misc/mycorrhiza: move to www and apply fixes from @op mycorrhiza is now merged, so this repo is now only for updates and maintenance. for stable version check out openbsd ports tree.
la-ninpre leobrekalini@gmail.com
Fri, 09 Sep 2022 10:18:09 +0300
8 files changed,
82 insertions(+),
96 deletions(-)
M
misc/mycorrhiza/Makefile
→
www/mycorrhiza/Makefile
@@ -1,25 +1,21 @@
-COMMENT = wiki engine for personal wikis driven by git and plain-text +COMMENT = plain-text driven engine for personal wikis MODGO_MODNAME = github.com/bouncepaw/mycorrhiza MODGO_VERSION = v1.12.1 DISTNAME = mycorrhiza-${MODGO_VERSION} -CATEGORIES = misc +CATEGORIES = www HOMEPAGE = https://mycorrhiza.wiki -# AGPLv3 only +# AGPLv3 PERMIT_PACKAGE = Yes WANTLIB += c pthread - -#SUBST_VARS += LOCALSTATEDIR MODULES = lang/go RUN_DEPENDS = devel/git - -NO_TEST = Yes .include "modules.inc"
M
misc/mycorrhiza/pkg/PLIST
→
www/mycorrhiza/pkg/PLIST
@@ -1,5 +1,5 @@
-@newgroup _mycorrhiza:884 -@newuser _mycorrhiza:884:_mycorrhiza::Mycorrhiza User:${LOCALSTATEDIR}/mycorrhiza:/sbin/nologin +@newgroup _mycorrhiza:885 +@newuser _mycorrhiza:885:_mycorrhiza::Mycorrhiza User:${LOCALSTATEDIR}/mycorrhiza:/sbin/nologin @rcscript ${RCDIR}/mycorrhiza @bin bin/mycorrhiza share/doc/pkg-readmes/${PKGSTEM}
D
misc/mycorrhiza/pkg/README
@@ -1,86 +0,0 @@
-+------------------------------------------------------------------------------- -| Running ${PKGSTEM} on OpenBSD -+------------------------------------------------------------------------------- - -Initial setup -============= - -Mycorrhiza expects to be fronted by a TLS terminating proxy. By default it is -listening on localhost:1737. - -httpd(8) --------- - -# httpd.conf(5) -server "mycorrhiza.example.com" { - listen on * port http - location "/.well-known/acme-challenge/*" { - root "/acme" - request strip 2 - } - location "*" { - block return 302 "https://$HTTP_HOST$REQUEST_URI" - } -} - -mycorrhiza# rcctl enable httpd -mycorrhiza# rcctl start httpd - -acme-client(1) --------------- - -# acme-client.conf(5) -domain mycorrhiza.example.com { - domain key "${SYSCONFDIR}/ssl/private/mycorrhiza.example.com.key" - domain full chain cerificate "${SYSCONFDIR}/ssl/mycorrhiza.example.com.crt" - sign with letsencrypt -} - -mycorrhiza# acme-client -v mycorrhiza.example.com - -relayd(8) ---------- - -# relayd.conf(5) -ext_ip="123.45.67.89" -ext_ip6="1234:5678:dead:beef" -mycorrhiza_port="1737" -table <mycorrhiza> { 127.0.0.1 ::1 } - -http protocol https { - match request header append "X-Forwarded-For" value "$REMOTE_ADDR" - match request header append "X-Forwarded-By" \ - value "$SERVER_ADDR:$SERVER_PORT" - match request header set "Connection" value "close" - - match request header "Host" value "mycorrhiza.*" forward to <mycorrhiza> - - tcp { sack, backlog 128 } - tls keypair mycorrhiza.example.com -} -relay https { - listen on $ext_ip port https tls - listen on $ext_ip6 port https tls - protocol https - forward to <mycorrhiza> port $mycorrhiza_port check tcp -} - -mycorrhiza# rcctl enable relayd -mycorrhiza# rcctl start relayd - -Setup -===== - -See ${HOMEPAGE} for details about configuration and deployment. -Be sure to set up proper authentication. -By default wiki will be created in ${LOCALSTATEDIR}/mycorrhiza, -but you can change that by setting daemon flags with rcctl(8). - -mycorrhiza# rcctl set mycorrhiza flags '/some/other/wiki/dir' - -Enable and start the daemon. - -mycorrhiza# rcctl enable mycorrhiza -mycorrhiza# rcctl start mycorrhiza - -Wiki will be available at https://mycorrhiza.example.com
M
misc/mycorrhiza/pkg/mycorrhiza.rc
→
www/mycorrhiza/pkg/mycorrhiza.rc
@@ -1,7 +1,7 @@
#!/bin/ksh daemon="${TRUEPREFIX}/bin/mycorrhiza" -daemon_flags="." +daemon_flags="${LOCALSTATEDIR}/mycorrhiza" daemon_user="_mycorrhiza" . /etc/rc.d/rc.subr
A
www/mycorrhiza/pkg/README
@@ -0,0 +1,76 @@
++------------------------------------------------------------------------------- +| Running ${PKGSTEM} on OpenBSD ++------------------------------------------------------------------------------- + +Initial setup +============= + +By default, Mycorrhiza listens on localhost:1737. To make it reachable +as a web service, it needs to be put behind a TLS terminating proxy. +Here's a sample httpd(8) and relayd(8) configuration provided for +reference: + +/etc/httpd.conf: + + server "mycorrhiza.example.com" { + listen on * port http + location "/.well-known/acme-challenge/*" { + root "/acme" + request strip 2 + } + location "*" { + block return 302 "https://$HTTP_HOST$REQUEST_URI" + } + } + + +/etc/relayd.conf: + + ext_ip="123.45.67.89" + ext_ip6="1234:5678:dead:beef" + mycorrhiza_port="1737" + table <mycorrhiza> { 127.0.0.1 ::1 } + + http protocol https { + match request header append "X-Forwarded-For" \ + value "$REMOTE_ADDR" + match request header append "X-Forwarded-By" \ + value "$SERVER_ADDR:$SERVER_PORT" + match request header set "Connection" value "close" + + match request header "Host" value "mycorrhiza.*" \ + forward to <mycorrhiza> + + tcp { sack, backlog 128 } + tls keypair mycorrhiza.example.com + } + + relay https { + listen on $ext_ip port https tls + listen on $ext_ip6 port https tls + protocol https + forward to <mycorrhiza> port $mycorrhiza_port check tcp + } + +Don't forget to set up a TLS certificate (for example using +acme-client(1)) and start httpd(8) and relayd(8): + + # rcctl enable httpd relayd + # rcctl start httpd relayd + + +Setup +===== + +See the official documentation for details about configuration and +deployment. Be sure to set up proper authentication. + +By default the wiki will be created in ${LOCALSTATEDIR}/mycorrhiza, but +it's possible to change it by overwriting the daemon flags with rcctl(8) + + # rcctl set mycorrhiza flags '/path/to/wiki/dir' + +Finally, enable and start the daemon: + + # rcctl enable mycorrhiza + # rcctl start mycorrhiza