Date: Sunday, September 18, 2022 @ 02:47:26
Author: felixonmars
Revision: 1304717
archrelease: copy trunk to community-staging-x86_64
Added:
i2pd/repos/community-staging-x86_64/
i2pd/repos/community-staging-x86_64/010-i2pd-config.patch
(from rev 1304716, i2pd/trunk/010-i2pd-config.patch)
i2pd/repos/community-staging-x86_64/020-i2pd-do-not-override-config.patch
(from rev 1304716, i2pd/trunk/020-i2pd-do-not-override-config.patch)
i2pd/repos/community-staging-x86_64/030-i2pd-systemd-service-hardening.patch
(from rev 1304716, i2pd/trunk/030-i2pd-systemd-service-hardening.patch)
i2pd/repos/community-staging-x86_64/040-i2pd-tunnels-d-readme.patch
(from rev 1304716, i2pd/trunk/040-i2pd-tunnels-d-readme.patch)
i2pd/repos/community-staging-x86_64/PKGBUILD
(from rev 1304716, i2pd/trunk/PKGBUILD)
i2pd/repos/community-staging-x86_64/i2pd.sysusers
(from rev 1304716, i2pd/trunk/i2pd.sysusers)
i2pd/repos/community-staging-x86_64/i2pd.tmpfiles
(from rev 1304716, i2pd/trunk/i2pd.tmpfiles)
------------------------------------------+
010-i2pd-config.patch | 35 ++++++++++
020-i2pd-do-not-override-config.patch | 11 +++
030-i2pd-systemd-service-hardening.patch | 34 ++++++++++
040-i2pd-tunnels-d-readme.patch | 8 ++
PKGBUILD | 93 +++++++++++++++++++++++++++++
i2pd.sysusers | 1
i2pd.tmpfiles | 6 +
7 files changed, 188 insertions(+)
Copied: i2pd/repos/community-staging-x86_64/010-i2pd-config.patch (from rev
1304716, i2pd/trunk/010-i2pd-config.patch)
===================================================================
--- community-staging-x86_64/010-i2pd-config.patch
(rev 0)
+++ community-staging-x86_64/010-i2pd-config.patch 2022-09-18 02:47:26 UTC
(rev 1304717)
@@ -0,0 +1,35 @@
+--- a/contrib/i2pd.conf
++++ b/contrib/i2pd.conf
+@@ -8,19 +8,22 @@
+
+ ## Tunnels config file
+ ## Default: ~/.i2pd/tunnels.conf or /var/lib/i2pd/tunnels.conf
++## Note: /var/lib/i2pd/tunnels.conf is a symlink to /etc/i2pd/tunnels.conf
(use the latter)
+ # tunconf = /var/lib/i2pd/tunnels.conf
+
+ ## Tunnels config files path
+ ## Use that path to store separated tunnels in different config files.
+ ## Default: ~/.i2pd/tunnels.d or /var/lib/i2pd/tunnels.d
++## Note: /var/lib/i2pd/tunnels.d is a symlink to /etc/i2pd/tunnels.d (use the
latter)
+ # tunnelsdir = /var/lib/i2pd/tunnels.d
+
+ ## Path to certificates used for verifying .su3, families
+ ## Default: ~/.i2pd/certificates or /var/lib/i2pd/certificates
++## Note: /var/lib/i2pd/certificates is a symlink to
/usr/share/i2pd/certificates (use the latter)
+ # certsdir = /var/lib/i2pd/certificates
+
+ ## Where to write pidfile (default: i2pd.pid, not used in Windows)
+-# pidfile = /run/i2pd.pid
++# pidfile = /run/i2pd/i2pd.pid
+
+ ## Logging configuration section
+ ## By default logs go to stdout with level 'info' and higher
+@@ -32,7 +35,7 @@
+ ## * syslog - use syslog, see man 3 syslog
+ # log = file
+ ## Path to logfile (default - autodetect)
+-# logfile = /var/log/i2pd/i2pd.log
++logfile = /var/log/i2pd/i2pd.log
+ ## Log messages above this level (debug, info, *warn, error, none)
+ ## If you set it to none, logging will be disabled
+ # loglevel = warn
Copied:
i2pd/repos/community-staging-x86_64/020-i2pd-do-not-override-config.patch (from
rev 1304716, i2pd/trunk/020-i2pd-do-not-override-config.patch)
===================================================================
--- community-staging-x86_64/020-i2pd-do-not-override-config.patch
(rev 0)
+++ community-staging-x86_64/020-i2pd-do-not-override-config.patch
2022-09-18 02:47:26 UTC (rev 1304717)
@@ -0,0 +1,11 @@
+--- a/contrib/i2pd.service
