From bc59807cf03d086a24020cd87352a9fb8165aee1 Mon Sep 17 00:00:00 2001 From: Yury Martynov Date: Thu, 16 May 2019 12:24:54 +0300 Subject: [PATCH] tuntox: new ebuild --- net-vpn/tuntox/files/rules.example | 4 + .../files/tuntox-git-0.0.7_update_env.diff | 25 ++++++ net-vpn/tuntox/files/tuntox.conf | 7 ++ net-vpn/tuntox/files/tuntox.confd | 10 +++ net-vpn/tuntox/files/tuntox.initd | 42 ++++++++++ net-vpn/tuntox/files/tuntox.logrotated | 7 ++ net-vpn/tuntox/metadata.xml | 14 ++++ net-vpn/tuntox/tuntox-0.0.9.ebuild | 1 + net-vpn/tuntox/tuntox-9999.ebuild | 83 +++++++++++++++++++ 9 files changed, 193 insertions(+) create mode 100644 net-vpn/tuntox/files/rules.example create mode 100644 net-vpn/tuntox/files/tuntox-git-0.0.7_update_env.diff create mode 100644 net-vpn/tuntox/files/tuntox.conf create mode 100644 net-vpn/tuntox/files/tuntox.confd create mode 100644 net-vpn/tuntox/files/tuntox.initd create mode 100644 net-vpn/tuntox/files/tuntox.logrotated create mode 100644 net-vpn/tuntox/metadata.xml create mode 120000 net-vpn/tuntox/tuntox-0.0.9.ebuild create mode 100644 net-vpn/tuntox/tuntox-9999.ebuild diff --git a/net-vpn/tuntox/files/rules.example b/net-vpn/tuntox/files/rules.example new file mode 100644 index 000000000..df8437c08 --- /dev/null +++ b/net-vpn/tuntox/files/rules.example @@ -0,0 +1,4 @@ +# /var/lib/tuntox/rules: config file for /usr/sbin/tuntox +# +# List of allowed hostnames and ports. +# Format is hostname:port (Example: 192.168.0.1:2341) diff --git a/net-vpn/tuntox/files/tuntox-git-0.0.7_update_env.diff b/net-vpn/tuntox/files/tuntox-git-0.0.7_update_env.diff new file mode 100644 index 000000000..7fc82a7ee --- /dev/null +++ b/net-vpn/tuntox/files/tuntox-git-0.0.7_update_env.diff @@ -0,0 +1,25 @@ +--- a/main.c 2017-10-23 19:30:01.239197000 +0300 ++++ b/main.c 2017-10-23 22:43:40.960904919 +0300 +@@ -36,11 +36,11 @@ + long int udp_end_port = 0; + + /* Directory with config and tox save */ +-char config_path[500] = "/etc/tuntox/"; ++char config_path[500] = "/var/lib/tuntox/"; + + /* Limit hostname and port in server */ + int nrules = 0; +-char rules_file[500] = "/etc/tuntox/rules"; ++char rules_file[500] = "/var/lib/tuntox/rules"; + enum rules_policy_enum rules_policy = NONE; + rule *rules = NULL; + +@@ -1185,7 +1185,7 @@ + fprintf(stderr, " stdin/stdout (SSH ProxyCommand mode)\n"); + fprintf(stderr, " -p - ping the server from -i and exit\n"); + fprintf(stderr, " Common:\n"); +- fprintf(stderr, " -C - save private key in instead of /etc/tuntox in server\n"); ++ fprintf(stderr, " -C - save private key in instead of /var/lib/tuntox in server\n"); + fprintf(stderr, " mode\n"); + fprintf(stderr, " -s - shared secret used for connection authentication (max\n"); + fprintf(stderr, " %u characters)\n", TOX_MAX_FRIEND_REQUEST_LENGTH-1); diff --git a/net-vpn/tuntox/files/tuntox.conf b/net-vpn/tuntox/files/tuntox.conf new file mode 100644 index 000000000..9e8ce87ad --- /dev/null +++ b/net-vpn/tuntox/files/tuntox.conf @@ -0,0 +1,7 @@ +[program:tuntox] +command = /usr/sbin/tuntox +autostart = true +startsecs = 20 +user = tuntox +redirect_stderr = true +stdout_logfile = /var/log/tuntox/tuntox.log diff --git a/net-vpn/tuntox/files/tuntox.confd b/net-vpn/tuntox/files/tuntox.confd new file mode 100644 index 000000000..6ad93912c --- /dev/null +++ b/net-vpn/tuntox/files/tuntox.confd @@ -0,0 +1,10 @@ +# /etc/conf.d/tuntox: config file for /etc/init.d/tuntox + +# Save private key in instead of /var/lib/tuntox +TUNTOX_HOME_DIR="/var/lib/tuntox" + +# Shared secret used for connection authentication (max 1015 characters) +TUNTOX_SHARED_SECRET="" + +# See more: tuntox -h +TUNTOX_ARGS="-d" diff --git a/net-vpn/tuntox/files/tuntox.initd b/net-vpn/tuntox/files/tuntox.initd new file mode 100644 index 000000000..7aec3f81b --- /dev/null +++ b/net-vpn/tuntox/files/tuntox.initd @@ -0,0 +1,42 @@ +#!