New port: security/tailscale

Tailscale is a mesh VPN alternative, based on WireGuard, that connects your computers, databases, and services together securely without any proxies. WWW: https://tailscale.com/ Reviewed by: dmgk Differential Revision: https://reviews.freebsd.org/D24376
svn path=/head/; revision=531609
2020-04-13 14:51:25 +00:00 · 2020-04-13 14:51:25 +00:00 · 3a2febe8ae · 2021-03-31 03:12:20 +00:00
commit 3a2febe8ae
parent 3c0117599c
5 changed files with 142 additions and 0 deletions
--- a/security/Makefile
+++ b/security/Makefile
@ -1233,6 +1233,7 @@
    SUBDIR += swatchdog
    SUBDIR += switzerland
    SUBDIR += symbion-sslproxy
+    SUBDIR += tailscale
    SUBDIR += tclsasl
    SUBDIR += tcpcrypt
    SUBDIR += teleport
--- a/security/tailscale/Makefile
+++ b/security/tailscale/Makefile
@ -0,0 +1,39 @@
+# $FreeBSD$
+
+PORTNAME=	tailscale
+PORTVERSION=	0.97
+DISTVERSIONPREFIX=	v
+CATEGORIES=	security
+
+MAINTAINER=	mikael@FreeBSD.org
+COMMENT=	Mesh VPN that makes it easy to connect your devices
+
+LICENSE=	BSD3CLAUSE
+LICENSE_FILE=	${WRKSRC}/LICENSE
+
+USES=		go:modules
+
+USE_GITHUB=	yes
+GH_TUPLE=	\
+		apenwarr:fixconsole:5a9f6489cc29:apenwarr_fixconsole/vendor/github.com/apenwarr/fixconsole \
+		golang:crypto:f7b00557c8c4:golang_crypto/vendor/golang.org/x/crypto \
+		golang:groupcache:8c9f03a8e57e:golang_groupcache/vendor/github.com/golang/groupcache \
+		golang:net:244492dfa37a:golang_net/vendor/golang.org/x/net \
+		golang:oauth2:bf48bf16ab8d:golang_oauth2/vendor/golang.org/x/oauth2 \
+		golang:sync:cd5d95a43a6e:golang_sync/vendor/golang.org/x/sync \
+		golang:sys:a7d97aace0b0:golang_sys/vendor/golang.org/x/sys \
+		golang:time:555d28b269f0:golang_time/vendor/golang.org/x/time \
+		klauspost:compress:v1.9.8:klauspost_compress/vendor/github.com/klauspost/compress \
+		pborman:getopt:ee0cd42419d3:pborman_getopt/vendor/github.com/pborman/getopt \
+		peterbourgon:ff:v2.0.0:peterbourgon_ff/vendor/github.com/peterbourgon/ff/v2 \
+		rsc:goversion:v1.2.0:rsc_goversion/vendor/rsc.io/goversion \
+		tailscale:wireguard-go:239518935266:tailscale_wireguard_go/vendor/github.com/tailscale/wireguard-go
+USE_RC_SUBR=	tailscaled
+
+GO_TARGET=	./cmd/tailscale \
+		./cmd/tailscaled
+
+PLIST_FILES=	bin/tailscale  \
+		bin/tailscaled
+
+.include <bsd.port.mk>
--- a/security/tailscale/distinfo
+++ b/security/tailscale/distinfo
@ -0,0 +1,29 @@
+TIMESTAMP = 1586695277
+SHA256 (tailscale-tailscale-v0.97_GH0.tar.gz) = 7ec7fca43e4f850aa09d9fc70a726f9550df8f6810ac51b2a202e5e9d64ed40b
+SIZE (tailscale-tailscale-v0.97_GH0.tar.gz) = 198882
+SHA256 (apenwarr-fixconsole-5a9f6489cc29_GH0.tar.gz) = 60a7c20f3c7253049c70bcef2d5cfbc4f33eea5250e7f820eb48748b0a505418
+SIZE (apenwarr-fixconsole-5a9f6489cc29_GH0.tar.gz) = 6349
+SHA256 (golang-crypto-f7b00557c8c4_GH0.tar.gz) = 029c7e2c21a3b1a5df481e441b58f89d7c6ade793d6155ca01e23094047e3598
+SIZE (golang-crypto-f7b00557c8c4_GH0.tar.gz) = 1727281
+SHA256 (golang-groupcache-8c9f03a8e57e_GH0.tar.gz) = b92f918daa48048fd360f14d1a4aed6e70c1176ae6b00b0dc04094bb088e9865
+SIZE (golang-groupcache-8c9f03a8e57e_GH0.tar.gz) = 26047
+SHA256 (golang-net-244492dfa37a_GH0.tar.gz) = 511fcc4f88e15cf97dccca6ea4bdde6d240ebd7e1b14212a0447fc4f5b54031c
+SIZE (golang-net-244492dfa37a_GH0.tar.gz) = 1172556
+SHA256 (golang-oauth2-bf48bf16ab8d_GH0.tar.gz) = 28b3a51a8bd90beb5952d1080218ea238127edfe9455ad48921989619ff918a8
+SIZE (golang-oauth2-bf48bf16ab8d_GH0.tar.gz) = 47016
+SHA256 (golang-sync-cd5d95a43a6e_GH0.tar.gz) = 00a6dce4c1a9ca9edae6c3f1bedc0b15911c62681371ad9ed7738e182ba70393
+SIZE (golang-sync-cd5d95a43a6e_GH0.tar.gz) = 16956
+SHA256 (golang-sys-a7d97aace0b0_GH0.tar.gz) = aa2b3847a5a1f32b33ba4c42a6bb2d89005e2590236f106f95e1f8baf92572fd
