From 3df1c58ee5e23f59f71b3e495e6b863cda27ed5f Mon Sep 17 00:00:00 2001 From: xrs Date: Sat, 28 Sep 2019 19:11:28 +0200 Subject: [PATCH] add contrib/alpine --- contrib/alpine/gnunet-gtk/APKBUILD | 41 +++++++ contrib/alpine/gnunet/APKBUILD | 102 ++++++++++++++++++ .../gnunet/gnunet-system-services.initd | 16 +++ contrib/alpine/gnunet/gnunet-system.conf | 3 + .../alpine/gnunet/gnunet-user-services.initd | 33 ++++++ contrib/alpine/gnunet/gnunet-user.conf | 3 + contrib/alpine/gnunet/gnunet.post-deinstall | 6 ++ contrib/alpine/gnunet/gnunet.post-install | 44 ++++++++ contrib/alpine/gnunet/gnunet.pre-deinstall | 33 ++++++ contrib/alpine/gnunet/gnunet.pre-install | 17 +++ contrib/alpine/gnunet/gnunet.xsession | 54 ++++++++++ contrib/alpine/gnurl/APKBUILD | 84 +++++++++++++++ 12 files changed, 436 insertions(+) create mode 100644 contrib/alpine/gnunet-gtk/APKBUILD create mode 100644 contrib/alpine/gnunet/APKBUILD create mode 100644 contrib/alpine/gnunet/gnunet-system-services.initd create mode 100644 contrib/alpine/gnunet/gnunet-system.conf create mode 100644 contrib/alpine/gnunet/gnunet-user-services.initd create mode 100644 contrib/alpine/gnunet/gnunet-user.conf create mode 100644 contrib/alpine/gnunet/gnunet.post-deinstall create mode 100644 contrib/alpine/gnunet/gnunet.post-install create mode 100644 contrib/alpine/gnunet/gnunet.pre-deinstall create mode 100644 contrib/alpine/gnunet/gnunet.pre-install create mode 100644 contrib/alpine/gnunet/gnunet.xsession create mode 100644 contrib/alpine/gnurl/APKBUILD diff --git a/contrib/alpine/gnunet-gtk/APKBUILD b/contrib/alpine/gnunet-gtk/APKBUILD new file mode 100644 index 000000000..71b12b237 --- /dev/null +++ b/contrib/alpine/gnunet-gtk/APKBUILD @@ -0,0 +1,41 @@ +# Contributor: xrs +# Maintainer: xrs +pkgname="gnunet-gtk" +pkgver="0.11.5" +pkgrel=0 +pkgdesc="Graphical user interface for GNUnet" +url="https://gnunet.org" +arch="all" +license="GPL-3.0" +depends="gnunet gtk+3.0 glade" +makedepends="gnunet-dev gtk+3.0-dev glade-dev" +install="" +subpackages="$pkgname-dev $pkgname-doc" +source="https://mirrors.ocf.berkeley.edu/gnu/gnunet/$pkgname-$pkgver.tar.gz" +builddir="$srcdir/$pkgname-$pkgver" +options="!check" # The GNUnet project lacks a good CI at the moment. + +build() { + cd "$builddir" + ./configure \ + --build=$CBUILD \ + --host=$CHOST \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/share/man \ + --localstatedir=/var \ + --disable-fs-app \ + --disable-conversation-app + make +} + +check() { + make DESTDIR="$pkgdir" check + exit 0 +} + +package() { + make DESTDIR="$pkgdir" install +} + +sha512sums="8cd5bcadba070396b9b9b4849678bda362ba274f7d8e0c4dfc0bd793ac103a8a94949a472d992c90f21ddb7db16b14ea23a199acd4cf2e52f985e15205d2f5a9 gnunet-gtk-0.11.5.tar.gz" diff --git a/contrib/alpine/gnunet/APKBUILD b/contrib/alpine/gnunet/APKBUILD new file mode 100644 index 000000000..c68e03d67 --- /dev/null +++ b/contrib/alpine/gnunet/APKBUILD @@ -0,0 +1,102 @@ +# Contributor: xrs +# Maintainer: xrs +pkgname="gnunet" +pkgver="0.11.6" +pkgrel=0 +pkgdesc="A framework for secure and privacy enhancing peer-to-peer networking" +url="https://gnunet.org" +arch="all" +license="AGPL-3.0" +depends="libgpg-error libgcrypt nettle unbound-libs gnutls gnutls-utils gnurl + libgnurl libmicrohttpd openssl libunistring libidn2 nss sqlite zlib + miniupnpc gmp gettext bash which iptables coreutils