/sbin/openrc-run +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +DAEMON="/usr/bin/${RC_SVCNAME}" +PID_DIR=${PID_DIR:-/var/run/${RC_SVCNAME}} +PID_FILE=${PID_DIR}/${RC_SVCNAME}.pid +USER=${RC_SVCNAME} +GROUP=${RC_SVCNAME} + +[ -z "${TUNTOX_HOME_DIR}" ] && TUNTOX_HOME_DIR="/var/lib/tuntox" + +DAEMON_ARGS=("-D -C ${TUNTOX_HOME_DIR} -F ${PID_FILE} -U ${USER} ${TUNTOX_ARGS}") + +depend() { + need net + use netmount +} + +checkconfig() { + if [ ! -d ${PID_DIR} ]; then + checkpath -q -d -o ${USER}:${GROUP} -m 0755 ${PID_DIR} || return 1 + fi + + [ -z "${TUNTOX_SHARED_SECRET}" ] || DAEMON_ARGS+=("-s ${TUNTOX_SHARED_SECRET}") +} + +start() { + checkconfig || return 1 + ebegin "Starting ${RC_SVCNAME}" + start-stop-daemon --start --quiet --pidfile "${PID_FILE}" \ + --user "${USER}" --exec "${DAEMON}" -- ${DAEMON_ARGS[@]} + eend ${?} +} + +stop() { + ebegin "Stopping ${RC_SVCNAME}" + start-stop-daemon --stop --quiet --pidfile "${PID_FILE}" --user "${USER}" + eend ${?} +} + +# vim: set ft=gentoo-init-d ts=4 : diff --git a/net-vpn/tuntox/files/tuntox.logrotated b/net-vpn/tuntox/files/tuntox.logrotated new file mode 100644 index 000000000..be6e15168 --- /dev/null +++ b/net-vpn/tuntox/files/tuntox.logrotated @@ -0,0 +1,7 @@ +/var/log/tuntox/tuntox.log { + compress + daily + rotate 3 + notifempty + missingok +} diff --git a/net-vpn/tuntox/metadata.xml b/net-vpn/tuntox/metadata.xml new file mode 100644 index 000000000..1f3e1654c --- /dev/null +++ b/net-vpn/tuntox/metadata.xml @@ -0,0 +1,14 @@ + + + + + email@linxon.ru + Yury Martynov + + + Tuntox is a program which forwards TCP connections over the Tox + A program which forwards TCP connections over the Tox protocol. This allows + low-latency access to distant machines behind a NAT you can't control or with + a dynamic IP address. + + diff --git a/net-vpn/tuntox/tuntox-0.0.9.ebuild b/net-vpn/tuntox/tuntox-0.0.9.ebuild new file mode 120000 index 000000000..368c698d0 --- /dev/null +++ b/net-vpn/tuntox/tuntox-0.0.9.ebuild @@ -0,0 +1 @@ +tuntox-9999.ebuild \ No newline at end of file diff --git a/net-vpn/tuntox/tuntox-9999.ebuild b/net-vpn/tuntox/tuntox-9999.ebuild new file mode 100644 index 000000000..5aedfd6fb --- /dev/null +++ b/net-vpn/tuntox/tuntox-9999.ebuild @@ -0,0 +1,83 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit eutils git-r3 systemd toolchain-funcs user + +DESCRIPTION="Tunnel TCP connections over the Tox protocol" +HOMEPAGE="https://gdr.name/tuntox https://github.com/gjedeer/tuntox" + +EGIT_REPO_URI="https://github.com/gjedeer/tuntox" +if [[ ${PV} != *9999 ]]; then + EGIT_COMMIT="${PV}" + KEYWORDS="~amd64 ~arm ~arm64 ~x86" +fi + +LICENSE="GPL-3" +SLOT="0" +IUSE="systemd static" + +RDEPEND=" + dev-libs/libevent:=[threads] + net-libs/tox" + +DEPEND="${RDEPEND}" +BDEPEND="virtual/pkgconfig" + +pkg_setup() { + enewgroup ${PN} + enewuser ${PN} -1 -1 /var/lib/${PN} ${PN} +} + +src_prepare() { + # Do not rename binary files + sed -e "s/\$(CC) -o \$@/\$(CC) -o ${PN}/" \ + -i Makefile || die "sed failed!" + + use systemd && ( + sed -e "s/#User=proxy/User=${PN}/" \ + -e "s/#Group=proxy/Group=${PN}/" \ + -i scripts/tuntox.service || die "sed failed!" + ) + + eapply "${FILESDIR}" + eapply_user +} + +src_compile() { + emake CC=$(tc-getCC) \ + tox_bootstrap.h \ + gitversion.h \ + $(usex static "tuntox" "tuntox_nostatic") +} + +src_install() { + for d in lib log; do + keepdir "/var/${d}/${PN}" + fowners ${PN}:${PN} "/var/${d}/${PN}" + fperms 750 "/var/${d}/${PN}" + done + + insinto /var/lib/${PN} + doins "${FILESDIR}"/tuntox.conf "${FILESDIR}"/rules.example + fowners ${PN}:${PN} "/var/lib/${PN}"/{tuntox.conf,rules.example} + + insinto /etc/logrotate.d/ + newins "${FILESDIR}"/tuntox.logrotated ${PN} + + newinitd "${FILESDIR}"/tuntox.initd ${PN} + newconfd "${FILESDIR}"/tuntox.confd ${PN} + use systemd && systemd_dounit scripts/tuntox.service + + dobin ${PN} + dobin scripts/tokssh + + dodoc README.md VPN.md BUILD.md +} + +pkg_postinst() { + ewarn "\nPlease, add yourself to the \"${PN}\" group. This security measure ensures" + ewarn "that only trusted users can use tuntox.\n" + einfo "See documentation: https://github.com/gjedeer/tuntox#introduction\n" +}