commit: f3f523e7b2d433f2810c06beb33dc9a305be2f8a Author: Holger Hoffstätte <holger <AT> applied-asynchrony <DOT> com> AuthorDate: Tue Dec 2 13:21:46 2025 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Thu Dec 4 12:16:23 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f3f523e7
net-dns/dnsdist: add -9999 with USE=ipcrypt Signed-off-by: Holger Hoffstätte <holger <AT> applied-asynchrony.com> Part-of: https://github.com/gentoo/gentoo/pull/44863 Closes: https://github.com/gentoo/gentoo/pull/44863 Signed-off-by: Sam James <sam <AT> gentoo.org> net-dns/dnsdist/Manifest | 2 + net-dns/dnsdist/dnsdist-9999.ebuild | 180 ++++++++++++++++++++++++++++++++++++ net-dns/dnsdist/metadata.xml | 1 + 3 files changed, 183 insertions(+) diff --git a/net-dns/dnsdist/Manifest b/net-dns/dnsdist/Manifest index ba900c844c90..3b7026944afa 100644 --- a/net-dns/dnsdist/Manifest +++ b/net-dns/dnsdist/Manifest @@ -4,5 +4,7 @@ DIST dnsdist-2.0.1.tar.xz 2279512 BLAKE2B 6eee67a678ef1a044f60f8989befdcf84ce487 DIST dnsdist-2.0.2.tar.xz 2284864 BLAKE2B 87a4179f474d7f8117e4e03c4ff680f79207c8056765c6925ee21b3011e4555e47ad9c97950f30ab2876ac0978ee07555017cb1bbc6b93792992c1821f8da27a SHA512 7f53d13bb90b7b70da364341e50473b88be0bc9619e3263e352bed75aa57edbc018824439749956281a2c7a5d32c653e7378fe9d3cbc296042fa8120eee75fae DIST dnsdist-docs-2.0.1.tar.xz 1382776 BLAKE2B 9b701e1c06118f242cf5fef019c015d5bd9608db893c1e708666d572cc8d0b3745f5bd935e76995e2894288a3d039aea9de6a409295ba096a72acd960d4e5507 SHA512 fc0ce707ec6dddf0057f8fd4bafe7513017b8e71e39b77e0525a67fbab68bbc1393490368eacad31ffccebebed156d0cc6ec646dbba30369ff67c63d71410057 DIST dnsdist-docs-2.0.2.tar.xz 1385828 BLAKE2B 79b4bb02f42f9bb3829fec6c6788ea2cc79c3f55d31b462e3c54d32f8afb0dfc84d8b347cbdae6cc3f9d8c9ebd1207a71f097f5201f14b9b2b6b20c72842d6b2 SHA512 ab73d30193bd99b4163962be5564c596fdd1d0c85c20d6606a70ed491ceb8ff801418aa7890c9ad2025ef3c9767f1d8252c0c18cfee5ebf9d845cce7e681f578 +DIST dnsdist-docs-9999.tar.xz 1347420 BLAKE2B f96bcd42f33a212e7d5b9f277dfc405bccd8aaea12564c70726c149827d8d67652a5007cce7c23032a30f3dd36405087f920168397b7b4d971df40a4630da23d SHA512 eeb83262405f07c536ec624820106c28dacd65f4a0644cea1d223d229f19ec5ae510016111ef39a09c01a9cd3ebad6f23482c7b0be322990aeeb3beaf6b91a33 DIST dnsdist-rust-2.0.1-crates.tar.xz 5268364 BLAKE2B 36b370eacb7332d04de0fa1be2a49983c030c94df00abcc6681180b1ad5fa8bfe3e19744543b3707e305d57649837a632c1400fd4ae1b4626f084310db8f9bad SHA512 a9f1e10a71a9fb2e6879077224823dd278f1a27c5698076e69bc4bcdf89cff5e54ffd0fce90113131358398289400da263b90c895d167cb3c007fcc96654e116 DIST dnsdist-rust-2.0.2-crates.tar.xz 5268364 BLAKE2B 36b370eacb7332d04de0fa1be2a49983c030c94df00abcc6681180b1ad5fa8bfe3e19744543b3707e305d57649837a632c1400fd4ae1b4626f084310db8f9bad SHA512 a9f1e10a71a9fb2e6879077224823dd278f1a27c5698076e69bc4bcdf89cff5e54ffd0fce90113131358398289400da263b90c895d167cb3c007fcc96654e116 +DIST