--- /dev/null
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+EGO_PN="github.com/DNSCrypt/${PN}"
+
+inherit fcaps go-module systemd
+
+if [[ ${PV} == 9999 ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://${EGO_PN}.git"
+else
+ SRC_URI="https://${EGO_PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
+ KEYWORDS="~amd64 ~arm ~ppc64 ~x86"
+fi
+
+DESCRIPTION="A flexible DNS proxy, with support for encrypted DNS protocols"
+HOMEPAGE="https://github.com/jedisct1/dnscrypt-proxy"
+
+LICENSE="Apache-2.0 BSD ISC MIT MPL-2.0"
+SLOT="0"
+IUSE="pie"
+
+BDEPEND=">=dev-lang/go-1.13"
+
+RDEPEND="
+ acct-group/dnscrypt-proxy
+ acct-user/dnscrypt-proxy
+"
+
+FILECAPS=( cap_net_bind_service+ep usr/bin/dnscrypt-proxy )
+PATCHES=( "${FILESDIR}"/config-full-paths-r11.patch )
+
+src_compile() {
+ pushd "${PN}" >/dev/null || die
+ go build -v -x -mod=readonly -mod=vendor -buildmode="$(usex pie pie default)" || die
+ popd >/dev/null || die
+}
+
+src_install() {
+ pushd "${PN}" >/dev/null || die
+
+ dobin dnscrypt-proxy
+
+ insinto /etc/dnscrypt-proxy
+ newins example-dnscrypt-proxy.toml dnscrypt-proxy.toml
+ doins example-{blacklist.txt,whitelist.txt}
+ doins example-{cloaking-rules.txt,forwarding-rules.txt}
+
+ popd >/dev/null || die
+
+ insinto /usr/share/dnscrypt-proxy
+ doins -r "utils/generate-domains-blacklists/."
+
+ newinitd "${FILESDIR}"/dnscrypt-proxy.initd dnscrypt-proxy
+ newconfd "${FILESDIR}"/dnscrypt-proxy.confd dnscrypt-proxy
+
+ systemd_newunit "${FILESDIR}"/dnscrypt-proxy.service dnscrypt-proxy.service
+ systemd_newunit "${FILESDIR}"/dnscrypt-proxy.socket dnscrypt-proxy.socket
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}"/dnscrypt-proxy.logrotate dnscrypt-proxy
+
+ einstalldocs
+}
+
+pkg_postinst() {
+ fcaps_pkg_postinst
+ go-module_pkg_postinst
+
+ if ! use filecaps; then
+ ewarn "'filecaps' USE flag is disabled"
+ ewarn "${PN} will fail to listen on port 53"
+ ewarn "please do one the following:"
+ ewarn "1) re-enable 'filecaps'"
+ ewarn "2) change port to > 1024"
+ ewarn "3) configure to run ${PN} as root (not recommended)"
+ ewarn
+ fi
+
+ if systemd_is_booted || has_version sys-apps/systemd; then
+ elog "Using systemd socket activation may cause issues with speed"
+ elog "latency and reliability of ${PN} and is discouraged by upstream"
+ elog "Existing installations advised to disable 'dnscrypt-proxy.socket'"
+ elog "It is disabled by default for new installations"
+ elog "check "$(systemd_get_systemunitdir)/${PN}.service" for details"
+ elog
+
+ fi
+
+ elog "After starting the service you will need to update your"
+ elog "/etc/resolv.conf and replace your current set of resolvers"
+ elog "with:"
+ elog
+ elog "nameserver 127.0.0.1"
+ elog
+ elog "Also see https://github.com/DNSCrypt/${PN}/wiki"
+}
--- /dev/null
+--- dnscrypt-proxy-2.0.41/dnscrypt-proxy/example-dnscrypt-proxy.toml
++++ dnscrypt-proxy-2.0.41/dnscrypt-proxy/dnscrypt-proxy.toml
+@@ -142,7 +142,7 @@
+
+ ## log file for the application
+
+-# log_file = 'dnscrypt-proxy.log'
++# log_file = '/var/log/dnscrypt-proxy/dnscrypt-proxy.log'
+
+
+ ## Use the system logger (syslog on Unix, Event Log on Windows)
+@@ -399,7 +399,7 @@
+ ## Path to the query log file (absolute, or relative to the same directory as the config file)
+ ## On non-Windows systems, can be /dev/stdout to log to the standard output (also set log_files_max_size to 0)
+
+- # file = 'query.log'
++ # file = '/var/log/dnscrypt-proxy/query.log'
+
+
+ ## Query log format (currently supported: tsv and ltsv)
+@@ -425,7 +425,7 @@
+
+ ## Path to the query log file (absolute, or relative to the same directory as the config file)
+
+- # file = 'nx.log'
++ # file = '/var/log/dnscrypt-proxy/nx.log'
+
+
+ ## Query log format (currently supported: tsv and ltsv)
+@@ -460,7 +460,7 @@
+
+ ## Optional path to a file logging blocked queries
+
+- # log_file = 'blocked.log'
++ # log_file = '/var/log/dnscrypt-proxy/blocked.log'
+
+
+ ## Optional log format: tsv or ltsv (default: tsv)
+@@ -488,7 +488,7 @@
+
+ ## Optional path to a file logging blocked queries
+
+- # log_file = 'ip-blocked.log'
++ # log_file = '/var/log/dnscrypt-proxy/ip-blocked.log'
+
+
+ ## Optional log format: tsv or ltsv (default: tsv)
+@@ -516,7 +516,7 @@
+
+ ## Optional path to a file logging whitelisted queries
+
+- # log_file = 'whitelisted.log'
++ # log_file = '/var/log/dnscrypt-proxy/whitelisted.log'
+
+
+ ## Optional log format: tsv or ltsv (default: tsv)
+@@ -585,7 +585,7 @@
+
+ [sources.'public-resolvers']
+ urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md']
+- cache_file = 'public-resolvers.md'
++ cache_file = '/var/cache/dnscrypt-proxy/public-resolvers.md'
+ minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
+ prefix = ''
+
+@@ -593,7 +593,7 @@
+
+ [sources.'relays']
+ urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/relays.md', 'https://download.dnscrypt.info/resolvers-list/v2/relays.md']
+- cache_file = 'relays.md'
++ cache_file = '/var/cache/dnscrypt-proxy/parental-control.md'
+ minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
+ refresh_delay = 72
+ prefix = ''
projects / gentoo.git / commitdiff