From 47af801ff0ee4a4207b36e6917b1e496354940c0 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 21 Jul 2018 19:11:44 +0100 Subject: gentoo resync : 21.07.2018 --- www-apps/Manifest.gz | Bin 15650 -> 15643 bytes www-apps/gitea/Manifest | 3 - www-apps/gitea/files/gitea.initd | 25 - www-apps/gitea/gitea-1.3.1.ebuild | 71 -- www-apps/icingaweb2/Manifest | 4 +- www-apps/icingaweb2/icingaweb2-2.6.0.ebuild | 81 ++ www-apps/icingaweb2/icingaweb2-9999.ebuild | 4 +- www-apps/nextcloud/Manifest | 10 +- www-apps/nextcloud/nextcloud-12.0.6.ebuild | 42 - www-apps/nextcloud/nextcloud-12.0.7.ebuild | 42 - www-apps/nextcloud/nextcloud-12.0.9.ebuild | 42 + www-apps/nextcloud/nextcloud-13.0.1.ebuild | 40 - www-apps/nextcloud/nextcloud-13.0.2.ebuild | 40 - www-apps/novnc/Manifest | 4 +- www-apps/novnc/novnc-1.0.0.ebuild | 47 + www-apps/novnc/novnc-9999.ebuild | 4 +- www-apps/piwigo/Manifest | 4 +- www-apps/piwigo/piwigo-2.9.3.ebuild | 43 - www-apps/piwigo/piwigo-2.9.4.ebuild | 43 + www-apps/prewikka/Manifest | 4 + .../files/prewikka-4.1.5-fix_rule_error.patch | 32 + .../files/prewikka-4.1.5-fix_siteconfig.patch | 12 + www-apps/prewikka/prewikka-4.1.5.ebuild | 38 + www-client/Manifest.gz | Bin 7043 -> 7037 bytes www-client/chromium/Manifest | 2 + www-client/chromium/chromium-67.0.3396.99.ebuild | 687 +++++++++++++ www-client/google-chrome-beta/Manifest | 4 +- .../google-chrome-beta-68.0.3440.59.ebuild | 127 --- .../google-chrome-beta-68.0.3440.68.ebuild | 127 +++ www-client/google-chrome-unstable/Manifest | 4 +- .../google-chrome-unstable-69.0.3486.0.ebuild | 126 --- .../google-chrome-unstable-69.0.3493.3.ebuild | 126 +++ www-client/lynx/Manifest | 2 +- www-client/lynx/lynx-2.8.9_pre16.ebuild | 2 +- www-client/opera-beta/Manifest | 8 +- .../opera-beta/opera-beta-54.0.2952.40.ebuild | 114 --- .../opera-beta/opera-beta-54.0.2952.43.ebuild | 114 --- .../opera-beta/opera-beta-55.0.2994.14.ebuild | 114 +++ .../opera-beta/opera-beta-55.0.2994.20.ebuild | 114 +++ www-client/opera-developer/Manifest | 4 +- .../opera-developer-55.0.2991.0.ebuild | 114 --- .../opera-developer-56.0.3013.0.ebuild | 114 +++ www-client/opera/Manifest | 8 +- www-client/opera/opera-54.0.2952.46.ebuild | 109 -- www-client/opera/opera-54.0.2952.51.ebuild | 109 -- www-client/opera/opera-54.0.2952.54.ebuild | 109 ++ www-client/opera/opera-54.0.2952.60.ebuild | 109 ++ www-client/vivaldi/Manifest | 11 +- .../files/vivaldi-1.14.1077.45_p1-libffmpeg.patch | 10 - www-client/vivaldi/vivaldi-1.15.1147.47_p1.ebuild | 127 --- www-client/vivaldi/vivaldi-1.15.1147.52_p1.ebuild | 2 +- www-client/vivaldi/vivaldi-1.15.1147.55_p1.ebuild | 125 +++ www-plugins/Manifest.gz | Bin 2259 -> 2264 bytes www-plugins/adobe-flash/Manifest | 10 +- .../adobe-flash/adobe-flash-30.0.0.113.ebuild | 140 --- .../adobe-flash/adobe-flash-30.0.0.134.ebuild | 140 +++ www-plugins/chrome-binary-plugins/Manifest | 8 +- .../chrome-binary-plugins-68.0.3440.59_beta.ebuild | 67 -- .../chrome-binary-plugins-68.0.3440.68_beta.ebuild | 67 ++ .../chrome-binary-plugins-69.0.3486.0_alpha.ebuild | 67 -- .../chrome-binary-plugins-69.0.3493.3_alpha.ebuild | 67 ++ www-servers/Manifest.gz | Bin 5541 -> 5712 bytes www-servers/apache/Manifest | 9 +- www-servers/apache/apache-2.4.29-r1.ebuild | 243 ----- www-servers/apache/apache-2.4.34-r1.ebuild | 258 +++++ .../apache-2.4.34-suexec_parallel_install.patch | 19 + www-servers/apache/metadata.xml | 2 + www-servers/h2o/Manifest | 9 +- www-servers/h2o/files/h2o-2.2-mruby.patch | 30 +- www-servers/h2o/files/h2o-2.2.4-libressl.patch | 54 - www-servers/h2o/files/h2o-2.3-mruby.patch | 39 +- www-servers/h2o/h2o-2.2.5.ebuild | 5 +- www-servers/h2o/h2o-9999.ebuild | 5 +- www-servers/lighttpd/Manifest | 2 +- www-servers/lighttpd/metadata.xml | 4 - www-servers/nginx-unit/Manifest | 4 + www-servers/nginx-unit/files/nginx-unit.initd | 14 + www-servers/nginx-unit/metadata.xml | 22 + www-servers/nginx-unit/nginx-unit-1.3.ebuild | 39 + www-servers/nginx/Manifest | 18 +- www-servers/nginx/nginx-1.12.2-r1.ebuild | 1005 ------------------ www-servers/nginx/nginx-1.14.0-r2.ebuild | 1079 ------------------- www-servers/nginx/nginx-1.14.0-r3.ebuild | 1081 ++++++++++++++++++++ www-servers/nginx/nginx-1.15.0-r2.ebuild | 1079 ------------------- www-servers/nginx/nginx-1.15.1-r1.ebuild | 1081 ++++++++++++++++++++ www-servers/nginx/nginx-1.15.1.ebuild | 1079 ------------------- www-servers/tornado/Manifest | 2 +- www-servers/tornado/tornado-5.1.ebuild | 2 +- www-servers/uwsgi/Manifest | 2 + www-servers/uwsgi/uwsgi-2.0.17.1.ebuild | 410 ++++++++ 90 files changed, 5228 insertions(+), 6191 deletions(-) delete mode 100644 www-apps/gitea/files/gitea.initd delete mode 100644 www-apps/gitea/gitea-1.3.1.ebuild create mode 100644 www-apps/icingaweb2/icingaweb2-2.6.0.ebuild delete mode 100644 www-apps/nextcloud/nextcloud-12.0.6.ebuild delete mode 100644 www-apps/nextcloud/nextcloud-12.0.7.ebuild create mode 100644 www-apps/nextcloud/nextcloud-12.0.9.ebuild delete mode 100644 www-apps/nextcloud/nextcloud-13.0.1.ebuild delete mode 100644 www-apps/nextcloud/nextcloud-13.0.2.ebuild create mode 100644 www-apps/novnc/novnc-1.0.0.ebuild delete mode 100644 www-apps/piwigo/piwigo-2.9.3.ebuild create mode 100644 www-apps/piwigo/piwigo-2.9.4.ebuild create mode 100644 www-apps/prewikka/files/prewikka-4.1.5-fix_rule_error.patch create mode 100644 www-apps/prewikka/files/prewikka-4.1.5-fix_siteconfig.patch create mode 100644 www-apps/prewikka/prewikka-4.1.5.ebuild create mode 100644 www-client/chromium/chromium-67.0.3396.99.ebuild delete mode 100644 www-client/google-chrome-beta/google-chrome-beta-68.0.3440.59.ebuild create mode 100644 www-client/google-chrome-beta/google-chrome-beta-68.0.3440.68.ebuild delete mode 100644 www-client/google-chrome-unstable/google-chrome-unstable-69.0.3486.0.ebuild create mode 100644 www-client/google-chrome-unstable/google-chrome-unstable-69.0.3493.3.ebuild delete mode 100644 www-client/opera-beta/opera-beta-54.0.2952.40.ebuild delete mode 100644 www-client/opera-beta/opera-beta-54.0.2952.43.ebuild create mode 100644 www-client/opera-beta/opera-beta-55.0.2994.14.ebuild create mode 100644 www-client/opera-beta/opera-beta-55.0.2994.20.ebuild delete mode 100644 www-client/opera-developer/opera-developer-55.0.2991.0.ebuild create mode 100644 www-client/opera-developer/opera-developer-56.0.3013.0.ebuild delete mode 100644 www-client/opera/opera-54.0.2952.46.ebuild delete mode 100644 www-client/opera/opera-54.0.2952.51.ebuild create mode 100644 www-client/opera/opera-54.0.2952.54.ebuild create mode 100644 www-client/opera/opera-54.0.2952.60.ebuild delete mode 100644 www-client/vivaldi/files/vivaldi-1.14.1077.45_p1-libffmpeg.patch delete mode 100644 www-client/vivaldi/vivaldi-1.15.1147.47_p1.ebuild create mode 100644 www-client/vivaldi/vivaldi-1.15.1147.55_p1.ebuild delete mode 100644 www-plugins/adobe-flash/adobe-flash-30.0.0.113.ebuild create mode 100644 www-plugins/adobe-flash/adobe-flash-30.0.0.134.ebuild delete mode 100644 www-plugins/chrome-binary-plugins/chrome-binary-plugins-68.0.3440.59_beta.ebuild create mode 100644 www-plugins/chrome-binary-plugins/chrome-binary-plugins-68.0.3440.68_beta.ebuild delete mode 100644 www-plugins/chrome-binary-plugins/chrome-binary-plugins-69.0.3486.0_alpha.ebuild create mode 100644 www-plugins/chrome-binary-plugins/chrome-binary-plugins-69.0.3493.3_alpha.ebuild delete mode 100644 www-servers/apache/apache-2.4.29-r1.ebuild create mode 100644 www-servers/apache/apache-2.4.34-r1.ebuild create mode 100644 www-servers/apache/files/apache-2.4.34-suexec_parallel_install.patch delete mode 100644 www-servers/h2o/files/h2o-2.2.4-libressl.patch create mode 100644 www-servers/nginx-unit/Manifest create mode 100755 www-servers/nginx-unit/files/nginx-unit.initd create mode 100644 www-servers/nginx-unit/metadata.xml create mode 100644 www-servers/nginx-unit/nginx-unit-1.3.ebuild delete mode 100644 www-servers/nginx/nginx-1.12.2-r1.ebuild delete mode 100644 www-servers/nginx/nginx-1.14.0-r2.ebuild create mode 100644 www-servers/nginx/nginx-1.14.0-r3.ebuild delete mode 100644 www-servers/nginx/nginx-1.15.0-r2.ebuild create mode 100644 www-servers/nginx/nginx-1.15.1-r1.ebuild delete mode 100644 www-servers/nginx/nginx-1.15.1.ebuild create mode 100644 www-servers/uwsgi/uwsgi-2.0.17.1.ebuild diff --git a/www-apps/Manifest.gz b/www-apps/Manifest.gz index aee9ee683798..cec4747c6d61 100644 Binary files a/www-apps/Manifest.gz and b/www-apps/Manifest.gz differ diff --git a/www-apps/gitea/Manifest b/www-apps/gitea/Manifest index 7ed740ebd3ca..9e83a6408d91 100644 --- a/www-apps/gitea/Manifest +++ b/www-apps/gitea/Manifest @@ -1,11 +1,8 @@ AUX app.ini 67 BLAKE2B 4ec7b8217486047b419202b3a8a7172ac21ae0e5ad9224cd4f010be730ac5cda9d05bf06dcba2d06f8809900094b3b007ef98dd4ea20a125fb7d3db279f53e4a SHA512 93f6f7cf49dd1ece56f7da711adbb58cc38a503527aeea140837d74456ee6f550a089e897d9cb94382e1eb3f5a5cbe4a61362534463eada08a91f314da0f2108 AUX gitea.confd 74 BLAKE2B 656800d35c8f0075005e7e9e5c804292f9884663f89f653426064a20cfbcb518f736bd94947a03bce5adad670fb6150d93026999d6d5395f37a85666b6663a2f SHA512 3e05bad19cd924c4375d9ca6fc57142ba4b5ec897a1c789c3fc9710dfcfee209a199c95040eece089ad93e0357486ab98fad0c448a61e318646b7a71845e9a25 -AUX gitea.initd 688 BLAKE2B eb2341dee53f3fd92c49137855615d9ae7ca77efc396e2d2ed8b624ed2776c7522455a469c00172ecbbe2151ccab476baa0c779baf8a39f63348bdc7ebbd29c2 SHA512 4a6bba463c9abafcb6fc9f3854efd1a69fb3b213c2b34ff6a233f90db535c2ab0f375a0809e4c4be6651ed60d7696a54148a5ee9192567d70ca6a5203a8d3266 AUX gitea.initd-r1 688 BLAKE2B eb2341dee53f3fd92c49137855615d9ae7ca77efc396e2d2ed8b624ed2776c7522455a469c00172ecbbe2151ccab476baa0c779baf8a39f63348bdc7ebbd29c2 SHA512 4a6bba463c9abafcb6fc9f3854efd1a69fb3b213c2b34ff6a233f90db535c2ab0f375a0809e4c4be6651ed60d7696a54148a5ee9192567d70ca6a5203a8d3266 AUX gitea.logrotated 87 BLAKE2B 373830ddd6eed0ce2f0f7b1dab14e4a253e5a56a73f477cfadbc6deec373846d4df2d697735391581771699d5a6513acb0e14a446873de01eba10d19e3a6bd88 SHA512 798f3fc33026f19dd31ffa78b9b1ed313d7b82b19c047f509e896c1798b2925a1bb7c4998d98a6b47e728979bf7132fb1c2a80eb7fda096a763d6791631cb6d4 AUX gitea.service 472 BLAKE2B 4c728e2987d0c0a86e65d4b9c1a59f6193ff8a3f9b066991a06f495ad1c5586b3497c71fca1cce5b65f167af09343e7bf3215ee5e8fdefa539e384198d2d88d6 SHA512 6666fe3b4cdbb78a58db4a6bf47a15e6be9ab30b666c6eb77a9e8a002d8c0abd510fc75ef463a11ee6892ab12c98943774616072cb64fd9f2fa42ff8f676aa95 -DIST gitea-1.3.1.tar.gz 14783710 BLAKE2B 20e333719aa1a670488046406dc942fd843fcb2ea92473006e255a6a8f2f00709bf87443a425302d0c73916260a5d2e7876e00233a3e1ceb657439ac3d7a4873 SHA512 45161e089d5437b5aacc9589a50a61da3a8f4c88edb33fe3605eb49f36f67cb0a8a80f261016745a6c5131755f7963b1b61df62e47aab2bcd43a6932dceadd0f DIST gitea-1.4.1.tar.gz 14978598 BLAKE2B 8fde79291b745750e79c944e7fcf938d2476ddaa386c1277f54bf315831eeb749507e270ca0a8a8351dd8fa60656bb98eb7c478a5c99f2ac20d350b6054339d5 SHA512 3b812bd61215230035ec9241e953f239981d04580d931f379aa550e11d2f7facd56bf70ac9e2d866224d341570a238bcc5c2fa71fd1432cfb95b8c8b703784e6 -EBUILD gitea-1.3.1.ebuild 2450 BLAKE2B 8137193f6d6c6495d0829a82841a82c0d079cab03e440176932db89f720938888e2294c8cedc3562e7bfd41ae67aa8f24e1dffe07cec2b203d58b5daf466f64b SHA512 edc7382e856957dcd2e4c5c9a86c0b3fa01f576f1c014b31900496f852aa942281b293ad27595f440434fb6b46470197c97d63c78defd7daf51d77f937c5505a EBUILD gitea-1.4.1.ebuild 1892 BLAKE2B 09a05d287962d04ac368be5a9a20f65d1310231a55e90e10fb3dc9d2da79aaf94a16bf24a1f4d6be7cc27be4130a7e2edcf91fc05cad6c20077a98c09123e3b7 SHA512 aa22f9c026cb5741679c1fa8783ac9aceb1ff413d96e4a422e7f21ae5fd4ab12872b330fd58b790a9cfcf121a519a73a44016270a6919b1cd076a6ca70693998 MISC metadata.xml 324 BLAKE2B 66e4bf11fea6a0b4a0ca353849e1a4aaf32c0a1680c36f1e74fe155705806a822c277487f551e82ad0a3740b4faf9f1f8b2b2ce24781774da6c9f21a3f094f57 SHA512 7b0e56ffe4652157a5126ae7cb7cc6b557ec8367dac02c28f69243181147855dc0e96fe09dd7ff507052a7f5382445deb98090175e06d030fe635990812820ee diff --git a/www-apps/gitea/files/gitea.initd b/www-apps/gitea/files/gitea.initd deleted file mode 100644 index 837164aa0140..000000000000 --- a/www-apps/gitea/files/gitea.initd +++ /dev/null @@ -1,25 +0,0 @@ -#!/sbin/openrc-run -# Copyright 2016-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -description="Gitea, a self-hosted Git service" -pidfile=${pidfile:-"/run/${SVCNAME}/${SVCNAME}.pid"} -user=${user:-git} -group=${group:-git} - -command="/usr/bin/gitea web" -command_args="${command_args:--config /var/lib/gitea/conf/app.ini}" -command_background="true" -start_stop_daemon_args="--user ${user} --group ${group} \ - -e GITEA_WORK_DIR=/var/lib/gitea - --stdout /var/log/${SVCNAME}/${SVCNAME}.log \ - --stderr /var/log/${SVCNAME}/${SVCNAME}.log" - -depend() { - need net - after net -} - -start_pre() { - checkpath -d -m 0755 -o "${user}":"${group}" "${pidfile%/*}" -} diff --git a/www-apps/gitea/gitea-1.3.1.ebuild b/www-apps/gitea/gitea-1.3.1.ebuild deleted file mode 100644 index 5f27f86c5d6c..000000000000 --- a/www-apps/gitea/gitea-1.3.1.ebuild +++ /dev/null @@ -1,71 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -inherit user golang-build golang-vcs-snapshot - -EGO_PN="code.gitea.io/gitea" -GIT_COMMIT="81fd8c8" -ARCHIVE_URI="https://github.com/go-gitea/gitea/archive/v${PV}.tar.gz -> ${P}.tar.gz" -KEYWORDS="~amd64 ~arm" - -DESCRIPTION="A painless self-hosted Git service, written in Go" -HOMEPAGE="https://github.com/go-gitea/gitea" -SRC_URI="${ARCHIVE_URI}" - -LICENSE="MIT" -SLOT="0" -IUSE="" - -DEPEND="dev-go/go-bindata" -RDEPEND="dev-vcs/git" - -pkg_setup() { - enewgroup git - enewuser git -1 /bin/bash /var/lib/gitea git -} - -src_prepare() { - default - local GITEA_PREFIX=${EPREFIX}/var/lib/gitea - sed -i -e "s/git rev-parse --short HEAD/echo ${GIT_COMMIT}/"\ - -e "s/\"main.Version.*$/\"main.Version=${PV}\"/"\ - -e "s/-ldflags '-s/-ldflags '/" src/${EGO_PN}/Makefile || die - sed -i -e "s#^APP_DATA_PATH = data#APP_DATA_PATH = ${GITEA_PREFIX}/data#"\ - -e "s#^PATH = data/gitea.db#PATH = ${GITEA_PREFIX}/data/gitea.db#"\ - -e "s#^PROVIDER_CONFIG = data/sessions#PROVIDER_CONFIG = ${GITEA_PREFIX}/data/sessions#"\ - -e "s#^AVATAR_UPLOAD_PATH = data/avatars#AVATAR_UPLOAD_PATH = ${GITEA_PREFIX}/data/avatars#"\ - -e "s#^TEMP_PATH = data/tmp/uploads#TEMP_PATH = ${GITEA_PREFIX}/data/tmp/uploads#"\ - -e "s#^PATH = data/attachments#PATH = ${GITEA_PREFIX}/data/attachments#"\ - -e "s#^ROOT_PATH =#ROOT_PATH = ${EPREFIX}/var/log/gitea#"\ - -e "s#^ISSUE_INDEXER_PATH =#ISSUE_INDEXER_PATH = ${GITEA_PREFIX}/indexers/issues.bleve#"\ - src/${EGO_PN}/conf/app.ini || die -} - -src_compile() { - GOPATH="${WORKDIR}/${P}:$(get_golibdir_gopath)" emake -C src/${EGO_PN} generate - TAGS="bindata pam sqlite" LDFLAGS="" CGO_LDFLAGS="-fno-PIC" GOPATH="${WORKDIR}/${P}:$(get_golibdir_gopath)" emake -C src/${EGO_PN} build -} - -src_install() { - pushd src/${EGO_PN} || die - dobin gitea - insinto /var/lib/gitea/conf - newins conf/app.ini app.ini.example - popd || die - insinto /etc/logrotate.d - newins "${FILESDIR}"/gitea.logrotated gitea - newinitd "${FILESDIR}"/gitea.initd gitea - newconfd "${FILESDIR}"/gitea.confd gitea - keepdir /var/log/gitea /var/lib/gitea/data - fowners -R git:git /var/log/gitea /var/lib/gitea/ -} - -pkg_postinst() { - if [[ ! -e ${EROOT}/var/lib/gitea/conf/app.ini ]]; then - elog "No app.ini found, copying the example over" - cp "${EROOT}"/var/lib/gitea/conf/app.ini{.example,} || die - else - elog "app.ini found, please check example file for possible changes" - fi -} diff --git a/www-apps/icingaweb2/Manifest b/www-apps/icingaweb2/Manifest index 531d6ccbaeef..c7b784a3123e 100644 --- a/www-apps/icingaweb2/Manifest +++ b/www-apps/icingaweb2/Manifest @@ -1,4 +1,6 @@ DIST icingaweb2-2.5.3.tar.gz 8124667 BLAKE2B 43f9e47d670aaeffb15a8dbca6794d72436b195d4a19491d31f548a57ef9d2d0c411f16276be5355700e8dc863b8ef84821c68759d65ef2e97688a88d92605ca SHA512 d11d4f90f0cb54ab6fc5412151d412fc7827c895e81f6c91806090c364b3df4f2999bbc5f65cd4007406a3e7a7c9e0d48fb8f8362f3d7780681ac8702cfcb572 +DIST icingaweb2-2.6.0.tar.gz 8165659 BLAKE2B 9e66a583cdec58b8eb2be7c86363d0154786eb7289ffbbc2b8c2978907537f56ef345313b9b916b3029793812431842ce88c525b29ed226f43bdeefc4af59c97 SHA512 a4788a40e87fa5a388acd6d87890cd5066c1622ba13ddb161beacf16d0765fd224c551c37ed83ef0a6059dd277a63c5c62427a411ccaae9b9deb7c7c88db8cb9 EBUILD icingaweb2-2.5.3.ebuild 2549 BLAKE2B 3578e930824e6dee430d33190fb62f7074c6e8ed8d839f88abe840502d767441f8d156e869ff0a1c14ae3bd4af7fad423f43150ae18e439886df46e1e75510b4 SHA512 46ffbd0eccd4e880bc74398dc63c9f5d5c4a7423602cc81be889beac106e5090166aa838a3d0ea62a883cac4bdfef89bbfd888eb64a0f62b6dc84c317d204948 -EBUILD icingaweb2-9999.ebuild 2546 BLAKE2B a5a883a093e6a88e99d357b65a5d7367719d40fa98d7d8ab530147631448f033ec0858481575bb5a981f0126bf650d7862ea5c283ff9add93325ec640b28034c SHA512 fa08a2c6d47a9b1df8027dba57b7b8be8bad1980af3c45af52203435dc98ce28b47ec211691e241bda8913dcd77370004ef1b24622fabae8cc3d510f3f9decbc +EBUILD icingaweb2-2.6.0.ebuild 2755 BLAKE2B 2729da1f968d3badd1665c3382d11803930a89ea0db15284e341971dbeee7efdc0e25350a2c32cefaa7b5ae66938c1ecf4ed8cab37b8199732a77662fba7d427 SHA512 d4570e7c8b3fa7b859778d9bb0fa96ae9bd75e29106f153a61bbb3c9b9c6b4ca39331906c3731d8dcb62f5dd7ded7a699f1b6db935d7de97f7ab9717d24af812 +EBUILD icingaweb2-9999.ebuild 2750 BLAKE2B 4f45b14184dc5091e5c139a66404b8f57df53f66502a2dc716de7c41849895b5720020f3d8fe0994766a14ba004707f71c28b07058074edab47aa8b864013fa1 SHA512 a3e5cb7daf5d8926c91805c355aaf83c7ed15f802b3ac4e313624f05afe04c5c80167d55fd65d9c2e9d35a4139995caad4de31aab87d40ba150260c63802a47a MISC metadata.xml 407 BLAKE2B 42e1ae67b6d8307c3af6ee7257eb811d893705aedd5852c4b33b103d77bbb4858d01bf8369511d7ce1cc187158482755894583d3b77be0ca7580043279f96461 SHA512 40eb3b6ff856fb8a4bcced4b177c73e4a7987b468dbcfe645d4a9f816f100ce899c8f8f803ad343c2b33b60cbcfbd4cef37257548311d22b4272a15602b1c961 diff --git a/www-apps/icingaweb2/icingaweb2-2.6.0.ebuild b/www-apps/icingaweb2/icingaweb2-2.6.0.ebuild new file mode 100644 index 000000000000..d4db7e02c018 --- /dev/null +++ b/www-apps/icingaweb2/icingaweb2-2.6.0.ebuild @@ -0,0 +1,81 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit depend.apache eutils multilib user + +DESCRIPTION="Icinga Web 2 - Frontend for icinga2" +HOMEPAGE="http://www.icinga.org/" +SRC_URI="https://codeload.github.com/Icinga/${PN}/tar.gz/v${PV} -> ${P}.tar.gz" +LICENSE="GPL-2" +SLOT="0" +IUSE="apache2 ldap mysql nginx pdf postgres" +REQUIRED_USE="^^ ( apache2 nginx )" +KEYWORDS="~amd64 ~x86" + +DEPEND=">=net-analyzer/icinga2-2.1.1 + dev-php/pecl-imagick + pdf? ( media-gfx/imagemagick[png] ) + apache2? ( + >=www-servers/apache-2.4.0 + || ( + dev-lang/php:5.6[apache2?,cli,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] + dev-lang/php:7.0[apache2?,cli,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] + dev-lang/php:7.1[apache2?,cli,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] + dev-lang/php:7.2[apache2?,cli,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] + ) + ) + nginx? ( + >=www-servers/nginx-1.7.0:* + || ( + dev-lang/php:5.6[apache2?,cli,fpm,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] + dev-lang/php:7.0[apache2?,cli,fpm,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] + dev-lang/php:7.1[apache2?,cli,fpm,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] + dev-lang/php:7.2[apache2?,cli,fpm,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] + ) + )" +RDEPEND="${DEPEND}" + +want_apache2 + +pkg_setup() { + depend.apache_pkg_setup + + enewgroup icingaweb2 + enewgroup icingacmd + use nginx && usermod -a -G icingacmd,icingaweb2 nginx + use apache2 && usermod -a -G icingacmd,icingaweb2 apache +} + +pkg_config() { + if [[ -d /etc/icingaweb2 ]] ; then + einfo "Updating existing installation ..." + else + einfo "Running first time setup ..." + einfo "Creating configuration directory ..." + /usr/share/${PN}/bin/icingacli setup config directory + einfo "Creating authentication token for web setup ..." + /usr/share/${PN}/bin/icingacli setup token create + if use apache2 ; then + einfo "The following might be useful for your Apache2 configuration:" + /usr/share/${PN}/bin/icingacli setup config webserver apache --document-root /usr/share/${PN}/public + fi + if use nginx ; then + einfo "The following might be useful for your NGinx configuration:" + /usr/share/${PN}/bin/icingacli setup config webserver nginx --document-root /usr/share/${PN}/public + fi + fi + einfo "All done." +} + +src_install() { + insinto "/usr/share/${PN}" + doins -r "${S}"/* + fperms -R a+rX "/usr/share/${PN}/public/" + fperms u+x,g+x "/usr/share/${PN}/bin/icingacli" +} + +pkg_postinst() { + einfo "Run 'emerge --config =${CATEGORY}/${PF}' to finish setup." +} diff --git a/www-apps/icingaweb2/icingaweb2-9999.ebuild b/www-apps/icingaweb2/icingaweb2-9999.ebuild index 77eb59b174d2..97c2252b8ded 100644 --- a/www-apps/icingaweb2/icingaweb2-9999.ebuild +++ b/www-apps/icingaweb2/icingaweb2-9999.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2017 Gentoo Foundation +# Copyright 1999-2018 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 EAPI="6" @@ -25,6 +25,7 @@ DEPEND=">=net-analyzer/icinga2-2.1.1 dev-lang/php:5.6[apache2?,cli,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] dev-lang/php:7.0[apache2?,cli,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] dev-lang/php:7.1[apache2?,cli,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] + dev-lang/php:7.2[apache2?,cli,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] ) ) nginx? ( @@ -33,6 +34,7 @@ DEPEND=">=net-analyzer/icinga2-2.1.1 dev-lang/php:5.6[apache2?,cli,fpm,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] dev-lang/php:7.0[apache2?,cli,fpm,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] dev-lang/php:7.1[apache2?,cli,fpm,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] + dev-lang/php:7.2[apache2?,cli,fpm,gd,json,intl,ldap?,mysql?,nls,pdo,postgres?,sockets,ssl,xslt,xml] ) )" RDEPEND="${DEPEND}" diff --git a/www-apps/nextcloud/Manifest b/www-apps/nextcloud/Manifest index 962a911d6cc1..8081af329f32 100644 --- a/www-apps/nextcloud/Manifest +++ b/www-apps/nextcloud/Manifest @@ -1,12 +1,6 @@ AUX nextcloud-12.0.4-destroy_modal_when_closed.patch 786 BLAKE2B 24222dde0d9ed5f3c5fa31b7cd1b837f765837543475db235056dccff9fa17cce83a37b0ed64a1999a6b61dedd5857866debb1950686acf062e42d80bccb3813 SHA512 93297f991312c5fd2504267bb16a8c38797970fdf8d109d4c4b4416a5e72c8677141ebc9a13a2dadc40845348e07f264937dd852384f88d65be4f3cc4f0cb462 -DIST nextcloud-12.0.6.tar.bz2 44300816 BLAKE2B 9ce2426653cb57e7b933f918e531d02f2da9bb0da2e0fc7d6abd7f6c895f29d582b89202f6476a3592b76c46d0c70fe31d914377449ce5bb8d4c4fd4c54b3e7b SHA512 28058d1c66f1d6c6188b303f8035763582229a82facd6732ac60e7a40dbd0a1b66ca1235d2854a254e0ae5af7923c0df75db9f9e95b3b24ed61a09789ae00c18 -DIST nextcloud-12.0.7.tar.bz2 44916150 BLAKE2B cf6223ea700283580465cba95d93754c3223c939f7925298e264d1ea2eb64295e82d20528c023ac040b47563858a402bb679b9608c7ba4cce5f236d8ea21ca3e SHA512 e141faa37acfea884bb6d5ea5ab6fc3ce31496d4897092c91cb2e5d8cb4ab8f8356ebe5c17d0ba867eb99b26594d5f93756d2a9e3a32de92dc04a3d06a8fb791 -DIST nextcloud-13.0.1.tar.bz2 44183890 BLAKE2B f97eed503f7dd6cf641d2a2d5dadb200031c510f3e86f1b9ec8ad47e8f1b5d314b02ea8714232f89eb7a8617450f10a6970d97fbca8ae2d0b8641b28baf33a2c SHA512 dac798a36d18b94a2d5287e2cb0eb06352635099e0c808b1cdb0ecb76f3d1e771a85cafb35597b23fcb77b9e36a57a25a361413f798b3dbd13d0a0255ec5cbe1 -DIST nextcloud-13.0.2.tar.bz2 44842305 BLAKE2B 23b3d751584a846ba7585af4de7fa9736dd6b316d6102790b799649ec53603509727a626d69344a24925afd965cf8c85dbb9f31a1dfc97620b137cbe39e095c1 SHA512 b787ed03937588dd84d41b85ea1ef2868173c7353d0b9c6d81f4df97780278a7a78254c9a3cc39a0e69cc1c4472120130c1064cf1f343d9cc06519cae1bf0dc7 +DIST nextcloud-12.0.9.tar.bz2 45011526 BLAKE2B 353063bc1968c67f110ea60e509ebe193898d67dc8c9ac882cb56e44c36ce65bac387f45aaa4c8022bc529b2fd936f346f20fa170131c6c2c4930b5d1e0ef36d SHA512 95bb246a826c1399362738455ea8b2e906a77a3dcef8ef8102bc6e97f5a0114a3b11005ba3051661851d50c5d03aa0b9274fea03cd46d91fb9ffcb9f4560fdf3 DIST nextcloud-13.0.4.tar.bz2 45150220 BLAKE2B e37c7612ecd9328593c2ed60a976acabd86574e909d5b6ffb3c21f38b511b099eee4549fa98c109f3a0fe5635e6ee2a166471530d4114862ba34c61d93c8eab0 SHA512 13ab8c722c3aab8deb98ec9812cf8e8f77769fe51efafa5a673b71158f66655d27340661966fa28cb307e64e034a7bdc0b9f240491b79f23014ac87f004547ba -EBUILD nextcloud-12.0.6.ebuild 1036 BLAKE2B b2879a65866185315d051004f3d4126e7b309f6f0ffee59f08ec4a60b2474db4d1177827d6aad961b1fd1d07d02582124051b29b62763a5aeab0d2d3cfc49c3c SHA512 c978bb14c48115b5dc0e7aaea8e93d87b78426f31ac4a8d2225c6d22c8f00fb0d330f4fcbb2da232d18ede79dc27451a69787232d5d3ef0527a5b128d560a56a -EBUILD nextcloud-12.0.7.ebuild 1036 BLAKE2B b2879a65866185315d051004f3d4126e7b309f6f0ffee59f08ec4a60b2474db4d1177827d6aad961b1fd1d07d02582124051b29b62763a5aeab0d2d3cfc49c3c SHA512 c978bb14c48115b5dc0e7aaea8e93d87b78426f31ac4a8d2225c6d22c8f00fb0d330f4fcbb2da232d18ede79dc27451a69787232d5d3ef0527a5b128d560a56a -EBUILD nextcloud-13.0.1.ebuild 954 BLAKE2B b4a52fde03a19859bdba2400ef05a0d586be3a43abfc0079837d08fd0f246b6879ecd1afd7e1d127b212b1b5581f63441a74f2b028c2614225139cfd826c8330 SHA512 34bfd8c7c7071710468e9c59e9f8577359cdbd6a7abfb850f9d3756fd3b787335354a0b087131a314dc7eb8a9a457869fa275aa33a842a2da17313341df05189 -EBUILD nextcloud-13.0.2.ebuild 954 BLAKE2B b4a52fde03a19859bdba2400ef05a0d586be3a43abfc0079837d08fd0f246b6879ecd1afd7e1d127b212b1b5581f63441a74f2b028c2614225139cfd826c8330 SHA512 34bfd8c7c7071710468e9c59e9f8577359cdbd6a7abfb850f9d3756fd3b787335354a0b087131a314dc7eb8a9a457869fa275aa33a842a2da17313341df05189 +EBUILD nextcloud-12.0.9.ebuild 1036 BLAKE2B b2879a65866185315d051004f3d4126e7b309f6f0ffee59f08ec4a60b2474db4d1177827d6aad961b1fd1d07d02582124051b29b62763a5aeab0d2d3cfc49c3c SHA512 c978bb14c48115b5dc0e7aaea8e93d87b78426f31ac4a8d2225c6d22c8f00fb0d330f4fcbb2da232d18ede79dc27451a69787232d5d3ef0527a5b128d560a56a EBUILD nextcloud-13.0.4.ebuild 954 BLAKE2B b4a52fde03a19859bdba2400ef05a0d586be3a43abfc0079837d08fd0f246b6879ecd1afd7e1d127b212b1b5581f63441a74f2b028c2614225139cfd826c8330 SHA512 34bfd8c7c7071710468e9c59e9f8577359cdbd6a7abfb850f9d3756fd3b787335354a0b087131a314dc7eb8a9a457869fa275aa33a842a2da17313341df05189 MISC metadata.xml 363 BLAKE2B 4da5b0e27af01e94e1e68b98274da6c9cacbe59ed1d85413038bccfa530af8fd479a7edd89f4d7633dfb07afbad4736cb6c075e021db7dc9761c273ec1256500 SHA512 60195d5859a8b175346a1cd533dbb6496d2787c1ff501d9233b2b1794670ae344c6f9f4cac4fbf86b24686a83692cff27513d05243947e2921e554e065696721 diff --git a/www-apps/nextcloud/nextcloud-12.0.6.ebuild b/www-apps/nextcloud/nextcloud-12.0.6.ebuild deleted file mode 100644 index b5b260e20578..000000000000 --- a/www-apps/nextcloud/nextcloud-12.0.6.ebuild +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit eutils webapp - -DESCRIPTION="Personal cloud that runs on your own server" -HOMEPAGE="http://nextcloud.com" -SRC_URI="http://download.nextcloud.com/server/releases/${P}.tar.bz2" -LICENSE="AGPL-3" - -KEYWORDS="~amd64 ~arm ~x86" -IUSE="+curl mysql postgres +sqlite" -REQUIRED_USE="|| ( mysql postgres sqlite )" - -DEPEND="" -RDEPEND=" gn leftovers + base/third_party/libevent + third_party/adobe + third_party/speech-dispatcher + third_party/usb_ids + third_party/xdg-utils + third_party/yasm/run_yasm.py + ) + if ! use system-ffmpeg; then + keeplibs+=( third_party/ffmpeg third_party/opus ) + fi + if ! use system-icu; then + keeplibs+=( third_party/icu ) + fi + if ! use system-libvpx; then + keeplibs+=( third_party/libvpx ) + keeplibs+=( third_party/libvpx/source/libvpx/third_party/x86inc ) + fi + if use tcmalloc; then + keeplibs+=( third_party/tcmalloc ) + fi + + # Remove most bundled libraries. Some are still needed. + build/linux/unbundle/remove_bundled_libraries.py "${keeplibs[@]}" --do-remove || die +} + +bootstrap_gn() { + if tc-is-cross-compiler; then + local -x AR=${BUILD_AR} + local -x CC=${BUILD_CC} + local -x CXX=${BUILD_CXX} + local -x NM=${BUILD_NM} + local -x CFLAGS=${BUILD_CFLAGS} + local -x CXXFLAGS=${BUILD_CXXFLAGS} + local -x LDFLAGS=${BUILD_LDFLAGS} + fi + einfo "Building GN..." + set -- tools/gn/bootstrap/bootstrap.py -s -v --no-clean + echo "$@" + "$@" || die +} + +src_configure() { + # Calling this here supports resumption via FEATURES=keepwork + python_setup + + local myconf_gn="" + + # Make sure the build system will use the right tools, bug #340795. + tc-export AR CC CXX NM + + if ! tc-is-clang; then + # Force clang since gcc is pretty broken at the moment. + CC=${CHOST}-clang + CXX=${CHOST}-clang++ + strip-unsupported-flags + fi + + if tc-is-clang; then + myconf_gn+=" is_clang=true clang_use_chrome_plugins=false" + else + myconf_gn+=" is_clang=false" + fi + + # Define a custom toolchain for GN + myconf_gn+=" custom_toolchain=\"//build/toolchain/linux/unbundle:default\"" + + if tc-is-cross-compiler; then + tc-export BUILD_{AR,CC,CXX,NM} + myconf_gn+=" host_toolchain=\"//build/toolchain/linux/unbundle:host\"" + myconf_gn+=" v8_snapshot_toolchain=\"//build/toolchain/linux/unbundle:host\"" + else + myconf_gn+=" host_toolchain=\"//build/toolchain/linux/unbundle:default\"" + fi + + # GN needs explicit config for Debug/Release as opposed to inferring it from build directory. + myconf_gn+=" is_debug=false" + + # Component build isn't generally intended for use by end users. It's mostly useful + # for development and debugging. + myconf_gn+=" is_component_build=$(usex component-build true false)" + + # https://chromium.googlesource.com/chromium/src/+/lkcr/docs/jumbo.md + myconf_gn+=" use_jumbo_build=$(usex jumbo-build true false)" + + myconf_gn+=" use_allocator=$(usex tcmalloc \"tcmalloc\" \"none\")" + + # Disable nacl, we can't build without pnacl (http://crbug.com/269560). + myconf_gn+=" enable_nacl=false" + + # Use system-provided libraries. + # TODO: freetype -- remove sources (https://bugs.chromium.org/p/pdfium/issues/detail?id=733). + # TODO: use_system_hunspell (upstream changes needed). + # TODO: use_system_libsrtp (bug #459932). + # TODO: use_system_protobuf (bug #525560). + # TODO: use_system_ssl (http://crbug.com/58087). + # TODO: use_system_sqlite (http://crbug.com/22208). + + # libevent: https://bugs.gentoo.org/593458 + local gn_system_libraries=( + flac + fontconfig + freetype + # Need harfbuzz_from_pkgconfig target + #harfbuzz-ng + libdrm + libjpeg + libpng + libwebp + libxml + libxslt + openh264 + re2 + snappy + yasm + zlib + ) + if use system-ffmpeg; then + gn_system_libraries+=( ffmpeg opus ) + fi + if use system-icu; then + gn_system_libraries+=( icu ) + fi + if use system-libvpx; then + gn_system_libraries+=( libvpx ) + fi + build/linux/unbundle/replace_gn_files.py --system-libraries "${gn_system_libraries[@]}" || die + + # See dependency logic in third_party/BUILD.gn + myconf_gn+=" use_system_harfbuzz=true" + + # Optional dependencies. + myconf_gn+=" enable_hangout_services_extension=$(usex hangouts true false)" + myconf_gn+=" enable_widevine=$(usex widevine true false)" + myconf_gn+=" use_cups=$(usex cups true false)" + myconf_gn+=" use_gnome_keyring=$(usex gnome-keyring true false)" + myconf_gn+=" use_kerberos=$(usex kerberos true false)" + myconf_gn+=" use_pulseaudio=$(usex pulseaudio true false)" + + # TODO: link_pulseaudio=true for GN. + + myconf_gn+=" fieldtrial_testing_like_official_build=true" + + # Never use bundled gold binary. Disable gold linker flags for now. + # Do not use bundled clang. + # Trying to use gold results in linker crash. + myconf_gn+=" use_gold=false use_sysroot=false linux_use_bundled_binutils=false use_custom_libcxx=false" + + # Disable forced lld, bug 641556 + myconf_gn+=" use_lld=false" + + ffmpeg_branding="$(usex proprietary-codecs Chrome Chromium)" + myconf_gn+=" proprietary_codecs=$(usex proprietary-codecs true false)" + myconf_gn+=" ffmpeg_branding=\"${ffmpeg_branding}\"" + + # Set up Google API keys, see http://www.chromium.org/developers/how-tos/api-keys . + # Note: these are for Gentoo use ONLY. For your own distribution, + # please get your own set of keys. Feel free to contact chromium@gentoo.org + # for more info. + local google_api_key="AIzaSyDEAOvatFo0eTgsV_ZlEzx0ObmepsMzfAc" + local google_default_client_id="329227923882.apps.googleusercontent.com" + local google_default_client_secret="vgKG0NNv7GoDpbtoFNLxCUXu" + myconf_gn+=" google_api_key=\"${google_api_key}\"" + myconf_gn+=" google_default_client_id=\"${google_default_client_id}\"" + myconf_gn+=" google_default_client_secret=\"${google_default_client_secret}\"" + + local myarch="$(tc-arch)" + if [[ $myarch = amd64 ]] ; then + myconf_gn+=" target_cpu=\"x64\"" + ffmpeg_target_arch=x64 + elif [[ $myarch = x86 ]] ; then + myconf_gn+=" target_cpu=\"x86\"" + ffmpeg_target_arch=ia32 + elif [[ $myarch = arm64 ]] ; then + myconf_gn+=" target_cpu=\"arm64\"" + ffmpeg_target_arch=arm64 + elif [[ $myarch = arm ]] ; then + myconf_gn+=" target_cpu=\"arm\"" + ffmpeg_target_arch=$(usex neon arm-neon arm) + else + die "Failed to determine target arch, got '$myarch'." + fi + + # Make sure that -Werror doesn't get added to CFLAGS by the build system. + # Depending on GCC version the warnings are different and we don't want + # the build to fail because of that. + myconf_gn+=" treat_warnings_as_errors=false" + + # Disable fatal linker warnings, bug 506268. + myconf_gn+=" fatal_linker_warnings=false" + + # Avoid CFLAGS problems, bug #352457, bug #390147. + if ! use custom-cflags; then + replace-flags "-Os" "-O2" + strip-flags + + # Prevent linker from running out of address space, bug #471810 . + if use x86; then + filter-flags "-g*" + fi + + # Prevent libvpx build failures. Bug 530248, 544702, 546984. + if [[ ${myarch} == amd64 || ${myarch} == x86 ]]; then + filter-flags -mno-mmx -mno-sse2 -mno-ssse3 -mno-sse4.1 -mno-avx -mno-avx2 + fi + fi + + # https://bugs.gentoo.org/588596 + #append-cxxflags $(test-flags-CXX -fno-delete-null-pointer-checks) + + # Bug 491582. + export TMPDIR="${WORKDIR}/temp" + mkdir -p -m 755 "${TMPDIR}" || die + + # https://bugs.gentoo.org/654216 + addpredict /dev/dri/ #nowarn + + if ! use system-ffmpeg; then + local build_ffmpeg_args="" + if use pic && [[ "${ffmpeg_target_arch}" == "ia32" ]]; then + build_ffmpeg_args+=" --disable-asm" + fi + + # Re-configure bundled ffmpeg. See bug #491378 for example reasons. + einfo "Configuring bundled ffmpeg..." + pushd third_party/ffmpeg > /dev/null || die + chromium/scripts/build_ffmpeg.py linux ${ffmpeg_target_arch} \ + --branding ${ffmpeg_branding} -- ${build_ffmpeg_args} || die + chromium/scripts/copy_config.sh || die + chromium/scripts/generate_gn.py || die + popd > /dev/null || die + fi + + bootstrap_gn + + einfo "Configuring Chromium..." + set -- out/Release/gn gen --args="${myconf_gn} ${EXTRA_GN}" out/Release + echo "$@" + "$@" || die +} + +src_compile() { + # Calling this here supports resumption via FEATURES=keepwork + python_setup + + #"${EPYTHON}" tools/clang/scripts/update.py --force-local-build --gcc-toolchain /usr --skip-checkout --use-system-cmake --without-android || die + + # Build mksnapshot and pax-mark it. + local x + for x in mksnapshot v8_context_snapshot_generator; do + if tc-is-cross-compiler; then + eninja -C out/Release "host/${x}" + pax-mark m "out/Release/host/${x}" + else + eninja -C out/Release "${x}" + pax-mark m "out/Release/${x}" + fi + done + + # Even though ninja autodetects number of CPUs, we respect + # user's options, for debugging with -j 1 or any other reason. + eninja -C out/Release chrome chromedriver + use suid && eninja -C out/Release chrome_sandbox + + pax-mark m out/Release/chrome +} + +src_install() { + local CHROMIUM_HOME="/usr/$(get_libdir)/chromium-browser" + exeinto "${CHROMIUM_HOME}" + doexe out/Release/chrome + + if use suid; then + newexe out/Release/chrome_sandbox chrome-sandbox + fperms 4755 "${CHROMIUM_HOME}/chrome-sandbox" + fi + + doexe out/Release/chromedriver + + local sedargs=( -e "s:/usr/lib/:/usr/$(get_libdir)/:g" ) + sed "${sedargs[@]}" "${FILESDIR}/chromium-launcher-r3.sh" > chromium-launcher.sh || die + doexe chromium-launcher.sh + + # It is important that we name the target "chromium-browser", + # xdg-utils expect it; bug #355517. + dosym "${CHROMIUM_HOME}/chromium-launcher.sh" /usr/bin/chromium-browser + # keep the old symlink around for consistency + dosym "${CHROMIUM_HOME}/chromium-launcher.sh" /usr/bin/chromium + + dosym "${CHROMIUM_HOME}/chromedriver" /usr/bin/chromedriver + + # Allow users to override command-line options, bug #357629. + insinto /etc/chromium + newins "${FILESDIR}/chromium.default" "default" + + pushd out/Release/locales > /dev/null || die + chromium_remove_language_paks + popd + + insinto "${CHROMIUM_HOME}" + doins out/Release/*.bin + doins out/Release/*.pak + doins out/Release/*.so + + if ! use system-icu; then + doins out/Release/icudtl.dat + fi + + doins -r out/Release/locales + doins -r out/Release/resources + + if [[ -d out/Release/swiftshader ]]; then + insinto "${CHROMIUM_HOME}/swiftshader" + doins out/Release/swiftshader/*.so + fi + + # Install icons and desktop entry. + local branding size + for size in 16 22 24 32 48 64 128 256 ; do + case ${size} in + 16|32) branding="chrome/app/theme/default_100_percent/chromium" ;; + *) branding="chrome/app/theme/chromium" ;; + esac + newicon -s ${size} "${branding}/product_logo_${size}.png" \ + chromium-browser.png + done + + local mime_types="text/html;text/xml;application/xhtml+xml;" + mime_types+="x-scheme-handler/http;x-scheme-handler/https;" # bug #360797 + mime_types+="x-scheme-handler/ftp;" # bug #412185 + mime_types+="x-scheme-handler/mailto;x-scheme-handler/webcal;" # bug #416393 + make_desktop_entry \ + chromium-browser \ + "Chromium" \ + chromium-browser \ + "Network;WebBrowser" \ + "MimeType=${mime_types}\nStartupWMClass=chromium-browser" + sed -e "/^Exec/s/$/ %U/" -i "${ED}"/usr/share/applications/*.desktop || die + + # Install GNOME default application entry (bug #303100). + insinto /usr/share/gnome-control-center/default-apps + newins "${FILESDIR}"/chromium-browser.xml chromium-browser.xml + + readme.gentoo_create_doc +} + +pkg_preinst() { + gnome2_icon_savelist +} + +pkg_postrm() { + gnome2_icon_cache_update + xdg_desktop_database_update +} + +pkg_postinst() { + gnome2_icon_cache_update + xdg_desktop_database_update + readme.gentoo_print_elog +} diff --git a/www-client/google-chrome-beta/Manifest b/www-client/google-chrome-beta/Manifest index 5b200b3a3e54..2e331ea1fa32 100644 --- a/www-client/google-chrome-beta/Manifest +++ b/www-client/google-chrome-beta/Manifest @@ -1,3 +1,3 @@ -DIST google-chrome-beta_68.0.3440.59-1_amd64.deb 55308360 BLAKE2B 275ac7be290dd2a81a2756f5598afd998521297ff9c36a33efb5e6e3cf6802b66b0b52510a4c382c2ddfd51eadb218c0b14d084f92f594f8652835aae337d7c8 SHA512 387694d29e63c819f963a4bcb4404d2147f3eb36867c5754813bc70f4cd18007539bfa3cc598886d961211f1b5a67548592db1f55ca6799f7fcad1be498c5ba9 -EBUILD google-chrome-beta-68.0.3440.59.ebuild 2705 BLAKE2B 0cf0e9848ec37120787e04c9d9da56c039548e21c0945104ed6bee30f6bacc62725a422900102d5d512a646e01e2cec024f1d0d152ec7819c6fecc4f04c85c8f SHA512 734bdb01f0289da14867f7a611651bd1900f59d399909f05fcd26f4760885cc7b2a050ed745c2b7cbb89782e0d17a0c063a1a6f1707a30967c4b33b15b3f6b7b +DIST google-chrome-beta_68.0.3440.68-1_amd64.deb 55349226 BLAKE2B da63bbc6cb530c9249ba3c352a9cca6ac605e261309dab1d7c4069e12576849c9a0db3903163478dc97c4593829ced6bd2ecc9d846e78d4144f0d984d9da3444 SHA512 b00e4e2f14691b55b662c427890abad5d668a808df4f7900bc38899a9c7aa631cd0f948254ac7a18326899cee48f12abf7dc7d6732966a1330b528e09e6d2714 +EBUILD google-chrome-beta-68.0.3440.68.ebuild 2705 BLAKE2B 0cf0e9848ec37120787e04c9d9da56c039548e21c0945104ed6bee30f6bacc62725a422900102d5d512a646e01e2cec024f1d0d152ec7819c6fecc4f04c85c8f SHA512 734bdb01f0289da14867f7a611651bd1900f59d399909f05fcd26f4760885cc7b2a050ed745c2b7cbb89782e0d17a0c063a1a6f1707a30967c4b33b15b3f6b7b MISC metadata.xml 517 BLAKE2B dfd840aa3f7845f67c8d6cca488d89845ca7c259eb4df00f8458ae48b1962df91ca8299ef34785f635dcab25b445246e999fbbfef3bdd7117a4ee1b14beca420 SHA512 837becd9e41aca24694cd10a7bddbc5ca501aca983832daccb4c091a7712267ef20051e7a19af02bc3b48eed89c9e18aa0d46ca2411e1d58d045ceb732a180af diff --git a/www-client/google-chrome-beta/google-chrome-beta-68.0.3440.59.ebuild b/www-client/google-chrome-beta/google-chrome-beta-68.0.3440.59.ebuild deleted file mode 100644 index 5a6e7f384b95..000000000000 --- a/www-client/google-chrome-beta/google-chrome-beta-68.0.3440.59.ebuild +++ /dev/null @@ -1,127 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -CHROMIUM_LANGS="am ar bg bn ca cs da de el en-GB es es-419 et fa fi fil fr gu he - hi hr hu id it ja kn ko lt lv ml mr ms nb nl pl pt-BR pt-PT ro ru sk sl sr - sv sw ta te th tr uk vi zh-CN zh-TW" - -inherit chromium-2 eutils gnome2-utils pax-utils unpacker xdg-utils - -DESCRIPTION="The web browser from Google" -HOMEPAGE="https://www.google.com/chrome" - -if [[ ${PN} == google-chrome ]]; then - MY_PN=${PN}-stable -else - MY_PN=${PN} -fi - -MY_P="${MY_PN}_${PV}-1" - -SRC_URI="https://dl.google.com/linux/chrome/deb/pool/main/g/${MY_PN}/${MY_P}_amd64.deb" - -LICENSE="google-chrome" -SLOT="0" -KEYWORDS="-* ~amd64" -IUSE="+plugins" -RESTRICT="bindist mirror strip" - -DEPEND="" -RDEPEND=" - app-accessibility/at-spi2-atk:2 - app-arch/bzip2 - app-misc/ca-certificates - dev-libs/atk - dev-libs/expat - dev-libs/glib:2 - dev-libs/nspr - >=dev-libs/nss-3.26 - gnome-base/gconf:2 - media-libs/alsa-lib - media-libs/fontconfig - media-libs/freetype:2 - net-print/cups - sys-apps/dbus - sys-libs/libcap - x11-libs/cairo - x11-libs/gdk-pixbuf:2 - x11-libs/gtk+:3[X] - >=x11-libs/libX11-1.5.0 - x11-libs/libXcomposite - x11-libs/libXcursor - x11-libs/libXdamage - x11-libs/libXext - x11-libs/libXfixes - x11-libs/libXi - x11-libs/libXrandr - x11-libs/libXrender - x11-libs/libXScrnSaver - x11-libs/libXtst - x11-libs/libxcb - x11-libs/pango - x11-misc/xdg-utils -" - -QA_PREBUILT="*" -QA_DESKTOP_FILE="usr/share/applications/google-chrome.*\\.desktop" -S=${WORKDIR} -CHROME_HOME="opt/google/chrome${PN#google-chrome}" - -pkg_nofetch() { - eerror "Please wait 24 hours and sync your tree before reporting a bug for google-chrome fetch failures." -} - -pkg_pretend() { - # Protect against people using autounmask overzealously - use amd64 || die "google-chrome only works on amd64" -} - -pkg_setup() { - chromium_suid_sandbox_check_kernel_config -} - -src_unpack() { - : -} - -src_install() { - dodir / - cd "${ED}" || die - unpacker - - rm -r etc usr/share/menu || die - mv usr/share/doc/${MY_PN} usr/share/doc/${PF} || die - - pushd "${CHROME_HOME}/locales" > /dev/null || die - chromium_remove_language_paks - popd > /dev/null || die - - if use plugins ; then - local plugins="--extra-plugin-dir=/usr/$(get_libdir)/nsbrowser/plugins" - sed -e "/^exec/ i set -- \"${plugins}\" \"\$@\"" \ - -i "${CHROME_HOME}/${PN}" || die - fi - - local size - for size in 16 22 24 32 48 64 128 256 ; do - newicon -s ${size} "${CHROME_HOME}/product_logo_${size}_beta.png" ${PN}.png - done - - readme.gentoo_create_doc -} - -pkg_preinst() { - gnome2_icon_savelist -} - -pkg_postrm() { - gnome2_icon_cache_update - xdg_desktop_database_update -} - -pkg_postinst() { - gnome2_icon_cache_update - xdg_desktop_database_update -} diff --git a/www-client/google-chrome-beta/google-chrome-beta-68.0.3440.68.ebuild b/www-client/google-chrome-beta/google-chrome-beta-68.0.3440.68.ebuild new file mode 100644 index 000000000000..5a6e7f384b95 --- /dev/null +++ b/www-client/google-chrome-beta/google-chrome-beta-68.0.3440.68.ebuild @@ -0,0 +1,127 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +CHROMIUM_LANGS="am ar bg bn ca cs da de el en-GB es es-419 et fa fi fil fr gu he + hi hr hu id it ja kn ko lt lv ml mr ms nb nl pl pt-BR pt-PT ro ru sk sl sr + sv sw ta te th tr uk vi zh-CN zh-TW" + +inherit chromium-2 eutils gnome2-utils pax-utils unpacker xdg-utils + +DESCRIPTION="The web browser from Google" +HOMEPAGE="https://www.google.com/chrome" + +if [[ ${PN} == google-chrome ]]; then + MY_PN=${PN}-stable +else + MY_PN=${PN} +fi + +MY_P="${MY_PN}_${PV}-1" + +SRC_URI="https://dl.google.com/linux/chrome/deb/pool/main/g/${MY_PN}/${MY_P}_amd64.deb" + +LICENSE="google-chrome" +SLOT="0" +KEYWORDS="-* ~amd64" +IUSE="+plugins" +RESTRICT="bindist mirror strip" + +DEPEND="" +RDEPEND=" + app-accessibility/at-spi2-atk:2 + app-arch/bzip2 + app-misc/ca-certificates + dev-libs/atk + dev-libs/expat + dev-libs/glib:2 + dev-libs/nspr + >=dev-libs/nss-3.26 + gnome-base/gconf:2 + media-libs/alsa-lib + media-libs/fontconfig + media-libs/freetype:2 + net-print/cups + sys-apps/dbus + sys-libs/libcap + x11-libs/cairo + x11-libs/gdk-pixbuf:2 + x11-libs/gtk+:3[X] + >=x11-libs/libX11-1.5.0 + x11-libs/libXcomposite + x11-libs/libXcursor + x11-libs/libXdamage + x11-libs/libXext + x11-libs/libXfixes + x11-libs/libXi + x11-libs/libXrandr + x11-libs/libXrender + x11-libs/libXScrnSaver + x11-libs/libXtst + x11-libs/libxcb + x11-libs/pango + x11-misc/xdg-utils +" + +QA_PREBUILT="*" +QA_DESKTOP_FILE="usr/share/applications/google-chrome.*\\.desktop" +S=${WORKDIR} +CHROME_HOME="opt/google/chrome${PN#google-chrome}" + +pkg_nofetch() { + eerror "Please wait 24 hours and sync your tree before reporting a bug for google-chrome fetch failures." +} + +pkg_pretend() { + # Protect against people using autounmask overzealously + use amd64 || die "google-chrome only works on amd64" +} + +pkg_setup() { + chromium_suid_sandbox_check_kernel_config +} + +src_unpack() { + : +} + +src_install() { + dodir / + cd "${ED}" || die + unpacker + + rm -r etc usr/share/menu || die + mv usr/share/doc/${MY_PN} usr/share/doc/${PF} || die + + pushd "${CHROME_HOME}/locales" > /dev/null || die + chromium_remove_language_paks + popd > /dev/null || die + + if use plugins ; then + local plugins="--extra-plugin-dir=/usr/$(get_libdir)/nsbrowser/plugins" + sed -e "/^exec/ i set -- \"${plugins}\" \"\$@\"" \ + -i "${CHROME_HOME}/${PN}" || die + fi + + local size + for size in 16 22 24 32 48 64 128 256 ; do + newicon -s ${size} "${CHROME_HOME}/product_logo_${size}_beta.png" ${PN}.png + done + + readme.gentoo_create_doc +} + +pkg_preinst() { + gnome2_icon_savelist +} + +pkg_postrm() { + gnome2_icon_cache_update + xdg_desktop_database_update +} + +pkg_postinst() { + gnome2_icon_cache_update + xdg_desktop_database_update +} diff --git a/www-client/google-chrome-unstable/Manifest b/www-client/google-chrome-unstable/Manifest index 8a6228e96e03..6c0a964b151f 100644 --- a/www-client/google-chrome-unstable/Manifest +++ b/www-client/google-chrome-unstable/Manifest @@ -1,3 +1,3 @@ -DIST google-chrome-unstable_69.0.3486.0-1_amd64.deb 56203802 BLAKE2B d73fe08d1c2046a362029f0b5c7bda3263e3eb76bdda9f8ac5fec8290fcd96af9d018875510efdf2ed25e62add464ce33cdf210348074d4c461fb55e387ff833 SHA512 5b0e33c2ca34347227fe6ccc85c611e4b970bbc85fb1bf1b979a2af11aaf723896e6d9e1ecaf19cd4cbd7b794426eead3d4800853707b126c0730de1aa47864c -EBUILD google-chrome-unstable-69.0.3486.0.ebuild 2694 BLAKE2B 2bc43982ec155ed3e7b416348d7a58227b2d326f2bab4349d6cdfa216e88c4bd78529301e97ad16a36dd9226d71ab0b748ba262f3e80cbef26fbbd8525c3c286 SHA512 25c03f363aa887f119c763528698b5b370196897ba3344cca4334ef0f232f29a57137fb21fef3e9d5fd696988eefb853a3b0dcbfdd023a57773d940bde4c547a +DIST google-chrome-unstable_69.0.3493.3-1_amd64.deb 56266178 BLAKE2B 5118ced09490b717d994c58abeaf92a73262303fb93a1421924b609dd1c67f4e465670402230aee348cd97b34ef5e3cfe902a4ca0805ce28caad5e45c44796ea SHA512 2255a1abe7abf8673d6fb0112107b00fe393e5c381f1ce2fbed190746ec64c13bb83fe0f25afc04619e3a8af96fcef536979abc353730185021c2a52fc3f10f7 +EBUILD google-chrome-unstable-69.0.3493.3.ebuild 2694 BLAKE2B 2bc43982ec155ed3e7b416348d7a58227b2d326f2bab4349d6cdfa216e88c4bd78529301e97ad16a36dd9226d71ab0b748ba262f3e80cbef26fbbd8525c3c286 SHA512 25c03f363aa887f119c763528698b5b370196897ba3344cca4334ef0f232f29a57137fb21fef3e9d5fd696988eefb853a3b0dcbfdd023a57773d940bde4c547a MISC metadata.xml 517 BLAKE2B dfd840aa3f7845f67c8d6cca488d89845ca7c259eb4df00f8458ae48b1962df91ca8299ef34785f635dcab25b445246e999fbbfef3bdd7117a4ee1b14beca420 SHA512 837becd9e41aca24694cd10a7bddbc5ca501aca983832daccb4c091a7712267ef20051e7a19af02bc3b48eed89c9e18aa0d46ca2411e1d58d045ceb732a180af diff --git a/www-client/google-chrome-unstable/google-chrome-unstable-69.0.3486.0.ebuild b/www-client/google-chrome-unstable/google-chrome-unstable-69.0.3486.0.ebuild deleted file mode 100644 index 550065b04c3e..000000000000 --- a/www-client/google-chrome-unstable/google-chrome-unstable-69.0.3486.0.ebuild +++ /dev/null @@ -1,126 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -CHROMIUM_LANGS="am ar bg bn ca cs da de el en-GB es es-419 et fa fi fil fr gu he - hi hr hu id it ja kn ko lt lv ml mr ms nb nl pl pt-BR pt-PT ro ru sk sl sr - sv sw ta te th tr uk vi zh-CN zh-TW" - -inherit chromium-2 eutils gnome2-utils pax-utils unpacker xdg-utils - -DESCRIPTION="The web browser from Google" -HOMEPAGE="https://www.google.com/chrome" - -if [[ ${PN} == google-chrome ]]; then - MY_PN=${PN}-stable -else - MY_PN=${PN} -fi - -MY_P="${MY_PN}_${PV}-1" - -SRC_URI="https://dl.google.com/linux/chrome/deb/pool/main/g/${MY_PN}/${MY_P}_amd64.deb" - -LICENSE="google-chrome" -SLOT="0" -KEYWORDS="-* ~amd64" -IUSE="+plugins" -RESTRICT="bindist mirror strip" - -DEPEND="" -RDEPEND=" - app-accessibility/at-spi2-atk:2 - app-arch/bzip2 - app-misc/ca-certificates - dev-libs/atk - dev-libs/expat - dev-libs/glib:2 - dev-libs/nspr - >=dev-libs/nss-3.26 - media-libs/alsa-lib - media-libs/fontconfig - media-libs/freetype:2 - net-print/cups - sys-apps/dbus - sys-libs/libcap - x11-libs/cairo - x11-libs/gdk-pixbuf:2 - x11-libs/gtk+:3[X] - >=x11-libs/libX11-1.5.0 - x11-libs/libXcomposite - x11-libs/libXcursor - x11-libs/libXdamage - x11-libs/libXext - x11-libs/libXfixes - x11-libs/libXi - x11-libs/libXrandr - x11-libs/libXrender - x11-libs/libXScrnSaver - x11-libs/libXtst - x11-libs/libxcb - x11-libs/pango - x11-misc/xdg-utils -" - -QA_PREBUILT="*" -QA_DESKTOP_FILE="usr/share/applications/google-chrome.*\\.desktop" -S=${WORKDIR} -CHROME_HOME="opt/google/chrome${PN#google-chrome}" - -pkg_nofetch() { - eerror "Please wait 24 hours and sync your tree before reporting a bug for google-chrome fetch failures." -} - -pkg_pretend() { - # Protect against people using autounmask overzealously - use amd64 || die "google-chrome only works on amd64" -} - -pkg_setup() { - chromium_suid_sandbox_check_kernel_config -} - -src_unpack() { - : -} - -src_install() { - dodir / - cd "${ED}" || die - unpacker - - rm -r etc usr/share/menu || die - mv usr/share/doc/${MY_PN} usr/share/doc/${PF} || die - - pushd "${CHROME_HOME}/locales" > /dev/null || die - chromium_remove_language_paks - popd > /dev/null || die - - if use plugins ; then - local plugins="--extra-plugin-dir=/usr/$(get_libdir)/nsbrowser/plugins" - sed -e "/^exec/ i set -- \"${plugins}\" \"\$@\"" \ - -i "${CHROME_HOME}/${PN}" || die - fi - - local size - for size in 16 22 24 32 48 64 128 256 ; do - newicon -s ${size} "${CHROME_HOME}/product_logo_${size}_dev.png" ${PN}.png - done - - pax-mark m "${CHROME_HOME}/chrome" -} - -pkg_preinst() { - gnome2_icon_savelist -} - -pkg_postrm() { - gnome2_icon_cache_update - xdg_desktop_database_update -} - -pkg_postinst() { - gnome2_icon_cache_update - xdg_desktop_database_update -} diff --git a/www-client/google-chrome-unstable/google-chrome-unstable-69.0.3493.3.ebuild b/www-client/google-chrome-unstable/google-chrome-unstable-69.0.3493.3.ebuild new file mode 100644 index 000000000000..550065b04c3e --- /dev/null +++ b/www-client/google-chrome-unstable/google-chrome-unstable-69.0.3493.3.ebuild @@ -0,0 +1,126 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +CHROMIUM_LANGS="am ar bg bn ca cs da de el en-GB es es-419 et fa fi fil fr gu he + hi hr hu id it ja kn ko lt lv ml mr ms nb nl pl pt-BR pt-PT ro ru sk sl sr + sv sw ta te th tr uk vi zh-CN zh-TW" + +inherit chromium-2 eutils gnome2-utils pax-utils unpacker xdg-utils + +DESCRIPTION="The web browser from Google" +HOMEPAGE="https://www.google.com/chrome" + +if [[ ${PN} == google-chrome ]]; then + MY_PN=${PN}-stable +else + MY_PN=${PN} +fi + +MY_P="${MY_PN}_${PV}-1" + +SRC_URI="https://dl.google.com/linux/chrome/deb/pool/main/g/${MY_PN}/${MY_P}_amd64.deb" + +LICENSE="google-chrome" +SLOT="0" +KEYWORDS="-* ~amd64" +IUSE="+plugins" +RESTRICT="bindist mirror strip" + +DEPEND="" +RDEPEND=" + app-accessibility/at-spi2-atk:2 + app-arch/bzip2 + app-misc/ca-certificates + dev-libs/atk + dev-libs/expat + dev-libs/glib:2 + dev-libs/nspr + >=dev-libs/nss-3.26 + media-libs/alsa-lib + media-libs/fontconfig + media-libs/freetype:2 + net-print/cups + sys-apps/dbus + sys-libs/libcap + x11-libs/cairo + x11-libs/gdk-pixbuf:2 + x11-libs/gtk+:3[X] + >=x11-libs/libX11-1.5.0 + x11-libs/libXcomposite + x11-libs/libXcursor + x11-libs/libXdamage + x11-libs/libXext + x11-libs/libXfixes + x11-libs/libXi + x11-libs/libXrandr + x11-libs/libXrender + x11-libs/libXScrnSaver + x11-libs/libXtst + x11-libs/libxcb + x11-libs/pango + x11-misc/xdg-utils +" + +QA_PREBUILT="*" +QA_DESKTOP_FILE="usr/share/applications/google-chrome.