uppal/cgrates
1
0
Fork 1
mirror of https://github.com/cgrates/cgrates.git synced 2026-02-11 18:16:24 +05:00
Code Issues Packages Projects Releases Wiki Activity

Revise deb_packages script and update Go version

Browse Source
This commit is contained in:
arberkatellari
2025-04-14 16:56:51 +02:00
committed by Dan Christian Bogos
parent f56e46e00d
commit 7363e29f93
24 changed files with 499 additions and 619 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
data/ansible/deb_packages/gen-key-script
View File

@@ -1,13 +0,0 @@
{{ ansible_managed | comment }}
%echo Generating a basic OpenPGP key
%no-protection
Key-Type: RSA
Key-Length: {{ gpg_keylength }}
Subkey-Type: RSA
Subkey-Length: {{ 2048 }}
Name-Real: {{ gpg_realname }}
Name-Email: {{ gpg_useremail }}
Expire-Date: {{ gpg_expire }}
%no-ask-passphrase
%commit
%echo done

122
data/ansible/deb_packages/go.yaml
View File

@@ -1,122 +0,0 @@
---
- name: create gopath directory
file:
state: directory
mode: 'u=rwx,go=rx'
dest: '{{ golang_gopath }}'
- name: create download directory
file:
state: directory
mode: 'u=rwx,go=rx'
dest: '{{ golang_download_dir }}'
- name: Register the current Go version (if any)
command: /usr/local/go/bin/go version
ignore_errors: yes
register: go_version
changed_when: false
- name: Remove old installation of Go
become: yes
file:
path: /usr/local/go
state: absent
when: go_version is failed or go_version.stdout != go_version_target
- name: download Go language SDK
get_url:
url: '{{ golang_mirror }}/{{ golang_redis_filename }}'
dest: '{{ golang_download_dir }}/{{ golang_redis_filename }}'
mode: 'u=rw,go=r'
- name: create Go language SDK installation directory
become: yes
file:
state: directory
owner: root
group: root
mode: 'u=rwx,go=rx'
dest: '{{ golang_install_dir }}'
- name: install Go language SDK
become: yes
unarchive:
src: '{{ golang_download_dir }}/{{ golang_redis_filename }}'
remote_src: yes
extra_opts: '--strip-components=1'
dest: '{{ golang_install_dir }}'
owner: root
group: root
creates: '{{ golang_install_dir }}/bin'
# Set Go language SDK environment variables
- name: make sure /etc/profile.d exists
become: yes
file:
path: /etc/profile.d
state: directory
owner: root
group: root
mode: 'u=rwx,go=rx'
- name: export Go language SDK environment variables
become: yes
template:
src: golang.sh.j2
dest: /etc/profile.d/golang.sh
owner: root
group: root
mode: 'u=rw,go=r'
- name: Export GOROOT for root
become: yes
lineinfile:
path: ~/.bashrc
line: export GOROOT='{{ golang_install_dir }}'
insertafter: last
- name: Add GOROOT to PATH for root
become: yes
lineinfile:
dest: ~/.bashrc
line: export PATH=$PATH:$GOROOT/bin
insertafter: last
- name: Export GOPATH for root
become: yes
lineinfile:
dest: ~/.bashrc
line: export GOPATH='{{ golang_gopath }}'
insertafter: last
- name: Add GOPATH to PATH for root
become: yes
lineinfile:
dest: ~/.bashrc
line: export PATH=$PATH:$GOPATH/bin
insertafter: last
- name: Export GOROOT
lineinfile:
dest: ~/.bashrc
line: export GOROOT='{{ golang_install_dir }}'
insertafter: last
- name: Add GOROOT to PATH
lineinfile:
dest: ~/.bashrc
line: export PATH=$PATH:$GOROOT/bin
insertafter: last
- name: Export GOPATH
lineinfile:
dest: ~/.bashrc
line: export GOPATH='{{ golang_gopath }}'
insertafter: last
- name: Add GOPATH to PATH
lineinfile:
dest: ~/.bashrc
line: export PATH=$PATH:$GOPATH/bin
insertafter: last

12
data/ansible/deb_packages/golang.sh.j2
View File

@@ -1,12 +0,0 @@
#!/bin/sh
{{ ansible_managed | comment('plain') }}
export GOROOT='{{ golang_install_dir }}'
export PATH=$PATH:$GOROOT/bin
{% if golang_gopath not in (None, '') %}
export GOPATH="{{ golang_gopath }}"
export PATH=$PATH:$GOPATH/bin
{% endif %}

44
data/ansible/deb_packages/gpg-gen-key.yaml
View File

@@ -1,44 +0,0 @@
---
- name: set defaut gpg options
become: true
template:
src: gpg.conf.j2
dest: "{{ gpg_home }}/.gnupg/gpg.conf"
mode: '0600'
owner: "{{ rootUser }}"
- name: copy default template for gpg key generation
become: true
template:
src: gen-key-script
dest: "{{ gpg_home }}/.gnupg/gen-key-script-{{ rootUser }}"
mode: '0600'
owner: "{{ rootUser }}"
- name: create some required file
become: true
shell: "gpg --list-secret-keys --keyid-format LONG"
- name: When starting fresh we need to make sure we have rng-tools
become: true
apt:
name: rng-tools
state: present
ignore_errors: true
- name: Add HRNGDEVICE=/dev/urandom so we can execute rngd
become: true
lineinfile:
path: /etc/default/rng-tools
line: HRNGDEVICE=/dev/urandom
insertafter: last
- name: generate randomness
become: true
shell: "sudo /etc/init.d/rng-tools restart"
ignore_errors: true
- name: generate gpg key
become: true
shell: "sudo gpg --batch --gen-key {{ gpg_home }}/.gnupg/gen-key-script-{{ rootUser }}"

