tjh.dev / pkgs
Arch PKGBUILDs for https://tangled.org/@tangled.org/core
arch pkgbuild
fork atom

generate packages

tjh.dev 7ddc7e4b 66b6e1fd

+259 -92
+7 -3
.gitignore
··· 1 - core 2 - src 3 - pkg 1 + /knotserver/tangled_*/ 2 + /knotserver-git/tangled/ 3 + /knotserver/src 4 + /knotserver-git/src 5 + /knotserver/pkg 6 + /knotserver-git/pkg 7 + *.log 4 8 *.zst
+1 -47
README.md
··· 1 1 # pkgs 2 2 3 - PKGBUILD for my [@tangled.sh](https://tangled.sh/@tangled.sh/core) knotserver setup on [Arch Linux](https://archlinux.org) (because I just can't get my head around nix). 4 - 5 - ## Install 6 - 7 - ```bash 8 - makepkg -D knotserver --install 9 - ``` 10 - 11 - Yay! 12 - 13 - ## Additional steps ... 14 - 15 - ### Secrets 16 - Obtain a server secret from [/knots](https://tangled.sh/knots), and set `KNOT_SERVER_SECRET` in `/etc/tangled/knotserver`. 17 - 18 - ```bash 19 - echo 'KNOT_SERVER_SECRET="..."' > /etc/tangled/knotserver 20 - ``` 21 - 22 - ### Hostname 23 - 24 - Either set `/etc/hostname` to the host's FQDN, or override `KNOT_SERVER_HOSTNAME` in `knotserver.service` 25 - 26 - ```bash 27 - systemctl edit knotserver.service <<EOF 28 - [Service] 29 - Environment="KNOT_SERVER_HOSTNAME=..." 30 - EOF 31 - ```` 32 - 33 - ### Reverse Proxy 34 - 35 - Setup a reverse-proxy to forward `https` requests to `http://localhost:5555`, with a valid SSL certificate. 36 - 37 - ## Running 38 - 39 - ```bash 40 - systemctl enable --now knotserver.service 41 - ``` 42 - 43 - ## SSH 44 - 45 - To permit `git` pushes over SSH, enable the `sshd_config.d` drop-in, and modify the `git` user created by the [extra/git](https://archlinux.org/packages/extra/x86_64/git/) package. 3 + PKGBUILDs for [@tangled.sh](https://tangled.sh/@tangled.sh/core) on [Arch](https://archlinux.org). 46 4 47 - ```bash 48 - ln -s /usr/lib/systemd/sshd_config.d/knotserver.conf /etc/ssh/sshd_config.d/30-knotserver.conf 49 - usermod -s /usr/bin/bash -d /var/lib/tangled git 50 - ```
+10
conf.sh
··· 1 + knotserver_user=git 2 + knotserver_group=git 3 + 4 + # Path knotserver database files will be stored. 5 + knotserver_db_path=/var/lib/knotserver 6 + 7 + # Path knotserver hosted git repositories will be stored. 8 + knotserver_repo_path=/var/lib/tangled 9 + 10 + knotserver_log_directory=/var/log/knotserver
+22
knotserver-git/.SRCINFO
··· 1 + pkgbase = knotserver-git 2 + pkgdesc = git collaboration platform built on ATproto 3 + pkgver = 1.2.0.alpha.r3.g7f1717e 4 + pkgrel = 1 5 + url = https://tangled.sh/@tangled.sh/core 6 + install = knotserver.install 7 + arch = x86_64 8 + license = MIT 9 + makedepends = go 10 + depends = git 11 + conflicts = knotserver 12 + options = strip 13 + source = tangled::git+https://tangled.sh/@tangled.sh/core 14 + source = knotserver.service 15 + source = knotserver-sshd.conf 16 + source = knotserver-tmpfiles.conf 17 + sha256sums = SKIP 18 + sha256sums = 8d243e1bc0d2e51079550929019d18811679127e6af6aabeed60cd907ffaab32 19 + sha256sums = 8b121f30276d83ca52f793e708731fd6985118a2ff2105cd3f603523dc11d8d8 20 + sha256sums = 30d0b9df2419c22f930649273e006faa1bdab740f03c47d740c941db45dc951e 21 + 22 + pkgname = knotserver-git
+52
knotserver-git/PKGBUILD
