From 1d0b694627bc7511dcfda47e4e4316bab0103397 Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Wed, 4 Sep 2024 21:59:52 +0200 Subject: [PATCH 01/24] Use https instead of ssh for submodules https does not require keys to be added to a github account which is easier for ci/cd deployments --- .gitmodules | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitmodules b/.gitmodules index 7ff65fe..64f7503 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,6 +1,6 @@ [submodule "submodules/rusty-http-cache-semantics"] path = submodules/rusty-http-cache-semantics - url = git@github.com:junkurihara/rusty-http-cache-semantics.git + url = https://github.com/junkurihara/rusty-http-cache-semantics.git [submodule "submodules/rustls-acme"] path = submodules/rustls-acme - url = git@github.com:junkurihara/rustls-acme.git + url = https://github.com/junkurihara/rustls-acme.git From bf0ece92ab5fef1cf1c8f9481626305f7b208c9f Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Sun, 8 Sep 2024 18:28:03 +0200 Subject: [PATCH 02/24] Add Jenkinsfile for build automation --- .build/.gitignore | 0 .build/DEB/control | 10 +++ .build/DEB/postinst | 9 ++ .build/DEB/prerm | 8 ++ .build/Jenkinsfile | 208 +++++++++++++++++++++++++++++++++++++++++++ .build/RPM/rpxy.spec | 46 ++++++++++ .build/rpxy-start.sh | 10 +++ .build/rpxy.service | 11 +++ 8 files changed, 302 insertions(+) create mode 100644 .build/.gitignore create mode 100644 .build/DEB/control create mode 100644 .build/DEB/postinst create mode 100644 .build/DEB/prerm create mode 100644 .build/Jenkinsfile create mode 100644 .build/RPM/rpxy.spec create mode 100644 .build/rpxy-start.sh create mode 100644 .build/rpxy.service diff --git a/.build/.gitignore b/.build/.gitignore new file mode 100644 index 0000000..e69de29 diff --git a/.build/DEB/control b/.build/DEB/control new file mode 100644 index 0000000..759f84c --- /dev/null +++ b/.build/DEB/control @@ -0,0 +1,10 @@ +Package: rpxy +Version: @BUILD_VERSION@-1 +Maintainer: Jun Kurihara +Homepage: https://github.com/junkurihara/rust-rpxy +Architecture: amd64 +Depends: systemd +Recommends: rpxy-webui +Priority: optional +Section: base +Description: A simple and ultrafast reverse-proxy serving multiple domain names with TLS termination, written in Rust diff --git a/.build/DEB/postinst b/.build/DEB/postinst new file mode 100644 index 0000000..cf3206d --- /dev/null +++ b/.build/DEB/postinst @@ -0,0 +1,9 @@ +#!/bin/bash + +set -e + +systemctl daemon-reload +systemctl enable rpxy +systemctl start rpxy + +exit 0 \ No newline at end of file diff --git a/.build/DEB/prerm b/.build/DEB/prerm new file mode 100644 index 0000000..889ae8c --- /dev/null +++ b/.build/DEB/prerm @@ -0,0 +1,8 @@ +#!/bin/bash + +set -e + +systemctl stop rpxy || true +systemctl disable rpxy || true + +exit 0 \ No newline at end of file diff --git a/.build/Jenkinsfile b/.build/Jenkinsfile new file mode 100644 index 0000000..f9aade4 --- /dev/null +++ b/.build/Jenkinsfile @@ -0,0 +1,208 @@ +pipeline { + agent none + parameters { + string(name: 'BUILD_VERSION', defaultValue: '', description: 'Build version for the distribution packages') + } + stages { + stage('Build Binary and Prepare Files') { + agent { + kubernetes { + inheritFrom 'default' + yaml """ + apiVersion: v1 + kind: Pod + spec: + containers: + - name: rust-cargo + image: rust:slim + command: + - cat + tty: true + """ + } + } + steps { + container('rust-cargo') { + script { + // Install git + sh 'apt-get update && apt-get -y install git --no-install-recommends' + // Clone git repo + sh 'git clone https://github.com/junkurihara/rust-rpxy.git' + dir('rust-rpxy') { + sh """ + sed -i 's|git@github.com:junkurihara/rusty-http-cache-semantics.git|https://github.com/junkurihara/rusty-http-cache-semantics.git|g' .gitmodules + sed -i 's|git@github.com:junkurihara/rustls-acme.git|https://github.com/junkurihara/rustls-acme.git|g' .gitmodules + """ + // Load required submodules + sh 'git submodule update --init' + // Compile rustc binary + sh 'cargo build --release' + + // Extract the version from Cargo.toml if not passed as parameter + if (params.BUILD_VERSION == "") { + def versionMatch = sh(script: 'grep "^version" Cargo.toml | sed \'s/version = "\\([0-9.]*\\)"/\\1/\'', returnStdout: true).trim() + if (versionMatch) { + env.BUILD_VERSION = versionMatch + echo "Using extracted version: ${env.BUILD_VERSION}" + } else { + error "Version not found in Cargo.toml" + } + } else { + env.BUILD_VERSION = params.BUILD_VERSION + echo "Using provided build version: ${env.BUILD_VERSION}" + } + } + // Stash the binary for later use in package building stages + sh 'mv rust-rpxy/target/release/rpxy .' + stash includes: "rpxy", name: "rpxy" + + // Stash the service, control, and spec files for later use + sh ''' + mv rust-rpxy/.build/DEB/control . + mv rust-rpxy/.build/DEB/postinst . + mv rust-rpxy/.build/DEB/prerm . + mv rust-rpxy/.build/RPM/rpxy.spec . + mv rust-rpxy/.build/rpxy-start.sh . + mv rust-rpxy/.build/rpxy.service . + ''' + stash includes: "control, postinst, prerm, rpxy-start.sh", name: "deb-control" + stash includes: "rpxy.spec", name: "rpm-spec" + stash includes: "rpxy.service", name: "service-file" + + // Stash LICENSE and README.md + sh 'mv rust-rpxy/LICENSE .' + sh 'mv rust-rpxy/README.md .' + stash includes: "LICENSE, README.md", name: "docs" + + // Archive the binary and create fingerprint + archiveArtifacts artifacts: "rpxy", allowEmptyArchive: false, fingerprint: true + } + } + } + } + stage('Build RPM Package') { + agent { + kubernetes { + inheritFrom 'default' + yaml """ + apiVersion: v1 + kind: Pod + spec: + containers: + - name: rpm-build + image: rockylinux:9 + command: + - cat + tty: true + """ + } + } + steps { + container('rpm-build') { + script { + // Unstash the necessary files for this stage + unstash 'rpxy' + unstash 'rpm-spec' + unstash 'service-file' + unstash 'docs' + + // Install required tools + sh 'dnf update -y && dnf install -y rpmdevtools tar' + + // Create a tar.gz archive containing all necessary files + sh """ + mkdir -p rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} + mkdir -p rpxy-${env.BUILD_VERSION} + mv rpxy rpxy.service LICENSE README.md rpxy-${env.BUILD_VERSION}/ + tar -czf rpmbuild/SOURCES/rpxy-${env.BUILD_VERSION}.tar.gz rpxy-${env.BUILD_VERSION}/ + rm -rf rpxy-${env.BUILD_VERSION} + """ + + // Move the RPM spec file + sh 'mv rpxy.spec rpmbuild/SPECS/' + + // Replace @BUILD_VERSION@ in control file with actual version + sh "sed -i 's/@BUILD_VERSION@/${env.BUILD_VERSION}/' rpmbuild/SPECS/rpxy.spec" + + // Replace @Source0@ in control file with actual version + sh "sed -i 's/@Source0@/rpxy-${env.BUILD_VERSION}.tar.gz/' rpmbuild/SPECS/rpxy.spec" + + // Build the RPM package + sh "rpmbuild --define '_topdir ${WORKSPACE}/rpmbuild' --define '_version ${env.BUILD_VERSION}' -bb rpmbuild/SPECS/rpxy.spec" + + // Archive the RPM package and create fingerprint + archiveArtifacts artifacts: "rpmbuild/RPMS/x86_64/rpxy-${env.BUILD_VERSION}-1.el9.x86_64.rpm", allowEmptyArchive: false, fingerprint: true + } + } + } + } + stage('Build DEB Package') { + agent { + kubernetes { + inheritFrom 'default' + yaml """ + apiVersion: v1 + kind: Pod + spec: + containers: + - name: debian-build + image: debian:stable-slim + command: + - cat + tty: true + """ + } + } + steps { + container('debian-build') { + script { + // Unstash the necessary files for this stage + unstash 'rpxy' + unstash 'deb-control' + unstash 'service-file' + unstash 'docs' + + // Install required tools + sh 'apt-get update && apt-get install --no-install-recommends -y dpkg-dev' + + // Create folder structure + sh """ + mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/bin + mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin + mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/etc/systemd/system + mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/share/doc/rpxy + mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN + """ + + // Move postinstall, pre-removal and start-wrapper scripts + sh """ + mv postinst rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ + chmod 755 rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/postinst + mv prerm rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ + chmod 755 rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/prerm + mv rpxy-start.sh rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin + chmod 0755 rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin/rpxy-start.sh + """ + + // Move binary, service file, control file, LICENSE, and README.md + sh """ + mv rpxy rpxy_${env.BUILD_VERSION}-1_amd64/usr/bin/ + mv rpxy.service rpxy_${env.BUILD_VERSION}-1_amd64/etc/systemd/system/ + mv LICENSE README.md rpxy_${env.BUILD_VERSION}-1_amd64/usr/share/doc/rpxy/ + mv control rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ + """ + + // Replace @BUILD_VERSION@ in control file with actual version + sh "sed -i 's/@BUILD_VERSION@/${env.BUILD_VERSION}/' rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/control" + + // Build the DEB package + sh "dpkg-deb --build --root-owner-group rpxy_${env.BUILD_VERSION}-1_amd64" + + // Archive the DEB package and create fingerprint + archiveArtifacts artifacts: "rpxy_${env.BUILD_VERSION}-1_amd64.deb", allowEmptyArchive: false, fingerprint: true + } + } + } + } + } +} diff --git a/.build/RPM/rpxy.spec b/.build/RPM/rpxy.spec new file mode 100644 index 0000000..b282345 --- /dev/null +++ b/.build/RPM/rpxy.spec @@ -0,0 +1,46 @@ +Name: rpxy +Version: @BUILD_VERSION@ +Release: 1%{?dist} +Summary: A simple and ultrafast reverse-proxy serving multiple domain names with TLS termination, written in Rust + +License: MIT +URL: https://github.com/junkurihara/rust-rpxy +Source0: @Source0@ +BuildArch: x86_64 + +Requires: systemd + +%description +This rpm installs rpxy into /usr/bin and sets up a systemd service. + +%prep +%autosetup + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot}%{_bindir} +cp rpxy %{buildroot}%{_bindir}/ +mkdir -p %{buildroot}%{_sysconfdir}/systemd/system +cp rpxy.service %{buildroot}%{_sysconfdir}/systemd/system/ +mkdir -p %{buildroot}%{_docdir}/rpxy +cp LICENSE %{buildroot}%{_docdir}/rpxy/ +cp README.md %{buildroot}%{_docdir}/rpxy/ + +%clean +rm -rf %{buildroot} + +%files +%license %{_docdir}/rpxy/LICENSE +%doc %{_docdir}/rpxy/README.md +%{_bindir}/rpxy +%{_sysconfdir}/systemd/system/rpxy.service + +%post +systemctl daemon-reload +systemctl enable rpxy + +%preun +systemctl stop rpxy + +%postun +systemctl disable rpxy \ No newline at end of file diff --git a/.build/rpxy-start.sh b/.build/rpxy-start.sh new file mode 100644 index 0000000..b3ddae2 --- /dev/null +++ b/.build/rpxy-start.