From 7363e29f93ff8566462dc6056a65dce23a58871b Mon Sep 17 00:00:00 2001 From: arberkatellari Date: Mon, 14 Apr 2025 16:56:51 +0200 Subject: [PATCH] Revise deb_packages script and update Go version --- data/ansible/deb_packages/gen-key-script | 13 - data/ansible/deb_packages/go.yaml | 122 ----- data/ansible/deb_packages/golang.sh.j2 | 12 - data/ansible/deb_packages/gpg-gen-key.yaml | 44 -- data/ansible/deb_packages/gpg.conf.j2 | 5 - data/ansible/deb_packages/gpg.yaml | 43 -- data/ansible/deb_packages/hosts | 3 + data/ansible/deb_packages/main.yaml | 450 +++++++++--------- data/ansible/deb_packages/nginx.yaml | 4 +- data/ansible/deb_packages/reprepro.yaml | 43 -- data/ansible/roles/cgrates/defaults/main.yaml | 15 +- data/ansible/roles/cgrates/tasks/main.yaml | 88 ++-- data/ansible/roles/go/defaults/main.yaml | 8 +- data/ansible/roles/go/tasks/main.yaml | 46 +- data/ansible/roles/gpg/tasks/gpg-gen-key.yaml | 58 ++- data/ansible/roles/gpg/tasks/main.yaml | 56 ++- .../roles/gpg/templates/gen-key-script.j2 | 10 +- data/ansible/roles/gpg/templates/gpg.conf.j2 | 2 +- .../ansible/roles/reprepro/defaults/main.yaml | 2 + data/ansible/roles/reprepro/tasks/main.yaml | 54 +++ .../reprepro/templates}/distributions.conf.j2 | 34 +- .../reprepro/templates}/options.conf.j2 | 2 +- data/docker/integration/Dockerfile | 2 +- go.mod | 2 +- 24 files changed, 499 insertions(+), 619 deletions(-) delete mode 100644 data/ansible/deb_packages/gen-key-script delete mode 100644 data/ansible/deb_packages/go.yaml delete mode 100644 data/ansible/deb_packages/golang.sh.j2 delete mode 100644 data/ansible/deb_packages/gpg-gen-key.yaml delete mode 100644 data/ansible/deb_packages/gpg.conf.j2 delete mode 100644 data/ansible/deb_packages/gpg.yaml create mode 100644 data/ansible/deb_packages/hosts delete mode 100644 data/ansible/deb_packages/reprepro.yaml create mode 100644 data/ansible/roles/reprepro/defaults/main.yaml create mode 100644 data/ansible/roles/reprepro/tasks/main.yaml rename data/ansible/{deb_packages => roles/reprepro/templates}/distributions.conf.j2 (64%) rename data/ansible/{deb_packages => roles/reprepro/templates}/options.conf.j2 (57%) diff --git a/data/ansible/deb_packages/gen-key-script b/data/ansible/deb_packages/gen-key-script deleted file mode 100644 index e1ad3c585..000000000 --- a/data/ansible/deb_packages/gen-key-script +++ /dev/null @@ -1,13 +0,0 @@ -{{ ansible_managed | comment }} -%echo Generating a basic OpenPGP key -%no-protection -Key-Type: RSA -Key-Length: {{ gpg_keylength }} -Subkey-Type: RSA -Subkey-Length: {{ 2048 }} -Name-Real: {{ gpg_realname }} -Name-Email: {{ gpg_useremail }} -Expire-Date: {{ gpg_expire }} -%no-ask-passphrase -%commit -%echo done \ No newline at end of file diff --git a/data/ansible/deb_packages/go.yaml b/data/ansible/deb_packages/go.yaml deleted file mode 100644 index c08fae40b..000000000 --- a/data/ansible/deb_packages/go.yaml +++ /dev/null @@ -1,122 +0,0 @@ ---- -- name: create gopath directory - file: - state: directory - mode: 'u=rwx,go=rx' - dest: '{{ golang_gopath }}' - -- name: create download directory - file: - state: directory - mode: 'u=rwx,go=rx' - dest: '{{ golang_download_dir }}' - -- name: Register the current Go version (if any) - command: /usr/local/go/bin/go version - ignore_errors: yes - register: go_version - changed_when: false - -- name: Remove old installation of Go - become: yes - file: - path: /usr/local/go - state: absent - when: go_version is failed or go_version.stdout != go_version_target - -- name: download Go language SDK - get_url: - url: '{{ golang_mirror }}/{{ golang_redis_filename }}' - dest: '{{ golang_download_dir }}/{{ golang_redis_filename }}' - mode: 'u=rw,go=r' - -- name: create Go language SDK installation directory - become: yes - file: - state: directory - owner: root - group: root - mode: 'u=rwx,go=rx' - dest: '{{ golang_install_dir }}' - -- name: install Go language SDK - become: yes - unarchive: - src: '{{ golang_download_dir }}/{{ golang_redis_filename }}' - remote_src: yes - extra_opts: '--strip-components=1' - dest: '{{ golang_install_dir }}' - owner: root - group: root - creates: '{{ golang_install_dir }}/bin' - -# Set Go language SDK environment variables -- name: make sure /etc/profile.d exists - become: yes - file: - path: /etc/profile.d - state: directory - owner: root - group: root - mode: 'u=rwx,go=rx' - -- name: export Go language SDK environment variables - become: yes - template: - src: golang.sh.j2 - dest: /etc/profile.d/golang.sh - owner: root - group: root - mode: 'u=rw,go=r' - -- name: Export GOROOT for root - become: yes - lineinfile: - path: ~/.bashrc - line: export GOROOT='{{ golang_install_dir }}' - insertafter: last - -- name: Add GOROOT to PATH for root - become: yes - lineinfile: - dest: ~/.bashrc - line: export PATH=$PATH:$GOROOT/bin - insertafter: last - -- name: Export GOPATH for root - become: yes - lineinfile: - dest: ~/.bashrc - line: export GOPATH='{{ golang_gopath }}' - insertafter: last - -- name: Add GOPATH to PATH for root - become: yes - lineinfile: - dest: ~/.bashrc - line: export PATH=$PATH:$GOPATH/bin - insertafter: last - -- name: Export GOROOT - lineinfile: - dest: ~/.bashrc - line: export GOROOT='{{ golang_install_dir }}' - insertafter: last - -- name: Add GOROOT to PATH - lineinfile: - dest: ~/.bashrc - line: export PATH=$PATH:$GOROOT/bin - insertafter: last - -- name: Export GOPATH - lineinfile: - dest: ~/.bashrc - line: export GOPATH='{{ golang_gopath }}' - insertafter: last - -- name: Add GOPATH to PATH - lineinfile: - dest: ~/.bashrc - line: export PATH=$PATH:$GOPATH/bin - insertafter: last diff --git a/data/ansible/deb_packages/golang.sh.j2 b/data/ansible/deb_packages/golang.sh.j2 deleted file mode 100644 index 7bfc41c2e..000000000 --- a/data/ansible/deb_packages/golang.sh.j2 +++ /dev/null @@ -1,12 +0,0 @@ - -#!