From 47bfe47c1c2800e17e4df01433a2c7abe75a618b Mon Sep 17 00:00:00 2001 From: Matt McEuen Date: Mon, 15 Jul 2019 17:56:25 -0500 Subject: [PATCH] Deprecate airship/utils This deprecates the airship/utils project, which is unnecessary and unused. Change-Id: I95131bc57c162fe7a637c450108b3727c48645aa --- Dockerfile | 84 ----- LICENSE | 201 ----------- Makefile | 81 ----- NOTICE | 13 - README.md | 70 +--- Vagrantfile | 112 ------- assets/aptly.conf | 17 - assets/gpg.conf.sh | 13 - assets/gpg/.empty | 0 assets/gpg_batch.sh | 21 -- assets/nginx.conf.sh | 19 -- assets/nginx/blacklist.conf | 3 - assets/packages/default | 596 --------------------------------- assets/run_nginx.sh | 7 - assets/run_supervisord.sh | 7 - assets/startup.sh | 56 ---- assets/supervisord.nginx.conf | 5 - assets/update_mirror_ubuntu.sh | 85 ----- tools/install_packages.sh | 13 - 19 files changed, 8 insertions(+), 1395 deletions(-) delete mode 100644 Dockerfile delete mode 100644 LICENSE delete mode 100644 Makefile delete mode 100644 NOTICE delete mode 100644 Vagrantfile delete mode 100644 assets/aptly.conf delete mode 100755 assets/gpg.conf.sh delete mode 100644 assets/gpg/.empty delete mode 100755 assets/gpg_batch.sh delete mode 100755 assets/nginx.conf.sh delete mode 100644 assets/nginx/blacklist.conf delete mode 100644 assets/packages/default delete mode 100755 assets/run_nginx.sh delete mode 100755 assets/run_supervisord.sh delete mode 100755 assets/startup.sh delete mode 100644 assets/supervisord.nginx.conf delete mode 100755 assets/update_mirror_ubuntu.sh delete mode 100755 tools/install_packages.sh diff --git a/Dockerfile b/Dockerfile deleted file mode 100644 index 44ac55d..0000000 --- a/Dockerfile +++ /dev/null @@ -1,84 +0,0 @@ -# Copyright 2018 Artem B. Smirnov -# Copyright 2018 Jon Azpiazu -# Copyright 2016 Bryan J. Hong -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FROM ubuntu:xenial - -LABEL maintainer="airship-team@att.com" - -ENV DEBIAN_FRONTEND noninteractive - -RUN apt-key adv --keyserver pool.sks-keyservers.net --recv-keys ED75B5A4483DA07C \ - && echo "deb http://repo.aptly.info/ squeeze main" >> /etc/apt/sources.list - -# Update APT repository & install packages -RUN apt-get -q update \ - && apt-get -y install --no-install-recommends \ - aptly=1.3.0 \ - bzip2=1.0.6-8 \ - gnupg=1.4.20-1ubuntu3.3 \ - gpgv=1.4.20-1ubuntu3.3 \ - graphviz=2.38.0-12ubuntu2.1 \ - supervisor=3.2.0-2ubuntu0.2 \ - nginx=1.10.3-0ubuntu0.16.04.2 \ - wget=1.17.1-1ubuntu1.4 \ - xz-utils=5.1.1alpha+20120614-2ubuntu2 \ - apt-utils=1.2.27 \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* - -# Install Aptly Configuration -COPY assets/aptly.conf /etc/aptly.conf - -# Install scripts -COPY assets/*.sh /opt/ - -# Install Nginx Config -RUN rm /etc/nginx/sites-enabled/* -COPY assets/supervisord.nginx.conf /etc/supervisor/conf.d/nginx.conf -RUN echo "daemon off;" >> /etc/nginx/nginx.conf - -ARG FULL_NAME="First Last" -ARG EMAIL_ADDRESS="youremail@example.com" -ARG GPG_PASSWORD="PickAPassword" -ARG HOSTNAME=localhost -ARG MODE=packages -ARG PACKAGE_FILE=default -ARG UBUNTU_RELEASE=xenial -ARG UPSTREAM_URL="http://archive.ubuntu.com/ubuntu/" -ARG COMPONENTS="main universe" -ARG REPOS="${UBUNTU_RELEASE} ${UBUNTU_RELEASE}-updates ${UBUNTU_RELEASE}-security" - -ENV FULL_NAME ${FULL_NAME} -ENV EMAIL_ADDRESS ${EMAIL_ADDRESS} -ENV GPG_PASSWORD ${GPG_PASSWORD} -ENV HOSTNAME ${HOSTNAME} -ENV MODE ${MODE} -ENV PACKAGE_FILE=${PACKAGE_FILE} -ENV UBUNTU_RELEASE=${UBUNTU_RELEASE} -ENV UPSTREAM_URL=${UPSTREAM_URL} -ENV COMPONENTS=${COMPONENTS} -ENV REPOS=${REPOS} - -COPY assets/packages/* /opt/packages/ -COPY assets/gpg/* /opt/aptly/ - -RUN /opt/startup.sh - -# Execute Startup script when container starts - -VOLUME [ "/opt/nginx" ] - -CMD [ "/opt/run_supervisord.sh" ] diff --git a/LICENSE b/LICENSE deleted file mode 100644 index 8dada3e..0000000 --- a/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright {yyyy} {name of copyright owner} - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/Makefile b/Makefile deleted file mode 100644 index 82290f2..0000000 --- a/Makefile +++ /dev/null @@ -1,81 +0,0 @@ -# Copyright 2018 The Openstack-Helm Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -IMAGE_PREFIX ?