9bdd9fe6_GH0.tar.gz) = 533257e6606c612f46fa999c59622b203bccf8666dd53eed79385dec98df48af +SIZE (google-go-genproto-919d9bdd9fe6_GH0.tar.gz) = 5547345 +SHA256 (googleapis-gax-go-v2.0.5_GH0.tar.gz) = 3089affe6f5e27f7a6d494cb399aa6baf232384f763f548ad5ddfbea0e88e59c +SIZE (googleapis-gax-go-v2.0.5_GH0.tar.gz) = 15328 +SHA256 (googleapis-google-api-go-client-v0.13.0_GH0.tar.gz) = 8e43f7aa74efb2d6ba2e38bf51968cad87ead6093f6429710cdfd47ec424b07d +SIZE (googleapis-google-api-go-client-v0.13.0_GH0.tar.gz) = 12592458 +SHA256 (googleapis-google-cloud-go-v0.47.0_GH0.tar.gz) = 351c5887cf27c52d8fd6e7e1d80a2f72c6c3918d58138f947c7556b166a27906 +SIZE (googleapis-google-cloud-go-v0.47.0_GH0.tar.gz) = 2323772 +SHA256 (gorilla-mux-v1.7.3_GH0.tar.gz) = 92adb9aea022f8b35686b75be50ba1206c4457c2f8a0e2a9d10d8721f35b3f11 +SIZE (gorilla-mux-v1.7.3_GH0.tar.gz) = 42495 +SHA256 (gorilla-securecookie-v1.1.1_GH0.tar.gz) = b7897b2243f0d43913aca318593c5c2586294fcd3265189d564ddda1b880fe95 +SIZE (gorilla-securecookie-v1.1.1_GH0.tar.gz) = 41240 +SHA256 (grpc-grpc-go-v1.24.0_GH0.tar.gz) = b8ac419ef6eb434e54e3900f0489bdda2f18d604e3f8c074b8ae75e6c106872b +SIZE (grpc-grpc-go-v1.24.0_GH0.tar.gz) = 755074 +SHA256 (hashicorp-golang-lru-v0.5.1_GH0.tar.gz) = 3bf57512af746dc0338651ba1c35c65fe907ff214ccb22d679539f7ea791511e +SIZE (hashicorp-golang-lru-v0.5.1_GH0.tar.gz) = 12982 +SHA256 (hashicorp-hcl-v1.0.0_GH0.tar.gz) = 50632428210503070fd2fde748c88b7414bf84a6a0eadebf9d8e596a033bead2 +SIZE (hashicorp-hcl-v1.0.0_GH0.tar.gz) = 70658 +SHA256 (magiconair-properties-v1.8.1_GH0.tar.gz) = 4449df3d2be86608bfc997228f66f1cff57bf620cc5bf9ba44339c7e4c5612dd +SIZE (magiconair-properties-v1.8.1_GH0.tar.gz) = 29735 +SHA256 (matttproud-golang_protobuf_extensions-v1.0.1_GH0.tar.gz) = 2def0ee6f6b12b1efc0e3007d89f598608a072610e805c3655ea9d13c3ead49b +SIZE (matttproud-golang_protobuf_extensions-v1.0.1_GH0.tar.gz) = 37184 +SHA256 (mitchellh-hashstructure-v1.0.0_GH0.tar.gz) = 48cad81434c28dc8c04518e8d80ccc387dfaac25e0412021ba048cc9a4683424 +SIZE (mitchellh-hashstructure-v1.0.0_GH0.tar.gz) = 6507 +SHA256 (mitchellh-mapstructure-v1.1.2_GH0.tar.gz) = 53fbc06b125ff1c9c73a4eb1764346932671a29c67a45a92e2ebc6855635069b +SIZE (mitchellh-mapstructure-v1.1.2_GH0.tar.gz) = 20980 +SHA256 (pelletier-go-toml-v1.4.0_GH0.tar.gz) = 04fb4855a64495c0c055c83b8a3446cabc6bfa4830eb458816370db38c0e67b0 +SIZE (pelletier-go-toml-v1.4.0_GH0.tar.gz) = 73274 +SHA256 (pkg-errors-v0.8.1_GH0.tar.gz) = 7a428967c6fc2e80cd84a0d9469ab6bd4dbe6b13493ba6294322a933a5a7e356 +SIZE (pkg-errors-v0.8.1_GH0.tar.gz) = 11009 +SHA256 (pomerium-csrf-f3318380bad3_GH0.tar.gz) = 15af92441468c497d27b9ad260755fbea3ceddc7d7df8418b3fedaf2cab232c6 +SIZE (pomerium-csrf-f3318380bad3_GH0.tar.gz) = 20643 +SHA256 (pomerium-go-oidc-v2.0.0_GH0.tar.gz) = f361dbcec04a2f46db99406cfee278b916bafc039a75a334afb000052607cf0f +SIZE (pomerium-go-oidc-v2.0.0_GH0.tar.gz) = 21045 +SHA256 (pquerna-cachecontrol-1555304b9b35_GH0.tar.gz) = 3611cc14c2de3c0f2df51d98d440673b32f6a906de213098abbdb0bb5eed6919 +SIZE (pquerna-cachecontrol-1555304b9b35_GH0.tar.gz) = 18998 +SHA256 (prometheus-client_golang-v0.9.3_GH0.tar.gz) = 691646522cee404fc8d48bf830309bb75e7b36ceca31d8dc2febe142e66a9ca8 +SIZE (prometheus-client_golang-v0.9.3_GH0.tar.gz) = 138415 +SHA256 (prometheus-client_model-fd36f4220a90_GH0.tar.gz) = 17571c708bab9a1ba18d9dd0c9bfe96dff3f1b84c63e7d8d4c3489ef5c34ee40 +SIZE (prometheus-client_model-fd36f4220a90_GH0.tar.gz) = 57491 +SHA256 (prometheus-common-v0.4.0_GH0.tar.gz) = 5fbad5f7332e40e1e1a75da389e81cf51300c26efff8dfe894eb814d2db5062e +SIZE (prometheus-common-v0.4.0_GH0.tar.gz) = 98312 +SHA256 (prometheus-procfs-5867b95ac084_GH0.tar.gz) = e7a790683185905621d3ea93fc605a38957b3a5e4a16ff90dee557d2e714c842 +SIZE (prometheus-procfs-5867b95ac084_GH0.tar.gz) = 72672 +SHA256 (rs-cors-v1.7.0_GH0.tar.gz) = 7cd0991ab30502e3c442c0a8ec153c58a1d5cbdc2c74af022f8d2354d65af6b8 +SIZE (rs-cors-v1.7.0_GH0.tar.gz) = 12147 +SHA256 (rs-zerolog-v1.16.0_GH0.tar.gz) = 6ff563eda9ba1d0fb7ef03430c2f11ba85ff7cf7e2d48882f1ca6ae4f32268fc +SIZE (rs-zerolog-v1.16.0_GH0.tar.gz) = 213571 +SHA256 (spf13-afero-v1.2.2_GH0.tar.gz) = b577afca7e9839aa7cf0ddd712af553aec671b74f97fe0c88c63f911d1020570 +SIZE (spf13-afero-v1.2.2_GH0.tar.gz) = 46157 +SHA256 (spf13-cast-v1.3.0_GH0.tar.gz) = e685282ea33f89e9354d148ad1886f532bcebe86b0b60a167988f7c6d081085f +SIZE (spf13-cast-v1.3.0_GH0.tar.gz) = 11085 +SHA256 (spf13-jwalterweatherman-v1.1.0_GH0.tar.gz) = 4fd850a792c5738954c4801cf549d8d0bf53edd17139cd39d179aa5abf7ec68d +SIZE (spf13-jwalterweatherman-v1.1.0_GH0.tar.gz) = 6871 +SHA256 (spf13-pflag-v1.0.5_GH0.tar.gz) = 9a2cae1f8e8ab0d2cc8ebe468e871af28d9ac0962cf0520999e3ba85f0c7b808 +SIZE (spf13-pflag-v1.0.5_GH0.tar.gz) = 50796 +SHA256 (spf13-viper-v1.4.0_GH0.tar.gz) = ee522a00960a36db8f83c820a85fce99a177db2b022697e5c1881cd852d9c4c0 +SIZE (spf13-viper-v1.4.0_GH0.tar.gz) = 44183 +SHA256 (square-go-jose-v2.4.0_GH0.tar.gz) = 3824f79c5f851784032a7800d72f32229ce6617612fab28642c18b5150b52493 +SIZE (square-go-jose-v2.4.0_GH0.tar.gz) = 303589 Added: head/www/pomerium/files/pomerium.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/pomerium/files/pomerium.in Mon Dec 16 06:08:43 2019 (r520218) @@ -0,0 +1,62 @@ +#!/bin/sh + +# $FreeBSD$ +# +# PROVIDE: pomerium +# REQUIRE: LOGIN +# KEYWORD: shutdown + +# Add the following lines to /etc/rc.conf to enable pomerium +# pomerium_enable="YES" +# +# pomerium_enable (bool): Set to YES to enable pomerium +# Default: NO +# pomerium_conf (str): pomerium configration file +# Default: %%ETCDIR%%/config.yaml +# pomerium_user (str): pomerium daemon user +# Default: %%POMERIUM_USER%% +# pomerium_cert_file (str): Path to pomerium certificate file, must be set +# unless configured as insecure server. +# Default: "" +# pomerium_cert_key_file (str): Path to pomerium certificate private key file, +# must be set unless configured as insecure server. +# Default: "" +# pomerium_shared_secret (str): 256-bit shared secret to mutually authenticate +# requests between services. +# Default: random string +# pomerium_cookie_secret (str): 256-bit