··· 1 + _pkgname=knotserver 2 + pkgname=${_pkgname}-git 3 + pkgdesc='git collaboration platform built on ATproto' 4 + pkgver=1.2.0.alpha.r3.g7f1717e 5 + pkgrel=1 6 + license=(MIT) 7 + arch=(x86_64) 8 + url=https://tangled.sh/@tangled.sh/core 9 + depends=(git) 10 + conflicts=(knotserver) 11 + makedepends=(go) 12 + options=(strip) 13 + install=${_pkgname}.install 14 + source=("tangled::git+$url" 15 + ${_pkgname}.service 16 + ${_pkgname}-sshd.conf 17 + ${_pkgname}-tmpfiles.conf) 18 + sha256sums=('SKIP' 19 + '8d243e1bc0d2e51079550929019d18811679127e6af6aabeed60cd907ffaab32' 20 + '8b121f30276d83ca52f793e708731fd6985118a2ff2105cd3f603523dc11d8d8' 21 + '30d0b9df2419c22f930649273e006faa1bdab740f03c47d740c941db45dc951e') 22 + 23 + pkgver() { 24 + cd ${srcdir}/tangled 25 + git describe --long --tags --abbrev=7 | sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g' 26 + } 27 + 28 + build() { 29 + mkdir -p ${srcdir}/build 30 + 31 + export CGO_ENABLED=1 32 + export CGO_CPPFLAGS="${CPPFLAGS}" 33 + export CGO_CFLAGS="${CFLAGS}" 34 + export CGO_CXXFLAGS="${CXXFLAGS}" 35 + export CGO_LDFLAGS="${LDFLAGS}" 36 + export GOFLAGS="-buildmode=pie -trimpath -ldflags=-linkmode=external -mod=readonly -modcacherw" 37 + 38 + cd ${srcdir}/tangled 39 + go build -o "${srcdir}/build/knotserver" ./cmd/knotserver 40 + go build -o "${srcdir}/build/repoguard" ./cmd/repoguard 41 + go build -o "${srcdir}/build/keyfetch" ./cmd/keyfetch 42 + } 43 + 44 + package() { 45 + install -Dm644 "${srcdir}/${_pkgname}.service" "${pkgdir}/usr/lib/systemd/system/${_pkgname}.service" 46 + install -Dm644 "${srcdir}/${_pkgname}-tmpfiles.conf" "${pkgdir}/usr/lib/tmpfiles.d/${_pkgname}.conf" 47 + install -Dm644 "${srcdir}/${_pkgname}-sshd.conf" "${pkgdir}/usr/lib/systemd/sshd_config.d/${_pkgname}.conf" 48 + install -Dm755 "${srcdir}/build/knotserver" "${pkgdir}/usr/bin/knotserver" 49 + install -Dm755 "${srcdir}/build/repoguard" "${pkgdir}/usr/bin/repoguard" 50 + install -Dm755 "${srcdir}/build/keyfetch" "${pkgdir}/usr/bin/keyfetch" 51 + install -Dm644 "${srcdir}/tangled/license" "${pkgdir}/usr/share/licenses/knotserver/LICENSE" 52 + }
+3
knotserver-git/knotserver-sshd.conf
··· 1 + Match User git 2 + AuthorizedKeysCommand /usr/bin/keyfetch -git-path /var/lib/tangled -repoguard-path /usr/bin/repoguard -log-path /var/log/knotserver/keyfetch.log 3 + AuthorizedKeysCommandUser nobody
+2
knotserver-git/knotserver-tmpfiles.conf
··· 1 + d /etc/tangled 700 root root 2 + d /var/lib/tangled 755 git git -
+15
knotserver-git/knotserver.install
··· 1 + post_install() { 2 + echo 3 + echo knotserver installed, with repositories stored in: /var/lib/tangled 4 + echo 5 + echo Remember to set 'KNOT_SERVER_SECRET="..."' in /etc/tangled/knotserver 6 + echo and 'KNOT_SERVER_HOSTNAME' if 'hostname' does not return the FQDN 7 + echo of your knot. 8 + echo 9 + echo To enable git push over ssh for tangled repositories, run: 10 + echo " ln -s /usr/lib/systemd/sshd_config.d/knotserver.conf /etc/ssh/sshd_config.d/30-knotserver.conf" 11 + echo " usermod -s /usr/bin/bash -d /var/lib/tangled git" 12 + echo 13 + echo and reload sshd 14 + echo 15 + }
+28
knotserver-git/knotserver.service
