This thread contains a patchset. You're looking at the original emails,
but you may wish to use the patch review UI.
Review patch
3
2
[PATCH] testing/tlsrouter: new aport
---
testing/tlsrouter/APKBUILD | 43 +++++++++++++++++++++++++
testing/tlsrouter/tlsrouter.confd | 3 ++
testing/tlsrouter/tlsrouter.initd | 14 ++++++++
testing/tlsrouter/tlsrouter.pre-install | 8 +++++
4 files changed, 68 insertions(+)
create mode 100644 testing/tlsrouter/APKBUILD
create mode 100644 testing/tlsrouter/tlsrouter.confd
create mode 100644 testing/tlsrouter/tlsrouter.initd
create mode 100644 testing/tlsrouter/tlsrouter.pre-install
diff --git a/testing/tlsrouter/APKBUILD b/testing/tlsrouter/APKBUILD
new file mode 100644
index 0000000000..1374ccf5df
--- /dev/null
+++ b/testing/tlsrouter/APKBUILD
@@ -0,0 +1,43 @@
+ # Contributor: Marvin Preuss <marvin@xsteadfastx.org>
+ # Maintainer: Marvin Preuss <marvin@xsteadfastx.org>
+ pkgname=tlsrouter
+ pkgver=0_git20210817
+ pkgrel=0
+ _short_commit=b6bb9b5
+ pkgdesc="tlsouter is a tls proxy that routes connections to backends based on the tls sni"
+ url="https://github.com/inetaf/tcpproxy/tree/master/cmd/tlsrouter"
+ arch="all"
+ license="Apache-2.0"
+ options="!check" # some tests are failing
+ makedepends="go libcap"
+ subpackages="$pkgname-openrc"
+ install="$pkgname.pre-install"
+ source="tlsrouter-$pkgver.tar.gz::https://github.com/inetaf/tcpproxy/tarball/$_short_commit
+ $pkgname.initd
+ $pkgname.confd
+ "
+ builddir="$srcdir/inetaf-tcpproxy-$_short_commit"
+
+ export GOFLAGS="$GOFLAGS -modcacherw"
+ export GO111MODULE=off
+
+ build() {
+ go build ./cmd/tlsrouter
+ }
+
+ package() {
+ install -Dm755 "$srcdir/inetaf-tcpproxy-$_short_commit/$pkgname" "$pkgdir/usr/bin/$pkgname"
+
+ install -Dm755 "$srcdir/$pkgname.initd" \
+ "$pkgdir/etc/init.d/$pkgname"
+
+ install -Dm644 "$srcdir/$pkgname.confd" \
+ "$pkgdir/etc/conf.d/$pkgname"
+
+ setcap cap_net_bind_service=+ep "$pkgdir/usr/bin/$pkgname"
+ }
+ sha512sums="
+ 668dff16cdd7078b2fa1e363743ff642ef5e4bff20a7f320d855b6db8e69fd70b940875251950ec332ada8d1d4eb79649c30729fdf8a501e4fb5d8abc456de10 tlsrouter-0_git20210817.tar.gz
+ 495b26eaba88b57f4e363b7e89e302ba73c89a38f69c3c299ba4dd3531e5a2231c92b90c11d79a0199fbe602059c43ad52ae3d6cdfe532b350a884a90b21983e tlsrouter.initd
+ 7dde09a46fa706fc7ef511c034bd8e1cb58a29d55320cc5fae9fdd6a5dc053948cb28ef76f1f8893edd656a3b99dd222a54f660b12a220011fcb949c1f64874c tlsrouter.confd
+ "
diff --git a/testing/tlsrouter/tlsrouter.confd b/testing/tlsrouter/tlsrouter.confd
new file mode 100644
index 0000000000..3332390b62
--- /dev/null
+++ b/testing/tlsrouter/tlsrouter.confd
@@ -0,0 +1,3 @@
+ # tlsrouter options
+
+ tlsrouter_opts="-conf /etc/tlsrouter/tlsrouter.conf -listen :443"
diff --git a/testing/tlsrouter/tlsrouter.initd b/testing/tlsrouter/tlsrouter.initd
new file mode 100644
index 0000000000..3f2bfa3388
--- /dev/null
+++ b/testing/tlsrouter/tlsrouter.initd
@@ -0,0 +1,14 @@
+ #!/sbin/openrc-run
+
+ supervisor=supervise-daemon
+
+ name=tlsrouter
+ command="/usr/bin/tlsrouter"
+ command_args="$tlsrouter_opts"
+ command_user="tlsrouter"
+ start_stop_daemon_args="--quiet"
+
+ depend() {
+ need net
+ after firewall
+ }
diff --git a/testing/tlsrouter/tlsrouter.pre-install b/testing/tlsrouter/tlsrouter.pre-install
new file mode 100644
index 0000000000..e8bec36487
--- /dev/null
+++ b/testing/tlsrouter/tlsrouter.pre-install
@@ -0,0 +1,8 @@
+ #!/bin/sh
+
+ addgroup -S tlsrouter 2>/dev/null
+ adduser -S -D -h /var/lib/tlsrouter -s /sbin/nologin -G tlsrouter -g tlsrouter tlsrouter 2>/dev/null
+ mkdir -p /etc/tlsrouter 2>/dev/null
+ chown tlsrouter:tlsrouter /etc/tlsrouter 2>/dev/null
+
+ exit 0
--
2.32.0
On Wed, 18 Aug 2021 09:23:26 +0200, Marvin Preuss wrote:
> +pkgrel=0
> +_short_commit=b6bb9b5
> +pkgdesc="tlsouter is a tls proxy that routes connections to backends based on the tls sni"
No need to repeat the project in the description:
```suggestion:-0+0
pkgdesc="tls proxy that routes connections to backends based on tls sni"
```
--
via https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/24349#note_175757
On Wed, 18 Aug 2021 09:23:26 +0200, Marvin Preuss wrote:
> +
> +export GOFLAGS="$GOFLAGS -modcacherw"
> +export GO111MODULE=off
There is no dependency lock file, so each build could pull in different dependencies.
My advise is to run:
```
$ go mod init tlsproxy
$ go mod tidy
```
in the project dir, copy `go.{mod,sum}` file to the startdir, and then in prepare(), copy these files to `$builddir`. Then go will always use the same dependencies.
--
via https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/24349#note_175758