[arch-commits] Commit in filebin/repos (9 files)
Justin Kromlinger
hashworks at archlinux.org
Sun Aug 30 09:47:17 UTC 2020
Date: Sunday, August 30, 2020 @ 09:47:17
Author: hashworks
Revision: 692591
archrelease: copy trunk to community-any
Added:
filebin/repos/community-any/
filebin/repos/community-any/PKGBUILD
(from rev 692590, filebin/trunk/PKGBUILD)
filebin/repos/community-any/filebin-file-cron.service
(from rev 692590, filebin/trunk/filebin-file-cron.service)
filebin/repos/community-any/filebin-file-cron.timer
(from rev 692590, filebin/trunk/filebin-file-cron.timer)
filebin/repos/community-any/filebin-nginx.conf
(from rev 692590, filebin/trunk/filebin-nginx.conf)
filebin/repos/community-any/filebin-php-fpm.conf
(from rev 692590, filebin/trunk/filebin-php-fpm.conf)
filebin/repos/community-any/filebin-user-cron.service
(from rev 692590, filebin/trunk/filebin-user-cron.service)
filebin/repos/community-any/filebin-user-cron.timer
(from rev 692590, filebin/trunk/filebin-user-cron.timer)
filebin/repos/community-any/filebin.install
(from rev 692590, filebin/trunk/filebin.install)
---------------------------+
PKGBUILD | 96 ++++++++++++++++++++++++++++++++++++++++++++
filebin-file-cron.service | 16 +++++++
filebin-file-cron.timer | 9 ++++
filebin-nginx.conf | 88 ++++++++++++++++++++++++++++++++++++++++
filebin-php-fpm.conf | 23 ++++++++++
filebin-user-cron.service | 15 ++++++
filebin-user-cron.timer | 9 ++++
filebin.install | 18 ++++++++
8 files changed, 274 insertions(+)
Copied: filebin/repos/community-any/PKGBUILD (from rev 692590, filebin/trunk/PKGBUILD)
===================================================================
--- community-any/PKGBUILD (rev 0)
+++ community-any/PKGBUILD 2020-08-30 09:47:17 UTC (rev 692591)
@@ -0,0 +1,96 @@
+# Maintainer: hashworks<mail at hashworks.net>
+# Contributor: Simon Hanna<simon DOT Hanna AT serve-me DOT info>
+pkgname=filebin
+pkgver=3.4.5
+pkgrel=3
+pkgdesc="A pastebin service written in PHP"
+arch=('any')
+url="https://wiki.server-speed.net/projects/filebin"
+license=('AGPL' 'MIT')
+makedepends=('nodejs' 'git')
+optdepends=('mariadb' 'postgres')
+depends=('php'
+ 'pygmentize'
+ 'python-ansi2html'
+ 'php-gd'
+ 'imagemagick'
+)
+backup=('etc/webapps/filebin/config-local.php'
+ 'etc/webapps/filebin/contact-info.php'
+ 'etc/webapps/filebin/database.php'
+ 'etc/webapps/filebin/memcached.php'
+)
+install=filebin.install
+options=('!strip' 'emptydirs')
+source=("git+https://github.com/Bluewind/filebin.git#tag=${pkgver}?signed"
+ "git+https://github.com/padraic/mockery.git"
+ "git+https://github.com/endroid/QrCode.git"
+ "git+https://github.com/erusev/parsedown.git"
+ "git+https://github.com/recurser/exif-orientation-examples.git"
+ 'filebin-nginx.conf'
+ 'filebin-php-fpm.conf'
+ 'filebin-file-cron.service'
+ 'filebin-file-cron.timer'
+ 'filebin-user-cron.service'
+ 'filebin-user-cron.timer'
+)
+sha256sums=('SKIP'
+ 'SKIP'
+ 'SKIP'
+ 'SKIP'
+ 'SKIP'
+ '6ed404a3fbc28c6ab35bf1eba67ddcf46cfd48893237155e38d297a13020180c'
+ '034442098d1608807bec2a03028a7c8bb9ae9d286c378e2f668b4aca3cc9d4e1'
+ '78dd850467d89ac3d1b57fa72fe9ce8d736ce29a89abe624d9c4d2e168e59d19'
+ '116b1e5031c22ad251c486b18ff203813f7227197ef853927ddc2de00e85cbe1'
+ '36c82c506a058edc50b882200332c6a540aa68a5749919eb62dc6c633c47deb3'
+ 'd73e4b984ab95954bd18e08237c6aa8bec32ccc5699531727362e2c75ba9c25e')
+
+validpgpkeys=('CFA6AF15E5C74149FC1D8C086D1655C14CE1C13E') # Florian Pritz <bluewind at archlinux.org>
