reinit the tree, so we can have metadata

author: V3n3RiX <venerix@redcorelinux.org> 2017-10-09 18:53:29 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2017-10-09 18:53:29 +0100
commit: 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
tree: ba5f07bf3f9d22d82e54a462313f5d244036c768 /app-emulation/docker
7 files changed, 1326 insertions, 0 deletions
diff --git a/app-emulation/docker/Manifest b/app-emulation/docker/Manifest
new file mode 100644
index 000000000000..86a67ea1c8a8
--- /dev/null
+++ b/app-emulation/docker/Manifest
@@ -0,0 +1,11 @@
+AUX 1.13.1-split-openrc-log.patch 2008 SHA256 5c0f6d4424f0d6e6ddbc5db20c3cc6d44ad61e08e04bef927adc635a847a148b SHA512 fcbfd67d078aae6e1f02d0db9924cb3d3ed9b64b634e3e19835c9644341d319d1df5da292548892d00e7d38ae6164659deb3cbd3a3b1d6d1f838a69fb22098de WHIRLPOOL 9210eb1974f3029d46f220aa7e6863f9667f6203c6d2599a0c84ecdb593e03228c1ad56ba5aa850cd49b83a87151586f4c1016a7396c3f40c79efa299fff77b2
+DIST docker-17.03.2.tar.gz 7783969 SHA256 171a65c44340c7b5710da6948b0afb9306b126b36c531ddab1a3653fd2980aaa SHA512 9fad6c1fa38f9a14208547ca2d3d6a11a565fe4cebd7b432ccad9e2a57ab4a005df20415d1c797f747a99d309b07d8ec97bb45c67644554622aafe0bf1893e04 WHIRLPOOL e34f04698e4a510ed26c9e8f87510878a940d77dc7558df40173a8ea452a2843327196dea3099844dc389a051e23294671b3bc835120af3ca1f4c9c758de44a3
+DIST docker-17.06.2.tar.gz 9684548 SHA256 cfcb5646db32f52c4c394bc688fff405e585beab4ded64251958804a102a5269 SHA512 0a9b7b122aadef911141ec1f606759e892c0673821ddf5f3247a5b2d4476a20018add84a22c5aca32f0f91c1046e5be6d8d3f9ce65c3e4244896bf061b1eac6b WHIRLPOOL d0cc166319dbf735d67796df3836f79b24b9108327276ca0ba272398cdc70d6fae4649d9097b6dd29e62633ee636a216343e0d3ffd781cf63ef4c7a7c8cea259
+DIST docker-17.09.0.tar.gz 10132253 SHA256 ef1d7f2c48824495e4109426ba85b75c09cc9463b9ba92703e25ffcbe14536ae SHA512 d96570825fb3dc24516b3b9666e935d5277674221452d8a23e6bcd1116f0bb3a2b8b315f47b98f52e681ab79309c099bb3b5c437af942539708ff3126c993638 WHIRLPOOL ca96166ff3573138713d3d45fcfc42cfed99a70e9db17a1763a9e157e6ce3f301fd01ab3c579aacfcbcab7639986e97bbbbc680fbc65edd76047aee079239b6b
+EBUILD docker-17.03.2.ebuild 8320 SHA256 7a83f7993f61edb28427d1864db270483682e21f1ee3498d12c98a316eb0ca6a SHA512 f6f1115d0ef9a55e92fdd927731cd4011a0c69fa38f3a57e96c54d481a86e99c4fe856a2c2931d1fb87077b6a69ebc751157efd6e9402518e6e8862a4534b302 WHIRLPOOL 38e30777580017ddf31af256ab612f2236dbd9c839f6c4e1e2be054fd2c4f39e3f222cec838f1d38fe6f3af0998f52cc3a4dfacbf14122e3585688a7aeb1f48c
+EBUILD docker-17.06.2.ebuild 8712 SHA256 b622233449ca47beb40144057c8b426fbce76ff17ed8c45c8f88ac45c04e0c22 SHA512 1ddfadbbda4edcab0406005debc9ecd2743babfdadf45ade9d88d18197dd5be4ca2b4313f440adec5140e7032103df7cccd2da9cdb63374d938c56792cc7d477 WHIRLPOOL ab9ccf6ba69a79ff7d00b9d9947d93a8e8a380b6efa65049fdb5403d8645229b01926b3db0a6203da68c2fcf01a950da44550e8496f87b3d590154f9d2e10d7d
+EBUILD docker-17.09.0.ebuild 8767 SHA256 5e1ee06656f94a6b7ebee013c2ca7404535ef1eace7f727ed99102dcd19ce699 SHA512 5455e549fbcfa75082e1e0f4211d75439d26b028306ebc9bbecfec36fa951e52d7014e78d8893043194047ddcecbcb0b7fa1c4e2ad947373b1945576b270279f WHIRLPOOL 93f75fd8c11a0700b32aedc3abf90fcdae4c894ae5e0c3077c2bfd838f3cce47508a2277ad0f560ed48828c105b1ea703b18e012429775498402660e7d578863
+EBUILD docker-9999.ebuild 8077 SHA256 a88fd76547a4100ea43224e72e3d4507d3211a3de6f07b60e3f79ebd87919a75 SHA512 a2ec513765edbfb246460aaf41beae4a24e4fc8413ce20702785ac7403de7a0567017dc205b864d343dabfdeff7405e734a9ea9a9584322862b9b19005c285a4 WHIRLPOOL 9e93646899e5e43064f67b37768d526001d070c048555125991c5eb03f55fa9caf043cf13c045ab97eef45e8f737159a4d18f072798725dbc6d13d33dd5e8fd8
+MISC ChangeLog 16614 SHA256 c4a1f03ea867c40c8f3d59df085e2b52f5a65266cd36acd98da7443f383cf106 SHA512 497543224103d2c6229b37d1078ae96f3e5b1513b078071fddcf2658bd0afcf784c7b85fd9edcd9def9caeb35f12e9bae61b19bb0b9ee579c44316ed4d3355e5 WHIRLPOOL 7344124d12051e2cd7fd560c8bc631910de683d20e19d78e4cb9d797be1003b7df05802c094552f7a365033fae9854e24065cc207eabfd2cc7376b6fb787caeb
+MISC ChangeLog-2015 9435 SHA256 36770420e0a23ee8b09a9028adc801e536c3735e355134a7d3c8185642453d44 SHA512 dde3d12dae10732a3822e0c84909285afcf325df948c61bae83852157b14d75e10151577eb3eef9af6ee94e8c292e7faac54e82565bceaf858702cd1e81c72aa WHIRLPOOL 5a3b5916981d5ec1d653b26a2789303301c103d1013d4c28fe11f926b88f200c40d1f59ac8ad750e4c55a70806b1f9c5da028e8966972c84a7ccca7820f9a294
+MISC metadata.xml 1637 SHA256 6b3eaf95a6b653c397447c69884ffe530b3c6da600be7d0cd779721298a8ee41 SHA512 bdaea32036a7f65f7015634d45bdf4f13322f3266cda389b49d2c57ad86e9811731194af5786e312d5ea40dab8b8eb78fc7b79a2ffee186b8eaabae9cc3c7a1b WHIRLPOOL 793eb474cb6bd7c0d978e3ce8ad719e62bc2ad3b024408c7d6695c9f49c19066e6b969bf084a524d606571706381bfd67433b574137c08daf8d74536c6f1ce32
diff --git a/app-emulation/docker/docker-17.03.2.ebuild b/app-emulation/docker/docker-17.03.2.ebuild
new file mode 100644
index 000000000000..d74e50ededca
--- /dev/null
+++ b/app-emulation/docker/docker-17.03.2.ebuild
@@ -0,0 +1,292 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+EGO_PN="github.com/docker/docker"
+
+if [[ ${PV} = *9999* ]]; then
+	# Docker cannot be fetched via "go get", thanks to autogenerated code
+	EGIT_REPO_URI="https://${EGO_PN}.git"
+	EGIT_CHECKOUT_DIR="${WORKDIR}/${P}/src/${EGO_PN}"
+	inherit git-r3
+else
+	MY_PV="${PV/_/-}"
+	DOCKER_GITCOMMIT="f5ec1e2"
+	EGIT_COMMIT="v${MY_PV}-ce"
+	SRC_URI="https://${EGO_PN}/archive/${EGIT_COMMIT}.tar.gz -> ${P}.tar.gz"
+	KEYWORDS="amd64 ~arm"
+	[ "$DOCKER_GITCOMMIT" ] || die "DOCKER_GITCOMMIT must be added manually for each bump!"
