kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/www/squid/Makefile
Sergei Kolobov a0c6cf9fc4 - update to squid-2.5.STABLE5, including two vendor patches issued so far 
- provide more OPTIONS, including (untested) support for pf(4)
- integrate the follow-XFF-patch from devel.squid-cache.org (submitted by
  Michael Ranner), this should improve interaction with dansguardian
- use id 100 for the squid pseudo user instead of choosing the first free
  id greater than 3127, a behaviour introduced with PORTVERSION 2.5.4_6.
  Provide a 'changeuser' target to make migration from a high id to id 100
  possible (requested by Kris Kennaway)
- don't let the port CONFLICT with itself (criticized by Oliver Eikemeier)
- provide rcNG support in squid.sh only on systems with /etc/rc.subr

PR:		ports/64061
Submitted by:	Thomas-Martin Seck (maintainer)
2004-03-17 07:06:46 +00:00

343 lines
13 KiB
Makefile
Raw Blame History

# New ports collection makefile for: squid24
# Date created: Tue Mar 27 14:56:08 CEST 2001
# Whom: Adrian Chadd <adrian@FreeBSD.org>
#
# $FreeBSD$
#
# Tunables not (yet) configurable via 'make config':
# SQUID_{U,G}ID
# Which user/group squid should run as (default: squid/squid).
# The user and group will be created if they do not already exist using
# a uid:gid of 100:100.
# NOTE: before version 2.5.4_6, these settings defaulted to
# nobody/nogroup.
# If you wish to keep these settings, please define SQUID_UID=nobody and
# SQUID_GID=nogroup in your make environment before you start the update.
# NOTE2:
# Before version 2.5.4_11 the numerical id chosen for SQUID_UID (and
# SQUID_GID respectively) was the first free id greater than or equal 3128.
# If you wish to move your squid user to id 100:100, run "make changeuser",
# please see the changeuser target's definition for further information.
# SQUID_LANGUAGES
# A list of languages for which error page files should be installed
# (default: all)
# SQUID_DEFAULT_LANG
# If you define SQUID_LANGUAGES, select which language should be the default
# (default: English)
# SQUID_CONFIGURE_ARGS
# Additional configuration options, see below for a list
PORTNAME= squid
PORTVERSION= 2.5.5
CATEGORIES= www
MASTER_SITES= \
ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
ftp://ftp.unimelb.edu.au/pub/cwis/servers/unix/squid/%SUBDIR%/ \
ftp://sunsite.auc.dk/pub/infosystems/squid/%SUBDIR%/ \
ftp://ftp.leo.org/pub/comp/general/infosys/www/servers/squid/%SUBDIR%/ \
${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid/&,}
MASTER_SITE_SUBDIR= squid-2/STABLE
DISTNAME= squid-2.5.STABLE5
DIST_SUBDIR= squid2.5
PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/
PATCHFILES= squid-2.5.STABLE5-ntlm_assert.patch \
squid-2.5.STABLE5-ldap.patch
PATCH_DIST_STRIP= -p1
MAINTAINER= tmseck@netcologne.de
COMMENT= The successful WWW proxy cache and accelerator
CONFLICTS= squid-2.[^5]*
GNU_CONFIGURE= yes
USE_BZIP2= yes
USE_PERL5= yes
USE_REINPLACE= yes
SQUID_UID?= squid
SQUID_GID?= squid
MAN8= squid.8
docs= QUICKSTART README RELEASENOTES.html doc/debug-sections.txt
.if !defined(NOPORTDOCS)
PORTDOCS= ${docs:T}
.endif
OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
SQUID_DELAY_POOLS "Enable delay pools" off \
SQUID_SNMP "Enable SNMP support" off \
SQUID_CARP "Enable CARP support" off \
SQUID_SSL "Enable SSL support for reverse proxies" off \
SQUID_PINGER "Install the icmp helper" off \
SQUID_DNS_HELPER "Use the old 'dnsserver' helper" off \
SQUID_HTCP "Enable HTCP support" off \