··· 1 + [Unit] 2 + Description=tangled knot server 3 + After=network.target network-online.target 4 + Wants=network-online.target 5 + AssertPathExists=/var/lib/knotserver 6 + AssertPathExists=/var/lib/tangled 7 + 8 + [Service] 9 + Environment="KNOT_SERVER_HOSTNAME=%H" 10 + Environment="KNOT_SERVER_LISTEN_ADDR=127.0.0.1:5555" 11 + Environment="KNOT_REPO_SCAN_PATH=/var/lib/tangled" 12 + EnvironmentFile=-/etc/tangled/knotserver 13 + 14 + WorkingDirectory=/var/lib/knotserver 15 + ExecStart=/usr/bin/knotserver 16 + Restart=always 17 + User=git 18 + Group=git 19 + 20 + StandardOutput=journal 21 + StandardError=journal 22 + LimitNOFILE=65536 23 + 24 + # Creates /var/log/knotserver with the correct permissions for the repoguard log. 25 + LogsDirectory=knotserver 26 + 27 + [Install] 28 + WantedBy=multi-user.target
+10 -8
knotserver/.SRCINFO
··· 1 - pkgbase = knotserver-git 1 + pkgbase = knotserver 2 2 pkgdesc = git collaboration platform built on ATproto 3 - pkgver = 1.0.6.alpha.r22.gc91caee 3 + pkgver = 1.2.0.alpha 4 4 pkgrel = 1 5 5 url = https://tangled.sh/@tangled.sh/core 6 6 install = knotserver.install ··· 8 8 license = MIT 9 9 makedepends = go 10 10 depends = git 11 + conflicts = knotserver-git 11 12 options = strip 12 - source = core::git+https://tangled.sh/@tangled.sh/core 13 + options = !debug 14 + source = tangled_1.2.0.alpha::git+https://tangled.sh/@tangled.sh/core#tag=v1.2.0-alpha 13 15 source = knotserver.service 14 16 source = knotserver-sshd.conf 15 17 source = knotserver-tmpfiles.conf 16 - sha256sums = SKIP 17 - sha256sums = 23029fea7d15f2cb50e62500dd4fe22b67cd08bdc2d37adc58b757aed9dadea4 18 - sha256sums = 390f95baa6d14da5cdff94b681fdb03e94fbd838b2d6cc0146ac84ade4dad9d5 19 - sha256sums = dfded1e9026fe755c77185cc2c17d0381c3e6e446d317695497d4f71f7eff08e 18 + sha256sums = 2462863939d6837afe026fc0baba383e4a1dad9ca035a90aecd4084590db80b7 19 + sha256sums = 8d243e1bc0d2e51079550929019d18811679127e6af6aabeed60cd907ffaab32 20 + sha256sums = 8b121f30276d83ca52f793e708731fd6985118a2ff2105cd3f603523dc11d8d8 21 + sha256sums = 30d0b9df2419c22f930649273e006faa1bdab740f03c47d740c941db45dc951e 20 22 21 - pkgname = knotserver-git 23 + pkgname = knotserver
+12 -15
knotserver/PKGBUILD
··· 1 1 _pkgname=knotserver 2 - pkgname=${_pkgname}-git 2 + _pkgver=1.2.0-alpha 3 + pkgname=${_pkgname/\-/\.} 3 4 pkgdesc='git collaboration platform built on ATproto' 4 - pkgver=1.0.6.alpha.r22.gc91caee 5 + pkgver=1.2.0.alpha 5 6 pkgrel=1 6 7 license=(MIT) 7 8 arch=(x86_64) 8 9 url=https://tangled.sh/@tangled.sh/core 9 10 depends=(git) 11 + conflicts=(knotserver-git) 10 12 makedepends=(go) 11 - options=(strip) 13 + options=(strip !debug) 12 14 install=${_pkgname}.install 13 - source=("core::git+$url" 15 + source=("tangled_$pkgver::git+$url#tag=v$_pkgver" 14 16 ${_pkgname}.service 15 17 ${_pkgname}-sshd.conf 16 18 ${_pkgname}-tmpfiles.conf) 17 - sha256sums=('SKIP' 18 - 'dc0931a287b3ed3777bc61b817aec664ef215bdc7c7b18eb745629e471198def' 19 - 'c603f13780e002ec1dfab9a5af2e3731bc1a56b793366d8bff70c187fe9ddeeb' 20 - '3302bd34822e4f8664a64ab6b075e626069fe4273b74e1de7086138094d9c6be') 21 - 22 - pkgver() { 23 - cd ${srcdir}/core 24 - git describe --long --tags --abbrev=7 | sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g' 25 - } 19 + sha256sums=('2462863939d6837afe026fc0baba383e4a1dad9ca035a90aecd4084590db80b7' 20 + '8d243e1bc0d2e51079550929019d18811679127e6af6aabeed60cd907ffaab32' 21 + '8b121f30276d83ca52f793e708731fd6985118a2ff2105cd3f603523dc11d8d8' 22 + '30d0b9df2419c22f930649273e006faa1bdab740f03c47d740c941db45dc951e') 26 23 27 24 build() { 28 25 mkdir -p ${srcdir}/build ··· 34 31 export CGO_LDFLAGS="${LDFLAGS}" 35 32 export GOFLAGS="-buildmode=pie -trimpath -ldflags=-linkmode=external -mod=readonly -modcacherw" 36 33 37 - cd ${srcdir}/core 34 + cd ${srcdir}/tangled_$pkgver 38 35 go build -o "${srcdir}/build/knotserver" ./cmd/knotserver 39 36 go build -o "${srcdir}/build/repoguard" ./cmd/repoguard 40 37 go build -o "${srcdir}/build/keyfetch" ./cmd/keyfetch ··· 47 44 install -Dm755 "${srcdir}/build/knotserver" "${pkgdir}/usr/bin/knotserver" 48 45 install -Dm755 "${srcdir}/build/repoguard" "${pkgdir}/usr/bin/repoguard" 49 46 install -Dm755 "${srcdir}/build/keyfetch" "${pkgdir}/usr/bin/keyfetch" 50 - install -Dm644 "${srcdir}/core/license" "${pkgdir}/usr/share/licenses/knotserver/LICENSE" 47 + install -Dm644 "${srcdir}/tangled_${pkgver}/license" "${pkgdir}/usr/share/licenses/knotserver/LICENSE" 51 48 }
+1 -1
knotserver/knotserver-sshd.conf
··· 1 1 Match User git 2 - AuthorizedKeysCommand /usr/bin/keyfetch -repoguard-path /usr/bin/repoguard -log-path /var/log/knotserver/keyfetch.log 2 + AuthorizedKeysCommand /usr/bin/keyfetch -git-path /var/lib/tangled -repoguard-path /usr/bin/repoguard -log-path /var/log/knotserver/keyfetch.log 3 3 AuthorizedKeysCommandUser nobody
+2 -1
knotserver/knotserver-tmpfiles.conf
··· 1 - d /home/git 755 git git - 1 + d /etc/tangled 700 root root 2 + d /var/lib/tangled 755 git git -
+13 -13
knotserver/knotserver.install
··· 1 1 post_install() { 2 - echo 3 - echo Remember to set 'KNOT_SERVER_SECRET="..."' in /etc/tangled/knotserver 4 - echo and 'KNOT_SERVER_HOSTNAME' if `hostname` does not return the FQDN 5 - echo of your knot. 6 - echo 7 - echo You will need to setup a reverse proxy to http://localhost:5555 8 - echo 9 - echo To enable git push over ssh for tangled repositories, run: 10 - echo " ln -s /usr/lib/systemd/sshd_config.d/knotserver.conf /etc/ssh/sshd_config.d/30-knotserver.conf" 11 - echo " usermod -s /usr/bin/bash -d /home/git git" 12 - echo 13 - echo and reload sshd 14 - echo 2 + echo 3 + echo knotserver installed, with repositories stored in: /var/lib/tangled 4 + echo 5 + echo Remember to set 'KNOT_SERVER_SECRET="..."' in /etc/tangled/knotserver 6 + echo and 'KNOT_SERVER_HOSTNAME' if 'hostname' does not return the FQDN 7 + echo of your knot. 8 + echo 9 + echo To enable git push over ssh for tangled repositories, run: 10 + echo " ln -s /usr/lib/systemd/sshd_config.d/knotserver.conf /etc/ssh/sshd_config.d/30-knotserver.conf" 11 + echo " usermod -s /usr/bin/bash -d /var/lib/tangled git" 12 + echo 13 + echo and reload sshd 14 + echo 15 15 }
+5 -4
knotserver/knotserver.service
