CVS commit: pkgsrc/net/coturn

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/net/coturn
From: "Greg Troxel" <gdt%netbsd.org@localhost>
Date: Thu, 23 Jan 2025 17:21:26 +0000

Module Name:    pkgsrc
Committed By:   gdt
Date:           Thu Jan 23 17:21:26 UTC 2025

Modified Files:
        pkgsrc/net/coturn: Makefile PLIST
        pkgsrc/net/coturn/files: turnserver.sh

Log Message:
coturn: Merge improvements from wip

This is step 2 of the three-way merge of wip and net.

  - Set up a non-root user/group and tell the daemon to run as that
    user, avoiding it staying as root.
  - Use 'coturn' as the package name consistently, because upstream
    releases the package coturn containing the program turnserver.
    The package name is used for example/doc directories and the
    user/group.
  - Respect PKG_SYSCONFDIR harder, not letting coturn default to
    $prefix/etc, and use PKG_SYSCONFDIR in the rc.d script.
  - Simplify CONF_FILES handling, as upstream already installed the
    example in $egdir as just turnserver.conf.  Rather than moving
    .conf.example from etcdir to egdir, just remove, and then have
    CONF_FILES use the example.
  - add comment about a database installed in .destdir/var -- which
    doesn't get picked up by the package but still seems wrong.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/coturn/Makefile
cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/coturn/PLIST
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/coturn/files/turnserver.sh

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/net/coturn/Makefile
diff -u pkgsrc/net/coturn/Makefile:1.3 pkgsrc/net/coturn/Makefile:1.4
--- pkgsrc/net/coturn/Makefile:1.3      Thu Jan 23 17:06:18 2025
+++ pkgsrc/net/coturn/Makefile  Thu Jan 23 17:21:26 2025
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.3 2025/01/23 17:06:18 gdt Exp $
+# $NetBSD: Makefile,v 1.4 2025/01/23 17:21:26 gdt Exp $
 
 DISTNAME=      coturn-4.6.3
-PKGREVISION=   1
+PKGREVISION=   2
 CATEGORIES=    net
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=coturn/}
 
@@ -27,17 +27,46 @@ CONFIGURE_ENV+=             LIBEVENT_OPENSSL_LIBS="
 CFLAGS+=       -Wno-stringop-truncation
 
 COTURN_CONFIG= ${PKG_SYSCONFDIR}/turnserver.conf
-COTURN_EGDIR=  ${PREFIX}/share/examples/turnserver
-CONF_FILES=    ${COTURN_EGDIR}/turnserver.conf.default ${COTURN_CONFIG}
+COTURN_EGDIR=  ${PREFIX}/share/examples/coturn
+CONF_FILES=    ${COTURN_EGDIR}/etc/turnserver.conf ${COTURN_CONFIG}
 
 BUILD_DEFS+=   VARBASE
 RCD_SCRIPTS=   turnserver
 
+# Set up to run as a non-root user.
+COTURN_USER?=  coturn
+COTURN_GROUP?= ${COTURN_USER}
+COTURN_DATA?=  ${VARBASE}/db/coturn
+BUILD_DEFS+=   COTURN_USER COTURN_GROUP COTURN_DATA
+
+PKG_USERS_VARS=                        COTURN_USER
+PKG_GROUPS_VARS=               COTURN_GROUP
+PKG_GROUPS=                    ${COTURN_GROUP}
+PKG_USERS=                     ${COTURN_USER}:${COTURN_GROUP}
+PKG_GECOS.${COTURN_USER}=      coturn daemon user
+PKG_HOME.${COTURN_USER}=       ${COTURN_DATA}
+PKG_SHELL.${COTURN_USER}=      ${NOLOGIN}
+
+FILES_SUBST+=  COTURN_USER=${COTURN_USER:Q}
+FILES_SUBST+=  COTURN_GROUP=${COTURN_GROUP:Q}
+FILES_SUBST+=  PKG_SYSCONFDIR=${PKG_SYSCONFDIR:Q}
+
+# Use coturn as docs/examples subdir name.  \todo No command-line argument?
+CONFIGURE_ENV+=                PORTNAME=coturn
+# Defaults to ${PREFIX}/etc; respect pkgsrc tunable.
+CONFIGURE_ARGS+=       --confdir=${PKG_SYSCONFDIR}
+# Defaults to ${PREFIX}/var; give it a subdirectory.
+CONFIGURE_ARGS+=       --localstatedir=${COTURN_DATA}
+
+# \todo Why is there a db installed in /var?  If not within PREFIX we don't pick it up,
+# but it seems like a bug.
+
 .include "options.mk"
 
