diff options
author | Jean Lucas | 2019-04-07 22:20:35 -0400 |
---|---|---|
committer | Jean Lucas | 2019-04-08 00:00:08 -0400 |
commit | ef14df12f3a15290749f15f50f21e4ed966ed3cb (patch) | |
tree | 4b7abe40214ae0c498a93d41bd1c418eda4fa46d | |
parent | da587ff84c1a620c1fe7dbf5c34a9ec2a63651a5 (diff) | |
download | aur-ef14df12f3a15290749f15f50f21e4ed966ed3cb.tar.gz |
Overhaul, use systemd-{sysusers,tmpfiles}
Move settings file to /etc/searx.conf and make it only readable by the
searx user.
-rw-r--r-- | .SRCINFO | 16 | ||||
-rw-r--r-- | PKGBUILD | 50 | ||||
-rw-r--r-- | searx.install | 13 | ||||
-rw-r--r-- | searx.service | 2 | ||||
-rw-r--r-- | searx.sysusers.d | 1 | ||||
-rw-r--r-- | searx.tmpfiles.d | 1 |
6 files changed, 48 insertions, 35 deletions
@@ -1,8 +1,8 @@ # Generated by mksrcinfo v8 -# Sat Aug 11 05:06:31 UTC 2018 +# Mon Apr 8 03:58:08 UTC 2019 pkgbase = searx-git pkgdesc = Privacy-respecting metasearch engine (git) - pkgver = 0.14.0+84+geea2e8e5 + pkgver = 0.15.0+47+ga80a2d05 pkgrel = 1 url = https://asciimoo.github.io/searx/ install = searx.install @@ -21,15 +21,21 @@ pkgbase = searx-git depends = python2-yaml depends = python2-requests depends = python2-pysocks + optdepends = filtron: Filtering reverse-HTTP proxy + optdepends = filtron-git: Filtering reverse-HTTP proxy (git) optdepends = morty: Privacy-aware web content sanitizer proxy-as-a-service - optdepends = morty-git: Privacy-aware web content sanitizer proxy-as-a-service (Git) + optdepends = morty-git: Privacy-aware web content sanitizer proxy-as-a-service (git) provides = searx conflicts = searx - backup = etc/searx/settings.yml + backup = etc/searx.conf source = git+https://github.com/asciimoo/searx source = searx.service + source = searx.sysusers.d + source = searx.tmpfiles.d sha512sums = SKIP - sha512sums = 6bcc5854ebbe8a50f9929714d6d00f2b273b9c7dda16289868727edf2cf7f6c42b5de5d696efdc725b255f31f5d94867c05e94f7563adf587bc0a750212562ad + sha512sums = cc58068e502b088c61016a5cd25db248f5fae146f18e00253f3aa0ccd666189ef3a407e00bf9181c23e643e68df7e4f9eec295bf680c982052978c2786325d0a + sha512sums = 39b765ade096778ad945725e0ca5c0919e4baff4e7a466e0d093e68d1a92c563a5437caed01e44accf04ac51450007e659435d32a84e818df213de3f9e546793 + sha512sums = 40d749415d0db1033d779eda0c0543f2713896d442fea111d46996c216ccbcfabe42660c37b03282297ad3de8f2de7369366aa5c143b35382984506e93eecd8b pkgname = searx-git @@ -2,7 +2,7 @@ # Contributor: Reventlov <contact+aur at volcanis dot me> pkgname=searx-git -pkgver=0.14.0+84+geea2e8e5 +pkgver=0.15.0+47+ga80a2d05 pkgrel=1 pkgdesc='Privacy-respecting metasearch engine (git)' arch=(any) @@ -20,16 +20,22 @@ depends=(python2-certifi python2-requests python2-pysocks) makedepends=(git openssl) -optdepends=('morty: Privacy-aware web content sanitizer proxy-as-a-service' - 'morty-git: Privacy-aware web content sanitizer proxy-as-a-service (Git)') +optdepends=('filtron: Filtering reverse-HTTP proxy' + 'filtron-git: Filtering reverse-HTTP proxy (git)' + 'morty: Privacy-aware web content sanitizer proxy-as-a-service' + 'morty-git: Privacy-aware web content sanitizer proxy-as-a-service (git)') provides=(searx) conflicts=(searx) -backup=(etc/searx/settings.yml) +backup=(etc/searx.conf) install=searx.install source=(git+https://github.com/asciimoo/searx - searx.service) -sha512sums=(SKIP - 6bcc5854ebbe8a50f9929714d6d00f2b273b9c7dda16289868727edf2cf7f6c42b5de5d696efdc725b255f31f5d94867c05e94f7563adf587bc0a750212562ad) + searx.service + searx.sysusers.d + searx.tmpfiles.d) +sha512sums=('SKIP' + 