dnsdist-rust-9999-crates.tar.xz 3257828 BLAKE2B 5915f30c0be1a23174a4125186dabda99652143ee8862f5fdaaaad3d407ab2d3cc99b2602feff7b43fefb1bf6fd5b60a6954d1d3f084be3e43fcdbb7de0c6d18 SHA512 ebeab68d84da12f47fa0efb05fcfd6eeddad61a174bd53e6a93845b1023a4fef46e35a87a46a72ede378cd0e7f5ec0710bce3b5ac822c3432a9725071be2f340 diff --git a/net-dns/dnsdist/dnsdist-9999.ebuild b/net-dns/dnsdist/dnsdist-9999.ebuild new file mode 100644 index 000000000000..3b11f89d7118 --- /dev/null +++ b/net-dns/dnsdist/dnsdist-9999.ebuild @@ -0,0 +1,180 @@ +# Copyright 1999-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +LUA_COMPAT=( lua5-{1..4} luajit ) +PYTHON_COMPAT=( python3_{11..14} ) +RUST_MIN_VER="1.85.1" +RUST_OPTIONAL=1 + +inherit cargo flag-o-matic lua-single meson python-any-r1 toolchain-funcs + +DESCRIPTION="A highly DNS-, DoS- and abuse-aware loadbalancer" +HOMEPAGE="https://www.dnsdist.org/index.html"; + +if [[ ${PV} == *9999* ]] ; then + EGIT_REPO_URI="https://github.com/PowerDNS/pdns"; + EGIT_BRANCH="master" + inherit git-r3 +else + SRC_URI="https://downloads.powerdns.com/releases/${P}.tar.xz"; + KEYWORDS="~amd64 ~x86" +fi + +SRC_URI+=" + doc? ( https://www.applied-asynchrony.com/distfiles/${PN}-docs-${PV}.tar.xz ) + yaml? ( https://www.applied-asynchrony.com/distfiles/${PN}-rust-${PV}-crates.tar.xz ) +" + +LICENSE="GPL-2" +SLOT="0" +IUSE="bpf cdb dnscrypt dnstap doc doh doh3 ipcipher ipcrypt lmdb quic regex snmp +ssl systemd test web xdp yaml" +RESTRICT="!test? ( test )" + +REQUIRED_USE="${LUA_REQUIRED_USE} + dnscrypt? ( ssl ) + doh? ( ssl ) + doh3? ( ssl quic ) + ipcipher? ( ssl ) + quic? ( ssl )" + +RDEPEND="acct-group/dnsdist + acct-user/dnsdist + bpf? ( dev-libs/libbpf:= ) + cdb? ( dev-db/tinycdb:= ) + dev-libs/boost:= + sys-libs/libcap + dev-libs/libedit + dev-libs/libsodium:= + dnstap? ( dev-libs/fstrm ) + doh? ( net-libs/nghttp2:= ) + doh3? ( net-libs/quiche:= ) + lmdb? ( dev-db/lmdb:= ) + quic? ( net-libs/quiche ) + regex? ( dev-libs/re2:= ) + snmp? ( net-analyzer/net-snmp:= ) + ssl? ( dev-libs/openssl:= ) + systemd? ( sys-apps/systemd:0= ) + xdp? ( net-libs/xdp-tools ) + ${LUA_DEPS} +" + +DEPEND="${RDEPEND}" +BDEPEND="$(python_gen_any_dep 'dev-python/pyyaml[${PYTHON_USEDEP}]') + virtual/pkgconfig + yaml? ( ${RUST_DEPEND} ) +" + +# special requirements for live +if [[ ${PV} == *9999* ]] ; then + BDEPEND+=" dev-util/ragel" + S="${S}/pdns/dnsdistdist" +fi + +pkg_setup() { + lua-single_pkg_setup + python-any-r1_pkg_setup + use yaml && rust_pkg_setup +} + +python_check_deps() { + python_has_version "dev-python/pyyaml[${PYTHON_USEDEP}]" +} + +# git-r3 overrides automatic SRC_URI unpacking +src_unpack() { + default + + if [[ ${PV} == *9999* ]] ; then + git-r3_src_unpack + fi +} + +src_prepare() { + default + + # clean up duplicate file + rm -f README.md +} + +src_configure() { + # bug #822855 + append-lfs-flags + + # There is currently no