++++ b/contrib/i2pd.service
+@@ -11,7 +11,7 @@ RuntimeDirectoryMode=0700
+ LogsDirectory=i2pd
+ LogsDirectoryMode=0700
+ Type=forking
+-ExecStart=/usr/sbin/i2pd --conf=/etc/i2pd/i2pd.conf
--tunconf=/etc/i2pd/tunnels.conf --tunnelsdir=/etc/i2pd/tunnels.conf.d
--pidfile=/run/i2pd/i2pd.pid --logfile=/var/log/i2pd/i2pd.log --daemon --service
++ExecStart=/usr/bin/i2pd --conf=/var/lib/i2pd/i2pd.conf
--pidfile=/run/i2pd/i2pd.pid --daemon --service
+ ExecReload=/bin/sh -c "kill -HUP $MAINPID"
+ PIDFile=/run/i2pd/i2pd.pid
+ ### Uncomment, if auto restart needed
Copied:
i2pd/repos/community-staging-x86_64/030-i2pd-systemd-service-hardening.patch
(from rev 1304716, i2pd/trunk/030-i2pd-systemd-service-hardening.patch)
===================================================================
--- community-staging-x86_64/030-i2pd-systemd-service-hardening.patch
(rev 0)
+++ community-staging-x86_64/030-i2pd-systemd-service-hardening.patch
2022-09-18 02:47:26 UTC (rev 1304717)
@@ -0,0 +1,34 @@
+--- a/contrib/i2pd.service
++++ b/contrib/i2pd.service
+@@ -33,5 +33,31 @@ LimitNOFILE=4096
+ # To enable write of coredump uncomment this
+ #LimitCORE=infinity
+
++# Hardening options
++PrivateTmp=true
++ProtectSystem=strict
++ProtectHome=true
++PrivateDevices=true
++ProtectKernelTunables=true
++ProtectControlGroups=true
++NoNewPrivileges=true
++MemoryDenyWriteExecute=true
++LockPersonality=true
++SystemCallFilter=@system-service
++RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
++ProtectHostname=true
++ProtectClock=true
++ProtectKernelLogs=true
++ProtectKernelModules=true
++ProtectProc=invisible
++ProcSubset=pid
++PrivateMounts=true
++PrivateUsers=true
++ReadWritePaths=/var/lib/i2pd /var/log/i2pd
++RemoveIPC=true
++RestrictRealtime=true
++RestrictSUIDSGID=true
++SystemCallArchitectures=native
++
+ [Install]
+ WantedBy=multi-user.target
Copied: i2pd/repos/community-staging-x86_64/040-i2pd-tunnels-d-readme.patch
(from rev 1304716, i2pd/trunk/040-i2pd-tunnels-d-readme.patch)
===================================================================
--- community-staging-x86_64/040-i2pd-tunnels-d-readme.patch
(rev 0)
+++ community-staging-x86_64/040-i2pd-tunnels-d-readme.patch 2022-09-18
02:47:26 UTC (rev 1304717)
@@ -0,0 +1,8 @@
+--- a/contrib/tunnels.d/README
++++ b/contrib/tunnels.d/README
+@@ -1,4 +1,4 @@
+-# In that directory you can store separated config files for every tunnel.
++# In the /etc/i2pd/tunnels.d directory you can store separated config files
for every tunnel.
+ # Please read documentation for more info.
+ #
+ # You can find examples in /usr/share/doc/i2pd/tunnels.d directory
Copied: i2pd/repos/community-staging-x86_64/PKGBUILD (from rev 1304716,
i2pd/trunk/PKGBUILD)
===================================================================
--- community-staging-x86_64/PKGBUILD (rev 0)
+++ community-staging-x86_64/PKGBUILD 2022-09-18 02:47:26 UTC (rev 1304717)
@@ -0,0 +1,93 @@
+# Maintainer: Daniel Bermond <dberm...@archlinux.org>
+# Contributor: robertfoster
+# Contributor: kurych
+# Contributor: redfish
+# Contributor: atommixz
+# Contributor: denn
+# Contributor: post-factum
+# Contributor: wrdcrrtmnstr
+# Contributor: r4sas
+
+pkgname=i2pd
+pkgver=2.43.0
+pkgrel=2
+pkgdesc='A full-featured C++ implementation of the I2P router'
+arch=('x86_64')
+url='https://i2pd.website/'
+license=('BSD')
+depends=('boost-libs' 'libminiupnpc.so' 'openssl' 'zlib')
+makedepends=('cmake' 'boost')
+provides=('i2p-router')
+backup=('etc/i2pd/i2pd.conf'
+ 'etc/i2pd/tunnels.conf'
+ 'etc/logrotate.d/i2pd')
