Add support for naxsi (bug #397587).

Package-Manager: portage-2.1.11.63/cvs/Linux x86_64
RepoMan-Options: --force
Manifest-Sign-Key: 0x1E0CA85F!

3 files changed, 522 insertions, 10 deletions

diff --git a/www-servers/nginx/ChangeLog b/www-servers/nginx/ChangeLog
index d64cb23c5c42..25266ffad863 100644
--- a/www-servers/nginx/ChangeLog
+++ b/www-servers/nginx/ChangeLog
@@ -1,6 +1,11 @@
 # ChangeLog for www-servers/nginx
 # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-servers/nginx/ChangeLog,v 1.358 2013/05/14 06:59:27 dev-zero Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-servers/nginx/ChangeLog,v 1.359 2013/05/14 21:38:03 dev-zero Exp $
+
+*nginx-1.4.1-r4 (14 May 2013)
+
+  14 May 2013; Tiziano Müller <dev-zero@gentoo.org> +nginx-1.4.1-r4.ebuild:
+  Add support for naxsi (bug #397587).
 
 *nginx-1.4.1-r3 (14 May 2013)
 
diff --git a/www-servers/nginx/Manifest b/www-servers/nginx/Manifest
index 1729d7ba1d55..d07c2c41c873 100644
--- a/www-servers/nginx/Manifest
+++ b/www-servers/nginx/Manifest
@@ -14,6 +14,7 @@ DIST ngx_http_cache_purge-2.1.tar.gz 10535 SHA256 424005af0c04e59ffa65a65e446081
 DIST ngx_http_fancyindex-0.3.1.1.tar.gz 13146 SHA256 227896f7d69866f7432c1b19a03dd47ae3463fc4afda117951da7a497a97cfd0 SHA512 25bf420964bf9489face93ac415d531e0b52f281b8f993b85eca75b159099f269af183a63b895ea0ba855bb08f23d4b5e5dd6aefd96b63b4e7e478bba0d2e145 WHIRLPOOL 971c9e9899ac4552c0d7ef0068f740fec431e89be3b666a4e01db882dc36b6d55ee2eb3459c9e8e5173bc303bc24c4ec99569949bde557506f2b63959959568d
 DIST ngx_http_headers_more-0.20-r1.tar.gz 26769 SHA256 0e7c5e9dc9daade8b508a9f0cd0cd887329d1ae19d80294bc588939afed9e9d9 SHA512 c31be114943f5831ad9cbac8ac0c9c1995c513205e7d3d87761788e7fdd9ea7d60992dbd51cccf26777e96658091ef091e98c2e384b1041f9bce0dacdfa81c3e WHIRLPOOL 94ae99aa9c682c6406db39f4552fd6e33c735644c930f30617b6b32efd116962b630fb1a36ff37671d1c5c8de480045e426e3779e6b9c5991cbd7d93568d6d2d
 DIST ngx_http_lua-0.8.1.tar.gz 478976 SHA256 1b4fbdcf55765fa7214d00d3d70f9c02d6922970b005649622612476e65e994f SHA512 a0eb7f839bc332ff658fd2885072591c0719bba93e7490420821daee23b6b6d26b6395222635c0841d3a322a9b77aa76411a52f137b7da356c90ed64b8f9602a WHIRLPOOL 3d5262fd97fef6d2e6ad090c9c105ac5a9659fd58eed16a2a555273dbce66d67dd0143531571897e013d45a595a3cc806bcaf7a445f56ad42f0cde8f82e8b01b
+DIST ngx_http_naxsi-0.50.tar.gz 49809 SHA256 7cece5f9d9c5df9e09af1e1023bc8e04bbbbe953e67461b893b8240e82ca52ef SHA512 cc641683211ba379b7e4d02417b9b78cc3c25b80ec2eb072b90b1515e08a40ada9ce320f618db6e60bf0eb3ae27961a1c5ad90c735cc21244bd54c1ddb50e74e WHIRLPOOL a000dc2b7b628e685885463823e202cfbaaaffe62daaa50c93a65b79560718600cf9319ccf0ea861a1207c660415818f7085e090dcea49308cadbe4379b476fe
 DIST ngx_http_push-0.692.tar.gz 29119 SHA256 64868708071aa21dbc4c7a07d149dd6ec9108fb7eaf2aad5ad069406151f17fe SHA512 79821cacf5db4b1309e3f1c8d6980f83b1093dd3f291db5298bfdeb0d889fc0629625dcf3135d1cf7554b43308ef7172a4f40596928ab3069426801177ed3c1c WHIRLPOOL f1c846a4aa2d4491ee3063266d27b9854d860bbba44ef6e2ea33ebe1f570177e836c593a84cc2c7e22357bd43411f9d5b55852ee96a98dccdc18e7edf6768c95
 DIST ngx_http_slowfs_cache-1.10.tar.gz 11809 SHA256 1e81453942e5b0877de1f1f06c56ae82918ea9818255cb935bcb673c95a758a1 SHA512 fbc9609a8d6913aeefe535f206b9e53477503f131934ead2ae5a6169e395af2f5fb54778704824d5eeb22a4ef40a11ebbcde580db62a631f70edcc2cfc06b15d WHIRLPOOL a02ed77422c47d9e476f8746186d19d632ddb953635d8d9dd51ff076225a78044286ee7e114478bc02e4b2a422e4fdc207154fc287629dd2cd7c3f9a634dad18
