On Feb 13, 2018 16:19, "Stuart Henderson" <s...@spacehopper.org> wrote:
On 2018/02/13 13:51, Vinícius Zavam wrote:
>
> Index: net/dnscrypt-proxy/pkg/PLIST-main
> ===================================================================
> RCS file: /cvs/ports/net/dnscrypt-proxy/pkg/PLIST-main,v
> retrieving revision 1.6
> diff -u -p -u -p -r1.6 PLIST-main
> --- net/dnscrypt-proxy/pkg/PLIST-main 2 Aug 2017 09:32:40 -0000 1.6
> +++ net/dnscrypt-proxy/pkg/PLIST-main 13 Feb 2018 13:39:38 -0000
> @@ -1,4 +1,5 @@
> @comment $OpenBSD: PLIST-main,v 1.6 2017/08/02 09:32:40 giovanni Exp $
> +@conflict dnscrypt-proxy->1.9.5p3
> @newgroup _dnscrypt-proxy:688
> @newuser _dnscrypt-proxy:688:_dnscrypt-proxy:daemon:dnscrypt-proxy
user:/var/empty:/sbin/nologin
> @bin bin/hostip
IMHO it's better to just update the original port rather than adding a
new one, I don't think this is enough of a special case to maintain both
in parallel
we can go for it.
> Index: net/dnscrypt-proxy2/Makefile
> ===================================================================
> RCS file: net/dnscrypt-proxy2/Makefile
> diff -N net/dnscrypt-proxy2/Makefile
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ net/dnscrypt-proxy2/Makefile 13 Feb 2018 13:39:38 -0000
> @@ -0,0 +1,44 @@
> +# $OpenBSD$
> +
> +COMMENT= Flexible DNS proxy with support for encrypted
protocols
lowercase Flexible -> flexible
> +PORTNAME= dnscrypt-proxy
> +PORTVERS= 2.0.0
> +REVISION= 0
> +DISTNAME= ${PORTNAME}-${PORTVERS}
> +CATEGORIES= net security
> +
> +HOMEPAGE= https://dnscrypt.info/
> +MAINTAINER= Vinicius Zavam <egyp...@googlemail.com>
> +
> +GH_ACCOUNT= jedisct1
> +GH_PROJECT= ${PORTNAME}
> +GH_TAGNAME= ${PORTVERS}
please don't use indirection like this PORTNAME/PORTVERS stuff, the entire
block above should be simply
GH_ACCOUNT= jedisct1
GH_PROJECT= dnscrypt-proxy
GH_TAGNAME= 2.0.0
a lot of people are using V= or R= for similar purposes, so I really don't
see a thing here.
CATEGORIES= net security
HOMEPAGE= https://dnscrypt.info/
MAINTAINER= Vinicius Zavam <egyp...@googlemail.com>
> +
> +# ISC
> +PERMIT_PACKAGE_CDROM= YES
> +
> +DOCS= README.md
set but never used
> +
> +MODULES= lang/go
> +
> +TARGET_BASE= github.com/${GH_ACCOUNT}/${GH_PROJECT}
<http://github.com/$%7BGH_ACCOUNT%7D/$%7BGH_PROJECT%7D>
> +WRKSRC= ${MODGO_WORKSPACE}/src/${TARGET_BASE}
> +ALL_TARGET= ${TARGET_BASE}/${GH_PROJECT}
I can't really comment on go ports stuff, it totally confuses me
> +post-configure:
> + cd ${WRKSRC} && ln -sf vendor src && ln -sf ${WRKSRC}/${GH_PROJECT}
src/${TARGET_BASE};
GH_PROJECT indirection is hard to read, and you're already cd'd to ${WRKSRC}
so the second ln doesn't need the ${WRKSRC}, so maybe "... && ln -sf
dnscrypt-proxy src/${TARGET_BASE}" ?
Go is... "special" :-)
zap trailing ;
it's present in many ports' Makefiles.
> +do-install:
> + mkdir -p ${PREFIX}/sbin && \
> + ${INSTALL_PROGRAM} ${MODGO_WORKSPACE}/bin/* ${PREFIX}/sbin/;
don't use mkdir, if you needed to create this directory
${INSTALL_PROGRAM_DIR}
would be the one, but ${PREFIX}/sbin is already created for you.
I refused to believe the same, but needed to make it this way. trust me.
zap trailing ;
> +
> +post-install:
> + mkdir -p ${PREFIX}/etc ${PREFIX}/share/examples/${GH_PROJECT} && \
> + ${INSTALL_DATA}
> ${MODGO_WORKSPACE}/src/${TARGET_BASE}/${GH_PROJECT}/example*
\
> + ${PREFIX}/share/examples/${GH_PROJECT}/ && \
> + ${INSTALL_DATA} ${MODGO_WORKSPACE}/src/${TARGE
T_BASE}/${GH_PROJECT}/example-dnscrypt-proxy.toml \
> + ${PREFIX}/etc/dnscrypt-proxy.toml;
nothing should be using ${PREFIX}/etc.
mkdir -> ${INSTALL_DATA_DIR}
GH_PROJECT indirection makes it hard to read, just write dnscrypt-proxy
repeat the same thing? GH_PROJECT *must* be set, so... I made use of it.
trailing ;
dito.
