[arch-commits] Commit in pound/repos (5 files)

Antonio Rojas arojas at archlinux.org
Fri Jul 9 18:57:54 UTC 2021


    Date: Friday, July 9, 2021 @ 18:57:54
  Author: arojas
Revision: 976287

archrelease: copy trunk to community-staging-x86_64

Added:
  pound/repos/community-staging-x86_64/
  pound/repos/community-staging-x86_64/PKGBUILD
    (from rev 976286, pound/trunk/PKGBUILD)
  pound/repos/community-staging-x86_64/pound-3.0-runtime_dir.patch
    (from rev 976286, pound/trunk/pound-3.0-runtime_dir.patch)
  pound/repos/community-staging-x86_64/pound.service
    (from rev 976286, pound/trunk/pound.service)
  pound/repos/community-staging-x86_64/pound.yaml
    (from rev 976286, pound/trunk/pound.yaml)

-----------------------------+
 PKGBUILD                    |   70 ++++++++++++++++++
 pound-3.0-runtime_dir.patch |   66 +++++++++++++++++
 pound.service               |   37 +++++++++
 pound.yaml                  |  161 ++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 334 insertions(+)

Copied: pound/repos/community-staging-x86_64/PKGBUILD (from rev 976286, pound/trunk/PKGBUILD)
===================================================================
--- community-staging-x86_64/PKGBUILD	                        (rev 0)
+++ community-staging-x86_64/PKGBUILD	2021-07-09 18:57:54 UTC (rev 976287)
@@ -0,0 +1,70 @@
+# Maintainer: David Runge <dvzrv at archlinux.org>
+# Contributor: Sergej Pupykin <pupykin.s+arch at gmail.com>
+# Contributor: Douglas Soares de Andrade <dsa at aur.archlinux.org>
+# Contributor: Roberto Alsina <ralsina at kde.org>
+
+_name=Pound
+pkgname=pound
+pkgver=3.0
+pkgrel=3
+pkgdesc="A reverse proxy, load balancer, and SSL wrapper"
+arch=('x86_64')
+url="https://www.apsis.ch/pound.html"
+license=('GPL3')
+depends=('gcc-libs' 'glibc' 'libyaml' 'nanomsg' 'pcre')
+makedepends=('cmake' 'gperftools' 'mbedtls' 'uthash')
+backup=("etc/${pkgname}/${pkgname}.yaml")
+source=("http://www.apsis.ch/${pkgname}/${_name}-${pkgver}.tgz"
+        "${_name}-${pkgver}.tgz.asc::http://www.apsis.ch/${pkgname}/${_name}-${pkgver}.asc"
+        "${pkgname}-3.0-runtime_dir.patch"
+        "${pkgname}.service"
+        "${pkgname}.yaml")
+sha512sums=('28426fa2d66efa310fce43fc57b87b6cd9d646573161ab880b139feec856710306002af623f023907bb77f8b37979cf2332dc3e16cde48c6d349d813c6ac47e2'
+            'SKIP'
+            '25db5c13750c2770ae5a91d850f2f00e888474a05b2464c6f03ebe4dc628c86edf8df640daa96e9dcb7240de43537a731671376f20e0dfb599ef5fc2eaf6c053'
+            '887ebace94fb6974b34e096c3f9d85e7e45186f816f8a0b4218ffecf2bf041702bc5d40547ca5883691e1d5f959e28b8ce3aac0f12c877760c0e80d8319f57e9'
+            '329fb0064f9720cc41332894d3e96e098ffd789d13bcb3b35d67dd9f7b4c0667d1b4cf1d93df9427b4e867d5f0b5857be412ae8d34abed5aa3c2774a499b3292')
+b2sums=('8834d2d57c81bf792d803bc2aef7ad5d17243539ea3fddab777ab3dbd7f903a2f771762ee8d4818c63b7c6380c253dc7c7465e10225f884c2bb968af3dfab831'
+        'SKIP'
+        'eba66845b02eff8cea9353f1617f9fcbce040609ea22a1061d98a69c109fed1aaaf6fb338cde1c969153df383def7ae5e3231f281140d32702acfb8c628fa0e4'
+        '886e7218d0098f86edfde32b0d8ccdf47f7a8d6a3417144bbd9279cac14d51065fe72b312844ff6a24be6d16183a3b4a44b0d012c1d08808d07ea96d660ff69f'
+        'a7ebb7714abf8bc7c2c0f627f6fdcc226a293277a98455bd52340536754ef3a5aef75340b8535402c78a9a754f78d4793c1d7b0c15b0b8d393fd3760a6398858')
+validpgpkeys=('8BB562A0F1DB703FB7EB1E95AB72C62A8691DD02') # Robert Segall <roseg at apsis.ch>
+
+prepare() {
+  mv -v "${_name}-${pkgver}" "${pkgname}-${pkgver}"
+  cd "${pkgname}-${pkgver}"
+  # set runtime dir to /run/pound
+  patch -Np1 -i "../${pkgname}-3.0-runtime_dir.patch"
+  # remove vendored uthash so we build with the packaged version
+  rm -v include/ut{hash,array}.h
+}
+
+build() {
+  cd "${pkgname}-${pkgver}"
+  cmake -DCMAKE_INSTALL_PREFIX=/usr \
+        -DCMAKE_BUILD_TYPE='None' \
+        -Wno-dev \
+        -B build \
+        -S .
+  make VERBOSE=1 -C build
+}
+
+package() {
+  depends+=('libmbedtls.so' 'libmbedcrypto.so' 'libmbedx509.so'
+  'libtcmalloc.so')
+
+  cd "${pkgname}-${pkgver}"
+  # cmake setup has no install target :(
+  install -vDm 755 build/"${pkgname}" -t "${pkgdir}/usr/bin/"
+  # configuration
+  install -vDm 644 "../${pkgname}.yaml" -t "${pkgdir}/etc/${pkgname}/"
+  # systemd service
+  install -vDm 644 "../${pkgname}.service" \
+    -t "${pkgdir}/usr/lib/systemd/system/"
+  # man page
+  install -vDm 644 man/${pkgname}.8 -t "${pkgdir}/usr/share/man/man8/"
+  # docs
+  install -vDm 644 README.md \
+    -t "${pkgdir}/usr/share/doc/${pkgname}/"
+}

