cd /usr/ports/lang/python/3.X/
make plist
make package
Maybe
env PKG_CREATE_NO_CHECKS=yes make packageEnsure that you dont have a current Python version that may conflict
#thisisugly
Software
Salt 2019.2.7 on OpenBSD 6.6
This is probably not the recommended way but it works.
Do everything below in a OpenBSD 6.6 setup. If you run some other version you can do this using OpenBSD VMM
cd /tmp
ftp https://cdn.openbsd.org/pub/OpenBSD/$(uname -r)/{ports.tar.gz,SHA256.sig}
signify -Cp /etc/signify/openbsd-$(uname -r | cut -c 1,3)-base.pub -x SHA256.sig ports.tar.gz
cd /usr
tar xzf /tmp/ports.tar.gz
cd /usr/ports/sysutils/
cp -r salt salt2019.2.7
cd salt2019.2.7Edit distinfo
SHA256 (salt-2019.2.7.tar.gz) = d648bcfb7f6c3f2e13b5dfd67dec1043fc25cc72ebebec94b00b1dc5b2e1b873
SIZE (salt-2019.2.7.tar.gz) = 14576515Edit Makefile
# $OpenBSD: Makefile,v 1.156 2020/10/05 19:46:18 jca Exp $
# optional dependencies
# https://github.com/saltstack/salt/blob/develop/doc/conf.py
# libvirt-python
# py-GitPython
# py-croniter
# py-django
# py-libcloud (cloud-requirements.txt)
# py-mako
# py-mongo
# py-mysql
# py-pyinotify
# py-openssl
# py-redis
# rabbitmq
COMMENT = remote execution and configuration management system
MODPY_EGG_VERSION = 2019.2.7
REVISION = 0
DISTNAME = salt-${MODPY_EGG_VERSION}
CATEGORIES = sysutils net devel
HOMEPAGE = https://community.saltstack.com/
MAINTAINER = Jasper Lievisse Adriaanse <[email protected]>
# Apache 2.0
PERMIT_PACKAGE = Yes
MODPY_PI = Yes
MODPY_VERSION = ${MODPY_DEFAULT_VERSION_3}
MODPY_SETUPTOOLS = No
MODULES = lang/python
BUILD_DEPENDS = textproc/py-yaml${MODPY_FLAVOR} \
www/py-jinja2${MODPY_FLAVOR} \
www/py-requests${MODPY_FLAVOR}
# requirements/base.txt
RUN_DEPENDS = net/py-msgpack${MODPY_FLAVOR}>=0.5.6 \
textproc/py-MarkupSafe${MODPY_FLAVOR} \
textproc/py-yaml${MODPY_FLAVOR} \
www/py-jinja2${MODPY_FLAVOR} \
www/py-requests${MODPY_FLAVOR} \
www/py-tornado${MODPY_FLAVOR} \
sysutils/py-distro
# requirements/zeromq.txt
RUN_DEPENDS += net/py-zmq${MODPY_FLAVOR} \
security/py-cryptodome${MODPY_FLAVOR}
# salt/output/progress.py
RUN_DEPENDS += devel/py-progressbar${MODPY_FLAVOR}
# salt/modules/x509.py
RUN_DEPENDS += security/py-M2Crypto${MODPY_FLAVOR}
# salt/{beacons,modules}/ps.py
RUN_DEPENDS += sysutils/py-psutil${MODPY_FLAVOR}
# max openfiles, soft: 3072, hard: 4096; DBus system session running...
TEST_IS_INTERACTIVE = Yes
PORTHOME = ${WRKDIST}
TEST_DEPENDS = databases/py-mysqlclient${MODPY_FLAVOR} \
devel/git \
devel/py-gitpython${MODPY_FLAVOR} \
devel/py-pip${MODPY_FLAVOR} \
devel/py-six${MODPY_FLAVOR} \
devel/py-virtualenv${MODPY_FLAVOR} \
devel/subversion \
net/py-libcloud${MODPY_FLAVOR} \
net/rabbitmq \
sysutils/salt-testing \
www/py-CherryPy${MODPY_FLAVOR}
pre-configure:
${SUBST_CMD} ${WRKSRC}/salt/returners/zabbix_return.py
sed -i 's,share/man,man,g' ${WRKSRC}/setup.py
sed -i 's,^#user: root,user: _salt,' ${WRKSRC}/conf/{master,proxy}
post-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/examples
cp -R ${WRKSRC}/conf ${PREFIX}/share/examples/salt
do-test:
cd ${WRKSRC} && \
${MODPY_BIN} tests/runtests.py -v
.include <bsd.port.mk>Now we bake the package
make plist
make packageIf errors
rm /usr/ports/plist/amd64/salt*
in /usr/ports/sysutils/salt2019.2.7/ run:
make clean=dist
make clean
try againSaltstack 2019.2.5 on OpenBSD 6.6
Download ports
This will not always work.
This is not the recommended way and its not a clean way.
This method is only to make it work.
