commit: 4d887c0531663bdd3e0e68802a864848bbe47885
Author: Rahil Bhimjiani <me <AT> rahil <DOT> rocks>
AuthorDate: Wed Feb 21 10:14:28 2024 +0000
Commit: Rahil Bhimjiani <rahil3108 <AT> gmail <DOT> com>
CommitDate: Mon Feb 26 05:47:12 2024 +0000
URL: https://gitweb.gentoo.org/repo/proj/guru.git/commit/?id=4d887c05
app-admin/vaultwarden: Bitwarden compatible password manager in Rust
Initial 1.30.3
Signed-off-by: Rahil Bhimjiani <me <AT> rahil.rocks>
app-admin/vaultwarden/Manifest | 3 +
.../vaultwarden/files/vaultwarden-1.30.3.initd | 20 ++++
.../vaultwarden/files/vaultwarden-1.30.3.service | 53 ++++++++++
.../files/vaultwarden-envfile-1.30.3.patch | 54 ++++++++++
.../files/vaultwarden-tmpfiles-1.30.3.conf | 5 +
app-admin/vaultwarden/metadata.xml | 21 ++++
app-admin/vaultwarden/vaultwarden-1.30.3.ebuild | 112 +++++++++++++++++++++
app-admin/vaultwarden/vaultwarden-9999.ebuild | 112 +++++++++++++++++++++
8 files changed, 380 insertions(+)
diff --git a/app-admin/vaultwarden/Manifest b/app-admin/vaultwarden/Manifest
new file mode 100644
index 0000000000..341d6c7c3a
--- /dev/null
+++ b/app-admin/vaultwarden/Manifest
@@ -0,0 +1,3 @@
+DIST vaultwarden-1.30.3-deps.tar.xz 46123852 BLAKE2B
3a72fb6b30cbaee9ecbafb1c2411c116f25cd4637ca060db604e33e0d27c8a837a045655388fef15f145049b99a4d946dde15c08bb57b002cb2d8e6325826a54
SHA512
fbe0c456f1f298f8588e22afc8b5fcdc4aec94c10a6474362555929940d35086906d703ba9474751e9bcb54ea56e807277975788eb2e1cf0bae4be323ac7886b
+DIST vaultwarden-1.30.3-docs.tar.xz 73696 BLAKE2B
c78252c8ba6fc5efd1fc528e32bc608695f4d83749a85952f7b5daa6b8b874666f2dcfe5a9086f178ab27a806ac10070905eb7e4acb27890bc865873c0db7d3f
SHA512
5144a79dfc2a8ec3ea2f62accb4635aa556bd7ec3f2b33b7943fd4443332ade44902550c4ea9c8bafa19ec7c0feed92754e3540b0696853dd7e7cee5971d8dc1
+DIST vaultwarden-1.30.3.tar.gz 608049 BLAKE2B
f8d8a80c8dc7b6c710b0fbea19a14c7a73b150fb344173302e00395da5b6d0035f8c4b5c2cd80f2b573127a21ad4d5c440862fe2ab221ba733f85cb109387459
SHA512
2e1163300cc4e3bb2a66566fdfa65cc439920316615efd89d113121407f5456fed127dfa55be2a8cf77543083ace1ea56b6e15bc8a9678aa53e71435d6293642
diff --git a/app-admin/vaultwarden/files/vaultwarden-1.30.3.initd
b/app-admin/vaultwarden/files/vaultwarden-1.30.3.initd
new file mode 100644
index 0000000000..f468d76ead
--- /dev/null
+++ b/app-admin/vaultwarden/files/vaultwarden-1.30.3.initd
@@ -0,0 +1,20 @@
+#!/sbin/openrc-run
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+set -a && source ../"${RC_SVCNAME}".env && set +a
+
+name="Vaultwarden"
+description="Unofficial Bitwarden compatible password manager server in Rust"
+command="/usr/bin/${RC_SVCNAME}"
+command_user="${RC_SVCNAME}:${RC_SVCNAME}"
+command_background="true"
+pidfile="/run/${RC_SVCNAME}.pid"
+output_log="/var/log/${RC_SVCNAME}.log"
+error_log="/var/log/${RC_SVCNAME}.log"
+directory="${DATA_FOLDER:-/var/lib/${RC_SVCNAME}}"
+umask=0027
+
+depend() {
+ after net
+}
diff --git a/app-admin/vaultwarden/files/vaultwarden-1.30.3.service
b/app-admin/vaultwarden/files/vaultwarden-1.30.3.service
new file mode 100644
index 0000000000..1d68bc0924
--- /dev/null