*\\.desktop" +S=${WORKDIR} +CHROME_HOME="opt/google/chrome${PN#google-chrome}" + +pkg_nofetch() { + eerror "Please wait 24 hours and sync your tree before reporting a bug for google-chrome fetch failures." +} + +pkg_pretend() { + # Protect against people using autounmask overzealously + use amd64 || die "google-chrome only works on amd64" +} + +pkg_setup() { + chromium_suid_sandbox_check_kernel_config +} + +src_unpack() { + : +} + +src_install() { + dodir / + cd "${ED}" || die + unpacker + + rm -r etc usr/share/menu || die + mv usr/share/doc/${MY_PN} usr/share/doc/${PF} || die + + pushd "${CHROME_HOME}/locales" > /dev/null || die + chromium_remove_language_paks + popd > /dev/null || die + + if use plugins ; then + local plugins="--extra-plugin-dir=/usr/$(get_libdir)/nsbrowser/plugins" + sed -e "/^exec/ i set -- \"${plugins}\" \"\$@\"" \ + -i "${CHROME_HOME}/${PN}" || die + fi + + local size + for size in 16 22 24 32 48 64 128 256 ; do + newicon -s ${size} "${CHROME_HOME}/product_logo_${size}_dev.png" ${PN}.png + done + + pax-mark m "${CHROME_HOME}/chrome" +} + +pkg_preinst() { + gnome2_icon_savelist +} + +pkg_postrm() { + gnome2_icon_cache_update + xdg_desktop_database_update +} + +pkg_postinst() { + gnome2_icon_cache_update + xdg_desktop_database_update +} diff --git a/www-client/lynx/Manifest b/www-client/lynx/Manifest index be1b00b78cea..e352bdc59a70 100644 --- a/www-client/lynx/Manifest +++ b/www-client/lynx/Manifest @@ -3,5 +3,5 @@ AUX lynx-2.8.8_p1-parallel.patch 2112 BLAKE2B 8bba1efae94cf7e55eccdb00692c0a7e3a DIST lynx2.8.9dev.11.tar.bz2 2665470 BLAKE2B 3fa28252ff619bc7d82d4e1460b7407b6f2f40bb111b8b54ce478327a023748c51e45dbd8e0ae74daff24d59fc3b6a5776a78057c846b8f3bbb153b4c4b92f17 SHA512 702be6cb4f97bae4765d3de3d6ef1cd09e2ef27b570dfbea4f26a411f5bba2ab6d16aee5dbec0ebe63533de17664684ff42fb857b2d17d416774777b38083f50 DIST lynx2.8.9dev.16.tar.bz2 2674662 BLAKE2B 3771199e4d74dcc38c15b8b75207810d3a4f3afabb76d5d8dc7dcd33c5dd0119f0f28a1a719f54df7ed0ecdfb972942c6439536486f99a685febbc252127cc3f SHA512 6aa5e869924c6e42aa68113985aecfb75dc6eb68d5d7db8cedb9843621d29c36c17078e7a692f472e3e7f1edf7ca666e3614bc3bdb092a3631877733d5e3d518 EBUILD lynx-2.8.9_pre11.ebuild 2474 BLAKE2B 55f353231ff7bc0551a6fec2c77e14f448db280842ad2e255479323422d3386c854067807c6df9b4bdb78511ab82637d65e1f250a6c1aaf6d9812abd884b7263 SHA512 9a343cbe5f5bc0350eaaf347e92415b9227877302bda4267f5e9ccb3e0cc4f694e043b6b5d2615b383c1aa474125b75e4d6e91483b4fbf4429fc9db72aa28db8 -EBUILD lynx-2.8.9_pre16.ebuild 2592 BLAKE2B 6f0ff94dac5d8a2aaa5f818a23c628cc1524e6098b6caee87fa00f95a4143ee8e994bd0337a3af9555e8a177df42c0784a0411f311d2e30e93f65e7a786f55c8 SHA512 5ac9771018f79b88569d53f02da10b55cc0198f09523eae9ae3840bffca556dad06049d9dbd4d0e55503961d7fd0f2bc804d2b61aab23754f0d1b7a95e1e9993 +EBUILD lynx-2.8.9_pre16.ebuild 2591 BLAKE2B 559f8a7080aef6f28af7195f034e873c89b38c76b560f63722f0702efd1a0d20fce23052a8b590d9751e6f60ad24bf31371f3542862e30cf530b7e749dc70196 SHA512 e0cd8442843fe71cde0458ed9027e7ff9558ab6430c2c0729f9ec6b525faa90b72f1c7e80712d01e212d63aafc844ec26f50d161b412e1bbd424c79a3ffd6408 MISC metadata.xml 427 BLAKE2B 12b6661d5a6d2881e78dea8bd97e8ea4f7aa34b2134d2a5a91736c02f2e186fcb4f6c01d704f12bfa9bf0b240e17c11a68a4551087cb1cff1e16e4936bbc125c SHA512 74b58082b7c81f4104e401dd9d958dec9f001ea4e574b8c7d49540c1a11376bfe97d0224e5437291e3cf8eed8aeda2b84669b3ab226b521a7598b51dbc7d48ac diff --git a/www-client/lynx/lynx-2.8.9_pre16.ebuild b/www-client/lynx/lynx-2.8.9_pre16.ebuild index 4e5d6677b336..148afaac73de 100644 --- a/www-client/lynx/lynx-2.8.9_pre16.ebuild +++ b/www-client/lynx/lynx-2.8.9_pre16.ebuild @@ -21,7 +21,7 @@ SRC_URI="http://invisible-mirror.net/archives/lynx/tarballs/${MY_P}.tar.bz2" LICENSE="GPL-2" SLOT="0" -KEYWORDS="alpha amd64 arm arm64 ~hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" IUSE="bzip2 cjk gnutls idn ipv6 nls ssl unicode libressl" RDEPEND=" diff --git a/www-client/opera-beta/Manifest b/www-client/opera-beta/Manifest index e79b19b20428..c4450a4faf98 100644 --- a/www-client/opera-beta/Manifest +++ b/www-client/opera-beta/Manifest @@ -1,5 +1,5 @@ -DIST opera-beta_54.0.2952.40_amd64.deb 55438378 BLAKE2B 8d446bb5d32553b6213d60718912ae72b5c7e3d4596c26bdf0140d379a0b6c14e217821e3e2298fbe77e2a094d3f7d7697db2ff53b19c23fd304ab1642b0179a SHA512 987ded440347ae6dfcfca691727b65a6e87fcd0fd1a90fe20812de519dda01f780655cbd024b0021ca22fc9b3f358dac526a91d1f0eabecf001cde97583b2af5 -DIST opera-beta_54.0.2952.43_amd64.deb 55136488 BLAKE2B 65233c91466d1c63e3c0a11964b47fa0cfc7c84f6cdbfeacbf032afc4d75715cbfe31b6b20ccbc1719a37e38a659ae1b3de75da365b412c93b99cfc4a297d6d7 SHA512 92df67403521b836ec1d002bc2e2a99ea949b638f8829b12179fa95903ff21196d2e93cb98afa65664db9cc43f044060a3bae1df3bf57e8427b7ee25d07338ed -EBUILD opera-beta-54.0.2952.40.ebuild 2316 BLAKE2B ecc23746187167ffd747896035e6c2fe21d79a591209b5fb5d460c932086b3b46887bbc9ed6e3208f4c4fb4edc3fe5a5b48f496788886607defd06b03a80108e SHA512 70842898fe3c3031a66eee59ac8fc1cdc7a5ff1e24d51fbcfcf9a15657b084fd0eb0b07b32ef494bd85627420d05808533c945b0da56e49e260091a40c3981a1 -EBUILD opera-beta-54.0.2952.43.ebuild 2316 BLAKE2B ecc23746187167ffd747896035e6c2fe21d79a591209b5fb5d460c932086b3b46887bbc9ed6e3208f4c4fb4edc3fe5a5b48f496788886607defd06b03a80108e SHA512 70842898fe3c3031a66eee59ac8fc1cdc7a5ff1e24d51fbcfcf9a15657b084fd0eb0b07b32ef494bd85627420d05808533c945b0da56e49e260091a40c3981a1 +DIST opera-beta_55.0.2994.14_amd64.deb 56678992 BLAKE2B e45ff11cb7bcf9aceee30cac64264c1dab49d799d96b07c39f9e3ce5bd6cfbc0744137c845d4b571e30828dc1b2a06d79de0c626f752e982498f956e7ba2039c SHA512 d7b0ff6b26d2f78fb895db4be8b9b0715dde84b114aeb195d6239a7edeb86aff118988ff21f63c70a570959e0148336aff251ff82bc528ca2937ab68b557b2bb +DIST opera-beta_55.0.2994.20_amd64.deb 56266674 BLAKE2B a8198ecf4c9086f8e50f027256a380e3a97760cc47a8a54c3975cdff08374330fba35e77f03a9b0293cf1932cc98201f876974b59421bfb1c3c4a682d8ff1742 SHA512 607942e2cfa31c98c503077d827c74122e7ac8540500f89f72e1aff613c1b21abc260defb6ef6bcf31437e13fe98dd2b97537a4f81040d80f9d2c519f3c40e41 +EBUILD opera-beta-55.0.2994.14.ebuild 2316 BLAKE2B ecc23746187167ffd747896035e6c2fe21d79a591209b5fb5d460c932086b3b46887bbc9ed6e3208f4c4fb4edc3fe5a5b48f496788886607defd06b03a80108e SHA512 70842898fe3c3031a66eee59ac8fc1cdc7a5ff1e24d51fbcfcf9a15657b084fd0eb0b07b32ef494bd85627420d05808533c945b0da56e49e260091a40c3981a1 +EBUILD opera-beta-55.0.2994.20.ebuild 2316 BLAKE2B ecc23746187167ffd747896035e6c2fe21d79a591209b5fb5d460c932086b3b46887bbc9ed6e3208f4c4fb4edc3fe5a5b48f496788886607defd06b03a80108e SHA512 70842898fe3c3031a66eee59ac8fc1cdc7a5ff1e24d51fbcfcf9a15657b084fd0eb0b07b32ef494bd85627420d05808533c945b0da56e49e260091a40c3981a1 MISC metadata.xml 238 BLAKE2B 72d4053d28bbf82c9a08a88b354321a782501542b5d506fc6d9f4034839f302761124d59445c0414a0fd38b6401cd5fbe06670802abdb1f25c7cb60919ea5d2e SHA512 b0b981ef72f4d295f427f92dc9931553b4fb7a91c8ed63fa1f28bdbe8bc61d6f0943e1217eb7b61b8d85d9685cbe759db49f094a18a1461cb48429affe76d993 diff --git a/www-client/opera-beta/opera-beta-54.0.2952.40.ebuild b/www-client/opera-beta/opera-beta-54.0.2952.40.ebuild deleted file mode 100644 index 308b38bc8be3..000000000000 --- a/www-client/opera-beta/opera-beta-54.0.2952.40.ebuild +++ /dev/null @@ -1,114 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=5 -CHROMIUM_LANGS=" - be bg bn ca cs da de el en-GB es-419 es fil fi fr-CA fr hi hr hu id it - ja ko lt lv ms nb nl pl pt-BR pt-PT ro ru sk sr sv sw ta te th tr uk vi - zh-CN zh-TW -" -inherit chromium-2 gnome2-utils multilib unpacker xdg-utils - -DESCRIPTION="A fast and secure web browser" -HOMEPAGE="http://www.opera.com/" -LICENSE="OPERA-2014" -SLOT="0" -SRC_URI_BASE=" - http://download1.operacdn.com/pub/ - http://download2.operacdn.com/pub/ - http://download3.operacdn.com/pub/ - http://download4.operacdn.com/pub/ -" -SRC_URI="amd64? (" -for uri in ${SRC_URI_BASE}; do -SRC_URI+=" - "${uri}${PN}/${PV}/linux/${PN}_${PV}_amd64.deb" -" -done -SRC_URI+=")" -KEYWORDS="~amd64" - -RDEPEND=" - dev-libs/expat - dev-libs/glib:2 - dev-libs/nspr - dev-libs/nss - gnome-base/gconf:2 - media-libs/alsa-lib - media-libs/fontconfig - media-libs/freetype - net-misc/curl - net-print/cups - sys-apps/dbus - x11-libs/cairo - x11-libs/gdk-pixbuf - x11-libs/gtk+:2 - x11-libs/libX11 - x11-libs/libXScrnSaver - x11-libs/libXcomposite - x11-libs/libXcursor - x11-libs/libXdamage - x11-libs/libXext - x11-libs/libXfixes - x11-libs/libXi - x11-libs/libXrandr - x11-libs/libXrender - x11-libs/libXtst - x11-libs/libnotify - x11-libs/pango[X] -" - -QA_PREBUILT="*" -S=${WORKDIR} -OPERA_HOME="usr/$(get_libdir)/${PN}" - -src_unpack() { - unpack_deb ${A} -} - -src_prepare() { - case ${ARCH} in - amd64) - mv usr/lib/x86_64-linux-gnu usr/$(get_libdir) || die - rm -r usr/lib || die - ;; - x86) - mv usr/lib/i386-linux-gnu/${PN} usr/$(get_libdir)/ || die - ;; - esac - - rm usr/bin/${PN} || die - - rm usr/share/doc/${PN}/copyright || die - mv usr/share/doc/${PN} usr/share/doc/${PF} || die - - pushd "${OPERA_HOME}/localization" > /dev/null || die - chromium_remove_language_paks - popd > /dev/null || die - - sed -i \ - -e 's|^TargetEnvironment|X-&|g' \ - usr/share/applications/${PN}.desktop || die -} - -src_install() { - mv * "${D}" || die - dosym ../$(get_libdir)/${PN}/${PN} /usr/bin/${PN} - fperms 4711 /usr/$(get_libdir)/${PN}/opera_sandbox -} - -pkg_preinst() { - gnome2_icon_savelist -} - -pkg_postrm() { - gnome2_icon_cache_update - xdg_desktop_database_update - xdg_mimeinfo_database_update -} - -pkg_postinst() { - gnome2_icon_cache_update - xdg_desktop_database_update - xdg_mimeinfo_database_update -} diff --git a/www-client/opera-beta/opera-beta-54.0.2952.43.ebuild b/www-client/opera-beta/opera-beta-54.0.2952.43.ebuild deleted file mode 100644 index 308b38bc8be3..000000000000 --- a/www-client/opera-beta/opera-beta-54.0.2952.43.ebuild +++ /dev/null @@ -1,114 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=5 -CHROMIUM_LANGS=" - be bg bn ca cs da de el en-GB es-419 es fil fi fr-CA fr hi hr hu id it - ja ko lt lv ms nb nl pl pt-BR pt-PT ro ru sk sr sv sw ta te th tr uk vi - zh-CN zh-TW -" -inherit chromium-2 gnome2-utils multilib unpacker xdg-utils - -DESCRIPTION="A fast and secure web browser" -HOMEPAGE="http://www.opera.com/" -LICENSE="OPERA-2014" -SLOT="0" -SRC_URI_BASE=" - http://download1.operacdn.com/pub/ - http://download2.operacdn.com/pub/ - http://download3.operacdn.com/pub/ - http://download4.operacdn.com/pub/ -" -SRC_URI="amd64? (" -for uri in ${SRC_URI_BASE}; do -SRC_URI+=" - "${uri}${PN}/${PV}/linux/${PN}_${PV}_amd64.deb" -" -done -SRC_URI+=")" -KEYWORDS="~amd64" - -RDEPEND=" - dev-libs/expat - dev-libs/glib:2 - dev-libs/nspr - dev-libs/nss - gnome-base/gconf:2 - media-libs/alsa-lib - media-libs/fontconfig - media-libs/freetype - net-misc/curl - net-print/cups - sys-apps/dbus - x11-libs/cairo - x11-libs/gdk-pixbuf - x11-libs/gtk+:2 - x11-libs/libX11 - x11-libs/libXScrnSaver - x11-libs/libXcomposite - x11-libs/libXcursor - x11-libs/libXdamage - x11-libs/libXext - x11-libs/libXfixes - x11-libs/libXi - x11-libs/libXrandr - x11-libs/libXrender - x11-libs/libXtst - x11-libs/libnotify - x11-libs/pango[X] -" - -QA_PREBUILT="*" -S=${WORKDIR} -OPERA_HOME="usr/$(get_libdir)/${PN}" - -src_unpack() { - unpack_deb ${A} -} - -src_prepare() { - case ${ARCH} in - amd64) - mv usr/lib/x86_64-linux-gnu usr/$(get_libdir) || die - rm -r usr/lib || die - ;; - x86) - mv usr/lib/i386-linux-gnu/${PN} usr/$(get_libdir)/ || die - ;; - esac - - rm usr/bin/${PN} || die - - rm usr/share/doc/${PN}/copyright || die - mv usr/share/doc/${PN} usr/share/doc/${PF} || die - - pushd "${OPERA_HOME}/localization" > /dev/null || die - chromium_remove_language_paks - popd > /dev/null || die - - sed -i \ - -e 's|^TargetEnvironment|X-&|g' \ - usr/share/applications/${PN}.desktop || die -} - -src_install() { - mv * "${D}" || die - dosym ../$(get_libdir)/${PN}/${PN} /usr/bin/${PN} - fperms 4711 /usr/$(get_libdir)/${PN}/opera_sandbox -} - -pkg_preinst() { - gnome2_icon_savelist -} - -pkg_postrm() { - gnome2_icon_cache_update - xdg_desktop_database_update - xdg_mimeinfo_database_update -} - -pkg_postinst() { - gnome2_icon_cache_update - xdg_desktop_database_update - xdg_mimeinfo_database_update -} diff --git a/www-client/opera-beta/opera-beta-55.0.2994.14.ebuild b/www-client/opera-beta/opera-beta-55.0.2994.14.ebuild new file mode 100644 index 000000000000..308b38bc8be3 --- /dev/null +++ b/www-client/opera-beta/opera-beta-55.0.2994.14.ebuild @@ -0,0 +1,114 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 +CHROMIUM_LANGS=" + be bg bn ca cs da de el en-GB es-419 es fil fi fr-CA fr hi hr hu id it + ja ko lt lv ms nb nl pl pt-BR pt-PT ro ru sk sr sv sw ta te th tr uk vi + zh-CN zh-TW +" +inherit chromium-2 gnome2-utils multilib unpacker xdg-utils + +DESCRIPTION="A fast and secure web browser" +HOMEPAGE="http://www.opera.com/" +LICENSE="OPERA-2014" +SLOT="0" +SRC_URI_BASE=" + http://download1.operacdn.com/pub/ + http://download2.operacdn.com/pub/ + http://download3.operacdn.com/pub/ + http://download4.operacdn.com/pub/ +" +SRC_URI="amd64? (" +for uri in ${SRC_URI_BASE}; do +SRC_URI+=" + "${uri}${PN}/${PV}/linux/${PN}_${PV}_amd64.deb" +" +done +SRC_URI+=")" +KEYWORDS="~amd64" + +RDEPEND=" + dev-libs/expat + dev-libs/glib:2 + dev-libs/nspr + dev-libs/nss + gnome-base/gconf:2 + media-libs/alsa-lib + media-libs/fontconfig + media-libs/freetype + net-misc/curl + net-print/cups + sys-apps/dbus + x11-libs/cairo + x11-libs/gdk-pixbuf + x11-libs/gtk+:2 + x11-libs/libX11 + x11-libs/libXScrnSaver + x11-libs/libXcomposite + x11-libs/libXcursor + x11-libs/libXdamage + x11-libs/libXext + x11-libs/libXfixes + x11-libs/libXi + x11-libs/libXrandr + x11-libs/libXrender + x11-libs/libXtst + x11-libs/libnotify + x11-libs/pango[X] +" + +QA_PREBUILT="*" +S=${WORKDIR} +OPERA_HOME="usr/$(get_libdir)/${PN}" + +src_unpack() { + unpack_deb ${A} +} + +src_prepare() { + case ${ARCH} in + amd64) + mv usr/lib/x86_64-linux-gnu usr/$(get_libdir) || die + rm -r usr/lib || die + ;; + x86) + mv usr/lib/i386-linux-gnu/${PN} usr/$(get_libdir)/ || die + ;; + esac + + rm usr/bin/${PN} || die + + rm usr/share/doc/${PN}/copyright || die + mv usr/share/doc/${PN} usr/share/doc/${PF} || die + + pushd "${OPERA_HOME}/localization" > /dev/null || die + chromium_remove_language_paks + popd > /dev/null || die + + sed -i \ + -e 's|^TargetEnvironment|X-&|g' \ + usr/share/applications/${PN}.desktop || die +} + +src_install() { + mv * "${D}" || die + dosym ../$(get_libdir)/${PN}/${PN} /usr/bin/${PN} + fperms 4711 /usr/$(get_libdir)/${PN}/opera_sandbox +} + +pkg_preinst() { + gnome2_icon_savelist +} + +pkg_postrm() { + gnome2_icon_cache_update + xdg_desktop_database_update + xdg_mimeinfo_database_update +} + +pkg_postinst() { + gnome2_icon_cache_update + xdg_desktop_database_update + xdg_mimeinfo_database_update +} diff --git a/www-client/opera-beta/opera-beta-55.0.2994.20.ebuild b/www-client/opera-beta/opera-beta-55.0.2994.20.ebuild new file mode 100644 index 000000000000..308b38bc8be3 --- /dev/null +++ b/www-client/opera-beta/opera-beta-55.0.2994.20.ebuild @@ -0,0 +1,114 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 +CHROMIUM_LANGS=" + be bg bn ca cs da de el en-GB es-419 es fil fi fr-CA fr hi hr hu id it + ja ko lt lv ms nb nl pl pt-BR pt-PT ro ru sk sr sv sw ta te th tr uk vi + zh-CN zh-TW +" +inherit chromium-2 gnome2-utils multilib unpacker xdg-utils + +DESCRIPTION="A fast and secure web browser" +HOMEPAGE="http://www.opera.com/" +LICENSE="OPERA-2014" +SLOT="0" +SRC_URI_BASE=" + http://download1.operacdn.com/pub/ + http://download2.operacdn.com/pub/ + http://download3.operacdn.com/pub/ + http://download4.operacdn.com/pub/ +" +SRC_URI="amd64? (" +for uri in ${SRC_URI_BASE}; do +SRC_URI+=" + "${uri}${PN}/${PV}/linux/${PN}_${PV}_amd64.deb" +" +done +SRC_URI+=")" +KEYWORDS="~amd64" + +RDEPEND=" + dev-libs/expat + dev-libs/glib:2 + dev-libs/nspr + dev-libs/nss + gnome-base/gconf:2 + media-libs/alsa-lib + media-libs/fontconfig + media-libs/freetype + net-misc/curl + net-print/cups + sys-apps/dbus + x11-libs/cairo + x11-libs/gdk-pixbuf + x11-libs/gtk+:2 + x11-libs/libX11 + x11-libs/libXScrnSaver + x11-libs/libXcomposite + x11-libs/libXcursor + x11-libs/libXdamage + x11-libs/libXext + x11-libs/libXfixes + x11-libs/libXi + x11-libs/libXrandr + x11-libs/libXrender + x11-libs/libXtst + x11-libs/libnotify + x11-libs/pango[X] +" + +QA_PREBUILT="*" +S=${WORKDIR} +OPERA_HOME="usr/$(get_libdir)/${PN}" + +src_unpack() { + unpack_deb ${A} +} + +src_prepare() { + case ${ARCH} in + amd64) + mv usr/lib/x86_64-linux-gnu usr/$(get_libdir) || die + rm -r usr/lib || die + ;; + x86) + mv usr/lib/i386-linux-gnu/${PN} usr/$(get_libdir)/ || die + ;; + esac + + rm usr/bin/${PN} || die + + rm usr/share/doc/${PN}/copyright || die + mv usr/share/doc/${PN} usr/share/doc/${PF} || die + + pushd "${OPERA_HOME}/localization" > /dev/null || die + chromium_remove_language_paks + popd > /dev/null || die + + sed -i \ + -e 's|^TargetEnvironment|X-&|g' \ + usr/share/applications/${PN}.desktop || die +} + +src_install() { + mv * "${D}" || die + dosym ../$(get_libdir)/${PN}/${PN} /usr/bin/${PN} + fperms 4711 /usr/$(get_libdir)/${PN}/opera_sandbox +} + +pkg_preinst() { + gnome2_icon_savelist +} + +pkg_postrm() { + gnome2_icon_cache_update + xdg_desktop_database_update + xdg_mimeinfo_database_update +} + +pkg_postinst() { + gnome2_icon_cache_update + xdg_desktop_database_update + xdg_mimeinfo_database_update +} diff --git a/www-client/opera-developer/Manifest b/www-client/opera-developer/Manifest index 0b2d10f558d2..623e670eb857 100644 --- a/www-client/opera-developer/Manifest +++ b/www-client/opera-developer/Manifest @@ -1,5 +1,5 @@ -DIST opera-developer_55.0.2991.0_amd64.deb 56130074 BLAKE2B f86b8da08bbda2060e95cda7523aad39ea1a64b82a67c196024643550ceaf163af8ffd28e722427803bfa1411b0cef1303193a896e77f8900fb3980672cf42f5 SHA512 d3d427fae872a268f0944ac672fafaf166aa774f13b3b8dba1c4f41ab1e7eb2d683d11fbd5ea0adae34a2d2b79b406cb5157b9842dc9e1ca5f5a1959a8095932 DIST opera-developer_56.0.3003.0_amd64.deb 56650698 BLAKE2B efdaeb3e5c34307e863bb8ba8140461e9c3ce279c90d3c4dfea0e22e858462740830e8b46d716fbd7d968c57d3238a7a059b6a12193bce45d83ebc2523c0212b SHA512 a5ac2ef9302790863501f8a793c4e73a2455219b30dc76a495ff74465e25eed0ceb817d00fa4f9e17c0df152dff0394693b4e98fdba453f5e761824ef7ea4c36 -EBUILD opera-developer-55.0.2991.0.ebuild 2316 BLAKE2B 8fbb8274e4ef03f9fca9382ade28d36524be58c1e16fecb33d7c90947f938e115e3f47bba5df7b07f145b15e3759df73bb6f2cc5729b4d327492e25f68429a72 SHA512 0199d19ab24caff2b35b700db1c75a8d0279bfa2612395c83572a43f3cfc49526501377cf9d2a1042843e999f451a3ceff13f381dbbcc9d3e6b2305b88531ff8 +DIST opera-developer_56.0.3013.0_amd64.deb 57274790 BLAKE2B 17fe597401c6068b4ebb6810b9cd5ae9c2356a6fe18853b2d64706ec499cf47bd31b7bb0d67c5b902af9e49b524c43b5c559237b846183a7c2eaef9399b681b3 SHA512 5e756e0fae127e8232d9f1bfa48447aa768089b3a7d411478b399bf850fec5918f3078e9e18cfe404d177fae43bc4b2882ecbbafcaf8b2e2e0b65dbf72ef3d06 EBUILD opera-developer-56.0.3003.0.ebuild 2316 BLAKE2B 8fbb8274e4ef03f9fca9382ade28d36524be58c1e16fecb33d7c90947f938e115e3f47bba5df7b07f145b15e3759df73bb6f2cc5729b4d327492e25f68429a72 SHA512 0199d19ab24caff2b35b700db1c75a8d0279bfa2612395c83572a43f3cfc49526501377cf9d2a1042843e999f451a3ceff13f381dbbcc9d3e6b2305b88531ff8 +EBUILD opera-developer-56.0.3013.0.ebuild 2316 BLAKE2B 8fbb8274e4ef03f9fca9382ade28d36524be58c1e16fecb33d7c90947f938e115e3f47bba5df7b07f145b15e3759df73bb6f2cc5729b4d327492e25f68429a72 SHA512 0199d19ab24caff2b35b700db1c75a8d0279bfa2612395c83572a43f3cfc49526501377cf9d2a1042843e999f451a3ceff13f381dbbcc9d3e6b2305b88531ff8 MISC metadata.xml 238 BLAKE2B 72d4053d28bbf82c9a08a88b354321a782501542b5d506fc6d9f4034839f302761124d59445c0414a0fd38b6401cd5fbe06670802abdb1f25c7cb60919ea5d2e SHA512 b0b981ef72f4d295f427f92dc9931553b4fb7a91c8ed63fa1f28bdbe8bc61d6f0943e1217eb7b61b8d85d9685cbe759db49f094a18a1461cb48429affe76d993 diff --git a/www-client/opera-developer/opera-developer-55.0.2991.0.ebuild b/www-client/opera-developer/opera-developer-55.0.2991.0.ebuild deleted file mode 100644 index 12a41bce61c8..000000000000 --- a/www-client/opera-developer/opera-developer-55.0.2991.0.ebuild +++ /dev/null @@ -1,114 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=5 -CHROMIUM_LANGS=" - be bg bn ca cs da de el en-GB es es-419 fi fil fr fr-CA hi hr hu id it - ja ko lt lv ms nb nl pl pt-BR pt-PT ro ru sk sr sv sw ta te th tr uk vi - zh-CN zh-TW -" -inherit chromium-2 gnome2-utils multilib unpacker xdg-utils - -DESCRIPTION="A fast and secure web browser" -HOMEPAGE="http://www.opera.com/" -LICENSE="OPERA-2014" -SLOT="0" -SRC_URI_BASE=" - http://download1.operacdn.com/pub/ - http://download2.operacdn.com/pub/ - http://download3.operacdn.com/pub/ - http://download4.operacdn.com/pub/ -" -SRC_URI="amd64? (" -for uri in ${SRC_URI_BASE}; do -SRC_URI+=" - "${uri}${PN}/${PV}/linux/${PN}_${PV}_amd64.deb" -" -done -SRC_URI+=")" -KEYWORDS="~amd64" - -RDEPEND=" - dev-libs/expat - dev-libs/glib:2 - dev-libs/nspr - dev-libs/nss - gnome-base/gconf:2 - media-libs/alsa-lib - media-libs/fontconfig - media-libs/freetype - net-misc/curl - net-print/cups - sys-apps/dbus - x11-libs/cairo - x11-libs/gdk-pixbuf - x11-libs/gtk+:3 - x11-libs/libX11 - x11-libs/libXScrnSaver - x11-libs/libXcomposite - x11-libs/libXcursor - x11-libs/libXdamage - x11-libs/libXext - x11-libs/libXfixes - x11-libs/libXi - x11-libs/libXrandr - x11-libs/libXrender - x11-libs/libXtst - x11-libs/libnotify - x11-libs/pango[X] -" - -QA_PREBUILT="*" -S=${WORKDIR} -OPERA_HOME="usr/$(get_libdir)/${PN}" - -src_unpack() { - unpack_deb ${A} -} - -src_prepare() { - case ${ARCH} in - amd64) - mv usr/lib/x86_64-linux-gnu usr/$(get_libdir) || die - rm -r usr/lib || die - ;; - x86) - mv usr/lib/i386-linux-gnu/${PN} usr/$(get_libdir)/ || die - ;; - esac - - rm usr/bin/${PN} || die - - rm usr/share/doc/${PN}/copyright || die - mv usr/share/doc/${PN} usr/share/doc/${PF} || die - - pushd "${OPERA_HOME}/localization" > /dev/null || die - chromium_remove_language_paks - popd > /dev/null || die - - sed -i \ - -e 's|^TargetEnvironment|X-&|g' \ - usr/share/applications/${PN}.desktop || die -} - -src_install() { - mv * "${D}" || die - dosym ../$(get_libdir)/${PN}/${PN} /usr/bin/${PN} - fperms 4711 /usr/$(get_libdir)/${PN}/opera_sandbox -} - -pkg_preinst() { - gnome2_icon_savelist -} - -pkg_postrm() { - gnome2_icon_cache_update - xdg_desktop_database_update - xdg_mimeinfo_database_update -} - -pkg_postinst() { - gnome2_icon_cache_update - xdg_desktop_database_update - xdg_mimeinfo_database_update -} diff --git a/www-client/opera-developer/opera-developer-56.0.3013.0.ebuild b/www-client/opera-developer/opera-developer-56.0.3013.0.ebuild new file mode 100644 index 000000000000..12a41bce61c8 --- /dev/null +++ b/www-client/opera-developer/opera-developer-56.0.3013.0.ebuild @@ -0,0 +1,114 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 +CHROMIUM_LANGS=" + be bg bn ca cs da de el en-GB es es-419 fi fil fr fr-CA hi hr hu id it + ja ko lt lv ms nb nl pl pt-BR pt-PT ro ru sk sr sv sw ta te th tr uk vi + zh-CN zh-TW +" +inherit chromium-2 gnome2-utils multilib unpacker xdg-utils + +DESCRIPTION="A fast and secure web browser" +HOMEPAGE="http://www.opera.com/" +LICENSE="OPERA-2014" +SLOT="0" +SRC_URI_BASE=" + http://download1.operacdn.com/pub/ + http://download2.operacdn.com/pub/ + http://download3.operacdn.com/pub/ + http://download4.operacdn.com/pub/ +" +SRC_URI="amd64? (" +for uri in ${SRC_URI_BASE}; do +SRC_URI+=" + "${uri}${PN}/${PV}/linux/${PN}_${PV}_amd64.deb" +" +done +SRC_URI+=")" +KEYWORDS="~amd64" + +RDEPEND=" + dev-libs/expat + dev-libs/glib:2 + dev-libs/nspr + dev-libs/nss + gnome-base/gconf:2 + media-libs/alsa-lib + media-libs/fontconfig + media-libs/freetype + net-misc/curl + net-print/cups + sys-apps/dbus + x11-libs/cairo + x11-libs/gdk-pixbuf + x11-libs/gtk+:3 + x11-libs/libX11 + x11-libs/libXScrnSaver + x11-libs/libXcomposite + x11-libs/libXcursor + x11-libs/libXdamage + x11-libs/libXext + x11-libs/libXfixes + x11-libs/libXi + x11-libs/libXrandr + x11-libs/libXrender + x11-libs/libXtst + x11-libs/libnotify + x11-libs/pango[X] +" + +QA_PREBUILT="*" +S=${WORKDIR} +OPERA_HOME="usr/$(get_libdir)/${PN}" + +src_unpack() { + unpack_deb ${A} +} + +src_prepare() { + case ${ARCH} in + amd64) + mv usr/lib/x86_64-linux-gnu usr/$(get_libdir) || die + rm -r usr/lib || die + ;; + x86) + mv usr/lib/i386-linux-gnu/${PN} usr/$(get_libdir)/ || die + ;; + esac + + rm usr/bin/${PN} || die + + rm usr/share/doc/${PN}/copyright || die + mv usr/share/doc/${PN} usr/share/doc/${PF} || die + + pushd "${OPERA_HOME}/localization" > /dev/null || die + chromium_remove_language_paks + popd > /dev/null || die + + sed -i \ + -e 's|^TargetEnvironment|X-&|g' \ + usr/share/applications/${PN}.desktop || die +} + +src_install() { + mv * "${D}" || die + dosym ../$(get_libdir)/${PN}/${PN} /usr/bin/${PN} + fperms 4711 /usr/$(get_libdir)/${PN}/opera_sandbox +} + +pkg_preinst() { + gnome2_icon_savelist +} + +pkg_postrm() { + gnome2_icon_cache_update + xdg_desktop_database_update + xdg_mimeinfo_database_update +} + +pkg_postinst() { + gnome2_icon_cache_update + xdg_desktop_database_update + xdg_mimeinfo_database_update +} diff --git a/www-client/opera/Manifest b/www-client/opera/Manifest index 528953027429..f3811cf3e2f0 100644 --- a/www-client/opera/Manifest +++ b/www-client/opera/Manifest @@ -2,9 +2,9 @@ DIST opera-12.16-1860.amd64.freebsd.tar.xz 13312684 BLAKE2B 2c4cd52a07999c5beabe DIST opera-12.16-1860.i386.freebsd.tar.xz 13385696 BLAKE2B 35fef5a5d1784941ce11ff3fed440d9c8f83ce5f9a0a8aad3f68deb470a7d82accfe7c9c93be225b458c0fc8e738ca7841d3d14abcaa201801321f3280f2b58f SHA512 0bb2c0548765ea476cdb8be6c84faf1d60dddb5a2c08b7312027f4cd17fa8ebd4fbc1a97657bbcb0ac07733e5f3b340b181a307a778c38543140adbfe7f8b844 DIST opera-12.16-1860.i386.linux.tar.xz 13154668 BLAKE2B 7f9ef54f44bc143c13173bce92543351c39288058455baf3fde19f9f8766c9acd72971216c8c340fd89e918f18e89320eb8d13c4be9ec71635e2073c94c90067 SHA512 a13ec53311e3e78f35103a9dd5337c0e9a555362860213080211ee9d21de88fbd6aae03bed20b7515874d5a09dfbab108954213745fb82175f5e48e555152613 DIST opera-12.16-1860.x86_64.linux.tar.xz 14018800 BLAKE2B e0cb727ea79868d1c3c692d445fc8949f554c3bbe2bf3c9f222885891458cab7af1a29096cd3caf6936e83068841dda4bff5b8a17eb55a86bebe39ce2b270183 SHA512 c1289f352ea5fc8133b105771f48fdc56ccd770920330b1a0ed939ff909abc68081447673572eabeb1aae6db5194b6ab35c93afad78a91d8f7a9a0f91e81ef8b -DIST opera-stable_54.0.2952.46_amd64.deb 55502514 BLAKE2B 85831f94f7cd5ba2fb62c3d916644839b1fabeb4a251e3b87cd1123bb8a3176958d090c5f6e8b13cedc2a9dab72b98ab88974e71227ae25ca9e5763d60dbfbe3 SHA512 d7840c02988f06d3f92e6c4c332a5f2cde012644d01bc925fa0a108cf2f0cfd5a85377396b8378ae2590a295b93610903874bc458df2ef1306ede9e89dd9146b -DIST opera-stable_54.0.2952.51_amd64.deb 55848686 BLAKE2B 4a26a16bb5a1fbf1f12e4ee3b3b347a4da6eb13d10866ecd5d1d908a352d73a376df40070f98046e412b522b59f4877591a78c0b931bc62672349e060a713da5 SHA512 2905808f54604f11c195d808928928dbb733a4a570f033dcb0164b5117620d5835afcf7da6c3345cd3d5afe48b6a997bf2d81588bb4afdbdeb129066dd643251 +DIST opera-stable_54.0.2952.54_amd64.deb 55053230 BLAKE2B a998158fa624af7d439872c11a96da80566bcd48e6b1e2c7c8293fbe4c9f5495025bf741bf2e77b44115d7ff154e4f8924f5e629346fe0a1f19ee1e2d90d613d SHA512 76887484841f2eb0669d6c12d0ce80092b6a903a0244c3eb2d17d4530fc0abb94c752d215c86fce5f67469b089214527bc5e1f62770bfb1e64d5e6e0c36e0e4a +DIST opera-stable_54.0.2952.60_amd64.deb 55845302 BLAKE2B b7b8ea124dc50da1b9bac33aa9aca9e672a54ddbffd5257d31984951af5d8f9587f86699a6969c9594e7f8e6e6a11b4e26e92dc6203d9f8fec1ba6eae0db7597 SHA512 e650f202fed6bf962bc3f94aad3eadcf5cfb9a82a6588263d4cf4bec5e4ce3a798aab0be1692c385579964031785fb4875528be803aa8dd93ca8eaecc22812e6 EBUILD opera-12.16_p1860-r1.ebuild 6115 BLAKE2B 6805a42231575003626bfc50af74664b53d007cc53cf99a215c764b85d68c1ce824a68c909b56c5b96bbcfda0f0d1caa6e21745f38571b563f2221cfda224da4 SHA512 9e280c4b9f15207a476196e103c265de4ecc3a4a36e5fae12d8330b12e85a774a39b6188ba4d13d028ef191b621b69bdecdd7e4362c0c49be689e6be69b46b1a -EBUILD opera-54.0.2952.46.ebuild 2239 BLAKE2B 48e7340be15efdb6575ba3d2d656ab8e65116a65c8794efbeb68294eab6d5a0dd1e68c4d87eba08d29bb2ac98fd8c7ade6d9b007b347845de8fbad0f990605f8 SHA512 4db8d4a415684f3ee61bb57fe2bfa95a00a7b512d585ab65b93303fccd28b7abb5710a66208a1358afbab0c09f443d60e63926a583193664e39d49e7e16de774 -EBUILD opera-54.0.2952.51.ebuild 2239 BLAKE2B 48e7340be15efdb6575ba3d2d656ab8e65116a65c8794efbeb68294eab6d5a0dd1e68c4d87eba08d29bb2ac98fd8c7ade6d9b007b347845de8fbad0f990605f8 SHA512 4db8d4a415684f3ee61bb57fe2bfa95a00a7b512d585ab65b93303fccd28b7abb5710a66208a1358afbab0c09f443d60e63926a583193664e39d49e7e16de774 +EBUILD opera-54.0.2952.54.ebuild 2239 BLAKE2B 48e7340be15efdb6575ba3d2d656ab8e65116a65c8794efbeb68294eab6d5a0dd1e68c4d87eba08d29bb2ac98fd8c7ade6d9b007b347845de8fbad0f990605f8 SHA512 4db8d4a415684f3ee61bb57fe2bfa95a00a7b512d585ab65b93303fccd28b7abb5710a66208a1358afbab0c09f443d60e63926a583193664e39d49e7e16de774 +EBUILD opera-54.0.2952.60.ebuild 2239 BLAKE2B 48e7340be15efdb6575ba3d2d656ab8e65116a65c8794efbeb68294eab6d5a0dd1e68c4d87eba08d29bb2ac98fd8c7ade6d9b007b347845de8fbad0f990605f8 SHA512 4db8d4a415684f3ee61bb57fe2bfa95a00a7b512d585ab65b93303fccd28b7abb5710a66208a1358afbab0c09f443d60e63926a583193664e39d49e7e16de774 MISC metadata.xml 576 BLAKE2B b7741cc8f83a9b2f8b5a408f90123000ff5daab77771adaefeb72ae1cdfaf7213f674097e6875c168907bc6820764ccb93c2a3696e792e1f6db92d5f13d664af SHA512 475c622917d4c749b7d940d023519152820a6d6cba48b01f3fdeee8261a2faf217fee10c0e482d6dee5d46f26b2e8ca938d79b93cde178aeb66fb71c268d2374 diff --git a/www-client/opera/opera-54.0.2952.46.ebuild b/www-client/opera/opera-54.0.2952.46.ebuild deleted file mode 100644 index 139f6afa7c77..000000000000 --- a/www-client/opera/opera-54.0.2952.46.ebuild +++ /dev/null @@ -1,109 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=5 -CHROMIUM_LANGS=" - be bg bn ca cs da de el en-GB es-419 es fil fi fr-CA fr hi hr hu id it ja - ko lt lv ms nb nl pl pt-BR pt-PT ro ru sk sr sv sw ta te th tr uk vi zh-CN - zh-TW -" -inherit chromium-2 gnome2-utils multilib unpacker xdg-utils - -DESCRIPTION="A fast and secure web browser" -HOMEPAGE="http://www.opera.com/" -LICENSE="OPERA-2014" -SLOT="0" -SRC_URI_BASE=" - http://download1.operacdn.com/pub/ - http://download2.operacdn.com/pub/ - http://download3.operacdn.com/pub/ - http://download4.operacdn.com/pub/ -" -for uri in ${SRC_URI_BASE}; do -SRC_URI+=" - "${uri}${PN}/desktop/${PV}/linux/${PN}-stable_${PV}_amd64.deb" -" -done -KEYWORDS="~amd64" - -RDEPEND=" - dev-libs/expat - dev-libs/glib:2 - dev-libs/nspr - dev-libs/nss - gnome-base/gconf:2 - media-libs/alsa-lib - media-libs/fontconfig - media-libs/freetype - net-misc/curl - net-print/cups - sys-apps/dbus - x11-libs/cairo - x11-libs/gdk-pixbuf - x11-libs/gtk+:2 - x11-libs/libX11 - x11-libs/libXScrnSaver - x11-libs/libXcomposite - x11-libs/libXcursor - x11-libs/libXdamage - x11-libs/libXext - x11-libs/libXfixes - x11-libs/libXi - x11-libs/libXrandr - x11-libs/libXrender - x11-libs/libXtst - x11-libs/libnotify - x11-libs/pango[X] -" - -QA_PREBUILT="*" -S=${WORKDIR} -OPERA_HOME="usr/$(get_libdir)/${PN}" - -src_unpack() { - unpack_deb ${A} -} - -src_prepare() { - case ${ARCH} in - amd64) - mv usr/lib/x86_64-linux-gnu usr/$(get_libdir) || die - rm -r usr/lib || die - ;; - esac - - rm usr/bin/${PN} || die - - rm usr/share/doc/${PN}-stable/copyright || die - mv usr/share/doc/${PN}-stable usr/share/doc/${PF} || die - - pushd "${OPERA_HOME}/localization" > /dev/null || die - chromium_remove_language_paks - popd > /dev/null || die - - sed -i \ - -e 's|^TargetEnvironment|X-&|g' \ - usr/share/applications/${PN}.desktop || die -} - -src_install() { - mv * "${D}" || die - dosym ../$(get_libdir)/${PN}/${PN} /usr/bin/${PN} - fperms 4711 /usr/$(get_libdir)/${PN}/opera_sandbox -} - -pkg_preinst() { - gnome2_icon_savelist -} - -pkg_postrm() { - gnome2_icon_cache_update - xdg_desktop_database_update - xdg_mimeinfo_database_update -} - -pkg_postinst() { - gnome2_icon_cache_update - xdg_desktop_database_update - xdg_mimeinfo_database_update -} diff --git a/www-client/opera/opera-54.0.2952.51.ebuild b/www-client/opera/opera-54.0.2952.51.ebuild deleted file mode 100644 index 139f6afa7c77..000000000000 --- a/www-client/opera/opera-54.0.2952.51.ebuild +++ /dev/null @@ -1,109 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=5 -CHROMIUM_LANGS=" - be bg bn ca cs da de el en-GB es-419 es fil fi fr-CA fr hi hr hu id it ja - ko lt lv ms nb nl pl pt-BR pt-PT ro ru sk sr sv sw ta te th tr uk vi zh-CN - zh-TW -" -inherit chromium-2 gnome2-utils multilib unpacker xdg-utils - -DESCRIPTION="A fast and secure web browser" -HOMEPAGE="http://www.opera.com/" -LICENSE="OPERA-2014" -SLOT="0" -SRC_URI_BASE=" - http://download1.operacdn.com/pub/ - http://download2.operacdn.com/pub/ - http://download3.operacdn.com/pub/ - http://download4.operacdn.com/pub/ -" -for uri in ${SRC_URI_BASE}; do -SRC_URI+=" - "${uri}${PN}/desktop/${PV}/linux/${PN}-stable_${PV}_amd64.deb" -" -done -KEYWORDS="~amd64" - -RDEPEND=" - dev-libs/expat - dev-libs/glib:2 - dev-libs/nspr - dev-libs/nss - gnome-base/gconf:2 - media-libs/alsa-lib - media-libs/fontconfig - media-libs/freetype - net-misc/curl - net-print/cups - sys-apps/dbus - x11-libs/cairo - x11-libs/gdk-pixbuf - x11-libs/gtk+:2 - x11-libs/libX11 - x11-libs/libXScrnSaver - x11-libs/libXcomposite - x11-libs/libXcursor - x11-libs/libXdamage - x11-libs/libXext - x11-libs/libXfixes - x11-libs/libXi - x11-libs/libXrandr - x11-libs/libXrender - x11-libs/libXtst - x11-libs/libnotify - x11-libs/pango[X] -" - -QA_PREBUILT="*" -S=${WORKDIR} -OPERA_HOME="usr/$(get_libdir)/${PN}" - -src_unpack() { - unpack_deb ${A} -} - -src_prepare() { - case ${ARCH} in - amd64) - mv usr/lib/x86_64-linux-gnu usr/$(get_libdir) || die - rm -r usr/lib || die - ;; - esac - - rm usr/bin/${PN} || die - - rm usr/share/doc/${PN}-stable/copyright || die - mv usr/share/doc/${PN}-stable usr/share/doc/${PF} || die - - pushd "${OPERA_HOME}/localization" > /dev/null || die - chromium_remove_language_paks - popd > /dev/null || die - - sed -i \ - -e 's|^TargetEnvironment|X-&|g' \ - usr/share/applications/${PN}.desktop || die -} - -src_install() { - mv * "${D}" || die - dosym ../$(get_libdir)/${PN}/${PN} /usr/bin/${PN} - fperms 4711 /usr/$(get_libdir)/${PN}/opera_sandbox -} - -pkg_preinst() { - gnome2_icon_savelist -} - -pkg_postrm() { - gnome2_icon_cache_update - xdg_desktop_database_update - xdg_mimeinfo_database_update -} - -pkg_postinst() { - gnome2_icon_cache_update - xdg_desktop_database_update - xdg_mimeinfo_database_update -} diff --git a/www-client/opera/opera-54.0.2952.54.ebuild b/www-client/opera/opera-54.0.2952.54.ebuild new file mode 100644 index 000000000000..139f6afa7c77 --- /dev/null +++ b/www-client/opera/opera-54.0.2952.54.ebuild @@ -0,0 +1,109 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 +CHROMIUM_LANGS=" + be bg bn ca cs da de el en-GB es-419 es fil fi fr-CA fr hi hr hu id it ja + ko lt lv ms nb nl pl pt-BR pt-PT ro ru sk sr sv sw ta te th tr uk vi zh-CN + zh-TW +" +inherit chromium-2 gnome2-utils multilib unpacker xdg-utils + +DESCRIPTION="A fast and secure web browser" +HOMEPAGE="http://www.opera.com/" +LICENSE="OPERA-2014" +SLOT="0" +SRC_URI_BASE=" + http://download1.operacdn.com/pub/ + http://download2.operacdn.com/pub/ + http://download3.operacdn.com/pub/ + http://download4.operacdn.com/pub/ +" +for uri in ${SRC_URI_BASE}; do +SRC_URI+=" + "${uri}${PN}/desktop/${PV}/linux/${PN}-stable_${PV}_amd64.deb" +" +done +KEYWORDS="~amd64" + +RDEPEND=" + dev-libs/expat + dev-libs/glib:2 + dev-libs/nspr + dev-libs/nss + gnome-base/gconf:2 + media-libs/alsa-lib + media-libs/fontconfig + media-libs/freetype + net-misc/curl + net-print/cups + sys-apps/dbus + x11-libs/cairo + x11-libs/gdk-pixbuf + x11-libs/gtk+:2 + x11-libs/libX11 + x11-libs/libXScrnSaver + x11-libs/libXcomposite + x11-libs/libXcursor + x11-libs/libXdamage + x11-libs/libXext + x11-libs/libXfixes + x11-libs/libXi + x11-libs/libXrandr + x11-libs/libXrender + x11-libs/libXtst + x11-libs/libnotify + x11-libs/pango[X] +" + +QA_PREBUILT="*" +S=${WORKDIR} +OPERA_HOME="usr/$(get_libdir)/${PN}" + +src_unpack() { + unpack_deb ${A} +} + +src_prepare() { + case ${ARCH} in + amd64) + mv usr/lib/x86_64-linux-gnu usr/$(get_libdir) || die + rm -r usr/lib || die + ;; + esac + + rm usr/bin/${PN} || die + + rm usr/share/doc/${PN}-stable/copyright || die + mv usr/share/doc/${PN}-stable usr/share/doc/${PF} || die + + pushd "${OPERA_HOME}/localization" > /dev/null || die + chromium_remove_language_paks + popd > /dev/null || die + + sed -i \ + -e 's|^TargetEnvironment|X-&|g' \ + usr/share/applications/${PN}.desktop || die +} + +src_install() { + mv * "${D}" || die + dosym ../$(get_libdir)/${PN}/${PN} /usr/bin/${PN} + fperms 4711 /usr/$(get_libdir)/${PN}/opera_sandbox +} + +pkg_preinst() { + gnome2_icon_savelist +} + +pkg_postrm() { + gnome2_icon_cache_update + xdg_desktop_database_update + xdg_mimeinfo_database_update +} + +pkg_postinst() { + gnome2_icon_cache_update + xdg_desktop_database_update + xdg_mimeinfo_database_update +} diff --git a/www-client/opera/opera-54.0.2952.60.ebuild b/www-client/opera/opera-54.0.2952.60.ebuild new file mode 100644 index 000000000000..139f6afa7c77 --- /dev/null +++ b/www-client/opera/opera-54.0.2952.60.ebuild @@ -0,0 +1,109 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 +CHROMIUM_LANGS=" + be bg bn ca cs da de el en-GB es-419 es fil fi fr-CA fr hi hr hu id it ja + ko lt lv ms nb nl pl pt-BR pt-PT ro ru sk sr sv sw ta te th tr uk vi zh-CN + zh-TW +" +inherit chromium-2 gnome2-utils multilib unpacker xdg-utils + +DESCRIPTION="A fast and secure web browser" +HOMEPAGE="http://www.opera.com/" +LICENSE="OPERA-2014" +SLOT="0" +SRC_URI_BASE=" + http://download1.operacdn.com/pub/ + http://download2.operacdn.com/pub/ + http://download3.operacdn.com/pub/ + http://download4.operacdn.com/pub/ +" +for uri in ${SRC_URI_BASE}; do +SRC_URI+=" + "${uri}${PN}/desktop/${PV}/linux/${PN}-stable_${PV}_amd64.deb" +" +done +KEYWORDS="~amd64" + +RDEPEND=" + dev-libs/expat + dev-libs/glib:2 + dev-libs/nspr + dev-libs/nss + gnome-base/gconf:2 + media-libs/alsa-lib + media-libs/fontconfig + media-libs/freetype + net-misc/curl + net-print/cups + sys-apps/dbus + x11-libs/cairo + x11-libs/gdk-pixbuf + x11-libs/gtk+:2 + x11-libs/libX11 + x11-libs/libXScrnSaver + x11-libs/libXcomposite + x11-libs/libXcursor + x11-libs/libXdamage + x11-libs/libXext + x11-libs/libXfixes + x11-libs/libXi + x11-libs/libXrandr + x11-libs/libXrender + x11-libs/libXtst + x11-libs/libnotify + x11-libs/pango[X] +" + +QA_PREBUILT="*" +S=${WORKDIR} +OPERA_HOME="usr/$(get_libdir)/${PN}" + +src_unpack() { + unpack_deb ${A} +} + +src_prepare() { + case ${ARCH} in + amd64) + mv usr/lib/x86_64-linux-gnu usr/$(get_libdir) || die + rm -r usr/lib || die + ;; + esac + + rm usr/bin/${PN} || die + + rm usr/share/doc/${PN}-stable/copyright || die + mv usr/share/doc/${PN}-stable usr/share/doc/${PF} || die + + pushd "${OPERA_HOME}/localization" > /dev/null || die + chromium_remove_language_paks + popd > /dev/null || die + + sed -i \ + -e 's|^TargetEnvironment|X-&|g' \ + usr/share/applications/${PN}.desktop || die +} + +src_install() { + mv * "${D}" || die + dosym ../$(get_libdir)/${PN}/${PN} /usr/bin/${PN} + fperms 4711 /usr/$(get_libdir)/${PN}/opera_sandbox +} + +pkg_preinst() { + gnome2_icon_savelist +} + +pkg_postrm() { + gnome2_icon_cache_update + xdg_desktop_database_update + xdg_mimeinfo_database_update +} + +pkg_postinst() { + gnome2_icon_cache_update + xdg_desktop_database_update + xdg_mimeinfo_database_update +} diff --git a/www-client/vivaldi/Manifest b/www-client/vivaldi/Manifest index 09f174cb7267..faa473b577a8 100644 --- a/www-client/vivaldi/Manifest +++ b/www-client/vivaldi/Manifest @@ -1,10 +1,9 @@ -AUX vivaldi-1.14.1077.45_p1-libffmpeg.patch 567 BLAKE2B b26ad49c8d4336e572ca4fc4ffb1b90240b0b9d568e48706965fafdfd5681014e33fe0ee418ebde8cbfd55d840bf5ddb1a3e6baa8f69acc92255bfdfee8811ec SHA512 02bafb3edb17cab08b72629a17de772b097883ae132e36c8ccff2d03ef6bc861cba968e746379db612d0f012b81314f19a2a2f90f1b4af4c5cf67e048eeeb9ef -DIST vivaldi-1.15.1147.47_p1-amd64.deb 52835714 BLAKE2B eae1baf7199bd308c3a3e82526dc9e9347129225ae9f8fbb1a77e46bdcda4b03148e2ce94195ff53d74ec04048686b3754951194eb1c224fca655f45aaad2a2d SHA512 eac2c37228fb1054b3abc286c6b415812f360fd6e02ebc5775992147f8deb51f4f81026e5090f913776f789cee9da4b40f839b909edb67f24d412e2703da6adc -DIST vivaldi-1.15.1147.47_p1-armhf.deb 46838822 BLAKE2B 0e7287782eb8eae4ffd1d43538facd126d5814d0f78bd5f0787613edeb9710a6420c3f11a1e63bd876122bf448c92d312f986a62ebfbc3ccc451dc09dc249e89 SHA512 b05ab74cff9eee8c6cd85104c6fabc5937fd7f76d5f7af4897711dd4c7b74ff88b22004de9792a7bf2ba40f1f193b33302d2762dfc2086fedb41a49f5ca32b13 -DIST vivaldi-1.15.1147.47_p1-i386.deb 52488994 BLAKE2B 2433330782f45f00c0b5b85eedeb731318844521d0c2f8642d157599118818e773e1388399fd692ebe775c6faa9607268d72f85c00e5590f4c4e60006925e98e SHA512 121b9fcb4f102cdb4a96d6407114c07d914f2d5251e47ff0be3caf2e12c53e37dd367ee66ace2e313633117443cd05ccb376e51e6552960548431517dc8bc4bd DIST vivaldi-1.15.1147.52_p1-amd64.deb 52873960 BLAKE2B 2339c66888dae4754fb9ea8bf1cb84297a7b0bfdf60cfcd2f348fc7cfdea65d112f53fc65df59cf56d979bb6b508556de0e9d97488e6107e2de22bc00957638b SHA512 c999eeda13cc4855103b303cdcd4d0411d55ac726f8415a5ae9c395a949a3cbf59826bbffaea27b3a85cc24cc58a1a1b24b48687e826d7a28e392da9df5b57db DIST vivaldi-1.15.1147.52_p1-armhf.deb 46843430 BLAKE2B 9d6d7dfc4357c1d057bcd1e04984dcf6f4c1a7132e69f5ddb88c59bb0790e9a48c269b17cb3dd16ee0e1195bbd8d3dba31819b76cbbd2b551fc2077596360c97 SHA512 f16ecd1be10cffe486f71c857e4e9ae8f6f3da48778260ddd4f3a5736b5ac772fc1dff4f23ef40a463d3fab72c276df0e7019f18e781aa1cc9a914afa18095cf DIST vivaldi-1.15.1147.52_p1-i386.deb 52486988 BLAKE2B 17b32ff290880683775dbc724bd6a9703f1bfd7b37d1199519ffb3d01e75a1fe58d842341660baf5d0e7818bf5e76bad78ae498670ba3aeefa4d883125c39b87 SHA512 b05ae7569c149b764c253b80c58eb60672ac3b28d368d1012bb339b771acd074011b2a1a12a8fbb9e58fdfb1173dca97de1f5e7f1243985e638db63ab48c7aa4 -EBUILD vivaldi-1.15.1147.47_p1.ebuild 2931 BLAKE2B c58af68c3e4e846b68683d195e75793f6644fe8f17e8ae3f8c285de8324d4f3ba9d2d202c875a1a21df2c4df2d9565715b0280e7ef658d92dfccd088b5768e25 SHA512 1cec9384dfb1bae746b8eba01aef382b4c54d06cbf2d8016b480b655040e10ca05c629c4c9628e70cffbed586fa925689cea5a7d2018bc31a85045dcf55159f0 -EBUILD vivaldi-1.15.1147.52_p1.ebuild 2872 BLAKE2B 56a6d7d2d976c6b8e749647fe6b1170a136cf944f256444776cfc04e116c05aaa65b54770c265ef57889ff0aa18db3507d11576b024f0bbb930fe408f09e3140 SHA512 db45f668d8b0033ae21469ed027cfe9af6e409cfdcb5fcca33e20dae2c29d394668169d66a6f857c83fe317786832734ddcaef28f58863ef2feada1160b6d585 +DIST vivaldi-1.15.1147.55_p1-amd64.deb 52880244 BLAKE2B 5bfcc57713a586b7534bbc2be88c4ade155d6af15be4b9626b73b3b9ecbd90cfaefd53fce5865a8c1eea863dcdd64c8e2f3118705294b7b0a4911055b1da698a SHA512 0d9e2971bd471e4a4e045421dde6eb1bd3431e0d843ae806e8068c75a8f5137e24367eb708201ae2f9ba127045462061632fe43660f193a6e0c3cbbe0728b8de +DIST vivaldi-1.15.1147.55_p1-armhf.deb 46831370 BLAKE2B a9f61c8ce04921884f418a1ec708fd9011ddf7521a9dc23f44f6b93bbb2356a40b705e1add1ba527d437512b3482749e7eb4e2703786af988091e6f45ce2e3f8 SHA512 7dbcfdd12b51cbf1849933e1104fac69f8cafbef8bc78d4776dca030809ca321c4fd12733f1a176d527fd89cf128010f5a282637917c12d99ce4bb8c4808d04d +DIST vivaldi-1.15.1147.55_p1-i386.deb 52490106 BLAKE2B 4437ae3263286477da9507393c93f502c63d3ccbba223ca3b702407ea1e3a79a165790505f8f25a319e1b8c0c6beec2fc1ef1a2e0d67ce73dc8e532b136c063f SHA512 ed42481a1db6d6bf163ba3c2e2cbe6a90eefa730b93d2f2122502cceadf0ea601ef48d687bfd63a87c57be930d986b92da2ac3afa7340ca1bfa3346ee840c24e +EBUILD vivaldi-1.15.1147.52_p1.ebuild 2870 BLAKE2B fc9de8b2fe9abd757136231329e48dd936dc0330e87af8b97ffc40443a8b130d39eba9a025fd01f4903eb851203cf2ff15aab8cb7f93cc2b7be516f57de55243 SHA512 9e0c40988d5713e4403ef273d0d627480da23e26f1ff3f008f3681ba72a3e5244b5de409b4868d3687310a7b36dfb320d7f3bd2501de1b7bc33e152aeb62154e +EBUILD vivaldi-1.15.1147.55_p1.ebuild 2872 BLAKE2B 56a6d7d2d976c6b8e749647fe6b1170a136cf944f256444776cfc04e116c05aaa65b54770c265ef57889ff0aa18db3507d11576b024f0bbb930fe408f09e3140 SHA512 db45f668d8b0033ae21469ed027cfe9af6e409cfdcb5fcca33e20dae2c29d394668169d66a6f857c83fe317786832734ddcaef28f58863ef2feada1160b6d585 MISC metadata.xml 238 BLAKE2B 72d4053d28bbf82c9a08a88b354321a782501542b5d506fc6d9f4034839f302761124d59445c0414a0fd38b6401cd5fbe06670802abdb1f25c7cb60919ea5d2e SHA512 b0b981ef72f4d295f427f92dc9931553b4fb7a91c8ed63fa1f28bdbe8bc61d6f0943e1217eb7b61b8d85d9685cbe759db49f094a18a1461cb48429affe76d993 diff --git a/www-client/vivaldi/files/vivaldi-1.14.1077.45_p1-libffmpeg.patch b/www-client/vivaldi/files/vivaldi-1.14.1077.45_p1-libffmpeg.patch deleted file mode 100644 index ec398141a793..000000000000 --- a/www-client/vivaldi/files/vivaldi-1.14.1077.45_p1-libffmpeg.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/opt/vivaldi/vivaldi -+++ b/opt/vivaldi/vivaldi -@@ -54,6 +54,7 @@ - # Check for libs in preferred order. - # Where possible, use other files/directories to confirm it's the correct variant. - VIVALDI_FFMPEG_FOUND=NO -+checkffmpeg '/usr/lib64/chromium/libffmpeg.so' - checkffmpeg '/usr/lib/chromium-browser/libffmpeg.so' '/usr/share/doc/chromium-codecs-ffmpeg-extra' - checkffmpeg "/usr/lib/$DEBARCH/oxide-qt/libffmpeg.so" '/usr/share/doc/oxideqt-codecs-extra' - checkffmpeg '/usr/lib64/chromium-ffmpeg-extra/libffmpeg.so' '/usr/share/doc/packages/chromium-ffmpeg-extra' diff --git a/www-client/vivaldi/vivaldi-1.15.1147.47_p1.ebuild b/www-client/vivaldi/vivaldi-1.15.1147.47_p1.ebuild deleted file mode 100644 index 142fc99ee0f7..000000000000 --- a/www-client/vivaldi/vivaldi-1.15.1147.47_p1.ebuild +++ /dev/null @@ -1,127 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=5 -CHROMIUM_LANGS=" - am ar bg bn ca cs da de el en-GB en-US es es-419 et fa fi fil fr gu he hi - hr hu id it ja kn ko lt lv ml mr ms nb nl pl pt-BR pt-PT ro ru sk sl sr sv - sw ta te th tr uk vi zh-CN zh-TW -" -inherit chromium-2 eutils gnome2-utils multilib unpacker toolchain-funcs xdg-utils - -#VIVALDI_BRANCH="snapshot" - -VIVALDI_PN="${PN}-${VIVALDI_BRANCH:-stable}" -VIVALDI_BIN="${PN}${VIVALDI_BRANCH/snapshot/-snapshot}" -VIVALDI_HOME="opt/${VIVALDI_BIN}" -DESCRIPTION="A browser for our friends" -HOMEPAGE="https://vivaldi.com/" -VIVALDI_BASE_URI="https://downloads.vivaldi.com/${VIVALDI_BRANCH:-stable}/${VIVALDI_PN}_${PV/_p/-}_" -SRC_URI=" - amd64? ( ${VIVALDI_BASE_URI}amd64.deb -> ${P}-amd64.deb ) - arm? ( ${VIVALDI_BASE_URI}armhf.deb -> ${P}-armhf.deb ) - x86? ( ${VIVALDI_BASE_URI}i386.deb -> ${P}-i386.deb ) -" - -LICENSE="Vivaldi" -SLOT="0" -KEYWORDS="-* amd64 ~arm x86" -RESTRICT="bindist mirror" - -DEPEND=" - virtual/libiconv -" -RDEPEND=" - dev-libs/expat - dev-libs/glib:2 - dev-libs/nspr - dev-libs/nss - media-libs/alsa-lib - media-libs/fontconfig - media-libs/freetype - media-libs/speex - net-print/cups - sys-apps/dbus - sys-libs/libcap - x11-libs/cairo - x11-libs/gdk-pixbuf - x11-libs/gtk+:2 - x11-libs/libX11 - x11-libs/libXScrnSaver - x11-libs/libXcomposite - x11-libs/libXcursor - x11-libs/libXdamage - x11-libs/libXext - x11-libs/libXfixes - x11-libs/libXi - x11-libs/libXrandr - x11-libs/libXrender - x11-libs/libXtst - x11-libs/pango[X] -" -QA_PREBUILT="*" -S=${WORKDIR} - -src_unpack() { - unpack_deb ${A} -} - -src_prepare() { - iconv -c -t UTF-8 usr/share/applications/${VIVALDI_PN}.desktop > "${T}"/${VIVALDI_PN}.desktop || die - mv "${T}"/${VIVALDI_PN}.desktop usr/share/applications/${VIVALDI_PN}.desktop || die - - sed -i \ - -e "s|${VIVALDI_BIN}|${PN}|g" \ - usr/share/applications/${VIVALDI_PN}.desktop \ - usr/share/xfce4/helpers/${VIVALDI_BIN}.desktop || die - - mv usr/share/doc/${VIVALDI_PN} usr/share/doc/${PF} || die - chmod 0755 usr/share/doc/${PF} || die - - rm \ - _gpgbuilder \ - etc/cron.daily/${VIVALDI_BIN} \ - ${VIVALDI_HOME}/libwidevinecdm.so \ - || die - rmdir \ - etc/cron.daily/ \ - etc/ \ - || die - - local c d - for d in 16 22 24 32 48 64 128 256; do - mkdir -p usr/share/icons/hicolor/${d}x${d}/apps || die - cp \ - ${VIVALDI_HOME}/product_logo_${d}.png \ - usr/share/icons/hicolor/${d}x${d}/apps/vivaldi.png || die - done - - pushd "${VIVALDI_HOME}/locales" > /dev/null || die - chromium_remove_language_paks - popd > /dev/null || die - - epatch "${FILESDIR}"/${PN}-1.14.1077.45_p1-libffmpeg.patch - - epatch_user -} - -src_install() { - mv * "${D}" || die - dosym /${VIVALDI_HOME}/${PN} /usr/bin/${PN} - - fperms 4711 /${VIVALDI_HOME}/${PN}-sandbox -} - -pkg_preinst() { - gnome2_icon_savelist -} - -pkg_postrm() { - gnome2_icon_cache_update - xdg_desktop_database_update -} - -pkg_postinst() { - gnome2_icon_cache_update - xdg_desktop_database_update -} diff --git a/www-client/vivaldi/vivaldi-1.15.1147.52_p1.ebuild b/www-client/vivaldi/vivaldi-1.15.1147.52_p1.ebuild index 6792e850ebb4..954c59a1a8d7 100644 --- a/www-client/vivaldi/vivaldi-1.15.1147.52_p1.ebuild +++ b/www-client/vivaldi/vivaldi-1.15.1147.52_p1.ebuild @@ -25,7 +25,7 @@ SRC_URI=" LICENSE="Vivaldi" SLOT="0" -KEYWORDS="-* ~amd64 ~arm ~x86" +KEYWORDS="-* amd64 ~arm x86" RESTRICT="bindist mirror" DEPEND=" diff --git a/www-client/vivaldi/vivaldi-1.15.1147.55_p1.ebuild b/www-client/vivaldi/vivaldi-1.15.1147.55_p1.ebuild new file mode 100644 index 000000000000..6792e850ebb4 --- /dev/null +++ b/www-client/vivaldi/vivaldi-1.15.1147.55_p1.ebuild @@ -0,0 +1,125 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 +CHROMIUM_LANGS=" + am ar bg bn ca cs da de el en-GB en-US es es-419 et fa fi fil fr gu he hi + hr hu id it ja kn ko lt lv ml mr ms nb nl pl pt-BR pt-PT ro ru sk sl sr sv + sw ta te th tr uk vi zh-CN zh-TW +" +inherit chromium-2 eutils gnome2-utils multilib unpacker toolchain-funcs xdg-utils + +#VIVALDI_BRANCH="snapshot" + +VIVALDI_PN="${PN}-${VIVALDI_BRANCH:-stable}" +VIVALDI_BIN="${PN}${VIVALDI_BRANCH/snapshot/-snapshot}" +VIVALDI_HOME="opt/${VIVALDI_BIN}" +DESCRIPTION="A browser for our friends" +HOMEPAGE="https://vivaldi.com/" +VIVALDI_BASE_URI="https://downloads.vivaldi.com/${VIVALDI_BRANCH:-stable}/${VIVALDI_PN}_${PV/_p/-}_" +SRC_URI=" + amd64? ( ${VIVALDI_BASE_URI}amd64.deb -> ${P}-amd64.deb ) + arm? ( ${VIVALDI_BASE_URI}armhf.deb -> ${P}-armhf.deb ) + x86? ( ${VIVALDI_BASE_URI}i386.deb -> ${P}-i386.deb ) +" + +LICENSE="Vivaldi" +SLOT="0" +KEYWORDS="-* ~amd64 ~arm ~x86" +RESTRICT="bindist mirror" + +DEPEND=" + virtual/libiconv +" +RDEPEND=" + dev-libs/expat + dev-libs/glib:2 + dev-libs/nspr + dev-libs/nss + media-libs/alsa-lib + media-libs/fontconfig + media-libs/freetype + media-libs/speex + net-print/cups + sys-apps/dbus + sys-libs/libcap + x11-libs/cairo + x11-libs/gdk-pixbuf + x11-libs/gtk+:2 + x11-libs/libX11 + x11-libs/libXScrnSaver + x11-libs/libXcomposite + x11-libs/libXcursor + x11-libs/libXdamage + x11-libs/libXext + x11-libs/libXfixes + x11-libs/libXi + x11-libs/libXrandr + x11-libs/libXrender + x11-libs/libXtst + x11-libs/pango[X] +" +QA_PREBUILT="*" +S=${WORKDIR} + +src_unpack() { + unpack_deb ${A} +} + +src_prepare() { + iconv -c -t UTF-8 usr/share/applications/${VIVALDI_PN}.desktop > "${T}"/${VIVALDI_PN}.desktop || die + mv "${T}"/${VIVALDI_PN}.desktop usr/share/applications/${VIVALDI_PN}.desktop || die + + sed -i \ + -e "s|${VIVALDI_BIN}|${PN}|g" \ + usr/share/applications/${VIVALDI_PN}.desktop \ + usr/share/xfce4/helpers/${VIVALDI_BIN}.desktop || die + + mv usr/share/doc/${VIVALDI_PN} usr/share/doc/${PF} || die + chmod 0755 usr/share/doc/${PF} || die + + rm \ + _gpgbuilder \ + etc/cron.daily/${VIVALDI_BIN} \ + ${VIVALDI_HOME}/libwidevinecdm.so \ + || die + rmdir \ + etc/cron.daily/ \ + etc/ \ + || die + + local c d + for d in 16 22 24 32 48 64 128 256; do + mkdir -p usr/share/icons/hicolor/${d}x${d}/apps || die + cp \ + ${VIVALDI_HOME}/product_logo_${d}.png \ + usr/share/icons/hicolor/${d}x${d}/apps/vivaldi.png || die + done + + pushd "${VIVALDI_HOME}/locales" > /dev/null || die + chromium_remove_language_paks + popd > /dev/null || die + + epatch_user +} + +src_install() { + mv * "${D}" || die + dosym /${VIVALDI_HOME}/${PN} /usr/bin/${PN} + + fperms 4711 /${VIVALDI_HOME}/${PN}-sandbox +} + +pkg_preinst() { + gnome2_icon_savelist +} + +pkg_postrm() { + gnome2_icon_cache_update + xdg_desktop_database_update +} + +pkg_postinst() { + gnome2_icon_cache_update + xdg_desktop_database_update +} diff --git a/www-plugins/Manifest.gz b/www-plugins/Manifest.gz index 9658610406df..70d1b23cac7f 100644 Binary files a/www-plugins/Manifest.gz and b/www-plugins/Manifest.gz differ diff --git a/www-plugins/adobe-flash/Manifest b/www-plugins/adobe-flash/Manifest index ee96e5ffc9d9..6e482d299292 100644 --- a/www-plugins/adobe-flash/Manifest +++ b/www-plugins/adobe-flash/Manifest @@ -1,9 +1,9 @@ AUX mms.cfg 4420 BLAKE2B 4557315bfa6f8edb6c8b28907065cdac3771175bd36a8ce2b6e72f0e1f0af20a7bb1ea8abb67f5c7b16fcaa7dd81c3eb89f926957d2ae5fffd499a7e6e709354 SHA512 597380071a06176f09df1a56cba24e83a74990c175fe9f167f026eacbf01e66a083d2389ff399ead0a39654a40ae636f8459feed2d6012e51e65c5407fe7fdbd AUX pepper-flash 151 BLAKE2B ab58f8d7dd307fea0d53b7f58887e3caeef8913940d6bfb662a42cc1f475ec59009998898e991d7a82d55a26ec1b2fbbc8b2a626fb8c9ba0d2da1e1735ab26ac SHA512 f20176b9567097482c3b1fdd062affb33a69b671f6298a98cd58e03ca80dd01bada4126ac5fd940fddc53a097669f52d4b8bba7850daf211e11dc24cc4d97eb1 AUX pepper-flash-r1 143 BLAKE2B 049f7ec4e3df5fbdaa62e40acf8d21d42f61789c6d9ecde64f300df3d3c51f2b5580fb571ebbf172d590799801c632a2eb4daa01dd86e318441719ff6412f3ed SHA512 e4e1c1f204af1e5ce531dd43a22b4cd08e8def1099bba88ac96af09bd0879dfbb6383653ec85d5d199d418098e4b17d71998bee5a9fb5bb7bd8873432a4f66ee -DIST adobe-flash-30.0.0.113-npapi.i386.tar.gz 8525678 BLAKE2B 8aba96593370c479929746f63fa4c90c656af0a5413d83622b26a3733c7a865106443052725a45f861f5dc56e83ed6f2c97c9482994852979396735a24cbedb3 SHA512 ff56f3a182d85cae4882956034d5bce0e0a80eec34dab0835e8041b9371609b57d361ef67899c8088b4ee0748857a9269f8eb961723b58eabf8386f47d80b9a0 -DIST adobe-flash-30.0.0.113-npapi.x86_64.tar.gz 9045060 BLAKE2B b5454860c71c35b84c26700686ee248a7525d292d176032e951351704ef4a732403cedbe711ca52a3d89e397f4f036bc31e46d6e466eefe4b5e54354ba9680b1 SHA512 cff833da87d2ae24bd19f3669690c6ce071804e518612c7fd3fd7839bf5881afe57c472f10cb972362598d287f1bc840e1b61a07b6502ff5b916b7c4fb76c647 -DIST adobe-flash-30.0.0.113-ppapi.i386.tar.gz 8562694 BLAKE2B 7f678bc4eb069fba68fe419bd3109999d880912e1b76a9ffbe25df24e81f083b548383f4c54e944e66e0558f11b0f9672625c676d0f1af85fbe58f7facdc578f SHA512 b7713f9c740884722d0eff75b9874a6a9d253f50a0cbd796be64f03d34fff2c4e955f1e0674d5a910af8d3056811344da923e6d026e6b90829aaf3e2b8bb9fdd -DIST adobe-flash-30.0.0.113-ppapi.x86_64.tar.gz 9477997 BLAKE2B 7c3f17ed89471a1e5c2d0bb945fad38f4184bb46b3d0f89d5a523682c84690374c2f1cccd367c913df7cbb7abaa2044e06ee7e96a2fe872632ffc22f9e6d2ae6 SHA512 7516d8b8e61038170c4bf282afca12dd6cc51a52520003caee213a49a0458ea94c735963965afd485f70a75a92b65e2439248d364a67e2d63a6f38cb19b7d49c -EBUILD adobe-flash-30.0.0.113.ebuild 3662 BLAKE2B 498cd0a7cfd254b95c9f597a640131189fdd0c18889c0f932cdf93b07d4d9f5e19205f4fd625942c73bea2531feafb04266cb528d121352752629d8abce61519 SHA512 aa2662560e571a3adce5860f107ce640cf5dc6a8a77f75223f76cebdace872e7d6b305ed9c107efd0b48b379d19fe4477bc890a231b14bc8ab2fcfa76183c9fd +DIST adobe-flash-30.0.0.134-npapi.i386.tar.gz 8523733 BLAKE2B 0c079dbc95e867681bad6e9f651909a76d2ae084450db0fa94b3794590b7f4b6578d064b351523b8d42aad55538b23fee918035399091d924330e6f0323cf2a1 SHA512 163e265a20377beeae786a8a3dadb06fbc8c3f8d936c4517eae6727f85dd6be7fb19aeae7dcb4e16c7e8155859a3fe6bfcba6719e411805f584e84968e18a701 +DIST adobe-flash-30.0.0.134-npapi.x86_64.tar.gz 9042379 BLAKE2B 31e7e42c9845aa4d5cf2361c95c6d46fa812c7593a269b92f2192ac059bf76fc89fc46683bc78ebe30a8f5e57ee0eabd512ae6c226d134e31a5081227f983231 SHA512 