gentoo auto-resync : 24:04:2024 - 23:59:27

17 files changed, 256 insertions, 1123 deletions

diff --git a/www-servers/Manifest.gz b/www-servers/Manifest.gz
index b2aafa676993..c174ffe3e6d3 100644
--- a/www-servers/Manifest.gz
+++ b/www-servers/Manifest.gz
diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest
index b8ae852ccc1c..804afa80b681 100644
--- a/www-servers/nginx/Manifest
+++ b/www-servers/nginx/Manifest
@@ -13,11 +13,12 @@ AUX nginx.logrotate-r1 257 BLAKE2B d62c57377efd5259b6c776861d921b6e4ea026387157d
 AUX nginx.service-r1 356 BLAKE2B 05d89efcc73b70a26655f306f1e074e61c81063cb4e949161efbe95dc375e63807233f38c9af6723801e8f653cfad08f62fbec225b061d1179b7d05fe761afc4 SHA512 e51f4e88abe10555afe79d4d029651a4de42a5dc1dddaf951f13c021453da00e0c56a3fa2129d08fcd090909a54564e76887c93fdf72952021f5a2b09f6097eb
 DIST modsecurity-nginx-1.0.3.tar.gz 34063 BLAKE2B 859a29eb7f67d53a818578f1008f0d0debbe37c205bb7c6e79594d8b1a6a0d93988880d35f607ef05ef6d73c9aa887baebfd2c54aca894969beeed4bfe576f37 SHA512 20495884c6b3594edf879a19fd7445f2e74a1628789decd146b3c712764b0507e440a84a64aab619461b044f98b8d641913cfad57a6d0002e7061716bdfe84fc
 DIST nginx-1.24.0.tar.gz 1112471 BLAKE2B 7f671c57666dec822bff72fcf0e4eec35ecf981b8f1e489827f9bbbf9179036f61c9fdc7e497c076ccaeb35b9ba3dfe7684e4fc91ee9cae52601f68859bb034d SHA512 1114e37de5664a8109c99cfb2faa1f42ff8ac63c932bcf3780d645e5ed32c0b2ac446f80305b4465994c8f9430604968e176ae464fd80f632d1cb2c8f6007ff3
-DIST nginx-1.25.3.tar.gz 1216580 BLAKE2B f7a77b92b80197ce6cff477dac42169d638f69a4a408e979daa4f5e87ca0e4d18e366b8c2b0fc686cd69f5f926b5b097a8893f3c5295387bcc6f174a2f72e7f4 SHA512 46fcbf6b540a2e47f192453b9686a701e3abe5a41a3275e36c9fca6c3f9ef0aa8d705cc5ad63257d662a5432109e4ce125d330cdeb547914bceac19e885dba1f
 DIST nginx-1.25.4.tar.gz 1236273 BLAKE2B 3236751f9e7ced1a6b79e957c7a4cf19070bf430a30b322b09924a72574ad514bf2989829d5da599c6058fc5f8673b2ad608a3bd57380578883f2c091ff70983 SHA512 72a4aa8ed675f5a27ac723a73e556bbb5ae979a2fe79f9c2f4fb20bd7e719c797af8e2868044b7f2cf58be2a351a268599c8eb1e66719098d4142abab7632bb5
 DIST nginx-1.25.5.tar.gz 1244060 BLAKE2B 75ff068554d96063d1c7cb18d84df4fe8b820f6065f3464efde055c707e94ff13c45bea261619a453f04abed1fa3f9baccf81c29ca0e956ef0535e9a5c931dc6 SHA512 4a069ec08af46e42a72e263291fc84a67605d817ece1ea7092a5da5babced96ef27eb370ad6f7558b2f5973406080240080aaf4b27fc2d8b41f6853601563cb7
+DIST nginx-1.26.0.tar.gz 1244118 BLAKE2B a1c58ceda5599f5a02bd7992e9b2cc9f46f5655e4ca1bc8e9d2cae3b9837c72f37f5a83a9f7559861fb6ef8cad165a3e267ec67b20de18901314ac975dbdcbb4 SHA512 1f604a4a29f1b74eb56de7f1d8b0e5610fa055280b4ad2d3550c56926460de24da81b17485cffb358d8814061d4a9db1e0e5079af7921f1dc329e283e2775791
 DIST nginx-auth-ldap-42d195d7a7575ebab1c369ad3fc5d78dc2c2669c.tar.gz 18457 BLAKE2B 22225ca9e5299b20ab5a93a001cac48e446bd86b3a24ac49e716bc975b128890bdb4b0dbbf5730fbaaeadfd958160093c7a6af798dd0e6de27062f149a760333 SHA512 ec59637fda5acac053e815cb1d04b545fc6b765e5ec63d8c2c9c301abad87afaa2698145acac08e9e14c91e1423ebff7aff0cca2b940b19ccccbf4cf53973269
-DIST nginx-tests-24482e311749.tar.gz 282605 BLAKE2B 987b3a224966fbe44ccdd0375aa6b09b683738b6531599259cbea03491c056e4f4dd8e67b6f51555db936e8f0e93cfc669d8a884082d6015c5fd5f8b2dcf6207 SHA512 80d163226bdbfcf4bd8556316a1dcc5b048fa87357f83f5cac3b13917043dad0c96b9bc67ac886b421cc4954ddf7603256fe77d85fda406f8ed8c9231fc1cf3e
+DIST nginx-tests-0b5ec15c62ed.tar.gz 282652 BLAKE2B af41397f88f7aa969749c6dd9a77c58d1835bca24fe764dd0af328d621817f5fb89b3f5b5c0fbd1e7db53d51365e9098b020005e27a531649bd8a51a05b3cbb0 SHA512 c376d23c7001c5203428b664c388e97956cdda8365eb7df57db0da5146d0806f5c35cd1352260d6803d55542f46a90da4a604ebf971055caa77dd6106930558e
+DIST nginx-vod-module-1.33.tar.gz 471858 BLAKE2B fa5cb9fd185b30c5c53b25a6f103213b3d04dac5d2d81db72f9749a51548e09e3e17dccc636d748aff8d21c6623484c77fdeb10d70854480759665d140d42e0e SHA512 29ef77f1bbdb2410ff317ebdd7434f31b8ec370ae6b617b92e745e87c11bc820b451181d1d2b57156b414348da14ac448b689b32b17ab418144292eda094512d
 DIST nginx_http_sticky_module_ng-1.2.6-10-g08a395c66e42.tar.bz2 124047 BLAKE2B d37ef9a15c91abe3c6258e420d1f99fa452f9d9966a0e13102174973314a3bac5413957a5fe632a9dcb1163b3be5df8116e05cc053ee061e19319ec25f341570 SHA512 6c1bfdcf89884b2855d51ae7da0f6e53a4ca3629e1aaf58433b70c07dcb2af797ba6e87d9b3eb4fe2fb6d4d697e862f2b4c2f8d8b3fdaea201740c97ec936529
 DIST ngx_brotli-1.0.0rc.tar.gz 16207 BLAKE2B 450d0ea693bd98d4a1b615f2cdcaad41ccd28266f6d80beec7fe77fe750ab8c5d1bb55aabe15161b9b6d819d2b4d99a7774f2706f2f6fd084b52a7c7dddbc00c SHA512 05a880d5e48ac83be84498ed41fb4750211b827a9d7541acfd6ef494e5205a6e853d5594bfec3ab4ae668ea3f803e4f4b0ba550c76811971c8e266e42663c56d
 DIST ngx_devel_kit-0.3.1.tar.gz 66542 BLAKE2B 8242d884464d99a131a48f599f9d0c2b546610f73f646e7eb0dcfdb98220810d949189cffa721360ddbe3b7b8adc8b678a848b9d1a56db6c62fd4439ecb63d24 SHA512 de1e3349d8dd08e5982279b2219dc8a8006739f0409b8e0f5c50d93434beff1fbafba43e9c5ac85a5fab90afc5c0a7244a340610339c36f82f2cba7233e72de9
@@ -41,13 +42,10 @@ DIST ngx_memc_module-0.19.tar.gz 34654 BLAKE2B 536384c264d88535179634d459d3a47b1
 DIST ngx_metrics-0.1.1.tar.gz 2964 BLAKE2B 95d71ea26c949c345b83e353bd66a20df18cc8b2b93f692615a1b39c1f327393647f80e7a27e6929799a6e7e3469b61e1cd72f7821f7a820da4dd7cd9a96d85c SHA512 d36a8fb0104c83b6b564e03b351aa750cab08650264c74d6f786af357bfb7006b531a93270dd961896ea8dafe27e5db8548ede714c5f52c4742876bc73af4b5e
 DIST ngx_mogilefs_module-1.0.4.tar.gz 11208 BLAKE2B e0729b66554c8890727190a624d4c9aef6499dfc2e301541a9bfc15690caf6d3155c8a4b8f7a1555a7655b47aa0cd1b797aeb8ba82efa92ab80808218a0bdcff SHA512 b8cb7eaf6274f4e2247dbcb39db05072d2b2d4361256a325fafab5533d7ce0c4ae9e2905b954dfcfa4789c9cab5cccf2ac1c3a1f02f6a327ed95b562d7773ed1
 DIST ngx_rtmp-1.2.2.tar.gz 519934 BLAKE2B 8745816b879f506720955d6c7e5e8af036e88b3601a680071ffb255a3ec31d69e132b5cc8b493202fa985eb30b8529428f683b5154a0054c0ee990d3185c7abf SHA512 3f8c803221854c4b1a06aadc6313fbfec74bd7179c0ee51d4365b26ffa8875881a6e1e48f777a9c9efbb9170ab7478a82920d5448a2c2df485503d37bb03ab81
-DIST njs-0.7.12.tar.gz 662554 BLAKE2B 3e925dbbd5e664fc083b3147b6fa353744ab45b50cb2d3feb3f1cf5a4c024440c24b7af08e8a285db7b8e4b48efc776a8a1cb78c6d7ff79d011e127a61e09f6c SHA512 a65a6c6aa3fbd499536284f8d8610f61b87112156885e6c3b1f73872df22195af897766f266b4569098a70e1680aef66594da17d13519f16687b4e43dce49062
-DIST njs-0.8.2.tar.gz 733916 BLAKE2B 08dcaae18d5bf9b4294cb49d001549d5476176599a45c84d255f456ebbf16dad40a33be18c48f303984f7fce1fc0c397b454ffaf71f985ae9ff55e81e63cb2fd SHA512 2fdaa1953d0ea9f639fcba1077b47a98c58f9d287d4c41b2551b1540279c7e4549c254f86b38ddd81b7d69adaf13bd7dd86e8d75da1c432f0d096285aa3f2363
 DIST njs-0.8.4.tar.gz 743910 BLAKE2B cad96f0e7ccac928506bc7822310750921b7ebb1ed87903a6335988b3e42b264179b699455439140c80afd9f93ecb63877cc7327919ebb29d7ad391e9d378367 SHA512 450f6866141f6f370767149c8749e84c4373f401d6d2237ca85365a851ebe7bdbd8a3c25e85a55747673e8bef2238a979dd237d5fc5c641b2f3f2cf7f26dffc8
-EBUILD nginx-1.24.0-r1.ebuild 40459 BLAKE2B 5df8b1d18042d471bb3b7ad76778b77ff14a9295ca7148f13190bda6a01508a53748bb636392984f13aef1a0cafe893f140bc009dfcca17828889277b41c71c5 SHA512 d4cf46bc5f283038a676bd013773d78d8ea6127dd598d00d5d1d9225785f6fdf520a9e3b2211ca06c63856f3f27a8507fa9eef000a5ec3da6d2cf696b9303af1
-EBUILD nginx-1.24.0-r2.ebuild 41316 BLAKE2B 768ef4c66701d551b829833f67100ca599bea6b57aa02c934d508ff50e60c952e61b3655d361019017e4fd966cc1fdc1fba84af23a496346b30450d9f9febfe7 SHA512 11abc60df7e88eabbcca66ea244e990b07b5e583e32200a26bf9cc9783f07b87a74ca1a54bf556259c60c0b0a182ad8a882d0d4140a39e042348ed389382f68c
-EBUILD nginx-1.25.3-r1.ebuild 41620 BLAKE2B 76565a70bfbaab858300e676bc601dade800d4cf9460e9bea5e2d6b23179dfd7f7b0a76dcfc067cb38da48545c217b50eadc5f9527aadf90eabf5167368b6f69 SHA512 26992c1961f28af890da3234f29e98a662b5545b392ec7ed9f995aa938b884fa424797e9e2c8f6320259409ea4c070ca5189e2fc7cfd4d2954c55976b9f9018a
-EBUILD nginx-1.25.3.ebuild 40770 BLAKE2B fc42b1bf841ec600966cbc18c686af69a6d83db79cc233ff5577b254d3f72d6651ce2d089c9004efc5fffe18f0e49b2ac9144e73b25265497394aa325a443d74 SHA512 89fafb69c30378c33f17f1b24101b787d87b42bec9a85faaa69ada8c52a91f38eed117adf8cc25810b0a65cf09691a472d4d5e39e64d6edc41b76be53113fed6
-EBUILD nginx-1.25.4.ebuild 41630 BLAKE2B 5d0fee4b63e44f7899368c26f7efdab6eadd3d35a6147a2948b49839f8b26ab4647794a985be103fbdec18861566434d3674930d585dfcba837c571ab7fc0533 SHA512 a68d45affd9959f61929b3e29595755531d2e3cd176afc276a11f704fcd20978ef48f1cb65b7f818543532fd8779abb49e5601f450b5d8ac87ea6713f4587420
-EBUILD nginx-1.25.5.ebuild 41634 BLAKE2B 749c0d5d2ba008d3851291450b5b298e8480227d76dbd08cb11966e93c917315714a3d55e5884d6beef60e4547176af5d2fc57c433c1c3813c0c651ca6fc2c4c SHA512 e0a2dffed6dec8fc425a7a48dbbc18655b9e8d1c1e1f01ba88f743d32f90db094303ee7fa6a266ddd4fb00f8b5e12b4e98b0b04b593f55d70bc9aae52cbe581b
+EBUILD nginx-1.24.0-r3.ebuild 40458 BLAKE2B 90dd5c374b80161a91b6530e9cea76509d55218dd073cc5391b00c5d13540ecd71d05b72e94237b648ad07854f56b52491e7f6b9b89e75084c268516fc64be98 SHA512 9b0db7f56e907c60da85bbeea2220714c6398691b450c8199f3c7a39784fec3e80de5677791083a9887162f5010479526387e74e4bae2eb6d8b7b50c02529468
+EBUILD nginx-1.24.0-r4.ebuild 41315 BLAKE2B 22dd204604584649f04c78237251c1a577746439cb29d657b38b826e5b6597da07ffbddd92e532a56ad9d94fbed782b6f91b0edd7e1d696135e64c3825f3b106 SHA512 6a0bdd127796e02c50f8f3f6a66b40ccf01bc778bf9437a4fa1b55ab420919b5692bd68a0590083d5da28e009ab831d8305ec38c3fb5837d290b4e9879382676
+EBUILD nginx-1.25.4-r1.ebuild 41630 BLAKE2B cfb945ba3a63334a977b534545faea1da41e551f141375dbf8e721ce407a7a1e48762171945a13dd21c4b8b9d54523b92eee70869e1aadd61e018130b3783779 SHA512 5d7681423eb18abcde3a4b55435cb04fd641ccfcb4bab93dd572caff604c63b0e6ee28c686bbe8fd184d09b32e000d7951e8a89d15371afdae88e0fbb3f92cfc
+EBUILD nginx-1.25.5.ebuild 42410 BLAKE2B 7b3e69d14d925a3166a32426e6c8dec53f1c0bf3aa10a0f1288110cce1203792379d8215052e72915cfd8c8f606721d2fb779400c0fcc453ff96b78478bfdbc7 SHA512 dfbc0a4c9076c0c8dff69910c92ab81e48dc05a013ee12583b3e460dc804a9ab5f7295684853dc48b591f5eb0ed33df356e01c3861ec17629b94d4025acc58fc
+EBUILD nginx-1.26.0.ebuild 42410 BLAKE2B 65eea25f30a8d5281e2e586fec0a8e6654774195b2d517e0e5746dca0fbca2a0ccfed15da55ca596fe90b9197904fbee1a276c3e08aee1cde7af921e2b3e763b SHA512 11380776c031faf07c9733e97e049a6fdccf4509a1710a5c393f64a1c3b682b39f69f48908257bfedef945ee5005cbf4053a25e4f1d41d0d969c87b0802d2541
 MISC metadata.xml 1189 BLAKE2B 9e65f404d2be335d14ffb087be60847a2508de79baae7ee0e3bd7021dbfbbc1f18b93ed758d107ef3a9738ab32889f106a5eb8232f8f4190d57c175eed60ddd5 SHA512 8077d4da43250c5cc783451682047460b093cf1e751e0b0d75a21bb42baf83fd31b1bb3a574ed6e7ab89286afb331c23915c676ed80c7b4cc5fd9f84a40da893
diff --git a/www-servers/nginx/nginx-1.24.0-r1.ebuild b/www-servers/nginx/nginx-1.24.0-r3.ebuild
index a98d8349b137..9f79279f01b1 100644
--- a/www-servers/nginx/nginx-1.24.0-r1.ebuild
+++ b/www-servers/nginx/nginx-1.24.0-r3.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=8
@@ -159,7 +159,7 @@ GEOIP2_MODULE_URI="https://github.com/leev/ngx_http_geoip2_module/archive/${GEOI
 GEOIP2_MODULE_WD="${WORKDIR}/ngx_http_geoip2_module-${GEOIP2_MODULE_PV}"
 