+++ b/app-admin/vaultwarden/files/vaultwarden-1.30.3.service
@@ -0,0 +1,53 @@
+[Unit]
+Description=Vaultwarden, password manager server writen in Rust
+Documentation=https://github.com/dani-garcia/vaultwarden
+
+After=network.target
+Wants=network.target
+
+After=mariadb.service
+Wants=mariadb.service
+
+After=mysqld.service
+Wants=mysqld.service
+
+After=postgresql-12.service postgresql-13.service postgresql-14.service
postgresql-15.service postgresql-16.service
+Wants=postgresql-12.service postgresql-13.service postgresql-14.service
postgresql-15.service postgresql-16.service
+
+[Service]
+EnvironmentFile=/etc/%N.env
+ExecStart=/usr/bin/%N
+WorkingDirectory=/var/lib/%N
+
+User=%N
+Group=%N
+UMask=0027
+
+# Sandboxing and hardening systemd.exec(5)
+PrivateUsers=yes
+ProtectClock=yes
+ProtectHostname=yes
+ProtectKernelTunables=yes
+ProtectKernelModules=yes
+ProtectKernelLogs=yes
+ProtectControlGroups=yes
+RestrictNamespaces=yes
+LockPersonality=yes
+MemoryDenyWriteExecute=yes
+RestrictSUIDSGID=yes
+RemoveIPC=yes
+RestrictRealtime=yes
+PrivateTmp=true
+PrivateDevices=true
+ProtectHome=true
+
+# set entire file system to read only except following ReadWritePaths
+ProtectSystem=strict
+ReadWritePaths=/var/lib/%N /var/log/%N.log
+
+# Set reasonable connection and process limits
+LimitNOFILE=1048576
+LimitNPROC=64
+
+[Install]
+WantedBy=multi-user.target
diff --git a/app-admin/vaultwarden/files/vaultwarden-envfile-1.30.3.patch
b/app-admin/vaultwarden/files/vaultwarden-envfile-1.30.3.patch
new file mode 100644
index 0000000000..a97b338be0
--- /dev/null
+++ b/app-admin/vaultwarden/files/vaultwarden-envfile-1.30.3.patch
@@ -0,0 +1,54 @@
+--- a/.env.template
++++ b/.env.template
+@@ -15,24 +15,24 @@
+ ####################
+
+ ## Main data folder
+-# DATA_FOLDER=data
++DATA_FOLDER=/var/lib/vaultwarden
+
+ ## Individual folders, these override %DATA_FOLDER%
+-# RSA_KEY_FILENAME=data/rsa_key
+-# ICON_CACHE_FOLDER=data/icon_cache
+-# ATTACHMENTS_FOLDER=data/attachments
+-# SENDS_FOLDER=data/sends
+-# TMP_FOLDER=data/tmp
++# RSA_KEY_FILENAME=/var/lib/vaultwarden/rsa_key
++# ICON_CACHE_FOLDER=/var/lib/vaultwarden/icon_cache
++# ATTACHMENTS_FOLDER=/var/lib/vaultwarden/attachments
++# SENDS_FOLDER=/var/lib/vaultwarden/sends
++# TMP_FOLDER=/var/lib/vaultwarden/tmp
+
+ ## Templates data folder, by default uses embedded templates
+ ## Check source code to see the format
+-# TEMPLATES_FOLDER=data/templates
++# TEMPLATES_FOLDER=/var/lib/vaultwarden/templates
+ ## Automatically reload the templates for every request, slow, use only for
development
+ # RELOAD_TEMPLATES=false
+
+ ## Web vault settings
+-# WEB_VAULT_FOLDER=web-vault/
+-# WEB_VAULT_ENABLED=true
++WEB_VAULT_FOLDER=/usr/share/webapps/vaultwarden-web
++WEB_VAULT_ENABLED=false
+
+ #########################
+ ### Database settings ###
+@@ -40,7 +40,7 @@
+
+ ## Database URL
+ ## When using SQLite, this is the path to the DB file, default to
%DATA_FOLDER%/db.sqlite3
+-# DATABASE_URL=data/db.sqlite3
++# DATABASE_URL=/var/lib/vaultwarden/db.sqlite3
+ ## When using MySQL, specify an appropriate connection URI.
