feat:migration from gitlab
Some checks failed
/ ansible-semaphore (push) Successful in 2m43s
/ atlasswprobe (push) Successful in 4m0s
/ daliserver (push) Successful in 2m14s
/ forgejo (push) Successful in 5m56s
/ forgejo-runner (push) Successful in 1m27s
/ http-mqtt-bridge (push) Successful in 4m50s
/ keycloak-23 (push) Successful in 10m5s
/ linux-diversion-ath-regd-optional (push) Successful in 18m51s
/ lottieconverter (push) Successful in 52s
/ matterbridge (push) Successful in 3m31s
/ matrix-element-web (push) Successful in 3m52s
/ matrix-hydrogen (push) Successful in 1m11s
/ matrix.to (push) Successful in 6m19s
/ maubot (push) Successful in 10m47s
/ maubot-plugin-spaceapi (push) Successful in 2m5s
/ maubot-plugin-ultimaker (push) Successful in 1m55s
/ mautrix-signal (push) Successful in 1m7s
/ mautrix-telegram (push) Successful in 51s
/ mediawiki-extension-auth-remoteuser (push) Successful in 1m2s
/ mediawiki-extension-nativesvghandler (push) Successful in 1m0s
/ mediawiki-extension-openidconnect (push) Successful in 1m29s
/ mediawiki-extension-pluggableauth (push) Successful in 40s
/ mqtt2prometheus (push) Successful in 4m47s
/ mumble-web (push) Successful in 53s
/ mumble-web-data (push) Failing after 7m37s
/ mumble-web-proxy (push) Failing after 6m47s
/ prometheus-ipmi-exporter (push) Successful in 1m1s
/ prometheus-dnsbl-exporter (push) Successful in 1m33s
/ prometheus2influxdb (push) Successful in 53s
/ python3-mautrix (push) Successful in 1m11s
/ python3-telethon (push) Successful in 47s
/ repo.s3lph.me-apt-source (push) Successful in 47s
/ republik-feeder (push) Successful in 1m11s
/ woodpecker-agent (push) Successful in 2m50s
/ woodpecker-cli (push) Successful in 1m10s

This commit is contained in:
s3lph 2023-12-05 23:40:22 +01:00
commit 4fe6ccd91c
Signed by: s3lph
GPG key ID: 0AA29A52FB33CFB5
312 changed files with 10182 additions and 0 deletions

View file

@ -0,0 +1,70 @@
---
on:
push:
branches:
- main
schedule:
- cron: "0 2 * * *" # every night at 1 AM
jobs:
# One step per package
ansible-semaphore: &job
runs-on: docker
container:
image: git.kabelsalat.ch/s3lph/package-pipeline-builder:latest
env:
API_REPOSITORY_DEB: ${{ secrets.API_REPOSITORY_DEB }}
API_USERNAME: ${{ secrets.API_USERNAME }}
API_PASSWORD: ${{ secrets.API_PASSWORD }}
MAINTAINER: ${{ secrets.MAINTAINER }}
steps:
- uses: https://code.forgejo.org/actions/checkout@v4
- run: |
cd "${GITHUB_JOB}"
[ -x build.sh ] && ./build.sh
[ -x package.sh ] && fakeroot ./package.sh
cd build
lintian *.deb || true
# Upload to the repo
for file in *deb; do
curl --user "${API_USERNAME}:${API_PASSWORD}" \
--upload-file "${file}" \
"${API_REPOSITORY_DEB}"
done
atlasswprobe: *job
daliserver: *job
forgejo: *job
forgejo-runner: *job
http-mqtt-bridge: *job
keycloak-23: *job
linux-diversion-ath-regd-optional: *job
lottieconverter: *job
matterbridge: *job
matrix-element-web: *job
matrix-hydrogen: *job
matrix.to: *job
maubot: *job
maubot-plugin-spaceapi: *job
maubot-plugin-ultimaker: *job
mautrix-signal: *job
mautrix-telegram: *job
mediawiki-extension-auth-remoteuser: *job
mediawiki-extension-nativesvghandler: *job
mediawiki-extension-openidconnect: *job
mediawiki-extension-pluggableauth: *job
mqtt2prometheus: *job
mumble-web: *job
mumble-web-data: *job
mumble-web-proxy: *job
prometheus-ipmi-exporter: *job
prometheus-dnsbl-exporter: *job
prometheus2influxdb: *job
python3-mautrix: *job
python3-telethon: *job
repo.s3lph.me-apt-source: *job
republik-feeder: *job
woodpecker-agent: *job
woodpecker-cli: *job

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
**/build/

9
.skel/helpers.sh Normal file
View file

@ -0,0 +1,9 @@
#!/bin/bash
function github_changelog() {
curl https://api.github.com/repos/$1/releases | jq -r 'reverse | .[] | select(.draft==false and .prerelease==false) | "'"${PKGNAME}"' (\(.name)); urgency=medium\n \(.body // empty | gsub("\n";"\n "))\n -- '"${MAINTAINER}"' \(.created_at | fromdate | strftime("%a, %d %b %Y %T %z"))\n"' | gzip -9n > "${PKGDIR}/usr/share/doc/${PKGNAME}/changelog.gz"
}
function gitlab_changelog() {
curl https://gitlab.com/api/v4/$1/releases | jq -r 'reverse | .[] | select(.upcoming_release==false) | "'"${PKGNAME}"' (\(.name)); urgency=medium\n \(.description // empty | gsub("\n";"\n "))\n -- '"${MAINTAINER}"' \(.created_at | fromdate | strftime("%a, %d %b %Y %T %z"))\n"' | gzip -9n > "${PKGDIR}/usr/share/doc/${PKGNAME}/changelog.gz"
}