 # njs-module (https://github.com/nginx/njs, as-is)
-NJS_MODULE_PV="0.7.12"
+NJS_MODULE_PV="0.8.4"
 NJS_MODULE_P="njs-${NJS_MODULE_PV}"
 NJS_MODULE_URI="https://github.com/nginx/njs/archive/${NJS_MODULE_PV}.tar.gz"
 NJS_MODULE_WD="${WORKDIR}/njs-${NJS_MODULE_PV}"
diff --git a/www-servers/nginx/nginx-1.24.0-r2.ebuild b/www-servers/nginx/nginx-1.24.0-r4.ebuild
index 18a7c23a6c61..a80e3d7512fe 100644
--- a/www-servers/nginx/nginx-1.24.0-r2.ebuild
+++ b/www-servers/nginx/nginx-1.24.0-r4.ebuild
@@ -160,13 +160,13 @@ GEOIP2_MODULE_URI="https://github.com/leev/ngx_http_geoip2_module/archive/${GEOI
 GEOIP2_MODULE_WD="${WORKDIR}/ngx_http_geoip2_module-${GEOIP2_MODULE_PV}"
 
 # njs-module (https://github.com/nginx/njs, as-is)
-NJS_MODULE_PV="0.7.12"
+NJS_MODULE_PV="0.8.4"
 NJS_MODULE_P="njs-${NJS_MODULE_PV}"
 NJS_MODULE_URI="https://github.com/nginx/njs/archive/${NJS_MODULE_PV}.tar.gz"
 NJS_MODULE_WD="${WORKDIR}/njs-${NJS_MODULE_PV}"
 
