[#737] Debian packaging

Debian package includes:
 - user creation;
 - directories and permissions;
 - unit file for systemd

Signed-off-by: Dmitriy Zabolotskiy <d.zabolotskiy@yadro.com>
This commit is contained in:
Dmitriy Zabolotskiy 2022-11-01 10:27:24 +03:00 committed by Alex Vanin
parent d6424ebeac
commit dd25331210
18 changed files with 400 additions and 0 deletions

3
.gitignore vendored
View file

@ -19,3 +19,6 @@ bin/
# coverage # coverage
coverage.txt coverage.txt
coverage.html coverage.html
# debhelpers
**/.debhelper

View file

@ -18,6 +18,13 @@ HUB_TAG ?= "$(shell echo ${VERSION} | sed 's/^v//')"
.PHONY: all $(BINS) $(BINDIR) dep docker/ test cover format image image-push dirty-image lint docker/lint version clean protoc .PHONY: all $(BINS) $(BINDIR) dep docker/ test cover format image image-push dirty-image lint docker/lint version clean protoc
# .deb package versioning
OS_RELEASE = $(shell lsb_release -cs)
PKG_VERSION ?= $(shell echo $(VERSION) | sed "s/^v//" | \
sed -E "s/(.*)-(g[a-fA-F0-9]{6,8})(.*)/\1\3~\2/" | \
sed "s/-/~/")-${OS_RELEASE}
.PHONY: debpackage debclean
# Make all binaries # Make all binaries
all: $(BINS) all: $(BINS)
@ -126,4 +133,16 @@ protoc:
done done
rm -rf vendor rm -rf vendor
# Package for Debian
debpackage:
dch --package neofs-s3-gw \
--controlmaint \
--newversion $(PKG_VERSION) \
--distribution $(OS_RELEASE) \
"Please see CHANGELOG.md for code changes for $(VERSION)"
dpkg-buildpackage --no-sign -b
debclean:
dh clean
include help.mk include help.mk

81
config/rules.json Normal file
View file

@ -0,0 +1,81 @@
{
"records": [
{
"operation": "PUT",
"action": "ALLOW",
"filters": [],
"targets": [
{
"role": "OTHERS",
"keys": []
}
]
},
{
"operation": "GET",
"action": "ALLOW",
"filters": [],
"targets": [
{
"role": "OTHERS",
"keys": []
}
]
},
{
"operation": "DELETE",
"action": "ALLOW",
"filters": [],
"targets": [
{
"role": "OTHERS",
"keys": []
}
]
},
{
"operation": "SEARCH",
"action": "ALLOW",
"filters": [],
"targets": [
{
"role": "OTHERS",
"keys": []
}
]
},
{
"operation": "GETRANGE",
"action": "ALLOW",
"filters": [],
"targets": [
{
"role": "OTHERS",
"keys": []
}
]
},
{
"operation": "GETRANGEHASH",
"action": "ALLOW",
"filters": [],
"targets": [
{
"role": "OTHERS",
"keys": []
}
]
},
{
"operation": "HEAD",
"action": "ALLOW",
"filters": [],
"targets": [
{
"role": "OTHERS",
"keys": []
}
]
}
]
}

5
debian/changelog vendored Normal file
View file

@ -0,0 +1,5 @@
neofs-s3-gw (0.0.0) stable; urgency=medium
* Please see CHANGELOG.md
-- NeoSPCC <tech@nspcc.ru> Wed, 24 Aug 2022 18:29:49 +0300

14
debian/control vendored Normal file
View file

@ -0,0 +1,14 @@
Source: neofs-s3-gw
Section: misc
Priority: optional
Maintainer: NeoSPCC <tech@nspcc.ru>
Build-Depends: debhelper-compat (= 13), git, devscripts
Standards-Version: 4.5.1
Homepage: https://fs.neo.org/
Vcs-Git: https://github.com/nspcc-dev/neofs-s3-gw.git
Vcs-Browser: https://github.com/nspcc-dev/neofs-s3-gw
Package: neofs-s3-gw
Architecture: any
Depends: ${misc:Depends}
Description: NeoFS S3 gateway provides API compatible with Amazon S3 cloud storage service.

22
debian/copyright vendored Normal file
View file

@ -0,0 +1,22 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: neofs-s3-gw
Upstream-Contact: tech@nspcc.ru
Source: https://github.com/nspcc-dev/neofs-s3-gw
Files: *
Copyright: 2018-2022 NeoSPCC (@nspcc-dev), contributors of neofs-s3-gw project
(https://github.com/nspcc-dev/neofs-s3-gw/blob/master/CREDITS.md)
License: AGPL-3.0-only
This program is free software: you can redistribute it and/or modify it
under the terms of the GNU Affero General Public License as published
by the Free Software Foundation; version 3.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.