44
.skel/maubot-plugin.sh Normal file
View file

@ -0,0 +1,44 @@
set -exo pipefail
ROOT=$(pwd)
pip3 install --break-system-packages maubot
function fetch() {
cd "${SRCDIR}"
git clone "${REPO}"
}
function prepare() {
mkdir -p \
"${PKGDIR}/DEBIAN" \
"${PKGDIR}/usr/lib/maubot/plugins"
PLUGIN_DIR=$(find "${SRCDIR}" -type f -name maubot.yaml | head -1)
PLUGIN_DIR=$(dirname "${PLUGIN_DIR}")
VERSION=$(cat "${PLUGIN_DIR}/maubot.yaml" | yq -r .version | head -1)
PLUGIN_ID=$(cat "${PLUGIN_DIR}/maubot.yaml" | yq -r .id | head -1)
cd "${PLUGIN_DIR}"
mbc build --output "${PKGDIR}/usr/lib/maubot/plugins/${PLUGIN_ID}_${VERSION}.mbp"
cp "${ROOT}/debian.control" "${PKGDIR}/DEBIAN/control"
sed -re "s/__VERSION__/${VERSION}/g" -i "${PKGDIR}/DEBIAN/control"
sed -re "s/__MAINTAINER__/${MAINTAINER}/g" -i "${PKGDIR}/DEBIAN/control"
find "${PKGDIR}" -exec touch -m --reference "${PLUGIN_DIR}/maubot.yaml" {} \;
}
function package() {
cd "${BUILDDIR}"
dpkg-deb --build "${PKGDIR}" "${BUILDDIR}"
}
function build_maubot_plugin() {
export REPO="${1}"
export BUILDDIR=${ROOT}/build
export SRCDIR=${ROOT}/build/srcdir
export PKGDIR=${ROOT}/build/pkgdir
mkdir -p ${SRCDIR} ${PKGDIR}
fetch
prepare
package
}

20
LICENSE Normal file
View file

@ -0,0 +1,20 @@
Copyright 2023 s3lph
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

47
README.md Normal file
View file

@ -0,0 +1,47 @@
# Miscellaneous Debian Packages
This project automatically builds miscellaneous Debian packages for my
personal use (and sometimes adapted to my needs).
There is a daily Gitlab-CI run which builds the latest stable version
of each package and pushes them to my private repository. For more
information, please see [https://repo.s3lph.me/](https://repo.s3lph.me/).
## Packages
- [ansible-semaphore](https://github.com/ansible-semaphore/semaphore)
- [atlasswprobe](https://github.com/RIPE-NCC/ripe-atlas-software-probe)
- [daliserver](https://github.com/onitake/daliserver)
- [forgejo](https://codeberg.org/forgejo/forgejo)
- [forgejo-runner](https://code.forgejo.org/forgejo/runner)
- [http-mqtt-bridge](https://github.com/subzerobo/http-mqtt-bridge)
- [keycloak-23](https://github.com/keycloak/keycloak)
- [linux-diversion-ath-regd-optional](https://github.com/twisteroidambassador/arch-linux-ath-user-regd/issues/1)
- [lottieconverter](https://github.com/sot-tech/LottieConverter)
- [matrix-element-web](https://github.com/vector-im/element-web/)
- [matrix-hydrogen](https://github.com/vector-im/hydrogen-web/)
- [matrix.to](https://github.com/matrix-org/matrix.to)
- [matterbridge](https://github.com/42wim/matterbridge/)
- [maubot](https://github.com/maubot/maubot)
- [maubot-plugin-spaceapi](https://git.kabelsalat.ch/s3lph/maubot-plugin-spaceapi)
- [maubot-plugin-ultimaker](https://git.kabelsalat.ch/s3lph/maubot-plugin-ultimaker)
- [mautrix-signal](https://github.com/tulir/mautrix-signal)
- [mautrix-telegram](https://github.com/tulir/mautrix-telegram)
- [mediawiki-extension-auth-remoteuser](https://www.mediawiki.org/wiki/Extension:Auth_remoteuser)
- [mediawiki-extension-nativesvghandler](https://www.mediawiki.org/wiki/Extension:NativeSvgHandler)
- [mediawiki-extension-openidconnect](https://www.mediawiki.org/wiki/Extension:OpenID_Connect)
- [mediawiki-extension-pluggableauth](https://www.mediawiki.org/wiki/Extension:PluggableAuth)
- [mqtt2prometheus](https://github.com/hikhvar/mqtt2prometheus)
- [mumble-web](https://github.com/Johni0702/mumble-web)
- [mumble-web-data](https://github.com/Johni0702/mumble-web)
- [mumble-web-proxy](https://github.com/Johni0702/mumble-web-proxy)
- [prometheus-ipmi-exporter](https://github.com/prometheus-community/ipmi_exporter)
- [prometheus-dnsbl-exporter](https://github.com/Luzilla/dnsbl_exporter)
- [prometheus2influxdb](https://gitlab.com/s3lph/prometheus2influxdb)
- [python3-mautrix](https://github.com/mautrix/python)
- [python3-telethon](https://github.com/tulir/Telethon)
- [repo.s3lph.me-apt-source](https://repo.s3lph.me)
- [republik-feeder](https://github.com/maetthu/republik-feeder)
- [woodpecker-agent](https://github.com/woodpecker-ci/woodpecker)
- [woodpecker-cli](https://github.com/woodpecker-ci/woodpecker)
- [woodpecker-server](https://github.com/woodpecker-ci/woodpecker)

65
ansible-semaphore/build.sh Executable file
View file

@ -0,0 +1,65 @@
#!/bin/bash
set -exo pipefail
. ../.skel/helpers.sh
PKGNAME=ansible-semaphore
API_URL=https://api.github.com/repos/ansible-semaphore/semaphore/releases
JQ_EXPR='.[] | select( .prerelease==false and .draft==false and (.tag_name|test("^v[0-9.-]+$")) ) | "\(.name[1:]) \(.published_at) \(.assets[] | select(.name|test(".*_linux_amd64.tar.gz$")).browser_download_url )"'
ROOT=$(pwd)
function fetch() {
cd "${SRCDIR}"
wget "${URL}" --output-document "semaphore_${VERSION}_linux_amd64.tar.gz"
tar xf "semaphore_${VERSION}_linux_amd64.tar.gz"
}
function prepare() {
chmod +x "${SRCDIR}/semaphore"
mkdir -p \
"${PKGDIR}/DEBIAN" \
"${PKGDIR}/usr/bin" \
"${PKGDIR}/etc/semaphore" \
"${PKGDIR}/var/lib/semaphore/playbooks" \
"${PKGDIR}/var/lib/semaphore/database" \
"${PKGDIR}/lib/systemd/system" \
"${PKGDIR}/usr/share/doc/${PKGNAME}"
cp "${SRCDIR}/semaphore" "${PKGDIR}/usr/bin/semaphore"
cp "${ROOT}/semaphore.service" "${PKGDIR}/lib/systemd/system/semaphore.service"
cp "${ROOT}/debian.control" "${PKGDIR}/DEBIAN/control"
cp "${ROOT}/debian.conffiles" "${PKGDIR}/DEBIAN/conffiles"
cp "${ROOT}/debian.postinst" "${PKGDIR}/DEBIAN/postinst"
cp "${ROOT}/debian.prerm" "${PKGDIR}/DEBIAN/prerm"
cp "${ROOT}/debian.postrm" "${PKGDIR}/DEBIAN/postrm"
cp "${ROOT}/config.json" "${PKGDIR}/etc/semaphore/config.json"
sed -re "s/__VERSION__/${VERSION}/g" -i "${PKGDIR}/DEBIAN/control"
sed -re "s/__MAINTAINER__/${MAINTAINER}/g" -i "${PKGDIR}/DEBIAN/control"
cp "${SRCDIR}/LICENSE" "${PKGDIR}/usr/share/doc/${PKGNAME}/copyright"
github_changelog ansible-semaphore/semaphore
find "${PKGDIR}" -exec touch -m -d "${ISODATE}" {} \;
}
function package() {
cd "${BUILDDIR}"
dpkg-deb --build "${PKGDIR}" "${BUILDDIR}"
}
function build() {
read VERSION ISODATE URL <<<$(curl "${API_URL}" | jq -r "${JQ_EXPR}" | head -1)
# Replace Forgejo patch level separater - with . to be Debian versioning compatible, and add epoch number 2
export VERSION="${VERSION/-/.}"
export ISODATE
export URL
export BUILDDIR=${ROOT}/build
export SRCDIR=${ROOT}/build/srcdir
export PKGDIR=${ROOT}/build/pkgdir
mkdir -p ${SRCDIR} ${PKGDIR}
fetch
prepare
package
}
build

