This port contains the Smallstep step-ca certificates component
It can be used together with the Smallstep step-ca client. step-ca is a local CA. It can be used to create your own local PKI Infrastructure and includes things like e.g. the possibility to have your own ACME server. A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH. WWW: https://smallstep.com/certificates/ PR: 245535 Submitted by: Markus Wipp <mw@wipp.bayern>
This commit is contained in:
parent
6ce3add2d2
commit
ae1c7c19c4
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=531970
2
GIDs
2
GIDs
|
@ -206,7 +206,7 @@ meta1c:*:262:meta1s
|
|||
meta1m:*:263:meta1s,meta1q
|
||||
meta1:*:264:
|
||||
sshout:*:265:
|
||||
# free: 266
|
||||
step:*:266:
|
||||
# free: 267
|
||||
# free: 268
|
||||
# free: 269
|
||||
|
|
2
UIDs
2
UIDs
|
@ -211,7 +211,7 @@ meta1c:*:262:262::0:0:MeTA1 SMTPC:/nonexistent:/usr/sbin/nologin
|
|||
meta1m:*:263:263::0:0:MeTA1 misc:/nonexistent:/usr/sbin/nologin
|
||||
meta1:*:264:264::0:0:MeTA1 other:/nonexistent:/usr/sbin/nologin
|
||||
sshout:*:265:265::0:0:Secure Shout Host Oriented Unified Talk:/var/db/sshout:/usr/local/libexec/sshoutd
|
||||
# free: 266
|
||||
step:*:266:266::0:0:Step CA:/nonexistent:/usr/sbin/nologin
|
||||
# free: 267
|
||||
# free: 268
|
||||
# free: 269
|
||||
|
|
|
@ -1217,6 +1217,7 @@
|
|||
SUBDIR += sst
|
||||
SUBDIR += starttls
|
||||
SUBDIR += steghide
|
||||
SUBDIR += step-certificates
|
||||
SUBDIR += step-cli
|
||||
SUBDIR += stoken
|
||||
SUBDIR += strobe
|
||||
|
|
89
security/step-certificates/Makefile
Normal file
89
security/step-certificates/Makefile
Normal file
|
@ -0,0 +1,89 @@
|
|||
# $FreeBSD$
|
||||
|
||||
PORTNAME= step-certificates
|
||||
DISTVERSIONPREFIX=v
|
||||
DISTVERSION= 0.14.2
|
||||
CATEGORIES= security
|
||||
|
||||
MAINTAINER= mw@wipp.bayern
|
||||
COMMENT= Smallstep step-ca certificates server
|
||||
|
||||
LICENSE= APACHE20
|
||||
LICENSE_FILE= ${WRKSRC}/LICENSE
|
||||
|
||||
RUN_DEPENDS= step:security/step-cli
|
||||
|
||||
USES= go:modules
|
||||
|
||||
USERS= step
|
||||
GROUPS= step
|
||||
|
||||
USE_RC_SUBR= step-ca
|
||||
|
||||
USE_GITHUB= yes
|
||||
GH_ACCOUNT= smallstep
|
||||
GH_PROJECT= certificates
|
||||
|
||||
GO_TARGET= ./cmd/step-ca:${PREFIX}/sbin/step-ca \
|
||||
./cmd/step-cloudkms-init
|
||||
|
||||
GO_BUILDFLAGS= -ldflags "-w -X main.Version=${PORTVERSION}"
|
||||
|
||||
GH_TUPLE= \
|
||||
AndreasBriese:bbloom:e2d15f34fcf9:andreasbriese_bbloom/vendor/github.com/AndreasBriese/bbloom \
|
||||
Masterminds:goutils:v1.1.0:masterminds_goutils/vendor/github.com/Masterminds/goutils \
|
||||
