[arch-commits] Commit in hedgedoc/repos/community-any (9 files)
Jelle van der Waa
jelle at archlinux.org
Mon Apr 26 21:27:29 UTC 2021
Date: Monday, April 26, 2021 @ 21:27:28
Author: jelle
Revision: 924565
archrelease: copy trunk to community-any
Added:
hedgedoc/repos/community-any/PKGBUILD
(from rev 924564, hedgedoc/trunk/PKGBUILD)
hedgedoc/repos/community-any/fix-path-traversal.patch
(from rev 924564, hedgedoc/trunk/fix-path-traversal.patch)
hedgedoc/repos/community-any/hedgedoc.service
(from rev 924564, hedgedoc/trunk/hedgedoc.service)
hedgedoc/repos/community-any/sysusers.conf
(from rev 924564, hedgedoc/trunk/sysusers.conf)
hedgedoc/repos/community-any/tmpfiles.conf
(from rev 924564, hedgedoc/trunk/tmpfiles.conf)
Deleted:
hedgedoc/repos/community-any/PKGBUILD
hedgedoc/repos/community-any/hedgedoc.service
hedgedoc/repos/community-any/sysusers.conf
hedgedoc/repos/community-any/tmpfiles.conf
--------------------------+
PKGBUILD | 271 +++++++++++++++++++++++----------------------
fix-path-traversal.patch | 31 +++++
hedgedoc.service | 94 +++++++--------
sysusers.conf | 2
tmpfiles.conf | 4
5 files changed, 220 insertions(+), 182 deletions(-)
Deleted: PKGBUILD
===================================================================
--- PKGBUILD 2021-04-26 21:27:17 UTC (rev 924564)
+++ PKGBUILD 2021-04-26 21:27:28 UTC (rev 924565)
@@ -1,132 +0,0 @@
-# Maintainer: Jelle van der Waa <jelle at archlinux.org>
-
-pkgname=hedgedoc
-pkgver=1.7.2
-pkgrel=2
-pkgdesc="Platform to write and share markdown"
-arch=('any')
-url='https://github.com/hedgedoc/hedgedoc'
-license=('AGPL3')
-depends=('nodejs' 'npm')
-makedepends=('nodejs' 'sqlite' 'python' 'node-gyp' 'git' 'yarn')
-optdepends=('postgresql: postgresql database support'
- 'mariadb: mariadb database support'
- 'sqlite: sqlite database support')
-backup=("etc/webapps/${pkgname}"/{config.json,sequelizerc})
-source=("${pkgname}-${pkgver}.tar.gz::https://github.com/hedgedoc/${pkgname}/archive/${pkgver}.tar.gz"
- "sysusers.conf"
- "tmpfiles.conf"
- "hedgedoc.service")
-options=(!emptydirs)
-sha1sums=('d9420b702529558bddcbc7686ba8f0ce76e8b3c9'
- 'dc4220c9d7e21d2b5b5c54462bb681375d1cce62'
- 'faee704ac2e65e565f7bdcb527c2d0c73c20e682'
- 'c0a8ea9c6a27a1810c56365609d9b42d8d2ed935')
-
-build() {
- cd "${pkgname}-${pkgver}"
- # Build steps from Dockerfile
- yarn install --production=false
- yarn run build
- rm -rf node_modules
- # Production modules
- yarn install --production=true
-}
-
-package() {
- cd "${pkgname}-${pkgver}"
-
- # removing unneeded files and directories
- find node_modules -type f \
- \( \
- -iname '*Makefile*' -o \
- -iname '*armv*' -o \
- -iname '*.cache' -o \
- -iname '*Makefile*' -o \
- -iname '*appveyor.yml' -o \
- -iname '*.babelrc' -o \
- -iname '*.bak' -o \
- -iname '*bower.json' -o \