View file

@ -0,0 +1 @@
{}

View file

@ -0,0 +1 @@
/etc/semaphore/config.json

View file

@ -0,0 +1,11 @@
Package: ansible-semaphore
Version: __VERSION__
Maintainer: __MAINTAINER__
Section: web
Priority: optional
Architecture: amd64
Depends: ansible, git
Description: Modern UI for Ansible
Ansible Semaphore is a modern UI for Ansible. It lets you easily run
Ansible playbooks, get notifications about fails, control access to
deployment system.

View file

@ -0,0 +1,25 @@
#!/bin/bash
set -e
if [[ "$1" == "configure" ]]; then
if ! getent group semaphore >/dev/null; then
groupadd --system semaphore
fi
if ! getent passwd semaphore >/dev/null; then
useradd --system --gid semaphore --home-dir /var/lib/semaphore --shell /bin/bash semaphore
fi
chown semaphore:semaphore /var/lib/semaphore
chmod 0750 /var/lib/semaphore
chown root:semaphore /etc/semaphore/config.json
chmod g+rx /etc/semaphore
chmod g+r /etc/semaphore/config.json
deb-systemd-helper enable semaphore.service
deb-systemd-invoke restart semaphore.service
fi

View file

@ -0,0 +1,9 @@
#!/bin/bash
set -e
if [[ "$1" == "remove" ]]; then
systemctl daemon-reload || true
fi

9
ansible-semaphore/debian.prerm Executable file
View file

@ -0,0 +1,9 @@
#!/bin/bash
set -e
if [[ "$1" == "remove" ]]; then
deb-systemd-invoke stop semaphore.service
fi

View file

@ -0,0 +1,19 @@
[Unit]
Description=Ansible Semaphore
After=network.target
#Requires=mysql.service
#Requires=postgresql.service
[Service]
# Modify these two values anda
Type=simple
User=semaphore
Group=semaphore
WorkingDirectory=/var/lib/semaphore
ExecStart=/usr/bin/semaphore server --config /etc/semaphore/config.json
Restart=always
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target

View file

@ -0,0 +1,16 @@
#!/bin/bash
set -exo pipefail
ROOT=$(pwd)
export BUILDDIR="${ROOT}/build"
export SRCDIR="${ROOT}/build/srcdir"
mkdir -p "${SRCDIR}"
cd "${SRCDIR}"
apt install --yes git tar fakeroot libssl-dev libcap2-bin autoconf automake libtool build-essential
git clone --recursive https://github.com/RIPE-NCC/ripe-atlas-software-probe
"${SRCDIR}/ripe-atlas-software-probe/build-config/debian/bin/make-deb"
mv atlasswprobe-*deb "${BUILDDIR}"

16
atlasswprobe/build.sh Executable file
View file

@ -0,0 +1,16 @@
#!/bin/bash
set -exo pipefail
ROOT=$(pwd)
export BUILDDIR="${ROOT}/build"
export SRCDIR="${ROOT}/build/srcdir"
mkdir -p "${SRCDIR}"
cd "${SRCDIR}"
apt install --yes git tar fakeroot libssl-dev libcap2-bin autoconf automake libtool build-essential
git clone --recursive https://github.com/RIPE-NCC/ripe-atlas-software-probe
"${SRCDIR}/ripe-atlas-software-probe/build-config/debian/bin/make-deb"
mv atlasswprobe-*deb "${BUILDDIR}"

35
daliserver/build.sh Executable file
View file

@ -0,0 +1,35 @@
#!/bin/bash
set -exo pipefail
ROOT=$(pwd)
function fetch() {
git clone https://github.com/onitake/daliserver "${SRCDIR}/daliserver"
}
function prepare() {
cd "${SRCDIR}/daliserver"
apt install -y build-essential autoconf
apt build-dep -y "${SRCDIR}/daliserver"
autoreconf -i
}
function package() {
cd "${SRCDIR}/daliserver"
dpkg-buildpackage
cp ${SRCDIR}/daliserver_*_amd64.deb ${BUILDDIR}
}
function build() {
export BUILDDIR=${ROOT}/build
export SRCDIR=${BUILDDIR}/srcdir
export PKGDIR=${BUILDDIR}/pkgdir
mkdir -p ${SRCDIR} ${PKGDIR}
fetch
prepare
package
}
build

35
daliserver/daliserver/build.sh Executable file
View file

@ -0,0 +1,35 @@
#!/bin/bash
set -exo pipefail
ROOT=$(pwd)
function fetch() {
git clone https://github.com/onitake/daliserver "${SRCDIR}/daliserver"
}
function prepare() {
cd "${SRCDIR}/daliserver"
apt install -y build-essential autoconf
apt build-dep -y "${SRCDIR}/daliserver"
autoreconf -i
}
function package() {
cd "${SRCDIR}/daliserver"
dpkg-buildpackage
cp ${SRCDIR}/daliserver_*_amd64.deb ${BUILDDIR}
}
function build() {
export BUILDDIR=${ROOT}/build
export SRCDIR=${BUILDDIR}/srcdir
export PKGDIR=${BUILDDIR}/pkgdir
mkdir -p ${SRCDIR} ${PKGDIR}
fetch
prepare
package
}
build

