Updated 2019-Nov-11: Elaborated on options.

Ports are awesome but not when you have to apply an update and take a production system down for the time it takes to recompile a binary. Poudriere to the rescue!

pkg-ng, for the most part, contains the binary files I need with the proper options enabled, but not all...

• nginx with GeoIP
• Postfix with mySQL support
• Dovecot with mySQL support
  (yes, I know a few of these have "full" packages but I don't need all those features)

Here's how to get started with hosting your own custom pkg repository:

1. Install:
   pkg install poudriere
2. Create a zvol for poudriere to work in:
   zfs create /jails/poudriere
3. Configure poudriere:

   vim /usr/local/etc/pkg/poudriere.conf
   ZPOOL=jails
   ZROOTFS=/poudriere
   FREEBSD_HOST=https://download.FreeBSD.org
   RESOLV_CONF=/etc/resolv.conf
   BASEFS=/usr/local/poudriere
   USE_PORTLINT=no
   USE_TMPFS=yes
   DISTFILES_CACHE=/usr/ports/distfiles
   PARALLEL_JOBS=4
   

4. Create a new jail:
   poudriere jail -c -j 11-1-amd64 -v 11.1-RELEASE
   • -c Create a jail
   • -j Jail name
   • -v Version of FreeBSD to use in the jail
5. Create a corresponding ports tree:
   poudriere ports -c -p local
   • -c Create a ports tree
   • -p Portstree name
6. Create a package list (this can be in your home directory):
   vim 11-1-amd64-local-mail_servers-pkglist
   and include a list of the ports you want to build:

   mail/postfix-sasl
   mail/dovecot
   

7. Configure the port's options:
   poudriere options -j 11-1-amd64 -p local -z mail_servers -f 11-1-amd64-local-mail_server-pkglist
   • -j Name of jail created earlier
   • -p Name of portstree created earlier
   • -z This lets you set custom options for different set of flavor of the package. For instance, I want nginx built with RTMP on one server but with GeoIP on another. I would simply set different options under each -z foo.
   • -f This is the package list file created in step 6.
8. Finally, build the package:
   poudriere bulk -j 11-1-amd64 -p local -z mail_servers -f 11-1-amd64-local-mail_server-pkglist
   • The only difference between #7 and #8 is the subcommand bulk. This starts the build process. Pressing Ctrl-t will show the progress.

If updates arrive, run poudriere ports -u -p local and poudriere jail -u -j 11-1-amd64. This will update the ports tree and the build jail.

Also, some helpful commands:
poudriere jails -l lists all jails.
poudriere ports -l lists all portstrees.

Client configuration

1. Since my poudriere repository is hosted behind a Let'sEncrypt TLS cert, I needed to install the ca_root_nss package using pkg install ca_root_nss.

2. Create a file (/usr/local/etc/pkg/repos/custom.conf) and add the following (changing the url):

   poudriere_mail: {
       url: "https://pkg.fqdn/packages/11-1-amd64-local-mail_servers/",
       enabled: yes,
       priority: 100,
   }