Masterminds:semver:v3.0.1:masterminds_semver/vendor/github.com/Masterminds/semver/v3 \
|
||||
Masterminds:sprig:v3.0.0:masterminds_sprig/vendor/github.com/Masterminds/sprig/v3 \
|
||||
census-instrumentation:opencensus-go:v0.22.2:census_instrumentation_opencensus_go/vendor/go.opencensus.io \
|
||||
chzyer:readline:2972be24d48e:chzyer_readline/vendor/github.com/chzyer/readline \
|
||||
cpuguy83:go-md2man:v2.0.0:cpuguy83_go_md2man/vendor/github.com/cpuguy83/go-md2man/v2 \
|
||||
dgraph-io:badger:v1.5.3:dgraph_io_badger/vendor/github.com/dgraph-io/badger \
|
||||
dgryski:go-farm:6a90982ecee2:dgryski_go_farm/vendor/github.com/dgryski/go-farm \
|
||||
etcd-io:bbolt:v1.3.2:etcd_io_bbolt/vendor/go.etcd.io/bbolt \
|
||||
go-chi:chi:v4.0.2:go_chi_chi/vendor/github.com/go-chi/chi \
|
||||
go-sql-driver:mysql:v1.4.1:go_sql_driver_mysql/vendor/github.com/go-sql-driver/mysql \
|
||||
golang:appengine:v1.6.5:golang_appengine/vendor/google.golang.org/appengine \
|
||||
golang:crypto:0ec3e9974c59:golang_crypto/vendor/golang.org/x/crypto \
|
||||
golang:groupcache:215e87163ea7:golang_groupcache/vendor/github.com/golang/groupcache \
|
||||
golang:net:c0dbc17a3553:golang_net/vendor/golang.org/x/net \
|
||||
golang:oauth2:858c2ad4c8b6:golang_oauth2/vendor/golang.org/x/oauth2 \
|
||||
golang:protobuf:v1.3.2:golang_protobuf/vendor/github.com/golang/protobuf \
|
||||
golang:sys:b016eb3dc98e:golang_sys/vendor/golang.org/x/sys \
|
||||
golang:text:v0.3.2:golang_text/vendor/golang.org/x/text \
|
||||
google:go-cmp:v0.3.1:google_go_cmp/vendor/github.com/google/go-cmp \
|
||||
google:go-genproto:f3c370f40bfb:google_go_genproto/vendor/google.golang.org/genproto \
|
||||
google:uuid:v1.1.1:google_uuid/vendor/github.com/google/uuid \
|
||||
googleapis:gax-go:v2.0.5:googleapis_gax_go/vendor/github.com/googleapis/gax-go \
|
||||
googleapis:google-api-go-client:v0.15.0:googleapis_google_api_go_client/vendor/google.golang.org/api \
|
||||
googleapis:google-cloud-go:v0.51.0:googleapis_google_cloud_go/vendor/cloud.google.com/go \
|
||||
grpc:grpc-go:v1.26.0:grpc_grpc_go/vendor/google.golang.org/grpc \
|
||||
huandu:xstrings:v1.2.0:huandu_xstrings/vendor/github.com/huandu/xstrings \
|
||||
imdario:mergo:v0.3.7:imdario_mergo/vendor/github.com/imdario/mergo \
|
||||
juju:ansiterm:720a0952cc2a:juju_ansiterm/vendor/github.com/juju/ansiterm \
|
||||
konsorten:go-windows-terminal-sequences:v1.0.2:konsorten_go_windows_terminal_sequences/vendor/github.com/konsorten/go-windows-terminal-sequences \
|
||||
lunixbochs:vtclean:v1.0.0:lunixbochs_vtclean/vendor/github.com/lunixbochs/vtclean \
|
||||
manifoldco:promptui:v0.3.1:manifoldco_promptui/vendor/github.com/manifoldco/promptui \