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +# Check if rpxy-webui is installed +if dpkg-query -W -f='${Status}' rpxy-webui 2>/dev/null | grep -q "install ok installed"; then + echo "rpxy-webui is installed. Starting rpxy with rpxy-webui" + exec /usr/local/bin/rpxy --enable-webui +else + echo "rpxy-webui is not installed. Starting with default config" + exec /usr/local/bin/rpxy +fi diff --git a/.build/rpxy.service b/.build/rpxy.service new file mode 100644 index 0000000..d8c880a --- /dev/null +++ b/.build/rpxy.service @@ -0,0 +1,11 @@ +[Unit] +Description=rpxy Service +After=network.target + +[Service] +ExecStart=/usr/local/bin/rpxy-start.sh +Restart=always +User=nobody + +[Install] +WantedBy=multi-user.target From a251366bd0f56821c230c0ce801a6348fc2b12ea Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Sun, 8 Sep 2024 18:32:57 +0200 Subject: [PATCH 03/24] Change to testing repo --- .build/Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.build/Jenkinsfile b/.build/Jenkinsfile index f9aade4..8148cd4 100644 --- a/.build/Jenkinsfile +++ b/.build/Jenkinsfile @@ -27,7 +27,7 @@ pipeline { // Install git sh 'apt-get update && apt-get -y install git --no-install-recommends' // Clone git repo - sh 'git clone https://github.com/junkurihara/rust-rpxy.git' + sh 'git clone -b patch-1 --single-branch https://github.com/Gamerboy59/rust-rpxy.git' dir('rust-rpxy') { sh """ sed -i 's|git@github.com:junkurihara/rusty-http-cache-semantics.git|https://github.com/junkurihara/rusty-http-cache-semantics.git|g' .gitmodules From 227e11be02ae8f1fc7b555d7e43b0c2d2ca18ef2 Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Sun, 8 Sep 2024 18:42:21 +0200 Subject: [PATCH 04/24] Fix line endings --- .build/DEB/control | 20 +-- .build/DEB/postinst | 16 +- .build/DEB/prerm | 14 +- .build/Jenkinsfile | 416 +++++++++++++++++++++---------------------- .build/RPM/rpxy.spec | 90 +++++----- .build/rpxy.service | 22 +-- 6 files changed, 289 insertions(+), 289 deletions(-) diff --git a/.build/DEB/control b/.build/DEB/control index 759f84c..526d11b 100644 --- a/.build/DEB/control +++ b/.build/DEB/control @@ -1,10 +1,10 @@ -Package: rpxy -Version: @BUILD_VERSION@-1 -Maintainer: Jun Kurihara -Homepage: https://github.com/junkurihara/rust-rpxy -Architecture: amd64 -Depends: systemd -Recommends: rpxy-webui -Priority: optional -Section: base -Description: A simple and ultrafast reverse-proxy serving multiple domain names with TLS termination, written in Rust +Package: rpxy +Version: @BUILD_VERSION@-1 +Maintainer: Jun Kurihara +Homepage: https://github.com/junkurihara/rust-rpxy +Architecture: amd64 +Depends: systemd +Recommends: rpxy-webui +Priority: optional +Section: base +Description: A simple and ultrafast reverse-proxy serving multiple domain names with TLS termination, written in Rust diff --git a/.build/DEB/postinst b/.build/DEB/postinst index cf3206d..f7564d8 100644 --- a/.build/DEB/postinst +++ b/.build/DEB/postinst @@ -1,9 +1,9 @@ -#!/bin/bash - -set -e - -systemctl daemon-reload -systemctl enable rpxy -systemctl start rpxy - +#!/bin/bash + +set -e + +systemctl daemon-reload +systemctl enable rpxy +systemctl start rpxy + exit 0 \ No newline at end of file diff --git a/.build/DEB/prerm b/.build/DEB/prerm index 889ae8c..fa07f70 100644 --- a/.build/DEB/prerm +++ b/.build/DEB/prerm @@ -1,8 +1,8 @@ -#!/bin/bash - -set -e - -systemctl stop rpxy || true -systemctl disable rpxy || true - +#!/bin/bash + +set -e + +systemctl stop rpxy || true +systemctl disable rpxy || true + exit 0 \ No newline at end of file diff --git a/.build/Jenkinsfile b/.build/Jenkinsfile index 8148cd4..a0b96f1 100644 --- a/.build/Jenkinsfile +++ b/.build/Jenkinsfile @@ -1,208 +1,208 @@ -pipeline { - agent none - parameters { - string(name: 'BUILD_VERSION', defaultValue: '', description: 'Build version for the distribution packages') - } - stages { - stage('Build Binary and Prepare Files') { - agent { - kubernetes { - inheritFrom 'default' - yaml """ - apiVersion: v1 - kind: Pod - spec: - containers: - - name: rust-cargo - image: rust:slim - command: - - cat - tty: true - """ - } - } - steps { - container('rust-cargo') { - script { - // Install git - sh 'apt-get update && apt-get -y install git --no-install-recommends' - // Clone git repo - sh 'git clone -b patch-1 --single-branch https://github.com/Gamerboy59/rust-rpxy.git' - dir('rust-rpxy') { - sh """ - sed -i 's|git@github.com:junkurihara/rusty-http-cache-semantics.git|https://github.com/junkurihara/rusty-http-cache-semantics.git|g' .gitmodules - sed -i 's|git@github.com:junkurihara/rustls-acme.git|https://github.com/junkurihara/rustls-acme.git|g' .gitmodules - """ - // Load required submodules - sh 'git submodule update --init' - // Compile rustc binary - sh 'cargo build --release' - - // Extract the version from Cargo.toml if not passed as parameter - if (params.BUILD_VERSION == "") { - def versionMatch = sh(script: 'grep "^version" Cargo.toml | sed \'s/version = "\\([0-9.]*\\)"/\\1/\'', returnStdout: true).trim() - if (versionMatch) { - env.BUILD_VERSION = versionMatch - echo "Using extracted version: ${env.BUILD_VERSION}" - } else { - error "Version not found in Cargo.toml" - } - } else { - env.BUILD_VERSION = params.BUILD_VERSION - echo "Using provided build version: ${env.BUILD_VERSION}" - } - } - // Stash the binary for later use in package building stages - sh 'mv rust-rpxy/target/release/rpxy .' - stash includes: "rpxy", name: "rpxy" - - // Stash the service, control, and spec files for later use - sh ''' - mv rust-rpxy/.build/DEB/control . - mv rust-rpxy/.build/DEB/postinst . - mv rust-rpxy/.build/DEB/prerm . - mv rust-rpxy/.build/RPM/rpxy.spec . - mv rust-rpxy/.build/rpxy-start.sh . - mv rust-rpxy/.build/rpxy.service . - ''' - stash includes: "control, postinst, prerm, rpxy-start.sh", name: "deb-control" - stash includes: "rpxy.spec", name: "rpm-spec" - stash includes: "rpxy.service", name: "service-file" - - // Stash LICENSE and README.md - sh 'mv rust-rpxy/LICENSE .' - sh 'mv rust-rpxy/README.md .' - stash includes: "LICENSE, README.md", name: "docs" - - // Archive the binary and create fingerprint - archiveArtifacts artifacts: "rpxy", allowEmptyArchive: false, fingerprint: true - } - } - } - } - stage('Build RPM Package') { - agent { - kubernetes { - inheritFrom 'default' - yaml """ - apiVersion: v1 - kind: Pod - spec: - containers: - - name: rpm-build - image: rockylinux:9 - command: - - cat - tty: true - """ - } - } - steps { - container('rpm-build') { - script { - // Unstash the necessary files for this stage - unstash 'rpxy' - unstash 'rpm-spec' - unstash 'service-file' - unstash 'docs' - - // Install required tools - sh 'dnf update -y && dnf install -y rpmdevtools tar' - - // Create a tar.gz archive containing all necessary files - sh """ - mkdir -p rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} - mkdir -p rpxy-${env.BUILD_VERSION} - mv rpxy rpxy.service LICENSE README.md rpxy-${env.BUILD_VERSION}/ - tar -czf rpmbuild/SOURCES/rpxy-${env.BUILD_VERSION}.tar.gz rpxy-${env.BUILD_VERSION}/ - rm -rf rpxy-${env.BUILD_VERSION} - """ - - // Move the RPM spec file - sh 'mv rpxy.spec rpmbuild/SPECS/' - - // Replace @BUILD_VERSION@ in control file with actual version - sh "sed -i 's/@BUILD_VERSION@/${env.BUILD_VERSION}/' rpmbuild/SPECS/rpxy.spec" - - // Replace @Source0@ in control file with actual version - sh "sed -i 's/@Source0@/rpxy-${env.BUILD_VERSION}.tar.gz/' rpmbuild/SPECS/rpxy.spec" - - // Build the RPM package - sh "rpmbuild --define '_topdir ${WORKSPACE}/rpmbuild' --define '_version ${env.BUILD_VERSION}' -bb rpmbuild/SPECS/rpxy.spec" - - // Archive the RPM package and create fingerprint - archiveArtifacts artifacts: "rpmbuild/RPMS/x86_64/rpxy-${env.BUILD_VERSION}-1.el9.x86_64.rpm", allowEmptyArchive: false, fingerprint: true - } - } - } - } - stage('Build DEB Package') { - agent { - kubernetes { - inheritFrom 'default' - yaml """ - apiVersion: v1 - kind: Pod - spec: - containers: - - name: debian-build - image: debian:stable-slim - command: - - cat - tty: true - """ - } - } - steps { - container('debian-build') { - script { - // Unstash the necessary files for this stage - unstash 'rpxy' - unstash 'deb-control' - unstash 'service-file' - unstash 'docs' - - // Install required tools - sh 'apt-get update && apt-get install --no-install-recommends -y dpkg-dev' - - // Create folder structure - sh """ - mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/bin - mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin - mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/etc/systemd/system - mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/share/doc/rpxy - mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN - """ - - // Move postinstall, pre-removal and start-wrapper scripts - sh """ - mv postinst rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ - chmod 755 rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/postinst - mv prerm rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ - chmod 755 rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/prerm - mv rpxy-start.sh rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin - chmod 0755 rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin/rpxy-start.sh - """ - - // Move binary, service file, control file, LICENSE, and README.md - sh """ - mv rpxy rpxy_${env.BUILD_VERSION}-1_amd64/usr/bin/ - mv rpxy.service rpxy_${env.BUILD_VERSION}-1_amd64/etc/systemd/system/ - mv LICENSE README.md rpxy_${env.BUILD_VERSION}-1_amd64/usr/share/doc/rpxy/ - mv control rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ - """ - - // Replace @BUILD_VERSION@ in control file with actual version - sh "sed -i 's/@BUILD_VERSION@/${env.BUILD_VERSION}/' rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/control" - - // Build the DEB package - sh "dpkg-deb --build --root-owner-group rpxy_${env.BUILD_VERSION}-1_amd64" - - // Archive the DEB package and create fingerprint - archiveArtifacts artifacts: "rpxy_${env.BUILD_VERSION}-1_amd64.deb", allowEmptyArchive: false, fingerprint: true - } - } - } - } - } -} +pipeline { + agent none + parameters { + string(name: 'BUILD_VERSION', defaultValue: '', description: 'Build version for the distribution packages') + } + stages { + stage('Build Binary and Prepare Files') { + agent { + kubernetes { + inheritFrom 'default' + yaml """ + apiVersion: v1 + kind: Pod + spec: + containers: + - name: rust-cargo + image: rust:slim + command: + - cat + tty: true + """ + } + } + steps { + container('rust-cargo') { + script { + // Install git + sh 'apt-get update && apt-get -y install git --no-install-recommends' + // Clone git repo + sh 'git clone -b patch-1 --single-branch https://github.com/Gamerboy59/rust-rpxy.git' + dir('rust-rpxy') { + sh """ + sed -i 's|git@github.com:junkurihara/rusty-http-cache-semantics.git|https://github.com/junkurihara/rusty-http-cache-semantics.git|g' .gitmodules + sed -i 's|git@github.com:junkurihara/rustls-acme.git|https://github.com/junkurihara/rustls-acme.git|g' .gitmodules + """ + // Load required submodules + sh 'git submodule update --init' + // Compile rustc binary + sh 'cargo build --release' + + // Extract the version from Cargo.toml if not passed as parameter + if (params.BUILD_VERSION == "") { + def versionMatch = sh(script: 'grep "^version" Cargo.toml | sed \'s/version = "\\([0-9.]