Neolink allows you to use NVR software such as Shinobi or Blue Iris to
receive video from Reolink cameras, avoiding the need to purchase
proprietary NVR units.
WWW: https://github.com/thirtythreeforty/neolink
OpenSearch is a fork of Elasticsearch which aims to be a Distributed,
RESTful, Search Engine built on top of Apache Lucene.
WWW: http://opensearch.org
PR: 257558
With hat: opensearch
An efficient Matrix homeserver that's easy to set up
and just works. You can install it on a mini-computer
like the Raspberry Pi to host Matrix for your family,
friends or company.
WWW: https://conduit.rs/
Krill is a free, open source RPKI Certificate Authority that lets you
run delegated RPKI under one or multiple Regional Internet Registries
(RIRs). Through its built-in publication server, Krill can publish Route
Origin Authorisations (ROAs) on your own servers or with a third party.
WWW: https://www.nlnetlabs.nl/projects/rpki/krill/
PR: 257355
Biboumi is a Free, Libre and Open Source XMPP gateway that connects to
IRC servers and translates between the two protocols. Its goal is to
let XMPP users take part in IRC discussions, using their favourite XMPP
client.
WWW: https://biboumi.louiz.org/
PR: 250705
Bazarr is a companion application to Sonarr and Radarr that manages and
downloads subtitles based on your requirements.
- net-p2p/bazarr uses latest stable release
- net-p2p/bazarr-devel uses beta builds (created automatically from
development branch once a day, if there were changes to that branch)
- Ports dont have bundled dependencies unbundled (yet).
Talked this over with upstream, they are not going to unbundle
for support-workload avoidance and ease-of-install they get from the
fact they bundle all dependencies on specific versions.
- Reserve UID and GID for bazarr daemon process
- Add to net-p2p/Makefile
- The plists are auto-generated as in multimedia/tautulli.
Website: https://www.bazarr.media
Changelog: https://github.com/morpheus65535/bazarr/releases
Bugtracker: https://github.com/morpheus65535/bazarr/issues
PR: 243967
Fully featured and highly configurable SFTP server with optional FTP/S
and WebDAV support, written in Go. Several storage backends are
supported: local filesystem, encrypted local filesystem,
S3 (compatible) Object Storage, Google Cloud Storage,
Azure Blob Storage, SFTP.
WWW: https://github.com/drakkan/sftpgo
Approved by: koobs
Differential Revision: https://reviews.freebsd.org/D30661
Summary:
Pydio cells uses a custom version of packr to embed the static
resources into the `cells` binary. Previously, the embedding process
was not peformed, resulting in a non-functional binary. When trying
to use the app, user will just get "404 Not Found" error instead of
a web page.
To fix this - before the build `gmake generate` has to be performed
in the WRKSRC, and a special custom version of packr v1
(devel/pydio-packr) has to be used.
Other changes:
- DOCS option was removed, as the README.md file didn't really provide
any useful information for the port's users
- Generation of bash and zsh completion files was added
- App version is now provided during the build process (previously 0.1.0
would be indicated instead of the real version)
- Indicate failure to build on i386
- Create separate user/group for running the daemon, as recommended by
the administrator's manual
- Add rc script
- Add pkg-message with configuration instructions
- Add more patches fixing bugs and adapting the code for FreeBSD
No UPDATING is required, as the port was not functional previously
Reviewed by: koobs
MFH: No (port isn't in any of the quarterly branches yet)
Differential Revision: https://reviews.freebsd.org/D30323
daemon as devices are attached and detached, respectively. (On by default)
Add GIDs/UIDs for usbmuxd to facilitate use with devd(8).
Patch configure.ac instead of configure since we are using autoreconf. Merge
post-patch target into this new patch for a cleaner Makefile.
SeaweedFS is a distributed object store and file system to store and
serve billions of files fast! Its object store has O(1) disk seek,
and transparent cloud integration. The Filer supports cross-cluster
active-active replication, POSIX, S3 API, encryption, Erasure Coding for
warm storage, FUSE mount, Hadoop, and WebDAV.