56
forgejo-runner/build.sh Executable file
View file

@ -0,0 +1,56 @@
#!/bin/bash
set -exo pipefail
API_URL=https://code.forgejo.org/api/v1/repos/forgejo/runner/releases
JQ_EXPR='.[] | select( .prerelease==false and .draft==false and (.tag_name|test("^v[0-9.-]+$")) ) | "\(.name[1:]) \(.published_at) \(.assets[] | select(.name|test(".*-linux-amd64.xz$")).browser_download_url )"'
ROOT=$(pwd)
function fetch() {
cd "${SRCDIR}"
wget "${URL}" --output-document "forgejo-runner-${VERSION}-linux-amd64.xz"
xz --decompress "forgejo-runner-${VERSION}-linux-amd64.xz"
}
function prepare() {
chmod +x "${SRCDIR}/forgejo-runner-${VERSION}-linux-amd64"
mkdir -p \
"${PKGDIR}/DEBIAN" \
"${PKGDIR}/usr/bin" \
"${PKGDIR}/etc/forgejo-runner" \
"${PKGDIR}/lib/systemd/system"
cp "${SRCDIR}/forgejo-runner-${VERSION}-linux-amd64" "${PKGDIR}/usr/bin/forgejo-runner"
cp "${ROOT}/forgejo-runner-cli" "${PKGDIR}/usr/bin/forgejo-runner-cli"
cp "${ROOT}/forgejo-runner.service" "${PKGDIR}/lib/systemd/system/forgejo-runner.service"
cp "${ROOT}/debian.control" "${PKGDIR}/DEBIAN/control"
cp "${ROOT}/debian.conffiles" "${PKGDIR}/DEBIAN/conffiles"
cp "${ROOT}/debian.postinst" "${PKGDIR}/DEBIAN/postinst"
cp "${ROOT}/debian.prerm" "${PKGDIR}/DEBIAN/prerm"
cp "${ROOT}/debian.postrm" "${PKGDIR}/DEBIAN/postrm"
"${PKGDIR}/usr/bin/forgejo-runner" generate-config > "${PKGDIR}/etc/forgejo-runner/config.yml"
sed -re "s/__VERSION__/${VERSION}/g" -i "${PKGDIR}/DEBIAN/control"
sed -re "s/__MAINTAINER__/${MAINTAINER}/g" -i "${PKGDIR}/DEBIAN/control"
find "${PKGDIR}" -exec touch -m -d "${ISODATE}" {} \;
}
function package() {
cd "${BUILDDIR}"
dpkg-deb --build "${PKGDIR}" "${BUILDDIR}"
}
function build() {
read VERSION ISODATE URL <<<$(curl "${API_URL}" | jq -r "${JQ_EXPR}" | head -1)
export VERSION
export ISODATE
export URL
export BUILDDIR=${ROOT}/build
export SRCDIR=${ROOT}/build/srcdir
export PKGDIR=${ROOT}/build/pkgdir
mkdir -p ${SRCDIR} ${PKGDIR}
fetch
prepare
package
}
build

View file

@ -0,0 +1 @@
/etc/forgejo-runner/config.yml

View file

@ -0,0 +1,10 @@
Package: forgejo-runner
Version: __VERSION__
Maintainer: __MAINTAINER__
Section: web
Priority: optional
Architecture: amd64
Depends: git
Description: Runner for Forgejo Actions
A daemon that connects to a Forgejo instance and runs jobs for
continous integration.

25
forgejo-runner/debian.postinst Executable file
View file

@ -0,0 +1,25 @@
#!/bin/bash
set -e
if [[ "$1" == "configure" ]]; then
if ! getent group forgejo-runner >/dev/null; then
groupadd --system forgejo-runner
fi
if ! getent passwd forgejo-runner >/dev/null; then
useradd --system --gid forgejo-runner --groups docker --home-dir /var/lib/forgejo-runner --create-home --shell /sbin/nologin forgejo-runner
fi
chown forgejo-runner:forgejo-runner /var/lib/forgejo-runner
chmod 0750 /var/lib/forgejo-runner
chown root:forgejo-runner /etc/forgejo-runner/config.yml
chmod g+rx /etc/forgejo-runner
chmod g+r /etc/forgejo-runner/config.yml
deb-systemd-helper enable forgejo-runner.service
deb-systemd-invoke restart forgejo-runner.service
fi

9
forgejo-runner/debian.postrm Executable file
View file

@ -0,0 +1,9 @@
#!/bin/bash
set -e
if [[ "$1" == "remove" ]]; then
systemctl daemon-reload || true
fi

9
forgejo-runner/debian.prerm Executable file
View file

@ -0,0 +1,9 @@
#!/bin/bash
set -e
if [[ "$1" == "remove" ]]; then
deb-systemd-invoke stop forgejo-runner.service
fi

View file

@ -0,0 +1,4 @@
#!/bin/bash
cd /var/lib/forgejo-runner
su -c /usr/bin/forgejo-runner -l forgejo-runner -- $@

View file

@ -0,0 +1,14 @@
[Unit]
Description=Forgejo Runner
After=network.target
[Service]
Type=simple
User=forgejo-runner
Group=forgejo-runner
WorkingDirectory=/var/lib/forgejo-runner
ExecStart=/usr/bin/forgejo-runner daemon -c /etc/forgejo-runner/config.yml
Restart=always
[Install]
WantedBy=multi-user.target

