Clean up and refactor to build images faster

.ci/build_amazonlinux_2.sh

@@ -1,22 +1,4 @@
 #!/usr/bin/env bash
 set -e
 
-OS="amazonlinux_2"
-ARCH=${MATRIX_ARCH:-`uname -m`}
-PKG_DIR="${OS}_${ARCH}"
-PKG_FILE="${PKG_DIR}.rpm"
-IMAGE="${OS}_${ARCH}:latest"
-BASE_IMAGE="amazonlinux:2"
-
-docker build \
-  -t $IMAGE \
-  -f pkg/Dockerfile.rpm \
-  --platform linux/$ARCH \
-  --build-arg PKG_DIR=$PKG_DIR \
-  --build-arg BASE_IMAGE=$BASE_IMAGE \
-  --progress plain \
-  .
-
-CID=$(docker create $IMAGE)
-mkdir -p _build
-docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
+.ci/build_rpm.sh amazonlinux_2 ghcr.io/firezone/amazonlinux:2

.ci/build_centos_7.sh

@@ -1,22 +1,4 @@
 #!/usr/bin/env bash
 set -e
 
-OS="centos_7"
-ARCH=${MATRIX_ARCH:-`uname -m`}
-PKG_DIR="${OS}_${ARCH}"
-PKG_FILE="${PKG_DIR}.rpm"
-IMAGE="${OS}_${ARCH}:latest"
-BASE_IMAGE="centos:7"
-
-docker build \
-  -t $IMAGE \
-  -f pkg/Dockerfile.rpm \
-  --platform linux/$ARCH \
-  --build-arg PKG_DIR=$PKG_DIR \
-  --build-arg BASE_IMAGE=$BASE_IMAGE \
-  --progress plain \
-  .
-
-CID=$(docker create $IMAGE)
-mkdir -p _build
-docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
+.ci/build_rpm.sh centos_7 ghcr.io/firezone/centos:7

.ci/build_centos_8.sh

@@ -1,22 +1,4 @@
 #!/usr/bin/env bash
 set -e
 
-OS="centos_8"
-ARCH=${MATRIX_ARCH:-`uname -m`}
-PKG_DIR="${OS}_${ARCH}"
-PKG_FILE="${PKG_DIR}.rpm"
-IMAGE="${OS}_${ARCH}:latest"
-BASE_IMAGE="centos:8"
-
-docker build \
-  -t $IMAGE \
-  -f pkg/Dockerfile.rpm \
-  --platform linux/$ARCH \
-  --build-arg PKG_DIR=$PKG_DIR \
-  --build-arg BASE_IMAGE=$BASE_IMAGE \
-  --progress plain \
-  .
-
-CID=$(docker create $IMAGE)
-mkdir -p _build
-docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
+.ci/build_rpm.sh centos_8 ghcr.io/firezone/centos:8

.ci/build_deb.sh

@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+set -e
+
+OS=$1
+BASE_IMAGE=$2
+ARCH=${MATRIX_ARCH:-`uname -m`}
+PKG_DIR="${OS}_${ARCH}"
+PKG_FILE="${PKG_DIR}.deb"
+IMAGE="${OS}_${ARCH}:latest"
+
+docker build \
+  -t $IMAGE \
+  -f pkg/Dockerfile.deb \
+  --platform linux/$ARCH \
+  --build-arg PKG_DIR=$PKG_DIR \
+  --build-arg BASE_IMAGE=$BASE_IMAGE \
+  --progress plain \
+  .
+
+CID=$(docker create $IMAGE)
+mkdir -p _build
+docker cp $CID:/root/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE

.ci/build_debian_10.sh

@@ -1,22 +1,4 @@
 #!/usr/bin/env bash
 set -e
 
-OS="debian_10"
-ARCH=${MATRIX_ARCH:-`uname -m`}
-PKG_DIR="${OS}_${ARCH}"
-PKG_FILE="${PKG_DIR}.deb"
-IMAGE="${OS}_${ARCH}:latest"
-BASE_IMAGE="hexpm/elixir:1.12.2-erlang-24.0.3-debian-buster-20210326"
-
-docker build \
-  -t $IMAGE \
-  -f pkg/Dockerfile.deb \
-  --platform linux/$ARCH \
-  --build-arg PKG_DIR=$PKG_DIR \
-  --build-arg BASE_IMAGE=$BASE_IMAGE \
-  --progress plain \
-  .
-
-CID=$(docker create $IMAGE)
-mkdir -p _build
-docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
+.ci/build_deb.sh debian_10 ghcr.io/firezone/debian:10

