diff options
author | Sam James <sam@gentoo.org> | 2020-10-07 19:06:20 +0000 |
---|---|---|
committer | Sam James <sam@gentoo.org> | 2020-10-07 19:06:36 +0000 |
commit | df96fef945554f132bbc007be470bc2607e1ed4c (patch) | |
tree | 6382c004138656db423fc337431b834d9320b7eb /www-apps/gitea | |
parent | app-admin/ansible: add py38 (diff) | |
download | gentoo-df96fef945554f132bbc007be470bc2607e1ed4c.tar.gz gentoo-df96fef945554f132bbc007be470bc2607e1ed4c.tar.bz2 gentoo-df96fef945554f132bbc007be470bc2607e1ed4c.zip |
www-apps/gitea: security cleanup
Closes: https://bugs.gentoo.org/740258
Package-Manager: Portage-3.0.4, Repoman-3.0.1
Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'www-apps/gitea')
-rw-r--r-- | www-apps/gitea/Manifest | 1 | ||||
-rw-r--r-- | www-apps/gitea/gitea-1.12.1.ebuild | 126 |
2 files changed, 0 insertions, 127 deletions
diff --git a/www-apps/gitea/Manifest b/www-apps/gitea/Manifest index ae0fdd445d85..ddafc399ab2f 100644 --- a/www-apps/gitea/Manifest +++ b/www-apps/gitea/Manifest @@ -1,2 +1 @@ -DIST gitea-1.12.1.tar.gz 135104234 BLAKE2B 36510e25e8c2cc1c718702a7cd0be74bbf5448beb33a90732599a4830b0899b37dfc9a58e3a8ffdb5037e93f185ba3b09a0ac7b8acd629c46b1982d6aeab1ec1 SHA512 6ba8a703272e611aac4c214cd818490a9615a9ab9b64ec22ec2c6331e865226324896f600218fb3b39cea7b6649456db7ff18e1857ece6964ab5d3c6d99c3aec DIST gitea-1.12.4.tar.gz 135170598 BLAKE2B 5db5bda4b2a9ea94b97e2ea59416cb6a2f95d53cdd9804d4d38686413134b00935b859ab5d14883f0e9238472108b96d66e6c6f77cafb5eb9c505fd945abc97b SHA512 6d28cd1fca4332c12b2b9485775289cd86b450bb9072c6c200b1d7cc4e5ac439f5d5a39cb788228f8712a0e73990ff9f4b326ca1d8fa90bc0691c50925e1a8f1 diff --git a/www-apps/gitea/gitea-1.12.1.ebuild b/www-apps/gitea/gitea-1.12.1.ebuild deleted file mode 100644 index 18b851d0c981..000000000000 --- a/www-apps/gitea/gitea-1.12.1.ebuild +++ /dev/null @@ -1,126 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 -inherit fcaps go-module tmpfiles systemd -MY_PV="${PV/_rc/-rc}" - -DESCRIPTION="A painless self-hosted Git service" -HOMEPAGE="https://gitea.io" - -if [[ ${PV} != 9999* ]] ; then - SRC_URI="https://github.com/go-gitea/gitea/releases/download/v${MY_PV}/gitea-src-${MY_PV}.tar.gz -> ${P}.tar.gz" - KEYWORDS="~amd64 ~arm ~arm64" - S="${WORKDIR}" -else - EGIT_REPO_URI="https://github.com/go-gitea/gitea" - inherit git-r3 - S="${WORKDIR}/${P}" -fi - -LICENSE="Apache-2.0 BSD BSD-2 ISC MIT MPL-2.0" -SLOT="0" -IUSE="+acct build-client pam sqlite" - -BDEPEND="build-client? ( >=net-libs/nodejs-10[npm] )" -COMMON_DEPEND=" - acct? ( - acct-group/git - acct-user/git[gitea] ) - pam? ( sys-libs/pam )" -DEPEND="${COMMON_DEPEND}" -RDEPEND="${COMMON_DEPEND} - dev-vcs/git" - -DOCS=( - custom/conf/app.ini.sample