Commit Graph

432 Commits

Author SHA1 Message Date
Dimitry Andric
7980121171 MFH: r551655
Create dedicated sandbox user for wsdd service

This changes the account the wsdd service runs under from the generic
'daemon' user to its own dedicated '_wsdd' user.

Approved by:	ports-secteam (joneum)
PR:		250159
2020-10-08 21:34:55 +00:00
Mateusz Piotrowski
25ca397083 Add Nix, a purely functional package manager
Nix is a purely functional package manager. This means that it treats
packages like values in purely functional programming languages such as
Haskell -- they are built by functions that don't have side-effects,
and they never change after they have been built.

FreeBSD support in Nix is not fully complete yet. This commit only
brings the Nix package manager to the ports. Hopefully, this port will
streamline the work of bootstrapping of Nix packages on FreeBSD.

Thanks to all the kind folks who contributed to the porting efforts.
It was a fun journey.

WWW: https://nixos.org/nix/

Differential Revision:	https://reviews.freebsd.org/D17766
2020-09-25 12:54:38 +00:00
Dmitri Goutnik
fd874380cf www/beehive: Update to 0.4.0 and add rc script
Changes:	https://github.com/muesli/beehive/releases/v0.4.0
PR:		249128
Submitted by:	Lewis Cook <vulcan@wired.sh> (maintainer)
2020-09-09 13:07:19 +00:00
Niclas Zeising
10785d5e85 Add new port: net/rpki-client
rpki-client is a FREE, easy-to-use implementation of the Resource Public Key
Infrastructure (RPKI) for Relying Parties (RP) to facilitate validation of the
Route Origin of a BGP announcement. The program queries the RPKI repository
system and outputs Validated ROA Payloads in the configuration format of either
OpenBGPD or BIRD, but also as CSV or JSON objects for consumption by other
routing stacks.  rpki-client originated in OpenBSD.

This version is based on the portable version of rpki-client.

WWW: https://www.rpki-client.org/
WWW: https://github.com/rpki-client/rpki-client-portable

Allocate UID and GID 270 for use when running rpki-client.
2020-07-01 18:38:02 +00:00
Koichiro Iwao
d42f11bf02 net/librespeed-go: commit UIDs/GIDs
missed in the previous commit r539808.

PR:		247357
2020-06-22 14:54:48 +00:00
Danilo G. Baio
49387ba716 Add mail/py-spf-engine, Deprecate mail/postfix-policyd-spf-python
Give time to users to change their env

The new port is the successor, it supports milter feature and its
config file is in another path.

PR:		244424
Submitted by:	Yasuhiro KIMURA <yasu@utahime.org> (maintainer)
2020-05-31 13:49:28 +00:00
Palle Girgensohn
272d05187e Introducing PostgREST
Using PostgREST is an alternative to manual CRUD programming. Custom API
servers suffer problems. Writing business logic often duplicates, ignores or
hobbles database structure. Object-relational mapping is a leaky abstraction
leading to slow imperative code. The PostgREST philosophy establishes a single
declarative source of truth: the data itself.

WWW:		http://postgrest.org/en/v7.0.0/
PR:		246383
Submitted by:	Dmitry Wagin
2020-05-26 06:55:36 +00:00
Renato Botelho
d541d1407a devel/clixon: Add user and group
- clixon user and group will be used to listen to a socket
- Updated pkg-message

PR:		246264
Submitted by:	Dave Cornejo <dcornejo@netgate.com> (maintainer)
Sponsored by:	Rubicon Communications, LLC (Netgate)
2020-05-07 20:32:24 +00:00
Jose Alonso Cardenas Marquez
db260cf225 - Add odoo entries 2020-05-06 21:42:13 +00:00
Brooks Davis
1c71c2d5a0 Create and use a tests group for the tests user.
Nobody but nobody should be a member of the nobody group.

PR:		245107
Approved by:	maintainer timeout
Sponsored by:	DARPA
2020-04-22 18:01:16 +00:00
Bernhard Froehlich
ae1c7c19c4 This port contains the Smallstep step-ca certificates component
It can be used together with the Smallstep step-ca client.
step-ca is a local CA. It can be used to create your own local PKI
Infrastructure and includes things like e.g. the possibility to have your
own ACME server.