5
data/ansible/deb_packages/gpg.conf.j2
View File

@@ -1,5 +0,0 @@
{{ ansible_managed | comment }}
# Prioritize stronger algorithms for new keys.
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed
# Use a stronger digest than the default SHA1 for certifications.
cert-digest-algo SHA512

43
data/ansible/deb_packages/gpg.yaml
View File

@@ -1,43 +0,0 @@
---
- name: Restart gpg-agent
become: true
shell: "gpgconf --kill all"
- name: Ensure .gnupg config directory exists with right permissions
become: true
file: dest={{ gpg_home }}/.gnupg state=directory mode=0700 owner="{{ rootUser }}"
## Note: matching on realname or email doesn't allow to create multiple keys. alternative?
- name: check existing secret key
shell: "gpg --list-secret-keys | grep '{{ gpg_realname }}'"
changed_when: false
ignore_errors: true
become: yes
become_user: "{{ rootUser }}"
register: gpgkeys
- name: Check expired keys
become: yes
shell: "gpg --list-keys {{ gpg_realname }} | grep 'expired'"
ignore_errors: yes
failed_when: false
register: gpgExpKeys
when: gpgkeys.stdout_lines|length > 0
- name: Update expired
become: yes
shell: 'printf "expire\n{{ gpg_expire }}\nsave\n" | gpg --batch --command-fd 0 --status-fd=2 --edit-key {{ gpg_realname }}'
when: gpgkeys.stdout_lines|length > 0 and gpgExpKeys.stdout_lines|length > 0
- include: gpg-gen-key.yaml
when: gpgkeys.stdout_lines|length < 1
- name: get user armored public key
become: true
shell: "sudo gpg --armor --output {{ gpg_pubkeyfileexport }} --export {{ gpg_useremail }}"
when: gpgkeys.stdout_lines|length < 1 or (gpgkeys.stdout_lines|length > 0 and gpgExpKeys.stdout_lines|length > 0)
- name: After export move the key to /var/packages
become: true
shell: "sudo mv {{ gpg_pubkeyfileexport }} /var/packages"
when: gpgkeys.stdout_lines|length < 1 or (gpgkeys.stdout_lines|length > 0 and gpgExpKeys.stdout_lines|length > 0)

3
data/ansible/deb_packages/hosts Normal file
View File

@@ -0,0 +1,3 @@
[all]
apt ansible_host=h4.itsyscom.com ansible_port=60022 ansible_ssh_user=dan user=dan pkgAddr=192.168.122.132
pkg ansible_host=h4.itsyscom.com ansible_port=60032 ansible_ssh_user=dan user=dan

