Better integration with tamarin local instance

This commit is contained in:
Benjamin Bohard 2019-12-31 11:03:24 +01:00
parent bef4b3136b
commit ed1e4458ac
6 changed files with 51 additions and 12 deletions

View File

@ -1,7 +1,7 @@
FROM debian:stretch
MAINTAINER Benjamin Bohard
RUN apt update && apt install -y ca-certificates gnupg1 && apt clean
RUN apt update && apt install -y ca-certificates gnupg1 incron && apt clean
COPY etc/aptly.sources.list /etc/apt/sources.list.d/aptly.list
RUN apt-key adv --keyserver pool.sks-keyservers.net --recv-keys ED75B5A4483DA07C
RUN apt update && apt install -y aptly && apt clean
@ -11,6 +11,9 @@ EXPOSE 8080
COPY etc/aptly.conf /etc/aptly.conf
COPY etc/gpg.conf /root/.gnupg/gpg.conf
COPY etc/gpg-agent.conf /root/.gnupg/gpg-agent.conf
COPY srv/aptly.sh /srv/aptly.sh
COPY srv/aptly_init.sh /srv/aptly_init.sh
COPY srv/aptly_add.sh /srv/aptly_add.sh
CMD ["/srv/aptly.sh"]
COPY etc/incron.d/aptly.conf /etc/incron.d/aptly.conf
CMD ["/srv/aptly_init.sh"]

View File

@ -1,11 +1,11 @@
#!/bin/bash
function usage {
echo "usage:"
echo "aptly.boot <port> <packages_folder> <gpg_folder>"
echo "aptly.boot <port> <packages_folder> <dataset_folder>"
echo
echo "port: tcp port to publish repository"
echo "packages_folder: folder to mount containing packages"
echo "gpg_folder: folder where to write repository public key"
echo "dataset_folder: folder where to write repository public key and source list"
echo
exit 0
}
@ -17,7 +17,7 @@ fi
PORT=$1
PACKAGES_FOLDER="$(realpath $2)"
GPG_FOLDER="$(realpath ./gpg)"
DATASET_FOLDER="$(realpath $3)"
if [ ! -e "${PACKAGES_FOLDER}" ]
then
@ -25,12 +25,12 @@ then
echo "${PACKAGES_FOLDER} est vide"
fi
if [ ! -e "${GPG_FOLDER}" ]
if [ ! -e "${DATASET_FOLDER}" ]
then
mkdir "${GPG_FOLDER}"
mkdir "${DATASET_FOLDER}"
fi
container_id=$(docker run -d -v ${PACKAGES_FOLDER}:/packages -v ${GPG_FOLDER}:/signing-key -p $PORT:8080 -e USER_EMAIL="$(git config user.email)" -e USER_NAME="$(git config user.name)" -e PASSPHRASE="$(pwgen -1 -n 20)" cadoles/aptly:dev)
container_id=$(docker run -d -v ${PACKAGES_FOLDER}:/packages:z -v ${DATASET_FOLDER}:/signing-key:z -p $PORT:8080 -e USER_EMAIL="$(git config user.email)" -e USER_NAME="$(git config user.name)" -e PASSPHRASE="$(pwgen -1 -n 20)" cadoles/aptly:dev)
docker ps -q --no-trunc | grep -q ${container_id}
res=$?
@ -39,11 +39,12 @@ if [ "${res}" -eq 0 ]
then
echo "container with id $container_id started"
echo "Send ${GPG_FOLDER}/dev.pubkey to remote host, load it in gpg ring with apt-key"
echo "Send ${DATASET_FOLDER}/aptly.key to remote host, load it in gpg ring with apt-key"
echo "and add repo to apt source list"
echo "echo \"deb [arch=amd64] http://$(ip -f inet address show dev enp5s0 | grep -Po 'inet \K[\d.]+'):${PORT}/ ubuntu main\" > /etc/apt/sources.list.d/add.list"
echo "echo \"deb [arch=amd64] http://$(ip -f inet address show dev enp5s0 | grep -Po 'inet \K[\d.]+'):${PORT}/ ubuntu main\" > /etc/apt/sources.list.d/aptly.list"
echo "deb [arch=amd64] http://$(ip -f inet address show dev enp5s0 | grep -Po 'inet \K[\d.]+'):${PORT}/ ubuntu main" > ${DATASET_FOLDER}/aptly.list
else
echo "container not started"
fi

13
etc/containerpilot.json5 Normal file
View File

@ -0,0 +1,13 @@
{
jobs: [
{
name: "aptly_init",
exec: "/srv/aptly.sh",
},
{
name: "incron",
restart: "always",
exec: "/usr/bin/incrond -n"
}
]
}

1
etc/incron.d/aptly.conf Normal file
View File

@ -0,0 +1 @@
/packages IN_ALL_EVENTS /srv/aptly_add.sh $@ $# $%

19
srv/aptly_add.sh Normal file
View File

@ -0,0 +1,19 @@
#!/bin/bash
target=$1/$2
extension"${2##*.}"
events=$3
echo $extension
echo $events
echo $target
if [[ "${extension}" = "deb" ]] && ([[ "$events" =~ "IN_CREATE" ]] || [[ "$events" =~ "IN_MOVED_TO" ]])
then
echo adding $target
aptly repo add dev $target
aptly publish update dev --batch --passphrase="$PASSPHRASE"
else
echo not adding $target
fi
exit 0

View File

@ -1,5 +1,7 @@
#!/bin/bash
/usr/sbin/incrond
cat >keyparms <<EOF
%echo Generating a basic OpenPGP key
Key-Type: DSA
@ -16,7 +18,7 @@ cat >keyparms <<EOF
EOF
export PINENTRY_USER_DATA="USE_CURSES=1"
gpg1 --gen-key --batch keyparms
gpg1 --export --armor > /signing-key/dev.pubkey
gpg1 --export --armor > /signing-key/aptly.key
aptly repo create --component="main" --distribution="ubuntu" dev
aptly repo add dev /packages