.ci/build_fedora_33.sh

@@ -1,22 +1,4 @@
 #!/usr/bin/env bash
 set -e
 
-OS="fedora_33"
-ARCH=${MATRIX_ARCH:-`uname -m`}
-PKG_DIR="${OS}_${ARCH}"
-PKG_FILE="${PKG_DIR}.rpm"
-IMAGE="${OS}_${ARCH}:latest"
-BASE_IMAGE="fedora:33"
-
-docker build \
-  -t $IMAGE \
-  -f pkg/Dockerfile.rpm \
-  --platform linux/$ARCH \
-  --build-arg PKG_DIR=$PKG_DIR \
-  --build-arg BASE_IMAGE=$BASE_IMAGE \
-  --progress plain \
-  .
-
-CID=$(docker create $IMAGE)
-mkdir -p _build
-docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
+.ci/build_rpm.sh fedora_33 ghcr.io/firezone/fedora:33

.ci/build_fedora_34.sh

@@ -1,22 +1,4 @@
 #!/usr/bin/env bash
 set -e
 
-OS="fedora_34"
-ARCH=${MATRIX_ARCH:-`uname -m`}
-PKG_DIR="${OS}_${ARCH}"
-PKG_FILE="${PKG_DIR}.rpm"
-IMAGE="${OS}_${ARCH}:latest"
-BASE_IMAGE="fedora:34"
-
-docker build \
-  -t $IMAGE \
-  -f pkg/Dockerfile.rpm \
-  --platform linux/$ARCH \
-  --build-arg PKG_DIR=$PKG_DIR \
-  --build-arg BASE_IMAGE=$BASE_IMAGE \
-  --progress plain \
-  .
-
-CID=$(docker create $IMAGE)
-mkdir -p _build
-docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
+.ci/build_rpm.sh fedora_34 ghcr.io/firezone/fedora:34

.ci/build_fedora_35.sh

@@ -1,22 +1,4 @@
 #!/usr/bin/env bash
 set -e
 
-OS="fedora_35"
-ARCH=${MATRIX_ARCH:-`uname -m`}
-PKG_DIR="${OS}_${ARCH}"
-PKG_FILE="${PKG_DIR}.rpm"
-IMAGE="${OS}_${ARCH}:latest"
-BASE_IMAGE="fedora:35"
-
-docker build \
-  -t $IMAGE \
-  -f pkg/Dockerfile.rpm \
-  --platform linux/$ARCH \
-  --build-arg PKG_DIR=$PKG_DIR \
-  --build-arg BASE_IMAGE=$BASE_IMAGE \
-  --progress plain \
-  .
-
-CID=$(docker create $IMAGE)
-mkdir -p _build
-docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
+.ci/build_rpm.sh fedora_35 ghcr.io/firezone/fedora:35

.ci/build_rpm.sh

@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+set -e
+
+OS=$1
+BASE_IMAGE=$2
+ARCH=${MATRIX_ARCH:-`uname -m`}
+IMAGE="${OS}_${ARCH}:latest"
+VERSION=0.2.0-1
+RPM_ARCH="${ARCH/arm64/aarch64}"
+PKG_DIR="firezone-${VERSION}.${RPM_ARCH}"
+PKG_FILE="${PKG_DIR}.rpm"
+
+docker build \
+  -t $IMAGE \
+  -f pkg/Dockerfile.rpm \
+  --platform linux/$ARCH \
+  --build-arg PKG_DIR=$PKG_DIR \
+  --build-arg BASE_IMAGE=$BASE_IMAGE \
+  --progress plain \
+  .
+
+CID=$(docker create $IMAGE)
+mkdir -p _build
+docker cp $CID:/root/rpmbuild/RPMS/$RPM_ARCH/$PKG_FILE ./_build/$PKG_FILE

