initial commit
Gitea/docker-debmirror/pipeline/head This commit looks good
Details
Gitea/docker-debmirror/pipeline/head This commit looks good
Details
This commit is contained in:
commit
29e50c93a7
|
@ -0,0 +1,16 @@
|
||||||
|
FROM ubuntu:jammy
|
||||||
|
|
||||||
|
RUN apt-get update && \
|
||||||
|
apt-get install -y rsync vim debmirror gpg nginx moreutils cron sudo && \
|
||||||
|
apt-get clean && \
|
||||||
|
find /etc/cron* -type f -delete
|
||||||
|
|
||||||
|
ADD retry.sh /usr/local/bin/
|
||||||
|
ADD vars.sh /usr/local/bin/
|
||||||
|
ADD mirror.sh /usr/local/bin/
|
||||||
|
ADD mirror-once.sh /usr/local/bin/
|
||||||
|
ADD run-debmirror.sh /usr/local/bin/
|
||||||
|
ADD start /start
|
||||||
|
ADD crontab /etc/cron.d/crontab
|
||||||
|
|
||||||
|
ENTRYPOINT ["/start"]
|
|
@ -0,0 +1,68 @@
|
||||||
|
def image_name = "dpedu/debmirror"
|
||||||
|
|
||||||
|
pipeline {
|
||||||
|
agent {
|
||||||
|
kubernetes {
|
||||||
|
yaml """
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Pod
|
||||||
|
spec:
|
||||||
|
podAntiAffinity:
|
||||||
|
preferredDuringSchedulingIgnoredDuringExecution: # avoid nodes already running a jenkins job
|
||||||
|
- podAffinityTerm:
|
||||||
|
labelSelector:
|
||||||
|
matchExpressions:
|
||||||
|
- key: jenkins
|
||||||
|
operator: In
|
||||||
|
values:
|
||||||
|
- slave
|
||||||
|
topologyKey: node
|
||||||
|
containers:
|
||||||
|
- name: docker
|
||||||
|
image: docker:20-dind
|
||||||
|
args:
|
||||||
|
- "--insecure-registry"
|
||||||
|
- "dockermirror:5000"
|
||||||
|
securityContext:
|
||||||
|
privileged: true
|
||||||
|
"""
|
||||||
|
}
|
||||||
|
}
|
||||||
|
stages {
|
||||||
|
stage("Build image") {
|
||||||
|
steps {
|
||||||
|
container("docker") {
|
||||||
|
script {
|
||||||
|
try {
|
||||||
|
docker.withRegistry('http://dockermirror:5000') {
|
||||||
|
docker.image("ubuntu:jammy").pull()
|
||||||
|
docker.image(image_name).pull() // Pull a recent version to share base layers with (?)
|
||||||
|
}
|
||||||
|
} catch (exc) {
|
||||||
|
echo "couldn't pull image, assuming we're building it for the first time"
|
||||||
|
}
|
||||||
|
docker.build(image_name)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
stage("Push image") {
|
||||||
|
steps {
|
||||||
|
container("docker") {
|
||||||
|
script {
|
||||||
|
docker.withRegistry('http://dockermirror:5000') {
|
||||||
|
docker.image(image_name).push("latest")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
stage("Show images") {
|
||||||
|
steps {
|
||||||
|
container("docker") {
|
||||||
|
sh 'docker images'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,4 @@
|
||||||
|
SHELL=/bin/sh
|
||||||
|
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
|
||||||
|
|
||||||
|
8 4 * * * aptmirror /bin/bash -c ". /tmp/mirror-vars.sh; /usr/local/bin/mirror.sh"
|
|
@ -0,0 +1,7 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -eux
|
||||||
|
|
||||||
|
. /usr/local/bin/vars.sh
|
||||||
|
|
||||||
|
exec sudo --preserve-env -Hu aptmirror mirror.sh
|
|
@ -0,0 +1,5 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -eux
|
||||||
|
|
||||||
|
/usr/local/bin/retry.sh /usr/local/bin/run-debmirror.sh 2>&1 | ts | tee -a /data/mirror.log
|
|
@ -0,0 +1,5 @@
|
||||||
|
#!/bin/bash
|
||||||
|
# try a command up to 5 times
|
||||||
|
# 15 minute sleep between tries
|
||||||
|
# exit after the first success
|
||||||
|
for i in 1 2 3 4 5; do $@ && break || sleep 900; done
|
|
@ -0,0 +1,80 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -eux
|
||||||
|
|
||||||
|
if [ "$UID" != "1000" ]; then echo "run this script as uid 1000"; exit 1; fi
|
||||||
|
|
||||||
|
BASEDIR=/data
|
||||||
|
#
|
||||||
|
# Don't touch the user's keyring, have our own instead
|
||||||
|
#
|
||||||
|
|
||||||
|
export GNUPGHOME=$BASEDIR/keyring
|
||||||
|
|
||||||
|
mkdir -p $GNUPGHOME
|
||||||
|
#gpg --no-default-keyring --keyring /media/realm/debmirror/keyring/trustedkeys.gpg --import /usr/share/keyrings/ubuntu-archive-keyring.gpg
