commit: 6f989d9086b135ce325830ec5bf938708c17b6f8 Author: Nicolas PARLANT <nicolas.parlant <AT> parhuet <DOT> fr> AuthorDate: Sun Oct 5 10:14:55 2025 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Tue Nov 4 11:12:48 2025 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6f989d90
app-crypt/onak: add 0.6.4 Use github tarball which includes debian files (service and logrotate). Provide init scrips for OpenRC and systemd. add onak user/group Useflags reworked : remove dynamic, shared-libs backends is now forced to make all backends enabled available. Thus test and REQUIRED_USE are removed. add daemon to handle the key daemon (was default) add systemd for sd-bus sed-op : use a subdir for log and socket (permissions are easier) make systemd conditional Install all files which can be useful: logrotate, cgi-conf Bugs fixed by upstream in this release. Closes: https://bugs.gentoo.org/945057 Closes: https://bugs.gentoo.org/957412 Signed-off-by: Nicolas PARLANT <nicolas.parlant <AT> parhuet.fr> Part-of: https://github.com/gentoo/gentoo/pull/44065 Signed-off-by: Sam James <sam <AT> gentoo.org> app-crypt/onak/Manifest | 1 + app-crypt/onak/files/onak.init | 38 +++++++++++++ app-crypt/onak/metadata.xml | 1 + app-crypt/onak/onak-0.6.4.ebuild | 120 +++++++++++++++++++++++++++++++++++++++ 4 files changed, 160 insertions(+) diff --git a/app-crypt/onak/Manifest b/app-crypt/onak/Manifest index 6cd663b3120f..233725f873ad 100644 --- a/app-crypt/onak/Manifest +++ b/app-crypt/onak/Manifest @@ -1 +1,2 @@ DIST onak-0.6.3.tar.xz 717040 BLAKE2B bae6c5b6022b42f59d6cf978d5e79df7b8bb71692bc11cfd162563f8afacb07c81505e070a7f6154b409db78449cd3b2182a1232e6ff3dacb4588cd977482f44 SHA512 3952b2ca8dfc32236dc6fc92a35d0d8223ae03be343fef4fcda49875d9d2b6ceb042c1c2cd63c035c467ee2773a103a36c7407c201f23de176e2121559ea1bff +DIST onak-0.6.4.tar.gz 826490 BLAKE2B 1f313a43aa72d6d4e03fc792b9c49c3273698d1d389a4b9feeef528651fd314ccc502ca602758f4ca0dafc7e11980c2ccf9d51a65ee1af02fabde1288f8f0293 SHA512 b8623d014d0f87d6370bf26014c92c9746ebb39a8e4a8fcf33e216703b85b85620eef62cb3bcf95d07985bc81a206c6cc141ef294356fa8afbbb60319f85af5a diff --git a/app-crypt/onak/files/onak.init b/app-crypt/onak/files/onak.init new file mode 100644 index 000000000000..7f2763208f93 --- /dev/null +++ b/app-crypt/onak/files/onak.init @@ -0,0 +1,38 @@ +#!/sbin/openrc-run +# Copyright 2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +: ${ONAK_CONFIG:=/etc/onak.ini} +: ${ONAK_GROUP:=onak} +: ${ONAK_USER:=onak} + +name="onak" +description="Backend caching key daemon for onak OpenPGP keyserver" +command=/usr/sbin/onak-keyd +command_args="-f -c ${ONAK_CONFIG}" +command_user="${ONAK_USER}:${ONAK_GROUP}" +command_background=true +pidfile="/run/onak.pid" + +start_pre() { + if ! grep -q -E '^use_keyd=*(true|yes|1)$' ${ONAK_CONFIG}; then + eerror "You must enable the keyd backend in ${ONAK_CONFIG} with 'use_keyd=true'" + return 1 + fi + # only for socket + checkpath -d -q -o ${ONAK_USER}:${ONAK_GROUP} /var/run/onak +} + +stop() { + ebegin "Stopping ${name}" + /usr/bin/onak-keydctl quit + eend $? "Failed to stop ${name}" +} + +status() { + default_status + if [ $? = 0 ]; then + ebegin "Showing ${name} status" + /usr/bin/onak-keydctl status + fi +} diff --git a/app-crypt/onak/metadata.xml b/app-crypt/onak/metadata.xml index 68c2a2f0f43b..80073b0070c8 100644 --- a/app-crypt/onak/metadata.xml +++ b/app-crypt/onak/metadata.xml @@ -3,6 +3,7 @@ <pkgmetadata> <!