diff options
author | xrs <xrs@mail36.net> | 2019-09-28 19:11:28 +0200 |
---|---|---|
committer | xrs <xrs@mail36.net> | 2019-09-28 19:11:28 +0200 |
commit | 3df1c58ee5e23f59f71b3e495e6b863cda27ed5f (patch) | |
tree | b84168292e24cef299dbd51c4d65f789de86d1e5 /contrib/alpine/gnunet | |
parent | cac1c211ba0247b978961630b7ee147956b29e0a (diff) | |
download | gnunet-3df1c58ee5e23f59f71b3e495e6b863cda27ed5f.tar.gz gnunet-3df1c58ee5e23f59f71b3e495e6b863cda27ed5f.zip |
add contrib/alpine
Diffstat (limited to 'contrib/alpine/gnunet')
-rw-r--r-- | contrib/alpine/gnunet/APKBUILD | 102 | ||||
-rw-r--r-- | contrib/alpine/gnunet/gnunet-system-services.initd | 16 | ||||
-rw-r--r-- | contrib/alpine/gnunet/gnunet-system.conf | 3 | ||||
-rw-r--r-- | contrib/alpine/gnunet/gnunet-user-services.initd | 33 | ||||
-rw-r--r-- | contrib/alpine/gnunet/gnunet-user.conf | 3 | ||||
-rw-r--r-- | contrib/alpine/gnunet/gnunet.post-deinstall | 6 | ||||
-rw-r--r-- | contrib/alpine/gnunet/gnunet.post-install | 44 | ||||
-rw-r--r-- | contrib/alpine/gnunet/gnunet.pre-deinstall | 33 | ||||
-rw-r--r-- | contrib/alpine/gnunet/gnunet.pre-install | 17 | ||||
-rw-r--r-- | contrib/alpine/gnunet/gnunet.xsession | 54 |
10 files changed, 311 insertions, 0 deletions
diff --git a/contrib/alpine/gnunet/APKBUILD b/contrib/alpine/gnunet/APKBUILD new file mode 100644 index 000000000..c68e03d67 --- /dev/null +++ b/contrib/alpine/gnunet/APKBUILD | |||
@@ -0,0 +1,102 @@ | |||
1 | # Contributor: xrs <xrs@mail36.net> | ||
2 | # Maintainer: xrs <xrs@mail36.net> | ||
3 | pkgname="gnunet" | ||
4 | pkgver="0.11.6" | ||
5 | pkgrel=0 | ||
6 | pkgdesc="A framework for secure and privacy enhancing peer-to-peer networking" | ||
7 | url="https://gnunet.org" | ||
8 | arch="all" | ||
9 | license="AGPL-3.0" | ||
10 | depends="libgpg-error libgcrypt nettle unbound-libs gnutls gnutls-utils gnurl | ||
11 | libgnurl libmicrohttpd openssl libunistring libidn2 nss sqlite zlib | ||
12 | miniupnpc gmp gettext bash which iptables coreutils sudo" | ||
13 | depends_dev="libgpg-error-dev libgcrypt-dev nettle-dev unbound-dev gnutls-dev | ||
14 | gnurl-dev libmicrohttpd-dev openssl-dev libunistring-dev libidn2-dev | ||
15 | nss-dev sqlite-dev zlib-dev miniupnpc-dev gmp-dev gettext" | ||
16 | makedepends="$depends_dev autoconf automake libtool gettext-dev python3 | ||
17 | texlive texinfo" | ||
18 | install="$pkgname.pre-install $pkgname.post-install $pkgname.pre-deinstall | ||
19 | $pkgname.post-deinstall" | ||
20 | pkgusers="gnunet" | ||
21 | pkggroups="gnunet gnunetdns" | ||
22 | subpackages="$pkgname-dev $pkgname-doc $pkgname-lang" | ||
23 | builddir="$srcdir/$pkgname-$pkgver" | ||
24 | options="!check suid" # No check because The GNUnet project lacks a good CI at the moment. | ||
25 | source="https://mirrors.ocf.berkeley.edu/gnu/gnunet/$pkgname-$pkgver.tar.gz | ||
26 | gnunet-system.conf | ||
27 | gnunet-user.conf | ||
28 | gnunet-system-services.initd | ||
29 | gnunet-user-services.initd | ||
30 | gnunet.xsession | ||
31 | " | ||
32 | |||
33 | prepare() { | ||
34 | cd "$builddir" | ||
35 | default_prepare | ||
36 | autoreconf -if # FIXME: See https://bugs.gnunet.org/view.php?id=5902 | ||
37 | } | ||
38 | |||