Copied: pound/repos/community-staging-x86_64/pound-3.0-runtime_dir.patch (from rev 976286, pound/trunk/pound-3.0-runtime_dir.patch)
===================================================================
--- community-staging-x86_64/pound-3.0-runtime_dir.patch	                        (rev 0)
+++ community-staging-x86_64/pound-3.0-runtime_dir.patch	2021-07-09 18:57:54 UTC (rev 976287)
@@ -0,0 +1,66 @@
+diff -ruN a/include/pound.h.in b/include/pound.h.in
+--- a/include/pound.h.in	2020-11-03 11:53:10.000000000 +0100
++++ b/include/pound.h.in	2020-11-06 11:27:38.356394898 +0100
+@@ -103,7 +103,7 @@
+ #include    "hpack.h"
+ 
+ #define F_CONF      "/etc/pound/pound.yaml"
+-#define F_PID       "/var/run/pound.pid"
++#define F_PID       "/run/pound/pound.pid"
+ 
+ #ifndef NI_MAXHOST
+ #define NI_MAXHOST  1025
+@@ -203,4 +203,4 @@
+ extern void *thr_http(void *);
+ 
+ /* http2.c */
+-extern void do_http2(HTTP_LISTENER *, FILE *, char *, char *, int);
+\ No newline at end of file
++extern void do_http2(HTTP_LISTENER *, FILE *, char *, char *, int);
+diff -ruN a/man/pound.8 b/man/pound.8
+--- a/man/pound.8	2020-11-03 11:53:10.000000000 +0100
++++ b/man/pound.8	2020-11-06 11:28:20.249080056 +0100
+@@ -131,7 +131,7 @@
+ will write its own pid into this file. Normally this is used for shell
+ scripts that control starting and stopping of the daemon.
+ Default:
+-.I /var/run/pound.pid
++.I /run/pound/pound.pid
+ .PP
+ One (or more) copies of
+ .B Pound
+@@ -481,7 +481,7 @@
+ .RE
+ .SH FILES
+ .TP
+-\fI/var/run/pound.pid\fR
++\fI/run/pound/pound.pid\fR
+ this is where
+ .B Pound
+ will attempt to record its process id.
+@@ -496,4 +496,4 @@
+ Copyright \(co 2002-2020 Apsis GmbH.
+ .br
+ This is free software; see the source for copying conditions.  There is NO
+-warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+\ No newline at end of file
++warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+diff -ruN a/src/config.c b/src/config.c
+--- a/src/config.c	2020-11-03 11:53:10.000000000 +0100
++++ b/src/config.c	2020-11-06 11:28:00.302721953 +0100
+@@ -612,7 +612,7 @@
+ 
+     memset(&global, '\0', sizeof(global));
+     opterr = 0;
+-    global.pid = "/var/run/pound.pid";
++    global.pid = "/run/pound/pound.pid";
+     global.log_level = 0;
+     while((c_opt = getopt(argc, argv, "f:cvd:p:")) > 0)
+         switch(c_opt) {
+@@ -710,4 +710,4 @@
+     if(o_check)
+         exit(0);
+     return;
+-}
+\ No newline at end of file
++}