WWW: https://github.com/chrislusf/seaweedfs/wiki
Sponsored by: SkunkWerks, GmbH
Differential Revision: https://reviews.freebsd.org/D27391
Dendrite is a second-generation Matrix homeserver written in Go. It
intends to provide an efficient, reliable and scalable alternative to
Synapse:
o Efficient: A small memory footprint with better baseline
performance than an out-of-the-box Synapse.
o Reliable: Implements the Matrix specification as written, using
the same test suite as Synapse as well as a brand new Go test suite.
o Scalable: can run on multiple machines and eventually scale to
massive homeserver deployments.
WWW: https://github.com/matrix-org/dendrite
Gerbera is a DLNA compatible media server and a continuation of MediaTomb
It allows you to browse and playback your media via your network, supports
metadata extraction, media thumbnail support and generation, media transcoding
and offers a Web UI.
WWW: https://gerbera.io/
PR: 248475
Submitted by: daniel.engberg.lists@pyret.net
Reviewed by: meena
- Adjust dependencies (IXFRTOOL needs yaml-cpp)
- Explicitly disable decaf and sodium in case they are not enabled.
Otherwise they default to "auto" and if detected in the system,
stage-qa reports unresolved dependency.
- Drop user privilges for worker processes to pdns/pdns (UID is new; GUID already exists)
- Always depend on protobuf. I do the same for dnsdist and powerdns-recursor
- Actually do something with the pdns_flags variable in the rc-script instead of just mentioning it in the comment block
- Bump PORTREVISION
PR: 250961
Submitted by: Juraj Lutter, Ralf van der Enden
Approved by: Ralf van der Enden (maintainer)
An easy to install, high-performance, zero maintenance proxy to run an
encrypted DNS server.
WWW: https://github.com/jedisct1/encrypted-dns-server
PR: 250195
Submitted by: Felix Hanley <felix@userspace.com.au>
The eponymous server and application monitoring agent from DataDogHQ.com
Additional agent integrations will be submitted in a further port.
PR: 208561
Submitted by: Uros Gruber <uros@gruber.si>
Sponsored by: SkunkWerks, GmbH
Differential Revision: https://reviews.freebsd.org/D27182
Bosun is an open-source, MIT licensed, monitoring and alerting system by
Stack Exchange.
It has an expressive domain specific language for evaluating alerts
and creating detailed notifications.
It also lets you test your alerts against history
for a faster development experience.
WWW: https://bosun.org/
PR: 250209
Submitted by: Markus Langer <langer.markus@gmail.com>
This changes the account the wsdd service runs under from the generic
'daemon' user to its own dedicated '_wsdd' user.
Approved by: hiroo.ono+freebsd@gmail.com (maintainer)
PR: 250159
MFH: 2020Q4
- Assume maintainership
- Drop coreutils from dependencies; tenshi works fine now with FreeBSD tail
- Get tarballs from to GitHub; this is where upstream moved
- Install configuration files in upstream default location
rpki-client is a FREE, easy-to-use implementation of the Resource Public Key
Infrastructure (RPKI) for Relying Parties (RP) to facilitate validation of the
Route Origin of a BGP announcement. The program queries the RPKI repository
system and outputs Validated ROA Payloads in the configuration format of either
OpenBGPD or BIRD, but also as CSV or JSON objects for consumption by other
routing stacks. rpki-client originated in OpenBSD.
This version is based on the portable version of rpki-client.
WWW: https://www.rpki-client.org/
WWW: https://github.com/rpki-client/rpki-client-portable
Allocate UID and GID 270 for use when running rpki-client.
Give time to users to change their env
The new port is the successor, it supports milter feature and its
config file is in another path.
PR: 244424
Submitted by: Yasuhiro KIMURA <yasu@utahime.org> (maintainer)
Using PostgREST is an alternative to manual CRUD programming. Custom API
servers suffer problems. Writing business logic often duplicates, ignores or
hobbles database structure. Object-relational mapping is a leaky abstraction
leading to slow imperative code. The PostgREST philosophy establishes a single
declarative source of truth: the data itself.
