aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichał Polański <michal@polanski.me>2022-06-17 02:45:20 +0200
committerMichał Polański <michal@polanski.me>2022-06-17 04:04:54 +0200
commitaa9083b19e930ebffbfbd64cde9cde9b86ac3bfd (patch)
treefeac09c96416c836b28675ceb5867ce664c3155b
parent020168ee68d733f66e2823237939a8bb511397ea (diff)
downloadaports-aa9083b19e930ebffbfbd64cde9cde9b86ac3bfd.tar.gz
aports-aa9083b19e930ebffbfbd64cde9cde9b86ac3bfd.tar.bz2
aports-aa9083b19e930ebffbfbd64cde9cde9b86ac3bfd.tar.xz
testing/tang: new aport
Server for binding data to network presence https://github.com/latchset/tang
-rw-r--r--testing/tang/APKBUILD56
-rw-r--r--testing/tang/man-pages.patch20
-rw-r--r--testing/tang/tang.initd27
-rw-r--r--testing/tang/tang.pre-install10
-rw-r--r--testing/tang/tangd-wrapper4
5 files changed, 117 insertions, 0 deletions
diff --git a/testing/tang/APKBUILD b/testing/tang/APKBUILD
new file mode 100644
index 0000000000..13ab0f8210
--- /dev/null
+++ b/testing/tang/APKBUILD
@@ -0,0 +1,56 @@
+# Contributor: Michał Polański <michal@polanski.me>
+# Maintainer: Michał Polański <michal@polanski.me>
+pkgname=tang
+pkgver=11
+pkgrel=0
+pkgdesc="Server for binding data to network presence"
+url="https://github.com/latchset/tang"
+license="GPL-3.0-or-later"
+arch="all"
+depends="jose"
+makedepends="asciidoc meson http-parser-dev jose-dev"
+subpackages="$pkgname-dbg $pkgname-doc $pkgname-openrc"
+install="$pkgname.pre-install"
+source="https://github.com/latchset/tang/archive/v$pkgver/tang-$pkgver.tar.gz
+ $pkgname.initd
+ tangd-wrapper
+ man-pages.patch
+ "
+
+prepare() {
+ default_prepare
+
+ # conform to FHS
+ find . -type f -exec sed -i 's|/var/db/tang|/var/lib/tang|g' {} \;
+}
+
+build() {
+ abuild-meson . output
+ meson compile ${JOBS:+-j ${JOBS}} -C output
+}
+
+check() {
+ meson test --no-rebuild -v -C output
+}
+
+package() {
+ DESTDIR="$pkgdir" meson install --no-rebuild -C output
+
+ install -Dm755 "$srcdir"/$pkgname.initd "$pkgdir"/etc/init.d/$pkgname
+ install -Dm755 "$srcdir"/tangd-wrapper -t "$pkgdir"/usr/libexec/
+
+ rm -r "$pkgdir"/usr/lib/systemd
+}
+
+openrc() {
+ default_openrc
+
+ depends="socat"
+}
+
+sha512sums="
+a1115c7192224f2d09d026776768b4247632333ad152f2cb700567404ff33a220dc1280e4f588c6408775c4b9dc5049b5601bbee6336c8ff7f39ec6f28e26599 tang-11.tar.gz
+b91085ab94e0f2b884ea2aa5a9ca966b4532426996f170cc78b903f4ed7b729f82dbbad9d0b9106ee74e287d38421f5eb409d1ab61cb96278cdec73fae82c44b tang.initd
+d32a0da3ab91a42e6c2b2ebf00e9e4b7c95c329a0d13cc30a373c4b387d69e6ff62280d89b57b3c8809e57de953fb4abc9735ad6cad1d347ba6b64b500335d01 tangd-wrapper
+5fabfcb62db2c40c171f0059a34165faae40c3c08a2631a1b2b1e15ef2bc5bd090f612622641af16d30cc01a971265bd9010f125cce254c628067c48312e382d man-pages.patch
+"
diff --git a/testing/tang/man-pages.patch b/testing/tang/man-pages.patch
new file mode 100644
index 0000000000..643ecb8f4f
--- /dev/null
+++ b/testing/tang/man-pages.patch
@@ -0,0 +1,20 @@
+diff --git a/doc/tang.8.adoc b/doc/tang.8.adoc
+index 3031a13..36105bb 100644
+--- a/doc/tang.8.adoc
++++ b/doc/tang.8.adoc
+@@ -40,13 +40,8 @@ protocol, see the Tang project's homepage.
+
+ Getting a Tang server up and running is simple:
+
+-ifdef::freebsd[]
+- $ sudo service tangd enable
+- $ sudo service tangd start
+-endif::[]
+-ifndef::freebsd[]
+- $ sudo systemctl enable tangd.socket --now
+-endif::[]
++ $ doas rc-update add tang
++ $ doas service tang start
+
+ That's it. The server is now running with a fresh set of cryptographic keys
+ and will automatically start on the next reboot.
diff --git a/testing/tang/tang.initd b/testing/tang/tang.initd
new file mode 100644
index 0000000000..13968543d9
--- /dev/null
+++ b/testing/tang/tang.initd
@@ -0,0 +1,27 @@
+#!/sbin/openrc-run
+
+name="Tang server"
+description="Server for binding data to network presence"
+
+: ${tang_port:="7500"}
+: ${tang_address:="127.0.0.1"}
+: ${socat_address:="tcp-listen:$tang_port,bind=$tang_address,fork"}
+
+command="/usr/bin/socat"
+command_user="tang:tang"
+command_args="$socat_address exec:/usr/libexec/tangd-wrapper"
+command_background="yes"
+
+extra_commands="rotate_keys"
+description_rotate_keys="Perform rotation of tang keys"
+pidfile="/run/$RC_SVCNAME.pid"
+
+rotate_keys() {
+ ebegin "Performing rotation of tang keys"
+ su ${command_user%:*} -s /bin/sh -c "/usr/libexec/tangd-rotate-keys -d /var/lib/tang"
+ eend $?
+}
+
+start_pre() {
+ checkpath -d -m 0750 -o $command_user /var/lib/tang
+}
diff --git a/testing/tang/tang.pre-install b/testing/tang/tang.pre-install
new file mode 100644
index 0000000000..5f19f24d01
--- /dev/null
+++ b/testing/tang/tang.pre-install
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+user=tang
+group=tang
+gecos="Tang server"
+
+addgroup -S $group 2>/dev/null
+adduser -S -D -H -h /var/lib/$user -s /sbin/nologin -G $group -g "$gecos" $user 2>/dev/null
+
+exit 0
diff --git a/testing/tang/tangd-wrapper b/testing/tang/tangd-wrapper
new file mode 100644
index 0000000000..49a190814e
--- /dev/null
+++ b/testing/tang/tangd-wrapper
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+# pipe stderr to logger and leave stdin/stdout unaffected
+{ /usr/libexec/tangd /var/lib/tang 2>&1 >&3 3>&- | logger -t tangd -p daemon.info 3>&-; } 3>&1