commit 7fe1fef3396119870c19dde2e934c03a5b9b8d0e
Author: samuel <samuel.campos@netoik.io>
Date:   Sat Mar 14 01:05:45 2026 +0100

    feat: first commit

diff --git a/.gitea/workflows/cd.yaml b/.gitea/workflows/cd.yaml
new file mode 100644
index 0000000..8b36c07
--- /dev/null
+++ b/.gitea/workflows/cd.yaml
@@ -0,0 +1,20 @@
+name: Continuous Delivery
+
+on:
+  push:
+    tags:
+      - "v[0-9]+.[0-9]+.[0-9]+"
+
+jobs:
+  build_n_upload:
+    runs-on: self-hosted
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          fetch-depth: 0
+          fetch-tags: true
+      - run: make tarball
+      - run: rpmbuild -ba "$(make name).spec"
+      - run: make upload
+        env:
+          PKG_TOKEN: ${{ secrets.PKG_TOKEN }}
diff --git a/.gitea/workflows/ci.yaml b/.gitea/workflows/ci.yaml
new file mode 100644
index 0000000..4cb5415
--- /dev/null
+++ b/.gitea/workflows/ci.yaml
@@ -0,0 +1,17 @@
+name: Continuous Integration
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  lint_n_build:
+    runs-on: self-hosted
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          fetch-depth: 0
+          fetch-tags: true
+      - run: make tarball
+      - run: rpmbuild -ba "$(make name).spec"
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..a09c56d
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+/.idea
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..86dcbc5
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,19 @@
+MIT License
+
+Copyright (c) 2025 samuel
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and 
+associated documentation files (the "Software"), to deal in the Software without restriction, including 
+without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 
+copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the 
+following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial 
+portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT 
+LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO 
+EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER 
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE 
+USE OR OTHER DEALINGS IN THE SOFTWARE.
+
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..8a9896e
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,86 @@
+NAME = netoik-cache
+VERSION = $(shell git describe --abbrev=0)
+RELEASE = $(shell git rev-parse --short HEAD)
+ARCH = noarch
+OWNER = samuel
+SUMMARY = "Netoïk Cache Server"
+LICENSE = "MIT"
+URL = "https://git.netoik.io/$(OWNER)/$(NAME)"
+SOURCE0 = "$(NAME)-$(VERSION)-$(RELEASE).tar.gz"
+
+RPM_RPMDIR = $(shell rpm --eval '%{_rpmdir}')
+RPM_SBINDIR = $(shell rpm --eval '%{_sbindir}')
+RPM_SOURCEDIR = $(shell rpm --eval '%{_sourcedir}')
+RPM_SYSCONFDIR = $(shell rpm --eval '%{_sysconfdir}')
+RPM_UNITDIR = $(shell rpm --eval '%{_unitdir}')
+
+RPM_TARBALL_PATH = $(RPM_SOURCEDIR)/$(SOURCE0)
+RPM_BUILD_PATH = $(RPM_RPMDIR)/$(ARCH)/$(NAME)-$(VERSION)-$(RELEASE).$(ARCH).rpm
+
+.PHONY: help
+help:
+	@grep -E '^[a-zA-Z0-9_-]+:.*?## .*' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
+
+.PHONY: name
+name:  ## Show project name
+	@echo "$(NAME)"
+
+.PHONY: version
+version:  ## Show current project version
+	@echo "$(VERSION)"
+
+.PHONY: release
+release:  ## Show current project release
+	@echo "$(RELEASE)"
+
+.PHONY: arch
+arch:  ## Show rpm arch target
+	@echo "$(ARCH)"
+
+.PHONY: owner
+owner:  ## Show project owner name
+	@echo "$(OWNER)"
+
+.PHONY: summary
+summary:  ## Show project summary
+	@echo "$(SUMMARY)"
+
+.PHONY: license
+license:  ## Show project license
+	@echo "$(LICENSE)"
+
+.PHONY: url
+url:  ## Show project homepage URL
+	@echo "$(URL)"
+
+.PHONY: source0
+source0:  ## Show rpm source0 file name
+	@echo "$(SOURCE0)"
+
+$(RPM_TARBALL_PATH): *
+	git archive --format=tar.gz \
+	            --output="$@" \
+	            --prefix="$(NAME)-$(VERSION)/" \
+	            --verbose \
+	            HEAD 
+
+.PHONY: tarball
+tarball: $(RPM_TARBALL_PATH)  ## Build rpm tarball
+
+.PHONY: install
+install:  ## Install files into rpm dest (requires env var DESTDIR)
+	@if [ -z "$(DESTDIR)" ]; then \
+		printf "[CRITICAL] Missing env var DESTDIR\n[CRITICAL] This command is designed to be called by rpmbuild only!\n" 1>&2; \
+		exit 1; \
+	fi
+	install --mode=755 --directory $(DESTDIR)$(RPM_SYSCONFDIR)/valkey $(DESTDIR)$(RPM_UNITDIR)/valkey.service.d
+	install --mode=644 --target-directory=$(DESTDIR)$(RPM_SYSCONFDIR)/valkey files/valkey/netoik_valkey.conf
+	install --mode=644 --target-directory=$(DESTDIR)$(RPM_UNITDIR) files/systemd/valkey.conf
+
+.PHONY: upload
+upload:  ## Upload rpm package to Gitea repository (requires env var PKG_TOKEN)
+	@if [ -z "$(PKG_TOKEN)" ]; then \
+		printf "[CRITICAL] Missing env var PKG_TOKEN\n[CRITICAL] This command is designed to be called by Gitea Actions only!\n" 1>&2; \
+		exit 1; \
+	fi
+	curl --fail-with-body --upload-file "$(RPM_BUILD_PATH)" --user "$(OWNER):$(PKG_TOKEN)" https://git.netoik.io/api/packages/$(OWNER)/rpm/upload
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..07082bd
--- /dev/null
+++ b/README.md
@@ -0,0 +1,82 @@
+# Netoïk cache server ![badge](https://git.netoik.io/samuel/netoik-cache/actions/workflows/ci.yaml/badge.svg)
+
+Build an RPM package which will install a Cache server:
+
+- `Valkey` (a fork of `Redis` recommended from RockyLinux 10) with:
+    - custom configuration file
+    - custom service file
+
+
+# Development
+
+A `Makefile` is integrated to let you run some basic commands.