reliable way to handle mixed C++/Rust + LTO + # correctly: https://bugs.gentoo.org/963128 + if use yaml && tc-is-lto ; then + ewarn "Disabling LTO because of mixed C++/Rust toolchains." + filter-lto + fi + + # some things can only be enabled/disabled by defines + ! use dnstap && append-cppflags -DDISABLE_PROTOBUF + ! use web && append-cppflags -DDISABLE_BUILTIN_HTML + + local emesonargs=( + --sysconfdir="${EPREFIX}/etc/dnsdist" + # always use libsodium + -Dlibsodium=enabled + -Dlua=${ELUA} + # never try to build man pages (virtualenv) + -Dman-pages=false + # never use gnutls (openssl only) + -Dtls-gnutls=disabled + $(meson_feature bpf ebpf) + $(meson_feature cdb) + $(meson_feature dnscrypt) + $(meson_feature dnstap) + $(meson_feature doh dns-over-https) + $(meson_feature doh nghttp2) + $(meson_feature doh3 dns-over-http3) + $(meson_feature ipcipher) + $(meson_feature ipcrypt ipcrypt2) + $(meson_feature lmdb) + $(meson_feature quic dns-over-quic) + $(meson_feature regex re2) + $(meson_feature snmp) + $(meson_feature ssl libcrypto) + $(meson_feature ssl tls-libssl) + $(meson_feature ssl dns-over-tls) + $(meson_feature systemd systemd-service) + $(meson_use test unit-tests) + $(meson_feature xdp xsk) + $(meson_feature yaml) + ) + + meson_src_configure +} + +# explicitly implement src_compile/test to override the +# otherwise automagic cargo_src_compile/test phases + +src_compile() { + cargo_gen_config + cargo_env meson_src_compile +} + +src_test() { + meson_src_test +} + +src_install() { + meson_src_install + + use doc && dodoc -r "${WORKDIR}"/html + + insinto /etc/dnsdist + doins "${FILESDIR}"/dnsdist.conf.example + + newconfd "${FILESDIR}"/dnsdist.confd ${PN} + newinitd "${FILESDIR}"/dnsdist.initd ${PN} +} + +pkg_postinst() { + elog "dnsdist provides multiple instances support. You can create more instances" + elog "by symlinking the dnsdist init script to another name." + elog + elog "The name must be in the format dnsdist.<suffix> and dnsdist will use the" + elog "/etc/dnsdist/dnsdist-<suffix>.conf configuration file instead of the default." +} diff --git a/net-dns/dnsdist/metadata.xml b/net-dns/dnsdist/metadata.xml index af8cd2e1de0a..183e7bc68b1c 100644 --- a/net-dns/dnsdist/metadata.xml +++ b/net-dns/dnsdist/metadata.xml @@ -20,6 +20,7 @@ <flag name="doh">Enable support for dns over http via <pkg>net-libs/nghttp2</pkg></flag> <flag name="doh3">Enable support for dns over http3 via <pkg>net-libs/quiche</pkg></flag> <flag name="ipcipher">Enable support for ipcipher via <pkg>dev-libs/openssl</pkg></flag> + <flag name="ipcrypt">Enable support for encryption/decryption of IP addresses via IPCrypt</flag> <flag name="lmdb">Enable support for lmdb</flag> <flag name="quic">Enable support for dns over quic via <pkg>net-libs/quiche</pkg></flag> <flag name="regex">Enable support for regular expression matching via <pkg>dev-libs/re2</pkg></flag>
