Browse Source

added option to build debian-based aptly

just run ```build.sh Dockerfile.debian``` instead
Bryan Hong 1 year ago
parent
commit
19cc1765c7

+ 1
- 0
Dockerfile View File

@@ -63,6 +63,7 @@ RUN echo "daemon off;" >> /etc/nginx/nginx.conf
63 63
 
64 64
 # Install scripts
65 65
 COPY assets/*.sh /opt/
66
+COPY assets/update_mirror/update_mirror_ubuntu.sh /opt/update_mirror.sh
66 67
 
67 68
 # Bind mount location
68 69
 VOLUME [ "/opt/aptly" ]

+ 72
- 0
Dockerfile.debian View File

@@ -0,0 +1,72 @@
1
+# Copyright 2016 Bryan J. Hong
2
+# 
3
+# Licensed under the Apache License, Version 2.0 (the "License");
4
+# you may not use this file except in compliance with the License.
5
+# You may obtain a copy of the License at
6
+# 
7
+#     http://www.apache.org/licenses/LICENSE-2.0
8
+# 
9
+# Unless required by applicable law or agreed to in writing, software
10
+# distributed under the License is distributed on an "AS IS" BASIS,
11
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+# See the License for the specific language governing permissions and
13
+# limitations under the License.
14
+
15
+FROM debian:jessie
16
+
17
+MAINTAINER bryan@turbojets.net
18
+
19
+ENV DEBIAN_FRONTEND noninteractive
20
+ENV DIST=debian
21
+ENV RELEASE=jessie
22
+
23
+# Add Aptly repository
24
+RUN echo "deb http://repo.aptly.info/ squeeze main" > /etc/apt/sources.list.d/aptly.list
25
+RUN apt-key adv --keyserver keys.gnupg.net --recv-keys 9E3E53F19C7DE460
26
+
27
+# Add Nginx repository
28
+RUN echo "deb http://nginx.org/packages/$DIST/ $RELEASE nginx" > /etc/apt/sources.list.d/nginx.list
29
+RUN echo "deb-src http://nginx.org/packages/$DIST/ $RELEASE nginx" >> /etc/apt/sources.list.d/nginx.list
30
+RUN apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-keys 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
31
+
32
+# Update APT repository and install packages
33
+RUN apt-get -q update                  \
34
+ && apt-get -y install aptly           \
35
+                       bash-completion \
36
+                       bzip2           \
37
+                       gnupg           \
38
+                       gpgv            \
39
+                       graphviz        \
40
+                       supervisor      \
41
+                       nginx           \
42
+                       wget            \
43
+                       xz-utils
44
+
45
+# Install Aptly Configuration
46
+COPY assets/aptly.conf /etc/aptly.conf
47
+
48
+# Enable Aptly Bash completions
49
+RUN wget https://github.com/smira/aptly/raw/master/bash_completion.d/aptly \
50
+  -O /etc/bash_completion.d/aptly \
51
+  && echo "if ! shopt -oq posix; then\n\
52
+  if [ -f /usr/share/bash-completion/bash_completion ]; then\n\
53
+    . /usr/share/bash-completion/bash_completion\n\
54
+  elif [ -f /etc/bash_completion ]; then\n\
55
+    . /etc/bash_completion\n\
56
+  fi\n\
57
+fi" >> /etc/bash.bashrc
58
+
59
+# Install Nginx Config
60
+COPY assets/nginx.conf.sh /opt/nginx.conf.sh
61
+COPY assets/supervisord.nginx.conf /etc/supervisor/conf.d/nginx.conf
62
+RUN echo "daemon off;" >> /etc/nginx/nginx.conf
63
+
64
+# Install scripts
65
+COPY assets/*.sh /opt/
66
+COPY assets/update_mirror/update_mirror_debian.sh /opt/update_mirror.sh
67
+
68
+# Bind mount location
69
+VOLUME [ "/opt/aptly" ]
70
+
71
+# Execute Startup script when container starts
72
+ENTRYPOINT [ "/opt/startup.sh" ]