CONTRIBUTING.md README.md -) -FILECAPS=( - cap_net_bind_service+ep usr/bin/gitea -) -PATCHES=( - "${FILESDIR}/1.12-fix-vendoring.patch" -) - -src_prepare() { - default - - local sedcmds=( - -e "s#^RUN_MODE = dev#RUN_MODE = prod#" - -e "s#^ROOT =#ROOT = ${EPREFIX}/var/lib/gitea/gitea-repositories#" - -e "s#^ROOT_PATH =#ROOT_PATH = ${EPREFIX}/var/log/gitea#" - -e "s#^APP_DATA_PATH = data#APP_DATA_PATH = ${EPREFIX}/var/lib/gitea/data#" - -e "s#^HTTP_ADDR = 0.0.0.0#HTTP_ADDR = 127.0.0.1#" - -e "s#^MODE = console#MODE = file#" - -e "s#^LEVEL = Trace#LEVEL = Info#" - -e "s#^LOG_SQL = true#LOG_SQL = false#" - -e "s#^DISABLE_ROUTER_LOG = false#DISABLE_ROUTER_LOG = true#" - -e "s#^APP_ID =#;APP_ID =#" - -e "s#^TRUSTED_FACETS =#;TRUSTED_FACETS =#" - ) - - sed -i "${sedcmds[@]}" custom/conf/app.ini.sample || die - if use sqlite ; then - sed -i -e "s#^DB_TYPE = .*#DB_TYPE = sqlite3#" custom/conf/app.ini.sample || die - fi - - einfo "Remove tests which are known to fail with network-sandbox enabled." - rm ./modules/migrations/github_test.go || die - - einfo "Remove tests which depend on gitea git-repo." - rm ./modules/git/blob_test.go || die - rm ./modules/git/repo_test.go || die - - # Remove already build assets (like frontend part) - use build-client && emake clean-all -} - -src_compile() { - local gitea_tags=( - bindata - $(usev pam) - $(usex sqlite 'sqlite sqlite_unlock_notify' '') - ) - local gitea_settings=( - "-X code.gitea.io/gitea/modules/setting.CustomConf=${EPREFIX}/etc/gitea/app.ini" - "-X code.gitea.io/gitea/modules/setting.CustomPath=${EPREFIX}/var/lib/gitea/custom" - "-X code.gitea.io/gitea/modules/setting.AppWorkPath=${EPREFIX}/var/lib/gitea" - ) - local makeenv=( - TAGS="${gitea_tags[@]}" - LDFLAGS="-extldflags \"${LDFLAGS}\" ${gitea_settings[@]}" - ) - [[ ${PV} != 9999* ]] && makeenv+=("DRONE_TAG=${MY_PV}") - - if use build-client; then - # -j1 as Makefile doesn't handle dependancy correctly, and is not - # useful as golang compiler don't use this info. - env "${makeenv[@]}" emake -j1 build - else - env "${makeenv[@]}" emake backend - fi -} - -src_install() { - dobin gitea - - einstalldocs - - newconfd "${FILESDIR}/gitea.confd-r1" gitea - newinitd "${FILESDIR}/gitea.initd-r3" gitea - newtmpfiles - gitea.conf <<-EOF - d /run/gitea 0755 git git - EOF - systemd_newunit "${FILESDIR}"/gitea.service-r2 gitea.service - - insinto /etc/gitea - newins custom/conf/app.ini.sample app.ini - if use acct ; then - fowners root:git /etc/gitea/{,app.ini} - fperms g+w,o-rwx /etc/gitea/{,app.ini} - - diropts -m0750 -o git -g git - keepdir /var/lib/gitea /var/lib/gitea/custom /var/lib/gitea/data - keepdir /var/log/gitea - fi -} |