config: prepare for 18.7
This commit is contained in:
parent
8cea03a8fb
commit
8d5f94880d
|
@ -0,0 +1,54 @@
|
|||
include GENERIC
|
||||
|
||||
ident SMP
|
||||
|
||||
# Remove to build a debug kernel:
|
||||
nomakeoptions DEBUG
|
||||
|
||||
options DDB
|
||||
options GEOM_BDE
|
||||
options GEOM_ELI
|
||||
options GEOM_MIRROR
|
||||
options GEOM_UZIP
|
||||
options IPFIREWALL_DEFAULT_TO_ACCEPT
|
||||
options IPFIREWALL_VERBOSE
|
||||
options IPSTEALTH
|
||||
options MROUTING
|
||||
options PPS_SYNC
|
||||
options TCP_SIGNATURE
|
||||
|
||||
# Additional built-in devices
|
||||
device bwi
|
||||
device bwn
|
||||
device rum
|
||||
device run
|
||||
device siba_bwn
|
||||
device u3g
|
||||
device uark
|
||||
device uath
|
||||
device uftdi
|
||||
device umct
|
||||
device umodem
|
||||
device upgt
|
||||
device uplcom
|
||||
device ural
|
||||
device urtw
|
||||
device uvisor
|
||||
device uvscom
|
||||
device zyd
|
||||
|
||||
# Wireless features
|
||||
device wlan_acl
|
||||
device wlan_xauth
|
||||
|
||||
# Not all architectures have a consistent GENERIC
|
||||
device netmap
|
||||
|
||||
# Crashes when added to loader.conf
|
||||
device speaker
|
||||
|
||||
# HardenedBSD goodies
|
||||
options PAX
|
||||
options PAX_ASLR
|
||||
options PAX_HARDENING
|
||||
options PAX_SEGVGUARD
|
|
@ -0,0 +1,3 @@
|
|||
COREBRANCH?= master
|
||||
PLUGINSBRANCH?= master
|
||||
SRCBRANCH?= master
|
|
@ -0,0 +1,80 @@
|
|||
loader_conf_fixup()
|
||||
{
|
||||
# XXX core package needs a little help here...
|
||||
if [ -f ${1}/usr/local/etc/rc.loader ]; then
|
||||
chroot ${1} /usr/local/etc/rc.loader
|
||||
fi
|
||||
|
||||
cat >> ${1}/boot/loader.conf << EOF
|
||||
kern.cam.boot_delay="10000"
|
||||
EOF
|
||||
}
|
||||
|
||||
arm_hook()
|
||||
{
|
||||
loader_conf_fixup ${1}
|
||||
}
|
||||
|
||||
dvd_hook()
|
||||
{
|
||||
loader_conf_fixup ${1}
|
||||
}
|
||||
|
||||
nano_hook()
|
||||
{
|
||||
loader_conf_fixup ${1}
|
||||
|
||||
cat > ${1}/tmp/nano.xml << EOF
|
||||
<use_mfs_tmp/>
|
||||
<use_mfs_var/>
|
||||
<serialspeed>${PRODUCT_SPEED}</serialspeed>
|
||||
<primaryconsole>serial</primaryconsole>
|
||||
<secondaryconsole>video</secondaryconsole>
|
||||
EOF
|
||||
sed -i '' -e "/<system>/r ${1}/tmp/nano.xml" ${1}${CONFIG_XML}
|
||||
rm ${1}/tmp/nano.xml
|
||||
|
||||
sed -i '' -e '/<rrd>/,/<\/rrd>/d' ${1}${CONFIG_XML}
|
||||
|
||||
echo "-S${PRODUCT_SPEED} -D" > ${1}/boot.config
|
||||
|
||||
cat >> ${1}/boot/loader.conf << EOF
|
||||
comconsole_speed="${PRODUCT_SPEED}"
|
||||
console="comconsole,vidconsole"
|
||||
kern.geom.part.check_integrity=0