 # nginx-tests (http://hg.nginx.org/nginx-tests, BSD-2)
-NGINX_TESTS_REV="24482e311749"
+NGINX_TESTS_REV="0b5ec15c62ed"
 
 # We handle deps below ourselves
 SSL_DEPS_SKIP=1
diff --git a/www-servers/nginx/nginx-1.25.3.ebuild b/www-servers/nginx/nginx-1.25.3.ebuild
deleted file mode 100644
index 66b276487fcd..000000000000
--- a/www-servers/nginx/nginx-1.25.3.ebuild
+++ /dev/null
@@ -1,1078 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-# Maintainer notes:
-# - http_rewrite-independent pcre-support makes sense for matching locations without an actual rewrite
-# - any http-module activates the main http-functionality and overrides USE=-http
-# - keep the following requirements in mind before adding external modules:
-#	* alive upstream
-#	* sane packaging
-#	* builds cleanly
-#	* does not need a patch for nginx core
-# - TODO: test the google-perftools module (included in vanilla tarball)
-
-# prevent perl-module from adding automagic perl DEPENDs
-GENTOO_DEPEND_ON_PERL="no"
-
-# devel_kit (https://github.com/simpl/ngx_devel_kit, BSD license)
-DEVEL_KIT_MODULE_PV="0.3.1"
-DEVEL_KIT_MODULE_P="ngx_devel_kit-${DEVEL_KIT_MODULE_PV}"
-DEVEL_KIT_MODULE_URI="https://github.com/simpl/ngx_devel_kit/archive/v${DEVEL_KIT_MODULE_PV}.tar.gz"
-DEVEL_KIT_MODULE_WD="${WORKDIR}/ngx_devel_kit-${DEVEL_KIT_MODULE_PV}"
-
-# ngx_brotli (https://github.com/google/ngx_brotli, BSD-2)
-HTTP_BROTLI_MODULE_PV="1.0.0rc"
-HTTP_BROTLI_MODULE_P="ngx_brotli-${HTTP_BROTLI_MODULE_PV}"
-HTTP_BROTLI_MODULE_URI="https://github.com/google/ngx_brotli/archive/v${HTTP_BROTLI_MODULE_PV}.tar.gz"
-HTTP_BROTLI_MODULE_WD="${WORKDIR}/ngx_brotli-${HTTP_BROTLI_MODULE_PV}"
-
-# http_uploadprogress (https://github.com/masterzen/nginx-upload-progress-module, BSD-2 license)
-HTTP_UPLOAD_PROGRESS_MODULE_PV="68b3ab3b64a0cee7f785d161401c8be357bbed12"
-HTTP_UPLOAD_PROGRESS_MODULE_P="ngx_http_upload_progress-${HTTP_UPLOAD_PROGRESS_MODULE_PV}"
-HTTP_UPLOAD_PROGRESS_MODULE_URI="https://github.com/masterzen/nginx-upload-progress-module/archive/${HTTP_UPLOAD_PROGRESS_MODULE_PV}.tar.gz"
-HTTP_UPLOAD_PROGRESS_MODULE_WD="${WORKDIR}/nginx-upload-progress-module-${HTTP_UPLOAD_PROGRESS_MODULE_PV}"
-
-# http_headers_more (https://github.com/openresty/headers-more-nginx-module, BSD license)
-HTTP_HEADERS_MORE_MODULE_PV="0.34"
-HTTP_HEADERS_MORE_MODULE_P="ngx_http_headers_more-${HTTP_HEADERS_MORE_MODULE_PV}"
-HTTP_HEADERS_MORE_MODULE_URI="https://github.com/openresty/headers-more-nginx-module/archive/v${HTTP_HEADERS_MORE_MODULE_PV}.tar.gz"
-HTTP_HEADERS_MORE_MODULE_WD="${WORKDIR}/headers-more-nginx-module-${HTTP_HEADERS_MORE_MODULE_PV}"
-
-# http_cache_purge (http://labs.frickle.com/nginx_ngx_cache_purge/, https://github.com/FRiCKLE/ngx_cache_purge, BSD-2 license)
-HTTP_CACHE_PURGE_MODULE_PV="2.3"
-HTTP_CACHE_PURGE_MODULE_P="ngx_http_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}"
-HTTP_CACHE_PURGE_MODULE_URI="http://labs.frickle.com/files/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}.tar.gz"
-HTTP_CACHE_PURGE_MODULE_WD="${WORKDIR}/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}"
-
-# http_slowfs_cache (http://labs.frickle.com/nginx_ngx_slowfs_cache/, BSD-2 license)
-HTTP_SLOWFS_CACHE_MODULE_PV="1.10"
-HTTP_SLOWFS_CACHE_MODULE_P="ngx_http_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}"
-HTTP_SLOWFS_CACHE_MODULE_URI="http://labs.frickle.com/files/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}.tar.gz"
-HTTP_SLOWFS_CACHE_MODULE_WD="${WORKDIR}/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}"
-
-# http_fancyindex (https://github.com/aperezdc/ngx-fancyindex, BSD license)
-HTTP_FANCYINDEX_MODULE_PV="0.4.4"
-HTTP_FANCYINDEX_MODULE_P="ngx_http_fancyindex-${HTTP_FANCYINDEX_MODULE_PV}"
-HTTP_FANCYINDEX_MODULE_URI="https://github.com/aperezdc/ngx-fancyindex/archive/v${HTTP_FANCYINDEX_MODULE_PV}.tar.gz"
-HTTP_FANCYINDEX_MODULE_WD="${WORKDIR}/ngx-fancyindex-${HTTP_FANCYINDEX_MODULE_PV}"
-
-# http_lua (https://github.com/openresty/lua-nginx-module, BSD license)
-HTTP_LUA_MODULE_PV="0.10.25"
-HTTP_LUA_MODULE_P="ngx_http_lua-${HTTP_LUA_MODULE_PV}"
-HTTP_LUA_MODULE_URI="https://github.com/openresty/lua-nginx-module/archive/v${HTTP_LUA_MODULE_PV}.tar.gz"
-HTTP_LUA_MODULE_WD="${WORKDIR}/lua-nginx-module-${HTTP_LUA_MODULE_PV}"
-LUA_COMPAT=( luajit )
-
-# http_auth_pam (https://github.com/stogh/ngx_http_auth_pam_module/, http://web.iti.upv.es/~sto/nginx/, BSD-2 license)
-HTTP_AUTH_PAM_MODULE_PV="1.5.2"
-HTTP_AUTH_PAM_MODULE_P="ngx_http_auth_pam-${HTTP_AUTH_PAM_MODULE_PV}"
-HTTP_AUTH_PAM_MODULE_URI="https://github.com/stogh/ngx_http_auth_pam_module/archive/v${HTTP_AUTH_PAM_MODULE_PV}.tar.gz"
-HTTP_AUTH_PAM_MODULE_WD="${WORKDIR}/ngx_http_auth_pam_module-${HTTP_AUTH_PAM_MODULE_PV}"
-
-# http_upstream_check (https://github.com/yaoweibin/nginx_upstream_check_module, BSD license)
-HTTP_UPSTREAM_CHECK_MODULE_PV="9aecf15ec379fe98f62355c57b60c0bc83296f04"
-HTTP_UPSTREAM_CHECK_MODULE_P="ngx_http_upstream_check-${HTTP_UPSTREAM_CHECK_MODULE_PV}"
-HTTP_UPSTREAM_CHECK_MODULE_URI="https://github.com/yaoweibin/nginx_upstream_check_module/archive/${HTTP_UPSTREAM_CHECK_MODULE_PV}.tar.gz"
-HTTP_UPSTREAM_CHECK_MODULE_WD="${WORKDIR}/nginx_upstream_check_module-${HTTP_UPSTREAM_CHECK_MODULE_PV}"
-
-# http_metrics (https://github.com/zenops/ngx_metrics, BSD license)
-HTTP_METRICS_MODULE_PV="0.1.1"
-HTTP_METRICS_MODULE_P="ngx_metrics-${HTTP_METRICS_MODULE_PV}"
-HTTP_METRICS_MODULE_URI="https://github.com/liquidm/ngx_metrics/archive/v${HTTP_METRICS_MODULE_PV}.tar.gz"
-HTTP_METRICS_MODULE_WD="${WORKDIR}/ngx_metrics-${HTTP_METRICS_MODULE_PV}"
-
-# http_vhost_traffic_status (https://github.com/vozlt/nginx-module-vts, BSD license)
-HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV="0.2.1"
-HTTP_VHOST_TRAFFIC_STATUS_MODULE_P="ngx_http_vhost_traffic_status-${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}"
-HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI="https://github.com/vozlt/nginx-module-vts/archive/v${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}.tar.gz"
-HTTP_VHOST_TRAFFIC_STATUS_MODULE_WD="${WORKDIR}/nginx-module-vts-${HTTP_VHOST_TRAFFIC_STATUS_MODULE_PV}"
-
-# naxsi-core (https://github.com/wargio/naxsi, GPL-3)
-HTTP_NAXSI_MODULE_PV="4140b2ded624eb36f04c783c460379b9403012d0"
-HTTP_NAXSI_MODULE_P="ngx_http_naxsi-${HTTP_NAXSI_MODULE_PV}"
-HTTP_NAXSI_MODULE_URI="https://github.com/wargio/naxsi/archive/${HTTP_NAXSI_MODULE_PV}.tar.gz"
-HTTP_NAXSI_MODULE_WD="${WORKDIR}/naxsi-${HTTP_NAXSI_MODULE_PV}/naxsi_src"
-HTTP_NAXSI_LIBINJECTION_MODULE_PV="49904c42a6e68dc8f16c022c693e897e4010a06c"
-HTTP_NAXSI_LIBINJECTION_MODULE_P="ngx_http_naxsi_libinjection-${HTTP_NAXSI_LIBINJECTION_MODULE_PV}"
-HTTP_NAXSI_LIBINJECTION_MODULE_URI="https://github.com/libinjection/libinjection/archive/${HTTP_NAXSI_LIBINJECTION_MODULE_PV}.tar.gz"
-
-# nginx-rtmp-module (https://github.com/arut/nginx-rtmp-module, BSD license)
-RTMP_MODULE_PV="1.2.2"
-RTMP_MODULE_P="ngx_rtmp-${RTMP_MODULE_PV}"
-RTMP_MODULE_URI="https://github.com/arut/nginx-rtmp-module/archive/v${RTMP_MODULE_PV}.tar.gz"
-RTMP_MODULE_WD="${WORKDIR}/nginx-rtmp-module-${RTMP_MODULE_PV}"
-
-# nginx-dav-ext-module (https://github.com/arut/nginx-dav-ext-module, BSD license)
-HTTP_DAV_EXT_MODULE_PV="3.0.0"
-HTTP_DAV_EXT_MODULE_P="ngx_http_dav_ext-${HTTP_DAV_EXT_MODULE_PV}"
-HTTP_DAV_EXT_MODULE_URI="https://github.com/arut/nginx-dav-ext-module/archive/v${HTTP_DAV_EXT_MODULE_PV}.tar.gz"
-HTTP_DAV_EXT_MODULE_WD="${WORKDIR}/nginx-dav-ext-module-${HTTP_DAV_EXT_MODULE_PV}"
-
-# echo-nginx-module (https://github.com/openresty/echo-nginx-module, BSD license)
-HTTP_ECHO_MODULE_PV="0.63"
-HTTP_ECHO_MODULE_P="ngx_http_echo-${HTTP_ECHO_MODULE_PV}"
-HTTP_ECHO_MODULE_URI="https://github.com/openresty/echo-nginx-module/archive/v${HTTP_ECHO_MODULE_PV}.tar.gz"
-HTTP_ECHO_MODULE_WD="${WORKDIR}/echo-nginx-module-${HTTP_ECHO_MODULE_PV}"
-
-# modsecurity for nginx (https://github.com/SpiderLabs/ModSecurity-nginx, https://github.com/SpiderLabs/ModSecurity, Apache-2.0)
-HTTP_SECURITY_MODULE_PV="1.0.3"
-HTTP_SECURITY_MODULE_P="modsecurity-nginx-${HTTP_SECURITY_MODULE_PV}"
-HTTP_SECURITY_MODULE_URI="https://github.com/SpiderLabs/ModSecurity-nginx/archive/refs/tags/v${HTTP_SECURITY_MODULE_PV}.tar.gz"
-HTTP_SECURITY_MODULE_WD="${WORKDIR}/ModSecurity-nginx-${HTTP_SECURITY_MODULE_PV}"
-
-# push-stream-module (http://www.nginxpushstream.com, https://github.com/wandenberg/nginx-push-stream-module, GPL-3)
-HTTP_PUSH_STREAM_MODULE_PV="8c02220d484d7848bc8e3a6d9b1c616987e86f66"
-HTTP_PUSH_STREAM_MODULE_P="ngx_http_push_stream-${HTTP_PUSH_STREAM_MODULE_PV}"
-HTTP_PUSH_STREAM_MODULE_URI="https://github.com/wandenberg/nginx-push-stream-module/archive/${HTTP_PUSH_STREAM_MODULE_PV}.tar.gz"
-HTTP_PUSH_STREAM_MODULE_WD="${WORKDIR}/nginx-push-stream-module-${HTTP_PUSH_STREAM_MODULE_PV}"
-
-# sticky-module (https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng, BSD-2)
-HTTP_STICKY_MODULE_PV="1.2.6-10-g08a395c66e42"
-HTTP_STICKY_MODULE_P="nginx_http_sticky_module_ng-${HTTP_STICKY_MODULE_PV}"
-HTTP_STICKY_MODULE_URI="https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/${HTTP_STICKY_MODULE_PV}.tar.bz2"
-HTTP_STICKY_MODULE_WD="${WORKDIR}/nginx-goodies-nginx-sticky-module-ng-08a395c66e42"
-
-# mogilefs-module (https://github.com/vkholodkov/nginx-mogilefs-module, BSD-2)
-HTTP_MOGILEFS_MODULE_PV="1.0.4"
-HTTP_MOGILEFS_MODULE_P="ngx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}"
-HTTP_MOGILEFS_MODULE_URI="https://github.com/vkholodkov/nginx-mogilefs-module/archive/${HTTP_MOGILEFS_MODULE_PV}.tar.gz"
-HTTP_MOGILEFS_MODULE_WD="${WORKDIR}/nginx_mogilefs_module-${HTTP_MOGILEFS_MODULE_PV}"
-
-# memc-module (https://github.com/openresty/memc-nginx-module, BSD-2)
-HTTP_MEMC_MODULE_PV="0.19"
-HTTP_MEMC_MODULE_P="ngx_memc_module-${HTTP_MEMC_MODULE_PV}"
-HTTP_MEMC_MODULE_URI="https://github.com/openresty/memc-nginx-module/archive/v${HTTP_MEMC_MODULE_PV}.tar.gz"
-HTTP_MEMC_MODULE_WD="${WORKDIR}/memc-nginx-module-${HTTP_MEMC_MODULE_PV}"
-
-# nginx-ldap-auth-module (https://github.com/kvspb/nginx-auth-ldap, BSD-2)
-HTTP_LDAP_MODULE_PV="42d195d7a7575ebab1c369ad3fc5d78dc2c2669c"
-HTTP_LDAP_MODULE_P="nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}"
-HTTP_LDAP_MODULE_URI="https://github.com/kvspb/nginx-auth-ldap/archive/${HTTP_LDAP_MODULE_PV}.tar.gz"
-HTTP_LDAP_MODULE_WD="${WORKDIR}/nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}"
-
-# geoip2 (https://github.com/leev/ngx_http_geoip2_module, BSD-2)
-GEOIP2_MODULE_PV="3.4"
-GEOIP2_MODULE_P="ngx_http_geoip2_module-${GEOIP2_MODULE_PV}"
-GEOIP2_MODULE_URI="https://github.com/leev/ngx_http_geoip2_module/archive/${GEOIP2_MODULE_PV}.tar.gz"
-GEOIP2_MODULE_WD="${WORKDIR}/ngx_http_geoip2_module-${GEOIP2_MODULE_PV}"
-
-# njs-module (https://github.com/nginx/njs, as-is)
-NJS_MODULE_PV="0.8.2"
-NJS_MODULE_P="njs-${NJS_MODULE_PV}"
-NJS_MODULE_URI="https://github.com/nginx/njs/archive/${NJS_MODULE_PV}.tar.gz"
-NJS_MODULE_WD="${WORKDIR}/njs-${NJS_MODULE_PV}"
-
-# We handle deps below ourselves
-SSL_DEPS_SKIP=1
-AUTOTOOLS_AUTO_DEPEND="no"
-
-inherit autotools lua-single ssl-cert toolchain-funcs perl-module systemd pax-utils
-
-DESCRIPTION="Robust, small and high performance http and reverse proxy server"
-HOMEPAGE="https://nginx.org"
-SRC_URI="https://nginx.org/download/${P}.tar.gz
-	${DEVEL_KIT_MODULE_URI} -> ${DEVEL_KIT_MODULE_P}.tar.gz
-	nginx_modules_http_auth_ldap? ( ${HTTP_LDAP_MODULE_URI} -> ${HTTP_LDAP_MODULE_P}.tar.gz )
-	nginx_modules_http_auth_pam? ( ${HTTP_AUTH_PAM_MODULE_URI} -> ${HTTP_AUTH_PAM_MODULE_P}.tar.gz )
-	nginx_modules_http_brotli? ( ${HTTP_BROTLI_MODULE_URI} -> ${HTTP_BROTLI_MODULE_P}.tar.gz )
-	nginx_modules_http_cache_purge? ( ${HTTP_CACHE_PURGE_MODULE_URI} -> ${HTTP_CACHE_PURGE_MODULE_P}.tar.gz )
-	nginx_modules_http_dav_ext? ( ${HTTP_DAV_EXT_MODULE_URI} -> ${HTTP_DAV_EXT_MODULE_P}.tar.gz )
-	nginx_modules_http_echo? ( ${HTTP_ECHO_MODULE_URI} -> ${HTTP_ECHO_MODULE_P}.tar.gz )
-	nginx_modules_http_fancyindex? ( ${HTTP_FANCYINDEX_MODULE_URI} -> ${HTTP_FANCYINDEX_MODULE_P}.tar.gz )
-	nginx_modules_http_geoip2? ( ${GEOIP2_MODULE_URI} -> ${GEOIP2_MODULE_P}.tar.gz )
-	nginx_modules_http_headers_more? ( ${HTTP_HEADERS_MORE_MODULE_URI} -> ${HTTP_HEADERS_MORE_MODULE_P}.tar.gz )
-	nginx_modules_http_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz )
-	nginx_modules_http_lua? ( ${HTTP_LUA_MODULE_URI} -> ${HTTP_LUA_MODULE_P}.tar.gz )
-	nginx_modules_http_memc? ( ${HTTP_MEMC_MODULE_URI} -> ${HTTP_MEMC_MODULE_P}.tar.gz )
-	nginx_modules_http_metrics? ( ${HTTP_METRICS_MODULE_URI} -> ${HTTP_METRICS_MODULE_P}.tar.gz )
-	nginx_modules_http_mogilefs? ( ${HTTP_MOGILEFS_MODULE_URI} -> ${HTTP_MOGILEFS_MODULE_P}.tar.gz )
-	nginx_modules_http_naxsi? (
-		${HTTP_NAXSI_MODULE_URI} -> ${HTTP_NAXSI_MODULE_P}.tar.gz
-		${HTTP_NAXSI_LIBINJECTION_MODULE_URI} -> ${HTTP_NAXSI_LIBINJECTION_MODULE_P}.tar.gz
-	)
-	nginx_modules_http_push_stream? ( ${HTTP_PUSH_STREAM_MODULE_URI} -> ${HTTP_PUSH_STREAM_MODULE_P}.tar.gz )
-	nginx_modules_http_security? ( ${HTTP_SECURITY_MODULE_URI} -> ${HTTP_SECURITY_MODULE_P}.tar.gz )
-	nginx_modules_http_slowfs_cache? ( ${HTTP_SLOWFS_CACHE_MODULE_URI} -> ${HTTP_SLOWFS_CACHE_MODULE_P}.tar.gz )
-	nginx_modules_http_sticky? ( ${HTTP_STICKY_MODULE_URI} -> ${HTTP_STICKY_MODULE_P}.tar.bz2 )
-	nginx_modules_http_upload_progress? ( ${HTTP_UPLOAD_PROGRESS_MODULE_URI} -> ${HTTP_UPLOAD_PROGRESS_MODULE_P}.tar.gz )
-	nginx_modules_http_upstream_check? ( ${HTTP_UPSTREAM_CHECK_MODULE_URI} -> ${HTTP_UPSTREAM_CHECK_MODULE_P}.tar.gz )
-	nginx_modules_http_vhost_traffic_status? ( ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI} -> ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_P}.tar.gz )
-	nginx_modules_stream_geoip2? ( ${GEOIP2_MODULE_URI} -> ${GEOIP2_MODULE_P}.tar.gz )
-	nginx_modules_stream_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz )
-	rtmp? ( ${RTMP_MODULE_URI} -> ${RTMP_MODULE_P}.tar.gz )"
-
-LICENSE="BSD-2 BSD SSLeay MIT GPL-2 GPL-2+
-	nginx_modules_http_security? ( Apache-2.0 )
-	nginx_modules_http_push_stream? ( GPL-3 )"
-
-SLOT="mainline"
-KEYWORDS="amd64 arm arm64 ~loong ~ppc ~ppc64 ~riscv x86 ~amd64-linux ~x86-linux"
-
-# Package doesn't provide a real test suite
-RESTRICT="test"
-
-NGINX_MODULES_STD="access auth_basic autoindex browser charset empty_gif