39 | build() { | ||
40 | cd "$builddir" | ||
41 | ./configure \ | ||
42 | --build=$CBUILD \ | ||
43 | --host=$CHOST \ | ||
44 | --prefix=/usr \ | ||
45 | --sysconfdir=/etc \ | ||
46 | --mandir=/usr/share/man \ | ||
47 | --localstatedir=/var \ | ||
48 | --enable-logging=verbose | ||
49 | make | ||
50 | } | ||
51 | |||
52 | check() { | ||
53 | make DESTDIR="$pkgdir" check | ||
54 | exit 0 | ||
55 | } | ||
56 | |||
57 | package() { | ||
58 | make DESTDIR="$pkgdir" install | ||
59 | |||
60 | libexecdir=$pkgdir/usr/lib/gnunet/libexec/ | ||
61 | # Limit access to critical gnunet-helper-dns to group "gnunetdns" | ||
62 | chgrp gnunetdns $libexecdir/gnunet-helper-dns | ||
63 | chgrp gnunetdns $libexecdir/gnunet-service-dns | ||
64 | # Limit access to certain SUID binaries by group "gnunet" | ||
65 | chgrp gnunet $libexecdir/gnunet-helper-exit | ||
66 | chgrp gnunet $libexecdir/gnunet-helper-vpn | ||
67 | chgrp gnunet $libexecdir/gnunet-helper-nat-client | ||
68 | chgrp gnunet $libexecdir/gnunet-helper-nat-server | ||
69 | chmod u+s $libexecdir/gnunet-helper-exit | ||
70 | chmod u+s $libexecdir/gnunet-helper-vpn | ||
71 | chmod 2750 $libexecdir/gnunet-helper-dns | ||
72 | chmod 2700 $libexecdir/gnunet-service-dns | ||
73 | chmod u+s $libexecdir/gnunet-helper-nat-client | ||
74 | chmod u+s $libexecdir/gnunet-helper-nat-server | ||
75 | |||
76 | install -m644 -D $srcdir/$pkgname-user.conf \ | ||
77 | $pkgdir/etc/skel/.config/$pkgname.conf | ||
78 | install -m644 -D $srcdir/$pkgname-system.conf \ | ||
79 | $pkgdir/etc/$pkgname.conf | ||
80 | install -m755 -D $srcdir/$pkgname-system-services.initd \ | ||
81 | $pkgdir/etc/init.d/$pkgname-system-services | ||
82 | install -m755 -D $srcdir/$pkgname-user-services.initd \ | ||
83 | $pkgdir/etc/init.d/$pkgname-user-services | ||
84 | install -m755 -D $srcdir/$pkgname.xsession \ | ||
85 | $pkgdir/etc/X11/xinit/xinitrc.d/80-$pkgname-user-services | ||
86 | } | ||
87 | |||
88 | dev() { | ||
89 | default_dev | ||
90 | |||
91 | # dev() will move gnunet-config from $pkg to $pkg-dev, but it's an | ||
92 | # intended part of $pkg. | ||
93 | install -m755 -D $builddir/src/util/.libs/gnunet-config \ | ||
94 | $pkgdir/usr/bin/gnunet-config | ||
95 | } | ||
96 | |||
97 | sha512sums="1c6ea2ac7280d2edb30df627b79e017d199e93cd3970ce49f3f049abfb1dddfed541118e55766c422edf4a80e140c4eb2cfc681e0d4a1384e39811d024df9278 gnunet-0.11.6.tar.gz | ||
98 | a0f55413ed2c6edd6746a751d92ddac95ba70f20eefb07330817870d749456448f44bba95d245911a00f6078e0c2ac626004e3b764be5e5e049c00626c4c5ac0 gnunet-system.conf | ||
99 | b21112ff16aee771332aa9c33f55b0c7f46fe0266053543241e3efbe25dba56482c0e11112a192eefe59f1c74d2af5d7071b6a4e1e875cfc7e9d55b5fe8a0a33 gnunet-user.conf | ||
100 | ae7be0ecb8dfb9c4741706d5fe7a0ea2f87c88ddab549c80917a637b009922dfe3ad3ae6d8706c7a82b671da4e9f56f2208050ff7945c38100ca979438946413 gnunet-system-services.initd | ||
101 | 5936adcca52a3e199f2cea4faf40a53a0280d453e189921db88c3f5d9b8502ac51ed2b926ade4e2fdb844bfc897ad1216ddba8060ac0d0a0d6648837509dfa35 gnunet-user-services.initd | ||
102 | 0fe33317f99d0193a6eab9ce9bf9a3868a7021153f0e782839c086d5032ae164c40498fe7737a2c63ec11cb245132f86bda3f79fdcdf43c7497439b3aeac2bc7 gnunet.xsession" | ||
