Initial commit.

3 files changed, 87 insertions, 0 deletions

diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 000000000000..6847fc9d9f95
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,18 @@
+pkgbase = snowflake-pt-proxy
+	pkgdesc = Snowflake is a pluggable transport that proxies traffic through temporary proxies using WebRTC (proxy part)
+	pkgver = 2.1.0
+	pkgrel = 1
+	url = https://snowflake.torproject.org
+	arch = x86_64
+	arch = aarch64
+	license = BSD
+	makedepends = go
+	depends = glibc
+	source = snowflake-pt-proxy-2.1.0.tar.gz::https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/archive/v2.1.0/snowflake-v2.1.0.tar.gz
+	source = snowflake-proxy.service
+	sha256sums = e9538c1bed1d3354ea68962e2cc829d9eaf5730667bff0013871163ccf47bb56
+	sha256sums = 562e53cd615f7f26df0e39aef2b5b5626a026a3c9a601c1d47a63ae70f4d7ed1
+	b2sums = 14cd360c2154207a88be20d0bb711a926a732340058ffd7653d586ddd78c842d9d3c04dcc369e2cd146ee3089616c409b18efc74c6b2329fc980690368438fa8
+	b2sums = fa45242d7f35a8fd79a36533249fde87777c69dd1415eeadc2a11a39f768fa754aa1831191ba31ebf6e2167471ab97c237ceafd8be95d71ed34995e0e2ad64a2
+
+pkgname = snowflake-pt-proxy
diff --git a/PKGBUILD b/PKGBUILD
new file mode 100644
index 000000000000..e047278d9a7e
--- /dev/null
+++ b/PKGBUILD
@@ -0,0 +1,39 @@
+# Maintainer: KokaKiwi <kokakiwi+aur [at] kokakiwi [dot] net>
+
+pkgname=snowflake-pt-proxy
+pkgver=2.1.0
+pkgrel=1
+pkgdesc="Snowflake is a pluggable transport that proxies traffic through temporary proxies using WebRTC (proxy part)"
+url="https://snowflake.torproject.org"
+license=('BSD')
+arch=('x86_64' 'aarch64')
+depends=('glibc')
+makedepends=('go')
+source=("$pkgname-$pkgver.tar.gz::https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/archive/v$pkgver/snowflake-v$pkgver.tar.gz"
+        snowflake-proxy.service)
+sha256sums=('e9538c1bed1d3354ea68962e2cc829d9eaf5730667bff0013871163ccf47bb56'
+            '562e53cd615f7f26df0e39aef2b5b5626a026a3c9a601c1d47a63ae70f4d7ed1')
+b2sums=('14cd360c2154207a88be20d0bb711a926a732340058ffd7653d586ddd78c842d9d3c04dcc369e2cd146ee3089616c409b18efc74c6b2329fc980690368438fa8'
+        'fa45242d7f35a8fd79a36533249fde87777c69dd1415eeadc2a11a39f768fa754aa1831191ba31ebf6e2167471ab97c237ceafd8be95d71ed34995e0e2ad64a2')
+
+build() {
+  cd "snowflake-v$pkgver"
+
+  export CGO_CPPFLAGS="$CPPFLAGS"
+  export CGO_CFLAGS="$CFLAGS"
+  export CGO_CXXFLAGS="$CXXFLAGS"
+  export CGO_LDFLAGS="$LDFLAGS"
+  export GOFLAGS="-buildmode=pie -trimpath -ldflags=-linkmode=external -mod=readonly -modcacherw"
+
+  go build -v -o proxy/snowflake-proxy ./proxy
+}
+
+package() {
+  cd "snowflake-v$pkgver"
+
+  install -Dm0755 proxy/snowflake-proxy "$pkgdir/usr/bin/snowflake-proxy"
+
+  install -Dm0644 "$srcdir/snowflake-proxy.service" "$pkgdir/usr/lib/systemd/system/snowflake-proxy.service"
+
+  install -Dm0644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
+}
diff --git a/snowflake-proxy.service b/snowflake-proxy.service
new file mode 100644
index 000000000000..c130b54d2a37
--- /dev/null
+++ b/snowflake-proxy.service
@@ -0,0 +1,30 @@
+[Unit]
+Description=Pluggable Transport using WebRTC, inspired by Flashproxy - Proxy
+After=network.target nss-lookup.target
+
+[Service]
+ExecStart=/usr/bin/snowflake-proxy
+
+Restart=on-failure
+
+# Hardening
+DynamicUser=true
+NoNewPrivileges=true
+
+PrivateTmp=true
+PrivateDevices=true
+PrivateMounts=true
+PrivateIPC=true
+
+ProtectHome=true
+ProtectControlGroups=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectKernelLogs=true
+ProtectProc=invisible
+ProtectHostname=true
+ProtectClock=true
+ProtectSystem=strict
+
+MemoryDenyWriteExecute=true
+RestrictRealtime=true