samuel
48792673dc
All checks were successful
Continuous Integration / lint_n_build (push) Successful in 18s
Netoïk reverse proxy 
Build an RPM package which will install several tools.
-
Nginxwith:- ssl settings
- security headers
- default site configuration
-
Certbotcertificates with:- ovh configuration to renew certs
- a command tool certbot_renew
- a systemctl certbot renew timer
Development
A Makefile is integrated to let you run some basic commands.
-
Display some information about the project
make help make name make version make release make arch -
Build a tarball:
make tarball -
Build an rpm package:
rpmbuild -ba netoik-rp.spec -
Upload rpm package to Gitea repository (env var
PKG_TOKENis required):make upload
CI / CD
Two workflows are set up.
-
Continuous Integration:
- triggered by each push event on branch
main - runs shellcheck
- builds tarball
- builds rpm package
- triggered by each push event on branch
-
Continuous Delivery:
- triggered by each tag push event
- builds tarball
- builds rpm package
- uploads rpm package to repository
Deployment
Some commands to deploy the RPM package on server
-
Add Gitea repo to your repo list:
dnf config-manager --add-repo https://git.netoik.io/api/packages/samuel/rpm.repo dnf repolist | grep gitea-samuel -
Show available versions:
dnf --showduplicates netoik-rp -
Create certbot ovh credentials here: www.ovh.com/auth/api/createToken
-
Setup environemnt file (fill values):
cat > ~/.netoik-rp.env << EOF OVH_ENDPOINT="" OVH_APPLICATION_NAME="" OVH_APPLICATION_DESCRIPTION="" OVH_APPLICATION_KEY="" OVH_APPLICATION_SECRET="" OVH_CONSUMER_KEY="" EOF -
Install or upgrade package:
set -a source ~/.netoik-rp.env dnf --nogpgcheck --refresh --assumeyes --best install netoik-rp set +a
Security Notes
For security reasons, act runners does not have sudo privileges and so there is:
- no Continuous Deployment because act runners cannot use
dnf - no GPG signing because act runners cannot use
gpg