blob: badf319dc711d31269e6438f973ae06af245be99 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
# Maintainer: Aqua-sama <aqua@iserlohn-fortress.net>
pkgname=smolbote-git
pkgdesc='Yet another no-frills browser'
pkgver=r0
pkgrel=1
url="https://neueland.iserlohn-fortress.net/smolbote"
install="smolbote.install"
arch=('x86_64')
license=('GPL3')
depends=('qt5-webengine>=5.11.0' 'boost-libs>=1.66.0')
optdepends=('firejail: launch a sandboxed instance')
makedepends=('git' 'meson' 'pkg-config' 'python-kconfiglib' 'asciidoctor' 'openssl')
# this is the central repository
source=("git+https://neueland.iserlohn-fortress.net/gitea/aeon/smolbote.git"
"git+https://github.com/itay-grudev/SingleApplication.git")
sha512sums=('SKIP'
'SKIP')
#validgpgkeys=(# Aqua-sama <aqua@iserlohn-fortress.net>
# BB1C090188E3E32B375C13FD095DE26BC16D2E98)
## Build Options
# Run menuconfig
#_menuconfig=
# Enable plugin signing:
# - generate a 4096-bit RSA key and embed the public key into the binary
# - apply the plugin signing patch to the config, enabling PluginLoader::verify
# - sign the plugins with the private key, and install the signatures
# Because this embeds the public key into the executable, enabling this option will break reproducible builds.
_signPlugins=
prepare() {
cd $srcdir/smolbote
git submodule init
git config submodule.3rd-party/SingleApplication/SingleApplication.git.url $srcdir/SingleApplication
git submodule update 3rd-party/SingleApplication/SingleApplication.git
if [ -n $_signPlugins ]; then
msg "Creating OpenSSL signing key"
mkdir $srcdir/signing
cd $srcdir/signing
# generate rsa keypair
openssl genrsa -out privateKey.pem 4096
msg2 "Keypair written to $srcdir/signing/privateKey.pem."
openssl rsa -in privateKey.pem -pubout -out publicKey.pem
./tools/hexdump.py --name='publicKey_pem' publicKey.pem $srcdir/smolbote/src/plugin/publicKey.h
msg2 "Public key exported to $srcdir/signing/publicKey.pem."
fi
}
pkgver() {
cd smolbote
# Without version tag
echo r$(git rev-list --count HEAD)-$(git rev-parse --short HEAD) | sed 's/\([^-]*-g\)/r\1/;s/-/./g'
# With version tag
#git describe --long | sed 's/\([^-]*-g\)/r\1/;s/-/./g'
}
build() {
if [ ! -d $srcdir/build ]; then
mkdir $srcdir/build
fi
cd $srcdir/smolbote
# For a list of configureable options, check smolbote/meson_options.txt, or
# run `meson configure` in $srcdir/build
# --wrap-mode=nodownload - disable meson from downloading dependency wraps. This will cause it to fail if makedepends are not found by pkg-config or cmake.
# --buildtype=plain - meson won't add any flags to the command line
# --prefix=... - install prefix
# --auto-features=disabled - features should be explicitly enabled
# b_pie: Build executables as position independent
# b_lto: Use link time optimization
meson --buildtype=plain --prefix=/usr/local --auto-features=disabled \
-Db_pie=true -Db_lto=true -Dcpp_link_args="-fuse-ld=gold" \
-Dmanpage=enabled \
$srcdir/build
# Run menuconfig
#KCONFIG_CONFIG=linux/.config menuconfig
# Build
cd $srcdir/build
ninja
}
package() {
# Install
cd $srcdir/build
DESTDIR="$pkgdir" ninja install
msg "Signing plugins"
for so in $pkgdir/usr/local/lib/smolbote/plugins/*.so; do
openssl dgst -sha256 -sign $srcdir/signing/privateKey.pem -out $so.sig $so
install -m644 $so.sig $pkgdir/usr/lib/smolbote/plugins/$so.sig
done
}
|