Build for rpm distros

2026-01-27 10:18:54 +00:00 · 2021-07-11 23:16:17 -07:00
parent 77527814d6
commit 19bc3399db
26 changed files with 273 additions and 93 deletions
--- a/.ci/build_amazonlinux_2.sh
+++ b/.ci/build_amazonlinux_2.sh
@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+set -e
+
+OS="amazonlinux_2"
+ARCH=${MATRIX_ARCH:-`uname -m`}
+PKG_DIR="${OS}_${ARCH}"
+PKG_FILE="${PKG_DIR}.rpm"
+IMAGE="${OS}_${ARCH}:latest"
+BASE_IMAGE="amazonlinux:2"
+
+docker build \
+  -t $IMAGE \
+  -f pkg/Dockerfile.rpm \
+  --platform linux/$ARCH \
+  --build-arg PKG_DIR=$PKG_DIR \
+  --build-arg BASE_IMAGE=$BASE_IMAGE \
+  --progress plain \
+  .
+
+CID=$(docker create $IMAGE)
+mkdir -p _build
+docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
--- a/.ci/build_centos_7.sh
+++ b/.ci/build_centos_7.sh
@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+set -e
+
+OS="centos_7"
+ARCH=${MATRIX_ARCH:-`uname -m`}
+PKG_DIR="${OS}_${ARCH}"
+PKG_FILE="${PKG_DIR}.rpm"
+IMAGE="${OS}_${ARCH}:latest"
+BASE_IMAGE="centos:7"
+
+docker build \
+  -t $IMAGE \
+  -f pkg/Dockerfile.rpm \
+  --platform linux/$ARCH \
+  --build-arg PKG_DIR=$PKG_DIR \
+  --build-arg BASE_IMAGE=$BASE_IMAGE \
+  --progress plain \
+  .
+
+CID=$(docker create $IMAGE)
+mkdir -p _build
+docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
--- a/.ci/build_centos_8.sh
+++ b/.ci/build_centos_8.sh
@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+set -e
+
+OS="centos_8"
+ARCH=${MATRIX_ARCH:-`uname -m`}
+PKG_DIR="${OS}_${ARCH}"
+PKG_FILE="${PKG_DIR}.rpm"
+IMAGE="${OS}_${ARCH}:latest"
+BASE_IMAGE="centos:8"
+
+docker build \
+  -t $IMAGE \
+  -f pkg/Dockerfile.rpm \
+  --platform linux/$ARCH \
+  --build-arg PKG_DIR=$PKG_DIR \
+  --build-arg BASE_IMAGE=$BASE_IMAGE \
+  --progress plain \
+  .
+
+CID=$(docker create $IMAGE)
+mkdir -p _build
+docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
--- a/.ci/build_debian_10.sh
+++ b/.ci/build_debian_10.sh
@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+set -e
+
+OS="debian_10"
+ARCH=${MATRIX_ARCH:-`uname -m`}
+PKG_DIR="${OS}_${ARCH}"
+PKG_FILE="${PKG_DIR}.deb"
+IMAGE="${OS}_${ARCH}:latest"
+BASE_IMAGE="hexpm/elixir:1.12.2-erlang-24.0.3-debian-buster-20210326"
+
+docker build \
+  -t $IMAGE \
+  -f pkg/Dockerfile.deb \
+  --platform linux/$ARCH \
+  --build-arg PKG_DIR=$PKG_DIR \
+  --build-arg BASE_IMAGE=$BASE_IMAGE \
+  --progress plain \
+  .
+
+CID=$(docker create $IMAGE)
+mkdir -p _build
+docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
--- a/.ci/build_fedora_32.sh
+++ b/.ci/build_fedora_32.sh
@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+set -e
+
+OS="redhat_8"
+ARCH=${MATRIX_ARCH:-`uname -m`}
+PKG_DIR="${OS}_${ARCH}"
+PKG_FILE="${PKG_DIR}.rpm"
+IMAGE="${OS}_${ARCH}:latest"
+BASE_IMAGE="fedora:32"
+
+docker build \
+  -t $IMAGE \
+  -f pkg/Dockerfile.rpm \
+  --platform linux/$ARCH \
+  --build-arg PKG_DIR=$PKG_DIR \
+  --build-arg BASE_IMAGE=$BASE_IMAGE \
+  --progress plain \
+  .
