# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4
# $Id$

PortSystem          1.0

name                unbound
version             1.5.10
categories          net
license             BSD
maintainers         snc

description         Validating, recursive, and caching DNS resolver.

homepage            http://unbound.net/
platforms           darwin
depends_lib         path:lib/libssl.dylib:openssl port:expat

set unbounduser     unbound
set unboundgroup    unbound

long_description    Unbound is a validating, recursive, and caching DNS \
                    server software product from NLnet Labs, VeriSign Inc.,\
                    Nominet, and Kirei. It is distributed free of charge \
                    in open source form under the BSD license.\
                    Unbound is designed as a set of modular components \
                    that incorporate modern features, such as enhanced \
                    security (DNSSEC) validation, Internet Protocol \
                    Version 6 (IPv6), and a client resolver library API \
                    as an integral part of the architecture.

master_sites        http://unbound.net/downloads/

checksums           rmd160  0907f1501acc5ce943a038f671ef0e7d358b0695 \
                    sha256  a39b8b4fcca2a2b35a2daa53fe35150cc3f09038dc9acede09c912fc248a9486

configure.args-append   --with-pidfile=${prefix}/var/run/${name}/${name}.pid \
                        --with-ssl=${prefix} \
                        --with-rootkey-file=${prefix}/etc/${name}/root.key

if {${os.major} == 10} {
	configure.compiler  macports-clang-3.4
}

variant libevent description {Build with libevent (slower, but allows use of large outgoing port ranges)} {
    depends_lib-append      port:libevent
    configure.args-append   --with-libevent=${prefix}
}

test.run            yes

add_users ${unbounduser} group=${unboundgroup} home=/dev/null realname=Unbound\ Resolver
post-destroot {
    xinstall -o ${unbounduser} -g ${unboundgroup} -m 755 -d ${destroot}${prefix}/var/run/${name}
    move ${destroot}${prefix}/etc/${name}/${name}.conf ${destroot}${prefix}/etc/${name}/${name}.conf-dist
    reinplace -W ${destroot}${prefix}/etc/${name} "s/# auto-trust-anchor-file:/auto-trust-anchor-file:/g" ${name}.conf-dist
    touch ${destroot}${prefix}/var/run/${name}/${name}.pid
    file attributes ${destroot}${prefix}/var/run/${name}/${name}.pid -owner ${unbounduser} -group ${unboundgroup}
    file attributes ${destroot}${prefix}/etc/${name} -group ${unboundgroup} -permissions 0775
}

post-activate {
    system "${prefix}/sbin/unbound-anchor -a \"${prefix}/etc/${name}/root.key\" || :"
    file attributes ${prefix}/etc/${name}/root.key -owner ${unbounduser} -group ${unboundgroup}
}

# Make it run on boot
startupitem.create  yes
startupitem.name    unbound
startupitem.start   "${prefix}/sbin/unbound-anchor -a ${prefix}/etc/${name}/root.key || : && chown ${unbounduser}:${unboundgroup} ${prefix}/etc/${name}/root.key && ${prefix}/sbin/unbound"
startupitem.stop    "/bin/kill \$(cat ${prefix}/var/run/${name}/unbound.pid)"

livecheck.type      regex
livecheck.url       ${homepage}/download.html
livecheck.regex     "The latest version of unbound \\(currently (\\d+\\.\\d+(\\.\\d+))\\)"

use_parallel_build  no

notes-append        "An example configuration is provided at ${prefix}/etc/${name}/${name}.conf-dist."