security/vault: improve rc.d script

- Add additional "monitor" command which throws statistics to stdout. For details, see https://www.vaultproject.io/docs/internals/telemetry.html - Where possible, add additional "vault_syslog_output_*" rc vars to redirect stdout to syslog - Add vault config to required files list - Bump PORTREVISION to reflect package PR: 215896 Submitted by: Pavel Timofeev <timp87@gmail.com> (with modifications)
2018-07-10 17:49:55 +00:00
parent 9d7f498de1
commit f77bf40c09
2 changed files with 47 additions and 14 deletions
--- a/security/vault/Makefile
+++ b/security/vault/Makefile
@@ -2,6 +2,7 @@

 PORTNAME=	vault
 PORTVERSION=	0.10.3
+PORTREVISION=	1
 DISTVERSIONPREFIX=	v
 CATEGORIES=	security

--- a/security/vault/files/vault.in
+++ b/security/vault/files/vault.in
@@ -3,22 +3,26 @@
 # $FreeBSD$
 #
 # PROVIDE: vault
-# REQUIRE: LOGIN
+# REQUIRE: DAEMON
 # KEYWORD: shutdown
 #
 # Add the following lines to /etc/rc.conf.local or /etc/rc.conf
 # to enable this service:
 #
-# vault_enable (bool):	Set to NO by default.
-#				Set it to YES to enable vault.
-# vault_user (user):        Set user to run vault.
-#                               Default is "vault".
-# vault_group (group):      Set group to run vault.
-#                               Default is "vault".
-# vault_config (dir):       Set vault config file.
-#                               Default is "%%PREFIX%%/etc/vault.hcl".
-# vault_env (dir):          Set environment variables used with vault
-#                               Default is "".
+# vault_enable (bool):	Set it to YES to enable vault.
+#			Default is "NO".
+# vault_user (user):	Set user to run vault.
+#			Default is "vault".
+# vault_group (group):	Set group to run vault.
+#			Default is "vault".
+# vault_config (dir):	Set vault config file.
+#			Default is "%%PREFIX%%/etc/vault.hcl".
+# vault_syslog_output_enable (bool):	Set to enable syslog output.
+#					Default is "NO". See daemon(8).
+# vault_syslog_output_priority (str):	Set syslog priority if syslog enabled.
+#					Default is "info". See daemon(8).
+# vault_syslog_output_facility (str):	Set syslog facility if syslog enabled.
+#					Default is "daemon". See daemon(8).

 . /etc/rc.subr

@@ -31,14 +35,43 @@ load_rc_config $name
 : ${vault_user:="vault"}
 : ${vault_group:="vault"}
 : ${vault_config:="%%PREFIX%%/etc/vault.hcl"}
-: ${vault_env:=""}
+
+DAEMON=$(/usr/sbin/daemon 2>&1 | grep -q syslog ; echo $?)
+if [ ${DAEMON} -eq 0 ]; then
+        : ${vault_syslog_output_enable:="NO"}
+        : ${vault_syslog_output_priority:="info"}
+        : ${vault_syslog_output_facility:="daemon"}
+        if checkyesno vault_syslog_output_enable; then
+                vault_syslog_output_flags="-t ${name} -T ${name}"
+
+                if [ -n "${vault_syslog_output_priority}" ]; then
+                        vault_syslog_output_flags="${vault_syslog_output_flags} -s ${vault_syslog_output_priority}"
+                fi
+
+                if [ -n "${vault_syslog_output_facility}" ]; then
+                        vault_syslog_output_flags="${vault_syslog_output_flags} -l ${vault_syslog_output_facility}"
+                fi
+        fi
+else
+        vault_syslog_output_enable="NO"
+        vault_syslog_output_flags=""
+fi

 pidfile=/var/run/vault.pid
 procname="%%PREFIX%%/bin/vault"
 command="/usr/sbin/daemon"
-command_args="-f -t ${name} -p ${pidfile} /usr/bin/env ${vault_env} ${procname} server -config=${vault_config}"
+command_args="-f ${vault_syslog_output_flags} -p ${pidfile} /usr/bin/env ${vault_env} ${procname} server -config=${vault_config}"

+extra_commands="reload monitor"
+monitor_cmd=vault_monitor
 start_precmd=vault_startprecmd
+required_files="$vault_config"
+
+vault_monitor()
+{
+	sig_reload=USR1
+	run_rc_command "reload"
+}

 vault_startprecmd()
 {
@@ -49,7 +82,6 @@ vault_startprecmd()
        if [ ! -d ${vault_dir} ]; then
                install -d -o ${vault_user} -g ${vault_group} ${vault_dir}
        fi
-
 }

 run_rc_command "$1"