.ci/build_ubuntu_18.04.sh

@@ -1,22 +1,4 @@
 #!/usr/bin/env bash
 set -e
 
-OS="ubuntu_18.04"
-ARCH=${MATRIX_ARCH:-`uname -m`}
-PKG_DIR="${OS}_${ARCH}"
-PKG_FILE="${PKG_DIR}.deb"
-IMAGE="${OS}_${ARCH}:latest"
-BASE_IMAGE="hexpm/elixir:1.12.2-erlang-24.0.3-ubuntu-bionic-20210325"
-
-docker build \
-  -t $IMAGE \
-  -f pkg/Dockerfile.deb \
-  --platform linux/$ARCH \
-  --build-arg PKG_DIR=$PKG_DIR \
-  --build-arg BASE_IMAGE=$BASE_IMAGE \
-  --progress plain \
-  .
-
-CID=$(docker create $IMAGE)
-mkdir -p _build
-docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
+.ci/build_deb.sh ubuntu_18.04 ghcr.io/firezone/ubuntu:18.04

.ci/build_ubuntu_20.04.sh

@@ -1,22 +1,4 @@
 #!/usr/bin/env bash
 set -e
 
-OS="ubuntu_20.04"
-ARCH=${MATRIX_ARCH:-`uname -m`}
-PKG_DIR="${OS}_${ARCH}"
-PKG_FILE="${PKG_DIR}.deb"
-IMAGE="${OS}_${ARCH}:latest"
-BASE_IMAGE="hexpm/elixir:1.12.2-erlang-24.0.3-ubuntu-focal-20210325"
-
-docker build \
-  -t $IMAGE \
-  -f pkg/Dockerfile.deb \
-  --platform linux/$ARCH \
-  --build-arg PKG_DIR=$PKG_DIR \
-  --build-arg BASE_IMAGE=$BASE_IMAGE \
-  --progress plain \
-  .
-
-CID=$(docker create $IMAGE)
-mkdir -p _build
-docker cp $CID:/build/pkg/$PKG_FILE ./_build/firezone_$PKG_FILE
+.ci/build_deb.sh ubuntu_20.04 ghcr.io/firezone/ubuntu:20.04

pkg/Dockerfile.base.deb

@@ -0,0 +1,40 @@
+ARG BASE_IMAGE
+FROM ${BASE_IMAGE}
+
+ENV DEBIAN_FRONTENV noninteractive
+WORKDIR /root
+
+# Setup to run build script
+RUN apt-get update -q && \
+    apt-get install -y --no-install-recommends \
+    lintian \
+    rsync \
+    gdebi \
+    ca-certificates \
+    build-essential \
+    git \
+    dpkg-dev \
+    libssl-dev \
+    automake \
+    gnupg \
+    curl \
+    autoconf \
+    libncurses5-dev \
+    unzip \
+    zlib1g-dev \
+    locales && \
+    apt-get clean && \
+    rm -rf /tmp/* /var/tmp/*
+RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && \
+    locale-gen
+ENV LANG en_US.UTF-8
+ENV LANGUAGE en_US:en
+ENV LC_ALL en_US.UTF-8
+
+RUN git clone --depth 1 https://github.com/asdf-vm/asdf.git $HOME/.asdf
+ENV PATH="/root/.asdf/bin:/root/.asdf/shims:${PATH}"
+COPY .tool-versions .tool-versions
+RUN asdf plugin-add nodejs
+RUN asdf plugin-add erlang
+RUN asdf plugin-add elixir
+RUN asdf install

pkg/Dockerfile.base.rpm

@@ -0,0 +1,31 @@
+ARG BASE_IMAGE
+FROM ${BASE_IMAGE}
+
+WORKDIR /root
+
+RUN yum groupinstall -y 'Development Tools'
+RUN yum install -y \
+    tree \
+    rsync \
+    autoconf \
+    automake \
+    procps \
+    openssl-devel \
+    ncurses-devel \
+    curl \
+    git \
+    glibc-common \
+    glibc-locale-source \
+    glibc-langpack-en \
+    findutils \
+    unzip \
+    rpmdevtools \
+    rpmlint
+RUN localedef -i en_US -f UTF-8 en_US.UTF-8
+RUN git clone --depth 1 https://github.com/asdf-vm/asdf.git $HOME/.asdf
+ENV PATH="/root/.asdf/bin:/root/.asdf/shims:${PATH}"
+COPY .tool-versions .tool-versions
+RUN asdf plugin-add nodejs
+RUN asdf plugin-add erlang
+RUN asdf plugin-add elixir
+RUN asdf install