 DIST ngx_http_upload_progress-0.9.0-r1.tar.gz 16990 SHA256 93e29b9b437a2e34713de54c2861ea51151624aca09f73f9f44d1caaff01a6b1 SHA512 a602b797f1a928c72752edf44629e48d5b8ab3c979ea0996645a978ba898b2a11c8b12bf09bd2282c4b1503bb8caaba4e4fbf357d644fbc5744c9e7264d07519 WHIRLPOOL 6b3f9feb1a7d2a4bd2f80dd20748ee5918e187e7b026c53ed9bc189696b90521bb5beabce9e00936c5bbf625cc73ccf131d8a9c219d4f399d8ae2c44ba378ebc
@@ -22,18 +23,19 @@ DIST ngx_metrics-0.1.1.tar.gz 2964 SHA256 1c62ebb31e3caafad91720962770b0e7a4287f
 DIST ngx_syslog-0.25.tar.gz 91070 SHA256 8bafa901d2f9af0b54f1a014fdfaa07140bd4584cfada3189eddd2a7ff5b0195 SHA512 c869dc5c26484477cd9663bc860235a39813a41ac8be4b8f8f3c062c723aa431247d3b5915c962c7fcff36889d5541e8c844eaf6ece88c2c61d2f180f643f8b5 WHIRLPOOL 1829f60f9ab26c131d8fce56b2ff15276a2e99e2f6f96749ebf417e6e3d438249c79de8e6210d702acac8a1309fca417b12894428b53f280c76564a6839b4a2d
 EBUILD nginx-1.4.1-r2.ebuild 17555 SHA256 b0e6a0052c92c202df3dc400ef68c39b82cc48c8ba7732ad7a33e3a74eba5772 SHA512 761e8b254bf02a2c2b576feceb7c9b17245c2524ccfed28fb47a2654ad0a3cb776596d60195f0ed67f130eac78970bfd8d48b916f1cc1832a077fcf205fb36f3 WHIRLPOOL b0c90cfdbf874b000adf461a0c001407aa80c80df550608753fb2cb6f6cc892d70ac146fab9113f97e78b83d31b95737a0103049a5e8ab8a660965e519acabca
 EBUILD nginx-1.4.1-r3.ebuild 17580 SHA256 f2818021b5d3a94c1948bdcc3d4e42f6a0fb80a03a8901bb7fde5b02cbccc42e SHA512 87a48adc77784b4c18d037eca5e8f4fb6f1d77d77048b764fa3ba6764172b5f76f805838c7ade71b40f74a46f614e5d13b8be17f6526164cf8c9f046d7563730 WHIRLPOOL 4553a937b6029ae516d39db0b2b6c9ad4d9791b8fd6310799c32c61ec1bc4f99d8e4503b0fa30bc30e3362809577e710df2903a8a76fd360075dd49e981e25fb
-MISC ChangeLog 59078 SHA256 ae4ff04df88ef04099afa60032007583dd595e23515e3f93293b1866a818f1cb SHA512 24746d1660858e8dfa8513c5cb4fc752d5f2934bfdcff5e48427f48e6e6ec276aeb895be7e958afe3ddc8efdacad7984f512ab5923081f3b271d4e4554ec205f WHIRLPOOL 8050f4980104e84ba9389a910c30306f5e01fa06c8da706c338298002ece9680ab4769f37ab1389131b3e4f755e9e6c8f206833e033fe6a3f0a42b9acc312210
+EBUILD nginx-1.4.1-r4.ebuild 18382 SHA256 de035caf78b14a2832aeb8c13e21eef22fd25faec9c35e9f01ca7add26bdd984 SHA512 73cdd9c248ca9bb4cb8ca06f2448ad1dfae1026692b4de04b966eb4699cce8a336d03cd4c69ac0a7c9a328ea37e8959550d7a940c42e981dba15259bb59dd986 WHIRLPOOL 6d90cbfdd62ef59ea0843becf9484b1ef0a1c8d339216b1488feb2a2964e076fc43f083ae17d30c97e11afd4bfc5eb4f9fe59656c3a51d9fe5ae00aedbacc4b6
+MISC ChangeLog 59226 SHA256 cd1d19e14a82b0d1dc324699c523586a8180dcef919d4c2688b07bdfdf7ab1a5 SHA512 155d695f1eb7eb3f16929444ff9f4c119f4ec645f5610d49cc9daab2461b2a8b9ac27934541fe371b594fadc82dd377f8c5a5a6925f6e4b6f574b3f870a112bb WHIRLPOOL 36b6983d8a4ea085fdada8a4f1c16a7041eebc6e88301c52311a07b3ac02f00c998f26add31c48f34f472a0b0522e6eda1a4aceca5afe9a92ca97a0283d79ed2
 MISC metadata.xml 827 SHA256 750fe1d3ad8a43f2772ba296a0bfd35259d32a1746847dfe4119a18d49c01397 SHA512 5248aaf2524123b68d6fd6b82bc58426d419801763d8dcb87b5a5b15475936daf0160f9e878db06307ede0ab215ba0b571a9ff39873f7a77c18780f31c92b0d0 WHIRLPOOL 70c74c2b920dc049b01038e89d7046d188cad9a8a60cbd52dd11db32fe34ca9b55e62ec0bf3ad32c7fb8b26e519a97dc38175f1be3ef5e24c3d55d76f6ed8d10
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
-iQF8BAEBCABmBQJRkeDQXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