+# upstream installs both a .conf.default in etcdir, and the
+# pkgsrc-right-way .conf in egdir.
 post-install:
-       ${MV} ${DESTDIR}${PKG_SYSCONFDIR}/turnserver.conf.default \
-               ${DESTDIR}${COTURN_EGDIR}/turnserver.conf.default
+       ${RM} ${DESTDIR}${PKG_SYSCONFDIR}/turnserver.conf.default
 
 .include "../../devel/libevent/buildlink3.mk"
 .include "../../security/openssl/buildlink3.mk"

Index: pkgsrc/net/coturn/PLIST
diff -u pkgsrc/net/coturn/PLIST:1.2 pkgsrc/net/coturn/PLIST:1.3
--- pkgsrc/net/coturn/PLIST:1.2 Thu Jan 23 16:24:02 2025
+++ pkgsrc/net/coturn/PLIST     Thu Jan 23 17:21:26 2025
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.2 2025/01/23 16:24:02 adam Exp $
+@comment $NetBSD: PLIST,v 1.3 2025/01/23 17:21:26 gdt Exp $
 bin/turnadmin
 bin/turnserver
 bin/turnutils_natdiscovery
@@ -23,78 +23,77 @@ man/man1/turnutils_oauth.1
 man/man1/turnutils_peer.1
 man/man1/turnutils_stunclient.1
 man/man1/turnutils_uclient.1
-share/doc/turnserver/INSTALL
-share/doc/turnserver/LICENSE
-share/doc/turnserver/README.turnadmin
-share/doc/turnserver/README.turnserver
-share/doc/turnserver/README.turnutils
-share/doc/turnserver/postinstall.txt
-share/doc/turnserver/schema.mongo.sh
-share/doc/turnserver/schema.sql
-share/doc/turnserver/schema.stats.redis
-share/doc/turnserver/schema.userdb.redis
-share/examples/turnserver/etc/cacert.pem
-share/examples/turnserver/etc/coturn.service
-share/examples/turnserver/etc/turn_client_cert.pem
-share/examples/turnserver/etc/turn_client_pkey.pem
-share/examples/turnserver/etc/turn_server_cert.pem
-share/examples/turnserver/etc/turn_server_pkey.pem
-share/examples/turnserver/etc/turnserver.conf
-share/examples/turnserver/scripts/basic/dos_attack.sh
-share/examples/turnserver/scripts/basic/relay.sh
-share/examples/turnserver/scripts/basic/tcp_client.sh
-share/examples/turnserver/scripts/basic/tcp_client_c2c_tcp_relay.sh
-share/examples/turnserver/scripts/basic/udp_c2c_client.sh
-share/examples/turnserver/scripts/basic/udp_client.sh
-share/examples/turnserver/scripts/loadbalance/master_relay.sh
-share/examples/turnserver/scripts/loadbalance/slave_relay_1.sh
-share/examples/turnserver/scripts/loadbalance/slave_relay_2.sh
-share/examples/turnserver/scripts/loadbalance/tcp_c2c_tcp_relay.sh
-share/examples/turnserver/scripts/loadbalance/udp_c2c.sh
-share/examples/turnserver/scripts/longtermsecure/secure_dos_attack.sh
-share/examples/turnserver/scripts/longtermsecure/secure_dtls_client.sh
-share/examples/turnserver/scripts/longtermsecure/secure_dtls_client_cert.sh
-share/examples/turnserver/scripts/longtermsecure/secure_relay.sh
-share/examples/turnserver/scripts/longtermsecure/secure_relay_cert.sh
-share/examples/turnserver/scripts/longtermsecure/secure_sctp_client.sh
-share/examples/turnserver/scripts/longtermsecure/secure_tcp_client.sh
-share/examples/turnserver/scripts/longtermsecure/secure_tcp_client_c2c_tcp_relay.sh
-share/examples/turnserver/scripts/longtermsecure/secure_tls_client.sh
-share/examples/turnserver/scripts/longtermsecure/secure_tls_client_c2c_tcp_relay.sh
-share/examples/turnserver/scripts/longtermsecure/secure_tls_client_cert.sh
-share/examples/turnserver/scripts/longtermsecure/secure_udp_c2c.sh
-share/examples/turnserver/scripts/longtermsecure/secure_udp_client.sh
-share/examples/turnserver/scripts/longtermsecuredb/secure_relay_with_db_mongo.sh
-share/examples/turnserver/scripts/longtermsecuredb/secure_relay_with_db_mysql.sh
-share/examples/turnserver/scripts/longtermsecuredb/secure_relay_with_db_mysql_ssl.sh
-share/examples/turnserver/scripts/longtermsecuredb/secure_relay_with_db_psql.sh
-share/examples/turnserver/scripts/longtermsecuredb/secure_relay_with_db_redis.sh
-share/examples/turnserver/scripts/longtermsecuredb/secure_relay_with_db_sqlite.sh
-share/examples/turnserver/scripts/mobile/mobile_dtls_client.sh
-share/examples/turnserver/scripts/mobile/mobile_relay.sh
-share/examples/turnserver/scripts/mobile/mobile_tcp_client.sh
-share/examples/turnserver/scripts/mobile/mobile_tls_client_c2c_tcp_relay.sh
-share/examples/turnserver/scripts/mobile/mobile_udp_client.sh
-share/examples/turnserver/scripts/oauth.sh
-share/examples/turnserver/scripts/pack.sh
-share/examples/turnserver/scripts/peer.sh
-share/examples/turnserver/scripts/readme.txt
-share/examples/turnserver/scripts/restapi/secure_relay_secret.sh
-share/examples/turnserver/scripts/restapi/secure_relay_secret_with_db_mongo.sh
-share/examples/turnserver/scripts/restapi/secure_relay_secret_with_db_mysql.sh
-share/examples/turnserver/scripts/restapi/secure_relay_secret_with_db_psql.sh
-share/examples/turnserver/scripts/restapi/secure_relay_secret_with_db_redis.sh