0
forgejo/app.ini Normal file
View file

62
forgejo/build.sh Executable file
View file

@ -0,0 +1,62 @@
#!/bin/bash
set -exo pipefail
API_URL=https://codeberg.org/api/v1/repos/forgejo/forgejo/releases
JQ_EXPR='.[] | select( .prerelease==false and .draft==false and (.tag_name|test("^v[0-9.-]+$")) ) | "\(.name[1:]) \(.published_at) \(.assets[] | select(.name|test(".*-linux-amd64.xz$")).browser_download_url )"'
ROOT=$(pwd)
function fetch() {
cd "${SRCDIR}"
wget "${URL}" --output-document "forgejo-${VERSION}-linux-amd64.xz"
xz --decompress "forgejo-${VERSION}-linux-amd64.xz"
}
function prepare() {
chmod +x "${SRCDIR}/forgejo-${VERSION}-linux-amd64"
mkdir -p \
"${PKGDIR}/DEBIAN" \
"${PKGDIR}/usr/bin" \
"${PKGDIR}/etc/gitea" \
"${PKGDIR}/var/lib/gitea/custom" \
"${PKGDIR}/var/lib/gitea/data" \
"${PKGDIR}/var/lib/gitea/log" \
"${PKGDIR}/var/lib/gitea/gitea-repositories" \
"${PKGDIR}/lib/systemd/system"
cp "${SRCDIR}/forgejo-${VERSION}-linux-amd64" "${PKGDIR}/usr/bin/forgejo"
cp "${ROOT}/gitea.service" "${PKGDIR}/lib/systemd/system/gitea.service"
cp "${ROOT}/debian.control" "${PKGDIR}/DEBIAN/control"
cp "${ROOT}/debian.conffiles" "${PKGDIR}/DEBIAN/conffiles"
cp "${ROOT}/debian.postinst" "${PKGDIR}/DEBIAN/postinst"
cp "${ROOT}/debian.prerm" "${PKGDIR}/DEBIAN/prerm"
cp "${ROOT}/debian.postrm" "${PKGDIR}/DEBIAN/postrm"
cp "${ROOT}/app.ini" "${PKGDIR}/etc/gitea/app.ini"
sed -re "s/__VERSION__/${VERSION}/g" -i "${PKGDIR}/DEBIAN/control"
sed -re "s/__MAINTAINER__/${MAINTAINER}/g" -i "${PKGDIR}/DEBIAN/control"
ln -s gitea.service "${PKGDIR}/lib/systemd/system/forgejo.service"
ln -s gitea "${PKGDIR}/etc/forgejo"
find "${PKGDIR}" -exec touch -m -d "${ISODATE}" {} \;
}
function package() {
cd "${BUILDDIR}"
dpkg-deb --build "${PKGDIR}" "${BUILDDIR}"
}
function build() {
read VERSION ISODATE URL <<<$(curl "${API_URL}" | jq -r "${JQ_EXPR}" | head -1)
# Replace Forgejo patch level separater - with . to be Debian versioning compatible, and add epoch number 2
export VERSION="2:${VERSION/-/.}"
export ISODATE
export URL
export BUILDDIR=${ROOT}/build
export SRCDIR=${ROOT}/build/srcdir
export PKGDIR=${ROOT}/build/pkgdir
mkdir -p ${SRCDIR} ${PKGDIR}
fetch
prepare
package
}
build

1
forgejo/debian.conffiles Normal file
View file

@ -0,0 +1 @@
/etc/gitea/app.ini

13
forgejo/debian.control Normal file
View file

@ -0,0 +1,13 @@
Package: forgejo
Version: __VERSION__
Maintainer: __MAINTAINER__
Section: web
Priority: optional
Architecture: amd64
Depends: git
Provides: gitea
Conflicts: gitea
Replaces: gitea
Description: Libre code forge - a community-run soft fork of Gitea
Gitea is a community managed lightweight code hosting solution written in Go.
It is published under the MIT license.

25
forgejo/debian.postinst Executable file
View file

@ -0,0 +1,25 @@
#!/bin/bash
set -e
if [[ "$1" == "configure" ]]; then
if ! getent group gitea >/dev/null; then
groupadd --system gitea
fi
if ! getent passwd gitea >/dev/null; then
useradd --system --gid gitea --home-dir /var/lib/gitea --shell /bin/bash gitea
fi
chown gitea:gitea /var/lib/gitea
chmod 0750 /var/lib/gitea
chown root:gitea /etc/gitea/app.ini
chmod g+rx /etc/gitea
chmod g+rw /etc/gitea/app.ini
deb-systemd-helper enable gitea.service
deb-systemd-invoke restart gitea.service
fi

9
forgejo/debian.postrm Executable file
View file

@ -0,0 +1,9 @@
#!/bin/bash
set -e
if [[ "$1" == "remove" ]]; then
systemctl daemon-reload || true
fi

9
forgejo/debian.prerm Executable file
View file

@ -0,0 +1,9 @@
#!/bin/bash
set -e
if [[ "$1" == "remove" ]]; then
deb-systemd-invoke stop gitea.service
fi

0
forgejo/forgejo/app.ini Normal file
View file

62
forgejo/forgejo/build.sh Executable file
View file

@ -0,0 +1,62 @@
#!/bin/bash
set -exo pipefail
API_URL=https://codeberg.org/api/v1/repos/forgejo/forgejo/releases
JQ_EXPR='.[] | select( .prerelease==false and .draft==false and (.tag_name|test("^v[0-9.-]+$")) ) | "\(.name[1:]) \(.published_at) \(.assets[] | select(.name|test(".*-linux-amd64.xz$")).browser_download_url )"'
ROOT=$(pwd)
function fetch() {
cd "${SRCDIR}"
wget "${URL}" --output-document "forgejo-${VERSION}-linux-amd64.xz"
xz --decompress "forgejo-${VERSION}-linux-amd64.xz"
}
function prepare() {
chmod +x "${SRCDIR}/forgejo-${VERSION}-linux-amd64"
mkdir -p \
"${PKGDIR}/DEBIAN" \
"${PKGDIR}/usr/bin" \
"${PKGDIR}/etc/gitea" \
"${PKGDIR}/var/lib/gitea/custom" \
"${PKGDIR}/var/lib/gitea/data" \
"${PKGDIR}/var/lib/gitea/log" \
"${PKGDIR}/var/lib/gitea/gitea-repositories" \
"${PKGDIR}/lib/systemd/system"
cp "${SRCDIR}/forgejo-${VERSION}-linux-amd64" "${PKGDIR}/usr/bin/forgejo"
cp "${ROOT}/gitea.service" "${PKGDIR}/lib/systemd/system/gitea.service"
cp "${ROOT}/debian.control" "${PKGDIR}/DEBIAN/control"
cp "${ROOT}/debian.conffiles" "${PKGDIR}/DEBIAN/conffiles"
cp "${ROOT}/debian.postinst" "${PKGDIR}/DEBIAN/postinst"
cp "${ROOT}/debian.prerm" "${PKGDIR}/DEBIAN/prerm"
cp "${ROOT}/debian.postrm" "${PKGDIR}/DEBIAN/postrm"
cp "${ROOT}/app.ini" "${PKGDIR}/etc/gitea/app.ini"
sed -re "s/__VERSION__/${VERSION}/g" -i "${PKGDIR}/DEBIAN/control"
sed -re "s/__MAINTAINER__/${MAINTAINER}/g" -i "${PKGDIR}/DEBIAN/control"
ln -s gitea.service "${PKGDIR}/lib/systemd/system/forgejo.service"
ln -s gitea "${PKGDIR}/etc/forgejo"
find "${PKGDIR}" -exec touch -m -d "${ISODATE}" {} \;
}
function package() {
cd "${BUILDDIR}"
dpkg-deb --build "${PKGDIR}" "${BUILDDIR}"
}
function build() {
read VERSION ISODATE URL <<<$(curl "${API_URL}" | jq -r "${JQ_EXPR}" | head -1)
# Replace Forgejo patch level separater - with . to be Debian versioning compatible, and add epoch number 2
export VERSION="2:${VERSION/-/.}"
export ISODATE
export URL
export BUILDDIR=${ROOT}/build
export SRCDIR=${ROOT}/build/srcdir
export PKGDIR=${ROOT}/build/pkgdir
mkdir -p ${SRCDIR} ${PKGDIR}
fetch
prepare
package
}
build