|
||||
mattn:go-colorable:v0.1.4:mattn_go_colorable/vendor/github.com/mattn/go-colorable \
|
||||
mattn:go-isatty:v0.0.11:mattn_go_isatty/vendor/github.com/mattn/go-isatty \
|
||||
mitchellh:copystructure:v1.0.0:mitchellh_copystructure/vendor/github.com/mitchellh/copystructure \
|
||||
mitchellh:reflectwalk:v1.0.0:mitchellh_reflectwalk/vendor/github.com/mitchellh/reflectwalk \
|
||||
newrelic:go-agent:v2.15.0:newrelic_go_agent/vendor/github.com/newrelic/go-agent \
|
||||
pkg:errors:v0.8.1:pkg_errors/vendor/github.com/pkg/errors \
|
||||
rs:xid:v1.2.1:rs_xid/vendor/github.com/rs/xid \
|
||||
russross:blackfriday:v2.0.1:russross_blackfriday/vendor/github.com/russross/blackfriday/v2 \
|
||||
samfoo:ansi:b6bd2ded7189:samfoo_ansi/vendor/github.com/samfoo/ansi \
|
||||
shurcooL:sanitized_anchor_name:v1.0.0:shurcool_sanitized_anchor_name/vendor/github.com/shurcooL/sanitized_anchor_name \
|
||||
sirupsen:logrus:v1.4.2:sirupsen_logrus/vendor/github.com/sirupsen/logrus \
|
||||
smallstep:assert:b99dc1097b15:smallstep_assert/vendor/github.com/smallstep/assert \
|
||||
smallstep:cli:v0.14.2:smallstep_cli/vendor/github.com/smallstep/cli \
|
||||
smallstep:nosql:v0.2.0:smallstep_nosql/vendor/github.com/smallstep/nosql \
|
||||
spf13:cast:v1.3.1:spf13_cast/vendor/github.com/spf13/cast \
|
||||
square:go-jose:v2.4.0:square_go_jose/vendor/gopkg.in/square/go-jose.v2 \
|
||||
urfave:cli:v1.22.2:urfave_cli/vendor/github.com/urfave/cli
|
||||
|
||||
post-install:
|
||||
${MKDIR} ${STAGEDIR}${PREFIX}/etc/step
|
||||
${MKDIR} ${STAGEDIR}${DOCSDIR}
|
||||
(cd ${WRKSRC}/docs && ${COPYTREE_SHARE} . ${STAGEDIR}${DOCSDIR})
|
||||
|
||||
.include <bsd.port.mk>
|
103
security/step-certificates/distinfo
Normal file
103
security/step-certificates/distinfo
Normal file
|
@ -0,0 +1,103 @@
|
|||
TIMESTAMP = 1586506594
|
||||
SHA256 (smallstep-certificates-v0.14.2_GH0.tar.gz) = 3d4e93fba5798e3ce6ef45ae2a40a25aa623b84a72f884c7208ee5a1662c8c39
|
||||
SIZE (smallstep-certificates-v0.14.2_GH0.tar.gz) = 17540124
|
||||
SHA256 (AndreasBriese-bbloom-e2d15f34fcf9_GH0.tar.gz) = e88bd873a2251d70b5d2cbf9dceff24fa25ca5652ac1f99165c303e98df494a1
|
||||
SIZE (AndreasBriese-bbloom-e2d15f34fcf9_GH0.tar.gz) = 7704
|
||||
SHA256 (Masterminds-goutils-v1.1.0_GH0.tar.gz) = 053a61c4b0d78e6978600c99562f04d053993c428d549a20b627151cf1aabbae
|
||||
SIZE (Masterminds-goutils-v1.1.0_GH0.tar.gz) = 14610
|
||||
SHA256 (Masterminds-semver-v3.0.1_GH0.tar.gz) = 039a09a397f10906343c6d5b65381311e9b574429c2ebdb7ae5b7a75eb6b98c9
|
||||
SIZE (Masterminds-semver-v3.0.1_GH0.tar.gz) = 23977
|
||||