+iQF8BAEBCABmBQJRkq68XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
 ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ1RjI0QTQ0MjI1OURBNzI4MEIyREExRkQx
-RTdDRkM3NzFFMENBODVGAAoJEB58/HceDKhfz+YH/imAJE9SlBByd/ctV+NvPNV/
-mukKPJt76yA1jOiW8SmBcUY9PbArGGPETEz6xlYSYoftW0CD22k3hTBxpX1X2b9/
-0QXNSnILkbL9oEGCr9zc4nQPNIAd6JUPnVaoCDbDrtWm9MfuNG/F5py8k2nmg9sJ
-GTR926PmkGFltJfvmE/w6Drm8UQgzxC1SNTI0PuFvuO0/AmMixjCT/I9HOy3rBIa
-gkdjyjOG/WUkXwnO6PNLCZOv5eylTPwYllaaAWHqHJVlb8BjGb3oabbWGkSXcOVg
-M2mqpwHE7abhEXHpfkA7SavNpgBXysnUZlv+P2dVhJ9nLG5OdJ6wt6qPWuEXixc=
-=PdW1
+RTdDRkM3NzFFMENBODVGAAoJEB58/HceDKhf5QgH/2lTNLIvsRLHGsokV+Y6XqUn
+1iQ88quotbQzkZtGPOu1IfA9zkPRAy6kzlZtXhNxjVErzruKRTk6rFsSvFuaEWew
+djLWXvdg2v5oYmum5we3DrksQRqcyyv2/Yc2fRHpoCcpsrbGEx2xf3eBii4KQQeR
+S4q4wUshsSp9J2M6OsFDT/uvpy2DOFssTcRsD29TVrOn/fOdj2MWE8K+Y2th9le8
+rueV9y4/AVDLrZ9J0vYj3kWmSL/i40HrueklqXkPdOiSZnEcZvvtGzByCqi3aDcZ
+wxISmfsydFHGjxnULdxJrQBNmstd8wXwZxoc6yjW6HfccXtAUVTmQJrgERPKsPs=
+=t5TL
 -----END PGP SIGNATURE-----
diff --git a/www-servers/nginx/nginx-1.4.1-r4.ebuild b/www-servers/nginx/nginx-1.4.1-r4.ebuild
new file mode 100644
index 000000000000..2a4c858caea2
--- /dev/null
+++ b/www-servers/nginx/nginx-1.4.1-r4.ebuild
@@ -0,0 +1,505 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/www-servers/nginx/nginx-1.4.1-r4.ebuild,v 1.1 2013/05/14 21:38:03 dev-zero Exp $
+
+EAPI="5"
+
+# Maintainer notes:
+# - http_rewrite-independent pcre-support makes sense for matching locations without an actual rewrite
+# - any http-module activates the main http-functionality and overrides USE=-http
+# - keep the following requirements in mind before adding external modules:
+#   * alive upstream
+#   * sane packaging
+#   * builds cleanly
+#   * does not need a patch for nginx core
+# - TODO: test the google-perftools module (included in vanilla tarball)
+
+# prevent perl-module from adding automagic perl DEPENDs
+GENTOO_DEPEND_ON_PERL="no"
+
+# syslog
+SYSLOG_MODULE_PV="0.25"
+SYSLOG_MODULE_NGINX_PV="1.3.14"
+SYSLOG_MODULE_P="ngx_syslog-${SYSLOG_MODULE_PV}"
+SYSLOG_MODULE_URI="https://github.com/yaoweibin/nginx_syslog_patch/archive/v${SYSLOG_MODULE_PV}.tar.gz"
+SYSLOG_MODULE_WD="${WORKDIR}/nginx_syslog_patch-${SYSLOG_MODULE_PV}"
+
+# devel_kit (https://github.com/simpl/ngx_devel_kit, BSD license)
+DEVEL_KIT_MODULE_PV="0.2.18"
+DEVEL_KIT_MODULE_P="ngx_devel_kit-${DEVEL_KIT_MODULE_PV}-r1"
+DEVEL_KIT_MODULE_URI="https://github.com/simpl/ngx_devel_kit/archive/v${DEVEL_KIT_MODULE_PV}.tar.gz"
+DEVEL_KIT_MODULE_WD="${WORKDIR}/ngx_devel_kit-${DEVEL_KIT_MODULE_PV}"
+
+# http_uploadprogress (https://github.com/masterzen/nginx-upload-progress-module, BSD-2 license)
+HTTP_UPLOAD_PROGRESS_MODULE_PV="0.9.0"
+HTTP_UPLOAD_PROGRESS_MODULE_P="ngx_http_upload_progress-${HTTP_UPLOAD_PROGRESS_MODULE_PV}-r1"
+HTTP_UPLOAD_PROGRESS_MODULE_URI="https://github.com/masterzen/nginx-upload-progress-module/archive/v${HTTP_UPLOAD_PROGRESS_MODULE_PV}.tar.gz"
+HTTP_UPLOAD_PROGRESS_MODULE_WD="${WORKDIR}/nginx-upload-progress-module-${HTTP_UPLOAD_PROGRESS_MODULE_PV}"
+
+# http_headers_more (http://github.com/agentzh/headers-more-nginx-module, BSD license)
+HTTP_HEADERS_MORE_MODULE_PV="0.20"
+HTTP_HEADERS_MORE_MODULE_P="ngx_http_headers_more-${HTTP_HEADERS_MORE_MODULE_PV}-r1"
+HTTP_HEADERS_MORE_MODULE_URI="https://github.com/agentzh/headers-more-nginx-module/archive/v${HTTP_HEADERS_MORE_MODULE_PV}.tar.gz"
