Better integration with tamarin local instance
This commit is contained in:
parent
bef4b3136b
commit
ed1e4458ac
@ -1,7 +1,7 @@
|
||||
FROM debian:stretch
|
||||
MAINTAINER Benjamin Bohard
|
||||
|
||||
RUN apt update && apt install -y ca-certificates gnupg1 && apt clean
|
||||
RUN apt update && apt install -y ca-certificates gnupg1 incron && apt clean
|
||||
COPY etc/aptly.sources.list /etc/apt/sources.list.d/aptly.list
|
||||
RUN apt-key adv --keyserver pool.sks-keyservers.net --recv-keys ED75B5A4483DA07C
|
||||
RUN apt update && apt install -y aptly && apt clean
|
||||
@ -11,6 +11,9 @@ EXPOSE 8080
|
||||
COPY etc/aptly.conf /etc/aptly.conf
|
||||
COPY etc/gpg.conf /root/.gnupg/gpg.conf
|
||||
COPY etc/gpg-agent.conf /root/.gnupg/gpg-agent.conf
|
||||
COPY srv/aptly.sh /srv/aptly.sh
|
||||
COPY srv/aptly_init.sh /srv/aptly_init.sh
|
||||
COPY srv/aptly_add.sh /srv/aptly_add.sh
|
||||
|
||||
CMD ["/srv/aptly.sh"]
|
||||
COPY etc/incron.d/aptly.conf /etc/incron.d/aptly.conf
|
||||
|
||||
CMD ["/srv/aptly_init.sh"]
|
||||
|
17
aptly.boot
17
aptly.boot
@ -1,11 +1,11 @@
|
||||
#!/bin/bash
|
||||
function usage {
|
||||
echo "usage:"
|
||||
echo "aptly.boot <port> <packages_folder> <gpg_folder>"
|
||||
echo "aptly.boot <port> <packages_folder> <dataset_folder>"
|
||||
echo
|
||||
echo "port: tcp port to publish repository"
|
||||
echo "packages_folder: folder to mount containing packages"
|
||||
echo "gpg_folder: folder where to write repository public key"
|
||||
echo "dataset_folder: folder where to write repository public key and source list"
|
||||
echo
|
||||
exit 0
|
||||
}
|
||||
@ -17,7 +17,7 @@ fi
|
||||
|
||||
PORT=$1
|
||||
PACKAGES_FOLDER="$(realpath $2)"
|
||||
GPG_FOLDER="$(realpath ./gpg)"
|
||||
DATASET_FOLDER="$(realpath $3)"
|
||||
|
||||
if [ ! -e "${PACKAGES_FOLDER}" ]
|
||||
then
|
||||
@ -25,12 +25,12 @@ then
|
||||
echo "${PACKAGES_FOLDER} est vide"
|
||||
fi
|
||||
|
||||
if [ ! -e "${GPG_FOLDER}" ]
|
||||
if [ ! -e "${DATASET_FOLDER}" ]
|
||||
then
|
||||
mkdir "${GPG_FOLDER}"
|
||||
mkdir "${DATASET_FOLDER}"
|
||||
fi
|
||||
|
||||
container_id=$(docker run -d -v ${PACKAGES_FOLDER}:/packages -v ${GPG_FOLDER}:/signing-key -p $PORT:8080 -e USER_EMAIL="$(git config user.email)" -e USER_NAME="$(git config user.name)" -e PASSPHRASE="$(pwgen -1 -n 20)" cadoles/aptly:dev)
|
||||
container_id=$(docker run -d -v ${PACKAGES_FOLDER}:/packages:z -v ${DATASET_FOLDER}:/signing-key:z -p $PORT:8080 -e USER_EMAIL="$(git config user.email)" -e USER_NAME="$(git config user.name)" -e PASSPHRASE="$(pwgen -1 -n 20)" cadoles/aptly:dev)
|
||||
|
||||
docker ps -q --no-trunc | grep -q ${container_id}
|
||||
res=$?
|
||||
@ -39,11 +39,12 @@ if [ "${res}" -eq 0 ]
|
||||
then
|
||||
echo "container with id $container_id started"
|
||||
|
||||
echo "Send ${GPG_FOLDER}/dev.pubkey to remote host, load it in gpg ring with apt-key"
|
||||
echo "Send ${DATASET_FOLDER}/aptly.key to remote host, load it in gpg ring with apt-key"
|
||||
|
||||
echo "and add repo to apt source list"
|
||||
|
||||
echo "echo \"deb [arch=amd64] http://$(ip -f inet address show dev enp5s0 | grep -Po 'inet \K[\d.]+'):${PORT}/ ubuntu main\" > /etc/apt/sources.list.d/add.list"
|
||||
echo "echo \"deb [arch=amd64] http://$(ip -f inet address show dev enp5s0 | grep -Po 'inet \K[\d.]+'):${PORT}/ ubuntu main\" > /etc/apt/sources.list.d/aptly.list"
|
||||
echo "deb [arch=amd64] http://$(ip -f inet address show dev enp5s0 | grep -Po 'inet \K[\d.]+'):${PORT}/ ubuntu main" > ${DATASET_FOLDER}/aptly.list
|
||||
else
|
||||
echo "container not started"
|
||||
fi
|
||||
|
13
etc/containerpilot.json5
Normal file
13
etc/containerpilot.json5
Normal file
@ -0,0 +1,13 @@
|
||||
{
|
||||
jobs: [
|
||||
{
|
||||
name: "aptly_init",
|
||||
exec: "/srv/aptly.sh",
|
||||
},
|
||||
{
|
||||
name: "incron",
|
||||
restart: "always",
|
||||
exec: "/usr/bin/incrond -n"
|
||||
}
|
||||
]
|
||||
}
|
1
etc/incron.d/aptly.conf
Normal file
1
etc/incron.d/aptly.conf
Normal file
@ -0,0 +1 @@
|
||||
/packages IN_ALL_EVENTS /srv/aptly_add.sh $@ $# $%
|
19
srv/aptly_add.sh
Normal file
19
srv/aptly_add.sh
Normal file
@ -0,0 +1,19 @@
|
||||
#!/bin/bash
|
||||
|
||||
target=$1/$2
|
||||
extension"${2##*.}"
|
||||
events=$3
|
||||
|
||||
echo $extension
|
||||
echo $events
|
||||
echo $target
|
||||
|
||||
if [[ "${extension}" = "deb" ]] && ([[ "$events" =~ "IN_CREATE" ]] || [[ "$events" =~ "IN_MOVED_TO" ]])
|
||||
then
|
||||
echo adding $target
|
||||
aptly repo add dev $target
|
||||
aptly publish update dev --batch --passphrase="$PASSPHRASE"
|
||||
else
|
||||
echo not adding $target
|
||||
fi
|
||||
exit 0
|
@ -1,5 +1,7 @@
|
||||
#!/bin/bash
|
||||
|
||||
/usr/sbin/incrond
|
||||
|
||||
cat >keyparms <<EOF
|
||||
%echo Generating a basic OpenPGP key
|
||||
Key-Type: DSA
|
||||
@ -16,7 +18,7 @@ cat >keyparms <<EOF
|
||||
EOF
|
||||
export PINENTRY_USER_DATA="USE_CURSES=1"
|
||||
gpg1 --gen-key --batch keyparms
|
||||
gpg1 --export --armor > /signing-key/dev.pubkey
|
||||
gpg1 --export --armor > /signing-key/aptly.key
|
||||
|
||||
aptly repo create --component="main" --distribution="ubuntu" dev
|
||||
aptly repo add dev /packages
|
Loading…
Reference in New Issue
Block a user