450
data/ansible/deb_packages/main.yaml
View File

@@ -1,44 +1,7 @@
---
- hosts: apt
vars:
ansible_python_interpreter: auto # to disable deprication warning related to the use of python2
###############################################################
##################### Golang Vars #############################
###############################################################
# Go language SDK version number
golang_version: '1.24'
go_version_target: "go version go{{ golang_version }} linux/amd64"
# Mirror to download the Go language SDK redistributable package from
golang_mirror: 'https://storage.googleapis.com/golang'
# Base installation directory the Go language SDK distribution
golang_install_dir: '/usr/local/go'
# Directory to store files downloaded for Go language SDK installation
golang_download_dir: "{{ x_ansible_download_dir | default(ansible_env.HOME + '/.ansible/tmp/downloads') }}"
# Location for GOPATH environment variable
golang_gopath: "/home/{{ user }}/go"
# Filename of Go language SDK redistributable package
golang_redis_filename: 'go{{ golang_version }}.linux-amd64.tar.gz'
###############################################################
# CGRateS vars
cgrates_dir: "{{ golang_gopath }}/src/github.com/cgrates/cgrates"
cgrates_branch: "1.0"
cgrates_distribution: "nightly"
###############################################################
######################## GPG Vars #############################
###############################################################
gpg_home: "/root"
gpg_realname: "CGRateS"
gpg_useremail: "cgrates@itsyscom.com"
gpg_pubkeyfileexport: "apt.cgrates.org.gpg.key"
gpg_keylength: 2048
gpg_subkeylength: 2048
gpg_expire: 360
rootUser : root
customPath: "{{ lookup('env','PATH') }}:{{ golang_gopath }}/bin:/usr/local/go/bin:{{ ansible_env.PATH }}"
rootUser: root
dependencies:
- build-essential
@@ -50,7 +13,6 @@
- dpkg-dev
- git
- pbuilder
- reprepro
- nginx
distributions:
@@ -59,250 +21,295 @@
- codename: bullseye
version: 11
remote_user: "{{ user }}"
tasks:
- name: set cgrates cgrates_distribution
set_fact:
cgrates_distribution: "{{ cgrates_distribution }}"
###########################################################################################################################
###########################################################################################################################
# install dependencies
- name: Install dependencies
become: yes
apt: name={{ dependencies }} state=present
###########################################################################################################################
###########################################################################################################################
# Prepare for configuration
- name: Config reprepro
include: reprepro.yaml
roles:
- ../roles/reprepro
- ../roles/gpg
- name: Generate GPG Key
include: gpg.yaml
tasks:
- name: Install dependencies
become: true
ansible.builtin.apt:
name: "{{ dependencies }}"
state: present
- name: Check if NGINX needs to be configured
become: true
shell: "ls /etc/nginx/sites-enabled | grep 'apt.cgrates.org.vhost'"
ansible.builtin.shell: "ls /etc/nginx/sites-enabled | grep 'apt.cgrates.org.vhost'"
ignore_errors: true
register: nginxConfig
- name: Configure NGINX server
include: nginx.yaml
when: nginxConfig.stdout_lines|length < 1
ansible.builtin.include_tasks: nginx.yaml
when: nginxConfig.stdout_lines | length < 1
- name: Enable and start nginx
systemd:
ansible.builtin.systemd:
name: nginx
state: started
masked: no
enabled: yes
masked: false
enabled: true
###########################################################################################################################
###########################################################################################################################
# Install Golang
- name: install unarchive dependencies (zypper)
become: yes
zypper:
name:
- gzip
- tar
state: present
when: ansible_pkg_mgr == 'zypper'
- name: Install Go
ansible.builtin.import_role:
name: ../roles/go
vars:
go_clean_build_cache: true
go_clean_modcache: true
- name: Create chroots
become: yes
command: "cowbuilder --create --distribution {{ item.codename }} --architecture amd64 --basepath /var/cache/pbuilder/base-{{ item.codename }}+go.cow --mirror http://deb.debian.org/debian --components main"
become: true
ansible.builtin.command: >-
cowbuilder --create --distribution {{ item.codename }} --architecture amd64
--basepath /var/cache/pbuilder/base-{{ item.codename }}+go.cow
--mirror http://deb.debian.org/debian --components main
args:
creates: "/var/cache/pbuilder/base-{{ item.codename }}+go.cow"
with_items: "{{ distributions }}"
- name: Check Go tarball
stat:
ansible.builtin.stat:
path: "/usr/local/src/{{ go_tarball }}"
register: downloaded_go_tarball
- name: Download Go tarball
become: yes
get_url:
become: true
ansible.builtin.get_url:
url: "{{ go_download_url }}"
dest: "/usr/local/src/{{ go_tarball }}"
checksum: "sha256:{{ go_checksum }}"
mode: "0644"
when: not downloaded_go_tarball.stat.exists
- name: Check Go version in chroots
become: true
ansible.builtin.command: >-
chroot /var/cache/pbuilder/base-{{ item.codename }}+go.cow
bash -c "GOROOT=/usr/local/go /usr/local/go/bin/go version"
register: chroot_go_version
ignore_errors: true
with_items: "{{ distributions }}"
changed_when: false
- name: Remove old Go from chroots when version differs
become: true
ansible.builtin.file:
path: "/var/cache/pbuilder/base-{{ item.item.codename }}+go.cow/usr/local/go"
state: absent
with_items: "{{ chroot_go_version.results }}"
when:
- item.rc == 0
- go_version not in item.stdout
- name: Install Go in chroots
become: yes
unarchive:
become: true
ansible.builtin.unarchive:
src: "/usr/local/src/{{ go_tarball }}"
dest: "/var/cache/pbuilder/base-{{ item.codename }}+go.cow/usr/local"
copy: no
copy: false
creates: "/var/cache/pbuilder/base-{{ item.codename }}+go.cow/usr/local/go"
with_items: "{{ distributions }}"
- name: Customize .bashrc in chroots
become: true
template:
ansible.builtin.template:
src: bashrc.j2
dest: "/var/cache/pbuilder/base-{{ item.codename }}+go.cow/root/.bashrc"
mode: "0644"
owner: "root"
group: "root"
owner: root
group: root
with_items: "{{ distributions }}"
- name: Customize .pbuilderrc
template:
ansible.builtin.template:
src: pbuilderrc.j2
dest: "/home/{{ user }}/.pbuilderrc"
mode: "0644"
- name: Check update timestamp
stat:
ansible.builtin.stat:
path: "/var/cache/pbuilder/update-timestamp"
register: update_timestamp
- name: Update chroots
become: yes
command: "cowbuilder --update --basepath /var/cache/pbuilder/base-{{ item.codename }}+go.cow"
become: true
ansible.builtin.command: "cowbuilder --update --basepath /var/cache/pbuilder/base-{{ item.codename }}+go.cow"
with_items: "{{ distributions }}"
when: not update_timestamp.stat.exists or update_timestamp.stat.mtime <= (ansible_date_time.epoch | int - 86400)
register: update_chroots
- name: Update timestamp
become: yes
file:
path: "/var/cache/pbuilder/update-timestamp"
become: true
ansible.builtin.file:
path: /var/cache/pbuilder/update-timestamp
state: touch
mode: "0644"
when: update_chroots.changed
###########################################################################################################################
###########################################################################################################################
# Install CGRateS
- name: create cgrates directory
file:
state: directory
mode: 'u=rwx,go=rx'
owner: "{{ user }}"
group: "{{ user }}"
dest: "{{ cgrates_dir }}"
- name: Set up cgrates
ansible.builtin.import_role:
name: ../../roles/cgrates
vars:
cgrates_bin_path: ""
cgrates_dbs: []
cgrates_dependencies: []
- name: git clone cgrates
git:
repo: https://github.com/cgrates/cgrates.git
dest: '{{ cgrates_dir }}'
update: yes
force: yes
version: "{{ cgrates_branch }}"
- name: clean go cache
shell: "go clean --cache"
- name: Sync the go mod with vendor
ansible.builtin.command:
cmd: go mod vendor
chdir: "{{ cgrates_dir }}"
environment:
PATH: "{{ customPath }}"
PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin"
- name: clean go modcache
shell: "go clean --modcache"
environment:
PATH: "{{ customPath }}"
- name: sync the go mod with vendor
shell: "go mod vendor"
environment:
PATH: "{{ customPath }}"
args:
chdir: '{{ cgrates_dir }}'
- name: build cgrates
shell: "sh {{ cgrates_dir }}/build.sh"
environment:
PATH: "{{ customPath }}"
args:
chdir: '{{ cgrates_dir }}'
- name: symbol link
become: yes
file:
src: "{{ cgrates_dir }}/data"
dest: "/usr/share/cgrates"
state: link
- name: get git tag
shell: "git tag -l --points-at HEAD"
args:
chdir: '{{ cgrates_dir }}'
register: gitTagVar
###########################################################################################################################
###########################################################################################################################
# Generate package
- name: Generate packages
