From ed1e4458ac2e65e08cca639970124a7d44a9a65d Mon Sep 17 00:00:00 2001 From: Benjamin Bohard Date: Tue, 31 Dec 2019 11:03:24 +0100 Subject: [PATCH] Better integration with tamarin local instance --- Dockerfile | 9 ++++++--- aptly.boot | 17 +++++++++-------- etc/containerpilot.json5 | 13 +++++++++++++ etc/incron.d/aptly.conf | 1 + srv/aptly_add.sh | 19 +++++++++++++++++++ srv/{aptly.sh => aptly_init.sh} | 4 +++- 6 files changed, 51 insertions(+), 12 deletions(-) create mode 100644 etc/containerpilot.json5 create mode 100644 etc/incron.d/aptly.conf create mode 100644 srv/aptly_add.sh rename srv/{aptly.sh => aptly_init.sh} (89%) diff --git a/Dockerfile b/Dockerfile index e47fc56..7ca971b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ FROM debian:stretch MAINTAINER Benjamin Bohard -RUN apt update && apt install -y ca-certificates gnupg1 && apt clean +RUN apt update && apt install -y ca-certificates gnupg1 incron && apt clean COPY etc/aptly.sources.list /etc/apt/sources.list.d/aptly.list RUN apt-key adv --keyserver pool.sks-keyservers.net --recv-keys ED75B5A4483DA07C RUN apt update && apt install -y aptly && apt clean @@ -11,6 +11,9 @@ EXPOSE 8080 COPY etc/aptly.conf /etc/aptly.conf COPY etc/gpg.conf /root/.gnupg/gpg.conf COPY etc/gpg-agent.conf /root/.gnupg/gpg-agent.conf -COPY srv/aptly.sh /srv/aptly.sh +COPY srv/aptly_init.sh /srv/aptly_init.sh +COPY srv/aptly_add.sh /srv/aptly_add.sh -CMD ["/srv/aptly.sh"] +COPY etc/incron.d/aptly.conf /etc/incron.d/aptly.conf + +CMD ["/srv/aptly_init.sh"] diff --git a/aptly.boot b/aptly.boot index 4c0cb42..57ec715 100755 --- a/aptly.boot +++ b/aptly.boot @@ -1,11 +1,11 @@ #!/bin/bash function usage { echo "usage:" -echo "aptly.boot " +echo "aptly.boot " echo echo "port: tcp port to publish repository" echo "packages_folder: folder to mount containing packages" -echo "gpg_folder: folder where to write repository public key" +echo "dataset_folder: folder where to write repository public key and source list" echo exit 0 } @@ -17,7 +17,7 @@ fi PORT=$1 PACKAGES_FOLDER="$(realpath $2)" -GPG_FOLDER="$(realpath ./gpg)" +DATASET_FOLDER="$(realpath $3)" if [ ! -e "${PACKAGES_FOLDER}" ] then @@ -25,12 +25,12 @@ then echo "${PACKAGES_FOLDER} est vide" fi -if [ ! -e "${GPG_FOLDER}" ] +if [ ! -e "${DATASET_FOLDER}" ] then - mkdir "${GPG_FOLDER}" + mkdir "${DATASET_FOLDER}" fi -container_id=$(docker run -d -v ${PACKAGES_FOLDER}:/packages -v ${GPG_FOLDER}:/signing-key -p $PORT:8080 -e USER_EMAIL="$(git config user.email)" -e USER_NAME="$(git config user.name)" -e PASSPHRASE="$(pwgen -1 -n 20)" cadoles/aptly:dev) +container_id=$(docker run -d -v ${PACKAGES_FOLDER}:/packages:z -v ${DATASET_FOLDER}:/signing-key:z -p $PORT:8080 -e USER_EMAIL="$(git config user.email)" -e USER_NAME="$(git config user.name)" -e PASSPHRASE="$(pwgen -1 -n 20)" cadoles/aptly:dev) docker ps -q --no-trunc | grep -q ${container_id} res=$? @@ -39,11 +39,12 @@ if [ "${res}" -eq 0 ] then echo "container with id $container_id started" - echo "Send ${GPG_FOLDER}/dev.pubkey to remote host, load it in gpg ring with apt-key" + echo "Send ${DATASET_FOLDER}/aptly.key to remote host, load it in gpg ring with apt-key" echo "and add repo to apt source list" - echo "echo \"deb [arch=amd64] http://$(ip -f inet address show dev enp5s0 | grep -Po 'inet \K[\d.]+'):${PORT}/ ubuntu main\" > /etc/apt/sources.list.d/add.list" + echo "echo \"deb [arch=amd64] http://$(ip -f inet address show dev enp5s0 | grep -Po 'inet \K[\d.]+'):${PORT}/ ubuntu main\" > /etc/apt/sources.list.d/aptly.list" + echo "deb [arch=amd64] http://$(ip -f inet address show dev enp5s0 | grep -Po 'inet \K[\d.]+'):${PORT}/ ubuntu main" > ${DATASET_FOLDER}/aptly.list else echo "container not started" fi diff --git a/etc/containerpilot.json5 b/etc/containerpilot.json5 new file mode 100644 index 0000000..e60e57e --- /dev/null +++ b/etc/containerpilot.json5 @@ -0,0 +1,13 @@ +{ +jobs: [ +{ +name: "aptly_init", +exec: "/srv/aptly.sh", +}, +{ +name: "incron", +restart: "always", +exec: "/usr/bin/incrond -n" +} +] +} diff --git a/etc/incron.d/aptly.conf b/etc/incron.d/aptly.conf new file mode 100644 index 0000000..44f9322 --- /dev/null +++ b/etc/incron.d/aptly.conf @@ -0,0 +1 @@ +/packages IN_ALL_EVENTS /srv/aptly_add.sh $@ $# $% diff --git a/srv/aptly_add.sh b/srv/aptly_add.sh new file mode 100644 index 0000000..4f618bf --- /dev/null +++ b/srv/aptly_add.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +target=$1/$2 +extension"${2##*.}" +events=$3 + +echo $extension +echo $events +echo $target + +if [[ "${extension}" = "deb" ]] && ([[ "$events" =~ "IN_CREATE" ]] || [[ "$events" =~ "IN_MOVED_TO" ]]) +then + echo adding $target + aptly repo add dev $target + aptly publish update dev --batch --passphrase="$PASSPHRASE" +else + echo not adding $target +fi +exit 0 diff --git a/srv/aptly.sh b/srv/aptly_init.sh similarity index 89% rename from srv/aptly.sh rename to srv/aptly_init.sh index 6896b03..2804bd1 100755 --- a/srv/aptly.sh +++ b/srv/aptly_init.sh @@ -1,5 +1,7 @@ #!/bin/bash +/usr/sbin/incrond + cat >keyparms <keyparms < /signing-key/dev.pubkey +gpg1 --export --armor > /signing-key/aptly.key aptly repo create --component="main" --distribution="ubuntu" dev aptly repo add dev /packages