init

2025-02-23 23:32:54 +00:00 · 2022-01-30 23:46:57 +03:00 · 2022-01-30 23:46:57 +03:00 · c4ce26fa3b
commit c4ce26fa3b
4 changed files with 176 additions and 0 deletions
--- a/.abf.yml
+++ b/.abf.yml
@ -0,0 +1,3 @@
 sources:
  nebula-1.5.2-go-mod-vendor.tar.xz: fc1cec199e2577d6f5821fc9553c432fd08dc058
  nebula-1.5.2.tar.gz: a2727138de278015847998ff7f2a70d841131ebf
--- a/0001-HACK-Do-not-require-Windows-specific-modules.patch
+++ b/0001-HACK-Do-not-require-Windows-specific-modules.patch
@ -0,0 +1,41 @@
 From ff4922007e72abafd6f76f775548b2e5fca85a44 Mon Sep 17 00:00:00 2001
 From: Mikhail Novosyolov <mikhailnov@dumalogiya.ru>
 Date: Sun, 30 Jan 2022 22:03:55 +0300
 Subject: [PATCH] HACK: Do not require Windows-specific modules
 `go mod vendor` fails to work with them for some reasons,
 just drop them from code that we will not build on Linux.
 ---
 overlay/tun_wintun_windows.go | 1 -
 wintun/tun.go                 | 3 ---
 2 files changed, 4 deletions(-)
 diff --git a/overlay/tun_wintun_windows.go b/overlay/tun_wintun_windows.go
 index f90ea8a..306f4cd 100644
 --- a/overlay/tun_wintun_windows.go
 +++ b/overlay/tun_wintun_windows.go
@@ -12,7 +12,6 @@ import (
 	"github.com/slackhq/nebula/iputil"
 	"github.com/slackhq/nebula/wintun"
 	"golang.org/x/sys/windows"
 -	"golang.zx2c4.com/wireguard/windows/tunnel/winipcfg"
 )
 const tunGUIDLabel = "Fixed Nebula Windows GUID v1"
 diff --git a/wintun/tun.go b/wintun/tun.go
 index a2dfe5e..94077fe 100644
 --- a/wintun/tun.go
 +++ b/wintun/tun.go
@@ -20,9 +20,6 @@ import (
 	"time"
 	_ "unsafe"
 -	"golang.org/x/sys/windows"
 -
 -	"golang.zx2c4.com/wintun"
 )
 const (
 -- 
 2.31.1
--- a/nebula.spec
+++ b/nebula.spec
@ -0,0 +1,77 @@
 # use bundled golang modules (from Source1)
 %global gomodulesmode GO111MODULE=on
 %global goipath github.com/slackhq/nebula
 # Package source code as a devel package.
 # Turn on if using not bundled go modules.
 # Offed for now because it automatically requires not packaged golang modules.
 %bcond_with devel
 Summary:	A p2p mesh VPN solution
 Name:		nebula
 Version:	1.5.2
 Release:	1
 License:	MIT
 Group:		Networking/Other
 Url:		https://www.defined.net/nebula/
 Source0:	https://github.com/slackhq/nebula/archive/refs/tags/v%{version}.tar.gz?/%{name}-%{version}.tar.gz
 # go mod vendor, created with ./upd.sh
 Source1:	nebula-%{version}-go-mod-vendor.tar.xz
 Source2:	upd.sh
 Patch0001:	0001-HACK-Do-not-require-Windows-specific-modules.patch
 BuildRequires:	golang
 %gometa
 %description
 Nebula is a scalable overlay networking tool with a focus on performance,
 simplicity and security, which allows to make p2p VPN mesh networks.
