[#737] Debian packaging
Debian package includes: - user creation; - directories and permissions; - unit file for systemd Signed-off-by: Dmitriy Zabolotskiy <d.zabolotskiy@yadro.com>
This commit is contained in:
parent
d6424ebeac
commit
dd25331210
18 changed files with 400 additions and 0 deletions
3
.gitignore
vendored
3
.gitignore
vendored
|
@ -19,3 +19,6 @@ bin/
|
||||||
# coverage
|
# coverage
|
||||||
coverage.txt
|
coverage.txt
|
||||||
coverage.html
|
coverage.html
|
||||||
|
|
||||||
|
# debhelpers
|
||||||
|
**/.debhelper
|
||||||
|
|
19
Makefile
19
Makefile
|
@ -18,6 +18,13 @@ HUB_TAG ?= "$(shell echo ${VERSION} | sed 's/^v//')"
|
||||||
|
|
||||||
.PHONY: all $(BINS) $(BINDIR) dep docker/ test cover format image image-push dirty-image lint docker/lint version clean protoc
|
.PHONY: all $(BINS) $(BINDIR) dep docker/ test cover format image image-push dirty-image lint docker/lint version clean protoc
|
||||||
|
|
||||||
|
# .deb package versioning
|
||||||
|
OS_RELEASE = $(shell lsb_release -cs)
|
||||||
|
PKG_VERSION ?= $(shell echo $(VERSION) | sed "s/^v//" | \
|
||||||
|
sed -E "s/(.*)-(g[a-fA-F0-9]{6,8})(.*)/\1\3~\2/" | \
|
||||||
|
sed "s/-/~/")-${OS_RELEASE}
|
||||||
|
.PHONY: debpackage debclean
|
||||||
|
|
||||||
# Make all binaries
|
# Make all binaries
|
||||||
all: $(BINS)
|
all: $(BINS)
|
||||||
|
|
||||||
|
@ -126,4 +133,16 @@ protoc:
|
||||||
done
|
done
|
||||||
rm -rf vendor
|
rm -rf vendor
|
||||||
|
|
||||||
|
# Package for Debian
|
||||||
|
debpackage:
|
||||||
|
dch --package neofs-s3-gw \
|
||||||
|
--controlmaint \
|
||||||
|
--newversion $(PKG_VERSION) \
|
||||||
|
--distribution $(OS_RELEASE) \
|
||||||
|
"Please see CHANGELOG.md for code changes for $(VERSION)"
|
||||||
|
dpkg-buildpackage --no-sign -b
|
||||||
|
|
||||||
|
debclean:
|
||||||
|
dh clean
|
||||||
|
|
||||||
include help.mk
|
include help.mk
|
||||||
|
|
81
config/rules.json
Normal file
81
config/rules.json
Normal file
|
@ -0,0 +1,81 @@
|
||||||
|
{
|
||||||
|
"records": [
|
||||||
|
{
|
||||||
|
"operation": "PUT",
|
||||||
|
"action": "ALLOW",
|
||||||
|
"filters": [],
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"role": "OTHERS",
|
||||||
|
"keys": []
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"operation": "GET",
|
||||||
|
"action": "ALLOW",
|
||||||
|
"filters": [],
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"role": "OTHERS",
|
||||||
|
"keys": []
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"operation": "DELETE",
|
||||||
|
"action": "ALLOW",
|
||||||
|
"filters": [],
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"role": "OTHERS",
|
||||||
|
"keys": []
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"operation": "SEARCH",
|
||||||
|
"action": "ALLOW",
|
||||||
|
"filters": [],
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"role": "OTHERS",
|
||||||
|
"keys": []
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"operation": "GETRANGE",
|
||||||
|
"action": "ALLOW",
|
||||||
|
"filters": [],
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"role": "OTHERS",
|
||||||
|
"keys": []
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"operation": "GETRANGEHASH",
|
||||||
|
"action": "ALLOW",
|
||||||
|
"filters": [],
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"role": "OTHERS",
|
||||||
|
"keys": []
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"operation": "HEAD",
|
||||||
|
"action": "ALLOW",
|
||||||
|
"filters": [],
|
||||||
|
"targets": [
|
||||||
|
{
|
||||||
|
"role": "OTHERS",
|
||||||
|
"keys": []
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
5
debian/changelog
vendored
Normal file
5
debian/changelog
vendored
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
neofs-s3-gw (0.0.0) stable; urgency=medium
|
||||||
|
|
||||||
|
* Please see CHANGELOG.md
|
||||||
|
|
||||||
|
-- NeoSPCC <tech@nspcc.ru> Wed, 24 Aug 2022 18:29:49 +0300
|
14
debian/control
vendored
Normal file
14
debian/control
vendored
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
Source: neofs-s3-gw
|
||||||
|
Section: misc
|
||||||
|
Priority: optional
|
||||||
|
Maintainer: NeoSPCC <tech@nspcc.ru>
|
||||||
|
Build-Depends: debhelper-compat (= 13), git, devscripts
|
||||||
|
Standards-Version: 4.5.1
|
||||||
|
Homepage: https://fs.neo.org/
|
||||||
|
Vcs-Git: https://github.com/nspcc-dev/neofs-s3-gw.git
|
||||||
|
Vcs-Browser: https://github.com/nspcc-dev/neofs-s3-gw
|
||||||
|
|
||||||
|
Package: neofs-s3-gw
|
||||||
|
Architecture: any
|
||||||
|
Depends: ${misc:Depends}
|
||||||
|
Description: NeoFS S3 gateway provides API compatible with Amazon S3 cloud storage service.
