summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBryan Hong <bryan@turbojets.net>2017-05-23 23:58:29 -0700
committerBryan Hong <bryan@turbojets.net>2017-05-23 23:58:29 -0700
commit19cc1765c78337a82343bc34469fe1423aa37da5 (patch)
treef1ecd2680d774753034463764c9a2a567ce1ca89
parent444b3414851aa0c1c9f89140f69c06b618fc931b (diff)
added option to build debian-based aptly
just run ```build.sh Dockerfile.debian``` instead
-rw-r--r--Dockerfile1
-rw-r--r--Dockerfile.debian72
-rw-r--r--README.md6
-rwxr-xr-xassets/startup.sh29
-rwxr-xr-xassets/update_mirror/update_mirror_debian.sh75
-rwxr-xr-xassets/update_mirror/update_mirror_ubuntu.sh (renamed from assets/update_mirror.sh)0
-rwxr-xr-xbuild.sh5
7 files changed, 177 insertions, 11 deletions
diff --git a/Dockerfile b/Dockerfile
index cba071e..aad2d2c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -63,6 +63,7 @@ RUN echo "daemon off;" >> /etc/nginx/nginx.conf
63 63
64# Install scripts 64# Install scripts
65COPY assets/*.sh /opt/ 65COPY assets/*.sh /opt/
66COPY assets/update_mirror/update_mirror_ubuntu.sh /opt/update_mirror.sh
66 67
67# Bind mount location 68# Bind mount location
68VOLUME [ "/opt/aptly" ] 69VOLUME [ "/opt/aptly" ]
diff --git a/Dockerfile.debian b/Dockerfile.debian
new file mode 100644
index 0000000..ea6a63b
--- /dev/null
+++ b/Dockerfile.debian
@@ -0,0 +1,72 @@
1# Copyright 2016 Bryan J. Hong
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15FROM debian:jessie
16
17MAINTAINER bryan@turbojets.net
18
19ENV DEBIAN_FRONTEND noninteractive
20ENV DIST=debian
21ENV RELEASE=jessie
22
23# Add Aptly repository
24RUN echo "deb http://repo.aptly.info/ squeeze main" > /etc/apt/sources.list.d/aptly.list
25RUN apt-key adv --keyserver keys.gnupg.net --recv-keys 9E3E53F19C7DE460
26
27# Add Nginx repository
28RUN echo "deb http://nginx.org/packages/$DIST/ $RELEASE nginx" > /etc/apt/sources.list.d/nginx.list
29RUN echo "deb-src http://nginx.org/packages/$DIST/ $RELEASE nginx" >> /etc/apt/sources.list.d/nginx.list
30RUN apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
31
32# Update APT repository and install packages
33RUN apt-get -q update \
34 && apt-get -y install aptly \
35 bash-completion \
36 bzip2 \
37 gnupg \
38 gpgv \
39 graphviz \
40 supervisor \
41 nginx \
42 wget \
43 xz-utils
44
45# Install Aptly Configuration
46COPY assets/aptly.conf /etc/aptly.conf
47
48# Enable Aptly Bash completions
49RUN wget https://github.com/smira/aptly/raw/master/bash_completion.d/aptly \
50 -O /etc/bash_completion.d/aptly \
51 && echo "if ! shopt -oq posix; then\n\
52 if [ -f /usr/share/bash-completion/bash_completion ]; then\n\
53 . /usr/share/bash-completion/bash_completion\n\
54 elif [ -f /etc/bash_completion ]; then\n\
55 . /etc/bash_completion\n\
56 fi\n\
57fi" >> /etc/bash.bashrc
58
59# Install Nginx Config
60COPY assets/nginx.conf.sh /opt/nginx.conf.sh
61COPY assets/supervisord.nginx.conf /etc/supervisor/conf.d/nginx.conf
62RUN echo "daemon off;" >> /etc/nginx/nginx.conf
63
64# Install scripts
65COPY assets/*.sh /opt/
66COPY assets/update_mirror/update_mirror_debian.sh /opt/update_mirror.sh
67
68# Bind mount location
69VOLUME [ "/opt/aptly" ]
70
71# Execute Startup script when container starts
72ENTRYPOINT [ "/opt/startup.sh" ]
diff --git a/README.md b/README.md
index aa01a75..e8dd7e2 100644
--- a/README.md
+++ b/README.md
@@ -7,7 +7,7 @@ aptly in a container backed by nginx
7 7
8>nginx [engine x] is an HTTP and reverse proxy server, a mail proxy server, and a generic TCP proxy server, originally written by Igor Sysoev [nginx.org](http://nginx.org/en/) 8>nginx [engine x] is an HTTP and reverse proxy server, a mail proxy server, and a generic TCP proxy server, originally written by Igor Sysoev [nginx.org](http://nginx.org/en/)
9 9