A private certificate authority (X.509 & SSH) & ACME server for secure
automated certificate management, so you can use TLS everywhere & SSO for SSH.

WWW: https://smallstep.com/certificates/

PR:		245535
Submitted by:	Markus Wipp <mw@wipp.bayern>
2020-04-17 20:10:47 +00:00
Rodrigo Osorio
cdaba71527 New port net-im/sshout: Instant-messaging solution based on SSH
Secure Shout Host Oriented Unified Talk is an instant-messaging platform
designed to make uses of the existing SSH server in your system.
SSHOUT creates a private chat room in your host. The authentication of the
chat room is done by SSH public authentication. Users can join your chat room
by either directly connecting your SSH server with any SSH client; or using a
SSHOUT client that implemented the client side SSHOUT API.
This package provides the SSHOUT server side programs; if you are finding a
SSHOUT client, go to project page and find out a suitable client; or you can
also write your own client using SSHOUT API.

PR:		228723
Submitted by:	WHR <msl0000023508@gmail.com>
2020-04-15 21:45:03 +00:00
Colin Percival
e7815c1eff Update spiped to 1.6.1.
This version gains support for running as a different uid/gid; so claim
259:259 as spiped:spiped and make that the default.
2020-04-10 01:33:00 +00:00
Baptiste Daroussin
5863d29713 New port audio/gonic
music streaming server / subsonic server API implementation

features
*  browsing by folder (keeping your full tree intact)
*  browsing by tags (using taglib - supports mp3, opus, flac, ape, m4a, wav,
   etc.)
*  on-the-fly audio transcoding and caching (requires ffmpeg) (thank you spijet)
*  pretty fast scanning (with my library of ~27k tracks, initial scan takes
   about 10m, and about 5s after incrementally)
*  multiple users, each with their own transcoding preferences, playlists, top
   tracks, top artists, etc.
*  last.fm scrobbling
*  artist similarities and biographies from the last.fm api
*  a web interface for configuration (set up last.fm, manage users, start scans,
   etc.)
*  support for the album-artist tag, to not clutter your artist list with
   compilation album appearances
*  written in go, so lightweight and suitable for a raspberry pi, etc.
*  newer salt and token auth
*  tested on dsub, jamstash, sublime music, and soundwaves

WWW: https://github.com/sentriz/gonic
2020-04-09 10:28:59 +00:00
Muhammad Moinur Rahman
0a74f33882 net/irrd: Update version 2.3.10=>4.0.8
- Change LICENSE to BSD2CLAUSE from BSD4CLAUSE
- Utilizes UID and GID irrd for 252
- Take MAINTAINERSHIP
- Mentioned in UPDATING
- Both irrd-legacy and irrd can bes installed and run concurrently

Approved by:	ume (private mail)
2020-04-08 10:59:28 +00:00
Alexander Leidinger
e60ff63988 Update sonarqube ports to the most revent version:
- sonarqube-community: 8.2
 - sonarqube-ant-task: 2.7.0.1612
 - sonar-scanner-cli: 4.3.0.2102
2020-03-26 10:03:49 +00:00
Diane Bruce
8b263ac621 Add user/group for ultimaker for Cura app 2020-03-25 23:16:55 +00:00
Bryan Drewery
81759c2bd7 Add missing :
PR:		241426
Submitted by:	vidar on EFNet
2020-03-25 22:52:21 +00:00
Mateusz Piotrowski
fea232a260 New port: Command-line and D-Bus interface for Signal and libsignal-service-java
signal-cli is a command-line interface for libsignal-service-java. It
supports registering, verifying, sending and receiving messages. To be able
to link to an existing Signal-Android/signal-cli instance, signal-cli uses
a patched libsignal-service-java, because libsignal-service-java does not
yet support provisioning as a slave device. For registering you need a
phone number where you can receive SMS or incoming calls. signal-cli is
primarily intended to be used on servers to notify admins of important
events. For this use-case, it has a dbus interface, that can be used to
send messages from any programming language that has dbus bindings.

WWW: https://github.com/AsamK/signal-cli
2020-03-25 21:39:53 +00:00
Matthias Andree
d44b399a7c dns/inadyn: Update to 2.6
Note that the UIDs/GIDs were meaning to add 455 as the ID,
but typed 445 in the patch.  I've corrected the IDs to 455.