+ ## Details:
https://docs.diesel.rs/2.1.x/diesel/mysql/struct.MysqlConnection.html
+ # DATABASE_URL=mysql://user:password@host[:port]/database_name
+@@ -361,7 +361,7 @@
+ # USE_SYSLOG=false
+
+ ## Logging to file
+-# LOG_FILE=/path/to/log
++# LOG_FILE=/var/log/vaultwarden.log
+
+ ## Log level
+ ## Change the verbosity of the log output
diff --git a/app-admin/vaultwarden/files/vaultwarden-tmpfiles-1.30.3.conf
b/app-admin/vaultwarden/files/vaultwarden-tmpfiles-1.30.3.conf
new file mode 100644
index 0000000000..c9be5d457a
--- /dev/null
+++ b/app-admin/vaultwarden/files/vaultwarden-tmpfiles-1.30.3.conf
@@ -0,0 +1,5 @@
+# Fields: type; path; mode; uid; gid; age; argument
+# tmpfiled.d(5)
+d /var/lib/vaultwarden 0750 vaultwarden vaultwarden
+d /var/lib/vaultwarden/tmp 0750 vaultwarden vaultwarden
1d
+f /var/log/vaultwarden.log 0640 vaultwarden vaultwarden
diff --git a/app-admin/vaultwarden/metadata.xml
b/app-admin/vaultwarden/metadata.xml
new file mode 100644
index 0000000000..3c4ab14ed3
--- /dev/null
+++ b/app-admin/vaultwarden/metadata.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd";>
+<pkgmetadata>
+ <maintainer type="person">
+ <email>[email protected]</email>
+ <name>Rahil Bhimjiani</name>
+ </maintainer>
+ <use>
+ <flag name="cli">
+ Install client with the Command-Line Interface
+ </flag>
+ <flag name="web">
+ Install client with Web UI
+ </flag>
+ </use>
+ <upstream>
+ <remote-id type="github">dani-garcia/vaultwarden</remote-id>
+ <bugs-to>https://github.com/dani-garcia/vaultwarden/issues</bugs-to>
+ <doc>https://github.com/dani-garcia/vaultwarden/blob/main/README.md</doc>
+ </upstream>
+</pkgmetadata>
diff --git a/app-admin/vaultwarden/vaultwarden-1.30.3.ebuild
b/app-admin/vaultwarden/vaultwarden-1.30.3.ebuild
new file mode 100644
index 0000000000..4cf733e1aa
--- /dev/null
+++ b/app-admin/vaultwarden/vaultwarden-1.30.3.ebuild
@@ -0,0 +1,112 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cargo check-reqs systemd tmpfiles
+
+DESCRIPTION="Unofficial Bitwarden compatible password manager server written
in Rust"
+HOMEPAGE="https://github.com/dani-garcia/vaultwarden";
+
+if [[ ${PV} == 9999* ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://github.com/dani-garcia/vaultwarden.git";
+else
+ SRC_URI="
+
https://github.com/dani-garcia/vaultwarden/archive/refs/tags/${PV}.tar.gz ->
${P}.tar.gz
+
https://github.com/rahilarious/gentoo-distfiles/releases/download/${P}/deps.tar.xz
-> ${P}-deps.tar.xz
+
https://github.com/rahilarious/gentoo-distfiles/releases/download/${P}/wiki.tar.xz
-> ${P}-docs.tar.xz
+"
+ KEYWORDS="~amd64"
+fi
+
+# main
+LICENSE="AGPL-3"
+# deps
+LICENSE+=" 0BSD Apache-2.0 Apache-2.0-with-LLVM-exceptions BSD-2 BSD ISC MIT
