diff options
author | Matthewacon | 2019-05-24 12:48:04 -0400 |
---|---|---|
committer | Matthewacon | 2019-05-24 12:48:04 -0400 |
commit | f3214131d7b84ed5304d1cf11a2dabc817de6dba (patch) | |
tree | b4dc933e446c5a1a5c38197544961ba5d928cc6a | |
download | aur-f3214131d7b84ed5304d1cf11a2dabc817de6dba.tar.gz |
Initial commit
-rw-r--r-- | .SRCINFO | 29 | ||||
-rw-r--r-- | PKGBUILD | 68 | ||||
-rw-r--r-- | sslh-select@.service | 30 | ||||
-rw-r--r-- | sslh.cfg | 29 | ||||
-rw-r--r-- | sslh.sysusers | 1 | ||||
-rw-r--r-- | sslh@.service | 30 |
6 files changed, 187 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..6dde8d226970 --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,29 @@ +pkgbase = sslh-systemd-git + pkgdesc = Network port multiplexer. Allows sharing of HTTP, SSL, SSH, OpenVPN, tinc, XMPP, etc. on the same port + pkgver = 1.20.r37.g3822352 + pkgrel = 1 + url = http://www.rutschle.net/tech/sslh.shtml + arch = i686 + arch = x86_64 + license = GPL2 + makedepends = git + depends = libcap + depends = libconfig + depends = libwrap + depends = systemd + provides = sslh + conflicts = sslh + backup = etc/sslh/sslh.cfg + source = sslh-systemd-git::git+https://github.com/matthewacon/sslh + source = sslh.cfg + source = sslh.sysusers + source = sslh@.service + source = sslh-select@.service + md5sums = SKIP + md5sums = d5405c7ca7e1813e4d49a473e5834640 + md5sums = f39544277a30595d4b7476b3f87ebbcf + md5sums = 59d76639059db542a1ee975cccf8762c + md5sums = df50f93f12c4d50dce1b2fa5ec21fe85 + +pkgname = sslh-systemd-git + diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..4dbbf0171e4d --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,68 @@ +# Maintainer: Matthew Barichello <matthewjbarichello@gmail.com> + +_pkgname=sslh +pkgname=$_pkgname-systemd-git +pkgver=1.20.r37.g3822352 +pkgrel=1 +pkgdesc="Network port multiplexer. Allows sharing of HTTP, SSL, SSH, OpenVPN, tinc, XMPP, etc. on the same port" +arch=('i686' 'x86_64') +url='http://www.rutschle.net/tech/sslh.shtml' +license=('GPL2') +depends=('libcap' 'libconfig' 'libwrap' 'systemd') +#makedepends=('git' 'pcre-static') +makedepends=('git') +provides=($_pkgname) +conflicts=($_pkgname) +backup=('etc/sslh/sslh.cfg') +source=($pkgname::'git+https://github.com/matthewacon/sslh' + 'sslh.cfg' + 'sslh.sysusers' + 'sslh@.service' + 'sslh-select@.service') +md5sums=('SKIP' + 'd5405c7ca7e1813e4d49a473e5834640' + 'f39544277a30595d4b7476b3f87ebbcf' + '59d76639059db542a1ee975cccf8762c' + 'df50f93f12c4d50dce1b2fa5ec21fe85') + +pkgver() { + cd $pkgname + git describe --long | sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g' +} + +#prepare() { +# cd $pkgname +# sed -i 's|^\(ExecStart.*\) $DAEMON_OPTS|\1 -F/etc/sslh/sslh.cfg|' sslh\@.service +#} + +build() { + cd $pkgname + make all + make systemd-sslh-generator +} + +package() { + # Default config + install -Dm644 sslh.cfg "$pkgdir/etc/sslh/sslh.cfg" + + # Systemd + install -Dm644 sslh.sysusers "$pkgdir/usr/lib/sysusers.d/sslh.conf" + install -Dm644 sslh\@.service "$pkgdir/usr/lib/systemd/system/sslh\@.service" + install -Dm644 sslh-select\@.service "$pkgdir/usr/lib/systemd/system/sslh-select\@.service" + + cd $pkgname + install -Dm644 scripts/etc.sysconfig.sslh "$pkgdir/etc/conf.d/sslh" + + # Executables + install -Dm755 sslh-fork "$pkgdir/usr/bin/sslh-fork" + install -Dm755 sslh-select "$pkgdir/usr/bin/sslh-select" + ln -s sslh-fork "$pkgdir/usr/bin/sslh" + install -Dm755 systemd-sslh-generator "$pkgdir/usr/lib/systemd/system-generators/systemd-sslh-generator" + + # Manpage + install -Dm644 sslh.8.gz "$pkgdir/usr/share/man/man8/sslh.8.gz" + + # Examples + install -Dm644 basic.cfg "$pkgdir/usr/share/doc/$_pkgname/basic.cfg" + install -Dm644 example.cfg "$pkgdir/usr/share/doc/$_pkgname/example.cfg" + } diff --git a/sslh-select@.service b/sslh-select@.service new file mode 100644 index 000000000000..452e8c363d17 --- /dev/null +++ b/sslh-select@.service @@ -0,0 +1,30 @@ +[Unit] +Description=SSL/SSH multiplexer (select mode) for %I +Conflicts=sslh@%I.service +Requires=sslh@%I.socket +PartOf=sslh@%I.socket +After=network.target + +[Service] +EnvironmentFile=/etc/conf.d/sslh +ExecStart=/usr/bin/sslh-select -F/etc/sslh/%I.cfg -f -v +KillMode=process +ProtectSystem=strict +ProtectHome=true +ProtectKernelModules=true +ProtectKernelTunables=true +ProtectControlGroups=true +PrivateTmp=true +PrivateDevices=true +SecureBits=noroot-locked +MountFlags=private +NoNewPrivileges=true +CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_NET_BIND_SERVICE +AmbientCapabilities=CAP_NET_BIND_SERVICE +RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX +MemoryDenyWriteExecute=true +User=sslh +DynamicUser=true + +[Install] +WantedBy=multi-user.target diff --git a/sslh.cfg b/sslh.cfg new file mode 100644 index 000000000000..3a22a6e828e5 --- /dev/null +++ b/sslh.cfg @@ -0,0 +1,29 @@ +# Default Arch configuration +# You can find more examples in /usr/share/doc/sslh + +verbose: false; +foreground: true; +inetd: false; +numeric: false; +transparent: false; +timeout: 2; +user: "sslh"; +pidfile: "/run/sslh.pid"; + + +listen: +( + { host: "::0"; port: "443"; } +); + +protocols: +( + { name: "ssh"; service: "ssh"; host: "localhost"; port: "22"; probe: "builtin"; }, + { name: "openvpn"; host: "localhost"; port: "1194"; probe: "builtin"; }, + { name: "xmpp"; host: "localhost"; port: "5222"; probe: "builtin"; }, + { name: "http"; host: "localhost"; port: "80"; probe: "builtin"; }, + { name: "ssl"; host: "localhost"; port: "8443"; probe: "builtin"; }, + { name: "anyprot"; host: "localhost"; port: "8443"; probe: "builtin"; } +); + +# vim:set ts=4 sw=4 et: diff --git a/sslh.sysusers b/sslh.sysusers new file mode 100644 index 000000000000..aebff9d6ca77 --- /dev/null +++ b/sslh.sysusers @@ -0,0 +1 @@ +u sslh - - - diff --git a/sslh@.service b/sslh@.service new file mode 100644 index 000000000000..2273381c1c93 --- /dev/null +++ b/sslh@.service @@ -0,0 +1,30 @@ +[Unit] +Description=SSL/SSH multiplexer (fork mode) for %I +Conflicts=sslh-select@%I.service +Requires=sslh@%I.socket +PartOf=sslh@%I.socket +After=network.target + +[Service] +EnvironmentFile=/etc/conf.d/sslh +ExecStart=/usr/bin/sslh-fork -F/etc/sslh/%I.cfg -f -v +KillMode=process +ProtectSystem=strict +ProtectHome=true +ProtectKernelModules=true +ProtectKernelTunables=true +ProtectControlGroups=true +PrivateTmp=true +PrivateDevices=true +SecureBits=noroot-locked +MountFlags=private +NoNewPrivileges=true +CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_NET_BIND_SERVICE +AmbientCapabilities=CAP_NET_BIND_SERVICE +RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX +MemoryDenyWriteExecute=true +User=sslh +DynamicUser=true + +[Install] +WantedBy=multi-user.target |