[arch-commits] Commit in dnscrypt-proxy/repos/community-x86_64 (5 files)
David Runge
dvzrv at archlinux.org
Tue Dec 3 18:12:05 UTC 2019
Date: Tuesday, December 3, 2019 @ 18:12:04
Author: dvzrv
Revision: 534973
archrelease: copy trunk to community-x86_64
Added:
dnscrypt-proxy/repos/community-x86_64/PKGBUILD
(from rev 534972, dnscrypt-proxy/trunk/PKGBUILD)
dnscrypt-proxy/repos/community-x86_64/configuration.diff
(from rev 534972, dnscrypt-proxy/trunk/configuration.diff)
dnscrypt-proxy/repos/community-x86_64/dnscrypt-proxy.install
(from rev 534972, dnscrypt-proxy/trunk/dnscrypt-proxy.install)
dnscrypt-proxy/repos/community-x86_64/dnscrypt-proxy.service
(from rev 534972, dnscrypt-proxy/trunk/dnscrypt-proxy.service)
dnscrypt-proxy/repos/community-x86_64/dnscrypt-proxy.socket
(from rev 534972, dnscrypt-proxy/trunk/dnscrypt-proxy.socket)
------------------------+
PKGBUILD | 76 ++++++++++++++++++++++++++
configuration.diff | 135 +++++++++++++++++++++++++++++++++++++++++++++++
dnscrypt-proxy.install | 7 ++
dnscrypt-proxy.service | 24 ++++++++
dnscrypt-proxy.socket | 16 +++++
5 files changed, 258 insertions(+)
Copied: dnscrypt-proxy/repos/community-x86_64/PKGBUILD (from rev 534972, dnscrypt-proxy/trunk/PKGBUILD)
===================================================================
--- PKGBUILD (rev 0)
+++ PKGBUILD 2019-12-03 18:12:04 UTC (rev 534973)
@@ -0,0 +1,76 @@
+# Maintainer: David Runge <dvzrv at archlinux.org>
+# Contributor: Felix Yan <felixonmars at archlinux.org>
+# Contributor: Techlive Zheng <techlivezheng at gmail dot com>
+# Contributor: peace4all <markspost at rocketmail dot com>
+
+pkgname=dnscrypt-proxy
+pkgver=2.0.34
+pkgrel=1
+pkgdesc="DNS proxy, supporting encrypted DNS protocols such as DNSCrypt v2 and DNS-over-HTTPS"
+arch=('x86_64')
+url="https://dnscrypt.info"
+license=('custom:ISC')
+depends=('glibc')
+makedepends=('git' 'go-pie')
+optdepends=('python-urllib3: for generate-domains-blacklist')
+install="${pkgname}.install"
+backup=("etc/${pkgname}/${pkgname}.toml"
+ "etc/${pkgname}/blacklist.txt"
+ "etc/${pkgname}/cloaking-rules.txt"
+ "etc/${pkgname}/forwarding-rules.txt"
+ "etc/${pkgname}/ip-blacklist.txt"
+ "etc/${pkgname}/whitelist.txt"
+)
+source=("${pkgname}-${pkgver}.tar.gz::https://github.com/jedisct1/${pkgname}/archive/${pkgver}.tar.gz"
+ "${pkgname}.service"
+ "${pkgname}.socket"
+ 'configuration.diff')
+sha512sums=('b48bbedbd5fea5514669ff5593ecd0aee083979c3030fe775558441ee2c398206eba786b9497022c3fab08fe7ee49dcc5205303629834f8fe65d7246e3352381'
+ 'aa871927bbc37d0c629e75a39cbfe50ce6062a19d7fe5b61895c604d6a480ba8f484cf207943c6ee7bf2dc3c7799d8f7a2b1ea5c8e586920c97730a7c503985e'
+ '56a56e87032da9316b392b0613124b0743673041596c717005541ae9b3994c7fc16c02497ea773d321f45d8e0f9ea8fda00783062cef4d5c8277b5b6f7cb10d5'
+ '456a81906c9713f7b9bdc6e152d3688899da6f760758fce91a9c625da3d7286bf0fd1d54419a57aa5ec1d9d50e1d2db32b6d5f36c2f265e227dc7e8eef65cfdd')
+
+prepare() {
+ cd "$pkgname-$pkgver"
+ patch -Np1 -i ../configuration.diff
+ # create empty ip-blacklist.txt
+ touch "${pkgname}/ip-blacklist.txt"
+}
+
+build() {
+ cd "$pkgname-$pkgver/${pkgname}"
+ go build -ldflags="-linkmode external -extldflags ${LDFLAGS} -s -w"
+}
+
+package() {
+ cd $pkgname-$pkgver
+ # executable
+ install -vDm 755 "${pkgname}/${pkgname}" -t "${pkgdir}/usr/bin/"
+ # configuration
+ install -vDm 644 "${pkgname}/example-${pkgname}.toml" \
+ "${pkgdir}/etc/${pkgname}/${pkgname}.toml"
+ install -vDm 644 "${pkgname}/example-blacklist.txt" \
+ "${pkgdir}/etc/${pkgname}/blacklist.txt"
+ install -vDm 644 "${pkgname}/example-cloaking-rules.txt" \
+ "${pkgdir}/etc/${pkgname}/cloaking-rules.txt"
+ install -vDm 644 "${pkgname}/example-forwarding-rules.txt" \
+ "${pkgdir}/etc/${pkgname}/forwarding-rules.txt"
+ install -vDm 644 "${pkgname}/ip-blacklist.txt" \
+ "${pkgdir}/etc/${pkgname}/ip-blacklist.txt"