+ 4
- 2
README.md View File

@@ -7,7 +7,7 @@ aptly in a container backed by nginx
7 7
 
8 8
 >nginx [engine x] is an HTTP and reverse proxy server, a mail proxy server, and a generic TCP proxy server, originally written by Igor Sysoev [nginx.org](http://nginx.org/en/)
9 9
 
10
-**NOTE:** This container and the scripts within are written to make hosting an Ubuntu mirror "as-close-to-turnkey" as possible. If there is enough demand or I end up building it for my own purposes, I'll publish a branch or separate repo to support a "turnkey" Aptly Docker image for Debian.
10
+**NOTE:** This container and the scripts within are written to make hosting an Ubuntu mirror "as-close-to-turnkey" as possible. If you want to host a Debian mirror, you'll need to build the image yourself, see [Building the Container](#building-the-container) below
11 11
 
12 12
 Quickstart
13 13
 --
@@ -116,7 +116,7 @@ git clone https://github.com/bryanhong/docker-aptly.git
116 116
 ### Commands and variables
117 117
 
118 118
 * ```vars```: Variables for Docker registry, the application, and aptly repository data location
119
-* ```build.sh```: Build the Docker image locally
119
+* ```build.sh```: Build the Docker image locally, this script will take the name of a Dockerfile as an argument, by default will build Dockerfile.
120 120
 * ```run.sh```: Starts the Docker container, it the image hasn't been built locally, it is fetched from the repository set in vars
121 121
 * ```push.sh```: Pushes the latest locally built image to the repository set in vars
122 122
 * ```shell.sh```: get a shell within the container
@@ -142,6 +142,8 @@ The GPG password you set in ```vars``` is stored in plain text and is visible as
142 142
 
143 143
 1. Run ```./build.sh```
144 144
 
145
+>To build a Debian-based mirror/aptly run ```./build.sh Dockerfile.debian```
146
+
145 147
 #### Start the container
146 148
 
147 149
 1. Run ```./run.sh```

+ 21
- 8
assets/startup.sh View File

@@ -13,14 +13,27 @@ if [[ ! -f /opt/aptly/public/aptly_repo_signing.key ]]; then
13 13
   gpg --export --armor > /opt/aptly/public/aptly_repo_signing.key
14 14
 fi
15 15
 
16
-# Import Ubuntu keyrings
17
-gpg --list-keys
18
-gpg --no-default-keyring \
19
-    --keyring /usr/share/keyrings/ubuntu-archive-keyring.gpg \
20
-    --export | \
21
-gpg --no-default-keyring \
22
-    --keyring trustedkeys.gpg \
23
-    --import
16
+# Import Ubuntu keyrings if they exist
17
+if [[ -f /usr/share/keyrings/ubuntu-archive-keyring.gpg ]]; then
18
+  gpg --list-keys
19
+  gpg --no-default-keyring                                     \
20
+      --keyring /usr/share/keyrings/ubuntu-archive-keyring.gpg \
21
+      --export |                                               \
22
+  gpg --no-default-keyring                                     \
23
+      --keyring trustedkeys.gpg                                \
24
+      --import
25
+fi
26
+
27
+# Import Debian keyrings if they exist
28
+if [[ -f /usr/share/keyrings/debian-archive-keyring.gpg ]]; then
29
+  gpg --list-keys
30
+  gpg --no-default-keyring                                     \
31
+      --keyring /usr/share/keyrings/debian-archive-keyring.gpg \
32
+      --export |                                               \
33
+  gpg --no-default-keyring                                     \
34
+      --keyring trustedkeys.gpg                                \
35
+      --import
36
+fi
24 37
 
25 38
 # Aptly looks in /root/.gnupg for default keyrings
26 39
 ln -sf /opt/aptly/aptly.sec /root/.gnupg/secring.gpg

