Importing nginx-0.8.13 to this overlay.

www-servers/nginx/Manifest

@@ -0,0 +1,11 @@
+AUX nginx 994 RMD160 4b36e15714c84f8e8228d0ca6790c545736d74bb SHA1 de0a11802cc6f4a1111652416bce131a07ae008c SHA256 17a32f38e066ecc91ad91496e0ab8f0885e5550d42bf62dbecfdf2747a0fb1cd
+AUX nginx-r1 1645 RMD160 d032feec43e4ba31ac5b6fffec478ebbeb49db60 SHA1 49f0db3efaccd3cef545b8c68cfa557ca829352f SHA256 b263a663399d2897dfdf53226d45fc3707bc9230bd687b8003d075a48f60ecaf
+AUX nginx-secure-link-timeout.patch 3103 RMD160 51337d222001fb051d29feaac3f68ab8367357da SHA1 d9f831bc7c378e2c1893a5f9964400a49ecc4f4b SHA256 ff89688109e695c7e3c8dfd39fa7e1310984d790e59bbbf40f29987d3edfd0a5
+AUX nginx.conf 1400 RMD160 d982c853d9145643c4a885012a41fc4acd39080f SHA1 6974ab2214a11ad3e828861b47f9499c9481520d SHA256 11adbf9f0903f473b98474d460e41ec1161daa58d37e5c05019b03eae4d944f7
+AUX nginx.conf-r1 966 RMD160 b4b9e54860f14a106b186cfc02dbb00e15df694d SHA1 0bc417a8b7f736bcfba5330a48b7915ef344a7a2 SHA256 ef34ceb24bdd8aebf144b9583f457e3bfbbd96286acc4394c159a886990c29bf
+AUX nginx.conf-r2 1044 RMD160 5ddc034f31a54da00b57503cfc5a7e0be2189cef SHA1 988e59f8aeabb8b4b1e412f4dfc8ddfa96ee5da4 SHA256 722b5588c975c523caea14bd90866be5d260f7d0fcdf1af90d2110b2db7ee448
+AUX nginx.conf-r3 1039 RMD160 cc181fdfdbbd26eabfc60821d9bd92bc2632905c SHA1 5ddb38fd85e1a99f69b5efc62b22a4633c924f67 SHA256 93c926f698a21946687340d553d584c47408359d5bb64651fc967274659662fc
+AUX nginx.conf-r4 1410 RMD160 4b188bb03b12de3b38a82e13b1a2bb93848e8948 SHA1 e836c85e98e3b2c633818c286992d32a68c0b5ff SHA256 74d984512901fc9cfd13cac60df06cd468566aae367c35a3205e6daf7e7c32b6
+DIST nginx-0.8.13.tar.gz 604752 RMD160 39c0473e9cb1b4910321ec243c149c5f582b75d7 SHA1 de1b13511eac4c68d417d74806771f08d874f565 SHA256 916f8dd8d9bdae3b39f9c63f3469291d4afb05e4ddf7c39ef377ea69c484f2fb
+DIST ngx_http_auth_pam_module-1.1.tar.gz 5193 RMD160 38437a1f5d34f93b22abb9f0a7181be756356d33 SHA1 d04065a512169925dda8bce710e1dc5012cac47b SHA256 ea9da5f106b952729398248cddabbe25f7a5752993e91c9b8252dbc2b03b8ecd
+EBUILD nginx-0.8.13.ebuild 3792 RMD160 804207472f7760c5293b213490828a1e0c01a0a3 SHA1 e1bbc04148f0b0047ba7e21213c61f931366c442 SHA256 64085dd092aa29873e7a0d7c1bc08108394218a0e59b15abc901daaac174e783