*\\)"/\\1/\'', returnStdout: true).trim() + if (versionMatch) { + env.BUILD_VERSION = versionMatch + echo "Using extracted version: ${env.BUILD_VERSION}" + } else { + error "Version not found in Cargo.toml" + } + } else { + env.BUILD_VERSION = params.BUILD_VERSION + echo "Using provided build version: ${env.BUILD_VERSION}" + } + } + // Stash the binary for later use in package building stages + sh 'mv rust-rpxy/target/release/rpxy .' + stash includes: "rpxy", name: "rpxy" + + // Stash the service, control, and spec files for later use + sh ''' + mv rust-rpxy/.build/DEB/control . + mv rust-rpxy/.build/DEB/postinst . + mv rust-rpxy/.build/DEB/prerm . + mv rust-rpxy/.build/RPM/rpxy.spec . + mv rust-rpxy/.build/rpxy-start.sh . + mv rust-rpxy/.build/rpxy.service . + ''' + stash includes: "control, postinst, prerm, rpxy-start.sh", name: "deb-control" + stash includes: "rpxy.spec", name: "rpm-spec" + stash includes: "rpxy.service", name: "service-file" + + // Stash LICENSE and README.md + sh 'mv rust-rpxy/LICENSE .' + sh 'mv rust-rpxy/README.md .' + stash includes: "LICENSE, README.md", name: "docs" + + // Archive the binary and create fingerprint + archiveArtifacts artifacts: "rpxy", allowEmptyArchive: false, fingerprint: true + } + } + } + } + stage('Build RPM Package') { + agent { + kubernetes { + inheritFrom 'default' + yaml """ + apiVersion: v1 + kind: Pod + spec: + containers: + - name: rpm-build + image: rockylinux:9 + command: + - cat + tty: true + """ + } + } + steps { + container('rpm-build') { + script { + // Unstash the necessary files for this stage + unstash 'rpxy' + unstash 'rpm-spec' + unstash 'service-file' + unstash 'docs' + + // Install required tools + sh 'dnf update -y && dnf install -y rpmdevtools tar' + + // Create a tar.gz archive containing all necessary files + sh """ + mkdir -p rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} + mkdir -p rpxy-${env.BUILD_VERSION} + mv rpxy rpxy.service LICENSE README.md rpxy-${env.BUILD_VERSION}/ + tar -czf rpmbuild/SOURCES/rpxy-${env.BUILD_VERSION}.tar.gz rpxy-${env.BUILD_VERSION}/ + rm -rf rpxy-${env.BUILD_VERSION} + """ + + // Move the RPM spec file + sh 'mv rpxy.spec rpmbuild/SPECS/' + + // Replace @BUILD_VERSION@ in control file with actual version + sh "sed -i 's/@BUILD_VERSION@/${env.BUILD_VERSION}/' rpmbuild/SPECS/rpxy.spec" + + // Replace @Source0@ in control file with actual version + sh "sed -i 's/@Source0@/rpxy-${env.BUILD_VERSION}.tar.gz/' rpmbuild/SPECS/rpxy.spec" + + // Build the RPM package + sh "rpmbuild --define '_topdir ${WORKSPACE}/rpmbuild' --define '_version ${env.BUILD_VERSION}' -bb rpmbuild/SPECS/rpxy.spec" + + // Archive the RPM package and create fingerprint + archiveArtifacts artifacts: "rpmbuild/RPMS/x86_64/rpxy-${env.BUILD_VERSION}-1.el9.x86_64.rpm", allowEmptyArchive: false, fingerprint: true + } + } + } + } + stage('Build DEB Package') { + agent { + kubernetes { + inheritFrom 'default' + yaml """ + apiVersion: v1 + kind: Pod + spec: + containers: + - name: debian-build + image: debian:stable-slim + command: + - cat + tty: true + """ + } + } + steps { + container('debian-build') { + script { + // Unstash the necessary files for this stage + unstash 'rpxy' + unstash 'deb-control' + unstash 'service-file' + unstash 'docs' + + // Install required tools + sh 'apt-get update && apt-get install --no-install-recommends -y dpkg-dev' + + // Create folder structure + sh """ + mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/bin + mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin + mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/etc/systemd/system + mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/share/doc/rpxy + mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN + """ + + // Move postinstall, pre-removal and start-wrapper scripts + sh """ + mv postinst rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ + chmod 755 rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/postinst + mv prerm rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ + chmod 755 rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/prerm + mv rpxy-start.sh rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin + chmod 0755 rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin/rpxy-start.sh + """ + + // Move binary, service file, control file, LICENSE, and README.md + sh """ + mv rpxy rpxy_${env.BUILD_VERSION}-1_amd64/usr/bin/ + mv rpxy.service rpxy_${env.BUILD_VERSION}-1_amd64/etc/systemd/system/ + mv LICENSE README.md rpxy_${env.BUILD_VERSION}-1_amd64/usr/share/doc/rpxy/ + mv control rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ + """ + + // Replace @BUILD_VERSION@ in control file with actual version + sh "sed -i 's/@BUILD_VERSION@/${env.BUILD_VERSION}/' rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/control" + + // Build the DEB package + sh "dpkg-deb --build --root-owner-group rpxy_${env.BUILD_VERSION}-1_amd64" + + // Archive the DEB package and create fingerprint + archiveArtifacts artifacts: "rpxy_${env.BUILD_VERSION}-1_amd64.deb", allowEmptyArchive: false, fingerprint: true + } + } + } + } + } +} diff --git a/.build/RPM/rpxy.spec b/.build/RPM/rpxy.spec index b282345..29e1c99 100644 --- a/.build/RPM/rpxy.spec +++ b/.build/RPM/rpxy.spec @@ -1,46 +1,46 @@ -Name: rpxy -Version: @BUILD_VERSION@ -Release: 1%{?dist} -Summary: A simple and ultrafast reverse-proxy serving multiple domain names with TLS termination, written in Rust - -License: MIT -URL: https://github.com/junkurihara/rust-rpxy -Source0: @Source0@ -BuildArch: x86_64 - -Requires: systemd - -%description -This rpm installs rpxy into /usr/bin and sets up a systemd service. - -%prep -%autosetup - -%install -rm -rf %{buildroot} -mkdir -p %{buildroot}%{_bindir} -cp rpxy %{buildroot}%{_bindir}/ -mkdir -p %{buildroot}%{_sysconfdir}/systemd/system -cp rpxy.service %{buildroot}%{_sysconfdir}/systemd/system/ -mkdir -p %{buildroot}%{_docdir}/rpxy -cp LICENSE %{buildroot}%{_docdir}/rpxy/ -cp README.md %{buildroot}%{_docdir}/rpxy/ - -%clean -rm -rf %{buildroot} - -%files -%license %{_docdir}/rpxy/LICENSE -%doc %{_docdir}/rpxy/README.md -%{_bindir}/rpxy -%{_sysconfdir}/systemd/system/rpxy.service - -%post -systemctl daemon-reload -systemctl enable rpxy - -%preun -systemctl stop rpxy - -%postun +Name: rpxy +Version: @BUILD_VERSION@ +Release: 1%{?dist} +Summary: A simple and ultrafast reverse-proxy serving multiple domain names with TLS termination, written in Rust + +License: MIT +URL: https://github.com/junkurihara/rust-rpxy +Source0: @Source0@ +BuildArch: x86_64 + +Requires: systemd + +%description +This rpm installs rpxy into /usr/bin and sets up a systemd service. + +%prep +%autosetup + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot}%{_bindir} +cp rpxy %{buildroot}%{_bindir}/ +mkdir -p %{buildroot}%{_sysconfdir}/systemd/system +cp rpxy.service %{buildroot}%{_sysconfdir}/systemd/system/ +mkdir -p %{buildroot}%{_docdir}/rpxy +cp LICENSE %{buildroot}%{_docdir}/rpxy/ +cp README.md %{buildroot}%{_docdir}/rpxy/ + +%clean +rm -rf %{buildroot} + +%files +%license %{_docdir}/rpxy/LICENSE +%doc %{_docdir}/rpxy/README.md +%{_bindir}/rpxy +%{_sysconfdir}/systemd/system/rpxy.service + +%post +systemctl daemon-reload +systemctl enable rpxy + +%preun +systemctl stop rpxy + +%postun systemctl disable rpxy \ No newline at end of file diff --git a/.build/rpxy.service b/.build/rpxy.service index d8c880a..836efaa 100644 --- a/.build/rpxy.service +++ b/.build/rpxy.service @@ -1,11 +1,11 @@ -[Unit] -Description=rpxy Service -After=network.target - -[Service] -ExecStart=/usr/local/bin/rpxy-start.sh -Restart=always -User=nobody - -[Install] -WantedBy=multi-user.target +[Unit] +Description=rpxy Service +After=network.target + +[Service] +ExecStart=/usr/local/bin/rpxy-start.sh +Restart=always +User=nobody + +[Install] +WantedBy=multi-user.target From 1ef1e09b8dd90bbbff68a8bcaf289525ced0d94c Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Sun, 8 Sep 2024 21:51:55 +0200 Subject: [PATCH 05/24] Add default service config --- .build/DEB/postinst | 13 ++++++- .build/DEB/postrm | 17 +++++++++ .build/DEB/prerm | 4 ++- .build/Jenkinsfile | 9 +++-- .build/RPM/rpxy.spec | 62 ++++++++++++++++++++++++++------ .build/config.toml | 86 ++++++++++++++++++++++++++++++++++++++++++++ .build/rpxy-start.sh | 23 ++++++++++-- .build/rpxy.service | 3 +- 8 files changed, 198 insertions(+), 19 deletions(-) create mode 100644 .build/DEB/postrm create mode 100644 .build/config.toml diff --git a/.build/DEB/postinst b/.build/DEB/postinst index f7564d8..b3f180e 100644 --- a/.build/DEB/postinst +++ b/.build/DEB/postinst @@ -2,8 +2,19 @@ set -e +# Create rpxy user if it doesn't exist +if ! id rpxy >/dev/null 2>&1; then + useradd --system --no-create-home --shell /usr/sbin/nologin rpxy +fi + +# Set correct user for config directory +if [ -d /etc/rpxy ]; then + chown -R rpxy:rpxy /etc/rpxy +fi + +# Reload systemd, enable and start the service systemctl daemon-reload systemctl enable rpxy systemctl start rpxy -exit 0 \ No newline at end of file +exit 0 diff --git a/.build/DEB/postrm b/.build/DEB/postrm new file mode 100644 index 0000000..b88f939 --- /dev/null +++ b/.build/DEB/postrm @@ -0,0 +1,17 @@ +#!/bin/bash + +set -e + +# Remove the rpxy user and configuration directory only if purging the package +if [ "$1" = "purge" ]; then + if id rpxy >/dev/null 2>&1; then + userdel rpxy + fi + + # Remove config directory + if [ -d /etc/rpxy ]; then + rm -rf /etc/rpxy + fi +fi + +exit 0 diff --git a/.build/DEB/prerm b/.build/DEB/prerm index fa07f70..d4548d6 100644 --- a/.build/DEB/prerm +++ b/.build/DEB/prerm @@ -2,7 +2,9 @@ set -e +# Stop and disable the service before removing systemctl stop rpxy || true systemctl disable rpxy || true +systemctl daemon-reload -exit 0 \ No newline at end of file +exit 0 diff --git a/.build/Jenkinsfile b/.build/Jenkinsfile index a0b96f1..292539d 100644 --- a/.build/Jenkinsfile +++ b/.build/Jenkinsfile @@ -63,11 +63,12 @@ pipeline { mv rust-rpxy/.build/DEB/prerm . mv rust-rpxy/.build/RPM/rpxy.spec . mv rust-rpxy/.build/rpxy-start.sh . + mv rust-rpxy/.build/config.toml . mv rust-rpxy/.build/rpxy.service . ''' stash includes: "control, postinst, prerm, rpxy-start.sh", name: "deb-control" stash includes: "rpxy.spec", name: "rpm-spec" - stash includes: "rpxy.service", name: "service-file" + stash includes: "rpxy.service, config.toml", name: "service-file" // Stash LICENSE and README.md sh 'mv rust-rpxy/LICENSE .' @@ -113,7 +114,7 @@ pipeline { sh """ mkdir -p rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} mkdir -p rpxy-${env.BUILD_VERSION} - mv rpxy rpxy.service LICENSE README.md rpxy-${env.BUILD_VERSION}/ + mv rpxy rpxy.service LICENSE README.md config.toml rpxy-${env.BUILD_VERSION}/ tar -czf rpmbuild/SOURCES/rpxy-${env.BUILD_VERSION}.tar.gz rpxy-${env.BUILD_VERSION}/ rm -rf rpxy-${env.BUILD_VERSION} """ @@ -171,6 +172,7 @@ pipeline { mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/etc/systemd/system mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/share/doc/rpxy + mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/etc/rpxy mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN """ @@ -184,11 +186,12 @@ pipeline { chmod 0755 rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin/rpxy-start.sh """ - // Move binary, service file, control file, LICENSE, and README.md + // Move binary, service, control and config file, LICENSE, and README.md sh """ mv rpxy rpxy_${env.BUILD_VERSION}-1_amd64/usr/bin/ mv rpxy.service rpxy_${env.BUILD_VERSION}-1_amd64/etc/systemd/system/ mv LICENSE README.md rpxy_${env.BUILD_VERSION}-1_amd64/usr/share/doc/rpxy/ + mv config.toml rpxy_${env.BUILD_VERSION}-1_amd64/etc/rpxy/ mv control rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ """ diff --git a/.build/RPM/rpxy.spec b/.build/RPM/rpxy.spec index 29e1c99..5f664c9 100644 --- a/.build/RPM/rpxy.spec +++ b/.build/RPM/rpxy.spec @@ -18,10 +18,16 @@ This rpm installs rpxy into /usr/bin and sets up a systemd service. %install rm -rf %{buildroot} +# Copy binary mkdir -p %{buildroot}%{_bindir} cp rpxy %{buildroot}%{_bindir}/ +# Create systemd service mkdir -p %{buildroot}%{_sysconfdir}/systemd/system cp rpxy.service %{buildroot}%{_sysconfdir}/systemd/system/ +# Create config directory +mkdir -p %{buildroot}%{_sysconfdir}/rpxy/acme_registry +cp config.toml %{buildroot}%{_sysconfdir}/rpxy/ +# Copy documentation mkdir -p %{buildroot}%{_docdir}/rpxy cp LICENSE %{buildroot}%{_docdir}/rpxy/ cp README.md %{buildroot}%{_docdir}/rpxy/ @@ -29,18 +35,52 @@ cp README.md %{buildroot}%{_docdir}/rpxy/ %clean rm -rf %{buildroot} +%pre +# Create the rpxy user if it does not exist +if ! id rpxy >/dev/null 2>&1; then + /usr/sbin/useradd -r -s /bin/false -d / -c "rpxy system user" rpxy +fi + +%post +# Set ownership of config file to rpxy user +chown -R rpxy:rpxy %{_sysconfdir}/rpxy + +# Reload systemd, enable and start rpxy service +systemctl daemon-reload +systemctl enable rpxy +if [ $1 -eq 1 ]; then + systemctl start rpxy +fi + +%preun +# Stop the service on uninstall or upgrade +if [ $1 -eq 0 ]; then + systemctl stop rpxy +fi + +%postun +# On uninstall, disable the service and reload systemd +if [ $1 -eq 0 ]; then + systemctl disable rpxy + systemctl daemon-reload +fi + +# Remove rpxy user only if package is being completely removed (not upgraded) +if [ $1 -eq 0 ]; then + # Check if the rpxy user exists before attempting to delete + if id rpxy >/dev/null 2>&1; then + /usr/sbin/userdel rpxy + fi + + # Remove the configuration directory if it exists and is empty + if [ -d %{_sysconfdir}/rpxy ]; then + rm -rf %{_sysconfdir}/rpxy + fi +fi + %files %license %{_docdir}/rpxy/LICENSE %doc %{_docdir}/rpxy/README.md -%{_bindir}/rpxy %{_sysconfdir}/systemd/system/rpxy.service - -%post -systemctl daemon-reload -systemctl enable rpxy - -%preun -systemctl stop rpxy - -%postun -systemctl disable rpxy \ No newline at end of file +%attr(-, rpxy, rpxy) %{_bindir}/rpxy +%attr(-, rpxy, rpxy) %config(noreplace) %{_sysconfdir}/rpxy/config.toml diff --git a/.build/config.toml b/.build/config.toml new file mode 100644 index 0000000..5b60c51 --- /dev/null +++ b/.build/config.toml @@ -0,0 +1,86 @@ +######################################## +# # +# rust-rxpy configuration # +# # +######################################## +################################### +# Global settings # +################################### +# Both or either one of http/https ports must be specified +listen_port = 80 +listen_port_tls = 443 + +# Optional for h2 and http1.1 +tcp_listen_backlog = 1024 + +# Optional for h2 and http1.1 +max_concurrent_streams = 100 + +# Optional. Counted in total for http1.1, 2, 3 +max_clients = 512 + +# Optional: Listen [::] +listen_ipv6 = false + +# Optional: App that serves all plaintext http request by referring to HOSTS or request header +# execpt for configured application. +# Note that this is only for http. +# Note that nothing is served for requests via https since secure channel cannot be +# established for unconfigured server_name, and they are always rejected by checking SNI. +# default_app = 'another_localhost' + +################################### +# Backend settings # +################################### +[apps] + +###################################################################### +## Registering a backend app served by a domain name "localhost" +#[apps.localhost] +#server_name = 'localhost' # Domain name + +# Optional: TLS setting. if https_port is specified and tls is true above, either of this must be given. +#tls = { https_redirection = true, tls_cert_path = '/certs/server.crt', tls_cert_key_path = '/certs/server.key' } +#tls = { https_redirection = true, acme = true } + +############################################ +# For more settings check: # +# https://github.com/junkurihara/rust-rpxy # +############################################ + +################################### +# Experimantal settings # +################################### +[experimental] +# Higly recommend not to be true. If true, you ignore RFC. if not specified, it is always false. +# This might be required to be true when a certificate is used by multiple backend hosts, especially in case where a TLS connection is re-used. +# We should note that this strongly depends on the client implementation. +ignore_sni_consistency = false + +# Force connection handling timeout regardless of the connection status, i.e., idle or not. +# 0 represents an infinite timeout. [default: 0] +# Note that idel and header read timeouts are always specified independently of this. +connection_handling_timeout = 0 # sec + +# If this specified, h3 is enabled +[experimental.h3] +alt_svc_max_age = 3600 # sec +request_max_body_size = 65536 # bytes +max_concurrent_connections = 10000 +max_concurrent_bidistream = 100 +max_concurrent_unistream = 100 +max_idle_timeout = 10 # secs. 0 represents an infinite timeout. +# WARNING: If a peer or its network path malfunctions or acts maliciously, an infinite idle timeout can result in permanently hung futures! + +# If this specified, file cache feature is enabled +[experimental.cache] +cache_dir = '/tmp/rpxy/.cache' # optional. default is "./cache" relative to the current working directory +max_cache_entry = 1000 # optional. default is 1k +max_cache_each_size = 65535 # optional. default is 64k +max_cache_each_size_on_memory = 4096 # optional. default is 4k if 0, it is always file cache. + +# ACME settings. Unless specified, ACME is disabled. +[experimental.acme] +dir_url = "https://acme-v02.api.letsencrypt.org/directory" +email = "test@example.com" +registry_path = "/etc/rpxy/acme_registry" \ No newline at end of file diff --git a/.build/rpxy-start.sh b/.build/rpxy-start.sh index b3ddae2..ba06ef7 100644 --- a/.build/rpxy-start.sh +++ b/.build/rpxy-start.sh @@ -1,10 +1,29 @@ #!/bin/bash +# Ensure the cache directory exists as it could get deleted on system restart +if [ ! -d /tmp/rpxy/.cache ]; then + # Create the temporary directory for rpxy + mkdir -p /tmp/rpxy/.cache + chown -R rpxy:rpxy /tmp/rpxy + chmod 700 /tmp/rpxy/.cache +fi + # Check if rpxy-webui is installed if dpkg-query -W -f='${Status}' rpxy-webui 2>/dev/null | grep -q "install ok installed"; then echo "rpxy-webui is installed. Starting rpxy with rpxy-webui" - exec /usr/local/bin/rpxy --enable-webui + exec /usr/local/bin/rpxy -w -c /var/www/rpxy-webui/storage/app/config.toml else echo "rpxy-webui is not installed. Starting with default config" - exec /usr/local/bin/rpxy + + # Ensure the /etc/rpxy directory exists + if [ ! -d /etc/rpxy ]; then + mkdir -p /etc/rpxy + fi + + # Create the config file if it doesn't exist + if [ ! -f /etc/rpxy/config.toml ]; then + echo "# Default rpxy config file" > /etc/rpxy/config.toml + fi + + exec /usr/local/bin/rpxy -c /etc/rpxy/config.toml fi diff --git a/.build/rpxy.service b/.build/rpxy.service index 836efaa..606384b 100644 --- a/.build/rpxy.service +++ b/.build/rpxy.service @@ -5,7 +5,8 @@ After=network.target [Service] ExecStart=/usr/local/bin/rpxy-start.sh Restart=always -User=nobody +User=rpxy +AmbientCapabilities=CAP_NET_BIND_SERVICE [Install] WantedBy=multi-user.target From 14cca9ed4fecf06cbc25c06a0488715a8f0fe323 Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Sun, 8 Sep 2024 21:54:29 +0200 Subject: [PATCH 06/24] Add missing copy for new script --- .build/Jenkinsfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.build/Jenkinsfile b/.build/Jenkinsfile index 292539d..3353949 100644 --- a/.build/Jenkinsfile +++ b/.build/Jenkinsfile @@ -182,7 +182,9 @@ pipeline { chmod 755 rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/postinst mv prerm rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ chmod 755 rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/prerm - mv rpxy-start.sh rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin + mv postrm rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ + chmod 755 rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/postrm + mv rpxy-start.sh rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin/ chmod 0755 rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin/rpxy-start.sh """ From 207fda4a789ef1bdb4e3bcf7932ad7ce327bf278 Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Sun, 8 Sep 2024 22:00:54 +0200 Subject: [PATCH 07/24] Add missing stash include --- .build/Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.build/Jenkinsfile b/.build/Jenkinsfile index 3353949..ebffdf3 100644 --- a/.build/Jenkinsfile +++ b/.build/Jenkinsfile @@ -66,7 +66,7 @@ pipeline { mv rust-rpxy/.build/config.toml . mv rust-rpxy/.build/rpxy.service . ''' - stash includes: "control, postinst, prerm, rpxy-start.sh", name: "deb-control" + stash includes: "control, postinst, prerm, postrm, rpxy-start.sh", name: "deb-control" stash includes: "rpxy.spec", name: "rpm-spec" stash includes: "rpxy.service, config.toml", name: "service-file" From 7f69051e64c140a9d76f393e5fad53e0c5644f6e Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Sun, 8 Sep 2024 22:10:25 +0200 Subject: [PATCH 08/24] Add copy missing deb file --- .build/Jenkinsfile | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.build/Jenkinsfile b/.build/Jenkinsfile index ebffdf3..092a3f5 100644 --- a/.build/Jenkinsfile +++ b/.build/Jenkinsfile @@ -61,13 +61,14 @@ pipeline { mv rust-rpxy/.build/DEB/control . mv rust-rpxy/.build/DEB/postinst . mv rust-rpxy/.build/DEB/prerm . + mv rust-rpxy/.build/DEB/postrm . mv rust-rpxy/.build/RPM/rpxy.spec . mv rust-rpxy/.build/rpxy-start.sh . mv rust-rpxy/.build/config.toml . mv rust-rpxy/.build/rpxy.service . ''' - stash includes: "control, postinst, prerm, postrm, rpxy-start.sh", name: "deb-control" - stash includes: "rpxy.spec", name: "rpm-spec" + stash includes: "control, postinst, prerm, postrm, rpxy-start.sh", name: "deb-files" + stash includes: "rpxy.spec", name: "rpm-files" stash includes: "rpxy.service, config.toml", name: "service-file" // Stash LICENSE and README.md @@ -103,7 +104,7 @@ pipeline { script { // Unstash the necessary files for this stage unstash 'rpxy' - unstash 'rpm-spec' + unstash 'rpm-files' unstash 'service-file' unstash 'docs' @@ -159,7 +160,7 @@ pipeline { script { // Unstash the necessary files for this stage unstash 'rpxy' - unstash 'deb-control' + unstash 'deb-files' unstash 'service-file' unstash 'docs' From 0cf5bb6d8c9ac199687e5b63701d0c3e0211f1b2 Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Sun, 8 Sep 2024 22:42:17 +0200 Subject: [PATCH 09/24] Fixing directory location and default config --- .build/Jenkinsfile | 2 +- .build/config.toml | 6 ++++-- .build/rpxy-start.sh | 4 ++-- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/.build/Jenkinsfile b/.build/Jenkinsfile index 092a3f5..5244ac1 100644 --- a/.build/Jenkinsfile +++ b/.build/Jenkinsfile @@ -173,7 +173,7 @@ pipeline { mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/etc/systemd/system mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/share/doc/rpxy - mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/etc/rpxy + mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/etc/rpxy/acme_registry mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN """ diff --git a/.build/config.toml b/.build/config.toml index 5b60c51..8a453ae 100644 --- a/.build/config.toml +++ b/.build/config.toml @@ -36,8 +36,10 @@ listen_ipv6 = false ###################################################################### ## Registering a backend app served by a domain name "localhost" -#[apps.localhost] -#server_name = 'localhost' # Domain name +[apps.localhost] +server_name = 'localhost' # Domain name + +reverse_proxy = [{ upstream = [{ location = 'localhost:8080' }] }] # Optional: TLS setting. if https_port is specified and tls is true above, either of this must be given. #tls = { https_redirection = true, tls_cert_path = '/certs/server.crt', tls_cert_key_path = '/certs/server.key' } diff --git a/.build/rpxy-start.sh b/.build/rpxy-start.sh index ba06ef7..199e5c6 100644 --- a/.build/rpxy-start.sh +++ b/.build/rpxy-start.sh @@ -11,7 +11,7 @@ fi # Check if rpxy-webui is installed if dpkg-query -W -f='${Status}' rpxy-webui 2>/dev/null | grep -q "install ok installed"; then echo "rpxy-webui is installed. Starting rpxy with rpxy-webui" - exec /usr/local/bin/rpxy -w -c /var/www/rpxy-webui/storage/app/config.toml + exec /usr/bin/rpxy -w -c /var/www/rpxy-webui/storage/app/config.toml else echo "rpxy-webui is not installed. Starting with default config" @@ -25,5 +25,5 @@ else echo "# Default rpxy config file" > /etc/rpxy/config.toml fi - exec /usr/local/bin/rpxy -c /etc/rpxy/config.toml + exec /usr/bin/rpxy -c /etc/rpxy/config.toml fi From 82e758de6278bbbcf0f1958523ba5f049c03eded Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Sun, 8 Sep 2024 22:45:23 +0200 Subject: [PATCH 10/24] Reset branch to main repo --- .build/Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.build/Jenkinsfile b/.build/Jenkinsfile index 5244ac1..a3b253d 100644 --- a/.build/Jenkinsfile +++ b/.build/Jenkinsfile @@ -27,7 +27,7 @@ pipeline { // Install git sh 'apt-get update && apt-get -y install git --no-install-recommends' // Clone git repo - sh 'git clone -b patch-1 --single-branch https://github.com/Gamerboy59/rust-rpxy.git' + sh 'git clone https://github.com/junkurihara/rust-rpxy.git' dir('rust-rpxy') { sh """ sed -i 's|git@github.com:junkurihara/rusty-http-cache-semantics.git|https://github.com/junkurihara/rusty-http-cache-semantics.git|g' .gitmodules From 480fb69be0dfc772e2bb4ee941c09c4f6fd19214 Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Sun, 8 Sep 2024 22:49:38 +0200 Subject: [PATCH 11/24] Changing submodules no longer needed Submodules are now adopted on the fly with sed --- .gitmodules | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitmodules b/.gitmodules index 64f7503..7ff65fe 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,6 +1,6 @@ [submodule "submodules/rusty-http-cache-semantics"] path = submodules/rusty-http-cache-semantics - url = https://github.com/junkurihara/rusty-http-cache-semantics.git + url = git@github.com:junkurihara/rusty-http-cache-semantics.git [submodule "submodules/rustls-acme"] path = submodules/rustls-acme - url = https://github.com/junkurihara/rustls-acme.git + url = git@github.com:junkurihara/rustls-acme.git From 11135e3e1c8559150766a4d950a70236f121b3fe Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Tue, 10 Sep 2024 11:28:19 +0200 Subject: [PATCH 12/24] Add redirection port to config --- .build/config.toml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.build/config.toml b/.build/config.toml index 8a453ae..40279c4 100644 --- a/.build/config.toml +++ b/.build/config.toml @@ -10,6 +10,12 @@ listen_port = 80 listen_port_tls = 443 +# Optional: If your https is listening on a custom port like 8443 +# When you specify this, the server sends a redirection response 301 with specified port to the client for plaintext http request. +# Otherwise, the server sends 301 with the same port as `listen_port_tls`. +# disabled means http -> https and enabled means http -> https: +# https_redirection_port = 443 + # Optional for h2 and http1.1 tcp_listen_backlog = 1024 @@ -85,4 +91,4 @@ max_cache_each_size_on_memory = 4096 # optional. default is 4k if 0, it is alway [experimental.acme] dir_url = "https://acme-v02.api.letsencrypt.org/directory" email = "test@example.com" -registry_path = "/etc/rpxy/acme_registry" \ No newline at end of file +registry_path = "/etc/rpxy/acme_registry" From 76dfd09beceedddfc06645cf4914c2b377a285c4 Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Tue, 10 Sep 2024 16:33:31 +0200 Subject: [PATCH 13/24] Add RPM support to rpxy-start.sh --- .build/rpxy-start.sh | 73 ++++++++++++++++++++++++++++++++------------ 1 file changed, 53 insertions(+), 20 deletions(-) diff --git a/.build/rpxy-start.sh b/.build/rpxy-start.sh index 199e5c6..e09ffe4 100644 --- a/.build/rpxy-start.sh +++ b/.build/rpxy-start.sh @@ -1,29 +1,62 @@ #!/bin/bash +set -e + +CACHE_DIR="/tmp/rpxy/.cache" +CONFIG_DIR="/etc/rpxy" +CONFIG_FILE="$CONFIG_DIR/config.toml" +WEBUI_CONFIG="/var/www/rpxy-webui/storage/app/config.toml" +COMMENT_MARKER="# IMPORTANT: DEACTIVATED This config is deactivated because rpxy-webui is installed" + # Ensure the cache directory exists as it could get deleted on system restart -if [ ! -d /tmp/rpxy/.cache ]; then +create_cache_dir() { # Create the temporary directory for rpxy - mkdir -p /tmp/rpxy/.cache + mkdir -p "$CACHE_DIR" chown -R rpxy:rpxy /tmp/rpxy - chmod 700 /tmp/rpxy/.cache -fi + chmod 700 "$CACHE_DIR" +} # Check if rpxy-webui is installed -if dpkg-query -W -f='${Status}' rpxy-webui 2>/dev/null | grep -q "install ok installed"; then - echo "rpxy-webui is installed. Starting rpxy with rpxy-webui" - exec /usr/bin/rpxy -w -c /var/www/rpxy-webui/storage/app/config.toml -else - echo "rpxy-webui is not installed. Starting with default config" - - # Ensure the /etc/rpxy directory exists - if [ ! -d /etc/rpxy ]; then - mkdir -p /etc/rpxy +is_package_installed() { + if command -v rpm >/dev/null 2>&1; then + rpm -q "$1" >/dev/null 2>&1 + elif command -v dpkg-query >/dev/null 2>&1; then + dpkg-query -W -f='${Status}' "$1" 2>/dev/null | grep -q "install ok installed" + else + echo "Neither rpm nor dpkg-query found. Cannot verify installation status of rpxy-webui package." >&2 + return 1 fi - - # Create the config file if it doesn't exist - if [ ! -f /etc/rpxy/config.toml ]; then - echo "# Default rpxy config file" > /etc/rpxy/config.toml +} + +# Create the config file if it doesn't exist +ensure_config_exists() { + mkdir -p "$CONFIG_DIR" + [ -f "$CONFIG_FILE" ] || echo "# Standard rpxy Konfigurationsdatei" > "$CONFIG_FILE" +} + +add_comment_to_config() { + if ! grep -q "^$COMMENT_MARKER" "$CONFIG_FILE"; then + sed -i "1i$COMMENT_MARKER\n" "$CONFIG_FILE" fi - - exec /usr/bin/rpxy -c /etc/rpxy/config.toml -fi +} + +remove_comment_from_config() { + sed -i "/^$COMMENT_MARKER/d" "$CONFIG_FILE" +} + +main() { + [ -d "$CACHE_DIR" ] || create_cache_dir + ensure_config_exists + + if is_package_installed rpxy-webui; then + echo "rpxy-webui is installed. Starting rpxy with rpxy-webui" + add_comment_to_config + exec /usr/bin/rpxy -w -c "$WEBUI_CONFIG" + else + echo "rpxy-webui is not installed. Starting with default config" + remove_comment_from_config + exec /usr/bin/rpxy -c "$CONFIG_FILE" + fi +} + +main "$@" From ce4316d15fdc1f46f888bbf01d59cbd34d4a54e4 Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Tue, 10 Sep 2024 16:40:00 +0200 Subject: [PATCH 14/24] Optimize rpxy.service to use more systemd features ...insted of manually managing them. --- .build/rpxy.service | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/.build/rpxy.service b/.build/rpxy.service index 606384b..49d4379 100644 --- a/.build/rpxy.service +++ b/.build/rpxy.service @@ -1,12 +1,23 @@ [Unit] -Description=rpxy Service +Description=rpxy system service +Documentation=https://github.com/junkurihara/rust-rpxy After=network.target - +Wants=network-online.target + [Service] +Type=simple ExecStart=/usr/local/bin/rpxy-start.sh -Restart=always +Restart=on-failure +RestartSec=5 User=rpxy +Group=rpxy AmbientCapabilities=CAP_NET_BIND_SERVICE - +NoNewPrivileges=true +PrivateTmp=true +ProtectSystem=full +ProtectHome=true +RuntimeDirectory=rpxy +RuntimeDirectoryMode=0750 + [Install] WantedBy=multi-user.target From c241215149774cad5bcdd1f85157ca0c05dc7a95 Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Tue, 10 Sep 2024 16:59:47 +0200 Subject: [PATCH 15/24] Use systemd folders in rpxy-start.sh --- .build/rpxy-start.sh | 37 ++++++++++++++++++++++++++++++------- 1 file changed, 30 insertions(+), 7 deletions(-) diff --git a/.build/rpxy-start.sh b/.build/rpxy-start.sh index e09ffe4..a4158bd 100644 --- a/.build/rpxy-start.sh +++ b/.build/rpxy-start.sh @@ -8,12 +8,35 @@ CONFIG_FILE="$CONFIG_DIR/config.toml" WEBUI_CONFIG="/var/www/rpxy-webui/storage/app/config.toml" COMMENT_MARKER="# IMPORTANT: DEACTIVATED This config is deactivated because rpxy-webui is installed" -# Ensure the cache directory exists as it could get deleted on system restart -create_cache_dir() { - # Create the temporary directory for rpxy - mkdir -p "$CACHE_DIR" - chown -R rpxy:rpxy /tmp/rpxy - chmod 700 "$CACHE_DIR" +setup_directories() { + # Check if systemd is available + if [ -d /run/systemd/system ]; then + # Use systemd RuntimeDirectory if available + if [ -d /run/rpxy ]; then + RUNTIME_DIR="/run/rpxy" + # If not available use PrivateTmp + elif [ -d /tmp/systemd-private-*/tmp ]; then + RUNTIME_DIR=$(find /tmp/systemd-private-*/tmp -type d -name "rpxy" 2>/dev/null | head -n 1) + fi + + # Create subdirectory for cache + CACHE_DIR="$RUNTIME_DIR/.cache" + # Ensure the cache directory exists as it could get deleted on system restart + mkdir -p "$CACHE_DIR" + chown rpxy:rpxy "$CACHE_DIR" # not recursively because parent folder is managed by systemd + chmod 700 "$CACHE_DIR" + else + # Fallback to linux tmp directory if no systemd is found + RUNTIME_DIR="/tmp/rpxy" + CACHE_DIR="$RUNTIME_DIR/.cache" + # Ensure the cache directory exists as it could get deleted on system restart + mkdir -p "$CACHE_DIR" + chown -R rpxy:rpxy "$RUNTIME_DIR" + chmod 700 "$CACHE_DIR" + fi + + echo "Using runtime directory: $RUNTIME_DIR" + echo "Using cache directory: $CACHE_DIR" } # Check if rpxy-webui is installed @@ -45,7 +68,7 @@ remove_comment_from_config() { } main() { - [ -d "$CACHE_DIR" ] || create_cache_dir + setup_directories ensure_config_exists if is_package_installed rpxy-webui; then From 120ad601c111bebe74e72b93d6d24947eb80545e Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Tue, 10 Sep 2024 18:35:15 +0200 Subject: [PATCH 16/24] Simplifying Jenkinsfile and making it more granular for reporting --- .build/Jenkinsfile | 249 +++++++++++++++++++++++---------------------- 1 file changed, 130 insertions(+), 119 deletions(-) diff --git a/.build/Jenkinsfile b/.build/Jenkinsfile index a3b253d..611f297 100644 --- a/.build/Jenkinsfile +++ b/.build/Jenkinsfile @@ -1,10 +1,16 @@ pipeline { agent none - parameters { - string(name: 'BUILD_VERSION', defaultValue: '', description: 'Build version for the distribution packages') + + environment { + // Define common variables used throughout the pipeline + REPO_URL = 'https://github.com/junkurihara/rust-rpxy.git' + BINARY_NAME = 'rpxy' + // BUILD_VERSION is not set because it will be extracted from Cargo.toml in the first step + BUILD_VERSION = '' } + stages { - stage('Build Binary and Prepare Files') { + stage('Prepare Build Environment') { agent { kubernetes { inheritFrom 'default' @@ -23,65 +29,73 @@ pipeline { } steps { container('rust-cargo') { - script { - // Install git + // Step to install necessary tools + step('Install Git') { sh 'apt-get update && apt-get -y install git --no-install-recommends' - // Clone git repo - sh 'git clone https://github.com/junkurihara/rust-rpxy.git' + } + + // Step to clone and prepare the repository + step('Clone and Prepare Repository') { + // Clone the repository + sh "git clone ${REPO_URL}" + dir('rust-rpxy') { sh """ - sed -i 's|git@github.com:junkurihara/rusty-http-cache-semantics.git|https://github.com/junkurihara/rusty-http-cache-semantics.git|g' .gitmodules - sed -i 's|git@github.com:junkurihara/rustls-acme.git|https://github.com/junkurihara/rustls-acme.git|g' .gitmodules - """ - // Load required submodules - sh 'git submodule update --init' - // Compile rustc binary - sh 'cargo build --release' + # Update submodule URLs to HTTPS (allows cloning without SSH keys) + sed -i 's|git@github.com:|https://github.com/|g' .gitmodules - // Extract the version from Cargo.toml if not passed as parameter - if (params.BUILD_VERSION == "") { - def versionMatch = sh(script: 'grep "^version" Cargo.toml | sed \'s/version = "\\([0-9.]*\\)"/\\1/\'', returnStdout: true).trim() - if (versionMatch) { - env.BUILD_VERSION = versionMatch - echo "Using extracted version: ${env.BUILD_VERSION}" - } else { - error "Version not found in Cargo.toml" - } - } else { - env.BUILD_VERSION = params.BUILD_VERSION - echo "Using provided build version: ${env.BUILD_VERSION}" + # Initialize and update submodules + git submodule update --init + """ + } + } + + // Step to extract BUILD_VERSION from Cargo.toml + step('Extract BUILD_VERSION') { + script { + dir('rust-rpxy') { + // Extract version from Cargo.toml and set it as an environment variable + env.BUILD_VERSION = sh(script: "grep '^version' Cargo.toml | sed -E 's/version = \"(.