Add debian package configuration for deployment
This commit is contained in:
parent
5b7112645b
commit
88cc73eb2c
|
@ -32,5 +32,7 @@ maintainer-scripts="debian"
|
||||||
systemd-units = { unit-name = "peach-dyndns-server" }
|
systemd-units = { unit-name = "peach-dyndns-server" }
|
||||||
assets = [
|
assets = [
|
||||||
["target/release/peach-dyndns-server", "usr/bin/", "755"],
|
["target/release/peach-dyndns-server", "usr/bin/", "755"],
|
||||||
]
|
["debian/reloadbind", "usr/bin/", "755"],
|
||||||
|
["debian/bindctl", "/etc/sudoers.d/bindctl", "655"],
|
||||||
|
["templates/*", "/srv/peachcloud/peach-dyndns-server/prod-peach-dyndns/templates/", "644"],
|
||||||
|
]
|
16
README.md
16
README.md
|
@ -4,23 +4,31 @@ a dynamic DNS server to host the names of guests with changing IP addresses
|
||||||
by providing an http API for updating bind9 configurations.
|
by providing an http API for updating bind9 configurations.
|
||||||
|
|
||||||
|
|
||||||
## setup
|
## Setup
|
||||||
|
|
||||||
The code in this repo assumes the existence of an installed and running bind9 server on the same
|
The code in this repo assumes the existence of an installed and running bind9 server on the same
|
||||||
server as is running peach-dyndns-server. Documentation for setting up bind9 can be found [here](docs/setup-bind-for-peach-dyndns.md).
|
server as is running peach-dyndns-server. Documentation for setting up bind9 can be found [here](docs/setup-bind-for-peach-dyndns.md).
|
||||||
|
|
||||||
The peach-dyndns-server code can be compiled with
|
The peach-dyndns-server code can be compiled with
|
||||||
```
|
```
|
||||||
cargo build --release
|
cargo deb; sudo dpkg -i target/debian/peach-dyndns-server_0.1.0_amd64.deb
|
||||||
```
|
```
|
||||||
|
|
||||||
## run
|
## Development
|
||||||
|
|
||||||
```
|
```
|
||||||
sudo su peach-dyndns; ./target/release/main -vv
|
sudo su peach-dyndns; ./target/release/main -vv
|
||||||
```
|
```
|
||||||
|
|
||||||
## test
|
## Prod Deployment
|
||||||
|
|
||||||
|
prod is deployed to /srv/peachcloud/peach-dyndns-server/prod-peach-dyndns
|
||||||
|
|
||||||
|
## Staging Deployment
|
||||||
|
|
||||||
|
staging is deployed to /srv/peachcloud/peach-dyndns-server/dev-peach-dyndns
|
||||||
|
|
||||||
|
## Test
|
||||||
|
|
||||||
test peach-dyndns server is running,
|
test peach-dyndns server is running,
|
||||||
```
|
```
|
||||||
|
|
|
@ -0,0 +1,12 @@
|
||||||
|
#
|
||||||
|
# Allow peach-dyndns to reload bind as sudo
|
||||||
|
#
|
||||||
|
|
||||||
|
# User alias for bind-ctl which can reload bind
|
||||||
|
User_Alias BIND_CTRL = peach-dyndns
|
||||||
|
|
||||||
|
# Command alias for reboot and shutdown
|
||||||
|
Cmnd_Alias RELOADBIND = /usr/bin/reloadbind
|
||||||
|
|
||||||
|
# Allow BIND_CTRL users to execute RELOADBIND command without password
|
||||||
|
BIND_CTRL ALL=(ALL) NOPASSWD: RELOADBIND
|
|
@ -6,7 +6,9 @@ Type=simple
|
||||||
User=peach-dyndns
|
User=peach-dyndns
|
||||||
Group=bind
|
Group=bind
|
||||||
Environment="RUST_LOG=info"
|
Environment="RUST_LOG=info"
|
||||||
ExecStart=/usr/bin/peach-dyndns-server
|
Environment="ROCKET_PORT=3002"
|
||||||
|
WorkingDirectory=/srv/peachcloud/peach-dyndns-server/prod-peach-dyndns
|
||||||
|
ExecStart=/usr/bin/peach-dyndns-server -vv
|
||||||
Restart=always
|
Restart=always
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
|
|
|
@ -0,0 +1,15 @@
|
||||||
|
#!/bin/sh
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# create user which peach-dyndns-server runs as
|
||||||
|
adduser --quiet --system peach-dyndns
|
||||||