SHA256 (Masterminds-sprig-v3.0.0_GH0.tar.gz) = 6cee82b51e743e3fd9c9dfbb20d1667aeb0a92652db6971fa9c1658b0296633a
|
||||
SIZE (Masterminds-sprig-v3.0.0_GH0.tar.gz) = 47424
|
||||
SHA256 (census-instrumentation-opencensus-go-v0.22.2_GH0.tar.gz) = 0aa930142b669d7c47e2b8343f6adc9f03414a9c45763c5f746de95231d6ad6d
|
||||
SIZE (census-instrumentation-opencensus-go-v0.22.2_GH0.tar.gz) = 165321
|
||||
SHA256 (chzyer-readline-2972be24d48e_GH0.tar.gz) = 8f425cfb33fce61a137866c0a88117c68f49de79a61a341353fc97339c6b74da
|
||||
SIZE (chzyer-readline-2972be24d48e_GH0.tar.gz) = 36825
|
||||
SHA256 (cpuguy83-go-md2man-v2.0.0_GH0.tar.gz) = 50537880d42fc28b9c2e9aaa36b137349d43cc73d46436a499f8c928cd2fc576
|
||||
SIZE (cpuguy83-go-md2man-v2.0.0_GH0.tar.gz) = 52021
|
||||
SHA256 (dgraph-io-badger-v1.5.3_GH0.tar.gz) = 653dccac0adde8462e2ce88cb6ce8eaf1e50d9cb3ec5d57269307b2dabb4885c
|
||||
SIZE (dgraph-io-badger-v1.5.3_GH0.tar.gz) = 1018875
|
||||
SHA256 (dgryski-go-farm-6a90982ecee2_GH0.tar.gz) = 47bda738d281105cc7b1cb832880f93d220eae40b18095dc322b0b7bf44fdf23
|
||||
SIZE (dgryski-go-farm-6a90982ecee2_GH0.tar.gz) = 26800
|
||||
SHA256 (etcd-io-bbolt-v1.3.2_GH0.tar.gz) = 0f4bd88cce84f7b42f6364fc8c77ae7dd7d2f70224d1bb2abf410fc2f552c9a9
|
||||
SIZE (etcd-io-bbolt-v1.3.2_GH0.tar.gz) = 93921
|
||||
SHA256 (go-chi-chi-v4.0.2_GH0.tar.gz) = 7713a5afd18c440f38e67f853f5ded4f039f08f239dc6a29ed2788be5caaae99
|
||||
SIZE (go-chi-chi-v4.0.2_GH0.tar.gz) = 67748
|
||||
SHA256 (go-sql-driver-mysql-v1.4.1_GH0.tar.gz) = 9b5d435903a674cd761310365df992a1b4eed2e4e2f0c8aa90bdc996c330d7ae
|
||||
SIZE (go-sql-driver-mysql-v1.4.1_GH0.tar.gz) = 83524
|
||||
SHA256 (golang-appengine-v1.6.5_GH0.tar.gz) = 4e7df5d4ec2dda0f59f26925b36a087843fd1a165adb938712068376bf791316
|
||||
SIZE (golang-appengine-v1.6.5_GH0.tar.gz) = 332903
|
||||
SHA256 (golang-crypto-0ec3e9974c59_GH0.tar.gz) = 737fd8da273ec11281d2ff8798d6847ab1be9ebfa94bbc5a7252e0b04e1373a5
|
||||
SIZE (golang-crypto-0ec3e9974c59_GH0.tar.gz) = 1727772
|
||||
SHA256 (golang-groupcache-215e87163ea7_GH0.tar.gz) = 500b097a42fb5c0cd516f1bb56e9c745ba6c1c910b4dc7296aea2b9120ee5e70
|
||||
SIZE (golang-groupcache-215e87163ea7_GH0.tar.gz) = 26040
|
||||
SHA256 (golang-net-c0dbc17a3553_GH0.tar.gz) = 67e59dfe55231f9a28b167c6b77d897ad503e599b60e0eec16a677a0c641bb93
|
||||
SIZE (golang-net-c0dbc17a3553_GH0.tar.gz) = 1172293
|
||||
SHA256 (golang-oauth2-858c2ad4c8b6_GH0.tar.gz) = 28ae6a15793d97ba980dd318dba21167dd751ca8bbafcb69ffa648b41c7cbf48
|
||||
SIZE (golang-oauth2-858c2ad4c8b6_GH0.tar.gz) = 45265
|
||||
SHA256 (golang-protobuf-v1.3.2_GH0.tar.gz) = c9cda622857a17cf0877c5ba76688a931883e505f40744c9495638b6e3da1f65