|
22
debian/copyright
vendored
Normal file
22
debian/copyright
vendored
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
||||||
|
Upstream-Name: neofs-s3-gw
|
||||||
|
Upstream-Contact: tech@nspcc.ru
|
||||||
|
Source: https://github.com/nspcc-dev/neofs-s3-gw
|
||||||
|
|
||||||
|
Files: *
|
||||||
|
Copyright: 2018-2022 NeoSPCC (@nspcc-dev), contributors of neofs-s3-gw project
|
||||||
|
(https://github.com/nspcc-dev/neofs-s3-gw/blob/master/CREDITS.md)
|
||||||
|
|
||||||
|
|
||||||
|
License: AGPL-3.0-only
|
||||||
|
This program is free software: you can redistribute it and/or modify it
|
||||||
|
under the terms of the GNU Affero General Public License as published
|
||||||
|
by the Free Software Foundation; version 3.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||||
|
General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2
debian/neofs-s3-gw.dirs
vendored
Normal file
2
debian/neofs-s3-gw.dirs
vendored
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
etc/neofs/s3
|
||||||
|
var/lib/neofs/s3
|
4
debian/neofs-s3-gw.docs
vendored
Normal file
4
debian/neofs-s3-gw.docs
vendored
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
docs/*
|
||||||
|
README.md
|
||||||
|
CREDITS.md
|
||||||
|
CONTRIBUTING.md
|
1
debian/neofs-s3-gw.examples
vendored
Normal file
1
debian/neofs-s3-gw.examples
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
config/*
|
4
debian/neofs-s3-gw.install
vendored
Normal file
4
debian/neofs-s3-gw.install
vendored
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
config/config.yaml etc/neofs/s3
|
||||||
|
config/rules.json var/lib/neofs/s3
|
||||||
|
bin/neofs-s3-gw usr/bin
|
||||||
|
bin/neofs-s3-authmate usr/bin
|
52
debian/neofs-s3-gw.postinst
vendored
Normal file
52
debian/neofs-s3-gw.postinst
vendored
Normal file
|
@ -0,0 +1,52 @@
|
||||||
|
#!/bin/sh
|
||||||
|
# postinst script for neofs-s3-gw
|
||||||
|
#
|
||||||
|
# see: dh_installdeb(1)
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# summary of how this script can be called:
|
||||||
|
# * <postinst> `configure' <most-recently-configured-version>
|
||||||
|
# * <old-postinst> `abort-upgrade' <new version>
|
||||||
|
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
|
||||||
|
# <new-version>
|
||||||
|
# * <postinst> `abort-remove'
|
||||||
|
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
|
||||||
|
# <failed-install-package> <version> `removing'
|
||||||
|
# <conflicting-package> <version>
|
||||||
|
# for details, see https://www.debian.org/doc/debian-policy/ or
|
||||||
|
# the debian-policy package
|
||||||
|
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
configure)
|
||||||
|
USERNAME=s3
|
||||||
|
id -u neofs-$USERNAME >/dev/null 2>&1 || useradd -s /usr/sbin/nologin -d /var/lib/neofs/s3 --system -M -U -c "NeoFS S3 gateway" neofs-$USERNAME
|
||||||
|
if ! dpkg-statoverride --list /etc/neofs/$USERNAME >/dev/null; then
|
||||||
|
chown -f -R root:neofs-$USERNAME /etc/neofs/$USERNAME
|
||||||
|
chown -f root:neofs-$USERNAME /etc/neofs/$USERNAME/config.yaml || true
|
||||||
|
chmod -f 0750 /etc/neofs/$USERNAME
|
||||||
|
chmod -f 0640 /etc/neofs/$USERNAME/config.yaml || true
|
||||||
|
fi
|
||||||
|
USERDIR=$(getent passwd "neofs-$USERNAME" | cut -d: -f6)
|
||||||
|
if ! dpkg-statoverride --list neofs-$USERDIR >/dev/null; then
|
||||||
|
chown -f neofs-$USERNAME: $USERDIR
|
||||||
|
chown -f neofs-$USERNAME: $USERDIR/rules.json
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
|
||||||
|
abort-upgrade|abort-remove|abort-deconfigure)
|
||||||
|
;;
|
||||||
|
|
||||||
|
*)
|
||||||
|
echo "postinst called with unknown argument \`$1'" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# dh_installdeb will replace this with shell code automatically