|
||||||
|
|
||||||
|
# Arch= -a # Architecture. For Ubuntu can be i386, powerpc or amd64.
|
||||||
|
# sparc, only starts in dapper, it is only the later models of sparc.
|
||||||
|
#
|
||||||
|
arch=$MIRROR_ARCH
|
||||||
|
# amd64,i386
|
||||||
|
|
||||||
|
# Minimum Ubuntu system requires main, restricted
|
||||||
|
# Section= -s # Section (One of the following - main/restricted/universe/multiverse).
|
||||||
|
# You can add extra file with $Section/debian-installer. ex: main/debian-installer,universe/debian-installer,multiverse/debian-installer,restricted/debian-installer
|
||||||
|
#
|
||||||
|
section=$MIRROR_SECTION
|
||||||
|
#main,restricted,universe,multiverse
|
||||||
|
|
||||||
|
# Release= -d # Release of the system (...Hardy, Intrepid... Lucid, Precise, Quantal, Saucy, Trusty ), and the -updates and -security ( -backports can be added if desired)
|
||||||
|
# List of updated releases in: https://wiki.ubuntu.com/Releases
|
||||||
|
#
|
||||||
|
release=$MIRROR_RELEASE
|
||||||
|
|
||||||
|
# Server= -h # Server name, minus the protocol and the path at the end
|
||||||
|
# CHANGE "*" to equal the mirror you want to create your mirror from. au. in Australia ca. in Canada.
|
||||||
|
# This can be found in your own /etc/apt/sources.list file, assuming you have Ubuntu installed.
|
||||||
|
#
|
||||||
|
server=$MIRROR_SERVER
|
||||||
|
#server=archive.ubuntu.com
|
||||||
|
#server=mirror.pnl.gov
|
||||||
|
#server=mirrors.digitalocean.com
|
||||||
|
|
||||||
|
# Dir= -r # Path from the main server, so http://my.web.server/$dir, Server dependant
|
||||||
|
#
|
||||||
|
inPath=/ubuntu
|
||||||
|
|
||||||
|
# Proto= --method= # Protocol to use for transfer (http, ftp, hftp, rsync)
|
||||||
|
# Choose one - http is most usual the service, and the service must be avaialbe on the server you point at.
|
||||||
|
#
|
||||||
|
proto=$MIRROR_PROTO
|
||||||
|
|
||||||
|
# Outpath= # Directory to store the mirror in
|
||||||
|
# Make this a full path to where you want to mirror the material.
|
||||||
|
#
|
||||||
|
outPath=$BASEDIR/files
|
||||||
|
|
||||||
|
mkdir -p $outPath
|
||||||
|
|
||||||
|
# The --nosource option only downloads debs and not deb-src's
|
||||||
|
# The --progress option shows files as they are downloaded
|
||||||
|
# --source \ in the place of --no-source \ if you want sources also.
|
||||||
|
# --nocleanup Do not clean up the local mirror after mirroring is complete. Use this option to keep older repository
|
||||||
|
# Start script
|
||||||
|
#
|
||||||
|
debmirror \
|
||||||
|
-a $arch \
|
||||||
|
--no-source \
|
||||||
|
-s $section \
|
||||||
|
-h $server \
|
||||||
|
-d $release \
|
||||||
|
-r $inPath \
|
||||||
|
--getcontents \
|
||||||
|
--progress \
|
||||||
|
--method=$proto \
|
||||||
|
$outPath
|
||||||
|
|
||||||
|
touch $BASEDIR/complete
|
||||||
|
|
||||||
|
date
|
|
@ -0,0 +1,9 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -eux
|
||||||
|
|
||||||
|
. /usr/local/bin/vars.sh
|
||||||
|
|
||||||
|
env | grep -e ^MIRROR_ | while read line ; do echo "export $line" | tee -a /tmp/mirror-vars.sh ; done
|
||||||
|
|
||||||
|
exec cron -f
|
|
@ -0,0 +1,22 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -eux
|
||||||
|
|
||||||
|
export MIRROR_UID="${MIRROR_UID:-1000}"
|
||||||
|
export MIRROR_GID="${MIRROR_GID:-1000}"
|
||||||
|
export MIRROR_ARCH="${MIRROR_ARCH:-amd64}"
|
||||||
|
export MIRROR_SECTION="${MIRROR_SECTION:-main,restricted,universe,multiverse}"
|
||||||
|
export MIRROR_RELEASE="${MIRROR_RELEASE:-jammy,jammy-security,jammy-updates,jammy-backports}"
|
||||||
|
export MIRROR_SERVER="${MIRROR_SERVER:-archive.ubuntu.com}"
|
||||||
|
export MIRROR_PROTO="${MIRROR_PROTO:-http}"
|
||||||
|
|
||||||
|
groupadd --gid $MIRROR_UID aptmirror
|
||||||
|
useradd --no-user-group --gid aptmirror --uid $MIRROR_UID aptmirror
|
||||||
|
|
||||||
|
chown aptmirror:aptmirror /data
|
||||||
|
chown aptmirror:aptmirror /data/* || true
|
||||||
|
|
||||||
|
if [ ! -f /data/keyring/trustedkeys.gpg ]; then
|
||||||
|
install -d -g aptmirror -o aptmirror /data/keyring
|
||||||
|
sudo -Hu aptmirror GNUPGHOME=/data/keyring gpg --no-default-keyring --keyring /data/keyring/trustedkeys.gpg --import /usr/share/keyrings/ubuntu-archive-keyring.gpg
|
||||||
|
fi
|
Loading…
Reference in New Issue