WWW: http://postgrest.org/en/v7.0.0/
PR: 246383
Submitted by: Dmitry Wagin
- clixon user and group will be used to listen to a socket
- Updated pkg-message
PR: 246264
Submitted by: Dave Cornejo <dcornejo@netgate.com> (maintainer)
Sponsored by: Rubicon Communications, LLC (Netgate)
It can be used together with the Smallstep step-ca client.
step-ca is a local CA. It can be used to create your own local PKI
Infrastructure and includes things like e.g. the possibility to have your
own ACME server.
A private certificate authority (X.509 & SSH) & ACME server for secure
automated certificate management, so you can use TLS everywhere & SSO for SSH.
WWW: https://smallstep.com/certificates/
PR: 245535
Submitted by: Markus Wipp <mw@wipp.bayern>
Secure Shout Host Oriented Unified Talk is an instant-messaging platform
designed to make uses of the existing SSH server in your system.
SSHOUT creates a private chat room in your host. The authentication of the
chat room is done by SSH public authentication. Users can join your chat room
by either directly connecting your SSH server with any SSH client; or using a
SSHOUT client that implemented the client side SSHOUT API.
This package provides the SSHOUT server side programs; if you are finding a
SSHOUT client, go to project page and find out a suitable client; or you can
also write your own client using SSHOUT API.
PR: 228723
Submitted by: WHR <msl0000023508@gmail.com>
I accidentally spelled this as "/nonexistent/" yesterday, which broke
the special handling of that path and resulted in /nonexistent existing.
PR: 245537
Submitted by: Thomas Hurst
music streaming server / subsonic server API implementation
features
* browsing by folder (keeping your full tree intact)
* browsing by tags (using taglib - supports mp3, opus, flac, ape, m4a, wav,
etc.)
* on-the-fly audio transcoding and caching (requires ffmpeg) (thank you spijet)
* pretty fast scanning (with my library of ~27k tracks, initial scan takes
about 10m, and about 5s after incrementally)
* multiple users, each with their own transcoding preferences, playlists, top
tracks, top artists, etc.
* last.fm scrobbling
* artist similarities and biographies from the last.fm api
* a web interface for configuration (set up last.fm, manage users, start scans,
etc.)
* support for the album-artist tag, to not clutter your artist list with
compilation album appearances
* written in go, so lightweight and suitable for a raspberry pi, etc.
* newer salt and token auth
* tested on dsub, jamstash, sublime music, and soundwaves
WWW: https://github.com/sentriz/gonic
- Change LICENSE to BSD2CLAUSE from BSD4CLAUSE
- Utilizes UID and GID irrd for 252
- Take MAINTAINERSHIP
- Mentioned in UPDATING
- Both irrd-legacy and irrd can bes installed and run concurrently
Approved by: ume (private mail)
signal-cli is a command-line interface for libsignal-service-java. It
supports registering, verifying, sending and receiving messages. To be able
to link to an existing Signal-Android/signal-cli instance, signal-cli uses
a patched libsignal-service-java, because libsignal-service-java does not
yet support provisioning as a slave device. For registering you need a
phone number where you can receive SMS or incoming calls. signal-cli is
primarily intended to be used on servers to notify admins of important
events. For this use-case, it has a dbus interface, that can be used to
send messages from any programming language that has dbus bindings.
WWW: https://github.com/AsamK/signal-cli
Note that the UIDs/GIDs were meaning to add 455 as the ID,
but typed 445 in the patch. I've corrected the IDs to 455.
I've also elided one blank line between the _DEPENDS lines
to please portlint.
Other than that, test builds succeeded on 11.3 (i386, amd64),
12.1 (i386, amd64, mips64, aarch64).
PR: 241426
Submitted by: Colin T. <bugzilla@nulldir.e4ward.com>
Reviewed by: Daniel Engberg
Approved by: samm@ (maintainer timeout, >4 months)
Special thanks to netchild for inspiring bringing back this piece software
to ports!
Reviewed by: netchild, pi, salvadore
Differential Revision: https://reviews.freebsd.org/D24127
HoneyTrap is a modular framework for running, monitoring and managing honeypots.