I've also elided one blank line between the _DEPENDS lines
to please portlint.

Other than that, test builds succeeded on 11.3 (i386, amd64),
12.1 (i386, amd64, mips64, aarch64).

PR:		241426
Submitted by:	Colin T. <bugzilla@nulldir.e4ward.com>
Reviewed by:	Daniel Engberg
Approved by:	samm@ (maintainer timeout, >4 months)
2020-03-24 21:43:36 +00:00
Mateusz Piotrowski
28f362fae3 Resurrect biology/linux-foldingathome
Special thanks to netchild for inspiring bringing back this piece software
to ports!

Reviewed by:	netchild, pi, salvadore
Differential Revision:	https://reviews.freebsd.org/D24127
2020-03-21 23:03:05 +00:00
Renato Botelho
5c851a1114 New port: security/honeytrap
HoneyTrap is a modular framework for running, monitoring and managing honeypots.
Using HoneyTrap you can use sensors, high interaction and low
interaction honeypots together, while still using the same event mechanisms.
HoneyTrap consists of services, directors, listeners and channels. It is easy to
build new services, attach existing honeypots and extend channels or directors.

PR:		242740
Submitted by:	ezri.mudde@dutchsec.com
2020-02-11 15:48:23 +00:00
Colin Percival
c229fb7438 Add imds-filterd.
The imds-filterd tool allows administrators of EC2 instances to lock down
which data from the Instance Metadata Service can be accessed by specified
system users and groups, thereby making the EC2 Instance Metadata Service
compatible with traditional UNIX privilege separation.

Reviewed by:	otis, dizzy, lwhsu
Sponsored by:	Tarsnap Backup Inc.
2020-01-27 09:01:16 +00:00
Ben Woods
4a2dbb6b4e x11/lightdm: Add lightdm user to the video group to fix runtime error
Reported by:	grehan, userxbw, https://forums.freebsd.org/threads/lightdm-libgl.73658/
2020-01-20 23:19:56 +00:00
Marcelo Araujo
4a007974ab The Bitmark distributed property system.
Bitmark secures digital property registration through Bitmark certificates,
enabling economic trade of those properties between individuals, governments,
corporations, and institutions at global scale.

WWW: https://github.com/bitmark-inc/bitmarkd

Submitted by:	Christopher Hall <hsw__bitmark.com>
Sponsored by:	Bitmark Inc.
Differential Revision:	https://reviews.freebsd.org/D23167
2020-01-17 10:46:13 +00:00
Vasil Dimov
7751b71878 net-p2p/c-lightning: Add a new port - Lightning Network implementation in C
A lighweight, highly customizable and standard compliant
implementation of the Lightning Network protocol.

https://github.com/ElementsProject/lightning
2019-12-31 16:36:33 +00:00
Raphael Kubo da Costa
22b7aca2e1 Update to 0.6.2.
Release notes:
https://github.com/NLnetLabs/routinator/releases/tag/v0.6.2

Port changes:
- Add a startup script.
- Add a separate user/group for the daemon to use.

PR:		240560
PR:		239899
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
2019-11-28 10:56:59 +00:00
Emanuel Haupt
cb9b680e64 Fix malformed line for zeek gid.
Pointyhat to:	leres
2019-11-18 15:33:12 +00:00
Craig Leres
2e9dc31504 security/zeek: This adds security/zeek, the new version of security/bro.
This is being done as svn copy instead of rename so that users of
security/bro can have some time to migrate. It also allows for
possible security updates to the old bro port which upstream has
indicated is possible for at least a few months.

Reviewed by:	ler (mentor)
Approved by:	ler (mentor)
Differential Revision:	https://reviews.freebsd.org/D22376
2019-11-17 01:03:04 +00:00
Li-Wen Hsu
06bcaf30c8 Add comms/ebusd, daemon for communication with eBUS heating systems
PR:		239796
Submitted by:	samm@os2.kiev.ua
2019-09-27 00:38:02 +00:00
Kurt Jaeger
be97957b6c net-mgmt/p0f: add rc script
Added rc script to run p0f in daemon mode as as unprivileged user.
That is useful to provide access to p0f API via unix socket for
various clients (e.g. anti-spam filters like rspamd, haraka-plugin-p0f,
etc.).

