On Tue, Dec 13, 2022 at 08:27:30PM +0000, Stuart Henderson wrote:
> Here's a set of ports that make up the server side of eduVPN aka
> Let's Connect (https://www.eduvpn.org/, https://www.letsconnect-vpn.org/)
>
> It provides a front-end for OpenVPN and WireGuard with easy client
> installers, and lots of authentication options (a webapp handles
> authentication and provides a time-limited config to connect; with the
> usual clients it's seamlessly handled in the client app).
>
> net/eduvpn/vpn-ca
> net/eduvpn/vpn-daemon
> net/eduvpn/vpn-portal-artwork-eduvpn
> net/eduvpn/vpn-portal-artwork-lc
> net/eduvpn/vpn-server-node
> net/eduvpn/vpn-user-portal
>
> (and net/eduvpn/documentation, to bundle some upstream docs which
> are in a shared repo, which might be useful).
>
> The server-side code is a mixture of PHP (webapp, some utilities)
> and Go (daemons). Upstream only provides Apache setup docs/conf files;
> it should be possible to convert to nginx but I haven't figured out
> how to do so yet; it won't be possible to set the correct browser
> security policy headers with base httpd.
>
> I haven't tried everything yet (e.g. only used it with OpenVPN so far;
> wg may or may not work - it's not enabled by default anyway). I've put
> together some starter docs; they may need a bit more tweaking but
> I think are a pretty good pointer and avoid too much digging through
> the upstream docs and Linux deployment scripts to figure out what's
> going on.
>
> So at this point while there may still be some rough edges, I think it's
> in good enough shape to be useful to add to the tree.
>
> Any comments or OKs to import please?
>
> Some of the packages need a new user, so it also needs an addition to
> infrastructure/db/user.list:
>
> printf '886 _eduvpn\t\t_eduvpn\t\tnet/eduvpn\n' >>
> /usr/ports/infrastructure/db/user.list
Just glanced over the ports and they're in quite decent shape, as expected.
documentation has "EduVPN", should be "eduVPN", no?
in vpn-user-portal's README, could the crontab(5) examples benefit from `-s'?
All master_sites/distname stuff looks consistent, so maybe this can be
merged into Makefile.inc with ports just setting distname -- as you like.
They all package fine, but I didn't run-test any of it.
This ought to work, I think:
$ cd net/eduvpn/ ; make update-patches
===> net/eduvpn/documentation
===> net/eduvpn/vpn-ca
WRKDIST=/usr/ports/pobj/vpn-ca-4.0.1/vpn-ca-4.0.1 does not exist