www-servers/nginx/files/nginx

@@ -0,0 +1,40 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/www-servers/nginx/files/nginx,v 1.3 2005/05/29 14:30:28 voxus Exp $
+
+opts="${opts} reload configtest"
+
+depend() {
+	need net
+	use dns logger
+}
+
+start() {
+	configtest || return 1
+	ebegin "Starting nginx"
+	start-stop-daemon --start --pidfile /var/run/nginx.pid \
+		--exec /usr/sbin/nginx -- -c /etc/nginx/nginx.conf
+	eend $? "Failed to start nginx"
+}
+
+stop() {
+	configtest || return 1
+	ebegin "Stopping nginx"
+	start-stop-daemon --stop --pidfile /var/run/nginx.pid
+	eend $? "Failed to stop nginx"
+	rm -f /var/run/nginx.pid
+}
+
+reload() {
+	configtest || return 1
+	ebegin "Refreshing nginx' configuration"
+	kill -HUP `cat /var/run/nginx.pid` &>/dev/null
+	eend $? "Failed to reload nginx"
+}
+
+configtest() {
+	ebegin "Checking nginx' configuration"
+	/usr/sbin/nginx -c /etc/nginx/nginx.conf -t
+	eend $? "failed, please correct errors above"
+}

www-servers/nginx/files/nginx-r1

@@ -0,0 +1,71 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/www-servers/nginx/files/nginx-r1,v 1.1 2006/07/04 16:58:38 voxus Exp $
+
+opts="${opts} upgrade reload configtest"
+
+depend() {
+	need net
+	use dns logger
+}
+
+start() {
+	configtest || return 1
+	ebegin "Starting nginx"
+	start-stop-daemon --start --pidfile /var/run/nginx.pid \
+		--exec /usr/sbin/nginx -- -c /etc/nginx/nginx.conf
+	eend $? "Failed to start nginx"
+}
+
+stop() {
+	configtest || return 1
+	ebegin "Stopping nginx"
+	start-stop-daemon --stop --pidfile /var/run/nginx.pid
+	eend $? "Failed to stop nginx"
+	rm -f /var/run/nginx.pid
+}
+
+reload() {
+	configtest || return 1
+	ebegin "Refreshing nginx' configuration"
+	kill -HUP `cat /var/run/nginx.pid` &>/dev/null
+	eend $? "Failed to reload nginx"
+}
+
+upgrade() {
+	configtest || return 1
+	ebegin "Upgrading nginx"
+
+	einfo "Sending USR2 to old binary"
+	kill -USR2 `cat /var/run/nginx.pid` &>/dev/null
+
+	einfo "Sleeping 3 seconds before pid-files checking"
+	sleep 3
+
+	if [ ! -f /var/run/nginx.pid.oldbin ]; then
+		eerror "File with old pid not found"
+		return 1
+	fi
+
+	if [ ! -f /var/run/nginx.pid ]; then
+		eerror "New binary failed to start"
+		return 1
+	fi
+
+	einfo "Sleeping 3 seconds before WINCH"
+	sleep 3 ; kill -WINCH `cat /var/run/nginx.pid.oldbin`
+
+	einfo "Sending QUIT to old binary"
+	kill -QUIT `cat /var/run/nginx.pid.oldbin`
+
+	einfo "Upgrade completed"
+
+	eend $? "Upgrade failed"
+}
+
+configtest() {
+	ebegin "Checking nginx' configuration"
+	/usr/sbin/nginx -c /etc/nginx/nginx.conf -t
+	eend $? "failed, please correct errors above"
+}

