diff --git a/.SRCINFO b/.SRCINFO index 8ee027c..1057d5b 100644 --- a/.SRCINFO +++ b/.SRCINFO @@ -1,25 +1,31 @@ pkgbase = gotify-server-bin pkgdesc = A simple server for sending and receiving messages - pkgver = 2.0.23 + pkgver = 2.1.0 pkgrel = 1 url = https://github.com/gotify/server arch = x86_64 + arch = armv7h + arch = aarch64 license = MIT depends = glibc provides = gotify-server conflicts = gotify-server backup = etc/gotify/config.yml - source = https://github.com/gotify/server/releases/download/v2.0.23/gotify-linux-amd64.zip - source = https://raw.githubusercontent.com/gotify/server/v2.0.23/config.example.yml - source = gotify-arch-defaults.patch - source = gotify-server.tmpfiles - source = gotify-server.sysusers + source = https://raw.githubusercontent.com/gotify/server/v2.1.0/config.example.yml + source = config.patch + source = tmpfiles.conf + source = sysusers.conf source = gotify-server.service - sha256sums = 07704cb5fa272cb5919b908716d75fa6f694ad8115ca2fac1f9dfe3ab1b7621c - sha256sums = bb841afcebfd822b9fc26a1910520e36c4d04d2009d93e944e57146a30d7a7b6 - sha256sums = eface4b7901b849cf97fb62c691e37b0bf1dd80e947a3da193379bcf7e92c7b0 + sha256sums = d6f9716c7f67cfb518f3f50a18cbc950ef3e8e9c8ba1f226654dfdd3bf8226d4 + sha256sums = a8a511e2b98fa548391a1602fcfa05df0e10fae6f5904cbfc4202566f2dd8265 sha256sums = 14bd1a9270b089b99d9bbe8ebdd0c208c3f74c7347a792d508ffce75b0e1c641 - sha256sums = 4fbff6e5ade1ec96cff61b4bc933ef7771f63b6df5c8e43323a8fe4d341a5a4d - sha256sums = bcfa3f4cc7ffa44a41ea7247ca4bf879bea6e6e1da79f85ed9bb4141b8501028 + sha256sums = 150a84f2f89d70c147cc3a2dbddb469f262ed2e8b6d3ffcb74eccb49dfdb2a24 + sha256sums = 9aa04ff9a2981aa885d4f8df7467c4d7722aa12de7ae27376a4a11b559a0d1e2 + source_x86_64 = https://github.com/gotify/server/releases/download/v2.1.0/gotify-linux-amd64.zip + sha256sums_x86_64 = 7c2bb7946580d5cc7586033e03216336b133cd57a7ad1661ab6da4915ccbdfce + source_armv7h = https://github.com/gotify/server/releases/download/v2.1.0/gotify-linux-arm-7.zip + sha256sums_armv7h = 1b56be7c8793ce359b755fb96aeb2c209df8f859027e6671b0439ec830ae7a70 + source_aarch64 = https://github.com/gotify/server/releases/download/v2.1.0/gotify-linux-arm64.zip + sha256sums_aarch64 = ba9665812a0966b83f308e209ef6c808774e4ee98eced508a60b08e5b9929715 pkgname = gotify-server-bin diff --git a/PKGBUILD b/PKGBUILD index 2a1604e..20c3339 100644 --- a/PKGBUILD +++ b/PKGBUILD @@ -1,40 +1,42 @@ # Maintainer: buckket -pkgname=gotify-server-bin _pkgname=gotify-server -pkgver=2.0.23 +pkgname=$_pkgname-bin +pkgver=2.1.0 pkgrel=1 pkgdesc='A simple server for sending and receiving messages' -arch=('x86_64') +arch=('x86_64' 'armv7h' 'aarch64') url='https://github.com/gotify/server' depends=('glibc') license=('MIT') provides=('gotify-server') conflicts=('gotify-server') backup=('etc/gotify/config.yml') -source=("$url/releases/download/v${pkgver}/gotify-linux-amd64.zip" - "https://raw.githubusercontent.com/gotify/server/v${pkgver}/config.example.yml" - 'gotify-arch-defaults.patch' - 'gotify-server.tmpfiles' - 'gotify-server.sysusers' +source=("https://raw.githubusercontent.com/gotify/server/v${pkgver}/config.example.yml" + 