summaryrefslogtreecommitdiff
path: root/app-admin/rsyslog
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2019-10-13 22:19:36 +0100
committerV3n3RiX <venerix@redcorelinux.org>2019-10-14 23:22:23 +0100
commit4b19be30aa626b327c885dae62c559ec0e9fb935 (patch)
tree76e74807bc479502e13866b581b6bf86734ec634 /app-admin/rsyslog
parent30d6f67c98d149508509d5e86f176d558793acc0 (diff)
gentoo resync : 13.10.2019
Diffstat (limited to 'app-admin/rsyslog')
-rw-r--r--app-admin/rsyslog/Manifest5
-rw-r--r--app-admin/rsyslog/metadata.xml2
-rw-r--r--app-admin/rsyslog/rsyslog-8.1910.0.ebuild462
3 files changed, 467 insertions, 2 deletions
diff --git a/app-admin/rsyslog/Manifest b/app-admin/rsyslog/Manifest
index f0df7f53384f..b81d405238da 100644
--- a/app-admin/rsyslog/Manifest
+++ b/app-admin/rsyslog/Manifest
@@ -7,10 +7,13 @@ AUX rsyslog.initd-r1 1755 BLAKE2B 768dc0d2bcbf240b7a09e814d681ce65a319cd128ef40b
DIST rsyslog-8.1904.0.tar.gz 2902708 BLAKE2B 515d5e32c2dc6cdd8dd51fc595ad775503438603f28828e9f1a427b184a5a61de32af2ee90334b7d56a9404106d74da47386a18a370278d5a16422a6bb09f556 SHA512 cccb48f06508d7e7c2dd788903f4d7ddb3020cdf6079aea1d52387c56b920f10b08957a79b5d420ccdb54cae50d1da6e5eb80cde9498bceaeda4f6ce37f694fd
DIST rsyslog-8.1907.0.tar.gz 2926855 BLAKE2B 65c674e53bfa960e3fe5c7f41a304cf8736fe72e2391895dde9fdc17fabeb2f92fccab48965d5e1689a5852136a43a3355f89c9fa9d1d1974335ce80204bb4ac SHA512 2aa3f6106e48fa63c6d4389f83e7a3212817c626d04881682236055792cf5c9d8a941638c9a508c470b6a24c934ef5cb0eda65ea25179d98831afbe2a27c1519
DIST rsyslog-8.1908.0.tar.gz 2952939 BLAKE2B c6784753262a71f30f32fc35ad3e3e75fa2af271bdb0a62c2d4796d3d0413c7f619052a5e33c52c5f3b22aa474d14b7bb06e9c502944f914e708265835fd90ff SHA512 66b6755e1f5a610ed8ec3f8fad1ee227f8ff34618a8f2660a801e6f9aa734980190fbffd8144ac30d63f8297a06e86ada65ba838242d8a006bca8e30f56dce80
+DIST rsyslog-8.1910.0.tar.gz 2957635 BLAKE2B ea350d3fb923c2f7d2799942fec6a77ef893fa12bc95a5b1428b8e280d96b562cd864469ebf13ee57e9ea89787765a4bb13d155460defc73a3a85b17ad6a5ab1 SHA512 85f5df91a6357ecb38708b4d569d26804a50ca28c928a636ac7749595f1a7105c3450fbd521835a436ebdfdcac33a33986e09a09026745ea4d1a2897406770d5
DIST rsyslog-doc-8.1904.0.tar.gz 8042650 BLAKE2B 585fe5c63eee1fb46f94dcd3d529045b3900e08c291e0e71ed9bf32a6200e6c7283820b262bd56e9aeb74cc227ecd518caafec5a8f87c1d8523d5d7fd95030aa SHA512 da0ff00fbe71756b3c27fd8b94e88611452c3ba611e583862556393faaaa596ca8f32f694ad40a3e1df67385d9f9ca80db6a58f5d2e336fe95639dd7cd0de828