|
||||
SIZE (golang-protobuf-v1.3.2_GH0.tar.gz) = 312285
|
||||
SHA256 (golang-sys-b016eb3dc98e_GH0.tar.gz) = 09d8ddfb8f2c651e956a534d5de1e5401567d12dd0a589abd4ad5e9fa4213b06
|
||||
SIZE (golang-sys-b016eb3dc98e_GH0.tar.gz) = 1535262
|
||||
SHA256 (golang-text-v0.3.2_GH0.tar.gz) = 0b9309698f5708531c5377ab1e29b423a6d9e20c55a8d386c3b8283428212f22
|
||||
SIZE (golang-text-v0.3.2_GH0.tar.gz) = 7168069
|
||||
SHA256 (google-go-cmp-v0.3.1_GH0.tar.gz) = a95fa266e5c2283b813102f265c1bdf5b78100f9889b984aef828eb094efe6e3
|
||||
SIZE (google-go-cmp-v0.3.1_GH0.tar.gz) = 76403
|
||||
SHA256 (google-go-genproto-f3c370f40bfb_GH0.tar.gz) = 754588f44bdfdbe4521ad0950375a0357f2454ff6de43e0e6d6a88b5b5182c55
|
||||
SIZE (google-go-genproto-f3c370f40bfb_GH0.tar.gz) = 5857725
|
||||
SHA256 (google-uuid-v1.1.1_GH0.tar.gz) = bebd4b0b4ea152a9793615ef23c83f688876d8c284a2092264d20a4bf4ffc423
|
||||
SIZE (google-uuid-v1.1.1_GH0.tar.gz) = 13543
|
||||
SHA256 (googleapis-gax-go-v2.0.5_GH0.tar.gz) = 3089affe6f5e27f7a6d494cb399aa6baf232384f763f548ad5ddfbea0e88e59c
|
||||
SIZE (googleapis-gax-go-v2.0.5_GH0.tar.gz) = 15328
|
||||
SHA256 (googleapis-google-api-go-client-v0.15.0_GH0.tar.gz) = 6d628266b507a71f26ce2fd426758e1241f9dd94458752d9d12a0b09da983844
|
||||
SIZE (googleapis-google-api-go-client-v0.15.0_GH0.tar.gz) = 13259795
|
||||
SHA256 (googleapis-google-cloud-go-v0.51.0_GH0.tar.gz) = efee71ab4baf86277c6ceec4633dd606595e4b0fa299c22863dbeb03eed65941
|
||||
SIZE (googleapis-google-cloud-go-v0.51.0_GH0.tar.gz) = 2441854
|
||||
SHA256 (grpc-grpc-go-v1.26.0_GH0.tar.gz) = a594cbd8f7d545d181c92b27aafd5d4824459e3a729a8bd67a0c8b99c411f05a
|
||||
SIZE (grpc-grpc-go-v1.26.0_GH0.tar.gz) = 765416
|
||||
SHA256 (huandu-xstrings-v1.2.0_GH0.tar.gz) = c43737734bb260e7d77329af8a33bf687f9430abc1b21d3b1f4a8fa6fb3dbde3
|
||||
SIZE (huandu-xstrings-v1.2.0_GH0.tar.gz) = 16628
|
||||
SHA256 (imdario-mergo-v0.3.7_GH0.tar.gz) = ce29171c44a6b4084ed514bc9b4ed6c3c01462c210b7ec6fe5e56691a46eb939
|
||||
SIZE (imdario-mergo-v0.3.7_GH0.tar.gz) = 16668
|
||||
SHA256 (juju-ansiterm-720a0952cc2a_GH0.tar.gz) = 5595c2dc8973aab36a69648d4d94cac75a9ff4a28eb074a7b82b030fc7edbf64
|
||||
SIZE (juju-ansiterm-720a0952cc2a_GH0.tar.gz) = 15417
|
||||
SHA256 (konsorten-go-windows-terminal-sequences-v1.0.2_GH0.tar.gz) = e61f6422c7d1222c4c642b9134e5a4576a89ff651ef947487faa8ef33b6b4cfe
|
||||
SIZE (konsorten-go-windows-terminal-sequences-v1.0.2_GH0.tar.gz) = 1987
|
||||
SHA256 (lunixbochs-vtclean-v1.0.0_GH0.tar.gz) = 38aa5c60284f77cbb4be1de4af8907ce66954ff1a11e4f910d02e0283ce13b33
|
||||
SIZE (lunixbochs-vtclean-v1.0.0_GH0.tar.gz) = 4213
|
||||