+
+CID=$(docker create $IMAGE)
+mkdir -p _build
+docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
--- a/.ci/build_fedora_33.sh
+++ b/.ci/build_fedora_33.sh
@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+set -e
+
+OS="redhat_8"
+ARCH=${MATRIX_ARCH:-`uname -m`}
+PKG_DIR="${OS}_${ARCH}"
+PKG_FILE="${PKG_DIR}.rpm"
+IMAGE="${OS}_${ARCH}:latest"
+BASE_IMAGE="fedora:33"
+
+docker build \
+  -t $IMAGE \
+  -f pkg/Dockerfile.rpm \
+  --platform linux/$ARCH \
+  --build-arg PKG_DIR=$PKG_DIR \
+  --build-arg BASE_IMAGE=$BASE_IMAGE \
+  --progress plain \
+  .
+
+CID=$(docker create $IMAGE)
+mkdir -p _build
+docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
--- a/.ci/build_fedora_34.sh
+++ b/.ci/build_fedora_34.sh
@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+set -e
+
+OS="redhat_8"
+ARCH=${MATRIX_ARCH:-`uname -m`}
+PKG_DIR="${OS}_${ARCH}"
+PKG_FILE="${PKG_DIR}.rpm"
+IMAGE="${OS}_${ARCH}:latest"
+BASE_IMAGE="fedora:34"
+
+docker build \
+  -t $IMAGE \
+  -f pkg/Dockerfile.rpm \
+  --platform linux/$ARCH \
+  --build-arg PKG_DIR=$PKG_DIR \
+  --build-arg BASE_IMAGE=$BASE_IMAGE \
+  --progress plain \
+  .
+
+CID=$(docker create $IMAGE)
+mkdir -p _build
+docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
--- a/.ci/build_fedora_35.sh
+++ b/.ci/build_fedora_35.sh
@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+set -e
+
+OS="redhat_8"
+ARCH=${MATRIX_ARCH:-`uname -m`}
+PKG_DIR="${OS}_${ARCH}"
+PKG_FILE="${PKG_DIR}.rpm"
+IMAGE="${OS}_${ARCH}:latest"
+BASE_IMAGE="fedora:35"
+
+docker build \
+  -t $IMAGE \
+  -f pkg/Dockerfile.rpm \
+  --platform linux/$ARCH \
+  --build-arg PKG_DIR=$PKG_DIR \
+  --build-arg BASE_IMAGE=$BASE_IMAGE \
+  --progress plain \
+  .
