Date: Sunday, October 3, 2021 @ 00:41:15 Author: shibumi Revision: 1027144
archrelease: copy trunk to community-x86_64 Added: traefik/repos/community-x86_64/49c1e3df55175b2942ad091df86272903cf709da.patch (from rev 1027143, traefik/trunk/49c1e3df55175b2942ad091df86272903cf709da.patch) traefik/repos/community-x86_64/49ed06686b6c4be2164c65eb6d807b0fc542aea4.patch (from rev 1027143, traefik/trunk/49ed06686b6c4be2164c65eb6d807b0fc542aea4.patch) traefik/repos/community-x86_64/PKGBUILD (from rev 1027143, traefik/trunk/PKGBUILD) traefik/repos/community-x86_64/b77cf4d0b067438c3e1758bb22ad56e644c8122f.patch (from rev 1027143, traefik/trunk/b77cf4d0b067438c3e1758bb22ad56e644c8122f.patch) traefik/repos/community-x86_64/traefik.service (from rev 1027143, traefik/trunk/traefik.service) traefik/repos/community-x86_64/traefik.sysusers (from rev 1027143, traefik/trunk/traefik.sysusers) Deleted: traefik/repos/community-x86_64/49c1e3df55175b2942ad091df86272903cf709da.patch traefik/repos/community-x86_64/49ed06686b6c4be2164c65eb6d807b0fc542aea4.patch traefik/repos/community-x86_64/PKGBUILD traefik/repos/community-x86_64/b77cf4d0b067438c3e1758bb22ad56e644c8122f.patch traefik/repos/community-x86_64/traefik.service traefik/repos/community-x86_64/traefik.sysusers ------------------------------------------------+ 49c1e3df55175b2942ad091df86272903cf709da.patch | 106 +++---- 49ed06686b6c4be2164c65eb6d807b0fc542aea4.patch | 342 +++++++++++------------ PKGBUILD | 108 +++---- b77cf4d0b067438c3e1758bb22ad56e644c8122f.patch | 104 +++--- traefik.service | 80 ++--- traefik.sysusers | 2 6 files changed, 371 insertions(+), 371 deletions(-) Deleted: 49c1e3df55175b2942ad091df86272903cf709da.patch =================================================================== --- 49c1e3df55175b2942ad091df86272903cf709da.patch 2021-10-03 00:41:07 UTC (rev 1027143) +++ 49c1e3df55175b2942ad091df86272903cf709da.patch 2021-10-03 00:41:15 UTC (rev 1027144) @@ -1,53 +0,0 @@ -From 49c1e3df55175b2942ad091df86272903cf709da Mon Sep 17 00:00:00 2001 -From: Julien Salleyron <julien.salley...@gmail.com> -Date: Fri, 14 Aug 2020 11:03:58 +0200 -Subject: [PATCH] Fix server shutdown - ---- - pkg/server/server_entrypoint_tcp.go | 13 ++++++++++--- - 1 file changed, 10 insertions(+), 3 deletions(-) - -diff --git a/pkg/server/server_entrypoint_tcp.go b/pkg/server/server_entrypoint_tcp.go -index bf8a5315b3..3b7efdf4c8 100644 ---- a/pkg/server/server_entrypoint_tcp.go -+++ b/pkg/server/server_entrypoint_tcp.go -@@ -28,12 +28,14 @@ var httpServerLogger = stdlog.New(log.WithoutContext().WriterLevel(logrus.DebugL - type httpForwarder struct { - net.Listener - connChan chan net.Conn -+ errChan chan error - } - - func newHTTPForwarder(ln net.Listener) *httpForwarder { - return &httpForwarder{ - Listener: ln, - connChan: make(chan net.Conn), -+ errChan: make(chan error), - } - } - -@@ -44,8 +46,12 @@ func (h *httpForwarder) ServeTCP(conn tcp.WriteCloser) { - - // Accept retrieves a served connection in ServeTCP. - func (h *httpForwarder) Accept() (net.Conn, error) { -- conn := <-h.connChan -- return conn, nil -+ select { -+ case conn := <-h.connChan: -+ return conn, nil -+ case err := <-h.errChan: -+ return nil, err -+ } - } - - // TCPEntryPoints holds a map of TCPEntryPoint (the entrypoint names being the keys). -@@ -169,7 +175,8 @@ func (e *TCPEntryPoint) Start(ctx context.Context) { - if netErr, ok := err.(net.Error); ok && netErr.Temporary() { - continue - } -- -+ e.httpServer.Forwarder.errChan <- err -+ e.httpsServer.Forwarder.errChan <- err - return - } - Copied: traefik/repos/community-x86_64/49c1e3df55175b2942ad091df86272903cf709da.patch (from rev 1027143, traefik/trunk/49c1e3df55175b2942ad091df86272903cf709da.patch) =================================================================== --- 49c1e3df55175b2942ad091df86272903cf709da.patch (rev 0) +++ 49c1e3df55175b2942ad091df86272903cf709da.patch 2021-10-03 00:41:15 UTC (rev 1027144) @@ -0,0 +1,53 @@ +From 49c1e3df55175b2942ad091df86272903cf709da Mon Sep 17 00:00:00 2001 +From: Julien Salleyron <julien.salley...