Configures the service to run as a non-root user with the supervisor
daemon pre-configured for daemon mode.
---
main/bitlbee/APKBUILD | 22 +++-
main/bitlbee/bitlbee.conf | 180 +++++++++++++++++++++++++++++++
main/bitlbee/bitlbee.confd | 11 +-
main/bitlbee/bitlbee.initd | 32 ++----
main/bitlbee/bitlbee.pre-install | 4 +
5 files changed, 214 insertions(+), 35 deletions(-)
create mode 100644 main/bitlbee/bitlbee.conf
create mode 100644 main/bitlbee/bitlbee.pre-install
diff --git a/main/bitlbee/APKBUILD b/main/bitlbee/APKBUILD
index 7daf428e07..3d68b707e4 100644
--- a/main/bitlbee/APKBUILD
+++ b/main/bitlbee/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Sheila Aman <sheila@vulpine.house>
pkgname=bitlbee
pkgver=3.6
-pkgrel=2
+pkgrel=3
pkgdesc="An IRC to other chat networks gateway"
url="https://www.bitlbee.org/"
arch="all"
@@ -10,9 +10,13 @@ options="!check" # no test suite
license="GPL-2.0-or-later"
makedepends="python3 glib-dev gnutls-dev libotr-dev"
subpackages="$pkgname-dev $pkgname-doc $pkgname-otr $pkgname-openrc"
+install="$pkgname.pre-install"
+pkgusers="bitlbee"
+pkggroups="bitlbee"
source="http://get.bitlbee.org/src/bitlbee-$pkgver.tar.gz
$pkgname.initd
$pkgname.confd
+ bitlbee.conf
"
build() {
@@ -29,13 +33,18 @@ build() {
package() {
make DESTDIR="$pkgdir" install install-etc install-dev
+ mv "$pkgdir"/usr/sbin "$pkgdir"/usr/bin
install -m755 -D "$srcdir"/$pkgname.initd \
"$pkgdir"/etc/init.d/$pkgname
install -m644 -D "$srcdir"/$pkgname.confd \
"$pkgdir"/etc/conf.d/$pkgname
+
mkdir -p "$pkgdir"/var/lib/bitlbee
- chown nobody:nobody "$pkgdir"/var/lib/bitlbee
+ chown bitlbee:bitlbee "$pkgdir"/var/lib/bitlbee
+
+ install -m644 -D "$srcdir"/bitlbee.conf \
+ "$pkgdir"/etc/bitlbee/bitlbee.conf
}
otr() {
@@ -43,6 +52,9 @@ otr() {
mv "$pkgdir"/usr/lib/bitlbee "$subpkgdir"/usr/lib
}
-sha512sums="ccbf0f23e228de2de147241f36f59744b2256cba958e2fabfba0cfa60935e55bbb7d7e20fffa54da9a345e55ffa9ca82cb62e9b99dc738ba35c6e268c6561a8d bitlbee-3.6.tar.gz
-300c3445b9be6dac41bbd6d3a3ef5b871668743d4ea68dd779962d7af941cdaac61cb7c61e7ab2610bffac6dd9accc7ef9590593aef45e6930e2f49abaf9bf40 bitlbee.initd
-d86e85eecafe080d331034cfc0b1f38d8e5582772d1e1d7175d14b396e1ce3dfd1b94e8ee97ef54b85181b3eacf39bacd378a1da5014515ed909554708907991 bitlbee.confd"
+sha512sums="
+ccbf0f23e228de2de147241f36f59744b2256cba958e2fabfba0cfa60935e55bbb7d7e20fffa54da9a345e55ffa9ca82cb62e9b99dc738ba35c6e268c6561a8d bitlbee-3.6.tar.gz
+5d79b8c827eba2c11c0d2135ee94c01322afcd841fb47456311322d5fc7a7d671cac7b9eee0adee7f3f10612a4ebb9ebfc8600a428a1e0c54034f730310f92c1 bitlbee.initd
+0253a7758588b276217d74ed43f7772906a1d5e6a58ffe532b8495ab5509e88ea32f77887b9a23e1da5ceeeecaff83e5ef8d6a08e9041a049f4f78f4379fd053 bitlbee.confd
+325d5d37dddaaa651de5615038cf73422b6f81e590df4bb2917aa2bc470247ad6334f43f309e667f063e6c73d3f71e1132bf61552ec84c26f5bd5369cf01ebc1 bitlbee.conf
+"
diff --git a/main/bitlbee/bitlbee.conf b/main/bitlbee/bitlbee.conf
new file mode 100644
index 0000000000..da93519167
--- /dev/null
+++ b/main/bitlbee/bitlbee.conf
@@ -0,0 +1,180 @@
+## BitlBee default configuration file
+##
+## Comments are marked like this. The rest of the file is INI-style. The
+## comments should tell you enough about what all settings mean.
+##
+
+[settings]
+
+## RunMode:
+##
+## Inetd -- Run from inetd (default)
+## Daemon -- Run as a stand-alone daemon, serving all users from one process.