www-servers/nginx/files/nginx-secure-link-timeout.patch

@@ -0,0 +1,131 @@
+diff -Naur nginx-0.8.4.orig/src/http/modules/ngx_http_secure_link_module.c nginx-0.8.4/src/http/modules/ngx_http_secure_link_module.c
+--- nginx-0.8.4.orig/src/http/modules/ngx_http_secure_link_module.c	2009-05-13 14:44:15.000000000 +0200
++++ nginx-0.8.4/src/http/modules/ngx_http_secure_link_module.c	2009-05-13 15:00:49.000000000 +0200
+@@ -12,6 +12,7 @@
+ 
+ typedef struct {
+     ngx_str_t  secret;
++		time_t timeout;
+ } ngx_http_secure_link_conf_t;
+ 
+ 
+@@ -30,6 +31,12 @@
+       offsetof(ngx_http_secure_link_conf_t, secret),
+       NULL },
+ 
++			{ ngx_string("secure_link_timeout"),
++			NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++			ngx_conf_set_sec_slot,
++			NGX_HTTP_LOC_CONF_OFFSET,
++			offsetof(ngx_http_secure_link_conf_t, timeout),
++			NULL },
+       ngx_null_command
+ };
+ 
+@@ -67,22 +74,36 @@
+ 
+ static ngx_str_t  ngx_http_secure_link = ngx_string("secure_link");
+ 
++static u_char
++ngx_hex2int(u_char hex)
++{
++	hex = hex - '0';
++	if (hex > 9) {
++	hex = (hex + '0' - 1) | 0x20;
++	hex = hex - 'a' + 11;
++	}
++	if (hex > 15)
++	hex = 0xFF;
++
++	return hex;
++}
+ 
+ static ngx_int_t
+ ngx_http_secure_link_variable(ngx_http_request_t *r,
+      ngx_http_variable_value_t *v, uintptr_t data)
+ {
+-    u_char                        *p, *start, *end, *last;
+-    size_t                         len;
++		u_char *p, *start, *end, *last, *tss, *tse;
++		size_t                         len, tslen;
+     ngx_int_t                      n;
+     ngx_uint_t                     i;
+     ngx_md5_t                      md5;
++		time_t 												 ts;
+     ngx_http_secure_link_conf_t  *conf;
+     u_char                         hash[16];
+ 
+     conf = ngx_http_get_module_loc_conf(r, ngx_http_secure_link_module);
+ 
+-    if (conf->secret.len == 0) {
++		if (conf->secret.len == 0 || conf->timeout == 0) {
+         goto not_found;
+     }
+ 
+@@ -103,22 +124,46 @@
+     while (p < last) {
+         if (*p++ == '/') {
+             end = p - 1;
+-            goto url_start;
++						goto tstamp_start;
+         }
+     }
+ 
+     goto not_found;
+ 
++		tstamp_start:
++
++		tss = p;
++
++		while (p < last) {
++			if (*p++ == '/') {
++			tse = p - 1;
++			goto url_start;
++		}
++	}
++
++	goto not_found;
++
+ url_start:
+ 
++		tslen = tse - tss;
+     len = last - p;
+ 
+-    if (end - start != 32 || len == 0) {
++		if (end - start != 32 || len == 0 || tslen != 8) {
+         goto not_found;
+     }
+ 
++		ts = 0;
++		for (i = 0; i < 8; i++) {
++		ts = (ts << 4) + ngx_hex2int(tss[i]);
++		}
++
++		if (ts < r->start_sec - conf->timeout) {
++			goto not_found;
++		}
++
+     ngx_md5_init(&md5);
+     ngx_md5_update(&md5, p, len);
++		ngx_md5_update(&md5, tss, tslen);
+     ngx_md5_update(&md5, conf->secret.data, conf->secret.len);
+     ngx_md5_final(hash, &md5);
+ 
+@@ -160,7 +205,8 @@
+      *
+      *     conf->secret = { 0, NULL }
+      */
+-
++		
++		conf->timeout = NGX_CONF_UNSET;
+     return conf;
+ }
+ 
+@@ -172,6 +218,7 @@
+     ngx_http_secure_link_conf_t *conf = child;
+ 
+     ngx_conf_merge_str_value(conf->secret, prev->secret, "");
++		ngx_conf_merge_sec_value(conf->timeout, prev->timeout, 3600);
+ 
+     return NGX_CONF_OK;
+ }

www-servers/nginx/files/nginx.conf

@@ -0,0 +1,66 @@
+user  apache apache;
+
+worker_processes  5;
+
+error_log /var/log/nginx/error_log warn;
+
+events {
+	connections  2048;
+}
+
+http {
+	include       /etc/nginx/mime.types;
+	default_type  application/octet-stream;
+
+	log_format main  '%addr - - [%time] "%request" %status '
+                         '%length "%{Referer}i" "%{User-Agent}i" ';
+
+	log_format download  '%addr - - [%time] "%request" %status '
+                             '%length "%{Referer}i" "%{User-Agent}i" '
+                             '"%{Range}i" "%{Content-Range}o"';
+
+	post_accept_timeout    60;
+	client_header_timeout  3m;
+	client_body_timeout    3m;
+	send_timeout           3m;
+
+	connection_pool_size         256;
+	client_header_buffer_size    1k;
+	large_client_header_buffers  4 2k;
+	request_pool_size            4k;
+
+	gzip on;
+	gzip_min_length  1100;
+	gzip_buffers     4 8k;
+	gzip_types       text/plain;
+
+	output_buffers   1 32k;
+	postpone_output  1460;
+
+	sendfile         on;
+	tcp_nopush       on;
+	tcp_nodelay      on;
+
+	keepalive_timeout  75 20;
+	
+	server {
+		listen  80;
+
+	        charset         on;
+        	source_charset  koi8-r;
+
+		access_log   /var/log/nginx/access_log  main;
+
+	        location / {
+        		root   /var/www/localhost/htdocs;
+			index  index.html;
+			allow all;
+	        }
+
+		location ~* ^.+\.(jpg|jpeg|gif)$ {
+			root         /var/www/localhost/htdocs;
+			access_log   off;
+			expires      30d;
+		}
+	}
+}