··· 2 2 Description=tangled knot server 3 3 After=network.target network-online.target 4 4 Wants=network-online.target 5 - AssertPathExists=/home/git 5 + AssertPathExists=/var/lib/knotserver 6 + AssertPathExists=/var/lib/tangled 6 7 7 8 [Service] 8 9 Environment="KNOT_SERVER_HOSTNAME=%H" 9 - Environment="KNOT_SERVER_LISTEN_ADDR=[::1]:5555" 10 - Environment="KNOT_SERVER_INTERNAL_LISTEN_ADDR=[::1]:5444" 10 + Environment="KNOT_SERVER_LISTEN_ADDR=127.0.0.1:5555" 11 + Environment="KNOT_REPO_SCAN_PATH=/var/lib/tangled" 11 12 EnvironmentFile=-/etc/tangled/knotserver 12 13 13 - WorkingDirectory=/home/git 14 + WorkingDirectory=/var/lib/knotserver 14 15 ExecStart=/usr/bin/knotserver 15 16 Restart=always 16 17 User=git
+18
src/common/install.sh
··· 1 + #!/usr/bin/bash 2 + cat << EOF > ${pkgbuild_path}/knotserver.install 3 + post_install() { 4 + echo 5 + echo knotserver installed, with repositories stored in: $knotserver_repo_path 6 + echo 7 + echo Remember to set 'KNOT_SERVER_SECRET="..."' in /etc/tangled/knotserver 8 + echo and 'KNOT_SERVER_HOSTNAME' if 'hostname' does not return the FQDN 9 + echo of your knot. 10 + echo 11 + echo To enable git push over ssh for tangled repositories, run: 12 + echo " ln -s /usr/lib/systemd/sshd_config.d/knotserver.conf /etc/ssh/sshd_config.d/30-knotserver.conf" 13 + echo " usermod -s /usr/bin/bash -d $knotserver_repo_path $knotserver_user" 14 + echo 15 + echo and reload sshd 16 + echo 17 + } 18 + EOF
+31
src/common/service.sh
··· 1 + #!/usr/bin/bash 2 + cat << EOF > ${pkgbuild_path}/knotserver.service 3 + [Unit] 4 + Description=tangled knot server 5 + After=network.target network-online.target 6 + Wants=network-online.target 7 + AssertPathExists=$knotserver_db_path 8 + AssertPathExists=$knotserver_repo_path 9 + 10 + [Service] 11 + Environment="KNOT_SERVER_HOSTNAME=%H" 12 + Environment="KNOT_SERVER_LISTEN_ADDR=127.0.0.1:5555" 13 + Environment="KNOT_REPO_SCAN_PATH=${knotserver_repo_path}" 14 + EnvironmentFile=-/etc/tangled/knotserver 15 + 16 + WorkingDirectory=$knotserver_db_path 17 + ExecStart=/usr/bin/knotserver 18 + Restart=always 19 + User=$knotserver_user 20 + Group=$knotserver_group 21 + 22 + StandardOutput=journal 23 + StandardError=journal 24 + LimitNOFILE=65536 25 + 26 + # Creates /var/log/knotserver with the correct permissions for the repoguard log. 27 + LogsDirectory=knotserver 28 + 29 + [Install] 30 + WantedBy=multi-user.target 31 + EOF
+6
src/common/sshd.conf.sh
··· 1 + #!/usr/bin/bash 2 + cat << EOF > ${pkgbuild_path}/knotserver-sshd.conf 3 + Match User $knotserver_user 4 + AuthorizedKeysCommand /usr/bin/keyfetch -git-path $knotserver_repo_path -repoguard-path /usr/bin/repoguard -log-path ${knotserver_log_directory}/keyfetch.log 5 + AuthorizedKeysCommandUser nobody 6 + EOF
+5
src/common/tmpfiles.conf.sh
··· 1 + #!/usr/bin/bash 2 + cat << EOF > ${pkgbuild_path}/knotserver-tmpfiles.conf 3 + d /etc/tangled 700 root root 4 + d $knotserver_repo_path 755 $knotserver_user $knotserver_group - 5 + EOF
+16
update.sh
··· 1 + #!/usr/bin/env bash 2 + 3 + source ./conf.sh 4 + 5 + for pkgbuild_path in knotserver knotserver-git; do 6 + source src/common/sshd.conf.sh 7 + source src/common/tmpfiles.conf.sh 8 + source src/common/service.sh 9 + source src/common/install.sh 10 + 11 + cd $pkgbuild_path 12 + updpkgsums 13 + makepkg --printsrcinfo > .SRCINFO 14 + 15 + cd .. 16 + done