-share/examples/turnserver/scripts/restapi/secure_relay_secret_with_db_sqlite.sh
-share/examples/turnserver/scripts/restapi/secure_udp_client_with_secret.sh
-share/examples/turnserver/scripts/restapi/shared_secret_maintainer.pl
-share/examples/turnserver/scripts/selfloadbalance/secure_dos_attack.sh
-share/examples/turnserver/scripts/selfloadbalance/secure_relay.sh
-share/examples/turnserver/turnserver.conf.default
-share/turnserver/schema.mongo.sh
-share/turnserver/schema.sql
-share/turnserver/schema.stats.redis
-share/turnserver/schema.userdb.redis
-share/turnserver/testmongosetup.sh
-share/turnserver/testredisdbsetup.sh
-share/turnserver/testsqldbsetup.sql
-@pkgdir var/turnserver
+share/coturn/schema.mongo.sh
+share/coturn/schema.sql
+share/coturn/schema.stats.redis
+share/coturn/schema.userdb.redis
+share/coturn/testmongosetup.sh
+share/coturn/testredisdbsetup.sh
+share/coturn/testsqldbsetup.sql
+share/doc/coturn/INSTALL
+share/doc/coturn/LICENSE
+share/doc/coturn/README.turnadmin
+share/doc/coturn/README.turnserver
+share/doc/coturn/README.turnutils
+share/doc/coturn/postinstall.txt
+share/doc/coturn/schema.mongo.sh
+share/doc/coturn/schema.sql
+share/doc/coturn/schema.stats.redis
+share/doc/coturn/schema.userdb.redis
+share/examples/coturn/etc/cacert.pem
+share/examples/coturn/etc/coturn.service
+share/examples/coturn/etc/turn_client_cert.pem
+share/examples/coturn/etc/turn_client_pkey.pem
+share/examples/coturn/etc/turn_server_cert.pem
+share/examples/coturn/etc/turn_server_pkey.pem
+share/examples/coturn/etc/turnserver.conf
+share/examples/coturn/scripts/basic/dos_attack.sh
+share/examples/coturn/scripts/basic/relay.sh
+share/examples/coturn/scripts/basic/tcp_client.sh
+share/examples/coturn/scripts/basic/tcp_client_c2c_tcp_relay.sh
+share/examples/coturn/scripts/basic/udp_c2c_client.sh
+share/examples/coturn/scripts/basic/udp_client.sh
+share/examples/coturn/scripts/loadbalance/master_relay.sh
+share/examples/coturn/scripts/loadbalance/slave_relay_1.sh
+share/examples/coturn/scripts/loadbalance/slave_relay_2.sh
+share/examples/coturn/scripts/loadbalance/tcp_c2c_tcp_relay.sh
+share/examples/coturn/scripts/loadbalance/udp_c2c.sh
+share/examples/coturn/scripts/longtermsecure/secure_dos_attack.sh
+share/examples/coturn/scripts/longtermsecure/secure_dtls_client.sh
+share/examples/coturn/scripts/longtermsecure/secure_dtls_client_cert.sh
+share/examples/coturn/scripts/longtermsecure/secure_relay.sh
+share/examples/coturn/scripts/longtermsecure/secure_relay_cert.sh
+share/examples/coturn/scripts/longtermsecure/secure_sctp_client.sh
+share/examples/coturn/scripts/longtermsecure/secure_tcp_client.sh
+share/examples/coturn/scripts/longtermsecure/secure_tcp_client_c2c_tcp_relay.sh
+share/examples/coturn/scripts/longtermsecure/secure_tls_client.sh
+share/examples/coturn/scripts/longtermsecure/secure_tls_client_c2c_tcp_relay.sh
+share/examples/coturn/scripts/longtermsecure/secure_tls_client_cert.sh
+share/examples/coturn/scripts/longtermsecure/secure_udp_c2c.sh
+share/examples/coturn/scripts/longtermsecure/secure_udp_client.sh
+share/examples/coturn/scripts/longtermsecuredb/secure_relay_with_db_mongo.sh
+share/examples/coturn/scripts/longtermsecuredb/secure_relay_with_db_mysql.sh
+share/examples/coturn/scripts/longtermsecuredb/secure_relay_with_db_mysql_ssl.sh
+share/examples/coturn/scripts/longtermsecuredb/secure_relay_with_db_psql.sh
+share/examples/coturn/scripts/longtermsecuredb/secure_relay_with_db_redis.sh
+share/examples/coturn/scripts/longtermsecuredb/secure_relay_with_db_sqlite.sh
+share/examples/coturn/scripts/mobile/mobile_dtls_client.sh
+share/examples/coturn/scripts/mobile/mobile_relay.sh
+share/examples/coturn/scripts/mobile/mobile_tcp_client.sh
+share/examples/coturn/scripts/mobile/mobile_tls_client_c2c_tcp_relay.sh
+share/examples/coturn/scripts/mobile/mobile_udp_client.sh
+share/examples/coturn/scripts/oauth.sh
+share/examples/coturn/scripts/pack.sh
+share/examples/coturn/scripts/peer.sh
+share/examples/coturn/scripts/readme.txt
+share/examples/coturn/scripts/restapi/secure_relay_secret.sh
+share/examples/coturn/scripts/restapi/secure_relay_secret_with_db_mongo.sh
+share/examples/coturn/scripts/restapi/secure_relay_secret_with_db_mysql.sh
+share/examples/coturn/scripts/restapi/secure_relay_secret_with_db_psql.sh
+share/examples/coturn/scripts/restapi/secure_relay_secret_with_db_redis.sh
+share/examples/coturn/scripts/restapi/secure_relay_secret_with_db_sqlite.sh
+share/examples/coturn/scripts/restapi/secure_udp_client_with_secret.sh
+share/examples/coturn/scripts/restapi/shared_secret_maintainer.pl
+share/examples/coturn/scripts/selfloadbalance/secure_dos_attack.sh
+share/examples/coturn/scripts/selfloadbalance/secure_relay.sh
+@pkgdir etc