DIST rsyslog-doc-8.1907.0.tar.gz 8071764 BLAKE2B 90c18a93bb2f2c9158a4696245c44c36ab4c40597d1eb8df8af257f57aa17e71436bd60792c4f982ebc15395abacd53281046e4ae6df65c306f815e6599fb8bc SHA512 72dcddef6e36a92d2bdcf54072fff7516b6c731f43a53ef8f5d4ebdbe46bc7aeb63bbc3e739a6e5897602ea7705c4bdd8f57aa10796955ed772a6c7cf552c5e5
DIST rsyslog-doc-8.1908.0.tar.gz 8082984 BLAKE2B 7f102a215b0c51b961a4e44e97c8a3cd9966215dba44a194a5ff925b8a2b1ad3389461e2de3dae6dfb770bc36c9a31747298bdb7e975d6fa86ca209c9e314ac3 SHA512 d826013de671c895be7becd2a7c5ce1fb218149c6128d486116be6a01fc69099026f5a277b30fc57e626aeb4038e00b17abcad9a45ea3c9838e7041de9d991a5
+DIST rsyslog-doc-8.1910.0.tar.gz 8158007 BLAKE2B 7a05cf7070ba350d0fb939350868ff0dd9d03be46ebd1b1261e54add70ab680afe0b356f563ea9e10148aed17667fc0b729e2fa8f7ff7cff3e4cec9d0da209a8 SHA512 e46f14e40ae690efbe3114a859c1c94c8f9573ca5ebdb533ad4b5ed76c3a930c887cc205e7279fcc546fda3ce624eae507ce08d5d10ee1eb167a957edd742bf2
EBUILD rsyslog-8.1904.0-r1.ebuild 12569 BLAKE2B 119a617375da61a37962edddae9f20888fcac469325b77f07c15141d471a00e62f6647b94d9837990ad7bccc0e85fb071de8b63f411245f9759f2163677fa663 SHA512 2a6514fbe431f61c29a8f261f528458c05e82398a34b4cd810c36cadaf5d355f7678f530f52d9236269eab01c990703b2bdfe2c6b6b8d3ea0005f1f168587a54
EBUILD rsyslog-8.1907.0-r1.ebuild 12546 BLAKE2B d562cb749a8632d6399613667f786dabf472b65b112a5775a9f2977b3a513b25f50454419fb62ff02648e4dc1acf5fb226b7d01d62e70bdbcd1de69f6c6cbb97 SHA512 9d683b5267a57653bbc7f8caff1b8e60e78b6e7dbfc6cb2ba7f63ac80776b75cc1d3ba84c27a9659cfd48e568c01af97423f5450af6173e94a9bb9ae38eda95c
EBUILD rsyslog-8.1908.0.ebuild 12548 BLAKE2B b8fb662688270ee92cc4382bbc39a78e8bf4db46f48e4dcbb4cb3efb0194eb8dffad999cff631199909573590842dd56efc5fb38c05cb88e72ea0bfe5040aa64 SHA512 fabfdc53abf6aab98f7ec7a0ee4381d73155df3a3f1e3dec5b9f8705fa83d336005de173bcbcf34d3a136f5c4565416d35e289c0a827d6fdde63ee5784c656f8
-MISC metadata.xml 3875 BLAKE2B 4281901c6e209ace8f89bf7ec7f036cbabff009da2f080c5b5d77a0639099c8d87ed9925d70e7e3edb6cad8204ebee3a4b74a688b6a22810473a22d90c441347 SHA512 039cd323565bc8e96762bef5b7b34747fffc6d70176397d4be8fd83d1f9dd094e77c21f7005f0d3dc47813ddd97bdbad1ce47ef71a2742ffdbd4145142d2d0b5
+EBUILD rsyslog-8.1910.0.ebuild 12548 BLAKE2B b8fb662688270ee92cc4382bbc39a78e8bf4db46f48e4dcbb4cb3efb0194eb8dffad999cff631199909573590842dd56efc5fb38c05cb88e72ea0bfe5040aa64 SHA512 fabfdc53abf6aab98f7ec7a0ee4381d73155df3a3f1e3dec5b9f8705fa83d336005de173bcbcf34d3a136f5c4565416d35e289c0a827d6fdde63ee5784c656f8
