samuel/netoik-rp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0c92b1072a446f8d59eed669354006834fe49f3c
netoik-rp/README.md
samuel 37d6ea9e4a
All checks were successful
Continuous Integration / lint_n_build (push) Successful in 21s
Details
doc: add make help
2026-03-08 21:28:35 +01:00

106 lines
2.2 KiB
Markdown
Raw Blame History

# Netoïk reverse proxy ![badge](https://git.netoik.io/samuel/netoik-rp/actions/workflows/ci.yaml/badge.svg)
Build an RPM package which will install several tools.
- `Nginx` with:
- ssl settings
- security headers
- default site configuration
- `Certbot` certificates with:
- ovh configuration to renew certs
- a command tool certbot_renew
- a systemctl certbot renew timer
# Development
A `Makefile` is integrated to let you run some basic commands.
- Display some information about the project
```shell
make help
make name
make version
make release
make arch
```
- Build a tarball:
```shell
make tarball
```
- Build an rpm package:
```shell
rpmbuild -ba netoik-rp.spec
```
- Upload rpm package to Gitea repository (env var `PKG_TOKEN` is required):
```shell
make upload
```
# CI / CD
Two workflows are set up.
- Continuous Integration:
- triggered by each push on branch `main`
- runs shellcheck on script `certbot_renew`
- builds tarball and rpm package to test everything is OK
- Continuous Delivery:
- triggered by each tag pushed
- builds tarball
- builds and uploads rpm package to `Gitea` repository
# Deployment
Some commands to deploy the RPM package on server
- Add Gitea repo to your repo list:
```shell
dnf config-manager --add-repo https://git.netoik.io/api/packages/samuel/rpm.repo
dnf repolist | grep gitea-samuel
```
- Show available versions:
```shell
dnf --showduplicates netoik-rp
```
- Create certbot ovh credentials here:
[www.ovh.com/auth/api/createToken](https://www.ovh.com/auth/api/createToken)
- Setup environemnt file (fill values):
```shell
cat > ~/.netoik-rp.env << EOF
OVH_ENDPOINT=""
OVH_APPLICATION_NAME=""
OVH_APPLICATION_DESCRIPTION=""
OVH_APPLICATION_KEY=""
OVH_APPLICATION_SECRET=""
OVH_CONSUMER_KEY=""
EOF
```
- Install or upgrade package:
```shell
set -a
source ~/.netoik-rp.env
dnf --nogpgcheck --refresh --assumeyes --best install netoik-rp
set +a
```
# Security Notes
For security reasons, act runners does not have sudo privileges and so there is:
- **no** Continuous Deployment because act runners cannot use `dnf`
- **no** GPG signing because act runners cannot use `gpg`
Reference in New Issue View Git Blame Copy Permalink