A alpine/stable/tailscale/APKBUILD => alpine/stable/tailscale/APKBUILD +75 -0
@@ 0,0 1,75 @@
+# Contributor: Andrei Jiroh Eugenio Halili <ajhalili2006@andreijiroh.eu.org>
+# Contributor: Robert Günzler <r@gnzler.io>
+# Contributor: Xe <xe@tailscale.com>
+# Maintainer: Robert Günzler <r@gnzler.io>
+pkgname=tailscale
+pkgver=1.54.1
+pkgrel=0
+pkgdesc="The easiest, most secure way to use WireGuard and 2FA"
+url="https://tailscale.com/"
+license="BSD-3-Clause"
+arch="all !s390x" # upstream still doesn't have hardware to debug this
+options="chmod-clean"
+depends="iptables" # https://github.com/tailscale/tailscale/issues/391
+makedepends="go linux-headers"
+checkdepends="openssh iproute2-minimal"
+subpackages="$pkgname-doc $pkgname-openrc"
+source="$pkgname-$pkgver.tar.gz::https://github.com/tailscale/tailscale/archive/v$pkgver.tar.gz
+ tailscale.confd
+ tailscale.initd
+ tailscale.logrotate
+ tailscale.modules-load
+ upstream-pr-10363.patch
+ "
+
+export GOCACHE="${GOCACHE:-"$srcdir/go-cache"}"
+export GOTMPDIR="${GOTMPDIR:-"$srcdir"}"
+export GOMODCACHE="${GOMODCACHE:-"$srcdir/go"}"
+
+# secfixes:
+# 1.32.3-r0:
+# - CVE-2022-41924 TS-2022-004
+# 0:
+# - CVE-2022-41925 TS-2022-005
+
+build() {
+ msg2 "Building tailscale..."
+
+ TAGS="netcgo osusergo static_build xversion"
+ VERSIONFLAGS="
+ -X tailscale.com/version.shortStamp=$pkgver
+ -X tailscale.com/version.longStamp=$pkgver-AlpineLinux
+ -X tailscale.com/version.gitCommitStamp=AlpineLinux
+ "
+
+ go build -tags "$TAGS" -ldflags "$VERSIONFLAGS" ./cmd/tailscale
+ go build -tags "$TAGS" -ldflags "$VERSIONFLAGS" ./cmd/tailscaled
+}
+
+check() {
+ # shellcheck disable=SC2046
+ go test $(go list ./... | grep -Ev '(util/linuxfw|net/netcheck|wgengine/magicsock|tstest/archtest|tstest/integration|tstest/jsdeps|tstest/iosdeps|ssh/tailssh|containerboot|net/connstats)')
+}
+
+package() {
+ install -m755 -D tailscale \
+ "$pkgdir"/usr/bin/tailscale
+ install -m755 -D tailscaled \
+ "$pkgdir"/usr/sbin/tailscaled
+
+ install -m644 -D -t "$pkgdir"/usr/share/doc/$pkgname README.md
+
+ install -m755 -D "$srcdir"/tailscale.initd "$pkgdir"/etc/init.d/tailscale
+ install -m644 -D "$srcdir"/tailscale.confd "$pkgdir"/etc/conf.d/tailscale
+ install -m644 -D "$srcdir"/tailscale.logrotate "$pkgdir"/etc/logrotate.d/tailscale
+ install -m644 -D "$srcdir"/tailscale.modules-load "$pkgdir"/usr/lib/modules-load.d/tailscale.conf
+}
+
+sha512sums="
+4ec97ab7377998fae4bf9afc4f7c96685cee0887aebf1eb09c77301b9703f88976a986641ef09aed56a30fa22bb656e7e55f9e0a3cbbacfa23444636d37ee961 tailscale-1.54.1.tar.gz
+24706f10a6f5f7091c0f73a13e0c2d72e969e92e6f7aa21abe504f8e2c16af4d1d80fd28c33acbe4866dd8174abd9dc201d97eb5271f6355f7589a56f470f52c tailscale.confd
+5cb35e0144d3bc2c20b1fde1ee402aab642b666c259bb324bf1c742a79fd8b3892cf2e7419e684764a50b6a29dc562ee674915bbf16a76eda543fd9c8988428c tailscale.initd
+c139461ff829359bfdc66866ef4cd6561f781e2bc3b40e5cfe9c9d06e3e749d179835ee8548d2b2e725f9a59644db64b1136393dff78ae29955c905e76c8ef46 tailscale.logrotate
