diff options
author | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2019-03-20 17:48:18 -0700 |
---|---|---|
committer | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2019-03-20 17:48:18 -0700 |
commit | 396485121e908c56de5989189a5ef6c6743bcc3f (patch) | |
tree | dee11167ce98efd6bd343a914357c2e6f1dd2f38 | |
download | dnscrypt-proxy-396485121e908c56de5989189a5ef6c6743bcc3f.tar.xz |
Initial commit
-rw-r--r-- | PKGBUILD | 81 | ||||
-rw-r--r-- | configuration.diff | 117 | ||||
-rw-r--r-- | sysusers.d | 2 | ||||
-rw-r--r-- | tmpfiles.d | 1 |
4 files changed, 201 insertions, 0 deletions
diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 0000000..8759274 --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,81 @@ +# Maintainer: jc_gargma <jc_gargma@iserlohn-fortress.net> +# Maintainer (Arch): David Runge <dave@sleepmap.de> +# Contributor (Arch): Felix Yan <felixonmars@archlinux.org> +# Contributor (Arch): Techlive Zheng <techlivezheng at gmail dot com> +# Contributor (Arch): peace4all <markspost at rocketmail dot com> + +# # I maintain this because: +# I don't like the sysuser name +# Arch version has 1.x migration notice + +pkgname=dnscrypt-proxy +pkgver=2.0.21 +pkgrel=1 +pkgdesc="DNS proxy, supporting encrypted DNS protocols such as DNSCrypt v2 and DNS-over-HTTP" +arch=('x86_64') +url="https://dnscrypt.info" +license=('custom:ISC') +depends=('glibc') +makedepends=('git' 'go-pie') +backup=("etc/${pkgname}/${pkgname}.toml" + "etc/${pkgname}/blacklist.txt" + "etc/${pkgname}/cloaking-rules.txt" + "etc/${pkgname}/forwarding-rules.txt" + "etc/${pkgname}/ip-blacklist.txt" + "etc/${pkgname}/whitelist.txt" +) +source=("${pkgname}-${pkgver}.tar.gz::https://github.com/jedisct1/${pkgname}/archive/${pkgver}.tar.gz" + 'sysusers.d' + 'tmpfiles.d' + 'configuration.diff') +sha512sums=('e01869b963ef7454f9136d8ececc4e541dae489524e03cc2906fc3b661281bd6ebf5ef8b6dc29a6bcc1dabb638b9e74200b3ed48ebcd69cd3306e8bab5dd248a' + 'e302ea9b5556ba6e0342ebecbf6b55b68a8ad4e472f1790751074232fd5a478e643d2d94f7e12675b551b0849c83ad21b29cc3ea746d89fcdce1e9d5c59da1b2' + '1b89196341ae21f39efc46d2adc3d3458292d00f12cc4dc8d7e55b5e70856e6f8ed5f13ace76ae9b958b6eee5700f1df9cc07d828744349fa4ae0f41b382ef97' + '6144f3d33f3d85c9a4e5573f88e92f1b9d7118fd654072eeac6c3f76085086d4b2464e1d3579d8501153f453bc5125859d148fc3b3486d26368d1f51911aeb33') + +prepare() { + cd "$pkgname-$pkgver" + patch -Np1 -i ../configuration.diff + # create empty ip-blacklist.txt + touch "${pkgname}/ip-blacklist.txt" + # symlink upstream's vendor to src + ln -sfv vendor src + rm -v go.mod +} + +build() { + cd "$pkgname-$pkgver" + # set GOPATH + export GOPATH=$(pwd) + cd "${pkgname}" + go build -ldflags="-linkmode external -extldflags ${LDFLAGS} -s -w" +} + +package() { + cd $pkgname-$pkgver + # executable + install -vDm 755 "${pkgname}/${pkgname}" "${pkgdir}/usr/bin/${pkgname}" + # configuration + install -vDm 644 "${pkgname}/example-${pkgname}.toml" \ + "${pkgdir}/etc/${pkgname}/${pkgname}.toml" + install -vDm 644 "${pkgname}/example-blacklist.txt" \ + "${pkgdir}/etc/${pkgname}/blacklist.txt" + install -vDm 644 "${pkgname}/example-cloaking-rules.txt" \ + "${pkgdir}/etc/${pkgname}/cloaking-rules.txt" + install -vDm 644 "${pkgname}/example-forwarding-rules.txt" \ + "${pkgdir}/etc/${pkgname}/forwarding-rules.txt" + install -vDm 644 "${pkgname}/ip-blacklist.txt" \ + "${pkgdir}/etc/${pkgname}/ip-blacklist.txt" + install -vDm 644 "${pkgname}/example-whitelist.txt" \ + "${pkgdir}/etc/${pkgname}/whitelist.txt" + # license + install -vDm 644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" + # docs + install -vDm 644 {ChangeLog,README.md} \ + -t "${pkgdir}/usr/share/doc/${pkgname}" + + # sysusers.d + install -vDm 644 "$srcdir/sysusers.d" "$pkgdir/usr/lib/sysusers.d/${pkgname}.conf" + # tmpfiles.d + install -vDm 644 "$srcdir/tmpfiles.d" "$pkgdir/usr/lib/tmpfiles.d/${pkgname}.conf" +} diff --git a/configuration.diff b/configuration.diff new file mode 100644 index 0000000..a1b991f --- /dev/null +++ b/configuration.diff @@ -0,0 +1,117 @@ +diff -ruN dnscrypt-proxy-2.0.9-a/dnscrypt-proxy/example-dnscrypt-proxy.toml dnscrypt-proxy-2.0.9-b/dnscrypt-proxy/example-dnscrypt-proxy.toml +--- dnscrypt-proxy-2.0.9-a/dnscrypt-proxy/example-dnscrypt-proxy.toml 2018-04-11 14:05:16.000000000 +0200 ++++ dnscrypt-proxy-2.0.9-b/dnscrypt-proxy/example-dnscrypt-proxy.toml 2018-04-11 23:09:53.874362036 +0200 +@@ -96,12 +96,12 @@ + + ## log file for the application + +-# log_file = 'dnscrypt-proxy.log' ++# log_file = '/var/log/dnscrypt-proxy/dnscrypt-proxy.log' + + + ## Use the system logger (syslog on Unix, Event Log on Windows) + +-# use_syslog = true ++use_syslog = true + + + ## Delay, in minutes, after which certificates are reloaded +@@ -194,7 +194,7 @@ + ## example.com 9.9.9.9 + ## example.net 9.9.9.9,8.8.8.8,1.1.1.1 + +-# forwarding_rules = 'forwarding-rules.txt' ++# forwarding_rules = '/etc/dnscrypt-proxy/forwarding-rules.txt' + + + +@@ -210,7 +210,7 @@ + ## example.com 10.1.1.1 + ## www.google.com forcesafesearch.google.com + +-# cloaking_rules = 'cloaking-rules.txt' ++# cloaking_rules = '/etc/dnscrypt-proxy/cloaking-rules.txt' + + + +@@ -254,7 +254,7 @@ + + ## Path to the query log file (absolute, or relative to the same directory as the executable file) + +- # file = 'query.log' ++ # file = '/var/log/dnscrypt-proxy/query.log' + + + ## Query log format (currently supported: tsv and ltsv) +@@ -280,7 +280,7 @@ + + ## Path to the query log file (absolute, or relative to the same directory as the executable file) + +- # file = 'nx.log' ++ # file = '/var/log/dnscrypt-proxy/nx.log' + + + ## Query log format (currently supported: tsv and ltsv) +@@ -310,12 +310,12 @@ + + ## Path to the file of blocking rules (absolute, or relative to the same directory as the executable file) + +- # blacklist_file = 'blacklist.txt' ++ # blacklist_file = '/etc/dnscrypt-proxy/blacklist.txt' + + + ## Optional path to a file logging blocked queries + +- # log_file = 'blocked.log' ++ # log_file = '/var/log/dnscrypt-proxy/blocked.log' + + + ## Optional log format: tsv or ltsv (default: tsv) +@@ -338,12 +338,12 @@ + + ## Path to the file of blocking rules (absolute, or relative to the same directory as the executable file) + +- # blacklist_file = 'ip-blacklist.txt' ++ # blacklist_file = '/etc/dnscrypt-proxy/ip-blacklist.txt' + + + ## Optional path to a file logging blocked queries + +- # log_file = 'ip-blocked.log' ++ # log_file = '/var/log/dnscrypt-proxy/ip-blocked.log' + + + ## Optional log format: tsv or ltsv (default: tsv) +@@ -366,12 +366,12 @@ + + ## Path to the file of whitelisting rules (absolute, or relative to the same directory as the executable file) + +- # whitelist_file = 'whitelist.txt' ++ # whitelist_file = '/etc/dnscrypt-proxy/whitelist.txt' + + + ## Optional path to a file logging whitelisted queries + +- # log_file = 'whitelisted.log' ++ # log_file = '/var/log/dnscrypt-proxy/whitelisted.log' + + + ## Optional log format: tsv or ltsv (default: tsv) +@@ -441,7 +441,7 @@ + + [sources.'public-resolvers'] + urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md'] +- cache_file = 'public-resolvers.md' ++ cache_file = '/var/cache/dnscrypt-proxy/public-resolvers.md' + minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' + refresh_delay = 72 + prefix = '' +@@ -451,7 +451,7 @@ + + # [sources.'parental-control'] + # urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/parental-control.md', 'https://download.dnscrypt.info/resolvers-list/v2/parental-control.md'] +- # cache_file = 'parental-control.md' ++ # cache_file = '/var/cache/dnscrypt-proxy/parental-control.md' + # minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' + + diff --git a/sysusers.d b/sysusers.d new file mode 100644 index 0000000..a2f1453 --- /dev/null +++ b/sysusers.d @@ -0,0 +1,2 @@ +u dnscrypt-proxy - "DNSCrypt-proxy user" /var/lib/dnscrypt-proxy /bin/false +g dnscrypt-proxy - - - diff --git a/tmpfiles.d b/tmpfiles.d new file mode 100644 index 0000000..40187aa --- /dev/null +++ b/tmpfiles.d @@ -0,0 +1 @@ +f /run/dnscrypt-proxy.pid - dnscrypt-proxy dnscrypt-proxy |