+)\"/\\1/'", returnStdout: true).trim() + echo "Using extracted version: ${env.BUILD_VERSION}" } } - // Stash the binary for later use in package building stages - sh 'mv rust-rpxy/target/release/rpxy .' - stash includes: "rpxy", name: "rpxy" + } - // Stash the service, control, and spec files for later use - sh ''' - mv rust-rpxy/.build/DEB/control . - mv rust-rpxy/.build/DEB/postinst . - mv rust-rpxy/.build/DEB/prerm . - mv rust-rpxy/.build/DEB/postrm . - mv rust-rpxy/.build/RPM/rpxy.spec . - mv rust-rpxy/.build/rpxy-start.sh . - mv rust-rpxy/.build/config.toml . - mv rust-rpxy/.build/rpxy.service . - ''' + // Step to build the binary + step('Compile Binary') { + dir('rust-rpxy') { + // Build the release version of the binary + sh 'cargo build --release' + } + } + + // Step to prepare and stash files + step('Prepare and Stash Files') { + sh """ + # Move binary to workspace root for easier access + mv rust-rpxy/target/release/${BINARY_NAME} . + + # Move necessary files for packaging + mv rust-rpxy/.build/DEB/{control,postinst,prerm,postrm} . + mv rust-rpxy/.build/RPM/${BINARY_NAME}.spec . + mv rust-rpxy/.build/{rpxy-start.sh,config.toml,rpxy.service} . + mv rust-rpxy/{LICENSE,README.md} . + """ + + // Stash files for use in later stages + stash includes: "${BINARY_NAME}", name: "binary" stash includes: "control, postinst, prerm, postrm, rpxy-start.sh", name: "deb-files" - stash includes: "rpxy.spec", name: "rpm-files" + stash includes: "${BINARY_NAME}.spec", name: "rpm-files" stash includes: "rpxy.service, config.toml", name: "service-file" - - // Stash LICENSE and README.md - sh 'mv rust-rpxy/LICENSE .' - sh 'mv rust-rpxy/README.md .' stash includes: "LICENSE, README.md", name: "docs" - - // Archive the binary and create fingerprint - archiveArtifacts artifacts: "rpxy", allowEmptyArchive: false, fingerprint: true + + // Archive the binary as an artifact + archiveArtifacts artifacts: "${BINARY_NAME}", allowEmptyArchive: false, fingerprint: true } } } } + stage('Build RPM Package') { agent { kubernetes { @@ -101,43 +115,46 @@ pipeline { } steps { container('rpm-build') { - script { - // Unstash the necessary files for this stage - unstash 'rpxy' + // Step to prepare the RPM build environment + step('Prepare RPM Build Environment') { + // Unstash necessary files + unstash 'binary' unstash 'rpm-files' unstash 'service-file' unstash 'docs' - - // Install required tools + + // Install necessary tools for RPM building sh 'dnf update -y && dnf install -y rpmdevtools tar' - - // Create a tar.gz archive containing all necessary files + } + + // Step to create the RPM package + step('Create RPM Package') { sh """ - mkdir -p rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} - mkdir -p rpxy-${env.BUILD_VERSION} - mv rpxy rpxy.service LICENSE README.md config.toml rpxy-${env.BUILD_VERSION}/ - tar -czf rpmbuild/SOURCES/rpxy-${env.BUILD_VERSION}.tar.gz rpxy-${env.BUILD_VERSION}/ - rm -rf rpxy-${env.BUILD_VERSION} + # Create RPM build directory structure + mkdir -p rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} + mkdir -p ${BINARY_NAME}-${BUILD_VERSION} + + # Move files to the appropriate locations + mv ${BINARY_NAME} ${BINARY_NAME}.service LICENSE README.md config.toml ${BINARY_NAME}-${BUILD_VERSION}/ + tar -czf rpmbuild/SOURCES/${BINARY_NAME}-${BUILD_VERSION}.tar.gz ${BINARY_NAME}-${BUILD_VERSION}/ + mv ${BINARY_NAME}.spec rpmbuild/SPECS/ + + # Update spec file with correct version and source + sed -i 's/@BUILD_VERSION@/${BUILD_VERSION}/g; s/@Source0@/${BINARY_NAME}-${BUILD_VERSION}.tar.gz/g' rpmbuild/SPECS/${BINARY_NAME}.spec + + # Build the RPM package + rpmbuild --define "_topdir ${WORKSPACE}/rpmbuild" --define "_version ${BUILD_VERSION}" -bb rpmbuild/SPECS/${BINARY_NAME}.spec """ - - // Move the RPM spec file - sh 'mv rpxy.spec rpmbuild/SPECS/' - - // Replace @BUILD_VERSION@ in control file with actual version - sh "sed -i 's/@BUILD_VERSION@/${env.BUILD_VERSION}/' rpmbuild/SPECS/rpxy.spec" - - // Replace @Source0@ in control file with actual version - sh "sed -i 's/@Source0@/rpxy-${env.BUILD_VERSION}.tar.gz/' rpmbuild/SPECS/rpxy.spec" - - // Build the RPM package - sh "rpmbuild --define '_topdir ${WORKSPACE}/rpmbuild' --define '_version ${env.BUILD_VERSION}' -bb rpmbuild/SPECS/rpxy.spec" - - // Archive the RPM package and create fingerprint - archiveArtifacts artifacts: "rpmbuild/RPMS/x86_64/rpxy-${env.BUILD_VERSION}-1.el9.x86_64.rpm", allowEmptyArchive: false, fingerprint: true + } + + // Step to archive the RPM package + step('Archive RPM Package') { + archiveArtifacts artifacts: "rpmbuild/RPMS/x86_64/${BINARY_NAME}-${BUILD_VERSION}-1.el9.x86_64.rpm", allowEmptyArchive: false, fingerprint: true } } } } + stage('Build DEB Package') { agent { kubernetes { @@ -157,55 +174,49 @@ pipeline { } steps { container('debian-build') { - script { - // Unstash the necessary files for this stage - unstash 'rpxy' + // Step to prepare the DEB build environment + step('Prepare DEB Build Environment') { + // Unstash necessary files + unstash 'binary' unstash 'deb-files' unstash 'service-file' unstash 'docs' - - // Install required tools - sh 'apt-get update && apt-get install --no-install-recommends -y dpkg-dev' - - // Create folder structure + + // Install necessary tools for DEB building + sh 'apt-get update && apt-get install -y dpkg-dev --no-install-recommends' + } + + // Step to create the DEB package + step('Create DEB Package') { sh """ - mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/bin - mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin - mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/etc/systemd/system - mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/usr/share/doc/rpxy - mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/etc/rpxy/acme_registry - mkdir -p rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN + # Define DEB package directory + DEB_DIR=${BINARY_NAME}_${BUILD_VERSION}-1_amd64 + + # Create directory structure for DEB package + mkdir -p $DEB_DIR/{DEBIAN,usr/{bin,local/bin,share/doc/${BINARY_NAME}},etc/{systemd/system,${BINARY_NAME}/acme_registry}} + + # Move files to appropriate locations + mv {postinst,prerm,postrm} $DEB_DIR/DEBIAN/ + chmod 755 $DEB_DIR/DEBIAN/{postinst,prerm,postrm} + mv rpxy-start.sh $DEB_DIR/usr/local/bin/ + chmod 0755 $DEB_DIR/usr/local/bin/rpxy-start.sh + mv ${BINARY_NAME} $DEB_DIR/usr/bin/ + mv rpxy.service $DEB_DIR/etc/systemd/system/ + mv {LICENSE,README.md} $DEB_DIR/usr/share/doc/${BINARY_NAME}/ + mv config.toml $DEB_DIR/etc/${BINARY_NAME}/ + mv control $DEB_DIR/DEBIAN/ + + # Update control file with correct version + sed -i 's/@BUILD_VERSION@/${BUILD_VERSION}/' $DEB_DIR/DEBIAN/control + + # Build the DEB package + dpkg-deb --build --root-owner-group $DEB_DIR """ - - // Move postinstall, pre-removal and start-wrapper scripts - sh """ - mv postinst rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ - chmod 755 rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/postinst - mv prerm rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ - chmod 755 rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/prerm - mv postrm rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ - chmod 755 rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/postrm - mv rpxy-start.sh rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin/ - chmod 0755 rpxy_${env.BUILD_VERSION}-1_amd64/usr/local/bin/rpxy-start.sh - """ - - // Move binary, service, control and config file, LICENSE, and README.md - sh """ - mv rpxy rpxy_${env.BUILD_VERSION}-1_amd64/usr/bin/ - mv rpxy.service rpxy_${env.BUILD_VERSION}-1_amd64/etc/systemd/system/ - mv LICENSE README.md rpxy_${env.BUILD_VERSION}-1_amd64/usr/share/doc/rpxy/ - mv config.toml rpxy_${env.BUILD_VERSION}-1_amd64/etc/rpxy/ - mv control rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/ - """ - - // Replace @BUILD_VERSION@ in control file with actual version - sh "sed -i 's/@BUILD_VERSION@/${env.BUILD_VERSION}/' rpxy_${env.BUILD_VERSION}-1_amd64/DEBIAN/control" - - // Build the DEB package - sh "dpkg-deb --build --root-owner-group rpxy_${env.BUILD_VERSION}-1_amd64" - - // Archive the DEB package and create fingerprint - archiveArtifacts artifacts: "rpxy_${env.BUILD_VERSION}-1_amd64.deb", allowEmptyArchive: false, fingerprint: true + } + + // Step to archive the DEB package + step('Archive DEB Package') { + archiveArtifacts artifacts: "${DEB_DIR}.deb", allowEmptyArchive: false, fingerprint: true } } } From 06d9cdf7e7e2dabaf3f69801c324f2f30dbfd7df Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Tue, 10 Sep 2024 21:41:58 +0200 Subject: [PATCH 17/24] Use systemd scriptlets in rpxy.spec --- .build/RPM/rpxy.spec | 76 ++++++++++++++++++++------------------------ 1 file changed, 34 insertions(+), 42 deletions(-) diff --git a/.build/RPM/rpxy.spec b/.build/RPM/rpxy.spec index 5f664c9..16e3ec1 100644 --- a/.build/RPM/rpxy.spec +++ b/.build/RPM/rpxy.spec @@ -13,74 +13,66 @@ Requires: systemd %description This rpm installs rpxy into /usr/bin and sets up a systemd service. +# Prep section: Unpack the source %prep %autosetup +# Install section: Copy files to their destinations %install rm -rf %{buildroot} -# Copy binary -mkdir -p %{buildroot}%{_bindir} -cp rpxy %{buildroot}%{_bindir}/ -# Create systemd service -mkdir -p %{buildroot}%{_sysconfdir}/systemd/system -cp rpxy.service %{buildroot}%{_sysconfdir}/systemd/system/ -# Create config directory -mkdir -p %{buildroot}%{_sysconfdir}/rpxy/acme_registry -cp config.toml %{buildroot}%{_sysconfdir}/rpxy/ -# Copy documentation -mkdir -p %{buildroot}%{_docdir}/rpxy -cp LICENSE %{buildroot}%{_docdir}/rpxy/ -cp README.md %{buildroot}%{_docdir}/rpxy/ +# Create necessary directories +mkdir -p %{buildroot}%{_bindir} +mkdir -p %{buildroot}%{_sysconfdir}/systemd/system +mkdir -p %{buildroot}%{_sysconfdir}/rpxy/acme_registry +mkdir -p %{buildroot}%{_docdir}/rpxy + +# Copy files +cp rpxy %{buildroot}%{_bindir}/ +cp rpxy.service %{buildroot}%{_sysconfdir}/systemd/system/ +cp config.toml %{buildroot}%{_sysconfdir}/rpxy/ +cp LICENSE README.md %{buildroot}%{_docdir}/rpxy/ + +# Clean section: Remove buildroot %clean rm -rf %{buildroot} +# Pre-install script %pre # Create the rpxy user if it does not exist -if ! id rpxy >/dev/null 2>&1; then - /usr/sbin/useradd -r -s /bin/false -d / -c "rpxy system user" rpxy +if ! getent passwd rpxy >/dev/null; then + useradd -r -s /sbin/nologin -d / -c "rpxy system user" rpxy fi +# Post-install script %post # Set ownership of config file to rpxy user chown -R rpxy:rpxy %{_sysconfdir}/rpxy # Reload systemd, enable and start rpxy service -systemctl daemon-reload -systemctl enable rpxy -if [ $1 -eq 1 ]; then - systemctl start rpxy -fi +%systemd_post rpxy.service +# Pre-uninstall script %preun -# Stop the service on uninstall or upgrade -if [ $1 -eq 0 ]; then - systemctl stop rpxy -fi +%systemd_preun rpxy.service +# Post-uninstall script %postun -# On uninstall, disable the service and reload systemd +%systemd_postun_with_restart rpxy.service + +# Only remove user and config on full uninstall if [ $1 -eq 0 ]; then - systemctl disable rpxy - systemctl daemon-reload -fi - -# Remove rpxy user only if package is being completely removed (not upgraded) -if [ $1 -eq 0 ]; then - # Check if the rpxy user exists before attempting to delete - if id rpxy >/dev/null 2>&1; then - /usr/sbin/userdel rpxy - fi - - # Remove the configuration directory if it exists and is empty - if [ -d %{_sysconfdir}/rpxy ]; then - rm -rf %{_sysconfdir}/rpxy - fi + # Remove rpxy user + userdel rpxy + + # Remove the configuration directory if it exists + [ -d %{_sysconfdir}/rpxy ] && rm -rf %{_sysconfdir}/rpxy fi +# Files section: List all files included in the package %files %license %{_docdir}/rpxy/LICENSE %doc %{_docdir}/rpxy/README.md %{_sysconfdir}/systemd/system/rpxy.service -%attr(-, rpxy, rpxy) %{_bindir}/rpxy -%attr(-, rpxy, rpxy) %config(noreplace) %{_sysconfdir}/rpxy/config.toml +%attr(755, rpxy, rpxy) %{_bindir}/rpxy +%attr(644, rpxy, rpxy) %config(noreplace) %{_sysconfdir}/rpxy/config.toml From 9a1fbe8bee84edb25fb35b3347b7a41a444d6f01 Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Tue, 10 Sep 2024 21:59:34 +0200 Subject: [PATCH 18/24] Update DEB install scripts to use systemd scriptlets --- .build/DEB/postinst | 31 +++++++++++++++++++++++-------- .build/DEB/postrm | 21 +++++++++++++-------- .build/DEB/prerm | 10 ++++------ .build/rpxy-start.sh | 2 +- 4 files changed, 41 insertions(+), 23 deletions(-) diff --git a/.build/DEB/postinst b/.build/DEB/postinst index b3f180e..0ec4552 100644 --- a/.build/DEB/postinst +++ b/.build/DEB/postinst @@ -1,20 +1,35 @@ -#!