diff options
author | Sam James <sam@gentoo.org> | 2023-08-12 05:40:46 +0100 |
---|---|---|
committer | Sam James <sam@gentoo.org> | 2023-08-12 05:40:46 +0100 |
commit | 99f73017a1cff764354205ccb0e1b11ed77858d4 (patch) | |
tree | 84a311c40f7598464b81c15bd5f6cd85af0f2e78 /net-dns/dnscrypt-proxy | |
parent | dev-util/pkgconf: add 2.0.1, drop 2.0.0 (diff) | |
download | gentoo-99f73017a1cff764354205ccb0e1b11ed77858d4.tar.gz gentoo-99f73017a1cff764354205ccb0e1b11ed77858d4.tar.bz2 gentoo-99f73017a1cff764354205ccb0e1b11ed77858d4.zip |
net-dns/dnscrypt-proxy: add 2.1.5
- Drop USE=pie because the eclass handles it for us now
- Use ego helper
- Respect prefix in config paths
Closes: https://bugs.gentoo.org/912151
Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'net-dns/dnscrypt-proxy')
-rw-r--r-- | net-dns/dnscrypt-proxy/Manifest | 1 | ||||
-rw-r--r-- | net-dns/dnscrypt-proxy/dnscrypt-proxy-2.1.5.ebuild | 102 | ||||
-rw-r--r-- | net-dns/dnscrypt-proxy/dnscrypt-proxy-9999.ebuild | 14 | ||||
-rw-r--r-- | net-dns/dnscrypt-proxy/files/dnscrypt-proxy-2.1.5-config-full-paths.patch | 92 |
4 files changed, 202 insertions, 7 deletions
diff --git a/net-dns/dnscrypt-proxy/Manifest b/net-dns/dnscrypt-proxy/Manifest index fad6acc75562..537000cfa8d1 100644 --- a/net-dns/dnscrypt-proxy/Manifest +++ b/net-dns/dnscrypt-proxy/Manifest @@ -1 +1,2 @@ DIST dnscrypt-proxy-2.1.4.tar.gz 6897787 BLAKE2B 655011c98e335e0f605c093e5b12156afc9be88f0e14882e11cfdca1affa6de29830344e7c3aa7a5013f90a322f824d54e2db4d37a69395d344e90b0160e442b SHA512 4540d11432c4f35244b79f66b8926f8a1025e09010d8d313f0cd0d62e3fafcbd12bd24e9956ddf9cd8c1ec8aae997b031ab08dae4ee220bf31f33227ec6c07ca +DIST dnscrypt-proxy-2.1.5.tar.gz 4065395 BLAKE2B f8984121776565342c1920832839a9cebe8660eaa5f380baf5db6530a137efefbe270f61f9967426f3bea44110bf66b50524d2b891ec285eef1ad7329b1e305c SHA512 2c9a0e0896483b4453cb3779efd41205be8839e61e17b86701deb91e531676529a82b8859ae0975d121322ec8cc05bdd13a1324b8f56010692e1ac9f36a99d69 diff --git a/net-dns/dnscrypt-proxy/dnscrypt-proxy-2.1.5.ebuild b/net-dns/dnscrypt-proxy/dnscrypt-proxy-2.1.5.ebuild new file mode 100644 index 000000000000..74779702e9ac --- /dev/null +++ b/net-dns/dnscrypt-proxy/dnscrypt-proxy-2.1.5.ebuild @@ -0,0 +1,102 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit fcaps go-module prefix systemd + +DESCRIPTION="Flexible DNS proxy, with support for encrypted DNS protocols" +HOMEPAGE="https://github.com/DNSCrypt/dnscrypt-proxy" + +if [[ ${PV} == 9999 ]]; then + EGIT_REPO_URI="https://github.com/DNSCrypt/dnscrypt-proxy.git" + inherit git-r3 +else + SRC_URI="https://github.com/DNSCrypt/dnscrypt-proxy/archive/${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86" +fi + +LICENSE="Apache-2.0 BSD ISC MIT MPL-2.0" +SLOT="0" + +RDEPEND=" + acct-group/dnscrypt-proxy + acct-user/dnscrypt-proxy +" + +FILECAPS=( cap_net_bind_service+ep usr/bin/dnscrypt-proxy ) + +PATCHES=( + "${FILESDIR}"/${PN}-2.1.5-config-full-paths.patch +) + +src_compile() { + pushd "${PN}" >/dev/null || die + ego build -v -x -mod=readonly -mod=vendor + popd >/dev/null || die +} + +src_test() { + cd "${PN}" || die + ego test -mod=vendor +} + +src_install() { + pushd "${PN}" >/dev/null || die + + dobin dnscrypt-proxy + + eprefixify example-dnscrypt-proxy.toml + insinto /etc/dnscrypt-proxy + newins example-dnscrypt-proxy.toml dnscrypt-proxy.toml + doins example-{allowed,blocked}-{ips.txt,names.txt} + doins example-{cloaking-rules.txt,forwarding-rules.txt} + + popd >/dev/null || die + + insinto /usr/share/dnscrypt-proxy + doins -r "utils/generate-domains-blocklist/." + + newinitd "${FILESDIR}"/dnscrypt-proxy.initd dnscrypt-proxy + newconfd "${FILESDIR}"/dnscrypt-proxy.confd dnscrypt-proxy + + systemd_newunit "${FILESDIR}"/dnscrypt-proxy.service dnscrypt-proxy.service + systemd_newunit "${FILESDIR}"/dnscrypt-proxy.socket dnscrypt-proxy.socket + + insinto /etc/logrotate.d + newins "${FILESDIR}"/dnscrypt-proxy.logrotate dnscrypt-proxy + + einstalldocs +} + +pkg_postinst() { + fcaps_pkg_postinst + + if ! use filecaps; then + ewarn "'filecaps' USE flag is disabled" + ewarn "${PN} will fail to listen on port 53" + ewarn "please do one the following:" + ewarn "1) re-enable 'filecaps'" + ewarn "2) change port to > 1024" + ewarn "3) configure to run ${PN} as root (not recommended)" + ewarn + fi + + if systemd_is_booted || has_version sys-apps/systemd; then + elog "Using systemd socket activation may cause issues with speed" + elog "latency and reliability of ${PN} and is discouraged by upstream" + elog "Existing installations advised to disable 'dnscrypt-proxy.socket'" + elog "It is disabled by default for new installations" + elog "check "$(systemd_get_systemunitdir)/${PN}.service" for details" + elog + + fi + + elog "After starting the service you will need to update your" + elog "${EROOT}/etc/resolv.conf and replace your current set of resolvers" + elog "with:" + elog + elog "nameserver 127.0.0.1" + elog + elog "Also see https://github.com/DNSCrypt/${PN}/wiki" +} diff --git a/net-dns/dnscrypt-proxy/dnscrypt-proxy-9999.ebuild b/net-dns/dnscrypt-proxy/dnscrypt-proxy-9999.ebuild index f80bcb78727b..74779702e9ac 100644 --- a/net-dns/dnscrypt-proxy/dnscrypt-proxy-9999.ebuild +++ b/net-dns/dnscrypt-proxy/dnscrypt-proxy-9999.ebuild @@ -1,11 +1,11 @@ -# Copyright 1999-2022 Gentoo Authors +# Copyright 1999-2023 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 -inherit fcaps go-module systemd +inherit fcaps go-module prefix systemd -DESCRIPTION="A flexible DNS proxy, with support for encrypted DNS protocols" +DESCRIPTION="Flexible DNS proxy, with support for encrypted DNS protocols" HOMEPAGE="https://github.com/DNSCrypt/dnscrypt-proxy" if [[ ${PV} == 9999 ]]; then @@ -18,7 +18,6 @@ fi LICENSE="Apache-2.0 BSD ISC MIT MPL-2.0" SLOT="0" -IUSE="+pie" RDEPEND=" acct-group/dnscrypt-proxy @@ -28,18 +27,18 @@ RDEPEND=" FILECAPS=( cap_net_bind_service+ep usr/bin/dnscrypt-proxy ) PATCHES=( - "${FILESDIR}"/${PN}-2.1.2-config-full-paths.patch + "${FILESDIR}"/${PN}-2.1.5-config-full-paths.patch ) src_compile() { pushd "${PN}" >/dev/null || die - go build -v -x -mod=readonly -mod=vendor -buildmode="$(usex pie pie default)" || die + ego build -v -x -mod=readonly -mod=vendor popd >/dev/null || die } src_test() { cd "${PN}" || die - go test -mod=vendor -buildmode="$(usex pie pie default)" || die "Failed to run tests" + ego test -mod=vendor } src_install() { @@ -47,6 +46,7 @@ src_install() { dobin dnscrypt-proxy + eprefixify example-dnscrypt-proxy.toml insinto /etc/dnscrypt-proxy newins example-dnscrypt-proxy.toml dnscrypt-proxy.toml doins example-{allowed,blocked}-{ips.txt,names.txt} diff --git a/net-dns/dnscrypt-proxy/files/dnscrypt-proxy-2.1.5-config-full-paths.patch b/net-dns/dnscrypt-proxy/files/dnscrypt-proxy-2.1.5-config-full-paths.patch new file mode 100644 index 000000000000..31c927484d90 --- /dev/null +++ b/net-dns/dnscrypt-proxy/files/dnscrypt-proxy-2.1.5-config-full-paths.patch @@ -0,0 +1,92 @@ +--- a/dnscrypt-proxy/example-dnscrypt-proxy.toml ++++ b/dnscrypt-proxy/example-dnscrypt-proxy.toml +@@ -372,7 +372,7 @@ reject_ttl = 10 + + ## See the `example-forwarding-rules.txt` file for an example + +-# forwarding_rules = 'forwarding-rules.txt' ++# forwarding_rules = '@GENTOO_PORTAGE_EPREFIX@/etc/dnscrypt-proxy/forwarding-rules.txt' + + + +@@ -388,7 +388,7 @@ reject_ttl = 10 + ## + ## See the `example-cloaking-rules.txt` file for an example + +-# cloaking_rules = 'cloaking-rules.txt' ++# cloaking_rules = '@GENTOO_PORTAGE_EPREFIX@/etc/dnscrypt-proxy/cloaking-rules.txt' + + ## TTL used when serving entries in cloaking-rules.txt + +@@ -442,7 +442,7 @@ cache_neg_max_ttl = 600 + ## check for connectivity and captive portals, along with hard-coded + ## IP addresses to return. + +-# map_file = 'example-captive-portals.txt' ++# map_file = '@GENTOO_PORTAGE_EPREFIX@/etc/dnscrypt-proxy/example-captive-portals.txt' + + + +@@ -474,8 +474,8 @@ cache_neg_max_ttl = 600 + ## openssl req -x509 -nodes -newkey rsa:2048 -days 5000 -sha256 -keyout localhost.pem -out localhost.pem + ## See the documentation (wiki) for more information. + +-# cert_file = 'localhost.pem' +-# cert_key_file = 'localhost.pem' ++# cert_file = '@GENTOO_PORTAGE_EPREFIX@/etc/dnscrypt-proxy/localhost.pem' ++# cert_key_file = '@GENTOO_PORTAGE_EPREFIX@/etc/dnscrypt-proxy/localhost.pem' + + + +@@ -706,7 +706,7 @@ format = 'tsv' + + [sources.public-resolvers] + urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md'] +- cache_file = 'public-resolvers.md' ++ cache_file = '@GENTOO_PORTAGE_EPREFIX@/var/cache/dnscrypt-proxy/public-resolvers.md' + minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' + refresh_delay = 72 + prefix = '' +@@ -715,7 +715,7 @@ format = 'tsv' + + [sources.relays] + urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/relays.md', 'https://download.dnscrypt.info/resolvers-list/v3/relays.md'] +- cache_file = 'relays.md' ++ cache_file = '@GENTOO_PORTAGE_EPREFIX@/var/cache/dnscrypt-proxy/relays.md' + minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' + refresh_delay = 72 + prefix = '' +@@ -724,13 +724,13 @@ format = 'tsv' + + # [sources.odoh-servers] + # urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/odoh-servers.md', 'https://download.dnscrypt.info/resolvers-list/v3/odoh-servers.md'] +- # cache_file = 'odoh-servers.md' ++ # cache_file = '@GENTOO_PORTAGE_EPREFIX@/var/cache/dnscrypt-proxy/odoh-servers.md' + # minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' + # refresh_delay = 24 + # prefix = '' + # [sources.odoh-relays] + # urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/odoh-relays.md', 'https://download.dnscrypt.info/resolvers-list/v3/odoh-relays.md'] +- # cache_file = 'odoh-relays.md' ++ # cache_file = '@GENTOO_PORTAGE_EPREFIX@/var/cache/dnscrypt-proxy/odoh-relays.md' + # minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' + # refresh_delay = 24 + # prefix = '' +@@ -740,7 +740,7 @@ format = 'tsv' + # [sources.quad9-resolvers] + # urls = ['https://www.quad9.net/quad9-resolvers.md'] + # minisign_key = 'RWQBphd2+f6eiAqBsvDZEBXBGHQBJfeG6G+wJPPKxCZMoEQYpmoysKUN' +- # cache_file = 'quad9-resolvers.md' ++ # cache_file = '@GENTOO_PORTAGE_EPREFIX@/var/cache/dnscrypt-proxy/quad9-resolvers.md' + # prefix = 'quad9-' + + ### Another example source, with resolvers censoring some websites not appropriate for children +@@ -748,7 +748,7 @@ format = 'tsv' + + # [sources.parental-control] + # urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/parental-control.md', 'https://download.dnscrypt.info/resolvers-list/v3/parental-control.md'] +- # cache_file = 'parental-control.md' ++ # cache_file = '@GENTOO_PORTAGE_EPREFIX@/var/cache/dnscrypt-proxy/parental-control.md' + # minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3' + + |