@gmail.com> +Date: Fri, 14 Aug 2020 11:03:58 +0200 +Subject: [PATCH] Fix server shutdown + +--- + pkg/server/server_entrypoint_tcp.go | 13 ++++++++++--- + 1 file changed, 10 insertions(+), 3 deletions(-) + +diff --git a/pkg/server/server_entrypoint_tcp.go b/pkg/server/server_entrypoint_tcp.go +index bf8a5315b3..3b7efdf4c8 100644 +--- a/pkg/server/server_entrypoint_tcp.go ++++ b/pkg/server/server_entrypoint_tcp.go +@@ -28,12 +28,14 @@ var httpServerLogger = stdlog.New(log.WithoutContext().WriterLevel(logrus.DebugL + type httpForwarder struct { + net.Listener + connChan chan net.Conn ++ errChan chan error + } + + func newHTTPForwarder(ln net.Listener) *httpForwarder { + return &httpForwarder{ + Listener: ln, + connChan: make(chan net.Conn), ++ errChan: make(chan error), + } + } + +@@ -44,8 +46,12 @@ func (h *httpForwarder) ServeTCP(conn tcp.WriteCloser) { + + // Accept retrieves a served connection in ServeTCP. + func (h *httpForwarder) Accept() (net.Conn, error) { +- conn := <-h.connChan +- return conn, nil ++ select { ++ case conn := <-h.connChan: ++ return conn, nil ++ case err := <-h.errChan: ++ return nil, err ++ } + } + + // TCPEntryPoints holds a map of TCPEntryPoint (the entrypoint names being the keys). +@@ -169,7 +175,8 @@ func (e *TCPEntryPoint) Start(ctx context.Context) { + if netErr, ok := err.(net.Error); ok && netErr.Temporary() { + continue + } +- ++ e.httpServer.Forwarder.errChan <- err ++ e.httpsServer.Forwarder.errChan <- err + return + } + Deleted: 49ed06686b6c4be2164c65eb6d807b0fc542aea4.patch =================================================================== --- 49ed06686b6c4be2164c65eb6d807b0fc542aea4.patch 2021-10-03 00:41:07 UTC (rev 1027143) +++ 49ed06686b6c4be2164c65eb6d807b0fc542aea4.patch 2021-10-03 00:41:15 UTC (rev 1027144) @@ -1,171 +0,0 @@ -From 49ed06686b6c4be2164c65eb6d807b0fc542aea4 Mon Sep 17 00:00:00 2001 -From: Fernandez Ludovic <ludo...@containo.us> -Date: Thu, 13 Aug 2020 19:14:25 +0200 -Subject: [PATCH] fix: HTTP smuggling fix. - ---- - pkg/middlewares/auth/forward_test.go | 47 ++++++++++++++-------------- - 1 file changed, 23 insertions(+), 24 deletions(-) - -diff --git a/pkg/middlewares/auth/forward_test.go b/pkg/middlewares/auth/forward_test.go -index 7674a1384d..44486379ac 100644 ---- a/pkg/middlewares/auth/forward_test.go -+++ b/pkg/middlewares/auth/forward_test.go -@@ -28,7 +28,7 @@ func TestForwardAuthFail(t *testing.T) { - server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - http.Error(w, "Forbidden", http.StatusForbidden) - })) -- defer server.Close() -+ t.Cleanup(server.Close) - - middleware, err := NewForward(context.Background(), next, dynamic.ForwardAuth{ - Address: server.URL, -@@ -36,7 +36,7 @@ func TestForwardAuthFail(t *testing.T) { - require.NoError(t, err) - - ts := httptest.NewServer(middleware) -- defer ts.Close() -+ t.Cleanup(ts.Close) - - req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil) - res, err := http.DefaultClient.Do(req) -@@ -59,7 +59,7 @@ func TestForwardAuthSuccess(t *testing.T) { - w.Header().Add("X-Auth-Group", "group2") - fmt.Fprintln(w, "Success") - })) -- defer server.Close() -+ t.Cleanup(server.Close) - - next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - assert.Equal(t, "u...@example.com", r.Header.Get("X-Auth-User")) -@@ -76,7 +76,7 @@ func TestForwardAuthSuccess(t *testing.T) { - require.NoError(t, err) - - ts := httptest.NewServer(middleware) -- defer ts.Close() -+ t.Cleanup(ts.Close) - - req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil) - req.Header.Set("X-Auth-Group", "admin_group") -@@ -95,20 +95,19 @@ func TestForwardAuthRedirect(t *testing.T) { - authTs := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - http.Redirect(w, r, "http://example.com/redirect-test", http.StatusFound) - })) -- defer authTs.Close() -+ t.Cleanup(authTs.Close) - - next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - fmt.Fprintln(w, "traefik") - }) - -- auth := dynamic.ForwardAuth{ -- Address: authTs.URL, -- } -+ auth := dynamic.ForwardAuth{Address: authTs.URL} -+ - authMiddleware, err := NewForward(context.Background(), next, auth, "authTest") - require.NoError(t, err) - - ts := httptest.NewServer(authMiddleware) -- defer ts.Close() -+ t.Cleanup(ts.Close) - - client := &http.Client{ - CheckRedirect: func(r *http.Request, via []*http.Request) error { -@@ -139,7 +138,7 @@ func TestForwardAuthRemoveHopByHopHeaders(t *testing.T) { - headers := w.Header() - for _, header := range forward.HopHeaders { - if header == forward.TransferEncoding { -- headers.Add(header, "identity") -+ headers.Set(header, "chunked") - } else { - headers.Add(header, "test") - } -@@ -147,29 +146,29 @@ func TestForwardAuthRemoveHopByHopHeaders(t *testing.T) { - - http.Redirect(w, r, "http://example.com/redirect-test", http.StatusFound) - })) -- defer authTs.Close() -+ t.Cleanup(authTs.Close) - - next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - fmt.Fprintln(w, "traefik") - }) -- auth := dynamic.ForwardAuth{ -- Address: authTs.URL, -- } -- authMiddleware, err := NewForward(context.Background(), next, auth, "authTest") - -- assert.NoError(t, err, "there should be no error") -+ auth := dynamic.ForwardAuth{Address: authTs.URL} -+ -+ authMiddleware, err := NewForward(context.Background(), next, auth, "authTest") -+ require.NoError(t, err) - - ts := httptest.NewServer(authMiddleware) -- defer ts.Close() -+ t.Cleanup(ts.Close) - - client := &http.Client{ - CheckRedirect: func(r *http.Request, via []*http.Request) error { - return http.ErrUseLastResponse - }, - } -+ - req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil) - res, err := client.Do(req) -- assert.NoError(t, err, "there should be no error") -+ require.NoError(t, err) - assert.Equal(t, http.StatusFound, res.StatusCode, "they should be equal") - - for _, header := range forward.HopHeaders { -@@ -177,11 +176,11 @@ func TestForwardAuthRemoveHopByHopHeaders(t *testing.T) { - } - - location, err := res.Location() -- assert.NoError(t, err, "there should be no error") -+ require.NoError(t, err) - assert.Equal(t, "http://example.com/redirect-test", location.String(), "they should be equal") - - body, err := ioutil.ReadAll(res.Body) -- assert.NoError(t, err, "there should be no error") -+ require.NoError(t, err) - assert.NotEmpty(t, string(body), "there should be something in the body") - } - -@@ -192,7 +191,7 @@ func TestForwardAuthFailResponseHeaders(t *testing.T) { - w.Header().Add("X-Foo", "bar") - http.Error(w, "Forbidden", http.StatusForbidden) - })) -- defer authTs.Close() -+ t.Cleanup(authTs.Close) - - next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - fmt.Fprintln(w, "traefik") -@@ -205,7 +204,7 @@ func TestForwardAuthFailResponseHeaders(t *testing.T) { - require.NoError(t, err) - - ts := httptest.NewServer(authMiddleware) -- defer ts.Close() -+ t.Cleanup(ts.Close) - - req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil) - -@@ -407,7 +406,7 @@ func TestForwardAuthUsesTracing(t *testing.T) { - t.Errorf("expected Mockpfx-Ids-Traceid header to be present in request") - } - })) -- defer server.Close() -+ t.Cleanup(server.Close) - - next := http.Handler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {})) - -@@ -426,7 +425,7 @@ func TestForwardAuthUsesTracing(t *testing.T) { - next = tracingMiddleware.NewEntryPoint(context.Background(), tr, "tracingTest", next) - - ts := httptest.NewServer(next) -- defer ts.Close() -+ t.Cleanup(ts.Close) - - req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil) - res, err := http.DefaultClient.Do(req) Copied: traefik/repos/community-x86_64/49ed06686b6c4be2164c65eb6d807b0fc542aea4.patch (from rev 1027143, traefik/trunk/49ed06686b6c4be2164c65eb6d807b0fc542aea4.patch) =================================================================== --- 49ed06686b6c4be2164c65eb6d807b0fc542aea4.patch (rev 0) +++ 49ed06686b6c4be2164c65eb6d807b0fc542aea4.patch 2021-10-03 00:41:15 UTC (rev 1027144) @@ -0,0 +1,171 @@ +From 49ed06686b6c4be2164c65eb6d807b0fc542aea4 Mon Sep 17 00:00:00 2001 +From: Fernandez Ludovic <ludo...