Date: Thursday, February 11, 2021 @ 15:22:20 Author: hashworks Revision: 856708
upgpkg: piping-server 0.8.2-2: Add piping-server.service Unit file Added: piping-server/trunk/piping-server.service Modified: piping-server/trunk/PKGBUILD -----------------------+ PKGBUILD | 12 ++++++++---- piping-server.service | 37 +++++++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+), 4 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2021-02-11 15:22:14 UTC (rev 856707) +++ PKGBUILD 2021-02-11 15:22:20 UTC (rev 856708) @@ -1,15 +1,17 @@ # Maintainer: Justin Kromlinger <[email protected]> pkgname=piping-server pkgver=0.8.2 -pkgrel=1 -pkgdesc='Infinitely transfer between every device over pure HTTP' +pkgrel=2 +pkgdesc='Infinitely transfer between every device over pure HTTP with pipes or browsers' arch=('x86_64') url="https://github.com/nwtgck/piping-server-rust"; license=('MIT') depends=('gcc-libs') makedepends=('cargo') -source=("$pkgname-$pkgver.tar.gz::$url/archive/v$pkgver.tar.gz") -sha256sums=('7f6a7a8068f591e2e682122f435dc90a71f724d8fd06238b48dc10638896955d') +source=("$pkgname-$pkgver.tar.gz::$url/archive/v$pkgver.tar.gz" + "$pkgname.service") +sha256sums=('7f6a7a8068f591e2e682122f435dc90a71f724d8fd06238b48dc10638896955d' + '9182467638a583b29bed0ae69ed00013b1721ce8753e5ba90a56cbaac07d768c') build() { cd "piping-server-rust-$pkgver" @@ -22,6 +24,8 @@ } package() { + install -Dm644 piping-server.service "$pkgdir/usr/lib/systemd/system/piping-server.service" + cd "piping-server-rust-$pkgver" install -Dm755 "target/release/$pkgname" "$pkgdir/usr/bin/$pkgname" Added: piping-server.service =================================================================== --- piping-server.service (rev 0) +++ piping-server.service 2021-02-11 15:22:20 UTC (rev 856708) @@ -0,0 +1,37 @@ +[Unit] +Description=piping-server +Documentation=https://github.com/nwtgck/piping-server-rust + +[Service] +ExecStart=/usr/bin/piping-server --http-port 8181 + +DynamicUser=yes +CapabilityBoundingSet=~CAP_SETUID CAP_SETGID CAP_SETPCAP CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_CHOWN CAP_FSETID CAP_SETFCAP CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_FOWNER CAP_IPC_OWNER CAP_NET_ADMIN CAP_SYS_TIME CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE CAP_KILL CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_RESOURCE CAP_MAC_ADMIN CAP_MAC_OVERRIDE CAP_SYS_BOOT CAP_LINUX_IMMUTABLE CAP_IPC_LOCK CAP_SYS_CHROOT CAP_BLOCK_SUSPEND CAP_LEASE CAP_SYS_PACCT CAP_SYS_TTY_CONFIG CAP_WAKE_ALARM +LockPersonality=true +MemoryDenyWriteExecute=true +NoNewPrivileges=true +DevicePolicy=closed +PrivateDevices=true +PrivateTmp=true +PrivateUsers=true +ProtectClock=true +ProtectControlGroups=true +ProtectHome=read-only +ProtectHostname=true +ProtectKernelTunables=true +ProtectKernelLogs=true +ProtectKernelModules=true +ProtectSystem=strict +RemoveIPC=true +RestrictAddressFamilies=~AF_AX25 AF_IPX AF_APPLETALK AF_X25 AF_DECnet AF_KEY AF_NETLINK AF_PACKET AF_RDS AF_PPPOX AF_LLC AF_IB AF_MPLS AF_CAN AF_TIPC AF_BLUETOOTH AF_ALG AF_VSOCK AF_KCM AF_UNIX AF_XDP +RestrictNamespaces=true +RestrictRealtime=true +RestrictSUIDSGID=true +SystemCallArchitectures=native +SystemCallFilter=@system-service +SystemCallFilter=~@resources @privileged + +Restart=on-failure + +[Install] +WantedBy=default.target