- -iname '*.c' -o \
- -iname '*.cc' -o \
- -iname '*.cpp' -o \
- -iname '*.md' -o \
- -iname '*.markdown' -o \
- -iname '*.rst' -o \
- -iname '*.nycrc' -o \
- -iname '*.npmignore' -o \
- -iname '*.editorconfig' -o \
- -iname '*.el' -o \
- -iname '*.eslintignore' -o \
- -iname '*.eslintrc*' -o \
- -iname '*.fimbullinter.yaml' -o \
- -iname '*.gitattributes' -o \
- -iname '*.gitmodules' -o \
- -iname '*.h' -o \
- -iname '*.html' -o \
- -iname '*.jshintrc' -o \
- -iname '*.jscs.json' -o \
- -iname '*.log' -o \
- -iname '*logo.svg' -o \
- -iname '*.nvmrc' -o \
- -iname '*.o' -o \
- -iname '*package-lock.json' -o \
- -iname '*.travis.yml' -o \
- -iname '*.prettierrc' -o \
- -iname '*.sh' -o \
- -iname '*.tags*' -o \
- -iname '*.Dockerfile*' -o \
- -iname '*.tm_properties' -o \
- -iname '*.wotanrc.yaml' -o \
- -iname '*tsconfig.json' -o \
- -iname '*yarn.lock' \
- \) \
- -delete
-
- find node_modules -type d \
- \( \
- -iwholename '*.github' -o \
- -iwholename '*.tscache' -o \
- -iwholename '*/man' -o \
- -iwholename '*/test' -o \
- -iwholename '*/scripts' -o \
- -iwholename '*/git-hooks' -o \
- -iwholename '*/linux-arm64' -o \
- -iwholename '*/linux-armvy' -o \
- -iwholename '*/linux-armv7' -o \
- -iwholename '*/win32-ia32' -o \
- -iwholename '*/win32-x64' -o \
- -iwholename '*/darwin-x64' \
- \) \
- -exec rm -rvf {} +
-
- install -m0755 -d "${pkgdir}/usr/share/webapps/${pkgname}"
-
- # install application parts
- cp -a bin public lib locales node_modules "${pkgdir}/usr/share/webapps/${pkgname}"
- install -m0644 app.js -t "${pkgdir}/usr/share/webapps/${pkgname}"
- install -m0644 package.json -t "${pkgdir}/usr/share/webapps/${pkgname}"
-
- # Make public/uploads a symlink to the hedgedoc writable directory.
- # An alternative would be to configure the uploadsPath in config.json.
- rm "${pkgdir}/usr/share/webapps/${pkgname}/public/uploads/.gitkeep"
- rm -d "${pkgdir}/usr/share/webapps/${pkgname}/public/uploads"
- ln -s "/var/lib/${pkgname}/uploads" \
- "${pkgdir}/usr/share/webapps/${pkgname}/public/uploads"
-
-
- # Setup config files in /etc.
- install -m0755 -d "${pkgdir}/etc/webapps/${pkgname}"
- cp config.json.example "${pkgdir}/etc/webapps/${pkgname}/config.json"
- cp .sequelizerc.example "${pkgdir}/etc/webapps/${pkgname}/sequelizerc"
-
- ln -s "/etc/webapps/${pkgname}"/config.json "${pkgdir}/usr/share/webapps/${pkgname}/config.json"
- ln -s "/etc/webapps/${pkgname}"/sequelizerc "${pkgdir}/usr/share/webapps/${pkgname}/.sequelizerc"
-
- # Configure hedgedoc user and some directories writable for that user.
- install -Dm0644 ${srcdir}/sysusers.conf "${pkgdir}/usr/lib/sysusers.d/${pkgname}.conf"
- install -Dm0644 ${srcdir}/tmpfiles.conf "${pkgdir}/usr/lib/tmpfiles.d/${pkgname}.conf"
-
- # Install systemd service file.