@containo.us> +Date: Thu, 13 Aug 2020 19:14:25 +0200 +Subject: [PATCH] fix: HTTP smuggling fix. + +--- + pkg/middlewares/auth/forward_test.go | 47 ++++++++++++++-------------- + 1 file changed, 23 insertions(+), 24 deletions(-) + +diff --git a/pkg/middlewares/auth/forward_test.go b/pkg/middlewares/auth/forward_test.go +index 7674a1384d..44486379ac 100644 +--- a/pkg/middlewares/auth/forward_test.go ++++ b/pkg/middlewares/auth/forward_test.go +@@ -28,7 +28,7 @@ func TestForwardAuthFail(t *testing.T) { + server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + http.Error(w, "Forbidden", http.StatusForbidden) + })) +- defer server.Close() ++ t.Cleanup(server.Close) + + middleware, err := NewForward(context.Background(), next, dynamic.ForwardAuth{ + Address: server.URL, +@@ -36,7 +36,7 @@ func TestForwardAuthFail(t *testing.T) { + require.NoError(t, err) + + ts := httptest.NewServer(middleware) +- defer ts.Close() ++ t.Cleanup(ts.Close) + + req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil) + res, err := http.DefaultClient.Do(req) +@@ -59,7 +59,7 @@ func TestForwardAuthSuccess(t *testing.T) { + w.Header().Add("X-Auth-Group", "group2") + fmt.Fprintln(w, "Success") + })) +- defer server.Close() ++ t.Cleanup(server.Close) + + next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + assert.Equal(t, "u...@example.com", r.Header.Get("X-Auth-User")) +@@ -76,7 +76,7 @@ func TestForwardAuthSuccess(t *testing.T) { + require.NoError(t, err) + + ts := httptest.NewServer(middleware) +- defer ts.Close() ++ t.Cleanup(ts.Close) + + req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil) + req.Header.Set("X-Auth-Group", "admin_group") +@@ -95,20 +95,19 @@ func TestForwardAuthRedirect(t *testing.T) { + authTs := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + http.Redirect(w, r, "http://example.com/redirect-test", http.StatusFound) + })) +- defer authTs.Close() ++ t.Cleanup(authTs.Close) + + next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + fmt.Fprintln(w, "traefik") + }) + +- auth := dynamic.ForwardAuth{ +- Address: authTs.URL, +- } ++ auth := dynamic.ForwardAuth{Address: authTs.URL} ++ + authMiddleware, err := NewForward(context.Background(), next, auth, "authTest") + require.NoError(t, err) + + ts := httptest.NewServer(authMiddleware) +- defer ts.Close() ++ t.Cleanup(ts.Close) + + client := &http.Client{ + CheckRedirect: func(r *http.Request, via []*http.Request) error { +@@ -139,7 +138,7 @@ func TestForwardAuthRemoveHopByHopHeaders(t *testing.T) { + headers := w.Header() + for _, header := range forward.HopHeaders { + if header == forward.TransferEncoding { +- headers.Add(header, "identity") ++ headers.Set(header, "chunked") + } else { + headers.Add(header, "test") + } +@@ -147,29 +146,29 @@ func TestForwardAuthRemoveHopByHopHeaders(t *testing.T) { + + http.Redirect(w, r, "http://example.com/redirect-test", http.StatusFound) + })) +- defer authTs.Close() ++ t.Cleanup(authTs.Close) + + next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + fmt.Fprintln(w, "traefik") + }) +- auth := dynamic.ForwardAuth{ +- Address: authTs.URL, +- } +- authMiddleware, err := NewForward(context.Background(), next, auth, "authTest") + +- assert.NoError(t, err, "there should be no error") ++ auth := dynamic.ForwardAuth{Address: authTs.URL} ++ ++ authMiddleware, err := NewForward(context.Background(), next, auth, "authTest") ++ require.NoError(t, err) + + ts := httptest.NewServer(authMiddleware) +- defer ts.Close() ++ t.Cleanup(ts.Close) + + client := &http.Client{ + CheckRedirect: func(r *http.Request, via []*http.Request) error { + return http.ErrUseLastResponse + }, + } ++ + req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil) + res, err := client.Do(req) +- assert.NoError(t, err, "there should be no error") ++ require.NoError(t, err) + assert.Equal(t, http.StatusFound, res.StatusCode, "they should be equal") + + for _, header := range forward.HopHeaders { +@@ -177,11 +176,11 @@ func TestForwardAuthRemoveHopByHopHeaders(t *testing.T) { + } + + location, err := res.Location() +- assert.NoError(t, err, "there should be no error") ++ require.NoError(t, err) + assert.Equal(t, "http://example.com/redirect-test", location.String(), "they