7895ae695fc151c38a5b01ef35b7e81b76b02dba582a1898663b377aaf599187da335d5bbac2fed8cdec424b97ede66b0b5cd642a835989a2f6099f2f690aecc +DIST adobe-flash-30.0.0.134-ppapi.i386.tar.gz 8562153 BLAKE2B 1741a0c3ac245bfe0916cfe78b24f4f7659773d749634bad16a30420d198787b08239b41c4f8be742a219ccaaf967108f3e430791da70c8929a6e29ee09b4850 SHA512 2a50f1af0424b2f534c1fe8afe839acb87857559e724b5c1fbf0df0ccce8f17df558776942a06a0885727f7704f9db5abde9d77aa053b33fe765437015eb7270 +DIST adobe-flash-30.0.0.134-ppapi.x86_64.tar.gz 9476250 BLAKE2B b840bf4d0d5d462c8367f4fa4cf120bb376aa24b71b28c3e00a82f55015736580a513f13ec8bdc26108e4eb07e728745bf21fc0d0292cd34a31860b1bde754fa SHA512 194f7e0e37a5b44a2f702220cbde2493a910bc0d76f1bd10ff3a6451d2434eb500e694d67b9741c33927a35bcfbfb4e0a4a2d2beb87fca4b7074896c4452141f +EBUILD adobe-flash-30.0.0.134.ebuild 3662 BLAKE2B 498cd0a7cfd254b95c9f597a640131189fdd0c18889c0f932cdf93b07d4d9f5e19205f4fd625942c73bea2531feafb04266cb528d121352752629d8abce61519 SHA512 aa2662560e571a3adce5860f107ce640cf5dc6a8a77f75223f76cebdace872e7d6b305ed9c107efd0b48b379d19fe4477bc890a231b14bc8ab2fcfa76183c9fd MISC metadata.xml 552 BLAKE2B 56ec8c5f43e9624c4102f52834b63855be35d064ce05bfbc866af225fb8e60cf1b83e02c9917b474183b81cad9e4ecfba7595d8de7fa94974824d2a7f4de302d SHA512 0f84cf3e517eb92f73629e6a157a2999f409fa6dea40682e2248edeb957e5bc6f5228c49aebdc3b5d434d0fd8f717a19c793aee8776397871e1bc5ebf8cf7fa1 diff --git a/www-plugins/adobe-flash/adobe-flash-30.0.0.113.ebuild b/www-plugins/adobe-flash/adobe-flash-30.0.0.113.ebuild deleted file mode 100644 index c0de0f4b7479..000000000000 --- a/www-plugins/adobe-flash/adobe-flash-30.0.0.113.ebuild +++ /dev/null @@ -1,140 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -inherit gnome2-utils nsplugins multilib multilib-minimal - -DESCRIPTION="Adobe Flash Player" -HOMEPAGE=" - https://www.adobe.com/products/flashplayer.html - https://get.adobe.com/flashplayer/ - https://helpx.adobe.com/security/products/flash-player.html -" - -AF_URI="https://fpdownload.adobe.com/pub/flashplayer/pdc/${PV}" -AF_NP_32_URI="${AF_URI}/flash_player_npapi_linux.i386.tar.gz -> ${P}-npapi.i386.tar.gz" -AF_NP_64_URI="${AF_URI}/flash_player_npapi_linux.x86_64.tar.gz -> ${P}-npapi.x86_64.tar.gz" -AF_PP_32_URI="${AF_URI}/flash_player_ppapi_linux.i386.tar.gz -> ${P}-ppapi.i386.tar.gz" -AF_PP_64_URI="${AF_URI}/flash_player_ppapi_linux.x86_64.tar.gz -> ${P}-ppapi.x86_64.tar.gz" - -IUSE="+nsplugin +ppapi" -REQUIRED_USE=" - || ( nsplugin ppapi ) -" - -SRC_URI=" - nsplugin? ( - abi_x86_32? ( ${AF_NP_32_URI} ) - abi_x86_64? ( ${AF_NP_64_URI} ) - ) - ppapi? ( - abi_x86_32? ( ${AF_PP_32_URI} ) - abi_x86_64? ( ${AF_PP_64_URI} ) - ) -" -SLOT="22" - -KEYWORDS="-* amd64 x86" -LICENSE="AdobeFlash-11.x" -RESTRICT="strip mirror" - -NPAPI_RDEPEND=" - dev-libs/atk[${MULTILIB_USEDEP}] - dev-libs/glib:2[${MULTILIB_USEDEP}] - dev-libs/nspr[${MULTILIB_USEDEP}] - dev-libs/nss[${MULTILIB_USEDEP}] - media-libs/fontconfig[${MULTILIB_USEDEP}] - media-libs/freetype[${MULTILIB_USEDEP}] - >=sys-libs/glibc-2.4 - x11-libs/cairo[${MULTILIB_USEDEP}] - x11-libs/gdk-pixbuf[${MULTILIB_USEDEP}] - x11-libs/gtk+:2[${MULTILIB_USEDEP}] - x11-libs/libX11[${MULTILIB_USEDEP}] - x11-libs/libXcursor[${MULTILIB_USEDEP}] - x11-libs/libXext[${MULTILIB_USEDEP}] - x11-libs/libXrender[${MULTILIB_USEDEP}] - x11-libs/libXt[${MULTILIB_USEDEP}] - x11-libs/pango[${MULTILIB_USEDEP}] -" -RDEPEND=" - !www-plugins/chrome-binary-plugins[flash(-)] - nsplugin? ( - ${NPAPI_RDEPEND} - !www-plugins/adobe-flash:0 - ) -" - -S="${WORKDIR}" - -# Ignore QA warnings in these closed-source binaries, since we can't fix them: -QA_PREBUILT="usr/*" - -src_unpack() { - local files=( ${A} ) - - multilib_src_unpack() { - mkdir -p "${BUILD_DIR}" || die - cd "${BUILD_DIR}" || die - - # we need to filter out the other archive(s) - local other_abi - [[ ${ABI} == amd64 ]] && other_abi=i386 || other_abi=x86_64 - unpack ${files[@]//*${other_abi}*/} - } - - multilib_parallel_foreach_abi multilib_src_unpack -} - -multilib_src_install() { - local pkglibdir=lib - [[ -d usr/lib64 ]] && pkglibdir=lib64 - - if use nsplugin; then - # PLUGINS_DIR comes from nsplugins.eclass - exeinto /usr/$(get_libdir)/${PLUGINS_DIR} - doexe libflashplayer.so - - if multilib_is_native_abi; then - # No KDE applet, so allow the GTK utility to show up in KDE: - sed \ - -i usr/share/applications/flash-player-properties.desktop \ - -e "/^NotShowIn=KDE;/d" || die - - # The userland 'flash-player-properties' standalone app: - dobin usr/bin/flash-player-properties - - # Icon and .desktop for 'flash-player-properties' - insinto /usr/share - doins -r usr/share/{icons,applications} - dosym ../icons/hicolor/48x48/apps/flash-player-properties.png \ - /usr/share/pixmaps/flash-player-properties.png - fi - - # The magic config file! - insinto "/etc/adobe" - doins "${FILESDIR}/mms.cfg" - fi - - if use ppapi; then - exeinto /usr/$(get_libdir)/chromium/PepperFlash - doexe libpepflashplayer.so - insinto /usr/$(get_libdir)/chromium/PepperFlash - doins manifest.json - - if multilib_is_native_abi; then - dodir /etc/chromium - sed "${FILESDIR}"/pepper-flash-r1 \ - -e "s|@FP_LIBDIR@|$(get_libdir)|g" \ - -e "s|@FP_PV@|${PV}|g" \ - > "${D}"/etc/chromium/pepper-flash \ - || die - fi - fi -} - -pkg_postinst() { - gnome2_icon_cache_update -} -pkg_postrm() { - gnome2_icon_cache_update -} diff --git a/www-plugins/adobe-flash/adobe-flash-30.0.0.134.ebuild b/www-plugins/adobe-flash/adobe-flash-30.0.0.134.ebuild new file mode 100644 index 000000000000..c0de0f4b7479 --- /dev/null +++ b/www-plugins/adobe-flash/adobe-flash-30.0.0.134.ebuild @@ -0,0 +1,140 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +inherit gnome2-utils nsplugins multilib multilib-minimal + +DESCRIPTION="Adobe Flash Player" +HOMEPAGE=" + https://www.adobe.com/products/flashplayer.html + https://get.adobe.com/flashplayer/ + https://helpx.adobe.com/security/products/flash-player.html +" + +AF_URI="https://fpdownload.adobe.com/pub/flashplayer/pdc/${PV}" +AF_NP_32_URI="${AF_URI}/flash_player_npapi_linux.i386.tar.gz -> ${P}-npapi.i386.tar.gz" +AF_NP_64_URI="${AF_URI}/flash_player_npapi_linux.x86_64.tar.gz -> ${P}-npapi.x86_64.tar.gz" +AF_PP_32_URI="${AF_URI}/flash_player_ppapi_linux.i386.tar.gz -> ${P}-ppapi.i386.tar.gz" +AF_PP_64_URI="${AF_URI}/flash_player_ppapi_linux.x86_64.tar.gz -> ${P}-ppapi.x86_64.tar.gz" + +IUSE="+nsplugin +ppapi" +REQUIRED_USE=" + || ( nsplugin ppapi ) +" + +SRC_URI=" + nsplugin? ( + abi_x86_32? ( ${AF_NP_32_URI} ) + abi_x86_64? ( ${AF_NP_64_URI} ) + ) + ppapi? ( + abi_x86_32? ( ${AF_PP_32_URI} ) + abi_x86_64? ( ${AF_PP_64_URI} ) + ) +" +SLOT="22" + +KEYWORDS="-* amd64 x86" +LICENSE="AdobeFlash-11.x" +RESTRICT="strip mirror" + +NPAPI_RDEPEND=" + dev-libs/atk[${MULTILIB_USEDEP}] + dev-libs/glib:2[${MULTILIB_USEDEP}] + dev-libs/nspr[${MULTILIB_USEDEP}] + dev-libs/nss[${MULTILIB_USEDEP}] + media-libs/fontconfig[${MULTILIB_USEDEP}] + media-libs/freetype[${MULTILIB_USEDEP}] + >=sys-libs/glibc-2.4 + x11-libs/cairo[${MULTILIB_USEDEP}] + x11-libs/gdk-pixbuf[${MULTILIB_USEDEP}] + x11-libs/gtk+:2[${MULTILIB_USEDEP}] + x11-libs/libX11[${MULTILIB_USEDEP}] + x11-libs/libXcursor[${MULTILIB_USEDEP}] + x11-libs/libXext[${MULTILIB_USEDEP}] + x11-libs/libXrender[${MULTILIB_USEDEP}] + x11-libs/libXt[${MULTILIB_USEDEP}] + x11-libs/pango[${MULTILIB_USEDEP}] +" +RDEPEND=" + !www-plugins/chrome-binary-plugins[flash(-)] + nsplugin? ( + ${NPAPI_RDEPEND} + !www-plugins/adobe-flash:0 + ) +" + +S="${WORKDIR}" + +# Ignore QA warnings in these closed-source binaries, since we can't fix them: +QA_PREBUILT="usr/*" + +src_unpack() { + local files=( ${A} ) + + multilib_src_unpack() { + mkdir -p "${BUILD_DIR}" || die + cd "${BUILD_DIR}" || die + + # we need to filter out the other archive(s) + local other_abi + [[ ${ABI} == amd64 ]] && other_abi=i386 || other_abi=x86_64 + unpack ${files[@]//*${other_abi}*/} + } + + multilib_parallel_foreach_abi multilib_src_unpack +} + +multilib_src_install() { + local pkglibdir=lib + [[ -d usr/lib64 ]] && pkglibdir=lib64 + + if use nsplugin; then + # PLUGINS_DIR comes from nsplugins.eclass + exeinto /usr/$(get_libdir)/${PLUGINS_DIR} + doexe libflashplayer.so + + if multilib_is_native_abi; then + # No KDE applet, so allow the GTK utility to show up in KDE: + sed \ + -i usr/share/applications/flash-player-properties.desktop \ + -e "/^NotShowIn=KDE;/d" || die + + # The userland 'flash-player-properties' standalone app: + dobin usr/bin/flash-player-properties + + # Icon and .desktop for 'flash-player-properties' + insinto /usr/share + doins -r usr/share/{icons,applications} + dosym ../icons/hicolor/48x48/apps/flash-player-properties.png \ + /usr/share/pixmaps/flash-player-properties.png + fi + + # The magic config file! + insinto "/etc/adobe" + doins "${FILESDIR}/mms.cfg" + fi + + if use ppapi; then + exeinto /usr/$(get_libdir)/chromium/PepperFlash + doexe libpepflashplayer.so + insinto /usr/$(get_libdir)/chromium/PepperFlash + doins manifest.json + + if multilib_is_native_abi; then + dodir /etc/chromium + sed "${FILESDIR}"/pepper-flash-r1 \ + -e "s|@FP_LIBDIR@|$(get_libdir)|g" \ + -e "s|@FP_PV@|${PV}|g" \ + > "${D}"/etc/chromium/pepper-flash \ + || die + fi + fi +} + +pkg_postinst() { + gnome2_icon_cache_update +} +pkg_postrm() { + gnome2_icon_cache_update +} diff --git a/www-plugins/chrome-binary-plugins/Manifest b/www-plugins/chrome-binary-plugins/Manifest index 7b4b5111d787..db9a15662115 100644 --- a/www-plugins/chrome-binary-plugins/Manifest +++ b/www-plugins/chrome-binary-plugins/Manifest @@ -1,7 +1,7 @@ -DIST google-chrome-beta_68.0.3440.59-1_amd64.deb 55308360 BLAKE2B 275ac7be290dd2a81a2756f5598afd998521297ff9c36a33efb5e6e3cf6802b66b0b52510a4c382c2ddfd51eadb218c0b14d084f92f594f8652835aae337d7c8 SHA512 387694d29e63c819f963a4bcb4404d2147f3eb36867c5754813bc70f4cd18007539bfa3cc598886d961211f1b5a67548592db1f55ca6799f7fcad1be498c5ba9 +DIST google-chrome-beta_68.0.3440.68-1_amd64.deb 55349226 BLAKE2B da63bbc6cb530c9249ba3c352a9cca6ac605e261309dab1d7c4069e12576849c9a0db3903163478dc97c4593829ced6bd2ecc9d846e78d4144f0d984d9da3444 SHA512 b00e4e2f14691b55b662c427890abad5d668a808df4f7900bc38899a9c7aa631cd0f948254ac7a18326899cee48f12abf7dc7d6732966a1330b528e09e6d2714 DIST google-chrome-stable_67.0.3396.99-1_amd64.deb 52522834 BLAKE2B 07a67973bb85fbf8f32e90a9d4c5600413c4be8e334dd2a9e41999e8e5c8527a1db888744532b6dbe548eff7af42d73532fccd227d041fe69367f0cf803181ee SHA512 d0758ef190b63a03f410ac62aa38486d3f98795b7f42a8a187b03d7038d6b7488af0073d5c35df222006f74de7ef3457c836dafb10efc674276e64dba305c8fc -DIST google-chrome-unstable_69.0.3486.0-1_amd64.deb 56203802 BLAKE2B d73fe08d1c2046a362029f0b5c7bda3263e3eb76bdda9f8ac5fec8290fcd96af9d018875510efdf2ed25e62add464ce33cdf210348074d4c461fb55e387ff833 SHA512 5b0e33c2ca34347227fe6ccc85c611e4b970bbc85fb1bf1b979a2af11aaf723896e6d9e1ecaf19cd4cbd7b794426eead3d4800853707b126c0730de1aa47864c +DIST google-chrome-unstable_69.0.3493.3-1_amd64.deb 56266178 BLAKE2B 5118ced09490b717d994c58abeaf92a73262303fb93a1421924b609dd1c67f4e465670402230aee348cd97b34ef5e3cfe902a4ca0805ce28caad5e45c44796ea SHA512 2255a1abe7abf8673d6fb0112107b00fe393e5c381f1ce2fbed190746ec64c13bb83fe0f25afc04619e3a8af96fcef536979abc353730185021c2a52fc3f10f7 EBUILD chrome-binary-plugins-67.0.3396.99.ebuild 1362 BLAKE2B c75ab3b0c0744543f6c0bb7716b1ff5eb0a7163fd91ac1e1b378588d1ebfc0ba57cae2ce8024315eac3d6a0b3a5ead6ae69a026e6c5e82724904f1fc524858f9 SHA512 c21c2bdf6845456d3f9cb47a5225f9962cf7897194c7f2c670010c5eec3fe33f88051c6a4000ebaac14313c1b630c0590fa8fb2b5b255f23fc75232f53cc6609 -EBUILD chrome-binary-plugins-68.0.3440.59_beta.ebuild 1363 BLAKE2B d187db8909cb0f2a0d456fea51268756c7ac4350711f445c9bf215b45d96ddb560dee8000ea2746c95239001f7a64b2e2ab42f2e541e324a97b0fcc75407db7c SHA512 3f97ed97b94ef6cd965ee74a76c38c93bfe58cc964823183a927c26c82bd844ab1e97efd75ae1c74111d08c87db2034a10a93122e575ba05a8a3eca0a0a0331d -EBUILD chrome-binary-plugins-69.0.3486.0_alpha.ebuild 1363 BLAKE2B d187db8909cb0f2a0d456fea51268756c7ac4350711f445c9bf215b45d96ddb560dee8000ea2746c95239001f7a64b2e2ab42f2e541e324a97b0fcc75407db7c SHA512 3f97ed97b94ef6cd965ee74a76c38c93bfe58cc964823183a927c26c82bd844ab1e97efd75ae1c74111d08c87db2034a10a93122e575ba05a8a3eca0a0a0331d +EBUILD chrome-binary-plugins-68.0.3440.68_beta.ebuild 1363 BLAKE2B d187db8909cb0f2a0d456fea51268756c7ac4350711f445c9bf215b45d96ddb560dee8000ea2746c95239001f7a64b2e2ab42f2e541e324a97b0fcc75407db7c SHA512 3f97ed97b94ef6cd965ee74a76c38c93bfe58cc964823183a927c26c82bd844ab1e97efd75ae1c74111d08c87db2034a10a93122e575ba05a8a3eca0a0a0331d +EBUILD chrome-binary-plugins-69.0.3493.3_alpha.ebuild 1363 BLAKE2B d187db8909cb0f2a0d456fea51268756c7ac4350711f445c9bf215b45d96ddb560dee8000ea2746c95239001f7a64b2e2ab42f2e541e324a97b0fcc75407db7c SHA512 3f97ed97b94ef6cd965ee74a76c38c93bfe58cc964823183a927c26c82bd844ab1e97efd75ae1c74111d08c87db2034a10a93122e575ba05a8a3eca0a0a0331d MISC metadata.xml 341 BLAKE2B da1d1a85bb21e659671b98e12d0b3b31760dab269f8d298b44923f6936a4c43a27b67bff50adf76cb883460d5fe3112027d9b678826eeb220448cd114805320e SHA512 253960d995af2946bafa0bcd96a874e50197aa629efd0dfe7ce404dc72180a2298119b9cabd0b605c65b0894fe0316f7b3bdab602bdfade4323a0bdd70311fdd diff --git a/www-plugins/chrome-binary-plugins/chrome-binary-plugins-68.0.3440.59_beta.ebuild b/www-plugins/chrome-binary-plugins/chrome-binary-plugins-68.0.3440.59_beta.ebuild deleted file mode 100644 index 08f94544e0a3..000000000000 --- a/www-plugins/chrome-binary-plugins/chrome-binary-plugins-68.0.3440.59_beta.ebuild +++ /dev/null @@ -1,67 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit multilib unpacker - -DESCRIPTION="Binary plugins from Google Chrome for use in Chromium" -HOMEPAGE="https://www.google.com/chrome" - -case ${PV} in - *_alpha*) - SLOT="unstable" - CHROMEDIR="opt/google/chrome-${SLOT}" - MY_PV=${PV%_alpha}-1 - ;; - *_beta*) - SLOT="beta" - CHROMEDIR="opt/google/chrome-${SLOT}" - MY_PV=${PV%_beta}-1 - ;; - *) - SLOT="stable" - CHROMEDIR="opt/google/chrome" - MY_PV=${PV}-1 - ;; -esac - -MY_PN="google-chrome-${SLOT}" -MY_P="${MY_PN}_${MY_PV}" - -SRC_URI="https://dl.google.com/linux/chrome/deb/pool/main/g/${MY_PN}/${MY_P}_amd64.deb" -KEYWORDS="-* ~amd64" - -LICENSE="google-chrome" -IUSE="+widevine" -RESTRICT="bindist mirror strip" - -RDEPEND=" - widevine? ( - dev-libs/glib:2 - dev-libs/nspr - dev-libs/nss - !> added modules for reason: -# compat: compatibility with 2.2 access control -# authz_host: new module for access control -# authn_core: functionality provided by authn_alias in previous versions -# authz_core: new module, provides core authorization capabilities -# cache_disk: replacement for mem_cache -# lbmethod_byrequests: Split off from mod_proxy_balancer in 2.3 -# lbmethod_bytraffic: Split off from mod_proxy_balancer in 2.3 -# lbmethod_bybusyness: Split off from mod_proxy_balancer in 2.3 -# lbmethod_heartbeat: Split off from mod_proxy_balancer in 2.3 -# slotmem_shm: Slot-based shared memory provider (for lbmethod_byrequests). -# socache_shmcb: shared object cache provider. Default config with ssl needs it -# unixd: fixes startup error: Invalid command 'User' -IUSE_MODULES="access_compat actions alias asis auth_basic auth_digest -authn_alias authn_anon authn_core authn_dbd authn_dbm authn_file authz_core -authz_dbd authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex -brotli cache cache_disk cache_socache cern_meta charset_lite cgi cgid dav dav_fs dav_lock -dbd deflate dir dumpio env expires ext_filter file_cache filter headers http2 -ident imagemap include info lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness -lbmethod_heartbeat log_config log_forensic logio macro mime mime_magic negotiation -proxy proxy_ajp proxy_balancer proxy_connect proxy_ftp proxy_html proxy_http proxy_scgi -proxy_fcgi proxy_wstunnel rewrite ratelimit remoteip reqtimeout setenvif -slotmem_shm speling socache_shmcb status substitute unique_id userdir usertrack -unixd version vhost_alias watchdog xml2enc" -# The following are also in the source as of this version, but are not available -# for user selection: -# bucketeer case_filter case_filter_in echo http isapi optional_fn_export -# optional_fn_import optional_hook_export optional_hook_import - -# inter-module dependencies -# TODO: this may still be incomplete -MODULE_DEPENDS=" - brotli:filter - dav_fs:dav - dav_lock:dav - deflate:filter - cache_disk:cache - ext_filter:filter - file_cache:cache - lbmethod_byrequests:proxy_balancer - lbmethod_byrequests:slotmem_shm - lbmethod_bytraffic:proxy_balancer - lbmethod_bybusyness:proxy_balancer - lbmethod_heartbeat:proxy_balancer - log_forensic:log_config - logio:log_config - cache_disk:cache - cache_socache:cache - mime_magic:mime - proxy_ajp:proxy - proxy_balancer:proxy - proxy_balancer:slotmem_shm - proxy_connect:proxy - proxy_ftp:proxy - proxy_html:proxy - proxy_html:xml2enc - proxy_http:proxy - proxy_scgi:proxy - proxy_fcgi:proxy - proxy_wstunnel:proxy - substitute:filter -" - -# module<->define mappings -MODULE_DEFINES=" - auth_digest:AUTH_DIGEST - authnz_ldap:AUTHNZ_LDAP - cache:CACHE - cache_disk:CACHE - cache_socache:CACHE - dav:DAV - dav_fs:DAV - dav_lock:DAV - file_cache:CACHE - http2:HTTP2 - info:INFO - ldap:LDAP - proxy:PROXY - proxy_ajp:PROXY - proxy_balancer:PROXY - proxy_connect:PROXY - proxy_ftp:PROXY - proxy_html:PROXY - proxy_http:PROXY - proxy_fcgi:PROXY - proxy_scgi:PROXY - proxy_wstunnel:PROXY - socache_shmcb:SSL - ssl:SSL - status:STATUS - suexec:SUEXEC - userdir:USERDIR -" - -# critical modules for the default config -MODULE_CRITICAL=" - authn_core - authz_core - authz_host - dir - mime - unixd -" -inherit eutils apache-2 systemd toolchain-funcs - -DESCRIPTION="The Apache Web Server" -HOMEPAGE="https://httpd.apache.org/" - -# some helper scripts are Apache-1.1, thus both are here -LICENSE="Apache-2.0 Apache-1.1" -SLOT="2" -KEYWORDS="alpha amd64 arm ~arm64 ~hppa ia64 ~mips ~ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x64-macos ~x86-macos ~m68k-mint ~sparc64-solaris ~x64-solaris" - -CDEPEND="apache2_modules_brotli? ( >=app-arch/brotli-0.6.0:= ) - apache2_modules_http2? ( >=net-libs/nghttp2-1.2.1 )" - -DEPEND+="${CDEPEND}" -RDEPEND+="${CDEPEND}" - -REQUIRED_USE="apache2_modules_http2? ( ssl )" - -pkg_setup() { - # dependend critical modules which are not allowed in global scope due - # to USE flag conditionals (bug #499260) - use ssl && MODULE_CRITICAL+=" socache_shmcb" - use doc && MODULE_CRITICAL+=" alias negotiation setenvif" - apache-2_pkg_setup -} - -src_configure() { - # Brain dead check. - tc-is-cross-compiler && export ap_cv_void_ptr_lt_long="no" - - apache-2_src_configure -} - -src_compile() { - if tc-is-cross-compiler; then - # This header is the same across targets, so use the build compiler. - pushd server >/dev/null - emake gen_test_char - tc-export_build_env BUILD_CC - ${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_CPPFLAGS} ${BUILD_LDFLAGS} \ - gen_test_char.c -o gen_test_char $(apr-1-config --includes) || die - popd >/dev/null - fi - - default -} - -src_install() { - apache-2_src_install - for i in /usr/bin/{htdigest,logresolve,htpasswd,htdbm,ab,httxt2dbm}; do - rm "${ED}"/$i || die "Failed to prune apache-tools bits" - done - for i in /usr/share/man/man8/{rotatelogs.8,htcacheclean.8}; do - rm "${ED}"/$i || die "Failed to prune apache-tools bits" - done - for i in /usr/share/man/man1/{logresolve.1,htdbm.1,htdigest.1,htpasswd.1,dbmmanage.1,ab.1}; do - rm "${ED}"/$i || die "Failed to prune apache-tools bits" - done - for i in /usr/sbin/{checkgid,fcgistarter,htcacheclean,rotatelogs}; do - rm "${ED}/"$i || die "Failed to prune apache-tools bits" - done - - # install apxs in /usr/bin (bug #502384) and put a symlink into the - # old location until all ebuilds and eclasses have been modified to - # use the new location. - local apxs="/usr/bin/apxs" - cp "${S}"/support/apxs "${ED%/}/${apxs}" || die "Failed to install apxs" - ln -s ../bin/apxs "${ED%/}/usr/sbin/apxs" || die - chmod 0755 "${ED%/}${apxs}" || die - - # Note: wait for mod_systemd to be included in some forthcoming release, - # Then apache2.4.service can be used and systemd support controlled - # through --enable-systemd - systemd_newunit "${FILESDIR}/apache2.2-hardened.service" "apache2.service" - systemd_dotmpfilesd "${FILESDIR}/apache.conf" - #insinto /etc/apache2/modules.d - #doins "${FILESDIR}/00_systemd.conf" - - # Install http2 module config - insinto /etc/apache2/modules.d - doins "${FILESDIR}"/41_mod_http2.conf -} - -pkg_postinst() { - apache-2_pkg_postinst || die "apache-2_pkg_postinst failed" - # warnings that default config might not work out of the box - for mod in $MODULE_CRITICAL; do - if ! use "apache2_modules_${mod}"; then - echo - ewarn "Warning: Critical module not installed!" - ewarn "Modules 'authn_core', 'authz_core' and 'unixd'" - ewarn "are highly recomended but might not be in the base profile yet." - ewarn "Default config for ssl needs module 'socache_shmcb'." - ewarn "Enabling the following flags is highly recommended:" - for cmod in $MODULE_CRITICAL; do - use "apache2_modules_${cmod}" || \ - ewarn "+ apache2_modules_${cmod}" - done - echo - break - fi - done - # warning for proxy_balancer and missing load balancing scheduler - if use apache2_modules_proxy_balancer; then - local lbset= - for mod in lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat; do - if use "apache2_modules_${mod}"; then - lbset=1 && break - fi - done - if [ ! ${lbset} ] ; then - echo - ewarn "Info: Missing load balancing scheduler algorithm module" - ewarn "(They were split off from proxy_balancer in 2.3)" - ewarn "In order to get the ability of load balancing, at least" - ewarn "one of these modules has to be present:" - ewarn "lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat" - echo - fi - fi -} diff --git a/www-servers/apache/apache-2.4.34-r1.ebuild b/www-servers/apache/apache-2.4.34-r1.ebuild new file mode 100644 index 000000000000..cf545f229ee8 --- /dev/null +++ b/www-servers/apache/apache-2.4.34-r1.ebuild @@ -0,0 +1,258 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +# latest gentoo apache files +GENTOO_PATCHSTAMP="20180716" +GENTOO_DEVELOPER="polynomial-c" +GENTOO_PATCHNAME="gentoo-apache-2.4.34" + +# IUSE/USE_EXPAND magic +IUSE_MPMS_FORK="prefork" +IUSE_MPMS_THREAD="event worker" + +# << obsolete modules: +# authn_default authz_default mem_cache +# mem_cache is replaced by cache_disk +# ?? buggy modules +# proxy_scgi: startup error: undefined symbol "ap_proxy_release_connection", no fix found +# >> added modules for reason: +# compat: compatibility with 2.2 access control +# authz_host: new module for access control +# authn_core: functionality provided by authn_alias in previous versions +# authz_core: new module, provides core authorization capabilities +# cache_disk: replacement for mem_cache +# lbmethod_byrequests: Split off from mod_proxy_balancer in 2.3 +# lbmethod_bytraffic: Split off from mod_proxy_balancer in 2.3 +# lbmethod_bybusyness: Split off from mod_proxy_balancer in 2.3 +# lbmethod_heartbeat: Split off from mod_proxy_balancer in 2.3 +# slotmem_shm: Slot-based shared memory provider (for lbmethod_byrequests). +# socache_shmcb: shared object cache provider. Default config with ssl needs it +# unixd: fixes startup error: Invalid command 'User' +IUSE_MODULES="access_compat actions alias asis auth_basic auth_digest +authn_alias authn_anon authn_core authn_dbd authn_dbm authn_file authz_core +authz_dbd authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex +brotli cache cache_disk cache_socache cern_meta charset_lite cgi cgid dav dav_fs dav_lock +dbd deflate dir dumpio env expires ext_filter file_cache filter headers http2 +ident imagemap include info lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness +lbmethod_heartbeat log_config log_forensic logio macro md mime mime_magic negotiation +proxy proxy_ajp proxy_balancer proxy_connect proxy_ftp proxy_html proxy_http proxy_scgi +proxy_fcgi proxy_wstunnel rewrite ratelimit remoteip reqtimeout setenvif +slotmem_shm speling socache_shmcb status substitute unique_id userdir usertrack +unixd version vhost_alias watchdog xml2enc" +# The following are also in the source as of this version, but are not available +# for user selection: +# bucketeer case_filter case_filter_in echo http isapi optional_fn_export +# optional_fn_import optional_hook_export optional_hook_import + +# inter-module dependencies +# TODO: this may still be incomplete +MODULE_DEPENDS=" + brotli:filter + dav_fs:dav + dav_lock:dav + deflate:filter + cache_disk:cache + ext_filter:filter + file_cache:cache + lbmethod_byrequests:proxy_balancer + lbmethod_byrequests:slotmem_shm + lbmethod_bytraffic:proxy_balancer + lbmethod_bybusyness:proxy_balancer + lbmethod_heartbeat:proxy_balancer + log_forensic:log_config + logio:log_config + cache_disk:cache + cache_socache:cache + md:watchdog + mime_magic:mime + proxy_ajp:proxy + proxy_balancer:proxy + proxy_balancer:slotmem_shm + proxy_connect:proxy + proxy_ftp:proxy + proxy_html:proxy + proxy_html:xml2enc + proxy_http:proxy + proxy_scgi:proxy + proxy_fcgi:proxy + proxy_wstunnel:proxy + substitute:filter +" + +# module<->define mappings +MODULE_DEFINES=" + auth_digest:AUTH_DIGEST + authnz_ldap:AUTHNZ_LDAP + cache:CACHE + cache_disk:CACHE + cache_socache:CACHE + dav:DAV + dav_fs:DAV + dav_lock:DAV + file_cache:CACHE + http2:HTTP2 + info:INFO + ldap:LDAP + md:SSL + proxy:PROXY + proxy_ajp:PROXY + proxy_balancer:PROXY + proxy_connect:PROXY + proxy_ftp:PROXY + proxy_html:PROXY + proxy_http:PROXY + proxy_fcgi:PROXY + proxy_scgi:PROXY + proxy_wstunnel:PROXY + socache_shmcb:SSL + ssl:SSL + status:STATUS + suexec:SUEXEC + userdir:USERDIR +" + +# critical modules for the default config +MODULE_CRITICAL=" + authn_core + authz_core + authz_host + dir + mime + unixd +" +inherit apache-2 systemd toolchain-funcs + +DESCRIPTION="The Apache Web Server" +HOMEPAGE="https://httpd.apache.org/" + +# some helper scripts are Apache-1.1, thus both are here +LICENSE="Apache-2.0 Apache-1.1" +SLOT="2" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x64-macos ~x86-macos ~m68k-mint ~sparc64-solaris ~x64-solaris" + +# Enable http2 by default (bug #563452) +# FIXME: Move to apache-2.eclass once this has reached stable. +IUSE="${IUSE/apache2_modules_http2/+apache2_modules_http2}" +# New suexec options (since 2.4.34) +IUSE="${IUSE} +suexec-caps suexec-syslog" + +CDEPEND="apache2_modules_brotli? ( >=app-arch/brotli-0.6.0:= ) + apache2_modules_http2? ( >=net-libs/nghttp2-1.2.1 ) + apache2_modules_md? ( >=dev-libs/jansson-2.10 )" + +DEPEND+="${CDEPEND} + suexec? ( suexec-caps? ( sys-libs/libcap ) )" +RDEPEND+="${CDEPEND}" + +REQUIRED_USE="apache2_modules_http2? ( ssl ) + apache2_modules_md? ( ssl )" + +PATCHES=( + "${FILESDIR}/${PN}-2.4.34-suexec_parallel_install.patch" #661358 +) + +pkg_setup() { + # dependend critical modules which are not allowed in global scope due + # to USE flag conditionals (bug #499260) + use ssl && MODULE_CRITICAL+=" socache_shmcb" + use doc && MODULE_CRITICAL+=" alias negotiation setenvif" + apache-2_pkg_setup +} + +src_configure() { + # Brain dead check. + tc-is-cross-compiler && export ap_cv_void_ptr_lt_long="no" + + apache-2_src_configure +} + +src_compile() { + if tc-is-cross-compiler; then + # This header is the same across targets, so use the build compiler. + pushd server >/dev/null + emake gen_test_char + tc-export_build_env BUILD_CC + ${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_CPPFLAGS} ${BUILD_LDFLAGS} \ + gen_test_char.c -o gen_test_char $(apr-1-config --includes) || die + popd >/dev/null + fi + + default +} + +src_install() { + apache-2_src_install + local i + local apache_tools_prune_list=( + /usr/bin/{htdigest,logresolve,htpasswd,htdbm,ab,httxt2dbm} + /usr/sbin/{checkgid,fcgistarter,htcacheclean,rotatelogs} + /usr/share/man/man1/{logresolve.1,htdbm.1,htdigest.1,htpasswd.1,dbmmanage.1,ab.1} + /usr/share/man/man8/{rotatelogs.8,htcacheclean.8} + ) + for i in ${apache_tools_prune_list[@]} ; do + rm "${ED%/}"/$i || die "Failed to prune apache-tools bits" + done + + # install apxs in /usr/bin (bug #502384) and put a symlink into the + # old location until all ebuilds and eclasses have been modified to + # use the new location. + dobin support/apxs + dosym ../bin/apxs /usr/sbin/apxs + + # Note: wait for mod_systemd to be included in some forthcoming release, + # Then apache2.4.service can be used and systemd support controlled + # through --enable-systemd + systemd_newunit "${FILESDIR}/apache2.2-hardened.service" "apache2.service" + systemd_dotmpfilesd "${FILESDIR}/apache.conf" + #insinto /etc/apache2/modules.d + #doins "${FILESDIR}/00_systemd.conf" + + # Install http2 module config + insinto /etc/apache2/modules.d + doins "${FILESDIR}"/41_mod_http2.conf + + # Fix path to apache libdir + sed "s|@LIBDIR@|$(get_libdir)|" -i "${ED%/}"/usr/sbin/apache2ctl || die +} + +pkg_postinst() { + apache-2_pkg_postinst || die "apache-2_pkg_postinst failed" + # warnings that default config might not work out of the box + local mod cmod + for mod in ${MODULE_CRITICAL} ; do + if ! use "apache2_modules_${mod}"; then + echo + ewarn "Warning: Critical module not installed!" + ewarn "Modules 'authn_core', 'authz_core' and 'unixd'" + ewarn "are highly recomended but might not be in the base profile yet." + ewarn "Default config for ssl needs module 'socache_shmcb'." + ewarn "Enabling the following flags is highly recommended:" + for cmod in ${MODULE_CRITICAL} ; do + use "apache2_modules_${cmod}" || \ + ewarn "+ apache2_modules_${cmod}" + done + echo + break + fi + done + # warning for proxy_balancer and missing load balancing scheduler + if use apache2_modules_proxy_balancer; then + local lbset= + for mod in lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat; do + if use "apache2_modules_${mod}"; then + lbset=1 && break + fi + done + if [ ! ${lbset} ] ; then + echo + ewarn "Info: Missing load balancing scheduler algorithm module" + ewarn "(They were split off from proxy_balancer in 2.3)" + ewarn "In order to get the ability of load balancing, at least" + ewarn "one of these modules has to be present:" + ewarn "lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat" + echo + fi + fi +} diff --git a/www-servers/apache/files/apache-2.4.34-suexec_parallel_install.patch b/www-servers/apache/files/apache-2.4.34-suexec_parallel_install.patch new file mode 100644 index 000000000000..d5543f7004be --- /dev/null +++ b/www-servers/apache/files/apache-2.4.34-suexec_parallel_install.patch @@ -0,0 +1,19 @@ +https://bugs.gentoo.org/661358 + +--- httpd-2.4.34/Makefile.in ++++ httpd-2.4.34/Makefile.in +@@ -277,12 +277,12 @@ + $(INSTALL_PROGRAM) $(top_builddir)/support/suexec $(DESTDIR)$(sbindir); \ + fi + +-install-suexec-setuid: ++install-suexec-setuid: install-suexec-binary + @if test -f $(builddir)/support/suexec; then \ + chmod 4755 $(DESTDIR)$(sbindir)/suexec; \ + fi + +-install-suexec-caps: ++install-suexec-caps: install-suexec-binary + @if test -f $(builddir)/support/suexec; then \ + setcap 'cap_setuid,cap_setgid+pe' $(DESTDIR)$(sbindir)/suexec; \ + fi diff --git a/www-servers/apache/metadata.xml b/www-servers/apache/metadata.xml index 293e43d3f29a..af77bdc266ca 100644 --- a/www-servers/apache/metadata.xml +++ b/www-servers/apache/metadata.xml @@ -13,6 +13,8 @@ Install suexec with apache + Install suexec with capabilities instead of SUID + Log suexec to syslog instead of to a separate file Link in apache2 modules statically rather then plugins Group authorizations based on host (name or IP address). Available as a compatibility module with previous versions. Provides core authentication capabilities common to all authentication providers (functionality provided by authn_alias in previous versions). diff --git a/www-servers/h2o/Manifest b/www-servers/h2o/Manifest index cf7e5bc6662b..0507115684d1 100644 --- a/www-servers/h2o/Manifest +++ b/www-servers/h2o/Manifest @@ -1,11 +1,10 @@ -AUX h2o-2.2-mruby.patch 2532 BLAKE2B dc12356bb1e4685ee88a8a1aae1d70d6555225413649b252840dc5a572fced7f818b8439b8480ec2a1b2bf9a0ddf62670f21ee1b7f42f2b877e711cf3a22048a SHA512 9c3b5d3bb18bba55019a305346211e1784c83c6c21dfb1c086169e49afd423f7be71e0cbc05703199423bc56e892b9e653e9df43e861208033fb7766ab2a59d5 -AUX h2o-2.2.4-libressl.patch 1946 BLAKE2B 6acaf45e7db2faf4fa09aa2214f6389e7f5b421c9bae8ae10dd35569d609839c2d9a7e8ca1c7057b37812d7b444406c86fae496084665e57d0688c76cf095b68 SHA512 63558d53fe52deaa54976fe33346708ed9b3c59588930ef463ae9d9f89747acc66038d3105dec1b72051715ba523323a6cb7c4bdbb445d521f23d9682ca4717f -AUX h2o-2.3-mruby.patch 2993 BLAKE2B 5da06fa53d67a201e468b56aa78136edea305bc79d9d645da5a12ca54a4d633e821312e0bde382ed07229ee173ab02df8bcba592e076a8b39a199a8a7e185393 SHA512 de2e98103cea6337f68d31c8600de37ff5cf8163df824a19d1879c0a60e603773d4e9a42b926b94156ad0743e67ce630e73e9e81e86dc192d51656f595d26790 +AUX h2o-2.2-mruby.patch 2034 BLAKE2B 78ab2c8080c017ae03b33366aed553e8d47581bc04b274adc7a7e18bc79ddb5a95266ce13824a8286d9b52d4432b0895598301bd07aa42b1d7e4cbb4d46d98a9 SHA512 724186190756292ce9589a5aae28fd9ae089e377beccb1a2a6562d3d764777dec820413f31d820f61691a529dbdac0dcb55b2e395e46629b2656496bea9c182a +AUX h2o-2.3-mruby.patch 2726 BLAKE2B 686cfbf806093b579b0641cfb887d7a6835ac2a3ed058d8d3a35d6e41219ab53c8484ad63ea6b2b00957ba5553d8f47318a93c6a2c56ab63895a750cf50b2323 SHA512 077f54f4e4435c64dfe7ba470d1ab42ac4a3cb1411af397e40f57253a0a3732bc7ae5a6f2023d58e15bd2a130a71142d940ffe5a356360d723cf777bdf8dfb9f AUX h2o.conf 350 BLAKE2B 948c90451fd76cb55f3b42eaa9ddc01564b2bd2c46437649fb639d6cee89c5adfac780e533c13793133e6798d847c1c87c631979162af9a1b7c5caebb8963b3b SHA512 b2ba08c3bcd15c3c7631913dc64006870487773f952421aec624f82dcbe836137a2b8357cbd0b8e26626f9c6f108c8aee46beb61e8649fe78fac0e31ef585b6e AUX h2o.initd 845 BLAKE2B f420962962517051c695f00e11a3b6edb899a672d0984db3d68b88545064767e7059cd9b3ec60b7cb70469b403e0927dbaea4e9f7b7a00979b4f036f945585d5 SHA512 9fdfde2857d97937939b1dd591b94f26f77b6fd6061d385c807738be508f1df740acf36c38ca95c22a36f13caed5d537b6fc1f6cceaf1beda8f8f48ef452c177 AUX h2o.logrotate 230 BLAKE2B 44eeaf3b0e60104d4f87c7110815a30f907a6fd676e75a2068fb9cddd8192d3e75729aaeabc89d6430eef7c075b21271918fd65b086de188f7df0c6ceb332141 SHA512 88d36e272c52c5df765d8ebac8f2acca378c8b096af7fa8eda68e1ec5597cba6096286f0ab634f128329148e65980128f0612e90a185de781c5d109653e096dd AUX h2o.service 364 BLAKE2B 9995cde4d79e5998624a2cadfc6ec3e954d4609458cc267628c2fbcb44dccd78277bddc032a784a00445c6b399fafc1ee629920355bf7aa84d26b1010bd103b0 SHA512 475b1e7b616eae335e094451532b0de5aa9cf9abc4999aaa44a9a35c43def4fb060ee5e728409bc33960f8ad3a81e6f549783906ac7ebad5b72cb7422ffb96a2 DIST h2o-2.2.5.tar.gz 16257295 BLAKE2B 3c13796eaf9a0aca29bbff7c35fb36d0b5ef47da91f39f71614a89f2d4fea5b1ebbc8f4e3e50bf37a02a84c0fcd96d5ac0be20c83add274157af966134b2d185 SHA512 24b07140d24fbb7796038aab44f44be5ffabc6f2841954273e2ad9f1a864e5482051dd7abfa6446297a46b6868763114695fa4f123ee3175bdac53b4c1868bc2 -EBUILD h2o-2.2.5.ebuild 2102 BLAKE2B 991f1077b60f0127b846bee2b35e929d99286844ece16a26bcaa4a665537d53d0766850ffaf87f57ae528d70df52f2e09eb1603439a4f6b18fe7b73018626b28 SHA512 26f87505e1f23e1a9da6f55b830cf6a0564c33f331102bcb0e6692e1619baa9ba536a628a3517cd8e21374695d68791c25f2689465a828388f9d3911f2e91f3b -EBUILD h2o-9999.ebuild 2071 BLAKE2B 5c242fe70d411b615fa99a746d5566ade617bece72c5ed8ac84a4b5f3afbcf9f107aba51c4f2a9febdfa5ca99ebf6ae0cb7007204f5a85dc441206b388d98f1a SHA512 42fdc9a672a79bd4e4bb9bd523b041910e550252b2f53cd410503783d5b9b607e51eee13b9b1df58baf36b37cc1533e2d21607339e80c4435490b6f391422351 +EBUILD h2o-2.2.5.ebuild 2133 BLAKE2B 26b07cc8e281fab0d559b3277769f78572486aeaae5fe226cab59721cda70c8c3a7a452ca7ef254098768d4ddc433c74ba2b1010b53a7494aa2f3b441f50b55f SHA512 80ae68c5b04a51a4550eff3d0e25898eee3e643bed54d12e149d1643c75b850fc8505a55a20a979b264ae0d017716d72aa9be47b4aff6967c4413eb3e2fc49cd +EBUILD h2o-9999.ebuild 2102 BLAKE2B a8c2566677bda5a24891f616301fe6384b0a7d96baf8ac073a6b22121abe33dfff124945209acfe03da6561f703092be90ccd06f0c606c8833ca9bd49d7aa146 SHA512 e57abf5cb72bbc96420866cb70721ceebe6114a878d717fc0e0a77fe508fcf03edbe1714b2bc6c63eff0f9f7de5a3604fd6d4f12c0e6e46e8b84ff95c5ba7d2e MISC metadata.xml 610 BLAKE2B ada180731f691d3937d481e71f704b3ad47212114b170420f58e82e4163e4ca388c4f88c1b0760de4fa87e839b5485855f4a23f5fc57f305bd14dcd4b2c54405 SHA512 91c163c3d59c8797d6fac98c20c6bb888cf547e4c6d71090d0556e49b46ec23a44ffc116230621262aaaf0e9cd9aabc1c0b250b7d8e435c42ec01fae5a0d913b diff --git a/www-servers/h2o/files/h2o-2.2-mruby.patch b/www-servers/h2o/files/h2o-2.2-mruby.patch index e542ba8b64db..92e7a8e7f1d7 100644 --- a/www-servers/h2o/files/h2o-2.2-mruby.patch +++ b/www-servers/h2o/files/h2o-2.2-mruby.patch @@ -1,23 +1,26 @@ --- a/CMakeLists.txt +++ b/CMakeLists.txt -@@ -157,6 +157,16 @@ +@@ -157,6 +157,19 @@ SET(WSLAY_LIBRARIES -lwslay) ENDIF (NOT WSLAY_FOUND) +IF (PKG_CONFIG_FOUND) -+ PKG_CHECK_MODULES(ONIG oniguruma) ++ PKG_CHECK_MODULES(ONIG onigmo) ++ IF (NOT ONIG_FOUND) ++ PKG_CHECK_MODULES(ONIG oniguruma) ++ ENDIF (NOT ONIG_FOUND) + IF (ONIG_FOUND) + LINK_DIRECTORIES(${ONIG_LIBRARY_DIRS}) + ENDIF (ONIG_FOUND) +ENDIF (PKG_CONFIG_FOUND) -+IF (NOT ONIG_FOUND AND WITH_RUBY) -+ MESSAGE(FATAL_ERROR "Oniguruma not found") -+ENDIF (NOT ONIG_FOUND AND WITH_RUBY) ++IF (NOT ONIG_FOUND AND WITH_MRUBY) ++ MESSAGE(FATAL_ERROR "Onigmo/Oniguruma not found") ++ENDIF (NOT ONIG_FOUND AND WITH_MRUBY) + IF (ZLIB_FOUND) INCLUDE_DIRECTORIES(${ZLIB_INCLUDE_DIRS}) LINK_DIRECTORIES(${ZLIB_LIBRARY_DIRS}) -@@ -460,7 +470,7 @@ +@@ -460,7 +473,7 @@ ELSE () SET(MRUBY_TOOLCHAIN "gcc") ENDIF () @@ -26,7 +29,7 @@ WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/deps/mruby) LIST(APPEND STANDALONE_SOURCE_FILES lib/handler/mruby.c -@@ -491,7 +501,7 @@ +@@ -491,7 +504,7 @@ # note: the paths need to be determined before libmruby.flags.mak is generated TARGET_LINK_LIBRARIES(h2o "${CMAKE_CURRENT_BINARY_DIR}/mruby/host/lib/libmruby.a" @@ -35,19 +38,6 @@ "m") ADD_DEPENDENCIES(h2o mruby) ENDIF (WITH_MRUBY) ---- a/deps/mruby-onig-regexp/mrbgem.rake -+++ b/deps/mruby-onig-regexp/mrbgem.rake -@@ -101,9 +101,7 @@ - cc.defines += ['HAVE_ONIGMO_H'] - end - -- if spec.respond_to? :search_package and spec.search_package 'onigmo' -- spec.cc.defines += ['HAVE_ONIGMO_H'] -- elsif spec.respond_to? :search_package and spec.search_package 'oniguruma' -+ if spec.respond_to? :search_package and spec.search_package 'oniguruma' - spec.cc.defines += ['HAVE_ONIGURUMA_H'] - elsif build.cc.respond_to? :search_header_path and build.cc.search_header_path 'oniguruma.h' - spec.linker.libraries << 'onig' --- a/misc/mruby_config.rb +++ b/misc/mruby_config.rb @@ -15,13 +15,7 @@ diff --git a/www-servers/h2o/files/h2o-2.2.4-libressl.patch b/www-servers/h2o/files/h2o-2.2.4-libressl.patch deleted file mode 100644 index 3849dd0e2b68..000000000000 --- a/www-servers/h2o/files/h2o-2.2.4-libressl.patch +++ /dev/null @@ -1,54 +0,0 @@ ---- a/include/h2o/openssl_backport.h -+++ b/include/h2o/openssl_backport.h -@@ -25,7 +25,7 @@ - #include - - /* backports for OpenSSL 1.0.2 */ --#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL) - - #define BIO_get_data(bio) ((bio)->ptr) - #define BIO_set_data(bio, p) ((bio)->ptr = (p)) -@@ -57,7 +58,7 @@ static inline BIO_METHOD *BIO_meth_new(int type, const char *name) - #endif - - /* backports for OpenSSL 1.0.1 and LibreSSL */ --#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER < 0x10002000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL) - - #define SSL_is_server(ssl) ((ssl)->server) - ---- a/deps/neverbleed/neverbleed.c -+++ b/deps/neverbleed/neverbleed.c -@@ -547,7 +547,7 @@ static int sign_stub(struct expbuf_t *buf) - return 0; - } - --#if !OPENSSL_1_1_API -+#if !OPENSSL_1_1_API && (!defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL) - - static void RSA_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) - { - ---- a/deps/picotls/lib/openssl.c -+++ b/deps/picotls/lib/openssl.c -@@ -41,13 +41,15 @@ - #include "picotls.h" - #include "picotls/openssl.h" - --#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)) --#define OPENSSL_1_0_API 1 -+#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L -+#define OPENSSL_1_1_API 1 -+#elif defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x2070000fL -+#define OPENSSL_1_1_API 1 - #else --#define OPENSSL_1_0_API 0 -+#define OPENSSL_1_1_API 0 - #endif - --#if OPENSSL_1_0_API -+#if !OPENSSL_1_1_API - - #define EVP_PKEY_up_ref(p) CRYPTO_add(&(p)->references, 1, CRYPTO_LOCK_EVP_PKEY) - #define X509_STORE_up_ref(p) CRYPTO_add(&(p)->references, 1, CRYPTO_LOCK_X509_STORE) diff --git a/www-servers/h2o/files/h2o-2.3-mruby.patch b/www-servers/h2o/files/h2o-2.3-mruby.patch index a0ad25eba279..3db3ebae8806 100644 --- a/www-servers/h2o/files/h2o-2.3-mruby.patch +++ b/www-servers/h2o/files/h2o-2.3-mruby.patch @@ -1,23 +1,26 @@ --- a/CMakeLists.txt +++ b/CMakeLists.txt -@@ -174,6 +174,16 @@ +@@ -174,6 +174,19 @@ SET(WSLAY_LIBRARIES -lwslay) ENDIF (NOT WSLAY_FOUND) +IF (PKG_CONFIG_FOUND) -+ PKG_CHECK_MODULES(ONIG oniguruma) ++ PKG_CHECK_MODULES(ONIG onigmo) ++ IF (NOT ONIG_FOUND) ++ PKG_CHECK_MODULES(ONIG oniguruma) ++ ENDIF (NOT ONIG_FOUND) + IF (ONIG_FOUND) + LINK_DIRECTORIES(${ONIG_LIBRARY_DIRS}) + ENDIF (ONIG_FOUND) +ENDIF (PKG_CONFIG_FOUND) -+IF (NOT ONIG_FOUND AND WITH_RUBY) -+ MESSAGE(FATAL_ERROR "Oniguruma not found") -+ENDIF (NOT ONIG_FOUND AND WITH_RUBY) ++IF (NOT ONIG_FOUND AND WITH_MRUBY) ++ MESSAGE(FATAL_ERROR "Onigmo/Oniguruma not found") ++ENDIF (NOT ONIG_FOUND AND WITH_MRUBY) + IF (ZLIB_FOUND) INCLUDE_DIRECTORIES(${ZLIB_INCLUDE_DIRS}) LINK_DIRECTORIES(${ZLIB_LIBRARY_DIRS}) -@@ -533,7 +543,7 @@ +@@ -533,7 +546,7 @@ ELSE () SET(MRUBY_TOOLCHAIN "gcc") ENDIF () @@ -26,7 +29,7 @@ WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/deps/mruby) LIST(APPEND STANDALONE_SOURCE_FILES lib/handler/mruby.c -@@ -560,7 +570,7 @@ +@@ -560,7 +573,7 @@ # note: the paths need to be determined before libmruby.flags.mak is generated TARGET_LINK_LIBRARIES(h2o "${CMAKE_CURRENT_BINARY_DIR}/mruby/host/lib/libmruby.a" @@ -37,23 +40,17 @@ ENDIF (WITH_MRUBY) --- a/deps/mruby-onig-regexp/mrbgem.rake +++ b/deps/mruby-onig-regexp/mrbgem.rake -@@ -101,15 +101,9 @@ - file "#{dir}/src/mruby_onig_regexp.c" => [:mruby_onig_regexp_with_compile_option, oniguruma_lib] - end +@@ -103,10 +103,8 @@ -- if spec.respond_to? :search_package and spec.search_package 'onigmo' -- spec.cc.defines += ['HAVE_ONIGMO_H'] + if spec.respond_to? :search_package and spec.search_package 'onigmo' + spec.cc.defines += ['HAVE_ONIGMO_H'] - spec.linker.libraries << 'onig' -- elsif spec.respond_to? :search_package and spec.search_package 'oniguruma' -+ if spec.respond_to? :search_package and spec.search_package 'oniguruma' - spec.cc.defines += ['HAVE_ONIGURUMA_H'] - spec.linker.libraries << 'onig' -- elsif build.cc.respond_to? :search_header_path and build.cc.search_header_path 'onigmo.h' -- spec.cc.defines += ['HAVE_ONIGMO_H'] -- spec.linker.libraries << 'onigmo' - elsif build.cc.respond_to? :search_header_path and build.cc.search_header_path 'oniguruma.h' + elsif spec.respond_to? :search_package and spec.search_package 'oniguruma' spec.cc.defines += ['HAVE_ONIGURUMA_H'] - spec.linker.libraries << 'onig' +- spec.linker.libraries << 'onig' + elsif build.cc.respond_to? :search_header_path and build.cc.search_header_path 'onigmo.h' + spec.cc.defines += ['HAVE_ONIGMO_H'] + spec.linker.libraries << 'onigmo' --- a/misc/mruby_config.rb +++ b/misc/mruby_config.rb @@ -15,13 +15,7 @@ diff --git a/www-servers/h2o/h2o-2.2.5.ebuild b/www-servers/h2o/h2o-2.2.5.ebuild index 91c20bba627a..3d4d736c3e88 100644 --- a/www-servers/h2o/h2o-2.2.5.ebuild +++ b/www-servers/h2o/h2o-2.2.5.ebuild @@ -24,7 +24,10 @@ RDEPEND="dev-lang/perl DEPEND="${RDEPEND} mruby? ( ${RUBY_DEPS} - dev-libs/oniguruma + || ( + dev-libs/onigmo + dev-libs/oniguruma + ) sys-devel/bison virtual/pkgconfig )" diff --git a/www-servers/h2o/h2o-9999.ebuild b/www-servers/h2o/h2o-9999.ebuild index e1d9604c4b44..b43017863ba8 100644 --- a/www-servers/h2o/h2o-9999.ebuild +++ b/www-servers/h2o/h2o-9999.ebuild @@ -24,7 +24,10 @@ RDEPEND="dev-lang/perl DEPEND="${RDEPEND} mruby? ( ${RUBY_DEPS} - dev-libs/oniguruma + || ( + dev-libs/onigmo + dev-libs/oniguruma + ) sys-devel/bison virtual/pkgconfig )" diff --git a/www-servers/lighttpd/Manifest b/www-servers/lighttpd/Manifest index 16074142be90..82c7b27bace7 100644 --- a/www-servers/lighttpd/Manifest +++ b/www-servers/lighttpd/Manifest @@ -13,4 +13,4 @@ DIST lighttpd-1.4.49.tar.xz 710964 BLAKE2B 112ceb36b45f51c7d5526caba27d2b2aa57ec EBUILD lighttpd-1.4.45-r1.ebuild 5944 BLAKE2B 629426653d2552bcf32d9e8f003b847d30c6692e81625eb1d772929bc4353db4995e8a82241ce645ebb9d9ca3be1482a1d789db4d296e90af0ee771548334966 SHA512 33632d1ab6fd7bb019b1fe8613a931b12e21a7ca79ea486e96c55cbd9529f2c551efcd91f6dc48c663b25087d557a765b729a1bfb93ccbf0ec4d32d4933732b6 EBUILD lighttpd-1.4.49.ebuild 6324 BLAKE2B be7447a25ce7653d34b744bd5c21aaa653847591ea06616996c7703c22f50481102edd9f0f7b0e6bff42019832efc99c9345760f2cd8b8e50399eba02f64c0ae SHA512 d25bf67fcaf6c28009d45aedf338f93a9848da443c70b745d6e4aa000b547b0d9b53f80d2a430c8b99742dc4988505537916905276d3cfc583f995b0f3e751b3 EBUILD lighttpd-9999.ebuild 5950 BLAKE2B f32cb4e5ddf22af2b698aaf17fb33f16862d13e28025984d0468e769af84acff9f2981e69526c139d9192964d57b8b95200edcfb756725855481fc31fbbf73be SHA512 50d096574b0f05c207eca9c18b7b70324c923bbbafe7d42c56770cae8eea3793f46e39c1a9be497fd35dba4844c83a8342c38afcfa4aa4c60ea7f0eb72856e69 -MISC metadata.xml 1165 BLAKE2B c30ad1b686464b6fe7a03b8974b5e74a3ce83644b9509d8c22df81a2b4b8894f7499c0923c11fabeb3124bff27393c5b20fae8014d93e19fe0191f365001d9aa SHA512 c4561396821150f7637246e17680e3c1ae7f3522206c731af66885950c1b2c90405b31d1a066b9c017ea003d37decc647a4676802f7684eae9a62e958d74e32d +MISC metadata.xml 1054 BLAKE2B caf21b255e5eb1fc5300edf62d928b933540613492333abd65dc2c0ae89f5a22c18467ff4ab90b2b0582b4f1eff9bad21eeca91bca9c034377280c9ec022b1f9 SHA512 a773d9b8da2f118b148943c4f78662f26aaea5def18abc37ba39bb539fb31449beb04b8e9f1a09ce893ae07aaea2e2fabb42bcba47c5e9100db1f1ef3bf9ea82 diff --git a/www-servers/lighttpd/metadata.xml b/www-servers/lighttpd/metadata.xml index 592c03d4a050..b9965f6b8b9c 100644 --- a/www-servers/lighttpd/metadata.xml +++ b/www-servers/lighttpd/metadata.xml @@ -1,10 +1,6 @@ - - hwoarang@gentoo.org - Markos Chandras - zlogene@gentoo.org Mikle Kolyada diff --git a/www-servers/nginx-unit/Manifest b/www-servers/nginx-unit/Manifest new file mode 100644 index 000000000000..b6756bb084f9 --- /dev/null +++ b/www-servers/nginx-unit/Manifest @@ -0,0 +1,4 @@ +AUX nginx-unit.initd 291 BLAKE2B a4ce1b0269de3d991bfdf30b6183418d32e2c94d21ca0ab154b9f44521895227057cad1fd2ca72015a4c25c90250cc31a6aa2f637caaa564eee7769a48b4d355 SHA512 89db5f2116d11ff8e741b23e41692585ee7e2446fb6d214666af913a1fec9a2f6d300512cb8d3b6a83795e714d6f17403e22dc12fd9c76b0551c14b71b6fd998 +DIST nginx-unit-1.3.tar.gz 401670 BLAKE2B 34a0ed9631c7061d1c71f8335103b0e266ef6f949afeb8cef283a7b5dd6c9f0a4835f20fdedd091af6950cd0897cb1ab48dea9f475e1b75a2872da7ac0090d10 SHA512 63a47b920bfdae7a7e034d616f520b27b46151a299cf5854373f7f8472043de0ffc98f9d62317c46e637857e0ef24668ded99be6e058315acf25b4e1c7f1ed09 +EBUILD nginx-unit-1.3.ebuild 937 BLAKE2B 09d8c3e3e8e0d0737f94bb1b483479fdce591f3a60a8ac5dab65d94e361e04b6bc1099f6c78432af93469c21c995a0bbde85d916c143ccf92ed0124d3e835913 SHA512 498a05d21d8593c0d640fadabee04245dc7c2c49050c314a1366ae4edd52a268b6a5745aa9d7eecbd0383706cac6c02b7838e0c517206b55b6ddeed849cb9340 +MISC metadata.xml 787 BLAKE2B a88efd7d7a5fe988156edf4775a7d5aca875957d507ae2e95a014b6f1bbbea7c9d66e2081525c3a495bcc88e8541d8d7e3a09bf5426847065c488920c442ed3e SHA512 793dc1852eb308056c81240a596302d647ccf96aae0f2585dc0e68e2cd4dd9444dbb9e65454c640e78377d83a9261dcb343a0082f0cefcfb4f9b5d1259ade15f diff --git a/www-servers/nginx-unit/files/nginx-unit.initd b/www-servers/nginx-unit/files/nginx-unit.initd new file mode 100755 index 000000000000..23720abcc1e1 --- /dev/null +++ b/www-servers/nginx-unit/files/nginx-unit.initd @@ -0,0 +1,14 @@ +#!