|
|
||||||
|
# add user to bind group
|
||||||
|
usermod -a -G bind peach-dyndns
|
||||||
|
|
||||||
|
# set permissions
|
||||||
|
chown peach-dyndns /usr/bin/peach-dyndns-server
|
||||||
|
chown peach-dyndns /usr/bin/reloadbind
|
||||||
|
|
||||||
|
# cargo deb automatically replaces this token below, see https://github.com/mmstick/cargo-deb/blob/master/systemd.md
|
||||||
|
#DEBHELPER#
|
|
@ -0,0 +1,2 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
/bin/systemctl reload bind9
|
|
@ -0,0 +1,7 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
# this script rebuilds the peach-dyndns-server for prod deployment using the dev folder as the source repo
|
||||||
|
cd /srv/peachcloud/peach-dyndns-server/dev-peach-dyndns
|
||||||
|
cargo deb
|
||||||
|
sudo dpkg -i target/debian/peach-dyndns-server_0.1.0_amd64.deb
|
||||||
|
sudo systemctl restart peach-dyndns-server
|
||||||
|
sudo systemctl restart nginx
|
|
@ -131,7 +131,7 @@ pub fn generate_zone(full_domain: &str) -> Result<String, PeachDynError> {
|
||||||
// we use the /etc/sudoers.d/bindctl to allow peach-dyndns user to restart bind as sudo without entering a password
|
// we use the /etc/sudoers.d/bindctl to allow peach-dyndns user to restart bind as sudo without entering a password
|
||||||
// using a binary at /bin/reloadbind which runs 'systemctl reload bind9'
|
// using a binary at /bin/reloadbind which runs 'systemctl reload bind9'
|
||||||
let status = Command::new("sudo")
|
let status = Command::new("sudo")
|
||||||
.arg("/bin/reloadbind")
|
.arg("/usr/bin/reloadbind")
|
||||||
.status().expect("error restarting bind9");
|
.status().expect("error restarting bind9");
|
||||||
if !status.success() {
|
if !status.success() {
|
||||||
return Err(PeachDynError::BindConfigurationError("There was an error in the bind configuration".to_string()));
|
return Err(PeachDynError::BindConfigurationError("There was an error in the bind configuration".to_string()));
|
||||||
|
|
|
@ -4,8 +4,7 @@
|
||||||
extern crate rocket;
|
extern crate rocket;
|
||||||
|
|
||||||
use crate::routes::{index, register_domain, check_available};
|
use crate::routes::{index, register_domain, check_available};
|
||||||
use rocket::Config;
|
use rocket::figment::{Figment, providers::{Format, Toml, Env}};
|
||||||
use rocket::figment::{Figment, Profile, providers::{Format, Toml, Serialized, Env}};
|
|
||||||
|
|
||||||
mod cli;
|
mod cli;
|
||||||
mod routes;
|
mod routes;
|
||||||
|
@ -18,9 +17,10 @@ async fn main() {
|
||||||
let _args = cli::args().expect("error parsing args");
|
let _args = cli::args().expect("error parsing args");
|
||||||
|
|
||||||
// the following config says to use all default rocket configs
|
// the following config says to use all default rocket configs
|
||||||
// and then override them with any configs specified in Rocket.toml
|
// and then override them with any configs specified in Rocket.toml if found
|
||||||
|
// and then override with any configs specified as env variables prefixed with APP_
|
||||||
let config = Figment::from(rocket::Config::default())
|
let config = Figment::from(rocket::Config::default())
|
||||||
.merge(Toml::file("Rocket.toml").nested());
|
.merge(Toml::file("Rocket.toml").nested()).merge(Env::prefixed("ROCKET_").global());
|
||||||
|
|
||||||
let rocket_result = rocket::custom(config)
|
let rocket_result = rocket::custom(config)
|
||||||
.mount("/", routes![index, register_domain, check_available])
|
.mount("/", routes![index, register_domain, check_available])
|
||||||
|
|
Loading…
Reference in New Issue