tuxmain/rust-rpxy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add default service config

Browse source
This commit is contained in:
Gamerboy59 2024-09-08 21:51:55 +02:00 committed by GitHub
commit 1ef1e09b8d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
8 changed files with 198 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

13
.build/DEB/postinst
View file

@ -2,8 +2,19 @@
set -e
# Create rpxy user if it doesn't exist
if ! id rpxy >/dev/null 2>&1; then
useradd --system --no-create-home --shell /usr/sbin/nologin rpxy
fi
# Set correct user for config directory
if [ -d /etc/rpxy ]; then
chown -R rpxy:rpxy /etc/rpxy
fi
# Reload systemd, enable and start the service
systemctl daemon-reload
systemctl enable rpxy
systemctl start rpxy
exit 0
exit 0

17
.build/DEB/postrm Normal file
View file

@ -0,0 +1,17 @@
#!/bin/bash
set -e
# Remove the rpxy user and configuration directory only if purging the package
if [ "$1" = "purge" ]; then
if id rpxy >/dev/null 2>&1; then
userdel rpxy
fi
# Remove config directory
if [ -d /etc/rpxy ]; then
rm -rf /etc/rpxy
fi
fi
exit 0

4
.build/DEB/prerm
View file

@ -2,7 +2,9 @@
set -e
# Stop and disable the service before removing
systemctl stop rpxy || true
systemctl disable rpxy || true
systemctl daemon-reload
exit 0
exit 0

9
.build/Jenkinsfile vendored
View file

@ -63,11 +63,12 @@ pipeline {
mv rust-rpxy/.build/DEB/prerm .
mv rust-rpxy/.build/RPM/rpxy.spec .
mv rust-rpxy/.build/rpxy-start.sh .
mv rust-rpxy/.build/config.toml .
mv rust-rpxy/.build/rpxy.service .
'''
stash includes: "control, postinst, prerm, rpxy-start.sh", name: "deb-control"
stash includes: "rpxy.spec", name: "rpm-spec"
stash includes: "rpxy.service", name: "service-file"
stash includes: "rpxy.service, config.toml", name: "service-file"
// Stash LICENSE and README.md
sh 'mv rust-rpxy/LICENSE .'
@ -113,7 +114,7 @@ pipeline {
sh """
mkdir -p rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS}
mkdir -p rpxy-${env.BUILD_VERSION}
mv rpxy rpxy.service LICENSE README.md rpxy-${env.BUILD_VERSION}/
mv rpxy rpxy.service LICENSE README.md config.toml rpxy-${env.BUILD_VERSION}/
tar -czf rpmbuild/SOURCES/rpxy-${env.BUILD_VERSION}.tar.gz rpxy-${env.BUILD_VERSION}/
rm -rf rpxy-${env.BUILD_VERSION}
"""
@ -171,6 +172,7 @@ pipeline {
mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin
mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/etc/systemd/system
mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/share/doc/rpxy
mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/etc/rpxy
mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN
"""
@ -184,11 +186,12 @@ pipeline {
chmod 0755 rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin/rpxy-start.sh
"""
// Move binary, service file, control file, LICENSE, and README.md
// Move binary, service, control and config file, LICENSE, and README.md
sh """
mv rpxy rpxy_${env.BUILD_VERSION}-1_amd64/usr/bin/
mv rpxy.service rpxy_${env.BUILD_VERSION}-1_amd64/etc/systemd/system/
mv LICENSE README.md rpxy_${env.BUILD_VERSION}-1_amd64/usr/share/doc/rpxy/
mv config.toml rpxy_${env.BUILD_VERSION}-1_amd64/etc/rpxy/
mv control rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/
"""

62
.build/RPM/rpxy.spec
View file

@ -18,10 +18,16 @@ This rpm installs rpxy into /usr/bin and sets up a systemd service.
%install
rm -rf %{buildroot}
# Copy binary
mkdir -p %{buildroot}%{_bindir}
cp rpxy %{buildroot}%{_bindir}/
# Create systemd service
mkdir -p %{buildroot}%{_sysconfdir}/systemd/system
cp rpxy.service %{buildroot}%{_sysconfdir}/systemd/system/
# Create config directory
mkdir -p %{buildroot}%{_sysconfdir}/rpxy/acme_registry
cp config.toml %{buildroot}%{_sysconfdir}/rpxy/
# Copy documentation
mkdir -p %{buildroot}%{_docdir}/rpxy
cp LICENSE %{buildroot}%{_docdir}/rpxy/
cp README.md %{buildroot}%{_docdir}/rpxy/
@ -29,18 +35,52 @@ cp README.md %{buildroot}%{_docdir}/rpxy/
%clean
rm -rf %{buildroot}
%pre
# Create the rpxy user if it does not exist
if ! id rpxy >/dev/null 2>&1; then
/usr/sbin/useradd -r -s /bin/false -d / -c "rpxy system user" rpxy
fi
%post
# Set ownership of config file to rpxy user
chown -R rpxy:rpxy %{_sysconfdir}/rpxy
# Reload systemd, enable and start rpxy service
systemctl daemon-reload
systemctl enable rpxy
if [ $1 -eq 1 ]; then
systemctl start rpxy
fi
%preun
# Stop the service on uninstall or upgrade
if [ $1 -eq 0 ]; then
systemctl stop rpxy
fi
%postun
# On uninstall, disable the service and reload systemd
if [ $1 -eq 0 ]; then
systemctl disable rpxy
systemctl daemon-reload
fi
# Remove rpxy user only if package is being completely removed (not upgraded)
if [ $1 -eq 0 ]; then
# Check if the rpxy user exists before attempting to delete
if id rpxy >/dev/null 2>&1; then
/usr/sbin/userdel rpxy
fi
# Remove the configuration directory if it exists and is empty
if [ -d %{_sysconfdir}/rpxy ]; then
rm -rf %{_sysconfdir}/rpxy
fi
fi
%files
%license %{_docdir}/rpxy/LICENSE
%doc %{_docdir}/rpxy/README.md
%{_bindir}/rpxy
%{_sysconfdir}/systemd/system/rpxy.service
%post
systemctl daemon-reload
systemctl enable rpxy
%preun
systemctl stop rpxy
%postun
systemctl disable rpxy
%attr(-, rpxy, rpxy) %{_bindir}/rpxy
%attr(-, rpxy, rpxy) %config(noreplace) %{_sysconfdir}/rpxy/config.toml

