New Port: security/modsecurity-nginx

The ModSecurity-nginx connector is the connection point between Nginx and libmodsecurity (ModSecurity v3). Said another way, this project provides a communication channel between Nginx and libmodsecurity. This connector is required to use LibModSecurity with Nginx. The ModSecurity-nginx connector takes the form of an Nginx module. The module simply serves as a layer of communication between Nginx and ModSecurity. Notice that this project depends on libmodsecurity rather than ModSecurity (version 2.9 or less). WWW: https://github.com/SpiderLabs/ModSecurity-nginx Sponsored by: Netzkommune GmbH
svn path=/head/; revision=506807
2019-07-17 16:30:35 +00:00 · 2019-07-17 16:30:35 +00:00 · ee03ae3ca0 · 2021-03-31 03:12:20 +00:00
commit ee03ae3ca0
parent e65974df1d
4 changed files with 105 additions and 0 deletions
--- a/security/Makefile
+++ b/security/Makefile
@ -371,6 +371,7 @@
    SUBDIR += mkp224o
    SUBDIR += modsecurity3
    SUBDIR += modsecurity3-apache
+    SUBDIR += modsecurity3-nginx
    SUBDIR += monkeysphere
    SUBDIR += morphis
    SUBDIR += munge
--- a/security/modsecurity3-nginx/Makefile
+++ b/security/modsecurity3-nginx/Makefile
@ -0,0 +1,89 @@
+# $FreeBSD$
+
+PORTNAME=	modsecurity3-nginx
+DISTVERSION=	g20181129
+CATEGORIES=	security www
+MASTER_SITES=	http://nginx.org/download/
+DISTFILES=	${_NGINX_DISTNAME}${EXTRACT_SUFX}
+
+MAINTAINER=	joneum@FreeBSD.org
+COMMENT=	Intrustion detection and prevention engine / nginx Wrapper
+
+LICENSE=	APACHE20
+LICENSE_FILE=	${WRKSRC}/LICENSE
+
+LIB_DEPENDS=	libmodsecurity.so:security/modsecurity3
+
+USE_GITHUB=	nodefault
+GH_TUPLE=	SpiderLabs:ModSecurity-nginx:d7101e1:modsecurity3
+
+HAS_CONFIGURE=	yes
+# Most arguments should be derived from www/nginx's Makefile to be in sync
+CONFIGURE_ARGS+=	--prefix=${PREFIX}/etc/nginx \
+			--with-cc-opt="-I ${LOCALBASE}/include" \
+			--with-ld-opt="-L ${LOCALBASE}/lib" \
+			--conf-path=${PREFIX}/etc/nginx.conf \
+			--sbin-path=${PREFIX}/sbin/nginx \
+			--pid-path=${_NGINX_RUNDIR}/nginx.pid \
+			--error-log-path=${_NGINX_ERRORLOG} \
+			--user=${WWWOWN} --group=${WWWGRP} \
+			--modules-path=${_MODULESDIR} \
+			--with-file-aio \
+			--http-client-body-temp-path=${_NGINX_TMPDIR}/client_body_temp \
+			--http-fastcgi-temp-path=${_NGINX_TMPDIR}/fastcgi_temp \
+			--http-proxy-temp-path=${_NGINX_TMPDIR}/proxy_temp \
+			--http-scgi-temp-path=${_NGINX_TMPDIR}/scgi_temp \
+			--http-uwsgi-temp-path=${_NGINX_TMPDIR}/uwsgi_temp \
+			--http-log-path=${_NGINX_ACCESSLOG} \
+			--with-http_v2_module \
+			--with-http_addition_module \
+			--with-http_auth_request_module \
+			--with-http_dav_module \
+			--with-http_flv_module \
+			--with-http_gunzip_module \
+			--with-http_gzip_static_module \
+			--with-http_mp4_module \
+			--with-http_random_index_module \
+			--with-http_realip_module \
+			--with-pcre \
+			--with-http_secure_link_module \
+			--with-http_slice_module \
+			--with-http_ssl_module \
+			--with-http_stub_status_module \
+			--with-http_sub_module \
+			--without-mail_imap_module \
+			--without-mail_pop3_module \
+			--without-mail_smtp_module \
+			--with-mail_ssl_module \
+			--with-stream_ssl_module \
+			--with-stream_ssl_preread_module \
+			--with-threads \
+			--with-mail=dynamic \
+			--with-stream=dynamic \
+			--add-dynamic-module=${WRKSRC_modsecurity3}
+
+ALL_TARGET=
+
+WRKSRC=		${WRKDIR}/${_NGINX_DISTNAME}
+
+PLIST_FILES=	${_MODULESDIR}/ngx_http_modsecurity_module.so
+
+# These variables should be derived from www/nginx's Makefile
+_MODULESDIR=		${PREFIX}/libexec/nginx
+_NGINX_ACCESSLOG=	${_NGINX_LOGDIR}/access.log
+_NGINX_ERRORLOG=	${_NGINX_LOGDIR}/error.log
+_NGINX_LOGDIR=		${_NGINX_VARDIR}/log/nginx
+_NGINX_RUNDIR=		${_NGINX_VARDIR}/run
+_NGINX_TMPDIR=		${_NGINX_VARDIR}/tmp/nginx
+_NGINX_VARDIR=	/var
+
+_NGINX_PORTNAME=	nginx
+_NGINX_PORTVERSION=	1.16.0
+_NGINX_DISTNAME=	${_NGINX_PORTNAME}-${_NGINX_PORTVERSION}
+
+do-install:
+	@${MKDIR} ${STAGEDIR}${_MODULESDIR}
+	${INSTALL_PROGRAM} ${WRKSRC}/objs/ngx_http_modsecurity_module.so \
+		${STAGEDIR}${_MODULESDIR}
+
+.include <bsd.port.mk>
--- a/security/modsecurity3-nginx/distinfo
+++ b/security/modsecurity3-nginx/distinfo
@ -0,0 +1,5 @@
+TIMESTAMP = 1563349030
+SHA256 (nginx-1.16.0.tar.gz) = 4fd376bad78797e7f18094a00f0f1088259326436b537eb5af69b01be2ca1345
+SIZE (nginx-1.16.0.tar.gz) = 1032345
+SHA256 (SpiderLabs-ModSecurity-nginx-d7101e1_GH0.tar.gz) = 8e894a323911d5ee0222ac23fbe3379ed42431bd53c76bc416f97fa7f031e3f9
+SIZE (SpiderLabs-ModSecurity-nginx-d7101e1_GH0.tar.gz) = 31723
--- a/security/modsecurity3-nginx/pkg-descr
+++ b/security/modsecurity3-nginx/pkg-descr
@ -0,0 +1,10 @@
+The ModSecurity-nginx connector is the connection point between Nginx and libmodsecurity
+(ModSecurity v3). Said another way, this project provides a communication channel between Nginx
+and libmodsecurity. This connector is required to use LibModSecurity with Nginx.
+
+The ModSecurity-nginx connector takes the form of an Nginx module.
+The module simply serves as a layer of communication between Nginx and ModSecurity.
+
+Notice that this project depends on libmodsecurity rather than ModSecurity (version 2.9 or less).
+
+WWW: https://github.com/SpiderLabs/ModSecurity-nginx