MPL-2.0 Unicode-DFS-2016"
+
+SLOT="0"
+IUSE="cli mysql postgres sqlite web"
+REQUIRED_USE="|| ( mysql postgres sqlite )"
+
+RDEPEND="
+ acct-user/vaultwarden
+ acct-group/vaultwarden
+ cli? ( || ( app-admin/bitwarden-cli app-admin/bitwarden-cli-bin ) )
+ mysql? ( dev-db/mysql-connector-c:= )
+ postgres? ( dev-db/postgresql:* )
+ sqlite? ( dev-db/sqlite:3 )
+ web? ( || ( www-apps/vaultwarden-web www-apps/vaultwarden-web-bin ) )
+"
+
+DEPEND="${RDEPEND}"
+BDEPEND="virtual/pkgconfig"
+
+QA_FLAGS_IGNORED="usr/bin/${PN}"
+QA_PRESTRIPPED="usr/bin/${PN}"
+ECARGO_VENDOR="${WORKDIR}/vendor"
+
+PATCHES=(
+ "${FILESDIR}"/vaultwarden-envfile-1.30.3.patch
+)
+
+CHECKREQS_MEMORY=3G
+CHECKREQS_DISK_BUILD=2G
+
+src_unpack() {
+ if [[ ${PV} == 9999* ]]; then
+ # clone vaultwarden
+ git-r3_src_unpack
+
+ # clone vaultwarden.wiki
+
EGIT_REPO_URI="https://github.com/dani-garcia/vaultwarden.wiki.git";
+ EGIT_CHECKOUT_DIR="${WORKDIR}/${PN}.wiki"
+ git-r3_src_unpack
+
+ cargo_live_src_unpack
+ else
+ cargo_src_unpack
+ fi
+}
+
+src_prepare() {
+ default
+ use web && { sed -i -e
's|^WEB_VAULT_ENABLED=false|WEB_VAULT_ENABLED=true|g;' .env.template || die; }
+}
+
+src_configure() {
+ local myfeatures=(
+ $(usev sqlite)
+ $(usev mysql)
+ $(usev postgres postgresql )
+ )
+ cargo_src_configure
+}
+
+src_compile() {
+ # https://github.com/dani-garcia/vaultwarden/blob/main/build.rs
+ [[ ${PV} != 9999* ]] && export VW_VERSION="${PV}"
+ cargo_src_compile
+}
+
+src_install() {
+ dobin target/*/"${PN}"
+ systemd_newunit "${FILESDIR}"/vaultwarden-1.30.3.service "${PN}".service
+ newinitd "${FILESDIR}"/vaultwarden-1.30.3.initd "${PN}"
+ newtmpfiles "${FILESDIR}"/vaultwarden-tmpfiles-1.30.3.conf "${PN}".conf
+ insinto /etc
+ newins .env.template "${PN}".env
+ keepdir /var/lib/"${PN}"
+
+ einstalldocs
+ dodoc -r ../"${PN}".wiki/*
+}
+
+pkg_postinst() {
+ tmpfiles_process "${PN}".conf
+ elog "Configuration file: /etc/${PN}.env"
+ elog "Data directory: /var/lib/${PN}"
+ use mysql || use postgres && elog "User must set DATABASE_URL in config
"
+ elog "Default server: http://127.0.0.1:8000";
+ elog "Admin interface: http://127.0.0.1:8000/admin";
+}
diff --git a/app-admin/vaultwarden/vaultwarden-9999.ebuild
b/app-admin/vaultwarden/vaultwarden-9999.ebuild
new file mode 100644
index 0000000000..4cf733e1aa
--- /dev/null
+++ b/app-admin/vaultwarden/vaultwarden-9999.ebuild
@@ -0,0 +1,112 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cargo check-reqs systemd tmpfiles
+
+DESCRIPTION="Unofficial Bitwarden compatible password manager server written
in Rust"
+HOMEPAGE="https://github.com/dani-garcia/vaultwarden";
+
