vector-bin: Initial import

Signed-off-by: Stefan Knoblich <stkn@bitplumber.de>

acct-group/vector/Manifest

@@ -0,0 +1 @@
+EBUILD vector-0.ebuild 178 BLAKE2B 8029c631088347768f9bcf0f45748c1984ff89ecc3b26cb79c9851a69e77c9df2392178ef9da73c0414a030b8b719d38353b961378e0dd649d3f24bfb4144ee6 SHA512 f52120d565c72bde6fc4e8d65af2df6acaa260c8d941b15d7bd3f99dd0295a3b9a0a5087b452e7674838d1f0337a5937695ef9b7edc4228c0916afe1205061a7

acct-group/vector/vector-0.ebuild

@@ -0,0 +1,9 @@
+# Copyright 2019-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit acct-group
+
+DESCRIPTION="Vector group"
+ACCT_GROUP_ID=988

acct-user/vector/Manifest

@@ -0,0 +1 @@
+EBUILD vector-0.ebuild 279 BLAKE2B 16ff7d2c67fe97cc711b451dc7449452339a795eef63af732ca8b3c1b9a70012fdac858552113d140c80af0ad9df18d58b17dcbf60f232accc2c586dc34854fd SHA512 45d8d702d3931de3804fe2e021ea12e33a8871294a3c7a165684ba4aa8c4d2e8eb300e89ee1c8610299e7319e93755a262b96bd89b1008104a371653ac434c47

acct-user/vector/vector-0.ebuild

@@ -0,0 +1,13 @@
+# Copyright 2019-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit acct-user
+
+DESCRIPTION="Vector user"
+ACCT_USER_ID=988
+ACCT_USER_HOME=/var/lib/vector
+ACCT_USER_HOME_PERMS=0750
+ACCT_USER_GROUPS=( vector )
+acct-user_add_deps

app-admin/vector-bin/Manifest

@@ -0,0 +1,5 @@
+AUX vector.confd 0 BLAKE2B 786a02f742015903c6c6fd852552d272912f4740e15847618a86e217f71f5419d25e1031afee585313896444934eb04b903a685b1448b755d56f701afe9be2ce SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
+AUX vector.initd 785 BLAKE2B 0dd52768ad80f323a1f1a3007dccb3e871fa24dec3bd35609aff4cfec8739e79e7e170b29d3eca7f0e8932356e5fa3df7464c2622ba8a7c2720b7a130e9c7e1a SHA512 37fcd037b13c173f74e8b9f5d21934df0401470077ff237085a53da6946d1919abdfa0a6c694e772c12b63e99c2775953cc2ebe5f7b9c36309076b65304d499c
+AUX vector.service 1086 BLAKE2B 78346456b4db8e9b5271b87c0b2f11d8d5d049691b086fbf2a918c675bafa271b7f66f3c962b7af7b96d6fa07c9ea3f5a0b69c8a985819ea310fcf2578257fb5 SHA512 86163fea2387091bfb8e714e8a4c4420d620e08ab3aefc4c0bc88964027171a964d1d060dbae8ca78abb79776102049c49b42024f8ecc2906687cf0cc8410ece
+DIST vector-0.33.0-x86_64-unknown-linux-gnu.tar.gz 42302761 BLAKE2B bb9404d989f30f876cb1861659c1c64e83adbc695178382f7dd277583519ce8411c7d1fe19a802f8d1254958c3fafc7f2e3e396707bf6e9aebbd4c03a3277d70 SHA512 e91ae3a1e59d5be7c503d055e948ba2748ceb840d8ced0a2614decf1df210a9f3b50b908b434d57883ec27ff61f65ff84cdd13c1d94c91b6bb175fb88a55103b
+EBUILD vector-bin-0.33.0.ebuild 716 BLAKE2B 452718259ea0d4d7c8853084dcf34109436973717ad9cbef487bd92dcca5846e70ff931eb7b3f365f30f9a5f921c2133748963322edc41484aa50c10fc3df835 SHA512 8d0805ed0d45b8cc7b42b5431429aa70446ea3399a1727ee4977a8a37238b3b3935775775d8301f6e39033365c41d80fc5f28425eaabd5d55ada4db93bfe745a