+	inherit golang-vcs-snapshot
+fi
+inherit bash-completion-r1 golang-base linux-info systemd udev user
+
+DESCRIPTION="The core functions you need to create Docker images and run Docker containers"
+HOMEPAGE="https://dockerproject.org"
+LICENSE="Apache-2.0"
+SLOT="0"
+IUSE="apparmor aufs btrfs +container-init +device-mapper hardened overlay pkcs11 seccomp"
+
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies
+CDEPEND="
+	>=dev-db/sqlite-3.7.9:3
+	device-mapper? (
+		>=sys-fs/lvm2-2.02.89[thin]
+	)
+	seccomp? ( >=sys-libs/libseccomp-2.2.1 )
+	apparmor? ( sys-libs/libapparmor )
+"
+
+DEPEND="
+	${CDEPEND}
+
+	dev-go/go-md2man
+
+	btrfs? (
+		>=sys-fs/btrfs-progs-3.16.1
+	)
+"
+
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#optional-dependencies
+# Runc/Containerd: Unfortunately docker does not version the releases, in order to avoid 
+# 	incompatiblities we depend on snapshots
+RDEPEND="
+	${CDEPEND}
+
+	!app-emulation/docker-bin
+	>=net-firewall/iptables-1.4
+	sys-process/procps
+	>=dev-vcs/git-1.7
+	>=app-arch/xz-utils-4.9
+
+	>=app-emulation/containerd-0.2.5_p20170308
+	~app-emulation/docker-runc-1.0.0_rc2_p20170308[apparmor?,seccomp?]
+	app-emulation/docker-proxy
+	container-init? ( >=sys-process/tini-0.13.0[static] )
+"
+
+RESTRICT="installsources strip"
+
+S="${WORKDIR}/${P}/src/${EGO_PN}"
+
+# see "contrib/check-config.sh" from upstream's sources
+CONFIG_CHECK="
+	~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS
+	~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG
+	~KEYS
+	~VETH ~BRIDGE ~BRIDGE_NETFILTER
+	~NF_NAT_IPV4 ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE
+	~NETFILTER_XT_MATCH_ADDRTYPE ~NETFILTER_XT_MATCH_CONNTRACK
+	~NF_NAT ~NF_NAT_NEEDED
+	~POSIX_MQUEUE
+
+	~USER_NS
+	~SECCOMP
+	~CGROUP_PIDS
+	~MEMCG_SWAP ~MEMCG_SWAP_ENABLED
+
+	~BLK_CGROUP ~BLK_DEV_THROTTLING ~IOSCHED_CFQ ~CFQ_GROUP_IOSCHED
+	~CGROUP_PERF
+	~CGROUP_HUGETLB
+	~NET_CLS_CGROUP
+	~CFS_BANDWIDTH ~FAIR_GROUP_SCHED ~RT_GROUP_SCHED
+	~IP_VS ~IP_VS_PROTO_TCP ~IP_VS_PROTO_UDP ~IP_VS_NFCT ~IP_VS_RR
+
+	~VXLAN
+	~XFRM_ALGO ~XFRM_USER
+	~IPVLAN
+	~MACVLAN ~DUMMY
+"
+
+ERROR_KEYS="CONFIG_KEYS: is mandatory"
+ERROR_MEMCG_SWAP="CONFIG_MEMCG_SWAP: is required if you wish to limit swap usage of containers"
+ERROR_RESOURCE_COUNTERS="CONFIG_RESOURCE_COUNTERS: is optional for container statistics gathering"
+
+ERROR_BLK_CGROUP="CONFIG_BLK_CGROUP: is optional for container statistics gathering"
+ERROR_IOSCHED_CFQ="CONFIG_IOSCHED_CFQ: is optional for container statistics gathering"
+ERROR_CGROUP_PERF="CONFIG_CGROUP_PERF: is optional for container statistics gathering"
+ERROR_CFS_BANDWIDTH="CONFIG_CFS_BANDWIDTH: is optional for container statistics gathering"
+ERROR_XFRM_ALGO="CONFIG_XFRM_ALGO: is optional for secure networks"
+ERROR_XFRM_USER="CONFIG_XFRM_USER: is optional for secure networks"
+
+PATCHES=(
+	"${FILESDIR}"/1.13.1-split-openrc-log.patch
+)
+
+pkg_setup() {
+	if kernel_is lt 3 10; then
+		ewarn ""
+		ewarn "Using Docker with kernels older than 3.10 is unstable and unsupported."
+		ewarn " - http://docs.docker.com/engine/installation/binaries/#check-kernel-dependencies"
+	fi
+
+	# for where these kernel versions come from, see:
+	# https://www.google.com/search?q=945b2b2d259d1a4364a2799e80e8ff32f8c6ee6f+site%3Akernel.org%2Fpub%2Flinux%2Fkernel+file%3AChangeLog*
+	if ! {
+		kernel_is ge 3 16 \
+		|| { kernel_is 3 15 && kernel_is ge 3 15 5; } \
+		|| { kernel_is 3 14 && kernel_is ge 3 14 12; } \
+		|| { kernel_is 3 12 && kernel_is ge 3 12 25; }
+	}; then
+		ewarn ""
+		ewarn "There is a serious Docker-related kernel panic that has been fixed in 3.16+"
+		ewarn "  (and was backported to 3.15.5+, 3.14.12+, and 3.12.25+)"
+		ewarn ""
+		ewarn "See also https://github.com/docker/docker/issues/2960"
+	fi
+
+	if kernel_is le 3 18; then
+		CONFIG_CHECK+="
+			~RESOURCE_COUNTERS
+		"
+	fi
+
+	if kernel_is le 3 13; then
+		CONFIG_CHECK+="
+			~NETPRIO_CGROUP
+		"
+	else
+		CONFIG_CHECK+="
+			~CGROUP_NET_PRIO
+		"
+	fi
+
+	if kernel_is lt 4 5; then
+		CONFIG_CHECK+="
+			~MEMCG_KMEM
+		"
+		ERROR_MEMCG_KMEM="CONFIG_MEMCG_KMEM: is optional"
+	fi
+
+	if kernel_is lt 4 7; then
+		CONFIG_CHECK+="
+			~DEVPTS_MULTIPLE_INSTANCES
+		"
+	fi
+
+	if use aufs; then
+		CONFIG_CHECK+="
+			~AUFS_FS
+			~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY
+		"
+		ERROR_AUFS_FS="CONFIG_AUFS_FS: is required to be set if and only if aufs-sources are used instead of aufs4/aufs3"
+	fi
+
+	if use btrfs; then
+		CONFIG_CHECK+="
+			~BTRFS_FS
+			~BTRFS_FS_POSIX_ACL
+		"
+	fi
+
+	if use device-mapper; then
+		CONFIG_CHECK+="
+			~BLK_DEV_DM ~DM_THIN_PROVISIONING ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY
+		"
+	fi
+
+	if use overlay; then
+		CONFIG_CHECK+="
+			~OVERLAY_FS ~EXT4_FS_SECURITY ~EXT4_FS_POSIX_ACL
+		"
+	fi
+
+	linux-info_pkg_setup
+
+	# create docker group for the code checking for it in /etc/group
+	enewgroup docker
+}
+
+src_compile() {
+	export GOPATH="${WORKDIR}/${P}:${PWD}/vendor"
+
+	# setup CFLAGS and LDFLAGS for separate build target
+	# see https://github.com/tianon/docker-overlay/pull/10
+	export CGO_CFLAGS="-I${ROOT}/usr/include"
+	export CGO_LDFLAGS="-L${ROOT}/usr/$(get_libdir)"
+
+	# if we're building from a tarball, we need the GITCOMMIT value
+	[ "$DOCKER_GITCOMMIT" ] && export DOCKER_GITCOMMIT
+
+	if use hardened; then
+		sed -i "s/EXTLDFLAGS_STATIC='/&-fno-PIC /" hack/make.sh || die
+		grep -q -- '-fno-PIC' hack/make.sh || die 'hardened sed failed'
+
+		sed  "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \
+			-i hack/make/dynbinary-client || die
+		sed  "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \
+			-i hack/make/dynbinary-daemon || die
+		grep -q -- '-fno-PIC' hack/make/dynbinary-daemon || die 'hardened sed failed'
+		grep -q -- '-fno-PIC' hack/make/dynbinary-client || die 'hardened sed failed'
+	fi
+
+	# let's set up some optional features :)
+	export DOCKER_BUILDTAGS=''
+	for gd in aufs btrfs device-mapper overlay; do
+		if ! use $gd; then
+			DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}"
+		fi
+	done
+
+	for tag in apparmor pkcs11 seccomp; do
+		if use $tag; then
+			DOCKER_BUILDTAGS+=" $tag"
+		fi
+	done
+
+	# time to build!