pkg/Dockerfile.deb

@@ -1,42 +1,8 @@
 ARG BASE_IMAGE
 FROM ${BASE_IMAGE}
 
-# Overridden by build script
 ARG PKG_DIR
-
-# Setup to run build script
-ENV DEBIAN_FRONTEND noninteractive
-RUN apt-get update -q && \
-    apt-get install -y --no-install-recommends \
-    lintian \
-    rsync \
-    gdebi \
-    ca-certificates \
-    build-essential \
-    git \
-    dpkg-dev \
-    libssl-dev \
-    automake \
-    gnupg \
-    curl \
-    autoconf \
-    libncurses5-dev \
-    unzip \
-    zlib1g-dev \
-    locales && \
-    apt-get clean && \
-    rm -rf /tmp/* /var/tmp/*
-RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && \
-    locale-gen
-ENV LANG en_US.UTF-8
-ENV LANGUAGE en_US:en
-ENV LC_ALL en_US.UTF-8
-
-RUN curl -sL https://deb.nodesource.com/setup_14.x | bash -
-RUN apt-get install -y --no-install-recommends nodejs
-
 ENV MIX_ENV prod
-WORKDIR /build
 
 # Dockerfile-friendly build release
 RUN mix local.hex --force && \
@@ -54,18 +20,18 @@ COPY apps/fz_http/priv apps/fz_http/priv
 COPY apps/fz_http/assets apps/fz_http/assets
 RUN npm run --prefix ./apps/fz_http/assets deploy && \
     cd apps/fz_http && mix phx.digest
-COPY . .
+# Copy remaining items for release
+COPY rel rel
+COPY deps deps
+COPY config config
+COPY apps apps
 RUN mix release
 
-
 # PACKAGING
 
 # Copy shared files
-RUN rsync -avz pkg/debian_shared/* pkg/$PKG_DIR/
-
-RUN mkdir -p pkg/$PKG_DIR/etc/firezone
-RUN mkdir -p pkg/$PKG_DIR/usr/bin
-RUN mkdir -p pkg/$PKG_DIR/usr/lib/firezone
+COPY pkg pkg
+RUN rsync -avz pkg/skel/* pkg/$PKG_DIR/
 RUN rsync -avz _build/prod/rel/firezone/* pkg/$PKG_DIR/usr/lib/firezone/
 RUN cd pkg/$PKG_DIR/usr/bin && ln -s ../lib/firezone/bin/firezone
 RUN cd pkg && dpkg-deb --build $PKG_DIR

pkg/Dockerfile.rpm

@@ -1,32 +1,8 @@
-ARG PKG_FILE
 ARG BASE_IMAGE
 FROM ${BASE_IMAGE}
 
-RUN yum groupinstall -y 'Development Tools'
-RUN yum install -y \
-    autoconf \
-    automake \
-    procps \
-    openssl-devel \
-    ncurses-devel \
-    curl \
-    git \
-    glibc-common \
-    glibc-locale-source \
-    glibc-langpack-en \
-    findutils \
-    unzip \
-    rpmdevtools \
-    rpmlint
-RUN localedef -i en_US -f UTF-8 en_US.UTF-8
-RUN git clone --depth 1 https://github.com/asdf-vm/asdf.git $HOME/.asdf
+ARG PKG_DIR
 ENV MIX_ENV prod
-ENV PATH="/root/.asdf/bin:/root/.asdf/shims:${PATH}"
-
-WORKDIR /build
-COPY .tool-versions .tool-versions
-COPY pkg/asdf.sh asdf.sh
-RUN ./asdf.sh
 
 # Dockerfile-friendly build release
 RUN mix local.hex --force && \
@@ -44,7 +20,19 @@ COPY apps/fz_http/priv apps/fz_http/priv
 COPY apps/fz_http/assets apps/fz_http/assets
 RUN npm run --prefix ./apps/fz_http/assets deploy && \
     cd apps/fz_http && mix phx.digest
-COPY . .
+# Copy remaining items for release
+COPY rel rel
+COPY deps deps
+COPY config config
+COPY apps apps
 RUN mix release
 