should be equal") + + body, err := ioutil.ReadAll(res.Body) +- assert.NoError(t, err, "there should be no error") ++ require.NoError(t, err) + assert.NotEmpty(t, string(body), "there should be something in the body") + } + +@@ -192,7 +191,7 @@ func TestForwardAuthFailResponseHeaders(t *testing.T) { + w.Header().Add("X-Foo", "bar") + http.Error(w, "Forbidden", http.StatusForbidden) + })) +- defer authTs.Close() ++ t.Cleanup(authTs.Close) + + next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + fmt.Fprintln(w, "traefik") +@@ -205,7 +204,7 @@ func TestForwardAuthFailResponseHeaders(t *testing.T) { + require.NoError(t, err) + + ts := httptest.NewServer(authMiddleware) +- defer ts.Close() ++ t.Cleanup(ts.Close) + + req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil) + +@@ -407,7 +406,7 @@ func TestForwardAuthUsesTracing(t *testing.T) { + t.Errorf("expected Mockpfx-Ids-Traceid header to be present in request") + } + })) +- defer server.Close() ++ t.Cleanup(server.Close) + + next := http.Handler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {})) + +@@ -426,7 +425,7 @@ func TestForwardAuthUsesTracing(t *testing.T) { + next = tracingMiddleware.NewEntryPoint(context.Background(), tr, "tracingTest", next) + + ts := httptest.NewServer(next) +- defer ts.Close() ++ t.Cleanup(ts.Close) + + req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil) + res, err := http.DefaultClient.Do(req) Deleted: PKGBUILD =================================================================== --- PKGBUILD 2021-10-03 00:41:07 UTC (rev 1027143) +++ PKGBUILD 2021-10-03 00:41:15 UTC (rev 1027144) @@ -1,54 +0,0 @@ -# Maintainer : Christian Rebischke <chris.rebisc...@archlinux.org> - -pkgname=traefik -pkgver=2.5.1 -pkgrel=1 -pkgdesc="Modern reverse proxy written in Go" -arch=('x86_64') -url="https://containo.us/traefik/" -license=('MIT') -makedepends=('go' 'go-bindata-hashicorp' 'patch') -depends=('glibc') -backup=('etc/traefik/traefik.toml' - 'etc/traefik/traefik.yaml' - 'etc/traefik/traefik.yml') -source=("${pkgname}-${pkgver}.tar.gz::https://github.com/containous/traefik/releases/download/v${pkgver}/traefik-v${pkgver}.src.tar.gz" - 'traefik.service' - 'traefik.sysusers') -noextract=("${pkgname}-${pkgver}.tar.gz") -sha512sums=('9d40483a073e2396956adff817f58992b0903276dbd8f1edb58e4bdcb7bb00d571d5e0a00d9b2900b01e4b5ef1e69e491a7ebc125e07607fa1e823aaa2ad782c' - '25ab1113bb69936c443fe49d5d3da7d39171fc82e8fa06f46ed4e2dfcaa89685d50ca50b58c32215852d79e5c8d4736a287c15b75420c78a853c51502cb2641a' - '5fecfed5df77bf28c2c976ebaebedb030904d41509e740821140a4889bda20327f416e78f8d19b0ee78c8bc422d1907ce05ef3562e4d3e36ddfbdbea5e860b2a') - -prepare() { - mkdir "${srcdir}/${pkgname}-${pkgver}" - tar xfvz "${srcdir}/${pkgname}-${pkgver}.tar.gz" -C "${srcdir}/${pkgname}-${pkgver}" -} - -build() { - export CGO_CPPFLAGS="${CPPFLAGS}" - export CGO_CFLAGS="${CFLAGS}" - export CGO_CXXFLAGS="${CXXFLAGS}" - export CGO_LDFLAGS="${LDFLAGS}" - export GOFLAGS="-buildmode=pie -trimpath -mod=readonly -modcacherw" - cd "${srcdir}/${pkgname}-${pkgver}" - go generate - cd cmd/traefik - go build -ldflags="-linkmode=external" -} - -check() { - cd "${srcdir}/${pkgname}-${pkgver}" - go test ./... -} - -package() { - cd "${srcdir}/${pkgname}-${pkgver}" - install -Dm755 cmd/traefik/"${pkgname}" "${pkgdir}/usr/bin/${pkgname}" - install -Dm644 LICENSE.md "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" - install -Dm644 "${srcdir}/traefik.service" "${pkgdir}/usr/lib/systemd/system/traefik.service" - install -Dm644 "${srcdir}/traefik.sysusers" "${pkgdir}/usr/lib/sysusers.d/traefik.conf" - # create empty acme.json file, otherwise the service file will fail - mkdir -p "${pkgdir}/etc/traefik/" - touch "${pkgdir}/etc/traefik/acme.json" -} Copied: traefik/repos/community-x86_64/PKGBUILD (from rev 1027143, traefik/trunk/PKGBUILD) =================================================================== --- PKGBUILD (rev 0) +++ PKGBUILD 2021-10-03 00:41:15 UTC (rev 1027144) @@ -0,0 +1,54 @@ +# Maintainer : Christian Rebischke <chris.rebisc...