diff --git a/victoria-metrics/PKGBUILD b/victoria-metrics/PKGBUILD new file mode 100644 index 0000000..21a882b --- /dev/null +++ b/victoria-metrics/PKGBUILD @@ -0,0 +1,92 @@ +# Maintainer: George Rawlinson + +pkgbase=victoria-metrics +pkgname=('victoria-metrics' 'victoria-metrics-utils') +pkgver=1.75.1 +pkgrel=1 +pkgdesc="A fast, cost-effective monitoring solution and time series database" +arch=('x86_64') +url="https://victoriametrics.com" +license=('Apache') +depends=('glibc') +makedepends=('git' 'go') +options=('!lto') +_commit='f8b44586858d195b3d265b6f4b10872d2e9500a7' +source=( + "$pkgbase::git+https://github.com/VictoriaMetrics/VictoriaMetrics.git#commit=$_commit" + 'systemd.service' + 'tmpfiles.conf' + 'sysusers.conf' +) +b2sums=('SKIP' + '9fbcc9b95f935c07658f0bf30b7e17e2c86ae75b4a270a78cbbd7dbe9ef0a698e9f4e617943047b1f6ea07515964466f456f378d2f5565b05fd873eedc50e26f' + 'f39262508fd73a0ac2841e6f93bab9428ff6b84b009beb3d9d13913c3e361b6f16e7ceb5939fa2cff9d99d183e4d2263afa1b8d871c348a74646033bab46583c' + '7d947bfabfb96e14842cc13dac12612b40d28361f81675f5d5cf930453d0ba6f32cb735634d61d17bc602ce147dcf6f36ca3a161ba5a4a346f1896f71b06430b') +_binaries=( + 'victoria-metrics' + 'vmagent' + 'vmalert' + 'vmauth' + 'vmbackup' + 'vmrestore' + 'vmctl' +) + +pkgver() { + cd "$pkgbase" + + git describe --tags | sed 's/^v//' +} + +prepare() { + # create directory for build output + mkdir build + + cd "$pkgbase" + + # download dependencies + go mod download +} + +build() { + cd "$pkgbase" + + # set Go flags + export CGO_CPPFLAGS="${CPPFLAGS}" + export CGO_CFLAGS="${CFLAGS}" + export CGO_CXXFLAGS="${CXXFLAGS}" + + for binary in "${_binaries[@]}"; do + go build -v \ + -trimpath \ + -buildmode=pie \ + -mod=readonly \ + -modcacherw \ + -ldflags "-linkmode external -extldflags $LDFLAGS" \ + -o "$srcdir/build" \ + "./app/$binary" + done +} + +check() { + cd "$pkgbase" + + for binary in "${_binaries[@]}"; do + go test -v "./app/$binary/..." + done +} + +package_victoria-metrics() { + # systemd integration + install -vDm644 systemd.service "$pkgdir/usr/lib/systemd/system/$pkgbase.service" + install -vDm644 sysusers.conf "$pkgdir/usr/lib/sysusers.d/$pkgbase.conf" + install -vDm644 tmpfiles.conf "$pkgdir/usr/lib/tmpfiles.d/$pkgbase.conf" + + # binary + install -vDm755 -t "$pkgdir/usr/bin" build/victoria-metrics +} + +package_victoria-metrics-utils() { + pkgdesc+=" (utilities)" + install -vDm755 -t "$pkgdir/usr/bin" build/vm* +} diff --git a/victoria-metrics/systemd.service b/victoria-metrics/systemd.service new file mode 100644 index 0000000..b4deb8e --- /dev/null +++ b/victoria-metrics/systemd.service @@ -0,0 +1,46 @@ +[Unit] +Description=High-performance, cost-effective and scalable time series database, long-term remote storage for Prometheus +Documentation=https://docs.victoriametrics.com/ +After=network-online.target + +[Service] +User=victoria-metrics +Group=victoria-metrics +Type=simple +StartLimitBurst=5 +StartLimitInterval=0 +Restart=on-failure +RestartSec=1 +ExecStart=/usr/bin/victoria-metrics -storageDataPath=/var/lib/victoria-metrics +ExecStop=/bin/kill -s SIGTERM $MAINPID + +# hardening options +UMask=0077 +NoNewPrivileges=true +LimitNOFILE=1048576 +ProtectSystem=strict +ProtectHome=true +PrivateUsers=yes +PrivateTmp=true +PrivateDevices=true +ProtectHostname=true +ProtectClock=true +ProtectKernelTunables=true +ProtectKernelModules=true +ProtectKernelLogs=true +ProtectControlGroups=true +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 +RestrictNamespaces=true +LockPersonality=true +MemoryDenyWriteExecute=true +RestrictRealtime=true +RestrictSUIDSGID=true +RemoveIPC=true +CapabilityBoundingSet= +AmbientCapabilities= +SystemCallFilter=@system-service +SystemCallFilter=~@privileged @resources +SystemCallArchitectures=native + +[Install] +WantedBy=multi-user.target diff --git a/victoria-metrics/sysusers.conf b/victoria-metrics/sysusers.conf new file mode 100644 index 0000000..ae8ec5b --- /dev/null +++ b/victoria-metrics/sysusers.conf @@ -0,0 +1 @@ +u victoria-metrics - "victoria-metrics daemon user" /var/lib/victoria-metrics diff --git a/victoria-metrics/tmpfiles.conf b/victoria-metrics/tmpfiles.conf new file mode 100644 index 0000000..e2798e0 --- /dev/null +++ b/victoria-metrics/tmpfiles.conf @@ -0,0 +1 @@ +d /var/lib/victoria-metrics 0755 victoria-metrics victoria-metrics