|
||||
boot_multicons="YES"
|
||||
boot_serial="YES"
|
||||
EOF
|
||||
|
||||
touch ${1}/.probe.for.growfs.nano
|
||||
}
|
||||
|
||||
serial_hook()
|
||||
{
|
||||
loader_conf_fixup ${1}
|
||||
|
||||
cat > ${1}/tmp/serial.xml << EOF
|
||||
<serialspeed>${PRODUCT_SPEED}</serialspeed>
|
||||
<primaryconsole>serial</primaryconsole>
|
||||
EOF
|
||||
sed -i '' -e "/<system>/r ${1}/tmp/serial.xml" ${1}${CONFIG_XML}
|
||||
rm ${1}/tmp/serial.xml
|
||||
|
||||
echo "-S${PRODUCT_SPEED} -D" > ${1}/boot.config
|
||||
|
||||
cat >> ${1}/boot/loader.conf << EOF
|
||||
comconsole_speed="${PRODUCT_SPEED}"
|
||||
console="comconsole"
|
||||
boot_serial="YES"
|
||||
EOF
|
||||
}
|
||||
|
||||
vga_hook()
|
||||
{
|
||||
loader_conf_fixup ${1}
|
||||
}
|
||||
|
||||
vm_hook()
|
||||
{
|
||||
loader_conf_fixup ${1}
|
||||
}
|
|
@ -0,0 +1,77 @@
|
|||
# stand-alone glue for dependency detection
|
||||
|
||||
PRODUCT_OPENSSL?= /usr/local/bin/openssl
|
||||
_PRODUCT_FLAVOUR!= if [ -f ${PRODUCT_OPENSSL} ]; \
|
||||
then ${PRODUCT_OPENSSL} version; \
|
||||
else \
|
||||
echo Base; \
|
||||
fi
|
||||
PRODUCT_FLAVOUR?= ${_PRODUCT_FLAVOUR:[1]}
|
||||
|
||||
PRODUCT_PHPBIN?= /usr/local/bin/php
|
||||
_PRODUCT_PHP!= if [ -f ${PRODUCT_PHPBIN} ]; \
|
||||
then ${PRODUCT_PHPBIN} -v; \
|
||||
fi
|
||||
PRODUCT_PHP?= ${_PRODUCT_PHP:[2]:S/./ /g:[1..2]:tW:S/ //}
|
||||
|
||||
# XXX hardcoded for now
|
||||
PRODUCT_PERL?= 5.26
|
||||
PRODUCT_PYTHON?= 27
|
||||
PRODUCT_RUBY?= 25
|
||||
|
||||
PRODUCT_GSSAPI?= GSSAPI_MIT
|
||||
|
||||
# global options
|
||||
OPTIONS_UNSET= DOCS EXAMPLES GSSAPI_BASE NLS X11
|
||||
DEFAULT_VERSIONS= python=${PRODUCT_PYTHON:C/^./&./}
|
||||
DEFAULT_VERSIONS+= ruby=${PRODUCT_RUBY:C/^./&./}
|
||||
DEFAULT_VERSIONS+= ssl=${PRODUCT_FLAVOUR:tl}
|
||||
DEFAULT_VERSIONS+= perl5=${PRODUCT_PERL}
|
||||
DEFAULT_VERSIONS+= php=${PRODUCT_PHP}
|
||||
HARDENING_LOCK= yes # remove disabled options
|
||||
HARDENING_OFF= cfi retpoline # pie relro safestack
|
||||
WRKDIRPREFIX= /usr/obj
|
||||
WANT_OPENLDAP_SASL= yes
|
||||
PACKAGE_BUILDING= yes
|
||||
#DEVELOPER= yes
|
||||
BATCH= yes
|
||||
|
||||
# per-port options
|
||||
databases_rrdtool_UNSET= DEJAVU GRAPH
|
||||
devel_git_UNSET= GITWEB SEND_EMAIL
|
||||
ftp_curl_UNSET= TLS_SRP
|
||||
graphics_graphviz_UNSET= XPM DIGCOLA IPSEPCOLA ICONV PANGOCAIRO
|
||||
lang_php${PRODUCT_PHP}_UNSET= EMBED
|
||||
mail_rspamd_SET= HYPERSCAN
|
||||
net-mgmt_flowd_SET= PYTHON
|
||||
net-mgmt_flowd_UNSET= PERL
|
||||
net-mgmt_zabbix3-proxy_SET= GNUTLS SQLITE
|
||||
net-mgmt_zabbix3-proxy_UNSET= MYSQL OPENSSL
