diff options
| author | Michał Polański <michal@polanski.me> | 2022-06-17 02:45:20 +0200 |
|---|---|---|
| committer | Michał Polański <michal@polanski.me> | 2022-06-17 04:04:54 +0200 |
| commit | aa9083b19e930ebffbfbd64cde9cde9b86ac3bfd (patch) | |
| tree | feac09c96416c836b28675ceb5867ce664c3155b | |
| parent | 020168ee68d733f66e2823237939a8bb511397ea (diff) | |
| download | aports-aa9083b19e930ebffbfbd64cde9cde9b86ac3bfd.tar.gz aports-aa9083b19e930ebffbfbd64cde9cde9b86ac3bfd.tar.bz2 aports-aa9083b19e930ebffbfbd64cde9cde9b86ac3bfd.tar.xz | |
testing/tang: new aport
Server for binding data to network presence
https://github.com/latchset/tang
| -rw-r--r-- | testing/tang/APKBUILD | 56 | ||||
| -rw-r--r-- | testing/tang/man-pages.patch | 20 | ||||
| -rw-r--r-- | testing/tang/tang.initd | 27 | ||||
| -rw-r--r-- | testing/tang/tang.pre-install | 10 | ||||
| -rw-r--r-- | testing/tang/tangd-wrapper | 4 |
5 files changed, 117 insertions, 0 deletions
diff --git a/testing/tang/APKBUILD b/testing/tang/APKBUILD new file mode 100644 index 0000000000..13ab0f8210 --- /dev/null +++ b/testing/tang/APKBUILD @@ -0,0 +1,56 @@ +# Contributor: Michał Polański <michal@polanski.me> +# Maintainer: Michał Polański <michal@polanski.me> +pkgname=tang +pkgver=11 +pkgrel=0 +pkgdesc="Server for binding data to network presence" +url="https://github.com/latchset/tang" +license="GPL-3.0-or-later" +arch="all" +depends="jose" +makedepends="asciidoc meson http-parser-dev jose-dev" +subpackages="$pkgname-dbg $pkgname-doc $pkgname-openrc" +install="$pkgname.pre-install" +source="https://github.com/latchset/tang/archive/v$pkgver/tang-$pkgver.tar.gz + $pkgname.initd + tangd-wrapper + man-pages.patch + " + +prepare() { + default_prepare + + # conform to FHS + find . -type f -exec sed -i 's|/var/db/tang|/var/lib/tang|g' {} \; +} + +build() { + abuild-meson . output + meson compile ${JOBS:+-j ${JOBS}} -C output +} + +check() { + meson test --no-rebuild -v -C output +} + +package() { + DESTDIR="$pkgdir" meson install --no-rebuild -C output + + install -Dm755 "$srcdir"/$pkgname.initd "$pkgdir"/etc/init.d/$pkgname + install -Dm755 "$srcdir"/tangd-wrapper -t "$pkgdir"/usr/libexec/ + + rm -r "$pkgdir"/usr/lib/systemd +} + +openrc() { + default_openrc + + depends="socat" +} + +sha512sums=" +a1115c7192224f2d09d026776768b4247632333ad152f2cb700567404ff33a220dc1280e4f588c6408775c4b9dc5049b5601bbee6336c8ff7f39ec6f28e26599 tang-11.tar.gz +b91085ab94e0f2b884ea2aa5a9ca966b4532426996f170cc78b903f4ed7b729f82dbbad9d0b9106ee74e287d38421f5eb409d1ab61cb96278cdec73fae82c44b tang.initd +d32a0da3ab91a42e6c2b2ebf00e9e4b7c95c329a0d13cc30a373c4b387d69e6ff62280d89b57b3c8809e57de953fb4abc9735ad6cad1d347ba6b64b500335d01 tangd-wrapper +5fabfcb62db2c40c171f0059a34165faae40c3c08a2631a1b2b1e15ef2bc5bd090f612622641af16d30cc01a971265bd9010f125cce254c628067c48312e382d man-pages.patch +" diff --git a/testing/tang/man-pages.patch b/testing/tang/man-pages.patch new file mode 100644 index 0000000000..643ecb8f4f --- /dev/null +++ b/testing/tang/man-pages.patch @@ -0,0 +1,20 @@ +diff --git a/doc/tang.8.adoc b/doc/tang.8.adoc +index 3031a13..36105bb 100644 +--- a/doc/tang.8.adoc ++++ b/doc/tang.8.adoc +@@ -40,13 +40,8 @@ protocol, see the Tang project's homepage. + + Getting a Tang server up and running is simple: + +-ifdef::freebsd[] +- $ sudo service tangd enable +- $ sudo service tangd start +-endif::[] +-ifndef::freebsd[] +- $ sudo systemctl enable tangd.socket --now +-endif::[] ++ $ doas rc-update add tang ++ $ doas service tang start + + That's it. The server is now running with a fresh set of cryptographic keys + and will automatically start on the next reboot. diff --git a/testing/tang/tang.initd b/testing/tang/tang.initd new file mode 100644 index 0000000000..13968543d9 --- /dev/null +++ b/testing/tang/tang.initd @@ -0,0 +1,27 @@ +#!/sbin/openrc-run + +name="Tang server" +description="Server for binding data to network presence" + +: ${tang_port:="7500"} +: ${tang_address:="127.0.0.1"} +: ${socat_address:="tcp-listen:$tang_port,bind=$tang_address,fork"} + +command="/usr/bin/socat" +command_user="tang:tang" +command_args="$socat_address exec:/usr/libexec/tangd-wrapper" +command_background="yes" + +extra_commands="rotate_keys" +description_rotate_keys="Perform rotation of tang keys" +pidfile="/run/$RC_SVCNAME.pid" + +rotate_keys() { + ebegin "Performing rotation of tang keys" + su ${command_user%:*} -s /bin/sh -c "/usr/libexec/tangd-rotate-keys -d /var/lib/tang" + eend $? +} + +start_pre() { + checkpath -d -m 0750 -o $command_user /var/lib/tang +} diff --git a/testing/tang/tang.pre-install b/testing/tang/tang.pre-install new file mode 100644 index 0000000000..5f19f24d01 --- /dev/null +++ b/testing/tang/tang.pre-install @@ -0,0 +1,10 @@ +#!/bin/sh + +user=tang +group=tang +gecos="Tang server" + +addgroup -S $group 2>/dev/null +adduser -S -D -H -h /var/lib/$user -s /sbin/nologin -G $group -g "$gecos" $user 2>/dev/null + +exit 0 diff --git a/testing/tang/tangd-wrapper b/testing/tang/tangd-wrapper new file mode 100644 index 0000000000..49a190814e --- /dev/null +++ b/testing/tang/tangd-wrapper @@ -0,0 +1,4 @@ +#!/bin/sh + +# pipe stderr to logger and leave stdin/stdout unaffected +{ /usr/libexec/tangd /var/lib/tang 2>&1 >&3 3>&- | logger -t tangd -p daemon.info 3>&-; } 3>&1 |