Updated 2019-Nov-11: Elaborated on options.

Ports are awesome but not when you have to apply an update and take a production system down for the time it takes to recompile a binary. Poudriere to the rescue!

pkg-ng, for the most part, contains the binary files I need with the proper options enabled, but not all...

  • nginx with GeoIP
  • Postfix with mySQL support
  • Dovecot with mySQL support
    (yes, I know a few of these have "full" packages but I don't need all those features)

Here's how to get started with hosting your own custom pkg repository:

  1. Install:
    pkg install poudriere
  2. Create a zvol for poudriere to work in:
    zfs create /jails/poudriere
  3. Configure poudriere:
    vim /usr/local/etc/pkg/poudriere.conf
    ZPOOL=jails
    ZROOTFS=/poudriere
    FREEBSD_HOST=https://download.FreeBSD.org
    RESOLV_CONF=/etc/resolv.conf
    BASEFS=/usr/local/poudriere
    USE_PORTLINT=no
    USE_TMPFS=yes
    DISTFILES_CACHE=/usr/ports/distfiles
    PARALLEL_JOBS=4
    
  4. Create a new jail:
    poudriere jail -c -j 11-1-amd64 -v 11.1-RELEASE
    • -c Create a jail
    • -j Jail name
    • -v Version of FreeBSD to use in the jail
  5. Create a corresponding ports tree:
    poudriere ports -c -p local
    • -c Create a ports tree
    • -p Portstree name
  6. Create a package list (this can be in your home directory):
    vim 11-1-amd64-local-mail_servers-pkglist
    and include a list of the ports you want to build:
    mail/postfix-sasl
    mail/dovecot
    
  7. Configure the port's options:
    poudriere options -j 11-1-amd64 -p local -z mail_servers -f 11-1-amd64-local-mail_server-pkglist
    • -j Name of jail created earlier
    • -p Name of portstree created earlier
    • -z This lets you set custom options for different set of flavor of the package. For instance, I want nginx built with RTMP on one server but with GeoIP on another. I would simply set different options under each -z foo.
    • -f This is the package list file created in step 6.
  8. Finally, build the package:
    poudriere bulk -j 11-1-amd64 -p local -z mail_servers -f 11-1-amd64-local-mail_server-pkglist
    • The only difference between #7 and #8 is the subcommand bulk. This starts the build process. Pressing Ctrl-t will show the progress.

If updates arrive, run poudriere ports -u -p local and poudriere jail -u -j 11-1-amd64. This will update the ports tree and the build jail.

Also, some helpful commands:
poudriere jails -l lists all jails.
poudriere ports -l lists all portstrees.


Client configuration

  1. Since my poudriere repository is hosted behind a Let'sEncrypt TLS cert, I needed to install the ca_root_nss package using pkg install ca_root_nss.

  2. Create a file (/usr/local/etc/pkg/repos/custom.conf) and add the following (changing the url):

    poudriere_mail: {
        url: "https://pkg.fqdn/packages/11-1-amd64-local-mail_servers/",
        enabled: yes,
        priority: 100,
    }