+source=("https://github.com/PurpleI2P/i2pd/archive/${pkgver}/${pkgname}-${pkgver}.tar.gz";
+ '010-i2pd-config.patch'
+ '020-i2pd-do-not-override-config.patch'
+ '030-i2pd-systemd-service-hardening.patch'
+ '040-i2pd-tunnels-d-readme.patch'
+ 'i2pd.sysusers'
+ 'i2pd.tmpfiles')
+sha256sums=('db1679653491a411dd16fa329488d840296c8f680e0691f9fe0d0e796e5d7bca'
+ '45dae1e2f798d23df92c996c233fccb07349d62992d0f625be7fd913719875af'
+ 'e98eaa783fcd8e1ab84980f68158e3bb9eb5ec101f26c748946a313152643f11'
+ '2b84d85d4234eb3b640925d0dd244c8abe3b48bc69c8456629af923de17acf10'
+ 'cfcb6b07b67aff3e3af12767f4649d88b9320dc71907b6c01b465e5c138cdaa3'
+ '88b2e709228049ba11f37863f87de75ab6cde295104852871384337cfdc906a3'
+ 'fe8cc2ec83cb5b5c2b2ec8cce9a989e0cb6fd347e00b84e03a17b12efd152fac')
+
+prepare() {
+ patch -d "${pkgname}-${pkgver}" -Np1 -i "${srcdir}/010-i2pd-config.patch"
+ patch -d "${pkgname}-${pkgver}" -Np1 -i
"${srcdir}/020-i2pd-do-not-override-config.patch"
+ patch -d "${pkgname}-${pkgver}" -Np1 -i
"${srcdir}/030-i2pd-systemd-service-hardening.patch"
+ patch -d "${pkgname}-${pkgver}" -Np1 -i
"${srcdir}/040-i2pd-tunnels-d-readme.patch"
+}
+
+build() {
+ cmake \
+ -B "${pkgname}-${pkgver}/build" \
+ -S "${pkgname}-${pkgver}/build" \
+ -DCMAKE_BUILD_TYPE:STRING='None' \
+ -DCMAKE_INSTALL_PREFIX:PATH='/usr' \
+ -DBUILD_SHARED_LIBS:BOOL='ON' \
+ -DWITH_UPNP:BOOL='ON' \
+ -Wno-dev
+ make -C "${pkgname}-${pkgver}/build"
+}
+
+check() {
+ make -C "${pkgname}-${pkgver}/tests"
+}
+
+package() {
+ cd "${pkgname}-${pkgver}"
+ make -C build DESTDIR="$pkgdir" install
+
+ # config
+ install -D -m644 contrib/{i2pd,tunnels}.conf -t "${pkgdir}/etc/i2pd"
+ install -d -m755 "${pkgdir}/etc/i2pd/tunnels.d"
+
+ # certificates
+ install -d -m755 "${pkgdir}/usr/share/i2pd"
+ cp -dr --no-preserve='ownership' contrib/certificates
"${pkgdir}/usr/share/i2pd"
+
+ # systemd
+ install -D -m644 contrib/i2pd.service -t
"${pkgdir}/usr/lib/systemd/system"
+ install -D -m644 "${srcdir}/i2pd.sysusers"
"${pkgdir}/usr/lib/sysusers.d/i2pd.conf"
+ install -D -m644 "${srcdir}/i2pd.tmpfiles"
"${pkgdir}/usr/lib/tmpfiles.d/i2pd.conf"
+
+ # logrotate
+ install -D -m644 contrib/i2pd.logrotate "${pkgdir}/etc/logrotate.d/i2pd"
+
+ # tunnels.d examples
+ install -D -m644 contrib/tunnels.d/{*.conf,README} -t
"${pkgdir}/usr/share/doc/i2pd/tunnels.d"
+
+ # headers
+ install -D -m644 {i18n,libi2pd{,_client}}/*.h -t
"${pkgdir}/usr/include/i2pd"
+
+ # man page
+ install -D -m644 debian/i2pd.1 -t "${pkgdir}/usr/share/man/man1"
+
+ # license
+ install -D -m644 LICENSE -t "${pkgdir}/usr/share/licenses/${pkgname}"
+}
Copied: i2pd/repos/community-staging-x86_64/i2pd.sysusers (from rev 1304716,
i2pd/trunk/i2pd.sysusers)
===================================================================
--- community-staging-x86_64/i2pd.sysusers (rev 0)
+++ community-staging-x86_64/i2pd.sysusers 2022-09-18 02:47:26 UTC (rev
1304717)
@@ -0,0 +1 @@
+u i2pd - "i2pd user" /var/lib/i2pd -
Copied: i2pd/repos/community-staging-x86_64/i2pd.tmpfiles (from rev 1304716,
i2pd/trunk/i2pd.tmpfiles)
===================================================================
--- community-staging-x86_64/i2pd.tmpfiles (rev 0)
+++ community-staging-x86_64/i2pd.tmpfiles 2022-09-18 02:47:26 UTC (rev
1304717)
@@ -0,0 +1,6 @@
+d /var/lib/i2pd 0700 i2pd i2pd - -
+d /var/log/i2pd 0700 i2pd i2pd - -
+L /var/lib/i2pd/i2pd.conf - - - - /etc/i2pd/i2pd.conf
+L /var/lib/i2pd/tunnels.d - - - - /etc/i2pd/tunnels.d
+L /var/lib/i2pd/tunnels.conf - - - - /etc/i2pd/tunnels.conf
+L /var/lib/i2pd/certificates - - - - /usr/share/i2pd/certificates
