added basic debian package setup and pipeline

2022-12-22 10:41:07 +01:00 · 2022-12-22 10:41:07 +01:00 · f0fdfafaed
commit f0fdfafaed
parent d6d4cbc74a
6 changed files with 156 additions and 3 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -1,7 +1,28 @@
 cache:
  key: one-key-to-rule-them-all

-build:
+build:debian:
+  # debian:bullseye-slim
+  image: debian:bookworm-slim  # just to get "python3-jose" working
+  stage: build
+  before_script:
+    - apt-get update -qq && apt-get install -qq -y build-essential
+    - chmod 0755 -R .
+    # create build directory for .deb sources
+    - mkdir build
+    # copy install instructions
+    - cp -r DEBIAN build/
+    # copy app
+    - mkdir -p build/usr/share/
+    - cp -r app build/usr/share/fastapi-dls
+  script:
+    - dpkg -b . build.deb
+  artifacts:
+    expire_in: 1 week
+    paths:
+      - build.deb
+
+build:docker:
  image: docker:dind
  interruptible: true
  stage: build
@ -15,10 +36,27 @@ build:
    - docker build . --tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF}
    - docker push ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF}

-test:
+test:debian:
+  image: debian:bookworm-slim
  stage: test
+  needs:
+    - job: build:debian
+      artifacts: true
+  before_script:
+    - apt-get update -qq && apt-get install -qq -y jq  # systemd
  script:
-    - echo "Nothing to do ..."
+    # test installation
+    - apt-get install -q -y ./build.deb --fix-missing
+    # copy example config from GitLab-CI-Variables
+    #- cat ${EXAMPLE_CONFIG} > /etc/fastapi-dls/env
+    #- systemctl daemon-reload
+    #- systemctl enable fastapi-dls.service
+    #- systemctl start fastapi-dls.service
+    #- if [ "`curl --insecure -s https://localhost:8000/status | jq .status`" != "up" ]; then exit 2; fi
+    #- systemctl stop fastapi-dls.service
+    #- systemctl disable fastapi-dls.service
+    - apt-get purge -qq -y fastapi-dls
+    - apt-get autoremove -qq -y && apt-get clean -qq

 deploy:
  stage: deploy
--- a/DEBIAN/conffiles
+++ b/DEBIAN/conffiles
@ -0,0 +1,8 @@
+/etc/systemd/system/fastapi-dls.service
+/etc/fastapi-dls/env
+/etc/fastapi-dls/instance.private.pem
+/etc/fastapi-dls/instance.public.pem
+/etc/fastapi-dls/webserver.key
+/etc/fastapi-dls/webserver.crt
+
+# todo
--- a/DEBIAN/control
+++ b/DEBIAN/control
@ -0,0 +1,9 @@
+Package: fastapi-dls
+Version: 0.5
+Architecture: all
+Maintainer: Oscar Krause oscar.krause@collinwebdesigns.de
+Depends: python3, python3-fastapi, python3-uvicorn, python3-dotenv, python3-dateutil, python3-jose, uvicorn, openssl
+Recommends: curl
+Installed-Size: 10240
+Homepage: https://git.collinwebdesigns.de/oscar.krause/fastapi-dls
+Description: Minimal Delegated License Service (DLS).
--- a/DEBIAN/postinst
+++ b/DEBIAN/postinst
@ -0,0 +1,85 @@
+#!/bin/bash
+
+echo "> Install service ..."
+echo <<EOF >/etc/systemd/system/fastapi-dls.service
+[Unit]
+Description=Service for fastapi-dls
+After=network.target
+
+[Service]
+User=www-data
+Group=www-data
+WorkingDirectory=/usr/share/fastapi-dls
+ExecStart=uvicorn \
+  --host $DLS_URL --port $DLS_PORT \
+  --app-dir /usr/share/fastapi-dls/app \
+  --ssl-keyfile /etc/fastapi-dls/webserver.key \
+  --ssl-certfile /opt/fastapi-dls/webserver.crt \
+  --proxy-headers
+EnvironmentFile=/etc/fastapi-dls.env
+Restart=always
+KillSignal=SIGQUIT
+Type=notify
+StandardError=syslog
+NotifyAccess=all
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+CONFIG_DIR=/etc/fastapi-dls
+
+echo "> Create config directory ..."
+mkdir -p $CONFIG_DIR
+
+echo "> Writing default config parameters ..."
+touch $CONFIG_DIR/fastapi-dls.env
+echo <<EOF >$CONFIG_DIR
+DLS_URL=127.0.0.1
+DLS_PORT=443
+LEASE_EXPIRE_DAYS=90
+DATABASE=sqlite:////usr/share/fastapi-dls/db.sqlite
+EOF
+
+echo "> Create dls-instance keypair ..."
+openssl genrsa -out $CONFIG_DIR/instance.private.pem 2048
+openssl rsa -in $CONFIG_DIR/instance.private.pem -outform PEM -pubout -out $CONFIG_DIR/instance.public.pem
+
+while true; do
+  read -p "> Do you wish to create self-signed webserver certificate? [y/n]" yn
+  case $yn in
+  [Yy]*)
+    openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout $CONFIG_DIR/webserver.key -out $CONFIG_DIR/webserver.crt
+    break
+    ;;
+  [Nn]*) break ;;
+  *) echo "Please answer [y] or [n]." ;;
+  esac
+done
+
+if [[ -f $CONFIG_DIR/webserver.key ]]; then
+  echo "> Starting service ..."
+  systemctl start fastapi-dls.service
+
+  if [ -x "$(command -v curl)" ]; then
+    echo "> Testing API ..."
+    curl --insecure -X GET https://127.0.0.1/status
+  else
+    echo "> Testing API failed, curl not available. Please test manually!"
+  fi
+fi
+
+cat <<EOF
+
+# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
+#                                                                             #
+#    fastapi-dls is now installed.                                            #
+#                                                                             #
+#    Service should be up and running.                                        #
+#      Webservice is listen to https://localhost                              #
+#                                                                             #
+#    Configuration is stored in ${CONFIG_DIR}/env                             #
+#                                                                             #
+#                                                                             #
+# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
+EOF
--- a/DEBIAN/postrm
+++ b/DEBIAN/postrm
@ -0,0 +1,8 @@
+#!/bin/bash
+
+if [[ -d /etc/fastapi-dls ]]; then
+  echo "> Removing config directory."
+  rm -r /etc/fastapi-dls
+fi
+
+# todo
--- a/DEBIAN/prerm
+++ b/DEBIAN/prerm
@ -0,0 +1,5 @@
+#!/bin/bash
+
+echo -e "> Starting uninstallation of 'fastapi-dls'!"
+
+# todo