+
+prepare() {
+ cd "${srcdir}/${pkgname}"
+ git submodule init
+ git config submodule."application/third_party/mockery".url "${srcdir}/mockery"
+ git config submodule."application/third_party/QrCode".url "${srcdir}/QrCode"
+ git config submodule."application/third_party/parsedown".url "${srcdir}/parsedown"
+ git config submodule."data/tests/exif-orientation-examples".url "${srcdir}/exif-orientation-examples"
+ git submodule update --recursive
+}
+
+build () {
+ bash "${srcdir}/${pkgname}/scripts/optimize_js.sh"
+}
+
+package() {
+ install -D -d -m755 "${pkgdir}/usr/lib/systemd/system"
+ install -D -d -m755 -g 33 "${pkgdir}/usr/share/webapps/filebin" "${pkgdir}/etc/webapps/filebin"
+ install -D -d -m755 -o 33 -g 33 "${pkgdir}/usr/share/webapps/filebin/data/uploads"
+ install -m640 -g 33 "${srcdir}/${pkgname}/data/local/examples/contact-info.php" "${pkgdir}/etc/webapps/filebin"
+ install -m640 -g 33 "${srcdir}/${pkgname}/application/config/example/config-local.php" "${pkgdir}/etc/webapps/filebin"
+ install -m640 -g 33 "${srcdir}/${pkgname}/application/config/example/database.php" "${pkgdir}/etc/webapps/filebin"
+ install -m640 -g 33 "${srcdir}/${pkgname}/application/config/example/memcached.php" "${pkgdir}/etc/webapps/filebin"
+ install -m644 filebin-file-cron.service filebin-file-cron.timer filebin-user-cron.service filebin-user-cron.timer "${pkgdir}/usr/lib/systemd/system"
+ cp -r "${srcdir}/${pkgname}"/* "${pkgdir}/usr/share/webapps/filebin/"
+ rm "${pkgdir}/usr/share/webapps/filebin/application/config/memcached.php"
+ ln -s /etc/webapps/filebin/{config-local,database,memcached}.php "${pkgdir}/usr/share/webapps/filebin/application/config"
+ ln -s /etc/webapps/filebin/contact-info.php "${pkgdir}/usr/share/webapps/filebin/data/local"
+ mkdir "${pkgdir}/usr/share/webapps/filebin/public_html/data/client"
+
+ install -Dm644 "${srcdir}/${pkgname}/COPYING" "${pkgdir}/usr/share/licenses/${pkgname}/COPYING"
+ install -Dm644 "${srcdir}/${pkgname}/license.txt" "${pkgdir}/usr/share/licenses/${pkgname}/framework-license.txt"
+
+ install -Dm644 filebin-nginx.conf "$pkgdir/usr/share/doc/$pkgname/examples/nginx.conf"
+ install -Dm644 filebin-php-fpm.conf "$pkgdir/usr/share/doc/$pkgname/examples/php-fpm.conf"
+ install -Dm644 "${srcdir}/${pkgname}/NEWS" "$pkgdir/usr/share/doc/$pkgname/NEWS"
+ install -Dm644 "${srcdir}/${pkgname}/README.md" "$pkgdir/usr/share/doc/$pkgname/README.md"
+ install -Dm644 "${srcdir}/${pkgname}/contributing.md" "$pkgdir/usr/share/doc/$pkgname/contributing.md"
+ install -Dm644 "${srcdir}/${pkgname}/doc/api.md" "$pkgdir/usr/share/doc/$pkgname/api.md"
+ install -Dm644 "${srcdir}/${pkgname}/doc/api/file.md" "$pkgdir/usr/share/doc/$pkgname/api/file.md"
+ install -Dm644 "${srcdir}/${pkgname}/doc/api/user.md" "$pkgdir/usr/share/doc/$pkgname/api/user.md"
+ rm -Rf "${pkgdir}/usr/share/webapps/filebin/"{COPYING,license.txt,NEWS,README.md,contributing.md,INSTALL,doc}
+
+ # removing unnecessary data for a production environment
+ rm -Rf "${pkgdir}/usr/share/webapps/filebin/"{Dockerfile,docker,composer.json,composer.lock,git-hooks,run-tests.sh,data/tests,application/third_party/test-more-php,application/third_party/mockery,application/tests,scripts/optimize_js.sh,scripts/install-git-hooks.sh,scripts/hooks-wrapper.sh}
+ find "${pkgdir}/usr/share/webapps/filebin" -name ".git*" -type f -delete
+}