+MISC metadata.xml 3874 BLAKE2B c09a57dcbd88bda6c510ca741e1ee8c5207e5906843fe3ae21c8dd6575c7b104dae74e79e5a27c8bf9f0348673f5c33eb6c4b12fafbb1ba64f1a9f81bd374eaa SHA512 2f7a72017376018aa5d864deb33675d51ab50cd8481dffb7f1421b83d4e07f19a86a90705dbb6191686fc650284e2bcbe30ed0af07082b57eef46dd615778868
diff --git a/app-admin/rsyslog/metadata.xml b/app-admin/rsyslog/metadata.xml
index 7334da40b164..44991a3a81a8 100644
--- a/app-admin/rsyslog/metadata.xml
+++ b/app-admin/rsyslog/metadata.xml
@@ -17,7 +17,7 @@
<flag name="kubernetes">Build the kubernetes modify plugin (requires <pkg>net-misc/curl</pkg>)</flag>
<flag name="libressl">Use <pkg>dev-libs/libressl</pkg> instead of <pkg>dev-libs/openssl</pkg> (you still need to enable functionality which requires OpenSSL)</flag>
<flag name="mdblookup">Build the MaxMind DB lookup message modify plugin using <pkg>dev-libs/libmaxminddb</pkg></flag>
- <flag name="mongodb">Build the MongoDB output module (requires <pkg>dev-libs/libmongo-client</pkg>)</flag>
+ <flag name="mongodb">Build the MongoDB output module (requires <pkg>dev-libs/mongo-c-driver</pkg>)</flag>
<flag name="mysql">Build the MySQL database output module (requires <pkg>virtual/mysql</pkg>)</flag>
<flag name="normalize">Build the normalize modify module (requires <pkg>dev-libs/libee</pkg> and <pkg>dev-libs/liblognorm</pkg>)</flag>
<flag name="omhttp">Build the http output module (requires <pkg>net-misc/curl</pkg>)</flag>
diff --git a/app-admin/rsyslog/rsyslog-8.1910.0.ebuild b/app-admin/rsyslog/rsyslog-8.1910.0.ebuild
new file mode 100644
index 000000000000..09eed323e458
--- /dev/null
+++ b/app-admin/rsyslog/rsyslog-8.1910.0.ebuild
@@ -0,0 +1,462 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+PYTHON_COMPAT=( python{2_7,3_5,3_6,3_7} )
+
+inherit autotools eutils linux-info python-any-r1 systemd
+
+DESCRIPTION="An enhanced multi-threaded syslogd with database support and more"
+HOMEPAGE="https://www.rsyslog.com/"
+
+if [[ ${PV} == "9999" ]]; then
+ EGIT_REPO_URI="https://github.com/rsyslog/${PN}.git"
+
+ DOC_REPO_URI="https://github.com/rsyslog/${PN}-doc.git"
+
+ inherit git-r3
+else
+ KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~x86"
+
+ SRC_URI="
+ https://www.rsyslog.com/files/download/${PN}/${P}.tar.gz
+ doc? ( https://www.rsyslog.com/files/download/${PN}/${PN}-doc-${PV}.tar.gz )
+ "
+fi
+