'config.patch' + 'tmpfiles.conf' + 'sysusers.conf' 'gotify-server.service') -sha256sums=('07704cb5fa272cb5919b908716d75fa6f694ad8115ca2fac1f9dfe3ab1b7621c' - 'bb841afcebfd822b9fc26a1910520e36c4d04d2009d93e944e57146a30d7a7b6' - 'eface4b7901b849cf97fb62c691e37b0bf1dd80e947a3da193379bcf7e92c7b0' +source_x86_64=("$url/releases/download/v${pkgver}/gotify-linux-amd64.zip") +source_armv7h=("$url/releases/download/v${pkgver}/gotify-linux-arm-7.zip") +source_aarch64=("$url/releases/download/v${pkgver}/gotify-linux-arm64.zip") +sha256sums=('d6f9716c7f67cfb518f3f50a18cbc950ef3e8e9c8ba1f226654dfdd3bf8226d4' + 'a8a511e2b98fa548391a1602fcfa05df0e10fae6f5904cbfc4202566f2dd8265' '14bd1a9270b089b99d9bbe8ebdd0c208c3f74c7347a792d508ffce75b0e1c641' - '4fbff6e5ade1ec96cff61b4bc933ef7771f63b6df5c8e43323a8fe4d341a5a4d' - 'bcfa3f4cc7ffa44a41ea7247ca4bf879bea6e6e1da79f85ed9bb4141b8501028') + '150a84f2f89d70c147cc3a2dbddb469f262ed2e8b6d3ffcb74eccb49dfdb2a24' + '9aa04ff9a2981aa885d4f8df7467c4d7722aa12de7ae27376a4a11b559a0d1e2') +sha256sums_x86_64=('7c2bb7946580d5cc7586033e03216336b133cd57a7ad1661ab6da4915ccbdfce') +sha256sums_armv7h=('1b56be7c8793ce359b755fb96aeb2c209df8f859027e6671b0439ec830ae7a70') +sha256sums_aarch64=('ba9665812a0966b83f308e209ef6c808774e4ee98eced508a60b08e5b9929715') prepare() { - patch --follow-symlinks --forward --strip=1 --input="${srcdir}/gotify-arch-defaults.patch" + patch --follow-symlinks --forward -o "$srcdir/config.yml" config.example.yml config.patch } package() { - install -Dm755 gotify-linux-amd64 "${pkgdir}/usr/bin/${_pkgname}" - install -Dm644 config.example.yml "${pkgdir}/etc/gotify/config.yml" - install -Dm644 ${_pkgname}.service -t "${pkgdir}"/usr/lib/systemd/system/ - install -Dm644 ${_pkgname}.tmpfiles "${pkgdir}"/usr/lib/tmpfiles.d/${_pkgname}.conf - install -Dm644 ${_pkgname}.sysusers "${pkgdir}"/usr/lib/sysusers.d/${_pkgname}.conf - install -Dm644 LICENSE -t "${pkgdir}/usr/share/licenses/${_pkgname}/" + install -Dm755 gotify-linux-amd64 "$pkgdir/usr/bin/$_pkgname" + install -Dm644 "$srcdir/config.yml" "$pkgdir/etc/gotify/config.yml" + install -Dm644 gotify-server.service "$pkgdir/usr/lib/systemd/system/$_pkgname.service" + install -Dm644 tmpfiles.conf "$pkgdir/usr/lib/tmpfiles.d/$_pkgname.conf" + install -Dm644 sysusers.conf "$pkgdir/usr/lib/sysusers.d/$_pkgname.conf" } - diff --git a/gotify-arch-defaults.patch b/config.patch similarity index 64% rename from gotify-arch-defaults.patch rename to config.patch index a0bc11c..276b902 100644 --- a/gotify-arch-defaults.patch +++ b/config.patch @@ -1,5 +1,15 @@ ---- a/config.example.yml -+++ b/config.example.yml +diff -ura package.orig/config.example.yml package.new/config.example.yml +--- package.orig/config.example.yml 2020-03-08 14:59:02.828681120 +0100 ++++ package.new/config.example.yml 2020-03-12 02:30:06.273495477 +0100 +@@ -3,7 +3,7 @@ + + server: + listenaddr: "" # the address to bind on, leave empty to bind on all addresses +- port: 80 # the port the HTTP server will listen on ++ port: 9071 # the port the HTTP server will listen on + + ssl: + enabled: false # if https should be