git: ffae45917307 - main - mail/py-postfix-mta-sts-resolver: Update to 1.4.0

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Norikatsu Shigemura <nork_at_FreeBSD.org>
Date: Sat, 31 Aug 2024 07:13:54 UTC
The branch main has been updated by nork:

URL: https://cgit.FreeBSD.org/ports/commit/?id=ffae45917307f2c041121fb752cac040e1b758ac

commit ffae45917307f2c041121fb752cac040e1b758ac
Author:     Norikatsu Shigemura <nork@FreeBSD.org>
AuthorDate: 2024-08-31 07:12:52 +0000
Commit:     Norikatsu Shigemura <nork@FreeBSD.org>
CommitDate: 2024-08-31 07:12:52 +0000

    mail/py-postfix-mta-sts-resolver: Update to 1.4.0
    
    - portlint/portfmt/portclippy happy.
    - Cosmetic change and fix some minor issues.
    - Add PostgreSQL backend support, and enable all backends.
    - Add support to output operation logs,  and default to
      syslog via daemon(8).
    
    ChangeLogs:     https://github.com/Snawoot/postfix-mta-sts-resolver/compare/v1.1.2...v1.4.0
    Approved by:    hrs (mentor)
---
 mail/py-postfix-mta-sts-resolver/Makefile         | 35 ++++++++++---------
 mail/py-postfix-mta-sts-resolver/distinfo         |  6 ++--
 mail/py-postfix-mta-sts-resolver/files/mta_sts.in | 42 ++++++++++++++++++-----
 mail/py-postfix-mta-sts-resolver/pkg-descr        | 14 ++++----
 4 files changed, 63 insertions(+), 34 deletions(-)

diff --git a/mail/py-postfix-mta-sts-resolver/Makefile b/mail/py-postfix-mta-sts-resolver/Makefile
index 61a29fd3faeb..4b045a5c09cf 100644
--- a/mail/py-postfix-mta-sts-resolver/Makefile
+++ b/mail/py-postfix-mta-sts-resolver/Makefile
@@ -1,7 +1,6 @@
 PORTNAME=	postfix-mta-sts-resolver
-PORTVERSION=	1.1.2
-DISTVERSIONPREFIX=v
-PORTREVISION=	1
+PORTVERSION=	1.4.0
+DISTVERSIONPREFIX=	v
 CATEGORIES=	mail python
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
 
@@ -12,33 +11,37 @@ WWW=		https://pypi.python.org/pypi/postfix-mta-sts-resolver
 LICENSE=	MIT
 
 BUILD_DEPENDS=	${PYTHON_PKGNAMEPREFIX}wheel>0:devel/py-wheel@${PY_FLAVOR}
-RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}aiodns>=3.0.0:dns/py-aiodns@${PY_FLAVOR} \
+RUN_DEPENDS=	${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss \
+		${PYTHON_PKGNAMEPREFIX}aiodns>=3.0.0:dns/py-aiodns@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}aiohttp>=3.4.4:www/py-aiohttp@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}pyyaml>=3.12:devel/py-pyyaml@${PY_FLAVOR} \
-		${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss
+		${PYTHON_PKGNAMEPREFIX}pyyaml>=3.12:devel/py-pyyaml@${PY_FLAVOR}
 
 USES=		python
 USE_GITHUB=	yes
-USE_PYTHON=	autoplist distutils
-
 GH_ACCOUNT=	Snawoot
-
-OPTIONS_DEFINE=	REDIS SQLITE UVLOOP
-
-REDIS_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}aioredis>=1.2.0:databases/py-aioredis@${PY_FLAVOR}
-SQLITE_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}aiosqlite>=1.10.0:databases/py-aiosqlite@${PY_FLAVOR}
-UVLOOP_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}uvloop>=0.11.0:devel/py-uvloop@${PY_FLAVOR}
-
+USE_PYTHON=	autoplist distutils
 USE_RC_SUBR=	mta_sts
 
+NO_ARCH=	yes
+
 SUB_LIST=	PYTHON_CMD=${PYTHON_CMD}
 PLIST_FILES=	"@sample etc/mta-sts-daemon.yml.sample"
 
+OPTIONS_DEFINE=		PGSQL REDIS SQLITE UVLOOP
+OPTIONS_DEFAULT=	PGSQL REDIS SQLITE UVLOOP
+
+UVLOOP_DESC=		Event loop support
+PGSQL_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}asyncpg>=0.27.0:databases/py-asyncpg@${PY_FLAVOR}
+REDIS_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}redis>=4.2.0:databases/py-redis@${PY_FLAVOR}
+SQLITE_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}aiosqlite>=0.10.0:databases/py-aiosqlite@${PY_FLAVOR}
+UVLOOP_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}uvloop>=0.11.0:devel/py-uvloop@${PY_FLAVOR}
+
 post-extract:
 	${REINPLACE_CMD} -e 's|/etc/|${PREFIX}/etc/|' \
 		${WRKSRC}/postfix_mta_sts_resolver/defaults.py
 
 post-install:
-	${CP} ${WRKSRC}/config_examples/mta-sts-daemon.yml.internal ${STAGEDIR}${PREFIX}/etc/mta-sts-daemon.yml.sample
+	${INSTALL_DATA} ${WRKSRC}/config_examples/mta-sts-daemon.yml.internal \
+			${STAGEDIR}${PREFIX}/etc/mta-sts-daemon.yml.sample
 
