On Feb 13, 2018 16:19, "Stuart Henderson" <s...@spacehopper.org> wrote:
On 2018/02/13 13:51, Vinícius Zavam wrote: > > Index: net/dnscrypt-proxy/pkg/PLIST-main > =================================================================== > RCS file: /cvs/ports/net/dnscrypt-proxy/pkg/PLIST-main,v > retrieving revision 1.6 > diff -u -p -u -p -r1.6 PLIST-main > --- net/dnscrypt-proxy/pkg/PLIST-main 2 Aug 2017 09:32:40 -0000 1.6 > +++ net/dnscrypt-proxy/pkg/PLIST-main 13 Feb 2018 13:39:38 -0000 > @@ -1,4 +1,5 @@ > @comment $OpenBSD: PLIST-main,v 1.6 2017/08/02 09:32:40 giovanni Exp $ > +@conflict dnscrypt-proxy->1.9.5p3 > @newgroup _dnscrypt-proxy:688 > @newuser _dnscrypt-proxy:688:_dnscrypt-proxy:daemon:dnscrypt-proxy user:/var/empty:/sbin/nologin > @bin bin/hostip IMHO it's better to just update the original port rather than adding a new one, I don't think this is enough of a special case to maintain both in parallel we can go for it. > Index: net/dnscrypt-proxy2/Makefile > =================================================================== > RCS file: net/dnscrypt-proxy2/Makefile > diff -N net/dnscrypt-proxy2/Makefile > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ net/dnscrypt-proxy2/Makefile 13 Feb 2018 13:39:38 -0000 > @@ -0,0 +1,44 @@ > +# $OpenBSD$ > + > +COMMENT= Flexible DNS proxy with support for encrypted protocols lowercase Flexible -> flexible > +PORTNAME= dnscrypt-proxy > +PORTVERS= 2.0.0 > +REVISION= 0 > +DISTNAME= ${PORTNAME}-${PORTVERS} > +CATEGORIES= net security > + > +HOMEPAGE= https://dnscrypt.info/ > +MAINTAINER= Vinicius Zavam <egyp...@googlemail.com> > + > +GH_ACCOUNT= jedisct1 > +GH_PROJECT= ${PORTNAME} > +GH_TAGNAME= ${PORTVERS} please don't use indirection like this PORTNAME/PORTVERS stuff, the entire block above should be simply GH_ACCOUNT= jedisct1 GH_PROJECT= dnscrypt-proxy GH_TAGNAME= 2.0.0 a lot of people are using V= or R= for similar purposes, so I really don't see a thing here. CATEGORIES= net security HOMEPAGE= https://dnscrypt.info/ MAINTAINER= Vinicius Zavam <egyp...@googlemail.com> > + > +# ISC > +PERMIT_PACKAGE_CDROM= YES > + > +DOCS= README.md set but never used > + > +MODULES= lang/go > + > +TARGET_BASE= github.com/${GH_ACCOUNT}/${GH_PROJECT} <http://github.com/$%7BGH_ACCOUNT%7D/$%7BGH_PROJECT%7D> > +WRKSRC= ${MODGO_WORKSPACE}/src/${TARGET_BASE} > +ALL_TARGET= ${TARGET_BASE}/${GH_PROJECT} I can't really comment on go ports stuff, it totally confuses me > +post-configure: > + cd ${WRKSRC} && ln -sf vendor src && ln -sf ${WRKSRC}/${GH_PROJECT} src/${TARGET_BASE}; GH_PROJECT indirection is hard to read, and you're already cd'd to ${WRKSRC} so the second ln doesn't need the ${WRKSRC}, so maybe "... && ln -sf dnscrypt-proxy src/${TARGET_BASE}" ? Go is... "special" :-) zap trailing ; it's present in many ports' Makefiles. > +do-install: > + mkdir -p ${PREFIX}/sbin && \ > + ${INSTALL_PROGRAM} ${MODGO_WORKSPACE}/bin/* ${PREFIX}/sbin/; don't use mkdir, if you needed to create this directory ${INSTALL_PROGRAM_DIR} would be the one, but ${PREFIX}/sbin is already created for you. I refused to believe the same, but needed to make it this way. trust me. zap trailing ; > + > +post-install: > + mkdir -p ${PREFIX}/etc ${PREFIX}/share/examples/${GH_PROJECT} && \ > + ${INSTALL_DATA} > ${MODGO_WORKSPACE}/src/${TARGET_BASE}/${GH_PROJECT}/example* \ > + ${PREFIX}/share/examples/${GH_PROJECT}/ && \ > + ${INSTALL_DATA} ${MODGO_WORKSPACE}/src/${TARGE T_BASE}/${GH_PROJECT}/example-dnscrypt-proxy.toml \ > + ${PREFIX}/etc/dnscrypt-proxy.toml; nothing should be using ${PREFIX}/etc. mkdir -> ${INSTALL_DATA_DIR} GH_PROJECT indirection makes it hard to read, just write dnscrypt-proxy repeat the same thing? GH_PROJECT *must* be set, so... I made use of it. trailing ; dito. > + sed -i -e 's,require_dnssec = false,require_dnssec = true,g' ${PREFIX}/etc/dnscrypt-proxy.toml; > + just use a normal patch on the input file rather than sed (though why change the default anyway?) ${PREFIX}/etc again suggestions? it is /usr/local, we could just make it practice to be used out of the box; or should one copy the config and edit it manually in