signal-cli is a command-line interface for libsignal-service-java. It
supports registering, verifying, sending and receiving messages. To be able
to link to an existing Signal-Android/signal-cli instance, signal-cli uses
a patched libsignal-service-java, because libsignal-service-java does not
yet support provisioning as a slave device. For registering you need a
phone number where you can receive SMS or incoming calls. signal-cli is
primarily intended to be used on servers to notify admins of important
events. For this use-case, it has a dbus interface, that can be used to
send messages from any programming language that has dbus bindings.
WWW: https://github.com/AsamK/signal-cli
Note that the UIDs/GIDs were meaning to add 455 as the ID,
but typed 445 in the patch. I've corrected the IDs to 455.
I've also elided one blank line between the _DEPENDS lines
to please portlint.
Other than that, test builds succeeded on 11.3 (i386, amd64),
12.1 (i386, amd64, mips64, aarch64).
PR: 241426
Submitted by: Colin T. <bugzilla@nulldir.e4ward.com>
Reviewed by: Daniel Engberg
Approved by: samm@ (maintainer timeout, >4 months)
Special thanks to netchild for inspiring bringing back this piece software
to ports!
Reviewed by: netchild, pi, salvadore
Differential Revision: https://reviews.freebsd.org/D24127
HoneyTrap is a modular framework for running, monitoring and managing honeypots.
Using HoneyTrap you can use sensors, high interaction and low
interaction honeypots together, while still using the same event mechanisms.
HoneyTrap consists of services, directors, listeners and channels. It is easy to
build new services, attach existing honeypots and extend channels or directors.
PR: 242740
Submitted by: ezri.mudde@dutchsec.com
The imds-filterd tool allows administrators of EC2 instances to lock down
which data from the Instance Metadata Service can be accessed by specified
system users and groups, thereby making the EC2 Instance Metadata Service
compatible with traditional UNIX privilege separation.
Reviewed by: otis, dizzy, lwhsu
Sponsored by: Tarsnap Backup Inc.
Bitmark secures digital property registration through Bitmark certificates,
enabling economic trade of those properties between individuals, governments,
corporations, and institutions at global scale.
WWW: https://github.com/bitmark-inc/bitmarkd
Submitted by: Christopher Hall <hsw__bitmark.com>
Sponsored by: Bitmark Inc.
Differential Revision: https://reviews.freebsd.org/D23167
Release notes:
https://github.com/NLnetLabs/routinator/releases/tag/v0.6.2
Port changes:
- Add a startup script.
- Add a separate user/group for the daemon to use.
PR: 240560
PR: 239899
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
This is being done as svn copy instead of rename so that users of
security/bro can have some time to migrate. It also allows for
possible security updates to the old bro port which upstream has
indicated is possible for at least a few months.
Reviewed by: ler (mentor)
Approved by: ler (mentor)
Differential Revision: https://reviews.freebsd.org/D22376
Added rc script to run p0f in daemon mode as as unprivileged user.
That is useful to provide access to p0f API via unix socket for
various clients (e.g. anti-spam filters like rspamd, haraka-plugin-p0f,
etc.).
PR: 240712
Submitted by: Alexander Moisseev <moiseev@mezonplus.ru>
Lidarr is a music collection manager for Usenet and BitTorrent users.
It can monitor multiple RSS feeds for new tracks from your favorite
artists and will grab, sort and rename them.
It can also be configured to automatically upgrade the quality of
files already downloaded when a better quality format becomes
available.
It looks and smells like Sonarr but made for music.
WWW: https://lidarr.audio
PR: 234233
Submitted by: Michiel van Baak <michiel@vanbaak.eu>, Matt Russi <mrussi@gmail.com>
SEMS is an open-source SIP media server, implementing a B2BUA,
voicemail, IVRs, announcements, etc. It is designed to be
complementary to SIP proxy-only tools like Kamailio, OpenSIPS, etc.
This adds a new port for the SEMS SIP media server, which provides a
number of functions (Voicemail, conferencing, B2BUA, etc.) in conjunction
with a SIP router like Kamailio or OpenSIPS.
The most recent release (1.6.0) is both old and has a significant number
of issues on FreeBSD, so this corresponds to the current development
branch, which should hopefully become 1.7 in not too very long. I've
added one other patch (from SEMS pull request 57) that is required to
make message-waiting notifications behave in a useful way but has yet
to be merged upstream.
WWW: https://github.com/sems-server/sems/
PR: 240048
Reviewed by: koobs (ports)
Approved by: koobs (ports)
Differential Revision: D21410
OwnTracks apps.
OwnTracks allows you to keep track of your own location. You can build
your private location diary or share it with your family and friends.
OwnTracks is open-source and uses open protocols for communication so
you can be sure your data stays secure and private.