Copied: filebin/repos/community-any/filebin-file-cron.service (from rev 692590, filebin/trunk/filebin-file-cron.service)
===================================================================
--- community-any/filebin-file-cron.service (rev 0)
+++ community-any/filebin-file-cron.service 2020-08-30 09:47:17 UTC (rev 692591)
@@ -0,0 +1,16 @@
+[Unit]
+Description=Filebin file cronjob
+
+[Service]
+User=http
+Group=http
+
+PrivateDevices=yes
+PrivateTmp=yes
+ProtectHome=read-only
+ProtectSystem=strict
+NoNewPrivileges=yes
+ReadWritePaths=-/usr/share/webapps/filebin/data/uploads
+
+Type=oneshot
+ExecStart=/usr/bin/php /usr/share/webapps/filebin/index.php file cron
Copied: filebin/repos/community-any/filebin-file-cron.timer (from rev 692590, filebin/trunk/filebin-file-cron.timer)
===================================================================
--- community-any/filebin-file-cron.timer (rev 0)
+++ community-any/filebin-file-cron.timer 2020-08-30 09:47:17 UTC (rev 692591)
@@ -0,0 +1,9 @@
+[Unit]
+Description=Run filebin file cron every ten minutes
+
+[Timer]
+OnCalendar=*:0/10
+Persistent=true
+
+[Install]
+WantedBy=timers.target
Copied: filebin/repos/community-any/filebin-nginx.conf (from rev 692590, filebin/trunk/filebin-nginx.conf)
===================================================================
--- community-any/filebin-nginx.conf (rev 0)
+++ community-any/filebin-nginx.conf 2020-08-30 09:47:17 UTC (rev 692591)
@@ -0,0 +1,88 @@
+## Example config for http redirects
+server {
+ listen 80;
+ listen [::]:80 default;
+ server_name example.com;
+
+ return 301 https://$server_name$request_uri;
+}
+
+## Example config for server secured with https
+server {
+ listen 0.0.0.0:443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name example.com;
+
+ access_log /var/log/nginx/example.com/access.log combined if=$log_ip;
+ error_log /var/log/nginx/example.com/error.log;
+
+ root /usr/share/webapps/filebin/public_html/;
+
+ add_header X-Frame-Options DENY;
+
+ location / {
+ try_files $uri $uri/ @ee;
+ }
+ location @ee {
+ rewrite ^(.*) /index.php?$1 last;
+ }
+
+ # Needs:
+ # $config['download_driver'] = 'nginx';
+ # $config['download_nginx_location'] = '/u';
+ location ^~ /u/ {
+ internal;
+ gzip off;
+ sendfile on;
+ sendfile_max_chunk 100m;
+ tcp_nopush on;
+ tcp_nodelay on;
+ keepalive_timeout 120;
+ proxy_max_temp_file_size 0;
+ chunked_transfer_encoding off;
+ alias /usr/share/webapps/filebin/data/uploads/;
+ }
+
+ location ~ \.php$ {
+ fastcgi_pass unix:/run/php-fpm/fb.sock;
+ fastcgi_index index.php;
+ include fastcgi.conf;
+ }
+
+ add_header Feature-Policy "geolocation 'none'; midi 'none'; notifications 'none'; push 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; vibrate 'none'; fullscreen 'none'; payment 'none'";
+
+ add_header Content-Security-Policy "upgrade-insecure-requests; default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'none'; font-src 'self'; object-src 'none'; media-src 'self'; worker-src 'none'; frame-src 'none'; form-action 'self'; frame-ancestors 'none'; base-uri 'self';";
+
+ add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
+ add_header Referrer-Policy "no-referrer, strict-origin-when-cross-origin";
+ add_header X-Content-Type-Options nosniff;
+ add_header X-XSS-Protection "1; mode=block";
+
+ ssl_protocols TLSv1.2 TLSv1.3;
+
+ # EECDH+AESGCM is a weaker cipher, but we need it for Android 5.0 / 6.0 support.