View file

@ -0,0 +1 @@
/etc/gitea/app.ini

View file

@ -0,0 +1,13 @@
Package: forgejo
Version: __VERSION__
Maintainer: __MAINTAINER__
Section: web
Priority: optional
Architecture: amd64
Depends: git
Provides: gitea
Conflicts: gitea
Replaces: gitea
Description: Libre code forge - a community-run soft fork of Gitea
Gitea is a community managed lightweight code hosting solution written in Go.
It is published under the MIT license.

25
forgejo/forgejo/debian.postinst Executable file
View file

@ -0,0 +1,25 @@
#!/bin/bash
set -e
if [[ "$1" == "configure" ]]; then
if ! getent group gitea >/dev/null; then
groupadd --system gitea
fi
if ! getent passwd gitea >/dev/null; then
useradd --system --gid gitea --home-dir /var/lib/gitea --shell /bin/bash gitea
fi
chown gitea:gitea /var/lib/gitea
chmod 0750 /var/lib/gitea
chown root:gitea /etc/gitea/app.ini
chmod g+rx /etc/gitea
chmod g+rw /etc/gitea/app.ini
deb-systemd-helper enable gitea.service
deb-systemd-invoke restart gitea.service
fi

9
forgejo/forgejo/debian.postrm Executable file
View file

@ -0,0 +1,9 @@
#!/bin/bash
set -e
if [[ "$1" == "remove" ]]; then
systemctl daemon-reload || true
fi

9
forgejo/forgejo/debian.prerm Executable file
View file

@ -0,0 +1,9 @@
#!/bin/bash
set -e
if [[ "$1" == "remove" ]]; then
deb-systemd-invoke stop gitea.service
fi

View file

@ -0,0 +1,32 @@
[Unit]
Description=Forgejo
After=network.target
#Requires=mysql.service
Requires=mariadb.service
#Requires=postgresql.service
#Requires=memcached.service
#Requires=redis.service
[Service]
# Modify these two values and uncomment them if you have
# repos with lots of files and get an HTTP error 500 because
# of that
###
#LimitMEMLOCK=infinity
#LimitNOFILE=65535
RestartSec=2s
Type=simple
User=gitea
Group=gitea
WorkingDirectory=/var/lib/gitea
ExecStart=/usr/bin/forgejo web -c /etc/gitea/app.ini
Restart=always
Environment=USER=git HOME=/var/lib/gitea GITEA_WORK_DIR=/var/lib/gitea
# If you want to bind Gitea to a port below 1024 uncomment
# the two values below
###
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target

32
forgejo/gitea.service Normal file
View file

@ -0,0 +1,32 @@
[Unit]
Description=Forgejo
After=network.target
#Requires=mysql.service
Requires=mariadb.service
#Requires=postgresql.service
#Requires=memcached.service
#Requires=redis.service
[Service]
# Modify these two values and uncomment them if you have
# repos with lots of files and get an HTTP error 500 because
# of that
###
#LimitMEMLOCK=infinity
#LimitNOFILE=65535
RestartSec=2s
Type=simple
User=gitea
Group=gitea
WorkingDirectory=/var/lib/gitea
ExecStart=/usr/bin/forgejo web -c /etc/gitea/app.ini
Restart=always
Environment=USER=git HOME=/var/lib/gitea GITEA_WORK_DIR=/var/lib/gitea
# If you want to bind Gitea to a port below 1024 uncomment
# the two values below
###
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target

52
http-mqtt-bridge/build.sh Executable file
View file

@ -0,0 +1,52 @@
#!/bin/bash
set -exo pipefail
ROOT=$(pwd)
function fetch() {
apt install --assume-yes --no-install-recommends git golang-go
cd "${SRCDIR}"
git clone https://github.com/subzerobo/http-mqtt-bridge
cd http-mqtt-bridge
export VERSION=0.$(git rev-list --count HEAD)
go get ./...
go build -o http-mqtt-bridge
}
function prepare() {
chmod +x "${SRCDIR}/http-mqtt-bridge/http-mqtt-bridge"
mkdir -p \
"${PKGDIR}/DEBIAN" \
"${PKGDIR}/usr/bin" \
"${PKGDIR}/etc/default" \
"${PKGDIR}/etc/apache2/sites-available" \
"${PKGDIR}/lib/systemd/system"
cp "${SRCDIR}/http-mqtt-bridge/http-mqtt-bridge" "${PKGDIR}/usr/bin/http-mqtt-bridge"
cp "${ROOT}/http-mqtt-bridge.defaults" "${PKGDIR}/etc/default/http-mqtt-bridge"
cp "${ROOT}/http-mqtt-bridge.service" "${PKGDIR}/lib/systemd/system/http-mqtt-bridge.service"
cp "${ROOT}/http-mqtt-bridge.site" "${PKGDIR}/etc/apache2/sites-available/http-mqtt-bridge.site"
cp "${ROOT}/debian.control" "${PKGDIR}/DEBIAN/control"
cp "${ROOT}/debian.conffiles" "${PKGDIR}/DEBIAN/conffiles"
sed -re "s/__VERSION__/${VERSION}/g" -i "${PKGDIR}/DEBIAN/control"
sed -re "s/__MAINTAINER__/${MAINTAINER}/g" -i "${PKGDIR}/DEBIAN/control"
find "${PKGDIR}" -exec touch -m -d "${ISODATE}" {} \;
}
function package() {
cd "${BUILDDIR}"
dpkg-deb --build "${PKGDIR}" "${BUILDDIR}"
}
function build() {
export BUILDDIR=${ROOT}/build
export SRCDIR=${ROOT}/build/srcdir
export PKGDIR=${ROOT}/build/pkgdir
mkdir -p ${SRCDIR} ${PKGDIR}
fetch
prepare
package
}
build

View file

@ -0,0 +1,2 @@
/etc/default/http-mqtt-bridge
/etc/apache2/sites-available/http-mqtt-bridge.site

View file

@ -0,0 +1,11 @@
Package: http-mqtt-bridge
Version: __VERSION__
Maintainer: __MAINTAINER__
Section: web
Priority: optional
Architecture: amd64
Recommends: apache2
Description: Rewrite HTTP POST requests into MQTT PUB requests
The HTTP to MQTT bridge should fill that gap of IFTTT Actions for
your Custom IoT Hardwares. The idea is to receive signals using HTTP
requests and transfer them to your MQTT broker.