+871b650ff982be061532b4c5fe4812f41e6e2c58fc69b24f8a745f9a43389da44e742a69b0467b3c3d9e2b031af0728e20f10fa4584695c4f5ac87768a1fd34e tailscale.modules-load
+6eebc7a561799c0beb6da82984cfb6ab0266e3dd10791160beffd0801684fc3076f4c357944ef76592080870ece5958c4413960f4b78a07e0ecc4157b3a191f8 upstream-pr-10363.patch
+"
A alpine/stable/tailscale/tailscale.confd => alpine/stable/tailscale/tailscale.confd +5 -0
@@ 0,0 1,5 @@
+# tailscaled options
+#
+# TAILSCALED_LOGFILE
+# TAILSCALED_PORT
+# TAILSCALED_OPTS
A alpine/stable/tailscale/tailscale.initd => alpine/stable/tailscale/tailscale.initd +27 -0
@@ 0,0 1,27 @@
+#!/sbin/openrc-run
+
+TAILSCALED_LOGFILE="${TAILSCALED_LOGFILE:-/var/log/${RC_SVCNAME}d.log}"
+TAILSCALED_PORT="${TAILSCALED_PORT:-41641}"
+
+supervisor=supervise-daemon
+
+name="tailscaled"
+command="/usr/sbin/tailscaled"
+command_args="--state=/var/lib/tailscale/tailscaled.state --port ${TAILSCALED_PORT} ${TAILSCALED_OPTS} >>${TAILSCALED_LOGFILE} 2>&1"
+
+output_log=${TAILSCALED_LOGFILE}
+error_log=${TAILSCALED_LOGFILE}
+
+pidfile="/run/tailscaled.pid"
+respawn_delay=5
+respawn_max=0
+
+depend() {
+ need net
+ after firewall
+ use logger
+}
+
+start_pre() {
+ checkpath -f -m 0644 -o root:root "${TAILSCALED_LOGFILE}"
+}
A alpine/stable/tailscale/tailscale.logrotate => alpine/stable/tailscale/tailscale.logrotate +6 -0
@@ 0,0 1,6 @@
+/var/log/tailscaled.log {
+ missingok
+ notifempty
+ sharedscripts
+ endscript
+}
A alpine/stable/tailscale/tailscale.modules-load => alpine/stable/tailscale/tailscale.modules-load +1 -0
A alpine/stable/tailscale/upstream-pr-10363.patch => alpine/stable/tailscale/upstream-pr-10363.patch +42 -0
@@ 0,0 1,42 @@
+Patch-Source: https://github.com/tailscale/tailscale/commit/5aa7687b2193cd3c86d350109f9eaab9dbad614b
+--
+From 5aa7687b2193cd3c86d350109f9eaab9dbad614b Mon Sep 17 00:00:00 2001
+From: Andrew Dunham <andrew@du.nham.ca>
+Date: Wed, 22 Nov 2023 10:50:43 -0500
+Subject: [PATCH] util/httpm: don't run test if .git doesn't exist
+
+Updates #9635
+
+Signed-off-by: Andrew Dunham <andrew@du.nham.ca>
+Change-Id: I9089200f9327605036c88fc12834acece0c11694
+---
+ util/httpm/httpm_test.go | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/util/httpm/httpm_test.go b/util/httpm/httpm_test.go
+index 77e6309c8807d..0c71edc2f3c42 100644
+--- a/util/httpm/httpm_test.go
++++ b/util/httpm/httpm_test.go
+@@ -12,12 +12,20 @@ import (
+ )
+
+ func TestUsedConsistently(t *testing.T) {
+- cmd := exec.Command("git", "grep", "-l", "-F", "http.Method")
+ dir, err := os.Getwd()
+ if err != nil {
+ t.Fatal(err)
+ }
+- cmd.Dir = filepath.Join(dir, "../..")
++ rootDir := filepath.Join(dir, "../..")
++
++ // If we don't have a .git directory, we're not in a git checkout (e.g.
++ // a downstream package); skip this test.
++ if _, err := os.Stat(filepath.Join(rootDir, ".git")); err != nil {
++ t.Skipf("skipping test since .git doesn't exist: %v", err)
++ }
++
++ cmd := exec.Command("git", "grep", "-l", "-F", "http.Method")
++ cmd.Dir = rootDir
+ matches, _ := cmd.Output()
+ for _, fn := range strings.Split(strings.TrimSpace(string(matches)), "\n") {
+ switch fn {