SHA256 (manifoldco-promptui-v0.3.1_GH0.tar.gz) = 8860f2166c1913b2f66d4e8992957128037cc8c9495f225208c8462d1b0236cc
|
||||
SIZE (manifoldco-promptui-v0.3.1_GH0.tar.gz) = 22986
|
||||
SHA256 (mattn-go-colorable-v0.1.4_GH0.tar.gz) = 157806ad8125e6bef4d9b58c9125ccb98a8343136f93faf442ab0cc6e7c24c11
|
||||
SIZE (mattn-go-colorable-v0.1.4_GH0.tar.gz) = 8981
|
||||
SHA256 (mattn-go-isatty-v0.0.11_GH0.tar.gz) = 631fab18253998a4e27e9d260c445e9852bd86cf5a42693623d305c3e59c415a
|
||||
SIZE (mattn-go-isatty-v0.0.11_GH0.tar.gz) = 4396
|
||||
SHA256 (mitchellh-copystructure-v1.0.0_GH0.tar.gz) = 0e04d8fe1065459ab234507b9a4b7164b05eda970fee6ffdf0219423c357fda8
|
||||
SIZE (mitchellh-copystructure-v1.0.0_GH0.tar.gz) = 8903
|
||||
SHA256 (mitchellh-reflectwalk-v1.0.0_GH0.tar.gz) = bd22df35225e4bfcecafb35ac4869911fafc356f5dadcfb141cd0caededc87c3
|
||||
SIZE (mitchellh-reflectwalk-v1.0.0_GH0.tar.gz) = 6143
|
||||
SHA256 (newrelic-go-agent-v2.15.0_GH0.tar.gz) = 128096c8ac96e6cfd099aa359f46f0d814c1662eb82b017bed726bffff6800c5
|
||||
SIZE (newrelic-go-agent-v2.15.0_GH0.tar.gz) = 350696
|
||||
SHA256 (pkg-errors-v0.8.1_GH0.tar.gz) = 7a428967c6fc2e80cd84a0d9469ab6bd4dbe6b13493ba6294322a933a5a7e356
|
||||
SIZE (pkg-errors-v0.8.1_GH0.tar.gz) = 11009
|
||||
SHA256 (rs-xid-v1.2.1_GH0.tar.gz) = bb207227d5ae99bda71d38ae11e29b822c9b572223781bc282ad2f8e69002f2c
|
||||
SIZE (rs-xid-v1.2.1_GH0.tar.gz) = 9553
|
||||
SHA256 (russross-blackfriday-v2.0.1_GH0.tar.gz) = 5a0f38a36b6f3b2d59b72d713451a895a4d3a4406b3533882483782e37797cff
|
||||
SIZE (russross-blackfriday-v2.0.1_GH0.tar.gz) = 79613
|
||||
SHA256 (samfoo-ansi-b6bd2ded7189_GH0.tar.gz) = 01cb78eb5c20624c6a02d185584e1b6815495e2c915e441926d66772721e258f
|
||||
SIZE (samfoo-ansi-b6bd2ded7189_GH0.tar.gz) = 4566
|
||||
SHA256 (shurcooL-sanitized_anchor_name-v1.0.0_GH0.tar.gz) = 7e11964980f9b8595c17bc8970f0174621afe464920e38df7f8d77e45058388f
|
||||
SIZE (shurcooL-sanitized_anchor_name-v1.0.0_GH0.tar.gz) = 2143
|
||||
SHA256 (sirupsen-logrus-v1.4.2_GH0.tar.gz) = 67f2ddf467b7e63d2d2529d227946a331e245aeef7e2e4521ae82647b5ef84d9
|
||||
SIZE (sirupsen-logrus-v1.4.2_GH0.tar.gz) = 41373
|
||||
SHA256 (smallstep-assert-b99dc1097b15_GH0.tar.gz) = 6aa33efa39730adfc6588c7350bb868ac59f4137aeb42bc5ef97bf469afcdd93
|
||||
SIZE (smallstep-assert-b99dc1097b15_GH0.tar.gz) = 4033
|
||||
SHA256 (smallstep-cli-v0.14.2_GH0.tar.gz) = bc3732082d6800bf1a60784631bd9f916a04d07bdd25e1775cb564e4776152bc
|
||||
SIZE (smallstep-cli-v0.14.2_GH0.tar.gz) = 446978
|
||||
SHA256 (smallstep-nosql-v0.2.0_GH0.tar.gz) = 368bd3c0beee1f94aa5deb26cc9cffa830ca94939928bc17d7ba8237e5b199a5
|
||||
SIZE (smallstep-nosql-v0.2.0_GH0.tar.gz) = 18508