-	fastcgi geo grpc gzip limit_req limit_conn map memcached mirror
-	proxy referer rewrite scgi ssi split_clients upstream_hash
-	upstream_ip_hash upstream_keepalive upstream_least_conn
-	upstream_zone userid uwsgi"
-NGINX_MODULES_OPT="addition auth_request dav degradation flv geoip gunzip
-	gzip_static image_filter mp4 perl random_index realip secure_link
-	slice stub_status sub xslt"
-NGINX_MODULES_STREAM_STD="access geo limit_conn map return split_clients
-	upstream_hash upstream_least_conn upstream_zone"
-NGINX_MODULES_STREAM_OPT="geoip realip ssl_preread"
-NGINX_MODULES_MAIL="imap pop3 smtp"
-NGINX_MODULES_3RD="
-	http_auth_ldap
-	http_auth_pam
-	http_brotli
-	http_cache_purge
-	http_dav_ext
-	http_echo
-	http_fancyindex
-	http_geoip2
-	http_headers_more
-	http_javascript
-	http_lua
-	http_memc
-	http_metrics
-	http_mogilefs
-	http_naxsi
-	http_push_stream
-	http_security
-	http_slowfs_cache
-	http_sticky
-	http_upload_progress
-	http_upstream_check
-	http_vhost_traffic_status
-	stream_geoip2
-	stream_javascript
-"
-
-IUSE="aio debug +http +http2 http3 +http-cache ktls libatomic pcre +pcre2 pcre-jit rtmp selinux ssl threads vim-syntax"
-
-for mod in $NGINX_MODULES_STD; do
-	IUSE="${IUSE} +nginx_modules_http_${mod}"
-done
-
-for mod in $NGINX_MODULES_OPT; do
-	IUSE="${IUSE} nginx_modules_http_${mod}"
-done
-
-for mod in $NGINX_MODULES_STREAM_STD; do
-	IUSE="${IUSE} nginx_modules_stream_${mod}"
-done
-
-for mod in $NGINX_MODULES_STREAM_OPT; do
-	IUSE="${IUSE} nginx_modules_stream_${mod}"
-done
-
-for mod in $NGINX_MODULES_MAIL; do
-	IUSE="${IUSE} nginx_modules_mail_${mod}"
-done
-
-for mod in $NGINX_MODULES_3RD; do
-	IUSE="${IUSE} nginx_modules_${mod}"
-done
-
-# Add so we can warn users updating about config changes
-# @TODO: jbergstroem: remove on next release series
-IUSE="${IUSE} nginx_modules_http_spdy"
-
-CDEPEND="
-	acct-group/nginx
-	acct-user/nginx
-	virtual/libcrypt:=
-	pcre? ( dev-libs/libpcre:= )
-	pcre2? ( dev-libs/libpcre2:= )
-	pcre-jit? ( dev-libs/libpcre:=[jit] )
-	ssl? (
-		dev-libs/openssl:0=
-	)
-	http2? (
-		>=dev-libs/openssl-1.0.1c:0=
-	)
-	http-cache? (
-		dev-libs/openssl:0=
-	)
-	ktls? (
-		>=dev-libs/openssl-3:0=[ktls]
-	)
-	nginx_modules_http_brotli? ( app-arch/brotli:= )
-	nginx_modules_http_geoip? ( dev-libs/geoip )
-	nginx_modules_http_geoip2? ( dev-libs/libmaxminddb:= )
-	nginx_modules_http_gunzip? ( sys-libs/zlib )
-	nginx_modules_http_gzip? ( sys-libs/zlib )
-	nginx_modules_http_gzip_static? ( sys-libs/zlib )
-	nginx_modules_http_image_filter? ( media-libs/gd:=[jpeg,png] )
-	nginx_modules_http_perl? ( >=dev-lang/perl-5.8:= )
-	nginx_modules_http_rewrite? ( dev-libs/libpcre:= )
-	nginx_modules_http_secure_link? ( dev-libs/openssl:0= )
-	nginx_modules_http_xslt? ( dev-libs/libxml2:= dev-libs/libxslt )
-	nginx_modules_http_lua? ( ${LUA_DEPS} )
-	nginx_modules_http_auth_pam? ( sys-libs/pam )
-	nginx_modules_http_metrics? ( dev-libs/yajl:= )
-	nginx_modules_http_dav_ext? ( dev-libs/libxml2 )
-	nginx_modules_http_security? ( dev-libs/modsecurity )
-	nginx_modules_http_auth_ldap? ( net-nds/openldap:=[ssl?] )
-	nginx_modules_stream_geoip? ( dev-libs/geoip )
-	nginx_modules_stream_geoip2? ( dev-libs/libmaxminddb:= )"
-RDEPEND="${CDEPEND}
-	app-misc/mime-types[nginx]
-	selinux? ( sec-policy/selinux-nginx )
-	!www-servers/nginx:0"
-DEPEND="${CDEPEND}
-	arm? ( dev-libs/libatomic_ops )
-	libatomic? ( dev-libs/libatomic_ops )"
-BDEPEND="nginx_modules_http_brotli? ( virtual/pkgconfig )"
-PDEPEND="vim-syntax? ( app-vim/nginx-syntax )"
-
-REQUIRED_USE="pcre-jit? ( pcre )
-	ktls? ( ssl )
-	nginx_modules_http_fancyindex? ( nginx_modules_http_addition )
-	nginx_modules_http_grpc? ( http2 )
-	nginx_modules_http_lua? (
-		${LUA_REQUIRED_USE}
-		nginx_modules_http_rewrite
-		pcre
-		!pcre2
-	)
-	nginx_modules_http_naxsi? ( nginx_modules_http_rewrite pcre )
-	nginx_modules_http_dav_ext? ( nginx_modules_http_dav nginx_modules_http_xslt )
-	nginx_modules_http_metrics? ( nginx_modules_http_stub_status )
-	nginx_modules_http_security? ( pcre )
-	nginx_modules_http_push_stream? ( ssl )"
-
-pkg_setup() {
-	NGINX_HOME="/var/lib/nginx"
-	NGINX_HOME_TMP="${NGINX_HOME}/tmp"
-
-	if use libatomic; then
-		ewarn "GCC 4.1+ features built-in atomic operations."
-		ewarn "Using libatomic_ops is only needed if using"
-		ewarn "a different compiler or a GCC prior to 4.1"
-	fi
-
-	if [[ -n $NGINX_ADD_MODULES ]]; then
-		ewarn "You are building custom modules via \$NGINX_ADD_MODULES!"
-		ewarn "This nginx installation is not supported!"
-		ewarn "Make sure you can reproduce the bug without those modules"
-		ewarn "_before_ reporting bugs."
-	fi
-
-	if use !http; then
-		ewarn "To actually disable all http-functionality you also have to disable"
-		ewarn "all nginx http modules."
-	fi
-
-	if use nginx_modules_http_mogilefs && use threads; then
-		eerror "mogilefs won't compile with threads support."
-		eerror "Please disable either flag and try again."
-		die "Can't compile mogilefs with threads support"
-	fi
-
-	use nginx_modules_http_lua && lua-single_pkg_setup
-}
-
-src_prepare() {
-	eapply "${FILESDIR}/${PN}-1.4.1-fix-perl-install-path.patch"
-	eapply "${FILESDIR}/${PN}-httpoxy-mitigation-r1.patch"
-
-	if use nginx_modules_http_auth_ldap; then
-		cd "${HTTP_LDAP_MODULE_WD}" || die
-		eapply "${FILESDIR}/${PN}-1.23.2-mod_auth_ldap-fix.patch"
-		cd "${S}" || die
-	fi
-
-	if use nginx_modules_http_javascript; then
-		cd "${NJS_MODULE_WD}" || die
-		sed -e 's/-Werror//g' -i auto/cc || die
-		cd "${S}" || die
-	fi
-
-	if use nginx_modules_http_sticky; then
-		cd "${HTTP_STICKY_MODULE_WD}" || die
-		eapply "${FILESDIR}"/http_sticky-nginx-1.23.0.patch
-		cd "${S}" || die
-	fi
-
-	if use nginx_modules_http_naxsi; then
-		cd "${HTTP_NAXSI_MODULE_WD}" || die
-		rm -r libinjection || die
-		mv ../../libinjection-${HTTP_NAXSI_LIBINJECTION_MODULE_PV} libinjection || die
-		cd "${S}" || die
-	fi
-
-	if use nginx_modules_http_brotli; then
-		cd "${HTTP_BROTLI_MODULE_WD}" || die
-		eapply "${FILESDIR}"/http_brotli-detect-brotli-r3.patch
-		cd "${S}" || die
-	fi
-
-	if use nginx_modules_http_upstream_check; then
-		eapply -p0 "${FILESDIR}"/http_upstream_check-nginx-1.11.5+.patch
-	fi
-
-	if use nginx_modules_http_cache_purge; then
-		cd "${HTTP_CACHE_PURGE_MODULE_WD}" || die
-		eapply "${FILESDIR}"/http_cache_purge-1.11.6+.patch
-		cd "${S}" || die
-	fi
-
-	if use nginx_modules_http_upload_progress; then
-		cd "${HTTP_UPLOAD_PROGRESS_MODULE_WD}" || die
-		eapply "${FILESDIR}"/http_uploadprogress-nginx-1.23.0.patch
-		cd "${S}" || die
-	fi
-
-	find auto/ -type f -print0 | xargs -0 sed -i 's:\&\& make:\&\& \\$(MAKE):' || die
-	# We have config protection, don't rename etc files
-	sed -i 's:.default::' auto/install || die
-	# remove useless files
-	sed -i -e '/koi-/d' -e '/win-/d' auto/install || die
-
-	# don't install to /etc/nginx/ if not in use
-	local module
-	for module in fastcgi scgi uwsgi ; do
-		if ! use nginx_modules_http_${module}; then
-			sed -i -e "/${module}/d" auto/install || die
-		fi
-	done
-
-	eapply_user
-}
-
-src_configure() {
-	local myconf=() http_enabled= mail_enabled= stream_enabled=
-
-	use aio       && myconf+=( --with-file-aio )
-	use debug     && myconf+=( --with-debug )
-	use http2     && myconf+=( --with-http_v2_module )
-	use http3     && myconf+=( --with-http_v3_module )
-	use ktls      && myconf+=( --with-openssl-opt=enable-ktls )
-	use libatomic && myconf+=( --with-libatomic )
-	use pcre      && myconf+=( --with-pcre --without-pcre2 )
-	use pcre-jit  && myconf+=( --with-pcre-jit )
-	use threads   && myconf+=( --with-threads )
-
-	# HTTP modules
-	for mod in $NGINX_MODULES_STD; do
-		if use nginx_modules_http_${mod}; then
-			http_enabled=1
-		else
-			myconf+=( --without-http_${mod}_module )
-		fi
-	done
-
-	for mod in $NGINX_MODULES_OPT; do
-		if use nginx_modules_http_${mod}; then
-			http_enabled=1
-			myconf+=( --with-http_${mod}_module )
-		fi
-	done
-
-	if use nginx_modules_http_fastcgi; then
-		myconf+=( --with-http_realip_module )
-	fi
-
-	# third-party modules
-	if use nginx_modules_http_upload_progress; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_UPLOAD_PROGRESS_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_headers_more; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_HEADERS_MORE_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_cache_purge; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_CACHE_PURGE_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_slowfs_cache; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_SLOWFS_CACHE_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_fancyindex; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_FANCYINDEX_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_lua; then
-		http_enabled=1
-		export LUAJIT_LIB=$(dirname $(lua_get_shared_lib))
-		export LUAJIT_INC=$(lua_get_include_dir)
-		myconf+=( --add-module=${DEVEL_KIT_MODULE_WD} )
-		myconf+=( --add-module=${HTTP_LUA_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_auth_pam; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_AUTH_PAM_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_upstream_check; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_UPSTREAM_CHECK_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_metrics; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_METRICS_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_naxsi ; then
-		http_enabled=1
-		myconf+=(  --add-module=${HTTP_NAXSI_MODULE_WD} )
-	fi
-
-	if use rtmp ; then
-		http_enabled=1
-		myconf+=( --add-module=${RTMP_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_dav_ext ; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_DAV_EXT_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_echo ; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_ECHO_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_security ; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_SECURITY_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_push_stream ; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_PUSH_STREAM_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_sticky ; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_STICKY_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_mogilefs ; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_MOGILEFS_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_memc ; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_MEMC_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_auth_ldap; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_LDAP_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_vhost_traffic_status; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_VHOST_TRAFFIC_STATUS_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_geoip2 || use nginx_modules_stream_geoip2; then
-		myconf+=( --add-module=${GEOIP2_MODULE_WD} )
-	fi
-
-	if use nginx_modules_http_javascript || use nginx_modules_stream_javascript; then
-		myconf+=( --add-module="${NJS_MODULE_WD}/nginx" )
-	fi
-
-	if use nginx_modules_http_brotli; then
-		http_enabled=1
-		myconf+=( --add-module=${HTTP_BROTLI_MODULE_WD} )
-	fi
-
-	if use http || use http-cache || use http2 || use http3 || use nginx_modules_http_javascript; then
-		http_enabled=1
-	fi
-
-	if [ $http_enabled ]; then
-		use http-cache || myconf+=( --without-http-cache )
-		use ssl && myconf+=( --with-http_ssl_module )
-	else
-		myconf+=( --without-http --without-http-cache )
-	fi
-
-	# Stream modules
-	for mod in $NGINX_MODULES_STREAM_STD; do
-		if use nginx_modules_stream_${mod}; then
-			stream_enabled=1
-		else
-			myconf+=( --without-stream_${mod}_module )
-		fi
-	done
-
-	for mod in $NGINX_MODULES_STREAM_OPT; do
-		if use nginx_modules_stream_${mod}; then
-			stream_enabled=1
-			myconf+=( --with-stream_${mod}_module )
-		fi
-	done
-
-	if use nginx_modules_stream_geoip2 || use nginx_modules_stream_javascript; then
-		stream_enabled=1
-	fi
-
-	if [ $stream_enabled ]; then
-		myconf+=( --with-stream )
-		use ssl && myconf+=( --with-stream_ssl_module )
-	fi
-
-	# MAIL modules
-	for mod in $NGINX_MODULES_MAIL; do
-		if use nginx_modules_mail_${mod}; then
-			mail_enabled=1
-		else
-			myconf+=( --without-mail_${mod}_module )
-		fi
-	done
-
-	if [ $mail_enabled ]; then
-		myconf+=( --with-mail )
-		use ssl && myconf+=( --with-mail_ssl_module )
-	fi
-
-	# custom modules
-	for mod in $NGINX_ADD_MODULES; do
-		myconf+=(  --add-module=${mod} )
-	done
-
-	# https://bugs.gentoo.org/286772
-	export LANG=C LC_ALL=C
-	tc-export AR CC
-
-	if ! use prefix; then
-		myconf+=( --user=${PN} )
-		myconf+=( --group=${PN} )
-	fi
-
-	if [[ -n "${EXTRA_ECONF}" ]]; then
-		myconf+=( ${EXTRA_ECONF} )
-		ewarn "EXTRA_ECONF applied. Now you are on your own, good luck!"
-	fi
-
-	./configure \
-		--prefix="${EPREFIX}"/usr \
-		--conf-path="${EPREFIX}"/etc/${PN}/${PN}.conf \
-		--error-log-path="${EPREFIX}"/var/log/${PN}/error_log \
-		--pid-path="${EPREFIX}"/run/${PN}.pid \
-		--lock-path="${EPREFIX}"/run/lock/${PN}.lock \
-		--with-cc-opt="-I${ESYSROOT}/usr/include" \
-		--with-ld-opt="-L${ESYSROOT}/usr/$(get_libdir)" \
-		--http-log-path="${EPREFIX}"/var/log/${PN}/access_log \
-		--http-client-body-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/client \
-		--http-proxy-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/proxy \
-		--http-fastcgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/fastcgi \
-		--http-scgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/scgi \
-		--http-uwsgi-temp-path="${EPREFIX}${NGINX_HOME_TMP}"/uwsgi \
-		--with-compat \
-		"${myconf[@]}" || die "configure failed"
-
-	# A purely cosmetic change that makes nginx -V more readable. This can be
-	# good if people outside the gentoo community would troubleshoot and
-	# question the users setup.
-	sed -i -e "s|${WORKDIR}|external_module|g" objs/ngx_auto_config.h || die
-}
-
-src_compile() {
-	# https://bugs.gentoo.org/286772
-	export LANG=C LC_ALL=C
-	emake LINK="${CC} ${LDFLAGS}" OTHERLDFLAGS="${LDFLAGS}"
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	cp "${FILESDIR}"/nginx.conf-r3 "${ED}"/etc/nginx/nginx.conf || die
-
-	newinitd "${FILESDIR}"/nginx.initd-r4 nginx
-	newconfd "${FILESDIR}"/nginx.confd nginx
-
-	systemd_newunit "${FILESDIR}"/nginx.service-r1 nginx.service
-
-	doman man/nginx.8
-	dodoc CHANGES* README
-
