added basic debian package setup and pipeline

This commit is contained in:
Oscar Krause 2022-12-22 10:41:07 +01:00
parent d6d4cbc74a
commit f0fdfafaed
6 changed files with 156 additions and 3 deletions

View File

@ -1,7 +1,28 @@
cache: cache:
key: one-key-to-rule-them-all key: one-key-to-rule-them-all
build: build:debian:
# debian:bullseye-slim
image: debian:bookworm-slim # just to get "python3-jose" working
stage: build
before_script:
- apt-get update -qq && apt-get install -qq -y build-essential
- chmod 0755 -R .
# create build directory for .deb sources
- mkdir build
# copy install instructions
- cp -r DEBIAN build/
# copy app
- mkdir -p build/usr/share/
- cp -r app build/usr/share/fastapi-dls
script:
- dpkg -b . build.deb
artifacts:
expire_in: 1 week
paths:
- build.deb
build:docker:
image: docker:dind image: docker:dind
interruptible: true interruptible: true
stage: build stage: build
@ -15,10 +36,27 @@ build:
- docker build . --tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF} - docker build . --tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF}
- docker push ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF} - docker push ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF}
test: test:debian:
image: debian:bookworm-slim
stage: test stage: test
needs:
- job: build:debian
artifacts: true
before_script:
- apt-get update -qq && apt-get install -qq -y jq # systemd
script: script:
- echo "Nothing to do ..." # test installation
- apt-get install -q -y ./build.deb --fix-missing
# copy example config from GitLab-CI-Variables
#- cat ${EXAMPLE_CONFIG} > /etc/fastapi-dls/env
#- systemctl daemon-reload
#- systemctl enable fastapi-dls.service
#- systemctl start fastapi-dls.service
#- if [ "`curl --insecure -s https://localhost:8000/status | jq .status`" != "up" ]; then exit 2; fi
#- systemctl stop fastapi-dls.service
#- systemctl disable fastapi-dls.service
- apt-get purge -qq -y fastapi-dls
- apt-get autoremove -qq -y && apt-get clean -qq
deploy: deploy:
stage: deploy stage: deploy

8
DEBIAN/conffiles Normal file
View File

@ -0,0 +1,8 @@
/etc/systemd/system/fastapi-dls.service
/etc/fastapi-dls/env
/etc/fastapi-dls/instance.private.pem
/etc/fastapi-dls/instance.public.pem
/etc/fastapi-dls/webserver.key
/etc/fastapi-dls/webserver.crt
# todo

9
DEBIAN/control Normal file
View File

@ -0,0 +1,9 @@
Package: fastapi-dls
Version: 0.5
Architecture: all
Maintainer: Oscar Krause oscar.krause@collinwebdesigns.de
Depends: python3, python3-fastapi, python3-uvicorn, python3-dotenv, python3-dateutil, python3-jose, uvicorn, openssl
Recommends: curl
Installed-Size: 10240
Homepage: https://git.collinwebdesigns.de/oscar.krause/fastapi-dls
Description: Minimal Delegated License Service (DLS).

85
DEBIAN/postinst Normal file
View File

@ -0,0 +1,85 @@
#!/bin/bash
echo "> Install service ..."
echo <<EOF >/etc/systemd/system/fastapi-dls.service
[Unit]
Description=Service for fastapi-dls
After=network.target
[Service]
User=www-data
Group=www-data
WorkingDirectory=/usr/share/fastapi-dls
ExecStart=uvicorn \
--host $DLS_URL --port $DLS_PORT \
--app-dir /usr/share/fastapi-dls/app \
--ssl-keyfile /etc/fastapi-dls/webserver.key \
--ssl-certfile /opt/fastapi-dls/webserver.crt \
--proxy-headers
EnvironmentFile=/etc/fastapi-dls.env
Restart=always
KillSignal=SIGQUIT
Type=notify
StandardError=syslog
NotifyAccess=all
[Install]
WantedBy=multi-user.target
EOF
CONFIG_DIR=/etc/fastapi-dls
echo "> Create config directory ..."
mkdir -p $CONFIG_DIR
echo "> Writing default config parameters ..."
touch $CONFIG_DIR/fastapi-dls.env
echo <<EOF >$CONFIG_DIR
DLS_URL=127.0.0.1
DLS_PORT=443
LEASE_EXPIRE_DAYS=90
DATABASE=sqlite:////usr/share/fastapi-dls/db.sqlite
EOF
echo "> Create dls-instance keypair ..."
openssl genrsa -out $CONFIG_DIR/instance.private.pem 2048
openssl rsa -in $CONFIG_DIR/instance.private.pem -outform PEM -pubout -out $CONFIG_DIR/instance.public.pem
while true; do
read -p "> Do you wish to create self-signed webserver certificate? [y/n]" yn
case $yn in
[Yy]*)
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout $CONFIG_DIR/webserver.key -out $CONFIG_DIR/webserver.crt
break
;;
[Nn]*) break ;;
*) echo "Please answer [y] or [n]." ;;
esac
done
if [[ -f $CONFIG_DIR/webserver.key ]]; then
echo "> Starting service ..."
systemctl start fastapi-dls.service
if [ -x "$(command -v curl)" ]; then
echo "> Testing API ..."
curl --insecure -X GET https://127.0.0.1/status
else
echo "> Testing API failed, curl not available. Please test manually!"
fi
fi
cat <<EOF
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
# #
# fastapi-dls is now installed. #
# #
# Service should be up and running. #
# Webservice is listen to https://localhost #
# #
# Configuration is stored in ${CONFIG_DIR}/env #
# #
# #
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
EOF

8
DEBIAN/postrm Executable file
View File

@ -0,0 +1,8 @@
#!/bin/bash
if [[ -d /etc/fastapi-dls ]]; then
echo "> Removing config directory."
rm -r /etc/fastapi-dls
fi
# todo

5
DEBIAN/prerm Executable file
View File

@ -0,0 +1,5 @@
#!/bin/bash
echo -e "> Starting uninstallation of 'fastapi-dls'!"
# todo