- install -Dm0644 -t "${pkgdir}/usr/lib/systemd/system/" "${srcdir}"/hedgedoc.service
-}
Copied: hedgedoc/repos/community-any/PKGBUILD (from rev 924564, hedgedoc/trunk/PKGBUILD)
===================================================================
--- PKGBUILD (rev 0)
+++ PKGBUILD 2021-04-26 21:27:28 UTC (rev 924565)
@@ -0,0 +1,139 @@
+# Maintainer: Jelle van der Waa <jelle at archlinux.org>
+
+pkgname=hedgedoc
+pkgver=1.7.2
+pkgrel=3
+pkgdesc="Platform to write and share markdown"
+arch=('any')
+url='https://github.com/hedgedoc/hedgedoc'
+license=('AGPL3')
+depends=('nodejs' 'npm')
+makedepends=('nodejs' 'sqlite' 'python' 'node-gyp' 'git' 'yarn')
+optdepends=('postgresql: postgresql database support'
+ 'mariadb: mariadb database support'
+ 'sqlite: sqlite database support')
+backup=("etc/webapps/${pkgname}"/{config.json,sequelizerc})
+source=("${pkgname}-${pkgver}.tar.gz::https://github.com/hedgedoc/${pkgname}/archive/${pkgver}.tar.gz"
+ "sysusers.conf"
+ "tmpfiles.conf"
+ "hedgedoc.service"
+ "fix-path-traversal.patch")
+options=(!emptydirs)
+sha1sums=('d9420b702529558bddcbc7686ba8f0ce76e8b3c9'
+ 'dc4220c9d7e21d2b5b5c54462bb681375d1cce62'
+ 'faee704ac2e65e565f7bdcb527c2d0c73c20e682'
+ 'c0a8ea9c6a27a1810c56365609d9b42d8d2ed935'
+ '4bd0cac60dcf67812cc5a232305073ee08bd558f')
+
+prepare() {
+ cd "${pkgname}-${pkgver}"
+ patch -Np1 -i "${srcdir}"/fix-path-traversal.patch
+}
+
+build() {
+ cd "${pkgname}-${pkgver}"
+ # Build steps from Dockerfile
+ yarn install --production=false
+ yarn run build
+ rm -rf node_modules
+ # Production modules
+ yarn install --production=true
+}
+
+package() {
+ cd "${pkgname}-${pkgver}"
+
+ # removing unneeded files and directories
+ find node_modules -type f \
+ \( \
+ -iname '*Makefile*' -o \
+ -iname '*armv*' -o \
+ -iname '*.cache' -o \
+ -iname '*Makefile*' -o \
+ -iname '*appveyor.yml' -o \
+ -iname '*.babelrc' -o \
+ -iname '*.bak' -o \
+ -iname '*bower.json' -o \
+ -iname '*.c' -o \
+ -iname '*.cc' -o \
+ -iname '*.cpp' -o \
+ -iname '*.md' -o \
+ -iname '*.markdown' -o \
+ -iname '*.rst' -o \
+ -iname '*.nycrc' -o \
+ -iname '*.npmignore' -o \
+ -iname '*.editorconfig' -o \
+ -iname '*.el' -o \
+ -iname '*.eslintignore' -o \
+ -iname '*.eslintrc*' -o \
+ -iname '*.fimbullinter.yaml' -o \
+ -iname '*.gitattributes' -o \
+ -iname '*.gitmodules' -o \
+ -iname '*.h' -o \
+ -iname '*.html' -o \
+ -iname '*.jshintrc' -o \
+ -iname '*.jscs.json' -o \
+ -iname '*.log' -o \
+ -iname '*logo.svg' -o \
+ -iname '*.nvmrc' -o \
+ -iname '*.o' -o \
+ -iname '*package-lock.json' -o \
+ -iname '*.travis.yml' -o \
+ -iname '*.prettierrc' -o \
+ -iname '*.sh' -o \
+ -iname '*.tags*' -o \
+ -iname '*.Dockerfile*' -o \
+ -iname '*.tm_properties' -o \
+ -iname '*.wotanrc.yaml' -o \
+ -iname '*tsconfig.json' -o \
+ -iname '*yarn.lock' \
+ \) \
+ -delete
+
+ find node_modules -type d \
+ \( \
+ -iwholename '*.github' -o \
+ -iwholename '*.tscache' -o \
+ -iwholename '*/man' -o \
+ -iwholename '*/test' -o \
+ -iwholename '*/scripts' -o \
+ -iwholename '*/git-hooks' -o \
+ -iwholename '*/linux-arm64' -o \
+ -iwholename '*/linux-armvy' -o \
+ -iwholename '*/linux-armv7' -o \
+ -iwholename '*/win32-ia32' -o \
+ -iwholename '*/win32-x64' -o \
+ -iwholename '*/darwin-x64' \
+ \) \
+ -exec rm -rvf {} +
+
+ install -m0755 -d "${pkgdir}/usr/share/webapps/${pkgname}"
+
+ # install application parts
+ cp -a bin public lib locales node_modules "${pkgdir}/usr/share/webapps/${pkgname}"
+ install -m0644 app.js -t "${pkgdir}/usr/share/webapps/${pkgname}"
+ install -m0644 package.json -t "${pkgdir}/usr/share/webapps/${pkgname}"
+
+ # Make public/uploads a symlink to the hedgedoc writable directory.