+	./hack/make.sh dynbinary || die 'dynbinary failed'
+
+	# build the man pages too
+	./man/md2man-all.sh || die "unable to generate man pages"
+}
+
+src_install() {
+	VERSION="$(cat VERSION)"
+	newbin "bundles/$VERSION/dynbinary-client/docker-$VERSION" docker
+	newbin "bundles/$VERSION/dynbinary-daemon/dockerd-$VERSION" dockerd
+	dosym containerd /usr/bin/docker-containerd
+	dosym containerd-shim /usr/bin/docker-containerd-shim
+	dosym runc /usr/bin/docker-runc
+	use container-init && dosym tini /usr/bin/docker-init
+
+	newinitd contrib/init/openrc/docker.initd docker
+	newconfd contrib/init/openrc/docker.confd docker
+
+	systemd_dounit contrib/init/systemd/docker.{service,socket}
+
+	udev_dorules contrib/udev/*.rules
+
+	dodoc AUTHORS CONTRIBUTING.md CHANGELOG.md NOTICE README.md
+	dodoc -r docs/*
+	doman man/man*/*
+
+	dobashcomp contrib/completion/bash/*
+
+	insinto /usr/share/zsh/site-functions
+	doins contrib/completion/zsh/_*
+
+	insinto /usr/share/vim/vimfiles
+	doins -r contrib/syntax/vim/ftdetect
+	doins -r contrib/syntax/vim/syntax
+
+	# note: intentionally not using "doins" so that we preserve +x bits
+	dodir /usr/share/${PN}/contrib
+	cp -R contrib/* "${ED}/usr/share/${PN}/contrib"
+}
+
+pkg_postinst() {
+	udev_reload
+
+	elog
+	elog "To use Docker, the Docker daemon must be running as root. To automatically"
+	elog "start the Docker daemon at boot, add Docker to the default runlevel:"
+	elog "  rc-update add docker default"
+	elog "Similarly for systemd:"
+	elog "  systemctl enable docker.service"
+	elog
+	elog "To use Docker as a non-root user, add yourself to the 'docker' group:"
+	elog "  usermod -aG docker youruser"
+	elog
+}
diff --git a/app-emulation/docker/docker-17.06.2.ebuild b/app-emulation/docker/docker-17.06.2.ebuild
new file mode 100644
index 000000000000..29b50ed130f2
--- /dev/null
+++ b/app-emulation/docker/docker-17.06.2.ebuild
@@ -0,0 +1,314 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+EGO_PN="github.com/docker/docker-ce"
+
+if [[ ${PV} = *9999* ]]; then
+	# Docker cannot be fetched via "go get", thanks to autogenerated code
+	EGIT_REPO_URI="https://${EGO_PN}.git"
+	EGIT_CHECKOUT_DIR="${WORKDIR}/${P}/src/${EGO_PN}"
+	inherit git-r3
+else
+	inherit versionator
+	if [ "$(get_version_component_count)" = 4 ]; then
+		MY_PV="$(replace_version_separator 3 '-ce-')"
+	else
+		MY_PV="$PV-ce"
+	fi
+	DOCKER_GITCOMMIT="cec0b72"
+	EGIT_COMMIT="v${MY_PV}"
+	SRC_URI="https://${EGO_PN}/archive/${EGIT_COMMIT}.tar.gz -> ${P}.tar.gz"
+	KEYWORDS="~amd64 ~arm"
+	[ "$DOCKER_GITCOMMIT" ] || die "DOCKER_GITCOMMIT must be added manually for each bump!"
+	inherit golang-vcs-snapshot
+fi
+inherit bash-completion-r1 golang-base linux-info systemd udev user
+
+DESCRIPTION="The core functions you need to create Docker images and run Docker containers"
+HOMEPAGE="https://dockerproject.org"
+LICENSE="Apache-2.0"
+SLOT="0"
+IUSE="apparmor aufs btrfs +container-init +device-mapper hardened overlay pkcs11 seccomp"
+
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies
+CDEPEND="
+	>=dev-db/sqlite-3.7.9:3
+	device-mapper? (
+		>=sys-fs/lvm2-2.02.89[thin]
+	)
+	seccomp? ( >=sys-libs/libseccomp-2.2.1 )
+	apparmor? ( sys-libs/libapparmor )
+"
+
+DEPEND="
+	${CDEPEND}
+
+	dev-go/go-md2man
+
+	btrfs? (
+		>=sys-fs/btrfs-progs-3.16.1
+	)
+"
+
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#optional-dependencies
+RDEPEND="
+	${CDEPEND}
+	>=net-firewall/iptables-1.4
+	sys-process/procps
+	>=dev-vcs/git-1.7
+	>=app-arch/xz-utils-4.9
+
+	~app-emulation/containerd-0.2.9_p20170605
+	~app-emulation/docker-runc-1.0.0_rc3_p20170706[apparmor?,seccomp?]