+LICENSE="GPL-3 LGPL-3 Apache-2.0"
+SLOT="0"
+IUSE="curl dbi debug doc elasticsearch +gcrypt gnutls jemalloc kafka kerberos kubernetes libressl mdblookup"
+IUSE+=" mongodb mysql normalize clickhouse omhttp omhttpfs omudpspoof openssl postgres"
+IUSE+=" rabbitmq redis relp rfc3195 rfc5424hmac snmp ssl systemd test usertools +uuid xxhash zeromq"
+RESTRICT="!test? ( test )"
+
+RDEPEND="
+ >=dev-libs/libfastjson-0.99.8:=
+ >=dev-libs/libestr-0.1.9
+ >=sys-libs/zlib-1.2.5
+ curl? ( >=net-misc/curl-7.35.0 )
+ dbi? ( >=dev-db/libdbi-0.8.3 )
+ elasticsearch? ( >=net-misc/curl-7.35.0 )
+ gcrypt? ( >=dev-libs/libgcrypt-1.5.3:= )
+ jemalloc? ( >=dev-libs/jemalloc-3.3.1:= )
+ kafka? ( >=dev-libs/librdkafka-0.9.0.99:= )
+ kerberos? ( virtual/krb5 )
+ kubernetes? ( >=net-misc/curl-7.35.0 )
+ mdblookup? ( dev-libs/libmaxminddb:= )
+ mongodb? ( >=dev-libs/mongo-c-driver-1.1.10:= )
+ mysql? ( dev-db/mysql-connector-c:= )
+ normalize? (
+ >=dev-libs/liblognorm-2.0.3:=
+ )
+ clickhouse? ( >=net-misc/curl-7.35.0 )
+ omhttpfs? ( >=net-misc/curl-7.35.0 )
+ omudpspoof? ( >=net-libs/libnet-1.1.6 )
+ postgres? ( >=dev-db/postgresql-8.4.20:= )
+ rabbitmq? ( >=net-libs/rabbitmq-c-0.3.0:= )
+ redis? ( >=dev-libs/hiredis-0.11.0:= )
+ relp? ( >=dev-libs/librelp-1.2.17:= )
+ rfc3195? ( >=dev-libs/liblogging-1.0.1:=[rfc3195] )
+ rfc5424hmac? (
+ !libressl? ( >=dev-libs/openssl-0.9.8y:0= )
+ libressl? ( dev-libs/libressl:= )
+ )
+ snmp? ( >=net-analyzer/net-snmp-5.7.2 )
+ ssl? (
+ gnutls? ( >=net-libs/gnutls-2.12.23:0= )
+ openssl? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:0= )
+ )
+ )
+ systemd? ( >=sys-apps/systemd-234 )
+ uuid? ( sys-apps/util-linux:0= )
+ xxhash? ( dev-libs/xxhash:= )
+ zeromq? (
+ >=net-libs/czmq-3.0.2
+ )"
+DEPEND="${RDEPEND}
+ >=sys-devel/autoconf-archive-2015.02.24
+ virtual/pkgconfig
+ elibc_musl? ( sys-libs/queue-standalone )
+ test? (
+ >=dev-libs/liblogging-1.0.1[stdlog]
+ jemalloc? ( <sys-libs/libfaketime-0.9.7 )
+ !jemalloc? ( sys-libs/libfaketime )
+ ${PYTHON_DEPS}
+ )"
+
+REQUIRED_USE="
+ kubernetes? ( normalize )
+ ssl? ( || ( gnutls openssl ) )
+"
+
+if [[ ${PV} == "9999" ]]; then
+ DEPEND+=" doc? ( >=dev-python/sphinx-1.1.3-r7 )"
+ DEPEND+=" >=sys-devel/flex-2.5.39-r1"
+ DEPEND+=" >=sys-devel/bison-2.4.3"
+ DEPEND+=" >=dev-python/docutils-0.12"
+fi
+
+CONFIG_CHECK="~INOTIFY_USER"
+WARNING_INOTIFY_USER="CONFIG_INOTIFY_USER isn't set. Imfile module on this system will only support polling mode!"
