Make package function more compact

mullvad-vpn-daemon/APKBUILD

@@ -1,46 +1,36 @@
-# Contributor:
+maintainer="Joakim Hulthe <joakim@hulthe.net>"
-# Maintainer: Joakim Hulthe <joakim@hulthe.net>
 pkgname=mullvad-vpn-daemon
 pkgver=2026.2_beta1
-pkgrel=1
+pkgrel=0
-pkgdesc="Mullvad VPN system service"
+pkgdesc="Mullvad VPN client (daemon and CLI)"
 url="https://mullvad.net/"
-arch="all"
+# Mullvad depends on old versions of the `nix` library
-license="GPL-3-or-later"
+# which are broken on on loongarch64 and s390x
-depends="
+arch="all !loongarch64 !s390x"
-	dbus
+license="GPL-3.0-or-later"
-	libmnl
-	libnftnl
-"
 makedepends="
-	build-base
 	cargo-auditable
-	rust
-	pkgconfig
 	git
 	protobuf-dev
 	dbus-dev
 	libmnl-dev
 	libnftnl-dev
 "
-checkdepends=""
 install="
-	$pkgname.post-install
 	$pkgname.pre-upgrade
-	$pkgname.post-upgrade
 	$pkgname.pre-deinstall
-	$pkgname.post-deinstall
 	$pkgname-systemd.post-install
 	$pkgname-systemd.post-upgrade
+	$pkgname-systemd.pre-deinstall
 "
 subpackages="
 	$pkgname-systemd
 	$pkgname-suid
 "
 source="
-	https://github.com/mullvad/mullvadvpn-app/archive/refs/tags/2026.2-beta1.tar.gz
+	https://github.com/mullvad/mullvadvpn-app/archive/refs/tags/${pkgver//_/-}.tar.gz
 "
-builddir="$srcdir/mullvadvpn-app-2026.2-beta1/"
+builddir="$srcdir/mullvadvpn-app-${pkgver//_/-}/"
 options="net suid"
 
 _cargo_target_dir="${CARGO_TARGET_DIR:-$builddir/target}"
@@ -53,23 +43,17 @@ prepare() {
 }
 
 build() {
-	# Specify `--target` so that build artifacts will end up in target/<target>/release
+	# Specify `--target` so that build artifacts will be in target/<target>/release
-	# This avoids clashes with host system when running in a container with a mounted target folder.
+	# This avoids clashes with host system when building in a container.
 
 	# Compile all binaries
-	cargo auditable build --release --locked \
+	cargo auditable build --release --frozen \
 		--target "$CHOST" \
 		-p mullvad-cli \
 		-p mullvad-daemon \
 		-p mullvad-exclude \
 		-p mullvad-problem-report \
 		-p mullvad-setup
-
-	# Generate vendored relay list
-	cargo run --release --locked \
-	    -p mullvad-api --bin relay_list \
-	    --target "$CHOST" \
-	    > "$builddir/relays.json"
 }
 
 check() {
@@ -77,40 +61,31 @@ check() {
 }
 
 package() {
-	install -m755 -D "$_cargo_release_dir/mullvad" \
+	install -m755 -Dt "$pkgdir/usr/bin/" \
-		"$pkgdir/usr/bin/mullvad"
+		"$_cargo_release_dir/mullvad" \
+		"$_cargo_release_dir/mullvad-daemon" \
+		"$_cargo_release_dir/mullvad-problem-report" \
+		"$_cargo_release_dir/mullvad-setup"		
 
-	install -m755 -D "$_cargo_release_dir/mullvad-daemon" \
+	# TODO: Bundle a relay list.
-		"$pkgdir/usr/bin/mullvad-daemon"
+	# We can't generate one at build time since that would break build reproducibility.
+	# Once mullvad starts checking a relay list into their release branches, we can bundle that.
+	#install -m644 -D "$builddir/<todo>/relays.json" \
+	#	"$pkgdir/usr/share/mullvad-vpn/relays.json"
+	# TODO: Copy relay list into /var/cache/ in post-upgrade/post-install
 