www-servers/nginx/files/nginx.conf-r1

@@ -0,0 +1,55 @@
+user  apache apache;
+
+worker_processes  1;
+
+error_log /var/log/nginx/error_log info;
+
+events {
+	worker_connections  8192;
+	use epoll;
+}
+
+http {
+	include		/etc/nginx/mime.types;
+	default_type	application/octet-stream;
+
+	log_format main
+		'$remote_addr - $remote_user [$time_local] '
+        	'"$request" $status $bytes_sent '
+		'"$http_referer" "$http_user_agent" '
+		'"$gzip_ratio"';
+									       
+	client_header_timeout	10m;
+	client_body_timeout	10m;
+	send_timeout		10m;
+
+	connection_pool_size		256;
+	client_header_buffer_size	1k;
+	large_client_header_buffers	4 2k;
+	request_pool_size		4k;
+
+	gzip on;
+	gzip_min_length	1100;
+	gzip_buffers	4 8k;
+	gzip_types	text/plain;
+
+	output_buffers	1 32k;
+	postpone_output	1460;
+
+	sendfile	on;
+	tcp_nopush	on;
+	tcp_nodelay	on;
+
+	keepalive_timeout	75 20;
+
+	ignore_invalid_headers	on;
+
+	server {
+		listen		127.0.0.1;
+		server_name	localhost;
+
+		access_log	/var/log/nginx/access_log info;
+
+		root /var/www/localhost/htdocs;
+	}
+}

www-servers/nginx/files/nginx.conf-r2

@@ -0,0 +1,58 @@
+user  apache apache;
+
+worker_processes  1;
+
+error_log /var/log/nginx/error_log info;
+
+events {
+	worker_connections  8192;
+	use epoll;
+}
+
+http {
+	include		/etc/nginx/mime.types;
+	default_type	application/octet-stream;
+
+	log_format main
+		'$remote_addr - $remote_user [$time_local] '
+        	'"$request" $status $bytes_sent '
+		'"$http_referer" "$http_user_agent" '
+		'"$gzip_ratio"';
+									       
+	client_header_timeout	10m;
+	client_body_timeout	10m;
+	send_timeout		10m;
+
+	connection_pool_size		256;
+	client_header_buffer_size	1k;
+	large_client_header_buffers	4 2k;
+	request_pool_size		4k;
+
+	gzip on;
+	gzip_min_length	1100;
+	gzip_buffers	4 8k;
+	gzip_types	text/plain;
+
+	output_buffers	1 32k;
+	postpone_output	1460;
+
+	sendfile	on;
+	tcp_nopush	on;
+	tcp_nodelay	on;
+
+	keepalive_timeout	75 20;
+
+	ignore_invalid_headers	on;
+
+	index index.html;
+
+	server {
+		listen		127.0.0.1;
+		server_name	localhost;
+
+		access_log	/var/log/nginx/localhost.access_log main;
+		error_log	/var/log/nginx/localhost.error_log;
+
+		root /var/www/localhost/htdocs;
+	}
+}

