commit: 843996d6d9b1a6dabc39f5a4e273f680100f848f parent: 0105c472e05845cbb8dd4a5604a341c69c20945e Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me> Date: Wed, 21 Nov 2018 03:28:52 +0100 net-irc/unrealircd: Import from ::gentoo, add libressl supportDiffstat:
| A | net-irc/unrealircd/Manifest | 1 | + |
| A | net-irc/unrealircd/files/unrealircd.confd-r3 | 32 | ++++++++++++++++++++++++++++++++ |
| A | net-irc/unrealircd/files/unrealircd.initd-r2 | 38 | ++++++++++++++++++++++++++++++++++++++ |
| A | net-irc/unrealircd/metadata.xml | 19 | +++++++++++++++++++ |
| A | net-irc/unrealircd/unrealircd-4.2.0.ebuild | 185 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
5 files changed, 275 insertions(+), 0 deletions(-)
diff --git a/net-irc/unrealircd/Manifest b/net-irc/unrealircd/Manifest @@ -0,0 +1 @@ +DIST unrealircd-4.2.0.tar.gz 5340752 BLAKE2B 12d1ada1d439c6acd692a04dd4ed7ed03ea91c897f9522c0fec853239ba9a21098bddb78c6f5159ed59f1b88cf88f0ecaa774d70aba226b3ac749c935bc18ff5 SHA512 2ee7955c3c6c9af2b74cb68cfa94f8500dddf640f0222888b230f0f46dd0a52fba2c68d795eff00c59a3025affb2becb1dd67ebac037c7f75e77a3a728239750 diff --git a/net-irc/unrealircd/files/unrealircd.confd-r3 b/net-irc/unrealircd/files/unrealircd.confd-r3 @@ -0,0 +1,32 @@ +# Copyright 1999-2018 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +# Which configuration file to load instead of unrealircd.conf. If you +# want to run multiple instances of unrealircd, you must edit +# files::pidfile to match UNREALIRCD_PIDFILE. You should also ensure +# that files::tunefile is different for each unrealircd instance. See +# https://www.unrealircd.org/docs/Configuration#Files_block +# +# To support multiple instances of unrealircd, you may create symlinks +# in /etc/init.d pointing to /etc/init.d/unrealircd. It is recommended +# that the scheme unrealircd.${instance_name} be used. For each +# instance, you may make a copy of this file with the appropriate name +# to override default options specific to that instance. +UNREALIRCD_CONF="/etc/unrealircd/${SVCNAME}.conf" + +# The path where unrealircd is configured to create its pidfile. +UNREALIRCD_PIDFILE="/run/unrealircd/${SVCNAME#unreal}.pid" + +# extra options to pass to unrealircd ... +# You should not specify the -f option here; use +# UNREALIRCD_CONF instead. +# +# [-h servername] +# [-p portnumber] +# [-x loglevel] +# [-t] (to enable debug output) +UNREALIRCD_OPTS="" + +# Extra flags to pass to start-stop-daemon. When initially +# debugging, removing --quiet may help. +UNREALIRCD_SSD_OPTS="--quiet" diff --git a/net-irc/unrealircd/files/unrealircd.initd-r2 b/net-irc/unrealircd/files/unrealircd.initd-r2 @@ -0,0 +1,38 @@ +#!/sbin/openrc-run +# Copyright 1999-2018 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +# Defaults +: ${UNREALIRCD_CONF:=/etc/unrealircd/${SVCNAME}.conf} +: ${UNREALIRCD_PIDFILE:=/run/unrealircd/${SVCNAME#unreal}.pid} + +command="/usr/bin/unrealircd" +# Run the daemon in the foreground and let OpenRC background it. +# This way the PID file is created securely, as root. +command_args="-F -f ${UNREALIRCD_CONF} ${UNREALIRCD_OPTS}" +command_user=unrealircd +command_background=true +pidfile="${UNREALIRCD_PIDFILE}" +start_stop_daemon_args="${UNREALIRCD_SSD_OPTS}" +extra_started_commands="reload" + +depend() { + use dns net + provide ircd +} + +# It is unsafe for the unrealircd user to be able to write to its own +# PID file, since root will be sending e.g. kill signals to the PID +# listed in that file. Ensure that we overwrite the ownership and +# permissions on /run/unrealircd from previous init scripts. +start_pre() { + checkpath --directory --owner root:root --mode 0700 /run/unrealircd +} + +reload() { + ebegin "Reloading ${RC_SVCNAME}" + start-stop-daemon --signal HUP \ + --pidfile "${pidfile}" \ + ${UNREALIRCD_SSD_OPTS} + eend $? +} diff --git a/net-irc/unrealircd/metadata.xml b/net-irc/unrealircd/metadata.