10**NOTE:** This container and the scripts within are written to make hosting an Ubuntu mirror "as-close-to-turnkey" as possible. If there is enough demand or I end up building it for my own purposes, I'll publish a branch or separate repo to support a "turnkey" Aptly Docker image for Debian. 10**NOTE:** This container and the scripts within are written to make hosting an Ubuntu mirror "as-close-to-turnkey" as possible. If you want to host a Debian mirror, you'll need to build the image yourself, see [Building the Container](#building-the-container) below
11 11
12Quickstart 12Quickstart
13-- 13--
@@ -116,7 +116,7 @@ git clone https://github.com/bryanhong/docker-aptly.git
116### Commands and variables 116### Commands and variables
117 117
118* ```vars```: Variables for Docker registry, the application, and aptly repository data location 118* ```vars```: Variables for Docker registry, the application, and aptly repository data location
119* ```build.sh```: Build the Docker image locally 119* ```build.sh```: Build the Docker image locally, this script will take the name of a Dockerfile as an argument, by default will build Dockerfile.
120* ```run.sh```: Starts the Docker container, it the image hasn't been built locally, it is fetched from the repository set in vars 120* ```run.sh```: Starts the Docker container, it the image hasn't been built locally, it is fetched from the repository set in vars
121* ```push.sh```: Pushes the latest locally built image to the repository set in vars 121* ```push.sh```: Pushes the latest locally built image to the repository set in vars
122* ```shell.sh```: get a shell within the container 122* ```shell.sh```: get a shell within the container
@@ -142,6 +142,8 @@ The GPG password you set in ```vars``` is stored in plain text and is visible as
142 142
1431. Run ```./build.sh``` 1431. Run ```./build.sh```
144 144
145>To build a Debian-based mirror/aptly run ```./build.sh Dockerfile.debian```
146
145#### Start the container 147#### Start the container
146 148
1471. Run ```./run.sh``` 1491. Run ```./run.sh```
diff --git a/assets/startup.sh b/assets/startup.sh
index 49c6b70..10318da 100755
--- a/assets/startup.sh
+++ b/assets/startup.sh
@@ -13,14 +13,27 @@ if [[ ! -f /opt/aptly/public/aptly_repo_signing.key ]]; then
13 gpg --export --armor > /opt/aptly/public/aptly_repo_signing.key 13 gpg --export --armor > /opt/aptly/public/aptly_repo_signing.key
14fi 14fi
15 15
16# Import Ubuntu keyrings 16# Import Ubuntu keyrings if they exist
17gpg --list-keys 17if [[ -f /usr/share/keyrings/ubuntu-archive-keyring.gpg ]]; then
18gpg --no-default-keyring \ 18 gpg --list-keys
19 --keyring /usr/share/keyrings/ubuntu-archive-keyring.gpg \ 19 gpg --no-default-keyring \
20 --export | \ 20 --keyring /usr/share/keyrings/ubuntu-archive-keyring.gpg \
21gpg --no-default-keyring \ 21 --export | \
22 --keyring trustedkeys.gpg \ 22 gpg --no-default-keyring \
23 --import 23 --keyring trustedkeys.gpg \
24 --import
25fi
26
27# Import Debian keyrings if they exist
28if [[ -f /usr/share/keyrings/debian-archive-keyring.gpg ]]; then
29 gpg --list-keys
30 gpg --no-default-keyring \
31 --keyring /usr/share/keyrings/debian-archive-keyring.gpg \
32 --export | \
33 gpg --no-default-keyring \
34 --keyring trustedkeys.gpg \
35 --import
36fi
24 37
25# Aptly looks in /root/.gnupg for default keyrings 38# Aptly looks in /root/.gnupg for default keyrings
26ln -sf /opt/aptly/aptly.sec /root/.gnupg/secring.gpg 39ln -sf /opt/aptly/aptly.sec /root/.gnupg/secring.gpg
diff --git a/assets/update_mirror/update_mirror_debian.sh b/assets/update_mirror/update_mirror_debian.sh
new file mode 100755
index 0000000..f58bf0f
--- /dev/null
+++ b/assets/update_mirror/update_mirror_debian.sh
@@ -0,0 +1,75 @@
1#! /bin/bash
2set -e
3
4# Automate the initial creation and update of a Debian package mirror in aptly
5
6# The variables (as set below) will create a mirror of the Debian jessie repo
7# with the main and update components. If you do mirror these, you'll want to
8# include "deb http://security.debian.org jessie/updates main" in your sources.list
9# file or mirror it similarly as done below to keep up with security updates.