|
||||
net-mgmt_zabbix34-agent_SET= GNUTLS
|
||||
net-mgmt_zabbix34-agent_UNSET= OPENSSL
|
||||
net_asterisk13_UNSET= DAHDI XMPP
|
||||
net_freeradius3_SET= LDAP MITKRB_PORT SQLITE3
|
||||
net_freeradius3_UNSET= HEIMDAL
|
||||
net_haproxy-devel_SET= LUA
|
||||
net_miniupnpd_SET= CHECK_PORTINUSE PF_FILTER_RULES
|
||||
net_openldap24-server_SET= MEMBEROF REFINT SASL
|
||||
net_vnstat_UNSET= GUI
|
||||
opnsense_suricata-devel_SET= GEOIP HYPERSCAN
|
||||
opnsense_suricata-devel_UNSET= PRELUDE
|
||||
security_autossh_SET= SSH_PORTABLE
|
||||
security_cyrus-sasl2-gssapi_SET=${PRODUCT_GSSAPI}
|
||||
security_openssh-portable_UNSET=HPN
|
||||
security_openssl_UNSET= SSL2 SSL3
|
||||
security_openvpn_SET= TUNNELBLICK
|
||||
security_openvpn_UNSET= EASYRSA TEST
|
||||
security_strongswan_SET= GCM EAPRADIUS
|
||||
security_strongswan_UNSET= CURL
|
||||
security_suricata_SET= GEOIP HYPERSCAN
|
||||
security_suricata_UNSET= PRELUDE
|
||||
sysutils_flashrom_UNSET= FTDI
|
||||
sysutils_msktutil_SET= ${PRODUCT_GSSAPI}
|
||||
www_lighttpd_UNSET= LUA
|
||||
www_nginx_SET= BROTLI NAXSI MAIL_IMAP MAIL_POP3
|
||||
www_squid_SET= AUTH_LDAP ${PRODUCT_GSSAPI} TP_PF
|
||||
www_squid_UNSET= AUTH_NIS TP_IPFW
|
||||
www_webgrind_SET= CALLGRAPH
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,56 @@
|
|||
#ORIGIN IGNORE
|
||||
benchmarks/iperf arm
|
||||
databases/redis arm
|
||||
devel/debug arm
|
||||
devel/helloworld
|
||||
dns/dyndns
|
||||
dns/rfc2136 arm
|
||||
mail/postfix arm
|
||||
mail/rspamd arm
|
||||
misc/theme-cicada
|
||||
misc/theme-rebellion
|
||||
misc/theme-tukan
|
||||
net-mgmt/collectd arm
|
||||
net-mgmt/lldpd arm
|
||||
net-mgmt/net-snmp arm
|
||||
net-mgmt/snmp
|
||||
net-mgmt/telegraf arm,i386
|
||||
net-mgmt/zabbix-agent arm
|
||||
net-mgmt/zabbix-proxy arm
|
||||
net/arp-scan
|
||||
net/freeradius arm
|
||||
net/frr arm
|
||||
net/ftp-proxy
|
||||
net/haproxy arm
|
||||
net/igmp-proxy
|
||||
net/l2tp
|
||||
net/mdns-repeater
|
||||
net/pppoe
|
||||
net/pptp
|
||||
net/quagga arm
|
||||
net/relayd arm
|
||||
net/shadowsocks arm
|
||||
net/siproxd arm
|
||||
net/upnp
|
||||
net/wol
|
||||
net/zerotier arm
|
||||
security/acme-client arm
|
||||
security/clamav arm
|
||||
security/intrusion-detection-content-et-pro
|
||||
security/intrusion-detection-content-pt-open
|
||||
security/intrusion-detection-content-snort-vrt
|
||||
security/openconnect arm
|
||||
security/tinc arm
|
||||
security/tor arm
|
||||
sysutils/boot-delay
|
||||
sysutils/lcdproc-sdeclcd arm
|
||||
sysutils/monit arm
|
||||
sysutils/node_exporter arm
|
