commit 956ee7cfa8cbd4a91617c68659d768e2ae5c7151251dcc329f3f16623c9b1d86
Author: Alexandre Vicenzi <alexandre.vicenzi@suse.com>
Date:   Thu Apr 11 14:11:02 2024 +0000

    Accepting request 1166884 from home:rrahl0
    
    
    
    OBS-URL: https://build.opensuse.org/request/show/1166884
    OBS-URL: https://build.opensuse.org/package/show/network:vpn/nebula?expand=0&rev=1

diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..9b03811
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..57affb6
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.osc
diff --git a/_service b/_service
new file mode 100644
index 0000000..d02981e
--- /dev/null
+++ b/_service
@@ -0,0 +1,20 @@
+<?xml version="1.0" ?>
+<services>
+  <service name="tar_scm" mode="manual">
+    <param name="url">https://github.com/slackhq/nebula.git</param>
+    <param name="scm">git</param>
+    <param name="revision">refs/tags/v1.8.2</param>
+    <param name="versionformat">@PARENT_TAG@</param>
+    <param name="versionrewrite-pattern">v(.*)</param>
+    <param name="package-meta">yes</param>
+  </service>
+  <service name="recompress" mode="manual">
+    <param name="file">*.tar</param>
+    <param name="compression">gz</param>
+  </service>
+  <service name="go_modules" mode="manual">
+    <param name="archive">*.tar.gz</param>
+    <param name="compression">zst</param>
+  </service>
+  <service name="set_version" mode="manual" />
+</services>
diff --git a/enable-pie.patch b/enable-pie.patch
new file mode 100644
index 0000000..a0a0d25
--- /dev/null
+++ b/enable-pie.patch
@@ -0,0 +1,12 @@
+diff -rub nebula/Makefile nebula-patched/Makefile
+--- nebula/Makefile	2024-04-09 08:35:28.559936158 +0200
++++ nebula-patched/Makefile	2024-04-09 08:59:08.363591927 +0200
+@@ -96,7 +96,7 @@
+ 
+ release-boringcrypto: build/nebula-linux-$(shell go env GOARCH)-boringcrypto.tar.gz
+ 
+-BUILD_ARGS = -trimpath
++BUILD_ARGS = -trimpath -buildmode=pie
+ 
+ bin-windows: build/windows-amd64/nebula.exe build/windows-amd64/nebula-cert.exe
+ 	mv $? .
diff --git a/nebula-1.8.2.tar.gz b/nebula-1.8.2.tar.gz
new file mode 100644
index 0000000..fa9bb0b
--- /dev/null
+++ b/nebula-1.8.2.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:719f5526e8cdd98d57a1a6430771b282bf4f4e9fa0b35615ceb6a3830143e709
+size 2355464
diff --git a/nebula.changes b/nebula.changes
new file mode 100644
index 0000000..4d326f7
--- /dev/null
+++ b/nebula.changes
@@ -0,0 +1,4 @@
+-------------------------------------------------------------------
+Tue Apr  9 06:08:08 UTC 2024 - Richard Rahl <rrahl0@proton.me>
+
+- initial packaging
diff --git a/nebula.service b/nebula.service
new file mode 100644
index 0000000..15c4547
--- /dev/null
+++ b/nebula.service
@@ -0,0 +1,30 @@
+[Unit]
+Description=Nebula overlay networking tool
+Wants=basic.target network-online.target nss-lookup.target time-sync.target
+After=basic.target network.target network-online.target
+Before=sshd.service
+AssertDirectoryNotEmpty=/etc/nebula
+
+[Service]
+Type=notify
+NotifyAccess=main
+SyslogIdentifier=nebula
+ExecReload=/bin/kill -HUP $MAINPID
+ExecStart=/usr/sbin/nebula -config /etc/nebula/config.yml
+Restart=always
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+PrivateDevices=true
+ProtectClock=true
+ProtectControlGroups=true
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelLogs=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+RestrictRealtime=true
+# give permission to TUN
+BindPaths=/dev/net/tun
+DeviceAllow=/dev/net/tun rw
+
+[Install]
+WantedBy=multi-user.target
diff --git a/nebula.spec b/nebula.spec
new file mode 100644
index 0000000..2a3c9d0
--- /dev/null
+++ b/nebula.spec
@@ -0,0 +1,83 @@
+#
+# spec file for package nebula
+#
+# Copyright (c) 2024 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+Name:           nebula
+Version:        1.8.2
+Release:        0
+Summary:        A scalable overlay networking tool
+License:        MIT
+URL:            https://github.com/slackhq/nebula
+Source0:        %{name}-%{version}.tar.gz
+Source1:        vendor.tar.zst
+Source2:        %{name}.service
+Patch0:         enable-pie.patch
+BuildRequires:  golang-packaging
+BuildRequires:  git-core
+BuildRequires:  zstd
+
+%description
+Nebula is a scalable overlay networking tool with a focus on performance,
+simplicity and security. It lets you seamlessly connect computers anywhere
+in the world. It can be used to connect a small number of computers,
+but is also able to connect tens of thousands of computers.
+
+%package cert
+Summary:        Seperate %{name}-cert package
+
+%description cert
+This package only includes the %{name}-cert binary.
+
+%prep
+%autosetup -p1 -a1
+
+%build
+%make_build
+
+%install
+install -Dm0755 -t %{buildroot}%{_sbindir} nebula
+install -Dm0755 -t %{buildroot}%{_bindir} nebula-cert
+install -Dm0644 -t %{buildroot}%{_unitdir} %{SOURCE2}
+install -d %{buildroot}%{_sysconfdir}/%{name}
+
+%pre
+%service_add_pre %{name}.service
+
+%post
+%service_add_post %{name}.service
+
+%preun
+%service_del_preun %{name}.service
+
+%postun
+%service_del_postun %{name}.service
+
+%check
+%make_build test
+
+%files
+%license LICENSE
+%doc AUTHORS CHANGELOG.md LOGGING.md README.md SECURITY.md examples/config.yml
+%{_sbindir}/%{name}
+%{_unitdir}/%{name}.service
+%{_sysconfdir}/%{name}
+
+%files cert
+%license LICENSE
+%{_bindir}/%{name}-cert
+
+%changelog
diff --git a/vendor.tar.zst b/vendor.tar.zst
new file mode 100644
index 0000000..3fb5f84
--- /dev/null
+++ b/vendor.tar.zst
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:83d1387a3b13771eafef8ec208d3599fc87d02640d8fd60cbec897f9f478ef29
+size 2433033