app-admin/vector-bin/files/vector.initd

@@ -0,0 +1,21 @@
+#!/sbin/openrc-run
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+VECTOR_USER="${VECTOR_USER:-vector}"
+VECTOR_GROUP="${VECTOR_GROUP:-vector}"
+VECTOR_CONFIG="${VECTOR_CONFIG:-/etc/vector/config.toml}"
+VECTOR_DATA_DIR="${VECTOR_DATA_DIR:-/var/lib/vector}"
+VECTOR_LOG_DIR="${VECTOR_LOG_DIR:-/var/log/vector}"
+
+command="/usr/bin/vector"
+command_args="--config ${VECTOR_CONFIG}"
+
+pidfile="/run/${RC_SVCNAME}.pid"
+command_background="true"
+start_stop_daemon_args="--user=\"${VECTOR_USER}\" --group=\"${VECTOR_GROUP}\" --stdout ${VECTOR_LOG_DIR}/vector.log --stderr ${VECTOR_LOG_DIR}/vector.err"
+
+start_pre() {
+	checkpath -d -o "${VECTOR_USER}" -m750 "${VECTOR_DATA_DIR}"
+	checkpath -d -o "${VECTOR_USER}" -m750 "${VECTOR_LOG_DIR}"
+}

app-admin/vector-bin/files/vector.service

@@ -0,0 +1,51 @@
+[Unit]
+Description=Vector
+After=network.target
+
+[Service]
+User=vector
+Group=vector
+
+ExecStartPre=/usr/bin/vector validate --config /etc/vector/config.toml
+ExecStart=/usr/bin/vector --config /etc/vector/config.toml
+ExecReload=/usr/bin/vector validate --config /etc/vector/config.toml
+ExecReload=/bin/kill -HUP $MAINPID
+Restart=no
+
+# capabilities
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+
+# sandboxing
+ProtectHostname=yes
+ProtectClock=yes
+ProtectKernelTunables=yes
+ProtectKernelModules=yes
+ProtectKernelLogs=yes
+ProtectSystem=strict
+ProtectHome=yes
+ProtectControlGroups=yes
+PrivateTmp=yes
+PrivateDevices=yes
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
+LockPersonality=yes
+MemoryDenyWriteExecute=yes
+RestrictRealtime=yes
+RestrictSUIDSGID=yes
+NoNewPrivileges=yes
+RemoveIPC=yes
+RestrictNamespaces=yes
+
+WorkingDirectory=/var/lib/vector
+StateDirectory=vector
+StateDirectoryMode=0750
+
+# syscall filtering
+SystemCallFilter=@system-service @debug
+SystemCallArchitectures=native
+
+# process properties
+UMask=077
+
+[Install]
+WantedBy=multi-user.target

app-admin/vector-bin/vector-bin-0.33.0.ebuild

@@ -0,0 +1,37 @@
+#
+#
+#
+
+EAPI=7
+
+inherit systemd
+
+MY_P="${P/-bin}"
+
+DESCRIPTION="A lightweight, ultra-fast tool for building observability pipelines"
+HOMEPAGE="https://vector.dev/"
+SRC_URI="https://packages.timber.io/vector/${PV}/${MY_P}-x86_64-unknown-linux-gnu.tar.gz"
+
+RDEPEND="acct-group/vector
+	acct-user/vector"
+DEPEND="${RDEPEND}"
+
+S="${WORKDIR}/vector-x86_64-unknown-linux-gnu"
+SLOT="0"
+ARCH="amd64"
+
+src_install() {
+	dobin bin/vector
+
+	newinitd "${FILESDIR}/vector.initd" vector
+	newconfd "${FILESDIR}/vector.initd" vector
+
+	systemd_dounit "${FILESDIR}/vector.service"
+
+	diropts -m 0750 -o vector -g vector
+	insinto /etc/vector
+	newins config/vector.toml config.toml.dist
+
+	keepdir /var/lib/vector
+	keepdir /var/log/vector
+}