+## This saves memory if there are more users, the downside is that when one
+## user hits a crash-bug, all other users will also lose their connection.
+## ForkDaemon -- Run as a stand-alone daemon, but keep all clients in separate
+## child processes. This should be pretty safe and reliable to use instead
+## of inetd mode.
+##
+RunMode = Daemon
+
+## User:
+##
+## If BitlBee is started by root as a daemon, it can drop root privileges,
+## and change to the specified user.
+##
+# User = bitlbee
+
+## DaemonPort/DaemonInterface:
+##
+## For daemon mode, you can specify on what interface and port the daemon
+## should be listening for connections.
+##
+DaemonInterface = 127.0.0.1
+DaemonPort = 6667
+
+## ClientInterface:
+##
+## If for any reason, you want BitlBee to use a specific address/interface
+## for outgoing traffic (IM connections, HTTP(S), etc.), set it here.
+##
+# ClientInterface = 0.0.0.0
+
+## AuthMode
+##
+## Open -- Accept connections from anyone, use NickServ for user authentication.
+## (default)
+## Closed -- Require authorization (using the PASS command during login) before
+## allowing the user to connect at all.
+## Registered -- Only allow registered users to use this server; this disables
+## the register- and the account command until the user identifies itself.
+##
+# AuthMode = Open
+
+## AuthBackend
+##
+## By default, the authentication data for a user is stored in the storage
+## backend. If you want to authenticate against another authentication system
+## (e.g. ldap), you can specify that here.
+##
+## Beware that this disables password changes and causes passwords for the
+## accounts people create to be stored in plain text instead of encrypted with
+## their bitlbee password.
+##
+## Currently available backends:
+##
+## - storage (internal storage)
+## - pam (Linux PAM authentication)
+## - ldap (LDAP server configured in the openldap settings)
+#
+# AuthBackend = storage
+#
+
+## AuthPassword
+##
+## Password the user should enter when logging into a closed BitlBee server.
+## You can also have a BitlBee-style MD5 hash here. Format: "md5:", followed
+## by a hash as generated by "bitlbee -x hash <password>".
+##
+# AuthPassword = ItllBeBitlBee ## Heh.. Our slogan. ;-)
+## or
+# AuthPassword = md5:gzkK0Ox/1xh+1XTsQjXxBJ571Vgl
+
+## OperPassword
+##
+## Password that unlocks access to special operator commands.
+##
+# OperPassword = ChangeMe!
+## or
+# OperPassword = md5:I0mnZbn1t4R731zzRdDN2/pK7lRX
+
+## AllowAccountAdd
+##
+## Whether to allow registered and identified users to add new accounts using
+## 'account add'
+##
+# AllowAccountAdd 1
+
+## HostName
+##
+## Normally, BitlBee gets a hostname using getsockname(). If you have a nicer
+## alias for your BitlBee daemon, you can set it here and BitlBee will identify
+## itself with that name instead.
+##
+# HostName = localhost
+
+## MotdFile
+##
+## Specify an alternative MOTD (Message Of The Day) file. Default value depends
+## on the --etcdir argument to configure.
+##
+# MotdFile = /etc/bitlbee/motd.txt
+
+## ConfigDir
+##
+## Specify an alternative directory to store all the per-user configuration
+## files. (.nicks/.accounts)
+##
+# ConfigDir = /var/lib/bitlbee
+
+## Ping settings
+##
+## BitlBee can send PING requests to the client to check whether it's still
+## alive. This is not very useful on local servers, but it does make sense
+## when most clients connect to the server over a real network interface.
+## (Public servers) Pinging the client will make sure lost clients are
+## detected and cleaned up sooner.
+##
+## PING requests are sent every PingInterval seconds. If no PONG reply has
+## been received for PingTimeOut seconds, BitlBee aborts the connection.
+##
+## To disable the pinging, set at least one of these to 0.
+##
+# PingInterval = 180
+# PingTimeOut = 300
+
+## Using proxy servers for outgoing connections
+##
+## If you're running BitlBee on a host which is behind a restrictive firewall
+## and a proxy server, you can tell BitlBee to use that proxy server here.
+## The setting has to be a URL, formatted like one of these examples:
+##
+## (Obviously, the username and password are optional)
+##
+# Proxy = http://john:doe@proxy.localnet.com:8080
+# Proxy = socks4://socksproxy.localnet.com
+# Proxy = socks5://socksproxy.localnet.com
+
+## Protocols offered by bitlbee
+##
+## As recompiling may be quite unpractical for some people, this option
+## allows to remove the support of protocol, even if compiled in. If
+## nothing is given, there are no restrictions.
+##
+# Protocols = jabber yahoo
+
+## Trusted CAs
+##
+## Path to a file containing a list of trusted certificate authorities used in
+## the verification of server certificates.
+##
+## Uncomment this and make sure the file actually exists and contains all
+## certificate authorities you're willing to accept (default value should
+## work on at least Debian/Ubuntu systems with the "ca-certificates" package
+## installed). As long as the line is commented out, SSL certificate
+## verification is completely disabled.
