From 04b97e86a064a1741b0ad36cb15ee3e46a193a3e Mon Sep 17 00:00:00 2001 From: Tobias Bossert Date: Fri, 30 Apr 2021 12:16:22 +0200 Subject: [PATCH] Deb test 1 --- .../actions/build-release-action/Dockerfile | 33 ++++++++++++++ .../actions/build-release-action/action.yaml | 36 +++++++++++++++ .../actions/build-release-action/make-deb.sh | 10 +++++ .github/workflows/build-release.yaml | 35 +++++++++++++++ CHANGES | 15 +++++-- Makefile.am | 2 +- VERSION | 2 +- cpanfile | 2 + debian/Makefile.am | 2 + debian/changelog | 12 +++++ debian/compat | 1 + debian/control | 10 +++++ debian/postinst | 18 ++++++++ debian/postrm | 22 ++++++++++ debian/rules | 17 +++++++ debian/wg-wrangler.service | 11 +++++ frontend/Makefile.am | 2 +- t/etc/wgwrangler.yaml | 44 +++++++++++++++++++ 18 files changed, 267 insertions(+), 7 deletions(-) create mode 100644 .github/actions/build-release-action/Dockerfile create mode 100644 .github/actions/build-release-action/action.yaml create mode 100755 .github/actions/build-release-action/make-deb.sh create mode 100644 .github/workflows/build-release.yaml create mode 100644 debian/Makefile.am create mode 100644 debian/changelog create mode 100644 debian/compat create mode 100644 debian/control create mode 100644 debian/postinst create mode 100644 debian/postrm create mode 100755 debian/rules create mode 100644 debian/wg-wrangler.service create mode 100644 t/etc/wgwrangler.yaml diff --git a/.github/actions/build-release-action/Dockerfile b/.github/actions/build-release-action/Dockerfile new file mode 100644 index 00000000..f855f6dd --- /dev/null +++ b/.github/actions/build-release-action/Dockerfile @@ -0,0 +1,33 @@ +ARG IMAGE_VERSION_TAG + +FROM ubuntu:$IMAGE_VERSION_TAG + +LABEL maintainer="oetiker" \ + description="WG-wrangler builder" + + +ENV DEBIAN_FRONTEND noninteractive + +RUN apt-get -y update && \ + apt-get -y install apt-utils curl && \ + curl https://deb.nodesource.com/setup_12.x | bash && \ + apt-get -u update && \ + apt-get -y install perl \ + make \ + gcc \ + devscripts \ + openssl \ + pkg-config \ + libssl-dev \ + debhelper \ + automake \ + nodejs \ + libkrb5-dev \ + libqrencode-dev \ + g++ + +COPY make-deb.sh /make-deb.sh + +RUN chmod 777 /make-deb.sh + +ENTRYPOINT ["/make-deb.sh"] diff --git a/.github/actions/build-release-action/action.yaml b/.github/actions/build-release-action/action.yaml new file mode 100644 index 00000000..8a333506 --- /dev/null +++ b/.github/actions/build-release-action/action.yaml @@ -0,0 +1,36 @@ +name: 'Docker release builder' +description: 'Build release packages using a docker image' + +inputs: + docker_file: + description: Target Docker file to build package + required: true + image_version_tag: + description: Tag which is prepended on the FROM directive + required: false + default: latest + +outputs: + package_name: + description: name of the generated package + value: ${{ steps.run.outputs.package_name }} + +runs: + using: 'composite' + steps: + - id: build + name: Build Docker Image + run: | + docker build \ + --build-arg IMAGE_VERSION_TAG=${{inputs.image_version_tag}} \ + -f $(pwd)/.github/actions/build-release-action/${{inputs.docker_file}} \ + $(pwd)/.github/actions/build-release-action/ \ + -t deb_builder:latest + shell: bash + - id: run + name: Run Docker Image + run: docker run -v $(pwd):/github/workspace --workdir /github/workspace deb_builder:latest + shell: bash + + + diff --git a/.github/actions/build-release-action/make-deb.sh b/.github/actions/build-release-action/make-deb.sh new file mode 100755 index 00000000..dc404fa2 --- /dev/null +++ b/.github/actions/build-release-action/make-deb.sh @@ -0,0 +1,10 @@ +#!