+HTTP_HEADERS_MORE_MODULE_WD="${WORKDIR}/headers-more-nginx-module-${HTTP_HEADERS_MORE_MODULE_PV}"
+
+# http_push (http://pushmodule.slact.net/, MIT license)
+HTTP_PUSH_MODULE_PV="0.692"
+HTTP_PUSH_MODULE_P="ngx_http_push-${HTTP_PUSH_MODULE_PV}"
+HTTP_PUSH_MODULE_URI="http://pushmodule.slact.net/downloads/nginx_http_push_module-${HTTP_PUSH_MODULE_PV}.tar.gz"
+HTTP_PUSH_MODULE_WD="${WORKDIR}/nginx_http_push_module-${HTTP_PUSH_MODULE_PV}"
+
+# http_cache_purge (http://labs.frickle.com/nginx_ngx_cache_purge/, BSD-2 license)
+HTTP_CACHE_PURGE_MODULE_PV="2.1"
+HTTP_CACHE_PURGE_MODULE_P="ngx_http_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}"
+HTTP_CACHE_PURGE_MODULE_URI="http://labs.frickle.com/files/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}.tar.gz"
+HTTP_CACHE_PURGE_MODULE_WD="${WORKDIR}/ngx_cache_purge-${HTTP_CACHE_PURGE_MODULE_PV}"
+
+# http_slowfs_cache (http://labs.frickle.com/nginx_ngx_slowfs_cache/, BSD-2 license)
+HTTP_SLOWFS_CACHE_MODULE_PV="1.10"
+HTTP_SLOWFS_CACHE_MODULE_P="ngx_http_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}"
+HTTP_SLOWFS_CACHE_MODULE_URI="http://labs.frickle.com/files/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}.tar.gz"
+HTTP_SLOWFS_CACHE_MODULE_WD="${WORKDIR}/ngx_slowfs_cache-${HTTP_SLOWFS_CACHE_MODULE_PV}"
+
+# http_fancyindex (http://wiki.nginx.org/NgxFancyIndex, BSD license)
+HTTP_FANCYINDEX_MODULE_PV="0.3.1.1"
+HTTP_FANCYINDEX_MODULE_P="ngx_http_fancyindex-${HTTP_FANCYINDEX_MODULE_PV}"
+HTTP_FANCYINDEX_MODULE_URI="http://gitorious.org/ngx-fancyindex/ngx-fancyindex/archive-tarball/2034d0ad"
+HTTP_FANCYINDEX_MODULE_WD="${WORKDIR}/ngx-fancyindex-ngx-fancyindex"
+
+# http_lua (https://github.com/chaoslawful/lua-nginx-module, BSD license)
+HTTP_LUA_MODULE_PV="0.8.1"
+HTTP_LUA_MODULE_P="ngx_http_lua-${HTTP_LUA_MODULE_PV}"
+HTTP_LUA_MODULE_URI="https://github.com/chaoslawful/lua-nginx-module/archive/v${HTTP_LUA_MODULE_PV}.tar.gz"
+HTTP_LUA_MODULE_WD="${WORKDIR}/lua-nginx-module-${HTTP_LUA_MODULE_PV}"
+
+# http_auth_pam (http://web.iti.upv.es/~sto/nginx/, unknown license)
+HTTP_AUTH_PAM_MODULE_PV="1.2"
+HTTP_AUTH_PAM_MODULE_P="ngx_http_auth_pam-${HTTP_AUTH_PAM_MODULE_PV}"
+HTTP_AUTH_PAM_MODULE_URI="http://web.iti.upv.es/~sto/nginx/ngx_http_auth_pam_module-${HTTP_AUTH_PAM_MODULE_PV}.tar.gz"
+HTTP_AUTH_PAM_MODULE_WD="${WORKDIR}/ngx_http_auth_pam_module-${HTTP_AUTH_PAM_MODULE_PV}"
+
+# http_upstream_check (https://github.com/yaoweibin/nginx_upstream_check_module, BSD license)
+HTTP_UPSTREAM_CHECK_MODULE_PV="99f39394f387211641a1668d61faf2d5186ea1f5"
+HTTP_UPSTREAM_CHECK_MODULE_P="ngx_http_upstream_check-${HTTP_UPSTREAM_CHECK_MODULE_PV}"
+HTTP_UPSTREAM_CHECK_MODULE_URI="https://github.com/yaoweibin/nginx_upstream_check_module/archive/${HTTP_UPSTREAM_CHECK_MODULE_PV}.tar.gz"
+HTTP_UPSTREAM_CHECK_MODULE_WD="${WORKDIR}/nginx_upstream_check_module-${HTTP_UPSTREAM_CHECK_MODULE_PV}"
+
+# http_metrics (https://github.com/madvertise/ngx_metrics, BSD license)
+HTTP_METRICS_MODULE_PV="0.1.1"
+HTTP_METRICS_MODULE_P="ngx_metrics-${HTTP_METRICS_MODULE_PV}"
+HTTP_METRICS_MODULE_URI="https://github.com/madvertise/ngx_metrics/archive/v${HTTP_METRICS_MODULE_PV}.tar.gz"
+HTTP_METRICS_MODULE_WD="${WORKDIR}/ngx_metrics-${HTTP_METRICS_MODULE_PV}"
+
+# naxsi-core (https://code.google.com/p/naxsi/, GPLv2+)
