|
| 1 | +# Copyright 1999-2020 Gentoo Authors |
| 2 | +# Distributed under the terms of the GNU General Public License v2 |
| 3 | + |
| 4 | +EAPI=7 |
| 5 | + |
| 6 | +EGO_PN="github.com/DNSCrypt/${PN}" |
| 7 | + |
| 8 | +inherit fcaps go-module systemd |
| 9 | + |
| 10 | +if [[ ${PV} == 9999 ]]; then |
| 11 | + inherit git-r3 |
| 12 | + EGIT_REPO_URI="https://${EGO_PN}.git" |
| 13 | +else |
| 14 | + SRC_URI="https://${EGO_PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" |
| 15 | + KEYWORDS="~amd64 ~arm ~ppc64 ~x86" |
| 16 | +fi |
| 17 | + |
| 18 | +DESCRIPTION="A flexible DNS proxy, with support for encrypted DNS protocols" |
| 19 | +HOMEPAGE="https://github.com/jedisct1/dnscrypt-proxy" |
| 20 | + |
| 21 | +LICENSE="Apache-2.0 BSD ISC MIT MPL-2.0" |
| 22 | +SLOT="0" |
| 23 | +IUSE="pie" |
| 24 | + |
| 25 | +BDEPEND=">=dev-lang/go-1.13" |
| 26 | + |
| 27 | +RDEPEND=" |
| 28 | + acct-group/dnscrypt-proxy |
| 29 | + acct-user/dnscrypt-proxy |
| 30 | +" |
| 31 | + |
| 32 | +FILECAPS=( cap_net_bind_service+ep usr/bin/dnscrypt-proxy ) |
| 33 | + |
| 34 | +PATCHES=( "${FILESDIR}"/config-full-paths-r11.patch ) |
| 35 | + |
| 36 | +src_compile() { |
| 37 | + pushd "${PN}" >/dev/null || die |
| 38 | + go build -v -x -mod=readonly -mod=vendor -buildmode="$(usex pie pie default)" || die |
| 39 | + popd >/dev/null || die |
| 40 | +} |
| 41 | + |
| 42 | +src_install() { |
| 43 | + pushd "${PN}" >/dev/null || die |
| 44 | + |
| 45 | + dobin dnscrypt-proxy |
| 46 | + |
| 47 | + insinto /etc/dnscrypt-proxy |
| 48 | + newins example-dnscrypt-proxy.toml dnscrypt-proxy.toml |
| 49 | + doins example-{blacklist.txt,whitelist.txt} |
| 50 | + doins example-{cloaking-rules.txt,forwarding-rules.txt} |
| 51 | + |
| 52 | + popd >/dev/null || die |
| 53 | + |
| 54 | + insinto /usr/share/dnscrypt-proxy |
| 55 | + doins -r "utils/generate-domains-blacklists/." |
| 56 | + |
| 57 | + newinitd "${FILESDIR}"/dnscrypt-proxy.initd dnscrypt-proxy |
| 58 | + newconfd "${FILESDIR}"/dnscrypt-proxy.confd dnscrypt-proxy |
| 59 | + |
| 60 | + systemd_newunit "${FILESDIR}"/dnscrypt-proxy.service dnscrypt-proxy.service |
| 61 | + systemd_newunit "${FILESDIR}"/dnscrypt-proxy.socket dnscrypt-proxy.socket |
| 62 | + |
| 63 | + insinto /etc/logrotate.d |
| 64 | + newins "${FILESDIR}"/dnscrypt-proxy.logrotate dnscrypt-proxy |
| 65 | + |
| 66 | + einstalldocs |
| 67 | +} |
| 68 | + |
| 69 | +pkg_postinst() { |
| 70 | + fcaps_pkg_postinst |
| 71 | + go-module_pkg_postinst |
| 72 | + |
| 73 | + if ! use filecaps; then |
| 74 | + ewarn "'filecaps' USE flag is disabled" |
| 75 | + ewarn "${PN} will fail to listen on port 53" |
| 76 | + ewarn "please do one the following:" |
| 77 | + ewarn "1) re-enable 'filecaps'" |
| 78 | + ewarn "2) change port to > 1024" |
| 79 | + ewarn "3) configure to run ${PN} as root (not recommended)" |
| 80 | + ewarn |
| 81 | + fi |
| 82 | + |
| 83 | + if systemd_is_booted || has_version sys-apps/systemd; then |
| 84 | + elog "Using systemd socket activation may cause issues with speed" |
| 85 | + elog "latency and reliability of ${PN} and is discouraged by upstream" |
| 86 | + elog "Existing installations advised to disable 'dnscrypt-proxy.socket'" |
| 87 | + elog "It is disabled by default for new installations" |
| 88 | + elog "check "$(systemd_get_systemunitdir)/${PN}.service" for details" |
| 89 | + elog |
| 90 | + |
| 91 | + fi |
| 92 | + |
| 93 | + elog "After starting the service you will need to update your" |
| 94 | + elog "/etc/resolv.conf and replace your current set of resolvers" |
| 95 | + elog "with:" |
| 96 | + elog |
| 97 | + elog "nameserver 127.0.0.1" |
| 98 | + elog |
| 99 | + elog "Also see https://github.com/DNSCrypt/${PN}/wiki" |
| 100 | +} |
0 commit comments