+
+- Display some information about the project
+  ```shell
+  make help
+  make name
+  make version
+  make release
+  make arch
+  ```
+
+- Build a tarball:
+  ```shell
+  make tarball 
+  ```
+  
+- Build an rpm package:
+  ```shell
+  rpmbuild -ba netoik-cache.spec
+  ```
+  
+- Upload rpm package to Gitea repository (env var `PKG_TOKEN` is required):
+  ```shell
+  make upload
+  ```
+
+
+# CI / CD
+
+Two workflows are set up.
+
+- Continuous Integration:
+  - triggered by each push on branch `main`
+  - builds tarball
+  - builds rpm package
+
+
+- Continuous Delivery:
+  - triggered by each tag pushed
+  - builds tarball
+  - builds rpm package
+  - uploads rpm package to `Gitea` repository
+
+
+# Deployment
+
+Some commands to deploy the RPM package on server
+
+- Add Gitea repo to your repo list:
+  ```shell
+  dnf config-manager --add-repo https://git.netoik.io/api/packages/samuel/rpm.repo
+  dnf repolist | grep gitea-samuel
+  ```
+
+- Show available versions:
+  ```shell
+  dnf --showduplicates netoik-cache
+  ```
+
+- Install or upgrade package:
+  ```shell
+  dnf --nogpgcheck --refresh --assumeyes --best install netoik-rp
+  ```
+
+
+# Security Notes
+
+For security reasons, act runners does not have sudo privileges and so there is:
+- **no** Continuous Deployment because act runners cannot use `dnf`
+- **no** GPG signing because act runners cannot use `gpg`
+
diff --git a/files/systemd/valkey.conf b/files/systemd/valkey.conf
new file mode 100644
index 0000000..a380f42
--- /dev/null
+++ b/files/systemd/valkey.conf
@@ -0,0 +1,3 @@
+[Service]
+ExecStart=
+ExecStart=/usr/bin/valkey-server /etc/valkey/netoik_valkey.conf --daemonize no --supervised systemd $OPTIONS
diff --git a/files/valkey/netoik_valkey.conf b/files/valkey/netoik_valkey.conf
new file mode 100644
index 0000000..18048c2
--- /dev/null
+++ b/files/valkey/netoik_valkey.conf
@@ -0,0 +1,16 @@
+# Accept connections on the specified port, default is 6379 (IANA #815344).
+# If port 0 is specified the server will not listen on a TCP socket.
+port 0
+
+# Unix socket.
+#
+# Specify the path for the Unix socket that will be used to listen for
+# incoming connections. There is no default, so the server will not listen
+# on a unix socket when not specified.
+#
+unixsocket /run/valkey/valkey.sock
+
+# Specify the log file name. Also the empty string can be used to force
+# the server to log on the standard output. Note that if you use standard
+# output for logging but daemonize, logs will be sent to /dev/null
+logfile ""
diff --git a/netoik-cache.spec b/netoik-cache.spec
new file mode 100644
index 0000000..1548a7b
--- /dev/null
+++ b/netoik-cache.spec
@@ -0,0 +1,38 @@
+%define debug_package %{nil}
+
+Name:           %(make name)
+Version:        %(make version)
+Release:        %(make release)
+Summary:        %(make summary)
+License:        %(make license)
+URL:            %(make url)
+
+Source0:        %(make source0)
+Buildarch:      %(make arch)
+BuildRequires:  make
+Requires:       valkey
+
+%description
+Install the cache server called Valkey, a fork of Redis which is not included in repositories of RockyLinux v10.
+
+%prep
+%autosetup -v
+
+%install
+%make_install
+
+%post
+# Restart services
+systemctl daemon-reload
+systemctl reenable valkey.service
+systemctl restart valkey.service
+
+%files
+%attr(644, root, root) %{_sysconfdir}/valkey/netoik_valkey.conf
+
+%attr(755, root, root) %{_unitdir}/valkey.service.d
+%attr(644, root, root) %{_unitdir}/valkey.service.d/valkey.conf
+
+%changelog
+%autochangelog
+