API backend for the sysutils/restic backup software, enabling fast and
easy network backups
Approved by: jrm (mentor, implicit)
Sponsored by: SkunkWerks, GmbH
Lego is a new let's encrypt client write in Go with
support for number of ACME challenges and no external
dependencies.
PR: 237349
Submitted by: Matthew Horan <matt@matthoran.com>
Project V is a set of network tools that help you to build your
own computer network. It secures your network connections and
thus protects your privacy.
WWW: https://www.v2ray.com
PR: 235418
Submitted by: Yanhui Shen <shen.elf@gmail.com>
Reviewed by: koobs, mat
Approved by: koobs (mentor)
Differential Revision: https://reviews.freebsd.org/D19066
This allows use of mlock() when vault is started via rc script.
Submitted by: dch
Reviewed by: jrm
Differential Revision: https://reviews.freebsd.org/D20025
Sonic is a fast, lightweight, and schema-less search backend. It
ingests search texts and identifier tuples that can then be queried
against in a microsecond's time.
Sonic can be used as a simple alternative to super-heavy and
full-featured search backends such as Elasticsearch in some use-cases.
It is capable of normalizing natural language search queries,
auto-completing a search query and providing the most relevant
results for a query. Sonic is an identifier index, rather than a
document index; when queried, it returns IDs that can then be used
to refer to the matched documents in an external database.
A strong attention to performance and code cleanliness has been
given when designing Sonic. It aims at being crash-free, super-fast
and puts minimum strain on server resources.
WWW: https://github.com/valeriansaliou/sonic
Reason for this is, if you like to use rspamd to also sign emails using DKIM, ARC,
rspamd need access to the private key used for signing.
As user nobody is correctly used to run rspamd each service that fallback
to user nobody would have access to the private key, which is a security risk.
PR: 230766
Hockeypuck implements the HKP draft protocol specification,
as well as several extensions to the protocol supported by SKS.
Public key material conforming to RFC 4880 is supported by the keyserver,
as are RFC 6637 ECC keys.
As-of-yet unsupported key material, such as recent Ed25519 signing keys,
may be distributed by Hockeypuck, however Hockeypuck is not able to
validate them yet.
WWW: https://hockeypuck.github.io
PR: 235904
Submitted by: Michiel van Baak <michiel@vanbaak.eu>
NZBHydra 2 is a meta search for NZB indexers. It provides easy access to a
number of raw and newznab based indexers. You can search all your indexers
from one place and use it as an indexer source for tools like Sonarr,
Radarr or CouchPotato.
WWW: https://github.com/theotherp/nzbhydra2
PR: 234537
Submitted by: Daniel Shafer <daniel shafer cc>
Differential_Revision: https://reviews.freebsd.org/D18704
libvirt-dbus wraps libvirt API to provide a high-level object-oriented API
better suited for dbus-based applications.
WWW: https://libvirt.org/dbus.html
Midpoint is a comprehensive identity management and identity
governance system. It is basically an complex integration tool
that can replicate and transform user records between numerous user
databases, management of the records, reporting, auditing and so
on. It allows very complex transformation and replication rules
including support for advanced RBAC and scripting. Its internal
mechanisms are based on state-of-the art concepts that are still
not yet widely used in the fieldof Identity Management.
WWW: https://evolveum.com/midpoint/
PR: 231766
Submitted by: Matthias Wolf <freebsd@rheinwolf.de>
Apache Archiva is an extensible repository management software that helps taking
care of your own personal or enterprise-wide build artifact repository. It is
the perfect companion for build tools such as Maven, Continuum, and ANT.
Archiva offers several capabilities, amongst which remote repository proxying,
security access management, build artifact storage, delivery, browsing, indexing
and usage reporting, extensible scanning functionality and many more!
WWW: https://archiva.apache.org
PR: 203071
Submitted by: Dušan Vejnovič <freebsd@dussan.org>
Differential Revision: https://reviews.freebsd.org/D15656
"nobody" should only be used by NFS and nothing should run as
it. Instead give tcpdump a dedicated user.
Also note that IPv6 is no longer optional, so just remove the option
Approved by: garga (maintainer, older version)
Reviewed by: matthew
Differential Revision: https://reviews.freebsd.org/D15841
GeoDNS is a DNS server with per-client targeted responses. It powers the NTP
Pool system and other similar services.
WWW: https://github.com/abh/geodns
PR: 227492
Submitted by: Vinicius Zavam <egypcio@googlemail.com>
Differential Revision: https://reviews.freebsd.org/D15056
- Working RC script
- Rename config file to .env so it's obvious what it is
- Don't depend on Postgres server by default
- Depend on ca_root_nss so it can actually fetch articles over HTTPS
- Run as a dedicated user
PR: 228275
Approved by: maintainer