> + sed -i -e 's,require_dnssec = false,require_dnssec = true,g'
${PREFIX}/etc/dnscrypt-proxy.toml;
> +
just use a normal patch on the input file rather than sed (though why
change the default anyway?)
${PREFIX}/etc again
suggestions? it is /usr/local,
we could just make it practice to be used out of the box; or should one
copy the config and edit it manually in order to use the service?
trailing ;
dito.
> +.include <bsd.port.mk>
> Index: net/dnscrypt-proxy2/distinfo
> ===================================================================
> RCS file: net/dnscrypt-proxy2/distinfo
> diff -N net/dnscrypt-proxy2/distinfo
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ net/dnscrypt-proxy2/distinfo 13 Feb 2018 13:39:38 -0000
> @@ -0,0 +1,2 @@
> +SHA256 (dnscrypt-proxy-2.0.0.tar.gz) = r8KAYTJpsfXpxYHCPWSIhCGJdPfn4a
JcihMJGX1n41g=
> +SIZE (dnscrypt-proxy-2.0.0.tar.gz) = 725490
> Index: net/dnscrypt-proxy2/pkg/DESCR
> ===================================================================
> RCS file: net/dnscrypt-proxy2/pkg/DESCR
> diff -N net/dnscrypt-proxy2/pkg/DESCR
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ net/dnscrypt-proxy2/pkg/DESCR 13 Feb 2018 13:39:38 -0000
> @@ -0,0 +1,7 @@
> +DNSCrypt Proxy v2 provides a local service which can be used directly as
your
> +local resolver or as a DNS forwarder, encrypting requests using protocols
> +such as DNSCrypt v2 and DNS-over-HTTP/2.
> +
> +It includes all the major features from DNSCrypt Proxy v1 (1.9.5), with
improved
> +reliability, flexibility, usability and performance. You can also
combine it with
> +TCP tunnels such as the ones used by Tor.
> Index: net/dnscrypt-proxy2/pkg/PLIST
> ===================================================================
> RCS file: net/dnscrypt-proxy2/pkg/PLIST
> diff -N net/dnscrypt-proxy2/pkg/PLIST
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ net/dnscrypt-proxy2/pkg/PLIST 13 Feb 2018 13:39:38 -0000
> @@ -0,0 +1,12 @@
> +@comment $OpenBSD$
> +etc/
> +etc/dnscrypt-proxy.toml
> +share/doc/pkg-readmes/${FULLPKGNAME}
> +share/examples/dnscrypt-proxy/
> +share/examples/dnscrypt-proxy/example-blacklist.txt
> +share/examples/dnscrypt-proxy/example-cloaking-rules.txt
> +share/examples/dnscrypt-proxy/example-dnscrypt-proxy.toml
> +share/examples/dnscrypt-proxy/example-forwarding-rules.txt
> +@conflict dnscrypt-proxy-<2.0.0p0
> +@bin sbin/dnscrypt-proxy
> +@rcscript ${RCDIR}/dnscrypt_proxy
> Index: net/dnscrypt-proxy2/pkg/README
> ===================================================================
> RCS file: net/dnscrypt-proxy2/pkg/README
> diff -N net/dnscrypt-proxy2/pkg/README
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ net/dnscrypt-proxy2/pkg/README 13 Feb 2018 13:39:38 -0000
> @@ -0,0 +1,26 @@
> +$OpenBSD$
> +
> ++-----------------------------------------------------------------------
> +| Running ${FULLPKGNAME} on OpenBSD
> ++-----------------------------------------------------------------------
> +
> +dnscrypt-proxy2 listens for DNS queries on a local address and forwards
> +them to a DNSCrypt resolver over an encrypted channel.
> +
> +To use this package, two things are required.
> +
> +Firstly, enable/start the service.
> +
> + # rcctl enable dnscrypt_proxy
> + # rcctl start dnscrypt_proxy
> +
> +Secondly, set /etc/resolv.conf to perform queries from dnscrypt-proxy2:
> +
> + nameserver 127.0.0.1
> + lookup file bind
> +
> +NOTE: If fetching your IP address dynamically, dhclient(8) will normally
> +update resolv.conf with network-provided DNS servers. This can be avoided
> +by using "ignore domain-name, domain-name-servers;" in
/etc/dhclient.conf.
> +
> +For more information, see https://dnscrypt.info/
> Index: net/dnscrypt-proxy2/pkg/dnscrypt_proxy.rc
> ===================================================================
> RCS file: net/dnscrypt-proxy2/pkg/dnscrypt_proxy.rc
> diff -N net/dnscrypt-proxy2/pkg/dnscrypt_proxy.rc
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ net/dnscrypt-proxy2/pkg/dnscrypt_proxy.rc 13 Feb 2018 13:39:38 -0000
> @@ -0,0 +1,11 @@
> +#!/bin/ksh
> +#
> +# $OpenBSD$
> +
> +daemon="${TRUEPREFIX}/sbin/dnscrypt-proxy -config
${TRUEPREFIX}/etc/dnscrypt-proxy.toml -logfile /var/log/dnscrypt-proxy.log"
> +
> +. /etc/rc.d/rc.subr
> +
> +rc_reload=NO
> +
> +rc_cmd $1
if the net/dnscrypt-proxy's maintainer wants to take my patch and use it to
override/update the current port, I'm fine with it too; no worries.
thanks for all the feedback! very appreciated.
happy to help,
