Hello ports@, Here is an update to haproxy to latest version, released yesterday. I have been running the -dev versions on-and-off for the last couple of weeks without much issue; I don't expect anything to go wrong with this last version. Changelog is big and can be found at [0].
Portwise, I didn't see much gain in HAPROXY* vars so I got rid of them. That's where most of the churn comes from. I also added USE_PROMEX=1 to have a Prometheus / OpenMetrics endpoint. It compiles an additional C file without any new dependency. tb@, the only difference (and the reason why update is WIP) I see here with my arm64 server is that now I'll get "Weird server reply" from curl if I try to connect with QUIC. The issue is only present when using the default cipher suite; removing TLS_CHACHA20_POLY1305_SHA256 from the proposal makes it work correctly. Is this related to "alert issue" you talk about in [1]? In that case, does it make sense to pause this update until the issue is solved? Cheers, Lucas [0]: https://github.com/haproxy/haproxy/blob/master/CHANGELOG [1]: https://github.com/haproxy/haproxy/issues/2569#issuecomment-2124956170 diff 74dcff6cd6dd2e62a28d3ab1da574df080129e8e 74db4daef7132ba3dc53fe6441d99be0c9c02184 commit - 74dcff6cd6dd2e62a28d3ab1da574df080129e8e commit + 74db4daef7132ba3dc53fe6441d99be0c9c02184 blob - b5cddc3eeab11bb6bf999bb5911687342fb8b1e4 blob + 4b2fc6d50a696cd7f95e51c2ced4bdc76533d65a --- net/haproxy/Makefile +++ net/haproxy/Makefile @@ -1,6 +1,6 @@ COMMENT = reliable, high performance TCP/HTTP load balancer -DISTNAME = haproxy-2.8.9 +DISTNAME = haproxy-3.0.0 CATEGORIES = net www HOMEPAGE = https://www.haproxy.org/ MAINTAINER = Daniel Jakots <o...@chown.me> @@ -12,19 +12,12 @@ WANTLIB += c crypto pcre2-8 pcre2-posix pthread ssl z DEBUG_PACKAGES = ${BUILD_PACKAGES} -SITES = ${HOMEPAGE}/download/2.8/src/ +SITES = ${HOMEPAGE}/download/3.0/src/ -HAPROXYCONF = ${SYSCONFDIR}/haproxy -HAPROXYSTATE = /var/haproxy -HAPROXYUID = 604 -HAPROXYGID = 604 -SUBST_VARS = HAPROXYCONF HAPROXYSTATE \ - HAPROXYUID HAPROXYGID - USE_GMAKE = Yes MAKE_FLAGS += CPU_CFLAGS="${CFLAGS}" LDFLAGS="${LDFLAGS}" MAKE_FLAGS += CC="${CC}" LD="${CC}" TARGET="openbsd" -MAKE_FLAGS += USE_OPENSSL=1 USE_PCRE2=1 USE_QUIC=1 USE_ZLIB=1 V=1 +MAKE_FLAGS += USE_OPENSSL=1 USE_PCRE2=1 USE_PROMEX=1 USE_QUIC=1 USE_ZLIB=1 V=1 MAKE_FLAGS += USE_LIBATOMIC= FAKE_FLAGS += DOCDIR="${PREFIX}/share/doc/haproxy" blob - f9c70c08d84f0653a75d3a3d505c893f4b840e9c blob + a1b3a2860f26f5acca317db26709004389ab6e51 --- net/haproxy/distinfo +++ net/haproxy/distinfo @@ -1,2 +1,2 @@ -SHA256 (haproxy-2.8.9.tar.gz) = eoIUePNvhHYH9RpR6A9PiQw3r0gR1gQ45/Y3g/Z1kv8= -SIZE (haproxy-2.8.9.tar.gz) = 4383096 +SHA256 (haproxy-3.0.0.tar.gz) = Wq2XQWIW0s2d0hLrZ0g5xAzTh/YPvEsT1+o/HlZkqBQ= +SIZE (haproxy-3.0.0.tar.gz) = 4677659 blob - a43fe95d947d035d59d2a49a4d8fbc888a10bc4d blob + 99030a2bb355b7a75851937ff393f07179241d9b --- net/haproxy/files/haproxy.cfg +++ net/haproxy/files/haproxy.cfg @@ -2,8 +2,8 @@ global log 127.0.0.1 local0 debug maxconn 1024 chroot /var/haproxy - uid 604 - gid 604 + user _haproxy + group _haproxy daemon pidfile /var/run/haproxy.pid blob - 16e125964bb7859239dcd70c42d51055fa8d313e blob + 80afa917bba6891b62364c489a3583bd15a841e4 --- net/haproxy/pkg/PLIST +++ net/haproxy/pkg/PLIST @@ -1,10 +1,10 @@ -@newgroup _haproxy:${HAPROXYGID} -@newuser _haproxy:${HAPROXYUID}:_haproxy::HAProxy Daemon:/var/haproxy:/sbin/nologin +@newgroup _haproxy:604 +@newuser _haproxy:604:_haproxy::HAProxy Daemon:${LOCALSTATEDIR}/haproxy:/sbin/nologin @rcscript ${RCDIR}/haproxy @man man/man1/haproxy.1 @bin sbin/haproxy -@sample ${HAPROXYCONF}/ -@sample ${HAPROXYSTATE}/ +@sample ${SYSCONFDIR}/haproxy/ +@sample ${LOCALSTATEDIR}/haproxy/ share/doc/haproxy/ share/doc/haproxy/51Degrees-device-detection.txt share/doc/haproxy/DeviceAtlas-device-detection.txt @@ -29,7 +29,7 @@ share/examples/haproxy/ share/examples/haproxy/basic-config-edge.cfg share/examples/haproxy/content-sw-sample.cfg share/examples/haproxy/haproxy.cfg -@sample ${HAPROXYCONF}/haproxy.cfg +@sample ${SYSCONFDIR}/haproxy/haproxy.cfg share/examples/haproxy/option-http_proxy.cfg share/examples/haproxy/quick-test.cfg share/examples/haproxy/socks4.cfg blob - a12dbcca94f88c66db215d8691031ece620e5dfb blob + 7552730c88bf774e6cf73e3503887d62b69f5fea --- net/haproxy/pkg/haproxy.rc +++ net/haproxy/pkg/haproxy.rc @@ -1,7 +1,7 @@ #!/bin/ksh daemon="${TRUEPREFIX}/sbin/haproxy" -daemon_flags="-f ${HAPROXYCONF}/haproxy.cfg" +daemon_flags="-f ${SYSCONFDIR}/haproxy/haproxy.cfg" . /etc/rc.d/rc.subr