||||
sysutils/nut arm
|
||||
sysutils/smart arm
|
||||
sysutils/vmware arm
|
||||
sysutils/xen arm
|
||||
www/c-icap arm
|
||||
www/cache
|
||||
www/web-proxy-sso arm
|
||||
www/web-proxy-useracl
|
|
@ -0,0 +1,215 @@
|
|||
#ORIGIN IGNORE
|
||||
archivers/php${PRODUCT_PHP}-zlib
|
||||
archivers/zip
|
||||
audio/beep arm,quick
|
||||
benchmarks/iperf3 arm
|
||||
comms/gnokii arm
|
||||
comms/kermit arm
|
||||
converters/php${PRODUCT_PHP}-mbstring arm
|
||||
databases/php${PRODUCT_PHP}-mysqli arm
|
||||
databases/php${PRODUCT_PHP}-sqlite3
|
||||
databases/py-sqlite3@py${PRODUCT_PYTHON}
|
||||
databases/redis arm
|
||||
databases/rrdtool
|
||||
databases/rrdtool12
|
||||
devel/automake
|
||||
devel/bison
|
||||
devel/cmake
|
||||
devel/gdb
|
||||
devel/gettext
|
||||
devel/gettext-runtime
|
||||
devel/gettext-tools
|
||||
devel/git
|
||||
devel/gmake
|
||||
devel/libtool
|
||||
devel/ninja
|
||||
devel/p5-File-Slurp arm
|
||||
devel/p5-Locale-Maketext-Lexicon arm
|
||||
devel/patch
|
||||
devel/pear-PHP_CodeSniffer@php${PRODUCT_PHP} arm
|
||||
devel/pecl-xdebug
|
||||
devel/php${PRODUCT_PHP}-gettext
|
||||
devel/php${PRODUCT_PHP}-json
|
||||
devel/phpunit6
|
||||
devel/pkgconf
|
||||
devel/py-Jinja2@py${PRODUCT_PYTHON}
|
||||
devel/py-pycodestyle@py${PRODUCT_PYTHON}
|
||||
devel/py-ujson@py${PRODUCT_PYTHON}
|
||||
devel/scons
|
||||
dns/bind913 arm
|
||||
dns/ddclient arm
|
||||
dns/dnscrypt-proxy arm
|
||||
dns/dnscrypt-proxy2 arm
|
||||
dns/dnsmasq
|
||||
dns/maradns arm
|
||||
dns/py-dnspython@py${PRODUCT_PYTHON}
|
||||
dns/unbound
|
||||
editors/emacs@nox
|
||||
editors/joe
|
||||
editors/nano
|
||||
editors/vim-console
|
||||
emulators/open-vm-tools-nox11 arm
|
||||
ftp/curl
|
||||
ftp/php${PRODUCT_PHP}-curl
|
||||
ftp/uftp arm
|
||||
ftp/wget arm
|
||||
lang/perl${PRODUCT_PERL}
|
||||
lang/php${PRODUCT_PHP}
|
||||
lang/python${PRODUCT_PYTHON}
|
||||
lang/ruby${PRODUCT_RUBY} arm
|
||||
mail/opensmtpd arm
|
||||
mail/pecl-mailparse arm
|
||||
mail/postfix-sasl arm
|
||||
mail/rspamd arm
|
||||
mail/smtp-cli arm
|
||||
math/php${PRODUCT_PHP}-bcmath arm
|
||||
misc/gnu-watch arm
|
||||
misc/help2man
|
||||
misc/mc-light arm
|
||||
net-im/py-telepot@py${PRODUCT_PYTHON} arm
|
||||
net-mgmt/bandwidthd arm
|
||||
net-mgmt/bsnmp-regex
|
||||
net-mgmt/bsnmp-ucd
|
||||
net-mgmt/bwm-ng arm
|
||||
net-mgmt/choparp
|
||||
net-mgmt/collectd5 arm
|
||||
net-mgmt/darkstat arm
|
||||
net-mgmt/flowd
|
||||
net-mgmt/iftop
|
||||
net-mgmt/lldpd arm
|
||||
net-mgmt/mk-livestatus arm
|
||||
net-mgmt/net-snmp arm
|
||||
net-mgmt/nrpe3 arm
|
||||