+SIZE (golang-sys-a7d97aace0b0_GH0.tar.gz) = 1042410
+SHA256 (golang-time-555d28b269f0_GH0.tar.gz) = 8ce368da65025dad4e4ed302a5835e2b3579f3a111721f9b275803519a5d10b3
+SIZE (golang-time-555d28b269f0_GH0.tar.gz) = 9577
+SHA256 (klauspost-compress-v1.9.8_GH0.tar.gz) = 875db400d8bd838ce050db5931f540c17186f6ec2630420238da48be7bac1f56
+SIZE (klauspost-compress-v1.9.8_GH0.tar.gz) = 16106285
+SHA256 (pborman-getopt-ee0cd42419d3_GH0.tar.gz) = 8eaa2477da03612e053997e0cc0f541947e8cbd3b6e89c4bed628341a58623f2
+SIZE (pborman-getopt-ee0cd42419d3_GH0.tar.gz) = 39691
+SHA256 (peterbourgon-ff-v2.0.0_GH0.tar.gz) = f281421980071b90b5525900d4471fcf94f256c5453b6188f37ecef71a2d80a1
+SIZE (peterbourgon-ff-v2.0.0_GH0.tar.gz) = 25295
+SHA256 (rsc-goversion-v1.2.0_GH0.tar.gz) = 65e9c181995ed8c9207ea08d79a148ab53307b7fad2172a5a0764d6aa393a98e
+SIZE (rsc-goversion-v1.2.0_GH0.tar.gz) = 8586
+SHA256 (tailscale-wireguard-go-239518935266_GH0.tar.gz) = 1dbd175c4028f2ed66c7ac4b685d6a945a6163faa6192ccf243a7adb897aee21
+SIZE (tailscale-wireguard-go-239518935266_GH0.tar.gz) = 114538
--- a/security/tailscale/files/tailscaled.in
+++ b/security/tailscale/files/tailscaled.in
@ -0,0 +1,69 @@
+#!/bin/sh
+
+# $FreeBSD$
+#
+# PROVIDE: tailscaled
+# REQUIRE: networking
+# KEYWORD: shutdown
+#
+# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
+# to enable this service:
+#
+# tailscaled_enable (bool):	Set it to YES to enable tailscaled.
+#			Default is "NO".
+# tailscaled_syslog_output_enable (bool):	Set to enable syslog output.
+#					Default is "NO". See daemon(8).
+# tailscaled_syslog_output_priority (str):	Set syslog priority if syslog enabled.
+#					Default is "info". See daemon(8).
+# tailscaled_syslog_output_facility (str):	Set syslog facility if syslog enabled.
+#					Default is "daemon". See daemon(8).
+
+. /etc/rc.subr
+
+name=tailscaled
+rcvar=tailscaled_enable
+
+load_rc_config $name
+
+: ${tailscaled_enable:="NO"}
+
+DAEMON=$(/usr/sbin/daemon 2>&1 | grep -q syslog ; echo $?)
+if [ ${DAEMON} -eq 0 ]; then
+        : ${tailscaled_syslog_output_enable:="NO"}
+        : ${tailscaled_syslog_output_priority:="info"}
+        : ${tailscaled_syslog_output_facility:="daemon"}
+        if checkyesno tailscaled_syslog_output_enable; then
+                tailscaled_syslog_output_flags="-t ${name} -T ${name}"
+
+                if [ -n "${tailscaled_syslog_output_priority}" ]; then
+                        tailscaled_syslog_output_flags="${tailscaled_syslog_output_flags} -s ${tailscaled_syslog_output_priority}"
+                fi
+
+                if [ -n "${tailscaled_syslog_output_facility}" ]; then
+                        tailscaled_syslog_output_flags="${tailscaled_syslog_output_flags} -l ${tailscaled_syslog_output_facility}"
+                fi
+        fi
+else
+        tailscaled_syslog_output_enable="NO"
+        tailscaled_syslog_output_flags=""
+fi
+
+pidfile=/var/run/tailscaled.pid
+procname="%%PREFIX%%/bin/tailscaled"
+command="/usr/sbin/daemon"
+command_args="-f ${tailscaled_syslog_output_flags} -p ${pidfile} ${procname}"
+
+# XXX: Can we have multiple interface?
+tailscale_tap_dev="tailscale0"
+
+stop_postcmd="${name}_poststop"
+
+tailscaled_poststop()
+{
+	/sbin/ifconfig ${tailscale_tap_dev} >/dev/null 2>&1 && (
+		logger -s -t tailscaled "Destroying tailscale0 adapter"
+		/sbin/ifconfig ${tailscale_tap_dev} destroy || logger -s -t tailscaled "Failed to destroy ${tailscale_tap_dev} adapter"
+	)
+}
+
+run_rc_command "$1"
--- a/security/tailscale/pkg-descr
+++ b/security/tailscale/pkg-descr
@ -0,0 +1,4 @@
+Tailscale is a mesh VPN alternative, based on WireGuard, that connects your
+computers, databases, and services together securely without any proxies.
+
+WWW: https://tailscale.com/