+HTTP_NAXSI_MODULE_PV="0.50"
+HTTP_NAXSI_MODULE_P="ngx_http_naxsi-${HTTP_NAXSI_MODULE_PV}"
+HTTP_NAXSI_MODULE_URI="https://naxsi.googlecode.com/files/naxsi-core-${HTTP_NAXSI_MODULE_PV}.tgz"
+HTTP_NAXSI_MODULE_WD="${WORKDIR}/naxsi-core-${HTTP_NAXSI_MODULE_PV}/naxsi_src"
+
+inherit eutils ssl-cert toolchain-funcs perl-module flag-o-matic user systemd versionator
+
+DESCRIPTION="Robust, small and high performance http and reverse proxy server"
+HOMEPAGE="http://nginx.org"
+SRC_URI="http://nginx.org/download/${P}.tar.gz
+	syslog? ( ${SYSLOG_MODULE_URI} -> ${SYSLOG_MODULE_P}.tar.gz )
+	${DEVEL_KIT_MODULE_URI} -> ${DEVEL_KIT_MODULE_P}.tar.gz
+	nginx_modules_http_upload_progress? ( ${HTTP_UPLOAD_PROGRESS_MODULE_URI} -> ${HTTP_UPLOAD_PROGRESS_MODULE_P}.tar.gz )
+	nginx_modules_http_headers_more? ( ${HTTP_HEADERS_MORE_MODULE_URI} -> ${HTTP_HEADERS_MORE_MODULE_P}.tar.gz )
+	nginx_modules_http_push? ( ${HTTP_PUSH_MODULE_URI} -> ${HTTP_PUSH_MODULE_P}.tar.gz )
+	nginx_modules_http_cache_purge? ( ${HTTP_CACHE_PURGE_MODULE_URI} -> ${HTTP_CACHE_PURGE_MODULE_P}.tar.gz )
+	nginx_modules_http_slowfs_cache? ( ${HTTP_SLOWFS_CACHE_MODULE_URI} -> ${HTTP_SLOWFS_CACHE_MODULE_P}.tar.gz )
+	nginx_modules_http_fancyindex? ( ${HTTP_FANCYINDEX_MODULE_URI} -> ${HTTP_FANCYINDEX_MODULE_P}.tar.gz )
+	nginx_modules_http_lua? ( ${HTTP_LUA_MODULE_URI} -> ${HTTP_LUA_MODULE_P}.tar.gz )
+	nginx_modules_http_auth_pam? ( ${HTTP_AUTH_PAM_MODULE_URI} -> ${HTTP_AUTH_PAM_MODULE_P}.tar.gz )
+	nginx_modules_http_upstream_check? ( ${HTTP_UPSTREAM_CHECK_MODULE_URI} -> ${HTTP_UPSTREAM_CHECK_MODULE_P}.tar.gz )
+	nginx_modules_http_metrics? ( ${HTTP_METRICS_MODULE_URI} -> ${HTTP_METRICS_MODULE_P}.tar.gz )
+	nginx_modules_http_naxsi? ( ${HTTP_NAXSI_MODULE_URI} -> ${HTTP_NAXSI_MODULE_P}.tar.gz )"
+
+LICENSE="BSD-2 BSD SSLeay MIT GPL-2 GPL-2+"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~ppc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux"
+
+NGINX_MODULES_STD="access auth_basic autoindex browser charset empty_gif fastcgi
+geo gzip limit_req limit_conn map memcached proxy referer rewrite scgi ssi
+split_clients upstream_ip_hash userid uwsgi"
+NGINX_MODULES_OPT="addition dav degradation flv geoip gunzip gzip_static image_filter
+mp4 perl random_index realip secure_link spdy stub_status sub xslt"
+NGINX_MODULES_MAIL="imap pop3 smtp"
+NGINX_MODULES_3RD="
+	http_upload_progress
+	http_headers_more
+	http_push
+	http_cache_purge
+	http_slowfs_cache
+	http_fancyindex
+	http_lua
+	http_auth_pam
+	http_upstream_check
+	http_metrics
+	http_naxsi"
+
+IUSE="aio debug +http +http-cache ipv6 libatomic +pcre pcre-jit selinux ssl
+syslog userland_GNU vim-syntax"
+
+for mod in $NGINX_MODULES_STD; do
+	IUSE="${IUSE} +nginx_modules_http_${mod}"
+done
+
+for mod in $NGINX_MODULES_OPT; do
+	IUSE="${IUSE} nginx_modules_http_${mod}"
+done
+
+for mod in $NGINX_MODULES_MAIL; do
+	IUSE="${IUSE} nginx_modules_mail_${mod}"
+done
+
+for mod in $NGINX_MODULES_3RD; do
+	IUSE="${IUSE} nginx_modules_${mod}"
+done
+
+CDEPEND="
+	pcre? ( >=dev-libs/libpcre-4.2 )
+	pcre-jit? ( >=dev-libs/libpcre-8.20[jit] )
+	selinux? ( sec-policy/selinux-nginx )
+	ssl? ( dev-libs/openssl )
+	http-cache? ( userland_GNU? ( dev-libs/openssl ) )
+	nginx_modules_http_geo? ( dev-libs/geoip )
+	nginx_modules_http_gunzip? ( sys-libs/zlib )
+	nginx_modules_http_gzip? ( sys-libs/zlib )
