diff options
| author | metamuffin <metamuffin@disroot.org> | 2024-10-12 16:39:21 +0200 |
|---|---|---|
| committer | metamuffin <metamuffin@disroot.org> | 2024-10-12 16:39:21 +0200 |
| commit | a9fd82ae18eb67f6288d46d40bc893598922d181 (patch) | |
| tree | 0f8f2d2cef42fcac145d5beb097e76197bc6f232 /gnix | |
| download | pkgbuilds-a9fd82ae18eb67f6288d46d40bc893598922d181.tar pkgbuilds-a9fd82ae18eb67f6288d46d40bc893598922d181.tar.bz2 pkgbuilds-a9fd82ae18eb67f6288d46d40bc893598922d181.tar.zst | |
add existing pkgbuilds
Diffstat (limited to 'gnix')
| -rw-r--r-- | gnix/PKGBUILD | 36 | ||||
| -rw-r--r-- | gnix/config.yaml | 7 | ||||
| -rw-r--r-- | gnix/gnix.service | 34 | ||||
| -rw-r--r-- | gnix/sysusers.conf | 1 |
4 files changed, 78 insertions, 0 deletions
diff --git a/gnix/PKGBUILD b/gnix/PKGBUILD new file mode 100644 index 0000000..d4bd744 --- /dev/null +++ b/gnix/PKGBUILD @@ -0,0 +1,36 @@ +# Maintainer: metamuffin <metamuffin@disroot.org> + +pkgname=gnix +pkgver=2.2.0 +pkgrel=1 +pkgdesc="a simple stupid http reverse proxy" +arch=('i686' 'x86_64' 'armv6h' 'armv7h' 'aarch64') +url="https://codeberg.org/metamuffin/gnix" +license=('AGPL3') +makedepends=('rustup') +backup=('etc/gnix.yaml') +source=("$pkgname-$pkgver.tar.gz::https://codeberg.org/metamuffin/gnix/archive/v$pkgver.tar.gz" + "gnix.service" + "config.yaml" + "sysusers.conf") +sha256sums=('9ff1ebbf496c7c1df613fc46820091b92775816785d0026ddced6012204e8b1c' + 'a80df54a4e44960decf43ad618dc1afef9cc498370460362e91646ac3f95358e' + 'dae3df7d0d521b075d16ab518bc321a63bc0ca7822b814aed6e00402577d380b' + '9e03be16b1b3dd4c0d0e5feb5c31221758b68a54bad5ba7232e8565d766ea620') + +prepare() { + cd "gnix" + cargo +nightly fetch --locked --target "$CHOST" +} +build() { + cd "gnix" + cargo +nightly build --frozen --release --target "$CHOST" +} +package() { + install -Dm755 gnix/target/$CHOST/release/gnix "$pkgdir/usr/bin/gnix" + install -Dm644 gnix/src/modules/auth/login.html "$pkgdir/usr/share/gnix/login.html" + install -Dm644 config.yaml "$pkgdir/etc/gnix.yaml" + install -Dm644 sysusers.conf "$pkgdir/usr/lib/sysusers.d/gnix.conf" + install -Dm644 gnix.service "$pkgdir/usr/lib/systemd/system/gnix.service" + install -Dm644 gnix/COPYING "$pkgdir/usr/share/licenses/gnix/COPYING" +} diff --git a/gnix/config.yaml b/gnix/config.yaml new file mode 100644 index 0000000..85dc121 --- /dev/null +++ b/gnix/config.yaml @@ -0,0 +1,7 @@ +http: + bind: "0.0.0.0:80" + +handler: !hosts + "example.org": !files + root: "/srv/http" + index: true diff --git a/gnix/gnix.service b/gnix/gnix.service new file mode 100644 index 0000000..95593f5 --- /dev/null +++ b/gnix/gnix.service @@ -0,0 +1,34 @@ +[Unit] +Description=gnix http reverse proxy +After=network.target +Wants=network-online.target + +[Service] +AmbientCapabilities=CAP_NET_BIND_SERVICE +CapabilityBoundingSet=CAP_NET_BIND_SERVICE +ExecStart=/usr/bin/gnix /etc/gnix.yaml +User=gnix +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +PrivateDevices=true +PrivateTmp=true +ProtectClock=yes +ProtectControlGroups=yes +ProtectHome=true +ProtectHostname=yes +ProtectKernelLogs=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +ProtectSystem=full +RestrictAddressFamilies=~AF_PACKET AF_NETLINK +RestrictNamespaces=yes +RestrictSUIDSGID=yes +RestrictRealtime=yes +Restart=always +SystemCallArchitectures=native +SystemCallFilter=@system-service +Type=simple + +[Install] +WantedBy=multi-user.target diff --git a/gnix/sysusers.conf b/gnix/sysusers.conf new file mode 100644 index 0000000..f452f5d --- /dev/null +++ b/gnix/sysusers.conf @@ -0,0 +1 @@ +u gnix - "gnix http reverse proxy" - - |