-	install -m755 -D "$_cargo_release_dir/mullvad-problem-report" \
+	# files in /usr/lib/systemd/ are automatically put in systemd subpackage
-		"$pkgdir/usr/bin/mullvad-problem-report"
+	install -m755 -Dt "$pkgdir/usr/lib/systemd/system/" \
-
+		"$builddir/dist-assets/linux/mullvad-daemon.service" \
-	install -m755 -D "$_cargo_release_dir/mullvad-setup" \
+		"$builddir/dist-assets/linux/mullvad-early-boot-blocking.service"
-		"$pkgdir/usr/bin/mullvad-setup"
-
-	# Bundle the vendored relay list. It's copied to /var/cache/mullvad-vpn/ by the post-* scripts.
-	install -m644 -D "$builddir/relays.json" \
-		"$pkgdir/usr/share/mullvad-vpn/relays.json"
-}
-
-systemd() {
-	pkgdesc="systemd service files for Mullvad VPN"
-	depends="$pkgname=$pkgver-r$pkgrel"
-
-	install -m755 -D "$startdir/mullvadvpn-app/dist-assets/linux/mullvad-daemon.service" \
-		"$subpkgdir/usr/lib/systemd/system/mullvad-daemon.service"
-
-	install -m755 -D "$startdir/mullvadvpn-app/dist-assets/linux/mullvad-early-boot-blocking.service" \
-		"$subpkgdir/usr/lib/systemd/system/mullvad-early-boot-blocking.service"
 }
 
 suid() {
 	pkgdesc="mullvad-exclude cli for split tunneling"
 	depends="$pkgname=$pkgver-r$pkgrel"
 
-	install -m4755 -D "$_cargo_release_dir/mullvad-exclude" \
+	install -m4755 -Dt "$subpkgdir/usr/bin/" \
-		"$subpkgdir/usr/bin/mullvad-exclude"
+		"$_cargo_release_dir/mullvad-exclude"
 }
 
 sha512sums="

mullvad-vpn-daemon/mullvad-vpn-daemon-systemd.post-install

@@ -1,12 +1,9 @@
-#!/usr/bin/env bash
+#!/bin/sh
 set -eu
 
-# Are we running systemd?
+# Enable and start systemd services
-if which systemctl &> /dev/null && systemctl is-system-running | grep -vq offline &> /dev/null; then
+if which systemctl >/dev/null 2>&1 && systemctl is-system-running | grep -vq offline >/dev/null 2>&1; then
-    # Does `mullvad-daemon.service` exist?
-    if systemctl list-unit-files mullvad-daemon.service &> /dev/null; then
   systemctl enable "/usr/lib/systemd/system/mullvad-daemon.service"
   systemctl start mullvad-daemon.service || echo "Failed to start mullvad-daemon.service"
   systemctl enable "/usr/lib/systemd/system/mullvad-early-boot-blocking.service"
-    fi
 fi

mullvad-vpn-daemon/mullvad-vpn-daemon-systemd.post-upgrade

@@ -1,12 +1,9 @@
-#!/usr/bin/env bash
+#!/bin/sh
 set -eu
 
-# Are we running systemd?
+# Enable and start systemd services
-if which systemctl &> /dev/null && systemctl is-system-running | grep -vq offline &> /dev/null; then
+if which systemctl >/dev/null 2>&1 && systemctl is-system-running | grep -vq offline >/dev/null 2>&1; then
-    # Does `mullvad-daemon.service` exist?
-    if systemctl list-unit-files mullvad-daemon.service &> /dev/null; then
   systemctl enable "/usr/lib/systemd/system/mullvad-daemon.service"
   systemctl start mullvad-daemon.service || echo "Failed to start mullvad-daemon.service"
   systemctl enable "/usr/lib/systemd/system/mullvad-early-boot-blocking.service"
-    fi
 fi

mullvad-vpn-daemon/mullvad-vpn-daemon-systemd.pre-deinstall

@@ -0,0 +1,8 @@
+#!/bin/sh
+set -eu
+
+# Stop and disable all mullvad services
+systemctl stop mullvad-daemon.service || true
+systemctl disable mullvad-daemon.service || true
+systemctl stop mullvad-early-boot-blocking.service || true
+systemctl disable mullvad-early-boot-blocking.service || true