Using HoneyTrap you can use sensors, high interaction and low
interaction honeypots together, while still using the same event mechanisms.
HoneyTrap consists of services, directors, listeners and channels. It is easy to
build new services, attach existing honeypots and extend channels or directors.
PR: 242740
Submitted by: ezri.mudde@dutchsec.com
The imds-filterd tool allows administrators of EC2 instances to lock down
which data from the Instance Metadata Service can be accessed by specified
system users and groups, thereby making the EC2 Instance Metadata Service
compatible with traditional UNIX privilege separation.
Reviewed by: otis, dizzy, lwhsu
Sponsored by: Tarsnap Backup Inc.
Bitmark secures digital property registration through Bitmark certificates,
enabling economic trade of those properties between individuals, governments,
corporations, and institutions at global scale.
WWW: https://github.com/bitmark-inc/bitmarkd
Submitted by: Christopher Hall <hsw__bitmark.com>
Sponsored by: Bitmark Inc.
Differential Revision: https://reviews.freebsd.org/D23167
Release notes:
https://github.com/NLnetLabs/routinator/releases/tag/v0.6.2
Port changes:
- Add a startup script.
- Add a separate user/group for the daemon to use.
PR: 240560
PR: 239899
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
This is being done as svn copy instead of rename so that users of
security/bro can have some time to migrate. It also allows for
possible security updates to the old bro port which upstream has
indicated is possible for at least a few months.
Reviewed by: ler (mentor)
Approved by: ler (mentor)
Differential Revision: https://reviews.freebsd.org/D22376
Added rc script to run p0f in daemon mode as as unprivileged user.
That is useful to provide access to p0f API via unix socket for
various clients (e.g. anti-spam filters like rspamd, haraka-plugin-p0f,
etc.).
PR: 240712
Submitted by: Alexander Moisseev <moiseev@mezonplus.ru>
Lidarr is a music collection manager for Usenet and BitTorrent users.
It can monitor multiple RSS feeds for new tracks from your favorite
artists and will grab, sort and rename them.
It can also be configured to automatically upgrade the quality of
files already downloaded when a better quality format becomes
available.
It looks and smells like Sonarr but made for music.
WWW: https://lidarr.audio
PR: 234233
Submitted by: Michiel van Baak <michiel@vanbaak.eu>, Matt Russi <mrussi@gmail.com>
SEMS is an open-source SIP media server, implementing a B2BUA,
voicemail, IVRs, announcements, etc. It is designed to be
complementary to SIP proxy-only tools like Kamailio, OpenSIPS, etc.
This adds a new port for the SEMS SIP media server, which provides a
number of functions (Voicemail, conferencing, B2BUA, etc.) in conjunction
with a SIP router like Kamailio or OpenSIPS.
The most recent release (1.6.0) is both old and has a significant number
of issues on FreeBSD, so this corresponds to the current development
branch, which should hopefully become 1.7 in not too very long. I've
added one other patch (from SEMS pull request 57) that is required to
make message-waiting notifications behave in a useful way but has yet
to be merged upstream.
WWW: https://github.com/sems-server/sems/
PR: 240048
Reviewed by: koobs (ports)
Approved by: koobs (ports)
Differential Revision: D21410
OwnTracks apps.
OwnTracks allows you to keep track of your own location. You can build
your private location diary or share it with your family and friends.
OwnTracks is open-source and uses open protocols for communication so
you can be sure your data stays secure and private.
API backend for the sysutils/restic backup software, enabling fast and
easy network backups
Approved by: jrm (mentor, implicit)
Sponsored by: SkunkWerks, GmbH
Lego is a new let's encrypt client write in Go with
support for number of ACME challenges and no external
dependencies.
PR: 237349
Submitted by: Matthew Horan <matt@matthoran.com>
Project V is a set of network tools that help you to build your
own computer network. It secures your network connections and
thus protects your privacy.
WWW: https://www.v2ray.com
PR: 235418
Submitted by: Yanhui Shen <shen.elf@gmail.com>
Reviewed by: koobs, mat
Approved by: koobs (mentor)
Differential Revision: https://reviews.freebsd.org/D19066
This allows use of mlock() when vault is started via rc script.