/bin/sh - -{{ ansible_managed | comment('plain') }} - -export GOROOT='{{ golang_install_dir }}' -export PATH=$PATH:$GOROOT/bin - -{% if golang_gopath not in (None, '') %} -export GOPATH="{{ golang_gopath }}" -export PATH=$PATH:$GOPATH/bin -{% endif %} \ No newline at end of file diff --git a/data/ansible/deb_packages/gpg-gen-key.yaml b/data/ansible/deb_packages/gpg-gen-key.yaml deleted file mode 100644 index 00d946d1f..000000000 --- a/data/ansible/deb_packages/gpg-gen-key.yaml +++ /dev/null @@ -1,44 +0,0 @@ ---- -- name: set defaut gpg options - become: true - template: - src: gpg.conf.j2 - dest: "{{ gpg_home }}/.gnupg/gpg.conf" - mode: '0600' - owner: "{{ rootUser }}" - -- name: copy default template for gpg key generation - become: true - template: - src: gen-key-script - dest: "{{ gpg_home }}/.gnupg/gen-key-script-{{ rootUser }}" - mode: '0600' - owner: "{{ rootUser }}" - -- name: create some required file - become: true - shell: "gpg --list-secret-keys --keyid-format LONG" - -- name: When starting fresh we need to make sure we have rng-tools - become: true - apt: - name: rng-tools - state: present - ignore_errors: true - -- name: Add HRNGDEVICE=/dev/urandom so we can execute rngd - become: true - lineinfile: - path: /etc/default/rng-tools - line: HRNGDEVICE=/dev/urandom - insertafter: last - -- name: generate randomness - become: true - shell: "sudo /etc/init.d/rng-tools restart" - ignore_errors: true - -- name: generate gpg key - become: true - shell: "sudo gpg --batch --gen-key {{ gpg_home }}/.gnupg/gen-key-script-{{ rootUser }}" - diff --git a/data/ansible/deb_packages/gpg.conf.j2 b/data/ansible/deb_packages/gpg.conf.j2 deleted file mode 100644 index 38d375f03..000000000 --- a/data/ansible/deb_packages/gpg.conf.j2 +++ /dev/null @@ -1,5 +0,0 @@ -{{ ansible_managed | comment }} -# Prioritize stronger algorithms for new keys. -default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed -# Use a stronger digest than the default SHA1 for certifications. -cert-digest-algo SHA512 diff --git a/data/ansible/deb_packages/gpg.yaml b/data/ansible/deb_packages/gpg.yaml deleted file mode 100644 index a103e50a5..000000000 --- a/data/ansible/deb_packages/gpg.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -- name: Restart gpg-agent - become: true - shell: "gpgconf --kill all" - -- name: Ensure .gnupg config directory exists with right permissions - become: true - file: dest={{ gpg_home }}/.gnupg state=directory mode=0700 owner="{{ rootUser }}" - -## Note: matching on realname or email doesn't allow to create multiple keys. alternative? -- name: check existing secret key - shell: "gpg --list-secret-keys | grep '{{ gpg_realname }}'" - changed_when: false - ignore_errors: true - become: yes - become_user: "{{ rootUser }}" - register: gpgkeys - -- name: Check expired keys - become: yes - shell: "gpg --list-keys {{ gpg_realname }} | grep 'expired'" - ignore_errors: yes - failed_when: false - register: gpgExpKeys - when: gpgkeys.stdout_lines|length > 0 - -- name: Update expired - become: yes - shell: 'printf "expire\n{{ gpg_expire }}\nsave\n" | gpg --batch --command-fd 0 --status-fd=2 --edit-key {{ gpg_realname }}' - when: gpgkeys.stdout_lines|length > 0 and gpgExpKeys.stdout_lines|length > 0 - -- include: gpg-gen-key.yaml - when: gpgkeys.stdout_lines|length < 1 - -- name: get user armored public key - become: true - shell: "sudo gpg --armor --output {{ gpg_pubkeyfileexport }} --export {{ gpg_useremail }}" - when: gpgkeys.stdout_lines|length < 1 or (gpgkeys.stdout_lines|length > 0 and gpgExpKeys.stdout_lines|length > 0) - -- name: After export move the key to /var/packages - become: true - shell: "sudo mv {{ gpg_pubkeyfileexport }} /var/packages" - when: gpgkeys.stdout_lines|length < 1 or (gpgkeys.stdout_lines|length > 0 and gpgExpKeys.stdout_lines|length > 0) diff --git a/data/ansible/deb_packages/hosts b/data/ansible/deb_packages/hosts new file mode 100644 index 000000000..cacfb49c5 --- /dev/null +++ b/data/ansible/deb_packages/hosts @@ -0,0 +1,3 @@ +[all] +apt ansible_host=h4.itsyscom.com ansible_port=60022 ansible_ssh_user=dan user=dan pkgAddr=192.168.122.132 +pkg ansible_host=h4.itsyscom.com ansible_port=60032 ansible_ssh_user=dan user=dan \ No newline at end of file diff --git a/data/ansible/deb_packages/main.yaml b/data/ansible/deb_packages/main.yaml index 3a8132ba8..cc18139dd 100644 --- a/data/ansible/deb_packages/main.yaml +++ b/data/ansible/deb_packages/main.yaml @@ -1,44 +1,7 @@ --- - hosts: apt vars: - ansible_python_interpreter: auto # to disable deprication warning related to the use of python2 - ############################################################### - ##################### Golang Vars ############################# - ############################################################### - # Go language SDK version number - golang_version: '1.24' - go_version_target: "go version go{{ golang_version }} linux/amd64" - # Mirror to download the Go language SDK redistributable package from - golang_mirror: 'https://storage.googleapis.com/golang' - # Base installation directory the Go language SDK distribution - golang_install_dir: '/usr/local/go' - # Directory to store files downloaded for Go language SDK installation - golang_download_dir: "{{ x_ansible_download_dir | default(ansible_env.HOME + '/.ansible/tmp/downloads') }}" - # Location for GOPATH environment variable - golang_gopath: "/home/{{ user }}/go" - # Filename of Go language SDK redistributable package - golang_redis_filename: 'go{{ golang_version }}.linux-amd64.tar.gz' - - ############################################################### - # CGRateS vars - cgrates_dir: "{{ golang_gopath }}/src/github.com/cgrates/cgrates" - cgrates_branch: "1.0" - cgrates_distribution: "nightly" - ############################################################### - ######################## GPG Vars ############################# - ############################################################### - gpg_home: "/root" - gpg_realname: "CGRateS" - gpg_useremail: "cgrates@itsyscom.com" - gpg_pubkeyfileexport: "apt.cgrates.org.gpg.key" - - gpg_keylength: 2048 - gpg_subkeylength: 2048 - gpg_expire: 360 - - rootUser : root - - customPath: "{{ lookup('env','PATH') }}:{{ golang_gopath }}/bin:/usr/local/go/bin:{{ ansible_env.PATH }}" + rootUser: root dependencies: - build-essential @@ -50,7 +13,6 @@ - dpkg-dev - git - pbuilder - - reprepro - nginx distributions: @@ -59,250 +21,295 @@ - codename: bullseye version: 11 - remote_user: "{{ user }}" - tasks: - - name: set cgrates