+ # An alternative would be to configure the uploadsPath in config.json.
+ rm "${pkgdir}/usr/share/webapps/${pkgname}/public/uploads/.gitkeep"
+ rm -d "${pkgdir}/usr/share/webapps/${pkgname}/public/uploads"
+ ln -s "/var/lib/${pkgname}/uploads" \
+ "${pkgdir}/usr/share/webapps/${pkgname}/public/uploads"
+
+
+ # Setup config files in /etc.
+ install -m0755 -d "${pkgdir}/etc/webapps/${pkgname}"
+ cp config.json.example "${pkgdir}/etc/webapps/${pkgname}/config.json"
+ cp .sequelizerc.example "${pkgdir}/etc/webapps/${pkgname}/sequelizerc"
+
+ ln -s "/etc/webapps/${pkgname}"/config.json "${pkgdir}/usr/share/webapps/${pkgname}/config.json"
+ ln -s "/etc/webapps/${pkgname}"/sequelizerc "${pkgdir}/usr/share/webapps/${pkgname}/.sequelizerc"
+
+ # Configure hedgedoc user and some directories writable for that user.
+ install -Dm0644 ${srcdir}/sysusers.conf "${pkgdir}/usr/lib/sysusers.d/${pkgname}.conf"
+ install -Dm0644 ${srcdir}/tmpfiles.conf "${pkgdir}/usr/lib/tmpfiles.d/${pkgname}.conf"
+
+ # Install systemd service file.
+ install -Dm0644 -t "${pkgdir}/usr/lib/systemd/system/" "${srcdir}"/hedgedoc.service
+}
Copied: hedgedoc/repos/community-any/fix-path-traversal.patch (from rev 924564, hedgedoc/trunk/fix-path-traversal.patch)
===================================================================
--- fix-path-traversal.patch (rev 0)
+++ fix-path-traversal.patch 2021-04-26 21:27:28 UTC (rev 924565)
@@ -0,0 +1,31 @@
+diff --git a/lib/models/note.js b/lib/models/note.js
+index 9fe02359..49b7ce84 100644
+--- a/lib/models/note.js
++++ b/lib/models/note.js
+@@ -96,7 +96,7 @@ module.exports = function (sequelize, DataTypes) {
+ if (!note.alias) {
+ filePath = config.defaultNotePath
+ } else {
+- filePath = path.join(config.docsPath, note.alias + '.md')
++ filePath = path.join(config.docsPath, path.basename(note.alias) + '.md')
+ }
+ if (Note.checkFileExist(filePath)) {
+ var fsCreatedTime = moment(fs.statSync(filePath).ctime)
+@@ -195,7 +195,7 @@ module.exports = function (sequelize, DataTypes) {
+ }
+ }).then(function (note) {
+ if (note) {
+- let filePath = path.join(config.docsPath, noteId + '.md')
++ let filePath = path.join(config.docsPath, path.basename(noteId) + '.md')
+ if (Note.checkFileExist(filePath)) {
+ // if doc in filesystem have newer modified time than last change time
+ // then will update the doc in db
+@@ -237,7 +237,7 @@ module.exports = function (sequelize, DataTypes) {
+ return callback(null, note.id)
+ }
+ } else {
+- var filePath = path.join(config.docsPath, noteId + '.md')
++ var filePath = path.join(config.docsPath, path.basename(noteId) + '.md')
+ if (Note.checkFileExist(filePath)) {
+ Note.create({
+ alias: noteId,
Deleted: hedgedoc.service
===================================================================
--- hedgedoc.service 2021-04-26 21:27:17 UTC (rev 924564)
+++ hedgedoc.service 2021-04-26 21:27:28 UTC (rev 924565)
@@ -1,47 +0,0 @@
-[Unit]
-Description=Hedgedoc real-time collaborative markdown editor
-After=network.target
-
-[Service]
-Type=exec
-
-Environment=NODE_ENV=production
-
-Restart=always
-RestartSec=2s
-
-User=hedgedoc
-Group=hedgedoc