/bin/sh +set -ex +cd /github/workspace/ +dh_clean +dpkg-buildpackage -us -uc -nc +release_code_name=$(lsb_release --codename | sed 's/Codename:\s*//') +package_name=$(basename ../*.deb | sed 's/.deb$//')_$release_code_name.deb + +mv ../*.deb $package_name +echo "::set-output name=package_name::$package_name" diff --git a/.github/workflows/build-release.yaml b/.github/workflows/build-release.yaml new file mode 100644 index 00000000..6e3b3091 --- /dev/null +++ b/.github/workflows/build-release.yaml @@ -0,0 +1,35 @@ +name: 'Build release' +on: + push: + tags: + - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10 + +jobs: + build_deb: + strategy: + matrix: + RELEASE: + - Ubuntu: + docker_file: Dockerfile + image_version_tag: '18.04' + - Ubuntu: + docker_file: Dockerfile + image_version_tag: '20.04' + + runs-on: ubuntu-latest + name: Build package defined in ${{ matrix.RELEASE.docker_file }} for tag {{$matrix.RELEASE.image_version_tag}} + steps: + - uses: actions/checkout@v1 + - name: Run docker build + id: build_package + uses: ./.github/actions/build-release-action + with: + docker_file: ${{ matrix.RELEASE.docker_file }} + image_version_tag: ${{ matrix.RELEASE.image_version_tag }} + + - name: Release deb files + uses: softprops/action-gh-release@v1 + with: + files: ${{ github.workspace }}/${{ steps.build_package.outputs.package_name }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/CHANGES b/CHANGES index 3feff314..b00e755d 100644 --- a/CHANGES +++ b/CHANGES @@ -1,5 +1,12 @@ -0.1.0 2021-04-16 Tobias Bossert (bossert _at_ oetiker _this_is_a_dot_ ch) -- Initial release +wg-wrangler (0.1.1) unstable; urgency=medium + + * Initial deb release + + -- Tobias Bossert Thu, 30 Apr 2021 11:02:58 +0200 + +wg-wrangler (0.1.0) unstable; urgency=medium + + * Initial release + + -- Tobias Bossert Thu, 16 Apr 2021 09:02:58 +0200 -0.0.0 2021-01-12 Tobias Bossert (bossert _at_ oetiker _this_is_a_dot_ ch) -- started project diff --git a/Makefile.am b/Makefile.am index f82ad68b..4c5ccf93 100644 --- a/Makefile.am +++ b/Makefile.am @@ -38,4 +38,4 @@ share/messages.pot: $(PM) $(CALLBACKERY_PM) for lang in $(LANGUAGES); do ( test -f $$lang || cp share/messages.pot $$lang ); $(MSGMERGE) -s --force-po -U $$lang share/messages.pot; done test: - prove -w + $(MJ_CLASS)_CONFIG=t/etc/wgwrangler.yaml prove -w diff --git a/VERSION b/VERSION index 6c6aa7cb..6da28dde 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.1.0 \ No newline at end of file +0.1.1 \ No newline at end of file diff --git a/cpanfile b/cpanfile index f3297d46..1989fd34 100644 --- a/cpanfile +++ b/cpanfile @@ -4,5 +4,7 @@ requires 'Wireguard::WGmeta', '>= 0.2.3'; requires 'Net::IP', '>=1.26'; requires 'Email::MIME'; requires 'Email::Sender'; +requires 'Text::QRCode'; +requires 'YAML:XS'; requires 'SVG::Barcode'; requires 'SVG::Barcode::QRCode'; \ No newline at end of file diff --git a/debian/Makefile.am b/debian/Makefile.am new file mode 100644 index 00000000..e53a810f --- /dev/null +++ b/debian/Makefile.am @@ -0,0 +1,2 @@ +changelog: ../CHANGES: + cp ../CHANGES changelog \ No newline at end of file diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 00000000..749429ad --- /dev/null +++ b/debian/changelog @@ -0,0 +1,12 @@ +wg-wrangler (0.1.1) unstable; urgency=medium + + * Initial deb release + + -- Tobias Bossert Thu, 30 Apr 2021 11:02:58 +0200 + +wg-wrangler (0.1.0) unstable; urgency=medium + + * Initial release + + -- Tobias Bossert Thu, 16 Apr 2021 09:02:58 +0200 + diff --git a/debian/compat b/debian/compat new file mode 100644 index 00000000..ec635144 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +9 diff --git a/debian/control b/debian/control new file mode 100644 index 00000000..c06cac86 --- /dev/null +++ b/debian/control @@ -0,0 +1,10 @@ +Source: wg-wrangler +Section: system +Priority: optional +Maintainer: Tobias Bossert +Build-Depends: build-essential, debhelper (>= 9) + +Package: wg-wrangler +Architecture: any +Depends: ${shlibs:Depends}, perl, wireguard, sudo +Description: An web-frontend for managing wireguard peer configuration diff --git a/debian/postinst b/debian/postinst new file mode 100644 index 00000000..3f2e9a60 --- /dev/null +++ b/debian/postinst @@ -0,0 +1,18 @@ +#!