|
||||||
|
# generated by other debhelper scripts.
|
||||||
|
|
||||||
|
#DEBHELPER#
|
||||||
|
|
||||||
|
exit 0
|
41
debian/neofs-s3-gw.postrm
vendored
Normal file
41
debian/neofs-s3-gw.postrm
vendored
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
#!/bin/sh
|
||||||
|
# postrm script for neofs-s3-gw
|
||||||
|
#
|
||||||
|
# see: dh_installdeb(1)
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# summary of how this script can be called:
|
||||||
|
# * <postrm> `remove'
|
||||||
|
# * <postrm> `purge'
|
||||||
|
# * <old-postrm> `upgrade' <new-version>
|
||||||
|
# * <new-postrm> `failed-upgrade' <old-version>
|
||||||
|
# * <new-postrm> `abort-install'
|
||||||
|
# * <new-postrm> `abort-install' <old-version>
|
||||||
|
# * <new-postrm> `abort-upgrade' <old-version>
|
||||||
|
# * <disappearer's-postrm> `disappear' <overwriter>
|
||||||
|
# <overwriter-version>
|
||||||
|
# for details, see https://www.debian.org/doc/debian-policy/ or
|
||||||
|
# the debian-policy package
|
||||||
|
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
purge)
|
||||||
|
rm -rf /var/lib/neofs/s3
|
||||||
|
;;
|
||||||
|
|
||||||
|
remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
|
||||||
|
;;
|
||||||
|
|
||||||
|
*)
|
||||||
|
echo "postrm called with unknown argument \`$1'" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# dh_installdeb will replace this with shell code automatically
|
||||||
|
# generated by other debhelper scripts.
|
||||||
|
|
||||||
|
#DEBHELPER#
|
||||||
|
|
||||||
|
exit 0
|
35
debian/neofs-s3-gw.preinst
vendored
Normal file
35
debian/neofs-s3-gw.preinst
vendored
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
#!/bin/sh
|
||||||
|
# preinst script for neofs-s3-gw
|
||||||
|
#
|
||||||
|
# see: dh_installdeb(1)
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# summary of how this script can be called:
|
||||||
|
# * <new-preinst> `install'
|
||||||
|
# * <new-preinst> `install' <old-version>
|
||||||
|
# * <new-preinst> `upgrade' <old-version>
|
||||||
|
# * <old-preinst> `abort-upgrade' <new-version>
|
||||||
|
# for details, see https://www.debian.org/doc/debian-policy/ or
|
||||||
|
# the debian-policy package
|
||||||
|
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
install|upgrade)
|
||||||
|
;;
|
||||||
|
|
||||||
|
abort-upgrade)
|
||||||
|
;;
|
||||||
|
|
||||||
|
*)
|
||||||
|
echo "preinst called with unknown argument \`$1'" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# dh_installdeb will replace this with shell code automatically