+
+CID=$(docker create $IMAGE)
+mkdir -p _build
+docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
--- a/.ci/build_ubuntu_18.04.sh
+++ b/.ci/build_ubuntu_18.04.sh
@@ -10,7 +10,7 @@ BASE_IMAGE="hexpm/elixir:1.12.2-erlang-24.0.3-ubuntu-bionic-20210325"

 docker build \
  -t $IMAGE \
-  -f pkg/Dockerfile.ubuntu \
+  -f pkg/Dockerfile.deb \
  --platform linux/$ARCH \
  --build-arg PKG_DIR=$PKG_DIR \
  --build-arg BASE_IMAGE=$BASE_IMAGE \
--- a/.ci/build_ubuntu_20.04.sh
+++ b/.ci/build_ubuntu_20.04.sh
@@ -10,7 +10,7 @@ BASE_IMAGE="hexpm/elixir:1.12.2-erlang-24.0.3-ubuntu-focal-20210325"

 docker build \
  -t $IMAGE \
-  -f pkg/Dockerfile.ubuntu \
+  -f pkg/Dockerfile.deb \
  --platform linux/$ARCH \
  --build-arg PKG_DIR=$PKG_DIR \
  --build-arg BASE_IMAGE=$BASE_IMAGE \
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -75,14 +75,16 @@ jobs:
    strategy:
      matrix:
        os:
-          # - amazonlinux_2
-          # - debian_10
+          - amazonlinux_2
+          - centos_7
+          - centos_8
+          - debian_10
+          - fedora_32
+          - fedora_33
+          - fedora_34
+          - fedora_35
          - ubuntu_18.04
          - ubuntu_20.04
-          # - redhat_7
-          # - redhat_8
-          # - centos_7
-          # - centos_8
        include:
          - arch: amd64
          # XXX: This currently takes upwards of 10 minutes or more. Disabling for now
@@ -139,13 +141,15 @@ jobs:
      matrix:
        os:
          # - amazonlinux_2
-          # - debian_10
-          - ubuntu_18.04
-          - ubuntu_20.04
-          # - redhat_7
-          # - redhat_8
          # - centos_7
          # - centos_8
+          # - debian_10
+          # - fedora_32
+          # - fedora_33
+          # - fedora_34
+          # - fedora_35
+          # - ubuntu_18.04
+          - ubuntu_20.04
        include:
          - arch: amd64
          # - arch: arm64
@@ -169,7 +173,7 @@ jobs:
      matrix:
        os:
          # - amazonlinux_2
-          # - debian_10
+          - debian_10
          - ubuntu_18.04
          - ubuntu_20.04
          # - redhat_7
--- a/pkg/Dockerfile.amazonlinux_2
+++ b/pkg/Dockerfile.amazonlinux_2
--- a/pkg/Dockerfile.centos_7
+++ b/pkg/Dockerfile.centos_7
--- a/pkg/Dockerfile.centos_8
+++ b/pkg/Dockerfile.centos_8
--- a/pkg/Dockerfile.debian_10
+++ b/pkg/Dockerfile.debian_10
--- a/pkg/Dockerfile.redhat_7
+++ b/pkg/Dockerfile.redhat_7
--- a/pkg/Dockerfile.redhat_8
+++ b/pkg/Dockerfile.redhat_8
--- a/pkg/Dockerfile.rpm
+++ b/pkg/Dockerfile.rpm
@@ -0,0 +1,42 @@
+ARG BASE_IMAGE
+FROM ${BASE_IMAGE}
+
+RUN yum groupinstall -y 'Development Tools'
+RUN yum install -y \
+    autoconf \
+    automake \
+    procps \
+    openssl-devel \
+    ncurses-devel \
+    curl \
+    git \
+    unzip
+RUN git clone --depth 1 https://github.com/asdf-vm/asdf.git $HOME/.asdf
+ENV MIX_ENV prod
+WORKDIR /build
+COPY .tool-versions .tool-versions
+COPY pkg/asdf.sh asdf.sh
+RUN ./asdf.sh
+
+ENV PATH "/root/.asdf/bin:/root/.asdf/shims:${PATH}"
+RUN echo $PATH
+
+
+# Dockerfile-friendly build release
+RUN mix local.hex --force && \
+    mix local.rebar --force
+COPY mix.exs mix.lock ./
+COPY config config
+COPY apps/fz_http/mix.exs ./apps/fz_http/
+COPY apps/fz_wall/mix.exs ./apps/fz_wall/
+COPY apps/fz_vpn/mix.exs ./apps/fz_vpn/
+COPY apps/fz_common/mix.exs ./apps/fz_common/
+RUN mix do deps.get, deps.compile
+COPY apps/fz_http/assets/package.json apps/fz_http/assets/package-lock.json ./apps/fz_http/assets/
+RUN cd apps/fz_http/assets && npm ci --progress=false --no-audit --loglevel=error
+COPY apps/fz_http/priv apps/fz_http/priv
+COPY apps/fz_http/assets apps/fz_http/assets
+RUN npm run --prefix ./apps/fz_http/assets deploy && \
+    cd apps/fz_http && mix phx.digest
+COPY . .
