# Copyright 2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

EAPI=8

inherit go-module systemd

DESCRIPTION="Go implementation of a Telegram <=> IRC bridge for use with any IRC channel and Telegram group"
HOMEPAGE="https://github.com/RITlug/teleirc"
SRC_URI="https://github.com/RITlug/${PN}/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz
		https://git.millerson.name/alex/gentoo-artifacts/releases/download/${P}-vendor/${P}-vendor.tar.xz"

LICENSE="GPL-3.0"
SLOT="0"
KEYWORDS="~amd64"

DEPEND=""
RDEPEND="${DEPEND}"
BDEPEND=""

src_prepare() {
        local PATCHES=(
                "${FILESDIR}"/*.patch
        )
        default

        sed -i -e "s@/usr/local/bin/@/usr/bin/@" \
        -e "/^User=/Id" \
        -e "/\[Service\]/a DynamicUser=true" \
        -e "/\[Service\]/a LoadCredential=%i:/etc/teleirc/%i" \
        -e "/\[Service\]/a AmbientCapabilities=" \
        -e "/\[Service\]/a CapabilityBoundingSet=" \
        -e "/\[Service\]/a RestrictNamespaces=yes" \
        -e "/\[Service\]/a ProtectSystem=strict" \
        -e "/\[Service\]/a ProtectHome=true" \
        -e "/\[Service\]/a PrivateTmp=true" \
        -e "/\[Service\]/a ProtectProc=invisible" \
        -e "/\[Service\]/a ProcSubset=pid" \
        -e "/\[Service\]/a ProtectKernelTunables=yes" \
        -e "/\[Service\]/a ProtectKernelModules=true" \
        -e "/\[Service\]/a ProtectControlGroups=true" \
        -e "/\[Service\]/a ProtectHostname=true" \
        -e "/\[Service\]/a ProtectKernelLogs=true" \
        -e "/\[Service\]/a LockPersonality=yes" \
        -e "/\[Service\]/a MemoryDenyWriteExecute=yes" \
        -e "/\[Service\]/a NoNewPrivileges=yes" \
        -e "/\[Service\]/a RestrictSUIDSGID=yes" \
        -e "/\[Service\]/a RestrictRealtime=yes" \
        -e "/\[Service\]/a PrivateDevices=yes" \
        -e "/\[Service\]/a PrivateUsers=yes" \
        -e "/\[Service\]/a SystemCallArchitectures=native" \
        -e "/\[Service\]/a ProtectClock=yes" \
        -e "/\[Service\]/a UMask=7177" \
        -e "/\[Service\]/a NoExecPaths=/" \
        -e "/\[Service\]/a ExecPaths=/usr/bin/teleirc $(prefix)/$(get_libdir)" \
        deployments/systemd/teleirc@.service || die

}

src_compile() {
	ego build -asmflags -trimpath \
		-ldflags "-s -w -X main.version=${PV}" cmd/teleirc.go || die
}

src_install() {
    systemd_dounit deployments/systemd/teleirc@.service
    # systemd_install_dropin foo.service "${FILESDIR}/foo.service.conf"

    insinto /etc/"${PN}"
    newins env.example example

    dobin ${PN}

	default
}