10
11DEBIAN_RELEASE=jessie
12UPSTREAM_URL="http://deb.debian.org/debian/"
13COMPONENTS=( main )
14REPOS=( ${DEBIAN_RELEASE} ${DEBIAN_RELEASE}-updates )
15
16# Create repository mirrors if they don't exist
17set +e
18for component in ${COMPONENTS[@]}; do
19 for repo in ${REPOS[@]}; do
20 aptly mirror list -raw | grep "^${repo}$"
21 if [[ $? -ne 0 ]]; then
22 echo "Creating mirror of ${repo} repository."
23 aptly mirror create \
24 -architectures=amd64 ${repo} ${UPSTREAM_URL} ${repo} ${component}
25 fi
26 done
27done
28set -e
29
30# Update all repository mirrors
31for component in ${COMPONENTS[@]}; do
32 for repo in ${REPOS[@]}; do
33 echo "Updating ${repo} repository mirror.."
34 aptly mirror update ${repo}
35 done
36done
37
38# Create snapshots of updated repositories
39for component in ${COMPONENTS[@]}; do
40 for repo in ${REPOS[@]}; do
41 echo "Creating snapshot of ${repo} repository mirror.."
42 SNAPSHOTARRAY+="${repo}-`date +%Y%m%d%H` "
43 aptly snapshot create ${repo}-`date +%Y%m%d%H` from mirror ${repo}
44 done
45done
46
47echo ${SNAPSHOTARRAY[@]}
48
49# Merge snapshots into a single snapshot with updates applied
50echo "Merging snapshots into one.."
51aptly snapshot merge -latest \
52 ${DEBIAN_RELEASE}-merged-`date +%Y%m%d%H` \
53 ${SNAPSHOTARRAY[@]}
54
55# Publish the latest merged snapshot
56set +e
57aptly publish list -raw | awk '{print $2}' | grep "^${DEBIAN_RELEASE}$"
58if [[ $? -eq 0 ]]; then
59 aptly publish switch \
60 -passphrase="${GPG_PASSWORD}" \
61 ${DEBIAN_RELEASE} ${DEBIAN_RELEASE}-merged-`date +%Y%m%d%H`
62else
63 aptly publish snapshot \
64 -passphrase="${GPG_PASSWORD}" \
65 -distribution=${DEBIAN_RELEASE} ${DEBIAN_RELEASE}-merged-`date +%Y%m%d%H`
66fi
67set -e
68
69# Export the GPG Public key
70if [[ ! -f /opt/aptly/public/aptly_repo_signing.key ]]; then
71 gpg --export --armor > /opt/aptly/public/aptly_repo_signing.key
72fi
73
74# Generate Aptly Graph
75aptly graph -output /opt/aptly/public/aptly_graph.png
diff --git a/assets/update_mirror.sh b/assets/update_mirror/update_mirror_ubuntu.sh
index f05052d..f05052d 100755
--- a/assets/update_mirror.sh
+++ b/assets/update_mirror/update_mirror_ubuntu.sh
diff --git a/build.sh b/build.sh
index 71db177..1d84922 100755
--- a/build.sh
+++ b/build.sh
@@ -2,7 +2,10 @@
2 2
3source vars 3source vars
4 4
5docker build -t "${REPO_NAME}/${APP_NAME}:${TAG}" . 5DOCKERFILE="${1:-Dockerfile}"
6SUFFIX=`echo $1 | cut -d. -f2`
7
8docker build -t "${REPO_NAME}/${APP_NAME}:${TAG}" -f ${DOCKERFILE} .
6 9
7# If the build was successful (0 exit code)... 10# If the build was successful (0 exit code)...
8if [ $? -eq 0 ]; then 11if [ $? -eq 0 ]; then