View file

@ -0,0 +1,5 @@
MQTT_HOST=localhost:1883
#MQTT_USER=
#MQTT_PASS=
AUTH_USERNAME=hmb
AUTH_PASSWORD=hmb

View file

@ -0,0 +1,14 @@
[Unit]
Description=HTTP to MQTT Bridge
After=network-online.target
Wants=network-online.target
[Service]
EnvironmentFile=-/etc/default/http-mqtt-bridge
ExecStart=/usr/bin/http-mqtt-bridge start
DynamicUser=true
CapabilityBoundingSet=
Restart=on-failure
[Install]
WantedBy=multi-user.target

View file

@ -0,0 +1,32 @@
<VirtualHost *:80>
ServerName mqtt.example.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Reverse Proxy for HTTP-MQTT-Bridge
ProxyPass / http://localhost:8090/
ProxyPassReverse / http://localhost:8090/
# Static auth header (hmb:hmb)
#RequestHeader set "Authorization" "Basic aG1iOmhtYg=="
# Configure CORS headers
Header always set "Access-Control-Allow-Origin" "*"
Header always set "Access-Control-Allow-Methods" "GET, POST, OPTIONS"
Header always set "Access-Control-Allow-Headers" "Content-Type"
# Stop CORB complaints by overwriting text/html with application/json
Header always set "Content-Type" "application/json"
# Make OPTIONS request work by forcibly returning a 200 OK header
# even though the backend returns a 405
RewriteEngine on
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

View file

@ -0,0 +1,52 @@
#!/bin/bash
set -exo pipefail
ROOT=$(pwd)
function fetch() {
apt install --assume-yes --no-install-recommends git golang-go
cd "${SRCDIR}"
git clone https://github.com/subzerobo/http-mqtt-bridge
cd http-mqtt-bridge
export VERSION=0.$(git rev-list --count HEAD)
go get ./...
go build -o http-mqtt-bridge
}
function prepare() {
chmod +x "${SRCDIR}/http-mqtt-bridge/http-mqtt-bridge"
mkdir -p \
"${PKGDIR}/DEBIAN" \
"${PKGDIR}/usr/bin" \
"${PKGDIR}/etc/default" \
"${PKGDIR}/etc/apache2/sites-available" \
"${PKGDIR}/lib/systemd/system"
cp "${SRCDIR}/http-mqtt-bridge/http-mqtt-bridge" "${PKGDIR}/usr/bin/http-mqtt-bridge"
cp "${ROOT}/http-mqtt-bridge.defaults" "${PKGDIR}/etc/default/http-mqtt-bridge"
cp "${ROOT}/http-mqtt-bridge.service" "${PKGDIR}/lib/systemd/system/http-mqtt-bridge.service"
cp "${ROOT}/http-mqtt-bridge.site" "${PKGDIR}/etc/apache2/sites-available/http-mqtt-bridge.site"
cp "${ROOT}/debian.control" "${PKGDIR}/DEBIAN/control"
cp "${ROOT}/debian.conffiles" "${PKGDIR}/DEBIAN/conffiles"
sed -re "s/__VERSION__/${VERSION}/g" -i "${PKGDIR}/DEBIAN/control"
sed -re "s/__MAINTAINER__/${MAINTAINER}/g" -i "${PKGDIR}/DEBIAN/control"
find "${PKGDIR}" -exec touch -m -d "${ISODATE}" {} \;
}
function package() {
cd "${BUILDDIR}"
dpkg-deb --build "${PKGDIR}" "${BUILDDIR}"
}
function build() {
export BUILDDIR=${ROOT}/build
export SRCDIR=${ROOT}/build/srcdir
export PKGDIR=${ROOT}/build/pkgdir
mkdir -p ${SRCDIR} ${PKGDIR}
fetch
prepare
package
}
build

View file

@ -0,0 +1,2 @@
/etc/default/http-mqtt-bridge
/etc/apache2/sites-available/http-mqtt-bridge.site

View file

@ -0,0 +1,11 @@
Package: http-mqtt-bridge
Version: __VERSION__
Maintainer: __MAINTAINER__
Section: web
Priority: optional
Architecture: amd64
Recommends: apache2
Description: Rewrite HTTP POST requests into MQTT PUB requests
The HTTP to MQTT bridge should fill that gap of IFTTT Actions for
your Custom IoT Hardwares. The idea is to receive signals using HTTP
requests and transfer them to your MQTT broker.

View file

@ -0,0 +1,5 @@
MQTT_HOST=localhost:1883
#MQTT_USER=
#MQTT_PASS=
AUTH_USERNAME=hmb
AUTH_PASSWORD=hmb

View file

@ -0,0 +1,14 @@
[Unit]
Description=HTTP to MQTT Bridge
After=network-online.target
Wants=network-online.target
[Service]
EnvironmentFile=-/etc/default/http-mqtt-bridge
ExecStart=/usr/bin/http-mqtt-bridge start
DynamicUser=true
CapabilityBoundingSet=
Restart=on-failure
[Install]
WantedBy=multi-user.target

View file

@ -0,0 +1,32 @@
<VirtualHost *:80>
ServerName mqtt.example.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Reverse Proxy for HTTP-MQTT-Bridge
ProxyPass / http://localhost:8090/
ProxyPassReverse / http://localhost:8090/
# Static auth header (hmb:hmb)
#RequestHeader set "Authorization" "Basic aG1iOmhtYg=="
# Configure CORS headers
Header always set "Access-Control-Allow-Origin" "*"
Header always set "Access-Control-Allow-Methods" "GET, POST, OPTIONS"
Header always set "Access-Control-Allow-Headers" "Content-Type"
# Stop CORB complaints by overwriting text/html with application/json
Header always set "Content-Type" "application/json"
# Make OPTIONS request work by forcibly returning a 200 OK header
# even though the backend returns a 405
RewriteEngine on
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

