mirror of
https://git.collinwebdesigns.de/oscar.krause/fastapi-dls.git
synced 2024-11-23 23:41:06 +03:00
added basic debian package setup and pipeline
This commit is contained in:
parent
d6d4cbc74a
commit
f0fdfafaed
@ -1,7 +1,28 @@
|
|||||||
cache:
|
cache:
|
||||||
key: one-key-to-rule-them-all
|
key: one-key-to-rule-them-all
|
||||||
|
|
||||||
build:
|
build:debian:
|
||||||
|
# debian:bullseye-slim
|
||||||
|
image: debian:bookworm-slim # just to get "python3-jose" working
|
||||||
|
stage: build
|
||||||
|
before_script:
|
||||||
|
- apt-get update -qq && apt-get install -qq -y build-essential
|
||||||
|
- chmod 0755 -R .
|
||||||
|
# create build directory for .deb sources
|
||||||
|
- mkdir build
|
||||||
|
# copy install instructions
|
||||||
|
- cp -r DEBIAN build/
|
||||||
|
# copy app
|
||||||
|
- mkdir -p build/usr/share/
|
||||||
|
- cp -r app build/usr/share/fastapi-dls
|
||||||
|
script:
|
||||||
|
- dpkg -b . build.deb
|
||||||
|
artifacts:
|
||||||
|
expire_in: 1 week
|
||||||
|
paths:
|
||||||
|
- build.deb
|
||||||
|
|
||||||
|
build:docker:
|
||||||
image: docker:dind
|
image: docker:dind
|
||||||
interruptible: true
|
interruptible: true
|
||||||
stage: build
|
stage: build
|
||||||
@ -15,10 +36,27 @@ build:
|
|||||||
- docker build . --tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF}
|
- docker build . --tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF}
|
||||||
- docker push ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF}
|
- docker push ${CI_REGISTRY}/${CI_PROJECT_PATH}/${CI_BUILD_REF_NAME}:${CI_BUILD_REF}
|
||||||
|
|
||||||
test:
|
test:debian:
|
||||||
|
image: debian:bookworm-slim
|
||||||
stage: test
|
stage: test
|
||||||
|
needs:
|
||||||
|
- job: build:debian
|
||||||
|
artifacts: true
|
||||||
|
before_script:
|
||||||
|
- apt-get update -qq && apt-get install -qq -y jq # systemd
|
||||||
script:
|
script:
|
||||||
- echo "Nothing to do ..."
|
# test installation
|
||||||
|
- apt-get install -q -y ./build.deb --fix-missing
|
||||||
|
# copy example config from GitLab-CI-Variables
|
||||||
|
#- cat ${EXAMPLE_CONFIG} > /etc/fastapi-dls/env
|
||||||
|
#- systemctl daemon-reload
|
||||||
|
#- systemctl enable fastapi-dls.service
|
||||||
|
#- systemctl start fastapi-dls.service
|
||||||
|
#- if [ "`curl --insecure -s https://localhost:8000/status | jq .status`" != "up" ]; then exit 2; fi
|
||||||
|
#- systemctl stop fastapi-dls.service
|
||||||
|
#- systemctl disable fastapi-dls.service
|
||||||
|
- apt-get purge -qq -y fastapi-dls
|
||||||
|
- apt-get autoremove -qq -y && apt-get clean -qq
|
||||||
|
|
||||||
deploy:
|
deploy:
|
||||||
stage: deploy
|
stage: deploy
|
||||||
|
8
DEBIAN/conffiles
Normal file
8
DEBIAN/conffiles
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
/etc/systemd/system/fastapi-dls.service
|
||||||
|
/etc/fastapi-dls/env
|
||||||
|
/etc/fastapi-dls/instance.private.pem
|
||||||
|
/etc/fastapi-dls/instance.public.pem
|
||||||
|
/etc/fastapi-dls/webserver.key
|
||||||
|
/etc/fastapi-dls/webserver.crt
|
||||||
|
|
||||||
|
# todo
|
9
DEBIAN/control
Normal file
9
DEBIAN/control
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
Package: fastapi-dls
|
||||||
|
Version: 0.5
|
||||||
|
Architecture: all
|
||||||
|
Maintainer: Oscar Krause oscar.krause@collinwebdesigns.de
|
||||||
|
Depends: python3, python3-fastapi, python3-uvicorn, python3-dotenv, python3-dateutil, python3-jose, uvicorn, openssl
|
||||||
|
Recommends: curl
|
||||||
|
Installed-Size: 10240
|
||||||
|
Homepage: https://git.collinwebdesigns.de/oscar.krause/fastapi-dls
|
||||||
|
Description: Minimal Delegated License Service (DLS).