order to use the service? trailing ; dito. > +.include <bsd.port.mk> > Index: net/dnscrypt-proxy2/distinfo > =================================================================== > RCS file: net/dnscrypt-proxy2/distinfo > diff -N net/dnscrypt-proxy2/distinfo > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ net/dnscrypt-proxy2/distinfo 13 Feb 2018 13:39:38 -0000 > @@ -0,0 +1,2 @@ > +SHA256 (dnscrypt-proxy-2.0.0.tar.gz) = r8KAYTJpsfXpxYHCPWSIhCGJdPfn4a JcihMJGX1n41g= > +SIZE (dnscrypt-proxy-2.0.0.tar.gz) = 725490 > Index: net/dnscrypt-proxy2/pkg/DESCR > =================================================================== > RCS file: net/dnscrypt-proxy2/pkg/DESCR > diff -N net/dnscrypt-proxy2/pkg/DESCR > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ net/dnscrypt-proxy2/pkg/DESCR 13 Feb 2018 13:39:38 -0000 > @@ -0,0 +1,7 @@ > +DNSCrypt Proxy v2 provides a local service which can be used directly as your > +local resolver or as a DNS forwarder, encrypting requests using protocols > +such as DNSCrypt v2 and DNS-over-HTTP/2. > + > +It includes all the major features from DNSCrypt Proxy v1 (1.9.5), with improved > +reliability, flexibility, usability and performance. You can also combine it with > +TCP tunnels such as the ones used by Tor. > Index: net/dnscrypt-proxy2/pkg/PLIST > =================================================================== > RCS file: net/dnscrypt-proxy2/pkg/PLIST > diff -N net/dnscrypt-proxy2/pkg/PLIST > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ net/dnscrypt-proxy2/pkg/PLIST 13 Feb 2018 13:39:38 -0000 > @@ -0,0 +1,12 @@ > +@comment $OpenBSD$ > +etc/ > +etc/dnscrypt-proxy.toml > +share/doc/pkg-readmes/${FULLPKGNAME} > +share/examples/dnscrypt-proxy/ > +share/examples/dnscrypt-proxy/example-blacklist.txt > +share/examples/dnscrypt-proxy/example-cloaking-rules.txt > +share/examples/dnscrypt-proxy/example-dnscrypt-proxy.toml > +share/examples/dnscrypt-proxy/example-forwarding-rules.txt > +@conflict dnscrypt-proxy-<2.0.0p0 > +@bin sbin/dnscrypt-proxy > +@rcscript ${RCDIR}/dnscrypt_proxy > Index: net/dnscrypt-proxy2/pkg/README > =================================================================== > RCS file: net/dnscrypt-proxy2/pkg/README > diff -N net/dnscrypt-proxy2/pkg/README > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ net/dnscrypt-proxy2/pkg/README 13 Feb 2018 13:39:38 -0000 > @@ -0,0 +1,26 @@ > +$OpenBSD$ > + > ++----------------------------------------------------------------------- > +| Running ${FULLPKGNAME} on OpenBSD > ++----------------------------------------------------------------------- > + > +dnscrypt-proxy2 listens for DNS queries on a local address and forwards > +them to a DNSCrypt resolver over an encrypted channel. > + > +To use this package, two things are required. > + > +Firstly, enable/start the service. > + > + # rcctl enable dnscrypt_proxy > + # rcctl start dnscrypt_proxy > + > +Secondly, set /etc/resolv.conf to perform queries from dnscrypt-proxy2: > + > + nameserver 127.0.0.1 > + lookup file bind > + > +NOTE: If fetching your IP address dynamically, dhclient(8) will normally > +update resolv.conf with network-provided DNS servers. This can be avoided > +by using "ignore domain-name, domain-name-servers;" in /etc/dhclient.conf. > + > +For more information, see https://dnscrypt.info/ > Index: net/dnscrypt-proxy2/pkg/dnscrypt_proxy.rc > =================================================================== > RCS file: net/dnscrypt-proxy2/pkg/dnscrypt_proxy.rc > diff -N net/dnscrypt-proxy2/pkg/dnscrypt_proxy.rc > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ net/dnscrypt-proxy2/pkg/dnscrypt_proxy.rc 13 Feb 2018 13:39:38 -0000 > @@ -0,0 +1,11 @@ > +#!/bin/ksh > +# > +# $OpenBSD$ > + > +daemon="${TRUEPREFIX}/sbin/dnscrypt-proxy -config ${TRUEPREFIX}/etc/dnscrypt-proxy.toml -logfile /var/log/dnscrypt-proxy.log" > + > +. /etc/rc.d/rc.subr > + > +rc_reload=NO > + > +rc_cmd $1 if the net/dnscrypt-proxy's maintainer wants to take my patch and use it to override/update the current port, I'm fine with it too; no worries. thanks for all the feedback! very appreciated. happy to help,