app-containers/incus: add 0.4

 - both openrc and systemd init.d / service files updated to match how
   upstream intends them to be used
   https://linuxcontainers.org/incus/docs/main/packaging/#init-scripts
 - include fuidshift again, installed in /usr/sbin like it's supposed to.
   Won't collide with lxd's fuidshift.

Signed-off-by: Joonas Niilola <juippis@gentoo.org>

app-containers/incus/Manifest

@@ -1,2 +1,4 @@
 DIST incus-0.3.tar.xz 13344380 BLAKE2B 8160843df4ff419ef8890fcdd6b6b7e2c3cdec509ae072ec195c2b2c44e61ab3dc20a0488e9023d891b7ee2f2c700cfb8206ebe29236c29705a7121e5436d64f SHA512 d3f3141f72a8ecf007faca8c2f2d1465d766d12f763e714d296fd28acd7e3095dd49834d428f42bf142e301cf1af7ee00ef74005d128c49aa147fb4d9348dbde
 DIST incus-0.3.tar.xz.asc 833 BLAKE2B 532ee90f3ed1d4798a19dcc9df8fe6587ab5ab93d18accae7aae8e44cb8c8086c77702a572a371a966eee4ebed84a2d7941f52001152a1894e1d74aa235a06e0 SHA512 afd2aab52a19b618d194eab71974f84d1d3eb9639b2672d8e94153ac23b05764667374504b5f1355238341c4194de282d3bc7635335375fd347ba513eb66e685
+DIST incus-0.4.tar.xz 13544656 BLAKE2B 19f6dd9a0707d60e60b42fd586ed2a041a4ac66b071b8a8dc2f11e9fa6f11c3d4c464d4763babc22aa4e58e3964d079bdc3028848c460a5ebaed41573a4b3f65 SHA512 2d31f0dfa5408db9408946b4f872a051c792a2a47fb80962e62e6b6691c9c52c4532935f6d5bcbef05b80a1bc66f6cf68b1e61d148d8964569df0a98360c582e
+DIST incus-0.4.tar.xz.asc 833 BLAKE2B 7d78d6808f8bbab78427ddc41925bde68a965e1594e0a90a56471c81f5f71798e286031caabb50ecf8a8b7b084660eefaf7644f2753d3810903e2f5194cf70fe SHA512 ce5bf32f7007a4dcf339b549da14ce9094ebe031311bd77707155d90e6ab05d1b56841910b934c96d9fed941815ce47ee746222100cee42d28bcc7c312c25bfb

app-containers/incus/files/incus-0.4.confd

@@ -0,0 +1,26 @@
+# Group which owns the shared socket
+INCUS_OPTIONS+=" --group incus-admin"
+
+# Enable cpu profiling into the specified file
+#INCUS_OPTIONS+=" --cpuprofile /tmp/lxc_cpu_profile"
+
+# Enable memory profiling into the specified file
+#INCUS_OPTIONS+=" --memprofile /tmp/lxc_mem_profile"
+
+# Enable debug mode
+#INCUS_OPTIONS+=" --debug"
+
+# For debugging, print a complete stack trace every n seconds
+#INCUS_OPTIONS+=" --print-goroutines-every 5"
+
+# Enable verbose mode
+#INCUS_OPTIONS+=" -v"
+
+# Logfile to log to
+#INCUS_OPTIONS+=" --logfile /var/log/incus/incus.log"
+
+# Enable syslog logging
+#INCUS_OPTIONS+=" --syslog"
+
+# Increase ulimits to allow more open files on OpenRC.
+rc_ulimit="-n 1048576 -l unlimited"

app-containers/incus/files/incus-0.4.initd

@@ -0,0 +1,59 @@
+#!/sbin/openrc-run
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+DAEMON=/usr/sbin/incusd
+PIDFILE=/run/incus.pid
+
+depend() {
+	need net
+	need lxcfs
+}
+
+start() {
+	ebegin "Starting incus daemon service"
+
+	modprobe -f loop > /dev/null 2>&1
+
+	# Fix permissions on /var/lib/incus and make sure it exists.
+	# Create a log directory for incus with correct permissions.
+	install -d /var/lib/incus --group incus-admin --owner root --mode 0775
+	install -d /var/log/incus --group incus-admin --owner root
+
+	start-stop-daemon --start \
+		--pidfile ${PIDFILE} \
+		--exec ${DAEMON} \
+		--background \
+		--make-pidfile \
+		-- \
+		${INCUS_OPTIONS}
+	eend ${?}
+
+	# Create necessary systemd paths in order for systemd containers to work on openrc host.
+	# /etc/rc.conf should have following values:
+	#   rc_cgroup_mode="hybrid"
+	if [ -d /sys/fs/cgroup/unified ] &&
+	[ ! -d /sys/fs/cgroup/systemd ]; then
+		install -d /sys/fs/cgroup/systemd --group incus-admin --owner root
+		mount -t cgroup -o none,name=systemd systemd /sys/fs/cgroup/systemd
+	fi
+}
+
+stop() {
+	if [ "${RC_CMD}" = restart ]; then
+		ebegin "Stopping incus daemon service (but not containers)"
+		# start-stop-daemon sends SIGTERM with a timeout of 5s by default.
+		# SIGTERM indicates to INCUS that it will be stopped temporarily.
+		# Instances will keep running.
+		start-stop-daemon --stop --quiet -p "${PIDFILE}"
+		eend ${?}
+	else
+		ebegin "Stopping incus daemon service and containers, waiting 40s"
+		# SIGPWR indicates to INCUS that the host is going down.
+		# LXD will do a clean shutdown of all instances.
+		# After 30s all remaining instances will be killed.
+		# We wait up to 40s for INCUS.
+		start-stop-daemon --stop --quiet -R SIGPWR/40 -p "${PIDFILE}"
+		eend ${?}
+	fi
+}