cgrates_distribution - set_fact: - cgrates_distribution: "{{ cgrates_distribution }}" -########################################################################################################################### -########################################################################################################################### -# install dependencies - - name: Install dependencies - become: yes - apt: name={{ dependencies }} state=present -########################################################################################################################### -########################################################################################################################### -# Prepare for configuration - - name: Config reprepro - include: reprepro.yaml + roles: + - ../roles/reprepro + - ../roles/gpg - - name: Generate GPG Key - include: gpg.yaml + tasks: + - name: Install dependencies + become: true + ansible.builtin.apt: + name: "{{ dependencies }}" + state: present - name: Check if NGINX needs to be configured become: true - shell: "ls /etc/nginx/sites-enabled | grep 'apt.cgrates.org.vhost'" + ansible.builtin.shell: "ls /etc/nginx/sites-enabled | grep 'apt.cgrates.org.vhost'" ignore_errors: true register: nginxConfig - name: Configure NGINX server - include: nginx.yaml - when: nginxConfig.stdout_lines|length < 1 - + ansible.builtin.include_tasks: nginx.yaml + when: nginxConfig.stdout_lines | length < 1 + - name: Enable and start nginx - systemd: + ansible.builtin.systemd: name: nginx state: started - masked: no - enabled: yes + masked: false + enabled: true -########################################################################################################################### -########################################################################################################################### -# Install Golang - - name: install unarchive dependencies (zypper) - become: yes - zypper: - name: - - gzip - - tar - state: present - when: ansible_pkg_mgr == 'zypper' + - name: Install Go + ansible.builtin.import_role: + name: ../roles/go + vars: + go_clean_build_cache: true + go_clean_modcache: true - name: Create chroots - become: yes - command: "cowbuilder --create --distribution {{ item.codename }} --architecture amd64 --basepath /var/cache/pbuilder/base-{{ item.codename }}+go.cow --mirror http://deb.debian.org/debian --components main" + become: true + ansible.builtin.command: >- + cowbuilder --create --distribution {{ item.codename }} --architecture amd64 + --basepath /var/cache/pbuilder/base-{{ item.codename }}+go.cow + --mirror http://deb.debian.org/debian --components main args: creates: "/var/cache/pbuilder/base-{{ item.codename }}+go.cow" with_items: "{{ distributions }}" - name: Check Go tarball - stat: + ansible.builtin.stat: path: "/usr/local/src/{{ go_tarball }}" register: downloaded_go_tarball - name: Download Go tarball - become: yes - get_url: + become: true + ansible.builtin.get_url: url: "{{ go_download_url }}" dest: "/usr/local/src/{{ go_tarball }}" checksum: "sha256:{{ go_checksum }}" + mode: "0644" when: not downloaded_go_tarball.stat.exists + - name: Check Go version in chroots + become: true + ansible.builtin.command: >- + chroot /var/cache/pbuilder/base-{{ item.codename }}+go.cow + bash -c "GOROOT=/usr/local/go /usr/local/go/bin/go version" + register: chroot_go_version + ignore_errors: true + with_items: "{{ distributions }}" + changed_when: false + + - name: Remove old Go from chroots when version differs + become: true + ansible.builtin.file: + path: "/var/cache/pbuilder/base-{{ item.item.codename }}+go.cow/usr/local/go" + state: absent + with_items: "{{ chroot_go_version.results }}" + when: + - item.rc == 0 + - go_version not in item.stdout + - name: Install Go in chroots - become: yes - unarchive: + become: true + ansible.builtin.unarchive: src: "/usr/local/src/{{ go_tarball }}" dest: "/var/cache/pbuilder/base-{{ item.codename }}+go.cow/usr/local" - copy: no + copy: false creates: "/var/cache/pbuilder/base-{{ item.codename }}+go.cow/usr/local/go" with_items: "{{ distributions }}" - name: Customize .bashrc in chroots become: true - template: + ansible.builtin.template: src: bashrc.j2 dest: "/var/cache/pbuilder/base-{{ item.codename }}+go.cow/root/.bashrc" mode: "0644" - owner: "root" - group: "root" + owner: root + group: root with_items: "{{ distributions }}" - name: Customize .pbuilderrc - template: + ansible.builtin.template: src: pbuilderrc.j2 dest: "/home/{{ user }}/.pbuilderrc" mode: "0644" - name: Check update timestamp - stat: + ansible.builtin.stat: path: "/var/cache/pbuilder/update-timestamp" register: update_timestamp - name: Update chroots - become: yes - command: "cowbuilder --update --basepath /var/cache/pbuilder/base-{{ item.codename }}+go.cow" + become: true + ansible.builtin.command: "cowbuilder --update --basepath /var/cache/pbuilder/base-{{ item.codename }}+go.cow" with_items: "{{ distributions }}" when: not update_timestamp.stat.exists or update_timestamp.stat.mtime <= (ansible_date_time.epoch | int - 86400) register: update_chroots - name: Update timestamp - become: yes - file: - path: "/var/cache/pbuilder/update-timestamp" + become: true + ansible.builtin.file: + path: /var/cache/pbuilder/update-timestamp state: touch + mode: "0644" when: update_chroots.changed ########################################################################################################################### ########################################################################################################################### - # Install CGRateS - - name: create cgrates directory - file: - state: directory - mode: 'u=rwx,go=rx' - owner: "{{ user }}" - group: "{{ user }}" - dest: "{{ cgrates_dir }}" + - name: Set up cgrates + ansible.builtin.import_role: + name: ../../roles/cgrates + vars: + cgrates_bin_path: "" + cgrates_dbs: [] + cgrates_dependencies: [] - - name: git clone cgrates - git: - repo: https://github.com/cgrates/cgrates.git - dest: '{{ cgrates_dir }}' - update: yes - force: yes - version: "{{ cgrates_branch }}" - - - name: clean go cache - shell: "go clean --cache" + - name: Sync the go mod with vendor + ansible.builtin.command: + cmd: go mod vendor + chdir: "{{ cgrates_dir }}" environment: - PATH: "{{ customPath }}" + PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin" - - name: clean go modcache - shell: "go clean --modcache" - environment: - PATH: "{{ customPath }}" - - - name: sync the go mod with vendor - shell: "go mod vendor" - environment: - PATH: "{{ customPath }}" - args: - chdir: '{{ cgrates_dir }}' - - - name: build cgrates - shell: "sh {{ cgrates_dir }}/build.sh" - environment: - PATH: "{{ customPath }}" - args: - chdir: '{{ cgrates_dir }}' - - - name: symbol link - become: yes - file: - src: "{{ cgrates_dir }}/data" - dest: "/usr/share/cgrates" - state: link - - - name: get git tag - shell: "git tag -l --points-at HEAD" - args: - chdir: '{{ cgrates_dir }}' - register: gitTagVar - - ########################################################################################################################### - ########################################################################################################################### - # Generate package - - name: Generate packages - command: 'env "DISTRIBUTION={{ item.codename }}" make -C packages deb' + - name: Get current Git tag + ansible.builtin.command: git tag -l --points-at HEAD args: chdir: "{{ cgrates_dir }}" - with_items: "{{ distributions }}" + register: git_tag_result - - name: Check if the packages were generated - shell: "ls /home/{{ user }}/go/src/github.com/cgrates | grep -E 'cgrates(-dbgsym)?_'" - ignore_errors: true - register: packagesVar + ########################################################################################################################### + ########################################################################################################################### - - name: Move the files to /var/packages/debian/incoming - become: yes - command: mv {{item}} /var/packages/debian/incoming/ - args: - chdir: "/home/{{ user }}/go/src/github.com/cgrates" - when: packagesVar.stdout_lines|length > 0 - with_items: "{{ packagesVar.stdout_lines }}" + - block: + - name: Generate packages + ansible.builtin.command: 'env "DISTRIBUTION={{ item.codename }}" make -C packages deb' + args: + chdir: "{{ cgrates_dir }}" + with_items: "{{ distributions }}" - - name: Get the name of the deb files - shell: "ls /var/packages/debian/incoming/ | grep -E '.(build|buildinfo|changes|deb|debian.tar.*|dsc|orig.*.tar.*)$'" - register: packageFileNames + - name: Find generated package files + ansible.builtin.find: + paths: "/home/{{ user }}/go/src/github.com/cgrates" + patterns: + - cgrates_* + - cgrates-dbgsym_* + file_type: file + register: package_files - - name: Include the packages with reprepro - become: yes - shell: reprepro -Vb . --ignore=wrongdistribution include {{ cgrates_branch }}-{{ item.codename }} /var/packages/debian/incoming/*~deb{{ item.version }}u1_amd64.changes - args: - chdir: /var/packages/debian - with_items: "{{ distributions }}" - when: cgrates_branch == "master" or gitTagVar.stdout_lines|length > 0 + - name: Move package files to incoming directory + become: true + ansible.builtin.command: mv {{ item.path }} {{ reprepro_basedir }}/incoming/ + args: + creates: "{{ reprepro_basedir }}/incoming/{{ item.path | basename }}" + removes: "{{ item.path }}" + with_items: "{{ package_files.files }}" + when: package_files.matched > 0 - # Include the package with reprepro - - name : Include the package with reprepro - become: yes - command: sudo reprepro -A amd64 -Vb . include {{ cgrates_distribution }} /var/packages/debian/incoming/{{ item }} - ignore_errors: true - args : - chdir: /var/packages/debian - with_items: '{{ changesFileNames.stdout_lines }}' - when : cgrates_branch == "master" or gitTagVar.stdout_lines|length > 0 + - name: Find Debian package changes files (.changes) for each distribution + ansible.builtin.find: + paths: "{{ reprepro_basedir }}/incoming" + patterns: "*~deb{{ item.version }}u1_amd64.changes" + file_type: file + register: changes_files + with_items: "{{ distributions }}" - # Move the file to PKG server - - name: Copy the file to PKG server - shell: 'scp /var/packages/debian/incoming/{{ item }} {{ pkgAddr }}:/tmp/' - args: - chdir: /var/packages/debian/incoming/ - with_items: "{{ packageFileNames.stdout_lines }}" + - name: Validate that each distribution has exactly one .changes file for proper reprepro inclusion + ansible.builtin.fail: + msg: "Debian packaging error: Expected exactly 1 .changes file for {{ item.item.codename }}, found {{ item.matched }}. Each distribution should have a single .changes file for proper repository inclusion." + when: item.matched != 1 + with_items: "{{ changes_files.results }}" - # Clean the incoming folder - - name: Clean the incoming folder - become: yes - shell: "rm /var/packages/debian/incoming/*" - args: - chdir: /var/packages/debian + - name: Include the packages with reprepro + become: true + ansible.builtin.shell: + cmd: reprepro -Vb . --ignore=wrongdistribution include {{ cgrates_branch }}-{{ item.item.codename }} {{ item.files[0].path }} + chdir: "{{ reprepro_basedir }}" + with_items: "{{ changes_files.results }}" + + - name: Copy the file to PKG server + ansible.builtin.command: "scp {{ reprepro_basedir }}/incoming/{{ item.path | basename }} {{ pkgAddr }}:/tmp/" + with_items: "{{ package_files.files }}" + + rescue: + - name: Find all files in incoming directory + ansible.builtin.find: + paths: "{{ reprepro_basedir }}/incoming" + file_type: file + register: all_incoming_files + + - name: Display files for debugging + ansible.builtin.debug: + msg: "{{ all_incoming_files.files | map(attribute='path') | list }}" + + - name: Find build log files + ansible.builtin.find: + paths: "{{ reprepro_basedir }}/incoming" + patterns: "*.build" + file_type: file + register: build_log_files + ignore_errors: true + + - name: Ensure log directory exists + become: true + ansible.builtin.file: + path: "/tmp/ansible_build_logs" + state: directory + mode: "0755" + ignore_errors: true + + - name: Copy build logs to a safe location + become: true + ansible.builtin.copy: + src: "{{ item.path }}" + dest: "/tmp/ansible_build_logs/{{ item.path | basename }}" + remote_src: true + with_items: "{{ build_log_files.files }}" + ignore_errors: true + when: build_log_files.matched > 0 + + - name: Remove chroot environments + become: true + ansible.builtin.file: + path: "/var/cache/pbuilder/base-{{ item.codename }}+go.cow" + state: absent + with_items: "{{ distributions }}" + + - name: Remove update timestamp + become: true + ansible.builtin.file: + path: "/var/cache/pbuilder/update-timestamp" + state: absent + + - name: Fail with error + ansible.builtin.fail: + msg: "Task failed - see original error above. Build logs saved to /tmp/ansible_build_logs/ if available." + + always: + - name: Clean the incoming folder + become: true + ansible.builtin.file: + path: "{{ reprepro_basedir }}/incoming" + state: absent + + - name: Remove leftover package files + ansible.builtin.file: + path: "{{ item }}" + state: absent + with_fileglob: + - "/home/{{ user }}/go/src/github.com/cgrates/cgrates_*" + - "/home/{{ user }}/go/src/github.com/cgrates/cgrates-dbgsym_*" - hosts: pkg vars: nginx_user: "www-data" - cgrates_branch: "master" + cgrates_branch: "1.0" distributions: - codename: bookworm version: 12 - codename: bullseye version: 11 tasks: - - name: set cgrates cgrates_distribution - set_fact: - cgrates_distribution: "{{ hostvars['apt']['cgrates_distribution'] }}" + - name: Add user to www-data group + become: true + ansible.builtin.user: + name: "{{ user }}" + groups: "{{ nginx_user }}" + append: true - name: Create directory - become: yes - file: + become: true + ansible.builtin.file: path: /var/packages/deb/{{ cgrates_branch }}/{{ item.codename }} state: directory mode: "0775" @@ -311,63 +318,50 @@ with_items: "{{ distributions }}" - name: Remove symlink from current deb package - become: yes - file: + ansible.builtin.file: path: /var/packages/deb/{{ cgrates_branch }}/{{ item.codename }}/cgrates_current_amd64.deb state: absent with_items: "{{ distributions }}" - when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0 - - - name: Move the new .orig.tar.gz to /var/packages/deb - become: yes - shell: "mv /tmp/cgrates*.orig*.tar.* /var/packages/deb/{{ cgrates_branch }}/" - when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0 - name: Move the new package to /var/packages/deb - become: yes - shell: "mv /tmp/cgrates*~deb{{ item.version }}u1* /var/packages/deb/{{ cgrates_branch }}/{{ item.codename }}/" + become: true + ansible.builtin.shell: "mv /tmp/cgrates_*~deb{{ item.version }}u1*.deb /var/packages/deb/{{ cgrates_branch }}/{{ item.codename }}/" with_items: "{{ distributions }}" - when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0 - name: Find all package files - become: yes - find: + become: true + ansible.builtin.find: path: "/var/packages/deb/{{ cgrates_branch }}/" patterns: "*.deb" - recurse: yes - when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0 + recurse: true register: package_files - name: Set ownership and permissions for moved files - become: yes - file: + become: true + ansible.builtin.file: path: "{{ item.path }}" - owner: "{{ nginx_user }}" - group: "{{ nginx_user }}" + owner: "{{ nginx_user }}" + group: "{{ nginx_user }}" mode: "0644" loop: "{{ package_files.files }}" - when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0 - name: Find package files per distribution - become: yes - find: + become: true + ansible.builtin.find: path: "/var/packages/deb/{{ cgrates_branch }}/{{ item.codename }}/" - patterns: "cgrates_*_amd64.deb" + patterns: cgrates_*_amd64.deb with_items: "{{ distributions }}" register: distribution_package_files - when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0 - - set_fact: + - ansible.builtin.set_fact: latest_file: "{{ item.files | sort(attribute='mtime', reverse=true) | first }}" with_items: "{{ distribution_package_files.results }}" register: latest_files - when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0 - name: Create the new symlink cgrates_current_amd64.deb - become: yes - file: + become: true + ansible.builtin.file: src: "{{ item.ansible_facts.latest_file.path }}" - dest: /var/packages/deb/{{ cgrates_branch }}/{{ item.item.item.codename }}/cgrates_current_amd64.deb + dest: "/var/packages/deb/{{ cgrates_branch }}/{{ item.item.item.codename }}/cgrates_current_amd64.deb" state: link with_items: "{{ latest_files.results }}" - when: cgrates_branch == "master" or hostvars['apt']['gitTagVar'].stdout_lines|length > 0 diff --git a/data/ansible/deb_packages/nginx.yaml b/data/ansible/deb_packages/nginx.yaml index 6279c5982..e2ea30dd9 100644 --- a/data/ansible/deb_packages/nginx.yaml +++ b/data/ansible/deb_packages/nginx.yaml @@ -4,7 +4,7 @@ template: src: nginx.conf.j2 dest: "/etc/nginx/sites-available/apt.cgrates.org.vhost" - mode: '0600' + mode: "0600" owner: "{{ rootUser }}" - name: Create a symlink for apt.cgrates.org @@ -16,4 +16,4 @@ - name: Restart the nginx so the change take effects become: true - shell: "/etc/init.d/nginx reload" \ No newline at end of file + ansible.builtin.command: "/etc/init.d/nginx reload" diff --git a/data/ansible/deb_packages/reprepro.yaml b/data/ansible/deb_packages/reprepro.yaml deleted file mode 100644 index a3a8bdc0d..000000000 --- a/data/ansible/deb_packages/reprepro.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -- name: Check if /var/packages/debian directory exists - become: true - file: - path: /var/packages/debian - state: directory - -- name: Check if /var/packages/debian/conf directory exists - become: true - file: - path: /var/packages/debian/conf - state: directory - -- name: Check if /var/packages/debian/incoming directory exists - become: true - file: - path: /var/packages/debian/incoming - state: directory - -- name: Add distributions file in reprepro - become: true - template: - src: distributions.conf.j2 - dest: "/var/packages/debian/conf/distributions" - mode: '0600' - owner: "{{ rootUser }}" - -- name: Add distributions file in reprepro - become: true - template: - src: options.conf.j2 - dest: "/var/packages/debian/conf/options" - mode: '0600' - owner: "{{ rootUser }}" - -- name: Create override.testing file - become: true - copy: - content: "" - dest: /var/packages/debian/conf/override.testing - force: no - group: root - owner: root diff --git a/data/ansible/roles/cgrates/defaults/main.yaml b/data/ansible/roles/cgrates/defaults/main.yaml index 2cc0816e9..cac7d57fd 100644 --- a/data/ansible/roles/cgrates/defaults/main.yaml +++ b/data/ansible/roles/cgrates/defaults/main.yaml @@ -1,16 +1,19 @@ --- -golang_gopath: '/home/{{ ansible_user }}/go' -clone_repository: true -cgrates_dir: '{{ golang_gopath }}/src/github.com/cgrates/cgrates' +golang_gopath: "/home/{{ ansible_user }}/go" golang_install_dir: /usr/local/go -git_version: 1.0 -cgrates_migrator_cfg_path: /usr/share/cgrates/conf/samples/tutmysql # leave empty to do nothing +cgrates_clone_repo: true +cgrates_dir: "{{ golang_gopath }}/src/github.com/cgrates/cgrates" +cgrates_branch: 1.0 + +# Leave empty to skip creating symlinks +cgrates_data_path: "/usr/share/cgrates" +cgrates_bin_path: "/usr/bin" + cgrates_dbs: - mysql - postgres - mongo -# CGRateS dependencies cgrates_dependencies: - git - redis-server diff --git a/data/ansible/roles/cgrates/tasks/main.yaml b/data/ansible/roles/cgrates/tasks/main.yaml index 40ee627dc..e1851bfcf 100644 --- a/data/ansible/roles/cgrates/tasks/main.yaml +++ b/data/ansible/roles/cgrates/tasks/main.yaml @@ -2,68 +2,70 @@ - name: Install CGRateS dependencies become: true ansible.builtin.package: - name: '{{ cgrates_dependencies }}' + name: "{{ cgrates_dependencies }}" state: present - update_cache: yes + update_cache: true - name: Create cgrates directory ansible.builtin.file: state: directory mode: u=rwx,go=rx - owner: '{{ ansible_user }}' - dest: '{{ cgrates_dir }}' - when: clone_repository | bool + owner: "{{ ansible_user }}" + dest: "{{ cgrates_dir }}" + when: cgrates_clone_repo | bool - name: Git clone cgrates ansible.builtin.git: repo: https://github.com/cgrates/cgrates.git - dest: '{{ cgrates_dir }}' - update: yes - force: yes - version: '{{ git_version }}' - when: clone_repository | bool + dest: "{{ cgrates_dir }}" + update: true + force: true + version: "{{ cgrates_branch }}" + when: cgrates_clone_repo | bool -- name: Build cgrates - ansible.builtin.shell: - cmd: bash -lc "sh {{ cgrates_dir }}/build.sh" - args: - chdir: '{{ cgrates_dir }}' - become_user: '{{ ansible_user }}' +- name: Install cgrates binaries + ansible.builtin.command: + cmd: bash -c './build.sh' + chdir: "{{ cgrates_dir }}" + environment: + PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin" -- name: Create symbolic links +- name: Create cgrates data folder symlink ansible.builtin.file: - src: '{{ item.src }}' - dest: '{{ item.dest }}' + src: "{{ cgrates_dir }}/data" + dest: "{{ cgrates_data_path }}" state: link become: true + when: cgrates_data_path | length > 0 + +- name: Create cgrates binary symlinks + ansible.builtin.file: + src: "{{ golang_gopath }}/bin/{{ item }}" + dest: "{{ cgrates_bin_path }}/{{ item }}" + state: link + become: true + when: cgrates_bin_path | length > 0 loop: - - { src: '{{ cgrates_dir }}/data', dest: /usr/share/cgrates } - - { src: '{{ golang_gopath }}/bin/cgr-engine', dest: /usr/bin/cgr-engine } - - { src: '{{ golang_gopath }}/bin/cgr-loader', dest: /usr/bin/cgr-loader } - - { - src: '{{ golang_gopath }}/bin/cgr-migrator', - dest: /usr/bin/cgr-migrator, - } - - { - src: '{{ golang_gopath }}/bin/cgr-console', - dest: /usr/bin/cgr-console, - } - - { src: '{{ golang_gopath }}/bin/cgr-tester', dest: /usr/bin/cgr-tester } + - cgr-engine + - cgr-loader + - cgr-migrator + - cgr-console + - cgr-tester - name: Run post install scripts become: true ansible.builtin.command: - cmd: '{{ item.cmd }}' - chdir: '{{ cgrates_dir }}/data/storage/{{ item.db }}' + cmd: "{{ item.cmd }}" + chdir: "{{ cgrates_dir }}/data/storage/{{ item.db }}" when: item.db in cgrates_dbs loop: - - { db: mysql, cmd: sh setup_ers_db.sh root CGRateS.org localhost } - - { db: mysql, cmd: sh setup_cgr_db.sh root CGRateS.org localhost } - - { db: postgres, cmd: sh create_db_with_users.sh } - - { db: postgres, cmd: sh create_ers_db.sh } - - { db: mongo, cmd: sh setup_cgr_db.sh } - -- name: Set versions - ansible.builtin.command: - cmd: 'cgr-migrator -exec=*set_versions -config_path={{ cgrates_migrator_cfg_path }}' - when: cgrates_migrator_cfg_path != "" + - db: mysql + cmd: sh setup_ers_db.sh root CGRateS.org localhost + - db: mysql + cmd: sh setup_cgr_db.sh root CGRateS.org localhost + - db: postgres + cmd: sh create_db_with_users.sh + - db: postgres + cmd: sh create_ers_db.sh + - db: mongo + cmd: sh setup_cgr_db.sh diff --git a/data/ansible/roles/go/defaults/main.yaml b/data/ansible/roles/go/defaults/main.yaml index fa6b5032a..2c0cdd906 100644 --- a/data/ansible/roles/go/defaults/main.yaml +++ b/data/ansible/roles/go/defaults/main.yaml @@ -1,8 +1,12 @@ --- -go_version: 1.24.0 +go_version: 1.24.2 go_platform: linux go_arch: amd64 go_tarball: go{{ go_version }}.{{ go_platform }}-{{ go_arch }}.tar.gz go_download_url: https://dl.google.com/go/{{ go_tarball }} -go_checksum: dea9ca38a0b852a74e81c26134671af7c0fbe65d81b0dc1c5bfe22cf7d4c8858 +go_checksum: 68097bd680839cbc9d464a0edce4f7c333975e27a90246890e9f1078c7e702ad install_go: true + +# Cleaning caches assumes go is available (either installed by the role or pre-existing) +go_clean_modcache: false +go_clean_build_cache: false diff --git a/data/ansible/roles/go/tasks/main.yaml b/data/ansible/roles/go/tasks/main.yaml index 0e50e1835..1dd6dc483 100644 --- a/data/ansible/roles/go/tasks/main.yaml +++ b/data/ansible/roles/go/tasks/main.yaml @@ -1,13 +1,13 @@ --- - name: Check if Go is already installed. - command: /usr/local/go/bin/go version + ansible.builtin.command: /usr/local/go/bin/go version ignore_errors: true register: go_version_result changed_when: false - name: Remove current installation. become: true - file: + ansible.builtin.file: state: absent path: /usr/local/go when: @@ -17,28 +17,54 @@ - name: Download Go. become: true - get_url: - url: '{{ go_download_url }}' - dest: /usr/local/src/{{ go_tarball }} - checksum: 'sha256:{{ go_checksum }}' + ansible.builtin.get_url: + url: "{{ go_download_url }}" + dest: "/usr/local/src/{{ go_tarball }}" + checksum: "sha256:{{ go_checksum }}" + mode: "0644" when: - install_go | bool - (go_version_result is failed or go_version