Ports are awesome but not when you have to apply an update and take a production system down for the time it takes to recompile a binary. Poudriere to the rescue!

pkg-ng, for the most part, contains the binary files I need with the proper options enabled, but not all...

  • nginx with GeoIP
  • Postfix with mySQL support
  • Dovecot with mySQL support
    (yes, I know a few of these have "full" packages but I don't need all those features)

Here's how to get started with hosting your own custom pkg repository:

  1. Install:
    pkg install poudriere
  2. Create a zvol for poudriere to work in:
    zfs create /jails/poudriere
  3. Configure poudriere:
    vim /usr/local/etc/pkg/poudriere.conf
    ZPOOL=jails
    ZROOTFS=/poudriere
    FREEBSD_HOST=https://download.FreeBSD.org
    RESOLV_CONF=/etc/resolv.conf
    BASEFS=/usr/local/poudriere
    USE_PORTLINT=no
    USE_TMPFS=yes
    DISTFILES_CACHE=/usr/ports/distfiles
    PARALLEL_JOBS=4
    
  4. Create a new jail:
    poudriere jail -c -j 11-1-amd64 -v 11.1-RELEASE
  5. Create a corresponding ports tree:
    poudriere ports -c -p local
  6. Create a package list (this can be in your home directory):
    vim 11-1-amd64-local-mail_servers-pkglist
    and include a list of the ports you want to build:
    mail/postfix-sasl
    mail/dovecot
    
  7. Configure the port's options:
    poudriere options -j 11-1-amd64 -p local -z mail_servers -f 11-1-amd64-local-mail_server-pkglist
  8. Finally, build the package:
    poudriere bulk -j 11-1-amd64 -p local -z mail_servers -f 11-1-amd64-local-mail_server-pkglist

If updates arrive, run poudriere ports -u -p local.


Client configuration

  1. Since my poudriere repository is hosted behind a Let'sEncrypt TLS cert, I needed to install the ca_root_nss package using pkg install ca_root_nss.

  2. Create a file (/usr/local/etc/pkg/repos/custom.conf) and add the following (changing the url):

    poudriere_mail: {
        url: "https://pkg.fqdn/packages/11-1-amd64-local-mail_servers/",
        enabled: yes,
        priority: 100,
    }