+	nginx_modules_http_gzip_static? ( sys-libs/zlib )
+	nginx_modules_http_image_filter? ( media-libs/gd[jpeg,png] )
+	nginx_modules_http_perl? ( >=dev-lang/perl-5.8 )
+	nginx_modules_http_rewrite? ( >=dev-libs/libpcre-4.2 )
+	nginx_modules_http_secure_link? ( userland_GNU? ( dev-libs/openssl ) )
+	nginx_modules_http_spdy? ( >=dev-libs/openssl-1.0.1c )
+	nginx_modules_http_xslt? ( dev-libs/libxml2 dev-libs/libxslt )
+	nginx_modules_http_lua? ( || ( dev-lang/lua dev-lang/luajit ) )
+	nginx_modules_http_auth_pam? ( virtual/pam )
+	nginx_modules_http_metrics? ( dev-libs/yajl )"
+RDEPEND="${CDEPEND}"
+DEPEND="${CDEPEND}
+	arm? ( dev-libs/libatomic_ops )
+	libatomic? ( dev-libs/libatomic_ops )"
+PDEPEND="vim-syntax? ( app-vim/nginx-syntax )"
+
+REQUIRED_USE="pcre-jit? ( pcre )
+	nginx_modules_http_lua? ( nginx_modules_http_rewrite )"
+
+pkg_setup() {
+	NGINX_HOME="/var/lib/nginx"
+	NGINX_HOME_TMP="${NGINX_HOME}/tmp"
+
+	ebegin "Creating nginx user and group"
+	enewgroup ${PN}
+	enewuser ${PN} -1 -1 "${NGINX_HOME}" ${PN}
+	eend $?
+
+	if use libatomic; then
+		ewarn "GCC 4.1+ features built-in atomic operations."
+		ewarn "Using libatomic_ops is only needed if using"
+		ewarn "a different compiler or a GCC prior to 4.1"
+	fi
+
+	if [[ -n $NGINX_ADD_MODULES ]]; then
+		ewarn "You are building custom modules via \$NGINX_ADD_MODULES!"
+		ewarn "This nginx installation is not supported!"
+		ewarn "Make sure you can reproduce the bug without those modules"
+		ewarn "_before_ reporting bugs."
+	fi
+
+	if use !http; then
+		ewarn "To actually disable all http-functionality you also have to disable"
+		ewarn "all nginx http modules."
+	fi
+}
+
+src_prepare() {
+	epatch "${FILESDIR}/${P}-fix-perl-install-path.patch"
+
+	if use syslog; then
+		epatch "${SYSLOG_MODULE_WD}"/syslog_${SYSLOG_MODULE_NGINX_PV}.patch
+	fi
+
+	if use nginx_modules_http_upstream_check; then
+		epatch "${HTTP_UPSTREAM_CHECK_MODULE_WD}"/check_1.2.6+.patch
+	fi
+
+	find auto/ -type f -print0 | xargs -0 sed -i 's:\&\& make:\&\& \\$(MAKE):' || die
+	# We have config protection, don't rename etc files
+	sed -i 's:.default::' auto/install || die
+	# remove useless files
+	sed -i -e '/koi-/d' -e '/win-/d' auto/install || die
+
+	epatch_user
+}
+
+src_configure() {
+	local myconf= http_enabled= mail_enabled=
+
+	use aio       && myconf+=" --with-file-aio --with-aio_module"
+	use debug     && myconf+=" --with-debug"
+	use ipv6      && myconf+=" --with-ipv6"
+	use libatomic && myconf+=" --with-libatomic"
+	use pcre      && myconf+=" --with-pcre"
+	use pcre-jit  && myconf+=" --with-pcre-jit"
+
+	# syslog support
+	if use syslog; then
+		myconf+=" --add-module=${SYSLOG_MODULE_WD}"
+	fi
+
+	# HTTP modules
+	for mod in $NGINX_MODULES_STD; do
+		if use nginx_modules_http_${mod}; then
+			http_enabled=1
+		else
+			myconf+=" --without-http_${mod}_module"
+		fi
+	done
+
+	for mod in $NGINX_MODULES_OPT; do
+		if use nginx_modules_http_${mod}; then
+			http_enabled=1
+			myconf+=" --with-http_${mod}_module"
+		fi
+	done
+
+	if use nginx_modules_http_fastcgi; then
+		myconf+=" --with-http_realip_module"
+	fi
+
+	# third-party modules
+	if use nginx_modules_http_upload_progress; then
+		http_enabled=1
+		myconf+=" --add-module=${HTTP_UPLOAD_PROGRESS_MODULE_WD}"
+	fi
+
+	if use nginx_modules_http_headers_more; then
+		http_enabled=1