 %files
 %license LICENSE
 %doc README.md CHANGELOG.md AUTHORS
 # The default config is documented via comments, it may be useful for reference
 %doc examples/config.yml
 %{_sbindir}/nebula
 %{_sbindir}/nebula-cert
 %{_unitdir}/nebula.service
 %dir %attr(0700,-,-) /etc/nebula
 %config(noreplace) /etc/nebula/config.yml
 %post
 %systemd_post nebula.service
 %preun
 %systemd_preun nebula.service
 #------------------------------------------------------------------
 %if %{with devel}
 %gopkg
 %gopkgfiles
 %endif
 #------------------------------------------------------------------
 %prep
 %goprep
 %autopatch -p1
 %build
 ( cd .. && tar -xf %{SOURCE1} )
 %gobuild -o %{gobuilddir}/sbin/nebula %{goipath}/cmd/nebula
 %gobuild -o %{gobuilddir}/sbin/nebula-cert %{goipath}/cmd/nebula-cert
 %install
 mkdir -p %{buildroot}%{_sbindir}
 install -m0755 %{gobuilddir}/sbin/* %{buildroot}%{_sbindir}
 mkdir -p %{buildroot}%{_unitdir}
 cat examples/service_scripts/nebula.service | sed -e 's,/usr/local/bin/,%{_sbindir}/,g' > %{buildroot}%{_unitdir}/nebula.service
 # this directory may store private keys
 mkdir -p -m0700 %{buildroot}/etc/nebula
 # it's ok for the config to be world-readable
 install -m0644 examples/config.yml %{buildroot}/etc/nebula/config.yml
 %if %{with devel}
 %gopkginstall
 %endif
--- a/upd.sh
+++ b/upd.sh
@ -0,0 +1,55 @@
 #!/usr/bin/env bash
 # Script to partly automate updating this package
 # Based on upd.sh from abf.io/import/zabbix5.0
 # sudo dnf install /usr/bin/rpmbuild /usr/bin/spectool /usr/bin/rpmspec /usr/bin/git /usr/bin/curl /usr/bin/abf /usr/bin/jq /usr/bin/sed /usr/bin/tar /usr/bin/xz
 set -x
 set -e
 set -f
 set -u
 spec="$PWD"/nebula.spec
 dir0="$PWD"
 old_version="$(rpmspec -q --srpm --qf '%{version}' "$spec")"
 latest_version="$(curl --silent "https://api.github.com/repos/slackhq/nebula/releases/latest" | jq '.tag_name' | sed -e 's,",,g' -e 's,^v,,')"
 [ -n "$latest_version" ]
 if [ "$old_version" = "$latest_version" ]; then
 	echo "No updates"
 	exit 0
 fi
 sed -E -i'' "$spec" \
 	-e "s,^Version:.+,Version:\t${latest_version}," \
 	-e "s,^Release:.+,Release:\t1," \
 	--
 source0="$(rpmspec --parse "$spec" | grep -i ^Source0: | awk -F '/' '{print $NF}')" 
 spectool --get-files --source 0 "$spec"
 [ -f "$source0" ]
 patches_ok=0
 tmp="$(mktemp --tmpdir=/tmp -d)"
 trap 'if [ "$patches_ok" = 1 ]; then rm -fr "$tmp"; fi' EXIT
 pushd "$tmp"
 	tar -xf "$dir0"/"$source0"
 	pushd nebula-"$latest_version"
 		patch -p1 < "$dir0"/0001-HACK-Do-not-require-Windows-specific-modules.patch
 		go mod vendor
 	popd
 	XZ_OPT="-T0 -v" tar cJf nebula-"$latest_version"-go-mod-vendor.tar.xz nebula-"$latest_version"/vendor
 	mv nebula-"$latest_version"-go-mod-vendor.tar.xz "$dir0"
 popd
 rm -f .abf.yml
 abf put -n
 # check appliability of patches
 rpmbuild --define "_sourcedir $PWD" --define "_builddir $tmp" -bp "$spec" && patches_ok=1
 PAGER='' git diff
 # can be copypasted for a commit message
 echo "upd: $old_version -> $latest_version"
 if [ "$patches_ok" = 0 ]; then
 	echo "PATCHES require attention!"
 fi