1.9 KiB
1.9 KiB
Netoïk reverse proxy 
Build an RPM package which will install several tools.
-
Nginxwith:- ssl settings
- security headers
- default site configuration
-
Certbotcertificates with:- ovh configuration to renew certs
- a command tool certbot_renew
- a systemctl certbot renew timer
Development
A Makefile is integrated to let you run some basic commands.
-
To display some information about the project
make name make version make release make build_arch -
To build a tarball:
make tarball -
To build a rpm package:
rpmbuild -ba netoik-rp.spec -
To upload rpm package to Gitea repository (env vars
GIT_PACKAGES_USERNAMEandGIT_PACKAGES_TOKENneeded):make upload
CI / CD
Two workflows are set up.
-
Continuous Integration:
- triggered by each push on branch
main - runs shellcheck on script
certbot_renew - builds tarball and rpm package to test everything is OK
- triggered by each push on branch
-
Continuous Delivery:
- triggered by each tag pushed
- builds tarball
- builds and uploads rpm package to
Gitearepository
Deployment
Some commands to deploy the RPM package on server
-
To add Gitea repo to your repo list:
dnf config-manager --add-repo https://git.netoik.io/api/packages/samuel/rpm.repo dnf repolist | grep gitea-samuel -
To show available versions:
dnf --showduplicates netoik-rp -
To install or upgrade:
dnf --nogpgcheck install netoik-rp dnf --nogpgcheck upgrade netoik-rp
Security Notes
For security reasons, act runners does not have sudo privileges and so there is:
- no Continuous Deployment because act runners cannot use
dnf - no GPG signing because act runners cannot use
gpg