command: 'env "DISTRIBUTION={{ item.codename }}" make -C packages deb'
- name: Get current Git tag
ansible.builtin.command: git tag -l --points-at HEAD
args:
chdir: "{{ cgrates_dir }}"
with_items: "{{ distributions }}"
register: git_tag_result
- name: Check if the packages were generated
shell: "ls /home/{{ user }}/go/src/github.com/cgrates | grep -E 'cgrates(-dbgsym)?_'"
ignore_errors: true
register: packagesVar
###########################################################################################################################
###########################################################################################################################
- name: Move the files to /var/packages/debian/incoming
become: yes
command: mv {{item}} /var/packages/debian/incoming/
args:
chdir: "/home/{{ user }}/go/src/github.com/cgrates"
when: packagesVar.stdout_lines|length > 0
with_items: "{{ packagesVar.stdout_lines }}"
- block:
- name: Generate packages
ansible.builtin.command: 'env "DISTRIBUTION={{ item.codename }}" make -C packages deb'
args:
chdir: "{{ cgrates_dir }}"
with_items: "{{ distributions }}"
- name: Get the name of the deb files
shell: "ls /var/packages/debian/incoming/ | grep -E '.(build|buildinfo|changes|deb|debian.tar.*|dsc|orig.*.tar.*)$'"
register: packageFileNames
- name: Find generated package files
ansible.builtin.find:
paths: "/home/{{ user }}/go/src/github.com/cgrates"
patterns:
- cgrates_*
- cgrates-dbgsym_*
file_type: file
register: package_files
- name: Include the packages with reprepro
become: yes
shell: reprepro -Vb . --ignore=wrongdistribution include {{ cgrates_branch }}-{{ item.codename }} /var/packages/debian/incoming/*~deb{{ item.version }}u1_amd64.changes
args:
chdir: /var/packages/debian
with_items: "{{ distributions }}"
when: cgrates_branch == "master" or gitTagVar.stdout_lines|length > 0
- name: Move package files to incoming directory
become: true
ansible.builtin.command: mv {{ item.path }} {{ reprepro_basedir }}/incoming/
args:
creates: "{{ reprepro_basedir }}/incoming/{{ item.path | basename }}"
removes: "{{ item.path }}"
with_items: "{{ package_files.files }}"
when: package_files.matched > 0
# Include the package with reprepro
- name : Include the package with reprepro
become: yes
command: sudo reprepro -A amd64 -Vb . include {{ cgrates_distribution }} /var/packages/debian/incoming/{{ item }}
ignore_errors: true
args :
chdir: /var/packages/debian
with_items: '{{ changesFileNames.stdout_lines }}'
when : cgrates_branch == "master" or gitTagVar.stdout_lines|length > 0
- name: Find Debian package changes files (.changes) for each distribution
ansible.builtin.find:
paths: "{{ reprepro_basedir }}/incoming"
patterns: "*~deb{{ item.version }}u1_amd64.changes"
file_type: file
register: changes_files
with_items: "{{ distributions }}"
# Move the file to PKG server
- name: Copy the file to PKG server
shell: 'scp /var/packages/debian/incoming/{{ item }} {{ pkgAddr }}:/tmp/'
args:
chdir: /var/packages/debian/incoming/
with_items: "{{ packageFileNames.stdout_lines }}"
- name: Validate that each distribution has exactly one .changes file for proper reprepro inclusion
ansible.builtin.fail:
msg: "Debian packaging error: Expected exactly 1 .changes file for {{ item.item.codename }}, found {{ item.matched }}. Each distribution should have a single .changes file for proper repository inclusion."
when: item.matched != 1
with_items: "{{ changes_files.results }}"
# Clean the incoming folder
- name: Clean the incoming folder
become: yes
shell: "rm /var/packages/debian/incoming/*"
args:
chdir: /var/packages/debian
- name: Include the packages with reprepro
become: true
ansible.builtin.shell:
cmd: reprepro -Vb . --ignore=wrongdistribution include {{ cgrates_branch }}-{{ item.item.codename }} {{ item.files[0].path }}
chdir: "{{ reprepro_basedir }}"
with_items: "{{ changes_files.results }}"
- name: Copy the file to PKG server
ansible.builtin.command: "scp {{ reprepro_basedir }}/incoming/{{ item.path | basename }} {{ pkgAddr }}:/tmp/"
with_items: "{{ package_files.files }}"
rescue:
- name: Find all files in incoming directory
ansible.builtin.find:
paths: "{{ reprepro_basedir }}/incoming"
file_type: file
register: all_incoming_files
- name: Display files for debugging
ansible.builtin.debug:
msg: "{{ all_incoming_files.files | map(attribute='path') | list }}"
- name: Find build log files
ansible.builtin.find:
paths: "{{ reprepro_basedir }}/incoming"
patterns: "*.build"
file_type: file
register: build_log_files
ignore_errors: true
- name: Ensure log directory exists
become: true
ansible.builtin.file:
path: "/tmp/ansible_build_logs"
state: directory
mode: "0755"
ignore_errors: true
- name: Copy build logs to a safe location
become: true
ansible.builtin.copy:
src: "{{ item.path }}"
dest: "/tmp/ansible_build_logs/{{ item.path | basename }}"
remote_src: true
with_items: "{{ build_log_files.files }}"
ignore_errors: true
when: build_log_files.matched > 0
- name: Remove chroot environments
become: true
ansible.builtin.file:
path: "/var/cache/pbuilder/base-{{ item.codename }}+go.cow"
state: absent
with_items: "{{ distributions }}"
- name: Remove update timestamp
become: true
ansible.builtin.file:
path: "/var/cache/pbuilder/update-timestamp"
state: absent
- name: Fail with error
ansible.builtin.fail:
msg: "Task failed - see original error above. Build logs saved to /tmp/ansible_build_logs/ if available."
always:
- name: Clean the incoming folder
become: true
ansible.builtin.file:
path: "{{ reprepro_basedir }}/incoming"
state: absent
- name: Remove leftover package files
ansible.builtin.file:
path: "{{ item }}"
state: absent
with_fileglob:
- "/home/{{ user }}/go/src/github.com/cgrates/cgrates_*"
- "/home/{{ user }}/go/src/github.com/cgrates/cgrates-dbgsym_*"
- hosts: pkg
vars:
nginx_user: "www-data"
cgrates_branch: "master"
cgrates_branch: "1.0"
distributions:
- codename: bookworm
version: 12
- codename: bullseye
version: 11
tasks:
- name: set cgrates cgrates_distribution
set_fact:
cgrates_distribution: "{{ hostvars['apt']['cgrates_distribution'] }}"
- name: Add user to www-data group
become: true
ansible.builtin.user:
name: "{{ user }}"
groups: "{{ nginx_user }}"
append: true
- name: Create directory
become: yes
file:
become: true
ansible.builtin.file:
path: /var/packages/deb/{{ cgrates_branch }}/{{ item.codename }}
state: directory
mode: "0775"
@@ -311,63 +318,50 @@
with_items: "{{ distributions }}"
- name: Remove symlink from current deb package
become: yes
file:
ansible.builtin.file:
path: /var/packages/deb/{{ cgrates_branch }}/{{ item.codename }}/cgrates_current_amd64.deb
state: absent
with_items: "{{ distributions }}"
when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0
- name: Move the new .orig.tar.gz to /var/packages/deb
become: yes
shell: "mv /tmp/cgrates*.orig*.tar.* /var/packages/deb/{{ cgrates_branch }}/"
when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0
- name: Move the new package to /var/packages/deb
become: yes
shell: "mv /tmp/cgrates*~deb{{ item.version }}u1* /var/packages/deb/{{ cgrates_branch }}/{{ item.codename }}/"
become: true
ansible.builtin.shell: "mv /tmp/cgrates_*~deb{{ item.version }}u1*.deb /var/packages/deb/{{ cgrates_branch }}/{{ item.codename }}/"
with_items: "{{ distributions }}"
when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0
- name: Find all package files
become: yes
find:
become: true
ansible.builtin.find:
path: "/var/packages/deb/{{ cgrates_branch }}/"
patterns: "*.deb"
recurse: yes
when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0
recurse: true
register: package_files
- name: Set ownership and permissions for moved files
become: yes
file:
become: true
ansible.builtin.file:
path: "{{ item.path }}"
owner: "{{ nginx_user }}"
group: "{{ nginx_user }}"
owner: "{{ nginx_user }}"
group: "{{ nginx_user }}"
mode: "0644"
loop: "{{ package_files.files }}"
when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0
- name: Find package files per distribution
become: yes
find:
become: true
ansible.builtin.find:
path: "/var/packages/deb/{{ cgrates_branch }}/{{ item.codename }}/"
patterns: "cgrates_*_amd64.deb"
patterns: cgrates_*_amd64.deb
with_items: "{{ distributions }}"
register: distribution_package_files
when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0
- set_fact:
- ansible.builtin.set_fact:
latest_file: "{{ item.files | sort(attribute='mtime', reverse=true) | first }}"
with_items: "{{ distribution_package_files.results }}"
register: latest_files
when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0
- name: Create the new symlink cgrates_current_amd64.deb
become: yes
file:
become: true
ansible.builtin.file:
src: "{{ item.ansible_facts.latest_file.path }}"
dest: /var/packages/deb/{{ cgrates_branch }}/{{ item.item.item.codename }}/cgrates_current_amd64.deb
dest: "/var/packages/deb/{{ cgrates_branch }}/{{ item.item.item.codename }}/cgrates_current_amd64.deb"
state: link
with_items: "{{ latest_files.results }}"
when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0