enabled @@ -15,7 +15,7 @@ letsencrypt: enabled: false # if the certificate should be requested from letsencrypt @@ -7,15 +17,15 @@ - cache: data/certs # the directory of the cache from letsencrypt + cache: /var/lib/gotify/certs # the directory of the cache from letsencrypt hosts: # the hosts for which letsencrypt should request certificates - - mydomain.tld - - myotherdomain.tld -@@ -31,11 +31,11 @@ - + # - mydomain.tld + # - myotherdomain.tld +@@ -42,12 +43,12 @@ + database: # for database see (configure database section) dialect: sqlite3 - connection: data/gotify.db + connection: /var/lib/gotify/gotify.db - + defaultuser: # on database creation, gotify creates an admin user name: admin # the username of the default user pass: admin # the password of the default user @@ -24,3 +34,4 @@ -pluginsdir: data/plugins # the directory where plugin resides +uploadedimagesdir: /var/lib/gotify/images # the directory for storing uploaded images +pluginsdir: /var/lib/gotify/plugins # the directory where plugin resides + registration: false # enable registrations diff --git a/gotify-server.service b/gotify-server.service index 9be9d8e..12fd68d 100644 --- a/gotify-server.service +++ b/gotify-server.service @@ -1,31 +1,46 @@ [Unit] -Description=gotify +Description=Gotify Server After=network.target +ConditionPathIsDirectory=%L/gotify [Service] +Type=simple User=gotify Group=gotify -Type=simple -WorkingDirectory=~ -StateDirectory=gotify -StateDirectoryMode=0750 -Environment=USER=gotify HOME=/var/lib/gotify ExecStart=/usr/bin/gotify-server -PrivateUsers=true + +ConfigurationDirectory=gotify +LogsDirectory=gotify +StateDirectory=gotify +StateDirectoryMode=0700 +StandardOutput=append:%L/gotify/server.log + +UMask=0027 +CapabilityBoundingSet= +AmbientCapabilities= +LockPersonality=true +MemoryDenyWriteExecute=true +NoNewPrivileges=true PrivateDevices=true PrivateTmp=true +PrivateUsers=true +ProtectClock=true +ProtectControlGroups=true ProtectHome=true -ProtectSystem=strict -ProtectControlGroups=yes +ProtectHostname=true +ProtectKernelLogs=true +ProtectKernelModules=true ProtectKernelTunables=true -ProtectKernelModules=yes -ReadWritePaths=/etc/gotify/config.yml -LockPersonality=true -MemoryDenyWriteExecute=true +ProtectSystem=strict +RemoveIPC=true +RestrictAddressFamilies=AF_INET AF_INET6 +RestrictNamespaces=true RestrictRealtime=true +RestrictSUIDSGID=true SystemCallArchitectures=native +SystemCallErrorNumber=EPERM SystemCallFilter=@system-service +SystemCallFilter=~@privileged @resources [Install] WantedBy=multi-user.target - diff --git a/gotify-server.sysusers b/gotify-server.sysusers deleted file mode 100644 index 1400ab2..0000000 --- a/gotify-server.sysusers +++ /dev/null @@ -1 +0,0 @@ -u gotify - "gotify daemon user" /var/lib/gotify /usr/bin/bash diff --git a/sysusers.conf b/sysusers.conf new file mode 100644 index 0000000..afd04f6 --- /dev/null +++ b/sysusers.conf @@ -0,0 +1,2 @@ +u gotify - "gotify server user" /var/lib/gotify /usr/bin/bash +g gotify - - diff --git a/gotify-server.tmpfiles b/tmpfiles.conf similarity index 100% rename from gotify-server.tmpfiles rename to tmpfiles.conf