diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000000000000000000000000000000000000..a9385ad88b1bc448131b386eb85107d5f57b01b9 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,3 @@ +--- +include: + - 'https://0xacab.org/leap/container-platform/glue/raw/master/.gitlab-ci.yml' diff --git a/Dockerfile b/Dockerfile index 7e712a6727bf0aa06c8e1328f80991fa5a67229c..90874bf53c8d8f81688eac9b3611691742ae4825 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,13 +1,16 @@ -FROM debian:stable-slim +FROM debian:buster-backports AS build +RUN apt-get -q update && env DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + build-essential pkg-config git ca-certificates \ +&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends -t buster-backports golang-go \ +&& rm -rf /var/lib/apt/lists/* -RUN apt-get update \ - && apt-get install -y sudo -RUN adduser --disabled-password --gecos '' docker -RUN adduser docker sudo -RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers +ENV GOPATH=/go +WORKDIR $GOPATH +RUN git clone https://0xacab.org/leap/ooni-exporter /ooni-exporter && cd /ooni-exporter && go build +RUN strip /ooni-exporter/ooni-exporter -USER docker +FROM registry.git.autistici.org/ai3/docker/chaperone-base +COPY --from=build /ooni-exporter/ooni-exporter /usr/local/bin/ooni-exporter +COPY chaperone.d/ /etc/chaperone.d -COPY build.sh /tmp/build.sh -RUN sudo /tmp/build.sh && sudo rm /tmp/build.sh -ENTRYPOINT ["/usr/local/bin/ooni-exporter"] \ No newline at end of file +ENTRYPOINT ["/usr/local/bin/chaperone"] diff --git a/build.sh b/build.sh deleted file mode 100755 index 530b24bde7a649d7c660edc6defc2ad88e0090d0..0000000000000000000000000000000000000000 --- a/build.sh +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/sh -# -# Install script for chaperone inside a Docker container. -# - -echo "running install script...." -# Packages that are only used to build the container. These will be -# removed once we're done. -BUILD_PACKAGES="git curl" - -# Packages required to serve the website and run the services. -PACKAGES="ca-certificates" - -# The default bitnami/minideb image defines an 'install_packages' -# command which is just a convenient helper. Define our own in -# case we are using some other Debian image. -if [ "x$(which install_packages)" = "x" ]; then - install_packages() { - echo "install packages...." - env DEBIAN_FRONTEND=noninteractive apt-get install -qy -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --no-install-recommends "$@" - } -fi - -die() { - echo "ERROR: $*" >&2 - exit 1 -} - -set -x - -echo "update packages...." -apt-get -q update - -# Install required packages -install_packages ${BUILD_PACKAGES} ${PACKAGES} \ - || die "could not install packages" - - -# install go lang 1.15 -GO_VERSION=go1.15.6.linux-amd64 -EXPECTED_FP=3918e6cc85e7eaaa6f859f1bdbaac772e7a825b0eb423c63d3ae68b21f84b844 - -echo "installing go lang bundle ${GO_VERSION}.tar.gz" -curl -o $GO_VERSION.tar.gz https://dl.google.com/go/$GO_VERSION.tar.gz -ACTUAL_FP=`sha256sum $GO_VERSION.tar.gz | cut -d " " -f1` -if [ ! "$ACTUAL_FP" = "$EXPECTED_FP" ] -then - echo "Download seems to be corrupted. Cancelling build." - return 1 -fi - -mkdir ./golang -tar -C ./golang -xzf $GO_VERSION.tar.gz - - -# build ooni-exporter -export GOPATH=`pwd` -export GO_LANG=`pwd`/golang/go/bin -export PATH="${GO_LANG}:${GO_COMPILED}:${PATH}" - -go get 0xacab.org/leap/ooni-exporter -cd src/0xacab.org/leap/ooni-exporter -go build -mv ooni-exporter /usr/local/bin/. - - -# Remove packages used for installation. - -echo "remove go packages used for building" -rm -rf src -go clean --modcache -rm -rf pkg -rm -rf golang - -echo "remove packages used for installation" -apt-get remove -y --purge ${BUILD_PACKAGES} -apt-get autoremove -y -apt-get clean -rm -fr /var/lib/apt/lists/* diff --git a/chaperone.d/update-ooni-data.conf b/chaperone.d/update-ooni-data.conf new file mode 100644 index 0000000000000000000000000000000000000000..f61a93693adebe1dbd9efd137f7da6e40e7e2d03 --- /dev/null +++ b/chaperone.d/update-ooni-data.conf @@ -0,0 +1,5 @@ +update-ooni-data.service: { + type: cron, + interval: "* */6 * * *", + command: "/bin/sh -c '/usr/local/bin/ooni-exporter -p http://${OONI_PUSH_HOST}:${OONI_PUSH_PORT} -s $(`/bin/date --date=yesterday +%Y%m%d`)'" +}