+	app-emulation/docker-proxy
+	container-init? ( >=sys-process/tini-0.15.0[static] )
+"
+
+RESTRICT="installsources strip"
+
+S="${WORKDIR}/${P}/src/${EGO_PN}"
+
+# see "contrib/check-config.sh" from upstream's sources
+CONFIG_CHECK="
+	~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS
+	~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG
+	~KEYS
+	~VETH ~BRIDGE ~BRIDGE_NETFILTER
+	~NF_NAT_IPV4 ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE
+	~NETFILTER_XT_MATCH_ADDRTYPE ~NETFILTER_XT_MATCH_CONNTRACK
+	~NF_NAT ~NF_NAT_NEEDED
+	~POSIX_MQUEUE
+
+	~USER_NS
+	~SECCOMP
+	~CGROUP_PIDS
+	~MEMCG_SWAP ~MEMCG_SWAP_ENABLED
+
+	~BLK_CGROUP ~BLK_DEV_THROTTLING ~IOSCHED_CFQ ~CFQ_GROUP_IOSCHED
+	~CGROUP_PERF
+	~CGROUP_HUGETLB
+	~NET_CLS_CGROUP
+	~CFS_BANDWIDTH ~FAIR_GROUP_SCHED ~RT_GROUP_SCHED
+	~IP_VS ~IP_VS_PROTO_TCP ~IP_VS_PROTO_UDP ~IP_VS_NFCT ~IP_VS_RR
+
+	~VXLAN
+	~XFRM_ALGO ~XFRM_USER
+	~IPVLAN
+	~MACVLAN ~DUMMY
+"
+
+ERROR_KEYS="CONFIG_KEYS: is mandatory"
+ERROR_MEMCG_SWAP="CONFIG_MEMCG_SWAP: is required if you wish to limit swap usage of containers"
+ERROR_RESOURCE_COUNTERS="CONFIG_RESOURCE_COUNTERS: is optional for container statistics gathering"
+
+ERROR_BLK_CGROUP="CONFIG_BLK_CGROUP: is optional for container statistics gathering"
+ERROR_IOSCHED_CFQ="CONFIG_IOSCHED_CFQ: is optional for container statistics gathering"
+ERROR_CGROUP_PERF="CONFIG_CGROUP_PERF: is optional for container statistics gathering"
+ERROR_CFS_BANDWIDTH="CONFIG_CFS_BANDWIDTH: is optional for container statistics gathering"
+ERROR_XFRM_ALGO="CONFIG_XFRM_ALGO: is optional for secure networks"
+ERROR_XFRM_USER="CONFIG_XFRM_USER: is optional for secure networks"
+
+pkg_setup() {
+	if kernel_is lt 3 10; then
+		ewarn ""
+		ewarn "Using Docker with kernels older than 3.10 is unstable and unsupported."
+		ewarn " - http://docs.docker.com/engine/installation/binaries/#check-kernel-dependencies"
+	fi
+
+	# for where these kernel versions come from, see:
+	# https://www.google.com/search?q=945b2b2d259d1a4364a2799e80e8ff32f8c6ee6f+site%3Akernel.org%2Fpub%2Flinux%2Fkernel+file%3AChangeLog*
+	if ! {
+		kernel_is ge 3 16 \
+		|| { kernel_is 3 15 && kernel_is ge 3 15 5; } \
+		|| { kernel_is 3 14 && kernel_is ge 3 14 12; } \
+		|| { kernel_is 3 12 && kernel_is ge 3 12 25; }
+	}; then
+		ewarn ""
+		ewarn "There is a serious Docker-related kernel panic that has been fixed in 3.16+"
+		ewarn "  (and was backported to 3.15.5+, 3.14.12+, and 3.12.25+)"
+		ewarn ""
+		ewarn "See also https://github.com/docker/docker/issues/2960"
+	fi
+
+	if kernel_is le 3 18; then
+		CONFIG_CHECK+="
+			~RESOURCE_COUNTERS
+		"
+	fi
+
+	if kernel_is le 3 13; then
+		CONFIG_CHECK+="
+			~NETPRIO_CGROUP
+		"
+	else
+		CONFIG_CHECK+="
+			~CGROUP_NET_PRIO
+		"
+	fi
+
+	if kernel_is lt 4 5; then
+		CONFIG_CHECK+="
+			~MEMCG_KMEM
+		"
+		ERROR_MEMCG_KMEM="CONFIG_MEMCG_KMEM: is optional"
+	fi
+
+	if kernel_is lt 4 7; then
+		CONFIG_CHECK+="
+			~DEVPTS_MULTIPLE_INSTANCES
+		"
+	fi
+
+	if use aufs; then
+		CONFIG_CHECK+="
+			~AUFS_FS
+			~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY
+		"
+		ERROR_AUFS_FS="CONFIG_AUFS_FS: is required to be set if and only if aufs-sources are used instead of aufs4/aufs3"
+	fi
+
+	if use btrfs; then
+		CONFIG_CHECK+="
+			~BTRFS_FS
+			~BTRFS_FS_POSIX_ACL
+		"
+	fi
+
+	if use device-mapper; then
+		CONFIG_CHECK+="
+			~BLK_DEV_DM ~DM_THIN_PROVISIONING ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY
+		"
+	fi
+
+	if use overlay; then
+		CONFIG_CHECK+="
+			~OVERLAY_FS ~EXT4_FS_SECURITY ~EXT4_FS_POSIX_ACL
+		"
+	fi
+
+	linux-info_pkg_setup
+
+	# create docker group for the code checking for it in /etc/group
+	enewgroup docker
+}
+
+src_compile() {
+	export GOPATH="${WORKDIR}/${P}"
+
+	# setup CFLAGS and LDFLAGS for separate build target
+	# see https://github.com/tianon/docker-overlay/pull/10
+	export CGO_CFLAGS="-I${ROOT}/usr/include"
+	export CGO_LDFLAGS="-L${ROOT}/usr/$(get_libdir)"
+
+	# if we're building from a tarball, we need the GITCOMMIT value
+	[ "$DOCKER_GITCOMMIT" ] && export DOCKER_GITCOMMIT
+
+	# fake golang layout
+	ln -s docker-ce/components/engine ../docker || die
+	ln -s docker-ce/components/cli ../cli || die
+
+	# let's set up some optional features :)
+	export DOCKER_BUILDTAGS=''
+	for gd in aufs btrfs device-mapper overlay; do
+		if ! use $gd; then
+			DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}"
+		fi
+	done
+
+	for tag in apparmor pkcs11 seccomp; do
+		if use $tag; then
+			DOCKER_BUILDTAGS+=" $tag"
+		fi
+	done
+
+	pushd components/engine || die
+
+	if use hardened; then
+		sed -i "s/EXTLDFLAGS_STATIC='/&-fno-PIC /" hack/make.sh || die
+		grep -q -- '-fno-PIC' hack/make.sh || die 'hardened sed failed'
+		sed  "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \
+			-i hack/make/dynbinary-daemon || die
+		grep -q -- '-fno-PIC' hack/make/dynbinary-daemon || die 'hardened sed failed'
+	fi
+
+	# build daemon
+	./hack/make.sh dynbinary || die 'dynbinary failed'
+
+	popd || die # components/engine
+
+	pushd components/cli || die
+
+	# build cli
+	emake \
+		LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" \
+		VERSION="$(cat ../../VERSION)" \
+		GITCOMMIT="${DOCKER_GITCOMMIT}" \
+		dynbinary || die
+
+	# build man pages
+	go build -o gen-manpages github.com/docker/cli/man || die
+	./gen-manpages --root . --target ./man/man1 || die
+	./man/md2man-all.sh -q || die
+	rm gen-manpages || die