4
data/ansible/deb_packages/nginx.yaml
View File

@@ -4,7 +4,7 @@
template:
src: nginx.conf.j2
dest: "/etc/nginx/sites-available/apt.cgrates.org.vhost"
mode: '0600'
mode: "0600"
owner: "{{ rootUser }}"
- name: Create a symlink for apt.cgrates.org
@@ -16,4 +16,4 @@
- name: Restart the nginx so the change take effects
become: true
shell: "/etc/init.d/nginx reload"
ansible.builtin.command: "/etc/init.d/nginx reload"

43
data/ansible/deb_packages/reprepro.yaml
View File

@@ -1,43 +0,0 @@
---
- name: Check if /var/packages/debian directory exists
become: true
file:
path: /var/packages/debian
state: directory
- name: Check if /var/packages/debian/conf directory exists
become: true
file:
path: /var/packages/debian/conf
state: directory
- name: Check if /var/packages/debian/incoming directory exists
become: true
file:
path: /var/packages/debian/incoming
state: directory
- name: Add distributions file in reprepro
become: true
template:
src: distributions.conf.j2
dest: "/var/packages/debian/conf/distributions"
mode: '0600'
owner: "{{ rootUser }}"
- name: Add distributions file in reprepro
become: true
template:
src: options.conf.j2
dest: "/var/packages/debian/conf/options"
mode: '0600'
owner: "{{ rootUser }}"
- name: Create override.testing file
become: true
copy:
content: ""
dest: /var/packages/debian/conf/override.testing
force: no
group: root
owner: root

15
data/ansible/roles/cgrates/defaults/main.yaml
View File

@@ -1,16 +1,19 @@
---
golang_gopath: '/home/{{ ansible_user }}/go'
clone_repository: true
cgrates_dir: '{{ golang_gopath }}/src/github.com/cgrates/cgrates'
golang_gopath: "/home/{{ ansible_user }}/go"
golang_install_dir: /usr/local/go
git_version: 1.0
cgrates_migrator_cfg_path: /usr/share/cgrates/conf/samples/tutmysql # leave empty to do nothing
cgrates_clone_repo: true
cgrates_dir: "{{ golang_gopath }}/src/github.com/cgrates/cgrates"
cgrates_branch: 1.0
# Leave empty to skip creating symlinks
cgrates_data_path: "/usr/share/cgrates"
cgrates_bin_path: "/usr/bin"
cgrates_dbs:
- mysql
- postgres
- mongo
# CGRateS dependencies
cgrates_dependencies:
- git
- redis-server