|
||||
SHA256 (spf13-cast-v1.3.1_GH0.tar.gz) = 4fa8d06903b490ae6f1316e55c5446d5648eea2b450671ebc54d4bbe79bc46b1
|
||||
SIZE (spf13-cast-v1.3.1_GH0.tar.gz) = 11102
|
||||
SHA256 (square-go-jose-v2.4.0_GH0.tar.gz) = 3824f79c5f851784032a7800d72f32229ce6617612fab28642c18b5150b52493
|
||||
SIZE (square-go-jose-v2.4.0_GH0.tar.gz) = 303589
|
||||
SHA256 (urfave-cli-v1.22.2_GH0.tar.gz) = 38a93b363b3d668506fa094937cd8b81dde333c74b59388cecf95443c8cdabf3
|
||||
SIZE (urfave-cli-v1.22.2_GH0.tar.gz) = 76132
|
90
security/step-certificates/files/step-ca.in
Normal file
90
security/step-certificates/files/step-ca.in
Normal file
|
@ -0,0 +1,90 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
# PROVIDE: step-ca
|
||||
# REQUIRE: LOGIN networking
|
||||
# KEYWORD: shutdown
|
||||
#
|
||||
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
|
||||
# to enable or customize this service:
|
||||
#
|
||||
# step_ca_enable (bool): Set to NO by default.
|
||||
# Set to YES to enable step_ca.
|
||||
# step_ca_user (user): Set user to run step_ca.
|
||||
# Default is "step"
|
||||
# step_ca_group (group): Set group to run step_ca.
|
||||
# Default is "step"
|
||||
# step_ca_stepdir (dir): Set dir to run step_ca in.
|
||||
# Default is "%%PREFIX%%/etc/step"
|
||||
# step_ca_steppath (dir): Set dir to run hold step_ca CA information in.
|
||||
# Default is "${step_ca_stepdir}/ca"
|
||||
# step_ca_password (path): step_ca CA Password file path
|
||||
# Default is "${step_ca_stepdir}/password.txt"
|
||||
|
||||
. /etc/rc.subr
|
||||
|
||||
name="step_ca"
|
||||
rcvar="step_ca_enable"
|
||||
|
||||
load_rc_config $name
|
||||
: ${step_ca_enable:=no}
|
||||
: ${step_ca_user:=step}
|
||||
: ${step_ca_group:=step}
|
||||
: ${step_ca_stepdir:=%%PREFIX%%/etc/step}
|
||||
: ${step_ca_steppath:=${step_ca_stepdir}/ca}
|
||||
: ${step_ca_password:=${step_ca_stepdir}/password.txt}
|
||||
|
||||
pidfile="/var/run/${name}.pid"
|
||||
step_ca_command="%%PREFIX%%/sbin/step-ca"
|
||||
step_ca_config="\
|
||||
${step_ca_steppath}/config/ca.json \
|
||||
--password-file ${step_ca_password}"
|
||||
|
||||
command="/usr/sbin/daemon"
|
||||
command_args="-S -c \
|
||||
-P $pidfile \
|
||||
-t $name \
|
||||
-T $name \
|
||||
$step_ca_command $step_ca_config"
|
||||
|
||||
start_precmd=step_ca_startprecmd
|
||||
start_postcmd=step_ca_postcmd
|
||||
|
||||
step_ca_startprecmd()
|
||||
{
|
||||
if [ ! -e ${pidfile} ]; then
|
||||
install -o ${step_ca_user} -g ${step_ca_group} /dev/null ${pidfile};
|
||||
fi
|
||||
|
||||
if [ ! -e ${step_ca_steppath} ]; then
|
||||
echo "No configured Step CA found."