+RUN mix release
--- a/pkg/Dockerfile.ubuntu
+++ b/pkg/Dockerfile.ubuntu
@@ -1,75 +0,0 @@
-# This Dockerfile builds release packages.
-# **NOTE**: This is not recommended, as it's possible the deployment
-# production environment will diff from the image environment here,
-# even if the OS and kernel versions match.
-# As such, this script has been deprecated in favor of building the release
-# in the production environment.
-ARG BASE_IMAGE
-FROM ${BASE_IMAGE}
-
-# Overridden by build script
-ARG PKG_DIR
-
-# Setup to run build script
-ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update -q && \
-    apt-get install -y --no-install-recommends \
-    lintian \
-    rsync \
-    gdebi \
-    ca-certificates \
-    build-essential \
-    git \
-    dpkg-dev \
-    libssl-dev \
-    automake \
-    gnupg \
-    curl \
-    autoconf \
-    libncurses5-dev \
-    unzip \
-    zlib1g-dev \
-    locales && \
-    apt-get clean && \
-    rm -rf /tmp/* /var/tmp/*
-RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && \
-    locale-gen
-ENV LANG en_US.UTF-8
-ENV LANGUAGE en_US:en
-ENV LC_ALL en_US.UTF-8
-
-RUN curl -sL https://deb.nodesource.com/setup_14.x | bash -
-RUN apt-get install -y --no-install-recommends nodejs
-
-ENV MIX_ENV prod
-WORKDIR /build
-
-RUN mix local.hex --force && \
-    mix local.rebar --force
-COPY mix.exs mix.lock ./
-COPY config config
-COPY apps/fz_http/mix.exs ./apps/fz_http/
-COPY apps/fz_wall/mix.exs ./apps/fz_wall/
-COPY apps/fz_vpn/mix.exs ./apps/fz_vpn/
-COPY apps/fz_common/mix.exs ./apps/fz_common/
-RUN mix do deps.get, deps.compile
-
-COPY apps/fz_http/assets/package.json apps/fz_http/assets/package-lock.json ./apps/fz_http/assets/
-RUN cd apps/fz_http/assets && npm ci --progress=false --no-audit --loglevel=error
-COPY apps/fz_http/priv apps/fz_http/priv
-COPY apps/fz_http/assets apps/fz_http/assets
-RUN npm run --prefix ./apps/fz_http/assets deploy && \
-    cd apps/fz_http && mix phx.digest
-
-COPY . .
-RUN mix release
-
-# Copy shared files
-RUN rsync -avz pkg/debian_shared/* pkg/$PKG_DIR/
-
-RUN mkdir -p pkg/$PKG_DIR/etc/firezone
-RUN mkdir -p pkg/$PKG_DIR/usr/bin
-RUN mkdir -p pkg/$PKG_DIR/usr/lib/firezone
-RUN rsync -avz _build/prod/rel/firezone/* pkg/$PKG_DIR/usr/lib/firezone/
-RUN cd pkg/$PKG_DIR/usr/bin && ln -s ../lib/firezone/bin/firezone
-RUN cd pkg && dpkg-deb --build $PKG_DIR
--- a/pkg/asdf.sh
+++ b/pkg/asdf.sh
@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+set -e
+
+# Wraps asdf to use within Dockerfiles
+. $HOME/.asdf/asdf.sh
+
+asdf plugin-add erlang
+asdf plugin-add elixir
+asdf plugin-add nodejs
+
+asdf install
--- a/pkg/debian_10_amd64/DEBIAN/control
+++ b/pkg/debian_10_amd64/DEBIAN/control
@@ -0,0 +1,11 @@
+Package: firezone
+Version: 0.2.0-1
+Architecture: amd64
+Maintainer: FireZone LLC <dpkg@firez.one>
+Depends: libc6, net-tools (>= 1.60), systemd (>= 237), openssl (>= 1.1.1), wireguard (>= 1.0), postgresql (>= 9.6), iptables (>= 1.6.1)
+Section: net
+Priority: optional
+Homepage: https://firez.one
+Description: Web UI + Firewall manager for WireGuard™
+ Provides a web-based UI that allows you to configure WireGuard™ VPN tunnels and
+ set up firewall rules for your devices.