88
data/ansible/roles/cgrates/tasks/main.yaml
View File

@@ -2,68 +2,70 @@
- name: Install CGRateS dependencies
become: true
ansible.builtin.package:
name: '{{ cgrates_dependencies }}'
name: "{{ cgrates_dependencies }}"
state: present
update_cache: yes
update_cache: true
- name: Create cgrates directory
ansible.builtin.file:
state: directory
mode: u=rwx,go=rx
owner: '{{ ansible_user }}'
dest: '{{ cgrates_dir }}'
when: clone_repository | bool
owner: "{{ ansible_user }}"
dest: "{{ cgrates_dir }}"
when: cgrates_clone_repo | bool
- name: Git clone cgrates
ansible.builtin.git:
repo: https://github.com/cgrates/cgrates.git
dest: '{{ cgrates_dir }}'
update: yes
force: yes
version: '{{ git_version }}'
when: clone_repository | bool
dest: "{{ cgrates_dir }}"
update: true
force: true
version: "{{ cgrates_branch }}"
when: cgrates_clone_repo | bool
- name: Build cgrates
ansible.builtin.shell:
cmd: bash -lc "sh {{ cgrates_dir }}/build.sh"
args:
chdir: '{{ cgrates_dir }}'
become_user: '{{ ansible_user }}'
- name: Install cgrates binaries
ansible.builtin.command:
cmd: bash -c './build.sh'
chdir: "{{ cgrates_dir }}"
environment:
PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin"
- name: Create symbolic links
- name: Create cgrates data folder symlink
ansible.builtin.file:
src: '{{ item.src }}'
dest: '{{ item.dest }}'
src: "{{ cgrates_dir }}/data"
dest: "{{ cgrates_data_path }}"
state: link
become: true
when: cgrates_data_path | length > 0
- name: Create cgrates binary symlinks
ansible.builtin.file:
src: "{{ golang_gopath }}/bin/{{ item }}"
dest: "{{ cgrates_bin_path }}/{{ item }}"
state: link
become: true
when: cgrates_bin_path | length > 0
loop:
- { src: '{{ cgrates_dir }}/data', dest: /usr/share/cgrates }
- { src: '{{ golang_gopath }}/bin/cgr-engine', dest: /usr/bin/cgr-engine }
- { src: '{{ golang_gopath }}/bin/cgr-loader', dest: /usr/bin/cgr-loader }
- {
src: '{{ golang_gopath }}/bin/cgr-migrator',
dest: /usr/bin/cgr-migrator,
}
- {
src: '{{ golang_gopath }}/bin/cgr-console',
dest: /usr/bin/cgr-console,
}
- { src: '{{ golang_gopath }}/bin/cgr-tester', dest: /usr/bin/cgr-tester }
- cgr-engine
- cgr-loader
- cgr-migrator
- cgr-console
- cgr-tester
- name: Run post install scripts
become: true
ansible.builtin.command:
cmd: '{{ item.cmd }}'
chdir: '{{ cgrates_dir }}/data/storage/{{ item.db }}'
cmd: "{{ item.cmd }}"
chdir: "{{ cgrates_dir }}/data/storage/{{ item.db }}"
when: item.db in cgrates_dbs
loop:
- { db: mysql, cmd: sh setup_ers_db.sh root CGRateS.org localhost }
- { db: mysql, cmd: sh setup_cgr_db.sh root CGRateS.org localhost }
- { db: postgres, cmd: sh create_db_with_users.sh }
- { db: postgres, cmd: sh create_ers_db.sh }
- { db: mongo, cmd: sh setup_cgr_db.sh }
- name: Set versions
ansible.builtin.command:
cmd: 'cgr-migrator -exec=*set_versions -config_path={{ cgrates_migrator_cfg_path }}'
when: cgrates_migrator_cfg_path != ""
- db: mysql
cmd: sh setup_ers_db.sh root CGRateS.org localhost
- db: mysql
cmd: sh setup_cgr_db.sh root CGRateS.org localhost
- db: postgres
cmd: sh create_db_with_users.sh
- db: postgres
cmd: sh create_ers_db.sh
- db: mongo
cmd: sh setup_cgr_db.sh

8
data/ansible/roles/go/defaults/main.yaml
View File

@@ -1,8 +1,12 @@
---
go_version: 1.24.0
go_version: 1.24.2
go_platform: linux
go_arch: amd64
go_tarball: go{{ go_version }}.{{ go_platform }}-{{ go_arch }}.tar.gz
go_download_url: https://dl.google.com/go/{{ go_tarball }}
go_checksum: dea9ca38a0b852a74e81c26134671af7c0fbe65d81b0dc1c5bfe22cf7d4c8858
go_checksum: 68097bd680839cbc9d464a0edce4f7c333975e27a90246890e9f1078c7e702ad
install_go: true
# Cleaning caches assumes go is available (either installed by the role or pre-existing)
go_clean_modcache: false
go_clean_build_cache: false

