Initial

Fix namcap warnings

Update .SRCINFO

7 files changed, 154 insertions, 0 deletions

diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 000000000000..917438a9cc3e
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,24 @@
+pkgbase = conduit
+	pkgdesc = A simple, fast and reliable chat server powered by matrix
+	pkgver = 0.2.0
+	pkgrel = 1
+	epoch = 1
+	url = https://conduit.rs/
+	arch = x86_64
+	license = APACHE
+	makedepends = git
+	makedepends = rust
+	depends = gcc-libs
+	backup = etc/matrix-conduit/conduit.toml
+	source = git+https://gitlab.com/famedly/conduit.git#tag=v0.2.0
+	source = conduit.service
+	source = conduit.sysusers
+	source = conduit.tmpfiles
+	source = conduit.toml
+	sha512sums = SKIP
+	sha512sums = d8f0b4bde805b92e9b6f286b16647282b9ee422860762e6cb7be429de5e7838afd1935780f24a885afe34348149d3ab27c9944f28801091473239f9e5341aa9d
+	sha512sums = b20e4bad51c28ca268c7cf59406f09c1badb4e0688030e222d45a415822ac357a7e4674b3a1483935352f70d80da2c31004059f5acd7f0a522ace14539ad49f5
+	sha512sums = 3da5d584492e7b586c4722327cd2f23d4abf814f2067b068741998582ce870fec26fac83d96a2a9c42e060475be0abdde0207daf2be08678be4cee77d6b778b1
+	sha512sums = 5bd0813b0cbb1ed7e83a946ce9b5a321e057ccb2cce4ae4bebff21d4b87cac03fc424a771a959be64a12bd5da0a3a088f0dfb9a42028a4f3d5525d909e830431
+
+pkgname = conduit
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 000000000000..fae47242dcdd
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,10 @@
+*
+**/*
+
+!/conduit.service
+!/conduit.sysusers
+!/conduit.tmpfiles
+!/conduit.toml
+!/PKGBUILD
+!/.SRCINFO
+!/.gitignore
diff --git a/PKGBUILD b/PKGBUILD
new file mode 100644
index 000000000000..f633a7d0f71c
--- /dev/null
+++ b/PKGBUILD
@@ -0,0 +1,43 @@
+# Maintainer: ZenTauro <zentauro at riseup dot net>
+
+pkgname=conduit
+pkgver=0.2.0
+epoch=1
+pkgrel=1
+pkgdesc='A simple, fast and reliable chat server powered by matrix'
+arch=(x86_64)
+url='https://conduit.rs/'
+license=(APACHE)
+depends=(gcc-libs)
+makedepends=(git rust)
+backup=(etc/matrix-conduit/conduit.toml)
+optdepends=()
+source=(
+  "git+https://gitlab.com/famedly/conduit.git#tag=v${pkgver}"
+  "conduit.service"
+  "conduit.sysusers"
+  "conduit.tmpfiles"
+  "conduit.toml"
+)
+sha512sums=(
+  'SKIP'
+  'd8f0b4bde805b92e9b6f286b16647282b9ee422860762e6cb7be429de5e7838afd1935780f24a885afe34348149d3ab27c9944f28801091473239f9e5341aa9d'
+  'b20e4bad51c28ca268c7cf59406f09c1badb4e0688030e222d45a415822ac357a7e4674b3a1483935352f70d80da2c31004059f5acd7f0a522ace14539ad49f5'
+  '3da5d584492e7b586c4722327cd2f23d4abf814f2067b068741998582ce870fec26fac83d96a2a9c42e060475be0abdde0207daf2be08678be4cee77d6b778b1'
+  '5bd0813b0cbb1ed7e83a946ce9b5a321e057ccb2cce4ae4bebff21d4b87cac03fc424a771a959be64a12bd5da0a3a088f0dfb9a42028a4f3d5525d909e830431'
+)
+
+build() {
+  cd "${srcdir}/conduit"
+  cargo build --release
+}
+
+package() {
+  install -Dm 755 "${srcdir}/conduit/target/release/conduit" "${pkgdir}/usr/bin/conduit-matrix"
+  install -Dm 644 "${srcdir}/conduit.service"             -t "${pkgdir}/usr/lib/systemd/system/"
+  install -Dm 644 "${srcdir}/conduit.sysusers"               "${pkgdir}/usr/lib/sysusers.d/conduit.conf"
+  install -Dm 644 "${srcdir}/conduit.tmpfiles"               "${pkgdir}/usr/lib/tmpfiles.d/conduit.conf"
+  install -Dm 644 "${srcdir}/conduit.toml"                   "${pkgdir}/etc/matrix-conduit/conduit.toml"
+}
+
+# vim: ts=2 sw=2 et