+
+pkg_setup() {
+ use test && python-any-r1_pkg_setup
+}
+
+src_unpack() {
+ if [[ ${PV} == "9999" ]]; then
+ git-r3_fetch
+ git-r3_checkout
+ else
+ unpack ${P}.tar.gz
+ fi
+
+ if use doc; then
+ if [[ ${PV} == "9999" ]]; then
+ local _EGIT_BRANCH=
+ if [[ -n "${EGIT_BRANCH}" ]]; then
+ # Cannot use rsyslog commits/branches for documentation repository
+ _EGIT_BRANCH=${EGIT_BRANCH}
+ unset EGIT_BRANCH
+ fi
+
+ git-r3_fetch "${DOC_REPO_URI}"
+ git-r3_checkout "${DOC_REPO_URI}" "${S}"/docs
+
+ if [[ -n "${_EGIT_BRANCH}" ]]; then
+ # Restore previous EGIT_BRANCH information
+ EGIT_BRANCH=${_EGIT_BRANCH}
+ fi
+ else
+ cd "${S}" || die "Cannot change dir into '${S}'"
+ mkdir docs || die "Failed to create docs directory"
+ cd docs || die "Failed to change dir into '${S}/docs'"
+ unpack ${PN}-doc-${PV}.tar.gz
+ fi
+ fi
+}
+
+src_prepare() {
+ default
+
+ # https://github.com/rsyslog/rsyslog/issues/3626
+ sed -i \
+ -e '\|^#!/bin/bash$|a exit 77' \
+ tests/mmkubernetes-cache-expir*.sh \
+ || die "Failed to disabled known test failure mmkubernetes-cache-expir*.sh"
+
+ eautoreconf
+}
+
+src_configure() {
+ # Maintainer notes:
+ # * Guardtime support is missing because libgt isn't yet available
+ # in portage.
+ # * Hadoop's HDFS file system output module is currently not
+ # supported in Gentoo because nobody is able to test it
+ # (JAVA dependency).
+ # * dev-libs/hiredis doesn't provide pkg-config (see #504614,
+ # upstream PR 129 and 136) so we need to export HIREDIS_*
+ # variables because rsyslog's build system depends on pkg-config.
+
+ if use redis; then
+ export HIREDIS_LIBS="-L${EPREFIX}/usr/$(get_libdir) -lhiredis"
+ export HIREDIS_CFLAGS="-I${EPREFIX}/usr/include"
+ fi
+
+ local myeconfargs=(
+ --disable-debug-symbols
+ --disable-generate-man-pages
+ --without-valgrind-testbench
+ --disable-liblogging-stdlog
+ $(use_enable test testbench)
+ $(use_enable test libfaketime)
+ $(use_enable test extended-tests)
+ # Input Plugins without depedencies
+ --enable-imdiag
+ --enable-imfile
+ --enable-impstats
+ --enable-imptcp
+ # Message Modificiation Plugins without depedencies
+ --enable-mmanon
+ --enable-mmaudit
+ --enable-mmcount
+ --enable-mmfields
+ --enable-mmjsonparse
+ --enable-mmpstrucdata
+ --enable-mmrm1stspace
+ --enable-mmsequence
+ --enable-mmutf8fix
+ # Output Modification Plugins without dependencies
+ --enable-mail
+ --enable-omprog
+ --enable-omruleset
+ --enable-omstdout
+ --enable-omuxsock
+ # Misc
+ --enable-fmhash
+ $(use_enable xxhash fmhash-xxhash)
+ --enable-pmaixforwardedfrom
+ --enable-pmciscoios
+ --enable-pmcisconames
+ --enable-pmlastmsg
+ $(use_enable normalize pmnormalize)
+ --enable-pmnull
+ --enable-pmpanngfw
+ --enable-pmsnare
+ # DB
+ $(use_enable dbi libdbi)
+ $(use_enable mongodb ommongodb)
+ $(use_enable mysql)
+ $(use_enable postgres pgsql)
+ $(use_enable redis omhiredis)
+ # Debug
+ $(use_enable debug)
+ $(use_enable debug diagtools)
+ $(use_enable debug valgrind)
+ # Misc
+ $(use_enable clickhouse)
+ $(use_enable curl fmhttp)
+ $(use_enable elasticsearch)
+ $(use_enable gcrypt libgcrypt)
+ $(use_enable jemalloc)
+ $(use_enable kafka imkafka)
+ $(use_enable kafka omkafka)
+ $(use_enable kerberos gssapi-krb5)
+ $(use_enable kubernetes mmkubernetes)
+ $(use_enable normalize mmnormalize)
+ $(use_enable mdblookup mmdblookup)
+ $(use_enable omhttp)
+ $(use_enable omhttpfs)
+ $(use_enable omudpspoof)
+ $(use_enable rabbitmq omrabbitmq)
+ $(use_enable relp)
+ $(use_enable rfc3195)
+ $(use_enable rfc5424hmac mmrfc5424addhmac)
+ $(use_enable snmp)
+ $(use_enable snmp mmsnmptrapd)
+ $(use_enable gnutls)
+ $(use_enable openssl)
+ $(use_enable systemd imjournal)
+ $(use_enable systemd omjournal)
+ $(use_enable usertools)
+ $(use_enable uuid)
+ $(use_enable zeromq imczmq)
+ $(use_enable zeromq omczmq)
+ --with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
+ )
+
+ econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+ default
+
+ if use doc && [[ "${PV}" == "9999" ]]; then
+ einfo "Building documentation ..."
