gentoo resync : 12.05.2022

7 files changed, 147 insertions, 0 deletions

diff --git a/net-vpn/headscale/Manifest b/net-vpn/headscale/Manifest
new file mode 100644
index 000000000000..5a2c81d4424d
--- /dev/null
+++ b/net-vpn/headscale/Manifest
@@ -0,0 +1,8 @@
+AUX config-socket.patch 503 BLAKE2B 508c1837f4d026d7afb4729aa57a988db2fcbc70eaa8be00e2c2614f803e1e448d90baee21513391494d59f2fb670faa71eaa9cd797b35be4a87c5b56601f2bc SHA512 9654582bc6175aa743951d25e7b426ab0a3a4676ad001daf052105db2fe11a5562a40d26ded998b4d650b4a10ddca8c0729550165e88184eadb61893bbaec37a
+AUX headscale.confd 165 BLAKE2B 0bf5013e2820c4a9dcae234b61a9e1c5bc6b45903eb6b5687ccb561f4857c2b68332a610e7a813fd967fce10f0a1028e3a989e2575fff8dd9abc35121d642e09 SHA512 ff1e354e60ffd912be4c36712228550e70d9bc66928aeaf470504875fe68a04ed1de3b0d5a96ec7980c8957bc42912da643737d32631c379f3e72cd53b0adffd
+AUX headscale.initd 846 BLAKE2B 91b558868dfcb4046a1d9c09d87154a979a4e7c7b1c4caa1d5a38ca2d97af3fdf81171f4e6ba206f95f560937ccabcd1981cc6d741d87037bdda5c9412aec8e6 SHA512 7e152c141b352c22ada47b93895dd3796737e525836b038bf36e48347e24425b2b4b7bd2f599abfd428ccf271aa100c31a5d8c01438ea15597d08a36761639c4
+AUX headscale.service 459 BLAKE2B 0c8d9b82cf3a9065fc9a57a0b0670a4cdb57cf62b27d1aac5c6823581b398c073922a142e07ef11d9867184e96981c314a6ce964d5f126dae51cabcba360ad50 SHA512 318b7394fe8232c461415438eed878962a429d4a47b7ffcb55f9aaec711c851aa59135bb5b9115b898d5ec2ae078fbaf1926052cfe44e6aafa44617e0ebffb37
+DIST headscale-0.15.0-deps.tar.xz 199844288 BLAKE2B 17c9e4a8877ee05f75f08c20794f6c084019f4554769ebabfc8d37e1ec309ac0cc2d18d341db241927df4ba3e43da39e8acb6a33a4a68435f9b3d3f7aebc098b SHA512 aa942787a4bc8644bb5e041fef293fd53a8d4ebc84faa8964c56fe9022b0359cd08ddd568898bc8fa4b2bc358f4c911b8a204438d676c5c4030bd89612d01c01
+DIST headscale-0.15.0.tar.gz 311959 BLAKE2B e4bcbf431c3b903024df95782b4070591e30439263796258f9a3cc07c7a2f4ea3f9895fb2869b642d6c37dc92fe492cc9d3b78261d8faa0a8e2c9eba3906aa20 SHA512 29b867f109e48bf04ab4f8a81bfab94155050f59f6c2aa2b4971567a7fb24ed343b869636e66e9cbb7b1b8df7d7415e769a85a7c3864d0fae169c15b6c7b6eb2
+EBUILD headscale-0.15.0-r1.ebuild 1242 BLAKE2B f9a9eb66887732fe3fd5e1b4b51eabd1dfdac95eba869877d0e343cb53dcb9a4982efa17f40e09a0d5ff48fa450de872354207418e836d37fce93b8704a4c1df SHA512 efc09de2df1c53477cef5ebb6360cc5fc57ec477f9eb08430c1a8fd6dec601be3e0b982273654d08ef6b172ac6431fa2bdc3e405946e3d4d98a165efd9b88566
+MISC metadata.xml 500 BLAKE2B 7dc95b76985ac9cb40ac5f12de2739f6e8f9f4f4a68a0bb397968c7419900c52c6233df1ce7eefa369de0a66cfa07ce8ec71624a6111d72e8c91553012169228 SHA512 d5b77a9da9eba9bdf9ba2ce675f92ca058f145f5bebc3546ad7acbff8140c16915afdf153bba8aacd2ce5130d7427cdaedef64efcb368546da91cbac8b5495e1
diff --git a/net-vpn/headscale/files/config-socket.patch b/net-vpn/headscale/files/config-socket.patch
new file mode 100644
index 000000000000..4d6c90e3f0f5
--- /dev/null
+++ b/net-vpn/headscale/files/config-socket.patch
@@ -0,0 +1,13 @@
+diff --git a/config-example.yaml b/config-example.yaml
+index dee25cb..007d8ec 100644
+--- a/config-example.yaml
++++ b/config-example.yaml
+@@ -202,7 +202,7 @@ dns_config:
+ # Unix socket used for the CLI to connect without authentication
+ # Note: for local development, you probably want to change this to:
+ # unix_socket: ./headscale.sock
+-unix_socket: /var/run/headscale.sock
++unix_socket: /run/headscale.sock
+ unix_socket_permission: "0770"
+ #
+ # headscale supports experimental OpenID connect support,
diff --git a/net-vpn/headscale/files/headscale.confd b/net-vpn/headscale/files/headscale.confd
new file mode 100644
index 000000000000..5bf65c68e358
--- /dev/null
+++ b/net-vpn/headscale/files/headscale.confd
@@ -0,0 +1,8 @@
+HEADSCALE_USER=headscale
+HEADSCALE_GROUP=headscale
+
+# max number of open files (for floodfill)
+rc_ulimit="-n 4096"
+
+# Options to headscale
+HEADSCALE_OPTIONS="serve"