www-servers/nginx/files/nginx.conf-r3

@@ -0,0 +1,57 @@
+user nginx nginx;
+worker_processes 1;
+
+error_log /var/log/nginx/error_log info;
+
+events {
+	worker_connections  8192;
+	use epoll;
+}
+
+http {
+	include		/etc/nginx/mime.types;
+	default_type	application/octet-stream;
+
+	log_format main
+		'$remote_addr - $remote_user [$time_local] '
+        	'"$request" $status $bytes_sent '
+		'"$http_referer" "$http_user_agent" '
+		'"$gzip_ratio"';
+									       
+	client_header_timeout	10m;
+	client_body_timeout	10m;
+	send_timeout		10m;
+
+	connection_pool_size		256;
+	client_header_buffer_size	1k;
+	large_client_header_buffers	4 2k;
+	request_pool_size		4k;
+
+	gzip on;
+	gzip_min_length	1100;
+	gzip_buffers	4 8k;
+	gzip_types	text/plain;
+
+	output_buffers	1 32k;
+	postpone_output	1460;
+
+	sendfile	on;
+	tcp_nopush	on;
+	tcp_nodelay	on;
+
+	keepalive_timeout	75 20;
+
+	ignore_invalid_headers	on;
+
+	index index.html;
+
+	server {
+		listen		127.0.0.1;
+		server_name	localhost;
+
+		access_log	/var/log/nginx/localhost.access_log main;
+		error_log	/var/log/nginx/localhost.error_log;
+
+		root /var/www/localhost/htdocs;
+	}
+}

www-servers/nginx/files/nginx.conf-r4

@@ -0,0 +1,72 @@
+user nginx nginx;
+worker_processes 1;
+
+error_log /var/log/nginx/error_log info;
+
+events {
+	worker_connections  8192;
+	use epoll;
+}
+
+http {
+	include		/etc/nginx/mime.types;
+	default_type	application/octet-stream;
+
+	log_format main
+		'$remote_addr - $remote_user [$time_local] '
+        	'"$request" $status $bytes_sent '
+		'"$http_referer" "$http_user_agent" '
+		'"$gzip_ratio"';
+									       
+	client_header_timeout	10m;
+	client_body_timeout	10m;
+	send_timeout		10m;
+
+	connection_pool_size		256;
+	client_header_buffer_size	1k;
+	large_client_header_buffers	4 2k;
+	request_pool_size		4k;
+
+	gzip on;
+	gzip_min_length	1100;
+	gzip_buffers	4 8k;
+	gzip_types	text/plain;
+
+	output_buffers	1 32k;
+	postpone_output	1460;
+
+	sendfile	on;
+	tcp_nopush	on;
+	tcp_nodelay	on;
+
+	keepalive_timeout	75 20;
+
+	ignore_invalid_headers	on;
+
+	index index.html;
+
+	server {
+		listen		127.0.0.1;
+		server_name	localhost;
+
+		access_log	/var/log/nginx/localhost.access_log main;
+		error_log	/var/log/nginx/localhost.error_log info;
+
+		root /var/www/localhost/htdocs;
+	}
+
+	##ssl portion
+	# server {
+	# 	listen		127.0.0.1:443;
+	# 	server_name	localhost;
+	# 	
+	# 	ssl on;
+	# 	ssl_certificate		/etc/ssl/nginx/nginx.pem;
+	# 	ssl_certificate_key	/etc/ssl/nginx/nginx.key;
+	# 	
+	# 	access_log	/var/log/nginx/localhost.ssl_access_log main;
+	# 	error_log	/var/log/nginx/localhost.ssl_error_log info;
+	# 
+	# 	root /var/www/localhost/htdocs;
+	# }
+}