+ 75
- 0
assets/update_mirror/update_mirror_debian.sh View File

@@ -0,0 +1,75 @@
1
+#! /bin/bash
2
+set -e
3
+
4
+# Automate the initial creation and update of a Debian package mirror in aptly
5
+
6
+# The variables (as set below) will create a mirror of the Debian jessie repo 
7
+# with the main and update components. If you do mirror these, you'll want to
8
+# include "deb http://security.debian.org jessie/updates main" in your sources.list
9
+# file or mirror it similarly as done below to keep up with security updates.
10
+
11
+DEBIAN_RELEASE=jessie
12
+UPSTREAM_URL="http://deb.debian.org/debian/"
13
+COMPONENTS=( main )
14
+REPOS=( ${DEBIAN_RELEASE} ${DEBIAN_RELEASE}-updates )
15
+
16
+# Create repository mirrors if they don't exist
17
+set +e
18
+for component in ${COMPONENTS[@]}; do
19
+  for repo in ${REPOS[@]}; do
20
+    aptly mirror list -raw | grep "^${repo}$"
21
+    if [[ $? -ne 0 ]]; then
22
+      echo "Creating mirror of ${repo} repository."
23
+      aptly mirror create \
24
+        -architectures=amd64 ${repo} ${UPSTREAM_URL} ${repo} ${component}
25
+    fi
26
+  done
27
+done
28
+set -e
29
+
30
+# Update all repository mirrors
31
+for component in ${COMPONENTS[@]}; do
32
+  for repo in ${REPOS[@]}; do
33
+    echo "Updating ${repo} repository mirror.."
34
+    aptly mirror update ${repo}
35
+  done
36
+done
37
+
38
+# Create snapshots of updated repositories
39
+for component in ${COMPONENTS[@]}; do
40
+  for repo in ${REPOS[@]}; do
41
+    echo "Creating snapshot of ${repo} repository mirror.."
42
+    SNAPSHOTARRAY+="${repo}-`date +%Y%m%d%H` "
43
+    aptly snapshot create ${repo}-`date +%Y%m%d%H` from mirror ${repo}
44
+  done
45
+done
46
+
47
+echo ${SNAPSHOTARRAY[@]}
48
+
49
+# Merge snapshots into a single snapshot with updates applied
50
+echo "Merging snapshots into one.." 
51
+aptly snapshot merge -latest                 \
52
+  ${DEBIAN_RELEASE}-merged-`date +%Y%m%d%H`  \
53
+  ${SNAPSHOTARRAY[@]}
54
+
55
+# Publish the latest merged snapshot
56
+set +e
57
+aptly publish list -raw | awk '{print $2}' | grep "^${DEBIAN_RELEASE}$"
58
+if [[ $? -eq 0 ]]; then
59
+  aptly publish switch            \
60
+    -passphrase="${GPG_PASSWORD}" \
61
+    ${DEBIAN_RELEASE} ${DEBIAN_RELEASE}-merged-`date +%Y%m%d%H`
62
+else
63
+  aptly publish snapshot \
64
+    -passphrase="${GPG_PASSWORD}" \
65
+    -distribution=${DEBIAN_RELEASE} ${DEBIAN_RELEASE}-merged-`date +%Y%m%d%H`
66
+fi
67
+set -e
68
+
69
+# Export the GPG Public key
70
+if [[ ! -f /opt/aptly/public/aptly_repo_signing.key ]]; then
71
+  gpg --export --armor > /opt/aptly/public/aptly_repo_signing.key
72
+fi
73
+
74
+# Generate Aptly Graph
75
+aptly graph -output /opt/aptly/public/aptly_graph.png

assets/update_mirror.sh → assets/update_mirror/update_mirror_ubuntu.sh View File


+ 4
- 1
build.sh View File

@@ -2,7 +2,10 @@
2 2
 
3 3
 source vars
4 4
 
5
-docker build -t "${REPO_NAME}/${APP_NAME}:${TAG}" .
5
+DOCKERFILE="${1:-Dockerfile}"
6
+SUFFIX=`echo $1 | cut -d. -f2`
7
+
8
+docker build -t "${REPO_NAME}/${APP_NAME}:${TAG}" -f ${DOCKERFILE} .
6 9
 
7 10
 # If the build was successful (0 exit code)...
8 11
 if [ $? -eq 0 ]; then

Loading…
Cancel
Save