46
data/ansible/roles/go/tasks/main.yaml
View File

@@ -1,13 +1,13 @@
---
- name: Check if Go is already installed.
command: /usr/local/go/bin/go version
ansible.builtin.command: /usr/local/go/bin/go version
ignore_errors: true
register: go_version_result
changed_when: false
- name: Remove current installation.
become: true
file:
ansible.builtin.file:
state: absent
path: /usr/local/go
when:
@@ -17,28 +17,54 @@
- name: Download Go.
become: true
get_url:
url: '{{ go_download_url }}'
dest: /usr/local/src/{{ go_tarball }}
checksum: 'sha256:{{ go_checksum }}'
ansible.builtin.get_url:
url: "{{ go_download_url }}"
dest: "/usr/local/src/{{ go_tarball }}"
checksum: "sha256:{{ go_checksum }}"
mode: "0644"
when:
- install_go | bool
- (go_version_result is failed or go_version not in go_version_result.stdout)
- name: Extract Go.
become: true
unarchive:
src: /usr/local/src/{{ go_tarball }}
ansible.builtin.unarchive:
src: "/usr/local/src/{{ go_tarball }}"
dest: /usr/local
copy: no
copy: false
when:
- install_go | bool
- (go_version_result is failed or go_version not in go_version_result.stdout)
- name: Add Go to to system-wide $PATH.
become: true
copy:
ansible.builtin.copy:
dest: /etc/profile.d/go-path.sh
content: |-
export PATH=$PATH:/usr/local/go/bin
mode: "0644"
when: install_go | bool
- name: Get Go modcache path
ansible.builtin.command: go env GOMODCACHE
environment:
PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin"
register: gomodcache_path
changed_when: false
when: go_clean_modcache
# Using file module since go clean --modcache is just a wrapper for rm -rf $GOMODCACHE
- name: Clean Go modcache
become: true
ansible.builtin.file:
path: "{{ gomodcache_path.stdout }}"
state: absent
when: go_clean_modcache
- name: Clean Go build cache
ansible.builtin.command: go clean -x --cache
environment:
PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin"
register: cache_clean_result
when: go_clean_build_cache
changed_when: "'rm -rf' in cache_clean_result.stdout"

58
data/ansible/roles/gpg/tasks/gpg-gen-key.yaml
View File

@@ -1,23 +1,51 @@
---
- name: set default gpg options
become: yes
template:
- name: Set defaut gpg options
become: true
ansible.builtin.template:
src: gpg.conf.j2
dest: "{{ gpg_home }}/.gnupg/gpg.conf"
mode: '0600'
mode: "0600"
owner: root
- name: copy default template for gpg
become: yes
template:
- name: Copy default template for gpg key generation
become: true
ansible.builtin.template:
src: gen-key-script.j2
dest: "{{ gpg_home }}/gen-key-script"
mode: '0700'
dest: "{{ gpg_home }}/.gnupg/gen-key-script-root"
mode: "0600"
owner: root
- name: generate gpg keys
become: yes
command: gpg --batch --gen-key gen-key-script
args:
chdir: "{{ gpg_home }}"
notify: Restart gpg-agent
# Not sure what this task does, or if it's needed.
- name: List available GPG secret keys
become: true
ansible.builtin.command: "gpg --list-secret-keys --keyid-format LONG"
# rng-tools might not be needed on newer kernel versions
- name: Install rng-tools-debian
become: true
ansible.builtin.apt:
name: rng-tools-debian
state: present
ignore_errors: true
- name: Make sure /etc/default/rng-tools-debian exist
become: true
ansible.builtin.file:
path: /etc/default/rng-tools-debian
state: touch
- name: Add HRNGDEVICE=/dev/urandom so we can execute rngd
become: true
ansible.builtin.lineinfile:
path: /etc/default/rng-tools-debian
line: HRNGDEVICE=/dev/urandom
insertafter: last
- name: Generate randomness
become: true
ansible.builtin.command: "sudo /etc/init.d/rng-tools-debian restart"
ignore_errors: true
- name: Generate gpg key
become: true
ansible.builtin.command: "sudo gpg --batch --gen-key {{ gpg_home }}/.gnupg/gen-key-script-root"

56
data/ansible/roles/gpg/tasks/main.yaml
View File

@@ -1,36 +1,56 @@
---
# tasks file for gpg
- name: Ensure GnuPG is installed
become: true
ansible.builtin.apt:
name: gnupg
state: present
- name: Restart gpg-agent
become: true
ansible.builtin.command: "gpgconf --kill all"
# TODO: Make it execute only when GPG config changes or keys are updated
changed_when: false
- name: Ensure .gnupg config directory exists with right permissions
file:
dest: "{{ gpg_home }}/.gnupg"
state: directory
mode: 0700
become: true
ansible.builtin.file:
dest: "{{ gpg_home }}/.gnupg"
state: directory
mode: "0700"
owner: root
- name: check existing secret key
shell: "gpg --list-secret-keys | grep '{{ gpg_realname }}'"
register: gpgkeys
# Note: matching on realname or email doesn't allow to create multiple keys. alternative?
- name: Check existing secret key
ansible.builtin.shell: "gpg --list-secret-keys | grep '{{ gpg_realname }}'"
changed_when: false
failed_when: false
ignore_errors: true
become: true
become_user: root
register: gpgkeys
- name: Check expired keys
shell: "gpg --list-keys {{ gpg_realname }} | grep 'expired'"
register: gpgExpKeys
changed_when: false
become: true
ansible.builtin.shell: "gpg --list-keys {{ gpg_realname }} | grep 'expired'"
ignore_errors: true
failed_when: false
when: gpgkeys.stdout_lines|length > 0
changed_when: false
register: gpgExpKeys
when: gpgkeys.stdout_lines|length > 0
- name: Update expired
shell: 'printf "expire\n{{ gpg_expire }}\nsave\n" | gpg --batch --command-fd 0 --status-fd=2 --edit-key {{ gpg_realname }}'
become: true
ansible.builtin.shell: 'printf "expire\n{{ gpg_expire }}\nsave\n" | gpg --batch --command-fd 0 --status-fd=2 --edit-key {{ gpg_realname }}'
when: gpgkeys.stdout_lines|length > 0 and gpgExpKeys.stdout_lines|length > 0
- include_tasks: gpg-gen-key.yaml
- ansible.builtin.include_tasks: gpg-gen-key.yaml
when: gpgkeys.stdout_lines|length < 1
- name: get user armored public key
shell: "sudo gpg --armor --output {{ gpg_pubkeyfileexport }} --export {{ gpg_useremail }}"
- name: Get user armored public key
become: true
ansible.builtin.command: "sudo gpg --armor --output {{ gpg_pubkeyfileexport }} --export {{ gpg_useremail }}"
when: gpgkeys.stdout_lines|length < 1 or (gpgkeys.stdout_lines|length > 0 and gpgExpKeys.stdout_lines|length > 0)
- name: After export move the key to /var/packages
shell: "sudo mv {{ gpg_pubkeyfileexport }} /var/packages"
become: true
ansible.builtin.command: "sudo mv {{ gpg_pubkeyfileexport }} /var/packages"
when: gpgkeys.stdout_lines|length < 1 or (gpgkeys.stdout_lines|length > 0 and gpgExpKeys.stdout_lines|length > 0)

