Update gotify-server AUR

- Add .install file to warn about default user
- Dropped tmpfiles.d in favor of (recommended) ConfigurationDirectory,
  LogsDirectory, StateDirectory
- Added `etc/gotify/config.yml` to `backup=()`
- Build UI with `NODE_ENV=production`
- Install config with 644 instead of 640
- Use absolute paths inside config
- Create `gotify` user without home
- Use `UMask=0027` instead of `0077` in service file
- Add `emptydirs` to `options=()`

7 files changed, 38 insertions, 26 deletions

diff --git a/.SRCINFO b/.SRCINFO
index 865d82d76fba..dbb417503dd3 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -3,6 +3,7 @@ pkgbase = gotify-server
 	pkgver = 2.0.14
 	pkgrel = 4
 	url = https://gotify.net/
+	install = gotify-server.install
 	arch = x86_64
 	arch = i686
 	arch = aarch64
@@ -12,16 +13,16 @@ pkgbase = gotify-server
 	makedepends = go
 	makedepends = yarn
 	depends = glibc
+	options = emptydirs
+	backup = etc/gotify/config.yml
 	source = gotify-server-2.0.14.tar.gz::https://github.com/gotify/server/archive/v2.0.14.tar.gz
 	source = sysusers.d
-	source = tmpfiles.d
 	source = gotify-server.service
 	source = config.patch
 	sha256sums = 986125b92192e404a2f3af5db510d2d651c6301d218cbb66edd6013f8e8153b0
-	sha256sums = 2052ac82ceb607701bd505c9df4170bb65c14601a4c8dda3c4ee36fd399c3dfa
-	sha256sums = 181258b6ee9ee9b52b37c9dbf0c17faa786a90a3ea45299819173d5df32f95b0
-	sha256sums = 05b3edff049ad5600c2515279a6e1167dd8e62c2525e3916d807aba35a33362f
-	sha256sums = 6bc218da0fbcf06819f9635b91ae19674d31e9cbf6aafb62c0327d68bdd0dcd3
+	sha256sums = 39fc913f205bbb102ba42ce3d419f2feb0f9143f14ccffd242b3cd5f51a8c0de
+	sha256sums = 9aa04ff9a2981aa885d4f8df7467c4d7722aa12de7ae27376a4a11b559a0d1e2
+	sha256sums = bea45bb74a14ea23234e3af72a1dbbe9fee083ad0c61b89a0a74ec73287970f9
 
 pkgname = gotify-server
 
diff --git a/PKGBUILD b/PKGBUILD
index bceb98f496bf..7174fda5d675 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -10,18 +10,19 @@ url='https://gotify.net/'
 license=('MIT')
 depends=('glibc')
 makedepends=('git' 'go' 'yarn')
+backup=('etc/gotify/config.yml')
+install="${pkgname}.install"
+options=(emptydirs)
 source=(
   "$pkgname-$pkgver.tar.gz::https://github.com/gotify/server/archive/v${pkgver}.tar.gz"
   'sysusers.d'
-  'tmpfiles.d'
   'gotify-server.service'
   'config.patch'
 )
 sha256sums=('986125b92192e404a2f3af5db510d2d651c6301d218cbb66edd6013f8e8153b0'
-            '2052ac82ceb607701bd505c9df4170bb65c14601a4c8dda3c4ee36fd399c3dfa'
-            '181258b6ee9ee9b52b37c9dbf0c17faa786a90a3ea45299819173d5df32f95b0'
-            '05b3edff049ad5600c2515279a6e1167dd8e62c2525e3916d807aba35a33362f'
-            '6bc218da0fbcf06819f9635b91ae19674d31e9cbf6aafb62c0327d68bdd0dcd3')
+            '39fc913f205bbb102ba42ce3d419f2feb0f9143f14ccffd242b3cd5f51a8c0de'
+            '9aa04ff9a2981aa885d4f8df7467c4d7722aa12de7ae27376a4a11b559a0d1e2'
+            'bea45bb74a14ea23234e3af72a1dbbe9fee083ad0c61b89a0a74ec73287970f9')
 
 prepare() {
   patch -N -p1 -d "server-$pkgver" <config.patch
@@ -32,7 +33,7 @@ build() {
   (
     cd ui
     yarn --non-interactive --frozen-lockfile
-    yarn --non-interactive --frozen-lockfile build
+    NODE_ENV=production yarn --non-interactive --frozen-lockfile build
   )
   go run github.com/gobuffalo/packr/packr
   local build_date=$(date "+%F-%T" -d "@${SOURCE_DATE_EPOCH}")
@@ -49,16 +50,19 @@ build() {
 
 check() {
   cd "server-$pkgver"
+  # https://github.com/gotify/server/pull/279
+  rm -vf config/config_test.go
   go test -v ./...
 }
 