+ install -vDm 644 "${pkgname}/example-whitelist.txt" \
+ "${pkgdir}/etc/${pkgname}/whitelist.txt"
+ # utils
+ install -vDm 644 utils/generate-domains-blacklists/*.{conf,txt} \
+ -t "${pkgdir}/usr/share/${pkgname}/utils/generate-domains-blacklists"
+ install -vDm 755 utils/generate-domains-blacklists/generate-domains-blacklist.py \
+ "${pkgdir}/usr/bin/generate-domains-blacklist"
+ # systemd service/socket
+ install -vDm 644 "../${pkgname}."{service,socket} \
+ -t "${pkgdir}/usr/lib/systemd/system/"
+ # license
+ install -vDm 644 LICENSE -t "${pkgdir}/usr/share/licenses/${pkgname}"
+ # docs
+ install -vDm 644 {ChangeLog,README.md} \
+ -t "${pkgdir}/usr/share/doc/${pkgname}"
+}
+# vim:set ts=2 sw=2 et:
Copied: dnscrypt-proxy/repos/community-x86_64/configuration.diff (from rev 534972, dnscrypt-proxy/trunk/configuration.diff)
===================================================================
--- configuration.diff (rev 0)
+++ configuration.diff 2019-12-03 18:12:04 UTC (rev 534973)
@@ -0,0 +1,135 @@
+diff -ruN a/dnscrypt-proxy/example-dnscrypt-proxy.toml b/dnscrypt-proxy/example-dnscrypt-proxy.toml
+--- a/dnscrypt-proxy/example-dnscrypt-proxy.toml 2019-11-18 13:00:34.000000000 +0100
++++ b/dnscrypt-proxy/example-dnscrypt-proxy.toml 2019-11-19 22:11:15.890730311 +0100
+@@ -138,12 +138,12 @@
+
+ ## log file for the application
+
+-# log_file = 'dnscrypt-proxy.log'
++# log_file = '/var/log/dnscrypt-proxy/dnscrypt-proxy.log'
+
+
+ ## Use the system logger (syslog on Unix, Event Log on Windows)
+
+-# use_syslog = true
++use_syslog = true
+
+
+ ## Delay, in minutes, after which certificates are reloaded
+@@ -280,7 +280,7 @@
+ ## example.com 9.9.9.9
+ ## example.net 9.9.9.9,8.8.8.8,1.1.1.1
+
+-# forwarding_rules = 'forwarding-rules.txt'
++# forwarding_rules = '/etc/dnscrypt-proxy/forwarding-rules.txt'
+
+
+
+@@ -296,7 +296,7 @@
+ ## example.com 10.1.1.1
+ ## www.google.com forcesafesearch.google.com
+
+-# cloaking_rules = 'cloaking-rules.txt'
++# cloaking_rules = '/etc/dnscrypt-proxy/cloaking-rules.txt'
+
+ ## TTL used when serving entries in cloaking-rules.txt
+
+@@ -349,7 +349,7 @@
+ ## Path to the query log file (absolute, or relative to the same directory as the executable file)
+ ## Can be /dev/stdout to log to the standard output (and set log_files_max_size to 0)
+
+- # file = 'query.log'
++ # file = '/var/log/dnscrypt-proxy/query.log'
+
+
+ ## Query log format (currently supported: tsv and ltsv)
+@@ -375,7 +375,7 @@
+
+ ## Path to the query log file (absolute, or relative to the same directory as the executable file)
+
+- # file = 'nx.log'
++ # file = '/var/log/dnscrypt-proxy/nx.log'
+
+
+ ## Query log format (currently supported: tsv and ltsv)
+@@ -405,12 +405,12 @@
+
+ ## Path to the file of blocking rules (absolute, or relative to the same directory as the executable file)
+
+- # blacklist_file = 'blacklist.txt'
++ # blacklist_file = '/etc/dnscrypt-proxy/blacklist.txt'
+
+
+ ## Optional path to a file logging blocked queries
+
+- # log_file = 'blocked.log'
++ # log_file = '/var/log/dnscrypt-proxy/blocked.log'
+
+
+ ## Optional log format: tsv or ltsv (default: tsv)
+@@ -433,12 +433,12 @@
+
+ ## Path to the file of blocking rules (absolute, or relative to the same directory as the executable file)
+
+- # blacklist_file = 'ip-blacklist.txt'
++ # blacklist_file = '/etc/dnscrypt-proxy/ip-blacklist.txt'
+
+
+ ## Optional path to a file logging blocked queries
+
+- # log_file = 'ip-blocked.log'
++ # log_file = '/var/log/dnscrypt-proxy/ip-blocked.log'
+
+
+ ## Optional log format: tsv or ltsv (default: tsv)
+@@ -461,12 +461,12 @@
+
+ ## Path to the file of whitelisting rules (absolute, or relative to the same directory as the executable file)
+
+- # whitelist_file = 'whitelist.txt'
++ # whitelist_file = '/etc/dnscrypt-proxy/whitelist.txt'
+
+
+ ## Optional path to a file logging whitelisted queries