diff --git a/net-vpn/headscale/files/headscale.initd b/net-vpn/headscale/files/headscale.initd
new file mode 100644
index 000000000000..5a98c0e6cb34
--- /dev/null
+++ b/net-vpn/headscale/files/headscale.initd
@@ -0,0 +1,29 @@
+#!/sbin/openrc-run
+# Copyright 2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+description="Headscale Server daemon"
+command="/usr/bin/headscale"
+user="${HEADSCALE_USER}:${HEADSCALE_GROUP}"
+directory="/var/lib/headscale"
+output_log="/var/log/headscale.log"
+error_log="/var/log/headscale.log"
+
+start_stop_daemon_args="--user \"${user}\" ${HEADSCALE_OPTIONS} --background"
+
+depend() {
+	need net
+}
+
+start_pre() {
+	if [ ! -s /etc/headscale/config.yaml ] ; then
+		eerror "Missing headscale configuration file"
+		eerror "Please check the documentation directory for an example"
+		return 1
+	fi
+
+	checkpath -d -m 700 -o "${user}" /run/headscale /var/lib/headscale
+	checkpath -f -m 600 -o "${user}" /var/lib/headscale/db.sqlite /var/log/headscale.log
+	checkpath -f -m 600 -o "${user}" /etc/headscale/config.yaml
+}
+
diff --git a/net-vpn/headscale/files/headscale.service b/net-vpn/headscale/files/headscale.service
new file mode 100644
index 000000000000..fb27b40d4e31
--- /dev/null
+++ b/net-vpn/headscale/files/headscale.service
@@ -0,0 +1,24 @@
+[Unit]
+Description=headscale controller
+After=syslog.target
+After=network.target
+
+[Service]
+Type=simple
+User=headscale
+Group=headscale
+ExecStart=/usr/bin/headscale serve
+Restart=always
+RestartSec=5
+
+# Optional security enhancements
+NoNewPrivileges=yes
+PrivateTmp=yes
+ProtectSystem=strict
+ProtectHome=yes
+ReadWritePaths=/var/lib/headscale /run/headscale
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+RuntimeDirectory=headscale
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-vpn/headscale/headscale-0.15.0-r1.ebuild b/net-vpn/headscale/headscale-0.15.0-r1.ebuild
new file mode 100644
index 000000000000..856fe17a4444
--- /dev/null
+++ b/net-vpn/headscale/headscale-0.15.0-r1.ebuild
@@ -0,0 +1,49 @@
+# Copyright 2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit go-module systemd
+
+DESCRIPTION="An open source, self-hosted implementation of the Tailscale control server"
+HOMEPAGE="https://github.com/juanfont/headscale"
+SRC_URI="https://github.com/juanfont/headscale/archive/v${PV}.tar.gz -> ${P}.tar.gz
+	https://dev.gentoo.org/~jsmolic/distfiles/net-vpn/headscale/${P}-deps.tar.xz
+"
+
+LICENSE="BSD Apache-2.0 MIT"
+SLOT="0"
+KEYWORDS="~amd64"
+
+DEPEND="
+	acct-group/headscale
+	acct-user/headscale
+"
+RDEPEND="
+	${DEPEND}
+	net-firewall/iptables
+"
+
+PATCHES=(
+	"${FILESDIR}"/config-socket.patch
+)
+
+src_compile() {
+	emake version=v${PV}
+}
+
+src_install() {
+	dobin headscale
+	dodoc -r docs/* config-example.yaml
+	keepdir /etc/headscale /var/lib/headscale
+	systemd_dounit "${FILESDIR}"/headscale.service
+	newconfd "${FILESDIR}"/headscale.confd headscale
+	newinitd "${FILESDIR}"/headscale.initd headscale
+	fowners -R ${PN}:${PN} /etc/headscale /var/lib/headscale
+}
+
+pkg_postinst() {
+	[[ -f "${EROOT}"/etc/headscale/config.yaml ]] && return
+	elog "Please create ${EROOT}/etc/headscale/config.yaml before starting the service"
+	elog "An example is in ${EROOT}/usr/share/doc/${PV}/config-example.yaml"
+}
diff --git a/net-vpn/headscale/metadata.xml b/net-vpn/headscale/metadata.xml
new file mode 100644
index 000000000000..73d345656db7
--- /dev/null
+++ b/net-vpn/headscale/metadata.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person" proxied="yes">
+		<email>chris@lesscrowds.org</email>
+		<name>Chris Su</name>
+	</maintainer>
+	<maintainer type="person" proxied="proxy">
+		<email>dlan@gentoo.org</email>
+		<name>Yixun Lan</name>
+	</maintainer>
+	<maintainer type="person" proxied="proxy">
+		<email>jsmolic@gentoo.org</email>
+		<name>Jakov Smolić</name>
+	</maintainer>
+</pkgmetadata>