Submitted by: dch
Reviewed by: jrm
Differential Revision: https://reviews.freebsd.org/D20025
Sonic is a fast, lightweight, and schema-less search backend. It
ingests search texts and identifier tuples that can then be queried
against in a microsecond's time.
Sonic can be used as a simple alternative to super-heavy and
full-featured search backends such as Elasticsearch in some use-cases.
It is capable of normalizing natural language search queries,
auto-completing a search query and providing the most relevant
results for a query. Sonic is an identifier index, rather than a
document index; when queried, it returns IDs that can then be used
to refer to the matched documents in an external database.
A strong attention to performance and code cleanliness has been
given when designing Sonic. It aims at being crash-free, super-fast
and puts minimum strain on server resources.
WWW: https://github.com/valeriansaliou/sonic
Reason for this is, if you like to use rspamd to also sign emails using DKIM, ARC,
rspamd need access to the private key used for signing.
As user nobody is correctly used to run rspamd each service that fallback
to user nobody would have access to the private key, which is a security risk.
PR: 230766
Hockeypuck implements the HKP draft protocol specification,
as well as several extensions to the protocol supported by SKS.
Public key material conforming to RFC 4880 is supported by the keyserver,
as are RFC 6637 ECC keys.
As-of-yet unsupported key material, such as recent Ed25519 signing keys,
may be distributed by Hockeypuck, however Hockeypuck is not able to
validate them yet.
WWW: https://hockeypuck.github.io
PR: 235904
Submitted by: Michiel van Baak <michiel@vanbaak.eu>
NZBHydra 2 is a meta search for NZB indexers. It provides easy access to a
number of raw and newznab based indexers. You can search all your indexers
from one place and use it as an indexer source for tools like Sonarr,
Radarr or CouchPotato.
WWW: https://github.com/theotherp/nzbhydra2
PR: 234537
Submitted by: Daniel Shafer <daniel shafer cc>
Differential_Revision: https://reviews.freebsd.org/D18704
libvirt-dbus wraps libvirt API to provide a high-level object-oriented API
better suited for dbus-based applications.
WWW: https://libvirt.org/dbus.html
Midpoint is a comprehensive identity management and identity
governance system. It is basically an complex integration tool
that can replicate and transform user records between numerous user
databases, management of the records, reporting, auditing and so
on. It allows very complex transformation and replication rules
including support for advanced RBAC and scripting. Its internal
mechanisms are based on state-of-the art concepts that are still
not yet widely used in the fieldof Identity Management.
WWW: https://evolveum.com/midpoint/
PR: 231766
Submitted by: Matthias Wolf <freebsd@rheinwolf.de>
Apache Archiva is an extensible repository management software that helps taking
care of your own personal or enterprise-wide build artifact repository. It is
the perfect companion for build tools such as Maven, Continuum, and ANT.
Archiva offers several capabilities, amongst which remote repository proxying,
security access management, build artifact storage, delivery, browsing, indexing
and usage reporting, extensible scanning functionality and many more!
WWW: https://archiva.apache.org
PR: 203071
Submitted by: Dušan Vejnovič <freebsd@dussan.org>
Differential Revision: https://reviews.freebsd.org/D15656
"nobody" should only be used by NFS and nothing should run as
it. Instead give tcpdump a dedicated user.
Also note that IPv6 is no longer optional, so just remove the option
Approved by: garga (maintainer, older version)
Reviewed by: matthew
Differential Revision: https://reviews.freebsd.org/D15841
GeoDNS is a DNS server with per-client targeted responses. It powers the NTP
Pool system and other similar services.
WWW: https://github.com/abh/geodns
PR: 227492
Submitted by: Vinicius Zavam <egypcio@googlemail.com>
Differential Revision: https://reviews.freebsd.org/D15056
- Working RC script
- Rename config file to .env so it's obvious what it is
- Don't depend on Postgres server by default
- Depend on ca_root_nss so it can actually fetch articles over HTTPS
- Run as a dedicated user
PR: 228275
Approved by: maintainer