-	# just keepdir. do not copy the default htdocs files (bug #449136)
-	keepdir /var/www/localhost
-	rm -rf "${ED}"/usr/html || die
-
-	# set up a list of directories to keep
-	local keepdir_list="${NGINX_HOME_TMP}"/client
-	local module
-	for module in proxy fastcgi scgi uwsgi; do
-		use nginx_modules_http_${module} && keepdir_list+=" ${NGINX_HOME_TMP}/${module}"
-	done
-
-	keepdir /var/log/nginx ${keepdir_list}
-
-	# this solves a problem with SELinux where nginx doesn't see the directories
-	# as root and tries to create them as nginx
-	fperms 0750 "${NGINX_HOME_TMP}"
-	fowners ${PN}:0 "${NGINX_HOME_TMP}"
-
-	fperms 0700 ${keepdir_list}
-	fowners ${PN}:${PN} ${keepdir_list}
-
-	fperms 0710 /var/log/nginx
-	fowners 0:${PN} /var/log/nginx
-
-	# logrotate
-	insinto /etc/logrotate.d
-	newins "${FILESDIR}"/nginx.logrotate-r1 nginx
-
-	# Don't create /run
-	rm -rf "${ED}"/run || die
-
-	if use lua_single_target_luajit; then
-		pax-mark m "${ED}/usr/sbin/nginx"
-	fi
-
-	if use nginx_modules_http_perl; then
-		cd "${S}"/objs/src/http/modules/perl/ || die
-		emake DESTDIR="${D}" INSTALLDIRS=vendor
-		perl_delete_localpod
-		cd "${S}" || die
-	fi
-
-	if use nginx_modules_http_cache_purge; then
-		docinto ${HTTP_CACHE_PURGE_MODULE_P}
-		dodoc "${HTTP_CACHE_PURGE_MODULE_WD}"/{CHANGES,README.md,TODO.md}
-	fi
-
-	if use nginx_modules_http_slowfs_cache; then
-		docinto ${HTTP_SLOWFS_CACHE_MODULE_P}
-		dodoc "${HTTP_SLOWFS_CACHE_MODULE_WD}"/{CHANGES,README.md}
-	fi
-
-	if use nginx_modules_http_fancyindex; then
-		docinto ${HTTP_FANCYINDEX_MODULE_P}
-		dodoc "${HTTP_FANCYINDEX_MODULE_WD}"/README.rst
-	fi
-
-	if use nginx_modules_http_lua; then
-		docinto ${HTTP_LUA_MODULE_P}
-		dodoc "${HTTP_LUA_MODULE_WD}"/README.markdown
-	fi
-
-	if use nginx_modules_http_auth_pam; then
-		docinto ${HTTP_AUTH_PAM_MODULE_P}
-		dodoc "${HTTP_AUTH_PAM_MODULE_WD}"/{README.md,ChangeLog}
-	fi
-
-	if use nginx_modules_http_upstream_check; then
-		docinto ${HTTP_UPSTREAM_CHECK_MODULE_P}
-		dodoc "${HTTP_UPSTREAM_CHECK_MODULE_WD}"/{README,CHANGES}
-	fi
-
-	if use nginx_modules_http_naxsi; then
-		insinto /etc/nginx/naxsi
-		doins "${HTTP_NAXSI_MODULE_WD}"/../distros/nginx/*
-		doins "${HTTP_NAXSI_MODULE_WD}"/../naxsi_rules/naxsi_core.rules
-		doins -r "${HTTP_NAXSI_MODULE_WD}"/../naxsi_rules/blocking
-		doins -r "${HTTP_NAXSI_MODULE_WD}"/../naxsi_rules/whitelists
-	fi
-
-	if use rtmp; then
-		docinto ${RTMP_MODULE_P}
-		dodoc "${RTMP_MODULE_WD}"/{AUTHORS,README.md,stat.xsl}
-	fi
-
-	if use nginx_modules_http_dav_ext; then
-		docinto ${HTTP_DAV_EXT_MODULE_P}
-		dodoc "${HTTP_DAV_EXT_MODULE_WD}"/README.rst
-	fi
-
-	if use nginx_modules_http_echo; then
-		docinto ${HTTP_ECHO_MODULE_P}
-		dodoc "${HTTP_ECHO_MODULE_WD}"/README.markdown
-	fi
-
-	if use nginx_modules_http_security; then
-		docinto ${HTTP_SECURITY_MODULE_P}
-		dodoc "${HTTP_SECURITY_MODULE_WD}"/{AUTHORS,CHANGES,README.md}
-	fi
-
-	if use nginx_modules_http_push_stream; then
-		docinto ${HTTP_PUSH_STREAM_MODULE_P}
-		dodoc "${HTTP_PUSH_STREAM_MODULE_WD}"/{AUTHORS,CHANGELOG.textile,README.textile}
-	fi
-
-	if use nginx_modules_http_sticky; then
-		docinto ${HTTP_STICKY_MODULE_P}
-		dodoc "${HTTP_STICKY_MODULE_WD}"/{README.md,Changelog.txt,docs/sticky.pdf}
-	fi
-
-	if use nginx_modules_http_memc; then
-		docinto ${HTTP_MEMC_MODULE_P}
-		dodoc "${HTTP_MEMC_MODULE_WD}"/README.markdown
-	fi
-
-	if use nginx_modules_http_auth_ldap; then
-		docinto ${HTTP_LDAP_MODULE_P}
-		dodoc "${HTTP_LDAP_MODULE_WD}"/example.conf
-	fi
-}
-
-pkg_postinst() {
-	if use ssl; then
-		if [[ ! -f "${EROOT}"/etc/ssl/${PN}/${PN}.key ]]; then
-			install_cert /etc/ssl/${PN}/${PN}
-			use prefix || chown ${PN}:${PN} "${EROOT}"/etc/ssl/${PN}/${PN}.{crt,csr,key,pem}
-		fi
-	fi
-
-	if use nginx_modules_http_spdy; then
-		ewarn ""
-		ewarn "In nginx 1.9.5 the spdy module was superseded by http2."
-		ewarn "Update your configs and package.use accordingly."
-	fi
-
-	if use nginx_modules_http_lua; then
-		ewarn ""
-		ewarn "While you can build lua 3rd party module against ${P}"
-		ewarn "the author warns that >=${PN}-1.11.11 is still not an"
-		ewarn "officially supported target yet. You are on your own."
-		ewarn "Expect runtime failures, memory leaks and other problems!"
-	fi
-
-	if use nginx_modules_http_lua && use http2; then
-		ewarn ""
-		ewarn "Lua 3rd party module author warns against using ${P} with"
-		ewarn "NGINX_MODULES_HTTP=\"lua http2\". For more info, see https://git.io/OldLsg"
-	fi
-
-	local _n_permission_layout_checks=0
-	local _has_to_adjust_permissions=0
-	local _has_to_show_permission_warning=0
-
-	# Defaults to 1 to inform people doing a fresh installation
-	# that we ship modified {scgi,uwsgi,fastcgi}_params files
-	local _has_to_show_httpoxy_mitigation_notice=1
-
-	local _replacing_version=
-	for _replacing_version in ${REPLACING_VERSIONS}; do
-		_n_permission_layout_checks=$((${_n_permission_layout_checks}+1))
-
-		if [[ ${_n_permission_layout_checks} -gt 1 ]]; then
-			# Should never happen:
-			# Package is abusing slots but doesn't allow multiple parallel installations.
-			# If we run into this situation it is unsafe to automatically adjust any
-			# permission...
-			_has_to_show_permission_warning=1
-
-			ewarn "Replacing multiple ${PN}' versions is unsupported! " \
-				"You will have to adjust permissions on your own."
-
-			break
-		fi
-
-		local _replacing_version_branch=$(ver_cut 1-2 "${_replacing_version}")
-		debug-print "Updating an existing installation (v${_replacing_version}; branch '${_replacing_version_branch}') ..."
-
-		# Do we need to adjust permissions to fix CVE-2013-0337 (bug #458726, #469094)?
-		# This was before we introduced multiple nginx versions so we
-		# do not need to distinguish between stable and mainline
-		local _need_to_fix_CVE2013_0337=1
-
-		if ver_test ${_replacing_version} -ge 1.4.1-r2; then
-			# We are updating an installation which should already be fixed
-			_need_to_fix_CVE2013_0337=0
-			debug-print "Skipping CVE-2013-0337 ... existing installation should not be affected!"
-		else
-			_has_to_adjust_permissions=1
-			debug-print "Need to adjust permissions to fix CVE-2013-0337!"
-		fi
-
-		# Do we need to inform about HTTPoxy mitigation?
-		# In repository since commit 8be44f76d4ac02cebcd1e0e6e6284bb72d054b0f
-		if ver_test ${_replacing_version_branch} -lt 1.10; then
-			# Updating from <1.10
-			_has_to_show_httpoxy_mitigation_notice=1
-			debug-print "Need to inform about HTTPoxy mitigation!"
-		else
-			# Updating from >=1.10
-			local _fixed_in_pvr=
-			case "${_replacing_version_branch}" in
-				"1.10")
-					_fixed_in_pvr="1.10.1-r2"
-					;;
-				"1.11")
-					_fixed_in_pvr="1.11.3-r1"
-					;;
-				*)
-					# This should be any future branch.
-					# If we run this code it is safe to assume that the user has
-					# already seen the HTTPoxy mitigation notice because he/she is doing
-					# an update from previous version where we have already shown
-					# the warning. Otherwise, we wouldn't hit this code path ...
-					_fixed_in_pvr=
-			esac
-
-			if [[ -z "${_fixed_in_pvr}" ]] || ver_test ${_replacing_version} -ge ${_fixed_in_pvr}; then
-				# We are updating an installation where we already informed
-				# that we are mitigating HTTPoxy per default
-				_has_to_show_httpoxy_mitigation_notice=0
-				debug-print "No need to inform about HTTPoxy mitigation ... information was already shown for existing installation!"
-			else
-				_has_to_show_httpoxy_mitigation_notice=1
-				debug-print "Need to inform about HTTPoxy mitigation!"
-			fi
-		fi
-
-		# Do we need to adjust permissions to fix CVE-2016-1247 (bug #605008)?
-		# All branches up to 1.11 are affected
-		local _need_to_fix_CVE2016_1247=1
-
-		if ver_test ${_replacing_version_branch} -lt 1.10; then
-			# Updating from <1.10
-			_has_to_adjust_permissions=1
-			debug-print "Need to adjust permissions to fix CVE-2016-1247!"
-		else
-			# Updating from >=1.10
-			local _fixed_in_pvr=
-			case "${_replacing_version_branch}" in
-				"1.10")
-					_fixed_in_pvr="1.10.2-r3"
-					;;
-				"1.11")
-					_fixed_in_pvr="1.11.6-r1"
-					;;
-				*)
-					# This should be any future branch.
-					# If we run this code it is safe to assume that we have already
-					# adjusted permissions or were never affected because user is
-					# doing an update from previous version which was safe or did
-					# the adjustments. Otherwise, we wouldn't hit this code path ...
-					_fixed_in_pvr=
-			esac
-
-			if [[ -z "${_fixed_in_pvr}" ]] || ver_test ${_replacing_version} -ge ${_fixed_in_pvr}; then
-				# We are updating an installation which should already be adjusted
-				# or which was never affected
-				_need_to_fix_CVE2016_1247=0
-				debug-print "Skipping CVE-2016-1247 ... existing installation should not be affected!"
-			else
-				_has_to_adjust_permissions=1
-				debug-print "Need to adjust permissions to fix CVE-2016-1247!"
-			fi
-		fi
-	done
-
-	if [[ ${_has_to_adjust_permissions} -eq 1 ]]; then
-		# We do not DIE when chmod/chown commands are failing because
-		# package is already merged on user's system at this stage
-		# and we cannot retry without losing the information that
-		# the existing installation needs to adjust permissions.
-		# Instead we are going to a show a big warning ...
-
-		if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2013_0337} -eq 1 ]]; then
-			ewarn ""
-			ewarn "The world-readable bit (if set) has been removed from the"
-			ewarn "following directories to mitigate a security bug"
-			ewarn "(CVE-2013-0337, bug #458726):"
-			ewarn ""
-			ewarn "  ${EPREFIX}/var/log/nginx"
-			ewarn "  ${EPREFIX}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}"
-			ewarn ""
-			ewarn "Check if this is correct for your setup before restarting nginx!"
-			ewarn "This is a one-time change and will not happen on subsequent updates."
-			ewarn "Furthermore nginx' temp directories got moved to '${EPREFIX}${NGINX_HOME_TMP}'"
-			chmod o-rwx \
-				"${EPREFIX}"/var/log/nginx \
-				"${EPREFIX}"${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi} || \
-				_has_to_show_permission_warning=1
-		fi
-
-		if [[ ${_has_to_show_permission_warning} -eq 0 ]] && [[ ${_need_to_fix_CVE2016_1247} -eq 1 ]]; then
-			ewarn ""
-			ewarn "The permissions on the following directory have been reset in"
-			ewarn "order to mitigate a security bug (CVE-2016-1247, bug #605008):"
-			ewarn ""
-			ewarn "  ${EPREFIX}/var/log/nginx"
-			ewarn ""
-			ewarn "Check if this is correct for your setup before restarting nginx!"
-			ewarn "Also ensure that no other log directory used by any of your"
-			ewarn "vhost(s) is not writeable for nginx user. Any of your log files"
-			ewarn "used by nginx can be abused to escalate privileges!"
-			ewarn "This is a one-time change and will not happen on subsequent updates."
-			chown 0:nginx "${EPREFIX}"/var/log/nginx || _has_to_show_permission_warning=1
-			chmod 710 "${EPREFIX}"/var/log/nginx || _has_to_show_permission_warning=1
-		fi
-
-		if [[ ${_has_to_show_permission_warning} -eq 1 ]]; then
-			# Should never happen ...
-			ewarn ""
-			ewarn "*************************************************************"
-			ewarn "***************         W A R N I N G         ***************"
-			ewarn "*************************************************************"
-			ewarn "The one-time only attempt to adjust permissions of the"
-			ewarn "existing nginx installation failed. Be aware that we will not"
-			ewarn "try to adjust the same permissions again because now you are"
-			ewarn "using a nginx version where we expect that the permissions"
-			ewarn "are already adjusted or that you know what you are doing and"
-			ewarn "want to keep custom permissions."
-			ewarn ""
-		fi
-	fi
-
-	# Sanity check for CVE-2016-1247
-	# Required to warn users who received the warning above and thought
-	# they could fix it by unmerging and re-merging the package or have
-	# unmerged a affected installation on purpose in the past leaving
-	# /var/log/nginx on their system due to keepdir/non-empty folder
-	# and are now installing the package again.
-	local _sanity_check_testfile=$(mktemp --dry-run "${EPREFIX}"/var/log/nginx/.CVE-2016-1247.XXXXXXXXX)
-	su -s /bin/sh -c "touch ${_sanity_check_testfile}" nginx >&/dev/null
-	if [ $? -eq 0 ] ; then
-		# Cleanup -- no reason to die here!
-		rm -f "${_sanity_check_testfile}"
-
-		ewarn ""
-		ewarn "*************************************************************"
-		ewarn "***************         W A R N I N G         ***************"
-		ewarn "*************************************************************"
-		ewarn "Looks like your installation is vulnerable to CVE-2016-1247"
-		ewarn "(bug #605008) because nginx user is able to create files in"
-		ewarn ""
-		ewarn "  ${EPREFIX}/var/log/nginx"
-		ewarn ""
-		ewarn "Also ensure that no other log directory used by any of your"
-		ewarn "vhost(s) is not writeable for nginx user. Any of your log files"
-		ewarn "used by nginx can be abused to escalate privileges!"
-	fi
-
-	if [[ ${_has_to_show_httpoxy_mitigation_notice} -eq 1 ]]; then
-		# HTTPoxy mitigation
-		ewarn ""
-		ewarn "This nginx installation comes with a mitigation for the HTTPoxy"
-		ewarn "vulnerability for FastCGI, SCGI and uWSGI applications by setting"
-		ewarn "the HTTP_PROXY parameter to an empty string per default when you"
-		ewarn "are sourcing one of the default"
-		ewarn ""
-		ewarn "  - 'fastcgi_params' or 'fastcgi.conf'"
-		ewarn "  - 'scgi_params'"
-		ewarn "  - 'uwsgi_params'"
-		ewarn ""
-		ewarn "files in your server block(s)."
-		ewarn ""
-		ewarn "If this is causing any problems for you make sure that you are sourcing the"
-		ewarn "default parameters _before_ you set your own values."
-		ewarn "If you are relying on user-supplied proxy values you have to remove the"
-		ewarn "correlating lines from the file(s) mentioned above."
-		ewarn ""
-	fi
-}
diff --git a/www-servers/nginx/nginx-1.25.4.ebuild b/www-servers/nginx/nginx-1.25.4-r1.ebuild
index f447f92cc70b..da685a0b5902 100644
--- a/www-servers/nginx/nginx-1.25.4.ebuild
+++ b/www-servers/nginx/nginx-1.25.4-r1.ebuild
@@ -160,13 +160,13 @@ GEOIP2_MODULE_URI="https://github.com/leev/ngx_http_geoip2_module/archive/${GEOI
 GEOIP2_MODULE_WD="${WORKDIR}/ngx_http_geoip2_module-${GEOIP2_MODULE_PV}"
 