2
debian/neofs-s3-gw.dirs vendored Normal file
View file

@ -0,0 +1,2 @@
etc/neofs/s3
var/lib/neofs/s3

4
debian/neofs-s3-gw.docs vendored Normal file
View file

@ -0,0 +1,4 @@
docs/*
README.md
CREDITS.md
CONTRIBUTING.md

1
debian/neofs-s3-gw.examples vendored Normal file
View file

@ -0,0 +1 @@
config/*

4
debian/neofs-s3-gw.install vendored Normal file
View file

@ -0,0 +1,4 @@
config/config.yaml etc/neofs/s3
config/rules.json var/lib/neofs/s3
bin/neofs-s3-gw usr/bin
bin/neofs-s3-authmate usr/bin

52
debian/neofs-s3-gw.postinst vendored Normal file
View file

@ -0,0 +1,52 @@
#!/bin/sh
# postinst script for neofs-s3-gw
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <postinst> `abort-remove'
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
configure)
USERNAME=s3
id -u neofs-$USERNAME >/dev/null 2>&1 || useradd -s /usr/sbin/nologin -d /var/lib/neofs/s3 --system -M -U -c "NeoFS S3 gateway" neofs-$USERNAME
if ! dpkg-statoverride --list /etc/neofs/$USERNAME >/dev/null; then
chown -f -R root:neofs-$USERNAME /etc/neofs/$USERNAME
chown -f root:neofs-$USERNAME /etc/neofs/$USERNAME/config.yaml || true
chmod -f 0750 /etc/neofs/$USERNAME
chmod -f 0640 /etc/neofs/$USERNAME/config.yaml || true
fi
USERDIR=$(getent passwd "neofs-$USERNAME" | cut -d: -f6)
if ! dpkg-statoverride --list neofs-$USERDIR >/dev/null; then
chown -f neofs-$USERNAME: $USERDIR
chown -f neofs-$USERNAME: $USERDIR/rules.json
fi
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0

41
debian/neofs-s3-gw.postrm vendored Normal file
View file

@ -0,0 +1,41 @@
#!/bin/sh
# postrm script for neofs-s3-gw
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <postrm> `remove'
# * <postrm> `purge'
# * <old-postrm> `upgrade' <new-version>
# * <new-postrm> `failed-upgrade' <old-version>
# * <new-postrm> `abort-install'
# * <new-postrm> `abort-install' <old-version>
# * <new-postrm> `abort-upgrade' <old-version>
# * <disappearer's-postrm> `disappear' <overwriter>
# <overwriter-version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
purge)
rm -rf /var/lib/neofs/s3
;;
remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
;;
*)
echo "postrm called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0

35
debian/neofs-s3-gw.preinst vendored Normal file
View file

@ -0,0 +1,35 @@
#!/bin/sh
# preinst script for neofs-s3-gw
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <new-preinst> `install'
# * <new-preinst> `install' <old-version>
# * <new-preinst> `upgrade' <old-version>
# * <old-preinst> `abort-upgrade' <new-version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
install|upgrade)
;;
abort-upgrade)
;;
*)
echo "preinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0

38
debian/neofs-s3-gw.prerm vendored Normal file
View file

@ -0,0 +1,38 @@
#!/bin/sh
# prerm script for neofs-s3-gw
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <prerm> `remove'
# * <old-prerm> `upgrade' <new-version>
# * <new-prerm> `failed-upgrade' <old-version>
# * <conflictor's-prerm> `remove' `in-favour' <package> <new-version>
# * <deconfigured's-prerm> `deconfigure' `in-favour'
# <package-being-installed> <version> `removing'
# <conflicting-package> <version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
remove|upgrade|deconfigure)
;;
failed-upgrade)
;;
*)
echo "prerm called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0

16
debian/neofs-s3-gw.service vendored Normal file
View file

@ -0,0 +1,16 @@
[Unit]
Description=NeoFS S3 Gateway
Requires=network.target
[Service]
Type=simple
ExecStart=/usr/bin/neofs-s3-gw --config /etc/neofs/s3/config.yaml
User=neofs-s3
Group=neofs-s3
WorkingDirectory=/var/lib/neofs/s3
Restart=always
RestartSec=5
PrivateTmp=true
[Install]
WantedBy=multi-user.target

16
debian/rules vendored Executable file
View file

@ -0,0 +1,16 @@
#!/usr/bin/make -f
# Do not try to strip Go binaries
export DEB_BUILD_OPTIONS := nostrip
SERVICE = neofs-s3-gw
%:
dh $@
override_dh_installsystemd:
dh_installsystemd --no-enable --no-start $(SERVICE).service
override_dh_installchangelogs:
dh_installchangelogs -k CHANGELOG.md

1
debian/source/format vendored Normal file
View file

@ -0,0 +1 @@
3.0 (quilt)

View file

@ -0,0 +1,46 @@
# Building Debian package on host
## Prerequisites
For now, we're assuming building for Debian 11 (stable) x86_64.
Go version 18.4 or later should already be installed, i.e. this runs
successfully:
* `make all`
## Installing packaging dependencies
```shell
$ sudo apt install debhelper-compat dh-sequence-bash-completion devscripts
```
Warining: number of package installed is pretty large considering dependecies.
## Package building
```shell
$ make debpackage
```
## Leftovers cleaning
```shell
$ make debclean
```
or
```shell
$ dh clean
```
# Package versioning
By default, package version is based on product version and may also contain git
tags and hashes.
Package version could be overwritten by setting `PKG_VERSION` variable before
build, Debian package versioning rules should be respected.
```shell
$ PKG_VERSION=0.32.0 make debpackge
```