Fine tune packages (#283)

Author: moubctez

.fpm

@@ -3,3 +3,4 @@
 --description "Defguard Edge service"
 --url "https://defguard.net/"
 --maintainer "Defguard"
+--config-files /etc/defguard/proxy.toml

.github/workflows/build-docker.yml

@@ -69,7 +69,7 @@ jobs:
           cache-to: type=gha,mode=max
 
       - name: Scan image with Trivy
-        uses: aquasecurity/trivy-action@0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
         with:
           image-ref: "${{ env.GHCR_REPO }}:${{ github.sha }}-${{ matrix.tag }}"
           format: "table"

.github/workflows/sbom.yml

@@ -33,7 +33,7 @@ jobs:
           submodules: recursive
 
       - name: Create SBOM with Trivy
-        uses: aquasecurity/trivy-action@0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
         with:
           scan-type: 'fs'
           format: 'spdx-json'
@@ -43,7 +43,7 @@ jobs:
           scanners: "vuln"
 
       - name: Create Docker image SBOM with Trivy
-        uses: aquasecurity/trivy-action@0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
         with:
           image-ref: "ghcr.io/defguard/defguard-proxy:${{ steps.vars.outputs.VERSION }}"
           scan-type: 'image'
@@ -53,7 +53,7 @@ jobs:
           scanners: "vuln"
 
       - name: Create security advisory file with Trivy
-        uses: aquasecurity/trivy-action@0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
         with:
           scan-type: 'fs'
           format: 'json'
@@ -63,7 +63,7 @@ jobs:
           scanners: "vuln"
 
       - name: Create Docker image security advisory file with Trivy
-        uses: aquasecurity/trivy-action@0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
         with:
           image-ref: "ghcr.io/defguard/defguard-proxy:${{ steps.vars.outputs.VERSION }}"
           scan-type: 'image'

.github/workflows/test.yml

@@ -37,7 +37,10 @@ jobs:
           submodules: recursive
 
       - name: Scan code with Trivy
-        uses: aquasecurity/trivy-action@0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
+        env:
+          TRIVY_IGNOREFILE: ".trivyignore.yaml"
+          TRIVY_SHOW_SUPPRESSED: 1
         with:
           scan-type: 'fs'
           scan-ref: '.'

.trivyignore.yaml

@@ -0,0 +1,4 @@
+vulnerabilities:
+  - id: GHSA-w5hq-g745-h8pq
+    expired_at: 2026-04-30
+    statement: 'Not yet fixed in dependencies'

Cargo.lock

@@ -6,15 +6,14 @@
 
 . /etc/rc.subr
 
-name="defguard"
-rcvar=defguard_enable
+name="defguard_proxy"
+rcvar=defguard_proxy_enable
 command="/usr/local/bin/defguard-proxy"
 config="/etc/defguard/proxy.toml"
-start_cmd="${name}_start"
+start_cmd="${name}_proxy_start"
 
-defguard_start()
-{
-  ${command} --config ${config} &
+defguard_proxy_start() {
+	${command} --config ${config} &
 }
 
 load_rc_config $name

freebsd/defguard-proxy

@@ -1,6 +1,6 @@
 [Unit]
 Description=Defguard Edge service
-Documentation=https://defguard.gitbook.io/defguard/
+Documentation=https://docs.defguard.net/
 Wants=network-online.target
 After=network-online.target