/sbin/openrc-run +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +command="/usr/sbin/unitd" +pidfile="/run/nginx-unit.pid" + +depend() { + use dns logger netmount +} + +start_pre() { + checkpath -d /var/lib/nginx-unit -o root:root 0770 +} diff --git a/www-servers/nginx-unit/metadata.xml b/www-servers/nginx-unit/metadata.xml new file mode 100644 index 000000000000..7660440b3f51 --- /dev/null +++ b/www-servers/nginx-unit/metadata.xml @@ -0,0 +1,22 @@ + + + + + gentoo@seichter.de + Ralph Seichter + + + proxy-maint@gentoo.org + Proxy Maintainers + + + NGINX Unit is a dynamic web and application server, designed to run + applications in multiple languages. Unit is lightweight, polyglot, and + dynamically configured via API. The design of the server allows + reconfiguration of specific application parameters as needed by the + engineering or operations. + + + nginx/unit + + diff --git a/www-servers/nginx-unit/nginx-unit-1.3.ebuild b/www-servers/nginx-unit/nginx-unit-1.3.ebuild new file mode 100644 index 000000000000..da3e472ba88a --- /dev/null +++ b/www-servers/nginx-unit/nginx-unit-1.3.ebuild @@ -0,0 +1,39 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +DESCRIPTION="A dynamic web and application server" +HOMEPAGE="https://unit.nginx.org" +SRC_URI="https://unit.nginx.org/download/unit-${PV}.tar.gz -> ${P}.tar.gz" +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" + +IUSE="perl python" +REQUIRED_USE="|| ( ${IUSE} )" +DEPEND="perl? ( dev-lang/perl:= ) + python? ( dev-lang/python:= )" +RDEPEND="${DEPEND}" +S="${WORKDIR}/unit-${PV}" + +src_configure() { + ./configure \ + --prefix=/usr \ + --log=/var/log/${PN} \ + --state=/var/lib/${PN} \ + --pid=/run/${PN}.pid \ + --control=unix:/run/${PN}.sock || die "Core configuration failed" + for flag in ${IUSE} ; do + if use ${flag} ; then + ./configure ${flag} || die "Module configuration failed: ${flag}" + fi + done +} + +src_install() { + default + keepdir /var/lib/${PN} + fperms 0770 /var/lib/${PN} + newinitd "${FILESDIR}/${PN}.initd" ${PN} +} diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest index 2fd9f6c0b8eb..11bd30e3696d 100644 --- a/www-servers/nginx/Manifest +++ b/www-servers/nginx/Manifest @@ -10,12 +10,9 @@ AUX nginx.initd-r4 2192 BLAKE2B b482b9cc473a1df06764d60c7ce5c99a3f680778028bf440 AUX nginx.logrotate-r1 257 BLAKE2B d62c57377efd5259b6c776861d921b6e4ea026387157d618abd9e578f2e432ac0cf653a0f3842a0620d405759216bdc17afd50b33aaec3ad0c6757dfac3e34d8 SHA512 4892fc1700817c9a459a531df0320fe606a51be7f8b4e3ddf5852fe33def70dbff36fcefd2fce247c6846d6315ea92f3421eb21299a162d082b85fa27572cd95 AUX nginx.service-r1 327 BLAKE2B 081c72f7f7b98e30b2b45aeb8b1e4ead935c5b9a558fcfc7c18c20a2c0f18711272e91f4688c04c7f0eb833be8f7daff2f7d01bd1a04981f03ed54a07fe1148c SHA512 9b6bcf74df2f74ae6a2c255ebf2d826ea92ed9921b9995da6c9a0c5656e2863a2fe5293ef8a656fbd36298602cc88ffc5d7acfbbf143c23a78c9689d61b05df9 DIST modsecurity-2.9.2.tar.gz 4298993 BLAKE2B 32a92148f0e1a1166cf888b8172fc55340c5712c9b770583703c74db450e77226629640c9db03f32e9f28397e6488669d06a89e4d31cb5ab5fff26b30ad843e0 SHA512 69c87ef6f7b6411f4803eb25af32969a1da59722121257c2edf345a3f5a4ab9ae8a49c886cbbfc722c5bda91c6d6ea55232f968c0a0407d7d7b3af53dc862c21 -DIST nginx-1.12.2.tar.gz 981687 BLAKE2B cca2d2b2267fee6feac7e91a5aaec229251e829203b02c207a6a89644fd6b1f2003d75225fadde9fdfc8dda444dc53c7ff0033a1e15a0f25019c878fc716d83f SHA512 3faa2043e237a7e1d15cc5661ac9d002a965220a78c25a863be9f19e01007347e53f776b61c229f6bd3d916cc1ccf92de260811f7b8092ec1b747fba7c0061f7 DIST nginx-1.14.0.tar.gz 1016272 BLAKE2B 37d292955dc5f03f6b3b05fd434807ba1033fab73494866e8bacb99df1d595a7665b3722e9bb7227a119cabfea79be08a14e589565cedb78693fc3990cee4466 SHA512 40f086c9f741727e6f55802b6c3a66f081f7c49c38646dc1491aa3e3c35bae12b65ea6594386609fc849bcd99a60d7cd8ecb3f8d519e0e9ab8db01d653e930e9 -DIST nginx-1.15.0.tar.gz 1020675 BLAKE2B b8151877d06f96276fc8186dc8c32b8f1479e27c7f6bdba9158b1d945661891e14c39d2ab3ff8991b3906c5fffe721ab4014d709895a6e3f5bc22b687ea3c536 SHA512 7dbdf437d8d546059a8a03aa9c8d2be98dba7306e2daa49611c16f1e56413a25d4c622da13a815e8075a10f4a0cd744167deaeb971c0a69189940a7a05fa32df DIST nginx-1.15.1.tar.gz 1024086 BLAKE2B 411f566f53fcae62a8b539ac3809d75dc7eaae763c757818931a666e9ed9d2f2b266a7691f58d2ab62bb97d930dfc40f2dc96d199d9a066329ccbcd82d4d2200 SHA512 bdb15791cd599d72a93d85772f8d35d83a76bab10fdfd76929173f81ed1dbad125addc305a6308c0f3d71efb836bc715acf48940047ec17fd48cf37e05b56d17 DIST nginx-auth-ldap-42d195d7a7575ebab1c369ad3fc5d78dc2c2669c.tar.gz 18457 BLAKE2B 22225ca9e5299b20ab5a93a001cac48e446bd86b3a24ac49e716bc975b128890bdb4b0dbbf5730fbaaeadfd958160093c7a6af798dd0e6de27062f149a760333 SHA512 ec59637fda5acac053e815cb1d04b545fc6b765e5ec63d8c2c9c301abad87afaa2698145acac08e9e14c91e1423ebff7aff0cca2b940b19ccccbf4cf53973269 -DIST nginx-auth-ldap-49a8b4d28fc4a518563c82e0b52821e5f37db1fc.tar.gz 17159 BLAKE2B f2209c8b5eb5616a362f2b532245167a5940faad6d66d98a94b3bf2d1e33a73492d42c60a9ddad347a592362a002ff38273a5d1f61f663984a09e14a3fe35e0f SHA512 323abd0ca8e90f5afcaf81a8ff1a8abe3dfcbff3d69f0dd4a1c005fe6436acbf3076c4c57a4df877b3d8e388cbea085d46301bb2df9c0752e2567817ff7cca92 DIST nginx_http_sticky_module_ng-1.2.6-10-g08a395c66e42.tar.bz2 124047 BLAKE2B d37ef9a15c91abe3c6258e420d1f99fa452f9d9966a0e13102174973314a3bac5413957a5fe632a9dcb1163b3be5df8116e05cc053ee061e19319ec25f341570 SHA512 6c1bfdcf89884b2855d51ae7da0f6e53a4ca3629e1aaf58433b70c07dcb2af797ba6e87d9b3eb4fe2fb6d4d697e862f2b4c2f8d8b3fdaea201740c97ec936529 DIST ngx_brotli-0.1.2.tar.gz 12668 BLAKE2B 904d3f28dcf9f2d5a8eefa2ab8ff991e34624897a9932e351ec4cea05f2b0dbee34ea495de2d546510a556fb10041b388be963f28fecfcd7dc8638f950b36fd0 SHA512 661b4ce5cc678600e5df6be7588b0f0d5d914df9a6788c994cebfa25e211720b9e7d2c08fc34eb6a84743ae2929920ebf2888075e122ac23816ab7c0f3ef4b76 DIST ngx_devel_kit-0.3.0-r1.tar.gz 66455 BLAKE2B e4e987a85b2283ba540b4b894382e65dac7fbca23e233b1031b38828908088370cdb1a9bded4d4ee1ceb1c2e1d506dc2b6f4ba5f6ee94248e863def5a1c8dd1a SHA512 558764c9be913a4f61d0e277d07bf3c272e1ce086b3fadb85b693a7e92805cd9fca4da7a8d29c96e53fc0d23b331327d3b2561ff61f19d2330e7d5d35ac7d614 @@ -23,32 +20,21 @@ DIST ngx_http_auth_pam-1.5.1.tar.gz 6863 BLAKE2B 00807cc3db8f6c007c968b8a30d7f60 DIST ngx_http_cache_purge-2.3.tar.gz 12248 BLAKE2B f83b267f4c19a9d4af5964522695814c164d200ecd4108bf8f6b5c21388eba8af989bdda646dee18a03174211e8c090a04736bbeb44043cb0e19fbccdc66278e SHA512 50a31dbf2216a6fae74a186af56dec4600cf55777e76a10ac0075f609e7737135aab063a64f2590dddcd0369ebebd4a523027f3d9ebcca74f7b4355be1c5dcc0 DIST ngx_http_dav_ext-0.1.0.tar.gz 6614 BLAKE2B 3951b573e80e8f02199680fb1ba23baa9ed0845002bf5c78fec291f3a2c01017bcf90f969e924d2e1e03db2aef364af6eaa19398478dfc22fc5bdd57508a9cbd SHA512 47b1686b483640a7fdcbf8081aae2e9f83fb0072ef0940b1cd7f8ddf4932317740b38f0dd4a8f3dd8da074c11c70038ac6758c0feafd3851331acdc85f3e0ee1 DIST ngx_http_echo-0.61.tar.gz 53155 BLAKE2B 72565b5d79598b5dcd1c10fa0f718e749894ca5f1232d5aae60c61e268b5904af35fdcd35afcf72de93852af9e0ca58805d77cbc37919fba9012158b5545baab SHA512 c90b81a4e85a8e9beeb5ff591dc91adb25fa4e0b6cb47086b577e5fa36db2368442dd011187675e358781956c364b949bc4d920ca2b534481b21c9987d2a9a3b -DIST ngx_http_fancyindex-0.4.2.tar.gz 22047 BLAKE2B ce2cd4bffd7ec4cd0688ca79002b4cef70bb242a7c10dbc1a590786330eac628ee080b7bf9087a791ccb0e2e097cb1f8ef7d355ededccb323ecd7fa4f2a237d3 SHA512 aee121e4d25872f0eee6c8150c8c732767ab24c61dc4f6e3f86bd6edc53ad715f3c23045362954a1ad2086ff1002bca821b2e9a53b58b077cbda91a95077ef76 DIST ngx_http_fancyindex-0.4.3.tar.gz 25274 BLAKE2B 5ce3102326f6b8cc2b333ed08f7a66476842d2c70089175e577a3ba958317ed702f24ece002506007eb45e9e50b8f6ecb137cde222566308986cba2682b70f7d SHA512 fe5f6afc29c99f66151c1a06e27b5749b0a16227638583d9c961adc94b2942b981184382f95e70d927f00b09b43f597b963a85a41bde5903b10e42f86bc321f1 DIST ngx_http_geoip2_module-2.0.tar.gz 6766 BLAKE2B 338c9503530ebba6076a2222fe9d164fdfe39ac603c4ecc7ad5b5d1482c1e21d0f1bc52be585d6a88968b29edfd8b1b63ce572e9ee8d8efb4d88889ef4cbb65b SHA512 32a23ba20e4ef3885b09baf938ef57405a6f23e86a7dbecbe5285be74c0433fc33eee70742113706e66ee105909deb1ec844ce36a6f33108597f736341d8c230 -DIST ngx_http_headers_more-0.32.tar.gz 28033 BLAKE2B 51cff34f9a690a3c9a2a05b04084cdd51530b1f41baa1d487bd5bd4349d37a6cc48edffb78466572bee3e42aea10f56e1f8bc47d53a2790023ff831eaa72381f SHA512 e42582b45c3111de3940bbeb67ce161aca2d55adcfb00c61c12256fa0e36221d38723013f36edbcf6d1b520f8dfb49d4657df8a956e66d36e68425afad382bd1 DIST ngx_http_headers_more-0.33.tar.gz 28130 BLAKE2B fe3097a7700ce5da087058f7bb44c95164b75137031187400473f6833bf0e33e5c4920807225a6ff94174fe7dbd6186cca176a33a629ca0911faab6804bdd12a SHA512 13165b1b8d4be281b8bd2404fa48d456013d560bace094c81da08a35dc6a4f025a809a3ae3a42be6bbf67abbcbe41e0730aba06f905220f3baeb01e1192a7d37 -DIST ngx_http_lua-0.10.10.tar.gz 611973 BLAKE2B c84d039087973cc6f718fd5cfcb043fd96893d790d2d65b448faf63ad7e3b8713d529c7804a436cc972bcabb9d4d3a8a605fe70a4ccf0a696dfc493656ac513c SHA512 3440e3fe714407f0ff61e0da207669655b443f7b70ef8a91693ea05ed96d8fde349d9c8ea30d5ff53ea3f8e4a5c7d0a2834e136c340b1b1365d62006339a1e4d DIST ngx_http_lua-0.10.13.tar.gz 624102 BLAKE2B 009506e4cd505a2e383e2c6344b62b541b3bbb28410d4ae2e88139227e22e19dd14372a902f172fadaf82a76c5875936caff4a8c98ff740456488e5ac6ff8c53 SHA512 8c316b9d12dc35779fcddc6bb90942c096f19fd8c2e090b8397e1e1ca6f0ebd7a4edddc03fddb31310147ba4e9db9fc4b3749cfd2323046d88045b3b3333f07d -DIST ngx_http_naxsi-0.55.3.tar.gz 187416 BLAKE2B de4b00bcfa3e81b7f339bde9f2517e228d2f914c1ac76babd7db1419168814d30f44623a67c0f79475c232ca456792cbdc8f2b6ef3ebd1524eff3f2acfa87685 SHA512 9e8f41a5cd1342cc9b8aa334a603842d14a256aab1f4a21205bb1278aecbb0c49e39c889d8113a5b41aad2efeaa2ed9f11cba6929173f50add91f54c4c59c8a0 DIST ngx_http_naxsi-0.56.tar.gz 192120 BLAKE2B cdbfc278f346ccdc0d5407d70ddd4740816d9fe786d3d65189d47e6f3b030c02352a30ed86bf1650139a21a8408e74c1ec7d7aa3512df1428870279ab384dd15 SHA512 4660751849bce303af6010b7257532404710106a94817e78d4bc4b566f8019620f24f30207f1d4366b88132a5124e34b164dc67ed80b6710f4bad66115564cbd -DIST ngx_http_push_stream-0.5.2.tar.gz 182008 BLAKE2B b53c1269a5b96b35054011879dc2288ec7c9dd3965a1d4cea73fb7804626797b3cf7929ffa00fb0fc7479f5d6a7f8d006dbdde1ffa435f878c7cc9278e6cca00 SHA512 ee8bf9ece652da6aa5a39879298bba70d1842696545259f3f5e302cc61397b35f016364805805f9ab1914fc39ed2f07c015e042155789073e3d1fdc02a0783de DIST ngx_http_push_stream-0.5.4.tar.gz 183493 BLAKE2B ccae3113071cee38fa6a7accd580922dc2fc9fa22af737f400c2c5f59352d93ca6cceb47f2aee70dfc111afdf98d27aeb64ddc5a4dbf617359ea4da09486ac7f SHA512 467ae49409adb675979ff591f98df8c96d71ab5ebc2ef9b3c9430e38e7e84d311b4a98c2b1cb1886d895735223dd2a43370aab61b57b34adb1427c184e6b8c86 DIST ngx_http_slowfs_cache-1.10.tar.gz 11809 BLAKE2B 54ec1bd0d1cc43cdaafc93ebd46b33374c57351c7f022eae0351d6961680abb03d896e7f058e67c43c4fee300253354feccb92d00e62bf91250e251e1860ec03 SHA512 fbc9609a8d6913aeefe535f206b9e53477503f131934ead2ae5a6169e395af2f5fb54778704824d5eeb22a4ef40a11ebbcde580db62a631f70edcc2cfc06b15d DIST ngx_http_upload_progress-0.9.2-r1.tar.gz 17268 BLAKE2B 7bbbf52e326c64a008339d2f80f123630fd314f705224c8f1c7d0c90bb4d31a24aaa95df55c9022838179114a031731a894992960aecc727635e0e2a0761d2c4 SHA512 c31c46344d49704389722325a041b9cd170fa290acefe92cfc572c07f711cd3039de78f28df48ca7dcb79b2e4bbe442580aaaf4d92883fd3a14bf41d66dd9d8c -DIST ngx_http_upstream_check-31b1b42873fa56620d8a873ac13f5f26b52d0cd6.tar.gz 130052 BLAKE2B 0ff95fc9780193b514fc7b28f6c5c1a58942cd54472a495a1812a48ef4039390241c20c8a3e8dfd6168e87df3a9e3b37e9c33f11d13bdf5fb0d1f37041fe4ee8 SHA512 e7ea6712c27fd2610e8681b7f687e24c94cd7558d6f19f87568d4c2169115678a61c58b1cd3686a927173b566ff1e10cb1fb767fe63db61f860a77bac9792f9b DIST ngx_http_upstream_check-9aecf15ec379fe98f62355c57b60c0bc83296f04.tar.gz 130073 BLAKE2B 3c93cef79425a46e22ae39adf13d5ebb0e5d36f5d6be8555ec068dd0017918f5355d82fbbe90ba934e58c52e89c2096e24012f75390c7159d1ebacfaaa112308 SHA512 fad2a0d3ac332b6e67c52e3525f6df8a432df3e92bc173190b8107fba7f24476ab9dae4824630299af68c15e856409bd47a3a79fb5b65e03a5133eb90142b8fc -DIST ngx_http_vhost_traffic_status-0.1.17.tar.gz 380239 BLAKE2B ca642825d02a11d289ca45dfc6231e8ddb13d72bce0343beb2e7fea8f255ac30bdc7751ae1c521f42c5de0245ecd0cff31fea050f7c5b4610620e43c6f4250f2 SHA512 cb9abe922b0494c2587e404b0d603a0441a9a328ef5a83b11e0323e8038010e7d69dfa0d9e5c7122d7bd9b6799a684d4d934e5473442f9f41344c8d38d0d6550 DIST ngx_http_vhost_traffic_status-0.1.18.tar.gz 380327 BLAKE2B 700f48ec3ae7b38d4498b1ca6f7e08069befb4b76a20cc0619d16e613c1efb387eace906901fcb098159bc20acfc8723d98aec690e11deaff949f5612dd414f9 SHA512 86b980095b3b80c8dce2e355db514cb4b3039c8408a2f5ca6df9e105d5462952fddd70f6581ec6aa2763e560b591664c27eefd978c4ea777b1f1f808bc60d4ec -DIST ngx_memc_module-0.18.tar.gz 37113 BLAKE2B e5b89c7c7a3e6f8ee7c1b2623fbec78851a9d7c1c37c1924e8c010b45a4e034afe504a5e228361ad88cf57e83ce06f5f6d635301f8201f1ebd7e99f30447d524 SHA512 8087bd361fb4e522493e66f93d59c9b13245d6eef0fe4a53f619d1826feb02af60769c0a04f87f2faf5308a44b794ef146a445bdbe7cbc7f21c0edaaba08c706 DIST ngx_memc_module-0.19.tar.gz 34654 BLAKE2B 536384c264d88535179634d459d3a47b1d9b11885fbce46fbe9fa4df3dce365320b5963c56aecde3b0039d4f9954943d95f25c5f4fada6256861257f82ebbb12 SHA512 a64ec8dffcd011db2cd12b501271bf5c408f2f31fd2bf477b8db4e88adc5bb5732c4c2181ed8378cab6a937869d8f747ef52b22fe256c90df8440b91890edbe7 DIST ngx_metrics-0.1.1.tar.gz 2964 BLAKE2B 95d71ea26c949c345b83e353bd66a20df18cc8b2b93f692615a1b39c1f327393647f80e7a27e6929799a6e7e3469b61e1cd72f7821f7a820da4dd7cd9a96d85c SHA512 d36a8fb0104c83b6b564e03b351aa750cab08650264c74d6f786af357bfb7006b531a93270dd961896ea8dafe27e5db8548ede714c5f52c4742876bc73af4b5e DIST ngx_mogilefs_module-1.0.4.tar.gz 11208 BLAKE2B e0729b66554c8890727190a624d4c9aef6499dfc2e301541a9bfc15690caf6d3155c8a4b8f7a1555a7655b47aa0cd1b797aeb8ba82efa92ab80808218a0bdcff SHA512 b8cb7eaf6274f4e2247dbcb39db05072d2b2d4361256a325fafab5533d7ce0c4ae9e2905b954dfcfa4789c9cab5cccf2ac1c3a1f02f6a327ed95b562d7773ed1 -DIST ngx_rtmp-1.2.0.tar.gz 519895 BLAKE2B a5a888473dd2ba2320ff74017e8445d96fa3e361acc559edb270ad075c937ab5630e537a67ad8ed134a7ec5809ae63e38791ac25ceab3e26160469be8cc2e82c SHA512 8965d9bee91a46375516ccd012d1c43cd23f15c0630d11ed01472b9a84504574b476f22c5584f43c972a8f923e9ae025b9b60c64aace0ed159c7279bcbd376c8 DIST ngx_rtmp-1.2.1.tar.gz 519919 BLAKE2B 744ccb8031eb9653f158f9eceba64fc9c8af7b9a42e64ef996ab3bbbe1402e5ffd3efcc8e4aaca437eb5e208e4b6f2d8643fcca953b32f32543eaa1ae4d9505c SHA512 4a0af5e9afa4deb0b53de8de7ddb2cfa6430d372e1ef9e421f01b509548bd134d427345442ac1ce667338cc2a1484dc2ab732e316e878ac7d3537dc527d5f922 DIST njs-0.2.2.tar.gz 253349 BLAKE2B 1ca508677a251ff38f5bca01292f2c7d2c41ac1c5d2cffae8b565694cbed9ebb2811b7e8893ea03384810e169ebb0cccfbf51d36166fcbc32e77fb30ba90d664 SHA512 e309b06b66e955873b82ef6c8881c3a98e0cf22e379b292c7561947db34c28990ade5461f42561e73c79c8e1e7914a990a003926054f884551edc16015ac4792 -EBUILD nginx-1.12.2-r1.ebuild 37150 BLAKE2B 65fed3395350ccd46c82c77e42ca5b0407127832fae1b3a3b660fd5d6f13adc6aef65cd340d41c5a0212241881f23843f1cf849dfc46c972f3741e0facc2d5a8 SHA512 59897652e9dfd97468de4b447cbd080917f65d12507ffd2ec0037227c69b029242c8710aa20c041a6f3abe93d8ffd1e8678c131059b612697e1af1d6b702b31c -EBUILD nginx-1.14.0-r2.ebuild 40276 BLAKE2B 4b7fddc3b817e9ca09ca54d5e2dae1c55f01d67647cac6e273afef97981bd9ef20a366475ffc246d8fd5e9c3a8460c0ba372090262b71e8c3e971ea281fa97da SHA512 6ea5e5f876331ed22faeda24d0147505cc5861af845fb45bf4c83d8633dd7beeb05394faebc86425ca906f82659a154b66d7d1a5409b77ddcec41e4625036ef3 -EBUILD nginx-1.15.0-r2.ebuild 40280 BLAKE2B 845639f3598f198e429217c7fad6e7fb42f2d152c8b3e9e713616ee85e0d0b10a85f6bbacfbb63cf45e71ae64163a0985ccb9eb7e0786bb7697bd3ff0b67ba28 SHA512 abb4b16b2f18491c146ee4f8da04d2c7dfa41b1c5d66bdd115ea8a693336d9959576df88d3844358776395152d77b424d36390a43fc1419c88a0bd676b565c16 -EBUILD nginx-1.15.1.ebuild 40278 BLAKE2B 8de00b6addf8957495de879195e0f012484ce8ffba25002186f879b52d8eea9fab9b23d654f642140b56aea70b76da891def4200f49e9cb3061743afcff45d2c SHA512 dac22595fcb2406fa456547b4ae9b83157ff71ac2b53c7dfa2a7bff158e076866596ff5c7f42ed27e0b754072be688c3f0a5cd4e03800b61849463da6cb1d770 +EBUILD nginx-1.14.0-r3.ebuild 40382 BLAKE2B ebc47bcb33f3d29bb4bad703d9ec546e81e090ffca9c091dc318341fcae94119a55a75b2c5a978ea053e9993994e422d35b3b3d3132407d936802fc4c638afc3 SHA512 deb04864d61dbde0167d33398264fbea63dcd4d141921fc68a65457deacc5e867d3fa9a811eb85ed8a0398c0054a25509ad10ed69ee7b9f10e282771d7623951 +EBUILD nginx-1.15.1-r1.ebuild 40384 BLAKE2B 361936e392b9cc5d981258039fe9d151f543ce5a8a71070ace452c1c8637858da88d837ea4a98daf20d6a00b2dff4c1dac2302a6eb6a0d9795fb08e115ec3ef1 SHA512 6d8785bdf574bc9c24484d46e743c9201fb441573de42acba7e00713b2f2094ec268439c50e0f17fd706c705298c5d41ed0772cbd17c7d1ca98011df22f8dc43 MISC metadata.xml 1310 BLAKE2B 6f40252a833a188f4b62cb2f2a126f93e68cdcd0e3575febdc371106c82d7ebdc6931b162a5ef8070fb6fe1f18e969191f67d3ccdd5e55712dc4d209c16c34c9 SHA512 10403ec29eaa83eb45b7b0b78340103b226145b52b3795e18b1e8bf272efa83586bc190e6e66061f33544434e3c2f94d2229be988733713578e9bb495ce7219c diff --git a/www-servers/nginx/nginx-1.12.2-r1.ebuild b/www-servers/nginx/nginx-1.12.2-r1.ebuild deleted file mode 100644 index 40d650b17fe8..000000000000 --- a/www-servers/nginx/nginx-1.12.2-r1.ebuild +++ /dev/null @@ -1,1005 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -# Maintainer notes: -# - http_rewrite-independent pcre-support makes sense for matching locations without an actual rewrite -# - any http-module activates the main http-functionality and overrides USE=-http -# - keep the following requirements in mind before adding external modules: -# * alive upstream -# * sane packaging -# * builds cleanly -# * does not need a patch for nginx core -# - TODO: test the google-perftools module (included in vanilla tarball) - -# prevent perl-module from adding automagic perl DEPENDs -GENTOO_DEPEND_ON_PERL="no" - -# devel_kit (https://github.com/simpl/ngx_devel_kit, BSD license) -DEVEL_KIT_MODULE_PV="0.3.0" -DEVEL_KIT_MODULE_P="ngx_devel_kit-${DEVEL_KIT_MODULE_PV}-r1" -DEVEL_KIT_MODULE_URI="https://github.com/simpl/ngx_devel_kit/archive/v${DEVEL_KIT_MODULE_PV}.tar.gz" -DEVEL_KIT_MODULE_WD="${WORKDIR}/ngx_devel_kit-${DEVEL_KIT_MODULE_PV}" - -# http_uploadprogress (https://github.com/masterzen/nginx-upload-progress-module, BSD-2 license) -HTTP_UPLOAD_PROGRESS_MODULE_PV="0.9.2" -HTTP_UPLOAD_PROGRESS_MODULE_P="ngx_http_upload_progress-${HTTP_UPLOAD_PROGRESS_MODULE_PV}-r1" -HTTP_UPLOAD_PROGRESS_MODULE_URI="https://github.com/masterzen/nginx-upload-progress-module/archive/v${HTTP_UPLOAD_PROGRESS_MODULE_PV}.tar.gz" -HTTP_UPLOAD_PROGRESS_MODULE_WD="${WORKDIR}/nginx-upload-progress-module-${HTTP_UPLOAD_PROGRESS_MODULE_PV}" - -# http_headers_more (https://github.com/agentzh/headers-more-nginx-module, BSD license) -HTTP_HEADERS_MORE_MODULE_PV="0.32" -HTTP_HEADERS_MORE_MODULE_P="ngx_http_headers_more-${HTTP_HEADERS_MORE_MODULE_PV}" -HTTP_HEADERS_MORE_MODULE_URI="https://github.com/agentzh/headers-more-nginx-module/archive/v${HTTP_HEADERS_MORE_MODULE_PV}.tar.gz" -HTTP_HEADERS_MORE_MODULE_WD="${WORKDIR}/headers-more-nginx-module-${HTTP_HEADERS_MORE_MODULE_PV}" - -# http_cache_purge (http://labs.frickle.com/nginx_ngx_cache_purge/, https://github.com/FRiCKLE/ngx_cache_purge, BSD-2 license) -HTTP_CACHE_PURGE_MODULE_PV="2.3" -HTTP_CACHE_PURGE_MODULE_P="ngx_http_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}" -HTTP_CACHE_PURGE_MODULE_URI="http://labs.frickle.com/files/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}.tar.gz" -HTTP_CACHE_PURGE_MODULE_WD="${WORKDIR}/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}" - -# http_slowfs_cache (http://labs.frickle.com/nginx_ngx_slowfs_cache/, BSD-2 license) -HTTP_SLOWFS_CACHE_MODULE_PV="1.10" -HTTP_SLOWFS_CACHE_MODULE_P="ngx_http_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}" -HTTP_SLOWFS_CACHE_MODULE_URI="http://labs.frickle.com/files/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}.tar.gz" -HTTP_SLOWFS_CACHE_MODULE_WD="${WORKDIR}/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}" - -# http_fancyindex (https://github.com/aperezdc/ngx-fancyindex, BSD license) -HTTP_FANCYINDEX_MODULE_PV="0.4.2" -HTTP_FANCYINDEX_MODULE_P="ngx_http_fancyindex-${HTTP_FANCYINDEX_MODULE_PV}" -HTTP_FANCYINDEX_MODULE_URI="https://github.com/aperezdc/ngx-fancyindex/archive/v${HTTP_FANCYINDEX_MODULE_PV}.tar.gz" -HTTP_FANCYINDEX_MODULE_WD="${WORKDIR}/ngx-fancyindex-${HTTP_FANCYINDEX_MODULE_PV}" - -# http_lua (https://github.com/openresty/lua-nginx-module, BSD license) -HTTP_LUA_MODULE_PV="0.10.10" -HTTP_LUA_MODULE_P="ngx_http_lua-${HTTP_LUA_MODULE_PV}" -HTTP_LUA_MODULE_URI="https://github.com/openresty/lua-nginx-module/archive/v${HTTP_LUA_MODULE_PV}.tar.gz" -HTTP_LUA_MODULE_WD="${WORKDIR}/lua-nginx-module-${HTTP_LUA_MODULE_PV}" - -# http_auth_pam (https://github.com/stogh/ngx_http_auth_pam_module/, http://web.iti.upv.es/~sto/nginx/, BSD-2 license) -HTTP_AUTH_PAM_MODULE_PV="1.5.1" -HTTP_AUTH_PAM_MODULE_P="ngx_http_auth_pam-${HTTP_AUTH_PAM_MODULE_PV}" -HTTP_AUTH_PAM_MODULE_URI="https://github.com/stogh/ngx_http_auth_pam_module/archive/v${HTTP_AUTH_PAM_MODULE_PV}.tar.gz" -HTTP_AUTH_PAM_MODULE_WD="${WORKDIR}/ngx_http_auth_pam_module-${HTTP_AUTH_PAM_MODULE_PV}" - -# http_upstream_check (https://github.com/yaoweibin/nginx_upstream_check_module, BSD license) -HTTP_UPSTREAM_CHECK_MODULE_PV="31b1b42873fa56620d8a873ac13f5f26b52d0cd6" -HTTP_UPSTREAM_CHECK_MODULE_P="ngx_http_upstream_check-${HTTP_UPSTREAM_CHECK_MODULE_PV}" -HTTP_UPSTREAM_CHECK_MODULE_URI="https://github.com/yaoweibin/nginx_upstream_check_module/archive/${HTTP_UPSTREAM_CHECK_MODULE_PV}.tar.gz" -HTTP_UPSTREAM_CHECK_MODULE_WD="${WORKDIR}/nginx_upstream_check_module-${HTTP_UPSTREAM_CHECK_MODULE_PV}" - -# http_metrics (https://github.com/zenops/ngx_metrics, BSD license) -HTTP_METRICS_MODULE_PV="0.1.1" -HTTP_METRICS_MODULE_P="ngx_metrics-${HTTP_METRICS_MODULE_PV}" -HTTP_METRICS_MODULE_URI="https://github.com/madvertise/ngx_metrics/archive/v${HTTP_METRICS_MODULE_PV}.tar.gz" -HTTP_METRICS_MODULE_WD="${WORKDIR}/ngx_metrics-${HTTP_METRICS_MODULE_PV}" - -# naxsi-core (https://github.com/nbs-system/naxsi, GPLv2+) -HTTP_NAXSI_MODULE_PV="0.55.3" -HTTP_NAXSI_MODULE_P="ngx_http_naxsi-${HTTP_NAXSI_MODULE_PV}" -HTTP_NAXSI_MODULE_URI="https://github.com/nbs-system/naxsi/archive/${HTTP_NAXSI_MODULE_PV}.tar.gz" -HTTP_NAXSI_MODULE_WD="${WORKDIR}/naxsi-${HTTP_NAXSI_MODULE_PV}/naxsi_src" - -# nginx-rtmp-module (https://github.com/arut/nginx-rtmp-module, BSD license) -RTMP_MODULE_PV="1.2.0" -RTMP_MODULE_P="ngx_rtmp-${RTMP_MODULE_PV}" -RTMP_MODULE_URI="https://github.com/arut/nginx-rtmp-module/archive/v${RTMP_MODULE_PV}.tar.gz" -RTMP_MODULE_WD="${WORKDIR}/nginx-rtmp-module-${RTMP_MODULE_PV}" - -# nginx-dav-ext-module (https://github.com/arut/nginx-dav-ext-module, BSD license) -HTTP_DAV_EXT_MODULE_PV="0.1.0" -HTTP_DAV_EXT_MODULE_P="ngx_http_dav_ext-${HTTP_DAV_EXT_MODULE_PV}" -HTTP_DAV_EXT_MODULE_URI="https://github.com/arut/nginx-dav-ext-module/archive/v${HTTP_DAV_EXT_MODULE_PV}.tar.gz" -HTTP_DAV_EXT_MODULE_WD="${WORKDIR}/nginx-dav-ext-module-${HTTP_DAV_EXT_MODULE_PV}" - -# echo-nginx-module (https://github.com/openresty/echo-nginx-module, BSD license) -HTTP_ECHO_MODULE_PV="0.61" -HTTP_ECHO_MODULE_P="ngx_http_echo-${HTTP_ECHO_MODULE_PV}" -HTTP_ECHO_MODULE_URI="https://github.com/openresty/echo-nginx-module/archive/v${HTTP_ECHO_MODULE_PV}.tar.gz" -HTTP_ECHO_MODULE_WD="${WORKDIR}/echo-nginx-module-${HTTP_ECHO_MODULE_PV}" - -# mod_security for nginx (https://modsecurity.org/, Apache-2.0) -# keep the MODULE_P here consistent with upstream to avoid tarball duplication -HTTP_SECURITY_MODULE_PV="2.9.2" -HTTP_SECURITY_MODULE_P="modsecurity-${HTTP_SECURITY_MODULE_PV}" -HTTP_SECURITY_MODULE_URI="https://www.modsecurity.org/tarball/${HTTP_SECURITY_MODULE_PV}/${HTTP_SECURITY_MODULE_P}.tar.gz" -HTTP_SECURITY_MODULE_WD="${WORKDIR}/${HTTP_SECURITY_MODULE_P}" - -# push-stream-module (http://www.nginxpushstream.com, https://github.com/wandenberg/nginx-push-stream-module, GPL-3) -HTTP_PUSH_STREAM_MODULE_PV="0.5.2" -HTTP_PUSH_STREAM_MODULE_P="ngx_http_push_stream-${HTTP_PUSH_STREAM_MODULE_PV}" -HTTP_PUSH_STREAM_MODULE_URI="https://github.com/wandenberg/nginx-push-stream-module/archive/${HTTP_PUSH_STREAM_MODULE_PV}.tar.gz" -HTTP_PUSH_STREAM_MODULE_WD="${WORKDIR}/nginx-push-stream-module-${HTTP_PUSH_STREAM_MODULE_PV}" - -# sticky-module (https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng, BSD-2) -HTTP_STICKY_MODULE_PV="1.2.6-10-g08a395c66e42" -HTTP_STICKY_MODULE_P="nginx_http_sticky_module_ng-${HTTP_STICKY_MODULE_PV}" -HTTP_STICKY_MODULE_URI="https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/${HTTP_STICKY_MODULE_PV}.tar.bz2" -HTTP_STICKY_MODULE_WD="${WORKDIR}/nginx-goodies-nginx-sticky-module-ng-08a395c66e42" - -# mogilefs-module (https://github.com/vkholodkov/nginx-mogilefs-module, BSD-2) -HTTP_MOGILEFS_MODULE_PV="1.0.4" -HTTP_MOGILEFS_MODULE_P="ngx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}" -HTTP_MOGILEFS_MODULE_URI="https://github.com/vkholodkov/nginx-mogilefs-module/archive/${HTTP_MOGILEFS_MODULE_PV}.tar.gz" -HTTP_MOGILEFS_MODULE_WD="${WORKDIR}/nginx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}" - -# memc-module (https://github.com/openresty/memc-nginx-module, BSD-2) -HTTP_MEMC_MODULE_PV="0.18" -HTTP_MEMC_MODULE_P="ngx_memc_module-${HTTP_MEMC_MODULE_PV}" -HTTP_MEMC_MODULE_URI="https://github.com/openresty/memc-nginx-module/archive/v${HTTP_MEMC_MODULE_PV}.tar.gz" -HTTP_MEMC_MODULE_WD="${WORKDIR}/memc-nginx-module-${HTTP_MEMC_MODULE_PV}" - -# nginx-ldap-auth-module (https://github.com/kvspb/nginx-auth-ldap, BSD-2) -HTTP_LDAP_MODULE_PV="49a8b4d28fc4a518563c82e0b52821e5f37db1fc" -HTTP_LDAP_MODULE_P="nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}" -HTTP_LDAP_MODULE_URI="https://github.com/kvspb/nginx-auth-ldap/archive/${HTTP_LDAP_MODULE_PV}.tar.gz" -HTTP_LDAP_MODULE_WD="${WORKDIR}/nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}" - -# We handle deps below ourselves -SSL_DEPS_SKIP=1 -AUTOTOOLS_AUTO_DEPEND="no" - -inherit autotools ssl-cert toolchain-funcs perl-module flag-o-matic user systemd versionator multilib - -DESCRIPTION="Robust, small and high performance http and reverse proxy server" -HOMEPAGE="https://nginx.org" -SRC_URI="https://nginx.org/download/${P}.tar.gz - ${DEVEL_KIT_MODULE_URI} -> ${DEVEL_KIT_MODULE_P}.tar.gz - nginx_modules_http_upload_progress? ( ${HTTP_UPLOAD_PROGRESS_MODULE_URI} -> ${HTTP_UPLOAD_PROGRESS_MODULE_P}.tar.gz ) - nginx_modules_http_headers_more? ( ${HTTP_HEADERS_MORE_MODULE_URI} -> ${HTTP_HEADERS_MORE_MODULE_P}.tar.gz ) - nginx_modules_http_cache_purge? ( ${HTTP_CACHE_PURGE_MODULE_URI} -> ${HTTP_CACHE_PURGE_MODULE_P}.tar.gz ) - nginx_modules_http_slowfs_cache? ( ${HTTP_SLOWFS_CACHE_MODULE_URI} -> ${HTTP_SLOWFS_CACHE_MODULE_P}.tar.gz ) - nginx_modules_http_fancyindex? ( ${HTTP_FANCYINDEX_MODULE_URI} -> ${HTTP_FANCYINDEX_MODULE_P}.tar.gz ) - nginx_modules_http_lua? ( ${HTTP_LUA_MODULE_URI} -> ${HTTP_LUA_MODULE_P}.tar.gz ) - nginx_modules_http_auth_pam? ( ${HTTP_AUTH_PAM_MODULE_URI} -> ${HTTP_AUTH_PAM_MODULE_P}.tar.gz ) - nginx_modules_http_upstream_check? ( ${HTTP_UPSTREAM_CHECK_MODULE_URI} -> ${HTTP_UPSTREAM_CHECK_MODULE_P}.tar.gz ) - nginx_modules_http_metrics? ( ${HTTP_METRICS_MODULE_URI} -> ${HTTP_METRICS_MODULE_P}.tar.gz ) - nginx_modules_http_naxsi? ( ${HTTP_NAXSI_MODULE_URI} -> ${HTTP_NAXSI_MODULE_P}.tar.gz ) - rtmp? ( ${RTMP_MODULE_URI} -> ${RTMP_MODULE_P}.tar.gz ) - nginx_modules_http_dav_ext? ( ${HTTP_DAV_EXT_MODULE_URI} -> ${HTTP_DAV_EXT_MODULE_P}.tar.gz ) - nginx_modules_http_echo? ( ${HTTP_ECHO_MODULE_URI} -> ${HTTP_ECHO_MODULE_P}.tar.gz ) - nginx_modules_http_security? ( ${HTTP_SECURITY_MODULE_URI} -> ${HTTP_SECURITY_MODULE_P}.tar.gz ) - nginx_modules_http_push_stream? ( ${HTTP_PUSH_STREAM_MODULE_URI} -> ${HTTP_PUSH_STREAM_MODULE_P}.tar.gz ) - nginx_modules_http_sticky? ( ${HTTP_STICKY_MODULE_URI} -> ${HTTP_STICKY_MODULE_P}.tar.bz2 ) - nginx_modules_http_mogilefs? ( ${HTTP_MOGILEFS_MODULE_URI} -> ${HTTP_MOGILEFS_MODULE_P}.tar.gz ) - nginx_modules_http_memc? ( ${HTTP_MEMC_MODULE_URI} -> ${HTTP_MEMC_MODULE_P}.tar.gz ) - nginx_modules_http_auth_ldap? ( ${HTTP_LDAP_MODULE_URI} -> ${HTTP_LDAP_MODULE_P}.tar.gz )" - -LICENSE="BSD-2 BSD SSLeay MIT GPL-2 GPL-2+ - nginx_modules_http_security? ( Apache-2.0 ) - nginx_modules_http_push_stream? ( GPL-3 )" - -SLOT="0" -KEYWORDS="amd64 ~arm ~arm64 ~ppc x86 ~x86-fbsd ~amd64-linux ~x86-linux" - -# Package doesn't provide a real test suite -RESTRICT="test" - -NGINX_MODULES_STD="access auth_basic autoindex browser charset empty_gif - fastcgi geo gzip limit_req limit_conn map memcached proxy referer - rewrite scgi ssi split_clients upstream_hash upstream_ip_hash - upstream_keepalive upstream_least_conn upstream_zone userid uwsgi" -NGINX_MODULES_OPT="addition auth_request dav degradation flv geoip gunzip - gzip_static image_filter mp4 perl random_index realip secure_link - slice stub_status sub xslt" -NGINX_MODULES_STREAM_STD="access geo limit_conn map return split_clients - upstream_hash upstream_least_conn upstream_zone" -NGINX_MODULES_STREAM_OPT="geoip realip ssl_preread" -NGINX_MODULES_MAIL="imap pop3 smtp" -NGINX_MODULES_3RD=" - http_upload_progress - http_headers_more - http_cache_purge - http_slowfs_cache - http_fancyindex - http_lua - http_auth_pam - http_upstream_check - http_metrics - http_naxsi - http_dav_ext - http_echo - http_security - http_push_stream - http_sticky - http_mogilefs - http_memc - http_auth_ldap" - -IUSE="aio debug +http +http2 +http-cache +ipv6 libatomic libressl luajit +pcre - pcre-jit rtmp selinux ssl threads userland_GNU vim-syntax" - -for mod in $NGINX_MODULES_STD; do - IUSE="${IUSE} +nginx_modules_http_${mod}" -done - -for mod in $NGINX_MODULES_OPT; do - IUSE="${IUSE} nginx_modules_http_${mod}" -done - -for mod in $NGINX_MODULES_STREAM_STD; do - IUSE="${IUSE} nginx_modules_stream_${mod}" -done - -for mod in $NGINX_MODULES_STREAM_OPT; do - IUSE="${IUSE} nginx_modules_stream_${mod}" -done - -for mod in $NGINX_MODULES_MAIL; do - IUSE="${IUSE} nginx_modules_mail_${mod}" -done - -for mod in $NGINX_MODULES_3RD; do - IUSE="${IUSE} nginx_modules_${mod}" -done - -# Add so we can warn users updating about config changes -# @TODO: jbergstroem: remove on next release series -IUSE="${IUSE} nginx_modules_http_spdy" - -CDEPEND=" - pcre? ( dev-libs/libpcre:= ) - pcre-jit? ( dev-libs/libpcre:=[jit] ) - ssl? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:= ) - ) - http2? ( - !libressl? ( >=dev-libs/openssl-1.0.1c:0= ) - libressl? ( dev-libs/libressl:= ) - ) - http-cache? ( - userland_GNU? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:= ) - ) - ) - nginx_modules_http_geoip? ( dev-libs/geoip ) - nginx_modules_http_gunzip? ( sys-libs/zlib ) - nginx_modules_http_gzip? ( sys-libs/zlib ) - nginx_modules_http_gzip_static? ( sys-libs/zlib ) - nginx_modules_http_image_filter? ( media-libs/gd:=[jpeg,png] ) - nginx_modules_http_perl? ( >=dev-lang/perl-5.8:= ) - nginx_modules_http_rewrite? ( dev-libs/libpcre:= ) - nginx_modules_http_secure_link? ( - userland_GNU? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:= ) - ) - ) - nginx_modules_http_xslt? ( dev-libs/libxml2:= dev-libs/libxslt ) - nginx_modules_http_lua? ( !luajit? ( dev-lang/lua:0= ) luajit? ( dev-lang/luajit:2= ) ) - nginx_modules_http_auth_pam? ( virtual/pam ) - nginx_modules_http_metrics? ( dev-libs/yajl:= ) - nginx_modules_http_dav_ext? ( dev-libs/expat ) - nginx_modules_http_security? ( - dev-libs/apr:= - dev-libs/apr-util:= - dev-libs/libxml2:= - net-misc/curl - www-servers/apache - ) - nginx_modules_http_auth_ldap? ( net-nds/openldap[ssl?] )" -RDEPEND="${CDEPEND} - selinux? ( sec-policy/selinux-nginx ) - !www-servers/nginx:mainline" -DEPEND="${CDEPEND} - nginx_modules_http_security? ( ${AUTOTOOLS_DEPEND} ) - arm? ( dev-libs/libatomic_ops ) - libatomic? ( dev-libs/libatomic_ops )" -PDEPEND="vim-syntax? ( app-vim/nginx-syntax )" - -REQUIRED_USE="pcre-jit? ( pcre ) - nginx_modules_http_lua? ( nginx_modules_http_rewrite ) - nginx_modules_http_naxsi? ( pcre ) - nginx_modules_http_dav_ext? ( nginx_modules_http_dav ) - nginx_modules_http_metrics? ( nginx_modules_http_stub_status ) - nginx_modules_http_security? ( pcre ) - nginx_modules_http_push_stream? ( ssl )" - -pkg_setup() { - NGINX_HOME="/var/lib/nginx" - NGINX_HOME_TMP="${NGINX_HOME}/tmp" - - ebegin "Creating nginx user and group" - enewgroup ${PN} - enewuser ${PN} -1 -1 "${NGINX_HOME}" ${PN} - eend $? - - if use libatomic; then - ewarn "GCC 4.1+ features built-in atomic operations." - ewarn "Using libatomic_ops is only needed if using" - ewarn "a different compiler or a GCC prior to 4.1" - fi - - if [[ -n $NGINX_ADD_MODULES ]]; then - ewarn "You are building custom modules via \$NGINX_ADD_MODULES!" - ewarn "This nginx installation is not supported!" - ewarn "Make sure you can reproduce the bug without those modules" - ewarn "_before_ reporting bugs." - fi - - if use !http; then - ewarn "To actually disable all http-functionality you also have to disable" - ewarn "all nginx http modules." - fi - - if use nginx_modules_http_mogilefs && use threads; then - eerror "mogilefs won't compile with threads support." - eerror "Please disable either flag and try again." - die "Can't compile mogilefs with threads support" - fi -} - -src_prepare() { - eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch" - eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch" - - if use nginx_modules_http_upstream_check; then - #eapply -p0 "${HTTP_UPSTREAM_CHECK_MODULE_WD}"/check_1.11.1+.patch - eapply -p0 "${FILESDIR}"/http_upstream_check-nginx-1.11.5+.patch - fi - - if use nginx_modules_http_cache_purge; then - cd "${HTTP_CACHE_PURGE_MODULE_WD}" || die - eapply "${FILESDIR}"/http_cache_purge-1.11.6+.patch - cd "${S}" || die - fi - - if use nginx_modules_http_security; then - cd "${HTTP_SECURITY_MODULE_WD}" || die - - eautoreconf - - if use luajit ; then - sed -i \ - -e 's|^\(LUA_PKGNAMES\)=.*|\1="luajit"|' \ - configure || die - fi - - cd "${S}" || die - fi - - if use nginx_modules_http_upload_progress; then - cd "${HTTP_UPLOAD_PROGRESS_MODULE_WD}" || die - eapply "${FILESDIR}"/http_uploadprogress-issue_50-r1.patch - cd "${S}" || die - fi - - find auto/ -type f -print0 | xargs -0 sed -i 's:\&\& make:\&\& \\$(MAKE):' || die - # We have config protection, don't rename etc files - sed -i 's:.default::' auto/install || die - # remove useless files - sed -i -e '/koi-/d' -e '/win-/d' auto/install || die - - # don't install to /etc/nginx/ if not in use - local module - for module in fastcgi scgi uwsgi ; do - if ! use nginx_modules_http_${module}; then - sed -i -e "/${module}/d" auto/install || die - fi - done - - eapply_user -} - -src_configure() { - # mod_security needs to generate nginx/modsecurity/config before including it - if use nginx_modules_http_security; then - cd "${HTTP_SECURITY_MODULE_WD}" || die - - ./configure \ - --enable-standalone-module \ - --disable-mlogc \ - --with-ssdeep=no \ - $(use_enable pcre-jit) \ - $(use_with nginx_modules_http_lua lua) || die "configure failed for mod_security" - - cd "${S}" || die - fi - - local myconf=() http_enabled= mail_enabled= stream_enabled= - - use aio && myconf+=( --with-file-aio ) - use debug && myconf+=( --with-debug ) - use http2 && myconf+=( --with-http_v2_module ) - use libatomic && myconf+=( --with-libatomic ) - use pcre && myconf+=( --with-pcre ) - use pcre-jit && myconf+=( --with-pcre-jit ) - use threads && myconf+=( --with-threads ) - - # HTTP modules - for mod in $NGINX_MODULES_STD; do - if use nginx_modules_http_${mod}; then - http_enabled=1 - else - myconf+=( --without-http_${mod}_module ) - fi - done - - for mod in $NGINX_MODULES_OPT; do - if use nginx_modules_http_${mod}; then - http_enabled=1 - myconf+=( --with-http_${mod}_module ) - fi - done - - if use nginx_modules_http_fastcgi; then - myconf+=( --with-http_realip_module ) - fi - - # third-party modules - if use nginx_modules_http_upload_progress; then - http_enabled=1 - myconf+=( --add-module=${HTTP_UPLOAD_PROGRESS_MODULE_WD} ) - fi - - if use nginx_modules_http_headers_more; then - http_enabled=1 - myconf+=( --add-module=${HTTP_HEADERS_MORE_MODULE_WD} ) - fi - - if use nginx_modules_http_cache_purge; then - http_enabled=1 - myconf+=( --add-module=${HTTP_CACHE_PURGE_MODULE_WD} ) - fi - - if use nginx_modules_http_slowfs_cache; then - http_enabled=1 - myconf+=( --add-module=${HTTP_SLOWFS_CACHE_MODULE_WD} ) - fi - - if use nginx_modules_http_fancyindex; then - http_enabled=1 - myconf+=( --add-module=${HTTP_FANCYINDEX_MODULE_WD} ) - fi - - if use nginx_modules_http_lua; then - http_enabled=1 - if use luajit; then - export LUAJIT_LIB=$(pkg-config --variable libdir luajit) - export LUAJIT_INC=$(pkg-config --variable includedir luajit) - else - export LUA_LIB=$(pkg-config --variable libdir lua) - export LUA_INC=$(pkg-config --variable includedir lua) - fi - myconf+=( --add-module=${DEVEL_KIT_MODULE_WD} ) - myconf+=( --add-module=${HTTP_LUA_MODULE_WD} ) - fi - - if use nginx_modules_http_auth_pam; then - http_enabled=1 - myconf+=( --add-module=${HTTP_AUTH_PAM_MODULE_WD} ) - fi - - if use nginx_modules_http_upstream_check; then - http_enabled=1 - myconf+=( --add-module=${HTTP_UPSTREAM_CHECK_MODULE_WD} ) - fi - - if use nginx_modules_http_metrics; then - http_enabled=1 - myconf+=( --add-module=${HTTP_METRICS_MODULE_WD} ) - fi - - if use nginx_modules_http_naxsi ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_NAXSI_MODULE_WD} ) - fi - - if use rtmp ; then - http_enabled=1 - myconf+=( --add-module=${RTMP_MODULE_WD} ) - fi - - if use nginx_modules_http_dav_ext ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_DAV_EXT_MODULE_WD} ) - fi - - if use nginx_modules_http_echo ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_ECHO_MODULE_WD} ) - fi - - if use nginx_modules_http_security ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_SECURITY_MODULE_WD}/nginx/modsecurity ) - fi - - if use nginx_modules_http_push_stream ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_PUSH_STREAM_MODULE_WD} ) - fi - - if use nginx_modules_http_sticky ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_STICKY_MODULE_WD} ) - fi - - if use nginx_modules_http_mogilefs ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_MOGILEFS_MODULE_WD} ) - fi - - if use nginx_modules_http_memc ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_MEMC_MODULE_WD} ) - fi - - if use nginx_modules_http_auth_ldap; then - http_enabled=1 - myconf+=( --add-module=${HTTP_LDAP_MODULE_WD} ) - fi - - if use http || use http-cache || use http2; then - http_enabled=1 - fi - - if [ $http_enabled ]; then - use http-cache || myconf+=( --without-http-cache ) - use ssl && myconf+=( --with-http_ssl_module ) - else - myconf+=( --without-http --without-http-cache ) - fi - - # Stream modules - for mod in $NGINX_MODULES_STREAM_STD; do - if use nginx_modules_stream_${mod}; then - stream_enabled=1 - else - myconf+=( --without-stream_${mod}_module ) - fi - done - - for mod in $NGINX_MODULES_STREAM_OPT; do - if use nginx_modules_stream_${mod}; then - stream_enabled=1 - myconf+=( --with-stream_${mod}_module ) - fi - done - - if [ $stream_enabled ]; then - myconf+=( --with-stream ) - use ssl && myconf+=( --with-stream_ssl_module ) - fi - - # MAIL modules - for mod in $NGINX_MODULES_MAIL; do - if use nginx_modules_mail_${mod}; then - mail_enabled=1 - else - myconf+=( --without-mail_${mod}_module ) - fi - done - - if [ $mail_enabled ]; then - myconf+=( --with-mail ) - use ssl && myconf+=( --with-mail_ssl_module ) - fi - - # custom modules - for mod in $NGINX_ADD_MODULES; do - myconf+=( --add-module=${mod} ) - done - - # https://bugs.gentoo.org/286772 - export LANG=C LC_ALL=C - tc-export CC - - if ! use prefix; then - myconf+=( --user=${PN} ) - myconf+=( --group=${PN} ) - fi - - local WITHOUT_IPV6= - if ! use ipv6; then - WITHOUT_IPV6=" -DNGX_HAVE_INET6=0" - fi - - ./configure \ - --prefix="${EPREFIX}"/usr \ - --conf-path="${EPREFIX}"/etc/${PN}/${PN}.conf \ - --error-log-path="${EPREFIX}"/var/log/${PN}/error_log \ - --pid-path="${EPREFIX}"/run/${PN}.pid \ - --lock-path="${EPREFIX}"/run/lock/${PN}.lock \ - --with-cc-opt="-I${EROOT}usr/include${WITHOUT_IPV6}" \ - --with-ld-opt="-L${EROOT}usr/$(get_libdir)" \ - --http-log-path="${EPREFIX}"/var/log/${PN}/access_log \ - --http-client-body-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/client \ - --http-proxy-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/proxy \ - --http-fastcgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/fastcgi \ - --http-scgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/scgi \ - --http-uwsgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/uwsgi \ - --with-compat \ - "${myconf[@]}" || die "configure failed" - - # A purely cosmetic change that makes nginx -V more readable. This can be - # good if people outside the gentoo community would troubleshoot and - # question the users setup. - sed -i -e "s|${WORKDIR}|external_module|g" objs/ngx_auto_config.h || die -} - -src_compile() { - use nginx_modules_http_security && emake -C "${HTTP_SECURITY_MODULE_WD}" - - # https://bugs.gentoo.org/286772 - export LANG=C LC_ALL=C - emake LINK="${CC} ${LDFLAGS}" OTHERLDFLAGS="${LDFLAGS}" -} - -src_install() { - emake DESTDIR="${D%/}" install - - cp "${FILESDIR}"/nginx.conf-r2 "${ED}"etc/nginx/nginx.conf || die - - newinitd "${FILESDIR}"/nginx.initd-r4 nginx - newconfd "${FILESDIR}"/nginx.confd nginx - - systemd_newunit "${FILESDIR}"/nginx.service-r1 nginx.service - - doman man/nginx.8 - dodoc CHANGES* README - - # just keepdir. do not copy the default htdocs files (bug #449136) - keepdir /var/www/localhost - rm -rf "${D}"usr/html || die - - # set up a list of directories to keep - local keepdir_list="${NGINX_HOME_TMP}"/client - local module - for module in proxy fastcgi scgi uwsgi; do - use nginx_modules_http_${module} && keepdir_list+=" ${NGINX_HOME_TMP}/${module}" - done - - keepdir /var/log/nginx ${keepdir_list} - - # this solves a problem with SELinux where nginx doesn't see the directories - # as root and tries to create them as nginx - fperms 0750 "${NGINX_HOME_TMP}" - fowners ${PN}:0 "${NGINX_HOME_TMP}" - - fperms 0700 ${keepdir_list} - fowners ${PN}:${PN} ${keepdir_list} - - fperms 0710 /var/log/nginx - fowners 0:${PN} /var/log/nginx - - # logrotate - insinto /etc/logrotate.d - newins "${FILESDIR}"/nginx.logrotate-r1 nginx - - if use nginx_modules_http_perl; then - cd "${S}"/objs/src/http/modules/perl/ || die - emake DESTDIR="${D}" INSTALLDIRS=vendor - perl_delete_localpod - cd "${S}" || die - fi - - if use nginx_modules_http_cache_purge; then - docinto ${HTTP_CACHE_PURGE_MODULE_P} - dodoc "${HTTP_CACHE_PURGE_MODULE_WD}"/{CHANGES,README.md,TODO.md} - fi - - if use nginx_modules_http_slowfs_cache; then - docinto ${HTTP_SLOWFS_CACHE_MODULE_P} - dodoc "${HTTP_SLOWFS_CACHE_MODULE_WD}"/{CHANGES,README.md} - fi - - if use nginx_modules_http_fancyindex; then - docinto ${HTTP_FANCYINDEX_MODULE_P} - dodoc "${HTTP_FANCYINDEX_MODULE_WD}"/README.rst - fi - - if use nginx_modules_http_lua; then - docinto ${HTTP_LUA_MODULE_P} - dodoc "${HTTP_LUA_MODULE_WD}"/README.markdown - fi - - if use nginx_modules_http_auth_pam; then - docinto ${HTTP_AUTH_PAM_MODULE_P} - dodoc "${HTTP_AUTH_PAM_MODULE_WD}"/{README.md,ChangeLog} - fi - - if use nginx_modules_http_upstream_check; then - docinto ${HTTP_UPSTREAM_CHECK_MODULE_P} - dodoc "${HTTP_UPSTREAM_CHECK_MODULE_WD}"/{README,CHANGES} - fi - - if use nginx_modules_http_naxsi; then - insinto /etc/nginx - doins "${HTTP_NAXSI_MODULE_WD}"/../naxsi_config/naxsi_core.rules - fi - - if use rtmp; then - docinto ${RTMP_MODULE_P} - dodoc "${RTMP_MODULE_WD}"/{AUTHORS,README.md,stat.xsl} - fi - - if use nginx_modules_http_dav_ext; then - docinto ${HTTP_DAV_EXT_MODULE_P} - dodoc "${HTTP_DAV_EXT_MODULE_WD}"/README.rst - fi - - if use nginx_modules_http_echo; then - docinto ${HTTP_ECHO_MODULE_P} - dodoc "${HTTP_ECHO_MODULE_WD}"/README.markdown - fi - - if use nginx_modules_http_security; then - docinto ${HTTP_SECURITY_MODULE_P} - dodoc "${HTTP_SECURITY_MODULE_WD}"/{CHANGES,README.TXT,authors.txt} - fi - - if use nginx_modules_http_push_stream; then - docinto ${HTTP_PUSH_STREAM_MODULE_P} - dodoc "${HTTP_PUSH_STREAM_MODULE_WD}"/{AUTHORS,CHANGELOG.textile,README.textile} - fi - - if use nginx_modules_http_sticky; then - docinto ${HTTP_STICKY_MODULE_P} - dodoc "${HTTP_STICKY_MODULE_WD}"/{README.md,Changelog.txt,docs/sticky.pdf} - fi - - if use nginx_modules_http_memc; then - docinto ${HTTP_MEMC_MODULE_P} - dodoc "${HTTP_MEMC_MODULE_WD}"/README.markdown - fi - - if use nginx_modules_http_auth_ldap; then - docinto ${HTTP_LDAP_MODULE_P} - dodoc "${HTTP_LDAP_MODULE_WD}"/example.conf - fi -} - -pkg_postinst() { - if use ssl; then - if [[ ! -f "${EROOT}"etc/ssl/${PN}/${PN}.key ]]; then - install_cert /etc/ssl/${PN}/${PN} - use prefix || chown ${PN}:${PN} "${EROOT}"etc/ssl/${PN}/${PN}.{crt,csr,key,pem} - fi - fi - - if use nginx_modules_http_spdy; then - ewarn "" - ewarn "In nginx 1.9.5 the spdy module was superseded by http2." - ewarn "Update your configs and package.use accordingly." - fi - - if use nginx_modules_http_lua; then - ewarn "" - ewarn "While you can build lua 3rd party module against ${P}" - ewarn "the author warns that >=${PN}-1.11.11 is still not an" - ewarn "officially supported target yet. You are on your own." - ewarn "Expect runtime failures, memory leaks and other problems!" - fi - - if use nginx_modules_http_lua && use http2; then - ewarn "" - ewarn "Lua 3rd party module author warns against using ${P} with" - ewarn "NGINX_MODULES_HTTP=\"lua http2\". For more info, see http://git.io/OldLsg" - fi - - local _n_permission_layout_checks=0 - local _has_to_adjust_permissions=0 - local _has_to_show_permission_warning=0 - - # Defaults to 1 to inform people doing a fresh installation - # that we ship modified {scgi,uwsgi,fastcgi}_params files - local _has_to_show_httpoxy_mitigation_notice=1 - - local _replacing_version= - for _replacing_version in ${REPLACING_VERSIONS}; do - _n_permission_layout_checks=$((${_n_permission_layout_checks}+1)) - - if [[ ${_n_permission_layout_checks} -gt 1 ]]; then - # Should never happen: - # Package is abusing slots but doesn't allow multiple parallel installations. - # If we run into this situation it is unsafe to automatically adjust any - # permission... - _has_to_show_permission_warning=1 - - ewarn "Replacing multiple ${PN}' versions is unsupported! " \ - "You will have to adjust permissions on your own." - - break - fi - - local _replacing_version_branch=$(get_version_component_range 1-2 "${_replacing_version}") - debug-print "Updating an existing installation (v${_replacing_version}; branch '${_replacing_version_branch}') ..." - - # Do we need to adjust permissions to fix CVE-2013-0337 (bug #458726, #469094)? - # This was before we introduced multiple nginx versions so we - # do not need to distinguish between stable and mainline - local _need_to_fix_CVE2013_0337=1 - - if version_is_at_least "1.4.1-r2" "${_replacing_version}"; then - # We are updating an installation which should already be fixed - _need_to_fix_CVE2013_0337=0 - debug-print "Skipping CVE-2013-0337 ... existing installation should not be affected!" - else - _has_to_adjust_permissions=1 - debug-print "Need to adjust permissions to fix CVE-2013-0337!" - fi - - # Do we need to inform about HTTPoxy mitigation? - # In repository since commit 8be44f76d4ac02cebcd1e0e6e6284bb72d054b0f - if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then - # Updating from <1.10 - _has_to_show_httpoxy_mitigation_notice=1 - debug-print "Need to inform about HTTPoxy mitigation!" - else - # Updating from >=1.10 - local _fixed_in_pvr= - case "${_replacing_version_branch}" in - "1.10") - _fixed_in_pvr="1.10.1-r2" - ;; - "1.11") - _fixed_in_pvr="1.11.3-r1" - ;; - *) - # This should be any future branch. - # If we run this code it is safe to assume that the user has - # already seen the HTTPoxy mitigation notice because he/she is doing - # an update from previous version where we have already shown - # the warning. Otherwise, we wouldn't hit this code path ... - _fixed_in_pvr= - esac - - if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then - # We are updating an installation where we already informed - # that we are mitigating HTTPoxy per default - _has_to_show_httpoxy_mitigation_notice=0 - debug-print "No need to inform about HTTPoxy mitigation ... information was already shown for existing installation!" - else - _has_to_show_httpoxy_mitigation_notice=1 - debug-print "Need to inform about HTTPoxy mitigation!" - fi - fi - - # Do we need to adjust permissions to fix CVE-2016-1247 (bug #605008)? - # All branches up to 1.11 are affected - local _need_to_fix_CVE2016_1247=1 - - if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then - # Updating from <1.10 - _has_to_adjust_permissions=1 - debug-print "Need to adjust permissions to fix CVE-2016-1247!" - else - # Updating from >=1.10 - local _fixed_in_pvr= - case "${_replacing_version_branch}" in - "1.10") - _fixed_in_pvr="1.10.2-r3" - ;; - "1.11") - _fixed_in_pvr="1.11.6-r1" - ;; - *) - # This should be any future branch. - # If we run this code it is safe to assume that we have already - # adjusted permissions or were never affected because user is - # doing an update from previous version which was safe or did - # the adjustments. Otherwise, we wouldn't hit this code path ... - _fixed_in_pvr= - esac - - if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then - # We are updating an installation which should already be adjusted - # or which was never affected - _need_to_fix_CVE2016_1247=0 - debug-print "Skipping CVE-2016-1247 ... existing installation should not be affected!" - else - _has_to_adjust_permissions=1 - debug-print "Need to adjust permissions to fix CVE-2016-1247!" - fi - fi - done - - if [[ ${_has_to_adjust_permissions} -eq 1 ]]; then - # We do not DIE when chmod/chown commands are failing because - # package is already merged on user's system at this stage - # and we cannot retry without losing the information that - # the existing installation needs to adjust permissions. - # Instead we are going to a show a big warning ... - - if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2013_0337} -eq 1 ]]; then - ewarn "" - ewarn "The world-readable bit (if set) has been removed from the" - ewarn "following directories to mitigate a security bug" - ewarn "(CVE-2013-0337, bug #458726):" - ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" - ewarn " ${EPREFIX%/}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}" - ewarn "" - ewarn "Check if this is correct for your setup before restarting nginx!" - ewarn "This is a one-time change and will not happen on subsequent updates." - ewarn "Furthermore nginx' temp directories got moved to '${EPREFIX%/}${NGINX_HOME_TMP}'" - chmod o-rwx \ - "${EPREFIX%/}"/var/log/nginx \ - "${EPREFIX%/}"${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi} || \ - _has_to_show_permission_warning=1 - fi - - if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2016_1247} -eq 1 ]]; then - ewarn "" - ewarn "The permissions on the following directory have been reset in" - ewarn "order to mitigate a security bug (CVE-2016-1247, bug #605008):" - ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" - ewarn "" - ewarn "Check if this is correct for your setup before restarting nginx!" - ewarn "Also ensure that no other log directory used by any of your" - ewarn "vhost(s) is not writeable for nginx user. Any of your log files" - ewarn "used by nginx can be abused to escalate privileges!" - ewarn "This is a one-time change and will not happen on subsequent updates." - chown 0:nginx "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 - chmod 710 "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 - fi - - if [[ ${_has_to_show_permission_warning} -eq 1 ]]; then - # Should never happen ... - ewarn "" - ewarn "*************************************************************" - ewarn "*************** W A R N I N G ***************" - ewarn "*************************************************************" - ewarn "The one-time only attempt to adjust permissions of the" - ewarn "existing nginx installation failed. Be aware that we will not" - ewarn "try to adjust the same permissions again because now you are" - ewarn "using a nginx version where we expect that the permissions" - ewarn "are already adjusted or that you know what you are doing and" - ewarn "want to keep custom permissions." - ewarn "" - fi - fi - - # Sanity check for CVE-2016-1247 - # Required to warn users who received the warning above and thought - # they could fix it by unmerging and re-merging the package or have - # unmerged a affected installation on purpose in the past leaving - # /var/log/nginx on their system due to keepdir/non-empty folder - # and are now installing the package again. - local _sanity_check_testfile=$(mktemp --dry-run "${EPREFIX%/}"/var/log/nginx/.CVE-2016-1247.XXXXXXXXX) - su -s /bin/sh -c "touch ${_sanity_check_testfile}" nginx >&/dev/null - if [ $? -eq 0 ] ; then - # Cleanup -- no reason to die here! - rm -f "${_sanity_check_testfile}" - - ewarn "" - ewarn "*************************************************************" - ewarn "*************** W A R N I N G ***************" - ewarn "*************************************************************" - ewarn "Looks like your installation is vulnerable to CVE-2016-1247" - ewarn "(bug #605008) because nginx user is able to create files in" - ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" - ewarn "" - ewarn "Also ensure that no other log directory used by any of your" - ewarn "vhost(s) is not writeable for nginx user. Any of your log files" - ewarn "used by nginx can be abused to escalate privileges!" - fi - - if [[ ${_has_to_show_httpoxy_mitigation_notice} -eq 1 ]]; then - # HTTPoxy mitigation - ewarn "" - ewarn "This nginx installation comes with a mitigation for the HTTPoxy" - ewarn "vulnerability for FastCGI, SCGI and uWSGI applications by setting" - ewarn "the HTTP_PROXY parameter to an empty string per default when you" - ewarn "are sourcing one of the default" - ewarn "" - ewarn " - 'fastcgi_params' or 'fastcgi.conf'" - ewarn " - 'scgi_params'" - ewarn " - 'uwsgi_params'" - ewarn "" - ewarn "files in your server block(s)." - ewarn "" - ewarn "If this is causing any problems for you make sure that you are sourcing the" - ewarn "default parameters _before_ you set your own values." - ewarn "If you are relying on user-supplied proxy values you have to remove the" - ewarn "correlating lines from the file(s) mentioned above." - ewarn "" - fi -} diff --git a/www-servers/nginx/nginx-1.14.0-r2.ebuild b/www-servers/nginx/nginx-1.14.0-r2.ebuild deleted file mode 100644 index a4c3f22ec716..000000000000 --- a/www-servers/nginx/nginx-1.14.0-r2.ebuild +++ /dev/null @@ -1,1079 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -# Maintainer notes: -# - http_rewrite-independent pcre-support makes sense for matching locations without an actual rewrite -# - any http-module activates the main http-functionality and overrides USE=-http -# - keep the following requirements in mind before adding external modules: -# * alive upstream -# * sane packaging -# * builds cleanly -# * does not need a patch for nginx core -# - TODO: test the google-perftools module (included in vanilla tarball) - -# prevent perl-module from adding automagic perl DEPENDs -GENTOO_DEPEND_ON_PERL="no" - -# devel_kit (https://github.com/simpl/ngx_devel_kit, BSD license) -DEVEL_KIT_MODULE_PV="0.3.0" -DEVEL_KIT_MODULE_P="ngx_devel_kit-${DEVEL_KIT_MODULE_PV}-r1" -DEVEL_KIT_MODULE_URI="https://github.com/simpl/ngx_devel_kit/archive/v${DEVEL_KIT_MODULE_PV}.tar.gz" -DEVEL_KIT_MODULE_WD="${WORKDIR}/ngx_devel_kit-${DEVEL_KIT_MODULE_PV}" - -# ngx_brotli (https://github.com/eustas/ngx_brotli, BSD-2) -HTTP_BROTLI_MODULE_PV="0.1.2" -HTTP_BROTLI_MODULE_P="ngx_brotli-${HTTP_BROTLI_MODULE_PV}" -HTTP_BROTLI_MODULE_URI="https://github.com/eustas/ngx_brotli/archive/v${HTTP_BROTLI_MODULE_PV}.tar.gz" -HTTP_BROTLI_MODULE_WD="${WORKDIR}/ngx_brotli-${HTTP_BROTLI_MODULE_PV}" - -# http_uploadprogress (https://github.com/masterzen/nginx-upload-progress-module, BSD-2 license) -HTTP_UPLOAD_PROGRESS_MODULE_PV="0.9.2" -HTTP_UPLOAD_PROGRESS_MODULE_P="ngx_http_upload_progress-${HTTP_UPLOAD_PROGRESS_MODULE_PV}-r1" -HTTP_UPLOAD_PROGRESS_MODULE_URI="https://github.com/masterzen/nginx-upload-progress-module/archive/v${HTTP_UPLOAD_PROGRESS_MODULE_PV}.tar.gz" -HTTP_UPLOAD_PROGRESS_MODULE_WD="${WORKDIR}/nginx-upload-progress-module-${HTTP_UPLOAD_PROGRESS_MODULE_PV}" - -# http_headers_more (https://github.com/agentzh/headers-more-nginx-module, BSD license) -HTTP_HEADERS_MORE_MODULE_PV="0.33" -HTTP_HEADERS_MORE_MODULE_P="ngx_http_headers_more-${HTTP_HEADERS_MORE_MODULE_PV}" -HTTP_HEADERS_MORE_MODULE_URI="https://github.com/agentzh/headers-more-nginx-module/archive/v${HTTP_HEADERS_MORE_MODULE_PV}.tar.gz" -HTTP_HEADERS_MORE_MODULE_WD="${WORKDIR}/headers-more-nginx-module-${HTTP_HEADERS_MORE_MODULE_PV}" - -# http_cache_purge (http://labs.frickle.com/nginx_ngx_cache_purge/, https://github.com/FRiCKLE/ngx_cache_purge, BSD-2 license) -HTTP_CACHE_PURGE_MODULE_PV="2.3" -HTTP_CACHE_PURGE_MODULE_P="ngx_http_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}" -HTTP_CACHE_PURGE_MODULE_URI="http://labs.frickle.com/files/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}.tar.gz" -HTTP_CACHE_PURGE_MODULE_WD="${WORKDIR}/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}" - -# http_slowfs_cache (http://labs.frickle.com/nginx_ngx_slowfs_cache/, BSD-2 license) -HTTP_SLOWFS_CACHE_MODULE_PV="1.10" -HTTP_SLOWFS_CACHE_MODULE_P="ngx_http_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}" -HTTP_SLOWFS_CACHE_MODULE_URI="http://labs.frickle.com/files/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}.tar.gz" -HTTP_SLOWFS_CACHE_MODULE_WD="${WORKDIR}/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}" - -# http_fancyindex (https://github.com/aperezdc/ngx-fancyindex, BSD license) -HTTP_FANCYINDEX_MODULE_PV="0.4.3" -HTTP_FANCYINDEX_MODULE_P="ngx_http_fancyindex-${HTTP_FANCYINDEX_MODULE_PV}" -HTTP_FANCYINDEX_MODULE_URI="https://github.com/aperezdc/ngx-fancyindex/archive/v${HTTP_FANCYINDEX_MODULE_PV}.tar.gz" -HTTP_FANCYINDEX_MODULE_WD="${WORKDIR}/ngx-fancyindex-${HTTP_FANCYINDEX_MODULE_PV}" - -# http_lua (https://github.com/openresty/lua-nginx-module, BSD license) -HTTP_LUA_MODULE_PV="0.10.13" -HTTP_LUA_MODULE_P="ngx_http_lua-${HTTP_LUA_MODULE_PV}" -HTTP_LUA_MODULE_URI="https://github.com/openresty/lua-nginx-module/archive/v${HTTP_LUA_MODULE_PV}.tar.gz" -HTTP_LUA_MODULE_WD="${WORKDIR}/lua-nginx-module-${HTTP_LUA_MODULE_PV}" - -# http_auth_pam (https://github.com/stogh/ngx_http_auth_pam_module/, http://web.iti.upv.es/~sto/nginx/, BSD-2 license) -HTTP_AUTH_PAM_MODULE_PV="1.5.1" -HTTP_AUTH_PAM_MODULE_P="ngx_http_auth_pam-${HTTP_AUTH_PAM_MODULE_PV}" -HTTP_AUTH_PAM_MODULE_URI="https://github.com/stogh/ngx_http_auth_pam_module/archive/v${HTTP_AUTH_PAM_MODULE_PV}.tar.gz" -HTTP_AUTH_PAM_MODULE_WD="${WORKDIR}/ngx_http_auth_pam_module-${HTTP_AUTH_PAM_MODULE_PV}" - -# http_upstream_check (https://github.com/yaoweibin/nginx_upstream_check_module, BSD license) -HTTP_UPSTREAM_CHECK_MODULE_PV="9aecf15ec379fe98f62355c57b60c0bc83296f04" -HTTP_UPSTREAM_CHECK_MODULE_P="ngx_http_upstream_check-${HTTP_UPSTREAM_CHECK_MODULE_PV}" -HTTP_UPSTREAM_CHECK_MODULE_URI="https://github.com/yaoweibin/nginx_upstream_check_module/archive/${HTTP_UPSTREAM_CHECK_MODULE_PV}.tar.gz" -HTTP_UPSTREAM_CHECK_MODULE_WD="${WORKDIR}/nginx_upstream_check_module-${HTTP_UPSTREAM_CHECK_MODULE_PV}" - -# http_metrics (https://github.com/zenops/ngx_metrics, BSD license) -HTTP_METRICS_MODULE_PV="0.1.1" -HTTP_METRICS_MODULE_P="ngx_metrics-${HTTP_METRICS_MODULE_PV}" -HTTP_METRICS_MODULE_URI="https://github.com/madvertise/ngx_metrics/archive/v${HTTP_METRICS_MODULE_PV}.tar.gz" -HTTP_METRICS_MODULE_WD="${WORKDIR}/ngx_metrics-${HTTP_METRICS_MODULE_PV}" - -# http_vhost_traffic_status (https://github.com/vozlt/nginx-module-vts, BSD license) -HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV="0.1.18" -HTTP_VHOST_TRAFFIC_STATUS_MODULE_P="ngx_http_vhost_traffic_status-${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}" -HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI="https://github.com/vozlt/nginx-module-vts/archive/v${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}.tar.gz" -HTTP_VHOST_TRAFFIC_STATUS_MODULE_WD="${WORKDIR}/nginx-module-vts-${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}" - -# naxsi-core (https://github.com/nbs-system/naxsi, GPLv2+) -HTTP_NAXSI_MODULE_PV="0.56" -HTTP_NAXSI_MODULE_P="ngx_http_naxsi-${HTTP_NAXSI_MODULE_PV}" -HTTP_NAXSI_MODULE_URI="https://github.com/nbs-system/naxsi/archive/${HTTP_NAXSI_MODULE_PV}.tar.gz" -HTTP_NAXSI_MODULE_WD="${WORKDIR}/naxsi-${HTTP_NAXSI_MODULE_PV}/naxsi_src" - -# nginx-rtmp-module (https://github.com/arut/nginx-rtmp-module, BSD license) -RTMP_MODULE_PV="1.2.1" -RTMP_MODULE_P="ngx_rtmp-${RTMP_MODULE_PV}" -RTMP_MODULE_URI="https://github.com/arut/nginx-rtmp-module/archive/v${RTMP_MODULE_PV}.tar.gz" -RTMP_MODULE_WD="${WORKDIR}/nginx-rtmp-module-${RTMP_MODULE_PV}" - -# nginx-dav-ext-module (https://github.com/arut/nginx-dav-ext-module, BSD license) -HTTP_DAV_EXT_MODULE_PV="0.1.0" -HTTP_DAV_EXT_MODULE_P="ngx_http_dav_ext-${HTTP_DAV_EXT_MODULE_PV}" -HTTP_DAV_EXT_MODULE_URI="https://github.com/arut/nginx-dav-ext-module/archive/v${HTTP_DAV_EXT_MODULE_PV}.tar.gz" -HTTP_DAV_EXT_MODULE_WD="${WORKDIR}/nginx-dav-ext-module-${HTTP_DAV_EXT_MODULE_PV}" - -# echo-nginx-module (https://github.com/openresty/echo-nginx-module, BSD license) -HTTP_ECHO_MODULE_PV="0.61" -HTTP_ECHO_MODULE_P="ngx_http_echo-${HTTP_ECHO_MODULE_PV}" -HTTP_ECHO_MODULE_URI="https://github.com/openresty/echo-nginx-module/archive/v${HTTP_ECHO_MODULE_PV}.tar.gz" -HTTP_ECHO_MODULE_WD="${WORKDIR}/echo-nginx-module-${HTTP_ECHO_MODULE_PV}" - -# mod_security for nginx (https://modsecurity.org/, Apache-2.0) -# keep the MODULE_P here consistent with upstream to avoid tarball duplication -HTTP_SECURITY_MODULE_PV="2.9.2" -HTTP_SECURITY_MODULE_P="modsecurity-${HTTP_SECURITY_MODULE_PV}" -HTTP_SECURITY_MODULE_URI="https://www.modsecurity.org/tarball/${HTTP_SECURITY_MODULE_PV}/${HTTP_SECURITY_MODULE_P}.tar.gz" -HTTP_SECURITY_MODULE_WD="${WORKDIR}/${HTTP_SECURITY_MODULE_P}" - -# push-stream-module (http://www.nginxpushstream.com, https://github.com/wandenberg/nginx-push-stream-module, GPL-3) -HTTP_PUSH_STREAM_MODULE_PV="0.5.4" -HTTP_PUSH_STREAM_MODULE_P="ngx_http_push_stream-${HTTP_PUSH_STREAM_MODULE_PV}" -HTTP_PUSH_STREAM_MODULE_URI="https://github.com/wandenberg/nginx-push-stream-module/archive/${HTTP_PUSH_STREAM_MODULE_PV}.tar.gz" -HTTP_PUSH_STREAM_MODULE_WD="${WORKDIR}/nginx-push-stream-module-${HTTP_PUSH_STREAM_MODULE_PV}" - -# sticky-module (https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng, BSD-2) -HTTP_STICKY_MODULE_PV="1.2.6-10-g08a395c66e42" -HTTP_STICKY_MODULE_P="nginx_http_sticky_module_ng-${HTTP_STICKY_MODULE_PV}" -HTTP_STICKY_MODULE_URI="https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/${HTTP_STICKY_MODULE_PV}.tar.bz2" -HTTP_STICKY_MODULE_WD="${WORKDIR}/nginx-goodies-nginx-sticky-module-ng-08a395c66e42" - -# mogilefs-module (https://github.com/vkholodkov/nginx-mogilefs-module, BSD-2) -HTTP_MOGILEFS_MODULE_PV="1.0.4" -HTTP_MOGILEFS_MODULE_P="ngx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}" -HTTP_MOGILEFS_MODULE_URI="https://github.com/vkholodkov/nginx-mogilefs-module/archive/${HTTP_MOGILEFS_MODULE_PV}.tar.gz" -HTTP_MOGILEFS_MODULE_WD="${WORKDIR}/nginx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}" - -# memc-module (https://github.com/openresty/memc-nginx-module, BSD-2) -HTTP_MEMC_MODULE_PV="0.19" -HTTP_MEMC_MODULE_P="ngx_memc_module-${HTTP_MEMC_MODULE_PV}" -HTTP_MEMC_MODULE_URI="https://github.com/openresty/memc-nginx-module/archive/v${HTTP_MEMC_MODULE_PV}.tar.gz" -HTTP_MEMC_MODULE_WD="${WORKDIR}/memc-nginx-module-${HTTP_MEMC_MODULE_PV}" - -# nginx-ldap-auth-module (https://github.com/kvspb/nginx-auth-ldap, BSD-2) -HTTP_LDAP_MODULE_PV="42d195d7a7575ebab1c369ad3fc5d78dc2c2669c" -HTTP_LDAP_MODULE_P="nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}" -HTTP_LDAP_MODULE_URI="https://github.com/kvspb/nginx-auth-ldap/archive/${HTTP_LDAP_MODULE_PV}.tar.gz" -HTTP_LDAP_MODULE_WD="${WORKDIR}/nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}" - -# geoip2 (https://github.com/leev/ngx_http_geoip2_module, BSD-2) -GEOIP2_MODULE_PV="2.0" -GEOIP2_MODULE_P="ngx_http_geoip2_module-${GEOIP2_MODULE_PV}" -GEOIP2_MODULE_URI="https://github.com/leev/ngx_http_geoip2_module/archive/${GEOIP2_MODULE_PV}.tar.gz" -GEOIP2_MODULE_WD="${WORKDIR}/ngx_http_geoip2_module-${GEOIP2_MODULE_PV}" - -# njs-module (https://github.com/nginx/njs, as-is) -NJS_MODULE_PV="0.2.2" -NJS_MODULE_P="njs-${NJS_MODULE_PV}" -NJS_MODULE_URI="https://github.com/nginx/njs/archive/${NJS_MODULE_PV}.tar.gz" -NJS_MODULE_WD="${WORKDIR}/njs-${NJS_MODULE_PV}" - -# We handle deps below ourselves -SSL_DEPS_SKIP=1 -AUTOTOOLS_AUTO_DEPEND="no" - -inherit autotools ssl-cert toolchain-funcs perl-module flag-o-matic user systemd versionator multilib - -DESCRIPTION="Robust, small and high performance http and reverse proxy server" -HOMEPAGE="https://nginx.org" -SRC_URI="https://nginx.org/download/${P}.tar.gz - ${DEVEL_KIT_MODULE_URI} -> ${DEVEL_KIT_MODULE_P}.tar.gz - nginx_modules_http_auth_ldap? ( ${HTTP_LDAP_MODULE_URI} -> ${HTTP_LDAP_MODULE_P}.tar.gz ) - nginx_modules_http_auth_pam? ( ${HTTP_AUTH_PAM_MODULE_URI} -> ${HTTP_AUTH_PAM_MODULE_P}.tar.gz ) - nginx_modules_http_brotli? ( ${HTTP_BROTLI_MODULE_URI} -> ${HTTP_BROTLI_MODULE_P}.tar.gz ) - nginx_modules_http_cache_purge? ( ${HTTP_CACHE_PURGE_MODULE_URI} -> ${HTTP_CACHE_PURGE_MODULE_P}.tar.gz ) - nginx_modules_http_dav_ext? ( ${HTTP_DAV_EXT_MODULE_URI} -> ${HTTP_DAV_EXT_MODULE_P}.tar.gz ) - nginx_modules_http_echo? ( ${HTTP_ECHO_MODULE_URI} -> ${HTTP_ECHO_MODULE_P}.tar.gz ) - nginx_modules_http_fancyindex? ( ${HTTP_FANCYINDEX_MODULE_URI} -> ${HTTP_FANCYINDEX_MODULE_P}.tar.gz ) - nginx_modules_http_geoip2? ( ${GEOIP2_MODULE_URI} -> ${GEOIP2_MODULE_P}.tar.gz ) - nginx_modules_http_headers_more? ( ${HTTP_HEADERS_MORE_MODULE_URI} -> ${HTTP_HEADERS_MORE_MODULE_P}.tar.gz ) - nginx_modules_http_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz ) - nginx_modules_http_lua? ( ${HTTP_LUA_MODULE_URI} -> ${HTTP_LUA_MODULE_P}.tar.gz ) - nginx_modules_http_memc? ( ${HTTP_MEMC_MODULE_URI} -> ${HTTP_MEMC_MODULE_P}.tar.gz ) - nginx_modules_http_metrics? ( ${HTTP_METRICS_MODULE_URI} -> ${HTTP_METRICS_MODULE_P}.tar.gz ) - nginx_modules_http_mogilefs? ( ${HTTP_MOGILEFS_MODULE_URI} -> ${HTTP_MOGILEFS_MODULE_P}.tar.gz ) - nginx_modules_http_naxsi? ( ${HTTP_NAXSI_MODULE_URI} -> ${HTTP_NAXSI_MODULE_P}.tar.gz ) - nginx_modules_http_push_stream? ( ${HTTP_PUSH_STREAM_MODULE_URI} -> ${HTTP_PUSH_STREAM_MODULE_P}.tar.gz ) - nginx_modules_http_security? ( ${HTTP_SECURITY_MODULE_URI} -> ${HTTP_SECURITY_MODULE_P}.tar.gz ) - nginx_modules_http_slowfs_cache? ( ${HTTP_SLOWFS_CACHE_MODULE_URI} -> ${HTTP_SLOWFS_CACHE_MODULE_P}.tar.gz ) - nginx_modules_http_sticky? ( ${HTTP_STICKY_MODULE_URI} -> ${HTTP_STICKY_MODULE_P}.tar.bz2 ) - nginx_modules_http_upload_progress? ( ${HTTP_UPLOAD_PROGRESS_MODULE_URI} -> ${HTTP_UPLOAD_PROGRESS_MODULE_P}.tar.gz ) - nginx_modules_http_upstream_check? ( ${HTTP_UPSTREAM_CHECK_MODULE_URI} -> ${HTTP_UPSTREAM_CHECK_MODULE_P}.tar.gz ) - nginx_modules_http_vhost_traffic_status? ( ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI} -> ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_P}.tar.gz ) - nginx_modules_stream_geoip2? ( ${GEOIP2_MODULE_URI} -> ${GEOIP2_MODULE_P}.tar.gz ) - nginx_modules_stream_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz ) - rtmp? ( ${RTMP_MODULE_URI} -> ${RTMP_MODULE_P}.tar.gz )" - -LICENSE="BSD-2 BSD SSLeay MIT GPL-2 GPL-2+ - nginx_modules_http_security? ( Apache-2.0 ) - nginx_modules_http_push_stream? ( GPL-3 )" - -SLOT="0" -KEYWORDS="amd64 ~arm ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd ~amd64-linux ~x86-linux" - -# Package doesn't provide a real test suite -RESTRICT="test" - -NGINX_MODULES_STD="access auth_basic autoindex browser charset empty_gif - fastcgi geo grpc gzip limit_req limit_conn map memcached mirror - proxy referer rewrite scgi ssi split_clients upstream_hash - upstream_ip_hash upstream_keepalive upstream_least_conn - upstream_zone userid uwsgi" -NGINX_MODULES_OPT="addition auth_request dav degradation flv geoip gunzip - gzip_static image_filter mp4 perl random_index realip secure_link - slice stub_status sub xslt" -NGINX_MODULES_STREAM_STD="access geo limit_conn map return split_clients - upstream_hash upstream_least_conn upstream_zone" -NGINX_MODULES_STREAM_OPT="geoip realip ssl_preread" -NGINX_MODULES_MAIL="imap pop3 smtp" -NGINX_MODULES_3RD=" - http_auth_ldap - http_auth_pam - http_brotli - http_cache_purge - http_dav_ext - http_echo - http_fancyindex - http_geoip2 - http_headers_more - http_javascript - http_lua - http_memc - http_metrics - http_mogilefs - http_naxsi - http_push_stream - http_security - http_slowfs_cache - http_sticky - http_upload_progress - http_upstream_check - http_vhost_traffic_status - stream_geoip2 - stream_javascript -" - -IUSE="aio debug +http +http2 +http-cache +ipv6 libatomic libressl luajit +pcre - pcre-jit rtmp selinux ssl threads userland_GNU vim-syntax" - -for mod in $NGINX_MODULES_STD; do - IUSE="${IUSE} +nginx_modules_http_${mod}" -done - -for mod in $NGINX_MODULES_OPT; do - IUSE="${IUSE} nginx_modules_http_${mod}" -done - -for mod in $NGINX_MODULES_STREAM_STD; do - IUSE="${IUSE} nginx_modules_stream_${mod}" -done - -for mod in $NGINX_MODULES_STREAM_OPT; do - IUSE="${IUSE} nginx_modules_stream_${mod}" -done - -for mod in $NGINX_MODULES_MAIL; do - IUSE="${IUSE} nginx_modules_mail_${mod}" -done - -for mod in $NGINX_MODULES_3RD; do - IUSE="${IUSE} nginx_modules_${mod}" -done - -# Add so we can warn users updating about config changes -# @TODO: jbergstroem: remove on next release series -IUSE="${IUSE} nginx_modules_http_spdy" - -CDEPEND=" - pcre? ( dev-libs/libpcre:= ) - pcre-jit? ( dev-libs/libpcre:=[jit] ) - ssl? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:= ) - ) - http2? ( - !libressl? ( >=dev-libs/openssl-1.0.1c:0= ) - libressl? ( dev-libs/libressl:= ) - ) - http-cache? ( - userland_GNU? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:= ) - ) - ) - nginx_modules_http_brotli? ( app-arch/brotli:= ) - nginx_modules_http_geoip? ( dev-libs/geoip ) - nginx_modules_http_geoip2? ( dev-libs/libmaxminddb:= ) - nginx_modules_http_gunzip? ( sys-libs/zlib ) - nginx_modules_http_gzip? ( sys-libs/zlib ) - nginx_modules_http_gzip_static? ( sys-libs/zlib ) - nginx_modules_http_image_filter? ( media-libs/gd:=[jpeg,png] ) - nginx_modules_http_perl? ( >=dev-lang/perl-5.8:= ) - nginx_modules_http_rewrite? ( dev-libs/libpcre:= ) - nginx_modules_http_secure_link? ( - userland_GNU? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:= ) - ) - ) - nginx_modules_http_xslt? ( dev-libs/libxml2:= dev-libs/libxslt ) - nginx_modules_http_lua? ( !luajit? ( dev-lang/lua:0= ) luajit? ( dev-lang/luajit:2= ) ) - nginx_modules_http_auth_pam? ( virtual/pam ) - nginx_modules_http_metrics? ( dev-libs/yajl:= ) - nginx_modules_http_dav_ext? ( dev-libs/expat ) - nginx_modules_http_security? ( - dev-libs/apr:= - dev-libs/apr-util:= - dev-libs/libxml2:= - net-misc/curl - www-servers/apache - ) - nginx_modules_http_auth_ldap? ( net-nds/openldap[ssl?] )" -RDEPEND="${CDEPEND} - selinux? ( sec-policy/selinux-nginx ) - !www-servers/nginx:mainline" -DEPEND="${CDEPEND} - nginx_modules_http_brotli? ( virtual/pkgconfig ) - nginx_modules_http_security? ( ${AUTOTOOLS_DEPEND} ) - arm? ( dev-libs/libatomic_ops ) - libatomic? ( dev-libs/libatomic_ops )" -PDEPEND="vim-syntax? ( app-vim/nginx-syntax )" - -REQUIRED_USE="pcre-jit? ( pcre ) - nginx_modules_http_grpc? ( http2 ) - nginx_modules_http_lua? ( nginx_modules_http_rewrite ) - nginx_modules_http_naxsi? ( pcre ) - nginx_modules_http_dav_ext? ( nginx_modules_http_dav ) - nginx_modules_http_metrics? ( nginx_modules_http_stub_status ) - nginx_modules_http_security? ( pcre ) - nginx_modules_http_push_stream? ( ssl )" - -pkg_setup() { - NGINX_HOME="/var/lib/nginx" - NGINX_HOME_TMP="${NGINX_HOME}/tmp" - - ebegin "Creating nginx user and group" - enewgroup ${PN} - enewuser ${PN} -1 -1 "${NGINX_HOME}" ${PN} - eend $? - - if use libatomic; then - ewarn "GCC 4.1+ features built-in atomic operations." - ewarn "Using libatomic_ops is only needed if using" - ewarn "a different compiler or a GCC prior to 4.1" - fi - - if [[ -n $NGINX_ADD_MODULES ]]; then - ewarn "You are building custom modules via \$NGINX_ADD_MODULES!" - ewarn "This nginx installation is not supported!" - ewarn "Make sure you can reproduce the bug without those modules" - ewarn "_before_ reporting bugs." - fi - - if use !http; then - ewarn "To actually disable all http-functionality you also have to disable" - ewarn "all nginx http modules." - fi - - if use nginx_modules_http_mogilefs && use threads; then - eerror "mogilefs won't compile with threads support." - eerror "Please disable either flag and try again." - die "Can't compile mogilefs with threads support" - fi -} - -src_prepare() { - eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch" - eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch" - - if use nginx_modules_http_brotli; then - cd "${HTTP_BROTLI_MODULE_WD}" || die - eapply "${FILESDIR}"/http_brotli-detect-brotli-r1.patch - cd "${S}" || die - fi - - if use nginx_modules_http_upstream_check; then - eapply -p0 "${FILESDIR}"/http_upstream_check-nginx-1.11.5+.patch - fi - - if use nginx_modules_http_cache_purge; then - cd "${HTTP_CACHE_PURGE_MODULE_WD}" || die - eapply "${FILESDIR}"/http_cache_purge-1.11.6+.patch - cd "${S}" || die - fi - - if use nginx_modules_http_security; then - cd "${HTTP_SECURITY_MODULE_WD}" || die - - eautoreconf - - if use luajit ; then - sed -i \ - -e 's|^\(LUA_PKGNAMES\)=.*|\1="luajit"|' \ - configure || die - fi - - cd "${S}" || die - fi - - if use nginx_modules_http_upload_progress; then - cd "${HTTP_UPLOAD_PROGRESS_MODULE_WD}" || die - eapply "${FILESDIR}"/http_uploadprogress-issue_50-r1.patch - cd "${S}" || die - fi - - find auto/ -type f -print0 | xargs -0 sed -i 's:\&\& make:\&\& \\$(MAKE):' || die - # We have config protection, don't rename etc files - sed -i 's:.default::' auto/install || die - # remove useless files - sed -i -e '/koi-/d' -e '/win-/d' auto/install || die - - # don't install to /etc/nginx/ if not in use - local module - for module in fastcgi scgi uwsgi ; do - if ! use nginx_modules_http_${module}; then - sed -i -e "/${module}/d" auto/install || die - fi - done - - eapply_user -} - -src_configure() { - # mod_security needs to generate nginx/modsecurity/config before including it - if use nginx_modules_http_security; then - cd "${HTTP_SECURITY_MODULE_WD}" || die - - ./configure \ - --enable-standalone-module \ - --disable-mlogc \ - --with-ssdeep=no \ - $(use_enable pcre-jit) \ - $(use_with nginx_modules_http_lua lua) || die "configure failed for mod_security" - - cd "${S}" || die - fi - - local myconf=() http_enabled= mail_enabled= stream_enabled= - - use aio && myconf+=( --with-file-aio ) - use debug && myconf+=( --with-debug ) - use http2 && myconf+=( --with-http_v2_module ) - use libatomic && myconf+=( --with-libatomic ) - use pcre && myconf+=( --with-pcre ) - use pcre-jit && myconf+=( --with-pcre-jit ) - use threads && myconf+=( --with-threads ) - - # HTTP modules - for mod in $NGINX_MODULES_STD; do - if use nginx_modules_http_${mod}; then - http_enabled=1 - else - myconf+=( --without-http_${mod}_module ) - fi - done - - for mod in $NGINX_MODULES_OPT; do - if use nginx_modules_http_${mod}; then - http_enabled=1 - myconf+=( --with-http_${mod}_module ) - fi - done - - if use nginx_modules_http_fastcgi; then - myconf+=( --with-http_realip_module ) - fi - - # third-party modules - if use nginx_modules_http_upload_progress; then - http_enabled=1 - myconf+=( --add-module=${HTTP_UPLOAD_PROGRESS_MODULE_WD} ) - fi - - if use nginx_modules_http_headers_more; then - http_enabled=1 - myconf+=( --add-module=${HTTP_HEADERS_MORE_MODULE_WD} ) - fi - - if use nginx_modules_http_cache_purge; then - http_enabled=1 - myconf+=( --add-module=${HTTP_CACHE_PURGE_MODULE_WD} ) - fi - - if use nginx_modules_http_slowfs_cache; then - http_enabled=1 - myconf+=( --add-module=${HTTP_SLOWFS_CACHE_MODULE_WD} ) - fi - - if use nginx_modules_http_fancyindex; then - http_enabled=1 - myconf+=( --add-module=${HTTP_FANCYINDEX_MODULE_WD} ) - fi - - if use nginx_modules_http_lua; then - http_enabled=1 - if use luajit; then - export LUAJIT_LIB=$(pkg-config --variable libdir luajit) - export LUAJIT_INC=$(pkg-config --variable includedir luajit) - else - export LUA_LIB=$(pkg-config --variable libdir lua) - export LUA_INC=$(pkg-config --variable includedir lua) - fi - myconf+=( --add-module=${DEVEL_KIT_MODULE_WD} ) - myconf+=( --add-module=${HTTP_LUA_MODULE_WD} ) - fi - - if use nginx_modules_http_auth_pam; then - http_enabled=1 - myconf+=( --add-module=${HTTP_AUTH_PAM_MODULE_WD} ) - fi - - if use nginx_modules_http_upstream_check; then - http_enabled=1 - myconf+=( --add-module=${HTTP_UPSTREAM_CHECK_MODULE_WD} ) - fi - - if use nginx_modules_http_metrics; then - http_enabled=1 - myconf+=( --add-module=${HTTP_METRICS_MODULE_WD} ) - fi - - if use nginx_modules_http_naxsi ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_NAXSI_MODULE_WD} ) - fi - - if use rtmp ; then - http_enabled=1 - myconf+=( --add-module=${RTMP_MODULE_WD} ) - fi - - if use nginx_modules_http_dav_ext ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_DAV_EXT_MODULE_WD} ) - fi - - if use nginx_modules_http_echo ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_ECHO_MODULE_WD} ) - fi - - if use nginx_modules_http_security ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_SECURITY_MODULE_WD}/nginx/modsecurity ) - fi - - if use nginx_modules_http_push_stream ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_PUSH_STREAM_MODULE_WD} ) - fi - - if use nginx_modules_http_sticky ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_STICKY_MODULE_WD} ) - fi - - if use nginx_modules_http_mogilefs ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_MOGILEFS_MODULE_WD} ) - fi - - if use nginx_modules_http_memc ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_MEMC_MODULE_WD} ) - fi - - if use nginx_modules_http_auth_ldap; then - http_enabled=1 - myconf+=( --add-module=${HTTP_LDAP_MODULE_WD} ) - fi - - if use nginx_modules_http_vhost_traffic_status; then - http_enabled=1 - myconf+=( --add-module=${HTTP_VHOST_TRAFFIC_STATUS_MODULE_WD} ) - fi - - if use nginx_modules_http_geoip2 || use nginx_modules_stream_geoip2; then - myconf+=( --add-module=${GEOIP2_MODULE_WD} ) - fi - - if use nginx_modules_http_javascript || use nginx_modules_stream_javascript; then - myconf+=( --add-module="${NJS_MODULE_WD}/nginx" ) - fi - - if use nginx_modules_http_brotli; then - http_enabled=1 - myconf+=( --add-module=${HTTP_BROTLI_MODULE_WD} ) - fi - - if use http || use http-cache || use http2 || use nginx_modules_http_javascript; then - http_enabled=1 - fi - - if [ $http_enabled ]; then - use http-cache || myconf+=( --without-http-cache ) - use ssl && myconf+=( --with-http_ssl_module ) - else - myconf+=( --without-http --without-http-cache ) - fi - - # Stream modules - for mod in $NGINX_MODULES_STREAM_STD; do - if use nginx_modules_stream_${mod}; then - stream_enabled=1 - else - myconf+=( --without-stream_${mod}_module ) - fi - done - - for mod in $NGINX_MODULES_STREAM_OPT; do - if use nginx_modules_stream_${mod}; then - stream_enabled=1 - myconf+=( --with-stream_${mod}_module ) - fi - done - - if use nginx_modules_stream_geoip2 || use nginx_modules_stream_javascript; then - stream_enabled=1 - fi - - if [ $stream_enabled ]; then - myconf+=( --with-stream ) - use ssl && myconf+=( --with-stream_ssl_module ) - fi - - # MAIL modules - for mod in $NGINX_MODULES_MAIL; do - if use nginx_modules_mail_${mod}; then - mail_enabled=1 - else - myconf+=( --without-mail_${mod}_module ) - fi - done - - if [ $mail_enabled ]; then - myconf+=( --with-mail ) - use ssl && myconf+=( --with-mail_ssl_module ) - fi - - # custom modules - for mod in $NGINX_ADD_MODULES; do - myconf+=( --add-module=${mod} ) - done - - # https://bugs.gentoo.org/286772 - export LANG=C LC_ALL=C - tc-export CC - - if ! use prefix; then - myconf+=( --user=${PN} ) - myconf+=( --group=${PN} ) - fi - - local WITHOUT_IPV6= - if ! use ipv6; then - WITHOUT_IPV6=" -DNGX_HAVE_INET6=0" - fi - - if [[ -n "${EXTRA_ECONF}" ]]; then - myconf+=( ${EXTRA_ECONF} ) - ewarn "EXTRA_ECONF applied. Now you are on your own, good luck!" - fi - - ./configure \ - --prefix="${EPREFIX}"/usr \ - --conf-path="${EPREFIX}"/etc/${PN}/${PN}.conf \ - --error-log-path="${EPREFIX}"/var/log/${PN}/error_log \ - --pid-path="${EPREFIX}"/run/${PN}.pid \ - --lock-path="${EPREFIX}"/run/lock/${PN}.lock \ - --with-cc-opt="-I${EROOT}usr/include${WITHOUT_IPV6}" \ - --with-ld-opt="-L${EROOT}usr/$(get_libdir)" \ - --http-log-path="${EPREFIX}"/var/log/${PN}/access_log \ - --http-client-body-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/client \ - --http-proxy-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/proxy \ - --http-fastcgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/fastcgi \ - --http-scgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/scgi \ - --http-uwsgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/uwsgi \ - --with-compat \ - "${myconf[@]}" || die "configure failed" - - # A purely cosmetic change that makes nginx -V more readable. This can be - # good if people outside the gentoo community would troubleshoot and - # question the users setup. - sed -i -e "s|${WORKDIR}|external_module|g" objs/ngx_auto_config.h || die -} - -src_compile() { - use nginx_modules_http_security && emake -C "${HTTP_SECURITY_MODULE_WD}" - - # https://bugs.gentoo.org/286772 - export LANG=C LC_ALL=C - emake LINK="${CC} ${LDFLAGS}" OTHERLDFLAGS="${LDFLAGS}" -} - -src_install() { - emake DESTDIR="${D%/}" install - - cp "${FILESDIR}"/nginx.conf-r2 "${ED}"etc/nginx/nginx.conf || die - - newinitd "${FILESDIR}"/nginx.initd-r4 nginx - newconfd "${FILESDIR}"/nginx.confd nginx - - systemd_newunit "${FILESDIR}"/nginx.service-r1 nginx.service - - doman man/nginx.8 - dodoc CHANGES* README - - # just keepdir. do not copy the default htdocs files (bug #449136) - keepdir /var/www/localhost - rm -rf "${D}"usr/html || die - - # set up a list of directories to keep - local keepdir_list="${NGINX_HOME_TMP}"/client - local module - for module in proxy fastcgi scgi uwsgi; do - use nginx_modules_http_${module} && keepdir_list+=" ${NGINX_HOME_TMP}/${module}" - done - - keepdir /var/log/nginx ${keepdir_list} - - # this solves a problem with SELinux where nginx doesn't see the directories - # as root and tries to create them as nginx - fperms 0750 "${NGINX_HOME_TMP}" - fowners ${PN}:0 "${NGINX_HOME_TMP}" - - fperms 0700 ${keepdir_list} - fowners ${PN}:${PN} ${keepdir_list} - - fperms 0710 /var/log/nginx - fowners 0:${PN} /var/log/nginx - - # logrotate - insinto /etc/logrotate.d - newins "${FILESDIR}"/nginx.logrotate-r1 nginx - - if use nginx_modules_http_perl; then - cd "${S}"/objs/src/http/modules/perl/ || die - emake DESTDIR="${D}" INSTALLDIRS=vendor - perl_delete_localpod - cd "${S}" || die - fi - - if use nginx_modules_http_cache_purge; then - docinto ${HTTP_CACHE_PURGE_MODULE_P} - dodoc "${HTTP_CACHE_PURGE_MODULE_WD}"/{CHANGES,README.md,TODO.md} - fi - - if use nginx_modules_http_slowfs_cache; then - docinto ${HTTP_SLOWFS_CACHE_MODULE_P} - dodoc "${HTTP_SLOWFS_CACHE_MODULE_WD}"/{CHANGES,README.md} - fi - - if use nginx_modules_http_fancyindex; then - docinto ${HTTP_FANCYINDEX_MODULE_P} - dodoc "${HTTP_FANCYINDEX_MODULE_WD}"/README.rst - fi - - if use nginx_modules_http_lua; then - docinto ${HTTP_LUA_MODULE_P} - dodoc "${HTTP_LUA_MODULE_WD}"/README.markdown - fi - - if use nginx_modules_http_auth_pam; then - docinto ${HTTP_AUTH_PAM_MODULE_P} - dodoc "${HTTP_AUTH_PAM_MODULE_WD}"/{README.md,ChangeLog} - fi - - if use nginx_modules_http_upstream_check; then - docinto ${HTTP_UPSTREAM_CHECK_MODULE_P} - dodoc "${HTTP_UPSTREAM_CHECK_MODULE_WD}"/{README,CHANGES} - fi - - if use nginx_modules_http_naxsi; then - insinto /etc/nginx - doins "${HTTP_NAXSI_MODULE_WD}"/../naxsi_config/naxsi_core.rules - fi - - if use rtmp; then - docinto ${RTMP_MODULE_P} - dodoc "${RTMP_MODULE_WD}"/{AUTHORS,README.md,stat.xsl} - fi - - if use nginx_modules_http_dav_ext; then - docinto ${HTTP_DAV_EXT_MODULE_P} - dodoc "${HTTP_DAV_EXT_MODULE_WD}"/README.rst - fi - - if use nginx_modules_http_echo; then - docinto ${HTTP_ECHO_MODULE_P} - dodoc "${HTTP_ECHO_MODULE_WD}"/README.markdown - fi - - if use nginx_modules_http_security; then - docinto ${HTTP_SECURITY_MODULE_P} - dodoc "${HTTP_SECURITY_MODULE_WD}"/{CHANGES,README.TXT,authors.txt} - fi - - if use nginx_modules_http_push_stream; then - docinto ${HTTP_PUSH_STREAM_MODULE_P} - dodoc "${HTTP_PUSH_STREAM_MODULE_WD}"/{AUTHORS,CHANGELOG.textile,README.textile} - fi - - if use nginx_modules_http_sticky; then - docinto ${HTTP_STICKY_MODULE_P} - dodoc "${HTTP_STICKY_MODULE_WD}"/{README.md,Changelog.txt,docs/sticky.pdf} - fi - - if use nginx_modules_http_memc; then - docinto ${HTTP_MEMC_MODULE_P} - dodoc "${HTTP_MEMC_MODULE_WD}"/README.markdown - fi - - if use nginx_modules_http_auth_ldap; then - docinto ${HTTP_LDAP_MODULE_P} - dodoc "${HTTP_LDAP_MODULE_WD}"/example.conf - fi -} - -pkg_postinst() { - if use ssl; then - if [[ ! -f "${EROOT}"etc/ssl/${PN}/${PN}.key ]]; then - install_cert /etc/ssl/${PN}/${PN} - use prefix || chown ${PN}:${PN} "${EROOT}"etc/ssl/${PN}/${PN}.{crt,csr,key,pem} - fi - fi - - if use nginx_modules_http_spdy; then - ewarn "" - ewarn "In nginx 1.9.5 the spdy module was superseded by http2." - ewarn "Update your configs and package.use accordingly." - fi - - if use nginx_modules_http_lua; then - ewarn "" - ewarn "While you can build lua 3rd party module against ${P}" - ewarn "the author warns that >=${PN}-1.11.11 is still not an" - ewarn "officially supported target yet. You are on your own." - ewarn "Expect runtime failures, memory leaks and other problems!" - fi - - if use nginx_modules_http_lua && use http2; then - ewarn "" - ewarn "Lua 3rd party module author warns against using ${P} with" - ewarn "NGINX_MODULES_HTTP=\"lua http2\". For more info, see https://git.io/OldLsg" - fi - - local _n_permission_layout_checks=0 - local _has_to_adjust_permissions=0 - local _has_to_show_permission_warning=0 - - # Defaults to 1 to inform people doing a fresh installation - # that we ship modified {scgi,uwsgi,fastcgi}_params files - local _has_to_show_httpoxy_mitigation_notice=1 - - local _replacing_version= - for _replacing_version in ${REPLACING_VERSIONS}; do - _n_permission_layout_checks=$((${_n_permission_layout_checks}+1)) - - if [[ ${_n_permission_layout_checks} -gt 1 ]]; then - # Should never happen: - # Package is abusing slots but doesn't allow multiple parallel installations. - # If we run into this situation it is unsafe to automatically adjust any - # permission... - _has_to_show_permission_warning=1 - - ewarn "Replacing multiple ${PN}' versions is unsupported! " \ - "You will have to adjust permissions on your own." - - break - fi - - local _replacing_version_branch=$(get_version_component_range 1-2 "${_replacing_version}") - debug-print "Updating an existing installation (v${_replacing_version}; branch '${_replacing_version_branch}') ..." - - # Do we need to adjust permissions to fix CVE-2013-0337 (bug #458726, #469094)? - # This was before we introduced multiple nginx versions so we - # do not need to distinguish between stable and mainline - local _need_to_fix_CVE2013_0337=1 - - if version_is_at_least "1.4.1-r2" "${_replacing_version}"; then - # We are updating an installation which should already be fixed - _need_to_fix_CVE2013_0337=0 - debug-print "Skipping CVE-2013-0337 ... existing installation should not be affected!" - else - _has_to_adjust_permissions=1 - debug-print "Need to adjust permissions to fix CVE-2013-0337!" - fi - - # Do we need to inform about HTTPoxy mitigation? - # In repository since commit 8be44f76d4ac02cebcd1e0e6e6284bb72d054b0f - if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then - # Updating from <1.10 - _has_to_show_httpoxy_mitigation_notice=1 - debug-print "Need to inform about HTTPoxy mitigation!" - else - # Updating from >=1.10 - local _fixed_in_pvr= - case "${_replacing_version_branch}" in - "1.10") - _fixed_in_pvr="1.10.1-r2" - ;; - "1.11") - _fixed_in_pvr="1.11.3-r1" - ;; - *) - # This should be any future branch. - # If we run this code it is safe to assume that the user has - # already seen the HTTPoxy mitigation notice because he/she is doing - # an update from previous version where we have already shown - # the warning. Otherwise, we wouldn't hit this code path ... - _fixed_in_pvr= - esac - - if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then - # We are updating an installation where we already informed - # that we are mitigating HTTPoxy per default - _has_to_show_httpoxy_mitigation_notice=0 - debug-print "No need to inform about HTTPoxy mitigation ... information was already shown for existing installation!" - else - _has_to_show_httpoxy_mitigation_notice=1 - debug-print "Need to inform about HTTPoxy mitigation!" - fi - fi - - # Do we need to adjust permissions to fix CVE-2016-1247 (bug #605008)? - # All branches up to 1.11 are affected - local _need_to_fix_CVE2016_1247=1 - - if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then - # Updating from <1.10 - _has_to_adjust_permissions=1 - debug-print "Need to adjust permissions to fix CVE-2016-1247!" - else - # Updating from >=1.10 - local _fixed_in_pvr= - case "${_replacing_version_branch}" in - "1.10") - _fixed_in_pvr="1.10.2-r3" - ;; - "1.11") - _fixed_in_pvr="1.11.6-r1" - ;; - *) - # This should be any future branch. - # If we run this code it is safe to assume that we have already - # adjusted permissions or were never affected because user is - # doing an update from previous version which was safe or did - # the adjustments. Otherwise, we wouldn't hit this code path ... - _fixed_in_pvr= - esac - - if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then - # We are updating an installation which should already be adjusted - # or which was never affected - _need_to_fix_CVE2016_1247=0 - debug-print "Skipping CVE-2016-1247 ... existing installation should not be affected!" - else - _has_to_adjust_permissions=1 - debug-print "Need to adjust permissions to fix CVE-2016-1247!" - fi - fi - done - - if [[ ${_has_to_adjust_permissions} -eq 1 ]]; then - # We do not DIE when chmod/chown commands are failing because - # package is already merged on user's system at this stage - # and we cannot retry without losing the information that - # the existing installation needs to adjust permissions. - # Instead we are going to a show a big warning ... - - if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2013_0337} -eq 1 ]]; then - ewarn "" - ewarn "The world-readable bit (if set) has been removed from the" - ewarn "following directories to mitigate a security bug" - ewarn "(CVE-2013-0337, bug #458726):" - ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" - ewarn " ${EPREFIX%/}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}" - ewarn "" - ewarn "Check if this is correct for your setup before restarting nginx!" - ewarn "This is a one-time change and will not happen on subsequent updates." - ewarn "Furthermore nginx' temp directories got moved to '${EPREFIX%/}${NGINX_HOME_TMP}'" - chmod o-rwx \ - "${EPREFIX%/}"/var/log/nginx \ - "${EPREFIX%/}"${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi} || \ - _has_to_show_permission_warning=1 - fi - - if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2016_1247} -eq 1 ]]; then - ewarn "" - ewarn "The permissions on the following directory have been reset in" - ewarn "order to mitigate a security bug (CVE-2016-1247, bug #605008):" - ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" - ewarn "" - ewarn "Check if this is correct for your setup before restarting nginx!" - ewarn "Also ensure that no other log directory used by any of your" - ewarn "vhost(s) is not writeable for nginx user. Any of your log files" - ewarn "used by nginx can be abused to escalate privileges!" - ewarn "This is a one-time change and will not happen on subsequent updates." - chown 0:nginx "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 - chmod 710 "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 - fi - - if [[ ${_has_to_show_permission_warning} -eq 1 ]]; then - # Should never happen ... - ewarn "" - ewarn "*************************************************************" - ewarn "*************** W A R N I N G ***************" - ewarn "*************************************************************" - ewarn "The one-time only attempt to adjust permissions of the" - ewarn "existing nginx installation failed. Be aware that we will not" - ewarn "try to adjust the same permissions again because now you are" - ewarn "using a nginx version where we expect that the permissions" - ewarn "are already adjusted or that you know what you are doing and" - ewarn "want to keep custom permissions." - ewarn "" - fi - fi - - # Sanity check for CVE-2016-1247 - # Required to warn users who received the warning above and thought - # they could fix it by unmerging and re-merging the package or have - # unmerged a affected installation on purpose in the past leaving - # /var/log/nginx on their system due to keepdir/non-empty folder - # and are now installing the package again. - local _sanity_check_testfile=$(mktemp --dry-run "${EPREFIX%/}"/var/log/nginx/.CVE-2016-1247.XXXXXXXXX) - su -s /bin/sh -c "touch ${_sanity_check_testfile}" nginx >&/dev/null - if [ $? -eq 0 ] ; then - # Cleanup -- no reason to die here! - rm -f "${_sanity_check_testfile}" - - ewarn "" - ewarn "*************************************************************" - ewarn "*************** W A R N I N G ***************" - ewarn "*************************************************************" - ewarn "Looks like your installation is vulnerable to CVE-2016-1247" - ewarn "(bug #605008) because nginx user is able to create files in" - ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" - ewarn "" - ewarn "Also ensure that no other log directory used by any of your" - ewarn "vhost(s) is not writeable for nginx user. Any of your log files" - ewarn "used by nginx can be abused to escalate privileges!" - fi - - if [[ ${_has_to_show_httpoxy_mitigation_notice} -eq 1 ]]; then - # HTTPoxy mitigation - ewarn "" - ewarn "This nginx installation comes with a mitigation for the HTTPoxy" - ewarn "vulnerability for FastCGI, SCGI and uWSGI applications by setting" - ewarn "the HTTP_PROXY parameter to an empty string per default when you" - ewarn "are sourcing one of the default" - ewarn "" - ewarn " - 'fastcgi_params' or 'fastcgi.conf'" - ewarn " - 'scgi_params'" - ewarn " - 'uwsgi_params'" - ewarn "" - ewarn "files in your server block(s)." - ewarn "" - ewarn "If this is causing any problems for you make sure that you are sourcing the" - ewarn "default parameters _before_ you set your own values." - ewarn "If you are relying on user-supplied proxy values you have to remove the" - ewarn "correlating lines from the file(s) mentioned above." - ewarn "" - fi -} diff --git a/www-servers/nginx/nginx-1.14.0-r3.ebuild b/www-servers/nginx/nginx-1.14.0-r3.ebuild new file mode 100644 index 000000000000..9332cae2dbb7 --- /dev/null +++ b/www-servers/nginx/nginx-1.14.0-r3.ebuild @@ -0,0 +1,1081 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +# Maintainer notes: +# - http_rewrite-independent pcre-support makes sense for matching locations without an actual rewrite +# - any http-module activates the main http-functionality and overrides USE=-http +# - keep the following requirements in mind before adding external modules: +# * alive upstream +# * sane packaging +# * builds cleanly +# * does not need a patch for nginx core +# - TODO: test the google-perftools module (included in vanilla tarball) + +# prevent perl-module from adding automagic perl DEPENDs +GENTOO_DEPEND_ON_PERL="no" + +# devel_kit (https://github.com/simpl/ngx_devel_kit, BSD license) +DEVEL_KIT_MODULE_PV="0.3.0" +DEVEL_KIT_MODULE_P="ngx_devel_kit-${DEVEL_KIT_MODULE_PV}-r1" +DEVEL_KIT_MODULE_URI="https://github.com/simpl/ngx_devel_kit/archive/v${DEVEL_KIT_MODULE_PV}.tar.gz" +DEVEL_KIT_MODULE_WD="${WORKDIR}/ngx_devel_kit-${DEVEL_KIT_MODULE_PV}" + +# ngx_brotli (https://github.com/eustas/ngx_brotli, BSD-2) +HTTP_BROTLI_MODULE_PV="0.1.2" +HTTP_BROTLI_MODULE_P="ngx_brotli-${HTTP_BROTLI_MODULE_PV}" +HTTP_BROTLI_MODULE_URI="https://github.com/eustas/ngx_brotli/archive/v${HTTP_BROTLI_MODULE_PV}.tar.gz" +HTTP_BROTLI_MODULE_WD="${WORKDIR}/ngx_brotli-${HTTP_BROTLI_MODULE_PV}" + +# http_uploadprogress (https://github.com/masterzen/nginx-upload-progress-module, BSD-2 license) +HTTP_UPLOAD_PROGRESS_MODULE_PV="0.9.2" +HTTP_UPLOAD_PROGRESS_MODULE_P="ngx_http_upload_progress-${HTTP_UPLOAD_PROGRESS_MODULE_PV}-r1" +HTTP_UPLOAD_PROGRESS_MODULE_URI="https://github.com/masterzen/nginx-upload-progress-module/archive/v${HTTP_UPLOAD_PROGRESS_MODULE_PV}.tar.gz" +HTTP_UPLOAD_PROGRESS_MODULE_WD="${WORKDIR}/nginx-upload-progress-module-${HTTP_UPLOAD_PROGRESS_MODULE_PV}" + +# http_headers_more (https://github.com/agentzh/headers-more-nginx-module, BSD license) +HTTP_HEADERS_MORE_MODULE_PV="0.33" +HTTP_HEADERS_MORE_MODULE_P="ngx_http_headers_more-${HTTP_HEADERS_MORE_MODULE_PV}" +HTTP_HEADERS_MORE_MODULE_URI="https://github.com/agentzh/headers-more-nginx-module/archive/v${HTTP_HEADERS_MORE_MODULE_PV}.tar.gz" +HTTP_HEADERS_MORE_MODULE_WD="${WORKDIR}/headers-more-nginx-module-${HTTP_HEADERS_MORE_MODULE_PV}" + +# http_cache_purge (http://labs.frickle.com/nginx_ngx_cache_purge/, https://github.com/FRiCKLE/ngx_cache_purge, BSD-2 license) +HTTP_CACHE_PURGE_MODULE_PV="2.3" +HTTP_CACHE_PURGE_MODULE_P="ngx_http_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}" +HTTP_CACHE_PURGE_MODULE_URI="http://labs.frickle.com/files/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}.tar.gz" +HTTP_CACHE_PURGE_MODULE_WD="${WORKDIR}/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}" + +# http_slowfs_cache (http://labs.frickle.com/nginx_ngx_slowfs_cache/, BSD-2 license) +HTTP_SLOWFS_CACHE_MODULE_PV="1.10" +HTTP_SLOWFS_CACHE_MODULE_P="ngx_http_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}" +HTTP_SLOWFS_CACHE_MODULE_URI="http://labs.frickle.com/files/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}.tar.gz" +HTTP_SLOWFS_CACHE_MODULE_WD="${WORKDIR}/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}" + +# http_fancyindex (https://github.com/aperezdc/ngx-fancyindex, BSD license) +HTTP_FANCYINDEX_MODULE_PV="0.4.3" +HTTP_FANCYINDEX_MODULE_P="ngx_http_fancyindex-${HTTP_FANCYINDEX_MODULE_PV}" +HTTP_FANCYINDEX_MODULE_URI="https://github.com/aperezdc/ngx-fancyindex/archive/v${HTTP_FANCYINDEX_MODULE_PV}.tar.gz" +HTTP_FANCYINDEX_MODULE_WD="${WORKDIR}/ngx-fancyindex-${HTTP_FANCYINDEX_MODULE_PV}" + +# http_lua (https://github.com/openresty/lua-nginx-module, BSD license) +HTTP_LUA_MODULE_PV="0.10.13" +HTTP_LUA_MODULE_P="ngx_http_lua-${HTTP_LUA_MODULE_PV}" +HTTP_LUA_MODULE_URI="https://github.com/openresty/lua-nginx-module/archive/v${HTTP_LUA_MODULE_PV}.tar.gz" +HTTP_LUA_MODULE_WD="${WORKDIR}/lua-nginx-module-${HTTP_LUA_MODULE_PV}" + +# http_auth_pam (https://github.com/stogh/ngx_http_auth_pam_module/, http://web.iti.upv.es/~sto/nginx/, BSD-2 license) +HTTP_AUTH_PAM_MODULE_PV="1.5.1" +HTTP_AUTH_PAM_MODULE_P="ngx_http_auth_pam-${HTTP_AUTH_PAM_MODULE_PV}" +HTTP_AUTH_PAM_MODULE_URI="https://github.com/stogh/ngx_http_auth_pam_module/archive/v${HTTP_AUTH_PAM_MODULE_PV}.tar.gz" +HTTP_AUTH_PAM_MODULE_WD="${WORKDIR}/ngx_http_auth_pam_module-${HTTP_AUTH_PAM_MODULE_PV}" + +# http_upstream_check (https://github.com/yaoweibin/nginx_upstream_check_module, BSD license) +HTTP_UPSTREAM_CHECK_MODULE_PV="9aecf15ec379fe98f62355c57b60c0bc83296f04" +HTTP_UPSTREAM_CHECK_MODULE_P="ngx_http_upstream_check-${HTTP_UPSTREAM_CHECK_MODULE_PV}" +HTTP_UPSTREAM_CHECK_MODULE_URI="https://github.com/yaoweibin/nginx_upstream_check_module/archive/${HTTP_UPSTREAM_CHECK_MODULE_PV}.tar.gz" +HTTP_UPSTREAM_CHECK_MODULE_WD="${WORKDIR}/nginx_upstream_check_module-${HTTP_UPSTREAM_CHECK_MODULE_PV}" + +# http_metrics (https://github.com/zenops/ngx_metrics, BSD license) +HTTP_METRICS_MODULE_PV="0.1.1" +HTTP_METRICS_MODULE_P="ngx_metrics-${HTTP_METRICS_MODULE_PV}" +HTTP_METRICS_MODULE_URI="https://github.com/madvertise/ngx_metrics/archive/v${HTTP_METRICS_MODULE_PV}.tar.gz" +HTTP_METRICS_MODULE_WD="${WORKDIR}/ngx_metrics-${HTTP_METRICS_MODULE_PV}" + +# http_vhost_traffic_status (https://github.com/vozlt/nginx-module-vts, BSD license) +HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV="0.1.18" +HTTP_VHOST_TRAFFIC_STATUS_MODULE_P="ngx_http_vhost_traffic_status-${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}" +HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI="https://github.com/vozlt/nginx-module-vts/archive/v${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}.tar.gz" +HTTP_VHOST_TRAFFIC_STATUS_MODULE_WD="${WORKDIR}/nginx-module-vts-${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}" + +# naxsi-core (https://github.com/nbs-system/naxsi, GPLv2+) +HTTP_NAXSI_MODULE_PV="0.56" +HTTP_NAXSI_MODULE_P="ngx_http_naxsi-${HTTP_NAXSI_MODULE_PV}" +HTTP_NAXSI_MODULE_URI="https://github.com/nbs-system/naxsi/archive/${HTTP_NAXSI_MODULE_PV}.tar.gz" +HTTP_NAXSI_MODULE_WD="${WORKDIR}/naxsi-${HTTP_NAXSI_MODULE_PV}/naxsi_src" + +# nginx-rtmp-module (https://github.com/arut/nginx-rtmp-module, BSD license) +RTMP_MODULE_PV="1.2.1" +RTMP_MODULE_P="ngx_rtmp-${RTMP_MODULE_PV}" +RTMP_MODULE_URI="https://github.com/arut/nginx-rtmp-module/archive/v${RTMP_MODULE_PV}.tar.gz" +RTMP_MODULE_WD="${WORKDIR}/nginx-rtmp-module-${RTMP_MODULE_PV}" + +# nginx-dav-ext-module (https://github.com/arut/nginx-dav-ext-module, BSD license) +HTTP_DAV_EXT_MODULE_PV="0.1.0" +HTTP_DAV_EXT_MODULE_P="ngx_http_dav_ext-${HTTP_DAV_EXT_MODULE_PV}" +HTTP_DAV_EXT_MODULE_URI="https://github.com/arut/nginx-dav-ext-module/archive/v${HTTP_DAV_EXT_MODULE_PV}.tar.gz" +HTTP_DAV_EXT_MODULE_WD="${WORKDIR}/nginx-dav-ext-module-${HTTP_DAV_EXT_MODULE_PV}" + +# echo-nginx-module (https://github.com/openresty/echo-nginx-module, BSD license) +HTTP_ECHO_MODULE_PV="0.61" +HTTP_ECHO_MODULE_P="ngx_http_echo-${HTTP_ECHO_MODULE_PV}" +HTTP_ECHO_MODULE_URI="https://github.com/openresty/echo-nginx-module/archive/v${HTTP_ECHO_MODULE_PV}.tar.gz" +HTTP_ECHO_MODULE_WD="${WORKDIR}/echo-nginx-module-${HTTP_ECHO_MODULE_PV}" + +# mod_security for nginx (https://modsecurity.org/, Apache-2.0) +# keep the MODULE_P here consistent with upstream to avoid tarball duplication +HTTP_SECURITY_MODULE_PV="2.9.2" +HTTP_SECURITY_MODULE_P="modsecurity-${HTTP_SECURITY_MODULE_PV}" +HTTP_SECURITY_MODULE_URI="https://www.modsecurity.org/tarball/${HTTP_SECURITY_MODULE_PV}/${HTTP_SECURITY_MODULE_P}.tar.gz" +HTTP_SECURITY_MODULE_WD="${WORKDIR}/${HTTP_SECURITY_MODULE_P}" + +# push-stream-module (http://www.nginxpushstream.com, https://github.com/wandenberg/nginx-push-stream-module, GPL-3) +HTTP_PUSH_STREAM_MODULE_PV="0.5.4" +HTTP_PUSH_STREAM_MODULE_P="ngx_http_push_stream-${HTTP_PUSH_STREAM_MODULE_PV}" +HTTP_PUSH_STREAM_MODULE_URI="https://github.com/wandenberg/nginx-push-stream-module/archive/${HTTP_PUSH_STREAM_MODULE_PV}.tar.gz" +HTTP_PUSH_STREAM_MODULE_WD="${WORKDIR}/nginx-push-stream-module-${HTTP_PUSH_STREAM_MODULE_PV}" + +# sticky-module (https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng, BSD-2) +HTTP_STICKY_MODULE_PV="1.2.6-10-g08a395c66e42" +HTTP_STICKY_MODULE_P="nginx_http_sticky_module_ng-${HTTP_STICKY_MODULE_PV}" +HTTP_STICKY_MODULE_URI="https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/${HTTP_STICKY_MODULE_PV}.tar.bz2" +HTTP_STICKY_MODULE_WD="${WORKDIR}/nginx-goodies-nginx-sticky-module-ng-08a395c66e42" + +# mogilefs-module (https://github.com/vkholodkov/nginx-mogilefs-module, BSD-2) +HTTP_MOGILEFS_MODULE_PV="1.0.4" +HTTP_MOGILEFS_MODULE_P="ngx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}" +HTTP_MOGILEFS_MODULE_URI="https://github.com/vkholodkov/nginx-mogilefs-module/archive/${HTTP_MOGILEFS_MODULE_PV}.tar.gz" +HTTP_MOGILEFS_MODULE_WD="${WORKDIR}/nginx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}" + +# memc-module (https://github.com/openresty/memc-nginx-module, BSD-2) +HTTP_MEMC_MODULE_PV="0.19" +HTTP_MEMC_MODULE_P="ngx_memc_module-${HTTP_MEMC_MODULE_PV}" +HTTP_MEMC_MODULE_URI="https://github.com/openresty/memc-nginx-module/archive/v${HTTP_MEMC_MODULE_PV}.tar.gz" +HTTP_MEMC_MODULE_WD="${WORKDIR}/memc-nginx-module-${HTTP_MEMC_MODULE_PV}" + +# nginx-ldap-auth-module (https://github.com/kvspb/nginx-auth-ldap, BSD-2) +HTTP_LDAP_MODULE_PV="42d195d7a7575ebab1c369ad3fc5d78dc2c2669c" +HTTP_LDAP_MODULE_P="nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}" +HTTP_LDAP_MODULE_URI="https://github.com/kvspb/nginx-auth-ldap/archive/${HTTP_LDAP_MODULE_PV}.tar.gz" +HTTP_LDAP_MODULE_WD="${WORKDIR}/nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}" + +# geoip2 (https://github.com/leev/ngx_http_geoip2_module, BSD-2) +GEOIP2_MODULE_PV="2.0" +GEOIP2_MODULE_P="ngx_http_geoip2_module-${GEOIP2_MODULE_PV}" +GEOIP2_MODULE_URI="https://github.com/leev/ngx_http_geoip2_module/archive/${GEOIP2_MODULE_PV}.tar.gz" +GEOIP2_MODULE_WD="${WORKDIR}/ngx_http_geoip2_module-${GEOIP2_MODULE_PV}" + +# njs-module (https://github.com/nginx/njs, as-is) +NJS_MODULE_PV="0.2.2" +NJS_MODULE_P="njs-${NJS_MODULE_PV}" +NJS_MODULE_URI="https://github.com/nginx/njs/archive/${NJS_MODULE_PV}.tar.gz" +NJS_MODULE_WD="${WORKDIR}/njs-${NJS_MODULE_PV}" + +# We handle deps below ourselves +SSL_DEPS_SKIP=1 +AUTOTOOLS_AUTO_DEPEND="no" + +inherit autotools ssl-cert toolchain-funcs perl-module flag-o-matic user systemd versionator multilib + +DESCRIPTION="Robust, small and high performance http and reverse proxy server" +HOMEPAGE="https://nginx.org" +SRC_URI="https://nginx.org/download/${P}.tar.gz + ${DEVEL_KIT_MODULE_URI} -> ${DEVEL_KIT_MODULE_P}.tar.gz + nginx_modules_http_auth_ldap? ( ${HTTP_LDAP_MODULE_URI} -> ${HTTP_LDAP_MODULE_P}.tar.gz ) + nginx_modules_http_auth_pam? ( ${HTTP_AUTH_PAM_MODULE_URI} -> ${HTTP_AUTH_PAM_MODULE_P}.tar.gz ) + nginx_modules_http_brotli? ( ${HTTP_BROTLI_MODULE_URI} -> ${HTTP_BROTLI_MODULE_P}.tar.gz ) + nginx_modules_http_cache_purge? ( ${HTTP_CACHE_PURGE_MODULE_URI} -> ${HTTP_CACHE_PURGE_MODULE_P}.tar.gz ) + nginx_modules_http_dav_ext? ( ${HTTP_DAV_EXT_MODULE_URI} -> ${HTTP_DAV_EXT_MODULE_P}.tar.gz ) + nginx_modules_http_echo? ( ${HTTP_ECHO_MODULE_URI} -> ${HTTP_ECHO_MODULE_P}.tar.gz ) + nginx_modules_http_fancyindex? ( ${HTTP_FANCYINDEX_MODULE_URI} -> ${HTTP_FANCYINDEX_MODULE_P}.tar.gz ) + nginx_modules_http_geoip2? ( ${GEOIP2_MODULE_URI} -> ${GEOIP2_MODULE_P}.tar.gz ) + nginx_modules_http_headers_more? ( ${HTTP_HEADERS_MORE_MODULE_URI} -> ${HTTP_HEADERS_MORE_MODULE_P}.tar.gz ) + nginx_modules_http_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz ) + nginx_modules_http_lua? ( ${HTTP_LUA_MODULE_URI} -> ${HTTP_LUA_MODULE_P}.tar.gz ) + nginx_modules_http_memc? ( ${HTTP_MEMC_MODULE_URI} -> ${HTTP_MEMC_MODULE_P}.tar.gz ) + nginx_modules_http_metrics? ( ${HTTP_METRICS_MODULE_URI} -> ${HTTP_METRICS_MODULE_P}.tar.gz ) + nginx_modules_http_mogilefs? ( ${HTTP_MOGILEFS_MODULE_URI} -> ${HTTP_MOGILEFS_MODULE_P}.tar.gz ) + nginx_modules_http_naxsi? ( ${HTTP_NAXSI_MODULE_URI} -> ${HTTP_NAXSI_MODULE_P}.tar.gz ) + nginx_modules_http_push_stream? ( ${HTTP_PUSH_STREAM_MODULE_URI} -> ${HTTP_PUSH_STREAM_MODULE_P}.tar.gz ) + nginx_modules_http_security? ( ${HTTP_SECURITY_MODULE_URI} -> ${HTTP_SECURITY_MODULE_P}.tar.gz ) + nginx_modules_http_slowfs_cache? ( ${HTTP_SLOWFS_CACHE_MODULE_URI} -> ${HTTP_SLOWFS_CACHE_MODULE_P}.tar.gz ) + nginx_modules_http_sticky? ( ${HTTP_STICKY_MODULE_URI} -> ${HTTP_STICKY_MODULE_P}.tar.bz2 ) + nginx_modules_http_upload_progress? ( ${HTTP_UPLOAD_PROGRESS_MODULE_URI} -> ${HTTP_UPLOAD_PROGRESS_MODULE_P}.tar.gz ) + nginx_modules_http_upstream_check? ( ${HTTP_UPSTREAM_CHECK_MODULE_URI} -> ${HTTP_UPSTREAM_CHECK_MODULE_P}.tar.gz ) + nginx_modules_http_vhost_traffic_status? ( ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI} -> ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_P}.tar.gz ) + nginx_modules_stream_geoip2? ( ${GEOIP2_MODULE_URI} -> ${GEOIP2_MODULE_P}.tar.gz ) + nginx_modules_stream_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz ) + rtmp? ( ${RTMP_MODULE_URI} -> ${RTMP_MODULE_P}.tar.gz )" + +LICENSE="BSD-2 BSD SSLeay MIT GPL-2 GPL-2+ + nginx_modules_http_security? ( Apache-2.0 ) + nginx_modules_http_push_stream? ( GPL-3 )" + +SLOT="0" +KEYWORDS="amd64 ~arm ~arm64 ~ppc ~ppc64 x86 ~x86-fbsd ~amd64-linux ~x86-linux" + +# Package doesn't provide a real test suite +RESTRICT="test" + +NGINX_MODULES_STD="access auth_basic autoindex browser charset empty_gif + fastcgi geo grpc gzip limit_req limit_conn map memcached mirror + proxy referer rewrite scgi ssi split_clients upstream_hash + upstream_ip_hash upstream_keepalive upstream_least_conn + upstream_zone userid uwsgi" +NGINX_MODULES_OPT="addition auth_request dav degradation flv geoip gunzip + gzip_static image_filter mp4 perl random_index realip secure_link + slice stub_status sub xslt" +NGINX_MODULES_STREAM_STD="access geo limit_conn map return split_clients + upstream_hash upstream_least_conn upstream_zone" +NGINX_MODULES_STREAM_OPT="geoip realip ssl_preread" +NGINX_MODULES_MAIL="imap pop3 smtp" +NGINX_MODULES_3RD=" + http_auth_ldap + http_auth_pam + http_brotli + http_cache_purge + http_dav_ext + http_echo + http_fancyindex + http_geoip2 + http_headers_more + http_javascript + http_lua + http_memc + http_metrics + http_mogilefs + http_naxsi + http_push_stream + http_security + http_slowfs_cache + http_sticky + http_upload_progress + http_upstream_check + http_vhost_traffic_status + stream_geoip2 + stream_javascript +" + +IUSE="aio debug +http +http2 +http-cache +ipv6 libatomic libressl luajit +pcre + pcre-jit rtmp selinux ssl threads userland_GNU vim-syntax" + +for mod in $NGINX_MODULES_STD; do + IUSE="${IUSE} +nginx_modules_http_${mod}" +done + +for mod in $NGINX_MODULES_OPT; do + IUSE="${IUSE} nginx_modules_http_${mod}" +done + +for mod in $NGINX_MODULES_STREAM_STD; do + IUSE="${IUSE} nginx_modules_stream_${mod}" +done + +for mod in $NGINX_MODULES_STREAM_OPT; do + IUSE="${IUSE} nginx_modules_stream_${mod}" +done + +for mod in $NGINX_MODULES_MAIL; do + IUSE="${IUSE} nginx_modules_mail_${mod}" +done + +for mod in $NGINX_MODULES_3RD; do + IUSE="${IUSE} nginx_modules_${mod}" +done + +# Add so we can warn users updating about config changes +# @TODO: jbergstroem: remove on next release series +IUSE="${IUSE} nginx_modules_http_spdy" + +CDEPEND=" + pcre? ( dev-libs/libpcre:= ) + pcre-jit? ( dev-libs/libpcre:=[jit] ) + ssl? ( + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:= ) + ) + http2? ( + !libressl? ( >=dev-libs/openssl-1.0.1c:0= ) + libressl? ( dev-libs/libressl:= ) + ) + http-cache? ( + userland_GNU? ( + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:= ) + ) + ) + nginx_modules_http_brotli? ( app-arch/brotli:= ) + nginx_modules_http_geoip? ( dev-libs/geoip ) + nginx_modules_http_geoip2? ( dev-libs/libmaxminddb:= ) + nginx_modules_http_gunzip? ( sys-libs/zlib ) + nginx_modules_http_gzip? ( sys-libs/zlib ) + nginx_modules_http_gzip_static? ( sys-libs/zlib ) + nginx_modules_http_image_filter? ( media-libs/gd:=[jpeg,png] ) + nginx_modules_http_perl? ( >=dev-lang/perl-5.8:= ) + nginx_modules_http_rewrite? ( dev-libs/libpcre:= ) + nginx_modules_http_secure_link? ( + userland_GNU? ( + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:= ) + ) + ) + nginx_modules_http_xslt? ( dev-libs/libxml2:= dev-libs/libxslt ) + nginx_modules_http_lua? ( !luajit? ( dev-lang/lua:0= ) luajit? ( dev-lang/luajit:2= ) ) + nginx_modules_http_auth_pam? ( virtual/pam ) + nginx_modules_http_metrics? ( dev-libs/yajl:= ) + nginx_modules_http_dav_ext? ( dev-libs/expat ) + nginx_modules_http_security? ( + dev-libs/apr:= + dev-libs/apr-util:= + dev-libs/libxml2:= + net-misc/curl + www-servers/apache + ) + nginx_modules_http_auth_ldap? ( net-nds/openldap[ssl?] ) + nginx_modules_stream_geoip? ( dev-libs/geoip ) + nginx_modules_stream_geoip2? ( dev-libs/libmaxminddb:= )" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-nginx ) + !www-servers/nginx:mainline" +DEPEND="${CDEPEND} + nginx_modules_http_brotli? ( virtual/pkgconfig ) + nginx_modules_http_security? ( ${AUTOTOOLS_DEPEND} ) + arm? ( dev-libs/libatomic_ops ) + libatomic? ( dev-libs/libatomic_ops )" +PDEPEND="vim-syntax? ( app-vim/nginx-syntax )" + +REQUIRED_USE="pcre-jit? ( pcre ) + nginx_modules_http_grpc? ( http2 ) + nginx_modules_http_lua? ( nginx_modules_http_rewrite ) + nginx_modules_http_naxsi? ( pcre ) + nginx_modules_http_dav_ext? ( nginx_modules_http_dav ) + nginx_modules_http_metrics? ( nginx_modules_http_stub_status ) + nginx_modules_http_security? ( pcre ) + nginx_modules_http_push_stream? ( ssl )" + +pkg_setup() { + NGINX_HOME="/var/lib/nginx" + NGINX_HOME_TMP="${NGINX_HOME}/tmp" + + ebegin "Creating nginx user and group" + enewgroup ${PN} + enewuser ${PN} -1 -1 "${NGINX_HOME}" ${PN} + eend $? + + if use libatomic; then + ewarn "GCC 4.1+ features built-in atomic operations." + ewarn "Using libatomic_ops is only needed if using" + ewarn "a different compiler or a GCC prior to 4.1" + fi + + if [[ -n $NGINX_ADD_MODULES ]]; then + ewarn "You are building custom modules via \$NGINX_ADD_MODULES!" + ewarn "This nginx installation is not supported!" + ewarn "Make sure you can reproduce the bug without those modules" + ewarn "_before_ reporting bugs." + fi + + if use !http; then + ewarn "To actually disable all http-functionality you also have to disable" + ewarn "all nginx http modules." + fi + + if use nginx_modules_http_mogilefs && use threads; then + eerror "mogilefs won't compile with threads support." + eerror "Please disable either flag and try again." + die "Can't compile mogilefs with threads support" + fi +} + +src_prepare() { + eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch" + eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch" + + if use nginx_modules_http_brotli; then + cd "${HTTP_BROTLI_MODULE_WD}" || die + eapply "${FILESDIR}"/http_brotli-detect-brotli-r1.patch + cd "${S}" || die + fi + + if use nginx_modules_http_upstream_check; then + eapply -p0 "${FILESDIR}"/http_upstream_check-nginx-1.11.5+.patch + fi + + if use nginx_modules_http_cache_purge; then + cd "${HTTP_CACHE_PURGE_MODULE_WD}" || die + eapply "${FILESDIR}"/http_cache_purge-1.11.6+.patch + cd "${S}" || die + fi + + if use nginx_modules_http_security; then + cd "${HTTP_SECURITY_MODULE_WD}" || die + + eautoreconf + + if use luajit ; then + sed -i \ + -e 's|^\(LUA_PKGNAMES\)=.