+		myconf+=" --add-module=${HTTP_HEADERS_MORE_MODULE_WD}"
+	fi
+
+	if use nginx_modules_http_push; then
+		http_enabled=1
+		myconf+=" --add-module=${HTTP_PUSH_MODULE_WD}"
+	fi
+
+	if use nginx_modules_http_cache_purge; then
+		http_enabled=1
+		myconf+=" --add-module=${HTTP_CACHE_PURGE_MODULE_WD}"
+	fi
+
+	if use nginx_modules_http_slowfs_cache; then
+		http_enabled=1
+		myconf+=" --add-module=${HTTP_SLOWFS_CACHE_MODULE_WD}"
+	fi
+
+	if use nginx_modules_http_fancyindex; then
+		http_enabled=1
+		myconf+=" --add-module=${HTTP_FANCYINDEX_MODULE_WD}"
+	fi
+
+	if use nginx_modules_http_lua; then
+		http_enabled=1
+		myconf+=" --add-module=${DEVEL_KIT_MODULE_WD}"
+		myconf+=" --add-module=${HTTP_LUA_MODULE_WD}"
+	fi
+
+	if use nginx_modules_http_auth_pam; then
+		http_enabled=1
+		myconf+=" --add-module=${HTTP_AUTH_PAM_MODULE_WD}"
+	fi
+
+	if use nginx_modules_http_upstream_check; then
+		http_enabled=1
+		myconf+=" --add-module=${HTTP_UPSTREAM_CHECK_MODULE_WD}"
+	fi
+
+	if use nginx_modules_http_metrics; then
+		http_enabled=1
+		myconf+=" --add-module=${HTTP_METRICS_MODULE_WD}"
+	fi
+
+	if use nginx_modules_http_naxsi ; then
+		http_enabled=1
+		myconf+=" --add-module=${HTTP_NAXSI_MODULE_WD}"
+	fi
+
+	if use http || use http-cache; then
+		http_enabled=1
+	fi
+
+	if [ $http_enabled ]; then
+		use http-cache || myconf+=" --without-http-cache"
+		use ssl && myconf+=" --with-http_ssl_module"
+	else
+		myconf+=" --without-http --without-http-cache"
+	fi
+
+	# MAIL modules
+	for mod in $NGINX_MODULES_MAIL; do
+		if use nginx_modules_mail_${mod}; then
+			mail_enabled=1
+		else
+			myconf+=" --without-mail_${mod}_module"
+		fi
+	done
+
+	if [ $mail_enabled ]; then
+		myconf+=" --with-mail"
+		use ssl && myconf+=" --with-mail_ssl_module"
+	fi
+
+	# custom modules
+	for mod in $NGINX_ADD_MODULES; do
+		myconf+=" --add-module=${mod}"
+	done
+
+	# https://bugs.gentoo.org/286772
+	export LANG=C LC_ALL=C
+	tc-export CC
+
+	if ! use prefix; then
+		myconf+=" --user=${PN} --group=${PN}"
+	fi
+
+	./configure \
+		--prefix="${EPREFIX}"/usr \
+		--conf-path="${EPREFIX}"/etc/${PN}/${PN}.conf \
+		--error-log-path="${EPREFIX}"/var/log/${PN}/error_log \
+		--pid-path="${EPREFIX}"/run/${PN}.pid \
+		--lock-path="${EPREFIX}"/run/lock/${PN}.lock \
+		--with-cc-opt="-I${EROOT}usr/include" \
+		--with-ld-opt="-L${EROOT}usr/lib" \
+		--http-log-path="${EPREFIX}"/var/log/${PN}/access_log \
+		--http-client-body-temp-path="${EPREFIX}/${NGINX_HOME_TMP}"/client \
+		--http-proxy-temp-path="${EPREFIX}/${NGINX_HOME_TMP}"/proxy \
+		--http-fastcgi-temp-path="${EPREFIX}/${NGINX_HOME_TMP}"/fastcgi \
+		--http-scgi-temp-path="${EPREFIX}/${NGINX_HOME_TMP}"/scgi \
+		--http-uwsgi-temp-path="${EPREFIX}/${NGINX_HOME_TMP}"/uwsgi \
+		${myconf} || die "configure failed"
+}
+
+src_compile() {
+	# https://bugs.gentoo.org/286772
+	export LANG=C LC_ALL=C
+	emake LINK="${CC} ${LDFLAGS}" OTHERLDFLAGS="${LDFLAGS}"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+
+	cp "${FILESDIR}"/nginx.conf "${ED}"/etc/nginx/nginx.conf || die
+
+	newinitd "${FILESDIR}"/nginx.initd-r2 nginx
+
+	systemd_newunit "${FILESDIR}"/nginx.service-r1 nginx.service
+
+	doman man/nginx.8
+	dodoc CHANGES* README
+
+	# just keepdir. do not copy the default htdocs files (bug #449136)
+	keepdir /var/www/localhost
+	rm -rf "${D}"/usr/html || die
+
