diyIT/FreeBSD
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

May 1, 2025 update

Browse Source
This commit is contained in:
Sharad Ahlawat
2025-05-01 21:19:17 -07:00
parent a2cdf26594
commit b33d54d723
261 changed files with 2451 additions and 12859 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
jails/config/pkgp/make.conf
View File

@ -1,3 +1,17 @@
WANT_OPENLDAP_SASL=yes
#WANT_OPENLDAP_SASL=yes
LICENSES_ACCEPTED+=DCC
WITH_CCACHE_BUILD=yes
DEFAULT_VERSIONS+=SSL=openssl31-quictls
OPTIONS_UNSET+=GSSAPI_BASE KRB_BASE KRB5_BASE KERBEROS KERBEROS5
OPTIONS_SET+=GSSAPI_NONE KRB_NONE KRB5_NONE LDAP LDAPS SASL
#pkg level configs
mail_dcc-dccd_SET+=PORTS_MILTER
mail_dovecot_SET+=LZ4 ICU SOLR
mail_rspamd_SET+=HYPERSCAN
net_haproxy_UNSET+=DPCRE2
net_haproxy_SET+=SPCRE2
security_cyrus-sasl2_UNSET+=OTP
shells_bash_UNSET+=PORTS_READLINE
www_apache24_SET+=AUTHNZ_LDAP
www_gitea_SET+=BINDATA
www_nginx_SET+=HTTPV3_QTLS

4
jails/config/pkgp/mypkgs
View File

@ -4,7 +4,7 @@ net/openldap26-server
net/openldap26-client
security/cyrus-sasl2
www/apache24
www/nginx-devel
www/nginx
devel/apr1
mail/postfix
mail/dovecot
@ -12,7 +12,7 @@ mail/dovecot-pigeonhole
mail/rspamd
mail/dcc-dccd
net/netatalk3
net/samba413
net/samba416
net/nss-pam-ldapd
net/nss-pam-ldapd-sasl
www/gitea

19
jails/config/pkgp/mypkgs.orig
View File

@ -1,19 +0,0 @@
net/haproxy
net/openldap24-server
net/openldap24-client
security/cyrus-sasl2
www/apache24
www/nginx-devel
devel/apr1
net/php81-ldap
net/php80-ldap
mail/postfix
mail/dovecot
mail/dovecot-pigeonhole
mail/rspamd
mail/dcc-dccd
net/netatalk3
net/samba413
net/nss-pam-ldapd
net/nss-pam-ldapd-sasl
www/gitea

34
jails/config/pkgp/nginx.conf
View File

@ -42,9 +42,20 @@ http {
}
}
# https://ssl-config.mozilla.org/#server=nginx&version=1.27.3&config=modern&openssl=3.1.0&guideline=5.7
server {
listen *:443 ssl http2;
listen [::]:443 ssl http2;
listen *:443 quic reuseport;
listen [::]:443 quic reuseport;
listen *:443 ssl;
listen [::]:443 ssl;
ssl_early_data on;
quic_retry on;
http3 on;
http3_hq on;
http2 on;
server_name pkgp.ahlawat.com;
root /usr/local/share/poudriere/html;
@ -67,14 +78,20 @@ http {
ssl_stapling_verify on;
# verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /mnt/certs/fullchain.pem;
ssl_trusted_certificate /mnt/certs/cacert.pem;
# async 'resolver' is important for proper operation of OCSP stapling
resolver 192.168.0.5;
location /data {
add_header Alt-Svc 'h3=":443"; ma=86400';
alias /mnt/poudriere/data/logs/bulk;
autoindex on;
}
location /packages {
add_header Alt-Svc 'h3=":443"; ma=86400';
root /mnt/poudriere/data;
autoindex on;
}
@ -130,7 +147,7 @@ http {
listen [::]:8001;
server_name localhost;
location / {
proxy_pass http://pkg0.tuk.FreeBSD.org;
proxy_pass http://pkg0.pao.FreeBSD.org;
}
}
@ -187,7 +204,6 @@ http {
server localhost:8011;
server localhost:8012;
server localhost:8013;
server localhost:8014;
}
server {
@ -216,13 +232,5 @@ http {
proxy_pass http://update5.FreeBSD.org;
}
}
server {
listen *:8014;
listen [::]:8014;
server_name localhost;
location / {
proxy_pass http://update4.FreeBSD.org;
}
}
}