sudo" +depends_dev="libgpg-error-dev libgcrypt-dev nettle-dev unbound-dev gnutls-dev + gnurl-dev libmicrohttpd-dev openssl-dev libunistring-dev libidn2-dev + nss-dev sqlite-dev zlib-dev miniupnpc-dev gmp-dev gettext" +makedepends="$depends_dev autoconf automake libtool gettext-dev python3 + texlive texinfo" +install="$pkgname.pre-install $pkgname.post-install $pkgname.pre-deinstall + $pkgname.post-deinstall" +pkgusers="gnunet" +pkggroups="gnunet gnunetdns" +subpackages="$pkgname-dev $pkgname-doc $pkgname-lang" +builddir="$srcdir/$pkgname-$pkgver" +options="!check suid" # No check because The GNUnet project lacks a good CI at the moment. +source="https://mirrors.ocf.berkeley.edu/gnu/gnunet/$pkgname-$pkgver.tar.gz + gnunet-system.conf + gnunet-user.conf + gnunet-system-services.initd + gnunet-user-services.initd + gnunet.xsession + " + +prepare() { + cd "$builddir" + default_prepare + autoreconf -if # FIXME: See https://bugs.gnunet.org/view.php?id=5902 +} + +build() { + cd "$builddir" + ./configure \ + --build=$CBUILD \ + --host=$CHOST \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/share/man \ + --localstatedir=/var \ + --enable-logging=verbose + make +} + +check() { + make DESTDIR="$pkgdir" check + exit 0 +} + +package() { + make DESTDIR="$pkgdir" install + + libexecdir=$pkgdir/usr/lib/gnunet/libexec/ + # Limit access to critical gnunet-helper-dns to group "gnunetdns" + chgrp gnunetdns $libexecdir/gnunet-helper-dns + chgrp gnunetdns $libexecdir/gnunet-service-dns + # Limit access to certain SUID binaries by group "gnunet" + chgrp gnunet $libexecdir/gnunet-helper-exit + chgrp gnunet $libexecdir/gnunet-helper-vpn + chgrp gnunet $libexecdir/gnunet-helper-nat-client + chgrp gnunet $libexecdir/gnunet-helper-nat-server + chmod u+s $libexecdir/gnunet-helper-exit + chmod u+s $libexecdir/gnunet-helper-vpn + chmod 2750 $libexecdir/gnunet-helper-dns + chmod 2700 $libexecdir/gnunet-service-dns + chmod u+s $libexecdir/gnunet-helper-nat-client + chmod u+s $libexecdir/gnunet-helper-nat-server + + install -m644 -D $srcdir/$pkgname-user.conf \ + $pkgdir/etc/skel/.config/$pkgname.conf + install -m644 -D $srcdir/$pkgname-system.conf \ + $pkgdir/etc/$pkgname.conf + install -m755 -D $srcdir/$pkgname-system-services.initd \ + $pkgdir/etc/init.d/$pkgname-system-services + install -m755 -D $srcdir/$pkgname-user-services.initd \ + $pkgdir/etc/init.d/$pkgname-user-services + install -m755 -D $srcdir/$pkgname.xsession \ + $pkgdir/etc/X11/xinit/xinitrc.d/80-$pkgname-user-services +} + +dev() { + default_dev + + # dev() will move gnunet-config from $pkg to $pkg-dev, but it's an + # intended part of $pkg. + install -m755 -D $builddir/src/util/.libs/gnunet-config \ + $pkgdir/usr/bin/gnunet-config +} + +sha512sums="1c6ea2ac7280d2edb30df627b79e017d199e93cd3970ce49f3f049abfb1dddfed541118e55766c422edf4a80e140c4eb2cfc681e0d4a1384e39811d024df9278 gnunet-0.11.6.tar.gz +a0f55413ed2c6edd6746a751d92ddac95ba70f20eefb07330817870d749456448f44bba95d245911a00f6078e0c2ac626004e3b764be5e5e049c00626c4c5ac0 gnunet-system.conf +b21112ff16aee771332aa9c33f55b0c7f46fe0266053543241e3efbe25dba56482c0e11112a192eefe59f1c74d2af5d7071b6a4e1e875cfc7e9d55b5fe8a0a33 gnunet-user.conf +ae7be0ecb8dfb9c4741706d5fe7a0ea2f87c88ddab549c80917a637b009922dfe3ad3ae6d8706c7a82b671da4e9f56f2208050ff7945c38100ca979438946413 gnunet-system-services.initd +5936adcca52a3e199f2cea4faf40a53a0280d453e189921db88c3f5d9b8502ac51ed2b926ade4e2fdb844bfc897ad1216ddba8060ac0d0a0d6648837509dfa35 gnunet-user-services.initd +0fe33317f99d0193a6eab9ce9bf9a3868a7021153f0e782839c086d5032ae164c40498fe7737a2c63ec11cb245132f86bda3f79fdcdf43c7497439b3aeac2bc7 gnunet.xsession" diff --git a/contrib/alpine/gnunet/gnunet-system-services.initd b/contrib/alpine/gnunet/gnunet-system-services.initd new file mode 100644 index 000000000..2dc603b2d --- /dev/null +++ b/contrib/alpine/gnunet/gnunet-system-services.initd @@ -0,0 +1,16 @@ +#!/sbin/openrc-run +# Contributor: xrs +# Maintainer: xrs + +name="gnunet-system-service" +description="A secure and privacy enhancing peer-to-peer overlay network" +command="/usr/lib/gnunet/libexec/gnunet-service-arm" +command_args="-c /etc/gnunet.conf" +command_user="gnunet:gnunet" +command_background="yes" +pidfile="/run/${SVCNAME}.pid" + +depend() { + need net + before gnunet-user-services +} diff --git a/contrib/alpine/gnunet/gnunet-system.conf b/contrib/alpine/gnunet/gnunet-system.conf new file mode 100644 index 000000000..303cf5f16 --- /dev/null +++ b/contrib/alpine/gnunet/gnunet-system.conf @@ -0,0 +1,3 @@ +[arm] +START_SYSTEM_SERVICES = YES +START_USER_SERVICES = NO diff --git a/contrib/alpine/gnunet/gnunet-user-services.initd b/contrib/alpine/gnunet/gnunet-user-services.initd new file mode 100644 index 000000000..915ff203e --- /dev/null +++ b/contrib/alpine/gnunet/gnunet-user-services.initd @@ -0,0 +1,33 @@ +#!/sbin/openrc-run +# Contributor: xrs +# Maintainer: xrs + +name="gnunet-user-services" +description="GNUnet user services" +command_background="yes" +pidfile="/run/${SVCNAME}.pid" +users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd` + +depend() { + need gnunet-system-services +} + +start() { + for user in $users; do + if test -z "`ps|grep $user|grep gnunet-service-arm`" > /dev/null 2>&1 + then + sudo -u $user gnunet-arm \ + -c /home/$user/.config/gnunet.conf -s + fi + done +} + +stop() { + for user in $users; do + if test -n "`ps|grep $user|grep gnunet-service-arm`" > /dev/null 2>&1 + then + sudo -u $user gnunet-arm \ + -c /home/$user/.config/gnunet.conf -e + fi + done +} diff --git a/contrib/alpine/gnunet/gnunet-user.conf b/contrib/alpine/gnunet/gnunet-user.conf new file mode 100644 index 000000000..22f1fe37a --- /dev/null +++ b/contrib/alpine/gnunet/gnunet-user.conf @@ -0,0 +1,3 @@ +[arm] +START_SYSTEM_SERVICES = NO +START_USER_SERVICES = YES diff --git a/contrib/alpine/gnunet/gnunet.post-deinstall b/contrib/alpine/gnunet/gnunet.post-deinstall new file mode 100644 index 000000000..ab98ab535 --- /dev/null +++ b/contrib/alpine/gnunet/gnunet.post-deinstall @@ -0,0 +1,6 @@ +#!/bin/sh + +deluser --remove-home gnunet # implicitly removes group gnunet +delgroup gnunetdns + +exit 0 diff --git a/contrib/alpine/gnunet/gnunet.post-install b/contrib/alpine/gnunet/gnunet.post-install new file mode 100644 index 000000000..926f8fdb1 --- /dev/null +++ b/contrib/alpine/gnunet/gnunet.post-install @@ -0,0 +1,44 @@ +#!