app-containers/incus/files/incus-0.4.service

@@ -0,0 +1,22 @@
+[Unit]
+Description=Incus - main daemon
+After=network-online.target lxcfs.service incus.socket
+Requires=network-online.target lxcfs.service incus.socket
+
+[Service]
+EnvironmentFile=-/etc/environment
+ExecStart=/usr/sbin/incusd --group incus-admin --syslog
+ExecStartPost=/usr/sbin/incusd waitready --timeout=600
+ExecStartPre=/bin/mkdir -p /var/log/incus
+ExecStartPre=/bin/chown -R root:incus-admin /var/log/incus
+KillMode=process
+PermissionsStartOnly=true
+TimeoutStartSec=600s
+TimeoutStopSec=30s
+Restart=on-failure
+LimitNOFILE=1048576
+LimitNPROC=infinity
+TasksMax=infinity
+
+[Install]
+Also=incus-startup.service incus.socket

app-containers/incus/files/incus-0.4.socket

@@ -0,0 +1,11 @@
+[Unit]
+Description=Incus - Daemon (unix socket)
+
+[Socket]
+ListenStream=/var/lib/incus/unix.socket
+SocketGroup=incus-admin
+SocketMode=0660
+Service=incus.service
+
+[Install]
+WantedBy=sockets.target

app-containers/incus/files/incus-startup-0.4.service

@@ -0,0 +1,15 @@
+[Unit]
+Description=Incus - Startup check
+After=incus.socket incus.service
+Requires=incus.socket
+
+[Service]
+Type=oneshot
+ExecStart=/usr/sbin/incus-startup start
+ExecStop=/usr/sbin/incus-startup stop
+TimeoutStartSec=600s
+TimeoutStopSec=600s
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

app-containers/incus/files/incus-startup-0.4.sh

@@ -0,0 +1,21 @@
+#!/bin/sh
+set -e
+
+case "$1" in
+    start)
+      systemctl is-active incus -q && exit 0
+      exec incusd activateifneeded
+    ;;
+
+    stop)
+      systemctl is-active incus -q || exit 0
+      exec incusd shutdown
+    ;;
+
+    *)
+        echo "unknown argument \`$1'" >&2
+        exit 1
+    ;;
+esac
+
+exit 0

app-containers/incus/files/incus-user-0.4.initd

@@ -0,0 +1,37 @@
+#!/sbin/openrc-run
+# Copyright 2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+name="incus-user socket daemon"
+description="incus-user socket daemon"
+
+DAEMON=/usr/sbin/incus-user
+PIDFILE=/run/incus-user.pid
+
+depend() {
+	need incus
+	need net
+}
+
+start() {
+	ebegin "Starting incus-user socket daemon"
+
+	start-stop-daemon --start \
+		--pidfile ${PIDFILE} \
+		--exec ${DAEMON} \
+		--background \
+		--make-pidfile \
+		-- \
+		--group incus
+	eend ${?}
+}
+
+stop() {
+	if [ "${RC_CMD}" = restart ]; then
+		start-stop-daemon --stop --quiet -p "${PIDFILE}"
+		eend ${?}
+	else
+		start-stop-daemon --stop --quiet -p "${PIDFILE}"
+		eend ${?}
+	fi
+}

app-containers/incus/files/incus-user-0.4.service

@@ -0,0 +1,12 @@
+[Unit]
+Description=Incus - User daemon
+After=incus-user.socket incus.service
+Requires=incus-user.socket
+
+[Service]
+EnvironmentFile=-/etc/environment
+ExecStart=/usr/sbin/incus-user --group incus
+Restart=on-failure
+
+[Install]
+Also=incus-user.socket

app-containers/incus/files/incus-user-0.4.socket

@@ -0,0 +1,11 @@
+[Unit]
+Description=Incus - Daemon (user unix socket)
+
+[Socket]
+ListenStream=/var/lib/incus/unix.socket.user
+SocketGroup=incus
+SocketMode=0660
+Service=incus-user.service
+
+[Install]
+WantedBy=sockets.target