+	keepdir /var/log/nginx "${NGINX_HOME_TMP}"/{,client,proxy,fastcgi,scgi,uwsgi}
+	fperms 0700 /var/log/nginx "${NGINX_HOME_TMP}"/{,client,proxy,fastcgi,scgi,uwsgi}
+	fowners ${PN}:${PN} /var/log/nginx "${NGINX_HOME_TMP}"/{,client,proxy,fastcgi,scgi,uwsgi}
+
+	# logrotate
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}"/nginx.logrotate nginx
+
+	if use nginx_modules_http_perl; then
+		cd "${S}"/objs/src/http/modules/perl/
+		einstall DESTDIR="${D}" INSTALLDIRS=vendor
+		fixlocalpod
+	fi
+
+	if use syslog; then
+		docinto ${SYSLOG_MODULE_P}
+		dodoc "${SYSLOG_MODULE_WD}"/README
+	fi
+
+	if use nginx_modules_http_push; then
+		docinto ${HTTP_PUSH_MODULE_P}
+		dodoc "${HTTP_PUSH_MODULE_WD}"/{changelog.txt,protocol.txt,README}
+	fi
+
+	if use nginx_modules_http_cache_purge; then
+		docinto ${HTTP_CACHE_PURGE_MODULE_P}
+		dodoc "${HTTP_CACHE_PURGE_MODULE_WD}"/{CHANGES,README.md,TODO.md}
+	fi
+
+	if use nginx_modules_http_slowfs_cache; then
+		docinto ${HTTP_SLOWFS_CACHE_MODULE_P}
+		dodoc "${HTTP_SLOWFS_CACHE_MODULE_WD}"/{CHANGES,README.md}
+	fi
+
+	if use nginx_modules_http_fancyindex; then
+		docinto ${HTTP_FANCYINDEX_MODULE_P}
+		dodoc "${HTTP_FANCYINDEX_MODULE_WD}"/README.rst
+	fi
+
+	if use nginx_modules_http_lua; then
+		docinto ${HTTP_LUA_MODULE_P}
+		dodoc "${HTTP_LUA_MODULE_WD}"/{Changes,README.markdown}
+	fi
+
+	if use nginx_modules_http_auth_pam; then
+		docinto ${HTTP_AUTH_PAM_MODULE_P}
+		dodoc "${HTTP_AUTH_PAM_MODULE_WD}"/{README,ChangeLog}
+	fi
+
+	if use nginx_modules_http_upstream_check; then
+		docinto ${HTTP_UPSTREAM_CHECK_MODULE_P}
+		dodoc "${HTTP_UPSTREAM_CHECK_MODULE_WD}"/{README,CHANGES}
+	fi
+
+	if use nginx_modules_http_metrics; then
+		docinto ${HTTP_METRICS_MODULE_P}
+		dodoc "${HTTP_METRICS_MODULE_WD}"/README.md
+	fi
+
+	if use nginx_modules_http_naxsi; then
+		insinto /etc/nginx
+		doins "${HTTP_NAXSI_MODULE_WD}"/../naxsi_config/naxsi_core.rules
+
+		docinto ${HTTP_NAXSI_MODULE_P}
+		newdoc "${HTTP_NAXSI_MODULE_WD}"/../naxsi_config/default_location_config.example nbs.rules
+	fi
+}
+
+pkg_postinst() {
+	if use ssl; then
+		if [ ! -f "${EROOT}"/etc/ssl/${PN}/${PN}.key ]; then
+			install_cert /etc/ssl/${PN}/${PN}
+			use prefix || chown ${PN}:${PN} "${EROOT}"/etc/ssl/${PN}/${PN}.{crt,csr,key,pem}
+		fi
+	fi
+
+	if use nginx_modules_http_lua && use nginx_modules_http_spdy; then
+		ewarn "Lua 3rd party module author warns against using ${P} with"
+		ewarn "NGINX_MODULES_HTTP=\"lua spdy\". For more info, see http://git.io/OldLsg"
+	fi
+
+	# This is the proper fix for bug #458726/#469094, resp. CVE-2013-0337 for
+	# existing installations
+	local fix_perms=0
+
+	for rv in ${REPLACING_VERSIONS} ; do
+		version_compare ${rv} 1.4.1-r2
+		[[ $? -eq 1 ]] && fix_perms=1
+	done
+
+	if [[ $fix_perms -eq 1 ]] ; then
+		ewarn "To fix a security bug (CVE-2013-0337, bug #458726) had the following"
+		ewarn "directories the world-readable bit removed (if set):"
+		ewarn "  ${EPREFIX}/var/log/nginx"
+		ewarn "  ${EPREFIX}${NGINX_HOME_TMP}/{,client,proxy,fastcgi,scgi,uwsgi}"
+		ewarn "Check if this is correct for your setup before restarting nginx!"
+		ewarn "This is a one-time change and will not happen on subsequent updates."
+		ewarn "Furthermore nginx' temp directories got moved to ${NGINX_HOME_TMP}"
+		chmod o-rwx "${EPREFIX}"/var/log/nginx "${EPREFIX}/${NGINX_HOME_TMP}"/{,client,proxy,fastcgi,scgi,uwsgi}
+	fi
+}