@archlinux.org> + +pkgname=traefik +pkgver=2.5.3 +pkgrel=1 +pkgdesc="Modern reverse proxy written in Go" +arch=('x86_64') +url="https://containo.us/traefik/" +license=('MIT') +makedepends=('go' 'go-bindata-hashicorp' 'patch') +depends=('glibc') +backup=('etc/traefik/traefik.toml' + 'etc/traefik/traefik.yaml' + 'etc/traefik/traefik.yml') +source=("${pkgname}-${pkgver}.tar.gz::https://github.com/containous/traefik/releases/download/v${pkgver}/traefik-v${pkgver}.src.tar.gz" + 'traefik.service' + 'traefik.sysusers') +noextract=("${pkgname}-${pkgver}.tar.gz") +sha512sums=('98627b98decc4ef3c966d226b4c010aba97c4a27597c80a81f571a5b8cf08497e5bd4e6f5dd3e5cd183647fd298ec80a07688c6992056bb691bfaa77d471a9d6' + '25ab1113bb69936c443fe49d5d3da7d39171fc82e8fa06f46ed4e2dfcaa89685d50ca50b58c32215852d79e5c8d4736a287c15b75420c78a853c51502cb2641a' + '5fecfed5df77bf28c2c976ebaebedb030904d41509e740821140a4889bda20327f416e78f8d19b0ee78c8bc422d1907ce05ef3562e4d3e36ddfbdbea5e860b2a') + +prepare() { + mkdir "${srcdir}/${pkgname}-${pkgver}" + tar xfvz "${srcdir}/${pkgname}-${pkgver}.tar.gz" -C "${srcdir}/${pkgname}-${pkgver}" +} + +build() { + export CGO_CPPFLAGS="${CPPFLAGS}" + export CGO_CFLAGS="${CFLAGS}" + export CGO_CXXFLAGS="${CXXFLAGS}" + export CGO_LDFLAGS="${LDFLAGS}" + export GOFLAGS="-buildmode=pie -trimpath -mod=readonly -modcacherw" + cd "${srcdir}/${pkgname}-${pkgver}" + go generate + cd cmd/traefik + go build -ldflags="-linkmode=external" +} + +check() { + cd "${srcdir}/${pkgname}-${pkgver}" + go test ./... +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + install -Dm755 cmd/traefik/"${pkgname}" "${pkgdir}/usr/bin/${pkgname}" + install -Dm644 LICENSE.md "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" + install -Dm644 "${srcdir}/traefik.service" "${pkgdir}/usr/lib/systemd/system/traefik.service" + install -Dm644 "${srcdir}/traefik.sysusers" "${pkgdir}/usr/lib/sysusers.d/traefik.conf" + # create empty acme.json file, otherwise the service file will fail + mkdir -p "${pkgdir}/etc/traefik/" + touch "${pkgdir}/etc/traefik/acme.json" +} Deleted: b77cf4d0b067438c3e1758bb22ad56e644c8122f.patch =================================================================== --- b77cf4d0b067438c3e1758bb22ad56e644c8122f.patch 2021-10-03 00:41:07 UTC (rev 1027143) +++ b77cf4d0b067438c3e1758bb22ad56e644c8122f.patch 2021-10-03 00:41:15 UTC (rev 1027144) @@ -1,52 +0,0 @@ -From b77cf4d0b067438c3e1758bb22ad56e644c8122f Mon Sep 17 00:00:00 2001 -From: Fernandez Ludovic <ludo...@containo.us> -Date: Thu, 13 Aug 2020 19:15:10 +0200 -Subject: [PATCH] fix: conversion from untyped int to string yields a string of - one rune - ---- - pkg/metrics/statsd_test.go | 13 +++++++------ - 1 file changed, 7 insertions(+), 6 deletions(-) - -diff --git a/pkg/metrics/statsd_test.go b/pkg/metrics/statsd_test.go -index 11955a50aa..64a585609d 100644 ---- a/pkg/metrics/statsd_test.go -+++ b/pkg/metrics/statsd_test.go -@@ -3,6 +3,7 @@ package metrics - import ( - "context" - "net/http" -+ "strconv" - "testing" - "time" - -@@ -36,11 +37,11 @@ func TestStatsD(t *testing.T) { - } - - udp.ShouldReceiveAll(t, expected, func() { -- statsdRegistry.ServiceReqsCounter().With("service", "test", "code", string(http.StatusOK), "method", http.MethodGet).Add(1) -- statsdRegistry.ServiceReqsCounter().With("service", "test", "code", string(http.StatusNotFound), "method", http.MethodGet).Add(1) -+ statsdRegistry.ServiceReqsCounter().With("service", "test", "code", strconv.Itoa(http.StatusOK), "method", http.MethodGet).Add(1) -+ statsdRegistry.ServiceReqsCounter().With("service", "test", "code", strconv.Itoa(http.StatusNotFound), "method", http.MethodGet).Add(1) - statsdRegistry.ServiceRetriesCounter().With("service", "test").Add(1) - statsdRegistry.ServiceRetriesCounter().With("service", "test").Add(1) -- statsdRegistry.ServiceReqDurationHistogram().With("service", "test", "code", string(http.StatusOK)).Observe(10000) -+ statsdRegistry.ServiceReqDurationHistogram().With("service", "test", "code", strconv.Itoa(http.StatusOK)).Observe(10000) - statsdRegistry.ConfigReloadsCounter().Add(1) - statsdRegistry.ConfigReloadsFailureCounter().Add(1) - statsdRegistry.EntryPointReqsCounter().With("entrypoint", "test").Add(1) -@@ -76,11 +77,11 @@ func TestStatsDWithPrefix(t *testing.T) { - } - - udp.ShouldReceiveAll(t, expected, func() { -- statsdRegistry.ServiceReqsCounter().With("service", "test", "code", string(http.StatusOK), "method", http.MethodGet).Add(1) -- statsdRegistry.ServiceReqsCounter().With("service", "test", "code", string(http.StatusNotFound), "method", http.MethodGet).Add(1) -+ statsdRegistry.ServiceReqsCounter().With("service", "test", "code", strconv.Itoa(http.StatusOK), "method", http.MethodGet).Add(1) -+ statsdRegistry.ServiceReqsCounter().With("service", "test", "code", strconv.Itoa(http.StatusNotFound), "method", http.MethodGet).Add(1) - statsdRegistry.ServiceRetriesCounter().With("service", "test").Add(1) - statsdRegistry.ServiceRetriesCounter().With("service", "test").Add(1) -- statsdRegistry.ServiceReqDurationHistogram().With("service", "test", "code", string(http.StatusOK)).Observe(10000) -+ statsdRegistry.ServiceReqDurationHistogram().With("service", "test", "code", strconv.Itoa(http.StatusOK)).Observe(10000) - statsdRegistry.ConfigReloadsCounter().Add(1) - statsdRegistry.ConfigReloadsFailureCounter().Add(1) - statsdRegistry.EntryPointReqsCounter().With("entrypoint", "test").Add(1) Copied: traefik/repos/community-x86_64/b77cf4d0b067438c3e1758bb22ad56e644c8122f.patch (from rev 1027143, traefik/trunk/b77cf4d0b067438c3e1758bb22ad56e644c8122f.patch) =================================================================== --- b77cf4d0b067438c3e1758bb22ad56e644c8122f.patch (rev 0) +++ b77cf4d0b067438c3e1758bb22ad56e644c8122f.patch 2021-10-03 00:41:15 UTC (rev 1027144) @@ -0,0 +1,52 @@ +From b77cf4d0b067438c3e1758bb22ad56e644c8122f Mon Sep 17 00:00:00 2001 +From: Fernandez Ludovic <ludo...@containo.us> +Date: Thu, 13 Aug 2020 19:15:10 +0200 +Subject: [PATCH] fix: conversion from untyped int to string yields a string of + one rune + +--- + pkg/metrics/statsd_test.go | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) + +diff --git a/pkg/metrics/statsd_test.go b/pkg/metrics/statsd_test.go +index 11955a50aa..64a585609d 100644 +--- a/pkg/metrics/statsd_test.go ++++ b/pkg/metrics/statsd_test.go +@@ -3,6 +3,7 @@ package metrics + import ( + "context" + "net/http" ++ "strconv" + "testing" + "time" + +@@ -36,11 +37,11 @@ func TestStatsD(t *testing.T) { + } + + udp.ShouldReceiveAll(t, expected, func() { +- statsdRegistry.ServiceReqsCounter().With("service", "test", "code", string(http.StatusOK), "method", http.MethodGet).Add(1) +- statsdRegistry.ServiceReqsCounter().With("service", "test", "code", string(http.StatusNotFound), "method", http.MethodGet).Add(1) ++ statsdRegistry.ServiceReqsCounter().With("service", "test", "code", strconv.Itoa(http.StatusOK), "method", http.MethodGet).Add(1) ++ statsdRegistry.ServiceReqsCounter().With("service", "test", "code", strconv.Itoa(http.StatusNotFound), "method", http.MethodGet).Add(1) + statsdRegistry.ServiceRetriesCounter().With("service", "test").Add(1) + statsdRegistry.ServiceRetriesCounter().With("service", "test").Add(1) +- statsdRegistry.ServiceReqDurationHistogram().With("service", "test", "code", string(http.StatusOK)).Observe(10000) ++ statsdRegistry.ServiceReqDurationHistogram().With("service", "test", "code", strconv.Itoa(http.StatusOK)).Observe(10000) + statsdRegistry.ConfigReloadsCounter().Add(1) + statsdRegistry.ConfigReloadsFailureCounter().Add(1) + statsdRegistry.EntryPointReqsCounter().With("entrypoint", "test").Add(1) +@@ -76,11 +77,11 @@ func TestStatsDWithPrefix(t *testing.T) { + } + + udp.ShouldReceiveAll(t, expected, func() { +- statsdRegistry.ServiceReqsCounter().With("service", "test", "code", string(http.StatusOK), "method", http.MethodGet).Add(1) +- statsdRegistry.ServiceReqsCounter().With("service", "test", "code", string(http.StatusNotFound), "method", http.MethodGet).Add(1) ++ statsdRegistry.ServiceReqsCounter().With("service", "test", "code", strconv.Itoa(http.StatusOK), "method", http.MethodGet).Add(1) ++ statsdRegistry.ServiceReqsCounter().With("service", "test", "code", strconv.Itoa(http.StatusNotFound), "method", http.MethodGet).Add(1) + statsdRegistry.ServiceRetriesCounter().With("service", "test").Add(1) + statsdRegistry.ServiceRetriesCounter().With("service", "test").Add(1) +- statsdRegistry.ServiceReqDurationHistogram().With("service", "test", "code", string(http.StatusOK)).Observe(10000) ++ statsdRegistry.ServiceReqDurationHistogram().With("service", "test", "code", strconv.Itoa(http.StatusOK)).Observe(10000) + statsdRegistry.ConfigReloadsCounter().Add(1) + statsdRegistry.ConfigReloadsFailureCounter().Add(1) + statsdRegistry.EntryPointReqsCounter().With("entrypoint", "test").Add(1) Deleted: traefik.service =================================================================== --- traefik.service 2021-10-03 00:41:07 UTC (rev 1027143) +++ traefik.service 2021-10-03 00:41:15 UTC (rev 1027144) @@ -1,40 +0,0 @@ -[Unit] -Description=Traefik -Documentation=https://docs.traefik.io -After=network-online.target -AssertFileIsExecutable=/usr/bin/traefik - -[Service] -# Run traefik as its own user (create new user with: useradd -r -s /bin/false -U -M traefik) -User=traefik -AmbientCapabilities=CAP_NET_BIND_SERVICE - -# configure service behavior -Type=notify -ExecStart=/usr/bin/traefik -Restart=always -WatchdogSec=1s - -# lock down system access -# prohibit any operating system and configuration modification -ProtectSystem=strict -# create separate, new (and empty) /tmp and /var/tmp filesystems -PrivateTmp=true -# make /home directories inaccessible -ProtectHome=true -# turns off access to physical devices (/dev/...) -PrivateDevices=true -# make kernel settings (procfs and sysfs) read-only -ProtectKernelTunables=true -# make cgroups /sys/fs/cgroup read-only -ProtectControlGroups=true - -# allow writing of acme.json -ReadWritePaths=/etc/traefik/acme.json -# depending on log and entrypoint configuration, you may need to allow writing to other paths, too - -# limit number of processes in this unit -#LimitNPROC=1 - -[Install] -WantedBy=multi-user.target Copied: traefik/repos/community-x86_64/traefik.service (from rev 1027143, traefik/trunk/traefik.service) =================================================================== --- traefik.service (rev 0) +++ traefik.service 2021-10-03 00:41:15 UTC (rev 1027144) @@ -0,0 +1,40 @@ +[Unit] +Description=Traefik +Documentation=https://docs.traefik.io +After=network-online.target +AssertFileIsExecutable=/usr/bin/traefik + +[Service] +# Run traefik as its own user (create new user with: useradd -r -s /bin/false -U -M traefik) +User=traefik +AmbientCapabilities=CAP_NET_BIND_SERVICE + +# configure service behavior +Type=notify +ExecStart=/usr/bin/traefik +Restart=always +WatchdogSec=1s + +# lock down system access +# prohibit any operating system and configuration modification +ProtectSystem=strict +# create separate, new (and empty) /tmp and /var/tmp filesystems +PrivateTmp=true +# make /home directories inaccessible +ProtectHome=true +# turns off access to physical devices (/dev/...) +PrivateDevices=true +# make kernel settings (procfs and sysfs) read-only +ProtectKernelTunables=true +# make cgroups /sys/fs/cgroup read-only +ProtectControlGroups=true + +# allow writing of acme.json +ReadWritePaths=/etc/traefik/acme.json +# depending on log and entrypoint configuration, you may need to allow writing to other paths, too + +# limit number of processes in this unit +#LimitNPROC=1 + +[Install] +WantedBy=multi-user.target Deleted: traefik.sysusers =================================================================== --- traefik.sysusers 2021-10-03 00:41:07 UTC (rev 1027143) +++ traefik.sysusers 2021-10-03 00:41:15 UTC (rev 1027144) @@ -1 +0,0 @@ -u traefik - "traefik daemon" - Copied: traefik/repos/community-x86_64/traefik.sysusers (from rev 1027143, traefik/trunk/traefik.sysusers) =================================================================== --- traefik.sysusers (rev 0) +++ traefik.sysusers 2021-10-03 00:41:15 UTC (rev 1027144) @@ -0,0 +1 @@ +u traefik - "traefik daemon" -