+
+- # log_file = 'whitelisted.log'
++ # log_file = '/var/log/dnscrypt-proxy/whitelisted.log'
+
+
+ ## Optional log format: tsv or ltsv (default: tsv)
+@@ -536,7 +536,7 @@
+
+ [sources.'public-resolvers']
+ urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md']
+- cache_file = 'public-resolvers.md'
++ cache_file = '/var/cache/dnscrypt-proxy/public-resolvers.md'
+ minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
+ prefix = ''
+
+@@ -544,7 +544,7 @@
+
+ [sources.'relays']
+ urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/relays.md', 'https://download.dnscrypt.info/resolvers-list/v2/relays.md']
+- cache_file = 'relays.md'
++ cache_file = '/var/cache/dnscrypt-proxy/relays.md'
+ minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
+ refresh_delay = 72
+ prefix = ''
+@@ -554,7 +554,7 @@
+ # [sources.quad9-resolvers]
+ # urls = ['https://www.quad9.net/quad9-resolvers.md']
+ # minisign_key = 'RWQBphd2+f6eiAqBsvDZEBXBGHQBJfeG6G+wJPPKxCZMoEQYpmoysKUN'
+- # cache_file = 'quad9-resolvers.md'
++ # cache_file = '/var/cache/dnscrypt-proxy/quad9-resolvers.md'
+ # prefix = 'quad9-'
+
+ ## Another example source, with resolvers censoring some websites not appropriate for children
+@@ -562,7 +562,7 @@
+
+ # [sources.'parental-control']
+ # urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/parental-control.md', 'https://download.dnscrypt.info/resolvers-list/v2/parental-control.md']
+- # cache_file = 'parental-control.md'
++ # cache_file = '/var/cache/dnscrypt-proxy/parental-control.md'
+ # minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
+
+
Copied: dnscrypt-proxy/repos/community-x86_64/dnscrypt-proxy.install (from rev 534972, dnscrypt-proxy/trunk/dnscrypt-proxy.install)
===================================================================
--- dnscrypt-proxy.install (rev 0)
+++ dnscrypt-proxy.install 2019-12-03 18:12:04 UTC (rev 534973)
@@ -0,0 +1,7 @@
+post_upgrade() {
+ if [ "$(vercmp $2 1.9.5-1)" -le 0 ]
+ then
+ echo 'The configuration file(s) and setup of dnscrypt-proxy has changed considerably since version 1.x.'
+ echo 'Please refer to the new upstream information for help!'
+ fi
+}
Copied: dnscrypt-proxy/repos/community-x86_64/dnscrypt-proxy.service (from rev 534972, dnscrypt-proxy/trunk/dnscrypt-proxy.service)
===================================================================
--- dnscrypt-proxy.service (rev 0)
+++ dnscrypt-proxy.service 2019-12-03 18:12:04 UTC (rev 534973)
@@ -0,0 +1,24 @@
+[Unit]
+Description=DNSCrypt-proxy client
+Documentation=https://github.com/jedisct1/dnscrypt-proxy/wiki
+Wants=network-online.target nss-lookup.target
+Before=nss-lookup.target
+
+[Service]
+NonBlocking=true
+ExecStart=/usr/bin/dnscrypt-proxy --config /etc/dnscrypt-proxy/dnscrypt-proxy.toml
+DynamicUser=yes
+ProtectSystem=strict
+ProtectHome=yes
+ProtectControlGroups=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+LockPersonality=yes
+CacheDirectory=dnscrypt-proxy
+LogsDirectory=dnscrypt-proxy
+RuntimeDirectory=dnscrypt-proxy
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+NoNewPrivileges=yes
+
+[Install]
+WantedBy=multi-user.target
Copied: dnscrypt-proxy/repos/community-x86_64/dnscrypt-proxy.socket (from rev 534972, dnscrypt-proxy/trunk/dnscrypt-proxy.socket)
===================================================================
--- dnscrypt-proxy.socket (rev 0)
+++ dnscrypt-proxy.socket 2019-12-03 18:12:04 UTC (rev 534973)
@@ -0,0 +1,16 @@
+[Unit]
+Description=DNSCrypt-proxy socket
+Documentation=https://github.com/jedisct1/dnscrypt-proxy/wiki
+Before=nss-lookup.target
+Wants=nss-lookup.target network-online.target
+
+[Socket]
+ListenStream=127.0.0.1:53
+ListenDatagram=127.0.0.1:53
+ListenStream=[::1]:53
+ListenDatagram=[::1]:53
+NoDelay=true
+DeferAcceptSec=1
+
+[Install]
+WantedBy=sockets.target
More information about the arch-commits
mailing list