not in go_version_result.stdout) - name: Extract Go. become: true - unarchive: - src: /usr/local/src/{{ go_tarball }} + ansible.builtin.unarchive: + src: "/usr/local/src/{{ go_tarball }}" dest: /usr/local - copy: no + copy: false when: - install_go | bool - (go_version_result is failed or go_version not in go_version_result.stdout) - name: Add Go to to system-wide $PATH. become: true - copy: + ansible.builtin.copy: dest: /etc/profile.d/go-path.sh content: |- export PATH=$PATH:/usr/local/go/bin + mode: "0644" when: install_go | bool + +- name: Get Go modcache path + ansible.builtin.command: go env GOMODCACHE + environment: + PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin" + register: gomodcache_path + changed_when: false + when: go_clean_modcache + +# Using file module since go clean --modcache is just a wrapper for rm -rf $GOMODCACHE +- name: Clean Go modcache + become: true + ansible.builtin.file: + path: "{{ gomodcache_path.stdout }}" + state: absent + when: go_clean_modcache + +- name: Clean Go build cache + ansible.builtin.command: go clean -x --cache + environment: + PATH: "{{ ansible_env.PATH }}:/usr/local/go/bin" + register: cache_clean_result + when: go_clean_build_cache + changed_when: "'rm -rf' in cache_clean_result.stdout" diff --git a/data/ansible/roles/gpg/tasks/gpg-gen-key.yaml b/data/ansible/roles/gpg/tasks/gpg-gen-key.yaml index a1ed0cd58..cc5c1ec13 100644 --- a/data/ansible/roles/gpg/tasks/gpg-gen-key.yaml +++ b/data/ansible/roles/gpg/tasks/gpg-gen-key.yaml @@ -1,23 +1,51 @@ --- -- name: set default gpg options - become: yes - template: +- name: Set defaut gpg options + become: true + ansible.builtin.template: src: gpg.conf.j2 dest: "{{ gpg_home }}/.gnupg/gpg.conf" - mode: '0600' + mode: "0600" owner: root -- name: copy default template for gpg - become: yes - template: +- name: Copy default template for gpg key generation + become: true + ansible.builtin.template: src: gen-key-script.j2 - dest: "{{ gpg_home }}/gen-key-script" - mode: '0700' + dest: "{{ gpg_home }}/.gnupg/gen-key-script-root" + mode: "0600" owner: root -- name: generate gpg keys - become: yes - command: gpg --batch --gen-key gen-key-script - args: - chdir: "{{ gpg_home }}" - notify: Restart gpg-agent +# Not sure what this task does, or if it's needed. +- name: List available GPG secret keys + become: true + ansible.builtin.command: "gpg --list-secret-keys --keyid-format LONG" + +# rng-tools might not be needed on newer kernel versions +- name: Install rng-tools-debian + become: true + ansible.builtin.apt: + name: rng-tools-debian + state: present + ignore_errors: true + +- name: Make sure /etc/default/rng-tools-debian exist + become: true + ansible.builtin.file: + path: /etc/default/rng-tools-debian + state: touch + +- name: Add HRNGDEVICE=/dev/urandom so we can execute rngd + become: true + ansible.builtin.lineinfile: + path: /etc/default/rng-tools-debian + line: HRNGDEVICE=/dev/urandom + insertafter: last + +- name: Generate randomness + become: true + ansible.builtin.command: "sudo /etc/init.d/rng-tools-debian restart" + ignore_errors: true + +- name: Generate gpg key + become: true + ansible.builtin.command: "sudo gpg --batch --gen-key {{ gpg_home }}/.gnupg/gen-key-script-root" diff --git a/data/ansible/roles/gpg/tasks/main.yaml b/data/ansible/roles/gpg/tasks/main.yaml index fdd4e237b..7cb3139cc 100644 --- a/data/ansible/roles/gpg/tasks/main.yaml +++ b/data/ansible/roles/gpg/tasks/main.yaml @@ -1,36 +1,56 @@ --- -# tasks file for gpg +- name: Ensure GnuPG is installed + become: true + ansible.builtin.apt: + name: gnupg + state: present + +- name: Restart gpg-agent + become: true + ansible.builtin.command: "gpgconf --kill all" + # TODO: Make it execute only when GPG config changes or keys are updated + changed_when: false + - name: Ensure .gnupg config directory exists with right permissions - file: - dest: "{{ gpg_home }}/.gnupg" - state: directory - mode: 0700 + become: true + ansible.builtin.file: + dest: "{{ gpg_home }}/.gnupg" + state: directory + mode: "0700" owner: root -- name: check existing secret key - shell: "gpg --list-secret-keys | grep '{{ gpg_realname }}'" - register: gpgkeys +# Note: matching on realname or email doesn't allow to create multiple keys. alternative? +- name: Check existing secret key + ansible.builtin.shell: "gpg --list-secret-keys | grep '{{ gpg_realname }}'" changed_when: false - failed_when: false + ignore_errors: true + become: true + become_user: root + register: gpgkeys - name: Check expired keys - shell: "gpg --list-keys {{ gpg_realname }} | grep 'expired'" - register: gpgExpKeys - changed_when: false + become: true + ansible.builtin.shell: "gpg --list-keys {{ gpg_realname }} | grep 'expired'" + ignore_errors: true failed_when: false - when: gpgkeys.stdout_lines|length > 0 + changed_when: false + register: gpgExpKeys + when: gpgkeys.stdout_lines|length > 0 - name: Update expired - shell: 'printf "expire\n{{ gpg_expire }}\nsave\n" | gpg --batch --command-fd 0 --status-fd=2 --edit-key {{ gpg_realname }}' + become: true + ansible.builtin.shell: 'printf "expire\n{{ gpg_expire }}\nsave\n" | gpg --batch --command-fd 0 --status-fd=2 --edit-key {{ gpg_realname }}' when: gpgkeys.stdout_lines|length > 0 and gpgExpKeys.stdout_lines|length > 0 -- include_tasks: gpg-gen-key.yaml +- ansible.builtin.include_tasks: gpg-gen-key.yaml when: gpgkeys.stdout_lines|length < 1 -- name: get user armored public key - shell: "sudo gpg --armor --output {{ gpg_pubkeyfileexport }} --export {{ gpg_useremail }}" +- name: Get user armored public key + become: true + ansible.builtin.command: "sudo gpg --armor --output {{ gpg_pubkeyfileexport }} --export {{ gpg_useremail }}" when: gpgkeys.stdout_lines|length < 1 or (gpgkeys.stdout_lines|length > 0 and gpgExpKeys.stdout_lines|length > 0) - name: After export move the key to /var/packages - shell: "sudo mv {{ gpg_pubkeyfileexport }} /var/packages" + become: true + ansible.builtin.command: "sudo mv {{ gpg_pubkeyfileexport }} /var/packages" when: gpgkeys.stdout_lines|length < 1 or (gpgkeys.stdout_lines|length > 0 and gpgExpKeys.stdout_lines|length > 0) diff --git a/data/ansible/roles/gpg/templates/gen-key-script.j2 