/bin/sh + +# Enumerate users. +users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd` + +# Install gnunet.conf for existing users. +for user in $users; do + install -m644 -o $user -g $user -D /etc/skel/.config/gnunet.conf \ + /home/$user/.config/gnunet.conf +done + +# Enable GNS proxy for users, if desired. +echo "Use GNU Name System in Firefox/Chromium by default? [y,N]" +read -r yn +case $yn in +y|Y ) + # Enable GNS proxy for existant users. + for user in $users; do + port=$((8000+$(id -u $user))) + gnunet-config -c /home/$user/.config/gnunet.conf \ + --rewrite \ + --section=gns-proxy \ + --option=IMMEDIATE_START \ + --value=YES + gnunet-config -c /home/$user/.config/gnunet.conf \ + --rewrite \ + --section=gns-proxy \ + --option=OPTIONS \ + --value="-p $port" + done + + # Enable GNS proxy for future users. + echo "[gns-proxy]" >> /etc/skel/.config/gnunet.conf + echo "IMMEDIATE_START = YES" >> /etc/skel/.config/gnunet.conf + ;; +* ) + ;; +esac + +rc-update add gnunet-system-services +rc-update add gnunet-user-services +rc-service gnunet-user-services start # starts system services + +exit 0 diff --git a/contrib/alpine/gnunet/gnunet.pre-deinstall b/contrib/alpine/gnunet/gnunet.pre-deinstall new file mode 100644 index 000000000..8bb8737f8 --- /dev/null +++ b/contrib/alpine/gnunet/gnunet.pre-deinstall @@ -0,0 +1,33 @@ +#!/bin/sh + +# Stop and disable GNUnet system services. +rc-service gnunet-system-services stop # stops user services +rc-update del gnunet-system-services +rc-update del gnunet-user-services + +# Remove proxy settings from browser. +users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd` +for user in $users; do + gnunet_proxy=`grep -i "gns-proxy" /home/$user/.config/gnunet.conf` + if [ "$gnunet_proxy" ]; then + for ffprofile in /home/"$user"/.mozilla/firefox/*.*/; do + # Reset proxy preferences + js=$ffprofile/user.js + if [ -f $js ]; then + sed -i '/Preferences for using the GNU Name System/d' $js + sed -i '/network.proxy.socks/d' $js + sed -i '/network.proxy.socks_port/d' $js + sed -i '/network.proxy.socks_remote_dns/d' $js + sed -i '/network.proxy.type/d' $js + fi + done + + # Chromium + profile=/home/$user/.profile + if [ -f $profile ]; then + sed -i '/CHROMIUM_USER_FLAGS/d' $profile + fi + fi +done + +exit 0 diff --git a/contrib/alpine/gnunet/gnunet.pre-install b/contrib/alpine/gnunet/gnunet.pre-install new file mode 100644 index 000000000..7166279f9 --- /dev/null +++ b/contrib/alpine/gnunet/gnunet.pre-install @@ -0,0 +1,17 @@ +#!/bin/sh + +# Add special group gnunetdns for controlling access to "gnunet-helper-dns". +addgroup -S gnunetdns 2>/dev/null +addgroup -S gnunet 2>/dev/null + +# Add system user/group gnunet for system services +adduser -S -h "/var/lib/gnunet" -s /bin/sh \ + -G gnunet -g gnunet gnunet 2>/dev/null + +# add users on host system to group "gnunet" +users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd` +for user in $users; do + adduser $user gnunet 2>/dev/null +done + +exit 0 diff --git a/contrib/alpine/gnunet/gnunet.xsession b/contrib/alpine/gnunet/gnunet.xsession new file mode 100644 index 000000000..2d2bb392a --- /dev/null +++ b/contrib/alpine/gnunet/gnunet.xsession @@ -0,0 +1,54 @@ +#!/bin/sh +user=`whoami` +gnunet_proxy=`gnunet-config -c /etc/skel/.config/gnunet.conf -s gns-proxy|grep 'IMMEDIATE_START = YES'` + +# Enable GNS proxy for new users informed by /etc/skel. +if [ "$gnunet_proxy" ]; then + + # Calculate user specific port + port=$((8000+$(id -u $user))) + + gnunet-config -c /home/$user/.config/gnunet.conf \ + --rewrite \ + --section=gns-proxy \ + --option=OPTIONS \ + --value="-p $port" + + # Firefox + if [ ! -d ~/.mozilla/firefox/*.default ];then + timeout 3s firefox --headless # dirty: create profile if not existent + fi + for ffprofile in ~/.mozilla/firefox/*.