Skip to content
Snippets Groups Projects
Select Git revision
  • 1b1a9081c0372f159236817654970ad4875163de
  • master default protected
  • update-appmonitor
3 results

readme.md

Blame
    • readme.md 2.76 KiB

    CI Package Server

    A sattelite system of the CI server to deliver built packages in other networks. The file access is protected with a dynamic authorization to prevent public access.

    An example client was coded in Bash (using curl)

    SOURCE https://git-repo.iml.unibe.ch/iml-open-source/ci-pkg

    License

    GNU GPL 3.0

    Requirements

    • Webserver with xsentfile module
    • Set filepath to [approot]/packages
    • Rewrite rule for [ur]/packages/

    Installation on server

    Xsentfile module

    On Apache Webserver install xentfile module.

    i.e. on CentOS

    yum install mod_xsendfile

    Configuration of vhost

    In the Apache vhost for cipkg server set the XSendFilePath - it is an absolute path on your websever.

    Redirect all requests to /packages/[whatever] to /packages/index.php

    Ecample snippet

    
    XSendFile On
    XSendFilePath "/var/www/cipkg.example.com/packages/"

    <Location "/packages">

        <Location "/packages">
        RewriteEngine on
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteRule ^(.*)$ index.php [QSA,L]

    </Location>

    Configuration of secret on server

    if [approot]/public_html/ copy inc_config.php.dist to inc_config.php.dist. set a secret behind key apikey.

    return array(
    'apikey'=>'our-package-server-secret',
    'cutfromrequest'=>'^/packages',
    'packagedir'=>dirname(__DIR__).'/packages',
);

    Prepare receive of packages

    • Create an deployment account package server that can be used to be connected via SSH by the ci server
    • add the public key of www-data of the ci server into /home/deployment/.ssh/authorized keys
    • Set permissions that the deployment user can write into /var/www/cipkg.example.com/packages/ and the user of the webeservice can read it chown deployment:apache /var/www/cipkg.example.com/packages/ and chmod 750 /var/www/cipkg.example.com/packages/

    Ci server: add a sync target

    TODO

    Installation of a client

    This repo comes with a bash script. It is not a must to use it. The communication is via https. Have a look to the source to see the creation of the authorization string. It can be adapted in other clients too.

    On a target system with your application you need a bash shell and curl.

    Copy the files from [approot]/shellscripts/ somewhere in a project related directory.

    Copy getfile.sh.cfg.dist to getfile.sh.cfg and setup values:

    # ----------------------------------------------------------------------
# defaults 
# ----------------------------------------------------------------------

IMLCI_PKG_SECRET=our-package-server-secret
IMLCI_URL=https://cipkg.example.com
IMLCI_PHASE=preview
IMLCI_PROJECT=myproject-id
IMLCI_FILE=

    Remark: using the cfg file is optional. It countains default values. all values can be set by command line parameters.