+	# see "components/cli/scripts/docs/generate-man.sh" (which also does "go get" for go-md2man) 
+
+	popd || die # components/cli
+}
+
+src_install() {
+	dosym containerd /usr/bin/docker-containerd
+	dosym containerd-shim /usr/bin/docker-containerd-shim
+	dosym runc /usr/bin/docker-runc
+	use container-init && dosym tini /usr/bin/docker-init
+
+	pushd components/engine || die
+	newbin "$(readlink -f bundles/latest/dynbinary-daemon/dockerd)" dockerd
+
+	newinitd contrib/init/openrc/docker.initd docker
+	newconfd contrib/init/openrc/docker.confd docker
+
+	systemd_dounit contrib/init/systemd/docker.{service,socket}
+
+	udev_dorules contrib/udev/*.rules
+
+	dodoc AUTHORS CONTRIBUTING.md CHANGELOG.md NOTICE README.md
+	dodoc -r docs/*
+
+	insinto /usr/share/vim/vimfiles
+	doins -r contrib/syntax/vim/ftdetect
+	doins -r contrib/syntax/vim/syntax
+
+	# note: intentionally not using "doins" so that we preserve +x bits
+	dodir /usr/share/${PN}/contrib
+	cp -R contrib/* "${ED}/usr/share/${PN}/contrib"
+	popd || die # components/engine
+
+	pushd components/cli || die
+
+	newbin build/docker-* docker
+
+	doman man/man*/*
+
+	dobashcomp contrib/completion/bash/*
+	insinto /usr/share/zsh/site-functions
+	doins contrib/completion/zsh/_*
+	popd || die # components/cli
+}
+
+pkg_postinst() {
+	udev_reload
+
+	elog
+	elog "To use Docker, the Docker daemon must be running as root. To automatically"
+	elog "start the Docker daemon at boot, add Docker to the default runlevel:"
+	elog "  rc-update add docker default"
+	elog "Similarly for systemd:"
+	elog "  systemctl enable docker.service"
+	elog
+	elog "To use Docker as a non-root user, add yourself to the 'docker' group:"
+	elog "  usermod -aG docker youruser"
+	elog
+}
diff --git a/app-emulation/docker/docker-17.09.0.ebuild b/app-emulation/docker/docker-17.09.0.ebuild
new file mode 100644
index 000000000000..4f2669f8f5a1
--- /dev/null
+++ b/app-emulation/docker/docker-17.09.0.ebuild
@@ -0,0 +1,315 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+EGO_PN="github.com/docker/docker-ce"
+
+if [[ ${PV} = *9999* ]]; then
+	# Docker cannot be fetched via "go get", thanks to autogenerated code
+	EGIT_REPO_URI="https://${EGO_PN}.git"
+	EGIT_CHECKOUT_DIR="${WORKDIR}/${P}/src/${EGO_PN}"
+	inherit git-r3
+else
+	inherit versionator
+	if [ "$(get_version_component_count)" = 4 ]; then
+		MY_PV="$(replace_version_separator 3 '-ce-')"
+	else
+		MY_PV="$PV-ce"
+	fi
+	DOCKER_GITCOMMIT="afdb6d4"
+	EGIT_COMMIT="v${MY_PV}"
+	SRC_URI="https://${EGO_PN}/archive/${EGIT_COMMIT}.tar.gz -> ${P}.tar.gz"
+	KEYWORDS="~amd64 ~arm"
+	[ "$DOCKER_GITCOMMIT" ] || die "DOCKER_GITCOMMIT must be added manually for each bump!"
+	inherit golang-vcs-snapshot
+fi
+inherit bash-completion-r1 golang-base linux-info systemd udev user
+
+DESCRIPTION="The core functions you need to create Docker images and run Docker containers"
+HOMEPAGE="https://dockerproject.org"
+LICENSE="Apache-2.0"
+SLOT="0"
+IUSE="apparmor aufs btrfs +container-init +device-mapper hardened overlay pkcs11 seccomp"
+
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies
+CDEPEND="
+	>=dev-db/sqlite-3.7.9:3
+	device-mapper? (
+		>=sys-fs/lvm2-2.02.89[thin]
+	)
+	seccomp? ( >=sys-libs/libseccomp-2.2.1 )
+	apparmor? ( sys-libs/libapparmor )
+"
+
+DEPEND="
+	${CDEPEND}
+
+	dev-go/go-md2man
+
+	btrfs? (
+		>=sys-fs/btrfs-progs-3.16.1
+	)
+"
+
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#optional-dependencies
+RDEPEND="
+	${CDEPEND}
+	>=net-firewall/iptables-1.4
+	sys-process/procps
+	>=dev-vcs/git-1.7
+	>=app-arch/xz-utils-4.9
+
+	~app-emulation/containerd-0.2.9_p20170917
+	~app-emulation/docker-runc-1.0.0_rc4_p20170917[apparmor?,seccomp?]
+	>=app-emulation/docker-proxy-0.8.0_p20170917
+	container-init? ( >=sys-process/tini-0.16.1[static] )
+"
+
+RESTRICT="installsources strip"
+
+S="${WORKDIR}/${P}/src/${EGO_PN}"
+
+# see "contrib/check-config.sh" from upstream's sources
+CONFIG_CHECK="
+	~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS
+	~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG
+	~KEYS
+	~VETH ~BRIDGE ~BRIDGE_NETFILTER
+	~NF_NAT_IPV4 ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE
+	~NETFILTER_XT_MATCH_ADDRTYPE ~NETFILTER_XT_MATCH_CONNTRACK
+	~NF_NAT ~NF_NAT_NEEDED
+	~POSIX_MQUEUE
+
+	~USER_NS
+	~SECCOMP
+	~CGROUP_PIDS
+	~MEMCG_SWAP ~MEMCG_SWAP_ENABLED
+
+	~BLK_CGROUP ~BLK_DEV_THROTTLING ~IOSCHED_CFQ ~CFQ_GROUP_IOSCHED
+	~CGROUP_PERF
+	~CGROUP_HUGETLB
+	~NET_CLS_CGROUP
+	~CFS_BANDWIDTH ~FAIR_GROUP_SCHED ~RT_GROUP_SCHED
+	~IP_VS ~IP_VS_PROTO_TCP ~IP_VS_PROTO_UDP ~IP_VS_NFCT ~IP_VS_RR
+
+	~VXLAN
+	~XFRM_ALGO ~XFRM_USER
+	~IPVLAN
+	~MACVLAN ~DUMMY
+"
+
+ERROR_KEYS="CONFIG_KEYS: is mandatory"
+ERROR_MEMCG_SWAP="CONFIG_MEMCG_SWAP: is required if you wish to limit swap usage of containers"
+ERROR_RESOURCE_COUNTERS="CONFIG_RESOURCE_COUNTERS: is optional for container statistics gathering"
+
+ERROR_BLK_CGROUP="CONFIG_BLK_CGROUP: is optional for container statistics gathering"
+ERROR_IOSCHED_CFQ="CONFIG_IOSCHED_CFQ: is optional for container statistics gathering"
+ERROR_CGROUP_PERF="CONFIG_CGROUP_PERF: is optional for container statistics gathering"
+ERROR_CFS_BANDWIDTH="CONFIG_CFS_BANDWIDTH: is optional for container statistics gathering"
+ERROR_XFRM_ALGO="CONFIG_XFRM_ALGO: is optional for secure networks"
+ERROR_XFRM_USER="CONFIG_XFRM_USER: is optional for secure networks"
+
+pkg_setup() {
+	if kernel_is lt 3 10; then
+		ewarn ""
+		ewarn "Using Docker with kernels older than 3.10 is unstable and unsupported."