10
data/ansible/roles/gpg/templates/gen-key-script.j2
View File

@@ -1,13 +1,13 @@
{{ ansible_managed | comment }}
%echo Generating a basic OpenPGP key
Key-Type: default
%no-protection
Key-Type: RSA
Key-Length: {{ gpg_keylength }}
Subkey-Type: default
Subkey-Type: RSA
Subkey-Length: {{ gpg_subkeylength }}
Name-Real: {{ gpg_realname }}
Name-Email: {{ gpg_useremail }}
Expire-Date: {{ gpg_expire }}
%no-ask-passphrase
%pubring {{ gpg_home }}/.gnupg/pubring.kbx
%secring {{ gpg_home }}/.gnupg/private-keys-v1.d
%commit
%echo done
%echo done

2
data/ansible/roles/gpg/templates/gpg.conf.j2
View File

@@ -2,4 +2,4 @@
# Prioritize stronger algorithms for new keys.
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed
# Use a stronger digest than the default SHA1 for certifications.
cert-digest-algo SHA512
cert-digest-algo SHA512

2
data/ansible/roles/reprepro/defaults/main.yaml Normal file
View File

@@ -0,0 +1,2 @@
---
reprepro_basedir: /var/packages/debian

54
data/ansible/roles/reprepro/tasks/main.yaml Normal file
View File

@@ -0,0 +1,54 @@
---
- name: Validate distributions variable
ansible.builtin.fail:
msg: "The 'distributions' variable must be defined and contain at least one distribution with codename and version properties."
when: not distributions | default(false)
- name: Ensure reprepro is installed
become: true
ansible.builtin.apt:
name: reprepro
state: present
- name: Create debian repository base directory
become: true
ansible.builtin.file:
path: "{{ reprepro_basedir }}"
state: directory
- name: Create reprepro configuration directory
become: true
ansible.builtin.file:
path: "{{ reprepro_basedir }}/conf"
state: directory
- name: Create reprepro incoming packages directory
become: true
ansible.builtin.file:
path: "{{ reprepro_basedir }}/incoming"
state: directory
- name: Configure reprepro distribution settings
become: true
ansible.builtin.template:
src: distributions.conf.j2
dest: "{{ reprepro_basedir }}/conf/distributions"
mode: "0600"
owner: root
- name: Configure reprepro general options
become: true
ansible.builtin.template:
src: options.conf.j2
dest: "{{ reprepro_basedir }}/conf/options"
mode: "0600"
owner: root
- name: Initialize empty override file for testing distribution
become: true
ansible.builtin.copy:
content: ""
dest: "{{ reprepro_basedir }}/conf/override.testing"
force: false
group: root
owner: root

34
data/ansible/deb_packages/distributions.conf.j2 → data/ansible/roles/reprepro/templates/distributions.conf.j2
View File

@@ -12,11 +12,22 @@ DscOverride: override.testing
Origin: apt.cgrates.org
Label: apt.cgrates.org
Suite: nightly
Codename: nightly
Suite: master
Codename: master
Architectures: amd64
Components: main
Description: CGRateS APT Nightly repository
Description: CGRateS master APT repository
SignWith: yes
DebOverride: override.testing
DscOverride: override.testing
Origin: apt.cgrates.org
Label: apt.cgrates.org
Suite: nightly
Codename: 1.0
Architectures: amd64
Components: main
Description: CGRateS nightly repository
SignWith: yes
DebOverride: override.testing
DscOverride: override.testing
@@ -52,4 +63,19 @@ SignWith: yes
DebOverride: override.testing
DscOverride: override.testing
{% endfor %}
Origin: apt.cgrates.org
Label: apt.cgrates.org
Suite: nightly-{{ distribution['codename'] }}
Codename: 1.0-{{ distribution['codename'] }}
Architectures: amd64 source
Components: main
Description: CGRateS nightly APT repository for {{ distribution['codename'] }}
DebIndices: Packages Release . .gz
Contents: . .gz
ContentsArchitectures: amd64 source
ContentsComponents: main
SignWith: yes
DebOverride: override.testing
DscOverride: override.testing
{% endfor %}

2
data/ansible/deb_packages/options.conf.j2 → data/ansible/roles/reprepro/templates/options.conf.j2
View File

@@ -1,3 +1,3 @@
{{ ansible_managed | comment }}
verbose
basedir /var/packages/debian
basedir /var/packages/debian

2
data/docker/integration/Dockerfile
View File

@@ -74,7 +74,7 @@ RUN apt-get clean && \
RUN touch /logs/mariadb.log /logs/mariadb_script.log /logs/rabbitmq.log
RUN chmod 777 /logs/mariadb.log /logs/mariadb_script.log /logs/rabbitmq.log
RUN wget -O go.tgz "https://storage.googleapis.com/golang/go1.24.0.linux-amd64.tar.gz" --progress=dot:giga
RUN wget -O go.tgz "https://storage.googleapis.com/golang/go1.24.2.linux-amd64.tar.gz" --progress=dot:giga
RUN tar -C /usr/local -xzf go.tgz
RUN rm go.tgz

2
go.mod
View File

@@ -1,6 +1,6 @@
module github.com/cgrates/cgrates
go 1.24.0
go 1.24.2
// replace github.com/cgrates/radigo => ../radigo