+##
+## The location of this file may be different on other distros/OSes. For
+## example, try /etc/ssl/ca-bundle.pem on OpenSUSE.
+##
+# CAfile = /etc/ssl/certs/ca-certificates.crt
+
+[defaults]
+
+## Here you can override the defaults for some per-user settings. Users are
+## still able to override your defaults, so this is not a way to restrict
+## your users...
+
+## To enable private mode by default, for example:
+
+## private = 1
diff --git a/main/bitlbee/bitlbee.confd b/main/bitlbee/bitlbee.confd
index 99f308cd97..bba4f213ad 100644
--- a/main/bitlbee/bitlbee.confd
+++ b/main/bitlbee/bitlbee.confd
@@ -1,9 +1,2 @@
-# Sample conf.d file for alpine linux
-
-#
-# Specify daemon options here.
-#
-
-PORT="6667"
-OPTS="-F"
-
+# To override the default user:
+# bitlbee_user=bitlbee
diff --git a/main/bitlbee/bitlbee.initd b/main/bitlbee/bitlbee.initd
index 79a439393d..a620c4b61d 100644
--- a/main/bitlbee/bitlbee.initd
+++ b/main/bitlbee/bitlbee.initd
@@ -1,29 +1,19 @@
#!/sbin/openrc-run
-
-name=bitlbee
-daemon=/usr/sbin/$name
-
-. /etc/conf.d/$name
+name="bitlbee"
+description="bitlbee irc service"
+supervisor=supervise-daemon
+BITLBEE_USER=${BITLBEE_USER:-bitlbee}
+LOGS=/var/log/bitlbee.log
+supervise_daemon_args="-1 $LOGS -2 $LOGS"
+command="/usr/bin/bitlbee"
+command_args="-n"
+command_user="$BITLBEE_USER:$BITLBEE_USER"
depend() {
need net
after firewall
}
-start() {
- ebegin "Starting ${name}"
- start-stop-daemon --start --quiet \
- --pidfile /var/run/${name}.pid \
- --user nobody:nobody \
- --exec ${daemon} -- ${PORT} ${OPTS}
- eend $?
+start_pre() {
+ checkpath -f "$LOGS" -m 644 -o "$BITLBEE_USER:$BITLBEE_USER"
}
-
-stop() {
- ebegin "Stopping ${name}"
- start-stop-daemon --stop --signal 9 --quiet \
- --pidfile /var/run/$name.pid \
- --exec ${daemon}
- eend $?
-}
-
diff --git a/main/bitlbee/bitlbee.pre-install b/main/bitlbee/bitlbee.pre-install
new file mode 100644
index 0000000000..1ef3e01690
--- /dev/null
+++ b/main/bitlbee/bitlbee.pre-install
@@ -0,0 +1,4 @@
+#!/bin/sh
+grep '^bitlbee:' /etc/group >/dev/null || addgroup -S bitlbee 2>/dev/null
+grep '^bitlbee:' /etc/passwd >/dev/null || adduser -SDh/var/lib/bitlbee \
+ -s/sbin/nologin -Gbitlbee -gbitlbee bitlbee bitlbee 2>/dev/null
--
2.35.1
I see no reason for this to be in main.
---
{main => community}/bitlbee/APKBUILD | 0
{main => community}/bitlbee/bitlbee.conf | 0
{main => community}/bitlbee/bitlbee.confd | 0
{main => community}/bitlbee/bitlbee.initd | 0
{main => community}/bitlbee/bitlbee.pre-install | 0
5 files changed, 0 insertions(+), 0 deletions(-)
rename {main => community}/bitlbee/APKBUILD (100%)
rename {main => community}/bitlbee/bitlbee.conf (100%)
rename {main => community}/bitlbee/bitlbee.confd (100%)
rename {main => community}/bitlbee/bitlbee.initd (100%)
rename {main => community}/bitlbee/bitlbee.pre-install (100%)
diff --git a/main/bitlbee/APKBUILD b/community/bitlbee/APKBUILD
similarity index 100%
rename from main/bitlbee/APKBUILD
rename to community/bitlbee/APKBUILD
diff --git a/main/bitlbee/bitlbee.conf b/community/bitlbee/bitlbee.conf
similarity index 100%
rename from main/bitlbee/bitlbee.conf
rename to community/bitlbee/bitlbee.conf
diff --git a/main/bitlbee/bitlbee.confd b/community/bitlbee/bitlbee.confd
similarity index 100%
rename from main/bitlbee/bitlbee.confd
rename to community/bitlbee/bitlbee.confd
diff --git a/main/bitlbee/bitlbee.initd b/community/bitlbee/bitlbee.initd
similarity index 100%
rename from main/bitlbee/bitlbee.initd
rename to community/bitlbee/bitlbee.initd
diff --git a/main/bitlbee/bitlbee.pre-install b/community/bitlbee/bitlbee.pre-install
similarity index 100%
rename from main/bitlbee/bitlbee.pre-install
rename to community/bitlbee/bitlbee.pre-install
--
2.35.1