diff --git a/contrib/alpine/gnunet/gnunet-system-services.initd b/contrib/alpine/gnunet/gnunet-system-services.initd new file mode 100644 index 000000000..2dc603b2d --- /dev/null +++ b/contrib/alpine/gnunet/gnunet-system-services.initd | |||
@@ -0,0 +1,16 @@ | |||
1 | #!/sbin/openrc-run | ||
2 | # Contributor: xrs <xrs@mail36.net> | ||
3 | # Maintainer: xrs <xrs@mail36.net> | ||
4 | |||
5 | name="gnunet-system-service" | ||
6 | description="A secure and privacy enhancing peer-to-peer overlay network" | ||
7 | command="/usr/lib/gnunet/libexec/gnunet-service-arm" | ||
8 | command_args="-c /etc/gnunet.conf" | ||
9 | command_user="gnunet:gnunet" | ||
10 | command_background="yes" | ||
11 | pidfile="/run/${SVCNAME}.pid" | ||
12 | |||
13 | depend() { | ||
14 | need net | ||
15 | before gnunet-user-services | ||
16 | } | ||
diff --git a/contrib/alpine/gnunet/gnunet-system.conf b/contrib/alpine/gnunet/gnunet-system.conf new file mode 100644 index 000000000..303cf5f16 --- /dev/null +++ b/contrib/alpine/gnunet/gnunet-system.conf | |||
@@ -0,0 +1,3 @@ | |||
1 | [arm] | ||
2 | START_SYSTEM_SERVICES = YES | ||
3 | START_USER_SERVICES = NO | ||
diff --git a/contrib/alpine/gnunet/gnunet-user-services.initd b/contrib/alpine/gnunet/gnunet-user-services.initd new file mode 100644 index 000000000..915ff203e --- /dev/null +++ b/contrib/alpine/gnunet/gnunet-user-services.initd | |||
@@ -0,0 +1,33 @@ | |||
1 | #!/sbin/openrc-run | ||
2 | # Contributor: xrs <xrs@mail36.net> | ||
3 | # Maintainer: xrs <xrs@mail36.net> | ||
4 | |||
5 | name="gnunet-user-services" | ||
6 | description="GNUnet user services" | ||
7 | command_background="yes" | ||
8 | pidfile="/run/${SVCNAME}.pid" | ||
9 | users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd` | ||
10 | |||
11 | depend() { | ||
12 | need gnunet-system-services | ||
13 | } | ||
14 | |||
15 | start() { | ||
16 | for user in $users; do | ||
17 | if test -z "`ps|grep $user|grep gnunet-service-arm`" > /dev/null 2>&1 | ||
18 | then | ||
19 | sudo -u $user gnunet-arm \ | ||
20 | -c /home/$user/.config/gnunet.conf -s | ||
21 | fi | ||
22 | done | ||
23 | } | ||
24 | |||
25 | stop() { | ||
26 | for user in $users; do | ||
27 | if test -n "`ps|grep $user|grep gnunet-service-arm`" > /dev/null 2>&1 | ||
28 | then | ||
29 | sudo -u $user gnunet-arm \ | ||
30 | -c /home/$user/.config/gnunet.conf -e | ||
31 | fi | ||
32 | done | ||
33 | } | ||
diff --git a/contrib/alpine/gnunet/gnunet-user.conf b/contrib/alpine/gnunet/gnunet-user.conf new file mode 100644 index 000000000..22f1fe37a --- /dev/null +++ b/contrib/alpine/gnunet/gnunet-user.conf | |||
@@ -0,0 +1,3 @@ | |||
1 | [arm] | ||
2 | START_SYSTEM_SERVICES = NO | ||
3 | START_USER_SERVICES = YES | ||
diff --git a/contrib/alpine/gnunet/gnunet.post-deinstall b/contrib/alpine/gnunet/gnunet.post-deinstall new file mode 100644 index 000000000..ab98ab535 --- /dev/null +++ b/contrib/alpine/gnunet/gnunet.post-deinstall | |||
@@ -0,0 +1,6 @@ | |||
1 | #!/bin/sh | ||
2 | |||
3 | deluser --remove-home gnunet # implicitly removes group gnunet | ||
4 | delgroup gnunetdns | ||
5 | |||
6 | exit 0 | ||