*|\1="luajit"|' \ + configure || die + fi + + cd "${S}" || die + fi + + if use nginx_modules_http_upload_progress; then + cd "${HTTP_UPLOAD_PROGRESS_MODULE_WD}" || die + eapply "${FILESDIR}"/http_uploadprogress-issue_50-r1.patch + cd "${S}" || die + fi + + find auto/ -type f -print0 | xargs -0 sed -i 's:\&\& make:\&\& \\$(MAKE):' || die + # We have config protection, don't rename etc files + sed -i 's:.default::' auto/install || die + # remove useless files + sed -i -e '/koi-/d' -e '/win-/d' auto/install || die + + # don't install to /etc/nginx/ if not in use + local module + for module in fastcgi scgi uwsgi ; do + if ! use nginx_modules_http_${module}; then + sed -i -e "/${module}/d" auto/install || die + fi + done + + eapply_user +} + +src_configure() { + # mod_security needs to generate nginx/modsecurity/config before including it + if use nginx_modules_http_security; then + cd "${HTTP_SECURITY_MODULE_WD}" || die + + ./configure \ + --enable-standalone-module \ + --disable-mlogc \ + --with-ssdeep=no \ + $(use_enable pcre-jit) \ + $(use_with nginx_modules_http_lua lua) || die "configure failed for mod_security" + + cd "${S}" || die + fi + + local myconf=() http_enabled= mail_enabled= stream_enabled= + + use aio && myconf+=( --with-file-aio ) + use debug && myconf+=( --with-debug ) + use http2 && myconf+=( --with-http_v2_module ) + use libatomic && myconf+=( --with-libatomic ) + use pcre && myconf+=( --with-pcre ) + use pcre-jit && myconf+=( --with-pcre-jit ) + use threads && myconf+=( --with-threads ) + + # HTTP modules + for mod in $NGINX_MODULES_STD; do + if use nginx_modules_http_${mod}; then + http_enabled=1 + else + myconf+=( --without-http_${mod}_module ) + fi + done + + for mod in $NGINX_MODULES_OPT; do + if use nginx_modules_http_${mod}; then + http_enabled=1 + myconf+=( --with-http_${mod}_module ) + fi + done + + if use nginx_modules_http_fastcgi; then + myconf+=( --with-http_realip_module ) + fi + + # third-party modules + if use nginx_modules_http_upload_progress; then + http_enabled=1 + myconf+=( --add-module=${HTTP_UPLOAD_PROGRESS_MODULE_WD} ) + fi + + if use nginx_modules_http_headers_more; then + http_enabled=1 + myconf+=( --add-module=${HTTP_HEADERS_MORE_MODULE_WD} ) + fi + + if use nginx_modules_http_cache_purge; then + http_enabled=1 + myconf+=( --add-module=${HTTP_CACHE_PURGE_MODULE_WD} ) + fi + + if use nginx_modules_http_slowfs_cache; then + http_enabled=1 + myconf+=( --add-module=${HTTP_SLOWFS_CACHE_MODULE_WD} ) + fi + + if use nginx_modules_http_fancyindex; then + http_enabled=1 + myconf+=( --add-module=${HTTP_FANCYINDEX_MODULE_WD} ) + fi + + if use nginx_modules_http_lua; then + http_enabled=1 + if use luajit; then + export LUAJIT_LIB=$(pkg-config --variable libdir luajit) + export LUAJIT_INC=$(pkg-config --variable includedir luajit) + else + export LUA_LIB=$(pkg-config --variable libdir lua) + export LUA_INC=$(pkg-config --variable includedir lua) + fi + myconf+=( --add-module=${DEVEL_KIT_MODULE_WD} ) + myconf+=( --add-module=${HTTP_LUA_MODULE_WD} ) + fi + + if use nginx_modules_http_auth_pam; then + http_enabled=1 + myconf+=( --add-module=${HTTP_AUTH_PAM_MODULE_WD} ) + fi + + if use nginx_modules_http_upstream_check; then + http_enabled=1 + myconf+=( --add-module=${HTTP_UPSTREAM_CHECK_MODULE_WD} ) + fi + + if use nginx_modules_http_metrics; then + http_enabled=1 + myconf+=( --add-module=${HTTP_METRICS_MODULE_WD} ) + fi + + if use nginx_modules_http_naxsi ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_NAXSI_MODULE_WD} ) + fi + + if use rtmp ; then + http_enabled=1 + myconf+=( --add-module=${RTMP_MODULE_WD} ) + fi + + if use nginx_modules_http_dav_ext ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_DAV_EXT_MODULE_WD} ) + fi + + if use nginx_modules_http_echo ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_ECHO_MODULE_WD} ) + fi + + if use nginx_modules_http_security ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_SECURITY_MODULE_WD}/nginx/modsecurity ) + fi + + if use nginx_modules_http_push_stream ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_PUSH_STREAM_MODULE_WD} ) + fi + + if use nginx_modules_http_sticky ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_STICKY_MODULE_WD} ) + fi + + if use nginx_modules_http_mogilefs ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_MOGILEFS_MODULE_WD} ) + fi + + if use nginx_modules_http_memc ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_MEMC_MODULE_WD} ) + fi + + if use nginx_modules_http_auth_ldap; then + http_enabled=1 + myconf+=( --add-module=${HTTP_LDAP_MODULE_WD} ) + fi + + if use nginx_modules_http_vhost_traffic_status; then + http_enabled=1 + myconf+=( --add-module=${HTTP_VHOST_TRAFFIC_STATUS_MODULE_WD} ) + fi + + if use nginx_modules_http_geoip2 || use nginx_modules_stream_geoip2; then + myconf+=( --add-module=${GEOIP2_MODULE_WD} ) + fi + + if use nginx_modules_http_javascript || use nginx_modules_stream_javascript; then + myconf+=( --add-module="${NJS_MODULE_WD}/nginx" ) + fi + + if use nginx_modules_http_brotli; then + http_enabled=1 + myconf+=( --add-module=${HTTP_BROTLI_MODULE_WD} ) + fi + + if use http || use http-cache || use http2 || use nginx_modules_http_javascript; then + http_enabled=1 + fi + + if [ $http_enabled ]; then + use http-cache || myconf+=( --without-http-cache ) + use ssl && myconf+=( --with-http_ssl_module ) + else + myconf+=( --without-http --without-http-cache ) + fi + + # Stream modules + for mod in $NGINX_MODULES_STREAM_STD; do + if use nginx_modules_stream_${mod}; then + stream_enabled=1 + else + myconf+=( --without-stream_${mod}_module ) + fi + done + + for mod in $NGINX_MODULES_STREAM_OPT; do + if use nginx_modules_stream_${mod}; then + stream_enabled=1 + myconf+=( --with-stream_${mod}_module ) + fi + done + + if use nginx_modules_stream_geoip2 || use nginx_modules_stream_javascript; then + stream_enabled=1 + fi + + if [ $stream_enabled ]; then + myconf+=( --with-stream ) + use ssl && myconf+=( --with-stream_ssl_module ) + fi + + # MAIL modules + for mod in $NGINX_MODULES_MAIL; do + if use nginx_modules_mail_${mod}; then + mail_enabled=1 + else + myconf+=( --without-mail_${mod}_module ) + fi + done + + if [ $mail_enabled ]; then + myconf+=( --with-mail ) + use ssl && myconf+=( --with-mail_ssl_module ) + fi + + # custom modules + for mod in $NGINX_ADD_MODULES; do + myconf+=( --add-module=${mod} ) + done + + # https://bugs.gentoo.org/286772 + export LANG=C LC_ALL=C + tc-export CC + + if ! use prefix; then + myconf+=( --user=${PN} ) + myconf+=( --group=${PN} ) + fi + + local WITHOUT_IPV6= + if ! use ipv6; then + WITHOUT_IPV6=" -DNGX_HAVE_INET6=0" + fi + + if [[ -n "${EXTRA_ECONF}" ]]; then + myconf+=( ${EXTRA_ECONF} ) + ewarn "EXTRA_ECONF applied. Now you are on your own, good luck!" + fi + + ./configure \ + --prefix="${EPREFIX}"/usr \ + --conf-path="${EPREFIX}"/etc/${PN}/${PN}.conf \ + --error-log-path="${EPREFIX}"/var/log/${PN}/error_log \ + --pid-path="${EPREFIX}"/run/${PN}.pid \ + --lock-path="${EPREFIX}"/run/lock/${PN}.lock \ + --with-cc-opt="-I${EROOT}usr/include${WITHOUT_IPV6}" \ + --with-ld-opt="-L${EROOT}usr/$(get_libdir)" \ + --http-log-path="${EPREFIX}"/var/log/${PN}/access_log \ + --http-client-body-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/client \ + --http-proxy-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/proxy \ + --http-fastcgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/fastcgi \ + --http-scgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/scgi \ + --http-uwsgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/uwsgi \ + --with-compat \ + "${myconf[@]}" || die "configure failed" + + # A purely cosmetic change that makes nginx -V more readable. This can be + # good if people outside the gentoo community would troubleshoot and + # question the users setup. + sed -i -e "s|${WORKDIR}|external_module|g" objs/ngx_auto_config.h || die +} + +src_compile() { + use nginx_modules_http_security && emake -C "${HTTP_SECURITY_MODULE_WD}" + + # https://bugs.gentoo.org/286772 + export LANG=C LC_ALL=C + emake LINK="${CC} ${LDFLAGS}" OTHERLDFLAGS="${LDFLAGS}" +} + +src_install() { + emake DESTDIR="${D%/}" install + + cp "${FILESDIR}"/nginx.conf-r2 "${ED}"etc/nginx/nginx.conf || die + + newinitd "${FILESDIR}"/nginx.initd-r4 nginx + newconfd "${FILESDIR}"/nginx.confd nginx + + systemd_newunit "${FILESDIR}"/nginx.service-r1 nginx.service + + doman man/nginx.8 + dodoc CHANGES* README + + # just keepdir. do not copy the default htdocs files (bug #449136) + keepdir /var/www/localhost + rm -rf "${D}"usr/html || die + + # set up a list of directories to keep + local keepdir_list="${NGINX_HOME_TMP}"/client + local module + for module in proxy fastcgi scgi uwsgi; do + use nginx_modules_http_${module} && keepdir_list+=" ${NGINX_HOME_TMP}/${module}" + done + + keepdir /var/log/nginx ${keepdir_list} + + # this solves a problem with SELinux where nginx doesn't see the directories + # as root and tries to create them as nginx + fperms 0750 "${NGINX_HOME_TMP}" + fowners ${PN}:0 "${NGINX_HOME_TMP}" + + fperms 0700 ${keepdir_list} + fowners ${PN}:${PN} ${keepdir_list} + + fperms 0710 /var/log/nginx + fowners 0:${PN} /var/log/nginx + + # logrotate + insinto /etc/logrotate.d + newins "${FILESDIR}"/nginx.logrotate-r1 nginx + + if use nginx_modules_http_perl; then + cd "${S}"/objs/src/http/modules/perl/ || die + emake DESTDIR="${D}" INSTALLDIRS=vendor + perl_delete_localpod + cd "${S}" || die + fi + + if use nginx_modules_http_cache_purge; then + docinto ${HTTP_CACHE_PURGE_MODULE_P} + dodoc "${HTTP_CACHE_PURGE_MODULE_WD}"/{CHANGES,README.md,TODO.md} + fi + + if use nginx_modules_http_slowfs_cache; then + docinto ${HTTP_SLOWFS_CACHE_MODULE_P} + dodoc "${HTTP_SLOWFS_CACHE_MODULE_WD}"/{CHANGES,README.md} + fi + + if use nginx_modules_http_fancyindex; then + docinto ${HTTP_FANCYINDEX_MODULE_P} + dodoc "${HTTP_FANCYINDEX_MODULE_WD}"/README.rst + fi + + if use nginx_modules_http_lua; then + docinto ${HTTP_LUA_MODULE_P} + dodoc "${HTTP_LUA_MODULE_WD}"/README.markdown + fi + + if use nginx_modules_http_auth_pam; then + docinto ${HTTP_AUTH_PAM_MODULE_P} + dodoc "${HTTP_AUTH_PAM_MODULE_WD}"/{README.md,ChangeLog} + fi + + if use nginx_modules_http_upstream_check; then + docinto ${HTTP_UPSTREAM_CHECK_MODULE_P} + dodoc "${HTTP_UPSTREAM_CHECK_MODULE_WD}"/{README,CHANGES} + fi + + if use nginx_modules_http_naxsi; then + insinto /etc/nginx + doins "${HTTP_NAXSI_MODULE_WD}"/../naxsi_config/naxsi_core.rules + fi + + if use rtmp; then + docinto ${RTMP_MODULE_P} + dodoc "${RTMP_MODULE_WD}"/{AUTHORS,README.md,stat.xsl} + fi + + if use nginx_modules_http_dav_ext; then + docinto ${HTTP_DAV_EXT_MODULE_P} + dodoc "${HTTP_DAV_EXT_MODULE_WD}"/README.rst + fi + + if use nginx_modules_http_echo; then + docinto ${HTTP_ECHO_MODULE_P} + dodoc "${HTTP_ECHO_MODULE_WD}"/README.markdown + fi + + if use nginx_modules_http_security; then + docinto ${HTTP_SECURITY_MODULE_P} + dodoc "${HTTP_SECURITY_MODULE_WD}"/{CHANGES,README.TXT,authors.txt} + fi + + if use nginx_modules_http_push_stream; then + docinto ${HTTP_PUSH_STREAM_MODULE_P} + dodoc "${HTTP_PUSH_STREAM_MODULE_WD}"/{AUTHORS,CHANGELOG.textile,README.textile} + fi + + if use nginx_modules_http_sticky; then + docinto ${HTTP_STICKY_MODULE_P} + dodoc "${HTTP_STICKY_MODULE_WD}"/{README.md,Changelog.txt,docs/sticky.pdf} + fi + + if use nginx_modules_http_memc; then + docinto ${HTTP_MEMC_MODULE_P} + dodoc "${HTTP_MEMC_MODULE_WD}"/README.markdown + fi + + if use nginx_modules_http_auth_ldap; then + docinto ${HTTP_LDAP_MODULE_P} + dodoc "${HTTP_LDAP_MODULE_WD}"/example.conf + fi +} + +pkg_postinst() { + if use ssl; then + if [[ ! -f "${EROOT}"etc/ssl/${PN}/${PN}.key ]]; then + install_cert /etc/ssl/${PN}/${PN} + use prefix || chown ${PN}:${PN} "${EROOT}"etc/ssl/${PN}/${PN}.{crt,csr,key,pem} + fi + fi + + if use nginx_modules_http_spdy; then + ewarn "" + ewarn "In nginx 1.9.5 the spdy module was superseded by http2." + ewarn "Update your configs and package.use accordingly." + fi + + if use nginx_modules_http_lua; then + ewarn "" + ewarn "While you can build lua 3rd party module against ${P}" + ewarn "the author warns that >=${PN}-1.11.11 is still not an" + ewarn "officially supported target yet. You are on your own." + ewarn "Expect runtime failures, memory leaks and other problems!" + fi + + if use nginx_modules_http_lua && use http2; then + ewarn "" + ewarn "Lua 3rd party module author warns against using ${P} with" + ewarn "NGINX_MODULES_HTTP=\"lua http2\". For more info, see https://git.io/OldLsg" + fi + + local _n_permission_layout_checks=0 + local _has_to_adjust_permissions=0 + local _has_to_show_permission_warning=0 + + # Defaults to 1 to inform people doing a fresh installation + # that we ship modified {scgi,uwsgi,fastcgi}_params files + local _has_to_show_httpoxy_mitigation_notice=1 + + local _replacing_version= + for _replacing_version in ${REPLACING_VERSIONS}; do + _n_permission_layout_checks=$((${_n_permission_layout_checks}+1)) + + if [[ ${_n_permission_layout_checks} -gt 1 ]]; then + # Should never happen: + # Package is abusing slots but doesn't allow multiple parallel installations. + # If we run into this situation it is unsafe to automatically adjust any + # permission... + _has_to_show_permission_warning=1 + + ewarn "Replacing multiple ${PN}' versions is unsupported! " \ + "You will have to adjust permissions on your own." + + break + fi + + local _replacing_version_branch=$(get_version_component_range 1-2 "${_replacing_version}") + debug-print "Updating an existing installation (v${_replacing_version}; branch '${_replacing_version_branch}') ..." + + # Do we need to adjust permissions to fix CVE-2013-0337 (bug #458726, #469094)? + # This was before we introduced multiple nginx versions so we + # do not need to distinguish between stable and mainline + local _need_to_fix_CVE2013_0337=1 + + if version_is_at_least "1.4.1-r2" "${_replacing_version}"; then + # We are updating an installation which should already be fixed + _need_to_fix_CVE2013_0337=0 + debug-print "Skipping CVE-2013-0337 ... existing installation should not be affected!" + else + _has_to_adjust_permissions=1 + debug-print "Need to adjust permissions to fix CVE-2013-0337!" + fi + + # Do we need to inform about HTTPoxy mitigation? + # In repository since commit 8be44f76d4ac02cebcd1e0e6e6284bb72d054b0f + if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then + # Updating from <1.10 + _has_to_show_httpoxy_mitigation_notice=1 + debug-print "Need to inform about HTTPoxy mitigation!" + else + # Updating from >=1.10 + local _fixed_in_pvr= + case "${_replacing_version_branch}" in + "1.10") + _fixed_in_pvr="1.10.1-r2" + ;; + "1.11") + _fixed_in_pvr="1.11.3-r1" + ;; + *) + # This should be any future branch. + # If we run this code it is safe to assume that the user has + # already seen the HTTPoxy mitigation notice because he/she is doing + # an update from previous version where we have already shown + # the warning. Otherwise, we wouldn't hit this code path ... + _fixed_in_pvr= + esac + + if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then + # We are updating an installation where we already informed + # that we are mitigating HTTPoxy per default + _has_to_show_httpoxy_mitigation_notice=0 + debug-print "No need to inform about HTTPoxy mitigation ... information was already shown for existing installation!" + else + _has_to_show_httpoxy_mitigation_notice=1 + debug-print "Need to inform about HTTPoxy mitigation!" + fi + fi + + # Do we need to adjust permissions to fix CVE-2016-1247 (bug #605008)? + # All branches up to 1.11 are affected + local _need_to_fix_CVE2016_1247=1 + + if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then + # Updating from <1.10 + _has_to_adjust_permissions=1 + debug-print "Need to adjust permissions to fix CVE-2016-1247!" + else + # Updating from >=1.10 + local _fixed_in_pvr= + case "${_replacing_version_branch}" in + "1.10") + _fixed_in_pvr="1.10.2-r3" + ;; + "1.11") + _fixed_in_pvr="1.11.6-r1" + ;; + *) + # This should be any future branch. + # If we run this code it is safe to assume that we have already + # adjusted permissions or were never affected because user is + # doing an update from previous version which was safe or did + # the adjustments. Otherwise, we wouldn't hit this code path ... + _fixed_in_pvr= + esac + + if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then + # We are updating an installation which should already be adjusted + # or which was never affected + _need_to_fix_CVE2016_1247=0 + debug-print "Skipping CVE-2016-1247 ... existing installation should not be affected!" + else + _has_to_adjust_permissions=1 + debug-print "Need to adjust permissions to fix CVE-2016-1247!" + fi + fi + done + + if [[ ${_has_to_adjust_permissions} -eq 1 ]]; then + # We do not DIE when chmod/chown commands are failing because + # package is already merged on user's system at this stage + # and we cannot retry without losing the information that + # the existing installation needs to adjust permissions. + # Instead we are going to a show a big warning ... + + if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2013_0337} -eq 1 ]]; then + ewarn "" + ewarn "The world-readable bit (if set) has been removed from the" + ewarn "following directories to mitigate a security bug" + ewarn "(CVE-2013-0337, bug #458726):" + ewarn "" + ewarn " ${EPREFIX%/}/var/log/nginx" + ewarn " ${EPREFIX%/}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}" + ewarn "" + ewarn "Check if this is correct for your setup before restarting nginx!" + ewarn "This is a one-time change and will not happen on subsequent updates." + ewarn "Furthermore nginx' temp directories got moved to '${EPREFIX%/}${NGINX_HOME_TMP}'" + chmod o-rwx \ + "${EPREFIX%/}"/var/log/nginx \ + "${EPREFIX%/}"${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi} || \ + _has_to_show_permission_warning=1 + fi + + if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2016_1247} -eq 1 ]]; then + ewarn "" + ewarn "The permissions on the following directory have been reset in" + ewarn "order to mitigate a security bug (CVE-2016-1247, bug #605008):" + ewarn "" + ewarn " ${EPREFIX%/}/var/log/nginx" + ewarn "" + ewarn "Check if this is correct for your setup before restarting nginx!" + ewarn "Also ensure that no other log directory used by any of your" + ewarn "vhost(s) is not writeable for nginx user. Any of your log files" + ewarn "used by nginx can be abused to escalate privileges!" + ewarn "This is a one-time change and will not happen on subsequent updates." + chown 0:nginx "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 + chmod 710 "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 + fi + + if [[ ${_has_to_show_permission_warning} -eq 1 ]]; then + # Should never happen ... + ewarn "" + ewarn "*************************************************************" + ewarn "*************** W A R N I N G ***************" + ewarn "*************************************************************" + ewarn "The one-time only attempt to adjust permissions of the" + ewarn "existing nginx installation failed. Be aware that we will not" + ewarn "try to adjust the same permissions again because now you are" + ewarn "using a nginx version where we expect that the permissions" + ewarn "are already adjusted or that you know what you are doing and" + ewarn "want to keep custom permissions." + ewarn "" + fi + fi + + # Sanity check for CVE-2016-1247 + # Required to warn users who received the warning above and thought + # they could fix it by unmerging and re-merging the package or have + # unmerged a affected installation on purpose in the past leaving + # /var/log/nginx on their system due to keepdir/non-empty folder + # and are now installing the package again. + local _sanity_check_testfile=$(mktemp --dry-run "${EPREFIX%/}"/var/log/nginx/.CVE-2016-1247.XXXXXXXXX) + su -s /bin/sh -c "touch ${_sanity_check_testfile}" nginx >&/dev/null + if [ $? -eq 0 ] ; then + # Cleanup -- no reason to die here! + rm -f "${_sanity_check_testfile}" + + ewarn "" + ewarn "*************************************************************" + ewarn "*************** W A R N I N G ***************" + ewarn "*************************************************************" + ewarn "Looks like your installation is vulnerable to CVE-2016-1247" + ewarn "(bug #605008) because nginx user is able to create files in" + ewarn "" + ewarn " ${EPREFIX%/}/var/log/nginx" + ewarn "" + ewarn "Also ensure that no other log directory used by any of your" + ewarn "vhost(s) is not writeable for nginx user. Any of your log files" + ewarn "used by nginx can be abused to escalate privileges!" + fi + + if [[ ${_has_to_show_httpoxy_mitigation_notice} -eq 1 ]]; then + # HTTPoxy mitigation + ewarn "" + ewarn "This nginx installation comes with a mitigation for the HTTPoxy" + ewarn "vulnerability for FastCGI, SCGI and uWSGI applications by setting" + ewarn "the HTTP_PROXY parameter to an empty string per default when you" + ewarn "are sourcing one of the default" + ewarn "" + ewarn " - 'fastcgi_params' or 'fastcgi.conf'" + ewarn " - 'scgi_params'" + ewarn " - 'uwsgi_params'" + ewarn "" + ewarn "files in your server block(s)." + ewarn "" + ewarn "If this is causing any problems for you make sure that you are sourcing the" + ewarn "default parameters _before_ you set your own values." + ewarn "If you are relying on user-supplied proxy values you have to remove the" + ewarn "correlating lines from the file(s) mentioned above." + ewarn "" + fi +} diff --git a/www-servers/nginx/nginx-1.15.0-r2.ebuild b/www-servers/nginx/nginx-1.15.0-r2.ebuild deleted file mode 100644 index 5c4536292af2..000000000000 --- a/www-servers/nginx/nginx-1.15.0-r2.ebuild +++ /dev/null @@ -1,1079 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -# Maintainer notes: -# - http_rewrite-independent pcre-support makes sense for matching locations without an actual rewrite -# - any http-module activates the main http-functionality and overrides USE=-http -# - keep the following requirements in mind before adding external modules: -# * alive upstream -# * sane packaging -# * builds cleanly -# * does not need a patch for nginx core -# - TODO: test the google-perftools module (included in vanilla tarball) - -# prevent perl-module from adding automagic perl DEPENDs -GENTOO_DEPEND_ON_PERL="no" - -# devel_kit (https://github.com/simpl/ngx_devel_kit, BSD license) -DEVEL_KIT_MODULE_PV="0.3.0" -DEVEL_KIT_MODULE_P="ngx_devel_kit-${DEVEL_KIT_MODULE_PV}-r1" -DEVEL_KIT_MODULE_URI="https://github.com/simpl/ngx_devel_kit/archive/v${DEVEL_KIT_MODULE_PV}.tar.gz" -DEVEL_KIT_MODULE_WD="${WORKDIR}/ngx_devel_kit-${DEVEL_KIT_MODULE_PV}" - -# ngx_brotli (https://github.com/eustas/ngx_brotli, BSD-2) -HTTP_BROTLI_MODULE_PV="0.1.2" -HTTP_BROTLI_MODULE_P="ngx_brotli-${HTTP_BROTLI_MODULE_PV}" -HTTP_BROTLI_MODULE_URI="https://github.com/eustas/ngx_brotli/archive/v${HTTP_BROTLI_MODULE_PV}.tar.gz" -HTTP_BROTLI_MODULE_WD="${WORKDIR}/ngx_brotli-${HTTP_BROTLI_MODULE_PV}" - -# http_uploadprogress (https://github.com/masterzen/nginx-upload-progress-module, BSD-2 license) -HTTP_UPLOAD_PROGRESS_MODULE_PV="0.9.2" -HTTP_UPLOAD_PROGRESS_MODULE_P="ngx_http_upload_progress-${HTTP_UPLOAD_PROGRESS_MODULE_PV}-r1" -HTTP_UPLOAD_PROGRESS_MODULE_URI="https://github.com/masterzen/nginx-upload-progress-module/archive/v${HTTP_UPLOAD_PROGRESS_MODULE_PV}.tar.gz" -HTTP_UPLOAD_PROGRESS_MODULE_WD="${WORKDIR}/nginx-upload-progress-module-${HTTP_UPLOAD_PROGRESS_MODULE_PV}" - -# http_headers_more (https://github.com/agentzh/headers-more-nginx-module, BSD license) -HTTP_HEADERS_MORE_MODULE_PV="0.33" -HTTP_HEADERS_MORE_MODULE_P="ngx_http_headers_more-${HTTP_HEADERS_MORE_MODULE_PV}" -HTTP_HEADERS_MORE_MODULE_URI="https://github.com/agentzh/headers-more-nginx-module/archive/v${HTTP_HEADERS_MORE_MODULE_PV}.tar.gz" -HTTP_HEADERS_MORE_MODULE_WD="${WORKDIR}/headers-more-nginx-module-${HTTP_HEADERS_MORE_MODULE_PV}" - -# http_cache_purge (http://labs.frickle.com/nginx_ngx_cache_purge/, https://github.com/FRiCKLE/ngx_cache_purge, BSD-2 license) -HTTP_CACHE_PURGE_MODULE_PV="2.3" -HTTP_CACHE_PURGE_MODULE_P="ngx_http_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}" -HTTP_CACHE_PURGE_MODULE_URI="http://labs.frickle.com/files/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}.tar.gz" -HTTP_CACHE_PURGE_MODULE_WD="${WORKDIR}/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}" - -# http_slowfs_cache (http://labs.frickle.com/nginx_ngx_slowfs_cache/, BSD-2 license) -HTTP_SLOWFS_CACHE_MODULE_PV="1.10" -HTTP_SLOWFS_CACHE_MODULE_P="ngx_http_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}" -HTTP_SLOWFS_CACHE_MODULE_URI="http://labs.frickle.com/files/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}.tar.gz" -HTTP_SLOWFS_CACHE_MODULE_WD="${WORKDIR}/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}" - -# http_fancyindex (https://github.com/aperezdc/ngx-fancyindex, BSD license) -HTTP_FANCYINDEX_MODULE_PV="0.4.2" -HTTP_FANCYINDEX_MODULE_P="ngx_http_fancyindex-${HTTP_FANCYINDEX_MODULE_PV}" -HTTP_FANCYINDEX_MODULE_URI="https://github.com/aperezdc/ngx-fancyindex/archive/v${HTTP_FANCYINDEX_MODULE_PV}.tar.gz" -HTTP_FANCYINDEX_MODULE_WD="${WORKDIR}/ngx-fancyindex-${HTTP_FANCYINDEX_MODULE_PV}" - -# http_lua (https://github.com/openresty/lua-nginx-module, BSD license) -HTTP_LUA_MODULE_PV="0.10.13" -HTTP_LUA_MODULE_P="ngx_http_lua-${HTTP_LUA_MODULE_PV}" -HTTP_LUA_MODULE_URI="https://github.com/openresty/lua-nginx-module/archive/v${HTTP_LUA_MODULE_PV}.tar.gz" -HTTP_LUA_MODULE_WD="${WORKDIR}/lua-nginx-module-${HTTP_LUA_MODULE_PV}" - -# http_auth_pam (https://github.com/stogh/ngx_http_auth_pam_module/, http://web.iti.upv.es/~sto/nginx/, BSD-2 license) -HTTP_AUTH_PAM_MODULE_PV="1.5.1" -HTTP_AUTH_PAM_MODULE_P="ngx_http_auth_pam-${HTTP_AUTH_PAM_MODULE_PV}" -HTTP_AUTH_PAM_MODULE_URI="https://github.com/stogh/ngx_http_auth_pam_module/archive/v${HTTP_AUTH_PAM_MODULE_PV}.tar.gz" -HTTP_AUTH_PAM_MODULE_WD="${WORKDIR}/ngx_http_auth_pam_module-${HTTP_AUTH_PAM_MODULE_PV}" - -# http_upstream_check (https://github.com/yaoweibin/nginx_upstream_check_module, BSD license) -HTTP_UPSTREAM_CHECK_MODULE_PV="9aecf15ec379fe98f62355c57b60c0bc83296f04" -HTTP_UPSTREAM_CHECK_MODULE_P="ngx_http_upstream_check-${HTTP_UPSTREAM_CHECK_MODULE_PV}" -HTTP_UPSTREAM_CHECK_MODULE_URI="https://github.com/yaoweibin/nginx_upstream_check_module/archive/${HTTP_UPSTREAM_CHECK_MODULE_PV}.tar.gz" -HTTP_UPSTREAM_CHECK_MODULE_WD="${WORKDIR}/nginx_upstream_check_module-${HTTP_UPSTREAM_CHECK_MODULE_PV}" - -# http_metrics (https://github.com/zenops/ngx_metrics, BSD license) -HTTP_METRICS_MODULE_PV="0.1.1" -HTTP_METRICS_MODULE_P="ngx_metrics-${HTTP_METRICS_MODULE_PV}" -HTTP_METRICS_MODULE_URI="https://github.com/madvertise/ngx_metrics/archive/v${HTTP_METRICS_MODULE_PV}.tar.gz" -HTTP_METRICS_MODULE_WD="${WORKDIR}/ngx_metrics-${HTTP_METRICS_MODULE_PV}" - -# http_vhost_traffic_status (https://github.com/vozlt/nginx-module-vts, BSD license) -HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV="0.1.17" -HTTP_VHOST_TRAFFIC_STATUS_MODULE_P="ngx_http_vhost_traffic_status-${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}" -HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI="https://github.com/vozlt/nginx-module-vts/archive/v${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}.tar.gz" -HTTP_VHOST_TRAFFIC_STATUS_MODULE_WD="${WORKDIR}/nginx-module-vts-${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}" - -# naxsi-core (https://github.com/nbs-system/naxsi, GPLv2+) -HTTP_NAXSI_MODULE_PV="0.55.3" -HTTP_NAXSI_MODULE_P="ngx_http_naxsi-${HTTP_NAXSI_MODULE_PV}" -HTTP_NAXSI_MODULE_URI="https://github.com/nbs-system/naxsi/archive/${HTTP_NAXSI_MODULE_PV}.tar.gz" -HTTP_NAXSI_MODULE_WD="${WORKDIR}/naxsi-${HTTP_NAXSI_MODULE_PV}/naxsi_src" - -# nginx-rtmp-module (https://github.com/arut/nginx-rtmp-module, BSD license) -RTMP_MODULE_PV="1.2.1" -RTMP_MODULE_P="ngx_rtmp-${RTMP_MODULE_PV}" -RTMP_MODULE_URI="https://github.com/arut/nginx-rtmp-module/archive/v${RTMP_MODULE_PV}.tar.gz" -RTMP_MODULE_WD="${WORKDIR}/nginx-rtmp-module-${RTMP_MODULE_PV}" - -# nginx-dav-ext-module (https://github.com/arut/nginx-dav-ext-module, BSD license) -HTTP_DAV_EXT_MODULE_PV="0.1.0" -HTTP_DAV_EXT_MODULE_P="ngx_http_dav_ext-${HTTP_DAV_EXT_MODULE_PV}" -HTTP_DAV_EXT_MODULE_URI="https://github.com/arut/nginx-dav-ext-module/archive/v${HTTP_DAV_EXT_MODULE_PV}.tar.gz" -HTTP_DAV_EXT_MODULE_WD="${WORKDIR}/nginx-dav-ext-module-${HTTP_DAV_EXT_MODULE_PV}" - -# echo-nginx-module (https://github.com/openresty/echo-nginx-module, BSD license) -HTTP_ECHO_MODULE_PV="0.61" -HTTP_ECHO_MODULE_P="ngx_http_echo-${HTTP_ECHO_MODULE_PV}" -HTTP_ECHO_MODULE_URI="https://github.com/openresty/echo-nginx-module/archive/v${HTTP_ECHO_MODULE_PV}.tar.gz" -HTTP_ECHO_MODULE_WD="${WORKDIR}/echo-nginx-module-${HTTP_ECHO_MODULE_PV}" - -# mod_security for nginx (https://modsecurity.org/, Apache-2.0) -# keep the MODULE_P here consistent with upstream to avoid tarball duplication -HTTP_SECURITY_MODULE_PV="2.9.2" -HTTP_SECURITY_MODULE_P="modsecurity-${HTTP_SECURITY_MODULE_PV}" -HTTP_SECURITY_MODULE_URI="https://www.modsecurity.org/tarball/${HTTP_SECURITY_MODULE_PV}/${HTTP_SECURITY_MODULE_P}.tar.gz" -HTTP_SECURITY_MODULE_WD="${WORKDIR}/${HTTP_SECURITY_MODULE_P}" - -# push-stream-module (http://www.nginxpushstream.com, https://github.com/wandenberg/nginx-push-stream-module, GPL-3) -HTTP_PUSH_STREAM_MODULE_PV="0.5.4" -HTTP_PUSH_STREAM_MODULE_P="ngx_http_push_stream-${HTTP_PUSH_STREAM_MODULE_PV}" -HTTP_PUSH_STREAM_MODULE_URI="https://github.com/wandenberg/nginx-push-stream-module/archive/${HTTP_PUSH_STREAM_MODULE_PV}.tar.gz" -HTTP_PUSH_STREAM_MODULE_WD="${WORKDIR}/nginx-push-stream-module-${HTTP_PUSH_STREAM_MODULE_PV}" - -# sticky-module (https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng, BSD-2) -HTTP_STICKY_MODULE_PV="1.2.6-10-g08a395c66e42" -HTTP_STICKY_MODULE_P="nginx_http_sticky_module_ng-${HTTP_STICKY_MODULE_PV}" -HTTP_STICKY_MODULE_URI="https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/${HTTP_STICKY_MODULE_PV}.tar.bz2" -HTTP_STICKY_MODULE_WD="${WORKDIR}/nginx-goodies-nginx-sticky-module-ng-08a395c66e42" - -# mogilefs-module (https://github.com/vkholodkov/nginx-mogilefs-module, BSD-2) -HTTP_MOGILEFS_MODULE_PV="1.0.4" -HTTP_MOGILEFS_MODULE_P="ngx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}" -HTTP_MOGILEFS_MODULE_URI="https://github.com/vkholodkov/nginx-mogilefs-module/archive/${HTTP_MOGILEFS_MODULE_PV}.tar.gz" -HTTP_MOGILEFS_MODULE_WD="${WORKDIR}/nginx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}" - -# memc-module (https://github.com/openresty/memc-nginx-module, BSD-2) -HTTP_MEMC_MODULE_PV="0.19" -HTTP_MEMC_MODULE_P="ngx_memc_module-${HTTP_MEMC_MODULE_PV}" -HTTP_MEMC_MODULE_URI="https://github.com/openresty/memc-nginx-module/archive/v${HTTP_MEMC_MODULE_PV}.tar.gz" -HTTP_MEMC_MODULE_WD="${WORKDIR}/memc-nginx-module-${HTTP_MEMC_MODULE_PV}" - -# nginx-ldap-auth-module (https://github.com/kvspb/nginx-auth-ldap, BSD-2) -HTTP_LDAP_MODULE_PV="42d195d7a7575ebab1c369ad3fc5d78dc2c2669c" -HTTP_LDAP_MODULE_P="nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}" -HTTP_LDAP_MODULE_URI="https://github.com/kvspb/nginx-auth-ldap/archive/${HTTP_LDAP_MODULE_PV}.tar.gz" -HTTP_LDAP_MODULE_WD="${WORKDIR}/nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}" - -# geoip2 (https://github.com/leev/ngx_http_geoip2_module, BSD-2) -GEOIP2_MODULE_PV="2.0" -GEOIP2_MODULE_P="ngx_http_geoip2_module-${GEOIP2_MODULE_PV}" -GEOIP2_MODULE_URI="https://github.com/leev/ngx_http_geoip2_module/archive/${GEOIP2_MODULE_PV}.tar.gz" -GEOIP2_MODULE_WD="${WORKDIR}/ngx_http_geoip2_module-${GEOIP2_MODULE_PV}" - -# njs-module (https://github.com/nginx/njs, as-is) -NJS_MODULE_PV="0.2.2" -NJS_MODULE_P="njs-${NJS_MODULE_PV}" -NJS_MODULE_URI="https://github.com/nginx/njs/archive/${NJS_MODULE_PV}.tar.gz" -NJS_MODULE_WD="${WORKDIR}/njs-${NJS_MODULE_PV}" - -# We handle deps below ourselves -SSL_DEPS_SKIP=1 -AUTOTOOLS_AUTO_DEPEND="no" - -inherit autotools ssl-cert toolchain-funcs perl-module flag-o-matic user systemd versionator multilib - -DESCRIPTION="Robust, small and high performance http and reverse proxy server" -HOMEPAGE="https://nginx.org" -SRC_URI="https://nginx.org/download/${P}.tar.gz - ${DEVEL_KIT_MODULE_URI} -> ${DEVEL_KIT_MODULE_P}.tar.gz - nginx_modules_http_auth_ldap? ( ${HTTP_LDAP_MODULE_URI} -> ${HTTP_LDAP_MODULE_P}.tar.gz ) - nginx_modules_http_auth_pam? ( ${HTTP_AUTH_PAM_MODULE_URI} -> ${HTTP_AUTH_PAM_MODULE_P}.tar.gz ) - nginx_modules_http_brotli? ( ${HTTP_BROTLI_MODULE_URI} -> ${HTTP_BROTLI_MODULE_P}.tar.gz ) - nginx_modules_http_cache_purge? ( ${HTTP_CACHE_PURGE_MODULE_URI} -> ${HTTP_CACHE_PURGE_MODULE_P}.tar.gz ) - nginx_modules_http_dav_ext? ( ${HTTP_DAV_EXT_MODULE_URI} -> ${HTTP_DAV_EXT_MODULE_P}.tar.gz ) - nginx_modules_http_echo? ( ${HTTP_ECHO_MODULE_URI} -> ${HTTP_ECHO_MODULE_P}.tar.gz ) - nginx_modules_http_fancyindex? ( ${HTTP_FANCYINDEX_MODULE_URI} -> ${HTTP_FANCYINDEX_MODULE_P}.tar.gz ) - nginx_modules_http_geoip2? ( ${GEOIP2_MODULE_URI} -> ${GEOIP2_MODULE_P}.tar.gz ) - nginx_modules_http_headers_more? ( ${HTTP_HEADERS_MORE_MODULE_URI} -> ${HTTP_HEADERS_MORE_MODULE_P}.tar.gz ) - nginx_modules_http_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz ) - nginx_modules_http_lua? ( ${HTTP_LUA_MODULE_URI} -> ${HTTP_LUA_MODULE_P}.tar.gz ) - nginx_modules_http_memc? ( ${HTTP_MEMC_MODULE_URI} -> ${HTTP_MEMC_MODULE_P}.tar.gz ) - nginx_modules_http_metrics? ( ${HTTP_METRICS_MODULE_URI} -> ${HTTP_METRICS_MODULE_P}.tar.gz ) - nginx_modules_http_mogilefs? ( ${HTTP_MOGILEFS_MODULE_URI} -> ${HTTP_MOGILEFS_MODULE_P}.tar.gz ) - nginx_modules_http_naxsi? ( ${HTTP_NAXSI_MODULE_URI} -> ${HTTP_NAXSI_MODULE_P}.tar.gz ) - nginx_modules_http_push_stream? ( ${HTTP_PUSH_STREAM_MODULE_URI} -> ${HTTP_PUSH_STREAM_MODULE_P}.tar.gz ) - nginx_modules_http_security? ( ${HTTP_SECURITY_MODULE_URI} -> ${HTTP_SECURITY_MODULE_P}.tar.gz ) - nginx_modules_http_slowfs_cache? ( ${HTTP_SLOWFS_CACHE_MODULE_URI} -> ${HTTP_SLOWFS_CACHE_MODULE_P}.tar.gz ) - nginx_modules_http_sticky? ( ${HTTP_STICKY_MODULE_URI} -> ${HTTP_STICKY_MODULE_P}.tar.bz2 ) - nginx_modules_http_upload_progress? ( ${HTTP_UPLOAD_PROGRESS_MODULE_URI} -> ${HTTP_UPLOAD_PROGRESS_MODULE_P}.tar.gz ) - nginx_modules_http_upstream_check? ( ${HTTP_UPSTREAM_CHECK_MODULE_URI} -> ${HTTP_UPSTREAM_CHECK_MODULE_P}.tar.gz ) - nginx_modules_http_vhost_traffic_status? ( ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI} -> ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_P}.tar.gz ) - nginx_modules_stream_geoip2? ( ${GEOIP2_MODULE_URI} -> ${GEOIP2_MODULE_P}.tar.gz ) - nginx_modules_stream_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz ) - rtmp? ( ${RTMP_MODULE_URI} -> ${RTMP_MODULE_P}.tar.gz )" - -LICENSE="BSD-2 BSD SSLeay MIT GPL-2 GPL-2+ - nginx_modules_http_security? ( Apache-2.0 ) - nginx_modules_http_push_stream? ( GPL-3 )" - -SLOT="mainline" -KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd ~amd64-linux ~x86-linux" - -# Package doesn't provide a real test suite -RESTRICT="test" - -NGINX_MODULES_STD="access auth_basic autoindex browser charset empty_gif - fastcgi geo grpc gzip limit_req limit_conn map memcached mirror - proxy referer rewrite scgi ssi split_clients upstream_hash - upstream_ip_hash upstream_keepalive upstream_least_conn - upstream_zone userid uwsgi" -NGINX_MODULES_OPT="addition auth_request dav degradation flv geoip gunzip - gzip_static image_filter mp4 perl random_index realip secure_link - slice stub_status sub xslt" -NGINX_MODULES_STREAM_STD="access geo limit_conn map return split_clients - upstream_hash upstream_least_conn upstream_zone" -NGINX_MODULES_STREAM_OPT="geoip realip ssl_preread" -NGINX_MODULES_MAIL="imap pop3 smtp" -NGINX_MODULES_3RD=" - http_auth_ldap - http_auth_pam - http_brotli - http_cache_purge - http_dav_ext - http_echo - http_fancyindex - http_geoip2 - http_headers_more - http_javascript - http_lua - http_memc - http_metrics - http_mogilefs - http_naxsi - http_push_stream - http_security - http_slowfs_cache - http_sticky - http_upload_progress - http_upstream_check - http_vhost_traffic_status - stream_geoip2 - stream_javascript -" - -IUSE="aio debug +http +http2 +http-cache +ipv6 libatomic libressl luajit +pcre - pcre-jit rtmp selinux ssl threads userland_GNU vim-syntax" - -for mod in $NGINX_MODULES_STD; do - IUSE="${IUSE} +nginx_modules_http_${mod}" -done - -for mod in $NGINX_MODULES_OPT; do - IUSE="${IUSE} nginx_modules_http_${mod}" -done - -for mod in $NGINX_MODULES_STREAM_STD; do - IUSE="${IUSE} nginx_modules_stream_${mod}" -done - -for mod in $NGINX_MODULES_STREAM_OPT; do - IUSE="${IUSE} nginx_modules_stream_${mod}" -done - -for mod in $NGINX_MODULES_MAIL; do - IUSE="${IUSE} nginx_modules_mail_${mod}" -done - -for mod in $NGINX_MODULES_3RD; do - IUSE="${IUSE} nginx_modules_${mod}" -done - -# Add so we can warn users updating about config changes -# @TODO: jbergstroem: remove on next release series -IUSE="${IUSE} nginx_modules_http_spdy" - -CDEPEND=" - pcre? ( dev-libs/libpcre:= ) - pcre-jit? ( dev-libs/libpcre:=[jit] ) - ssl? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:= ) - ) - http2? ( - !libressl? ( >=dev-libs/openssl-1.0.1c:0= ) - libressl? ( dev-libs/libressl:= ) - ) - http-cache? ( - userland_GNU? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:= ) - ) - ) - nginx_modules_http_brotli? ( app-arch/brotli:= ) - nginx_modules_http_geoip? ( dev-libs/geoip ) - nginx_modules_http_geoip2? ( dev-libs/libmaxminddb:= ) - nginx_modules_http_gunzip? ( sys-libs/zlib ) - nginx_modules_http_gzip? ( sys-libs/zlib ) - nginx_modules_http_gzip_static? ( sys-libs/zlib ) - nginx_modules_http_image_filter? ( media-libs/gd:=[jpeg,png] ) - nginx_modules_http_perl? ( >=dev-lang/perl-5.8:= ) - nginx_modules_http_rewrite? ( dev-libs/libpcre:= ) - nginx_modules_http_secure_link? ( - userland_GNU? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:= ) - ) - ) - nginx_modules_http_xslt? ( dev-libs/libxml2:= dev-libs/libxslt ) - nginx_modules_http_lua? ( !luajit? ( dev-lang/lua:0= ) luajit? ( dev-lang/luajit:2= ) ) - nginx_modules_http_auth_pam? ( virtual/pam ) - nginx_modules_http_metrics? ( dev-libs/yajl:= ) - nginx_modules_http_dav_ext? ( dev-libs/expat ) - nginx_modules_http_security? ( - dev-libs/apr:= - dev-libs/apr-util:= - dev-libs/libxml2:= - net-misc/curl - www-servers/apache - ) - nginx_modules_http_auth_ldap? ( net-nds/openldap[ssl?] )" -RDEPEND="${CDEPEND} - selinux? ( sec-policy/selinux-nginx ) - !www-servers/nginx:0" -DEPEND="${CDEPEND} - nginx_modules_http_brotli? ( virtual/pkgconfig ) - nginx_modules_http_security? ( ${AUTOTOOLS_DEPEND} ) - arm? ( dev-libs/libatomic_ops ) - libatomic? ( dev-libs/libatomic_ops )" -PDEPEND="vim-syntax? ( app-vim/nginx-syntax )" - -REQUIRED_USE="pcre-jit? ( pcre ) - nginx_modules_http_grpc? ( http2 ) - nginx_modules_http_lua? ( nginx_modules_http_rewrite ) - nginx_modules_http_naxsi? ( pcre ) - nginx_modules_http_dav_ext? ( nginx_modules_http_dav ) - nginx_modules_http_metrics? ( nginx_modules_http_stub_status ) - nginx_modules_http_security? ( pcre ) - nginx_modules_http_push_stream? ( ssl )" - -pkg_setup() { - NGINX_HOME="/var/lib/nginx" - NGINX_HOME_TMP="${NGINX_HOME}/tmp" - - ebegin "Creating nginx user and group" - enewgroup ${PN} - enewuser ${PN} -1 -1 "${NGINX_HOME}" ${PN} - eend $? - - if use libatomic; then - ewarn "GCC 4.1+ features built-in atomic operations." - ewarn "Using libatomic_ops is only needed if using" - ewarn "a different compiler or a GCC prior to 4.1" - fi - - if [[ -n $NGINX_ADD_MODULES ]]; then - ewarn "You are building custom modules via \$NGINX_ADD_MODULES!" - ewarn "This nginx installation is not supported!" - ewarn "Make sure you can reproduce the bug without those modules" - ewarn "_before_ reporting bugs." - fi - - if use !http; then - ewarn "To actually disable all http-functionality you also have to disable" - ewarn "all nginx http modules." - fi - - if use nginx_modules_http_mogilefs && use threads; then - eerror "mogilefs won't compile with threads support." - eerror "Please disable either flag and try again." - die "Can't compile mogilefs with threads support" - fi -} - -src_prepare() { - eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch" - eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch" - - if use nginx_modules_http_brotli; then - cd "${HTTP_BROTLI_MODULE_WD}" || die - eapply "${FILESDIR}"/http_brotli-detect-brotli-r1.patch - cd "${S}" || die - fi - - if use nginx_modules_http_upstream_check; then - eapply -p0 "${FILESDIR}"/http_upstream_check-nginx-1.11.5+.patch - fi - - if use nginx_modules_http_cache_purge; then - cd "${HTTP_CACHE_PURGE_MODULE_WD}" || die - eapply "${FILESDIR}"/http_cache_purge-1.11.6+.patch - cd "${S}" || die - fi - - if use nginx_modules_http_security; then - cd "${HTTP_SECURITY_MODULE_WD}" || die - - eautoreconf - - if use luajit ; then - sed -i \ - -e 's|^\(LUA_PKGNAMES\)=.*|\1="luajit"|' \ - configure || die - fi - - cd "${S}" || die - fi - - if use nginx_modules_http_upload_progress; then - cd "${HTTP_UPLOAD_PROGRESS_MODULE_WD}" || die - eapply "${FILESDIR}"/http_uploadprogress-issue_50-r1.patch - cd "${S}" || die - fi - - find auto/ -type f -print0 | xargs -0 sed -i 's:\&\& make:\&\& \\$(MAKE):' || die - # We have config protection, don't rename etc files - sed -i 's:.default::' auto/install || die - # remove useless files - sed -i -e '/koi-/d' -e '/win-/d' auto/install || die - - # don't install to /etc/nginx/ if not in use - local module - for module in fastcgi scgi uwsgi ; do - if ! use nginx_modules_http_${module}; then - sed -i -e "/${module}/d" auto/install || die - fi - done - - eapply_user -} - -src_configure() { - # mod_security needs to generate nginx/modsecurity/config before including it - if use nginx_modules_http_security; then - cd "${HTTP_SECURITY_MODULE_WD}" || die - - ./configure \ - --enable-standalone-module \ - --disable-mlogc \ - --with-ssdeep=no \ - $(use_enable pcre-jit) \ - $(use_with nginx_modules_http_lua lua) || die "configure failed for mod_security" - - cd "${S}" || die - fi - - local myconf=() http_enabled= mail_enabled= stream_enabled= - - use aio && myconf+=( --with-file-aio ) - use debug && myconf+=( --with-debug ) - use http2 && myconf+=( --with-http_v2_module ) - use libatomic && myconf+=( --with-libatomic ) - use pcre && myconf+=( --with-pcre ) - use pcre-jit && myconf+=( --with-pcre-jit ) - use threads && myconf+=( --with-threads ) - - # HTTP modules - for mod in $NGINX_MODULES_STD; do - if use nginx_modules_http_${mod}; then - http_enabled=1 - else - myconf+=( --without-http_${mod}_module ) - fi - done - - for mod in $NGINX_MODULES_OPT; do - if use nginx_modules_http_${mod}; then - http_enabled=1 - myconf+=( --with-http_${mod}_module ) - fi - done - - if use nginx_modules_http_fastcgi; then - myconf+=( --with-http_realip_module ) - fi - - # third-party modules - if use nginx_modules_http_upload_progress; then - http_enabled=1 - myconf+=( --add-module=${HTTP_UPLOAD_PROGRESS_MODULE_WD} ) - fi - - if use nginx_modules_http_headers_more; then - http_enabled=1 - myconf+=( --add-module=${HTTP_HEADERS_MORE_MODULE_WD} ) - fi - - if use nginx_modules_http_cache_purge; then - http_enabled=1 - myconf+=( --add-module=${HTTP_CACHE_PURGE_MODULE_WD} ) - fi - - if use nginx_modules_http_slowfs_cache; then - http_enabled=1 - myconf+=( --add-module=${HTTP_SLOWFS_CACHE_MODULE_WD} ) - fi - - if use nginx_modules_http_fancyindex; then - http_enabled=1 - myconf+=( --add-module=${HTTP_FANCYINDEX_MODULE_WD} ) - fi - - if use nginx_modules_http_lua; then - http_enabled=1 - if use luajit; then - export LUAJIT_LIB=$(pkg-config --variable libdir luajit) - export LUAJIT_INC=$(pkg-config --variable includedir luajit) - else - export LUA_LIB=$(pkg-config --variable libdir lua) - export LUA_INC=$(pkg-config --variable includedir lua) - fi - myconf+=( --add-module=${DEVEL_KIT_MODULE_WD} ) - myconf+=( --add-module=${HTTP_LUA_MODULE_WD} ) - fi - - if use nginx_modules_http_auth_pam; then - http_enabled=1 - myconf+=( --add-module=${HTTP_AUTH_PAM_MODULE_WD} ) - fi - - if use nginx_modules_http_upstream_check; then - http_enabled=1 - myconf+=( --add-module=${HTTP_UPSTREAM_CHECK_MODULE_WD} ) - fi - - if use nginx_modules_http_metrics; then - http_enabled=1 - myconf+=( --add-module=${HTTP_METRICS_MODULE_WD} ) - fi - - if use nginx_modules_http_naxsi ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_NAXSI_MODULE_WD} ) - fi - - if use rtmp ; then - http_enabled=1 - myconf+=( --add-module=${RTMP_MODULE_WD} ) - fi - - if use nginx_modules_http_dav_ext ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_DAV_EXT_MODULE_WD} ) - fi - - if use nginx_modules_http_echo ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_ECHO_MODULE_WD} ) - fi - - if use nginx_modules_http_security ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_SECURITY_MODULE_WD}/nginx/modsecurity ) - fi - - if use nginx_modules_http_push_stream ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_PUSH_STREAM_MODULE_WD} ) - fi - - if use nginx_modules_http_sticky ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_STICKY_MODULE_WD} ) - fi - - if use nginx_modules_http_mogilefs ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_MOGILEFS_MODULE_WD} ) - fi - - if use nginx_modules_http_memc ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_MEMC_MODULE_WD} ) - fi - - if use nginx_modules_http_auth_ldap; then - http_enabled=1 - myconf+=( --add-module=${HTTP_LDAP_MODULE_WD} ) - fi - - if use nginx_modules_http_vhost_traffic_status; then - http_enabled=1 - myconf+=( --add-module=${HTTP_VHOST_TRAFFIC_STATUS_MODULE_WD} ) - fi - - if use nginx_modules_http_geoip2 || use nginx_modules_stream_geoip2; then - myconf+=( --add-module=${GEOIP2_MODULE_WD} ) - fi - - if use nginx_modules_http_javascript || use nginx_modules_stream_javascript; then - myconf+=( --add-module="${NJS_MODULE_WD}/nginx" ) - fi - - if use nginx_modules_http_brotli; then - http_enabled=1 - myconf+=( --add-module=${HTTP_BROTLI_MODULE_WD} ) - fi - - if use http || use http-cache || use http2 || use nginx_modules_http_javascript; then - http_enabled=1 - fi - - if [ $http_enabled ]; then - use http-cache || myconf+=( --without-http-cache ) - use ssl && myconf+=( --with-http_ssl_module ) - else - myconf+=( --without-http --without-http-cache ) - fi - - # Stream modules - for mod in $NGINX_MODULES_STREAM_STD; do - if use nginx_modules_stream_${mod}; then - stream_enabled=1 - else - myconf+=( --without-stream_${mod}_module ) - fi - done - - for mod in $NGINX_MODULES_STREAM_OPT; do - if use nginx_modules_stream_${mod}; then - stream_enabled=1 - myconf+=( --with-stream_${mod}_module ) - fi - done - - if use nginx_modules_stream_geoip2 || use nginx_modules_stream_javascript; then - stream_enabled=1 - fi - - if [ $stream_enabled ]; then - myconf+=( --with-stream ) - use ssl && myconf+=( --with-stream_ssl_module ) - fi - - # MAIL modules - for mod in $NGINX_MODULES_MAIL; do - if use nginx_modules_mail_${mod}; then - mail_enabled=1 - else - myconf+=( --without-mail_${mod}_module ) - fi - done - - if [ $mail_enabled ]; then - myconf+=( --with-mail ) - use ssl && myconf+=( --with-mail_ssl_module ) - fi - - # custom modules - for mod in $NGINX_ADD_MODULES; do - myconf+=( --add-module=${mod} ) - done - - # https://bugs.gentoo.org/286772 - export LANG=C LC_ALL=C - tc-export CC - - if ! use prefix; then - myconf+=( --user=${PN} ) - myconf+=( --group=${PN} ) - fi - - local WITHOUT_IPV6= - if ! use ipv6; then - WITHOUT_IPV6=" -DNGX_HAVE_INET6=0" - fi - - if [[ -n "${EXTRA_ECONF}" ]]; then - myconf+=( ${EXTRA_ECONF} ) - ewarn "EXTRA_ECONF applied. Now you are on your own, good luck!" - fi - - ./configure \ - --prefix="${EPREFIX}"/usr \ - --conf-path="${EPREFIX}"/etc/${PN}/${PN}.conf \ - --error-log-path="${EPREFIX}"/var/log/${PN}/error_log \ - --pid-path="${EPREFIX}"/run/${PN}.pid \ - --lock-path="${EPREFIX}"/run/lock/${PN}.lock \ - --with-cc-opt="-I${EROOT}usr/include${WITHOUT_IPV6}" \ - --with-ld-opt="-L${EROOT}usr/$(get_libdir)" \ - --http-log-path="${EPREFIX}"/var/log/${PN}/access_log \ - --http-client-body-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/client \ - --http-proxy-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/proxy \ - --http-fastcgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/fastcgi \ - --http-scgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/scgi \ - --http-uwsgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/uwsgi \ - --with-compat \ - "${myconf[@]}" || die "configure failed" - - # A purely cosmetic change that makes nginx -V more readable. This can be - # good if people outside the gentoo community would troubleshoot and - # question the users setup. - sed -i -e "s|${WORKDIR}|external_module|g" objs/ngx_auto_config.h || die -} - -src_compile() { - use nginx_modules_http_security && emake -C "${HTTP_SECURITY_MODULE_WD}" - - # https://bugs.gentoo.org/286772 - export LANG=C LC_ALL=C - emake LINK="${CC} ${LDFLAGS}" OTHERLDFLAGS="${LDFLAGS}" -} - -src_install() { - emake DESTDIR="${D%/}" install - - cp "${FILESDIR}"/nginx.conf-r2 "${ED}"etc/nginx/nginx.conf || die - - newinitd "${FILESDIR}"/nginx.initd-r4 nginx - newconfd "${FILESDIR}"/nginx.confd nginx - - systemd_newunit "${FILESDIR}"/nginx.service-r1 nginx.service - - doman man/nginx.8 - dodoc CHANGES* README - - # just keepdir. do not copy the default htdocs files (bug #449136) - keepdir /var/www/localhost - rm -rf "${D}"usr/html || die - - # set up a list of directories to keep - local keepdir_list="${NGINX_HOME_TMP}"/client - local module - for module in proxy fastcgi scgi uwsgi; do - use nginx_modules_http_${module} && keepdir_list+=" ${NGINX_HOME_TMP}/${module}" - done - - keepdir /var/log/nginx ${keepdir_list} - - # this solves a problem with SELinux where nginx doesn't see the directories - # as root and tries to create them as nginx - fperms 0750 "${NGINX_HOME_TMP}" - fowners ${PN}:0 "${NGINX_HOME_TMP}" - - fperms 0700 ${keepdir_list} - fowners ${PN}:${PN} ${keepdir_list} - - fperms 0710 /var/log/nginx - fowners 0:${PN} /var/log/nginx - - # logrotate - insinto /etc/logrotate.d - newins "${FILESDIR}"/nginx.logrotate-r1 nginx - - if use nginx_modules_http_perl; then - cd "${S}"/objs/src/http/modules/perl/ || die - emake DESTDIR="${D}" INSTALLDIRS=vendor - perl_delete_localpod - cd "${S}" || die - fi - - if use nginx_modules_http_cache_purge; then - docinto ${HTTP_CACHE_PURGE_MODULE_P} - dodoc "${HTTP_CACHE_PURGE_MODULE_WD}"/{CHANGES,README.md,TODO.md} - fi - - if use nginx_modules_http_slowfs_cache; then - docinto ${HTTP_SLOWFS_CACHE_MODULE_P} - dodoc "${HTTP_SLOWFS_CACHE_MODULE_WD}"/{CHANGES,README.md} - fi - - if use nginx_modules_http_fancyindex; then - docinto ${HTTP_FANCYINDEX_MODULE_P} - dodoc "${HTTP_FANCYINDEX_MODULE_WD}"/README.rst - fi - - if use nginx_modules_http_lua; then - docinto ${HTTP_LUA_MODULE_P} - dodoc "${HTTP_LUA_MODULE_WD}"/README.markdown - fi - - if use nginx_modules_http_auth_pam; then - docinto ${HTTP_AUTH_PAM_MODULE_P} - dodoc "${HTTP_AUTH_PAM_MODULE_WD}"/{README.md,ChangeLog} - fi - - if use nginx_modules_http_upstream_check; then - docinto ${HTTP_UPSTREAM_CHECK_MODULE_P} - dodoc "${HTTP_UPSTREAM_CHECK_MODULE_WD}"/{README,CHANGES} - fi - - if use nginx_modules_http_naxsi; then - insinto /etc/nginx - doins "${HTTP_NAXSI_MODULE_WD}"/../naxsi_config/naxsi_core.rules - fi - - if use rtmp; then - docinto ${RTMP_MODULE_P} - dodoc "${RTMP_MODULE_WD}"/{AUTHORS,README.md,stat.xsl} - fi - - if use nginx_modules_http_dav_ext; then - docinto ${HTTP_DAV_EXT_MODULE_P} - dodoc "${HTTP_DAV_EXT_MODULE_WD}"/README.rst - fi - - if use nginx_modules_http_echo; then - docinto ${HTTP_ECHO_MODULE_P} - dodoc "${HTTP_ECHO_MODULE_WD}"/README.markdown - fi - - if use nginx_modules_http_security; then - docinto ${HTTP_SECURITY_MODULE_P} - dodoc "${HTTP_SECURITY_MODULE_WD}"/{CHANGES,README.TXT,authors.txt} - fi - - if use nginx_modules_http_push_stream; then - docinto ${HTTP_PUSH_STREAM_MODULE_P} - dodoc "${HTTP_PUSH_STREAM_MODULE_WD}"/{AUTHORS,CHANGELOG.textile,README.textile} - fi - - if use nginx_modules_http_sticky; then - docinto ${HTTP_STICKY_MODULE_P} - dodoc "${HTTP_STICKY_MODULE_WD}"/{README.md,Changelog.txt,docs/sticky.pdf} - fi - - if use nginx_modules_http_memc; then - docinto ${HTTP_MEMC_MODULE_P} - dodoc "${HTTP_MEMC_MODULE_WD}"/README.markdown - fi - - if use nginx_modules_http_auth_ldap; then - docinto ${HTTP_LDAP_MODULE_P} - dodoc "${HTTP_LDAP_MODULE_WD}"/example.conf - fi -} - -pkg_postinst() { - if use ssl; then - if [[ ! -f "${EROOT}"etc/ssl/${PN}/${PN}.key ]]; then - install_cert /etc/ssl/${PN}/${PN} - use prefix || chown ${PN}:${PN} "${EROOT}"etc/ssl/${PN}/${PN}.