|
||||
echo "Creating new one...."
|
||||
export STEPPATH=${step_ca_steppath}
|
||||
%%PREFIX%%/bin/step ca init
|
||||
chown -R ${step_ca_user}:${step_ca_group} ${step_ca_steppath}
|
||||
fi
|
||||
|
||||
if [ ! -e ${step_ca_password} ]; then
|
||||
echo "Step CA Password file for auto-start not found"
|
||||
echo "Creating it...."
|
||||
install -m 600 -o ${step_ca_user} -g ${step_ca_group} /dev/null ${step_ca_password}
|
||||
echo "Please enter the Step CA Password:"
|
||||
stty -echo; read passwd; stty echo; echo
|
||||
echo $passwd > ${step_ca_password}
|
||||
fi
|
||||
|
||||
if [ -e ${step_ca_steppath}/config/ca.json ]; then
|
||||
configured_port=$(sed -n -e '/"address"/ s/.*:\(.*\)".*/\1/p' ${step_ca_steppath}/config/ca.json)
|
||||
if [ ${configured_port} -lt 1024 ]; then
|
||||
echo "Privileged Port (${configured_port}) configured: cannot run as ${step_ca_user}"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
step_ca_postcmd() {
|
||||
sleep 2
|
||||
run_rc_command status
|
||||
}
|
||||
|
||||
run_rc_command "$1"
|
11
security/step-certificates/pkg-descr
Normal file
11
security/step-certificates/pkg-descr
Normal file
|
@ -0,0 +1,11 @@
|
|||
This port contains the Smallstep step-ca certificates component
|
||||
|
||||
It can be used together with the Smallstep step-ca client.
|
||||
step-ca is a local CA. It can be used to create your own local PKI
|
||||
Infrastructure and includes things like e.g. the possibility to have your
|
||||
own ACME server.
|
||||
|
||||
A private certificate authority (X.509 & SSH) & ACME server for secure
|
||||
automated certificate management, so you can use TLS everywhere & SSO for SSH.
|
||||
|
||||
WWW: https://smallstep.com/certificates/
|
17
security/step-certificates/pkg-message
Normal file
17
security/step-certificates/pkg-message
Normal file
|
@ -0,0 +1,17 @@
|
|||
[
|
||||
{ type: install
|
||||
message: <<EOM
|
||||
================================================================================
|
||||
Step Certificates requires additional configuration:
|
||||
|
||||
The simple way is via the service start script step_ca.
|
||||
When there is no configuration it will be created. User input is required!!!
|
||||
|
||||
The hard way would be via the step command.
|
||||
|
||||
Ensure to set the STEPPATH environment variable. This makes using the
|
||||
commands much simpler.
|
||||
================================================================================
|
||||
EOM
|
||||
}
|
||||
]
|
20
security/step-certificates/pkg-plist
Normal file
20
security/step-certificates/pkg-plist
Normal file
|
@ -0,0 +1,20 @@
|
|||
bin/step-cloudkms-init
|
||||
sbin/step-ca
|
||||
@dir etc/step
|
||||
%%DOCSDIR%%/CONTRIBUTING.md
|
||||
%%DOCSDIR%%/GETTING_STARTED.md
|
||||
%%DOCSDIR%%/README.md
|
||||
%%DOCSDIR%%/acme.md
|
||||
%%DOCSDIR%%/database.md
|
||||
%%DOCSDIR%%/defaults.md
|
||||
%%DOCSDIR%%/docker.md
|
||||
%%DOCSDIR%%/images/connect-with-mtls-2.png
|
||||
%%DOCSDIR%%/images/oidc1.png
|
||||
%%DOCSDIR%%/images/oidc2.png
|
||||
%%DOCSDIR%%/images/oidc3.png
|
||||
%%DOCSDIR%%/images/step-ca-2-legged.gif
|
||||
%%DOCSDIR%%/images/step-ca-3-legged.gif
|
||||
%%DOCSDIR%%/kms.md
|
||||
%%DOCSDIR%%/provisioners.md
|
||||
%%DOCSDIR%%/questions.md
|
||||
%%DOCSDIR%%/revocation.md
|
Loading…
Reference in New Issue
Block a user