Copied: pound/repos/community-staging-x86_64/pound.service (from rev 976286, pound/trunk/pound.service)
===================================================================
--- community-staging-x86_64/pound.service	                        (rev 0)
+++ community-staging-x86_64/pound.service	2021-07-09 18:57:54 UTC (rev 976287)
@@ -0,0 +1,37 @@
+[Unit]
+Description=A reverse proxy, load balancer, and SSL wrapper
+Documentation=man:pound(8)
+After=syslog.target network-online.target systemd-sysusers.service
+Wants=network-online.target
+
+[Service]
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+DeviceAllow=
+DynamicUser=yes
+ExecStart=/usr/bin/pound
+LockPersonality=yes
+MemoryDenyWriteExecute=yes
+PIDFile=/run/pound/pound.pid
+PrivateDevices=yes
+PrivateTmp=true
+ProtectClock=yes
+ProtectControlGroups=yes
+ProtectHome=yes
+ProtectHostname=yes
+ProtectKernelLogs=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+RestrictAddressFamilies=~AF_PACKET AF_NETLINK AF_UNIX
+RestrictNamespaces=yes
+RestrictRealtime=yes
+RuntimeDirectory=pound
+StateDirectory=pound
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+SystemCallFilter=~@resources @privileged
+Type=forking
+UMask=177
+
+[Install]
+WantedBy=multi-user.target