-- maintainer-needed --> <use> + <flag name="daemon">Enable the backend caching key daemon</flag> <flag name="dynamic">Support for dynamic loading of backends</flag> <flag name="hkp">Proxying backend support</flag> </use> diff --git a/app-crypt/onak/onak-0.6.4.ebuild b/app-crypt/onak/onak-0.6.4.ebuild new file mode 100644 index 000000000000..e1da8124114e --- /dev/null +++ b/app-crypt/onak/onak-0.6.4.ebuild @@ -0,0 +1,120 @@ +# Copyright 1999-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit cmake eapi9-ver systemd + +DESCRIPTION="onak is an OpenPGP keyserver" +HOMEPAGE=" + https://www.earth.li/projectpurple/progs/onak.html + https://github.com/u1f35c/onak +" +SRC_URI="https://github.com/u1f35c/onak/archive/${P}.tar.gz"; +S="${WORKDIR}/${PN}-${P}" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="+berkdb +daemon hkp postgres systemd" + +RDEPEND=" + acct-group/onak + acct-user/onak + dev-libs/nettle:= + dev-libs/gmp:= + berkdb? ( sys-libs/db:= ) + daemon? ( + systemd? ( sys-apps/systemd:= ) + ) + hkp? ( net-misc/curl ) + postgres? ( dev-db/postgresql:= ) +" +DEPEND="${RDEPEND}" + +DOCS=( + README.md onak.sql +) + +PATCHES=( + "${FILESDIR}/${PN}-0.5.0-musl-strtouq-fix.patch" + "${FILESDIR}/${PN}-0.6.3-cmake.patch" +) + +src_prepare() { + cmake_src_prepare + + # use a subdir to handle permissions + sed -e 's:log/onak.log:log/onak/onak.log:' \ + -i onak.ini.in || die + sed -e "s:/var/log/onak.log:${EPREFIX}/var/log/onak/onak.log:" \ + -i debian/onak.logrotate || die + + if ! use systemd; then + sed -e 's:^pkg_check_modules.*libsystemd:#&:' \ + -i CMakeLists.txt || die + fi +} + +src_configure() { + # The GENTOO_BACKENDS variable is controlled from the ebuild, therefore + # it can be synchronised with users USE preference, unlike the BACKENDS + # which is filled automagically based on detected libraries. + # Initialize backends with default values. + local backends=( file fs keyring stacked ) + use berkdb && backends+=( db4 ) + use daemon && backends+=( keyd ) + use hkp && backends+=( hkp ) + use postgres && backends+=( pg ) + local mycmakeargs=( + -DCMAKE_DISABLE_FIND_PACKAGE_Git="ON" + -DCMAKE_INSTALL_SYSCONFDIR="${EPREFIX}/etc" + # force shared libs backends or only one backend will be available. + -DDBTYPE=dynamic + -DGENTOO_BACKENDS=$(IFS=';'; echo "${backends[*]}") + -DKEYD=$(usex daemon ON OFF) + ) + cmake_src_configure +} + +src_install() { + cmake_src_install + + if use daemon; then + newinitd "${FILESDIR}"/onak.init onak + systemd_dounit debian/onak.service + systemd_dounit debian/onak.socket + fi + + insinto /etc/logrotate.d + newins debian/onak.logrotate onak + + keepdir /var/{lib,log}/${PN} + fowners -R onak:onak /var/{lib,log}/${PN} + + insinto /usr/$(get_libdir)/cgi-bin/pks + doins "${BUILD_DIR}"/cgi/{add,gpgwww,hashquery,lookup} + + docinto examples + dodoc doc/{apache2,mathopd.conf} +} + +pkg_postinst() { + if ver_replacing -lt 0.6.4; then + ewarn "The key daemon is now handled by the useflag 'daemon'." + ewarn "This package provides the init scripts for both OpenRC and systemd." + if use daemon; then + ewarn " " + ewarn "The binaries for the key daemon has been renamed:" + ewarn "keyd -> onak-keyd" + ewarn "keydctl -> onak-keydctl" + ewarn "Consider adapt your scripts!" + fi + if [[ $(get_libdir) != "lib" ]]; then + ewarn " " + ewarn "The binaries for cgi has been moved:" + ewarn "${EPREFIX}/usr/lib/cgi-bin/ -> ${EPREFIX}/usr/$(get_libdir)/cgi-bin/" + ewarn "Consider adapt your scripts!" + fi + fi +}