*/; do + js=$ffprofile/user.js + if [ -f $js ]; then + sed -i '/Preferences for using the GNU Name System/d' $js + sed -i '/network.proxy.socks/d' $js + sed -i '/network.proxy.socks_port/d' $js + sed -i '/network.proxy.socks_remote_dns/d' $js + sed -i '/network.proxy.type/d' $js + fi + echo "// Preferences for using the GNU Name System" >> $js + echo "user_pref(\"network.proxy.socks\", \"localhost\");" >> $js + echo "user_pref(\"network.proxy.socks_port\", $port);" >> $js + echo "user_pref(\"network.proxy.socks_remote_dns\", true);" >> $js + echo "user_pref(\"network.proxy.type\", 1);" >> $js + done + + # Chromium + profile=/home/$user/.profile + if [ -f $profile ]; then + sed -i '/CHROMIUM_USER_FLAGS/d' $profile + fi + echo "export CHROMIUM_USER_FLAGS=--proxy-server=socks5://localhost:$port" \ + >> $profile +fi + +# Create/Renew GNS certificate authority (CA) per user. +gnunet-gns-proxy-setup-ca + +# In case a new user was added and gnunet-user-services has not been +# restarted afterwards, start user services after login. +if test -z "`ps|grep -v grep|grep $user|grep gnunet-service-arm`" > /dev/null 2>&1 +then + gnunet-arm -c /home/$user/.config/gnunet.conf -s +fi diff --git a/contrib/alpine/gnurl/APKBUILD b/contrib/alpine/gnurl/APKBUILD new file mode 100644 index 000000000..f8ff73a91 --- /dev/null +++ b/contrib/alpine/gnurl/APKBUILD @@ -0,0 +1,84 @@ +# Contributor: xrs +# Maintainer: xrs +pkgname=gnurl +pkgver=7.65.3 +pkgrel=0 +pkgdesc="curl with only HTTP/HTTPS support and GnuTLS" +url="https://gnunet.org/en/gnurl.html" +giturl="git://git.taler.net/gnurl.git" +arch="all" +license="MIT" +depends="ca-certificates gnutls libidn2 zlib" +depends_dev="gnutls-dev libidn2-dev zlib-dev" +makedepends="$depends_dev autoconf automake libtool perl pkgconf python3" +subpackages="$pkgname-dbg $pkgname-dev $pkgname-doc libgnurl" +source="https://ftp.gnu.org/gnu/gnunet/$pkgname-$pkgver.tar.gz" +builddir="$srcdir/$pkgname-$pkgver" + +prepare() { + default_prepare + cd "$builddir" + autoreconf -vfi +} + +build() { + cd "$builddir" + + ./configure \ + --build=$CBUILD \ + --host=$CHOST \ + --with-ca-bundle=/etc/ssl/certs/ca-certificates.crt \ + --prefix=/usr \ + --enable-ipv6 \ + --with-gnutls \ + --with-libidn2 \ + --without-libpsl \ + --without-libssh2 \ + --without-libmetalink \ + --without-winidn \ + --without-librtmp \ + --without-nghttp2 \ + --without-nss \ + --without-cyassl \ + --without-polarssl \ + --without-ssl \ + --without-winssl \ + --without-darwinssl \ + --disable-sspi \ + --disable-ntlm-wb \ + --disable-ldap \ + --disable-rtsp \ + --disable-dict \ + --disable-telnet \ + --disable-tftp \ + --disable-pop3 \ + --disable-imap \ + --disable-smtp \ + --disable-gopher \ + --disable-file \ + --disable-ftp \ + --disable-smb \ + --disable-ares + make +} + +check() { + cd "$builddir" + make -C tests nonflaky-test +} + +package() { + cd "$builddir" + make DESTDIR="$pkgdir" install + #install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING +} + +libgnurl() { + pkgdesc="curl library with only HTTP/HTTPS support and GnuTLS" + + mkdir -p "$subpkgdir"/usr + mv "$pkgdir"/usr/lib "$subpkgdir"/usr +} + + +sha512sums="51aa71352dfe2e65dbcf542cb616af1eaa7e80fbc4ddb455a338e74eea245724ac1fa7ff226c418101e8ba298a8f85c2be9e7d9190a57c66e2e8c65d0c5186f8 gnurl-7.65.3.tar.gz" -- 2.25.1