|
85
DEBIAN/postinst
Normal file
85
DEBIAN/postinst
Normal file
@ -0,0 +1,85 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
echo "> Install service ..."
|
||||||
|
echo <<EOF >/etc/systemd/system/fastapi-dls.service
|
||||||
|
[Unit]
|
||||||
|
Description=Service for fastapi-dls
|
||||||
|
After=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
User=www-data
|
||||||
|
Group=www-data
|
||||||
|
WorkingDirectory=/usr/share/fastapi-dls
|
||||||
|
ExecStart=uvicorn \
|
||||||
|
--host $DLS_URL --port $DLS_PORT \
|
||||||
|
--app-dir /usr/share/fastapi-dls/app \
|
||||||
|
--ssl-keyfile /etc/fastapi-dls/webserver.key \
|
||||||
|
--ssl-certfile /opt/fastapi-dls/webserver.crt \
|
||||||
|
--proxy-headers
|
||||||
|
EnvironmentFile=/etc/fastapi-dls.env
|
||||||
|
Restart=always
|
||||||
|
KillSignal=SIGQUIT
|
||||||
|
Type=notify
|
||||||
|
StandardError=syslog
|
||||||
|
NotifyAccess=all
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
EOF
|
||||||
|
|
||||||
|
CONFIG_DIR=/etc/fastapi-dls
|
||||||
|
|
||||||
|
echo "> Create config directory ..."
|
||||||
|
mkdir -p $CONFIG_DIR
|
||||||
|
|
||||||
|
echo "> Writing default config parameters ..."
|
||||||
|
touch $CONFIG_DIR/fastapi-dls.env
|
||||||
|
echo <<EOF >$CONFIG_DIR
|
||||||
|
DLS_URL=127.0.0.1
|
||||||
|
DLS_PORT=443
|
||||||
|
LEASE_EXPIRE_DAYS=90
|
||||||
|
DATABASE=sqlite:////usr/share/fastapi-dls/db.sqlite
|
||||||
|
EOF
|
||||||
|
|
||||||
|
echo "> Create dls-instance keypair ..."
|
||||||
|
openssl genrsa -out $CONFIG_DIR/instance.private.pem 2048
|
||||||
|
openssl rsa -in $CONFIG_DIR/instance.private.pem -outform PEM -pubout -out $CONFIG_DIR/instance.public.pem
|
||||||
|
|
||||||
|
while true; do
|
||||||
|
read -p "> Do you wish to create self-signed webserver certificate? [y/n]" yn
|
||||||
|
case $yn in
|
||||||
|
[Yy]*)
|
||||||
|
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout $CONFIG_DIR/webserver.key -out $CONFIG_DIR/webserver.crt
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
[Nn]*) break ;;
|
||||||
|
*) echo "Please answer [y] or [n]." ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
|
||||||
|
if [[ -f $CONFIG_DIR/webserver.key ]]; then
|
||||||
|
echo "> Starting service ..."
|
||||||
|
systemctl start fastapi-dls.service
|
||||||
|
|
||||||
|
if [ -x "$(command -v curl)" ]; then
|
||||||
|
echo "> Testing API ..."
|
||||||
|
curl --insecure -X GET https://127.0.0.1/status
|
||||||
|
else
|
||||||
|
echo "> Testing API failed, curl not available. Please test manually!"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
cat <<EOF
|
||||||
|
|
||||||
|
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||||
|
# #
|
||||||
|
# fastapi-dls is now installed. #
|
||||||
|
# #
|
||||||
|
# Service should be up and running. #
|
||||||
|
# Webservice is listen to https://localhost #
|
||||||
|
# #
|
||||||
|
# Configuration is stored in ${CONFIG_DIR}/env #
|
||||||
|
# #
|
||||||
|
# #
|
||||||
|
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||||
|
EOF
|
8
DEBIAN/postrm
Executable file
8
DEBIAN/postrm
Executable file
@ -0,0 +1,8 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
if [[ -d /etc/fastapi-dls ]]; then
|
||||||
|
echo "> Removing config directory."
|
||||||
|
rm -r /etc/fastapi-dls
|
||||||
|
fi
|
||||||
|
|
||||||
|
# todo
|
5
DEBIAN/prerm
Executable file
5
DEBIAN/prerm
Executable file
@ -0,0 +1,5 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
echo -e "> Starting uninstallation of 'fastapi-dls'!"
|
||||||
|
|
||||||
|
# todo
|
Loading…
Reference in New Issue
Block a user