diff --git a/conduit.service b/conduit.service
new file mode 100644
index 000000000000..77bf63436c32
--- /dev/null
+++ b/conduit.service
@@ -0,0 +1,31 @@
+# This unit is fairly hardened, change if needed
+
+[Unit]
+Description=Simple, fast and reliable chat server powered by matrix
+After=syslog.target network.target nss-lookup.target
+
+[Service]
+Type=simple
+ExecStart=/usr/bin/conduit-matrix
+ExecReload=/bin/kill -HUP ${MAINPID}
+KillSignal=SIGINT
+TimeoutSec=60
+Restart=on-failure
+WatchdogSec=1m
+LimitNOFILE=32768
+
+# Hardening
+User=conduit
+PrivateTmp=yes
+PrivateDevices=yes
+ProtectHome=yes
+ProtectSystem=full
+ReadOnlyDirectories=/
+ReadWriteDirectories=-/var/lib/matrix-conduit
+ReadWriteDirectories=-/var/log/matrix-conduit
+Environment="CONDUIT_CONFIG=/etc/matrix-conduit/conduit.toml" 'RUST_LOG=info' 'RUST_BACKTRACE=1'
+NoNewPrivileges=yes
+CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE CAP_DAC_READ_SEARCH
+
+[Install]
+WantedBy=multi-user.target
diff --git a/conduit.sysusers b/conduit.sysusers
new file mode 100644
index 000000000000..4d451e34b95c
--- /dev/null
+++ b/conduit.sysusers
@@ -0,0 +1,2 @@
+# Type  Name    ID GECOS HomeDir          Shell
+u       conduit -  -     /var/lib/conduit -
diff --git a/conduit.tmpfiles b/conduit.tmpfiles
new file mode 100644
index 000000000000..7c3e61f5316e
--- /dev/null
+++ b/conduit.tmpfiles
@@ -0,0 +1,3 @@
+# Type Path                               Mode User    Group   Age Argument
+d      /var/lib/matrix-conduit            0700 conduit conduit -   -
+d      /var/lib/matrix-conduit/conduit_db 0700 conduit conduit -   -
diff --git a/conduit.toml b/conduit.toml
new file mode 100644
index 000000000000..47beb0444e2d
--- /dev/null
+++ b/conduit.toml
@@ -0,0 +1,41 @@
+[global]
+# The server_name is the name of this server. It is used as a suffix for user
+# and room ids. Examples: matrix.org, conduit.rs
+# The Conduit server needs to be reachable at https://your.server.name/ on port
+# 443 (client-server) and 8448 (federation) OR you can create /.well-known
+# files to redirect requests. See
+# https://matrix.org/docs/spec/client_server/latest#get-well-known-matrix-client
+# and https://matrix.org/docs/spec/server_server/r0.1.4#get-well-known-matrix-server
+# for more information
+
+# YOU NEED TO EDIT THIS
+#server_name = "your.server.name"
+
+# This is the only directory where Conduit will save its data
+database_path = "/var/lib/matrix-conduit/conduit_db"
+
+# The port Conduit will be running on. You need to set up a reverse proxy in
+# your web server (e.g. apache or nginx), so all requests to /_matrix on port
+# 443 and 8448 will be forwarded to the Conduit instance running on this port
+port = 6167
+
+# Max size for uploads
+max_request_size = 20_000_000 # in bytes
+
+# Enables registration. If set to false, no users can register on this server.
+allow_registration = true
+
+# Disable encryption, so no new encrypted rooms can be created
+# Note: existing rooms will continue to work
+allow_encryption = true
+allow_federation = true
+
+trusted_servers = ["matrix.org"]
+
+#max_concurrent_requests = 100 # How many requests Conduit sends to other servers at the same time
+#workers = 4 # default: cpu core count * 2
+
+address = "127.0.0.1" # This makes sure Conduit can only be reached using the reverse proxy
+
+# The total amount of memory that the database will use.
+#db_cache_capacity_mb = 200