www-servers/nginx/nginx-0.8.13.ebuild

@@ -0,0 +1,116 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/www-servers/nginx/nginx-0.8.13.ebuild,v 1.1 2009/09/06 19:45:39 voxus Exp $
+
+inherit eutils ssl-cert toolchain-funcs
+
+DESCRIPTION="Robust, small and high performance http and reverse proxy server"
+
+HOMEPAGE="http://nginx.net/"
+SRC_URI="http://sysoev.ru/nginx/${P}.tar.gz"
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86 ~x86-fbsd"
+IUSE="addition debug fastcgi flv imap ipv6 pcre perl random-index securelink ssl status sub webdav zlib"
+
+DEPEND="dev-lang/perl
+	pcre? ( >=dev-libs/libpcre-4.2 )
+	ssl? ( dev-libs/openssl )
+	zlib? ( sys-libs/zlib )
+	perl? ( >=dev-lang/perl-5.8 )"
+
+pkg_setup() {
+	ebegin "Creating nginx user and group"
+	enewgroup ${PN}
+	enewuser ${PN} -1 -1 -1 ${PN}
+	eend ${?}
+	if use ipv6; then
+		ewarn "Note that ipv6 support in nginx is still experimental."
+		ewarn "Be sure to read comments on gentoo bug #274614"
+		ewarn "http://bugs.gentoo.org/show_bug.cgi?id=274614"
+	fi
+}
+
+src_unpack() {
+	unpack ${A}
+	sed -i 's/ make/ \\$(MAKE)/' "${S}"/auto/lib/perl/make || die
+}
+
+src_compile() {
+	local myconf
+
+	# threads support is broken atm.
+	#
+	# if use threads; then
+	# 	einfo
+	# 	ewarn "threads support is experimental at the moment"
+	# 	ewarn "do not use it on production systems - you've been warned"
+	# 	einfo
+	# 	myconf="${myconf} --with-threads"
+	# fi
+
+	use addition && myconf="${myconf} --with-http_addition_module"
+	use ipv6	&& myconf="${myconf} --with-ipv6"
+	use fastcgi	|| myconf="${myconf} --without-http_fastcgi_module"
+	use fastcgi	&& myconf="${myconf} --with-http_realip_module"
+	use flv		&& myconf="${myconf} --with-http_flv_module"
+	use zlib	|| myconf="${myconf} --without-http_gzip_module"
+	use pcre	|| {
+		myconf="${myconf} --without-pcre --without-http_rewrite_module"
+	}
+	use debug	&& myconf="${myconf} --with-debug"
+	use ssl		&& myconf="${myconf} --with-http_ssl_module"
+	use imap	&& myconf="${myconf} --with-imap" # pop3/imap4 proxy support
+	use perl	&& myconf="${myconf} --with-http_perl_module"
+	use status	&& myconf="${myconf} --with-http_stub_status_module"
+	use webdav	&& myconf="${myconf} --with-http_dav_module"
+	use sub		&& myconf="${myconf} --with-http_sub_module"
+	use random-index	&& myconf="${myconf} --with-http_random_index_module"
+	use securelink && myconf="${myconf} --with-http_secure_link_module"
+
+	tc-export CC
+	./configure \
+		--prefix=/usr \
+		--conf-path=/etc/${PN}/${PN}.conf \
+		--http-log-path=/var/log/${PN}/access_log \
+		--error-log-path=/var/log/${PN}/error_log \
+		--pid-path=/var/run/${PN}.pid \
+		--http-client-body-temp-path=/var/tmp/${PN}/client \
+		--http-proxy-temp-path=/var/tmp/${PN}/proxy \
+		--http-fastcgi-temp-path=/var/tmp/${PN}/fastcgi \
+		--with-md5-asm --with-md5=/usr/include \
+		--with-sha1-asm --with-sha1=/usr/include \
+		${myconf} || die "configure failed"
+
+	emake LINK="${CC} ${LDFLAGS}" OTHERLDFLAGS="${LDFLAGS}" || die "failed to compile"
+}
+
+src_install() {
+	keepdir /var/log/${PN} /var/tmp/${PN}/{client,proxy,fastcgi}
+
+	dosbin objs/nginx
+	cp "${FILESDIR}"/nginx-r1 "${T}"/nginx
+	doinitd "${T}"/nginx
+
+	cp "${FILESDIR}"/nginx.conf-r4 conf/nginx.conf
+
+	dodir /etc/${PN}
+	insinto /etc/${PN}
+	doins conf/*
+
+	dodoc CHANGES{,.ru} README
+
+	use perl && {
+		cd "${S}"/objs/src/http/modules/perl/
+		einstall DESTDIR="${D}"|| die "failed to install perl stuff"
+	}
+}
+
+pkg_postinst() {
+	use ssl && {
+		if [ ! -f "${ROOT}"/etc/ssl/${PN}/${PN}.key ]; then
+			install_cert /etc/ssl/${PN}/${PN}
+			chown ${PN}:${PN} "${ROOT}"/etc/ssl/${PN}/${PN}.{crt,csr,key,pem}
+		fi
+	}
+}