SQUID_VIA_DB "Enable forward/via database" off \
SQUID_CACHE_DIGESTS "Enable cache digests" off \
SQUID_WCCP "Enable Web Cache Coordination Protocol" on \
SQUID_UNDERSCORES "Allow underscores in hostnames" on \
SQUID_CHECK_HOSTNAME "Do hostname checking" on \
SQUID_STRICT_HTTP "Be strictly HTTP compliant" off \
SQUID_IDENT "Enable ident (RFC 931) lookups" on \
SQUID_USERAGENT_LOG "Enable User-Agent-header logging" off \
SQUID_ARP_ACL "Enable ACLs based on ethernet address" off \
SQUID_PF "Enable transp. proxy support using PF" off \
SQUID_FOLLOW_XFF "Follow X-Forwarded-For headers" off \
SQUID_AUFS "Enable the aufs store type" off \
SQUID_COSS "Enable the COSS store type" off \
SQUID_STACKTRACES "Create backtraces on fatal errors" off
PLIST_FILES= etc/rc.d/squid.sh etc/squid/mib.txt etc/squid/mime.conf.default \
etc/squid/msntauth.conf.default etc/squid/squid.conf.default \
sbin/RunAccel sbin/RunCache sbin/squidclient sbin/squid
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin --sysconfdir=${PREFIX}/etc/squid \
--datadir=${PREFIX}/etc/squid \
--libexecdir=${PREFIX}/libexec/squid \
--localstatedir=${PREFIX}/squid \
--enable-removal-policies="lru heap"
.include <bsd.port.pre.mk>
# Authentication methods and modules:
basic_auth= NCSA PAM YP MSNT winbind
external_acl= ip_user unix_group wbinfo_group winbind_group
MAN8+= pam_auth.8 squid_unix_group.8
.if defined(WITH_SQUID_LDAP_AUTH)
USE_OPENLDAP= yes
CONFIGURE_ENV+= CFLAGS="${CFLAGS} -I${LOCALBASE}/include" \
LDFLAGS="-L${LOCALBASE}/lib"
MAN8+= squid_ldap_auth.8 squid_ldap_group.8
basic_auth+= LDAP
external_acl+= ldap_group
.endif
CONFIGURE_ARGS+= --enable-auth="basic ntlm digest" \
--enable-basic-auth-helpers="${basic_auth}" \
--enable-digest-auth-helpers="password" \
--enable-external-acl-helpers="${external_acl}" \
--enable-ntlm-auth-helpers="SMB winbind"
# Selection of store types:
store_types= ufs diskd null
.if defined(WITH_SQUID_AUFS)
store_types+= aufs
# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS
CONFIGURE_ARGS+= --enable-async-io --with-pthreads
.endif
.if defined(WITH_SQUID_COSS)
store_types+= coss
CONFIGURE_ARGS+= --with-aio
.endif
CONFIGURE_ARGS+= --enable-storeio="${store_types}"
# Other options set via 'make config':
.if defined(WITH_SQUID_DELAY_POOLS)
CONFIGURE_ARGS+= --enable-delay-pools
.endif
.if defined(WITH_SQUID_SNMP)
CONFIGURE_ARGS+= --enable-snmp
.endif
.if defined(WITH_SQUID_CARP)
CONFIGURE_ARGS+= --enable-carp
.endif
.if defined(WITH_SQUID_SSL)
CONFIGURE_ARGS+= --enable-ssl
.endif
.if defined(WITH_SQUID_PINGER)
CONFIGURE_ARGS+= --enable-icmp
.endif
.if defined(WITH_SQUID_DNS_HELPER)
CONFIGURE_ARGS+= --disable-internal-dns
.endif
.if defined(WITH_SQUID_HTCP)
CONFIGURE_ARGS+= --enable-htcp
.endif
.if defined(WITH_SQUID_VIA_DB)
CONFIGURE_ARGS+= --enable-forw-via-db
.endif
.if defined(WITH_SQUID_CACHE_DIGESTS)
CONFIGURE_ARGS+= --enable-cache-digests
.endif
.if defined(WITHOUT_SQUID_WCCP)
CONFIGURE_ARGS+= --disable-wccp
.endif
.if defined(WITH_SQUID_UNDERSCORES)
CONFIGURE_ARGS+= --enable-underscores
.endif
.if defined(WITHOUT_SQUID_CHECK_HOSTNAME)
CONFIGURE_ARGS+= --disable-hostname-checks
.endif
.if defined(WITH_SQUID_STRICT_HTTP)
CONFIGURE_ARGS+= --disable-http-violations
.endif
.if defined(WITHOUT_SQUID_IDENT)
CONFIGURE_ARGS+= --disable-ident-lookups
.endif
.if defined(WITH_SQUID_USERAGENT_LOG)
CONFIGURE_ARGS+= --enable-useragent-log
.endif
.if defined(WITH_SQUID_ARP_ACL)
CONFIGURE_ARGS+= --enable-arp-acl
.endif
.if defined(WITH_SQUID_PF)