mullvad-vpn-daemon/mullvad-vpn-daemon.post-deinstall

@@ -1,9 +0,0 @@
-#!/usr/bin/env bash
-set -eu
-
-rm -r --interactive=never /var/log/mullvad-vpn/ || \
-  echo "Failed to remove mullvad-vpn logs"
-rm -r --interactive=never /var/cache/mullvad-vpn/ || \
-  echo "Failed to remove mullvad-vpn cache"
-rm -r --interactive=never /etc/mullvad-vpn || \
-  echo "Failed to remove mullvad-vpn config"

mullvad-vpn-daemon/mullvad-vpn-daemon.post-install

@@ -1,7 +1,8 @@
-#!/usr/bin/env bash
+#!/bin/sh
 set -eu
 
-# Overwrite the cached relay list with the one embedded in the package.
+# TODO: see `package()` in APKBUILD
-mkdir -p /var/cache/mullvad-vpn \
+# Copy vendored relay list into place
-  && cp /usr/share/mullvad-vpn/relays.json /var/cache/mullvad-vpn/relays.json \
+# mkdir -p /var/cache/mullvad-vpn \
-  || echo "failed to install /var/cache/mullvad-vpn/relays.json"
+#   && cp /usr/share/mullvad-vpn/relays.json /var/cache/mullvad-vpn/relays.json \
+#   || echo "failed to install /var/cache/mullvad-vpn/relays.json"

mullvad-vpn-daemon/mullvad-vpn-daemon.post-upgrade

@@ -1,6 +1,8 @@
-#!/usr/bin/env bash
+#!/bin/sh
 set -eu
 
-# Overwrite the cached relay list with the one embedded in the package.
+# TODO: see `package()` in APKBUILD
-mkdir /var/cache/mullvad-vpn
+# Overwrite the cached relay list with the vendored one.
-cp /usr/share/mullvad-vpn/relays.json /var/cache/mullvad-vpn/relays.json
+# mkdir -p /var/cache/mullvad-vpn \
+#   && cp /usr/share/mullvad-vpn/relays.json /var/cache/mullvad-vpn/relays.json \
+#   || echo "failed to install /var/cache/mullvad-vpn/relays.json"

mullvad-vpn-daemon/mullvad-vpn-daemon.pre-deinstall

@@ -1,11 +1,6 @@
-#!/usr/bin/env bash
+#!/bin/sh
 set -eu
 
-# the user might've disabled or stopped the service themselves already
+# Log out and remove any firewall rules
-systemctl stop mullvad-daemon.service || true
-systemctl disable mullvad-daemon.service || true
-systemctl stop mullvad-early-boot-blocking.service || true
-systemctl disable mullvad-early-boot-blocking.service || true
-
 mullvad-setup reset-firewall || echo "Failed to reset firewall"
 mullvad-setup remove-device || echo "Failed to remove device from account"

mullvad-vpn-daemon/mullvad-vpn-daemon.pre-upgrade

@@ -1,10 +1,10 @@
-#!/usr/bin/env bash
+#!/bin/sh
 set -eu
 
-# Are we running systemd?
+# Stop the daemon gracefully, and set up firewall rules to prevent network
-if which systemctl &> /dev/null && systemctl is-system-running | grep -vq offline &> /dev/null; then
+# leaks during upgrade.
-    # Is `mullvad-daemon.service` running?
+if which systemctl >/dev/null 2>&1 && systemctl is-system-running | grep -vq offline >/dev/null 2>&1; then
-    if systemctl status mullvad-daemon &> /dev/null; then
+    if systemctl status mullvad-daemon >/dev/null 2>&1; then
         mullvad-setup prepare-restart || true
         systemctl stop mullvad-daemon.service
         systemctl disable mullvad-daemon.service
@@ -14,5 +14,5 @@ if which systemctl &> /dev/null && systemctl is-system-running | grep -vq offlin
     fi
 fi
 
-# Since we are upgrading mullvad-daemon, it will probably have current IP baked into itself.
+# Clear the cached API IP address.
 rm -f /var/cache/mullvad-vpn/api-ip-address.txt