PR:		240712
Submitted by:	Alexander Moisseev <moiseev@mezonplus.ru>
2019-09-20 18:44:38 +00:00
Kurt Jaeger
27d3116977 New port: net-p2p/lidarr
Lidarr is a music collection manager for Usenet and BitTorrent users.

It can monitor multiple RSS feeds for new tracks from your favorite
artists and will grab, sort and rename them.
It can also be configured to automatically upgrade the quality of
files already downloaded when a better quality format becomes
available.

It looks and smells like Sonarr but made for music.

WWW: https://lidarr.audio

PR:		234233
Submitted by:	Michiel van Baak <michiel@vanbaak.eu>, Matt Russi <mrussi@gmail.com>
2019-08-28 05:35:59 +00:00
Nathan Whitehorn
d0170de30a net/sems: SIP Express Media Server (new port)
SEMS is an open-source SIP media server, implementing a B2BUA,
voicemail, IVRs, announcements, etc. It is designed to be
complementary to SIP proxy-only tools like Kamailio, OpenSIPS, etc.

This adds a new port for the SEMS SIP media server, which provides a
number of functions (Voicemail, conferencing, B2BUA, etc.) in conjunction
with a SIP router like Kamailio or OpenSIPS.

The most recent release (1.6.0) is both old and has a significant number
of issues on FreeBSD, so this corresponds to the current development
branch, which should hopefully become 1.7 in not too very long. I've
added one other patch (from SEMS pull request 57) that is required to
make message-waiting notifications behave in a useful way but has yet
to be merged upstream.

WWW: https://github.com/sems-server/sems/

PR:		240048
Reviewed by:	koobs (ports)
Approved by:	koobs (ports)
Differential Revision:	D21410
2019-08-27 03:15:35 +00:00
Dan Langille
22fb9d72c2 ot-recorder stores and accesses data published, via MQTT or http, by
OwnTracks apps.

OwnTracks allows you to keep track of your own location. You can build
your private location diary or share it with your family and friends.
OwnTracks is open-source and uses open protocols for communication so
you can be sure your data stays secure and private.
2019-07-31 01:16:27 +00:00
Dave Cottlehuber
4fccdfe738 sysutils/rest-server: new port - network backups for restic
API backend for the sysutils/restic backup software, enabling fast and
easy network backups

Approved by:	jrm (mentor, implicit)
Sponsored by:	SkunkWerks, GmbH
2019-07-26 12:01:54 +00:00
Rodrigo Osorio
9b6f8163df Add new port security/lego
Lego is a new let's encrypt client write in Go with
support for number of ACME challenges and no external
dependencies.

PR:		237349
Submitted by:	Matthew Horan <matt@matthoran.com>
2019-07-24 07:50:14 +00:00
Fukang Chen
58319c2c00 [NEW PORT]: net/v2ray: Platform for building proxies to bypass network restrictions
Project V is a set of network tools that help you to build your
own computer network. It secures your network connections and
thus protects your privacy.

WWW: https://www.v2ray.com

PR:		235418
Submitted by:	Yanhui Shen <shen.elf@gmail.com>
Reviewed by:	koobs, mat
Approved by:	koobs (mentor)
Differential Revision:	https://reviews.freebsd.org/D19066
2019-05-08 03:23:29 +00:00
Tobias Kortkamp
bf67630add New port: textproc/sonic
Sonic is a fast, lightweight, and schema-less search backend.  It
ingests search texts and identifier tuples that can then be queried
against in a microsecond's time.

Sonic can be used as a simple alternative to super-heavy and
full-featured search backends such as Elasticsearch in some use-cases.
It is capable of normalizing natural language search queries,
auto-completing a search query and providing the most relevant
results for a query.  Sonic is an identifier index, rather than a
document index; when queried, it returns IDs that can then be used
to refer to the matched documents in an external database.

A strong attention to performance and code cleanliness has been
given when designing Sonic.  It aims at being crash-free, super-fast
and puts minimum strain on server resources.

WWW: https://github.com/valeriansaliou/sonic
2019-04-03 17:43:12 +00:00
Michael Gmelin
e69365603b Add deskutils/py-paperless, a Django application that allows to index and
archive scanned paper documents.