/bin/bash - +#!/bin/sh set -e +# Source debconf library +. /usr/share/debconf/confmodule + # Create rpxy user if it doesn't exist -if ! id rpxy >/dev/null 2>&1; then - useradd --system --no-create-home --shell /usr/sbin/nologin rpxy +if ! getent passwd rpxy > /dev/null; then + adduser --system --group --no-create-home --shell /usr/sbin/nologin rpxy fi -# Set correct user for config directory +# Set correct ownership for config directory if [ -d /etc/rpxy ]; then chown -R rpxy:rpxy /etc/rpxy fi # Reload systemd, enable and start the service -systemctl daemon-reload -systemctl enable rpxy -systemctl start rpxy +if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then + deb-systemd-helper unmask rpxy.service >/dev/null || true + if deb-systemd-helper --quiet was-enabled rpxy.service; then + deb-systemd-helper enable rpxy.service >/dev/null || true + else + deb-systemd-helper update-state rpxy.service >/dev/null || true + fi + if [ -d /run/systemd/system ]; then + systemctl --system daemon-reload >/dev/null || true + if [ -n "$2" ]; then + deb-systemd-invoke try-restart rpxy.service >/dev/null || true + else + deb-systemd-invoke start rpxy.service >/dev/null || true + fi + fi +fi exit 0 diff --git a/.build/DEB/postrm b/.build/DEB/postrm index b88f939..4cfa3ea 100644 --- a/.build/DEB/postrm +++ b/.build/DEB/postrm @@ -1,17 +1,22 @@ -#!/bin/bash - +#!/bin/sh set -e -# Remove the rpxy user and configuration directory only if purging the package if [ "$1" = "purge" ]; then - if id rpxy >/dev/null 2>&1; then - userdel rpxy + # Remove the rpxy user + if getent passwd rpxy >/dev/null; then + deluser --quiet --system rpxy >/dev/null || true fi # Remove config directory - if [ -d /etc/rpxy ]; then - rm -rf /etc/rpxy - fi + rm -rf /etc/rpxy + + # Remove systemd service state + deb-systemd-helper purge rpxy.service >/dev/null || true + deb-systemd-helper unmask rpxy.service >/dev/null || true +fi + +if [ -d /run/systemd/system ]; then + systemctl --system daemon-reload >/dev/null || true fi exit 0 diff --git a/.build/DEB/prerm b/.build/DEB/prerm index d4548d6..d088bc4 100644 --- a/.build/DEB/prerm +++ b/.build/DEB/prerm @@ -1,10 +1,8 @@ -#!/bin/bash - +#!/bin/sh set -e -# Stop and disable the service before removing -systemctl stop rpxy || true -systemctl disable rpxy || true -systemctl daemon-reload +if [ -d /run/systemd/system ] && [ "$1" = remove ]; then + deb-systemd-invoke stop rpxy.service >/dev/null || true +fi exit 0 diff --git a/.build/rpxy-start.sh b/.build/rpxy-start.sh index a4158bd..97800da 100644 --- a/.build/rpxy-start.sh +++ b/.build/rpxy-start.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh set -e From 8d87461f2130c3765dcf60e3440187f13d6456c1 Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Tue, 10 Sep 2024 23:05:53 +0200 Subject: [PATCH 19/24] Fix stepping in Jenkinsfile --- .build/Jenkinsfile | 222 ++++++++++++++++++++------------------------- 1 file changed, 96 insertions(+), 126 deletions(-) diff --git a/.build/Jenkinsfile b/.build/Jenkinsfile index 611f297..739cf73 100644 --- a/.build/Jenkinsfile +++ b/.build/Jenkinsfile @@ -29,69 +29,53 @@ pipeline { } steps { container('rust-cargo') { - // Step to install necessary tools - step('Install Git') { - sh 'apt-get update && apt-get -y install git --no-install-recommends' - } + // Install git + sh 'apt-get update && apt-get -y install git --no-install-recommends' - // Step to clone and prepare the repository - step('Clone and Prepare Repository') { - // Clone the repository - sh "git clone ${REPO_URL}" + // Clone and Prepare Repository + sh "git clone ${REPO_URL}" - dir('rust-rpxy') { - sh """ - # Update submodule URLs to HTTPS (allows cloning without SSH keys) - sed -i 's|git@github.com:|https://github.com/|g' .gitmodules - - # Initialize and update submodules - git submodule update --init - """ - } - } + dir('rust-rpxy') { + sh """ + # Update submodule URLs to HTTPS (allows cloning without SSH keys) + sed -i 's|git@github.com:|https://github.com/|g' .gitmodules + + # Initialize and update submodules + git submodule update --init + """ - // Step to extract BUILD_VERSION from Cargo.toml - step('Extract BUILD_VERSION') { + // Extract BUILD_VERSION from Cargo.toml script { - dir('rust-rpxy') { - // Extract version from Cargo.toml and set it as an environment variable - env.BUILD_VERSION = sh(script: "grep '^version' Cargo.toml | sed -E 's/version = \"(.+)\"/\\1/'", returnStdout: true).trim() - echo "Using extracted version: ${env.BUILD_VERSION}" - } + // Extract version from Cargo.toml and set it as an environment variable + env.BUILD_VERSION = sh(script: "grep '^version' Cargo.toml | sed -E 's/version = \"(.+)\"/\\1/'", returnStdout: true).trim() + echo "Using extracted version: ${env.BUILD_VERSION}" } - } - // Step to build the binary - step('Compile Binary') { - dir('rust-rpxy') { - // Build the release version of the binary - sh 'cargo build --release' - } - } + // Build the binary + sh 'cargo build --release' - // Step to prepare and stash files - step('Prepare and Stash Files') { + // Prepare and stash files sh """ # Move binary to workspace root for easier access - mv rust-rpxy/target/release/${BINARY_NAME} . - + mv target/release/${BINARY_NAME} .. + # Move necessary files for packaging - mv rust-rpxy/.build/DEB/{control,postinst,prerm,postrm} . - mv rust-rpxy/.build/RPM/${BINARY_NAME}.spec . - mv rust-rpxy/.build/{rpxy-start.sh,config.toml,rpxy.service} . - mv rust-rpxy/{LICENSE,README.md} . + mv .build/DEB/{control,postinst,prerm,postrm} .. + mv .build/RPM/${BINARY_NAME}.spec .. + mv .build/{rpxy-start.sh,config.toml,rpxy.service} .. + mv ./{LICENSE,README.md} .. """ - - // Stash files for use in later stages - stash includes: "${BINARY_NAME}", name: "binary" - stash includes: "control, postinst, prerm, postrm, rpxy-start.sh", name: "deb-files" - stash includes: "${BINARY_NAME}.spec", name: "rpm-files" - stash includes: "rpxy.service, config.toml", name: "service-file" - stash includes: "LICENSE, README.md", name: "docs" - - // Archive the binary as an artifact - archiveArtifacts artifacts: "${BINARY_NAME}", allowEmptyArchive: false, fingerprint: true } + + // Stash files for use in later stages + stash includes: "${BINARY_NAME}", name: "binary" + stash includes: "control, postinst, prerm, postrm, rpxy-start.sh", name: "deb-files" + stash includes: "${BINARY_NAME}.spec", name: "rpm-files" + stash includes: "rpxy.service, config.toml", name: "service-file" + stash includes: "LICENSE, README.md", name: "docs" + + // Archive the binary as an artifact + archiveArtifacts artifacts: "${BINARY_NAME}", allowEmptyArchive: false, fingerprint: true } } } @@ -115,42 +99,35 @@ pipeline { } steps { container('rpm-build') { - // Step to prepare the RPM build environment - step('Prepare RPM Build Environment') { - // Unstash necessary files - unstash 'binary' - unstash 'rpm-files' - unstash 'service-file' - unstash 'docs' + // Prepare the RPM build environment + unstash 'binary' + unstash 'rpm-files' + unstash 'service-file' + unstash 'docs' - // Install necessary tools for RPM building - sh 'dnf update -y && dnf install -y rpmdevtools tar' - } + // Install necessary tools for RPM building + sh 'dnf update -y && dnf install -y rpmdevtools tar' - // Step to create the RPM package - step('Create RPM Package') { - sh """ - # Create RPM build directory structure - mkdir -p rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} - mkdir -p ${BINARY_NAME}-${BUILD_VERSION} - - # Move files to the appropriate locations - mv ${BINARY_NAME} ${BINARY_NAME}.service LICENSE README.md config.toml ${BINARY_NAME}-${BUILD_VERSION}/ - tar -czf rpmbuild/SOURCES/${BINARY_NAME}-${BUILD_VERSION}.tar.gz ${BINARY_NAME}-${BUILD_VERSION}/ - mv ${BINARY_NAME}.spec rpmbuild/SPECS/ - - # Update spec file with correct version and source - sed -i 's/@BUILD_VERSION@/${BUILD_VERSION}/g; s/@Source0@/${BINARY_NAME}-${BUILD_VERSION}.tar.gz/g' rpmbuild/SPECS/${BINARY_NAME}.spec - - # Build the RPM package - rpmbuild --define "_topdir ${WORKSPACE}/rpmbuild" --define "_version ${BUILD_VERSION}" -bb rpmbuild/SPECS/${BINARY_NAME}.spec - """ - } + // Create the RPM package + sh """ + # Create RPM build directory structure + mkdir -p rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} + mkdir -p ${BINARY_NAME}-${BUILD_VERSION} + + # Move files to the appropriate locations + mv ${BINARY_NAME} ${BINARY_NAME}.service LICENSE README.md config.toml ${BINARY_NAME}-${BUILD_VERSION}/ + tar -czf rpmbuild/SOURCES/${BINARY_NAME}-${BUILD_VERSION}.tar.gz ${BINARY_NAME}-${BUILD_VERSION}/ + mv ${BINARY_NAME}.spec rpmbuild/SPECS/ + + # Update spec file with correct version and source + sed -i 's/@BUILD_VERSION@/${BUILD_VERSION}/g; s/@Source0@/${BINARY_NAME}-${BUILD_VERSION}.tar.gz/g' rpmbuild/SPECS/${BINARY_NAME}.spec + + # Build the RPM package + rpmbuild --define "_topdir ${WORKSPACE}/rpmbuild" --define "_version ${BUILD_VERSION}" -bb rpmbuild/SPECS/${BINARY_NAME}.spec + """ - // Step to archive the RPM package - step('Archive RPM Package') { - archiveArtifacts artifacts: "rpmbuild/RPMS/x86_64/${BINARY_NAME}-${BUILD_VERSION}-1.el9.x86_64.rpm", allowEmptyArchive: false, fingerprint: true - } + // Archive the RPM package + archiveArtifacts artifacts: "rpmbuild/RPMS/x86_64/${BINARY_NAME}-${BUILD_VERSION}-1.el9.x86_64.rpm", allowEmptyArchive: false, fingerprint: true } } } @@ -174,50 +151,43 @@ pipeline { } steps { container('debian-build') { - // Step to prepare the DEB build environment - step('Prepare DEB Build Environment') { - // Unstash necessary files - unstash 'binary' - unstash 'deb-files' - unstash 'service-file' - unstash 'docs' - - // Install necessary tools for DEB building - sh 'apt-get update && apt-get install -y dpkg-dev --no-install-recommends' - } + // Prepare the DEB build environment + unstash 'binary' + unstash 'deb-files' + unstash 'service-file' + unstash 'docs' + + // Install necessary tools for DEB building + sh 'apt-get update && apt-get install -y dpkg-dev --no-install-recommends' - // Step to create the DEB package - step('Create DEB Package') { - sh """ - # Define DEB package directory - DEB_DIR=${BINARY_NAME}_${BUILD_VERSION}-1_amd64 - - # Create directory structure for DEB package - mkdir -p $DEB_DIR/{DEBIAN,usr/{bin,local/bin,share/doc/${BINARY_NAME}},etc/{systemd/system,${BINARY_NAME}/acme_registry}} - - # Move files to appropriate locations - mv {postinst,prerm,postrm} $DEB_DIR/DEBIAN/ - chmod 755 $DEB_DIR/DEBIAN/{postinst,prerm,postrm} - mv rpxy-start.sh $DEB_DIR/usr/local/bin/ - chmod 0755 $DEB_DIR/usr/local/bin/rpxy-start.sh - mv ${BINARY_NAME} $DEB_DIR/usr/bin/ - mv rpxy.service $DEB_DIR/etc/systemd/system/ - mv {LICENSE,README.md} $DEB_DIR/usr/share/doc/${BINARY_NAME}/ - mv config.toml $DEB_DIR/etc/${BINARY_NAME}/ - mv control $DEB_DIR/DEBIAN/ - - # Update control file with correct version - sed -i 's/@BUILD_VERSION@/${BUILD_VERSION}/' $DEB_DIR/DEBIAN/control - - # Build the DEB package - dpkg-deb --build --root-owner-group $DEB_DIR - """ - } + // Create the DEB package + sh """ + # Define DEB package directory + DEB_DIR=${BINARY_NAME}_${BUILD_VERSION}-1_amd64 + + # Create directory structure for DEB package + mkdir -p $DEB_DIR/{DEBIAN,usr/{bin,local/bin,share/doc/${BINARY_NAME}},etc/{systemd/system,${BINARY_NAME}/acme_registry}} + + # Move files to appropriate locations + mv {postinst,prerm,postrm} $DEB_DIR/DEBIAN/ + chmod 755 $DEB_DIR/DEBIAN/{postinst,prerm,postrm} + mv rpxy-start.sh $DEB_DIR/usr/local/bin/ + chmod 0755 $DEB_DIR/usr/local/bin/rpxy-start.sh + mv ${BINARY_NAME} $DEB_DIR/usr/bin/ + mv rpxy.service $DEB_DIR/etc/systemd/system/ + mv {LICENSE,README.md} $DEB_DIR/usr/share/doc/${BINARY_NAME}/ + mv config.toml $DEB_DIR/etc/${BINARY_NAME}/ + mv control $DEB_DIR/DEBIAN/ + + # Update control file with correct version + sed -i 's/@BUILD_VERSION@/${BUILD_VERSION}/' $DEB_DIR/DEBIAN/control + + # Build the DEB package + dpkg-deb --build --root-owner-group $DEB_DIR + """ - // Step to archive the DEB package - step('Archive DEB Package') { - archiveArtifacts artifacts: "${DEB_DIR}.deb", allowEmptyArchive: false, fingerprint: true - } + // Archive the DEB package + archiveArtifacts artifacts: "${DEB_DIR}.deb", allowEmptyArchive: false, fingerprint: true } } } From 53e5e2500d8429337be61db3ba32b387a809e843 Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Tue, 10 Sep 2024 23:15:44 +0200 Subject: [PATCH 20/24] Switch to test repo --- .build/Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.build/Jenkinsfile b/.build/Jenkinsfile index 739cf73..cf02a03 100644 --- a/.build/Jenkinsfile +++ b/.build/Jenkinsfile @@ -3,7 +3,7 @@ pipeline { environment { // Define common variables used throughout the pipeline - REPO_URL = 'https://github.com/junkurihara/rust-rpxy.git' + REPO_URL = 'https://github.com/Gamerboy59/rust-rpxy.git' BINARY_NAME = 'rpxy' // BUILD_VERSION is not set because it will be extracted from Cargo.toml in the first step BUILD_VERSION = '' From f860bfa52a37b3d05ed7ae0e340e1d25943608c7 Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Tue, 10 Sep 2024 23:24:15 +0200 Subject: [PATCH 21/24] Switch back to main repo --- .build/Jenkinsfile | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.build/Jenkinsfile b/.build/Jenkinsfile index cf02a03..4992d1f 100644 --- a/.build/Jenkinsfile +++ b/.build/Jenkinsfile @@ -1,14 +1,14 @@ pipeline { agent none - + environment { // Define common variables used throughout the pipeline - REPO_URL = 'https://github.com/Gamerboy59/rust-rpxy.git' + REPO_URL = 'https://github.com/junkurihara/rust-rpxy.git' BINARY_NAME = 'rpxy' // BUILD_VERSION is not set because it will be extracted from Cargo.toml in the first step BUILD_VERSION = '' } - + stages { stage('Prepare Build Environment') { agent { @@ -31,7 +31,7 @@ pipeline { container('rust-cargo') { // Install git sh 'apt-get update && apt-get -y install git --no-install-recommends' - + // Clone and Prepare Repository sh "git clone ${REPO_URL}" @@ -43,7 +43,7 @@ pipeline { # Initialize and update submodules git submodule update --init """ - + // Extract BUILD_VERSION from Cargo.toml script { // Extract version from Cargo.toml and set it as an environment variable @@ -79,7 +79,7 @@ pipeline { } } } - + stage('Build RPM Package') { agent { kubernetes { @@ -104,10 +104,10 @@ pipeline { unstash 'rpm-files' unstash 'service-file' unstash 'docs' - + // Install necessary tools for RPM building sh 'dnf update -y && dnf install -y rpmdevtools tar' - + // Create the RPM package sh """ # Create RPM build directory structure @@ -125,13 +125,13 @@ pipeline { # Build the RPM package rpmbuild --define "_topdir ${WORKSPACE}/rpmbuild" --define "_version ${BUILD_VERSION}" -bb rpmbuild/SPECS/${BINARY_NAME}.spec """ - + // Archive the RPM package archiveArtifacts artifacts: "rpmbuild/RPMS/x86_64/${BINARY_NAME}-${BUILD_VERSION}-1.el9.x86_64.rpm", allowEmptyArchive: false, fingerprint: true } } } - + stage('Build DEB Package') { agent { kubernetes { @@ -159,7 +159,7 @@ pipeline { // Install necessary tools for DEB building sh 'apt-get update && apt-get install -y dpkg-dev --no-install-recommends' - + // Create the DEB package sh """ # Define DEB package directory @@ -185,7 +185,7 @@ pipeline { # Build the DEB package dpkg-deb --build --root-owner-group $DEB_DIR """ - + // Archive the DEB package archiveArtifacts artifacts: "${DEB_DIR}.deb", allowEmptyArchive: false, fingerprint: true } From 310343834eee4239dde30de57a4a1317a9a3011f Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Wed, 11 Sep 2024 01:56:39 +0200 Subject: [PATCH 22/24] Fixing some shell syntax for Jenkins environment --- .build/Jenkinsfile | 52 +++++++++++++++++++++++++++------------------- 1 file changed, 31 insertions(+), 21 deletions(-) diff --git a/.build/Jenkinsfile b/.build/Jenkinsfile index 4992d1f..896e092 100644 --- a/.build/Jenkinsfile +++ b/.build/Jenkinsfile @@ -6,7 +6,7 @@ pipeline { REPO_URL = 'https://github.com/junkurihara/rust-rpxy.git' BINARY_NAME = 'rpxy' // BUILD_VERSION is not set because it will be extracted from Cargo.toml in the first step - BUILD_VERSION = '' + // BUILD_VERSION = '' } stages { @@ -47,8 +47,14 @@ pipeline { // Extract BUILD_VERSION from Cargo.toml script { // Extract version from Cargo.toml and set it as an environment variable - env.BUILD_VERSION = sh(script: "grep '^version' Cargo.toml | sed -E 's/version = \"(.+)\"/\\1/'", returnStdout: true).trim() - echo "Using extracted version: ${env.BUILD_VERSION}" + def buildVersion = sh(script: 'grep "^version" Cargo.toml | sed \'s/version = "\\([0-9.]*\\)"/\\1/\'', returnStdout: true).trim() + + if (buildVersion) { + env.BUILD_VERSION = buildVersion + echo "Using extracted version: ${env.BUILD_VERSION}" + } else { + error "Version not found in Cargo.toml" + } } // Build the binary @@ -60,10 +66,12 @@ pipeline { mv target/release/${BINARY_NAME} .. # Move necessary files for packaging - mv .build/DEB/{control,postinst,prerm,postrm} .. - mv .build/RPM/${BINARY_NAME}.spec .. - mv .build/{rpxy-start.sh,config.toml,rpxy.service} .. - mv ./{LICENSE,README.md} .. + mv .build/DEB/* .. + mv .build/RPM/* .. + mv .build/rpxy* .. + mv .build/config.toml .. + mv README.md .. + mv LICENSE .. """ } @@ -120,7 +128,7 @@ pipeline { mv ${BINARY_NAME}.spec rpmbuild/SPECS/ # Update spec file with correct version and source - sed -i 's/@BUILD_VERSION@/${BUILD_VERSION}/g; s/@Source0@/${BINARY_NAME}-${BUILD_VERSION}.tar.gz/g' rpmbuild/SPECS/${BINARY_NAME}.spec + sed -i 's/@BUILD_VERSION@/${BUILD_VERSION}/; s/@Source0@/${BINARY_NAME}-${BUILD_VERSION}.tar.gz/' rpmbuild/SPECS/${BINARY_NAME}.spec # Build the RPM package rpmbuild --define "_topdir ${WORKSPACE}/rpmbuild" --define "_version ${BUILD_VERSION}" -bb rpmbuild/SPECS/${BINARY_NAME}.spec @@ -166,28 +174,30 @@ pipeline { DEB_DIR=${BINARY_NAME}_${BUILD_VERSION}-1_amd64 # Create directory structure for DEB package - mkdir -p $DEB_DIR/{DEBIAN,usr/{bin,local/bin,share/doc/${BINARY_NAME}},etc/{systemd/system,${BINARY_NAME}/acme_registry}} + bash -c \"mkdir -p \$DEB_DIR/{DEBIAN,usr/{bin,local/bin,share/doc/${BINARY_NAME}},etc/{systemd/system,${BINARY_NAME}/acme_registry}}\" # Move files to appropriate locations - mv {postinst,prerm,postrm} $DEB_DIR/DEBIAN/ - chmod 755 $DEB_DIR/DEBIAN/{postinst,prerm,postrm} - mv rpxy-start.sh $DEB_DIR/usr/local/bin/ - chmod 0755 $DEB_DIR/usr/local/bin/rpxy-start.sh - mv ${BINARY_NAME} $DEB_DIR/usr/bin/ - mv rpxy.service $DEB_DIR/etc/systemd/system/ - mv {LICENSE,README.md} $DEB_DIR/usr/share/doc/${BINARY_NAME}/ - mv config.toml $DEB_DIR/etc/${BINARY_NAME}/ - mv control $DEB_DIR/DEBIAN/ + mv postinst prerm postrm \$DEB_DIR/DEBIAN/ + chmod 755 \$DEB_DIR/DEBIAN/postinst + chmod 755 \$DEB_DIR/DEBIAN/prerm + chmod 755 \$DEB_DIR/DEBIAN/postrm + mv rpxy-start.sh \$DEB_DIR/usr/local/bin/ + chmod 0755 \$DEB_DIR/usr/local/bin/rpxy-start.sh + mv ${BINARY_NAME} \$DEB_DIR/usr/bin/ + mv rpxy.service \$DEB_DIR/etc/systemd/system/ + mv LICENSE README.md \$DEB_DIR/usr/share/doc/${BINARY_NAME}/ + mv config.toml \$DEB_DIR/etc/${BINARY_NAME}/ + mv control \$DEB_DIR/DEBIAN/ # Update control file with correct version - sed -i 's/@BUILD_VERSION@/${BUILD_VERSION}/' $DEB_DIR/DEBIAN/control + sed -i 's/@BUILD_VERSION@/${BUILD_VERSION}/' \$DEB_DIR/DEBIAN/control # Build the DEB package - dpkg-deb --build --root-owner-group $DEB_DIR + dpkg-deb --build --root-owner-group \$DEB_DIR """ // Archive the DEB package - archiveArtifacts artifacts: "${DEB_DIR}.deb", allowEmptyArchive: false, fingerprint: true + archiveArtifacts artifacts: "${BINARY_NAME}_${BUILD_VERSION}-1_amd64.deb", allowEmptyArchive: false, fingerprint: true } } } From 244858590ad40034ec0a35f818487c81011bd123 Mon Sep 17 00:00:00 2001 From: Gamerboy59 Date: Fri, 13 Sep 2024 01:29:45 +0200 Subject: [PATCH 23/24] Move rpm to roof for archiving only file without folder --- .build/Jenkinsfile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.build/Jenkinsfile b/.build/Jenkinsfile index 896e092..e34c5fb 100644 --- a/.build/Jenkinsfile +++ b/.build/Jenkinsfile @@ -132,10 +132,13 @@ pipeline { # Build the RPM package rpmbuild --define "_topdir ${WORKSPACE}/rpmbuild" --define "_version ${BUILD_VERSION}" -bb rpmbuild/SPECS/${BINARY_NAME}.spec + + # Move RPM to root for archiving + mv rpmbuild/RPMS/x86_64/${BINARY_NAME}-${BUILD_VERSION}-1.el9.x86_64.rpm . """ // Archive the RPM package - archiveArtifacts artifacts: "rpmbuild/RPMS/x86_64/${BINARY_NAME}-${BUILD_VERSION}-1.el9.x86_64.rpm", allowEmptyArchive: false, fingerprint: true + archiveArtifacts artifacts: "${BINARY_NAME}-${BUILD_VERSION}-1.el9.x86_64.rpm", allowEmptyArchive: false, fingerprint: true } } } From a67625cb9c53e1a298560d5b8b8d8cf650d5867b Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Thu, 19 Sep 2024 11:25:48 +0900 Subject: [PATCH 24/24] update readme --- README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.md b/README.md index 274a096..2569555 100644 --- a/README.md +++ b/README.md @@ -24,6 +24,8 @@ By default, `rpxy` provides the *TLS connection sanitization* by correctly bindi ## Installing/Building an Executable Binary of `rpxy` +### Building from Source + You can build an executable binary yourself by checking out this Git repository. ```bash @@ -45,6 +47,12 @@ Then you have an executive binary `rust-rpxy/target/release/rpxy`. Note that we do not have an option of installation via [`crates.io`](https://crates.io/), i.e., `cargo install`, at this point since some dependencies are not published yet. Alternatively, you can use docker image (see below) as the easiest way for `amd64` environment. +### Package Installation for Linux (RPM/DEB) + +You can found the Jenkins CI/CD build scripts for `rpxy` in the [./build](./build) directory. + +Prebuilt packages for Linux RPM and DEB are available at [https://rpxy.gamerboy59.dev](https://rpxy.gamerboy59.dev), provided by [@Gamerboy59](https://github.com/Gamerboy59). + ## Usage `rpxy` always refers to a configuration file in TOML format, e.g., `config.toml`. You can find an example of the configuration file, `config-example.toml`, in this repository.