Index: pkgsrc/net/coturn/files/turnserver.sh
diff -u pkgsrc/net/coturn/files/turnserver.sh:1.3 pkgsrc/net/coturn/files/turnserver.sh:1.4
--- pkgsrc/net/coturn/files/turnserver.sh:1.3   Thu Jan 23 17:06:18 2025
+++ pkgsrc/net/coturn/files/turnserver.sh       Thu Jan 23 17:21:26 2025
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $NetBSD: turnserver.sh,v 1.3 2025/01/23 17:06:18 gdt Exp $
+# $NetBSD: turnserver.sh,v 1.4 2025/01/23 17:21:26 gdt Exp $
 #
 # PROVIDE: turnserver
 # REQUIRE: LOGIN
@@ -28,11 +28,13 @@ elif [ -f @SYSCONFBASE@/rc.conf ]; then
 fi
 
 : ${turnserver:=no}
-: ${turnserver_config=@PREFIX@/etc/turnserver.conf}
+: ${turnserver_config=@PKG_SYSCONFDIR@/turnserver.conf}
+: ${coturn_user:=@COTURN_USER@}
+: ${coturn_group:=@COTURN_GROUP@}
 
 pidfile="@VARBASE@/run/${name}.pid"
 command="@PREFIX@/bin/${name}"
-command_args="--daemon -c ${turnserver_config} --pidfile ${pidfile}"
+command_args="--daemon --proc-user ${coturn_user} --proc-group ${coturn_user} -c ${turnserver_config} --pidfile ${pidfile}"
 required_files=${turnserver_config}
 
 if [ -f @SYSCONFBASE@/rc.subr -a -d @SYSCONFBASE@/rc.d -a -f @SYSCONFBASE@/rc.d/DAEMON ]; then

Prev by Date: CVS commit: pkgsrc/net/coturn
Next by Date: CVS commit: pkgsrc/parallel/openmp
Previous by Thread: CVS commit: pkgsrc/net/coturn
Next by Thread: CVS commit: pkgsrc/parallel/openmp
Indexes:

Home | Main Index | Thread Index | Old Index