net-mgmt/rate
|
||||
net-mgmt/telegraf arm,i386
|
||||
net-mgmt/yaf arm
|
||||
net-mgmt/zabbix3-proxy arm
|
||||
net-mgmt/zabbix34-agent arm
|
||||
net/arp-scan
|
||||
net/asterisk13 arm
|
||||
net/dpinger
|
||||
net/freeradius3 arm
|
||||
net/freevrrpd arm
|
||||
net/frr3 arm
|
||||
net/haproxy-devel arm
|
||||
net/hostapd
|
||||
net/igmpproxy
|
||||
net/isc-dhcp44-relay
|
||||
net/isc-dhcp44-server
|
||||
net/mdns-repeater
|
||||
net/miniupnpd
|
||||
net/mosquitto arm
|
||||
net/mpd5
|
||||
net/mtr arm
|
||||
net/ntp
|
||||
net/openldap24-server arm
|
||||
net/pecl-radius
|
||||
net/php${PRODUCT_PHP}-ldap
|
||||
net/php${PRODUCT_PHP}-soap arm
|
||||
net/php${PRODUCT_PHP}-sockets
|
||||
net/proxy-suite
|
||||
net/py-ipaddress@py${PRODUCT_PYTHON}
|
||||
net/py-netaddr@py${PRODUCT_PYTHON}
|
||||
net/quagga arm
|
||||
net/radvd
|
||||
net/relayd arm
|
||||
net/rsync arm
|
||||
net/samplicator
|
||||
net/shadowsocks-libev arm
|
||||
net/siproxd arm
|
||||
net/sslh
|
||||
net/tayga arm
|
||||
net/vnstat arm
|
||||
net/wireguard arm,i386
|
||||
net/wol
|
||||
net/zerotier arm
|
||||
opnsense/apinger
|
||||
opnsense/bsdinstaller arm,quick
|
||||
opnsense/cpustats
|
||||
opnsense/dhcpleases
|
||||
opnsense/dhcp6c
|
||||
opnsense/filterlog
|
||||
opnsense/ifinfo
|
||||
opnsense/opnsense-lang
|
||||
opnsense/opnsense-update
|
||||
opnsense/pam_opnsense
|
||||
opnsense/sshlockout_pf
|
||||
opnsense/suricata-devel
|
||||
opnsense/syslogd
|
||||
print/texinfo
|
||||
security/acme-client arm
|
||||
security/acme.sh
|
||||
security/autossh arm
|
||||
security/ca_root_nss
|
||||
security/clamav arm
|
||||
security/cyrus-sasl2-gssapi arm
|
||||
security/expiretable
|
||||
security/honeybadger arm,i386
|
||||
security/nmap arm
|
||||
security/obfsclient arm
|
||||
security/openconnect arm
|
||||
security/openssh-portable
|
||||
security/openvpn
|
||||
security/pam_ldap arm
|
||||
security/php${PRODUCT_PHP}-filter
|
||||
security/php${PRODUCT_PHP}-hash
|
||||
security/php${PRODUCT_PHP}-mcrypt
|
||||
security/php${PRODUCT_PHP}-openssl
|
||||
security/py-fail2ban@py${PRODUCT_PYTHON}
|
||||
security/snuffleupagus@php${PRODUCT_PHP}
|
||||
security/softether arm
|
||||
security/strongswan
|
||||
security/sudo
|
||||
security/suricata
|
||||
security/tcpcrypt arm
|
||||
security/tinc arm
|
||||
security/tor arm
|
||||
security/vault arm,i386
|
||||
security/wpa_supplicant
|
||||
security/yara arm
|
||||
sysutils/ansible@py${PRODUCT_PYTHON} arm
|
||||
sysutils/apcupsd arm
|
||||
sysutils/beadm arm
|
||||
sysutils/beats arm,i386
|
||||
sysutils/cciss_vol_status arm