 # njs-module (https://github.com/nginx/njs, as-is)
-NJS_MODULE_PV="0.8.2"
+NJS_MODULE_PV="0.8.4"
 NJS_MODULE_P="njs-${NJS_MODULE_PV}"
 NJS_MODULE_URI="https://github.com/nginx/njs/archive/${NJS_MODULE_PV}.tar.gz"
 NJS_MODULE_WD="${WORKDIR}/njs-${NJS_MODULE_PV}"
 
 # nginx-tests (http://hg.nginx.org/nginx-tests, BSD-2)
-NGINX_TESTS_REV="24482e311749"
+NGINX_TESTS_REV="0b5ec15c62ed"
 
 # We handle deps below ourselves
 SSL_DEPS_SKIP=1
diff --git a/www-servers/nginx/nginx-1.25.5.ebuild b/www-servers/nginx/nginx-1.25.5.ebuild
index f5bb4dfa7402..631386626414 100644
--- a/www-servers/nginx/nginx-1.25.5.ebuild
+++ b/www-servers/nginx/nginx-1.25.5.ebuild
@@ -153,6 +153,12 @@ HTTP_LDAP_MODULE_P="nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}"
 HTTP_LDAP_MODULE_URI="https://github.com/kvspb/nginx-auth-ldap/archive/${HTTP_LDAP_MODULE_PV}.tar.gz"
 HTTP_LDAP_MODULE_WD="${WORKDIR}/nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}"
 
+# nginx-vod-module (https://github.com/kaltura/nginx-vod-module, AGPL-3+)
+HTTP_VOD_MODULE_PV="1.33"
+HTTP_VOD_MODULE_P="nginx-vod-module-${HTTP_VOD_MODULE_PV}"
+HTTP_VOD_MODULE_URI="https://github.com/kaltura/nginx-vod-module/archive/${HTTP_VOD_MODULE_PV}.tar.gz"
+HTTP_VOD_MODULE_WD="${WORKDIR}/nginx-vod-module-${HTTP_VOD_MODULE_PV}"
+
 # geoip2 (https://github.com/leev/ngx_http_geoip2_module, BSD-2)
 GEOIP2_MODULE_PV="3.4"
 GEOIP2_MODULE_P="ngx_http_geoip2_module-${GEOIP2_MODULE_PV}"
@@ -166,7 +172,7 @@ NJS_MODULE_URI="https://github.com/nginx/njs/archive/${NJS_MODULE_PV}.tar.gz"
 NJS_MODULE_WD="${WORKDIR}/njs-${NJS_MODULE_PV}"
 
 # nginx-tests (http://hg.nginx.org/nginx-tests, BSD-2)
-NGINX_TESTS_REV="24482e311749"
+NGINX_TESTS_REV="0b5ec15c62ed"
 
 # We handle deps below ourselves
 SSL_DEPS_SKIP=1
@@ -203,6 +209,7 @@ SRC_URI="https://nginx.org/download/${P}.tar.gz
 	nginx_modules_http_upload_progress? ( ${HTTP_UPLOAD_PROGRESS_MODULE_URI} -> ${HTTP_UPLOAD_PROGRESS_MODULE_P}.tar.gz )
 	nginx_modules_http_upstream_check? ( ${HTTP_UPSTREAM_CHECK_MODULE_URI} -> ${HTTP_UPSTREAM_CHECK_MODULE_P}.tar.gz )
 	nginx_modules_http_vhost_traffic_status? ( ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI} -> ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_P}.tar.gz )
+	nginx_modules_http_vod? ( ${HTTP_VOD_MODULE_URI} -> ${HTTP_VOD_MODULE_P}.tar.gz )
 	nginx_modules_stream_geoip2? ( ${GEOIP2_MODULE_URI} -> ${GEOIP2_MODULE_P}.tar.gz )
 	nginx_modules_stream_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz )
 	rtmp? ( ${RTMP_MODULE_URI} -> ${RTMP_MODULE_P}.tar.gz )
@@ -252,6 +259,7 @@ NGINX_MODULES_3RD="
 	http_upload_progress
 	http_upstream_check
 	http_vhost_traffic_status
+	http_vod
 	stream_geoip2
 	stream_javascript
 "
@@ -322,6 +330,7 @@ CDEPEND="
 	nginx_modules_http_dav_ext? ( dev-libs/libxml2 )
 	nginx_modules_http_security? ( dev-libs/modsecurity )
 	nginx_modules_http_auth_ldap? ( net-nds/openldap:=[ssl?] )
+	nginx_modules_http_vod? ( media-video/ffmpeg:0= )
 	nginx_modules_stream_geoip? ( dev-libs/geoip )
 	nginx_modules_stream_geoip2? ( dev-libs/libmaxminddb:= )"
 RDEPEND="${CDEPEND}
@@ -365,7 +374,8 @@ REQUIRED_USE="pcre-jit? ( pcre )
 	nginx_modules_http_dav_ext? ( nginx_modules_http_dav nginx_modules_http_xslt )
 	nginx_modules_http_metrics? ( nginx_modules_http_stub_status )
 	nginx_modules_http_security? ( pcre )
-	nginx_modules_http_push_stream? ( ssl )"
+	nginx_modules_http_push_stream? ( ssl )
+	nginx_modules_http_vod? ( threads )"
 
 pkg_setup() {
 	NGINX_HOME="/var/lib/nginx"
@@ -620,6 +630,12 @@ src_configure() {
 		http_enabled=1
 	fi
 
+	if use nginx_modules_http_vod; then
+		http_enabled=1
+		export HTTP_POSTPONE=no
+		myconf+=( --add-module=${HTTP_VOD_MODULE_WD} )
+	fi
+
 	if [ $http_enabled ]; then
 		use http-cache || myconf+=( --without-http-cache )
 		use ssl && myconf+=( --with-http_ssl_module )
@@ -846,6 +862,11 @@ src_install() {
 		docinto ${HTTP_LDAP_MODULE_P}
 		dodoc "${HTTP_LDAP_MODULE_WD}"/example.conf
 	fi
+
+	if use nginx_modules_http_vod; then
+		docinto ${HTTP_VOD_MODULE_P}
+		dodoc "${HTTP_VOD_MODULE_WD}"/{CHANGELOG,README}.md
+	fi
 }
 
 src_test() {
diff --git a/www-servers/nginx/nginx-1.25.3-r1.ebuild b/www-servers/nginx/nginx-1.26.0.ebuild
index 4e7603cd13f8..f6b48a38a163 100644
--- a/www-servers/nginx/nginx-1.25.3-r1.ebuild
+++ b/www-servers/nginx/nginx-1.26.0.ebuild
@@ -153,6 +153,12 @@ HTTP_LDAP_MODULE_P="nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}"
 HTTP_LDAP_MODULE_URI="https://github.com/kvspb/nginx-auth-ldap/archive/${HTTP_LDAP_MODULE_PV}.tar.gz"
 HTTP_LDAP_MODULE_WD="${WORKDIR}/nginx-auth-ldap-${HTTP_LDAP_MODULE_PV}"
 
+# nginx-vod-module (https://github.com/kaltura/nginx-vod-module, AGPL-3+)
+HTTP_VOD_MODULE_PV="1.33"
+HTTP_VOD_MODULE_P="nginx-vod-module-${HTTP_VOD_MODULE_PV}"
+HTTP_VOD_MODULE_URI="https://github.com/kaltura/nginx-vod-module/archive/${HTTP_VOD_MODULE_PV}.tar.gz"
+HTTP_VOD_MODULE_WD="${WORKDIR}/nginx-vod-module-${HTTP_VOD_MODULE_PV}"
+
 # geoip2 (https://github.com/leev/ngx_http_geoip2_module, BSD-2)
 GEOIP2_MODULE_PV="3.4"
 GEOIP2_MODULE_P="ngx_http_geoip2_module-${GEOIP2_MODULE_PV}"
@@ -160,13 +166,13 @@ GEOIP2_MODULE_URI="https://github.com/leev/ngx_http_geoip2_module/archive/${GEOI
 GEOIP2_MODULE_WD="${WORKDIR}/ngx_http_geoip2_module-${GEOIP2_MODULE_PV}"
 
 # njs-module (https://github.com/nginx/njs, as-is)
-NJS_MODULE_PV="0.8.2"
+NJS_MODULE_PV="0.8.4"
 NJS_MODULE_P="njs-${NJS_MODULE_PV}"
 NJS_MODULE_URI="https://github.com/nginx/njs/archive/${NJS_MODULE_PV}.tar.gz"
 NJS_MODULE_WD="${WORKDIR}/njs-${NJS_MODULE_PV}"
 
 # nginx-tests (http://hg.nginx.org/nginx-tests, BSD-2)
-NGINX_TESTS_REV="24482e311749"
+NGINX_TESTS_REV="0b5ec15c62ed"
 
 # We handle deps below ourselves
 SSL_DEPS_SKIP=1
@@ -203,6 +209,7 @@ SRC_URI="https://nginx.org/download/${P}.tar.gz
 	nginx_modules_http_upload_progress? ( ${HTTP_UPLOAD_PROGRESS_MODULE_URI} -> ${HTTP_UPLOAD_PROGRESS_MODULE_P}.tar.gz )
 	nginx_modules_http_upstream_check? ( ${HTTP_UPSTREAM_CHECK_MODULE_URI} -> ${HTTP_UPSTREAM_CHECK_MODULE_P}.tar.gz )
 	nginx_modules_http_vhost_traffic_status? ( ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_URI} -> ${HTTP_VHOST_TRAFFIC_STATUS_MODULE_P}.tar.gz )
+	nginx_modules_http_vod? ( ${HTTP_VOD_MODULE_URI} -> ${HTTP_VOD_MODULE_P}.tar.gz )
 	nginx_modules_stream_geoip2? ( ${GEOIP2_MODULE_URI} -> ${GEOIP2_MODULE_P}.tar.gz )
 	nginx_modules_stream_javascript? ( ${NJS_MODULE_URI} -> ${NJS_MODULE_P}.tar.gz )
 	rtmp? ( ${RTMP_MODULE_URI} -> ${RTMP_MODULE_P}.tar.gz )
@@ -212,8 +219,8 @@ LICENSE="BSD-2 BSD SSLeay MIT GPL-2 GPL-2+
 	nginx_modules_http_security? ( Apache-2.0 )
 	nginx_modules_http_push_stream? ( GPL-3 )"
 
-SLOT="mainline"
-KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc ~x86 ~amd64-linux ~x86-linux"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~x86 ~amd64-linux ~x86-linux"
 
 RESTRICT="!test? ( test )"
 
@@ -252,6 +259,7 @@ NGINX_MODULES_3RD="
 	http_upload_progress
 	http_upstream_check
 	http_vhost_traffic_status
+	http_vod
 	stream_geoip2
 	stream_javascript
 "
@@ -322,12 +330,13 @@ CDEPEND="
 	nginx_modules_http_dav_ext? ( dev-libs/libxml2 )
 	nginx_modules_http_security? ( dev-libs/modsecurity )
 	nginx_modules_http_auth_ldap? ( net-nds/openldap:=[ssl?] )
+	nginx_modules_http_vod? ( media-video/ffmpeg:0= )
 	nginx_modules_stream_geoip? ( dev-libs/geoip )
 	nginx_modules_stream_geoip2? ( dev-libs/libmaxminddb:= )"
 RDEPEND="${CDEPEND}
 	app-misc/mime-types[nginx]
 	selinux? ( sec-policy/selinux-nginx )
-	!www-servers/nginx:0"
+	!www-servers/nginx:mainline"
 DEPEND="${CDEPEND}
 	arm? ( dev-libs/libatomic_ops )
 	libatomic? ( dev-libs/libatomic_ops )"
@@ -365,7 +374,8 @@ REQUIRED_USE="pcre-jit? ( pcre )
 	nginx_modules_http_dav_ext? ( nginx_modules_http_dav nginx_modules_http_xslt )
 	nginx_modules_http_metrics? ( nginx_modules_http_stub_status )
 	nginx_modules_http_security? ( pcre )
-	nginx_modules_http_push_stream? ( ssl )"
+	nginx_modules_http_push_stream? ( ssl )
+	nginx_modules_http_vod? ( threads )"
 
 pkg_setup() {
 	NGINX_HOME="/var/lib/nginx"
@@ -620,6 +630,12 @@ src_configure() {
 		http_enabled=1
 	fi
 
