chore: add debian packaging recipe

2021-09-17 11:33:17 +02:00 · 2021-09-17 11:33:17 +02:00 · bd2c94fc15
parent fb981c5df9
commit bd2c94fc15
6 changed files with 187 additions and 0 deletions
--- a/conf/hydra-werther.conf
+++ b/conf/hydra-werther.conf
@ -0,0 +1,119 @@
+#WERTHER_DEV_MODE=
+  # [description] a development mode
+  # [type]        True or False
+  # [default]     false
+  # [required]
+
+#WERTHER_LISTEN=
+  # [description] a host and port to listen on (<host>:<port>)
+  # [type]        String
+  # [default]     :8080
+  # [required]
+
+WERTHER_IDENTP_HYDRA_URL=http://localhost:4445/
+  # [description] an admin URL of ORY Hydra Server
+  # [type]        String
+  # [default]     
+  # [required]    true
+
+#WERTHER_IDENTP_SESSION_TTL=
+  # [description] a user session's TTL
+  # [type]        Duration
+  # [default]     24h
+  # [required]    
+
+#WERTHER_IDENTP_CLAIM_SCOPES=
+  # [description] a mapping of OpenID Connect claims to scopes (all claims are URL encoded)
+  # [type]        Comma-separated list of String:String pairs
+  # [default]     name:profile,family_name:profile,given_name:profile,email:email,https%3A%2F%2Fgithub.com%2Fi-core%2Fwerther%2Fclaims%2Froles:roles
+  # [required]    
+
+WERTHER_LDAP_ENDPOINTS=localhost:389
+  # [description] a LDAP's server URLs as "<address>:<port>"
+  # [type]        Comma-separated list of String
+  # [default]     
+  # [required]    true
+
+WERTHER_LDAP_BINDDN=
+  # [description] a LDAP bind DN
+  # [type]        String
+  # [default]     
+  # [required]    
+
+WERTHER_LDAP_BINDPW=
+  # [description] a LDAP bind password
+  # [type]        String
+  # [default]     
+  # [required]    
+
+WERTHER_LDAP_BASEDN=ou=users,dc=myorg,dc=com
+  # [description] a LDAP base DN for searching users
+  # [type]        String
+  # [default]     
+  # [required]    true
+
+#WERTHER_LDAP_USER_SEARCH_QUERY=
+  # [description] the user search query
+  # [type]        String
+  # [default]     (&(|(objectClass=organizationalPerson)(objectClass=inetOrgPerson))(|(uid=%[1]s)(mail=%[1]s)(userPrincipalName=%[1]s)(sAMAccountName=%[1]s)))
+  # [required]
+
+#WERTHER_LDAP_ATTR_CLAIMS=
+  # [description] a mapping of LDAP attributes to OpenID connect claims
+  # [type]        Comma-separated list of String:String pairs
+  # [default]     name:name,sn:family_name,givenName:given_name,mail:email
+  # [required]    
+
+WERTHER_LDAP_ROLE_BASEDN=ou=groups,dc=myorg,dc=com
+  # [description] a LDAP base DN for searching roles
+  # [type]        String
+  # [default]     
+  # [required]    true
+
+#WERTHER_LDAP_ROLE_SEARCH_QUERY=
+  # [description] the role search query
+  # [type]        String
+  # [default]     (|(&(|(objectClass=group)(objectClass=groupOfNames))(member=%[1]s))(&(objectClass=groupOfUniqueNames)(uniqueMember=%[1]s)))
+  # [required] 
+
+#WERTHER_LDAP_ROLE_ATTR=
+  # [description] a LDAP group's attribute that contains a role's name
+  # [type]        String
+  # [default]     description
+  # [required]    
+
+#WERTHER_LDAP_ROLE_CLAIM=
+  # [description] a name of an OpenID Connect claim that contains user roles
+  # [type]        String
+  # [default]     https://github.com/i-core/werther/claims/roles
+  # [required]    
+
+#WERTHER_LDAP_CACHE_SIZE=
+  # [description] a user info cache's size in KiB
+  # [type]        Integer
+  # [default]     512
+  # [required]    
+
+#WERTHER_LDAP_CACHE_TTL=
+  # [description] a user info cache TTL
+  # [type]        Duration
+  # [default]     30m
+  # [required]    
+
+#WERTHER_LDAP_IS_TLS=
+  # [description] should LDAP connection be established via TLS
+  # [type]        True or False
+  # [default]     false
+  # [required]    
+
+#WERTHER_WEB_DIR=
+  # [description] a path to an external web directory
+  # [type]        String
+  # [default]     
+  # [required]    
+
+#WERTHER_WEB_BASE_PATH=
+  # [description] a base path of web pages
+  # [type]        String
+  # [default]     /
+  # [required]
--- a/debian/compat
+++ b/debian/compat
@ -0,0 +1 @@
+9
--- a/debian/control
+++ b/debian/control
@ -0,0 +1,14 @@
+Source: hydra-werther
+Section: unknown
+Priority: optional
+Maintainer: Cadoles <contact@cadoles.com>
+Build-Depends: debhelper (>= 8.0.0), wget, ca-certificates, tar
+Standards-Version: 3.9.4
+Homepage: http://forge.cadoles.com/Cadoles/hydra-werther
+Vcs-Git: http://forge.cadoles.com/Cadoles/hydra-werther.git
+Vcs-Browser: http://forge.cadoles.com/Cadoles/hydra-werther
+
+Package: hydra-werther
+Architecture: amd64
+Depends: ${shlibs:Depends}, ${misc:Depends}, ssl-cert
+Description: Hydra identity provider backed by LDAP compatible server
--- a/debian/hydra-werther.service
+++ b/debian/hydra-werther.service
@ -0,0 +1,12 @@
+[Unit]
+Description=Run Hydra Werther login/consent/logout app
+After=network-online.target
+
+[Service]
+Type=simple
+EnvironmentFile=/etc/hydra-werther/hydra-werther.conf
+ExecStart=/usr/bin/hydra-werther
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target
--- a/debian/rules
+++ b/debian/rules
@ -0,0 +1,40 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+
+# Uncomment this to turn on verbose mode.
+export DH_VERBOSE=1
+
+GO_VERSION := 1.17.1
+OS := linux
+ARCH := amd64
+GOPATH=$(HOME)/go
+
+ifeq (, $(shell which go 2>/dev/null))
+override_dh_auto_build: install-go
+endif
+
+%:
+	dh $@ --with systemd
+
+install-go:
+	wget https://dl.google.com/go/go$(GO_VERSION).$(OS)-$(ARCH).tar.gz
+	tar -C /usr/local -xzf go$(GO_VERSION).$(OS)-$(ARCH).tar.gz
+
+override_dh_auto_build: $(GOPATH)
+	GOPATH=$(GOPATH) PATH="$(PATH):/usr/local/go/bin:$(GOPATH)/bin" DISTS=$(OS)/$(ARCH) make
+
+$(GOPATH):
+	mkdir -p $(GOPATH)
+
+override_dh_auto_install:
+	mkdir -p debian/hydra-werther/usr/bin
+	mkdir -p debian/hydra-werther/etc/hydra-werther
+
+	cp bin/werther_$(OS)_$(ARCH) debian/hydra-werther/usr/bin/hydra-werther
+	cp conf/hydra-werther.conf debian/hydra-werther/etc/hydra-werther
+
+	install -d debian/hydra-werther
+
+override_dh_strip:
+
+override_dh_auto_test:
--- a/debian/source/format
+++ b/debian/source/format
@ -0,0 +1 @@
+3.0 (native)