On 2019/09/09 07:53, Remi Locherer wrote:
> ping
>
> > retrieving revision 1.2
> > diff -u -p -r1.2 patch-netshot_conf
> > --- patches/patch-netshot_conf 8 Feb 2019 21:33:40 -0000 1.2
> > +++ patches/patch-netshot_conf 25 Aug 2019 21:27:25 -0000
> > @@ -20,16 +20,23 @@ Index: netshot.conf
> >
> > # REST
> > -netshot.http.ssl.keystore.file = /usr/local/netshot/netshot.jks
> > -+netshot.http.ssl.keystore.file = ${PREFIX}/netshot/netshot.jks
> > ++netshot.http.ssl.keystore.file = ${SYSCONFDIR}/netshot.jks
this wants an @extra entry in PLIST
> > + # Allow a trap received from any IP of a device to trigger an automatic
> > snapshot
> > netshot.snapshots.auto.anyip = true
> > + # After a snapshot, dump the last configuration to a file in this
> > directory
> > +-#netshot.snapshots.dump = /usr/local/netshot/dumps
> > ++#netshot.snapshots.dump = ${VARBASE}/netshot/dumps
> > + # Where to store the binary snapshot files
> > +-netshot.snapshots.binary.path = /var/local/netshot
> > ++netshot.snapshots.binary.path = ${VARBASE}/netshot
> > +
> > + # Where to look for additional drivers
> > -netshot.drivers.path = /usr/local/netshot/drivers
> > +netshot.drivers.path = ${PREFIX}/netshot/drivers
> >
> > +
> > # Authentication
> > - netshot.aaa.maxidletime = 1800
> > Index: pkg/PLIST
> > ===================================================================
> > RCS file: /cvs/ports/sysutils/netshot/pkg/PLIST,v
> > retrieving revision 1.1.1.1
> > diff -u -p -r1.1.1.1 PLIST
> > --- pkg/PLIST 28 Aug 2018 11:25:53 -0000 1.1.1.1
> > +++ pkg/PLIST 27 Aug 2019 21:08:42 -0000
> > @@ -7,12 +7,11 @@ netshot/
> > netshot/netshot.jar
> > share/doc/netshot/
> > share/doc/netshot/COPYING
> > -share/doc/netshot/INSTALL.Debian-Ubuntu-Mint.txt
> > -share/doc/netshot/INSTALL.Redhat-CentOS.txt
> > share/doc/netshot/LICENSE.txt
> > share/doc/netshot/README.txt
> > share/doc/netshot/UPDATE.txt
> > share/doc/netshot/VERSION.txt
> > +share/doc/pkg-readmes/${PKGSTEM}
> > share/examples/netshot/
> > share/examples/netshot/netshot.conf
> > @mode 0640
> > @@ -21,3 +20,5 @@ share/examples/netshot/netshot.conf
> > @mode 0750
> > @owner _netshot
> > @sample ${VARBASE}/log/netshot/
> > +@sample ${VARBASE}/netshot/
> > +@sample ${VARBASE}/netshot/dumps
no trailing / so this copies the previously installed file to
${VARBASE}/netshot/dumps which I think is not what you want?
should have @extra or @extraunexec lines to remove the files which might be
created in those directories for pkg_delete -c.
> > Index: pkg/README
> > ===================================================================
> > RCS file: pkg/README
> > diff -N pkg/README
> > --- /dev/null 1 Jan 1970 00:00:00 -0000
> > +++ pkg/README 1 Sep 2019 16:15:57 -0000
> > @@ -0,0 +1,46 @@
> > +$OpenBSD$
> > +
> > ++-----------------------------------------------------------------------
> > +| Running ${PKGSTEM} on OpenBSD
> > ++-----------------------------------------------------------------------
> > +
> > +Netshot requires a database which might be on the same server as Netshot
> > +or remote. It supports PostgreSQL and MySQL/MariaDB. Below example uses
> > +MariaDB on the same host.
> > +
> > +- Install the package mariadb-server.
> > + See ${LOCALBASE}/share/doc/pkg-readmes/mariadb-server for the first
> > + steps after the installation.
> > +
> > +- Create a database and a database user (change the password!):
> > + $ mysql -u root
> > + > CREATE DATABASE netshot01 CHARACTER SET utf8
> > + DEFAULT COLLATE utf8_general_ci;
> > + > GRANT ALL PRIVILEGES ON netshot01.*
> > + TO 'netshot'@'localhost' IDENTIFIED BY 'netshot';
think I'd use "IDENTIFIED BY 'password'" to make it more obvious
where the password goes, for people who aren't so familiar with sql
ops.
> > + > quit
> > +
> > +- Check the database connection config in /etc/netshot.conf.
${SYSCONFDIR}
> > + Should netshot not start but log "The server time zone value 'CEST' is
> > + unreconized or represents more than one time zone" the connect string
> > + might be modified to look like this:
> > + netshot.db.url = jdbc:mysql://localhost/netshot01?serverTimezone=UTC
> > +
> > +- Create a TLS certificate in a Java keystore:
> > + # ${LOCALBASE}/jdk-1.8.0/bin/keytool -genkey -keyalg RSA -alias
> > selfsigned \
it could do with a comment next to MODJAVA_VER in the Makefile reminding to
change the path in README if changing MODJAVA_VER. (if it was MODJAVA_VER=1.8+
there's no single path that could be used here..)
> > + -keystore ${SYSCONFDIR}/netshot.jks -storepass password -validity 3600
> > \
> > + -keysize 4096
> > + # chmod 640 ${SYSCONFDIR}/netshot.jks
> > + # chgrp _netshot ${SYSCONFDIR}/netshot.jks
> > +
> > +- Enable and start Netshot to create the database tables.
> > + # rcctl enable netshot; rcctl start netshot
> > +
> > +- Add an initial application user to the database:
> > + $ mysql -u root
> > + > USE netshot01;
> > + > INSERT INTO user (level, local, username, hashed_password)
> > + VALUES (1000, 1, 'netshot', '7htrot2BNjUV/g57h/HJ/C1N0Fqrj+QQ');
> > +
> > +- Access Netshot with a browser on https://localhost:8443.
> > + (username 'netshot' with password 'netshot')
>