+		ewarn " - http://docs.docker.com/engine/installation/binaries/#check-kernel-dependencies"
+	fi
+
+	# for where these kernel versions come from, see:
+	# https://www.google.com/search?q=945b2b2d259d1a4364a2799e80e8ff32f8c6ee6f+site%3Akernel.org%2Fpub%2Flinux%2Fkernel+file%3AChangeLog*
+	if ! {
+		kernel_is ge 3 16 \
+		|| { kernel_is 3 15 && kernel_is ge 3 15 5; } \
+		|| { kernel_is 3 14 && kernel_is ge 3 14 12; } \
+		|| { kernel_is 3 12 && kernel_is ge 3 12 25; }
+	}; then
+		ewarn ""
+		ewarn "There is a serious Docker-related kernel panic that has been fixed in 3.16+"
+		ewarn "  (and was backported to 3.15.5+, 3.14.12+, and 3.12.25+)"
+		ewarn ""
+		ewarn "See also https://github.com/docker/docker/issues/2960"
+	fi
+
+	if kernel_is le 3 18; then
+		CONFIG_CHECK+="
+			~RESOURCE_COUNTERS
+		"
+	fi
+
+	if kernel_is le 3 13; then
+		CONFIG_CHECK+="
+			~NETPRIO_CGROUP
+		"
+	else
+		CONFIG_CHECK+="
+			~CGROUP_NET_PRIO
+		"
+	fi
+
+	if kernel_is lt 4 5; then
+		CONFIG_CHECK+="
+			~MEMCG_KMEM
+		"
+		ERROR_MEMCG_KMEM="CONFIG_MEMCG_KMEM: is optional"
+	fi
+
+	if kernel_is lt 4 7; then
+		CONFIG_CHECK+="
+			~DEVPTS_MULTIPLE_INSTANCES
+		"
+	fi
+
+	if use aufs; then
+		CONFIG_CHECK+="
+			~AUFS_FS
+			~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY
+		"
+		ERROR_AUFS_FS="CONFIG_AUFS_FS: is required to be set if and only if aufs-sources are used instead of aufs4/aufs3"
+	fi
+
+	if use btrfs; then
+		CONFIG_CHECK+="
+			~BTRFS_FS
+			~BTRFS_FS_POSIX_ACL
+		"
+	fi
+
+	if use device-mapper; then
+		CONFIG_CHECK+="
+			~BLK_DEV_DM ~DM_THIN_PROVISIONING ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY
+		"
+	fi
+
+	if use overlay; then
+		CONFIG_CHECK+="
+			~OVERLAY_FS ~EXT4_FS_SECURITY ~EXT4_FS_POSIX_ACL
+		"
+	fi
+
+	linux-info_pkg_setup
+
+	# create docker group for the code checking for it in /etc/group
+	enewgroup docker
+}
+
+src_compile() {
+	export GOPATH="${WORKDIR}/${P}"
+
+	# setup CFLAGS and LDFLAGS for separate build target
+	# see https://github.com/tianon/docker-overlay/pull/10
+	export CGO_CFLAGS="-I${ROOT}/usr/include"
+	export CGO_LDFLAGS="-L${ROOT}/usr/$(get_libdir)"
+
+	# if we're building from a tarball, we need the GITCOMMIT value
+	[ "$DOCKER_GITCOMMIT" ] && export DOCKER_GITCOMMIT
+
+	# fake golang layout
+	ln -s docker-ce/components/engine ../docker || die
+	ln -s docker-ce/components/cli ../cli || die
+
+	# let's set up some optional features :)
+	export DOCKER_BUILDTAGS=''
+	for gd in aufs btrfs device-mapper overlay; do
+		if ! use $gd; then
+			DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}"
+		fi
+	done
+
+	for tag in apparmor pkcs11 seccomp; do
+		if use $tag; then
+			DOCKER_BUILDTAGS+=" $tag"
+		fi
+	done
+
+	pushd components/engine || die
+
+	if use hardened; then
+		sed -i "s/EXTLDFLAGS_STATIC='/&-fno-PIC /" hack/make.sh || die
+		grep -q -- '-fno-PIC' hack/make.sh || die 'hardened sed failed'
+		sed  "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \
+			-i hack/make/dynbinary-daemon || die
+		grep -q -- '-fno-PIC' hack/make/dynbinary-daemon || die 'hardened sed failed'
+	fi
+
+	# build daemon
+	./hack/make.sh dynbinary || die 'dynbinary failed'
+
+	popd || die # components/engine
+
+	pushd components/cli || die
+
+	# build cli
+	emake \
+		LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" \
+		VERSION="$(cat ../../VERSION)" \
+		GITCOMMIT="${DOCKER_GITCOMMIT}" \
+		DISABLE_WARN_OUTSIDE_CONTAINER=1 \
+		dynbinary || die
+
+	# build man pages
+	go build -o gen-manpages github.com/docker/cli/man || die
+	./gen-manpages --root . --target ./man/man1 || die
+	./man/md2man-all.sh -q || die
+	rm gen-manpages || die
+	# see "components/cli/scripts/docs/generate-man.sh" (which also does "go get" for go-md2man) 
+
+	popd || die # components/cli
+}
+
+src_install() {
+	dosym containerd /usr/bin/docker-containerd
+	dosym containerd-shim /usr/bin/docker-containerd-shim
+	dosym runc /usr/bin/docker-runc
+	use container-init && dosym tini /usr/bin/docker-init
+
+	pushd components/engine || die
+	newbin "$(readlink -f bundles/latest/dynbinary-daemon/dockerd)" dockerd
+
+	newinitd contrib/init/openrc/docker.initd docker
+	newconfd contrib/init/openrc/docker.confd docker
+
+	systemd_dounit contrib/init/systemd/docker.{service,socket}
+
+	udev_dorules contrib/udev/*.rules
+
+	dodoc AUTHORS CONTRIBUTING.md CHANGELOG.md NOTICE README.md
+	dodoc -r docs/*
+
+	insinto /usr/share/vim/vimfiles
+	doins -r contrib/syntax/vim/ftdetect
+	doins -r contrib/syntax/vim/syntax
+
+	# note: intentionally not using "doins" so that we preserve +x bits
+	dodir /usr/share/${PN}/contrib
+	cp -R contrib/* "${ED}/usr/share/${PN}/contrib"
+	popd || die # components/engine
+
+	pushd components/cli || die
+
+	newbin build/docker-* docker
+
+	doman man/man*/*
+
+	dobashcomp contrib/completion/bash/*
+	insinto /usr/share/zsh/site-functions
+	doins contrib/completion/zsh/_*
+	popd || die # components/cli
+}
+
+pkg_postinst() {
+	udev_reload
+
+	elog
+	elog "To use Docker, the Docker daemon must be running as root. To automatically"
+	elog "start the Docker daemon at boot, add Docker to the default runlevel:"
+	elog "  rc-update add docker default"
+	elog "Similarly for systemd:"
+	elog "  systemctl enable docker.service"
+	elog
+	elog "To use Docker as a non-root user, add yourself to the 'docker' group:"
+	elog "  usermod -aG docker youruser"
+	elog
+}
diff --git a/app-emulation/docker/docker-9999.ebuild b/app-emulation/docker/docker-9999.ebuild
new file mode 100644
index 000000000000..c8755d6b0d83
--- /dev/null
+++ b/app-emulation/docker/docker-9999.ebuild
@@ -0,0 +1,286 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+EGO_PN="github.com/docker/docker"
+
+if [[ ${PV} = *9999* ]]; then
+	# Docker cannot be fetched via "go get", thanks to autogenerated code
+	EGIT_REPO_URI="https://${EGO_PN}.git"
+	EGIT_CHECKOUT_DIR="${WORKDIR}/${P}/src/${EGO_PN}"
+	inherit git-r3
+else
+	MY_PV="${PV/_/-}"
+	DOCKER_GITCOMMIT=""
+	EGIT_COMMIT="v${MY_PV}"
+	SRC_URI="https://${EGO_PN}/archive/${EGIT_COMMIT}.tar.gz -> ${P}.tar.gz"
+	KEYWORDS="~amd64"
+	[ "$DOCKER_GITCOMMIT" ] || die "DOCKER_GITCOMMIT must be added manually for each bump!"