+	if use nginx_modules_http_vod; then
+		http_enabled=1
+		export HTTP_POSTPONE=no
+		myconf+=( --add-module=${HTTP_VOD_MODULE_WD} )
+	fi
+
 	if [ $http_enabled ]; then
 		use http-cache || myconf+=( --without-http-cache )
 		use ssl && myconf+=( --with-http_ssl_module )
@@ -846,6 +862,11 @@ src_install() {
 		docinto ${HTTP_LDAP_MODULE_P}
 		dodoc "${HTTP_LDAP_MODULE_WD}"/example.conf
 	fi
+
+	if use nginx_modules_http_vod; then
+		docinto ${HTTP_VOD_MODULE_P}
+		dodoc "${HTTP_VOD_MODULE_WD}"/{CHANGELOG,README}.md
+	fi
 }
 
 src_test() {
diff --git a/www-servers/tomcat/Manifest b/www-servers/tomcat/Manifest
index aed5aab42139..b0e0bf43cbf0 100644
--- a/www-servers/tomcat/Manifest
+++ b/www-servers/tomcat/Manifest
@@ -15,6 +15,8 @@ DIST apache-tomcat-10.1.19-src.tar.gz 6175254 BLAKE2B 8ec0f461de2fed4642fcb20e38
 DIST apache-tomcat-10.1.19-src.tar.gz.asc 833 BLAKE2B 12b92d5f42219b0fccbc3eeb004fe38c762090790da93d51423ffec07c34f3203fbbb45c670f1cf8bf992ab061d0ed8f52f622eb51163511d29567bc241f6e26 SHA512 edbeea8873b8d1b48b8a298e57ef9715dd6b912d9edf6447bfcf85945ab79db08a21b0d134926d814676f2df823e1b78184792118926220fe4ea070919a5e71c
 DIST apache-tomcat-10.1.20-src.tar.gz 6187831 BLAKE2B bc664346e93270c2f89ef36ed21968698aaf99be7aafce64a19b8666d663bab17ff8a9c401fd115e20686012c268ef29f259df8d5f95e57076dfdab6047376af SHA512 b3d00a8b46e75329477aab0c710fc3ad219a13347f23ff287a034228bee9fda8f0faefe6a7cc3f58462f9d00b275cb82101d3576b4225fe768a504576a44032a
 DIST apache-tomcat-10.1.20-src.tar.gz.asc 833 BLAKE2B 4084c5100da15cc1103202318ccc485304a262c4ac3f9b0f2823c6119c5c741a51936903c04078870e5fa524d2d284bb0df8001639eafda86a8eccf5e9ae62c7 SHA512 89946ad7a36e1cb77dff6309b99dbd2cfa8f2a7ff54183adeae7d052edb4fa649a5e04e98a86fe42d5813ef1bf026e8120948b6f4b13dc072de0d6992d8dea2e
+DIST apache-tomcat-10.1.23-src.tar.gz 6248107 BLAKE2B f14a652b4cbcd27dcecefbea3595ee39230a3f8113dd632d672cb67af2dc699dda58ecae9943177d98b47c946edb7993363d278127a9e279729cd161d432fd95 SHA512 ff3f507910296290c5d0c30805925a32efb82a63ac60338c617f6e49525379c4616d6299ca7920ec92059075bd03eeb07c80b4ca69a58c0a6265159d0d10913b
+DIST apache-tomcat-10.1.23-src.tar.gz.asc 833 BLAKE2B c1cd63d86406e53a093c7d0325d6ede04bf8b051a23c4b2ff54d20818a583d16aa78b25e02678148eeb6320639e7366bf8851ea983e56ef81e473e6767bd6ab5 SHA512 67d35953ee8ebf685ee441467cc0e0d1fcf760651525e6e34c7ad09e8a4a75b26c0b044fcb7781a1661d1edac24ea92c1881a6728571f14e21d29411d9839c80
 DIST apache-tomcat-8.5.100-src.tar.gz 6172727 BLAKE2B c56a0c02fcac8b70186edfcf9132370bdc4d57d6997821717c8c480dbee2ebdef05d87eb2fd0d25ea2a86001aae1ddf47b2bed7d2f15bd331c6aadea298e2556 SHA512 ae03d6b99ba4d7b7718c0c9040db7cdd5db3e047efa3dc8ff145b3005733285b134462e0d47ef10730aba6d5ef9f7aa9d4fbd46f1dafe0ac622ac8fc2201aea2
 DIST apache-tomcat-8.5.100-src.tar.gz.asc 833 BLAKE2B 1c763b792d0259fad7d26aef6ee70ceb840fd9491e2d0492d9db5edcc20ea08b0ad38f878ccf49d662a6891f0e3a6cfd772dd6e5b9073a142093a4eab9e97ece SHA512 39d9a361e03574ea1a6f28df7148e4db8dae33a8978ee3f883169b789e37c8d91b41cbe159a26dc03013f53b5914915d5c2adafd9225f8d085c083eca1e47c1d
 DIST apache-tomcat-8.5.99-src.tar.gz 6162573 BLAKE2B 4443dc4865a16e60e9b9224fcd9947b36f316c4d2a81207fbb1204a1b12952275e995028eb5280a962d3488c1c43fc81bace6bb0fdf252cfb1e9025ef85da8b0 SHA512 a8aabf6d12ef89d2b908f0739392e595b3d481ceca124580323e3f3d3c26f4a39c960dcc3686efb5219bf10a7b5b55fc8c9f742a87eb975e04ed40415cab2e51
@@ -24,11 +26,12 @@ DIST apache-tomcat-9.0.87-src.tar.gz.asc 833 BLAKE2B 31c0266c0819a2daf6192f7feeb
 DIST apache-tomcat-9.0.88-src.tar.gz 6327717 BLAKE2B e79db61e3a8e368124ff151de2d25daf11a65fce9e93a38648d88c2dcdb99524fc34f84832cb02fe8aeda58a84bbc0273613db50c6f85a79d525f9a9227b740e SHA512 bcd568ad5ea4baee23eebd0566c672417c1c9005d6e97dd66edbad8fd82a8a1b5ff9a2867dd2bf5e04f2c056ea3debd67cbe4132e3ef8929ca30c4529b45e6ed
 DIST apache-tomcat-9.0.88-src.tar.gz.asc 833 BLAKE2B 034081347d89b4e10b6296e0fbe8a17189ee27a71593848fdb70cc29a41291ca1edf21d4cc11d674c710505ae93d43a2f5dd08695d6dcfb4776843cc9970edf8 SHA512 608835f309d98099b0c852c553b9116611b44f389efbee85aaac27598546e584daab180acff3b05c00623456354e2719715d9ae24bd3940de39e7bbb48d3e018
 DIST biz.aQute.bnd-7.0.0.jar 16567341 BLAKE2B 329b3b750e917ad513a1f767f63b96b1d0b10177a0f3c079bbf07e02aff77607e1f869bae09d09709d8cfef27cd802585e7f332e2a3e3f0ee1c31a4890e53fce SHA512 42b2e43f3e437c7b06f0d168eaf5ee499a4c517b1a01bec67fd6df92d01d037dd9088e0d5b013dfa1839f9dee35bf74903c1af7204712bf4aa72412e071ac503
-EBUILD tomcat-10.1.19-r1.ebuild 5442 BLAKE2B 0f5cbc25167222f86fe5c8af93d5a9a04986d58f29a2c054f12d95d9f731bf7fe404851967aa54eb08c2fbe0becee1831dfd0801dd2b8950f67bdaf4e565ac97 SHA512 79d4196d097315ef04cbd31d9f1152171fb7315f8c6d9a9cb4d3b20aa148a9612416cd501e517e65d9fb94625cd909149be9895d80218ed3750c20986faabe84
-EBUILD tomcat-10.1.20-r2.ebuild 5525 BLAKE2B c83cf5bb12e2d1f5996c02ae64927656515f44bb99d071bae085cef18c911c4c93992b5c7bde88ff3d4d3d9d58bbf8218c3f5d9c330147637f21e81f59b3b777 SHA512 08300b72a6afd783185464141bc3a95157ad7ced08ddff1ebd4424f8def822393dd08f1e266ee50717516dc87f46c3eff50ccc784791d7e85845f97a87c7d3b9
-EBUILD tomcat-8.5.100.ebuild 4684 BLAKE2B f0d08a35d90ae9043022eb03375a5fc6b76a63835806287832f1393c4e173a6a8888bbd35e7acfae83d31b1ffa5f0250bd1960608f3221d94cc5ed2ec4b273a9 SHA512 ece6ea745ebc5c0231f3a4f8ed5cdd349a622fd627a98c7e5a34d98e872841b965f85d73e512d9dc863acf3bca61bb847773b0fc4bae72960e63bbc9726f72e4
-EBUILD tomcat-8.5.99-r1.ebuild 4683 BLAKE2B 901e81fe850c4de79952df2625f28a778daa39c7881e361094b96962eec729ba20e9bafe7ba0f44f5f1750a1321a9f2431949da8f2d31495a547be5bba18d521 SHA512 202cf2951bcbcfa31025006b93f09e611e5c1f0693db5268d2b1eea3d3ac4ef2f25629d43fb40fa9752d1bba2d0773c85418365b38d84d8451cc2e64333ecc49
-EBUILD tomcat-9.0.87-r1.ebuild 5292 BLAKE2B 995366efd1c1da549e10f80bcd231daa152c8bd75a6558e603154657964b7c0cd384bbe988b325df510a2c5978927119664b14479843369997b9c4c3f090e392 SHA512 ab71f681c9d62736a72a38443561dffd06e26eb89e1720fe6cf6da39926c476f57e23c843714d5c2341a3fd5ddb9c87c6496a88077c1350566bb3a1f739bbc68
-EBUILD tomcat-9.0.87-r3.ebuild 5118 BLAKE2B 1f78e34462424fcd1a5a44c44e40942d1931bac8b0f945addd66c3367fd4aaf3a3a464ee93122fea987d6d2388cca2083bb7408e26e96d826d270cc09d6b7727 SHA512 6b4a84414a824b40e1e39fb6f16698b11d830d246c95b8d15d9c76bfd5d25e2503248a69a97b88b11a89852ab3dffc168fe509c745c0876b0b5c1eb7b2ac66de
-EBUILD tomcat-9.0.88-r1.ebuild 5105 BLAKE2B d5c19d7b1f0223424051d2cdf64fde97c0ae27b4760ba6096dc23453974a55ee6659d9e72972e2709e630fa48f669c1381e4162b3d049e6b04876c50284e89ed SHA512 baa041ebce176430550f1a47e9ef757930671f1201ca59c9bdd4e21ea8c8ae5d7eec2ec4d066dc80431ec94e69f0bdf7385479a2d609f9fe38e27c26a3b846a3
+EBUILD tomcat-10.1.19-r1.ebuild 5350 BLAKE2B 7d3b63019f30cc7b8a38cfbd257d362ed0227a024e17b0da3b9099d41e9eb20318f066cd433c174db0a1903d4b6237466c730b6e485e8c7f64ede7bd12f4ce15 SHA512 8d0ac9961efa95c92cc5fb69fc7e0001a61f93f7dd041f26eff592f1bc010937505f17475d94ad683608850ba2fa955a926ba6712c09bc6ce0f27da1d667a2be
+EBUILD tomcat-10.1.20-r2.ebuild 5433 BLAKE2B ede4815f60ce460b81f54b3ff04bfb7765c3747a9ea9c48148c2b9b9c178b4c1ada35da41c0c86bba35e8480201b9eb822b7977d68e41f62fe28b38e18f24cf9 SHA512 21b83c140047dba6cc46109536251a9d577308a25b9952265a141e1d7871ba54eaea4c479d011e9988ef875dc2cb855648a0a44168b6537c662662ed7838884d
+EBUILD tomcat-10.1.23.ebuild 5433 BLAKE2B ede4815f60ce460b81f54b3ff04bfb7765c3747a9ea9c48148c2b9b9c178b4c1ada35da41c0c86bba35e8480201b9eb822b7977d68e41f62fe28b38e18f24cf9 SHA512 21b83c140047dba6cc46109536251a9d577308a25b9952265a141e1d7871ba54eaea4c479d011e9988ef875dc2cb855648a0a44168b6537c662662ed7838884d
+EBUILD tomcat-8.5.100.ebuild 4592 BLAKE2B d52c7aa3493908a90c1bcd9034de033ea1677a4ecfbb8297c730cd64e657b2a91abf85ceb02c16b023f7f302a74cf6df1abda7594f2e5b5e8b3723f2f51f2262 SHA512 9a62029b2c76485a3c1e228f2981f5ce4696d78423ee844fcb08f49ff71362c1950737d69201ef656c61d61d93ba6e475adc08cd6e9832bc6006e9cdd394099c
+EBUILD tomcat-8.5.99-r1.ebuild 4591 BLAKE2B de0c44c69c4f6440ce013411b70d601e25d603d671fa7d079abceaf3a76037478fd75b08ae7e06928131416b403404e862284225aac2789b7d4bdcad3c891dc1 SHA512 12a45ee3bd7b55beede9489680f7720d836fb1375769cda121771f72bdb927a44e72540e2a55cfa9a0999ea5481d4f2de0faf73bd4b380465906e32282377725
+EBUILD tomcat-9.0.87-r1.ebuild 5200 BLAKE2B 20d33eb5521f175901b4b3e5f9296ac2c24155d4b51153af34f22d7a72a4731b7b9e64b534b03359267d61a55135700da3840682155c5f02b884a606946fa83d SHA512 a744b21c16d19810f4d45bdcc53f08b5d711e2ca25a51a6dcab20671417db99682a459454fa6167b7ff406b98e2356093b1808ff00b43e60ba2c32b4865b45ce
+EBUILD tomcat-9.0.87-r3.ebuild 5026 BLAKE2B f0a8000542ee16da846f8b564f2ca76368a5aa240667ac70c72e7b572aa23f18856c8b3c5586024a51eb9fd2ed472f1fc42bfd67255a962374f126c7edcbc69c SHA512 59ced2d065d3af54d30a87d47078fa215d0dfdf00fedbf641d9ed92bf7d3734d251095558c4a9c8450b06c0ff102712eb83ef6aa4558186e34443831d19795eb
+EBUILD tomcat-9.0.88-r1.ebuild 5013 BLAKE2B 969e71df1100bbe3b97d0a1ef9c6e4f6ee819a652f9a14b1c7e4bff837a31ee5b602c7df834c23e1095ea310595a0c02c02aefe7d32458d621aa5385019cd71f SHA512 fc60561c17f6df18543409f1c55a13592fab8fd524ad29495ce32a38948ef9fd8949a3794211731a81f566b7681767f52e307ceb9a0f560237959265a44c8f58
 MISC metadata.xml 699 BLAKE2B 66aff1137e5d4ad92749176a5375c1c27c1e6cde936e05ce904d965eb71a985c421235917742d4065765e1ebf9f9e3faa51c3de109a9e5a169000b4263c3cd97 SHA512 b50874d1e741835bf8cb839517241465018254eba1ddb0e691f2b5b188eca97dd27394c29d2082654049d9ee0898c1e5e4e625666cf8abe029b8e6085122d9a0
diff --git a/www-servers/tomcat/tomcat-10.1.19-r1.ebuild b/www-servers/tomcat/tomcat-10.1.19-r1.ebuild
index 5d29d3348b67..0204d24e5bd9 100644
--- a/www-servers/tomcat/tomcat-10.1.19-r1.ebuild
+++ b/www-servers/tomcat/tomcat-10.1.19-r1.ebuild
@@ -175,6 +175,5 @@ pkg_postinst() {
 	ewarn "has changed from javax.* to jakarta.*. This will almost certainly require code"
 	ewarn "changes to enable applications to migrate from Tomcat 9 and earlier to Tomcat 10 and later."
 