|
||||||
|
# generated by other debhelper scripts.
|
||||||
|
|
||||||
|
#DEBHELPER#
|
||||||
|
|
||||||
|
exit 0
|
38
debian/neofs-s3-gw.prerm
vendored
Normal file
38
debian/neofs-s3-gw.prerm
vendored
Normal file
|
@ -0,0 +1,38 @@
|
||||||
|
#!/bin/sh
|
||||||
|
# prerm script for neofs-s3-gw
|
||||||
|
#
|
||||||
|
# see: dh_installdeb(1)
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# summary of how this script can be called:
|
||||||
|
# * <prerm> `remove'
|
||||||
|
# * <old-prerm> `upgrade' <new-version>
|
||||||
|
# * <new-prerm> `failed-upgrade' <old-version>
|
||||||
|
# * <conflictor's-prerm> `remove' `in-favour' <package> <new-version>
|
||||||
|
# * <deconfigured's-prerm> `deconfigure' `in-favour'
|
||||||
|
# <package-being-installed> <version> `removing'
|
||||||
|
# <conflicting-package> <version>
|
||||||
|
# for details, see https://www.debian.org/doc/debian-policy/ or
|
||||||
|
# the debian-policy package
|
||||||
|
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
remove|upgrade|deconfigure)
|
||||||
|
;;
|
||||||
|
|
||||||
|
failed-upgrade)
|
||||||
|
;;
|
||||||
|
|
||||||
|
*)
|
||||||
|
echo "prerm called with unknown argument \`$1'" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# dh_installdeb will replace this with shell code automatically
|
||||||
|
# generated by other debhelper scripts.
|
||||||
|
|
||||||
|
#DEBHELPER#
|
||||||
|
|
||||||
|
exit 0
|
16
debian/neofs-s3-gw.service
vendored
Normal file
16
debian/neofs-s3-gw.service
vendored
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
[Unit]
|
||||||
|
Description=NeoFS S3 Gateway
|
||||||
|
Requires=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
ExecStart=/usr/bin/neofs-s3-gw --config /etc/neofs/s3/config.yaml
|
||||||
|
User=neofs-s3
|
||||||
|
Group=neofs-s3
|
||||||
|
WorkingDirectory=/var/lib/neofs/s3
|
||||||
|
Restart=always
|
||||||
|
RestartSec=5
|
||||||
|
PrivateTmp=true
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
16
debian/rules
vendored
Executable file
16
debian/rules
vendored
Executable file
|
@ -0,0 +1,16 @@
|
||||||
|
#!/usr/bin/make -f
|
||||||
|
|
||||||
|
# Do not try to strip Go binaries
|
||||||
|
export DEB_BUILD_OPTIONS := nostrip
|
||||||
|
SERVICE = neofs-s3-gw
|
||||||
|
|
||||||
|
%:
|
||||||
|
dh $@
|
||||||
|
|
||||||
|
override_dh_installsystemd:
|
||||||
|
dh_installsystemd --no-enable --no-start $(SERVICE).service
|
||||||
|
|
||||||
|
override_dh_installchangelogs:
|
||||||
|
dh_installchangelogs -k CHANGELOG.md
|
||||||
|
|
||||||
|
|
1
debian/source/format
vendored
Normal file
1
debian/source/format
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
3.0 (quilt)
|
46
docs/building-deb-package.md
Normal file
46
docs/building-deb-package.md
Normal file
|
@ -0,0 +1,46 @@
|
||||||
|
# Building Debian package on host
|
||||||
|
|
||||||
|
## Prerequisites
|
||||||
|
|
||||||
|
For now, we're assuming building for Debian 11 (stable) x86_64.
|
||||||
|
|
||||||
|
Go version 18.4 or later should already be installed, i.e. this runs
|
||||||
|
successfully:
|
||||||
|
|
||||||
|
* `make all`
|
||||||
|
|
||||||
|
## Installing packaging dependencies
|
||||||
|
|
||||||
|
```shell
|
||||||
|
$ sudo apt install debhelper-compat dh-sequence-bash-completion devscripts
|
||||||
|
```
|
||||||
|
|
||||||
|
Warining: number of package installed is pretty large considering dependecies.
|
||||||
|
|
||||||
|
## Package building
|
||||||
|
|
||||||
|
```shell
|
||||||
|
$ make debpackage
|
||||||
|
```
|
||||||
|
|
||||||
|
## Leftovers cleaning
|
||||||
|
|
||||||
|
```shell
|
||||||
|
$ make debclean
|
||||||
|
```
|
||||||
|
or
|
||||||
|
```shell
|
||||||
|
$ dh clean
|
||||||
|
```
|
||||||
|
|
||||||
|
# Package versioning
|
||||||
|
|
||||||
|
By default, package version is based on product version and may also contain git
|
||||||
|
tags and hashes.
|
||||||
|
|
||||||
|
Package version could be overwritten by setting `PKG_VERSION` variable before
|
||||||
|
build, Debian package versioning rules should be respected.
|
||||||
|
|
||||||
|
```shell
|
||||||
|
$ PKG_VERSION=0.32.0 make debpackge
|
||||||
|
```
|
Loading…
Reference in a new issue