-
-WorkingDirectory=/usr/share/webapps/hedgedoc
-ExecStart=/usr/bin/npm start --production
-
-CapabilityBoundingSet=
-NoNewPrivileges=true
-PrivateDevices=true
-RemoveIPC=true
-LockPersonality=true
-
-ProtectControlGroups=true
-ProtectKernelTunables=true
-ProtectKernelModules=true
-ProtectKernelLogs=true
-ProtectClock=true
-ProtectHostname=true
-ProtectProc=noaccess
-
-RestrictRealtime=true
-RestrictSUIDSGID=true
-RestrictNamespaces=true
-RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
-
-ProtectSystem=strict
-ProtectHome=true
-PrivateTmp=true
-ReadWritePaths=/var/lib/hedgedoc
-
-SystemCallArchitectures=native
-SystemCallFilter=@system-service
-
-[Install]
-WantedBy=multi-user.target
Copied: hedgedoc/repos/community-any/hedgedoc.service (from rev 924564, hedgedoc/trunk/hedgedoc.service)
===================================================================
--- hedgedoc.service (rev 0)
+++ hedgedoc.service 2021-04-26 21:27:28 UTC (rev 924565)
@@ -0,0 +1,47 @@
+[Unit]
+Description=Hedgedoc real-time collaborative markdown editor
+After=network.target
+
+[Service]
+Type=exec
+
+Environment=NODE_ENV=production
+
+Restart=always
+RestartSec=2s
+
+User=hedgedoc
+Group=hedgedoc
+
+WorkingDirectory=/usr/share/webapps/hedgedoc
+ExecStart=/usr/bin/npm start --production
+
+CapabilityBoundingSet=
+NoNewPrivileges=true
+PrivateDevices=true
+RemoveIPC=true
+LockPersonality=true
+
+ProtectControlGroups=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectClock=true
+ProtectHostname=true
+ProtectProc=noaccess
+
+RestrictRealtime=true
+RestrictSUIDSGID=true
+RestrictNamespaces=true
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
+
+ProtectSystem=strict
+ProtectHome=true
+PrivateTmp=true
+ReadWritePaths=/var/lib/hedgedoc
+
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+
+[Install]
+WantedBy=multi-user.target
Deleted: sysusers.conf
===================================================================
--- sysusers.conf 2021-04-26 21:27:17 UTC (rev 924564)
+++ sysusers.conf 2021-04-26 21:27:28 UTC (rev 924565)
@@ -1 +0,0 @@
-u hedgedoc - "Hedgedoc user"
Copied: hedgedoc/repos/community-any/sysusers.conf (from rev 924564, hedgedoc/trunk/sysusers.conf)
===================================================================
--- sysusers.conf (rev 0)
+++ sysusers.conf 2021-04-26 21:27:28 UTC (rev 924565)
@@ -0,0 +1 @@
+u hedgedoc - "Hedgedoc user"
Deleted: tmpfiles.conf
===================================================================
--- tmpfiles.conf 2021-04-26 21:27:17 UTC (rev 924564)
+++ tmpfiles.conf 2021-04-26 21:27:28 UTC (rev 924565)
@@ -1,2 +0,0 @@
-d /var/lib/hedgedoc 0750 hedgedoc hedgedoc -
-d /var/lib/hedgedoc/uploads 0750 hedgedoc hedgedoc -
Copied: hedgedoc/repos/community-any/tmpfiles.conf (from rev 924564, hedgedoc/trunk/tmpfiles.conf)
===================================================================
--- tmpfiles.conf (rev 0)
+++ tmpfiles.conf 2021-04-26 21:27:28 UTC (rev 924565)
@@ -0,0 +1,2 @@
+d /var/lib/hedgedoc 0750 hedgedoc hedgedoc -
+d /var/lib/hedgedoc/uploads 0750 hedgedoc hedgedoc -
More information about the arch-commits
mailing list