6
jails/config/pkgp/pkgp.conf
View File

@ -5,16 +5,14 @@ FreeBSD: {
pkgp-freebsd-pkg: {
url: "http://pkgp-freebsd-pkg.ahlawat.com/${ABI}/latest",
mirror_type: "http",
enabled: yes,
priority: 10
}
pkgp123: {
url: "http://pkgp.ahlawat.com/packages/pj123-default",
mirror_type: "http",
signature_type: "pubkey",
pubkey: "/mnt/data/apps/certs/poudriere.cert",
enabled: no,
pubkey: "/mnt/certs/poudriere.cert",
enabled: yes,
priority: 100
}

17
jails/config/pkgp/poudriere.conf
View File

@ -47,7 +47,7 @@ BASEFS=/poudriere
#POUDRIERE_DATA=${BASEFS}/data
# Use portlint to check ports sanity
USE_PORTLINT=no
USE_PORTLINT=yes
# When building packages, a memory device can be used to speedup the build.
# Only one of MFSSIZE or USE_TMPFS is supported. TMPFS is generally faster
@ -66,16 +66,17 @@ USE_PORTLINT=no
# yes - Enables tmpfs(5) for wrkdir and data
# no - Disable use of tmpfs(5)
# EXAMPLE: USE_TMPFS="wrkdir data"
USE_TMPFS="wrkdir localbase"
#USE_TMPFS="wrkdir data localbase"
USE_TMPFS=all
# let ZFS do its caching magic
# How much memory to limit tmpfs size to for *each builder* in GiB
# (default: none)
#TMPFS_LIMIT=8
TMPFS_LIMIT=64
# How much memory to limit jail processes to for *each builder*
# in GiB (default: none)
MAX_MEMORY=8
MAX_MEMORY=64
# How many file descriptors to limit each jail process to (default: 1024)
# This can also be set per PKGBASE, such as MAX_FILES_RStudio=2048.
@ -160,7 +161,7 @@ CCACHE_DIR=/mnt/cache/ccache
# by specifying the -J flag to bulk/testport.
#
# Example to define PARALLEL_JOBS to one single job
PARALLEL_JOBS=8
PARALLEL_JOBS=2
# How many jobs should be used for preparing the build? These tend to
# be more IO bound and may be worth tweaking. Default: PARALLEL_JOBS * 1.25
@ -200,7 +201,7 @@ NOLINUX=yes
# List of packages that will always be allowed to use MAKE_JOBS
# regardless of ALLOW_MAKE_JOBS. This is useful for allowing ports
# which holdup the rest of the queue to build more quickly.
ALLOW_MAKE_JOBS_PACKAGES="pkg ccache py* llvm*"
ALLOW_MAKE_JOBS_PACKAGES="pkg ccache py* llvm* gcc* rust* node* firefox*"
# Timestamp every line of build logs
# Default: no
@ -282,7 +283,7 @@ PRESERVE_TIMESTAMP=yes
# Define pkgname globs to boost priority for
# Default: none
PRIORITY_BOOST="llvm*"
PRIORITY_BOOST="llvm* rust"
# Define format for buildnames
# Default: %Y-%m-%d_%Hh%Mm%Ss
@ -317,4 +318,4 @@ PRIORITY_BOOST="llvm*"
# Set to track remaining ports in the HTML interface. This can slow down
# processing of the queue slightly, especially for bulk -a builds.
# Default: no
#HTML_TRACK_REMAINING=yes
HTML_TRACK_REMAINING=yes