 .include <bsd.port.mk>
diff --git a/mail/py-postfix-mta-sts-resolver/distinfo b/mail/py-postfix-mta-sts-resolver/distinfo
index 58fe68480400..404f125166fa 100644
--- a/mail/py-postfix-mta-sts-resolver/distinfo
+++ b/mail/py-postfix-mta-sts-resolver/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1657391229
-SHA256 (Snawoot-postfix-mta-sts-resolver-v1.1.2_GH0.tar.gz) = c7e49ce3e441ebe2d2a4644d6fde21b4eaecf84479314f56a20fec018b9f8e9e
-SIZE (Snawoot-postfix-mta-sts-resolver-v1.1.2_GH0.tar.gz) = 51618
+TIMESTAMP = 1695492126
+SHA256 (Snawoot-postfix-mta-sts-resolver-v1.4.0_GH0.tar.gz) = 6fe07c9076e329fe3a9a347d7f9f8b2885526067dd7ea906b8916cd0dd5040ab
+SIZE (Snawoot-postfix-mta-sts-resolver-v1.4.0_GH0.tar.gz) = 54627
diff --git a/mail/py-postfix-mta-sts-resolver/files/mta_sts.in b/mail/py-postfix-mta-sts-resolver/files/mta_sts.in
index 31e442cb7585..1190e5fffe28 100644
--- a/mail/py-postfix-mta-sts-resolver/files/mta_sts.in
+++ b/mail/py-postfix-mta-sts-resolver/files/mta_sts.in
@@ -8,9 +8,10 @@
 # to enable this service:
 #
 # mta_sts_enable (bool):	Set to NO by default.
-# 		     		Set it to YES to enable mta_sts.
-# mta_sts_config (path):	Set to %%PREFIX%%/etc/mta-sts-daemon.yml
-#				by default.
+# 		     		Set it to YES to enable mta_sts_daemon.
+# mta_sts_config (path):	Set path to mta-sts-daemon.yml.
+# mta_sts_logfile (path):	Set log file name or 'syslog'.
+# mta_sts_logverbosity (str):	Set log verbosity(debug/info/warning/error/critical)
 
 . /etc/rc.subr
 
@@ -20,18 +21,41 @@ rcvar=mta_sts_enable
 load_rc_config $name
 
 : ${mta_sts_enable:="NO"}
-: ${mta_sts_config="%%PREFIX%%/etc/mta-sts-daemon.yml"}
-: ${mta_sts_user="nobody"}
-
-pidfile=/var/run/${name}.pid
-command=%%PREFIX%%/bin/mta-sts-daemon
+: ${mta_sts_config:="%%PREFIX%%/etc/mta-sts-daemon.yml"}
+: ${mta_sts_user:="mailnull"}
+: ${mta_sts_group:="mailnull"}
+: ${mta_sts_logfile:="syslog"}
+: ${mta_sts_logverbosity:="info"}
+
+pidfile="/var/run/${name}.pid"
+command="%%PREFIX%%/bin/mta-sts-daemon"
 command_interpreter="%%PYTHON_CMD%%"
 
+start_precmd="${name}_prestart"
 start_cmd="${name}_start"
 
+mta_sts_prestart()
+{
+	if [ "$mta_sts_logfile" = "syslog" ]; then
+		# NOTHING TO DO #
+	elif touch "$mta_sts_logfile"; then
+		chown "$mta_sts_user":"$mta_sts_group" "$mta_sts_logfile"
+	else
+		err 3 "$mta_sts_logfile: cannot create"
+	fi
+}
+
 mta_sts_start()
 {
-	/usr/sbin/daemon -u "${mta_sts_user}" -p "${pidfile}" "${command}" -c "${mta_sts_config}"
+	local logopts=""
+	local cmdopts="-v $mta_sts_logverbosity"
+
+	if [ "$mta_sts_logfile" = "syslog" ]; then
+		logopts="-S -T mta_sts -l mail -s $mta_sts_logverbosity"
+	else
+		cmdopts="$cmdopts -l $mta_sts_logfile"
+	fi
+	/usr/sbin/daemon -u "$mta_sts_user" -p "$pidfile" ${logopts} "$command" -c "$mta_sts_config" ${cmdopts}
 }
 
 run_rc_command "$1"
diff --git a/mail/py-postfix-mta-sts-resolver/pkg-descr b/mail/py-postfix-mta-sts-resolver/pkg-descr
index e4b76937f0b4..f7aeb5eec042 100644
--- a/mail/py-postfix-mta-sts-resolver/pkg-descr
+++ b/mail/py-postfix-mta-sts-resolver/pkg-descr
@@ -1,10 +1,12 @@
 Daemon which provides TLS client policy for Postfix via socketmap, according to
-domain MTA-STS policy. Current support of RFC8461 is limited - daemon lacks
-some minor features:
+domain MTA-STS policy. Current support of RFC8461 is limited:
 
-  - Proactive policy fetch
-  - Fetch error reporting
-  - Fetch ratelimit (but actual fetch rate partially restricted with cache_grace config option).
+  - MTA-STS policy overrides DANE TLS authentication against RFC 8461, 2.
+  - Daemon lacks some minor features:
+    - Fetch error reporting.
+    - Fetch ratelimit (but actual fetch rate partially restricted with
+      cache_grace config option).
 
 Server has configurable cache backend which allows to store cached STS policies
-in memory (internal), file (sqlite) or in Redis database (redis).
+in memory (internal), file (sqlite), Redis database (redis) or in PostgreSQL
+database (postgres).