+if [[ ${PV} == 9999* ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="https://github.com/dani-garcia/vaultwarden.git";
+else
+ SRC_URI="
+
https://github.com/dani-garcia/vaultwarden/archive/refs/tags/${PV}.tar.gz ->
${P}.tar.gz
+
https://github.com/rahilarious/gentoo-distfiles/releases/download/${P}/deps.tar.xz
-> ${P}-deps.tar.xz
+
https://github.com/rahilarious/gentoo-distfiles/releases/download/${P}/wiki.tar.xz
-> ${P}-docs.tar.xz
+"
+ KEYWORDS="~amd64"
+fi
+
+# main
+LICENSE="AGPL-3"
+# deps
+LICENSE+=" 0BSD Apache-2.0 Apache-2.0-with-LLVM-exceptions BSD-2 BSD ISC MIT
MPL-2.0 Unicode-DFS-2016"
+
+SLOT="0"
+IUSE="cli mysql postgres sqlite web"
+REQUIRED_USE="|| ( mysql postgres sqlite )"
+
+RDEPEND="
+ acct-user/vaultwarden
+ acct-group/vaultwarden
+ cli? ( || ( app-admin/bitwarden-cli app-admin/bitwarden-cli-bin ) )
+ mysql? ( dev-db/mysql-connector-c:= )
+ postgres? ( dev-db/postgresql:* )
+ sqlite? ( dev-db/sqlite:3 )
+ web? ( || ( www-apps/vaultwarden-web www-apps/vaultwarden-web-bin ) )
+"
+
+DEPEND="${RDEPEND}"
+BDEPEND="virtual/pkgconfig"
+
+QA_FLAGS_IGNORED="usr/bin/${PN}"
+QA_PRESTRIPPED="usr/bin/${PN}"
+ECARGO_VENDOR="${WORKDIR}/vendor"
+
+PATCHES=(
+ "${FILESDIR}"/vaultwarden-envfile-1.30.3.patch
+)
+
+CHECKREQS_MEMORY=3G
+CHECKREQS_DISK_BUILD=2G
+
+src_unpack() {
+ if [[ ${PV} == 9999* ]]; then
+ # clone vaultwarden
+ git-r3_src_unpack
+
+ # clone vaultwarden.wiki
+
EGIT_REPO_URI="https://github.com/dani-garcia/vaultwarden.wiki.git";
+ EGIT_CHECKOUT_DIR="${WORKDIR}/${PN}.wiki"
+ git-r3_src_unpack
+
+ cargo_live_src_unpack
+ else
+ cargo_src_unpack
+ fi
+}
+
+src_prepare() {
+ default
+ use web && { sed -i -e
's|^WEB_VAULT_ENABLED=false|WEB_VAULT_ENABLED=true|g;' .env.template || die; }
+}
+
+src_configure() {
+ local myfeatures=(
+ $(usev sqlite)
+ $(usev mysql)
+ $(usev postgres postgresql )
+ )
+ cargo_src_configure
+}
+
+src_compile() {
+ # https://github.com/dani-garcia/vaultwarden/blob/main/build.rs
+ [[ ${PV} != 9999* ]] && export VW_VERSION="${PV}"
+ cargo_src_compile
+}
+
+src_install() {
+ dobin target/*/"${PN}"
+ systemd_newunit "${FILESDIR}"/vaultwarden-1.30.3.service "${PN}".service
+ newinitd "${FILESDIR}"/vaultwarden-1.30.3.initd "${PN}"
+ newtmpfiles "${FILESDIR}"/vaultwarden-tmpfiles-1.30.3.conf "${PN}".conf
+ insinto /etc
+ newins .env.template "${PN}".env
+ keepdir /var/lib/"${PN}"
+
+ einstalldocs
+ dodoc -r ../"${PN}".wiki/*
+}
+
+pkg_postinst() {
+ tmpfiles_process "${PN}".conf
+ elog "Configuration file: /etc/${PN}.env"
+ elog "Data directory: /var/lib/${PN}"
+ use mysql || use postgres && elog "User must set DATABASE_URL in config
"
+ elog "Default server: http://127.0.0.1:8000";
+ elog "Admin interface: http://127.0.0.1:8000/admin";
+}