Copied: pound/repos/community-staging-x86_64/pound.yaml (from rev 976286, pound/trunk/pound.yaml)
===================================================================
--- community-staging-x86_64/pound.yaml	                        (rev 0)
+++ community-staging-x86_64/pound.yaml	2021-07-09 18:57:54 UTC (rev 976287)
@@ -0,0 +1,161 @@
+---
+# Pound configuration file. See man 8 pound for further examples.
+#
+# Global Directives
+#
+# Specify the user Pound will run as (must be defined in /etc/passwd).
+# User: "pound"
+
+# Specify the group Pound will run as (must be defined in /etc/group).
+# Group: "pound"
+
+# Specify the directory that Pound will chroot to at runtime. Please note that
+# SSL may require access to /dev/urandom, so make sure you create a device by
+# that name, accessible from the root jail directory. Pound may also require
+# access to /dev/syslog or similar.
+# RootJail: "/"
+
+# Specify a path to an HTML file to be returned in case of a 404 error.
+# Err404: "/path/to/file"
+
+# Specify a path to an HTML file to be returned in case of a 405 error.
+# Err405: "/path/to/file"
+
+# Specify a path to an HTML file to be returned in case of a 500 error.
+# Err500: "/path/to/file"
+
+# Backends
+#
+# A back-end is a definition of a single back-end server Pound will use to
+# reply to incoming requests. Each backend must be marked with an anchor (&).
+Backends:
+  - &default_backend
+    # The address that Pound will connect to. This can be a numeric IP address,
+    # or a symbolic host name that must be resolvable at  run-time. This is a
+    # mandatory parameter.
+    Address: localhost
+
+    # The port number that Pound will connect to. This is a mandatory parameter.
+    Port: 8080
+
+    # How long to wait for a backend (server) to complete and operation.
+    # Default: 15 (seconds).
+    Timeout:
+
+    # How many threads will be used to service requests to this backend. See
+    # also below for remarks on performance tuning. Default: 8 (threads).
+    Threads:
+
+    # A header to add to each reply received from this backend. The header is a
+    # string.
+    # HeadAdd:
+
+# HTTPListeners
+#
+# An HTTP listener defines an address and port that Pound will listen on for
+# HTTP requests.
+HTTPListeners:
+  -
+    # The  address  that Pound will listen on. This can be a numeric IP address,
+    # or a symbolic host name that must be resolvable at run-time. This is a
+    # mandatory parameter. The address 0.0.0.0 may be used as an alias for 'all
+    # available addresses on this machine', but this practice is strongly
+    # discouraged.
+    Address: localhost
+
+    # The port number that Pound will listen on.  This is a mandatory parameter.
+    Port: 80
+
+    # Define how long Pound will wait for client activity. Default: 5 (seconds).
+    Client:
+
+    # Define how many threads Pound will use to service client requests.
+    # Default: 8 (threads).
+    Threads:
+
+    # This defines a service. This service will be used only by this listener.
+    Services:
+
+      -
+        # The service will only be used if the request URL matches the given
+        # pattern.
+        URL:
+
+        # Use the service only if any of the request headers matches the given
+        # pattern.
+        HeadRequire:
+
+        # Use the service only if none of the request headers matches the given
+        # pattern.
+        HeadDeny:
+
+        # How long to keep the client sessions (in seconds). Sessions are a
+        # long term association between a client IP address and a specific
+        # backend in this service. A value of 0 seconds means no sessions are
+        # kept. Default: 0.
+        Session:
+
+        # A list of references to previously defined backends.
+        BackEnds:
+          - *default_backend
+
+# HTTPSListeners
+#
+# An HTTP listener defines an address and port that Pound will listen on for
+# HTTP requests.
+HTTPSListeners:
+  # -
+    # The  address  that Pound will listen on. This can be a numeric IP address,
+    # or a symbolic host name that must be resolvable at run-time. This is a
+    # mandatory parameter. The address 0.0.0.0 may be used as an alias for 'all
+    # available addresses on this machine', but this practice is strongly
+    # discouraged.
+    # Address: localhost
+
+    # The port number that Pound will listen on.  This is a mandatory parameter.
+    # Port: 443
+
+    # Define how long Pound will wait for client activity. Default: 5 (seconds).
+    # Client:
+
+    # Define how many threads Pound will use to service client requests.
+    # Default: 8 (threads).
+    # Threads:
+
+    # A file name or a list of file names. Each file must contain a certificate,
+    # optionally additional chained certificates up to a known  certificate
+    # authority,  and  the private key corresponding to the certificate.
+    # Note: the private key should probably not be password-protected, as Pound
+    # normally starts as a daemon and cannot ask for the password at start-up
+    # time.
+    # Certificates:
+
+    # A list of acceptable cipher names for this listener. The negotiation with
+    # the client will result in one of these ciphers being used, or the
+    # hand-shake will fail.
+    # Ciphers:
+
+    # This defines a service. This service will be used only by this listener.
+    # Services:
+      # -
+        # The service will only be used if the request URL matches the given
+        # pattern.
+        # URL:
+
+        # Use the service only if any of the request headers matches the given
+        # pattern.
+        # HeadRequire:
+
+        # Use the service only if none of the request headers matches the given
+        # pattern.
+        # HeadDeny:
+
+        # How long to keep the client sessions (in seconds). Sessions are a
+        # long term association between a client IP address and a specific
+        # backend in this service. A value of 0 seconds means no sessions are
+        # kept. Default: 0.
+        # Session:
+
+        # A list of references to previously defined backends.
+        # BackEnds:
+          # - *default_backend




More information about the arch-commits mailing list