.if ${OSVERSION} >= 502106
# This will work only systems where PF is part of the base system for now.
# If someone is eager to teach autoconf to pick up the pf port
# on 5.[0-2] systems instead, go on, I will integrate your patch.
CONFIGURE_ARGS+= --enable-pf-transparent
.else
.error WITH_SQUID_PF only works on systems where pf is part of the base system.
.endif
.endif
.if defined(WITH_SQUID_FOLLOW_XFF)
EXTRA_PATCHES+= ${PATCHDIR}/follow_xff-2.5.patch \
${PATCHDIR}/follow_xff-configure.patch
CONFIGURE_ARGS+= --enable-follow-x-forwarded-for
.endif
.if defined(WITH_SQUID_STACKTRACES)
CONFIGURE_ARGS+= --enable-stacktraces
.endif
# Languages:
#
# If you do not define SQUID_LANGUAGES yourself, all available language files
# will be installed; the default language will be English.
SQUID_LANGUAGES?= \
Bulgarian Catalan Czech Danish Dutch English Estonian Finnish \
French German Hebrew Hungarian Italian Japanese Korean Lithuanian \
Polish Portuguese Romanian Russian-1251 Russian-koi8-r Serbian \
Simplify_Chinese Slovak Spanish Swedish Traditional_Chinese Turkish
SQUID_DEFAULT_LANG?= English
CONFIGURE_ARGS+= --enable-err-languages="${SQUID_LANGUAGES}" \
--enable-default-err-language=${SQUID_DEFAULT_LANG}
# Other not so common configure options you can set via SQUID_CONFIGURE_ARGS:
# Please see the configure script in the squid source distribution for a
# complete list.
#
# --enable-dlmalloc
# Compile and use the malloc package from Doug Lea
# --enable-gnuregex
# Compile and use the supplied GNUregex routines instead of BSD regex.
# --enable-xmalloc-statistics
# Show malloc statistics in status page
# --enable-time-hack
# Optimize time updates to one per second rather than calling gettimeofday()
# --enable-cachemgr-hostname=some.hostname
# Set an explicit hostname in cachemgr.cgi
# --enable-truncate
# Use truncate() rather than unlink()
# --disable-unlinkd
# Do not use "unlinkd"
# --with-aufs-threads=N_THREADS
# Tune the number of worker threads for the aufs object
# --with-coss-membuf-size
# COSS membuf size (default: 1048576 bytes)
#
# This option does not yet work on FreeBSD:
#
# --enable-ipf-transparent
# Enable Transparent Proxy support for IP-Filter systems (incl 3.0)
# (IPFilter headers are not currently installed to the base system,
# PRs ports/60700 and misc/44148 describe the problem; see
# http://www.squid-cache.org/Doc/FAQ/FAQ-17.html for information
# about how to do transparent proxying with ipfw)
CONFIGURE_ARGS+= ${SQUID_CONFIGURE_ARGS}
post-patch:
@${REINPLACE_CMD} -e 's|-lpthread|${PTHREAD_LIBS}|g' ${WRKSRC}/configure
@${REINPLACE_CMD} -e 's|/etc|${PREFIX}/etc|g' ${WRKSRC}/doc/squid.8
pre-configure:
@${REINPLACE_CMD} -e 's|%%SQUID_UID%%|${SQUID_UID}|g' \
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' ${WRKSRC}/src/cf.data.pre
pre-install:
# Prevent installation of .orig files by deleting them.
@${FIND} ${WRKSRC} -name '*.bak' -delete
@${FIND} ${WRKSRC} -name '*.orig' -delete
@${SED} -e 's|%%PREFIX%%|${PREFIX}|g' \
-e 's|%%SQUID_UID%%|${SQUID_UID}|g' ${FILESDIR}/squid.sh \
>${WRKDIR}/squid.sh
pre-su-install:
@${SETENV} SQUID_USER=${SQUID_UID} SQUID_GROUP=${SQUID_GID} \
PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
post-install:
.if defined(WITH_SQUID_PINGER)
${CHMOD} 4510 ${PREFIX}/libexec/squid/pinger; \
${CHGRP} ${SQUID_GID} ${PREFIX}/libexec/squid/pinger
.endif
${INSTALL_SCRIPT} ${WRKDIR}/squid.sh ${PREFIX}/etc/rc.d
.if !defined(NOPORTDOCS)
@${MKDIR} ${DOCSDIR}
cd ${WRKSRC} && ${INSTALL_DATA} ${docs} ${DOCSDIR}
.endif
@${SETENV} PKG_PREFIX=${PREFIX} \
${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
# Create package list:
@cd ${PREFIX} && ${FIND} libexec/squid -type f -o -type l | ${SORT} \
>>${TMPPLIST}
@${ECHO_CMD} "@dirrm libexec/squid" >>${TMPPLIST}
@cd ${PREFIX} && ${FIND} etc/squid/icons -type f -o -type l | ${SORT} \
>>${TMPPLIST}
@${ECHO_CMD} "@dirrm etc/squid/icons" >>${TMPPLIST}
.for d in ${SQUID_LANGUAGES}
@cd ${PREFIX} && ${FIND} etc/squid/errors/${d} -type f | ${SORT} \
>>${TMPPLIST}
@${ECHO_CMD} "@dirrm etc/squid/errors/${d}" >>${TMPPLIST}
.endfor
@${ECHO_CMD} "@dirrm etc/squid/errors" >>${TMPPLIST}
changeuser:
# Recover from the problem that earlier versions of this port created the
# squid pseudo-user with an id greater than 999 which is not allowed in
# FreeBSD's ports system. The port now uses id 100:100.
# NOTE:
# This target assumes that SQUID_GID is the primary group of SQUID_UID. If you
# have a different setup, do not run this target!
.if ${SQUID_UID:L} == nobody
@${ECHO_CMD} "'nobody' is a system user, you do not need to execute"; \
${ECHO_CMD} "this target!"
exit 1
.endif
@if [ `id -u` -ne 0 ]; \
then ${ECHO_CMD} "Sorry, you must be root to use this target."; exit 1; fi; \
current_uid=`id -u ${SQUID_UID}`; \
current_gid=`pw groupshow ${SQUID_GID}|cut -f 3 -d :`; \
${ECHO_CMD} "I will remove this user:"; \
${ID} -P $${current_uid}; \
${ECHO_CMD} "and this group:"; \
pw groupshow ${SQUID_GID}; \
${ECHO_CMD} "I will then re-create them with a user and group id of 100."; \
${ECHO_CMD} "Then all files and directories under ${PREFIX} and /var that"; \
${ECHO_CMD} "are owned by uid $${current_uid} will be chown(1)'ed."; \
${ECHO_CMD} "After that, all files and directories that were accessible"; \
${ECHO_CMD} "by group $${current_gid} will chgrp(1)'ed respectively."; \
${ECHO_CMD} "Note that this assumes group '${SQUID_GID}' to be the primary"; \
${ECHO_CMD} "group of user '${SQUID_UID}'. If you have a different setup"; \
${ECHO_CMD} "please abort this target now."; \
read -p "Press RETURN to continue or CTRL-C to abort:" dummy ; \
${ECHO_CMD} "OK, here we go:"; \
${ECHO_CMD} "deleting user $${current_uid} and his primary group..."; \
pw userdel -u $${current_uid}; \
${ECHO_CMD} "adding user ${SQUID_UID} with id 100..."; \
pw groupadd -n ${SQUID_GID} -g 100; \
pw useradd -n ${SQUID_UID} -u 100 -c "squid caching-proxy pseudo user" \
-d ${PREFIX}/squid -s /sbin/nologin -h - ; \
${ECHO_CMD} "chown(1)'ing everything under ${PREFIX} from $${current_uid} to 100..."; \
${FIND} -H ${PREFIX} -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
${ECHO_CMD} "chgrp(1)'ing everything under ${PREFIX} from $${current_gid} to 100..."; \
${FIND} -H ${PREFIX} -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
${ECHO_CMD} "chown(1)'ing everything under /var from $${current_uid} to 100..."; \
${FIND} -H /var -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
${ECHO_CMD} "chgrp(1)'ing everything under /var from $${current_gid} to 100..."; \
${FIND} -H /var -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
${ECHO_CMD} "Finished."
.include <bsd.port.post.mk>
Reference in a new issue View git blame Copy permalink