Maybe remove option –single-version-externally-managed not recognized from /usr/ports/lang/python/python.mk
Search for “single-version-externally-managed” in /usr/ports/lang/python/python.port.mk
cp -r /usr/ports/sysutil/salt /usr/ports/sysutil/salt2019.2.5
cd /usr/ports/sysutil/salt2019.2.5
rm -rf patches
Edit distinfo with the new version and correct hash/size
Edit Makefile to the following
# $OpenBSD: Makefile,v 1.135 2019/07/12 20:49:51 sthen Exp $
# optional dependencies
# https://github.com/saltstack/salt/blob/develop/doc/conf.py#L54
# libvirt-python
# py-GitPython
# py-croniter
# py-django
# py-libcloud (cloud-requirements.txt)
# py-mako
# py-mongo
# py-mysql
# py-pyinotify
# py-openssl
# py-redis
# rabbitmq
COMMENT = remote execution and configuration management system
MODPY_EGG_VERSION = 2019.2.5
DISTNAME = salt-${MODPY_EGG_VERSION}
REVISION = 0
CATEGORIES = sysutils net devel
HOMEPAGE = http://saltstack.org/
MAINTAINER = Jasper Lievisse Adriaanse <[email protected]>
# Apache 2.0
PERMIT_PACKAGE = Yes
MODPY_PI = Yes
MODPY_VERSION = ${MODPY_DEFAULT_VERSION_3}
MODPY_SETUPTOOLS = No
MODULES = lang/python
BUILD_DEPENDS = textproc/py-yaml${MODPY_FLAVOR} \
www/py-jinja2${MODPY_FLAVOR} \
www/py-requests${MODPY_FLAVOR}
# requirements/base.txt
RUN_DEPENDS = net/py-msgpack${MODPY_FLAVOR} \
net/py-msgpack${MODPY_FLAVOR} \
textproc/py-MarkupSafe${MODPY_FLAVOR} \
textproc/py-yaml${MODPY_FLAVOR} \
www/py-jinja2${MODPY_FLAVOR} \
www/py-requests${MODPY_FLAVOR} \
www/py-tornado${MODPY_FLAVOR}
# requirements/zeromq.txt
RUN_DEPENDS += net/py-zmq${MODPY_FLAVOR} \
security/py-cryptodome${MODPY_FLAVOR}
# salt/output/progress.py
RUN_DEPENDS += devel/py-progressbar${MODPY_FLAVOR}
# salt/modules/x509.py
RUN_DEPENDS += security/py-M2Crypto${MODPY_FLAVOR}
# max openfiles, soft: 3072, hard: 4096; DBus system session running...
TEST_IS_INTERACTIVE = Yes
PORTHOME = ${WRKDIST}
TEST_DEPENDS = databases/py-mysql${MODPY_FLAVOR} \
devel/git \
devel/py-gitpython${MODPY_FLAVOR} \
devel/py-pip${MODPY_FLAVOR} \
devel/py-six${MODPY_FLAVOR} \
devel/py-virtualenv${MODPY_FLAVOR} \
devel/subversion \
net/py-libcloud${MODPY_FLAVOR} \
net/rabbitmq \
sysutils/salt-testing \
www/py-CherryPy${MODPY_FLAVOR}
# https://github.com/saltstack/salt/pull/45164
post-extract:
cp ${FILESDIR}/{pf,vmctl}.py ${WRKSRC}/salt/modules/
pre-configure:
${SUBST_CMD} ${WRKSRC}/salt/returners/zabbix_return.py
sed -i 's,share/man,man,g' ${WRKSRC}/setup.py
sed -i 's,^#user: root,user: _salt,' ${WRKSRC}/conf/{master,proxy}
post-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/examples
cp -R ${WRKSRC}/conf ${PREFIX}/share/examples/salt
do-test:
cd ${WRKSRC} && \
${MODPY_BIN} tests/runtests.py -v
.include <bsd.port.mk>Then run
make plist
make package
/usr/ports/packages/amd64/all/salt-2019.2.5p0.tgz
The package is unsigned and when installing it the option “-D unsigned” must be used. (https://man.openbsd.org/pkg_add)
Done
Salt Capirca for BSD
Use Salt to generate firewall rules for Open/Free-BSD
Google Capirca
Salt capirca_acl
This is not tested yet.
Since the syntax of pf.conf is not exactly the same between Free/Open-BSD some functions/attributes may not work(?)
Pillar-data:
acl:
- my-filter:
terms:
- my-term:
source_port: [1234, 1235]
action: reject
- my-other-term:
source_port:
- [5678, 5680]
protocol: tcp
action: acceptsudo salt freebsd* capirca.get_policy_config packetfilter
freebsd-lab:
# Packetfilter my-filter Policy
# $Date: 2020/08/19 $
# inet
# term my-term
block return quick inet from { any } port { 1235 1234 } to { any } flags S/SA
# term my-other-term
pass quick inet proto { tcp } from { any } port { 5678:5680 } to { any } flags S/SA keep stateHow to apply to pf.conf
/etc/pf.conf:
file.managed:
- contents: {{ salt.capirca.get_policy_config('packetfilter') }}