+ local doc_dir="${S}/docs"
+ cd "${doc_dir}" || die "Cannot chdir into \"${doc_dir}\"!"
+ sphinx-build -b html source build || die "Building documentation failed!"
+ fi
+}
+
+src_test() {
+ local _has_increased_ulimit=
+
+ # Sometimes tests aren't executable (i.e. when added via patch)
+ einfo "Adjusting permissions of test scripts ..."
+ find "${S}"/tests -type f -name '*.sh' \! -perm -111 -exec chmod a+x '{}' \; || \
+ die "Failed to adjust test scripts permission"
+
+ if ulimit -n 3072; then
+ _has_increased_ulimit="true"
+ fi
+
+ if ! emake --jobs 1 check; then
+ eerror "Test suite failed! :("
+
+ if [[ -z "${_has_increased_ulimit}" ]]; then
+ eerror "Probably because open file limit couldn't be set to 3072."
+ fi
+
+ if has userpriv ${FEATURES}; then
+ eerror "Please try to reproduce the test suite failure with FEATURES=-userpriv " \
+ "before you submit a bug report."
+ fi
+
+ fi
+}
+
+src_install() {
+ local DOCS=(
+ AUTHORS
+ ChangeLog
+ "${FILESDIR}"/README.gentoo
+ )
+
+ use doc && local HTML_DOCS=( "${S}/docs/build/." )
+
+ default
+
+ newconfd "${FILESDIR}/${PN}.confd-r1" ${PN}
+ newinitd "${FILESDIR}/${PN}.initd-r1" ${PN}
+
+ keepdir /var/empty/dev
+ keepdir /var/spool/${PN}
+ keepdir /etc/ssl/${PN}
+ keepdir /etc/${PN}.d
+
+ insinto /etc
+ newins "${FILESDIR}/${PN}.conf" ${PN}.conf
+
+ insinto /etc/rsyslog.d/
+ newins "${FILESDIR}/50-default-r1.conf" 50-default.conf
+
+ insinto /etc/logrotate.d/
+ newins "${FILESDIR}/${PN}-r1.logrotate" ${PN}
+
+ if use mysql; then
+ insinto /usr/share/doc/${PF}/scripts/mysql
+ doins plugins/ommysql/createDB.sql
+ fi
+
+ if use postgres; then
+ insinto /usr/share/doc/${PF}/scripts/pgsql
+ doins plugins/ompgsql/createDB.sql
+ fi
+
+ prune_libtool_files --modules
+}
+
+pkg_postinst() {
+ local advertise_readme=0
+
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ # This is a new installation
+
+ advertise_readme=1
+
+ if use mysql || use postgres; then
+ echo
+ elog "Sample SQL scripts for MySQL & PostgreSQL have been installed to:"
+ elog " /usr/share/doc/${PF}/scripts"
+ fi
+
+ if use ssl; then
+ echo
+ elog "To create a default CA and certificates for your server and clients, run:"
+ elog " emerge --config =${PF}"
+ elog "on your logging server. You can run it several times,"
+ elog "once for each logging client. The client certificates will be signed"
+ elog "using the CA certificate generated during the first run."