-	einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
-	einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
+	einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat"
 }
diff --git a/www-servers/tomcat/tomcat-10.1.20-r2.ebuild b/www-servers/tomcat/tomcat-10.1.20-r2.ebuild
index d046512b71c9..0815da662c22 100644
--- a/www-servers/tomcat/tomcat-10.1.20-r2.ebuild
+++ b/www-servers/tomcat/tomcat-10.1.20-r2.ebuild
@@ -171,6 +171,5 @@ pkg_postinst() {
 	ewarn "has changed from javax.* to jakarta.*. This will almost certainly require code"
 	ewarn "changes to enable applications to migrate from Tomcat 9 and earlier to Tomcat 10 and later."
 
-	einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
-	einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
+	einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat"
 }
diff --git a/www-servers/tomcat/tomcat-10.1.23.ebuild b/www-servers/tomcat/tomcat-10.1.23.ebuild
new file mode 100644
index 000000000000..0815da662c22
--- /dev/null
+++ b/www-servers/tomcat/tomcat-10.1.23.ebuild
@@ -0,0 +1,175 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+JAVA_PKG_IUSE="doc source test"
+
+inherit java-pkg-2 java-ant-2 prefix verify-sig
+
+MY_P="apache-${P}-src"
+
+DESCRIPTION="Tomcat Servlet-6.0/JSP-3.1/EL-5.0/WebSocket-2.1/JASPIC-3.0 Container"
+HOMEPAGE="https://tomcat.apache.org/"
+SRC_URI="mirror://apache/${PN}/tomcat-10/v${PV}/src/${MY_P}.tar.gz
+	verify-sig? ( https://downloads.apache.org/tomcat/tomcat-$(ver_cut 1)/v${PV}/src/${MY_P}.tar.gz.asc )"
+S=${WORKDIR}/${MY_P}
+
+LICENSE="Apache-2.0"
+SLOT="10.1"
+KEYWORDS="~amd64 ~arm ~arm64 ~amd64-linux"
+IUSE="extra-webapps"
+
+RESTRICT="test" # can we run them on a production system?
+
+ECJ_SLOT="4.27"
+
+COMMON_DEP="dev-java/bnd-annotation:0
+	dev-java/eclipse-ecj:${ECJ_SLOT}
+	dev-java/jax-rpc-api:0
+	>=dev-java/jakartaee-migration-1.0.7-r2:0
+	dev-java/wsdl4j:0"
+RDEPEND="${COMMON_DEP}
+	acct-group/tomcat
+	acct-user/tomcat
+	>=virtual/jre-11:*"
+DEPEND="${COMMON_DEP}
+	app-admin/pwgen
+	>=dev-java/ant-1.10.14-r3:0
+	dev-java/bnd-ant:0
+	dev-java/bnd-util:0
+	dev-java/bndlib:0
+	dev-java/libg:0
+	dev-java/osgi-cmpn:8
+	dev-java/osgi-core:0
+	dev-java/slf4j-api:0
+	>=virtual/jdk-17:*
+	test? (
+		>=dev-java/ant-1.10.14-r3:0[junit]
+		dev-java/easymock:3.2
+	)"
+
+BDEPEND="verify-sig? ( ~sec-keys/openpgp-keys-apache-tomcat-${PV}:${PV} )"
+VERIFY_SIG_OPENPGP_KEY_PATH="/usr/share/openpgp-keys/tomcat-${PV}.apache.org.asc"
+
+PATCHES=(
+	"${FILESDIR}/tomcat-10.1.20-do-not-copy.patch"
+	"${FILESDIR}/tomcat-10.1.20-offline.patch"
+	"${FILESDIR}/tomcat-9.0.87-gentoo-bnd.patch"
+)
+
+src_prepare() {
+	default #780585
+	java-pkg-2_src_prepare
+	java-pkg_clean
+
+	cat > build.properties <<-EOF || die
+		execute.download=false
+		exist=true # skip target="downloadfile-2"
+		ant.jar=$(java-pkg_getjar --build-only ant ant.jar)
+		bnd-annotation.jar=$(java-pkg_getjars bnd-annotation)
+		bnd-ant.jar=$(java-pkg_getjars --build-only bnd-ant)
+		bnd-util.jar=$(java-pkg_getjars --build-only bnd-util)
+		bnd.jar=$(java-pkg_getjars --build-only bnd)
+		bndlib.jar=$(java-pkg_getjars --build-only bndlib)
+		jaxrpc-lib.jar=$(java-pkg_getjars jax-rpc-api)
+		jdt.jar=$(java-pkg_getjars eclipse-ecj-${ECJ_SLOT})
+		libg.jar=$(java-pkg_getjars --build-only libg)
+		migration-lib.jar=$(java-pkg_getjars jakartaee-migration)
+		osgi-cmpn.jar=$(java-pkg_getjars --build-only osgi-cmpn-8)
+		osgi-core.jar=$(java-pkg_getjars --build-only osgi-core)
+		slf4j-api.jar=$(java-pkg_getjars --build-only slf4j-api)
+		wsdl4j-lib.jar=$(java-pkg_getjars wsdl4j)
+	EOF
+
+	# For use of catalina.sh in netbeans
+	sed -i -e "/^# ----- Execute The Requested Command/ a\
+		CLASSPATH=\`java-config --with-dependencies --classpath ${PN}-${SLOT}\`" \
+		bin/catalina.sh || die
+}
+
+EANT_BUILD_TARGET="deploy"
+EANT_TEST_GENTOO_CLASSPATH="easymock-3.2"
+EANT_GENTOO_CLASSPATH_EXTRA="${S}/output/classes"
+EANT_EXTRA_ARGS="-Dversion=${PV}-gentoo -Dversion.number=${PV} -Dcompile.debug=false"
+
+# revisions of the scripts
+IM_REV="-r2"
+INIT_REV="-r1"
+
+src_compile() {
+	LC_ALL=C java-pkg-2_src_compile
+}
+
+src_test() {
+	java-pkg-2_src_test
+}
+
+src_install() {
+	local dest="/usr/share/${PN}-${SLOT}"
+
+	java-pkg_jarinto "${dest}"/bin
+	java-pkg_dojar output/build/bin/*.jar
+	exeinto "${dest}"/bin
+	doexe output/build/bin/*.sh
+
+	java-pkg_jarinto "${dest}"/lib
+	java-pkg_dojar output/build/lib/*.jar
+
+	dodoc RELEASE-NOTES RUNNING.txt
+	use doc && java-pkg_dojavadoc output/dist/webapps/docs/api
+	use source && java-pkg_dosrc java/*
+
+	### Webapps ###
+
+	# add missing docBase
+	local apps="host-manager manager"
+	for app in ${apps}; do
+		sed -i -e "s|=\"true\" >|=\"true\" docBase=\"\$\{catalina.home\}/webapps/${app}\" >|" \
+			output/build/webapps/${app}/META-INF/context.xml || die
+	done
+
+	insinto "${dest}"/webapps
+	doins -r output/build/webapps/{host-manager,manager,ROOT}
+	use extra-webapps && doins -r output/build/webapps/{docs,examples}
+
+	### Config ###
+
+	# create "logs" directory in $CATALINA_BASE
+	# and set correct perms, see #458890
+	dodir "${dest}"/logs
+	fperms 0750 "${dest}"/logs
+
+	# replace the default pw with a random one, see #92281
+	local randpw="$(pwgen -s -B 15 1)"
+	sed -i -e "s|SHUTDOWN|${randpw}|" output/build/conf/server.xml || die
+
+	# prepend gentoo.classpath to common.loader, see #453212
+	sed -i -e 's/^common\.loader=/\0${gentoo.classpath},/' output/build/conf/catalina.properties || die
+
+	insinto "${dest}"
+	doins -r output/build/conf
+
+	### rc ###
+
+	cp "${FILESDIR}"/tomcat{.conf,${INIT_REV}.init,-instance-manager${IM_REV}.bash} "${T}" || die
+	eprefixify "${T}"/tomcat{.conf,${INIT_REV}.init,-instance-manager${IM_REV}.bash}
+	sed -i -e "s|@SLOT@|${SLOT}|g" "${T}"/tomcat{.conf,${INIT_REV}.init,-instance-manager${IM_REV}.bash} || die
+
+	insinto "${dest}"/gentoo
+	doins "${T}"/tomcat.conf
+	exeinto "${dest}"/gentoo
+	newexe "${T}"/tomcat${INIT_REV}.init tomcat.init
+	newexe "${T}"/tomcat-instance-manager${IM_REV}.bash tomcat-instance-manager.bash
+}
+
+pkg_postinst() {
+	einfo "Ebuilds of Tomcat support running multiple instances. To manage Tomcat instances, run:"
+	einfo "  ${EPREFIX}/usr/share/${PN}-${SLOT}/gentoo/tomcat-instance-manager.bash --help"
+
+	ewarn "Please note that since version 10 the primary package for all implemented APIs"
+	ewarn "has changed from javax.* to jakarta.*. This will almost certainly require code"
+	ewarn "changes to enable applications to migrate from Tomcat 9 and earlier to Tomcat 10 and later."
+
+	einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat"
+}
diff --git a/www-servers/tomcat/tomcat-8.5.100.ebuild b/www-servers/tomcat/tomcat-8.5.100.ebuild
index 8f3129ef2d1b..b62ecc123e81 100644
--- a/www-servers/tomcat/tomcat-8.5.100.ebuild
+++ b/www-servers/tomcat/tomcat-8.5.100.ebuild
@@ -151,6 +151,5 @@ pkg_postinst() {
 	einfo "Ebuilds of Tomcat support running multiple instances. To manage Tomcat instances, run:"
 	einfo "  ${EPREFIX}/usr/share/${PN}-${SLOT}/gentoo/tomcat-instance-manager.bash --help"
 
-	einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
-	einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
+	einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat"
 }
diff --git a/www-servers/tomcat/tomcat-8.5.99-r1.ebuild b/www-servers/tomcat/tomcat-8.5.99-r1.ebuild
index 76f81b2ba599..ef31979c323e 100644
--- a/www-servers/tomcat/tomcat-8.5.99-r1.ebuild
+++ b/www-servers/tomcat/tomcat-8.5.99-r1.ebuild
@@ -151,6 +151,5 @@ pkg_postinst() {
 	einfo "Ebuilds of Tomcat support running multiple instances. To manage Tomcat instances, run:"
 	einfo "  ${EPREFIX}/usr/share/${PN}-${SLOT}/gentoo/tomcat-instance-manager.bash --help"
 
-	einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
-	einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
+	einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat"
 }
diff --git a/www-servers/tomcat/tomcat-9.0.87-r1.ebuild b/www-servers/tomcat/tomcat-9.0.87-r1.ebuild
index 62209bd563d6..7af892a7c28b 100644
--- a/www-servers/tomcat/tomcat-9.0.87-r1.ebuild
+++ b/www-servers/tomcat/tomcat-9.0.87-r1.ebuild
@@ -174,6 +174,5 @@ pkg_postinst() {
 	einfo "Ebuilds of Tomcat support running multiple instances. To manage Tomcat instances, run:"
 	einfo "  ${EPREFIX}/usr/share/${PN}-${SLOT}/gentoo/tomcat-instance-manager.bash --help"
 
-	einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
-	einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
+	einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat"
 }
diff --git a/www-servers/tomcat/tomcat-9.0.87-r3.ebuild b/www-servers/tomcat/tomcat-9.0.87-r3.ebuild
index 2d8069b5c3da..9b41836944aa 100644
--- a/www-servers/tomcat/tomcat-9.0.87-r3.ebuild
+++ b/www-servers/tomcat/tomcat-9.0.87-r3.ebuild
@@ -164,6 +164,5 @@ pkg_postinst() {
 	einfo "Ebuilds of Tomcat support running multiple instances. To manage Tomcat instances, run:"
 	einfo "  ${EPREFIX}/usr/share/${PN}-${SLOT}/gentoo/tomcat-instance-manager.bash --help"
 
-	einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
-	einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
+	einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat"
 }
diff --git a/www-servers/tomcat/tomcat-9.0.88-r1.ebuild b/www-servers/tomcat/tomcat-9.0.88-r1.ebuild
index 5e19c3cce87d..0289b98b1140 100644
--- a/www-servers/tomcat/tomcat-9.0.88-r1.ebuild
+++ b/www-servers/tomcat/tomcat-9.0.88-r1.ebuild
@@ -164,6 +164,5 @@ pkg_postinst() {
 	einfo "Ebuilds of Tomcat support running multiple instances. To manage Tomcat instances, run:"
 	einfo "  ${EPREFIX}/usr/share/${PN}-${SLOT}/gentoo/tomcat-instance-manager.bash --help"
 
-	einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat and"
-	einfo "https://wiki.gentoo.org/wiki/Project:Java/Tomcat_6_Guide for more information."
+	einfo "Please read https://wiki.gentoo.org/wiki/Apache_Tomcat"
 }