From bd2c94fc151a43c816fbfa15a429ef535081c171 Mon Sep 17 00:00:00 2001
From: William Petit <wpetit@cadoles.com>
Date: Fri, 17 Sep 2021 11:33:17 +0200
Subject: [PATCH] chore: add debian packaging recipe

---
 conf/hydra-werther.conf      | 119 +++++++++++++++++++++++++++++++++++
 debian/compat                |   1 +
 debian/control               |  14 +++++
 debian/hydra-werther.service |  12 ++++
 debian/rules                 |  40 ++++++++++++
 debian/source/format         |   1 +
 6 files changed, 187 insertions(+)
 create mode 100644 conf/hydra-werther.conf
 create mode 100644 debian/compat
 create mode 100644 debian/control
 create mode 100644 debian/hydra-werther.service
 create mode 100644 debian/rules
 create mode 100644 debian/source/format

diff --git a/conf/hydra-werther.conf b/conf/hydra-werther.conf
new file mode 100644
index 0000000..54f69a3
--- /dev/null
+++ b/conf/hydra-werther.conf
@@ -0,0 +1,119 @@
+#WERTHER_DEV_MODE=
+  # [description] a development mode
+  # [type]        True or False
+  # [default]     false
+  # [required]
+
+#WERTHER_LISTEN=
+  # [description] a host and port to listen on (<host>:<port>)
+  # [type]        String
+  # [default]     :8080
+  # [required]
+
+WERTHER_IDENTP_HYDRA_URL=http://localhost:4445/
+  # [description] an admin URL of ORY Hydra Server
+  # [type]        String
+  # [default]     
+  # [required]    true
+
+#WERTHER_IDENTP_SESSION_TTL=
+  # [description] a user session's TTL
+  # [type]        Duration
+  # [default]     24h
+  # [required]    
+
+#WERTHER_IDENTP_CLAIM_SCOPES=
+  # [description] a mapping of OpenID Connect claims to scopes (all claims are URL encoded)
+  # [type]        Comma-separated list of String:String pairs
+  # [default]     name:profile,family_name:profile,given_name:profile,email:email,https%3A%2F%2Fgithub.com%2Fi-core%2Fwerther%2Fclaims%2Froles:roles
+  # [required]    
+
+WERTHER_LDAP_ENDPOINTS=localhost:389
+  # [description] a LDAP's server URLs as "<address>:<port>"
+  # [type]        Comma-separated list of String
+  # [default]     
+  # [required]    true
+
+WERTHER_LDAP_BINDDN=
+  # [description] a LDAP bind DN
+  # [type]        String
+  # [default]     
+  # [required]    
+
+WERTHER_LDAP_BINDPW=
+  # [description] a LDAP bind password
+  # [type]        String
+  # [default]     
+  # [required]    
+
+WERTHER_LDAP_BASEDN=ou=users,dc=myorg,dc=com
+  # [description] a LDAP base DN for searching users
+  # [type]        String
+  # [default]     
+  # [required]    true
+
+#WERTHER_LDAP_USER_SEARCH_QUERY=
+  # [description] the user search query
+  # [type]        String
+  # [default]     (&(|(objectClass=organizationalPerson)(objectClass=inetOrgPerson))(|(uid=%[1]s)(mail=%[1]s)(userPrincipalName=%[1]s)(sAMAccountName=%[1]s)))
+  # [required]
+
+#WERTHER_LDAP_ATTR_CLAIMS=
+  # [description] a mapping of LDAP attributes to OpenID connect claims
+  # [type]        Comma-separated list of String:String pairs
+  # [default]     name:name,sn:family_name,givenName:given_name,mail:email
+  # [required]    
+
+WERTHER_LDAP_ROLE_BASEDN=ou=groups,dc=myorg,dc=com
+  # [description] a LDAP base DN for searching roles
+  # [type]        String
+  # [default]     
+  # [required]    true
+
+#WERTHER_LDAP_ROLE_SEARCH_QUERY=
+  # [description] the role search query
+  # [type]        String
+  # [default]     (|(&(|(objectClass=group)(objectClass=groupOfNames))(member=%[1]s))(&(objectClass=groupOfUniqueNames)(uniqueMember=%[1]s)))
+  # [required] 
+
+#WERTHER_LDAP_ROLE_ATTR=
+  # [description] a LDAP group's attribute that contains a role's name
+  # [type]        String