= airshipit -IMAGE_TAG ?= untagged -IMAGE_NAME := aptly -COMMIT ?= commit-id - -DOCKER_REGISTRY ?= quay.io -PUSH_IMAGE ?= false - -HELM := $(BUILD_DIR)/helm - -PROXY ?= http://proxy.foo.com:8000 -NO_PROXY ?= localhost,127.0.0.1,.svc.cluster.local -USE_PROXY ?= false - -UBUNTU_BASE_IMAGE ?= ubuntu:16.04 - -IMAGE:=${DOCKER_REGISTRY}/${IMAGE_PREFIX}/$(IMAGE_NAME):${IMAGE_TAG} - -.PHONY: validate -validate: lint tests - -.PHONY: tests -tests: clean build - docker run -d \ - --publish 8080:80 \ - --volume $(shell pwd)/assets/nginx:/opt/nginx \ - --name aptly \ - ${DOCKER_REGISTRY}/${IMAGE_PREFIX}/${IMAGE_NAME}:${IMAGE_TAG} - docker run --network host \ - --name target \ - --volume $(shell pwd)/tools:/opt \ - $(UBUNTU_BASE_IMAGE) /opt/install_packages.sh - -.PHONY: clean -clean: - docker rm -f aptly || true - docker rm -f target || true - -.PHONY: lint -lint: - shellcheck assets/*.sh - hadolint Dockerfile - -.PHONY: build -build: -ifeq ($(USE_PROXY), true) - docker build --network host -t $(IMAGE) \ - --label "org.opencontainers.image.revision=$(COMMIT)" \ - --label "org.opencontainers.image.created=$(shell date --rfc-3339=seconds --utc)" \ - --label "org.opencontainers.image.title=$(IMAGE_NAME)" \ - -f Dockerfile \ - --build-arg http_proxy=$(PROXY) \ - --build-arg https_proxy=$(PROXY) \ - --build-arg HTTP_PROXY=$(PROXY) \ - --build-arg HTTPS_PROXY=$(PROXY) \ - --build-arg no_proxy=$(NO_PROXY) \ - --build-arg NO_PROXY=$(NO_PROXY) . -else - docker build --network host -t $(IMAGE) \ - --label "org.opencontainers.image.revision=$(COMMIT)" \ - --label "org.opencontainers.image.created=$(shell date --rfc-3339=seconds --utc)" \ - --label "org.opencontainers.image.title=$(IMAGE_NAME)" \ - -f Dockerfile . -endif -ifeq ($(PUSH_IMAGE), true) - docker push $(IMAGE) -endif diff --git a/NOTICE b/NOTICE deleted file mode 100644 index 52286d8..0000000 --- a/NOTICE +++ /dev/null @@ -1,13 +0,0 @@ -docker-aptly - -Copyright 2018 Artem B. Smirnov - -This product contains software (https://github.com/urpylka/docker-aptly) developed -by Artem Smirnov (http://github.com/urpylka), and Jon Azpiazu (https://github.com/jonazpiazu) -licensed under the Apache License. - -Copyright 2016 Bryan J. Hong - -This product contains software (https://github.com/bryanhong/docker-aptly) developed -by Bryan Hong (http://github.com/bryanhong), and Jan Čapek (https://github.com/honzik666) -licensed under the Apache License. diff --git a/README.md b/README.md index 74aad50..5a0d7ec 100644 --- a/README.md +++ b/README.md @@ -1,65 +1,11 @@ -# docker-aptly +This project is no longer maintained. -## Features +The contents of this repository are still available in the Git +source code management system. To see the contents of this +repository before it reached its end of life, please check out the +previous commit with "git checkout HEAD^1". -- Packages are downloaded during the docker image build -- GPG keys for signature may be generated during the docker image build or existing ones are used -- Nginx blacklist support at runtime +For any further questions, please email +airship-discuss@lists.airshipit.org or join #airshipit on +Freenode. -## Quickstart - -The main difference with the upstream repo is packages saved inside a docker image. -During the image building /opt/update_mirror_ubuntu.sh is called to create mirrors, update