{crt,csr,key,pem} - fi - fi - - if use nginx_modules_http_spdy; then - ewarn "" - ewarn "In nginx 1.9.5 the spdy module was superseded by http2." - ewarn "Update your configs and package.use accordingly." - fi - - if use nginx_modules_http_lua; then - ewarn "" - ewarn "While you can build lua 3rd party module against ${P}" - ewarn "the author warns that >=${PN}-1.11.11 is still not an" - ewarn "officially supported target yet. You are on your own." - ewarn "Expect runtime failures, memory leaks and other problems!" - fi - - if use nginx_modules_http_lua && use http2; then - ewarn "" - ewarn "Lua 3rd party module author warns against using ${P} with" - ewarn "NGINX_MODULES_HTTP=\"lua http2\". For more info, see https://git.io/OldLsg" - fi - - local _n_permission_layout_checks=0 - local _has_to_adjust_permissions=0 - local _has_to_show_permission_warning=0 - - # Defaults to 1 to inform people doing a fresh installation - # that we ship modified {scgi,uwsgi,fastcgi}_params files - local _has_to_show_httpoxy_mitigation_notice=1 - - local _replacing_version= - for _replacing_version in ${REPLACING_VERSIONS}; do - _n_permission_layout_checks=$((${_n_permission_layout_checks}+1)) - - if [[ ${_n_permission_layout_checks} -gt 1 ]]; then - # Should never happen: - # Package is abusing slots but doesn't allow multiple parallel installations. - # If we run into this situation it is unsafe to automatically adjust any - # permission... - _has_to_show_permission_warning=1 - - ewarn "Replacing multiple ${PN}' versions is unsupported! " \ - "You will have to adjust permissions on your own." - - break - fi - - local _replacing_version_branch=$(get_version_component_range 1-2 "${_replacing_version}") - debug-print "Updating an existing installation (v${_replacing_version}; branch '${_replacing_version_branch}') ..." - - # Do we need to adjust permissions to fix CVE-2013-0337 (bug #458726, #469094)? - # This was before we introduced multiple nginx versions so we - # do not need to distinguish between stable and mainline - local _need_to_fix_CVE2013_0337=1 - - if version_is_at_least "1.4.1-r2" "${_replacing_version}"; then - # We are updating an installation which should already be fixed - _need_to_fix_CVE2013_0337=0 - debug-print "Skipping CVE-2013-0337 ... existing installation should not be affected!" - else - _has_to_adjust_permissions=1 - debug-print "Need to adjust permissions to fix CVE-2013-0337!" - fi - - # Do we need to inform about HTTPoxy mitigation? - # In repository since commit 8be44f76d4ac02cebcd1e0e6e6284bb72d054b0f - if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then - # Updating from <1.10 - _has_to_show_httpoxy_mitigation_notice=1 - debug-print "Need to inform about HTTPoxy mitigation!" - else - # Updating from >=1.10 - local _fixed_in_pvr= - case "${_replacing_version_branch}" in - "1.10") - _fixed_in_pvr="1.10.1-r2" - ;; - "1.11") - _fixed_in_pvr="1.11.3-r1" - ;; - *) - # This should be any future branch. - # If we run this code it is safe to assume that the user has - # already seen the HTTPoxy mitigation notice because he/she is doing - # an update from previous version where we have already shown - # the warning. Otherwise, we wouldn't hit this code path ... - _fixed_in_pvr= - esac - - if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then - # We are updating an installation where we already informed - # that we are mitigating HTTPoxy per default - _has_to_show_httpoxy_mitigation_notice=0 - debug-print "No need to inform about HTTPoxy mitigation ... information was already shown for existing installation!" - else - _has_to_show_httpoxy_mitigation_notice=1 - debug-print "Need to inform about HTTPoxy mitigation!" - fi - fi - - # Do we need to adjust permissions to fix CVE-2016-1247 (bug #605008)? - # All branches up to 1.11 are affected - local _need_to_fix_CVE2016_1247=1 - - if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then - # Updating from <1.10 - _has_to_adjust_permissions=1 - debug-print "Need to adjust permissions to fix CVE-2016-1247!" - else - # Updating from >=1.10 - local _fixed_in_pvr= - case "${_replacing_version_branch}" in - "1.10") - _fixed_in_pvr="1.10.2-r3" - ;; - "1.11") - _fixed_in_pvr="1.11.6-r1" - ;; - *) - # This should be any future branch. - # If we run this code it is safe to assume that we have already - # adjusted permissions or were never affected because user is - # doing an update from previous version which was safe or did - # the adjustments. Otherwise, we wouldn't hit this code path ... - _fixed_in_pvr= - esac - - if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then - # We are updating an installation which should already be adjusted - # or which was never affected - _need_to_fix_CVE2016_1247=0 - debug-print "Skipping CVE-2016-1247 ... existing installation should not be affected!" - else - _has_to_adjust_permissions=1 - debug-print "Need to adjust permissions to fix CVE-2016-1247!" - fi - fi - done - - if [[ ${_has_to_adjust_permissions} -eq 1 ]]; then - # We do not DIE when chmod/chown commands are failing because - # package is already merged on user's system at this stage - # and we cannot retry without losing the information that - # the existing installation needs to adjust permissions. - # Instead we are going to a show a big warning ... - - if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2013_0337} -eq 1 ]]; then - ewarn "" - ewarn "The world-readable bit (if set) has been removed from the" - ewarn "following directories to mitigate a security bug" - ewarn "(CVE-2013-0337, bug #458726):" - ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" - ewarn " ${EPREFIX%/}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}" - ewarn "" - ewarn "Check if this is correct for your setup before restarting nginx!" - ewarn "This is a one-time change and will not happen on subsequent updates." - ewarn "Furthermore nginx' temp directories got moved to '${EPREFIX%/}${NGINX_HOME_TMP}'" - chmod o-rwx \ - "${EPREFIX%/}"/var/log/nginx \ - "${EPREFIX%/}"${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi} || \ - _has_to_show_permission_warning=1 - fi - - if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2016_1247} -eq 1 ]]; then - ewarn "" - ewarn "The permissions on the following directory have been reset in" - ewarn "order to mitigate a security bug (CVE-2016-1247, bug #605008):" - ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" - ewarn "" - ewarn "Check if this is correct for your setup before restarting nginx!" - ewarn "Also ensure that no other log directory used by any of your" - ewarn "vhost(s) is not writeable for nginx user. Any of your log files" - ewarn "used by nginx can be abused to escalate privileges!" - ewarn "This is a one-time change and will not happen on subsequent updates." - chown 0:nginx "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 - chmod 710 "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 - fi - - if [[ ${_has_to_show_permission_warning} -eq 1 ]]; then - # Should never happen ... - ewarn "" - ewarn "*************************************************************" - ewarn "*************** W A R N I N G ***************" - ewarn "*************************************************************" - ewarn "The one-time only attempt to adjust permissions of the" - ewarn "existing nginx installation failed. Be aware that we will not" - ewarn "try to adjust the same permissions again because now you are" - ewarn "using a nginx version where we expect that the permissions" - ewarn "are already adjusted or that you know what you are doing and" - ewarn "want to keep custom permissions." - ewarn "" - fi - fi - - # Sanity check for CVE-2016-1247 - # Required to warn users who received the warning above and thought - # they could fix it by unmerging and re-merging the package or have - # unmerged a affected installation on purpose in the past leaving - # /var/log/nginx on their system due to keepdir/non-empty folder - # and are now installing the package again. - local _sanity_check_testfile=$(mktemp --dry-run "${EPREFIX%/}"/var/log/nginx/.CVE-2016-1247.XXXXXXXXX) - su -s /bin/sh -c "touch ${_sanity_check_testfile}" nginx >&/dev/null - if [ $? -eq 0 ] ; then - # Cleanup -- no reason to die here! - rm -f "${_sanity_check_testfile}" - - ewarn "" - ewarn "*************************************************************" - ewarn "*************** W A R N I N G ***************" - ewarn "*************************************************************" - ewarn "Looks like your installation is vulnerable to CVE-2016-1247" - ewarn "(bug #605008) because nginx user is able to create files in" - ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" - ewarn "" - ewarn "Also ensure that no other log directory used by any of your" - ewarn "vhost(s) is not writeable for nginx user. Any of your log files" - ewarn "used by nginx can be abused to escalate privileges!" - fi - - if [[ ${_has_to_show_httpoxy_mitigation_notice} -eq 1 ]]; then - # HTTPoxy mitigation - ewarn "" - ewarn "This nginx installation comes with a mitigation for the HTTPoxy" - ewarn "vulnerability for FastCGI, SCGI and uWSGI applications by setting" - ewarn "the HTTP_PROXY parameter to an empty string per default when you" - ewarn "are sourcing one of the default" - ewarn "" - ewarn " - 'fastcgi_params' or 'fastcgi.conf'" - ewarn " - 'scgi_params'" - ewarn " - 'uwsgi_params'" - ewarn "" - ewarn "files in your server block(s)." - ewarn "" - ewarn "If this is causing any problems for you make sure that you are sourcing the" - ewarn "default parameters _before_ you set your own values." - ewarn "If you are relying on user-supplied proxy values you have to remove the" - ewarn "correlating lines from the file(s) mentioned above." - ewarn "" - fi -} diff --git a/www-servers/nginx/nginx-1.15.1-r1.ebuild b/www-servers/nginx/nginx-1.15.1-r1.ebuild new file mode 100644 index 000000000000..addae4eea241 --- /dev/null +++ b/www-servers/nginx/nginx-1.15.1-r1.ebuild @@ -0,0 +1,1081 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +# Maintainer notes: +# - http_rewrite-independent pcre-support makes sense for matching locations without an actual rewrite +# - any http-module activates the main http-functionality and overrides USE=-http +# - keep the following requirements in mind before adding external modules: +# * alive upstream +# * sane packaging +# * builds cleanly +# * does not need a patch for nginx core +# - TODO: test the google-perftools module (included in vanilla tarball) + +# prevent perl-module from adding automagic perl DEPENDs +GENTOO_DEPEND_ON_PERL="no" + +# devel_kit (https://github.com/simpl/ngx_devel_kit, BSD license) +DEVEL_KIT_MODULE_PV="0.3.0" +DEVEL_KIT_MODULE_P="ngx_devel_kit-${DEVEL_KIT_MODULE_PV}-r1" +DEVEL_KIT_MODULE_URI="https://github.com/simpl/ngx_devel_kit/archive/v${DEVEL_KIT_MODULE_PV}.tar.gz" +DEVEL_KIT_MODULE_WD="${WORKDIR}/ngx_devel_kit-${DEVEL_KIT_MODULE_PV}" + +# ngx_brotli (https://github.com/eustas/ngx_brotli, BSD-2) +HTTP_BROTLI_MODULE_PV="0.1.2" +HTTP_BROTLI_MODULE_P="ngx_brotli-${HTTP_BROTLI_MODULE_PV}" +HTTP_BROTLI_MODULE_URI="https://github.com/eustas/ngx_brotli/archive/v${HTTP_BROTLI_MODULE_PV}.tar.gz" +HTTP_BROTLI_MODULE_WD="${WORKDIR}/ngx_brotli-${HTTP_BROTLI_MODULE_PV}" + +# http_uploadprogress (https://github.com/masterzen/nginx-upload-progress-module, BSD-2 license) +HTTP_UPLOAD_PROGRESS_MODULE_PV="0.9.2" +HTTP_UPLOAD_PROGRESS_MODULE_P="ngx_http_upload_progress-${HTTP_UPLOAD_PROGRESS_MODULE_PV}-r1" +HTTP_UPLOAD_PROGRESS_MODULE_URI="https://github.com/masterzen/nginx-upload-progress-module/archive/v${HTTP_UPLOAD_PROGRESS_MODULE_PV}.tar.gz" +HTTP_UPLOAD_PROGRESS_MODULE_WD="${WORKDIR}/nginx-upload-progress-module-${HTTP_UPLOAD_PROGRESS_MODULE_PV}" + +# http_headers_more (https://github.com/agentzh/headers-more-nginx-module, BSD license) +HTTP_HEADERS_MORE_MODULE_PV="0.33" +HTTP_HEADERS_MORE_MODULE_P="ngx_http_headers_more-${HTTP_HEADERS_MORE_MODULE_PV}" +HTTP_HEADERS_MORE_MODULE_URI="https://github.com/agentzh/headers-more-nginx-module/archive/v${HTTP_HEADERS_MORE_MODULE_PV}.tar.gz" +HTTP_HEADERS_MORE_MODULE_WD="${WORKDIR}/headers-more-nginx-module-${HTTP_HEADERS_MORE_MODULE_PV}" + +# http_cache_purge (http://labs.frickle.com/nginx_ngx_cache_purge/, https://github.com/FRiCKLE/ngx_cache_purge, BSD-2 license) +HTTP_CACHE_PURGE_MODULE_PV="2.3" +HTTP_CACHE_PURGE_MODULE_P="ngx_http_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}" +HTTP_CACHE_PURGE_MODULE_URI="http://labs.frickle.com/files/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}.tar.gz" +HTTP_CACHE_PURGE_MODULE_WD="${WORKDIR}/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}" + +# http_slowfs_cache (http://labs.frickle.com/nginx_ngx_slowfs_cache/, BSD-2 license) +HTTP_SLOWFS_CACHE_MODULE_PV="1.10" +HTTP_SLOWFS_CACHE_MODULE_P="ngx_http_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}" +HTTP_SLOWFS_CACHE_MODULE_URI="http://labs.frickle.com/files/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}.tar.gz" +HTTP_SLOWFS_CACHE_MODULE_WD="${WORKDIR}/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}" + +# http_fancyindex (https://github.com/aperezdc/ngx-fancyindex, BSD license) +HTTP_FANCYINDEX_MODULE_PV="0.4.3" +HTTP_FANCYINDEX_MODULE_P="ngx_http_fancyindex-${HTTP_FANCYINDEX_MODULE_PV}" +HTTP_FANCYINDEX_MODULE_URI="https://github.com/aperezdc/ngx-fancyindex/archive/v${HTTP_FANCYINDEX_MODULE_PV}.tar.gz" +HTTP_FANCYINDEX_MODULE_WD="${WORKDIR}/ngx-fancyindex-${HTTP_FANCYINDEX_MODULE_PV}" + +# http_lua (https://github.com/openresty/lua-nginx-module, BSD license) +HTTP_LUA_MODULE_PV="0.10.13" +HTTP_LUA_MODULE_P="ngx_http_lua-${HTTP_LUA_MODULE_PV}" +HTTP_LUA_MODULE_URI="https://github.com/openresty/lua-nginx-module/archive/v${HTTP_LUA_MODULE_PV}.tar.gz" +HTTP_LUA_MODULE_WD="${WORKDIR}/lua-nginx-module-${HTTP_LUA_MODULE_PV}" + +# http_auth_pam (https://github.com/stogh/ngx_http_auth_pam_module/, http://web.iti.upv.es/~sto/nginx/, BSD-2 license) +HTTP_AUTH_PAM_MODULE_PV="1.5.1" +HTTP_AUTH_PAM_MODULE_P="ngx_http_auth_pam-${HTTP_AUTH_PAM_MODULE_PV}" +HTTP_AUTH_PAM_MODULE_URI="https://github.com/stogh/ngx_http_auth_pam_module/archive/v${HTTP_AUTH_PAM_MODULE_PV}.tar.gz" +HTTP_AUTH_PAM_MODULE_WD="${WORKDIR}/ngx_http_auth_pam_module-${HTTP_AUTH_PAM_MODULE_PV}" + +# http_upstream_check (https://github.com/yaoweibin/nginx_upstream_check_module, BSD license) +HTTP_UPSTREAM_CHECK_MODULE_PV="9aecf15ec379fe98f62355c57b60c0bc83296f04" +HTTP_UPSTREAM_CHECK_MODULE_P="ngx_http_upstream_check-${HTTP_UPSTREAM_CHECK_MODULE_PV}" +HTTP_UPSTREAM_CHECK_MODULE_URI="https://github.com/yaoweibin/nginx_upstream_check_module/archive/${HTTP_UPSTREAM_CHECK_MODULE_PV}.tar.gz" +HTTP_UPSTREAM_CHECK_MODULE_WD="${WORKDIR}/nginx_upstream_check_module-${HTTP_UPSTREAM_CHECK_MODULE_PV}" + +# http_metrics (https://github.com/zenops/ngx_metrics, BSD license) +HTTP_METRICS_MODULE_PV="0.1.1" +HTTP_METRICS_MODULE_P="ngx_metrics-${HTTP_METRICS_MODULE_PV}" +HTTP_METRICS_MODULE_URI="https://github.com/madvertise/ngx_metrics/archive/v${HTTP_METRICS_MODULE_PV}.tar.gz" +HTTP_METRICS_MODULE_WD="${WORKDIR}/ngx_metrics-${HTTP_METRICS_MODULE_PV}" + +# http_vhost_traffic_status (https://github.com/vozlt/nginx-module-vts, BSD license) +HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV="0.1.18" +HTTP_VHOST_TRAFFIC_STATUS_MODULE_P="ngx_http_vhost_traffic_status-${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}" +HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI="https://github.com/vozlt/nginx-module-vts/archive/v${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}.tar.gz" +HTTP_VHOST_TRAFFIC_STATUS_MODULE_WD="${WORKDIR}/nginx-module-vts-${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}" + +# naxsi-core (https://github.com/nbs-system/naxsi, GPLv2+) +HTTP_NAXSI_MODULE_PV="0.56" +HTTP_NAXSI_MODULE_P="ngx_http_naxsi-${HTTP_NAXSI_MODULE_PV}" +HTTP_NAXSI_MODULE_URI="https://github.com/nbs-system/naxsi/archive/${HTTP_NAXSI_MODULE_PV}.tar.gz" +HTTP_NAXSI_MODULE_WD="${WORKDIR}/naxsi-${HTTP_NAXSI_MODULE_PV}/naxsi_src" + +# nginx-rtmp-module (https://github.com/arut/nginx-rtmp-module, BSD license) +RTMP_MODULE_PV="1.2.1" +RTMP_MODULE_P="ngx_rtmp-${RTMP_MODULE_PV}" +RTMP_MODULE_URI="https://github.com/arut/nginx-rtmp-module/archive/v${RTMP_MODULE_PV}.tar.gz" +RTMP_MODULE_WD="${WORKDIR}/nginx-rtmp-module-${RTMP_MODULE_PV}" + +# nginx-dav-ext-module (https://github.com/arut/nginx-dav-ext-module, BSD license) +HTTP_DAV_EXT_MODULE_PV="0.1.0" +HTTP_DAV_EXT_MODULE_P="ngx_http_dav_ext-${HTTP_DAV_EXT_MODULE_PV}" +HTTP_DAV_EXT_MODULE_URI="https://github.com/arut/nginx-dav-ext-module/archive/v${HTTP_DAV_EXT_MODULE_PV}.tar.gz" +HTTP_DAV_EXT_MODULE_WD="${WORKDIR}/nginx-dav-ext-module-${HTTP_DAV_EXT_MODULE_PV}" + +# echo-nginx-module (https://github.com/openresty/echo-nginx-module, BSD license) +HTTP_ECHO_MODULE_PV="0.61" +HTTP_ECHO_MODULE_P="ngx_http_echo-${HTTP_ECHO_MODULE_PV}" +HTTP_ECHO_MODULE_URI="https://github.com/openresty/echo-nginx-module/archive/v${HTTP_ECHO_MODULE_PV}.tar.gz" +HTTP_ECHO_MODULE_WD="${WORKDIR}/echo-nginx-module-${HTTP_ECHO_MODULE_PV}" + +# mod_security for nginx (https://modsecurity.org/, Apache-2.0) +# keep the MODULE_P here consistent with upstream to avoid tarball duplication +HTTP_SECURITY_MODULE_PV="2.9.2" +HTTP_SECURITY_MODULE_P="modsecurity-${HTTP_SECURITY_MODULE_PV}" +HTTP_SECURITY_MODULE_URI="https://www.modsecurity.org/tarball/${HTTP_SECURITY_MODULE_PV}/${HTTP_SECURITY_MODULE_P}.tar.gz" +HTTP_SECURITY_MODULE_WD="${WORKDIR}/${HTTP_SECURITY_MODULE_P}" + +# push-stream-module (http://www.nginxpushstream.com, https://github.com/wandenberg/nginx-push-stream-module, GPL-3) +HTTP_PUSH_STREAM_MODULE_PV="0.5.4" +HTTP_PUSH_STREAM_MODULE_P="ngx_http_push_stream-${HTTP_PUSH_STREAM_MODULE_PV}" +HTTP_PUSH_STREAM_MODULE_URI="https://github.com/wandenberg/nginx-push-stream-module/archive/${HTTP_PUSH_STREAM_MODULE_PV}.tar.gz" +HTTP_PUSH_STREAM_MODULE_WD="${WORKDIR}/nginx-push-stream-module-${HTTP_PUSH_STREAM_MODULE_PV}" + +# sticky-module (https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng, BSD-2) +HTTP_STICKY_MODULE_PV="1.2.6-10-g08a395c66e42" +HTTP_STICKY_MODULE_P="nginx_http_sticky_module_ng-${HTTP_STICKY_MODULE_PV}" +HTTP_STICKY_MODULE_URI="https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/${HTTP_STICKY_MODULE_PV}.tar.bz2" +HTTP_STICKY_MODULE_WD="${WORKDIR}/nginx-goodies-nginx-sticky-module-ng-08a395c66e42" + +# mogilefs-module (https://github.com/vkholodkov/nginx-mogilefs-module, BSD-2) +HTTP_MOGILEFS_MODULE_PV="1.0.4" +HTTP_MOGILEFS_MODULE_P="ngx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}" +HTTP_MOGILEFS_MODULE_URI="https://github.com/vkholodkov/nginx-mogilefs-module/archive/${HTTP_MOGILEFS_MODULE_PV}.tar.gz" +HTTP_MOGILEFS_MODULE_WD="${WORKDIR}/nginx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}" + +# memc-module (https://github.com/openresty/memc-nginx-module, BSD-2) +HTTP_MEMC_MODULE_PV="0.19" +HTTP_MEMC_MODULE_P="ngx_memc_module-${HTTP_MEMC_MODULE_PV}" +HTTP_MEMC_MODULE_URI="https://github.com/openresty/memc-nginx-module/archive/v${HTTP_MEMC_MODULE_PV}.tar.gz" +HTTP_MEMC_MODULE_WD="${WORKDIR}/memc-nginx-module-${HTTP_MEMC_MODULE_PV}" + +# nginx-ldap-auth-module (https://github.com/kvspb/nginx-auth-ldap, BSD-2) +HTTP_LDAP_MODULE_PV="42d195d7a7575ebab1c369ad3fc5d78dc2c2669c" +HTTP_LDAP_MODULE_P="nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}" +HTTP_LDAP_MODULE_URI="https://github.com/kvspb/nginx-auth-ldap/archive/${HTTP_LDAP_MODULE_PV}.tar.gz" +HTTP_LDAP_MODULE_WD="${WORKDIR}/nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}" + +# geoip2 (https://github.com/leev/ngx_http_geoip2_module, BSD-2) +GEOIP2_MODULE_PV="2.0" +GEOIP2_MODULE_P="ngx_http_geoip2_module-${GEOIP2_MODULE_PV}" +GEOIP2_MODULE_URI="https://github.com/leev/ngx_http_geoip2_module/archive/${GEOIP2_MODULE_PV}.tar.gz" +GEOIP2_MODULE_WD="${WORKDIR}/ngx_http_geoip2_module-${GEOIP2_MODULE_PV}" + +# njs-module (https://github.com/nginx/njs, as-is) +NJS_MODULE_PV="0.2.2" +NJS_MODULE_P="njs-${NJS_MODULE_PV}" +NJS_MODULE_URI="https://github.com/nginx/njs/archive/${NJS_MODULE_PV}.tar.gz" +NJS_MODULE_WD="${WORKDIR}/njs-${NJS_MODULE_PV}" + +# We handle deps below ourselves +SSL_DEPS_SKIP=1 +AUTOTOOLS_AUTO_DEPEND="no" + +inherit autotools ssl-cert toolchain-funcs perl-module flag-o-matic user systemd versionator multilib + +DESCRIPTION="Robust, small and high performance http and reverse proxy server" +HOMEPAGE="https://nginx.org" +SRC_URI="https://nginx.org/download/${P}.tar.gz + ${DEVEL_KIT_MODULE_URI} -> ${DEVEL_KIT_MODULE_P}.tar.gz + nginx_modules_http_auth_ldap? ( ${HTTP_LDAP_MODULE_URI} -> ${HTTP_LDAP_MODULE_P}.tar.gz ) + nginx_modules_http_auth_pam? ( ${HTTP_AUTH_PAM_MODULE_URI} -> ${HTTP_AUTH_PAM_MODULE_P}.tar.gz ) + nginx_modules_http_brotli? ( ${HTTP_BROTLI_MODULE_URI} -> ${HTTP_BROTLI_MODULE_P}.tar.gz ) + nginx_modules_http_cache_purge? ( ${HTTP_CACHE_PURGE_MODULE_URI} -> ${HTTP_CACHE_PURGE_MODULE_P}.tar.gz ) + nginx_modules_http_dav_ext? ( ${HTTP_DAV_EXT_MODULE_URI} -> ${HTTP_DAV_EXT_MODULE_P}.tar.gz ) + nginx_modules_http_echo? ( ${HTTP_ECHO_MODULE_URI} -> ${HTTP_ECHO_MODULE_P}.tar.gz ) + nginx_modules_http_fancyindex? ( ${HTTP_FANCYINDEX_MODULE_URI} -> ${HTTP_FANCYINDEX_MODULE_P}.tar.gz ) + nginx_modules_http_geoip2? ( ${GEOIP2_MODULE_URI} -> ${GEOIP2_MODULE_P}.tar.gz ) + nginx_modules_http_headers_more? ( ${HTTP_HEADERS_MORE_MODULE_URI} -> ${HTTP_HEADERS_MORE_MODULE_P}.tar.gz ) + nginx_modules_http_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz ) + nginx_modules_http_lua? ( ${HTTP_LUA_MODULE_URI} -> ${HTTP_LUA_MODULE_P}.tar.gz ) + nginx_modules_http_memc? ( ${HTTP_MEMC_MODULE_URI} -> ${HTTP_MEMC_MODULE_P}.tar.gz ) + nginx_modules_http_metrics? ( ${HTTP_METRICS_MODULE_URI} -> ${HTTP_METRICS_MODULE_P}.tar.gz ) + nginx_modules_http_mogilefs? ( ${HTTP_MOGILEFS_MODULE_URI} -> ${HTTP_MOGILEFS_MODULE_P}.tar.gz ) + nginx_modules_http_naxsi? ( ${HTTP_NAXSI_MODULE_URI} -> ${HTTP_NAXSI_MODULE_P}.tar.gz ) + nginx_modules_http_push_stream? ( ${HTTP_PUSH_STREAM_MODULE_URI} -> ${HTTP_PUSH_STREAM_MODULE_P}.tar.gz ) + nginx_modules_http_security? ( ${HTTP_SECURITY_MODULE_URI} -> ${HTTP_SECURITY_MODULE_P}.tar.gz ) + nginx_modules_http_slowfs_cache? ( ${HTTP_SLOWFS_CACHE_MODULE_URI} -> ${HTTP_SLOWFS_CACHE_MODULE_P}.tar.gz ) + nginx_modules_http_sticky? ( ${HTTP_STICKY_MODULE_URI} -> ${HTTP_STICKY_MODULE_P}.tar.bz2 ) + nginx_modules_http_upload_progress? ( ${HTTP_UPLOAD_PROGRESS_MODULE_URI} -> ${HTTP_UPLOAD_PROGRESS_MODULE_P}.tar.gz ) + nginx_modules_http_upstream_check? ( ${HTTP_UPSTREAM_CHECK_MODULE_URI} -> ${HTTP_UPSTREAM_CHECK_MODULE_P}.tar.gz ) + nginx_modules_http_vhost_traffic_status? ( ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI} -> ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_P}.tar.gz ) + nginx_modules_stream_geoip2? ( ${GEOIP2_MODULE_URI} -> ${GEOIP2_MODULE_P}.tar.gz ) + nginx_modules_stream_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz ) + rtmp? ( ${RTMP_MODULE_URI} -> ${RTMP_MODULE_P}.tar.gz )" + +LICENSE="BSD-2 BSD SSLeay MIT GPL-2 GPL-2+ + nginx_modules_http_security? ( Apache-2.0 ) + nginx_modules_http_push_stream? ( GPL-3 )" + +SLOT="mainline" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd ~amd64-linux ~x86-linux" + +# Package doesn't provide a real test suite +RESTRICT="test" + +NGINX_MODULES_STD="access auth_basic autoindex browser charset empty_gif + fastcgi geo grpc gzip limit_req limit_conn map memcached mirror + proxy referer rewrite scgi ssi split_clients upstream_hash + upstream_ip_hash upstream_keepalive upstream_least_conn + upstream_zone userid uwsgi" +NGINX_MODULES_OPT="addition auth_request dav degradation flv geoip gunzip + gzip_static image_filter mp4 perl random_index realip secure_link + slice stub_status sub xslt" +NGINX_MODULES_STREAM_STD="access geo limit_conn map return split_clients + upstream_hash upstream_least_conn upstream_zone" +NGINX_MODULES_STREAM_OPT="geoip realip ssl_preread" +NGINX_MODULES_MAIL="imap pop3 smtp" +NGINX_MODULES_3RD=" + http_auth_ldap + http_auth_pam + http_brotli + http_cache_purge + http_dav_ext + http_echo + http_fancyindex + http_geoip2 + http_headers_more + http_javascript + http_lua + http_memc + http_metrics + http_mogilefs + http_naxsi + http_push_stream + http_security + http_slowfs_cache + http_sticky + http_upload_progress + http_upstream_check + http_vhost_traffic_status + stream_geoip2 + stream_javascript +" + +IUSE="aio debug +http +http2 +http-cache +ipv6 libatomic libressl luajit +pcre + pcre-jit rtmp selinux ssl threads userland_GNU vim-syntax" + +for mod in $NGINX_MODULES_STD; do + IUSE="${IUSE} +nginx_modules_http_${mod}" +done + +for mod in $NGINX_MODULES_OPT; do + IUSE="${IUSE} nginx_modules_http_${mod}" +done + +for mod in $NGINX_MODULES_STREAM_STD; do + IUSE="${IUSE} nginx_modules_stream_${mod}" +done + +for mod in $NGINX_MODULES_STREAM_OPT; do + IUSE="${IUSE} nginx_modules_stream_${mod}" +done + +for mod in $NGINX_MODULES_MAIL; do + IUSE="${IUSE} nginx_modules_mail_${mod}" +done + +for mod in $NGINX_MODULES_3RD; do + IUSE="${IUSE} nginx_modules_${mod}" +done + +# Add so we can warn users updating about config changes +# @TODO: jbergstroem: remove on next release series +IUSE="${IUSE} nginx_modules_http_spdy" + +CDEPEND=" + pcre? ( dev-libs/libpcre:= ) + pcre-jit? ( dev-libs/libpcre:=[jit] ) + ssl? ( + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:= ) + ) + http2? ( + !libressl? ( >=dev-libs/openssl-1.0.1c:0= ) + libressl? ( dev-libs/libressl:= ) + ) + http-cache? ( + userland_GNU? ( + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:= ) + ) + ) + nginx_modules_http_brotli? ( app-arch/brotli:= ) + nginx_modules_http_geoip? ( dev-libs/geoip ) + nginx_modules_http_geoip2? ( dev-libs/libmaxminddb:= ) + nginx_modules_http_gunzip? ( sys-libs/zlib ) + nginx_modules_http_gzip? ( sys-libs/zlib ) + nginx_modules_http_gzip_static? ( sys-libs/zlib ) + nginx_modules_http_image_filter? ( media-libs/gd:=[jpeg,png] ) + nginx_modules_http_perl? ( >=dev-lang/perl-5.8:= ) + nginx_modules_http_rewrite? ( dev-libs/libpcre:= ) + nginx_modules_http_secure_link? ( + userland_GNU? ( + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:= ) + ) + ) + nginx_modules_http_xslt? ( dev-libs/libxml2:= dev-libs/libxslt ) + nginx_modules_http_lua? ( !luajit? ( dev-lang/lua:0= ) luajit? ( dev-lang/luajit:2= ) ) + nginx_modules_http_auth_pam? ( virtual/pam ) + nginx_modules_http_metrics? ( dev-libs/yajl:= ) + nginx_modules_http_dav_ext? ( dev-libs/expat ) + nginx_modules_http_security? ( + dev-libs/apr:= + dev-libs/apr-util:= + dev-libs/libxml2:= + net-misc/curl + www-servers/apache + ) + nginx_modules_http_auth_ldap? ( net-nds/openldap[ssl?] ) + nginx_modules_stream_geoip? ( dev-libs/geoip ) + nginx_modules_stream_geoip2? ( dev-libs/libmaxminddb:= )" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-nginx ) + !www-servers/nginx:0" +DEPEND="${CDEPEND} + nginx_modules_http_brotli? ( virtual/pkgconfig ) + nginx_modules_http_security? ( ${AUTOTOOLS_DEPEND} ) + arm? ( dev-libs/libatomic_ops ) + libatomic? ( dev-libs/libatomic_ops )" +PDEPEND="vim-syntax? ( app-vim/nginx-syntax )" + +REQUIRED_USE="pcre-jit? ( pcre ) + nginx_modules_http_grpc? ( http2 ) + nginx_modules_http_lua? ( nginx_modules_http_rewrite ) + nginx_modules_http_naxsi? ( pcre ) + nginx_modules_http_dav_ext? ( nginx_modules_http_dav ) + nginx_modules_http_metrics? ( nginx_modules_http_stub_status ) + nginx_modules_http_security? ( pcre ) + nginx_modules_http_push_stream? ( ssl )" + +pkg_setup() { + NGINX_HOME="/var/lib/nginx" + NGINX_HOME_TMP="${NGINX_HOME}/tmp" + + ebegin "Creating nginx user and group" + enewgroup ${PN} + enewuser ${PN} -1 -1 "${NGINX_HOME}" ${PN} + eend $? + + if use libatomic; then + ewarn "GCC 4.1+ features built-in atomic operations." + ewarn "Using libatomic_ops is only needed if using" + ewarn "a different compiler or a GCC prior to 4.1" + fi + + if [[ -n $NGINX_ADD_MODULES ]]; then + ewarn "You are building custom modules via \$NGINX_ADD_MODULES!" + ewarn "This nginx installation is not supported!" + ewarn "Make sure you can reproduce the bug without those modules" + ewarn "_before_ reporting bugs." + fi + + if use !http; then + ewarn "To actually disable all http-functionality you also have to disable" + ewarn "all nginx http modules." + fi + + if use nginx_modules_http_mogilefs && use threads; then + eerror "mogilefs won't compile with threads support." + eerror "Please disable either flag and try again." + die "Can't compile mogilefs with threads support" + fi +} + +src_prepare() { + eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch" + eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch" + + if use nginx_modules_http_brotli; then + cd "${HTTP_BROTLI_MODULE_WD}" || die + eapply "${FILESDIR}"/http_brotli-detect-brotli-r1.patch + cd "${S}" || die + fi + + if use nginx_modules_http_upstream_check; then + eapply -p0 "${FILESDIR}"/http_upstream_check-nginx-1.11.5+.patch + fi + + if use nginx_modules_http_cache_purge; then + cd "${HTTP_CACHE_PURGE_MODULE_WD}" || die + eapply "${FILESDIR}"/http_cache_purge-1.11.6+.patch + cd "${S}" || die + fi + + if use nginx_modules_http_security; then + cd "${HTTP_SECURITY_MODULE_WD}" || die + + eautoreconf + + if use luajit ; then + sed -i \ + -e 's|^\(LUA_PKGNAMES\)=.*|\1="luajit"|' \ + configure || die + fi + + cd "${S}" || die + fi + + if use nginx_modules_http_upload_progress; then + cd "${HTTP_UPLOAD_PROGRESS_MODULE_WD}" || die + eapply "${FILESDIR}"/http_uploadprogress-issue_50-r1.patch + cd "${S}" || die + fi + + find auto/ -type f -print0 | xargs -0 sed -i 's:\&\& make:\&\& \\$(MAKE):' || die + # We have config protection, don't rename etc files + sed -i 's:.default::' auto/install || die + # remove useless files + sed -i -e '/koi-/d' -e '/win-/d' auto/install || die + + # don't install to /etc/nginx/ if not in use + local module + for module in fastcgi scgi uwsgi ; do + if ! use nginx_modules_http_${module}; then + sed -i -e "/${module}/d" auto/install || die + fi + done + + eapply_user +} + +src_configure() { + # mod_security needs to generate nginx/modsecurity/config before including it + if use nginx_modules_http_security; then + cd "${HTTP_SECURITY_MODULE_WD}" || die + + ./configure \ + --enable-standalone-module \ + --disable-mlogc \ + --with-ssdeep=no \ + $(use_enable pcre-jit) \ + $(use_with nginx_modules_http_lua lua) || die "configure failed for mod_security" + + cd "${S}" || die + fi + + local myconf=() http_enabled= mail_enabled= stream_enabled= + + use aio && myconf+=( --with-file-aio ) + use debug && myconf+=( --with-debug ) + use http2 && myconf+=( --with-http_v2_module ) + use libatomic && myconf+=( --with-libatomic ) + use pcre && myconf+=( --with-pcre ) + use pcre-jit && myconf+=( --with-pcre-jit ) + use threads && myconf+=( --with-threads ) + + # HTTP modules + for mod in $NGINX_MODULES_STD; do + if use nginx_modules_http_${mod}; then + http_enabled=1 + else + myconf+=( --without-http_${mod}_module ) + fi + done + + for mod in $NGINX_MODULES_OPT; do + if use nginx_modules_http_${mod}; then + http_enabled=1 + myconf+=( --with-http_${mod}_module ) + fi + done + + if use nginx_modules_http_fastcgi; then + myconf+=( --with-http_realip_module ) + fi + + # third-party modules + if use nginx_modules_http_upload_progress; then + http_enabled=1 + myconf+=( --add-module=${HTTP_UPLOAD_PROGRESS_MODULE_WD} ) + fi + + if use nginx_modules_http_headers_more; then + http_enabled=1 + myconf+=( --add-module=${HTTP_HEADERS_MORE_MODULE_WD} ) + fi + + if use nginx_modules_http_cache_purge; then + http_enabled=1 + myconf+=( --add-module=${HTTP_CACHE_PURGE_MODULE_WD} ) + fi + + if use nginx_modules_http_slowfs_cache; then + http_enabled=1 + myconf+=( --add-module=${HTTP_SLOWFS_CACHE_MODULE_WD} ) + fi + + if use nginx_modules_http_fancyindex; then + http_enabled=1 + myconf+=( --add-module=${HTTP_FANCYINDEX_MODULE_WD} ) + fi + + if use nginx_modules_http_lua; then + http_enabled=1 + if use luajit; then + export LUAJIT_LIB=$(pkg-config --variable libdir luajit) + export LUAJIT_INC=$(pkg-config --variable includedir luajit) + else + export LUA_LIB=$(pkg-config --variable libdir lua) + export LUA_INC=$(pkg-config --variable includedir lua) + fi + myconf+=( --add-module=${DEVEL_KIT_MODULE_WD} ) + myconf+=( --add-module=${HTTP_LUA_MODULE_WD} ) + fi + + if use nginx_modules_http_auth_pam; then + http_enabled=1 + myconf+=( --add-module=${HTTP_AUTH_PAM_MODULE_WD} ) + fi + + if use nginx_modules_http_upstream_check; then + http_enabled=1 + myconf+=( --add-module=${HTTP_UPSTREAM_CHECK_MODULE_WD} ) + fi + + if use nginx_modules_http_metrics; then + http_enabled=1 + myconf+=( --add-module=${HTTP_METRICS_MODULE_WD} ) + fi + + if use nginx_modules_http_naxsi ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_NAXSI_MODULE_WD} ) + fi + + if use rtmp ; then + http_enabled=1 + myconf+=( --add-module=${RTMP_MODULE_WD} ) + fi + + if use nginx_modules_http_dav_ext ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_DAV_EXT_MODULE_WD} ) + fi + + if use nginx_modules_http_echo ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_ECHO_MODULE_WD} ) + fi + + if use nginx_modules_http_security ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_SECURITY_MODULE_WD}/nginx/modsecurity ) + fi + + if use nginx_modules_http_push_stream ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_PUSH_STREAM_MODULE_WD} ) + fi + + if use nginx_modules_http_sticky ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_STICKY_MODULE_WD} ) + fi + + if use nginx_modules_http_mogilefs ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_MOGILEFS_MODULE_WD} ) + fi + + if use nginx_modules_http_memc ; then + http_enabled=1 + myconf+=( --add-module=${HTTP_MEMC_MODULE_WD} ) + fi + + if use nginx_modules_http_auth_ldap; then + http_enabled=1 + myconf+=( --add-module=${HTTP_LDAP_MODULE_WD} ) + fi + + if use nginx_modules_http_vhost_traffic_status; then + http_enabled=1 + myconf+=( --add-module=${HTTP_VHOST_TRAFFIC_STATUS_MODULE_WD} ) + fi + + if use nginx_modules_http_geoip2 || use nginx_modules_stream_geoip2; then + myconf+=( --add-module=${GEOIP2_MODULE_WD} ) + fi + + if use nginx_modules_http_javascript || use nginx_modules_stream_javascript; then + myconf+=( --add-module="${NJS_MODULE_WD}/nginx" ) + fi + + if use nginx_modules_http_brotli; then + http_enabled=1 + myconf+=( --add-module=${HTTP_BROTLI_MODULE_WD} ) + fi + + if use http || use http-cache || use http2 || use nginx_modules_http_javascript; then + http_enabled=1 + fi + + if [ $http_enabled ]; then + use http-cache || myconf+=( --without-http-cache ) + use ssl && myconf+=( --with-http_ssl_module ) + else + myconf+=( --without-http --without-http-cache ) + fi + + # Stream modules + for mod in $NGINX_MODULES_STREAM_STD; do + if use nginx_modules_stream_${mod}; then + stream_enabled=1 + else + myconf+=( --without-stream_${mod}_module ) + fi + done + + for mod in $NGINX_MODULES_STREAM_OPT; do + if use nginx_modules_stream_${mod}; then + stream_enabled=1 + myconf+=( --with-stream_${mod}_module ) + fi + done + + if use nginx_modules_stream_geoip2 || use nginx_modules_stream_javascript; then + stream_enabled=1 + fi + + if [ $stream_enabled ]; then + myconf+=( --with-stream ) + use ssl && myconf+=( --with-stream_ssl_module ) + fi + + # MAIL modules + for mod in $NGINX_MODULES_MAIL; do + if use nginx_modules_mail_${mod}; then + mail_enabled=1 + else + myconf+=( --without-mail_${mod}_module ) + fi + done + + if [ $mail_enabled ]; then + myconf+=( --with-mail ) + use ssl && myconf+=( --with-mail_ssl_module ) + fi + + # custom modules + for mod in $NGINX_ADD_MODULES; do + myconf+=( --add-module=${mod} ) + done + + # https://bugs.gentoo.org/286772 + export LANG=C LC_ALL=C + tc-export CC + + if ! use prefix; then + myconf+=( --user=${PN} ) + myconf+=( --group=${PN} ) + fi + + local WITHOUT_IPV6= + if ! use ipv6; then + WITHOUT_IPV6=" -DNGX_HAVE_INET6=0" + fi + + if [[ -n "${EXTRA_ECONF}" ]]; then + myconf+=( ${EXTRA_ECONF} ) + ewarn "EXTRA_ECONF applied. Now you are on your own, good luck!" + fi + + ./configure \ + --prefix="${EPREFIX}"/usr \ + --conf-path="${EPREFIX}"/etc/${PN}/${PN}.conf \ + --error-log-path="${EPREFIX}"/var/log/${PN}/error_log \ + --pid-path="${EPREFIX}"/run/${PN}.pid \ + --lock-path="${EPREFIX}"/run/lock/${PN}.lock \ + --with-cc-opt="-I${EROOT}usr/include${WITHOUT_IPV6}" \ + --with-ld-opt="-L${EROOT}usr/$(get_libdir)" \ + --http-log-path="${EPREFIX}"/var/log/${PN}/access_log \ + --http-client-body-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/client \ + --http-proxy-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/proxy \ + --http-fastcgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/fastcgi \ + --http-scgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/scgi \ + --http-uwsgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/uwsgi \ + --with-compat \ + "${myconf[@]}" || die "configure failed" + + # A purely cosmetic change that makes nginx -V more readable. This can be + # good if people outside the gentoo community would troubleshoot and + # question the users setup. + sed -i -e "s|${WORKDIR}|external_module|g" objs/ngx_auto_config.h || die +} + +src_compile() { + use nginx_modules_http_security && emake -C "${HTTP_SECURITY_MODULE_WD}" + + # https://bugs.gentoo.org/286772 + export LANG=C LC_ALL=C + emake LINK="${CC} ${LDFLAGS}" OTHERLDFLAGS="${LDFLAGS}" +} + +src_install() { + emake DESTDIR="${D%/}" install + + cp "${FILESDIR}"/nginx.conf-r2 "${ED}"etc/nginx/nginx.conf || die + + newinitd "${FILESDIR}"/nginx.initd-r4 nginx + newconfd "${FILESDIR}"/nginx.confd nginx + + systemd_newunit "${FILESDIR}"/nginx.service-r1 nginx.service + + doman man/nginx.8 + dodoc CHANGES* README + + # just keepdir. do not copy the default htdocs files (bug #449136) + keepdir /var/www/localhost + rm -rf "${D}"usr/html || die + + # set up a list of directories to keep + local keepdir_list="${NGINX_HOME_TMP}"/client + local module + for module in proxy fastcgi scgi uwsgi; do + use nginx_modules_http_${module} && keepdir_list+=" ${NGINX_HOME_TMP}/${module}" + done + + keepdir /var/log/nginx ${keepdir_list} + + # this solves a problem with SELinux where nginx doesn't see the directories + # as root and tries to create them as nginx + fperms 0750 "${NGINX_HOME_TMP}" + fowners ${PN}:0 "${NGINX_HOME_TMP}" + + fperms 0700 ${keepdir_list} + fowners ${PN}:${PN} ${keepdir_list} + + fperms 0710 /var/log/nginx + fowners 0:${PN} /var/log/nginx + + # logrotate + insinto /etc/logrotate.d + newins "${FILESDIR}"/nginx.logrotate-r1 nginx + + if use nginx_modules_http_perl; then + cd "${S}"/objs/src/http/modules/perl/ || die + emake DESTDIR="${D}" INSTALLDIRS=vendor + perl_delete_localpod + cd "${S}" || die + fi + + if use nginx_modules_http_cache_purge; then + docinto ${HTTP_CACHE_PURGE_MODULE_P} + dodoc "${HTTP_CACHE_PURGE_MODULE_WD}"/{CHANGES,README.md,TODO.md} + fi + + if use nginx_modules_http_slowfs_cache; then + docinto ${HTTP_SLOWFS_CACHE_MODULE_P} + dodoc "${HTTP_SLOWFS_CACHE_MODULE_WD}"/{CHANGES,README.md} + fi + + if use nginx_modules_http_fancyindex; then + docinto ${HTTP_FANCYINDEX_MODULE_P} + dodoc "${HTTP_FANCYINDEX_MODULE_WD}"/README.rst + fi + + if use nginx_modules_http_lua; then + docinto ${HTTP_LUA_MODULE_P} + dodoc "${HTTP_LUA_MODULE_WD}"/README.markdown + fi + + if use nginx_modules_http_auth_pam; then + docinto ${HTTP_AUTH_PAM_MODULE_P} + dodoc "${HTTP_AUTH_PAM_MODULE_WD}"/{README.md,ChangeLog} + fi + + if use nginx_modules_http_upstream_check; then + docinto ${HTTP_UPSTREAM_CHECK_MODULE_P} + dodoc "${HTTP_UPSTREAM_CHECK_MODULE_WD}"/{README,CHANGES} + fi + + if use nginx_modules_http_naxsi; then + insinto /etc/nginx + doins "${HTTP_NAXSI_MODULE_WD}"/../naxsi_config/naxsi_core.rules + fi + + if use rtmp; then + docinto ${RTMP_MODULE_P} + dodoc "${RTMP_MODULE_WD}"/{AUTHORS,README.md,stat.xsl} + fi + + if use nginx_modules_http_dav_ext; then + docinto ${HTTP_DAV_EXT_MODULE_P} + dodoc "${HTTP_DAV_EXT_MODULE_WD}"/README.rst + fi + + if use nginx_modules_http_echo; then + docinto ${HTTP_ECHO_MODULE_P} + dodoc "${HTTP_ECHO_MODULE_WD}"/README.markdown + fi + + if use nginx_modules_http_security; then + docinto ${HTTP_SECURITY_MODULE_P} + dodoc "${HTTP_SECURITY_MODULE_WD}"/{CHANGES,README.TXT,authors.txt} + fi + + if use nginx_modules_http_push_stream; then + docinto ${HTTP_PUSH_STREAM_MODULE_P} + dodoc "${HTTP_PUSH_STREAM_MODULE_WD}"/{AUTHORS,CHANGELOG.textile,README.textile} + fi + + if use nginx_modules_http_sticky; then + docinto ${HTTP_STICKY_MODULE_P} + dodoc "${HTTP_STICKY_MODULE_WD}"/{README.md,Changelog.txt,docs/sticky.pdf} + fi + + if use nginx_modules_http_memc; then + docinto ${HTTP_MEMC_MODULE_P} + dodoc "${HTTP_MEMC_MODULE_WD}"/README.markdown + fi + + if use nginx_modules_http_auth_ldap; then + docinto ${HTTP_LDAP_MODULE_P} + dodoc "${HTTP_LDAP_MODULE_WD}"/example.conf + fi +} + +pkg_postinst() { + if use ssl; then + if [[ ! -f "${EROOT}"etc/ssl/${PN}/${PN}.key ]]; then + install_cert /etc/ssl/${PN}/${PN} + use prefix || chown ${PN}:${PN} "${EROOT}"etc/ssl/${PN}/${PN}.{crt,csr,key,pem} + fi + fi + + if use nginx_modules_http_spdy; then + ewarn "" + ewarn "In nginx 1.9.5 the spdy module was superseded by http2." + ewarn "Update your configs and package.use accordingly." + fi + + if use nginx_modules_http_lua; then + ewarn "" + ewarn "While you can build lua 3rd party module against ${P}" + ewarn "the author warns that >=${PN}-1.11.11 is still not an" + ewarn "officially supported target yet. You are on your own." + ewarn "Expect runtime failures, memory leaks and other problems!" + fi + + if use nginx_modules_http_lua && use http2; then + ewarn "" + ewarn "Lua 3rd party module author warns against using ${P} with" + ewarn "NGINX_MODULES_HTTP=\"lua http2\". For more info, see https://git.io/OldLsg" + fi + + local _n_permission_layout_checks=0 + local _has_to_adjust_permissions=0 + local _has_to_show_permission_warning=0 + + # Defaults to 1 to inform people doing a fresh installation + # that we ship modified {scgi,uwsgi,fastcgi}_params files + local _has_to_show_httpoxy_mitigation_notice=1 + + local _replacing_version= + for _replacing_version in ${REPLACING_VERSIONS}; do + _n_permission_layout_checks=$((${_n_permission_layout_checks}+1)) + + if [[ ${_n_permission_layout_checks} -gt 1 ]]; then + # Should never happen: + # Package is abusing slots but doesn't allow multiple parallel installations. + # If we run into this situation it is unsafe to automatically adjust any + # permission... + _has_to_show_permission_warning=1 + + ewarn "Replacing multiple ${PN}' versions is unsupported! " \ + "You will have to adjust permissions on your own." + + break + fi + + local _replacing_version_branch=$(get_version_component_range 1-2 "${_replacing_version}") + debug-print "Updating an existing installation (v${_replacing_version}; branch '${_replacing_version_branch}') ..." + + # Do we need to adjust permissions to fix CVE-2013-0337 (bug #458726, #469094)? + # This was before we introduced multiple nginx versions so we + # do not need to distinguish between stable and mainline + local _need_to_fix_CVE2013_0337=1 + + if version_is_at_least "1.4.1-r2" "${_replacing_version}"; then + # We are updating an installation which should already be fixed + _need_to_fix_CVE2013_0337=0 + debug-print "Skipping CVE-2013-0337 ... existing installation should not be affected!" + else + _has_to_adjust_permissions=1 + debug-print "Need to adjust permissions to fix CVE-2013-0337!" + fi + + # Do we need to inform about HTTPoxy mitigation? + # In repository since commit 8be44f76d4ac02cebcd1e0e6e6284bb72d054b0f + if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then + # Updating from <1.10 + _has_to_show_httpoxy_mitigation_notice=1 + debug-print "Need to inform about HTTPoxy mitigation!" + else + # Updating from >=1.10 + local _fixed_in_pvr= + case "${_replacing_version_branch}" in + "1.10") + _fixed_in_pvr="1.10.1-r2" + ;; + "1.11") + _fixed_in_pvr="1.11.3-r1" + ;; + *) + # This should be any future branch. + # If we run this code it is safe to assume that the user has + # already seen the HTTPoxy mitigation notice because he/she is doing + # an update from previous version where we have already shown + # the warning. Otherwise, we wouldn't hit this code path ... + _fixed_in_pvr= + esac + + if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then + # We are updating an installation where we already informed + # that we are mitigating HTTPoxy per default + _has_to_show_httpoxy_mitigation_notice=0 + debug-print "No need to inform about HTTPoxy mitigation ... information was already shown for existing installation!" + else + _has_to_show_httpoxy_mitigation_notice=1 + debug-print "Need to inform about HTTPoxy mitigation!" + fi + fi + + # Do we need to adjust permissions to fix CVE-2016-1247 (bug #605008)? + # All branches up to 1.11 are affected + local _need_to_fix_CVE2016_1247=1 + + if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then + # Updating from <1.10 + _has_to_adjust_permissions=1 + debug-print "Need to adjust permissions to fix CVE-2016-1247!" + else + # Updating from >=1.10 + local _fixed_in_pvr= + case "${_replacing_version_branch}" in + "1.10") + _fixed_in_pvr="1.10.2-r3" + ;; + "1.11") + _fixed_in_pvr="1.11.6-r1" + ;; + *) + # This should be any future branch. + # If we run this code it is safe to assume that we have already + # adjusted permissions or were never affected because user is + # doing an update from previous version which was safe or did + # the adjustments. Otherwise, we wouldn't hit this code path ... + _fixed_in_pvr= + esac + + if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then + # We are updating an installation which should already be adjusted + # or which was never affected + _need_to_fix_CVE2016_1247=0 + debug-print "Skipping CVE-2016-1247 ... existing installation should not be affected!" + else + _has_to_adjust_permissions=1 + debug-print "Need to adjust permissions to fix CVE-2016-1247!" + fi + fi + done + + if [[ ${_has_to_adjust_permissions} -eq 1 ]]; then + # We do not DIE when chmod/chown commands are failing because + # package is already merged on user's system at this stage + # and we cannot retry without losing the information that + # the existing installation needs to adjust permissions. + # Instead we are going to a show a big warning ... + + if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2013_0337} -eq 1 ]]; then + ewarn "" + ewarn "The world-readable bit (if set) has been removed from the" + ewarn "following directories to mitigate a security bug" + ewarn "(CVE-2013-0337, bug #458726):" + ewarn "" + ewarn " ${EPREFIX%/}/var/log/nginx" + ewarn " ${EPREFIX%/}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}" + ewarn "" + ewarn "Check if this is correct for your setup before restarting nginx!" + ewarn "This is a one-time change and will not happen on subsequent updates." + ewarn "Furthermore nginx' temp directories got moved to '${EPREFIX%/}${NGINX_HOME_TMP}'" + chmod o-rwx \ + "${EPREFIX%/}"/var/log/nginx \ + "${EPREFIX%/}"${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi} || \ + _has_to_show_permission_warning=1 + fi + + if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2016_1247} -eq 1 ]]; then + ewarn "" + ewarn "The permissions on the following directory have been reset in" + ewarn "order to mitigate a security bug (CVE-2016-1247, bug #605008):" + ewarn "" + ewarn " ${EPREFIX%/}/var/log/nginx" + ewarn "" + ewarn "Check if this is correct for your setup before restarting nginx!" + ewarn "Also ensure that no other log directory used by any of your" + ewarn "vhost(s) is not writeable for nginx user. Any of your log files" + ewarn "used by nginx can be abused to escalate privileges!" + ewarn "This is a one-time change and will not happen on subsequent updates." + chown 0:nginx "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 + chmod 710 "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 + fi + + if [[ ${_has_to_show_permission_warning} -eq 1 ]]; then + # Should never happen ... + ewarn "" + ewarn "*************************************************************" + ewarn "*************** W A R N I N G ***************" + ewarn "*************************************************************" + ewarn "The one-time only attempt to adjust permissions of the" + ewarn "existing nginx installation failed. Be aware that we will not" + ewarn "try to adjust the same permissions again because now you are" + ewarn "using a nginx version where we expect that the permissions" + ewarn "are already adjusted or that you know what you are doing and" + ewarn "want to keep custom permissions." + ewarn "" + fi + fi + + # Sanity check for CVE-2016-1247 + # Required to warn users who received the warning above and thought + # they could fix it by unmerging and re-merging the package or have + # unmerged a affected installation on purpose in the past leaving + # /var/log/nginx on their system due to keepdir/non-empty folder + # and are now installing the package again. + local _sanity_check_testfile=$(mktemp --dry-run "${EPREFIX%/}"/var/log/nginx/.CVE-2016-1247.XXXXXXXXX) + su -s /bin/sh -c "touch ${_sanity_check_testfile}" nginx >&/dev/null + if [ $? -eq 0 ] ; then + # Cleanup -- no reason to die here! + rm -f "${_sanity_check_testfile}" + + ewarn "" + ewarn "*************************************************************" + ewarn "*************** W A R N I N G ***************" + ewarn "*************************************************************" + ewarn "Looks like your installation is vulnerable to CVE-2016-1247" + ewarn "(bug #605008) because nginx user is able to create files in" + ewarn "" + ewarn " ${EPREFIX%/}/var/log/nginx" + ewarn "" + ewarn "Also ensure that no other log directory used by any of your" + ewarn "vhost(s) is not writeable for nginx user. Any of your log files" + ewarn "used by nginx can be abused to escalate privileges!" + fi + + if [[ ${_has_to_show_httpoxy_mitigation_notice} -eq 1 ]]; then + # HTTPoxy mitigation + ewarn "" + ewarn "This nginx installation comes with a mitigation for the HTTPoxy" + ewarn "vulnerability for FastCGI, SCGI and uWSGI applications by setting" + ewarn "the HTTP_PROXY parameter to an empty string per default when you" + ewarn "are sourcing one of the default" + ewarn "" + ewarn " - 'fastcgi_params' or 'fastcgi.conf'" + ewarn " - 'scgi_params'" + ewarn " - 'uwsgi_params'" + ewarn "" + ewarn "files in your server block(s)." + ewarn "" + ewarn "If this is causing any problems for you make sure that you are sourcing the" + ewarn "default parameters _before_ you set your own values." + ewarn "If you are relying on user-supplied proxy values you have to remove the" + ewarn "correlating lines from the file(s) mentioned above." + ewarn "" + fi +} diff --git a/www-servers/nginx/nginx-1.15.1.ebuild b/www-servers/nginx/nginx-1.15.1.ebuild deleted file mode 100644 index 4d922841b297..000000000000 --- a/www-servers/nginx/nginx-1.15.1.ebuild +++ /dev/null @@ -1,1079 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -# Maintainer notes: -# - http_rewrite-independent pcre-support makes sense for matching locations without an actual rewrite -# - any http-module activates the main http-functionality and overrides USE=-http -# - keep the following requirements in mind before adding external modules: -# * alive upstream -# * sane packaging -# * builds cleanly -# * does not need a patch for nginx core -# - TODO: test the google-perftools module (included in vanilla tarball) - -# prevent perl-module from adding automagic perl DEPENDs -GENTOO_DEPEND_ON_PERL="no" - -# devel_kit (https://github.com/simpl/ngx_devel_kit, BSD license) -DEVEL_KIT_MODULE_PV="0.3.0" -DEVEL_KIT_MODULE_P="ngx_devel_kit-${DEVEL_KIT_MODULE_PV}-r1" -DEVEL_KIT_MODULE_URI="https://github.com/simpl/ngx_devel_kit/archive/v${DEVEL_KIT_MODULE_PV}.tar.gz" -DEVEL_KIT_MODULE_WD="${WORKDIR}/ngx_devel_kit-${DEVEL_KIT_MODULE_PV}" - -# ngx_brotli (https://github.com/eustas/ngx_brotli, BSD-2) -HTTP_BROTLI_MODULE_PV="0.1.2" -HTTP_BROTLI_MODULE_P="ngx_brotli-${HTTP_BROTLI_MODULE_PV}" -HTTP_BROTLI_MODULE_URI="https://github.com/eustas/ngx_brotli/archive/v${HTTP_BROTLI_MODULE_PV}.tar.gz" -HTTP_BROTLI_MODULE_WD="${WORKDIR}/ngx_brotli-${HTTP_BROTLI_MODULE_PV}" - -# http_uploadprogress (https://github.com/masterzen/nginx-upload-progress-module, BSD-2 license) -HTTP_UPLOAD_PROGRESS_MODULE_PV="0.9.2" -HTTP_UPLOAD_PROGRESS_MODULE_P="ngx_http_upload_progress-${HTTP_UPLOAD_PROGRESS_MODULE_PV}-r1" -HTTP_UPLOAD_PROGRESS_MODULE_URI="https://github.com/masterzen/nginx-upload-progress-module/archive/v${HTTP_UPLOAD_PROGRESS_MODULE_PV}.tar.gz" -HTTP_UPLOAD_PROGRESS_MODULE_WD="${WORKDIR}/nginx-upload-progress-module-${HTTP_UPLOAD_PROGRESS_MODULE_PV}" - -# http_headers_more (https://github.com/agentzh/headers-more-nginx-module, BSD license) -HTTP_HEADERS_MORE_MODULE_PV="0.33" -HTTP_HEADERS_MORE_MODULE_P="ngx_http_headers_more-${HTTP_HEADERS_MORE_MODULE_PV}" -HTTP_HEADERS_MORE_MODULE_URI="https://github.com/agentzh/headers-more-nginx-module/archive/v${HTTP_HEADERS_MORE_MODULE_PV}.tar.gz" -HTTP_HEADERS_MORE_MODULE_WD="${WORKDIR}/headers-more-nginx-module-${HTTP_HEADERS_MORE_MODULE_PV}" - -# http_cache_purge (http://labs.frickle.com/nginx_ngx_cache_purge/, https://github.com/FRiCKLE/ngx_cache_purge, BSD-2 license) -HTTP_CACHE_PURGE_MODULE_PV="2.3" -HTTP_CACHE_PURGE_MODULE_P="ngx_http_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}" -HTTP_CACHE_PURGE_MODULE_URI="http://labs.frickle.com/files/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}.tar.gz" -HTTP_CACHE_PURGE_MODULE_WD="${WORKDIR}/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}" - -# http_slowfs_cache (http://labs.frickle.com/nginx_ngx_slowfs_cache/, BSD-2 license) -HTTP_SLOWFS_CACHE_MODULE_PV="1.10" -HTTP_SLOWFS_CACHE_MODULE_P="ngx_http_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}" -HTTP_SLOWFS_CACHE_MODULE_URI="http://labs.frickle.com/files/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}.tar.gz" -HTTP_SLOWFS_CACHE_MODULE_WD="${WORKDIR}/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}" - -# http_fancyindex (https://github.com/aperezdc/ngx-fancyindex, BSD license) -HTTP_FANCYINDEX_MODULE_PV="0.4.3" -HTTP_FANCYINDEX_MODULE_P="ngx_http_fancyindex-${HTTP_FANCYINDEX_MODULE_PV}" -HTTP_FANCYINDEX_MODULE_URI="https://github.com/aperezdc/ngx-fancyindex/archive/v${HTTP_FANCYINDEX_MODULE_PV}.tar.gz" -HTTP_FANCYINDEX_MODULE_WD="${WORKDIR}/ngx-fancyindex-${HTTP_FANCYINDEX_MODULE_PV}" - -# http_lua (https://github.com/openresty/lua-nginx-module, BSD license) -HTTP_LUA_MODULE_PV="0.10.13" -HTTP_LUA_MODULE_P="ngx_http_lua-${HTTP_LUA_MODULE_PV}" -HTTP_LUA_MODULE_URI="https://github.com/openresty/lua-nginx-module/archive/v${HTTP_LUA_MODULE_PV}.tar.gz" -HTTP_LUA_MODULE_WD="${WORKDIR}/lua-nginx-module-${HTTP_LUA_MODULE_PV}" - -# http_auth_pam (https://github.com/stogh/ngx_http_auth_pam_module/, http://web.iti.upv.es/~sto/nginx/, BSD-2 license) -HTTP_AUTH_PAM_MODULE_PV="1.5.1" -HTTP_AUTH_PAM_MODULE_P="ngx_http_auth_pam-${HTTP_AUTH_PAM_MODULE_PV}" -HTTP_AUTH_PAM_MODULE_URI="https://github.com/stogh/ngx_http_auth_pam_module/archive/v${HTTP_AUTH_PAM_MODULE_PV}.tar.gz" -HTTP_AUTH_PAM_MODULE_WD="${WORKDIR}/ngx_http_auth_pam_module-${HTTP_AUTH_PAM_MODULE_PV}" - -# http_upstream_check (https://github.com/yaoweibin/nginx_upstream_check_module, BSD license) -HTTP_UPSTREAM_CHECK_MODULE_PV="9aecf15ec379fe98f62355c57b60c0bc83296f04" -HTTP_UPSTREAM_CHECK_MODULE_P="ngx_http_upstream_check-${HTTP_UPSTREAM_CHECK_MODULE_PV}" -HTTP_UPSTREAM_CHECK_MODULE_URI="https://github.com/yaoweibin/nginx_upstream_check_module/archive/${HTTP_UPSTREAM_CHECK_MODULE_PV}.tar.gz" -HTTP_UPSTREAM_CHECK_MODULE_WD="${WORKDIR}/nginx_upstream_check_module-${HTTP_UPSTREAM_CHECK_MODULE_PV}" - -# http_metrics (https://github.com/zenops/ngx_metrics, BSD