68
keycloak-23/build.sh Executable file
View file

@ -0,0 +1,68 @@
#!/bin/bash
set -exo pipefail
. ../.skel/helpers.sh
MAJOR_VERSION=23
export PKGNAME="keycloak-${MAJOR_VERSION}"
API_URL="https://api.github.com/repos/keycloak/keycloak/releases"
JQ_EXPR='.[] | select( .prerelease==false and .draft==false and .target_commitish=="main" ) | "\(.name) \(.published_at) \(.assets[] | select( .name|test("keycloak-'${MAJOR_VERSION}'.*.tar.gz$") ).browser_download_url)"'
ROOT=$(pwd)
function fetch() {
cd "${SRCDIR}"
wget "${URL}" --output-document "keycloak-${VERSION}.tar.gz"
tar -xf "keycloak-${VERSION}.tar.gz"
}
function prepare() {
mkdir -p \
"${PKGDIR}/DEBIAN" \
"${PKGDIR}/opt/" \
"${PKGDIR}/lib/systemd/system" \
"${PKGDIR}/etc/apache2/sites-available" \
"${PKGDIR}/usr/share/doc/${PKGNAME}"
cp -r "${SRCDIR}/keycloak-${VERSION}" "${PKGDIR}/opt/keycloak/"
mv "${PKGDIR}/opt/keycloak/conf" "${PKGDIR}/etc/keycloak/"
ln -s /etc/keycloak "${PKGDIR}/opt/keycloak/conf"
mkdir -p \
"${PKGDIR}/opt/keycloak/data" \
"${PKGDIR}/opt/keycloak/ObjectStore"
rm "${PKGDIR}/opt/keycloak/bin/kc.bat" \
"${PKGDIR}/etc/keycloak/README.md"
cp "${ROOT}/debian.control" "${PKGDIR}/DEBIAN/control"
cp "${ROOT}/debian.conffiles" "${PKGDIR}/DEBIAN/conffiles"
cp "${ROOT}/debian.postinst" "${PKGDIR}/DEBIAN/postinst"
cp "${ROOT}/keycloak.service" "${PKGDIR}/lib/systemd/system/"
cp "${ROOT}/keycloak.site.conf" "${PKGDIR}/etc/apache2/sites-available/"
sed -re "s/__VERSION__/${VERSION}/g" -i "${PKGDIR}/DEBIAN/control"
sed -re "s/__MAINTAINER__/${MAINTAINER}/g" -i "${PKGDIR}/DEBIAN/control"
cp "${ROOT}/debian.copyright" "${PKGDIR}/usr/share/doc/${PKGNAME}/copyright"
github_changelog keycloak/keycloak
find "${PKGDIR}" -exec touch -m --reference "${SRCDIR}/keycloak-${VERSION}/version.txt" {} \;
}
function package() {
cd "${BUILDDIR}"
dpkg-deb --build "${PKGDIR}" "${BUILDDIR}"
}
function build() {
read VERSION ISODATE URL <<<$(curl "${API_URL}" | jq -r "${JQ_EXPR}" | head -1)
export VERSION
export ISODATE
export URL
export BUILDDIR=${ROOT}/build
export SRCDIR=${ROOT}/build/srcdir
export PKGDIR=${ROOT}/build/pkgdir
mkdir -p ${SRCDIR} ${PKGDIR}
fetch
prepare
package
}
build

View file

@ -0,0 +1,3 @@
/etc/apache2/sites-available/keycloak.site.conf
/etc/keycloak/cache-ispn.xml
/etc/keycloak/keycloak.conf

View file

@ -0,0 +1,16 @@
Package: keycloak-23
Version: __VERSION__
Maintainer: __MAINTAINER__
Section: web
Priority: optional
Architecture: all
Depends: default-jdk-headless (>=2:1.17), default-jdk-headless (<<2:1.22)
Suggests: apache2, postgresql
Provides: keycloak
Conflicts: keycloak
Replaces: keycloak
Description: Open Source Identity and Access Management
Add authentication to applications and secure services with minimum
effort. No need to deal with storing users or authenticating users.
Keycloak provides user federation, strong authentication, user
management, fine-grained authorization, and more.

View file

@ -0,0 +1,6 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Source: https://github.com/keycloak/keycloak
Files: *
License: Apache-2.0

22
keycloak-23/debian.postinst Executable file
View file

@ -0,0 +1,22 @@
#!/bin/bash
set -e
if [[ "$1" == "configure" ]]; then
if ! getent group keycloak >/dev/null; then
groupadd --system keycloak
fi
if ! getent passwd keycloak >/dev/null; then
useradd --system --gid keycloak --home-dir /opt/keycloak --shell /bin/false keycloak
fi
chown root:keycloak /opt/keycloak /etc/keycloak
chown keycloak:keycloak -R /opt/keycloak/lib/quarkus /opt/keycloak/data /opt/keycloak/ObjectStore
chmod 0750 /etc/keycloak
deb-systemd-helper enable keycloak.service
deb-systemd-invoke restart keycloak.service
fi

View file

@ -0,0 +1,68 @@
#!/bin/bash
set -exo pipefail
. ../.skel/helpers.sh
MAJOR_VERSION=23
export PKGNAME="keycloak-${MAJOR_VERSION}"
API_URL="https://api.github.com/repos/keycloak/keycloak/releases"
JQ_EXPR='.[] | select( .prerelease==false and .draft==false and .target_commitish=="main" ) | "\(.name) \(.published_at) \(.assets[] | select( .name|test("keycloak-'${MAJOR_VERSION}'.*.tar.gz$") ).browser_download_url)"'
ROOT=$(pwd)
function fetch() {
cd "${SRCDIR}"
wget "${URL}" --output-document "keycloak-${VERSION}.tar.gz"
tar -xf "keycloak-${VERSION}.tar.gz"
}
function prepare() {
mkdir -p \
"${PKGDIR}/DEBIAN" \
"${PKGDIR}/opt/" \
"${PKGDIR}/lib/systemd/system" \
"${PKGDIR}/etc/apache2/sites-available" \
"${PKGDIR}/usr/share/doc/${PKGNAME}"
cp -r "${SRCDIR}/keycloak-${VERSION}" "${PKGDIR}/opt/keycloak/"