diff --git a/contrib/alpine/gnunet/gnunet.post-install b/contrib/alpine/gnunet/gnunet.post-install new file mode 100644 index 000000000..926f8fdb1 --- /dev/null +++ b/contrib/alpine/gnunet/gnunet.post-install | |||
@@ -0,0 +1,44 @@ | |||
1 | #!/bin/sh | ||
2 | |||
3 | # Enumerate users. | ||
4 | users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd` | ||
5 | |||
6 | # Install gnunet.conf for existing users. | ||
7 | for user in $users; do | ||
8 | install -m644 -o $user -g $user -D /etc/skel/.config/gnunet.conf \ | ||
9 | /home/$user/.config/gnunet.conf | ||
10 | done | ||
11 | |||
12 | # Enable GNS proxy for users, if desired. | ||
13 | echo "Use GNU Name System in Firefox/Chromium by default? [y,N]" | ||
14 | read -r yn | ||
15 | case $yn in | ||
16 | y|Y ) | ||
17 | # Enable GNS proxy for existant users. | ||
18 | for user in $users; do | ||
19 | port=$((8000+$(id -u $user))) | ||
20 | gnunet-config -c /home/$user/.config/gnunet.conf \ | ||
21 | --rewrite \ | ||
22 | --section=gns-proxy \ | ||
23 | --option=IMMEDIATE_START \ | ||
24 | --value=YES | ||
25 | gnunet-config -c /home/$user/.config/gnunet.conf \ | ||
26 | --rewrite \ | ||
27 | --section=gns-proxy \ | ||
28 | --option=OPTIONS \ | ||
29 | --value="-p $port" | ||
30 | done | ||
31 | |||
32 | # Enable GNS proxy for future users. | ||
33 | echo "[gns-proxy]" >> /etc/skel/.config/gnunet.conf | ||
34 | echo "IMMEDIATE_START = YES" >> /etc/skel/.config/gnunet.conf | ||
35 | ;; | ||
36 | * ) | ||
37 | ;; | ||
38 | esac | ||
39 | |||
40 | rc-update add gnunet-system-services | ||
41 | rc-update add gnunet-user-services | ||
42 | rc-service gnunet-user-services start # starts system services | ||
43 | |||
44 | exit 0 | ||
diff --git a/contrib/alpine/gnunet/gnunet.pre-deinstall b/contrib/alpine/gnunet/gnunet.pre-deinstall new file mode 100644 index 000000000..8bb8737f8 --- /dev/null +++ b/contrib/alpine/gnunet/gnunet.pre-deinstall | |||
@@ -0,0 +1,33 @@ | |||
1 | #!/bin/sh | ||
2 | |||
3 | # Stop and disable GNUnet system services. | ||
4 | rc-service gnunet-system-services stop # stops user services | ||
5 | rc-update del gnunet-system-services | ||
6 | rc-update del gnunet-user-services | ||
7 | |||
8 | # Remove proxy settings from browser. | ||
9 | users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd` | ||
10 | for user in $users; do | ||
11 | gnunet_proxy=`grep -i "gns-proxy" /home/$user/.config/gnunet.conf` | ||
12 | if [ "$gnunet_proxy" ]; then | ||
13 | for ffprofile in /home/"$user"/.mozilla/firefox/*.*/; do | ||
14 | # Reset proxy preferences | ||
15 | js=$ffprofile/user.js | ||
16 | if [ -f $js ]; then | ||
17 | sed -i '/Preferences for using the GNU Name System/d' $js | ||
18 | sed -i '/network.proxy.socks/d' $js | ||
19 | sed -i '/network.proxy.socks_port/d' $js | ||
20 | sed -i '/network.proxy.socks_remote_dns/d' $js | ||
21 | sed -i '/network.proxy.type/d' $js | ||
22 | fi | ||
23 | done | ||
24 | |||
25 | # Chromium | ||
26 | profile=/home/$user/.profile | ||
27 | if [ -f $profile ]; then | ||
28 | sed -i '/CHROMIUM_USER_FLAGS/d' $profile | ||
29 | fi | ||
30 | fi | ||
31 | done | ||
32 | |||
33 | exit 0 | ||
diff --git a/contrib/alpine/gnunet/gnunet.pre-install b/contrib/alpine/gnunet/gnunet.pre-install new file mode 100644 index 000000000..7166279f9 --- /dev/null +++ b/contrib/alpine/gnunet/gnunet.pre-install | |||