license) -HTTP_METRICS_MODULE_PV="0.1.1" -HTTP_METRICS_MODULE_P="ngx_metrics-${HTTP_METRICS_MODULE_PV}" -HTTP_METRICS_MODULE_URI="https://github.com/madvertise/ngx_metrics/archive/v${HTTP_METRICS_MODULE_PV}.tar.gz" -HTTP_METRICS_MODULE_WD="${WORKDIR}/ngx_metrics-${HTTP_METRICS_MODULE_PV}" - -# http_vhost_traffic_status (https://github.com/vozlt/nginx-module-vts, BSD license) -HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV="0.1.18" -HTTP_VHOST_TRAFFIC_STATUS_MODULE_P="ngx_http_vhost_traffic_status-${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}" -HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI="https://github.com/vozlt/nginx-module-vts/archive/v${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}.tar.gz" -HTTP_VHOST_TRAFFIC_STATUS_MODULE_WD="${WORKDIR}/nginx-module-vts-${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}" - -# naxsi-core (https://github.com/nbs-system/naxsi, GPLv2+) -HTTP_NAXSI_MODULE_PV="0.56" -HTTP_NAXSI_MODULE_P="ngx_http_naxsi-${HTTP_NAXSI_MODULE_PV}" -HTTP_NAXSI_MODULE_URI="https://github.com/nbs-system/naxsi/archive/${HTTP_NAXSI_MODULE_PV}.tar.gz" -HTTP_NAXSI_MODULE_WD="${WORKDIR}/naxsi-${HTTP_NAXSI_MODULE_PV}/naxsi_src" - -# nginx-rtmp-module (https://github.com/arut/nginx-rtmp-module, BSD license) -RTMP_MODULE_PV="1.2.1" -RTMP_MODULE_P="ngx_rtmp-${RTMP_MODULE_PV}" -RTMP_MODULE_URI="https://github.com/arut/nginx-rtmp-module/archive/v${RTMP_MODULE_PV}.tar.gz" -RTMP_MODULE_WD="${WORKDIR}/nginx-rtmp-module-${RTMP_MODULE_PV}" - -# nginx-dav-ext-module (https://github.com/arut/nginx-dav-ext-module, BSD license) -HTTP_DAV_EXT_MODULE_PV="0.1.0" -HTTP_DAV_EXT_MODULE_P="ngx_http_dav_ext-${HTTP_DAV_EXT_MODULE_PV}" -HTTP_DAV_EXT_MODULE_URI="https://github.com/arut/nginx-dav-ext-module/archive/v${HTTP_DAV_EXT_MODULE_PV}.tar.gz" -HTTP_DAV_EXT_MODULE_WD="${WORKDIR}/nginx-dav-ext-module-${HTTP_DAV_EXT_MODULE_PV}" - -# echo-nginx-module (https://github.com/openresty/echo-nginx-module, BSD license) -HTTP_ECHO_MODULE_PV="0.61" -HTTP_ECHO_MODULE_P="ngx_http_echo-${HTTP_ECHO_MODULE_PV}" -HTTP_ECHO_MODULE_URI="https://github.com/openresty/echo-nginx-module/archive/v${HTTP_ECHO_MODULE_PV}.tar.gz" -HTTP_ECHO_MODULE_WD="${WORKDIR}/echo-nginx-module-${HTTP_ECHO_MODULE_PV}" - -# mod_security for nginx (https://modsecurity.org/, Apache-2.0) -# keep the MODULE_P here consistent with upstream to avoid tarball duplication -HTTP_SECURITY_MODULE_PV="2.9.2" -HTTP_SECURITY_MODULE_P="modsecurity-${HTTP_SECURITY_MODULE_PV}" -HTTP_SECURITY_MODULE_URI="https://www.modsecurity.org/tarball/${HTTP_SECURITY_MODULE_PV}/${HTTP_SECURITY_MODULE_P}.tar.gz" -HTTP_SECURITY_MODULE_WD="${WORKDIR}/${HTTP_SECURITY_MODULE_P}" - -# push-stream-module (http://www.nginxpushstream.com, https://github.com/wandenberg/nginx-push-stream-module, GPL-3) -HTTP_PUSH_STREAM_MODULE_PV="0.5.4" -HTTP_PUSH_STREAM_MODULE_P="ngx_http_push_stream-${HTTP_PUSH_STREAM_MODULE_PV}" -HTTP_PUSH_STREAM_MODULE_URI="https://github.com/wandenberg/nginx-push-stream-module/archive/${HTTP_PUSH_STREAM_MODULE_PV}.tar.gz" -HTTP_PUSH_STREAM_MODULE_WD="${WORKDIR}/nginx-push-stream-module-${HTTP_PUSH_STREAM_MODULE_PV}" - -# sticky-module (https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng, BSD-2) -HTTP_STICKY_MODULE_PV="1.2.6-10-g08a395c66e42" -HTTP_STICKY_MODULE_P="nginx_http_sticky_module_ng-${HTTP_STICKY_MODULE_PV}" -HTTP_STICKY_MODULE_URI="https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/${HTTP_STICKY_MODULE_PV}.tar.bz2" -HTTP_STICKY_MODULE_WD="${WORKDIR}/nginx-goodies-nginx-sticky-module-ng-08a395c66e42" - -# mogilefs-module (https://github.com/vkholodkov/nginx-mogilefs-module, BSD-2) -HTTP_MOGILEFS_MODULE_PV="1.0.4" -HTTP_MOGILEFS_MODULE_P="ngx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}" -HTTP_MOGILEFS_MODULE_URI="https://github.com/vkholodkov/nginx-mogilefs-module/archive/${HTTP_MOGILEFS_MODULE_PV}.tar.gz" -HTTP_MOGILEFS_MODULE_WD="${WORKDIR}/nginx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}" - -# memc-module (https://github.com/openresty/memc-nginx-module, BSD-2) -HTTP_MEMC_MODULE_PV="0.19" -HTTP_MEMC_MODULE_P="ngx_memc_module-${HTTP_MEMC_MODULE_PV}" -HTTP_MEMC_MODULE_URI="https://github.com/openresty/memc-nginx-module/archive/v${HTTP_MEMC_MODULE_PV}.tar.gz" -HTTP_MEMC_MODULE_WD="${WORKDIR}/memc-nginx-module-${HTTP_MEMC_MODULE_PV}" - -# nginx-ldap-auth-module (https://github.com/kvspb/nginx-auth-ldap, BSD-2) -HTTP_LDAP_MODULE_PV="42d195d7a7575ebab1c369ad3fc5d78dc2c2669c" -HTTP_LDAP_MODULE_P="nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}" -HTTP_LDAP_MODULE_URI="https://github.com/kvspb/nginx-auth-ldap/archive/${HTTP_LDAP_MODULE_PV}.tar.gz" -HTTP_LDAP_MODULE_WD="${WORKDIR}/nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}" - -# geoip2 (https://github.com/leev/ngx_http_geoip2_module, BSD-2) -GEOIP2_MODULE_PV="2.0" -GEOIP2_MODULE_P="ngx_http_geoip2_module-${GEOIP2_MODULE_PV}" -GEOIP2_MODULE_URI="https://github.com/leev/ngx_http_geoip2_module/archive/${GEOIP2_MODULE_PV}.tar.gz" -GEOIP2_MODULE_WD="${WORKDIR}/ngx_http_geoip2_module-${GEOIP2_MODULE_PV}" - -# njs-module (https://github.com/nginx/njs, as-is) -NJS_MODULE_PV="0.2.2" -NJS_MODULE_P="njs-${NJS_MODULE_PV}" -NJS_MODULE_URI="https://github.com/nginx/njs/archive/${NJS_MODULE_PV}.tar.gz" -NJS_MODULE_WD="${WORKDIR}/njs-${NJS_MODULE_PV}" - -# We handle deps below ourselves -SSL_DEPS_SKIP=1 -AUTOTOOLS_AUTO_DEPEND="no" - -inherit autotools ssl-cert toolchain-funcs perl-module flag-o-matic user systemd versionator multilib - -DESCRIPTION="Robust, small and high performance http and reverse proxy server" -HOMEPAGE="https://nginx.org" -SRC_URI="https://nginx.org/download/${P}.tar.gz - ${DEVEL_KIT_MODULE_URI} -> ${DEVEL_KIT_MODULE_P}.tar.gz - nginx_modules_http_auth_ldap? ( ${HTTP_LDAP_MODULE_URI} -> ${HTTP_LDAP_MODULE_P}.tar.gz ) - nginx_modules_http_auth_pam? ( ${HTTP_AUTH_PAM_MODULE_URI} -> ${HTTP_AUTH_PAM_MODULE_P}.tar.gz ) - nginx_modules_http_brotli? ( ${HTTP_BROTLI_MODULE_URI} -> ${HTTP_BROTLI_MODULE_P}.tar.gz ) - nginx_modules_http_cache_purge? ( ${HTTP_CACHE_PURGE_MODULE_URI} -> ${HTTP_CACHE_PURGE_MODULE_P}.tar.gz ) - nginx_modules_http_dav_ext? ( ${HTTP_DAV_EXT_MODULE_URI} -> ${HTTP_DAV_EXT_MODULE_P}.tar.gz ) - nginx_modules_http_echo? ( ${HTTP_ECHO_MODULE_URI} -> ${HTTP_ECHO_MODULE_P}.tar.gz ) - nginx_modules_http_fancyindex? ( ${HTTP_FANCYINDEX_MODULE_URI} -> ${HTTP_FANCYINDEX_MODULE_P}.tar.gz ) - nginx_modules_http_geoip2? ( ${GEOIP2_MODULE_URI} -> ${GEOIP2_MODULE_P}.tar.gz ) - nginx_modules_http_headers_more? ( ${HTTP_HEADERS_MORE_MODULE_URI} -> ${HTTP_HEADERS_MORE_MODULE_P}.tar.gz ) - nginx_modules_http_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz ) - nginx_modules_http_lua? ( ${HTTP_LUA_MODULE_URI} -> ${HTTP_LUA_MODULE_P}.tar.gz ) - nginx_modules_http_memc? ( ${HTTP_MEMC_MODULE_URI} -> ${HTTP_MEMC_MODULE_P}.tar.gz ) - nginx_modules_http_metrics? ( ${HTTP_METRICS_MODULE_URI} -> ${HTTP_METRICS_MODULE_P}.tar.gz ) - nginx_modules_http_mogilefs? ( ${HTTP_MOGILEFS_MODULE_URI} -> ${HTTP_MOGILEFS_MODULE_P}.tar.gz ) - nginx_modules_http_naxsi? ( ${HTTP_NAXSI_MODULE_URI} -> ${HTTP_NAXSI_MODULE_P}.tar.gz ) - nginx_modules_http_push_stream? ( ${HTTP_PUSH_STREAM_MODULE_URI} -> ${HTTP_PUSH_STREAM_MODULE_P}.tar.gz ) - nginx_modules_http_security? ( ${HTTP_SECURITY_MODULE_URI} -> ${HTTP_SECURITY_MODULE_P}.tar.gz ) - nginx_modules_http_slowfs_cache? ( ${HTTP_SLOWFS_CACHE_MODULE_URI} -> ${HTTP_SLOWFS_CACHE_MODULE_P}.tar.gz ) - nginx_modules_http_sticky? ( ${HTTP_STICKY_MODULE_URI} -> ${HTTP_STICKY_MODULE_P}.tar.bz2 ) - nginx_modules_http_upload_progress? ( ${HTTP_UPLOAD_PROGRESS_MODULE_URI} -> ${HTTP_UPLOAD_PROGRESS_MODULE_P}.tar.gz ) - nginx_modules_http_upstream_check? ( ${HTTP_UPSTREAM_CHECK_MODULE_URI} -> ${HTTP_UPSTREAM_CHECK_MODULE_P}.tar.gz ) - nginx_modules_http_vhost_traffic_status? ( ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI} -> ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_P}.tar.gz ) - nginx_modules_stream_geoip2? ( ${GEOIP2_MODULE_URI} -> ${GEOIP2_MODULE_P}.tar.gz ) - nginx_modules_stream_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz ) - rtmp? ( ${RTMP_MODULE_URI} -> ${RTMP_MODULE_P}.tar.gz )" - -LICENSE="BSD-2 BSD SSLeay MIT GPL-2 GPL-2+ - nginx_modules_http_security? ( Apache-2.0 ) - nginx_modules_http_push_stream? ( GPL-3 )" - -SLOT="mainline" -KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86 ~x86-fbsd ~amd64-linux ~x86-linux" - -# Package doesn't provide a real test suite -RESTRICT="test" - -NGINX_MODULES_STD="access auth_basic autoindex browser charset empty_gif - fastcgi geo grpc gzip limit_req limit_conn map memcached mirror - proxy referer rewrite scgi ssi split_clients upstream_hash - upstream_ip_hash upstream_keepalive upstream_least_conn - upstream_zone userid uwsgi" -NGINX_MODULES_OPT="addition auth_request dav degradation flv geoip gunzip - gzip_static image_filter mp4 perl random_index realip secure_link - slice stub_status sub xslt" -NGINX_MODULES_STREAM_STD="access geo limit_conn map return split_clients - upstream_hash upstream_least_conn upstream_zone" -NGINX_MODULES_STREAM_OPT="geoip realip ssl_preread" -NGINX_MODULES_MAIL="imap pop3 smtp" -NGINX_MODULES_3RD=" - http_auth_ldap - http_auth_pam - http_brotli - http_cache_purge - http_dav_ext - http_echo - http_fancyindex - http_geoip2 - http_headers_more - http_javascript - http_lua - http_memc - http_metrics - http_mogilefs - http_naxsi - http_push_stream - http_security - http_slowfs_cache - http_sticky - http_upload_progress - http_upstream_check - http_vhost_traffic_status - stream_geoip2 - stream_javascript -" - -IUSE="aio debug +http +http2 +http-cache +ipv6 libatomic libressl luajit +pcre - pcre-jit rtmp selinux ssl threads userland_GNU vim-syntax" - -for mod in $NGINX_MODULES_STD; do - IUSE="${IUSE} +nginx_modules_http_${mod}" -done - -for mod in $NGINX_MODULES_OPT; do - IUSE="${IUSE} nginx_modules_http_${mod}" -done - -for mod in $NGINX_MODULES_STREAM_STD; do - IUSE="${IUSE} nginx_modules_stream_${mod}" -done - -for mod in $NGINX_MODULES_STREAM_OPT; do - IUSE="${IUSE} nginx_modules_stream_${mod}" -done - -for mod in $NGINX_MODULES_MAIL; do - IUSE="${IUSE} nginx_modules_mail_${mod}" -done - -for mod in $NGINX_MODULES_3RD; do - IUSE="${IUSE} nginx_modules_${mod}" -done - -# Add so we can warn users updating about config changes -# @TODO: jbergstroem: remove on next release series -IUSE="${IUSE} nginx_modules_http_spdy" - -CDEPEND=" - pcre? ( dev-libs/libpcre:= ) - pcre-jit? ( dev-libs/libpcre:=[jit] ) - ssl? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:= ) - ) - http2? ( - !libressl? ( >=dev-libs/openssl-1.0.1c:0= ) - libressl? ( dev-libs/libressl:= ) - ) - http-cache? ( - userland_GNU? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:= ) - ) - ) - nginx_modules_http_brotli? ( app-arch/brotli:= ) - nginx_modules_http_geoip? ( dev-libs/geoip ) - nginx_modules_http_geoip2? ( dev-libs/libmaxminddb:= ) - nginx_modules_http_gunzip? ( sys-libs/zlib ) - nginx_modules_http_gzip? ( sys-libs/zlib ) - nginx_modules_http_gzip_static? ( sys-libs/zlib ) - nginx_modules_http_image_filter? ( media-libs/gd:=[jpeg,png] ) - nginx_modules_http_perl? ( >=dev-lang/perl-5.8:= ) - nginx_modules_http_rewrite? ( dev-libs/libpcre:= ) - nginx_modules_http_secure_link? ( - userland_GNU? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:= ) - ) - ) - nginx_modules_http_xslt? ( dev-libs/libxml2:= dev-libs/libxslt ) - nginx_modules_http_lua? ( !luajit? ( dev-lang/lua:0= ) luajit? ( dev-lang/luajit:2= ) ) - nginx_modules_http_auth_pam? ( virtual/pam ) - nginx_modules_http_metrics? ( dev-libs/yajl:= ) - nginx_modules_http_dav_ext? ( dev-libs/expat ) - nginx_modules_http_security? ( - dev-libs/apr:= - dev-libs/apr-util:= - dev-libs/libxml2:= - net-misc/curl - www-servers/apache - ) - nginx_modules_http_auth_ldap? ( net-nds/openldap[ssl?] )" -RDEPEND="${CDEPEND} - selinux? ( sec-policy/selinux-nginx ) - !www-servers/nginx:0" -DEPEND="${CDEPEND} - nginx_modules_http_brotli? ( virtual/pkgconfig ) - nginx_modules_http_security? ( ${AUTOTOOLS_DEPEND} ) - arm? ( dev-libs/libatomic_ops ) - libatomic? ( dev-libs/libatomic_ops )" -PDEPEND="vim-syntax? ( app-vim/nginx-syntax )" - -REQUIRED_USE="pcre-jit? ( pcre ) - nginx_modules_http_grpc? ( http2 ) - nginx_modules_http_lua? ( nginx_modules_http_rewrite ) - nginx_modules_http_naxsi? ( pcre ) - nginx_modules_http_dav_ext? ( nginx_modules_http_dav ) - nginx_modules_http_metrics? ( nginx_modules_http_stub_status ) - nginx_modules_http_security? ( pcre ) - nginx_modules_http_push_stream? ( ssl )" - -pkg_setup() { - NGINX_HOME="/var/lib/nginx" - NGINX_HOME_TMP="${NGINX_HOME}/tmp" - - ebegin "Creating nginx user and group" - enewgroup ${PN} - enewuser ${PN} -1 -1 "${NGINX_HOME}" ${PN} - eend $? - - if use libatomic; then - ewarn "GCC 4.1+ features built-in atomic operations." - ewarn "Using libatomic_ops is only needed if using" - ewarn "a different compiler or a GCC prior to 4.1" - fi - - if [[ -n $NGINX_ADD_MODULES ]]; then - ewarn "You are building custom modules via \$NGINX_ADD_MODULES!" - ewarn "This nginx installation is not supported!" - ewarn "Make sure you can reproduce the bug without those modules" - ewarn "_before_ reporting bugs." - fi - - if use !http; then - ewarn "To actually disable all http-functionality you also have to disable" - ewarn "all nginx http modules." - fi - - if use nginx_modules_http_mogilefs && use threads; then - eerror "mogilefs won't compile with threads support." - eerror "Please disable either flag and try again." - die "Can't compile mogilefs with threads support" - fi -} - -src_prepare() { - eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch" - eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch" - - if use nginx_modules_http_brotli; then - cd "${HTTP_BROTLI_MODULE_WD}" || die - eapply "${FILESDIR}"/http_brotli-detect-brotli-r1.patch - cd "${S}" || die - fi - - if use nginx_modules_http_upstream_check; then - eapply -p0 "${FILESDIR}"/http_upstream_check-nginx-1.11.5+.patch - fi - - if use nginx_modules_http_cache_purge; then - cd "${HTTP_CACHE_PURGE_MODULE_WD}" || die - eapply "${FILESDIR}"/http_cache_purge-1.11.6+.patch - cd "${S}" || die - fi - - if use nginx_modules_http_security; then - cd "${HTTP_SECURITY_MODULE_WD}" || die - - eautoreconf - - if use luajit ; then - sed -i \ - -e 's|^\(LUA_PKGNAMES\)=.*|\1="luajit"|' \ - configure || die - fi - - cd "${S}" || die - fi - - if use nginx_modules_http_upload_progress; then - cd "${HTTP_UPLOAD_PROGRESS_MODULE_WD}" || die - eapply "${FILESDIR}"/http_uploadprogress-issue_50-r1.patch - cd "${S}" || die - fi - - find auto/ -type f -print0 | xargs -0 sed -i 's:\&\& make:\&\& \\$(MAKE):' || die - # We have config protection, don't rename etc files - sed -i 's:.default::' auto/install || die - # remove useless files - sed -i -e '/koi-/d' -e '/win-/d' auto/install || die - - # don't install to /etc/nginx/ if not in use - local module - for module in fastcgi scgi uwsgi ; do - if ! use nginx_modules_http_${module}; then - sed -i -e "/${module}/d" auto/install || die - fi - done - - eapply_user -} - -src_configure() { - # mod_security needs to generate nginx/modsecurity/config before including it - if use nginx_modules_http_security; then - cd "${HTTP_SECURITY_MODULE_WD}" || die - - ./configure \ - --enable-standalone-module \ - --disable-mlogc \ - --with-ssdeep=no \ - $(use_enable pcre-jit) \ - $(use_with nginx_modules_http_lua lua) || die "configure failed for mod_security" - - cd "${S}" || die - fi - - local myconf=() http_enabled= mail_enabled= stream_enabled= - - use aio && myconf+=( --with-file-aio ) - use debug && myconf+=( --with-debug ) - use http2 && myconf+=( --with-http_v2_module ) - use libatomic && myconf+=( --with-libatomic ) - use pcre && myconf+=( --with-pcre ) - use pcre-jit && myconf+=( --with-pcre-jit ) - use threads && myconf+=( --with-threads ) - - # HTTP modules - for mod in $NGINX_MODULES_STD; do - if use nginx_modules_http_${mod}; then - http_enabled=1 - else - myconf+=( --without-http_${mod}_module ) - fi - done - - for mod in $NGINX_MODULES_OPT; do - if use nginx_modules_http_${mod}; then - http_enabled=1 - myconf+=( --with-http_${mod}_module ) - fi - done - - if use nginx_modules_http_fastcgi; then - myconf+=( --with-http_realip_module ) - fi - - # third-party modules - if use nginx_modules_http_upload_progress; then - http_enabled=1 - myconf+=( --add-module=${HTTP_UPLOAD_PROGRESS_MODULE_WD} ) - fi - - if use nginx_modules_http_headers_more; then - http_enabled=1 - myconf+=( --add-module=${HTTP_HEADERS_MORE_MODULE_WD} ) - fi - - if use nginx_modules_http_cache_purge; then - http_enabled=1 - myconf+=( --add-module=${HTTP_CACHE_PURGE_MODULE_WD} ) - fi - - if use nginx_modules_http_slowfs_cache; then - http_enabled=1 - myconf+=( --add-module=${HTTP_SLOWFS_CACHE_MODULE_WD} ) - fi - - if use nginx_modules_http_fancyindex; then - http_enabled=1 - myconf+=( --add-module=${HTTP_FANCYINDEX_MODULE_WD} ) - fi - - if use nginx_modules_http_lua; then - http_enabled=1 - if use luajit; then - export LUAJIT_LIB=$(pkg-config --variable libdir luajit) - export LUAJIT_INC=$(pkg-config --variable includedir luajit) - else - export LUA_LIB=$(pkg-config --variable libdir lua) - export LUA_INC=$(pkg-config --variable includedir lua) - fi - myconf+=( --add-module=${DEVEL_KIT_MODULE_WD} ) - myconf+=( --add-module=${HTTP_LUA_MODULE_WD} ) - fi - - if use nginx_modules_http_auth_pam; then - http_enabled=1 - myconf+=( --add-module=${HTTP_AUTH_PAM_MODULE_WD} ) - fi - - if use nginx_modules_http_upstream_check; then - http_enabled=1 - myconf+=( --add-module=${HTTP_UPSTREAM_CHECK_MODULE_WD} ) - fi - - if use nginx_modules_http_metrics; then - http_enabled=1 - myconf+=( --add-module=${HTTP_METRICS_MODULE_WD} ) - fi - - if use nginx_modules_http_naxsi ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_NAXSI_MODULE_WD} ) - fi - - if use rtmp ; then - http_enabled=1 - myconf+=( --add-module=${RTMP_MODULE_WD} ) - fi - - if use nginx_modules_http_dav_ext ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_DAV_EXT_MODULE_WD} ) - fi - - if use nginx_modules_http_echo ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_ECHO_MODULE_WD} ) - fi - - if use nginx_modules_http_security ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_SECURITY_MODULE_WD}/nginx/modsecurity ) - fi - - if use nginx_modules_http_push_stream ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_PUSH_STREAM_MODULE_WD} ) - fi - - if use nginx_modules_http_sticky ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_STICKY_MODULE_WD} ) - fi - - if use nginx_modules_http_mogilefs ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_MOGILEFS_MODULE_WD} ) - fi - - if use nginx_modules_http_memc ; then - http_enabled=1 - myconf+=( --add-module=${HTTP_MEMC_MODULE_WD} ) - fi - - if use nginx_modules_http_auth_ldap; then - http_enabled=1 - myconf+=( --add-module=${HTTP_LDAP_MODULE_WD} ) - fi - - if use nginx_modules_http_vhost_traffic_status; then - http_enabled=1 - myconf+=( --add-module=${HTTP_VHOST_TRAFFIC_STATUS_MODULE_WD} ) - fi - - if use nginx_modules_http_geoip2 || use nginx_modules_stream_geoip2; then - myconf+=( --add-module=${GEOIP2_MODULE_WD} ) - fi - - if use nginx_modules_http_javascript || use nginx_modules_stream_javascript; then - myconf+=( --add-module="${NJS_MODULE_WD}/nginx" ) - fi - - if use nginx_modules_http_brotli; then - http_enabled=1 - myconf+=( --add-module=${HTTP_BROTLI_MODULE_WD} ) - fi - - if use http || use http-cache || use http2 || use nginx_modules_http_javascript; then - http_enabled=1 - fi - - if [ $http_enabled ]; then - use http-cache || myconf+=( --without-http-cache ) - use ssl && myconf+=( --with-http_ssl_module ) - else - myconf+=( --without-http --without-http-cache ) - fi - - # Stream modules - for mod in $NGINX_MODULES_STREAM_STD; do - if use nginx_modules_stream_${mod}; then - stream_enabled=1 - else - myconf+=( --without-stream_${mod}_module ) - fi - done - - for mod in $NGINX_MODULES_STREAM_OPT; do - if use nginx_modules_stream_${mod}; then - stream_enabled=1 - myconf+=( --with-stream_${mod}_module ) - fi - done - - if use nginx_modules_stream_geoip2 || use nginx_modules_stream_javascript; then - stream_enabled=1 - fi - - if [ $stream_enabled ]; then - myconf+=( --with-stream ) - use ssl && myconf+=( --with-stream_ssl_module ) - fi - - # MAIL modules - for mod in $NGINX_MODULES_MAIL; do - if use nginx_modules_mail_${mod}; then - mail_enabled=1 - else - myconf+=( --without-mail_${mod}_module ) - fi - done - - if [ $mail_enabled ]; then - myconf+=( --with-mail ) - use ssl && myconf+=( --with-mail_ssl_module ) - fi - - # custom modules - for mod in $NGINX_ADD_MODULES; do - myconf+=( --add-module=${mod} ) - done - - # https://bugs.gentoo.org/286772 - export LANG=C LC_ALL=C - tc-export CC - - if ! use prefix; then - myconf+=( --user=${PN} ) - myconf+=( --group=${PN} ) - fi - - local WITHOUT_IPV6= - if ! use ipv6; then - WITHOUT_IPV6=" -DNGX_HAVE_INET6=0" - fi - - if [[ -n "${EXTRA_ECONF}" ]]; then - myconf+=( ${EXTRA_ECONF} ) - ewarn "EXTRA_ECONF applied. Now you are on your own, good luck!" - fi - - ./configure \ - --prefix="${EPREFIX}"/usr \ - --conf-path="${EPREFIX}"/etc/${PN}/${PN}.conf \ - --error-log-path="${EPREFIX}"/var/log/${PN}/error_log \ - --pid-path="${EPREFIX}"/run/${PN}.pid \ - --lock-path="${EPREFIX}"/run/lock/${PN}.lock \ - --with-cc-opt="-I${EROOT}usr/include${WITHOUT_IPV6}" \ - --with-ld-opt="-L${EROOT}usr/$(get_libdir)" \ - --http-log-path="${EPREFIX}"/var/log/${PN}/access_log \ - --http-client-body-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/client \ - --http-proxy-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/proxy \ - --http-fastcgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/fastcgi \ - --http-scgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/scgi \ - --http-uwsgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/uwsgi \ - --with-compat \ - "${myconf[@]}" || die "configure failed" - - # A purely cosmetic change that makes nginx -V more readable. This can be - # good if people outside the gentoo community would troubleshoot and - # question the users setup. - sed -i -e "s|${WORKDIR}|external_module|g" objs/ngx_auto_config.h || die -} - -src_compile() { - use nginx_modules_http_security && emake -C "${HTTP_SECURITY_MODULE_WD}" - - # https://bugs.gentoo.org/286772 - export LANG=C LC_ALL=C - emake LINK="${CC} ${LDFLAGS}" OTHERLDFLAGS="${LDFLAGS}" -} - -src_install() { - emake DESTDIR="${D%/}" install - - cp "${FILESDIR}"/nginx.conf-r2 "${ED}"etc/nginx/nginx.conf || die - - newinitd "${FILESDIR}"/nginx.initd-r4 nginx - newconfd "${FILESDIR}"/nginx.confd nginx - - systemd_newunit "${FILESDIR}"/nginx.service-r1 nginx.service - - doman man/nginx.8 - dodoc CHANGES* README - - # just keepdir. do not copy the default htdocs files (bug #449136) - keepdir /var/www/localhost - rm -rf "${D}"usr/html || die - - # set up a list of directories to keep - local keepdir_list="${NGINX_HOME_TMP}"/client - local module - for module in proxy fastcgi scgi uwsgi; do - use nginx_modules_http_${module} && keepdir_list+=" ${NGINX_HOME_TMP}/${module}" - done - - keepdir /var/log/nginx ${keepdir_list} - - # this solves a problem with SELinux where nginx doesn't see the directories - # as root and tries to create them as nginx - fperms 0750 "${NGINX_HOME_TMP}" - fowners ${PN}:0 "${NGINX_HOME_TMP}" - - fperms 0700 ${keepdir_list} - fowners ${PN}:${PN} ${keepdir_list} - - fperms 0710 /var/log/nginx - fowners 0:${PN} /var/log/nginx - - # logrotate - insinto /etc/logrotate.d - newins "${FILESDIR}"/nginx.logrotate-r1 nginx - - if use nginx_modules_http_perl; then - cd "${S}"/objs/src/http/modules/perl/ || die - emake DESTDIR="${D}" INSTALLDIRS=vendor - perl_delete_localpod - cd "${S}" || die - fi - - if use nginx_modules_http_cache_purge; then - docinto ${HTTP_CACHE_PURGE_MODULE_P} - dodoc "${HTTP_CACHE_PURGE_MODULE_WD}"/{CHANGES,README.md,TODO.md} - fi - - if use nginx_modules_http_slowfs_cache; then - docinto ${HTTP_SLOWFS_CACHE_MODULE_P} - dodoc "${HTTP_SLOWFS_CACHE_MODULE_WD}"/{CHANGES,README.md} - fi - - if use nginx_modules_http_fancyindex; then - docinto ${HTTP_FANCYINDEX_MODULE_P} - dodoc "${HTTP_FANCYINDEX_MODULE_WD}"/README.rst - fi - - if use nginx_modules_http_lua; then - docinto ${HTTP_LUA_MODULE_P} - dodoc "${HTTP_LUA_MODULE_WD}"/README.markdown - fi - - if use nginx_modules_http_auth_pam; then - docinto ${HTTP_AUTH_PAM_MODULE_P} - dodoc "${HTTP_AUTH_PAM_MODULE_WD}"/{README.md,ChangeLog} - fi - - if use nginx_modules_http_upstream_check; then - docinto ${HTTP_UPSTREAM_CHECK_MODULE_P} - dodoc "${HTTP_UPSTREAM_CHECK_MODULE_WD}"/{README,CHANGES} - fi - - if use nginx_modules_http_naxsi; then - insinto /etc/nginx - doins "${HTTP_NAXSI_MODULE_WD}"/../naxsi_config/naxsi_core.rules - fi - - if use rtmp; then - docinto ${RTMP_MODULE_P} - dodoc "${RTMP_MODULE_WD}"/{AUTHORS,README.md,stat.xsl} - fi - - if use nginx_modules_http_dav_ext; then - docinto ${HTTP_DAV_EXT_MODULE_P} - dodoc "${HTTP_DAV_EXT_MODULE_WD}"/README.rst - fi - - if use nginx_modules_http_echo; then - docinto ${HTTP_ECHO_MODULE_P} - dodoc "${HTTP_ECHO_MODULE_WD}"/README.markdown - fi - - if use nginx_modules_http_security; then - docinto ${HTTP_SECURITY_MODULE_P} - dodoc "${HTTP_SECURITY_MODULE_WD}"/{CHANGES,README.TXT,authors.txt} - fi - - if use nginx_modules_http_push_stream; then - docinto ${HTTP_PUSH_STREAM_MODULE_P} - dodoc "${HTTP_PUSH_STREAM_MODULE_WD}"/{AUTHORS,CHANGELOG.textile,README.textile} - fi - - if use nginx_modules_http_sticky; then - docinto ${HTTP_STICKY_MODULE_P} - dodoc "${HTTP_STICKY_MODULE_WD}"/{README.md,Changelog.txt,docs/sticky.pdf} - fi - - if use nginx_modules_http_memc; then - docinto ${HTTP_MEMC_MODULE_P} - dodoc "${HTTP_MEMC_MODULE_WD}"/README.markdown - fi - - if use nginx_modules_http_auth_ldap; then - docinto ${HTTP_LDAP_MODULE_P} - dodoc "${HTTP_LDAP_MODULE_WD}"/example.conf - fi -} - -pkg_postinst() { - if use ssl; then - if [[ ! -f "${EROOT}"etc/ssl/${PN}/${PN}.key ]]; then - install_cert /etc/ssl/${PN}/${PN} - use prefix || chown ${PN}:${PN} "${EROOT}"etc/ssl/${PN}/${PN}.{crt,csr,key,pem} - fi - fi - - if use nginx_modules_http_spdy; then - ewarn "" - ewarn "In nginx 1.9.5 the spdy module was superseded by http2." - ewarn "Update your configs and package.use accordingly." - fi - - if use nginx_modules_http_lua; then - ewarn "" - ewarn "While you can build lua 3rd party module against ${P}" - ewarn "the author warns that >=${PN}-1.11.11 is still not an" - ewarn "officially supported target yet. You are on your own." - ewarn "Expect runtime failures, memory leaks and other problems!" - fi - - if use nginx_modules_http_lua && use http2; then - ewarn "" - ewarn "Lua 3rd party module author warns against using ${P} with" - ewarn "NGINX_MODULES_HTTP=\"lua http2\". For more info, see https://git.io/OldLsg" - fi - - local _n_permission_layout_checks=0 - local _has_to_adjust_permissions=0 - local _has_to_show_permission_warning=0 - - # Defaults to 1 to inform people doing a fresh installation - # that we ship modified {scgi,uwsgi,fastcgi}_params files - local _has_to_show_httpoxy_mitigation_notice=1 - - local _replacing_version= - for _replacing_version in ${REPLACING_VERSIONS}; do - _n_permission_layout_checks=$((${_n_permission_layout_checks}+1)) - - if [[ ${_n_permission_layout_checks} -gt 1 ]]; then - # Should never happen: - # Package is abusing slots but doesn't allow multiple parallel installations. - # If we run into this situation it is unsafe to automatically adjust any - # permission... - _has_to_show_permission_warning=1 - - ewarn "Replacing multiple ${PN}' versions is unsupported! " \ - "You will have to adjust permissions on your own." - - break - fi - - local _replacing_version_branch=$(get_version_component_range 1-2 "${_replacing_version}") - debug-print "Updating an existing installation (v${_replacing_version}; branch '${_replacing_version_branch}') ..." - - # Do we need to adjust permissions to fix CVE-2013-0337 (bug #458726, #469094)? - # This was before we introduced multiple nginx versions so we - # do not need to distinguish between stable and mainline - local _need_to_fix_CVE2013_0337=1 - - if version_is_at_least "1.4.1-r2" "${_replacing_version}"; then - # We are updating an installation which should already be fixed - _need_to_fix_CVE2013_0337=0 - debug-print "Skipping CVE-2013-0337 ... existing installation should not be affected!" - else - _has_to_adjust_permissions=1 - debug-print "Need to adjust permissions to fix CVE-2013-0337!" - fi - - # Do we need to inform about HTTPoxy mitigation? - # In repository since commit 8be44f76d4ac02cebcd1e0e6e6284bb72d054b0f - if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then - # Updating from <1.10 - _has_to_show_httpoxy_mitigation_notice=1 - debug-print "Need to inform about HTTPoxy mitigation!" - else - # Updating from >=1.10 - local _fixed_in_pvr= - case "${_replacing_version_branch}" in - "1.10") - _fixed_in_pvr="1.10.1-r2" - ;; - "1.11") - _fixed_in_pvr="1.11.3-r1" - ;; - *) - # This should be any future branch. - # If we run this code it is safe to assume that the user has - # already seen the HTTPoxy mitigation notice because he/she is doing - # an update from previous version where we have already shown - # the warning. Otherwise, we wouldn't hit this code path ... - _fixed_in_pvr= - esac - - if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then - # We are updating an installation where we already informed - # that we are mitigating HTTPoxy per default - _has_to_show_httpoxy_mitigation_notice=0 - debug-print "No need to inform about HTTPoxy mitigation ... information was already shown for existing installation!" - else - _has_to_show_httpoxy_mitigation_notice=1 - debug-print "Need to inform about HTTPoxy mitigation!" - fi - fi - - # Do we need to adjust permissions to fix CVE-2016-1247 (bug #605008)? - # All branches up to 1.11 are affected - local _need_to_fix_CVE2016_1247=1 - - if ! version_is_at_least "1.10" "${_replacing_version_branch}"; then - # Updating from <1.10 - _has_to_adjust_permissions=1 - debug-print "Need to adjust permissions to fix CVE-2016-1247!" - else - # Updating from >=1.10 - local _fixed_in_pvr= - case "${_replacing_version_branch}" in - "1.10") - _fixed_in_pvr="1.10.2-r3" - ;; - "1.11") - _fixed_in_pvr="1.11.6-r1" - ;; - *) - # This should be any future branch. - # If we run this code it is safe to assume that we have already - # adjusted permissions or were never affected because user is - # doing an update from previous version which was safe or did - # the adjustments. Otherwise, we wouldn't hit this code path ... - _fixed_in_pvr= - esac - - if [[ -z "${_fixed_in_pvr}" ]] || version_is_at_least "${_fixed_in_pvr}" "${_replacing_version}"; then - # We are updating an installation which should already be adjusted - # or which was never affected - _need_to_fix_CVE2016_1247=0 - debug-print "Skipping CVE-2016-1247 ... existing installation should not be affected!" - else - _has_to_adjust_permissions=1 - debug-print "Need to adjust permissions to fix CVE-2016-1247!" - fi - fi - done - - if [[ ${_has_to_adjust_permissions} -eq 1 ]]; then - # We do not DIE when chmod/chown commands are failing because - # package is already merged on user's system at this stage - # and we cannot retry without losing the information that - # the existing installation needs to adjust permissions. - # Instead we are going to a show a big warning ... - - if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2013_0337} -eq 1 ]]; then - ewarn "" - ewarn "The world-readable bit (if set) has been removed from the" - ewarn "following directories to mitigate a security bug" - ewarn "(CVE-2013-0337, bug #458726):" - ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" - ewarn " ${EPREFIX%/}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}" - ewarn "" - ewarn "Check if this is correct for your setup before restarting nginx!" - ewarn "This is a one-time change and will not happen on subsequent updates." - ewarn "Furthermore nginx' temp directories got moved to '${EPREFIX%/}${NGINX_HOME_TMP}'" - chmod o-rwx \ - "${EPREFIX%/}"/var/log/nginx \ - "${EPREFIX%/}"${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi} || \ - _has_to_show_permission_warning=1 - fi - - if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2016_1247} -eq 1 ]]; then - ewarn "" - ewarn "The permissions on the following directory have been reset in" - ewarn "order to mitigate a security bug (CVE-2016-1247, bug #605008):" - ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" - ewarn "" - ewarn "Check if this is correct for your setup before restarting nginx!" - ewarn "Also ensure that no other log directory used by any of your" - ewarn "vhost(s) is not writeable for nginx user. Any of your log files" - ewarn "used by nginx can be abused to escalate privileges!" - ewarn "This is a one-time change and will not happen on subsequent updates." - chown 0:nginx "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 - chmod 710 "${EPREFIX%/}"/var/log/nginx || _has_to_show_permission_warning=1 - fi - - if [[ ${_has_to_show_permission_warning} -eq 1 ]]; then - # Should never happen ... - ewarn "" - ewarn "*************************************************************" - ewarn "*************** W A R N I N G ***************" - ewarn "*************************************************************" - ewarn "The one-time only attempt to adjust permissions of the" - ewarn "existing nginx installation failed. Be aware that we will not" - ewarn "try to adjust the same permissions again because now you are" - ewarn "using a nginx version where we expect that the permissions" - ewarn "are already adjusted or that you know what you are doing and" - ewarn "want to keep custom permissions." - ewarn "" - fi - fi - - # Sanity check for CVE-2016-1247 - # Required to warn users who received the warning above and thought - # they could fix it by unmerging and re-merging the package or have - # unmerged a affected installation on purpose in the past leaving - # /var/log/nginx on their system due to keepdir/non-empty folder - # and are now installing the package again. - local _sanity_check_testfile=$(mktemp --dry-run "${EPREFIX%/}"/var/log/nginx/.CVE-2016-1247.XXXXXXXXX) - su -s /bin/sh -c "touch ${_sanity_check_testfile}" nginx >&/dev/null - if [ $? -eq 0 ] ; then - # Cleanup -- no reason to die here! - rm -f "${_sanity_check_testfile}" - - ewarn "" - ewarn "*************************************************************" - ewarn "*************** W A R N I N G ***************" - ewarn "*************************************************************" - ewarn "Looks like your installation is vulnerable to CVE-2016-1247" - ewarn "(bug #605008) because nginx user is able to create files in" - ewarn "" - ewarn " ${EPREFIX%/}/var/log/nginx" - ewarn "" - ewarn "Also ensure that no other log directory used by any of your" - ewarn "vhost(s) is not writeable for nginx user. Any of your log files" - ewarn "used by nginx can be abused to escalate privileges!" - fi - - if [[ ${_has_to_show_httpoxy_mitigation_notice} -eq 1 ]]; then - # HTTPoxy mitigation - ewarn "" - ewarn "This nginx installation comes with a mitigation for the HTTPoxy" - ewarn "vulnerability for FastCGI, SCGI and uWSGI applications by setting" - ewarn "the HTTP_PROXY parameter to an empty string per default when you" - ewarn "are sourcing one of the default" - ewarn "" - ewarn " - 'fastcgi_params' or 'fastcgi.conf'" - ewarn " - 'scgi_params'" - ewarn " - 'uwsgi_params'" - ewarn "" - ewarn "files in your server block(s)." - ewarn "" - ewarn "If this is causing any problems for you make sure that you are sourcing the" - ewarn "default parameters _before_ you set your own values." - ewarn "If you are relying on user-supplied proxy values you have to remove the" - ewarn "correlating lines from the file(s) mentioned above." - ewarn "" - fi -} diff --git a/www-servers/tornado/Manifest b/www-servers/tornado/Manifest index 4f6e51f69902..b3c5d07fe72d 100644 --- a/www-servers/tornado/Manifest +++ b/www-servers/tornado/Manifest @@ -10,5 +10,5 @@ EBUILD tornado-4.4.2-r1.ebuild 1859 BLAKE2B bdd5e41507e83ebc9e2ce2d81e81363b3167 EBUILD tornado-4.5.1.ebuild 1868 BLAKE2B 722e23f6ecdb3d110a61cb074933b2b61b080bc21948fd42fae4099275f8c4114aeed18c6635aa1c569581c2364105c86278f31769dba27dd9d826aa95c29964 SHA512 a844f5b5b52ae13ada511f50c3979b1a96683bb81f52c93d71d89d38da98817e677bccc41113941d996594622e4dd312254a93c636c77d951f31c5b900312447 EBUILD tornado-4.5.3.ebuild 1859 BLAKE2B 9dc760d484e1b2742a68aa734f7cefe49a7ba4f4988cf9878584b54e19d9ef589d031255d847fa67ef1e45e0032e4bdc80f3351ae345105d040cdaca176af2bb SHA512 dd46fc428866b8f717adf6cf0c3421a6cfb8d33850fe902bf4babac59c82c46b62b2314685721b1f4d9c3a5eb68798699f142b2a0d4acc4830ebc867230a6354 EBUILD tornado-5.0.2.ebuild 1791 BLAKE2B c5be3458eac03a96dd4bdd248c6548aebd0eb03e2363c2cf2de79311e8f51d290ae320f97a7b9eda1e42fd21ea97b3e58b362883289e87bd6b3797bee1730b04 SHA512 7541ae290aba4adc0e32ed771ac3a8567a091a6dc000d1a76d829d895ba3fb2e793b2f0f084e975618c9ac0495264ce96b474cfbe8a1e2a6a5ebd9860c056ad1 -EBUILD tornado-5.1.ebuild 1612 BLAKE2B 6a56f2fd42d54c65af03d6380790dbb367e6869b049c0cfdb9b72064946b41e808b8f351028ed02bae7352a4b873d1ef789a22cd981dd9185600c757579163a7 SHA512 9a08d95d33cd9bc892fa509c5fb1fd53d6f3951d8ae87c83f3fb39eea34784f8edb4561e8d62e99d59f0b502b0c3b5dc235119a6fcd5d436069b4c1a5fdcbd55 +EBUILD tornado-5.1.ebuild 1614 BLAKE2B b53658c6e6e1ff32c3e24ffcec98fc10f77f9fd13f6715cfd16e9335884bca70ce78fa072ae8b040cfd9e1f8d9b64fee8e91720bce67289cae743cdfb5e4df30 SHA512 f4cdb0adcbb69e364e9dee6baccad15ff19cae62233293cf82706b15fe5ee35b94dc62abfa5447a76658d84e768e7f60840ede1b1ccd989a8deb3b18ef3dd821 MISC metadata.xml 380 BLAKE2B 16a28ca707ba911df09dfad39b269bd888734c1f5e54fdc57d84f62b541e284f248137a01c13055f5e9fa1e1da0a2c9e1382006119cc11ec19302516262b7dc1 SHA512 e790429d61042b60a9011710e96df0044c64cc5ac941ab6268386138d3a66e46d40ed1098ec8bc164d9f4341040946ec7231e8f28dda11790ecc482b06978771 diff --git a/www-servers/tornado/tornado-5.1.ebuild b/www-servers/tornado/tornado-5.1.ebuild index 7b99b382e3fd..728122716d35 100644 --- a/www-servers/tornado/tornado-5.1.ebuild +++ b/www-servers/tornado/tornado-5.1.ebuild @@ -3,7 +3,7 @@ EAPI=6 -PYTHON_COMPAT=( python2_7 python3_{4,5,6} ) +PYTHON_COMPAT=( python2_7 python3_{4,5,6,7} ) PYTHON_REQ_USE="threads(+)" inherit distutils-r1 diff --git a/www-servers/uwsgi/Manifest b/www-servers/uwsgi/Manifest index 99908371b6b9..c6f7be608e25 100644 --- a/www-servers/uwsgi/Manifest +++ b/www-servers/uwsgi/Manifest @@ -3,6 +3,8 @@ AUX 42_mod_uwsgi-r2.conf 254 BLAKE2B 27e8a1814eb6a3a2cf265d5364971cb2aa4ff97a428 AUX gentoo.buildconf 490 BLAKE2B 320b0471c0c76ab6c8ada7b034f612fc20398eb60e1edc3530be9d177bff755779251ea880d98addacf5476e3aae20145c95fad4d7baf594e58b9ebcaf2b0dde SHA512 d5bdc136374aed58ce206ea72cc45c72750f60117eef98960356b5cd64e2152c454af6b5aebb28f03ad46b42ea95a16fbf1e4a6f976ae78744550803ac775fe2 AUX uwsgi.confd-r4 1849 BLAKE2B 80afdf7a5ebc520d887061aba9f7cd64b1bca06d3da478d8d1090a8b9cba973ac2d3dbcbc2ceb980415e98317bc55b07a9a7e6641fac593dc4dd5466bd8d67c9 SHA512 041d1bd694fad6f7c5e28944aab6d7ba53b3c7fc990ce6b7c2d97b9f3d6650c46dda8069e545c252a7400e1d825c8e46d7393a289757b1bd665e64241ca3789a AUX uwsgi.initd-r7 3746 BLAKE2B a56c5f4e32ccb415fab10f357e2a7404179285e656d9f886809da281b214e2110c76e2cf8826d8fd90aba01262a5edc7a941522ff59348972c5a4325c784b9b9 SHA512 81ed974fb2957e05c890cab29f5b5a75845e6b7de899d2695fb2fa5f49b4545daa437c81c8dc5c735b24a45655cf6320c9256bc8faa7e32ffd7a2d981922def5 +DIST uwsgi-2.0.17.1.tar.gz 800156 BLAKE2B a8697263e6e7689c0062a06a9fdb1101a2df72e0ac9122b5f8a0acc78bbdbdeaa96faa1c8870b9c3a43e2e1fb5fc835e708e1bc3d0171ae746467b4734dc299d SHA512 10d357961fde3a3f5f8e77986cc647313f95a33243e24c2afc482fce21df68a8ae48f90e7b5b76d7edc3cf8fd474d99823d6d60ef7477349abc65a319222f11b DIST uwsgi-2.0.17.tar.gz 798642 BLAKE2B 86efb2103efaeedb37ebb00de4c01477162d119ae3dea0dc0696385216e30ff2c74eb48576f86eb181b8ada4b9eaa63b0aa761e966e3301597633d33b81142e1 SHA512 639427fbb89a1c2610c1cafb6ff009398a3c0a8e27c3de3f00829428271ba97b64b1253368dd6150912cf44441052be2a63cbe81613bbe964be27ee2e570d2b2 +EBUILD uwsgi-2.0.17.1.ebuild 12786 BLAKE2B 0ec5625970bd579005e552862aeca312793b6b91c40ac0064adb9c4bdea75b97cfa13a69f92d17912655c00e4556f4f06486d1289b97127e88bd5a712506423f SHA512 0b987ba9c350f647ccd8aa8fda1e11b82ab989b5cc92abe00bc36a1a3fb860c99693e1e50494f369cf08afba3645826dbd806466e2bb493d933826686b55bf14 EBUILD uwsgi-2.0.17.ebuild 12846 BLAKE2B 90fcbf6300de611aa3d7c930dd94c4a55c175656e2bbcdcc606e1b77df1b2e481fb31beedbb20b33db0bc3c4b0e8338661fd471ae7a088a5eaa386b66c4b9b39 SHA512 7940ac487b2ab57bca5790836c40e604fe5129449aac5d6de474f31a4fb1357ce0b724647e73639e2b3f062f0a9243106d352d2413424408f30c44ec9c3e59b4 MISC metadata.xml 1597 BLAKE2B ddee6196349d4be8f3b5ba5a370eeae27bbc834d41e9f3803a2e6aef0966b01f4decbefe0cc4df3f174dde6fe8189120218a598d67dbcde20bf4fc20ad535871 SHA512 6f31168a12d1c3a95cb140624584214fcefda352b4c4904425d633a6d94a74d30186e7fa25c19b6f97cc0ca6ab0a8253cdbcedd11df3be2a32400a6292f2877b diff --git a/www-servers/uwsgi/uwsgi-2.0.17.1.ebuild b/www-servers/uwsgi/uwsgi-2.0.17.1.ebuild new file mode 100644 index 000000000000..623312528d19 --- /dev/null +++ b/www-servers/uwsgi/uwsgi-2.0.17.1.ebuild @@ -0,0 +1,410 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +PYTHON_COMPAT=( python2_7 python3_{4,5,6,7} pypy ) +PYTHON_REQ_USE="threads(+)" + +RUBY_OPTIONAL="yes" +USE_RUBY="ruby22 ruby23 ruby24" + +PHP_EXT_INI="no" +PHP_EXT_NAME="dummy" +PHP_EXT_OPTIONAL_USE="php" +USE_PHP="php5-6 php7-0 php7-1 php7-2" # deps must be registered separately below + +MY_P="${P/_/-}" + +inherit apache-module eutils flag-o-matic multilib pax-utils php-ext-source-r3 python-r1 ruby-ng versionator + +DESCRIPTION="uWSGI server for Python web applications" +HOMEPAGE="http://projects.unbit.it/uwsgi/" +SRC_URI="https://github.com/unbit/uwsgi/archive/${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86 ~amd64-linux" + +UWSGI_PLUGINS_STD=( ping cache carbon nagios rpc rrdtool + http ugreen signal syslog rsyslog + router_{uwsgi,redirect,basicauth,rewrite,http,cache,static,memcached,redis,hash,expires,metrics} + {core,fast,raw,ssl}router + redislog mongodblog log{file,socket} + spooler cheaper_busyness symcall + transformation_{chunked,gzip,offload,tofile} + zergpool ) +UWSGI_PLUGINS_OPT=( alarm_{curl,xmpp} clock_{monotonic,realtime} curl_cron + dumbloop echo emperor_{amqp,pg,zeromq} forkptyrouter + geoip graylog2 legion_cache_fetch ldap log{crypto,pipe} notfound pam + rados router_{access,radius,spnego,xmldir} + sqlite ssi stats_pusher_statsd + systemd_logger transformation_toupper tuntap webdav xattr xslt zabbix ) + +LANG_SUPPORT_SIMPLE=( cgi mono perl ) # plugins which can be built in the main build process +LANG_SUPPORT_EXTENDED=( go lua php pypy python python_asyncio python_gevent ruby ) + +# plugins to be ignored (for now): +# cheaper_backlog2: example plugin +# coroae: TODO +# cplusplus: partially example code, needs explicit class +# dummy: no idea +# example: example plugin +# exception_log: example plugin +# *java*: TODO +# v8: TODO +# matheval: TODO +IUSE="apache2 +caps debug +embedded expat jemalloc json libressl +pcre +routing selinux +ssl +xml yajl yaml zeromq" + +for plugin in ${UWSGI_PLUGINS_STD[@]}; do IUSE="${IUSE} +uwsgi_plugins_${plugin}"; done +for plugin in ${UWSGI_PLUGINS_OPT[@]}; do IUSE="${IUSE} uwsgi_plugins_${plugin}"; done +IUSE="${IUSE} ${LANG_SUPPORT_SIMPLE[@]} ${LANG_SUPPORT_EXTENDED[@]}" + +REQUIRED_USE="|| ( ${LANG_SUPPORT_SIMPLE[@]} ${LANG_SUPPORT_EXTENDED[@]} ) + uwsgi_plugins_logcrypto? ( ssl ) + uwsgi_plugins_sslrouter? ( ssl ) + routing? ( pcre ) + uwsgi_plugins_emperor_zeromq? ( zeromq ) + uwsgi_plugins_forkptyrouter? ( uwsgi_plugins_corerouter ) + uwsgi_plugins_router_xmldir? ( xml !expat ) + pypy? ( python_targets_python2_7 ) + python? ( ${PYTHON_REQUIRED_USE} ) + python_asyncio? ( || ( python_targets_python3_4 python_targets_python3_5 python_targets_python3_6 python_targets_python3_7 ) python_gevent ) + python_gevent? ( python ) + expat? ( xml )" + +# util-linux is required for libuuid when requesting zeromq support +# Order: +# 1. Unconditional +# 2. General features +# 3. Plugins +# 4. Language/app support +CDEPEND="sys-libs/zlib + caps? ( sys-libs/libcap ) + json? ( !yajl? ( dev-libs/jansson ) + yajl? ( dev-libs/yajl ) ) + pcre? ( dev-libs/libpcre:3 ) + ssl? ( + !libressl? ( dev-libs/openssl:0 ) + libressl? ( dev-libs/libressl ) + ) + xml? ( !expat? ( dev-libs/libxml2 ) + expat? ( dev-libs/expat ) ) + yaml? ( dev-libs/libyaml ) + zeromq? ( net-libs/zeromq sys-apps/util-linux ) + uwsgi_plugins_alarm_curl? ( net-misc/curl ) + uwsgi_plugins_alarm_xmpp? ( net-libs/gloox ) + uwsgi_plugins_curl_cron? ( net-misc/curl ) + uwsgi_plugins_emperor_pg? ( dev-db/postgresql:= ) + uwsgi_plugins_geoip? ( dev-libs/geoip ) + uwsgi_plugins_ldap? ( net-nds/openldap ) + uwsgi_plugins_pam? ( virtual/pam ) + uwsgi_plugins_sqlite? ( dev-db/sqlite:3 ) + uwsgi_plugins_rados? ( sys-cluster/ceph ) + uwsgi_plugins_router_access? ( sys-apps/tcp-wrappers ) + uwsgi_plugins_router_spnego? ( virtual/krb5 ) + uwsgi_plugins_systemd_logger? ( sys-apps/systemd ) + uwsgi_plugins_webdav? ( dev-libs/libxml2 ) + uwsgi_plugins_xslt? ( dev-libs/libxslt ) + go? ( dev-lang/go:=[gccgo] ) + lua? ( dev-lang/lua:= ) + mono? ( =dev-lang/mono-4* ) + perl? ( dev-lang/perl:= ) + php? ( + php_targets_php5-6? ( dev-lang/php:5.6[embed] ) + php_targets_php7-0? ( dev-lang/php:7.0[embed] ) + php_targets_php7-1? ( dev-lang/php:7.1[embed] ) + php_targets_php7-2? ( dev-lang/php:7.2[embed] ) + ) + pypy? ( virtual/pypy ) + python? ( ${PYTHON_DEPS} ) + python_gevent? ( >=dev-python/gevent-1.3.5[${PYTHON_USEDEP}] ) + ruby? ( $(ruby_implementations_depend) )" +DEPEND="${CDEPEND} + virtual/pkgconfig" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-uwsgi ) + uwsgi_plugins_rrdtool? ( net-analyzer/rrdtool )" + +want_apache2 + +S="${WORKDIR}/${MY_P}" +APXS2_S="${S}/apache2" +APACHE2_MOD_CONF="42_mod_uwsgi-r2 42_mod_uwsgi" + +src_unpack() { + default +} + +pkg_setup() { + python_setup + use ruby && ruby-ng_pkg_setup + depend.apache_pkg_setup +} + +src_prepare() { + default + + sed -i \ + -e "s|'-O2', ||" \ + -e "s|'-Werror', ||" \ + -e "s|uc.get('plugin_dir')|uc.get('plugin_build_dir')|" \ + uwsgiconfig.py || die "sed failed" + + sed -i \ + -e "s|/lib|/$(get_libdir)|" \ + plugins/php/uwsgiplugin.py || die "sed failed" +} + +src_configure() { + local embedded_plugins=() + local plugins=() + local malloc_impl="libc" + local json="false" + local xml="false" + + for p in ${UWSGI_PLUGINS_STD[@]} ${UWSGI_PLUGINS_OPT[@]} ; do + use uwsgi_plugins_${p} && embedded_plugins+=("${p}") + done + for p in ${LANG_SUPPORT_SIMPLE[@]} ; do + use ${p} && plugins+=("${p}") + done + + # do not embed any plugins + if ! use embedded; then + plugins=( ${plugins[@]} ${embedded_plugins[@]} ) + embedded_plugins=() + fi + + # flatten the arrays + plugins=${plugins[@]} + embedded_plugins=${embedded_plugins[@]} + + # rename some of the use flags, language plugins are always real plugins + plugins="${plugins/perl/psgi}" + plugins="${plugins/sqlite/sqlite3}" + embedded_plugins="${embedded_plugins/sqlite/sqlite3}" + + # override defaults as requested by the user + if use xml; then + use expat && xml="expat" || xml="libxml2" + fi + if use json; then + use yajl && json="yajl" || json="jansson" + fi + use jemalloc && malloc_impl="jemalloc" + + # prepare the buildconf for gentoo + cp "${FILESDIR}"/gentoo.buildconf buildconf/gentoo.ini || die + sed -i \ + -e "s|VAR_XML|${xml}|" \ + -e "s|VAR_YAML|$(usex yaml libyaml true)|" \ + -e "s|VAR_JSON|${json}|" \ + -e "s|VAR_SSL|$(usex ssl true false)|" \ + -e "s|VAR_PCRE|$(usex pcre true false)|" \ + -e "s|VAR_ZMQ|$(usex zeromq true false)|" \ + -e "s|VAR_ROUTING|$(usex routing true false)|" \ + -e "s|VAR_DEBUG|$(usex debug true false)|" \ + -e "s|VAR_MALLOC|${malloc_impl}|" \ + -e "s|VAR_PLUGINS|${plugins// /, }|" \ + -e "s|VAR_PLUGIN_DIR|${EPREFIX}/usr/$(get_libdir)/uwsgi|" \ + -e "s|VAR_BUILD_DIR|${T}/plugins|" \ + -e "s|VAR_EMBEDDED|${embedded_plugins// /, }|" \ + buildconf/gentoo.ini || die "sed failed" + + if ! use caps; then + sed -i -e 's|sys/capability.h|DISABLED|' uwsgiconfig.py || die "sed failed" + fi + + if ! use zeromq; then + sed -i -e 's|uuid/uuid.h|DISABLED|' uwsgiconfig.py || die "sed failed" + fi + + if use uwsgi_plugins_emperor_pg ; then + PGPV="$(best_version dev-db/postgresql)" + PGSLOT="$(get_version_component_range 1-2 ${PGPV##dev-db/postgresql-})" + sed -i \ + -e "s|pg_config|pg_config${PGSLOT/.}|" \ + plugins/emperor_pg/uwsgiplugin.py || die "sed failed" + fi +} + +each_ruby_compile() { + cd "${WORKDIR}/${MY_P}" || die "sed failed" + + UWSGICONFIG_RUBYPATH="${RUBY}" python uwsgiconfig.py --plugin plugins/rack gentoo rack_${RUBY##*/} || die "building plugin for ${RUBY} failed" + UWSGICONFIG_RUBYPATH="${RUBY}" python uwsgiconfig.py --plugin plugins/fiber gentoo fiber_${RUBY##*/}|| die "building fiber plugin for ${RUBY} failed" + UWSGICONFIG_RUBYPATH="${RUBY}" python uwsgiconfig.py --plugin plugins/rbthreads gentoo rbthreads_${RUBY##*/}|| die "building rbthreads plugin for ${RUBY} failed" +} + +python_compile_plugins() { + local EPYV + local PYV + EPYV=${EPYTHON/.} + PYV=${EPYV/python} + + if [[ ${EPYTHON} == pypy* ]]; then + einfo "skipping because pypy is not meant to build plugins on its own" + return + fi + + ${PYTHON} uwsgiconfig.py --plugin plugins/python gentoo ${EPYV} || die "building plugin for ${EPYTHON} failed" + + if use python_asyncio ; then + if [[ "${PYV}" == "34" || "${PYV}" == "35" ]] ; then + ${PYTHON} uwsgiconfig.py --plugin plugins/asyncio gentoo asyncio${PYV} || die "building plugin for asyncio-support in ${EPYTHON} failed" + fi + fi + + if use python_gevent ; then + ${PYTHON} uwsgiconfig.py --plugin plugins/gevent gentoo gevent${PYV} || die "building plugin for gevent-support in ${EPYTHON} failed" + fi + + if use pypy ; then + if [[ "${PYV}" == "27" ]] ; then + # TODO: do some proper patching ? The wiki didn't help... I gave up for now. + # QA: RWX --- --- usr/lib64/uwsgi/pypy_plugin.so + append-ldflags -Wl,-z,noexecstack + ${PYTHON} uwsgiconfig.py --plugin plugins/pypy gentoo pypy || die "building plugin for pypy-support in ${EPYTHON} failed" + fi + fi +} + +python_install_symlinks() { + dosym uwsgi /usr/bin/uwsgi_${EPYTHON/.} +} + +src_compile() { + mkdir -p "${T}/plugins" || die + + python uwsgiconfig.py --build gentoo || die "building uwsgi failed" + + if use go ; then + python uwsgiconfig.py --plugin plugins/gccgo gentoo || die "building plugin for go failed" + fi + + if use lua ; then + # setting the name for the pkg-config file to lua, since we don't have + # slotted lua + UWSGICONFIG_LUAPC="lua" python uwsgiconfig.py --plugin plugins/lua gentoo || die "building plugin for lua failed" + fi + + if use php ; then + for s in $(php_get_slots); do + UWSGICONFIG_PHPDIR="/usr/$(get_libdir)/${s}" python uwsgiconfig.py --plugin plugins/php gentoo ${s/.} || die "building plugin for ${s} failed" + done + fi + + if use python ; then + python_foreach_impl python_compile_plugins + fi + + if use ruby ; then + ruby-ng_src_compile + fi + + if use apache2 ; then + for m in proxy_uwsgi Ruwsgi uwsgi ; do + APXS2_ARGS="-c mod_${m}.c" + apache-module_src_compile + done + fi +} + +src_install() { + dobin uwsgi + pax-mark m "${D}"/usr/bin/uwsgi + + insinto /usr/$(get_libdir)/uwsgi + doins "${T}/plugins"/*.so + + use cgi && dosym uwsgi /usr/bin/uwsgi_cgi + use go && dosym uwsgi /usr/bin/uwsgi_go + use lua && dosym uwsgi /usr/bin/uwsgi_lua + use mono && dosym uwsgi /usr/bin/uwsgi_mono + use perl && dosym uwsgi /usr/bin/uwsgi_psgi + + if use php ; then + for s in $(php_get_slots); do + dosym uwsgi /usr/bin/uwsgi_${s/.} + done + fi + + if use python ; then + python_foreach_impl python_install_symlinks + python_foreach_impl python_domodule uwsgidecorators.py + fi + + if use apache2; then + for m in proxy_uwsgi Ruwsgi uwsgi ; do + APACHE2_MOD_FILE="${APXS2_S}/.libs/mod_${m}.so" + apache-module_src_install + done + fi + + newinitd "${FILESDIR}"/uwsgi.initd-r7 uwsgi + newconfd "${FILESDIR}"/uwsgi.confd-r4 uwsgi + keepdir /etc/"${PN}".d + use uwsgi_plugins_spooler && keepdir /var/spool/"${PN}" +} + +pkg_postinst() { + if use apache2 ; then + elog "Three Apache modules have been installed: mod_proxy_uwsgi, mod_uwsgi and mod_Ruwsgi." + elog "You can enable them with -D PROXY_UWSGI, -DUWSGI or -DRUWSGI in /etc/conf.d/apache2." + elog "mod_uwsgi and mod_Ruwsgi have the same configuration interface and define the same symbols." + elog "Therefore you can enable only one of them at a time." + elog "mod_uwsgi is commercially supported by Unbit and stable but a bit hacky." + elog "mod_Ruwsgi is newer and more Apache-API friendly but not commercially supported." + elog "mod_proxy_uwsgi is a proxy module, considered stable and is now the recommended module." + fi + + elog "Append the following options to the uwsgi call to load the respective language plugin:" + use cgi && elog " '--plugins cgi' for cgi" + use lua && elog " '--plugins lua' for lua" + use mono && elog " '--plugins mono' for mono" + use perl && elog " '--plugins psgi' for perl" + + if use php ; then + for s in $(php_get_slots); do + elog " '--plugins ${s/.}' for ${s}" + done + fi + + python_pkg_postinst() { + local EPYV + local PYV + EPYV=${EPYTHON/.} + PYV=${EPYV/python} + + if [[ ${EPYTHON} == pypy* ]] ; then + elog " '--plugins pypy' for pypy" + return + fi + + elog " " + elog " '--plugins ${EPYV}' for ${EPYTHON}" + if use python_asyncio ; then + if [[ ${EPYV} == python34 ]] ; then + elog " '--plugins ${EPYV},asyncio${PYV}' for asyncio support in ${EPYTHON}" + else + elog " (asyncio is only supported in python3.4)" + fi + fi + if use python_gevent ; then + elog " '--plugins ${EPYV},gevent${PYV}' for gevent support in ${EPYTHON}" + fi + } + + use python && python_foreach_impl python_pkg_postinst + + if use ruby ; then + for ruby in $USE_RUBY; do + if use ruby_targets_${ruby} ; then + elog " '--plugins rack_${ruby/.}' for ${ruby}" + elog " '--plugins fiber_${ruby/.}' for ${ruby} fibers" + elog " '--plugins rbthreads_${ruby/.}' for ${ruby} rbthreads" + fi + done + fi +} -- cgit v1.2.3