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>contact@hacktivis.me</email> + <name>Haelwenn (lanodan) Monnier</name> + </maintainer> + <use> + <flag name="class-nofakelag">Enable an unsupported class::options flag called “nofakelag” allowing you to grant fakelag exemption to normal user (instead of just opers).</flag> + <flag name="extban-stacking">Enable extended channel bans (such as +b ~c: and +b ~n:) to contain other extended bans instead of just hostmasks.</flag> + <flag name="prefixaq">Enable chanadmin and chanowner prefixes</flag> + <flag name="showlistmodes">Display channel modes in /LIST (only configured at compiletime)</flag> + <flag name="operoverride-verify">Enable requiring opers to invite themselves to +s/+p channels</flag> + <flag name="operoverride">Enable OperOverride extension</flag> + <flag name="usermod">Enable /set* and /chg* commands</flag> + <flag name="shunnotices">Enable notifying a user when un-shunned</flag> + <flag name="topicisnuhost">Enable displaying nick!user@host as topic setter</flag> + </use> +</pkgmetadata> diff --git a/net-irc/unrealircd/unrealircd-4.2.0.ebuild b/net-irc/unrealircd/unrealircd-4.2.0.ebuild @@ -0,0 +1,185 @@ +# Copyright 1999-2018 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +SSL_CERT_MANDATORY=1 +inherit eapi7-ver ssl-cert user + +DESCRIPTION="An advanced Internet Relay Chat daemon" +HOMEPAGE="https://www.unrealircd.org/" +SRC_URI="https://www.unrealircd.org/${PN}$(ver_cut 1)/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~x86 ~x86-fbsd ~amd64-linux" +IUSE="class-nofakelag curl +extban-stacking +operoverride operoverride-verify +prefixaq + showlistmodes shunnotices topicisnuhost +usermod libressl" + +RDEPEND=" + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:= ) + dev-libs/libpcre2 + dev-libs/tre + >=net-dns/c-ares-1.7:= + sys-libs/zlib + curl? ( net-misc/curl[adns] ) +" +DEPEND="${RDEPEND} + virtual/pkgconfig +" + +DOCS=( doc/{Authors,Donation,RELEASE-NOTES{,.old},tao.of.irc,technical/,translations.txt} ) + +pkg_pretend() { + local v + for v in ${REPLACING_VERSIONS}; do + ver_test "${v}" -ge 4 && continue + ewarn "The configuration file format has changed since ${v}." + ewarn "Please be prepared to manually update them and visit:" + ewarn "https://www.unrealircd.org/docs/Upgrading_from_3.2.x" + break + done +} + +pkg_setup() { + enewuser unrealircd +} + +src_prepare() { + # QA check against bundled pkgs + rm -r extras || die + + if use class-nofakelag; then + sed -i -e 's:#undef\( FAKELAG_CONFIGURABLE\):#define\1:' include/config.h || die + fi + + # By default looks in /etc/unrealircd/ssl/curl-ca-bundle.crt. Fix + # that to look for ca-certificates-provided file instead. %s is + # CONFDIR. #618066 + sed -i -e 's:%s/ssl/curl-ca-bundle.crt:%s/../ssl/certs/ca-certificates.crt:' src/s_conf.c || die + + eapply_user +} + +src_configure() { + # Default value for privatelibdir adds a build path to -Wl,-rpath. + econf \ + --with-bindir="${EPREFIX}"/usr/bin \ + --with-cachedir="${EPREFIX}"/var/lib/${PN} \ + --with-confdir="${EPREFIX}"/etc/${PN} \ + --with-datadir="${EPREFIX}"/var/lib/${PN} \ + --with-docdir="${EPREFIX}"/usr/share/doc/${PF} \ + --with-logdir="${EPREFIX}"/var/log/${PN} \ + --with-modulesdir="${EPREFIX}"/usr/"$(get_libdir)"/${PN}/modules \ + --without-privatelibdir \ + --with-pidfile="${EPREFIX}"/run/${PN}/ircd.pid \ + --with-tmpdir="${EPREFIX}"/var/lib/${PN}/tmp \ + --with-nick-history=2000 \ + --with-sendq=3000000 \ + --with-permissions=0640 \ + --with-fd-setsize=1024 \ + --with-system-cares \ + --with-system-pcre2 \ + --with-system-tre \ + --enable-dynamic-linking \ + --enable-ssl="${EPREFIX}"/usr \ + $(use_enable curl libcurl "${EPREFIX}"/usr) \ + $(use_enable prefixaq) \ + $(use_with showlistmodes) \ + $(use_with topicisnuhost) \ + $(use_with shunnotices) \ + $(use_with !operoverride no-operoverride) \ + $(use_with operoverride-verify) \ + $(use_with !usermod disableusermod) \ + $(use_with !extban-stacking disable-extendedban-stacking) +} + +src_install() { + keepdir /var/log/${PN} + keepdir /var/lib/${PN}/tmp + + newbin src/ircd ${PN} + + ( + cd src/modules || die + for subdir in $(find . -type d -print); do + if [[ -n $(shopt -s nullglob; echo ${subdir}/*.so) ]]; then + exeinto /usr/$(get_libdir)/${PN}/modules/"${subdir}" + doexe "${subdir}"/*.so + fi + done + ) + + insinto /etc/${PN} + # Purposefully omitting the examples/ and ssl/ subdirectories. ssl + # is redundant with app-misc/ca-certificates and examples will all + # be in docs anyway. + doins -r doc/conf/{aliases,help} + doins doc/conf/*.conf + newins doc/conf/examples/example.conf ${PN}.conf + keepdir /etc/${PN}/ssl + + einstalldocs + + newinitd "${FILESDIR}"/${PN}.initd-r2 ${PN} + newconfd "${FILESDIR}"/${PN}.confd-r3 ${PN} + + # config should be read-only + fperms -R 0640 /etc/${PN} + fperms 0750 /etc/${PN}{,/aliases,/help} + fperms 0750 /etc/${PN}/ssl + # state is editable but not owned by unrealircd directly + fperms 0770 /var/log/${PN} + fperms 0770 /var/lib/${PN}{,/tmp} + fowners -R root:unrealircd /{etc,var/{lib,log}}/${PN} +} + +pkg_postinst() { + # Move docert call from src_install() to install_cert in pkg_postinst for + # bug #201682 + if [[ ! -f "${EROOT}"etc/${PN}/ssl/server.cert.key ]]; then + if [[ -f "${EROOT}"etc/${PN}/server.cert.key ]]; then + ewarn "The location ${PN} looks for SSL certificates has changed" + ewarn "from ${EROOT}etc/${PN} to ${EROOT}etc/${PN}/ssl." + ewarn "Please move your existing certificates." + else + ( + umask 0037 + install_cert /etc/${PN}/ssl/server.cert + chown unrealircd "${EROOT}"etc/${PN}/ssl/server.cert.* + ln -snf server.cert.key "${EROOT}"etc/${PN}/ssl/server.key.pem + ) + fi + fi + + local unrealircd_conf="${EROOT}"etc/${PN}/${PN}.conf + # Fix up the default cloak keys. + if grep -qe '"and another one";$' "${unrealircd_conf}" && grep -qe '"aoAr1HnR6gl3sJ7hVz4Zb7x4YwpW";$' "${unrealircd_conf}"; then + ebegin "Generating cloak-keys" + local keys=( + $(su ${PN} -s /bin/sh -c "${PN} -k 2>&1 | tail -n 3") + ) + [[ -n ${keys[0]} || -n ${keys[1]} || -n ${keys[2]} ]] + eend $? + + ebegin "Substituting cloak-keys into ${unrealircd_conf}" + sed -i \ + -e '/cloak-keys/ { +n +s/"aoAr1HnR6gl3sJ7hVz4Zb7x4YwpW";/"'"${keys[0]}"'";/ +n +s/"and another one";/"'"${keys[1]}"'";/ +n +s/"and another one";/"'"${keys[2]}"'";/ +}' \ + "${unrealircd_conf}" + eend $? + fi + + elog "UnrealIRCd will not run until you've set up /etc/unrealircd/unrealircd.conf" + elog + elog "You can also configure ${PN} start at boot with rc-update(1)." + elog "It is recommended to run unrealircd as an unprivileged user." + elog "The provided init.d script does this for you." +}