cookie secret. Random if empty. +# Default: random string + +. /etc/rc.subr + +name=pomerium +rcvar=pomerium_enable +load_rc_config ${name} + +: ${pomerium_enable:="NO"} +: ${pomerium_user:="%%POMERIUM_USER%%"} +: ${pomerium_flags:=""} +: ${pomerium_conf:="%%ETCDIR%%/config.yaml"} +: ${pomerium_options:="-config=${pomerium_conf}"} +: ${pomerium_shared_secret:="$(head -c32 /dev/urandom| uuencode -r -m -)"} +: ${pomerium_cookie_secret:="$(head -c32 /dev/urandom| uuencode -r -m -)"} +: ${pomerium_cert_file:=""} +: ${pomerium_cert_key_file:=""} + +pidfile="%%POMERIUMPIDDIR%%${name}.pid" +procname="%%PREFIX%%/libexec/pomerium" +command=/usr/sbin/daemon +command_args="-c -P ${pidfile} -T ${name} ${procname} ${pomerium_options}" +start_precmd="pomerium_precmd" + +pomerium_precmd() +{ + install -d -o ${pomerium_user} %%POMERIUMPIDDIR%% + install -o ${pomerium_user} /dev/null ${pidfile} + export SHARED_SECRET="${pomerium_shared_secret}" + export COOKIE_SECRET="${pomerium_cookie_secret}" + [ -n "${pomerium_cert_file}" ] && export CERTIFICATE_FILE="${pomerium_cert_file}" + [ -n "${pomerium_cert_key_file}" ] && export CERTIFICATE_KEY_FILE="${pomerium_cert_key_file}" +} + +run_rc_command "$1" Added: head/www/pomerium/pkg-descr ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/pomerium/pkg-descr Mon Dec 16 06:08:43 2019 (r520218) @@ -0,0 +1,15 @@ +Pomerium is an identity-aware proxy that enables secure access to internal +applications. Pomerium provides a standardized interface to add access +control to applications regardless of whether the application itself has +authorization or authentication baked-in. Pomerium gateways both internal +and external requests, and can be used in situations where you'd typically +reach for a VPN. + +Pomerium can be used to: + + - provide a single-sign-on gateway to internal applications. + - enforce dynamic access policy based on context, identity, and device state. + - aggregate access logs and telemetry data. + - a VPN alternative. + +WWW: https://pomerium.io/ Added: head/www/pomerium/pkg-message ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/pomerium/pkg-message Mon Dec 16 06:08:43 2019 (r520218) @@ -0,0 +1,17 @@ +[ +{ type: install + message: <<EOM +## Quick start + +You need a configured indentity provider and a wild-card TLS certificate +before proceeding (if Pomerium will be terminating TLS connections). +Please note that the default installation runs Pomerium with unprivileged +"www" user, and therefore will not be able to bind on 443 unless +net.inet.ip.portrange.reservedhigh is lowered. + +Please consult the official website https://www.pomerium.io/docs/ for +additional configuration information. + +EOM +} +] Added: head/www/pomerium/pkg-plist ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/pomerium/pkg-plist Mon Dec 16 06:08:43 2019 (r520218) @@ -0,0 +1,4 @@ +@sample %%ETCDIR%%/config.yaml.sample +libexec/pomerium +@dir %%ETCDIR%% +@dir %%POMERIUMPIDDIR%%
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201912160608.xBG68h41044607>