Index: head/security/vault/Makefile =================================================================== --- head/security/vault/Makefile (revision 474394) +++ head/security/vault/Makefile (revision 474395) @@ -1,42 +1,43 @@ # $FreeBSD$ PORTNAME= vault PORTVERSION= 0.10.3 +PORTREVISION= 1 DISTVERSIONPREFIX= v CATEGORIES= security MAINTAINER= swills@FreeBSD.org COMMENT= Tool for securely accessing secrets LICENSE= MPL20 LICENSE_FILE= ${WRKSRC}/LICENSE BUILD_DEPENDS= go>=1.9:lang/go USE_GITHUB= yes GH_ACCOUNT= hashicorp GH_SUBDIR= src/github.com/${GH_ACCOUNT}/${PORTNAME} COMMIT_ID= 5dd7f25f5c4b541f2da62d70075b6f82771a650d USE_RC_SUBR= vault USERS= vault GROUPS= vault PLIST_FILES= bin/${PORTNAME} do-build: @cd ${WRKSRC}; \ ${SETENV} ${MAKE_ENV} ${BUILD_ENV} CGO_ENABLED=0 GOPATH=${WRKSRC} \ go build \ -ldflags "\ -X github.com/hashicorp/vault/version.Version=${PORTVERSION} \ -X github.com/hashicorp/vault/version.VersionPrerelease= \ -X github.com/hashicorp/vault/version.VersionMetadata= \ -X github.com/hashicorp/vault/version.GitCommit='${COMMIT_ID}'" \ -o bin/${PORTNAME} do-install: ${INSTALL_PROGRAM} ${WRKSRC}/bin/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/${PORTNAME} .include Index: head/security/vault/files/vault.in =================================================================== --- head/security/vault/files/vault.in (revision 474394) +++ head/security/vault/files/vault.in (revision 474395) @@ -1,55 +1,87 @@ #!/bin/sh # $FreeBSD$ # # PROVIDE: vault -# REQUIRE: LOGIN +# REQUIRE: DAEMON # KEYWORD: shutdown # # Add the following lines to /etc/rc.conf.local or /etc/rc.conf # to enable this service: # -# vault_enable (bool): Set to NO by default. -# Set it to YES to enable vault. -# vault_user (user): Set user to run vault. -# Default is "vault". -# vault_group (group): Set group to run vault. -# Default is "vault". -# vault_config (dir): Set vault config file. -# Default is "%%PREFIX%%/etc/vault.hcl". -# vault_env (dir): Set environment variables used with vault -# Default is "". +# vault_enable (bool): Set it to YES to enable vault. +# Default is "NO". +# vault_user (user): Set user to run vault. +# Default is "vault". +# vault_group (group): Set group to run vault. +# Default is "vault". +# vault_config (dir): Set vault config file. +# Default is "%%PREFIX%%/etc/vault.hcl". +# vault_syslog_output_enable (bool): Set to enable syslog output. +# Default is "NO". See daemon(8). +# vault_syslog_output_priority (str): Set syslog priority if syslog enabled. +# Default is "info". See daemon(8). +# vault_syslog_output_facility (str): Set syslog facility if syslog enabled. +# Default is "daemon". See daemon(8). . /etc/rc.subr name=vault rcvar=vault_enable load_rc_config $name : ${vault_enable:="NO"} : ${vault_user:="vault"} : ${vault_group:="vault"} : ${vault_config:="%%PREFIX%%/etc/vault.hcl"} -: ${vault_env:=""} +DAEMON=$(/usr/sbin/daemon 2>&1 | grep -q syslog ; echo $?) +if [ ${DAEMON} -eq 0 ]; then + : ${vault_syslog_output_enable:="NO"} + : ${vault_syslog_output_priority:="info"} + : ${vault_syslog_output_facility:="daemon"} + if checkyesno vault_syslog_output_enable; then + vault_syslog_output_flags="-t ${name} -T ${name}" + + if [ -n "${vault_syslog_output_priority}" ]; then + vault_syslog_output_flags="${vault_syslog_output_flags} -s ${vault_syslog_output_priority}" + fi + + if [ -n "${vault_syslog_output_facility}" ]; then + vault_syslog_output_flags="${vault_syslog_output_flags} -l ${vault_syslog_output_facility}" + fi + fi +else + vault_syslog_output_enable="NO" + vault_syslog_output_flags="" +fi + pidfile=/var/run/vault.pid procname="%%PREFIX%%/bin/vault" command="/usr/sbin/daemon" -command_args="-f -t ${name} -p ${pidfile} /usr/bin/env ${vault_env} ${procname} server -config=${vault_config}" +command_args="-f ${vault_syslog_output_flags} -p ${pidfile} /usr/bin/env ${vault_env} ${procname} server -config=${vault_config}" +extra_commands="reload monitor" +monitor_cmd=vault_monitor start_precmd=vault_startprecmd +required_files="$vault_config" +vault_monitor() +{ + sig_reload=USR1 + run_rc_command "reload" +} + vault_startprecmd() { if [ ! -e ${pidfile} ]; then install -o ${vault_user} -g ${vault_group} /dev/null ${pidfile}; fi if [ ! -d ${vault_dir} ]; then install -d -o ${vault_user} -g ${vault_group} ${vault_dir} fi - } run_rc_command "$1"