|
||||
sysutils/consul arm,i386
|
||||
sysutils/devcpu-data arm
|
||||
sysutils/dmidecode arm
|
||||
sysutils/flashrom arm
|
||||
sysutils/flock
|
||||
sysutils/iohyve arm
|
||||
sysutils/ipmitool arm
|
||||
sysutils/lcdproc arm
|
||||
sysutils/monit arm
|
||||
sysutils/msktutil arm
|
||||
sysutils/node_exporter arm
|
||||
sysutils/nut arm
|
||||
sysutils/pftop
|
||||
sysutils/screen
|
||||
sysutils/smartmontools arm
|
||||
sysutils/sysinfo
|
||||
sysutils/syslog-ng
|
||||
sysutils/tarsnap
|
||||
sysutils/tmux
|
||||
sysutils/usb_modeswitch
|
||||
sysutils/xe-guest-utilities arm
|
||||
textproc/php${PRODUCT_PHP}-ctype
|
||||
textproc/php${PRODUCT_PHP}-dom
|
||||
textproc/php${PRODUCT_PHP}-simplexml
|
||||
textproc/php${PRODUCT_PHP}-xml
|
||||
www/c-icap arm
|
||||
www/c-icap-modules arm
|
||||
www/lightsquid arm
|
||||
www/lighttpd
|
||||
www/nginx arm
|
||||
www/phalcon@php${PRODUCT_PHP}
|
||||
www/php${PRODUCT_PHP}-opcache
|
||||
www/php${PRODUCT_PHP}-session
|
||||
www/polipo arm
|
||||
www/privoxy arm
|
||||
www/py-requests@py${PRODUCT_PYTHON}
|
||||
www/sarg arm
|
||||
www/squid
|
||||
www/tinyproxy arm
|
||||
www/webgrind arm
|
||||
x11-fonts/urwfonts arm
|
|
@ -0,0 +1,7 @@
|
|||
net/dhcp6
|
||||
net/ntopng
|
||||
ports-mgmt/pkg
|
||||
security/krb5
|
||||
security/libressl
|
||||
security/openssl
|
||||
security/vuxml
|
|
@ -0,0 +1,43 @@
|
|||
WITHOUT_ASSERT_DEBUG=yes
|
||||
WITHOUT_ATM=yes
|
||||
WITHOUT_AUDIT=yes
|
||||
WITHOUT_AUTHPF=yes
|
||||
WITHOUT_BSDINSTALL=yes
|
||||
WITHOUT_CALENDAR=yes
|
||||
WITHOUT_CLANG_EXTRAS=yes
|
||||
WITHOUT_CLANG_FULL=yes
|
||||
WITHOUT_DEBUG_FILES=yes
|
||||
WITHOUT_DICT=yes
|
||||
WITHOUT_EXAMPLES=yes
|
||||
WITHOUT_FREEBSD_UPDATE=yes
|
||||
WITHOUT_GAMES=yes
|
||||
WITHOUT_GCOV=yes
|
||||
WITHOUT_GDB=yes
|
||||
WITHOUT_HTML=yes
|
||||
WITHOUT_IPFILTER=yes
|
||||
WITHOUT_KERBEROS=yes
|
||||
WITHOUT_LIB32=yes
|
||||
WITHOUT_MAIL=yes
|
||||
WITHOUT_NCP=yes
|
||||
WITHOUT_NIS=yes
|
||||
WITHOUT_NLS=yes
|
||||
WITHOUT_NLS_CATALOGS=yes
|
||||
WITHOUT_NS_CACHING=yes
|
||||
WITHOUT_NTP=yes
|
||||
WITHOUT_OFED=yes
|
||||
WITHOUT_OPENSSH=yes
|
||||
WITHOUT_PC_SYSINSTALL=yes
|
||||
WITHOUT_PORTSNAP=yes
|
||||
WITHOUT_PROFILE=yes
|
||||
WITHOUT_QUOTAS=yes
|
||||
WITHOUT_RCMDS=yes
|
||||
WITHOUT_RCS=yes
|
||||
WITHOUT_RESCUE=yes
|
||||
WITHOUT_SETUID_LOGIN=yes
|
||||
WITHOUT_SHAREDOCS=yes
|
||||
WITHOUT_SVN=yes
|
||||
WITHOUT_SVNLITE=yes
|
||||
WITHOUT_TALK=yes
|
||||
WITHOUT_TESTS=yes
|
||||
WITHOUT_UNBOUND=yes
|
||||
WITH_REPRODUCIBLE_BUILD=yes
|
Loading…
Reference in New Issue