b/data/ansible/roles/gpg/templates/gen-key-script.j2 index 55ca3262c..d6e858f49 100644 --- a/data/ansible/roles/gpg/templates/gen-key-script.j2 +++ b/data/ansible/roles/gpg/templates/gen-key-script.j2 @@ -1,13 +1,13 @@ +{{ ansible_managed | comment }} %echo Generating a basic OpenPGP key -Key-Type: default +%no-protection +Key-Type: RSA Key-Length: {{ gpg_keylength }} -Subkey-Type: default +Subkey-Type: RSA Subkey-Length: {{ gpg_subkeylength }} Name-Real: {{ gpg_realname }} Name-Email: {{ gpg_useremail }} Expire-Date: {{ gpg_expire }} %no-ask-passphrase -%pubring {{ gpg_home }}/.gnupg/pubring.kbx -%secring {{ gpg_home }}/.gnupg/private-keys-v1.d %commit -%echo done +%echo done \ No newline at end of file diff --git a/data/ansible/roles/gpg/templates/gpg.conf.j2 b/data/ansible/roles/gpg/templates/gpg.conf.j2 index 38d375f03..cc89ea08d 100644 --- a/data/ansible/roles/gpg/templates/gpg.conf.j2 +++ b/data/ansible/roles/gpg/templates/gpg.conf.j2 @@ -2,4 +2,4 @@ # Prioritize stronger algorithms for new keys. default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed # Use a stronger digest than the default SHA1 for certifications. -cert-digest-algo SHA512 +cert-digest-algo SHA512 \ No newline at end of file diff --git a/data/ansible/roles/reprepro/defaults/main.yaml b/data/ansible/roles/reprepro/defaults/main.yaml new file mode 100644 index 000000000..c7432ba1f --- /dev/null +++ b/data/ansible/roles/reprepro/defaults/main.yaml @@ -0,0 +1,2 @@ +--- +reprepro_basedir: /var/packages/debian diff --git a/data/ansible/roles/reprepro/tasks/main.yaml b/data/ansible/roles/reprepro/tasks/main.yaml new file mode 100644 index 000000000..f95200049 --- /dev/null +++ b/data/ansible/roles/reprepro/tasks/main.yaml @@ -0,0 +1,54 @@ +--- +- name: Validate distributions variable + ansible.builtin.fail: + msg: "The 'distributions' variable must be defined and contain at least one distribution with codename and version properties." + when: not distributions | default(false) + +- name: Ensure reprepro is installed + become: true + ansible.builtin.apt: + name: reprepro + state: present + +- name: Create debian repository base directory + become: true + ansible.builtin.file: + path: "{{ reprepro_basedir }}" + state: directory + +- name: Create reprepro configuration directory + become: true + ansible.builtin.file: + path: "{{ reprepro_basedir }}/conf" + state: directory + +- name: Create reprepro incoming packages directory + become: true + ansible.builtin.file: + path: "{{ reprepro_basedir }}/incoming" + state: directory + +- name: Configure reprepro distribution settings + become: true + ansible.builtin.template: + src: distributions.conf.j2 + dest: "{{ reprepro_basedir }}/conf/distributions" + mode: "0600" + owner: root + +- name: Configure reprepro general options + become: true + ansible.builtin.template: + src: options.conf.j2 + dest: "{{ reprepro_basedir }}/conf/options" + mode: "0600" + owner: root + +- name: Initialize empty override file for testing distribution + become: true + ansible.builtin.copy: + content: "" + dest: "{{ reprepro_basedir }}/conf/override.testing" + force: false + group: root + owner: root diff --git a/data/ansible/deb_packages/distributions.conf.j2 b/data/ansible/roles/reprepro/templates/distributions.conf.j2 similarity index 64% rename from data/ansible/deb_packages/distributions.conf.j2 rename to data/ansible/roles/reprepro/templates/distributions.conf.j2 index 9af0824b4..a8c64248e 100644 --- a/data/ansible/deb_packages/distributions.conf.j2 +++ b/data/ansible/roles/reprepro/templates/distributions.conf.j2 @@ -12,11 +12,22 @@ DscOverride: override.testing Origin: apt.cgrates.org Label: apt.cgrates.org -Suite: nightly -Codename: nightly +Suite: master +Codename: master Architectures: amd64 Components: main -Description: CGRateS APT Nightly repository +Description: CGRateS master APT repository +SignWith: yes +DebOverride: override.testing +DscOverride: override.testing + +Origin: apt.cgrates.org +Label: apt.cgrates.org +Suite: nightly +Codename: 1.0 +Architectures: amd64 +Components: main +Description: CGRateS nightly repository SignWith: yes DebOverride: override.testing DscOverride: override.testing @@ -52,4 +63,19 @@ SignWith: yes DebOverride: override.testing DscOverride: override.testing -{% endfor %} +Origin: apt.cgrates.org +Label: apt.cgrates.org +Suite: nightly-{{ distribution['codename'] }} +Codename: 1.0-{{ distribution['codename'] }} +Architectures: amd64 source +Components: main +Description: CGRateS nightly APT repository for {{ distribution['codename'] }} +DebIndices: Packages Release . .gz +Contents: . .gz +ContentsArchitectures: amd64 source +ContentsComponents: main +SignWith: yes +DebOverride: override.testing +DscOverride: override.testing + +{% endfor %} \ No newline at end of file diff --git a/data/ansible/deb_packages/options.conf.j2 b/data/ansible/roles/reprepro/templates/options.conf.j2 similarity index 57% rename from data/ansible/deb_packages/options.conf.j2 rename to data/ansible/roles/reprepro/templates/options.conf.j2 index 6187384eb..01e6ce95e 100644 --- a/data/ansible/deb_packages/options.conf.j2 +++ b/data/ansible/roles/reprepro/templates/options.conf.j2 @@ -1,3 +1,3 @@ {{ ansible_managed | comment }} verbose -basedir /var/packages/debian +basedir /var/packages/debian \ No newline at end of file diff --git a/data/docker/integration/Dockerfile b/data/docker/integration/Dockerfile index 92d69c49f..cc61fd9ca 100644 --- a/data/docker/integration/Dockerfile +++ b/data/docker/integration/Dockerfile @@ -74,7 +74,7 @@ RUN apt-get clean && \ RUN touch /logs/mariadb.log /logs/mariadb_script.log /logs/rabbitmq.log RUN chmod 777 /logs/mariadb.log /logs/mariadb_script.log /logs/rabbitmq.log -RUN wget -O go.tgz "https://storage.googleapis.com/golang/go1.24.0.linux-amd64.tar.gz" --progress=dot:giga +RUN wget -O go.tgz "https://storage.googleapis.com/golang/go1.24.2.linux-amd64.tar.gz" --progress=dot:giga RUN tar -C /usr/local -xzf go.tgz RUN rm go.tgz diff --git a/go.mod b/go.mod index 468e5ea4a..b4011829c 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/cgrates/cgrates -go 1.24.0 +go 1.24.2 // replace github.com/cgrates/radigo => ../radigo