--- a/pkg/debian_10_arm64/DEBIAN/control
+++ b/pkg/debian_10_arm64/DEBIAN/control
@@ -0,0 +1,11 @@
+Package: firezone
+Version: 0.2.0-1
+Architecture: arm64
+Maintainer: FireZone LLC <dpkg@firez.one>
+Depends: libc6, net-tools (>= 1.60), systemd (>= 237), openssl (>= 1.1.1), wireguard (>= 1.0), postgresql (>= 9.6), iptables (>= 1.6.1)
+Section: net
+Priority: optional
+Homepage: https://firez.one
+Description: Web UI + Firewall manager for WireGuard™
+ Provides a web-based UI that allows you to configure WireGuard™ VPN tunnels and
+ set up firewall rules for your devices.
--- a/pkg/ubuntu_18.04_amd64/DEBIAN/control
+++ b/pkg/ubuntu_18.04_amd64/DEBIAN/control
@@ -1,5 +1,5 @@
 Package: firezone
-Version: 0.2.0ubuntu1
+Version: 0.2.0-1
 Architecture: amd64
 Maintainer: FireZone, LLC <dpkg@firez.one>
 Depends: libc6, net-tools (>= 1.60+git20161116.90da8a0-1ubuntu1), systemd (>= 237-3ubuntu10.48), openssl (>= 1.1.1-1ubuntu2.1~18.04.9), wireguard (>= 1.0.20200319-1ubuntu1), postgresql (>= 9.6), iptables (>= 1.6.1-2ubuntu2)
--- a/pkg/ubuntu_18.04_arm64/DEBIAN/control
+++ b/pkg/ubuntu_18.04_arm64/DEBIAN/control
@@ -1,5 +1,5 @@
 Package: firezone
-Version: 0.2.0ubuntu1
+Version: 0.2.0-1
 Architecture: arm64
 Maintainer: FireZone, LLC <dpkg@firez.one>
 Depends: libc6, net-tools (>= 1.60+git20161116.90da8a0-1ubuntu1), systemd (>= 237-3ubuntu10.48), openssl (>= 1.1.1-1ubuntu2.1~18.04.9), wireguard (>= 1.0.20200319-1ubuntu1), postgresql (>= 9.6), iptables (>= 1.6.1-2ubuntu2)
--- a/pkg/ubuntu_20.04_amd64/DEBIAN/control
+++ b/pkg/ubuntu_20.04_amd64/DEBIAN/control
@@ -1,5 +1,5 @@
 Package: firezone
-Version: 0.2.0ubuntu1
+Version: 0.2.0-1
 Architecture: amd64
 Maintainer: FireZone, LLC <dpkg@firez.one>
 Depends: libc6, net-tools (>= 1.60+git20180626.aebd88e-1ubuntu1), systemd (>= 245.4-4ubuntu3.2), openssl (>= 1.1.1f-1ubuntu2), wireguard (>= 1.0.20200319-1ubuntu1), postgresql (>= 12+214ubuntu0.1), iptables (>= 1.8.4-3ubuntu2)
--- a/pkg/ubuntu_20.04_arm64/DEBIAN/control
+++ b/pkg/ubuntu_20.04_arm64/DEBIAN/control
@@ -1,5 +1,5 @@
 Package: firezone
-Version: 0.2.0ubuntu1
+Version: 0.2.0-1
 Architecture: arm64
 Maintainer: FireZone, LLC <dpkg@firez.one>
 Depends: libc6, net-tools (>= 1.60+git20180626.aebd88e-1ubuntu1), systemd (>= 245.4-4ubuntu3.2), openssl (>= 1.1.1f-1ubuntu2), wireguard (>= 1.0.20200319-1ubuntu1), postgresql (>= 12+214ubuntu0.1), iptables (>= 1.8.4-3ubuntu2)