them, -merge all in one snapshot and publish it. By default, a new GPG key is generated for making a signature for repo. - -There are two modes: filtered build that fetches only packages specified in assets/packages and -unfiltered build that fetches all packages. The filtered build is used by default. - -To fetch all packages the following command can be used: - -```bash -git clone https://github.com/urpylka/docker-aptly.git -docker build docker-aptly --build-arg MODE=all -``` - -By default GPG key for making package signature are generated during the build. -You may configure GPG key params via build arguments: FULL_NAME, EMAIL_ADDRESS, and GPG_PASSWORD, like: - -```bash -docker build docker-aptly \ - --build-arg FULL_NAME="First Last" \ - --build-arg EMAIL_ADDRESS="youremail@example.com" \ - --build-arg GPG_PASSWORD="PickAPassword" -``` - -If you have a GPG key already you can put private and public key in assets/gpg dir. -Keys must have special names: aptly.sec and aptly.pub -For example: - -```bash -cp docker-aptly/assets/gpg/aptly.sec -cp docker-aptly/assets/gpg/aptly.pub - -docker build docker-aptly \ - --build-arg GPG_PASSWORD="GPG passphrase for my private key" -``` - -To use the Nginx blacklist feature a volume with Nginx config has to be mounted at runtime. -By default, the following keywords are blocked: telnet, ftp. -If no volume is mounted then no blacklist will be used. - -```bash -docker run \ - --name aptly \ - --detach \ - --publish 8080:80 \ - --volume $(pwd)/assets/nginx:/opt/nginx \ - aptly:test -``` -___ - -For additional docs see https://github.com/amadev/docker-aptly - -* Copyright 2018 Artem B. Smirnov -* Copyright 2016 Bryan J. Hong -* Licensed under the Apache License, Version 2.0 diff --git a/Vagrantfile b/Vagrantfile deleted file mode 100644 index 3ea0140..0000000 --- a/Vagrantfile +++ /dev/null @@ -1,112 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : - -# All Vagrant configuration is done below. The "2" in Vagrant.configure -# configures the configuration version (we support older styles for -# backwards compatibility). Please don't change it unless you know what -# you're doing. -Vagrant.configure("2") do |config| - # The most common configuration options are documented and commented below. - # For a complete reference, please see the online documentation at - # https://docs.vagrantup.com. - - # Every Vagrant development environment requires a box. You can search for - # boxes at https://vagrantcloud.com/search. - config.vm.box = "generic/ubuntu1604" - - # Disable automatic box update checking. If you disable this, then - # boxes will only be checked for updates when the user runs - # `vagrant box outdated`. This is not recommended. - # config.vm.box_check_update = false - - # Create a forwarded port mapping which allows access to a specific port - # within the machine from a port on the host machine. In the example below, - # accessing "localhost:8080" will access port 80 on the guest machine. - # NOTE: This will enable public access to the opened port - # config.vm.network "forwarded_port", guest: 80, host: 8080 - - # Create a forwarded port mapping which allows access to a specific port - # within the machine from a port on the host machine and only allow access - # via 127.0.0.1 to disable public access - # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1" - - # Create a private network, which allows host-only access to the machine - # using a specific IP. - # config.vm.network "private_network", ip: "192.168.33.10" - - # Create a public network, which generally matched to bridged network. - # Bridged networks make the machine appear as another physical device on - # your network. - # config.vm.network "public_network" - - # Share an additional folder to the guest VM. The