diff options
-rw-r--r-- | net-dns/dnscrypt-proxy/Manifest | 1 | ||||
-rw-r--r-- | net-dns/dnscrypt-proxy/dnscrypt-proxy-2.1.3.ebuild | 102 |
2 files changed, 103 insertions, 0 deletions
diff --git a/net-dns/dnscrypt-proxy/Manifest b/net-dns/dnscrypt-proxy/Manifest index a56cbe5c3d84..5abee8223fa2 100644 --- a/net-dns/dnscrypt-proxy/Manifest +++ b/net-dns/dnscrypt-proxy/Manifest @@ -1 +1,2 @@ DIST dnscrypt-proxy-2.1.2.tar.gz 6792121 BLAKE2B f6e69e9b7bba5bcaf49f710c78fc1b9607a8e791ad222da7af2a129de4807ecf87ddb7289aa79132a0d5ada588d2557beff618a79a341d168674bda7c8ba58ee SHA512 1b3598d60abc70141127aaaab5bf8bfaa76239d33e4220664dadd47f09544553e06eba6d82e5daf2c44c6da9c3c21c53683c2ff33db63257b782ad48c534bd54 +DIST dnscrypt-proxy-2.1.3.tar.gz 6891950 BLAKE2B e23bb64a4c9153ac19420b68f4a698e63b393ab66aa2801e87328093444156f24605d3c0ff1aa80ea21be6f255b71cd3d5b0af087d8080fdf55026b3b473003d SHA512 72a63f57f643950a010f7659e705cb1ac8ce9c27386c42112bd9396be61426d1d23419c40e551f12a7e861a022235db710e6cd345c2052dbf9555d2b7dbd362f diff --git a/net-dns/dnscrypt-proxy/dnscrypt-proxy-2.1.3.ebuild b/net-dns/dnscrypt-proxy/dnscrypt-proxy-2.1.3.ebuild new file mode 100644 index 000000000000..cb37a3d211ee --- /dev/null +++ b/net-dns/dnscrypt-proxy/dnscrypt-proxy-2.1.3.ebuild @@ -0,0 +1,102 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit fcaps go-module systemd + +DESCRIPTION="A flexible DNS proxy, with support for encrypted DNS protocols" +HOMEPAGE="https://github.com/DNSCrypt/dnscrypt-proxy" + +if [[ ${PV} == 9999 ]]; then + EGIT_REPO_URI="https://github.com/DNSCrypt/dnscrypt-proxy.git" + inherit git-r3 +else + SRC_URI="https://github.com/DNSCrypt/dnscrypt-proxy/archive/${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86" +fi + +LICENSE="Apache-2.0 BSD ISC MIT MPL-2.0" +SLOT="0" +IUSE="+pie" + +RDEPEND=" + acct-group/dnscrypt-proxy + acct-user/dnscrypt-proxy +" + +FILECAPS=( cap_net_bind_service+ep usr/bin/dnscrypt-proxy ) + +PATCHES=( + "${FILESDIR}"/${PN}-2.1.2-config-full-paths.patch +) + +src_compile() { + pushd "${PN}" >/dev/null || die + go build -v -x -mod=readonly -mod=vendor -buildmode="$(usex pie pie default)" || die + popd >/dev/null || die +} + +src_test() { + cd "${PN}" || die + go test -mod=vendor -buildmode="$(usex pie pie default)" || die "Failed to run tests" +} + +src_install() { + pushd "${PN}" >/dev/null || die + + dobin dnscrypt-proxy + + insinto /etc/dnscrypt-proxy + newins example-dnscrypt-proxy.toml dnscrypt-proxy.toml + doins example-{allowed,blocked}-{ips.txt,names.txt} + doins example-{cloaking-rules.txt,forwarding-rules.txt} + + popd >/dev/null || die + + insinto /usr/share/dnscrypt-proxy + doins -r "utils/generate-domains-blocklist/." + + newinitd "${FILESDIR}"/dnscrypt-proxy.initd dnscrypt-proxy + newconfd "${FILESDIR}"/dnscrypt-proxy.confd dnscrypt-proxy + + systemd_newunit "${FILESDIR}"/dnscrypt-proxy.service dnscrypt-proxy.service + systemd_newunit "${FILESDIR}"/dnscrypt-proxy.socket dnscrypt-proxy.socket + + insinto /etc/logrotate.d + newins "${FILESDIR}"/dnscrypt-proxy.logrotate dnscrypt-proxy + + einstalldocs +} + +pkg_postinst() { + fcaps_pkg_postinst + + if ! use filecaps; then + ewarn "'filecaps' USE flag is disabled" + ewarn "${PN} will fail to listen on port 53" + ewarn "please do one the following:" + ewarn "1) re-enable 'filecaps'" + ewarn "2) change port to > 1024" + ewarn "3) configure to run ${PN} as root (not recommended)" + ewarn + fi + + if systemd_is_booted || has_version sys-apps/systemd; then + elog "Using systemd socket activation may cause issues with speed" + elog "latency and reliability of ${PN} and is discouraged by upstream" + elog "Existing installations advised to disable 'dnscrypt-proxy.socket'" + elog "It is disabled by default for new installations" + elog "check "$(systemd_get_systemunitdir)/${PN}.service" for details" + elog + + fi + + elog "After starting the service you will need to update your" + elog "${EROOT}/etc/resolv.conf and replace your current set of resolvers" + elog "with:" + elog + elog "nameserver 127.0.0.1" + elog + elog "Also see https://github.com/DNSCrypt/${PN}/wiki" +} |