+	inherit golang-vcs-snapshot
+fi
+inherit bash-completion-r1 golang-base linux-info systemd udev user
+
+DESCRIPTION="The core functions you need to create Docker images and run Docker containers"
+HOMEPAGE="https://dockerproject.org"
+LICENSE="Apache-2.0"
+SLOT="0"
+IUSE="apparmor aufs btrfs +container-init +device-mapper hardened overlay pkcs11 seccomp"
+
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies
+CDEPEND="
+	>=dev-db/sqlite-3.7.9:3
+	device-mapper? (
+		>=sys-fs/lvm2-2.02.89[thin]
+	)
+	seccomp? ( >=sys-libs/libseccomp-2.2.1 )
+	apparmor? ( sys-libs/libapparmor )
+"
+
+DEPEND="
+	${CDEPEND}
+
+	dev-go/go-md2man
+
+	btrfs? (
+		>=sys-fs/btrfs-progs-3.16.1
+	)
+"
+
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#optional-dependencies
+RDEPEND="
+	${CDEPEND}
+
+	!app-emulation/docker-bin
+	>=net-firewall/iptables-1.4
+	sys-process/procps
+	>=dev-vcs/git-1.7
+	>=app-arch/xz-utils-4.9
+
+	>=app-emulation/containerd-0.2.5
+	app-emulation/runc[apparmor?,seccomp?]
+	app-emulation/docker-proxy
+	container-init? ( >=sys-process/tini-0.13.0[static] )
+"
+
+RESTRICT="installsources strip"
+
+S="${WORKDIR}/${P}/src/${EGO_PN}"
+
+# see "contrib/check-config.sh" from upstream's sources
+CONFIG_CHECK="
+	~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS
+	~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG
+	~KEYS
+	~VETH ~BRIDGE ~BRIDGE_NETFILTER
+	~NF_NAT_IPV4 ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE
+	~NETFILTER_XT_MATCH_ADDRTYPE ~NETFILTER_XT_MATCH_CONNTRACK
+	~NF_NAT ~NF_NAT_NEEDED
+	~POSIX_MQUEUE
+
+	~USER_NS
+	~SECCOMP
+	~CGROUP_PIDS
+	~MEMCG_SWAP ~MEMCG_SWAP_ENABLED
+
+	~BLK_CGROUP ~BLK_DEV_THROTTLING ~IOSCHED_CFQ ~CFQ_GROUP_IOSCHED
+	~CGROUP_PERF
+	~CGROUP_HUGETLB
+	~NET_CLS_CGROUP
+	~CFS_BANDWIDTH ~FAIR_GROUP_SCHED ~RT_GROUP_SCHED
+	~IP_VS ~IP_VS_PROTO_TCP ~IP_VS_PROTO_UDP ~IP_VS_NFCT ~IP_VS_RR
+
+	~VXLAN
+	~XFRM_ALGO ~XFRM_USER
+	~IPVLAN
+	~MACVLAN ~DUMMY
+"
+
+ERROR_KEYS="CONFIG_KEYS: is mandatory"
+ERROR_MEMCG_SWAP="CONFIG_MEMCG_SWAP: is required if you wish to limit swap usage of containers"
+ERROR_RESOURCE_COUNTERS="CONFIG_RESOURCE_COUNTERS: is optional for container statistics gathering"
+
+ERROR_BLK_CGROUP="CONFIG_BLK_CGROUP: is optional for container statistics gathering"
+ERROR_IOSCHED_CFQ="CONFIG_IOSCHED_CFQ: is optional for container statistics gathering"
+ERROR_CGROUP_PERF="CONFIG_CGROUP_PERF: is optional for container statistics gathering"
+ERROR_CFS_BANDWIDTH="CONFIG_CFS_BANDWIDTH: is optional for container statistics gathering"
+ERROR_XFRM_ALGO="CONFIG_XFRM_ALGO: is optional for secure networks"
+ERROR_XFRM_USER="CONFIG_XFRM_USER: is optional for secure networks"
+
+pkg_setup() {
+	if kernel_is lt 3 10; then
+		ewarn ""
+		ewarn "Using Docker with kernels older than 3.10 is unstable and unsupported."
+		ewarn " - http://docs.docker.com/engine/installation/binaries/#check-kernel-dependencies"
+	fi
+
+	# for where these kernel versions come from, see:
+	# https://www.google.com/search?q=945b2b2d259d1a4364a2799e80e8ff32f8c6ee6f+site%3Akernel.org%2Fpub%2Flinux%2Fkernel+file%3AChangeLog*
+	if ! {
+		kernel_is ge 3 16 \
+		|| { kernel_is 3 15 && kernel_is ge 3 15 5; } \
+		|| { kernel_is 3 14 && kernel_is ge 3 14 12; } \
+		|| { kernel_is 3 12 && kernel_is ge 3 12 25; }
+	}; then
+		ewarn ""
+		ewarn "There is a serious Docker-related kernel panic that has been fixed in 3.16+"
+		ewarn "  (and was backported to 3.15.5+, 3.14.12+, and 3.12.25+)"
+		ewarn ""
+		ewarn "See also https://github.com/docker/docker/issues/2960"
+	fi
+
+	if kernel_is le 3 18; then
+		CONFIG_CHECK+="
+			~RESOURCE_COUNTERS
+		"
+	fi
+
+	if kernel_is le 3 13; then
+		CONFIG_CHECK+="
+			~NETPRIO_CGROUP
+		"
+	else
+		CONFIG_CHECK+="
+			~CGROUP_NET_PRIO
+		"
+	fi
+
+	if kernel_is lt 4 5; then
+		CONFIG_CHECK+="
+			~MEMCG_KMEM
+		"
+		ERROR_MEMCG_KMEM="CONFIG_MEMCG_KMEM: is optional"
+	fi
+
+	if kernel_is lt 4 7; then
+		CONFIG_CHECK+="
+			~DEVPTS_MULTIPLE_INSTANCES
+		"
+	fi
+
+	if use aufs; then
+		CONFIG_CHECK+="
+			~AUFS_FS
+			~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY
+		"
+		ERROR_AUFS_FS="CONFIG_AUFS_FS: is required to be set if and only if aufs-sources are used instead of aufs4/aufs3"
+	fi
+
+	if use btrfs; then
+		CONFIG_CHECK+="
+			~BTRFS_FS
+			~BTRFS_FS_POSIX_ACL
+		"
+	fi
+
+	if use device-mapper; then
+		CONFIG_CHECK+="
+			~BLK_DEV_DM ~DM_THIN_PROVISIONING ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY
+		"
+	fi
+
+	if use overlay; then
+		CONFIG_CHECK+="
+			~OVERLAY_FS ~EXT4_FS_SECURITY ~EXT4_FS_POSIX_ACL
+		"
+	fi
+
+	linux-info_pkg_setup
+
+	# create docker group for the code checking for it in /etc/group
+	enewgroup docker
+}
+
+src_compile() {
+	export GOPATH="${WORKDIR}/${P}:${PWD}/vendor"
+
+	# setup CFLAGS and LDFLAGS for separate build target
+	# see https://github.com/tianon/docker-overlay/pull/10
+	export CGO_CFLAGS="-I${ROOT}/usr/include"
+	export CGO_LDFLAGS="-L${ROOT}/usr/$(get_libdir)"
+
+	# if we're building from a tarball, we need the GITCOMMIT value
+	[ "$DOCKER_GITCOMMIT" ] && export DOCKER_GITCOMMIT
+
+	if use hardened; then
+		sed -i "s/EXTLDFLAGS_STATIC='/&-fno-PIC /" hack/make.sh || die
+		grep -q -- '-fno-PIC' hack/make.sh || die 'hardened sed failed'
+
+		sed  "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \
+			-i hack/make/dynbinary-client || die
+		sed  "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \
+			-i hack/make/dynbinary-daemon || die
+		grep -q -- '-fno-PIC' hack/make/dynbinary-daemon || die 'hardened sed failed'
+		grep -q -- '-fno-PIC' hack/make/dynbinary-client || die 'hardened sed failed'
+	fi
+
+	# let's set up some optional features :)
+	export DOCKER_BUILDTAGS=''
+	for gd in aufs btrfs device-mapper overlay; do
+		if ! use $gd; then
+			DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}"
+		fi
+	done
+
+	for tag in apparmor pkcs11 seccomp; do
+		if use $tag; then
+			DOCKER_BUILDTAGS+=" $tag"
+		fi
+	done
+
+	# time to build!