PR:		236680
2019-03-30 12:27:52 +00:00
Matthias Fechner
7e72a8b09d Added new user rspamd to be used for mail/rspamd.
Reason for this is, if you like to use rspamd to also sign emails using DKIM, ARC,
rspamd need access to the private key used for signing.
As user nobody is correctly used to run rspamd each service that fallback
to user nobody would have access to the private key, which is a security risk.

PR:		230766
2019-03-04 07:31:47 +00:00
Kurt Jaeger
7c35630f1b New port: security/hockeypuck
Hockeypuck implements the HKP draft protocol specification,
as well as several extensions to the protocol supported by SKS.

Public key material conforming to RFC 4880 is supported by the keyserver,
as are RFC 6637 ECC keys.
As-of-yet unsupported key material, such as recent Ed25519 signing keys,
may be distributed by Hockeypuck, however Hockeypuck is not able to
validate them yet.

WWW: https://hockeypuck.github.io

PR:		235904
Submitted by:	Michiel van Baak <michiel@vanbaak.eu>
2019-02-24 16:50:03 +00:00
Tobias C. Berner
8c06f3f158 [NEW PORT] news/nzbhydra2: Usenet meta search
NZBHydra 2 is a meta search for NZB indexers. It provides easy access to a
number of raw and newznab based indexers. You can search all your indexers
from one place and use it as an indexer source for tools like Sonarr,
Radarr or CouchPotato.

WWW: https://github.com/theotherp/nzbhydra2

PR:		234537
Submitted by:	Daniel Shafer <daniel shafer cc>
Differential_Revision:	https://reviews.freebsd.org/D18704
2019-01-29 20:14:34 +00:00
Yuri Victorovich
bef05937a8 New port: databases/cassandra3: Highly scalable distributed database
Versions 1.X and 2.X existed previously, but were removed due to build issues.

PR:		226377
Submitted by:	Angelo Polo <language.devel@gmail.com>
2019-01-28 06:12:18 +00:00
Yuri Victorovich
6bc9d3d765 net-p2p/qbittorrent: Add rc.d support for nox flavor
qbittorrent-nox can now be run as service.

Submitted by:	Daniel Engberg <daniel.engberg.lists@pyret.net>
Differential Revision:	D18814
2019-01-27 04:28:26 +00:00
Roman Bogorodskiy
87be9be746 Add devel/libvirt-dbus -- Libvirt D-Bus API binding
libvirt-dbus wraps libvirt API to provide a high-level object-oriented API
better suited for dbus-based applications.

WWW: https://libvirt.org/dbus.html
2019-01-14 16:27:39 +00:00
Kurt Jaeger
888bc900b2 New port: net-mgmt/midpoint
Midpoint is a comprehensive identity management and identity
governance system. It is basically an complex integration tool
that can replicate and transform user records between numerous user
databases, management of the records, reporting, auditing and so
on. It allows very complex transformation and replication rules
including support for advanced RBAC and scripting. Its internal
mechanisms are based on state-of-the art concepts that are still
not yet widely used in the fieldof Identity Management.

WWW: https://evolveum.com/midpoint/

PR:		231766
Submitted by:	Matthias Wolf <freebsd@rheinwolf.de>
2019-01-10 22:43:28 +00:00
Olivier Cochard
1895053da9 Fixes wrong LSA collision detection and add birdvty group
PR:		232231
Submitted by:	Julien Charbon <jcharbon@verisign.com>
Submitted by:	Asbjorn Mikkelsen <amikkelsen@verisign.com>
Sponsored by:	Verisign
2018-11-10 23:02:44 +00:00
Ryan Steinmetz
9fcb900737 - Use hitch user/group instead of nobody/nobody
PR:		232411
Submitted by:	grahamyvr@gmail.com
2018-10-18 23:36:11 +00:00
Yuri Victorovich
cbb1e57434 sysutils/ipfs-go: Changes to UIDs and GIDs.
PR:		230601
2018-08-30 19:39:14 +00:00
Palle Girgensohn
64d424bedc Update telegraf
* Update to 1.7.3
* Update dependencies
* Add GH_SUBDIR, remove post-patch target
* Add i386 arch

Submitted by:	Dmitri Goutnik
PR:		230543
2018-08-13 07:21:32 +00:00