/bin/sh + +PKGNAME=wg-wrangler +USERNAME=wg-wrangler_manager +GROUPNAME=wg-wrangler_manager + +# Create user and group +adduser --system --group --no-create-home $USERNAME + +# set permissions and group membership on /etc/wireguard +chgrp --silent --recursive $GROUPNAME /etc/wireguard/ + +# set group permissions +chmod -R g+rw /etc/wireguard + +# Whitelist wg* commands for us +echo "%$GROUPNAME ALL=NOPASSWD: /usr/bin/wg*" >> /etc/sudoers.d/wg-wrangler + diff --git a/debian/postrm b/debian/postrm new file mode 100644 index 00000000..78fd8ece --- /dev/null +++ b/debian/postrm @@ -0,0 +1,22 @@ +#!/bin/sh + +USERNAME=wg-wrangler_manager + +# Revert group of /etc/wireguard +chgrp --silent --recursive root /etc/wireguard/ + +# remove sudoers entry +if [ ! -f /etc/sudoers.d/wg-wrangler ] +then + echo "File does not exist. Skipping..." +else + rm /etc/sudoers.d/wg-wrangler +fi + +# and finally remove the wg-wrangler user +if [ -x "$(command -v deluser)" ]; then + deluser --quiet --system $USERNAME > /dev/null || true +else + echo >&2 "not removing $USERNAME system account because deluser command was not found" +fi + diff --git a/debian/rules b/debian/rules new file mode 100755 index 00000000..f2288b5f --- /dev/null +++ b/debian/rules @@ -0,0 +1,17 @@ +#!/usr/bin/make -f +# -*- makefile -*- + +# Uncomment this to turn on verbose mode. +export DH_VERBOSE=1 + +# This has to be exported to make some magic below work. +export DH_OPTIONS + +export DH_ALWAYS_EXCLUDE=CVS:.svn:.git: + +override_dh_auto_configure: + ./bootstrap + ./configure --prefix=/opt/wg-wrangler + +%: + dh $@ diff --git a/debian/wg-wrangler.service b/debian/wg-wrangler.service new file mode 100644 index 00000000..13611f14 --- /dev/null +++ b/debian/wg-wrangler.service @@ -0,0 +1,11 @@ +[Unit] +Description=wg-wranger wireguard manager + +[Service] +Type=simple +User=wg-wrangler_manager +Group=wg-wrangler_manager +ExecStart=/usr/bin/perl opt/wg-wrangler/bin/wgwrangler.pl prefork --listen 'http://127.0.0.1:7171' + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/frontend/Makefile.am b/frontend/Makefile.am index fc33a8e0..029962b6 100644 --- a/frontend/Makefile.am +++ b/frontend/Makefile.am @@ -1,7 +1,7 @@ AUTOMAKE_OPTIONS=foreign -EXTRA_DIST = compile.js compile.json Manifest.json package.json package-lock.json $(shell find source -not -name ".*" -a -not -name "*~" -a -not -name "*.tmp" -a -not -name "Makefile*" -a -type f -print ) +EXTRA_DIST = compile.js compile.json Manifest.json package.json package-lock.json $(shell find source -not -name ".*" -a -not -name "*~" -a -not -name "*.tmp" -a -not -name "Makefile*" -a -type f -print ) if BUILD_QOOXDOO_APP diff --git a/t/etc/wgwrangler.yaml b/t/etc/wgwrangler.yaml new file mode 100644 index 00000000..d6adb06c --- /dev/null +++ b/t/etc/wgwrangler.yaml @@ -0,0 +1,44 @@ + +BACKEND: + cfg_db: /tmp/wgwrangler.db + sesame_user: qfqwfeqfeqf + # perl -MDigest::SHA -e 'print Digest::SHA::hmac_sha1_hex("access"),"\n"' + sesame_pass: wedfwfewqf + vpn_name: your_vpn_name + enable_git: false + no_apply: true + not_applied_suffix: .not_applied + wireguard_home: /dummy_home/ + wg_apply_command: sudo -n wg-quick strip %interface% > /tmp/wg_tmp && sudo -n wg syncconf %interface% /tmp/wg_tmp && rm /tmp/wg_tmp + wg_show_command: sudo -n wg show all dump + +FRONTEND: +# logo = ../resource/wgwrangler/logo.png +# logo_small = ../resource/wgwrangler/logo-small.png + title: WGwrangler + initial_plugin: WireguardShow + company_name: OETIKER+PARTNER AG + company_url: http://www.oetiker.ch +# max_width = 800 + +PLUGIN: + - InitialUser: + module: UserForm + mode: init + type: add + tab-name: Create Initial User + + - WireguardShow: + module: WireguardShow + tab-name: Wireguard + default-dns: 10.0.0.1 + default-allowed-ips: 10.0.0.0/24 + sender-email: support@oetiker.ch + + - WireguardVersions: + module: WireguardVersions + tab-name: Config Versions + + - AdminUser: + module: Users + tab-name: Admin User Manager