@@ -0,0 +1,17 @@ | |||
1 | #!/bin/sh | ||
2 | |||
3 | # Add special group gnunetdns for controlling access to "gnunet-helper-dns". | ||
4 | addgroup -S gnunetdns 2>/dev/null | ||
5 | addgroup -S gnunet 2>/dev/null | ||
6 | |||
7 | # Add system user/group gnunet for system services | ||
8 | adduser -S -h "/var/lib/gnunet" -s /bin/sh \ | ||
9 | -G gnunet -g gnunet gnunet 2>/dev/null | ||
10 | |||
11 | # add users on host system to group "gnunet" | ||
12 | users=`awk -F ':' '$3>=1000 && $3<2000 {print $1}' /etc/passwd` | ||
13 | for user in $users; do | ||
14 | adduser $user gnunet 2>/dev/null | ||
15 | done | ||
16 | |||
17 | exit 0 | ||
diff --git a/contrib/alpine/gnunet/gnunet.xsession b/contrib/alpine/gnunet/gnunet.xsession new file mode 100644 index 000000000..2d2bb392a --- /dev/null +++ b/contrib/alpine/gnunet/gnunet.xsession | |||
@@ -0,0 +1,54 @@ | |||
1 | #!/bin/sh | ||
2 | user=`whoami` | ||
3 | gnunet_proxy=`gnunet-config -c /etc/skel/.config/gnunet.conf -s gns-proxy|grep 'IMMEDIATE_START = YES'` | ||
4 | |||
5 | # Enable GNS proxy for new users informed by /etc/skel. | ||
6 | if [ "$gnunet_proxy" ]; then | ||
7 | |||
8 | # Calculate user specific port | ||
9 | port=$((8000+$(id -u $user))) | ||
10 | |||
11 | gnunet-config -c /home/$user/.config/gnunet.conf \ | ||
12 | --rewrite \ | ||
13 | --section=gns-proxy \ | ||
14 | --option=OPTIONS \ | ||
15 | --value="-p $port" | ||
16 | |||
17 | # Firefox | ||
18 | if [ ! -d ~/.mozilla/firefox/*.default ];then | ||
19 | timeout 3s firefox --headless # dirty: create profile if not existent | ||
20 | fi | ||
21 | for ffprofile in ~/.mozilla/firefox/*.*/; do | ||
22 | js=$ffprofile/user.js | ||
23 | if [ -f $js ]; then | ||
24 | sed -i '/Preferences for using the GNU Name System/d' $js | ||
25 | sed -i '/network.proxy.socks/d' $js | ||
26 | sed -i '/network.proxy.socks_port/d' $js | ||
27 | sed -i '/network.proxy.socks_remote_dns/d' $js | ||
28 | sed -i '/network.proxy.type/d' $js | ||
29 | fi | ||
30 | echo "// Preferences for using the GNU Name System" >> $js | ||
31 | echo "user_pref(\"network.proxy.socks\", \"localhost\");" >> $js | ||
32 | echo "user_pref(\"network.proxy.socks_port\", $port);" >> $js | ||
33 | echo "user_pref(\"network.proxy.socks_remote_dns\", true);" >> $js | ||
34 | echo "user_pref(\"network.proxy.type\", 1);" >> $js | ||
35 | done | ||
36 | |||
37 | # Chromium | ||
38 | profile=/home/$user/.profile | ||
39 | if [ -f $profile ]; then | ||
40 | sed -i '/CHROMIUM_USER_FLAGS/d' $profile | ||
41 | fi | ||
42 | echo "export CHROMIUM_USER_FLAGS=--proxy-server=socks5://localhost:$port" \ | ||
43 | >> $profile | ||
44 | fi | ||
45 | |||
46 | # Create/Renew GNS certificate authority (CA) per user. | ||
47 | gnunet-gns-proxy-setup-ca | ||
48 | |||
49 | # In case a new user was added and gnunet-user-services has not been | ||
50 | # restarted afterwards, start user services after login. | ||
51 | if test -z "`ps|grep -v grep|grep $user|grep gnunet-service-arm`" > /dev/null 2>&1 | ||
52 | then | ||
53 | gnunet-arm -c /home/$user/.config/gnunet.conf -s | ||
54 | fi | ||