+ ssl_ciphers "EECDH+AESGCM+SHA384:EECDH+AESGCM";
+ #ssl_ciphers "EECDH+AESGCM+SHA384";
+
+ ssl_prefer_server_ciphers on;
+ ssl_ecdh_curve secp384r1;
+ ssl_session_cache shared:SSL:10m;
+ ssl_session_tickets off;
+ ssl_stapling on;
+ ssl_stapling_verify on;
+
+ resolver 127.0.0.1 valid=300s;
+ resolver_timeout 5s;
+
+ # openssl dhparam -out /etc/ssl/dhparam.pem 4096
+ ssl_dhparam /etc/ssl/dhparam.pem;
+
+ # See https://wiki.archlinux.org/index.php/Certbot
+ ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
+
+ # Optional, needs to be generated
+ #ssl_stapling_file /etc/letsencrypt/ocspresponse/fb.hash.works.der;
+}
+
+# vi:syntax=nginx
Copied: filebin/repos/community-any/filebin-php-fpm.conf (from rev 692590, filebin/trunk/filebin-php-fpm.conf)
===================================================================
--- community-any/filebin-php-fpm.conf (rev 0)
+++ community-any/filebin-php-fpm.conf 2020-08-30 09:47:17 UTC (rev 692591)
@@ -0,0 +1,23 @@
+[fb]
+user = http
+group = http
+
+listen = /run/php-fpm/$pool.sock
+listen.owner = http
+listen.group = http
+
+pm = dynamic
+pm.max_children = 100
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 10
+
+php_flag[display_errors] = off
+
+php_admin_value[open_basedir] = /usr/share/webapps/filebin:/etc/webapps/filebin:/tmp
+
+; For absurdely large textfiles
+php_admin_value[memory_limit] = 512M
+
+php_admin_value[post_max_size] = 1G
+php_admin_value[upload_max_filesize] = 1G
Copied: filebin/repos/community-any/filebin-user-cron.service (from rev 692590, filebin/trunk/filebin-user-cron.service)
===================================================================
--- community-any/filebin-user-cron.service (rev 0)
+++ community-any/filebin-user-cron.service 2020-08-30 09:47:17 UTC (rev 692591)
@@ -0,0 +1,15 @@
+[Unit]
+Description=Filebin user cronjob
+
+[Service]
+User=http
+Group=http
+
+PrivateDevices=yes
+PrivateTmp=yes
+ProtectHome=read-only
+ProtectSystem=strict
+NoNewPrivileges=yes
+
+Type=oneshot
+ExecStart=/usr/bin/php /usr/share/webapps/filebin/index.php user cron
Copied: filebin/repos/community-any/filebin-user-cron.timer (from rev 692590, filebin/trunk/filebin-user-cron.timer)
===================================================================
--- community-any/filebin-user-cron.timer (rev 0)
+++ community-any/filebin-user-cron.timer 2020-08-30 09:47:17 UTC (rev 692591)
@@ -0,0 +1,9 @@
+[Unit]
+Description=Run filebin user cron hourly
+
+[Timer]
+OnCalendar=hourly
+Persistent=true
+
+[Install]
+WantedBy=timers.target
Copied: filebin/repos/community-any/filebin.install (from rev 692590, filebin/trunk/filebin.install)
===================================================================
--- community-any/filebin.install (rev 0)
+++ community-any/filebin.install 2020-08-30 09:47:17 UTC (rev 692591)
@@ -0,0 +1,18 @@
+post_install() {
+ echo "-------------------------------------------------------------------------------"
+ echo "1. Update 'open_basedir' in php's config to include '/tmp', '/usr/share/webapps/filebin' and '/etc/webapps/filebin' (the example php-fpm config includes that)."
+ echo "2. Enable exif, phar and any of mysql, mysqli, pgsql, pdo_mysql or pdo_pgsql for database access."
+ echo "3. Edit the files in '/etc/webapps/filebin' to your liking."
+ echo "3. Run 'php /usr/share/webapps/filebin/index.php tools update_database' to initialize your database."
+ echo "4. Run 'php /usr/share/webapps/filebin/index.php user add_user' to add your first user."
+ echo "5. Enable 'filebin-user-cron.timer' and 'filebin-user-cron.timer'."
+ echo ""
+ echo "Additional information can be found in '/usr/share/doc/filebin'."
+ echo "For nginx and php-fpm there are sample configuration files in '/usr/share/doc/filebin/examples'."
+ echo "-------------------------------------------------------------------------------"
+
+}
+
+post_upgrade() {
+ php /usr/share/webapps/filebin/index.php tools update_database
+}
More information about the arch-commits
mailing list