first argument is - # the path on the host to the actual folder. The second argument is - # the path on the guest to mount the folder. And the optional third - # argument is a set of non-required options. - # config.vm.synced_folder "../data", "/vagrant_data" - - # Provider-specific configuration so you can fine-tune various - # backing providers for Vagrant. These expose provider-specific options. - # Example for VirtualBox: - #config.vm.provider "virtualbox" do |vb| - # # Display the VirtualBox GUI when booting the machine - # # vb.gui = true - #end - [:virtualbox, :parallels, :libvirt, :hyperv].each do |provider| - config.vm.provider provider do |vplh, override| - vplh.cpus = 1 - vplh.memory = 2048 - end - end - [:vmware_fusion, :vmware_workstation, :vmware_desktop].each do |provider| - config.vm.provider provider do |vmw, override| - vmw.vmx["memsize"] = "2048" - vmw.vmx["numvcpus"] = "1" - end - end - - # - # View the documentation for the provider you are using for more - # information on available options. - - # Enable provisioning with a shell script. Additional provisioners such as - # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the - # documentation for more information about their specific syntax and use. - # config.vm.provision "shell", inline: <<-SHELL - # apt-get update - # apt-get install -y apache2 - # SHELL - config.vm.define "aptly" do |node| - node.vm.hostname = "aptly" - - node.vm.provision "file", source: ".", destination: "$HOME/docker-aptly" - - node.vm.provision :shell, inline: <<-SHELL - echo htop > /home/vagrant/docker-aptly/assets/packages/list - echo telnetd >> /home/vagrant/docker-aptly/assets/packages/list - echo openbsd-inetd >> /home/vagrant/docker-aptly/assets/packages/list - echo inet-superserver >> /home/vagrant/docker-aptly/assets/packages/list - echo 'mysql-client (>= 3.6)' >> /home/vagrant/docker-aptly/assets/packages/list - SHELL - - node.vm.provision "docker" do |d| - d.build_image "/home/vagrant/docker-aptly -t aptly:test --build-arg PACKAGE_FILE=list" - d.run "aptly", - args: "-p '8080:80' -v '/home/vagrant/docker-aptly/assets/nginx:/opt/nginx'", - image: "aptly:test", - cmd: "/opt/run_nginx.sh" - end - - node.vm.provision :shell, inline: <<-SHELL - sleep 5 - curl -s localhost:8080/aptly_repo_signing.key | apt-key add - - mv /etc/apt/sources.list /etc/apt/sources.list.backup - touch /etc/apt/sources.list - add-apt-repository 'deb http://localhost:8080 xenial main' - apt-get update - apt-cache policy htop - apt-get install -y htop mysql-client - apt-get install -y telnetd || echo "telnetd was not installed due to blacklist" - SHELL - end -end diff --git a/assets/aptly.conf b/assets/aptly.conf deleted file mode 100644 index 2ab6f51..0000000 --- a/assets/aptly.conf +++ /dev/null @@ -1,17 +0,0 @@ -{ - "rootDir": "/opt/aptly", - "downloadConcurrency": 4, - "downloadSpeedLimit": 0, - "architectures": [], - "dependencyFollowSuggests": false, - "dependencyFollowRecommends": false, - "dependencyFollowAllVariants": false, - "dependencyFollowSource": false, - "gpgDisableSign": false, - "gpgDisableVerify": false, - "downloadSourcePackages": false, - "ppaDistributorID": "ubuntu", - "ppaCodename": "", - "S3PublishEndpoints": {}, - "SwiftPublishEndpoints": {} -} diff --git a/assets/gpg.conf.sh b/assets/gpg.conf.sh deleted file mode 100755 index 570d7e2..0000000 --- a/assets/gpg.conf.sh +++ /dev/null @@ -1,13 +0,0 @@ -#! /usr/bin/env bash - -# Copyright 2018 Artem B. Smirnov -# Copyright 2018 Jon Azpiazu -# Licensed under the Apache License, Version 2.0 - -mkdir -p /root/.gnupg/ -touch /root/.gnupg/gpg.conf -cat >> /root/.gnupg/gpg.conf < /opt/gpg_batch -%echo Generating a GPG key, might take a while -Key-Type: RSA -Key-Length: 4096 -Subkey-Type: ELG-E -Subkey-Length: 1024 -Name-Real: ${FULL_NAME} -Name-Comment: Aptly Repo Signing -Name-Email: ${EMAIL_ADDRESS} -Expire-Date: 0 -Passphrase: ${GPG_PASSWORD} -%pubring /opt/aptly/aptly.pub -%secring /opt/aptly/aptly.sec -%commit -%echo done -EOF diff --git a/assets/nginx.conf.sh b/assets/nginx.conf.sh deleted file mode 100755 index 139ca8d..0000000 --- a/assets/nginx.conf.sh +++ /dev/null @@ -1,19 +0,0 @@ -#! /usr/bin/env bash - -# Copyright 2018 Artem B. Smirnov -# Copyright 2016 Bryan J. Hong -# Licensed under the Apache License, Version 2.0 - -cat << EOF > /etc/nginx/conf.d/default.conf -server_names_hash_bucket_size 64; -server { - root /opt/aptly/public; - server_name ${HOSTNAME}; - - location / { - autoindex on; - } - - include /opt/nginx/*.conf; -} -EOF diff --git a/assets/nginx/blacklist.conf b/assets/nginx/blacklist.conf deleted file mode 100644 index cc74f61..0000000 --- a/assets/nginx/blacklist.conf +++ /dev/null @@ -1,3 +0,0 @@ -location ~ (telnet|ftp) { - return 404; -} diff --git a/assets/packages/default b/assets/packages/default deleted file mode 100644 index 2662170..0000000 --- a/assets/packages/default +++ /dev/null @@ -1,596 +0,0 @@ -accountsservice -acl -acpid -adduser -amd64-microcode -apparmor -apport -apport-symptoms -apt -apt-transport-https -apt-utils -arping -at -base-files -base-passwd -bash -bash-completion -bc -bcache-tools -bind9-host -binfmt-support -binutils -bsdmainutils -bsdutils -btrfs-tools -build-essential -busybox-initramfs -busybox-static -byobu -bzip2 -ca-certificates -ceph-common -cloud-guest-utils -cloud-init -cloud-initramfs-copymods -cloud-initramfs-dyn-netconf -command-not-found -command-not-found-data -console-setup -console-setup-linux -coreutils -cpio -cpp -cpp-5 -crda -cron -cryptsetup -cryptsetup-bin -curl -dash -dbus -debconf -debconf-i18n -debianutils -dh-python -diffutils -distro-info-data -dkms -dmeventd -dmidecode -dmsetup -dnsmasq-base -dns-root-data -dnsutils -docker.io -docker-engine -dosfstools -dpkg -dpkg-dev -dstat -e2fslibs -e2fsprogs -eatmydata -ed -eject -ethtool -fakeroot -file -findutils -fonts-ubuntu-font-family-console -freeipmi-common -friendly-recovery -ftp -fuse -g++ -g++-5 -gawk -gcc -gcc-5 -gcc-5-base -gcc-6-base -gdisk -geoip-database -gettext-base -gir1.2-glib-2.0 -git -git-man -gnupg -gpgv -grep -groff-base -grub2-common -grub-common -grub-gfxpayload-lists -grub-legacy-ec2 -grub-pc -grub-pc-bin -gzip -hdparm -heirloom-mailx -hostname -ifenslave -ifupdown -info -init -initramfs-tools -initramfs-tools-bin -initramfs-tools-core -initscripts -init-system-helpers -insserv -installation-report -install-info -intel-microcode -iotop -iperf -ipmitool -iproute2 -iptables -iputils-arping -iputils-ping -iputils-tracepath -irqbalance -isc-dhcp-client -isc-dhcp-common -iso-codes -iucode-tool -iw -jq -kbd -keyboard-configuration -klibc-utils -kmod -krb5-locales -ksh -language-selector-common -laptop-detect -ldap-utils -less -libaccountsservice0 -libacl1 -libalgorithm-diff-perl -libalgorithm-diff-xs-perl -libalgorithm-merge-perl -libapparmor1 -libapparmor-perl -libapt-inst2.0 -libapt-pkg5.0 -libasan2 -libasn1-8-heimdal -libasprintf0v5 -libatm1 -libatomic1 -libattr1 -libaudit1 -libaudit-common -libbabeltrace1 -libbabeltrace-ctf1 -libbind9-140 -libblas3 -libblas-common -libblkid1 -libboost-iostreams1.58.0 -libboost-program-options1.58.0 -libboost-random1.58.0 -libboost-regex1.58.0 -libboost-system1.58.0 -libboost-thread1.58.0 -libbsd0 -libbz2-1.0 -libc6 -libc6-dev -libcap2 -libcap2-bin -libcap-ng0 -libc-bin -libcc1-0 -libc-dev-bin -libcephfs1 -libcilkrts5 -libcomerr2 -libcryptsetup4 -libcurl3-gnutls -libdb5.3 -libdbus-1-3 -libdbus-glib-1-2 -libdebconfclient0 -libdevmapper1.02.1 -libdevmapper-event1.02.1 -libdns162 -libdns-export162 -libdpkg-perl -libdrm2 -libdrm-common -libdumbnet1 -libdw1 -libeatmydata1 -libedit2 -libelf1 -liberror-perl -libestr0 -libevent-2.0-5 -libexpat1 -libfakeroot -libfcgi0ldbl -libfdisk1 -libffi6 -libfile-fcntllock-perl -libfreeipmi16 -libfreetype6 -libfribidi0 -libfuse2 -libgcc1 -libgcc-5-dev -libgcrypt20 -libgdbm3 -libgeoip1 -libgirepository-1.0-1 -libglib2.0-0 -libglib2.0-data -libgmp10 -libgnutls30 -libgnutls-openssl27 -libgomp1 -libgpg-error0 -libgpm2 -libgssapi3-heimdal -libgssapi-krb5-2 -libhcrypto4-heimdal -libheimbase1-heimdal -libheimntlm0-heimdal -libhogweed4 -libhx509-5-heimdal -libicu55 -libidn11 -libisc160 -libisccc140 -libisccfg140 -libisc-export160 -libisl15 -libitm1 -libjansson4 -libjson-c2 -libk5crypto3 -libkeyutils1 -libklibc -libkmod2 -libkrb5-26-heimdal -libkrb5-3 -libkrb5support0 -libldap-2.4-2 -liblinear3 -liblocale-gettext-perl -liblsan0 -libltdl7 -liblua5.2-0 -liblvm2app2.2 -liblvm2cmd2.02 -liblwres141 -liblxc1 -liblz4-1 -liblzma5 -liblzo2-2 -libmagic1 -libmnl0 -libmount1 -libmpc3 -libmpdec2 -libmpfr4 -libmpx0 -libmspack0 -libncurses5 -libncursesw5 -libnet1 -libnetfilter-conntrack3 -libnettle6 -libnewt0.52 -libnfnetlink0 -libnih1 -libnl-3-200 -libnl-genl-3-200 -libnspr4 -libnss3 -libnss3-nssdb -libnuma1 -libonig2 -libopenipmi0 -libopts25 -libp11-kit0 -libpam0g -libpam-modules -libpam-modules-bin -libpam-runtime -libpam-systemd -libparted2 -libpcap0.8 -libpci3 -libpcre3 -libperl5.22 -libpipeline1 -libplymouth4 -libpng12-0 -libpolkit-agent-1-0 -libpolkit-backend-1-0 -libpolkit-gobject-1-0 -libpopt0 -libprocps4 -libprotobuf9v5 -libpython2.7-minimal -libpython2.7-stdlib -libpython3.5 -libpython3.5-minimal -libpython3.5-stdlib -libpython3-stdlib -libpython-stdlib -libquadmath0 -librados2 -libradosstriper1 -librbd1 -libreadline5 -libreadline6 -librgw2 -libroken18-heimdal -librtmp1 -libsasl2-2 -libsasl2-modules -libsasl2-modules-db -libseccomp2 -libselinux1 -libsemanage1 -libsemanage-common -libsensors4 -libsepol1 -libsigsegv2 -libslang2 -libsmartcols1 -libsnmp30 -libsnmp-base -libsqlite3-0 -libss2 -libssl1.0.0 -libstdc++-5-dev -libstdc++6 -libsystemd0 -libtasn1-6 -libtext-charwidth-perl -libtext-iconv-perl -libtext-wrapi18n-perl -libtinfo5 -libtsan0 -libubsan0 -libudev1 -libunwind8 -libusb-0.1-4 -libusb-1.0-0 -libustr-1.0-1 -libutempter0 -libuuid1 -libuv1 -libwind0-heimdal -libwrap0 -libx11-6 -libx11-data -libxau6 -libxcb1 -libxdmcp6 -libxext6 -libxml2 -libxmlsec1 -libxmlsec1-openssl -libxmuu1 -libxslt1.1 -libxtables11 -libyaml-0-2 -linux-base -linux-cloud-tools-common -linux-firmware -linux-generic-hwe-16.04 -linux-headers-4.15.0-34 -linux-headers-4.15.0-34-generic -linux-headers-generic-hwe-16.04 -linux-image-4.15.0-34-generic -linux-image-extra-4.13.0-45-generic -linux-image-generic-hwe-16.04 -linux-libc-dev -linux-modules-4.15.0-34-generic -linux-modules-extra-4.15.0-34-generic -linux-signed-generic-hwe-16.04 -linux-signed-image-4.13.0-45-generic -linux-tools-common -lldpd -locales -login -logrotate -lsb-base -lsb-release -lshw -lsof -ltrace -lua-lpeg -lvm2 -lxc-common -lxcfs -lxd -lxd-client -make -makedev -man-db -manpages -manpages-dev -mawk -mdadm -mime-support -mlocate -mosh -mount -mtr-tiny -multiarch-support -nano -ncurses-base -ncurses-bin -ncurses-term -ndiff -netbase -netcat-openbsd -net-tools -nmap -node-commander -nodejs -node-nan -node-tinycolor -node-ws -ntfs-3g -ntp -openipmi -open-iscsi -openssh-client -openssh-server -openssh-sftp-server -openssl -open-vm-tools -os-prober -overlayroot -parted -passwd -pastebinit -patch -pciutils -perl -perl-base -perl-modules-5.22 -plymouth -plymouth-theme-ubuntu-text -policykit-1 -pollinate -popularity-contest -powermgmt-base -procps -psmisc -python -python2.7 -python2.7-minimal -python3 -python3.5 -python3.5-minimal -python3-apport -python3-apt -python3-blinker -python3-cffi-backend -python3-chardet -python3-commandnotfound -python3-configobj -python3-cryptography -python3-dbus -python3-debian -python3-distupgrade -python3-gdbm -python3-gi -python3-idna -python3-jinja2 -python3-jsonpatch -python3-json-pointer -python3-jwt -python3-markupsafe -python3-minimal -python3-newt -python3-oauthlib -python3-pkg-resources -python3-prettytable -python3-problem-report -python3-pyasn1 -python3-pycurl -python3-requests -python3-serial -python3-six -python3-software-properties -python3-systemd -python3-update-manager -python3-urllib3 -python3-yaml -python-apt -python-apt-common -python-bs4 -python-cephfs -python-chardet -python-html5lib -python-lxml -python-minimal -python-pkg-resources -python-rados -python-rbd -python-requests -python-six -python-urllib3 -readline-common -rename -resolvconf -rsync -rsyslog -run-one -sbsigntool -screen -sed -sensible-utils -sgml-base -shared-mime-info -s-nail -snapd -socat -software-properties-common -sosreport -squashfs-tools -ssh-import-id -ssmtp -strace -sudo -sysstat -systemd -systemd-sysv -sysvinit-utils -sysv-rc -tar -tasksel -tasksel-data -tcpd -tcpdump -telnet -thermald -time -tmux -traceroute -tzdata -ubuntu-cloudimage-keyring -ubuntu-core-launcher -ubuntu-keyring -ubuntu-minimal -ubuntu-release-upgrader-core -ubuntu-standard -ucf -udev -ufw -uidmap -unattended-upgrades -unzip -update-manager-core -update-notifier-common -ureadahead -usbutils -util-linux -uuid-runtime -vim -vim-common -vim-runtime -vim-tiny -vlan -wget -whiptail -wireless-regdb -xauth -xdg-user-dirs -xfsprogs -xkb-data -xml-core -xz-utils -zerofree -zlib1g diff --git a/assets/run_nginx.sh b/assets/run_nginx.sh deleted file mode 100755 index b632f1a..0000000 --- a/assets/run_nginx.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/usr/bin/env bash - -set -o pipefail -set -o errexit -# set -o xtrace - -/usr/sbin/nginx diff --git a/assets/run_supervisord.sh b/assets/run_supervisord.sh deleted file mode 100755 index e87c374..0000000 --- a/assets/run_supervisord.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/usr/bin/env bash - -set -o pipefail -set -o errexit -# set -o xtrace - -/usr/bin/supervisord -n -c /etc/supervisor/supervisord.conf diff --git a/assets/startup.sh b/assets/startup.sh deleted file mode 100755 index fe2543f..0000000 --- a/assets/startup.sh +++ /dev/null @@ -1,56 +0,0 @@ -#! /usr/bin/env bash - -# Copyright 2018 Artem B. Smirnov -# Copyright 2018 Jon Azpiazu -# Copyright 2016 Bryan J. Hong -# Licensed under the Apache License, Version 2.0 - -set -o xtrace - -if [[ ! -f /root/.gnupg/gpg.conf ]]; then - /opt/gpg.conf.sh -fi - -# If the repository GPG keypair doesn't exist, create it. -if [[ ! -f /opt/aptly/aptly.sec ]] || [[ ! -f /opt/aptly/aptly.pub ]]; then - echo "Generating new gpg keys" - cp -a /dev/urandom /dev/random - /opt/gpg_batch.sh - # If your system doesn't have a lot of entropy this may, take a long time - # Google how-to create "artificial" entropy if this gets stuck - gpg -v --batch --gen-key /opt/gpg_batch - -else - echo "No need to generate new gpg keys" -fi - -# Import Ubuntu keyrings if they exist -if [[ -f /usr/share/keyrings/ubuntu-archive-keyring.gpg ]]; then - gpg --list-keys - gpg --no-default-keyring \ - --keyring /usr/share/keyrings/ubuntu-archive-keyring.gpg \ - --export | \ - gpg --no-default-keyring \ - --keyring trustedkeys.gpg \ - --import -fi - -# Import Debian keyrings if they exist -if [[ -f /usr/share/keyrings/debian-archive-keyring.gpg ]]; then - gpg --list-keys - gpg --no-default-keyring \ - --keyring /usr/share/keyrings/debian-archive-keyring.gpg \ - --export | \ - gpg --no-default-keyring \ - --keyring trustedkeys.gpg \ - --import -fi - -# Aptly looks in /root/.gnupg for default keyrings -ln -sf /opt/aptly/aptly.sec /root/.gnupg/secring.gpg -ln -sf /opt/aptly/aptly.pub /root/.gnupg/pubring.gpg - -# Generate Nginx Config -/opt/nginx.conf.sh - -/opt/update_mirror_ubuntu.sh diff --git a/assets/supervisord.nginx.conf b/assets/supervisord.nginx.conf deleted file mode 100644 index bfae082..0000000 --- a/assets/supervisord.nginx.conf +++ /dev/null @@ -1,5 +0,0 @@ -[program:nginx] -command=/usr/sbin/nginx -redirect_stderr=true -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 diff --git a/assets/update_mirror_ubuntu.sh b/assets/update_mirror_ubuntu.sh deleted file mode 100755 index aa27bdf..0000000 --- a/assets/update_mirror_ubuntu.sh +++ /dev/null @@ -1,85 +0,0 @@ -#! /usr/bin/env bash -set -e -set -x - -# Automate the initial creation and update of an Ubuntu package mirror in aptly - -# The variables (as set below) will create a mirror of the Ubuntu repo -# with the main & universe components, you can add other components like restricted -# multiverse etc by adding to the array (separated by spaces). - -# For more detail about each of the variables below refer to: -# https://help.ubuntu.com/community/Repositories/CommandLine - -if [ "$MODE" = "packages" ]; then - if [ ! -f "/opt/packages/$PACKAGE_FILE" ]; then - echo "File with a package list is not found" - exit 1 - fi - FILTER_VAL=$(paste -sd \| "/opt/packages/$PACKAGE_FILE") - FILTER_OPTS=("-filter=$FILTER_VAL" "-filter-with-deps") -else - FILTER_OPTS=() -fi - -REPO_DATE=$(date +%Y%m%d%H) - -# Create repository mirrors if they don't exist -for component in ${COMPONENTS}; do - for repo in ${REPOS}; do - if ! aptly mirror list -raw | grep "^${repo}-${component}$" - then - echo "Creating mirror of ${repo}-${component} repository." - aptly mirror create \ - -architectures=amd64 "${FILTER_OPTS[@]}" "${repo}-${component}" "${UPSTREAM_URL}" "${repo}" "${component}" - fi - done -done - -# Update all repository mirrors -for component in ${COMPONENTS}; do - for repo in ${REPOS}; do - echo "Updating ${repo}-${component} repository mirror.." - aptly mirror update "${repo}-${component}" - done -done - -SNAPSHOTARRAY=() -# Create snapshots of updated repositories -for component in ${COMPONENTS}; do - for repo in ${REPOS}; do - echo "Creating snapshot of ${repo}-${component} repository mirror.." - SNAPSHOTARRAY+=("${repo}-${component}-$REPO_DATE") - aptly snapshot create "${repo}-${component}-$REPO_DATE" from mirror "${repo}-${component}" - done -done - -echo "${SNAPSHOTARRAY[@]}" - -# Merge snapshots into a single snapshot with updates applied -echo "Merging snapshots into one.." -aptly snapshot merge -latest \ - "${UBUNTU_RELEASE}-merged-$REPO_DATE" \ - "${SNAPSHOTARRAY[@]}" - -# Publish the latest merged snapshot -if aptly publish list -raw | awk '{print $2}' | grep "^${UBUNTU_RELEASE}$" -then - aptly publish switch \ - -batch=true \ - -passphrase="${GPG_PASSWORD}" \ - "${UBUNTU_RELEASE}" "${UBUNTU_RELEASE}-merged-$REPO_DATE" -else - aptly publish snapshot \ - -batch=true \ - -passphrase="${GPG_PASSWORD}" \ - -distribution="${UBUNTU_RELEASE}" "${UBUNTU_RELEASE}-merged-$REPO_DATE" -fi - -# Export the GPG Public key -if [[ ! -f /opt/aptly/public/aptly_repo_signing.key ]]; then - gpg --export --armor > /opt/aptly/public/aptly_repo_signing.key -fi - -# Generate Aptly Graph -aptly graph -output /opt/aptly/public/aptly_graph.png diff --git a/tools/install_packages.sh b/tools/install_packages.sh deleted file mode 100755 index 502d672..0000000 --- a/tools/install_packages.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/usr/bin/env bash - -set -o pipefail -set -o errexit -set -o xtrace - -apt update -apt install -y curl -curl -s localhost:8080/aptly_repo_signing.key | apt-key add - -echo 'deb http://localhost:8080 xenial main' > /etc/apt/sources.list -apt-get update -apt-cache policy accountsservice -apt-get install -y accountsservice