+ fi
+ fi
+
+ if [[ ${advertise_readme} -gt 0 ]]; then
+ # We need to show the README file location
+
+ echo ""
+ elog "Please read"
+ elog ""
+ elog " ${EPREFIX}/usr/share/doc/${PF}/README.gentoo*"
+ elog ""
+ elog "for more details."
+ fi
+}
+
+pkg_config() {
+ if ! use ssl ; then
+ einfo "There is nothing to configure for rsyslog unless you"
+ einfo "used USE=ssl to build it."
+ return 0
+ fi
+
+ # Make sure the certificates directory exists
+ local CERTDIR="${EROOT}/etc/ssl/${PN}"
+ if [[ ! -d "${CERTDIR}" ]]; then
+ mkdir "${CERTDIR}" || die
+ fi
+ einfo "Your certificates will be stored in ${CERTDIR}"
+
+ # Create a default CA if needed
+ if [[ ! -f "${CERTDIR}/${PN}_ca.cert.pem" ]]; then
+ einfo "No CA key and certificate found in ${CERTDIR}, creating them for you..."
+ certtool --generate-privkey \
+ --outfile "${CERTDIR}/${PN}_ca.privkey.pem" &>/dev/null
+ chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+ cat > "${T}/${PF}.$$" <<- _EOF
+ cn = Portage automated CA
+ ca
+ cert_signing_key
+ expiration_days = 3650
+ _EOF
+
+ certtool --generate-self-signed \
+ --load-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+ --outfile "${CERTDIR}/${PN}_ca.cert.pem" \
+ --template "${T}/${PF}.$$" &>/dev/null
+ chmod 400 "${CERTDIR}/${PN}_ca.privkey.pem"
+
+ # Create the server certificate
+ echo
+ einfon "Please type the Common Name of the SERVER you wish to create a certificate for: "
+ read -r CN
+
+ einfo "Creating private key and certificate for server ${CN}..."
+ certtool --generate-privkey \
+ --outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+ chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+ cat > "${T}/${PF}.$$" <<- _EOF
+ cn = ${CN}
+ tls_www_server
+ dns_name = ${CN}
+ expiration_days = 3650
+ _EOF
+
+ certtool --generate-certificate \
+ --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+ --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+ --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+ --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+ --template "${T}/${PF}.$$" &>/dev/null
+ chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+ else
+ einfo "Found existing ${CERTDIR}/${PN}_ca.cert.pem, skipping CA and SERVER creation."
+ fi
+
+ # Create a client certificate
+ echo
+ einfon "Please type the Common Name of the CLIENT you wish to create a certificate for: "
+ read -r CN
+
+ einfo "Creating private key and certificate for client ${CN}..."
+ certtool --generate-privkey \
+ --outfile "${CERTDIR}/${PN}_${CN}.key.pem" &>/dev/null
+ chmod 400 "${CERTDIR}/${PN}_${CN}.key.pem"
+
+ cat > "${T}/${PF}.$$" <<- _EOF
+ cn = ${CN}
+ tls_www_client
+ dns_name = ${CN}
+ expiration_days = 3650
+ _EOF
+
+ certtool --generate-certificate \
+ --outfile "${CERTDIR}/${PN}_${CN}.cert.pem" \
+ --load-privkey "${CERTDIR}/${PN}_${CN}.key.pem" \
+ --load-ca-certificate "${CERTDIR}/${PN}_ca.cert.pem" \
+ --load-ca-privkey "${CERTDIR}/${PN}_ca.privkey.pem" \
+ --template "${T}/${PF}.$$" &>/dev/null
+ chmod 400 "${CERTDIR}/${PN}_${CN}.cert.pem"
+
+ rm -f "${T}/${PF}.$$"
+
+ echo
+ einfo "Here is the documentation on how to encrypt your log traffic:"
+ einfo " https://www.rsyslog.com/doc/rsyslog_tls.html"
+}