+  # [default]     description
+  # [required]    
+
+#WERTHER_LDAP_ROLE_CLAIM=
+  # [description] a name of an OpenID Connect claim that contains user roles
+  # [type]        String
+  # [default]     https://github.com/i-core/werther/claims/roles
+  # [required]    
+
+#WERTHER_LDAP_CACHE_SIZE=
+  # [description] a user info cache's size in KiB
+  # [type]        Integer
+  # [default]     512
+  # [required]    
+
+#WERTHER_LDAP_CACHE_TTL=
+  # [description] a user info cache TTL
+  # [type]        Duration
+  # [default]     30m
+  # [required]    
+
+#WERTHER_LDAP_IS_TLS=
+  # [description] should LDAP connection be established via TLS
+  # [type]        True or False
+  # [default]     false
+  # [required]    
+
+#WERTHER_WEB_DIR=
+  # [description] a path to an external web directory
+  # [type]        String
+  # [default]     
+  # [required]    
+
+#WERTHER_WEB_BASE_PATH=
+  # [description] a base path of web pages
+  # [type]        String
+  # [default]     /
+  # [required]
\ No newline at end of file
diff --git a/debian/compat b/debian/compat
new file mode 100644
index 0000000..ec63514
--- /dev/null
+++ b/debian/compat
@@ -0,0 +1 @@
+9
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..2ccb6bf
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,14 @@
+Source: hydra-werther
+Section: unknown
+Priority: optional
+Maintainer: Cadoles <contact@cadoles.com>
+Build-Depends: debhelper (>= 8.0.0), wget, ca-certificates, tar
+Standards-Version: 3.9.4
+Homepage: http://forge.cadoles.com/Cadoles/hydra-werther
+Vcs-Git: http://forge.cadoles.com/Cadoles/hydra-werther.git
+Vcs-Browser: http://forge.cadoles.com/Cadoles/hydra-werther
+
+Package: hydra-werther
+Architecture: amd64
+Depends: ${shlibs:Depends}, ${misc:Depends}, ssl-cert
+Description: Hydra identity provider backed by LDAP compatible server
diff --git a/debian/hydra-werther.service b/debian/hydra-werther.service
new file mode 100644
index 0000000..586427b
--- /dev/null
+++ b/debian/hydra-werther.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Run Hydra Werther login/consent/logout app
+After=network-online.target
+
+[Service]
+Type=simple
+EnvironmentFile=/etc/hydra-werther/hydra-werther.conf
+ExecStart=/usr/bin/hydra-werther
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file
diff --git a/debian/rules b/debian/rules
new file mode 100644
index 0000000..b07f7a4
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,40 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+
+# Uncomment this to turn on verbose mode.
+export DH_VERBOSE=1
+
+GO_VERSION := 1.17.1
+OS := linux
+ARCH := amd64
+GOPATH=$(HOME)/go
+
+ifeq (, $(shell which go 2>/dev/null))
+override_dh_auto_build: install-go
+endif
+
+%:
+	dh $@ --with systemd
+
+install-go:
+	wget https://dl.google.com/go/go$(GO_VERSION).$(OS)-$(ARCH).tar.gz
+	tar -C /usr/local -xzf go$(GO_VERSION).$(OS)-$(ARCH).tar.gz
+
+override_dh_auto_build: $(GOPATH)
+	GOPATH=$(GOPATH) PATH="$(PATH):/usr/local/go/bin:$(GOPATH)/bin" DISTS=$(OS)/$(ARCH) make
+
+$(GOPATH):
+	mkdir -p $(GOPATH)
+
+override_dh_auto_install:
+	mkdir -p debian/hydra-werther/usr/bin
+	mkdir -p debian/hydra-werther/etc/hydra-werther
+
+	cp bin/werther_$(OS)_$(ARCH) debian/hydra-werther/usr/bin/hydra-werther
+	cp conf/hydra-werther.conf debian/hydra-werther/etc/hydra-werther
+
+	install -d debian/hydra-werther
+
+override_dh_strip:
+
+override_dh_auto_test:
\ No newline at end of file
diff --git a/debian/source/format b/debian/source/format
new file mode 100644
index 0000000..9f67427
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (native)
\ No newline at end of file