 # Package into rpm
+
+# Copy shared files
+RUN echo $PKG_DIR
+COPY pkg/rpm_shared/rpmbuild rpmbuild
+COPY pkg/skel/ rpmbuild/BUILDROOT/$PKG_DIR/
+RUN rsync -az _build/prod/rel/firezone/* rpmbuild/BUILDROOT/$PKG_DIR/usr/lib/firezone/
+RUN cd rpmbuild/BUILDROOT/$PKG_DIR/usr/bin && ln -s ../lib/firezone/bin/firezone
+RUN rpmbuild -bb rpmbuild/SPECS/firezone.spec

pkg/deb_shared/DEBIAN/postinst

@@ -0,0 +1,5 @@
+#!/bin/bash
+set -e
+
+# Call the post installation script
+. /usr/lib/firezone/bin/postinst.sh

pkg/debian_shared/DEBIAN/prerm

@@ -1,2 +0,0 @@
-#!/bin/bash
-set -e

pkg/rpm_shared/rpmbuild/SPECS/firezone.spec

@@ -0,0 +1,26 @@
+Name:       firezone
+Version:    0.2.0
+Release:    1
+Summary:    Web UI + Firewall manager for WireGuard™
+URL:        https://firez.one
+License:    ASL 2.0
+Requires:   libc6
+Requires:   net-tools
+Requires:   wireguard-tools
+Requires:   postgresql
+Requires:   openssl
+Requires:   systemd
+Requires:   iptables
+
+%description
+Provides a web-based UI that allows you to configure WireGuard™ VPN tunnels and
+set up firewall rules for your devices.
+
+%post
+/usr/lib/firezone/bin/postinst.sh
+
+%files
+%config /etc/firezone
+/lib/systemd/system/firezone.service
+/usr/lib/firezone
+/usr/bin/firezone

scripts/build_and_push_base_images.sh

@@ -0,0 +1,82 @@
+#!/bin/bash
+set -e
+
+docker build \
+  -t ghcr.io/firezone/amazonlinux:2 \
+  -f pkg/Dockerfile.base.rpm \
+  --build-arg BASE_IMAGE="amazonlinux:2" \
+  --progress plain \
+  .
+docker push ghcr.io/firezone/amazonlinux:2
+
+
+docker build \
+  -t ghcr.io/firezone/centos:7 \
+  -f pkg/Dockerfile.base.rpm \
+  --build-arg BASE_IMAGE="centos:7" \
+  --progress plain \
+  .
+docker push ghcr.io/firezone/centos:7
+
+
+docker build \
+  -t ghcr.io/firezone/centos:8 \
+  -f pkg/Dockerfile.base.rpm \
+  --build-arg BASE_IMAGE="centos:8" \
+  --progress plain \
+  .
+docker push ghcr.io/firezone/centos:8
+
+
+docker build \
+  -t ghcr.io/firezone/fedora:33 \
+  -f pkg/Dockerfile.base.rpm \
+  --build-arg BASE_IMAGE="fedora:33" \
+  --progress plain \
+  .
+docker push ghcr.io/firezone/fedora:33
+
+
+docker build \
+  -t ghcr.io/firezone/fedora:34 \
+  -f pkg/Dockerfile.base.rpm \
+  --build-arg BASE_IMAGE="fedora:34" \
+  --progress plain \
+  .
+docker push ghcr.io/firezone/fedora:34
+
+
+docker build \
+  -t ghcr.io/firezone/fedora:35 \
+  -f pkg/Dockerfile.base.rpm \
+  --build-arg BASE_IMAGE="fedora:35" \
+  --progress plain \
+  .
+docker push ghcr.io/firezone/fedora:35
+
+
+docker build \
+  -t ghcr.io/firezone/debian:10 \
+  -f pkg/Dockerfile.base.deb \
+  --build-arg BASE_IMAGE="debian:10" \
+  --progress plain \
+  .
+docker push ghcr.io/firezone/debian:10
+
+
+docker build \
+  -t ghcr.io/firezone/ubuntu:18.04 \
+  -f pkg/Dockerfile.base.deb \
+  --build-arg BASE_IMAGE="ubuntu:18.04" \
+  --progress plain \
+  .
+docker push ghcr.io/firezone/ubuntu:18.04
+
+
+docker build \
+  -t ghcr.io/firezone/ubuntu:20.04 \
+  -f pkg/Dockerfile.base.deb \
+  --build-arg BASE_IMAGE="ubuntu:20.04" \
+  --progress plain \
+  .
+docker push ghcr.io/firezone/ubuntu:20.04