86
.build/config.toml Normal file
View file

@ -0,0 +1,86 @@
########################################
# #
# rust-rxpy configuration #
# #
########################################
###################################
# Global settings #
###################################
# Both or either one of http/https ports must be specified
listen_port = 80
listen_port_tls = 443
# Optional for h2 and http1.1
tcp_listen_backlog = 1024
# Optional for h2 and http1.1
max_concurrent_streams = 100
# Optional. Counted in total for http1.1, 2, 3
max_clients = 512
# Optional: Listen [::]
listen_ipv6 = false
# Optional: App that serves all plaintext http request by referring to HOSTS or request header
# execpt for configured application.
# Note that this is only for http.
# Note that nothing is served for requests via https since secure channel cannot be
# established for unconfigured server_name, and they are always rejected by checking SNI.
# default_app = 'another_localhost'
###################################
# Backend settings #
###################################
[apps]
######################################################################
## Registering a backend app served by a domain name "localhost"
#[apps.localhost]
#server_name = 'localhost' # Domain name
# Optional: TLS setting. if https_port is specified and tls is true above, either of this must be given.
#tls = { https_redirection = true, tls_cert_path = '/certs/server.crt', tls_cert_key_path = '/certs/server.key' }
#tls = { https_redirection = true, acme = true }
############################################
# For more settings check: #
# https://github.com/junkurihara/rust-rpxy #
############################################
###################################
# Experimantal settings #
###################################
[experimental]
# Higly recommend not to be true. If true, you ignore RFC. if not specified, it is always false.
# This might be required to be true when a certificate is used by multiple backend hosts, especially in case where a TLS connection is re-used.
# We should note that this strongly depends on the client implementation.
ignore_sni_consistency = false
# Force connection handling timeout regardless of the connection status, i.e., idle or not.
# 0 represents an infinite timeout. [default: 0]
# Note that idel and header read timeouts are always specified independently of this.
connection_handling_timeout = 0 # sec
# If this specified, h3 is enabled
[experimental.h3]
alt_svc_max_age = 3600 # sec
request_max_body_size = 65536 # bytes
max_concurrent_connections = 10000
max_concurrent_bidistream = 100
max_concurrent_unistream = 100
max_idle_timeout = 10 # secs. 0 represents an infinite timeout.
# WARNING: If a peer or its network path malfunctions or acts maliciously, an infinite idle timeout can result in permanently hung futures!
# If this specified, file cache feature is enabled
[experimental.cache]
cache_dir = '/tmp/rpxy/.cache' # optional. default is "./cache" relative to the current working directory
max_cache_entry = 1000 # optional. default is 1k
max_cache_each_size = 65535 # optional. default is 64k
max_cache_each_size_on_memory = 4096 # optional. default is 4k if 0, it is always file cache.
# ACME settings. Unless specified, ACME is disabled.
[experimental.acme]
dir_url = "https://acme-v02.api.letsencrypt.org/directory"
email = "test@example.com"
registry_path = "/etc/rpxy/acme_registry"

23
.build/rpxy-start.sh
View file

@ -1,10 +1,29 @@
#!/bin/bash
# Ensure the cache directory exists as it could get deleted on system restart
if [ ! -d /tmp/rpxy/.cache ]; then
# Create the temporary directory for rpxy
mkdir -p /tmp/rpxy/.cache
chown -R rpxy:rpxy /tmp/rpxy
chmod 700 /tmp/rpxy/.cache
fi
# Check if rpxy-webui is installed
if dpkg-query -W -f='${Status}' rpxy-webui 2>/dev/null | grep -q "install ok installed"; then
echo "rpxy-webui is installed. Starting rpxy with rpxy-webui"
exec /usr/local/bin/rpxy --enable-webui
exec /usr/local/bin/rpxy -w -c /var/www/rpxy-webui/storage/app/config.toml
else
echo "rpxy-webui is not installed. Starting with default config"
exec /usr/local/bin/rpxy
# Ensure the /etc/rpxy directory exists
if [ ! -d /etc/rpxy ]; then
mkdir -p /etc/rpxy
fi
# Create the config file if it doesn't exist
if [ ! -f /etc/rpxy/config.toml ]; then
echo "# Default rpxy config file" > /etc/rpxy/config.toml
fi
exec /usr/local/bin/rpxy -c /etc/rpxy/config.toml
fi

3
.build/rpxy.service
View file

@ -5,7 +5,8 @@ After=network.target
[Service]
ExecStart=/usr/local/bin/rpxy-start.sh
Restart=always
User=nobody
User=rpxy
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target