'cc58068e502b088c61016a5cd25db248f5fae146f18e00253f3aa0ccd666189ef3a407e00bf9181c23e643e68df7e4f9eec295bf680c982052978c2786325d0a' + '39b765ade096778ad945725e0ca5c0919e4baff4e7a466e0d093e68d1a92c563a5437caed01e44accf04ac51450007e659435d32a84e818df213de3f9e546793' + '40d749415d0db1033d779eda0c0543f2713896d442fea111d46996c216ccbcfabe42660c37b03282297ad3de8f2de7369366aa5c143b35382984506e93eecd8b') pkgver() { cd searx @@ -38,14 +44,18 @@ pkgver() { prepare() { cd searx - sed -i 's|==|>=|g' requirements.txt - sed -i "s/ultrasecretkey\" # change this!/`openssl rand -hex 128`\"/g" searx/settings.yml - # If morty is installed, add it's key to searx settings - msg2 'Checking for morty installation...' + # Allow newer versions of Python 2 libraries since we like to break stuff + sed -i 's/==/>=/g' requirements.txt + + # Generate super secret key + sed -i "s/ultrasecretkey\" # change this!/`openssl rand -hex 32`\"/" searx/settings.yml + + # Add Morty key if it's installed + msg2 'Checking for Morty...' if [ -f /usr/bin/morty ]; then - sed -i "s/your_morty_proxy_key/$(cat /usr/lib/systemd/system/morty.service | - grep key | awk '{print $5}')/" searx/settings.yml && + sed -i "s/your_morty_proxy_key/`cat /usr/lib/systemd/system/morty.service | + grep key | awk '{print $5}'`/" searx/settings.yml && msg2 'Morty found; added key to searx settings.' else msg2 'Morty not found.' @@ -55,10 +65,16 @@ prepare() { } package() { - install -Dm 644 searx.service "$pkgdir"/usr/lib/systemd/system/searx.service + install -Dm 644 searx.service -t "$pkgdir"/usr/lib/systemd/system + install -Dm 644 searx.sysusers.d "$pkgdir"/usr/lib/sysusers.d/searx.conf + install -Dm 644 searx.tmpfiles.d "$pkgdir"/usr/lib/tmpfiles.d/searx.conf + cd searx python2 setup.py install --root="$pkgdir" --optimize=1 - mv "$pkgdir"/usr/lib/python2.7/site-packages/{README.rst,requirements*,tests,searx} - install -Dm 644 searx/settings.yml "$pkgdir"/etc/searx/settings.yml - install -Dm 644 LICENSE "$pkgdir"/usr/share/licenses/searx/LICENSE + + # Move searx files into searx folder since they're incorrectly spread out + mv "$pkgdir"/usr/lib/python2.7/site-packages/{README.rst,requirements*,searx} + + install -Dm 600 searx/settings.yml "$pkgdir"/etc/searx.conf + install -Dm 644 LICENSE -t "$pkgdir"/usr/share/licenses/searx } diff --git a/searx.install b/searx.install index eb8d25ee51e8..4c556ece97f5 100644 --- a/searx.install +++ b/searx.install @@ -1,14 +1,3 @@ post_install() { - getent passwd searx > /dev/null || - useradd -rb /usr/lib/python2.7/site-packages -s /sbin/nologin searx - - echo 'Settings are at /etc/searx/settings.yml' -} - -post_upgrade() { - post_install -} - -post_remove() { - echo 'You may want to remove the searx user.' + echo 'Settings are at /etc/searx.conf' } diff --git a/searx.service b/searx.service index dfa3ccb95fbf..b7df1c76d40c 100644 --- a/searx.service +++ b/searx.service @@ -5,7 +5,7 @@ After=network.target [Service] Type=simple User=searx -Environment=SEARX_SETTINGS_PATH=/etc/searx/settings.yml +Environment=SEARX_SETTINGS_PATH=/etc/searx.conf PrivateTmp=true PrivateDevices=true # Prevent access to /home, /root, and /run/user diff --git a/searx.sysusers.d b/searx.sysusers.d new file mode 100644 index 000000000000..af3bad2074b7 --- /dev/null +++ b/searx.sysusers.d @@ -0,0 +1 @@ +u searx - "Searx user" diff --git a/searx.tmpfiles.d b/searx.tmpfiles.d new file mode 100644 index 000000000000..a02463b4904a --- /dev/null +++ b/searx.tmpfiles.d @@ -0,0 +1 @@ +Z /etc/searx.conf - searx searx |