+	./hack/make.sh dynbinary || die 'dynbinary failed'
+
+	# build the man pages too
+	./man/md2man-all.sh || die "unable to generate man pages"
+}
+
+src_install() {
+	VERSION="$(cat VERSION)"
+	newbin "bundles/$VERSION/dynbinary-client/docker-$VERSION" docker
+	newbin "bundles/$VERSION/dynbinary-daemon/dockerd-$VERSION" dockerd
+	dosym containerd /usr/bin/docker-containerd
+	dosym containerd-shim /usr/bin/docker-containerd-shim
+	dosym runc /usr/bin/docker-runc
+	use container-init && dosym tini /usr/bin/docker-init
+
+	newinitd contrib/init/openrc/docker.initd docker
+	newconfd contrib/init/openrc/docker.confd docker
+
+	systemd_dounit contrib/init/systemd/docker.{service,socket}
+
+	udev_dorules contrib/udev/*.rules
+
+	dodoc AUTHORS CONTRIBUTING.md CHANGELOG.md NOTICE README.md
+	dodoc -r docs/*
+	doman man/man*/*
+
+	dobashcomp contrib/completion/bash/*
+
+	insinto /usr/share/zsh/site-functions
+	doins contrib/completion/zsh/_*
+
+	insinto /usr/share/vim/vimfiles
+	doins -r contrib/syntax/vim/ftdetect
+	doins -r contrib/syntax/vim/syntax
+
+	# note: intentionally not using "doins" so that we preserve +x bits
+	dodir /usr/share/${PN}/contrib
+	cp -R contrib/* "${ED}/usr/share/${PN}/contrib"
+}
+
+pkg_postinst() {
+	udev_reload
+
+	elog
+	elog "To use Docker, the Docker daemon must be running as root. To automatically"
+	elog "start the Docker daemon at boot, add Docker to the default runlevel:"
+	elog "  rc-update add docker default"
+	elog "Similarly for systemd:"
+	elog "  systemctl enable docker.service"
+	elog
+	elog "To use Docker as a non-root user, add yourself to the 'docker' group:"
+	elog "  usermod -aG docker youruser"
+	elog
+}
diff --git a/app-emulation/docker/files/1.13.1-split-openrc-log.patch b/app-emulation/docker/files/1.13.1-split-openrc-log.patch
new file mode 100644
index 000000000000..c7cdd224dcd8
--- /dev/null
+++ b/app-emulation/docker/files/1.13.1-split-openrc-log.patch
@@ -0,0 +1,54 @@
+From 65c1a3be5bf748f95edc45f1391c869bf4ff4a52 Mon Sep 17 00:00:00 2001
+From: William Hubbs <w.d.hubbs@gmail.com>
+Date: Thu, 23 Feb 2017 17:07:26 -0600
+Subject: [PATCH] contrib/init/openrc: allow separate logs for stdout and
+ stderr
+
+Signed-off-by: William Hubbs <w.d.hubbs@gmail.com>
+---
+ contrib/init/openrc/docker.confd | 10 ++++++++++
+ contrib/init/openrc/docker.initd |  4 +++-
+ 2 files changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/contrib/init/openrc/docker.confd b/contrib/init/openrc/docker.confd
+index 2444031..89183de 100644
+--- a/contrib/init/openrc/docker.confd
++++ b/contrib/init/openrc/docker.confd
+@@ -1,8 +1,18 @@
+ # /etc/conf.d/docker: config file for /etc/init.d/docker
+ 
+ # where the docker daemon output gets piped
++# this contains both stdout and stderr. If  you need to separate them,
++# see the settings below
+ #DOCKER_LOGFILE="/var/log/docker.log"
+ 
++# where the docker daemon stdout gets piped
++# if this is not set, DOCKER_LOGFILE is used
++#DOCKER_OUTFILE="/var/log/docker-out.log"
++
++# where the docker daemon stderr gets piped
++# if this is not set, DOCKER_LOGFILE is used
++#DOCKER_ERRFILE="/var/log/docker-err.log"
++
+ # where docker's pid get stored
+ #DOCKER_PIDFILE="/run/docker.pid"
+ 
+diff --git a/contrib/init/openrc/docker.initd b/contrib/init/openrc/docker.initd
+index 5d31603..6c968f6 100644
+--- a/contrib/init/openrc/docker.initd
++++ b/contrib/init/openrc/docker.initd
+@@ -6,8 +6,10 @@ command="${DOCKERD_BINARY:-/usr/bin/dockerd}"
+ pidfile="${DOCKER_PIDFILE:-/run/${RC_SVCNAME}.pid}"
+ command_args="-p \"${pidfile}\" ${DOCKER_OPTS}"
+ DOCKER_LOGFILE="${DOCKER_LOGFILE:-/var/log/${RC_SVCNAME}.log}"
++DOCKER_ERRFILE="${DOCKER_ERRFILE:-${DOCKER_LOGFILE}}"
++DOCKER_OUTFILE="${DOCKER_OUTFILE:-${DOCKER_LOGFILE}}"
+ start_stop_daemon_args="--background \
+-	--stderr \"${DOCKER_LOGFILE}\" --stdout \"${DOCKER_LOGFILE}\""
++	--stderr \"${DOCKER_ERRFILE}\" --stdout \"${DOCKER_OUTFILE}\""
+ 
+ start_pre() {
+ 	checkpath -f -m 0644 -o root:docker "$DOCKER_LOGFILE"
+-- 
+2.10.2
+
diff --git a/app-emulation/docker/metadata.xml b/app-emulation/docker/metadata.xml
new file mode 100644
index 000000000000..16f7009d5ead
--- /dev/null
+++ b/app-emulation/docker/metadata.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<longdescription>
+		Docker is an open-source project to easily create lightweight,
+		portable, self-sufficient containers from any application. The same
+		container that a developer builds and tests on a laptop can run at
+		scale, in production, on VMs, bare metal, OpenStack clusters, public
+		clouds and more.
+	</longdescription>
+	<maintainer type="person">
+		<email>admwiggin@gmail.com</email>
+		<name>Tianon</name>
+	</maintainer>
+	<maintainer type="person">
+		<email>williamh@gentoo.org</email>
+		<name>William Hubbs</name>
+	</maintainer>
+	<maintainer type="person">
+		<email>mrueg@gentoo.org</email>
+		<name>Manuel Rüger</name>
+	</maintainer>
+	<use>
+		<flag name="aufs">
+			Enables dependencies for the "aufs" graph driver, including
+			necessary kernel flags.
+		</flag>
+		<flag name="apparmor">
+			Enable AppArmor support.
+		</flag>
+		<flag name="btrfs">
+			Enables dependencies for the "btrfs" graph driver, including
+			necessary kernel flags.
+		</flag>
+		<flag name="container-init">
+			Makes the a staticly-linked init system tini available inside a
+			container.
+		</flag>
+		<flag name="device-mapper">
+			Enables dependencies for the "devicemapper" graph driver, including
+			necessary kernel flags.
+		</flag>
+		<flag name="overlay">
+			Enables dependencies for the "overlay" graph driver, including
+			necessary kernel flags.
+		</flag>
+		<flag name="pkcs11">
+			Enables pkcs-11 support.
+		</flag>
+	</use>
+	<upstream>
+		<remote-id type="github">docker/docker</remote-id>
+	</upstream>
+</pkgmetadata>
author	V3n3RiX <venerix@redcorelinux.org>	2017-10-09 18:53:29 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2017-10-09 18:53:29 +0100
commit	4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
tree	ba5f07bf3f9d22d82e54a462313f5d244036c768 /app-emulation/docker