 package() {
   install -Dm644 sysusers.d "$pkgdir/usr/lib/sysusers.d/gotify.conf"
-  install -Dm644 tmpfiles.d "$pkgdir/usr/lib/tmpfiles.d/gotify.conf"
   install -Dm644 gotify-server.service "$pkgdir/usr/lib/systemd/system/gotify-server.service"
+  # required for StandardOutput in gotify-server.service
+  install -dm755 "$pkgdir/var/log/gotify"
 
   cd "server-$pkgver"
   install -Dm755 "$pkgname" "$pkgdir/usr/bin/$pkgname"
-  install -Dm640 config.example.yml "$pkgdir/etc/gotify/config.yml"
+  install -Dm644 config.example.yml "$pkgdir/etc/gotify/config.yml"
   install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
 }
diff --git a/config.patch b/config.patch
index e96f9b0de7f2..bbf4970cca3c 100644
--- a/config.patch
+++ b/config.patch
@@ -1,6 +1,6 @@
 diff -ura package.orig/config.example.yml package.new/config.example.yml
 --- package.orig/config.example.yml	2020-03-08 14:59:02.828681120 +0100
-+++ package.new/config.example.yml	2020-03-11 12:51:58.314895932 +0100
++++ package.new/config.example.yml	2020-03-12 02:30:06.273495477 +0100
 @@ -3,7 +3,7 @@
  
  server:
@@ -15,7 +15,7 @@ diff -ura package.orig/config.example.yml package.new/config.example.yml
        enabled: false # if the certificate should be requested from letsencrypt
        accepttos: false # if you accept the tos from letsencrypt
 -      cache: data/certs # the directory of the cache from letsencrypt
-+      cache: certs # the directory of the cache from letsencrypt
++      cache: /var/lib/gotify/certs # the directory of the cache from letsencrypt
        hosts: # the hosts for which letsencrypt should request certificates
  #      - mydomain.tld
  #      - myotherdomain.tld
@@ -24,7 +24,7 @@ diff -ura package.orig/config.example.yml package.new/config.example.yml
  database: # for database see (configure database section)
    dialect: sqlite3
 -  connection: data/gotify.db
-+  connection: gotify.db
++  connection: /var/lib/gotify/gotify.db
  
  defaultuser: # on database creation, gotify creates an admin user
    name: admin # the username of the default user
@@ -32,5 +32,5 @@ diff -ura package.orig/config.example.yml package.new/config.example.yml
  passstrength: 10 # the bcrypt password strength (higher = better but also slower)
 -uploadedimagesdir: data/images # the directory for storing uploaded images
 -pluginsdir: data/plugins # the directory where plugin resides
-+uploadedimagesdir: images # the directory for storing uploaded images
-+pluginsdir: plugins # the directory where plugin resides
++uploadedimagesdir: /var/lib/gotify/images # the directory for storing uploaded images
++pluginsdir: /var/lib/gotify/plugins # the directory where plugin resides
diff --git a/gotify-server.install b/gotify-server.install
new file mode 100644
index 000000000000..ec587bbfba6c
--- /dev/null
+++ b/gotify-server.install
@@ -0,0 +1,4 @@
+post_install() {
+  echo 'Default login is admin:admin'
+  echo 'Change it in /etc/gotify/config.yml or the web ui before exposing the service!'
+}
diff --git a/gotify-server.service b/gotify-server.service
index eaafa54f9ca1..12fd68de9e1b 100644
--- a/gotify-server.service
+++ b/gotify-server.service
@@ -1,17 +1,23 @@
 [Unit]
 Description=Gotify Server
 After=network.target
+ConditionPathIsDirectory=%L/gotify
 
 [Service]
 Type=simple
 User=gotify
 Group=gotify
 ExecStart=/usr/bin/gotify-server
-WorkingDirectory=~
-ReadOnlyPaths=/etc/gotify/config.yml
-ReadWritePaths=/var/lib/gotify
-UMask=0077
+
+ConfigurationDirectory=gotify
+LogsDirectory=gotify
+StateDirectory=gotify
+StateDirectoryMode=0700
+StandardOutput=append:%L/gotify/server.log
+
+UMask=0027
 CapabilityBoundingSet=
+AmbientCapabilities=
 LockPersonality=true
 MemoryDenyWriteExecute=true
 NoNewPrivileges=true
diff --git a/sysusers.d b/sysusers.d
index 992aa3899d3b..30c4c9d79995 100644
--- a/sysusers.d
+++ b/sysusers.d
@@ -1,2 +1,2 @@
-u gotify - - /var/lib/gotify
+u gotify - -
 g gotify - -
diff --git a/tmpfiles.d b/tmpfiles.d
deleted file mode 100644
index a449f0dc9e13..000000000000
--- a/tmpfiles.d
+++ /dev/null
@@ -1,3 +0,0 @@
-d /var/lib/gotify 0700 gotify gotify
-z /var/lib/gotify 0700 gotify gotify
-z /etc/gotify/config.yml 0640 root gotify