Added debian packaging, refs #1706

Reviewed-on: #22

.gitignore

@@ -25,3 +25,11 @@
 /phpunit.xml
 .phpunit.result.cache
 ###< phpunit/phpunit ###
+
+### Debian packaging 
+debian/ogcore
+debian/*.substvars 
+debian/*.log
+debian/.debhelper/
+
+

debian/CHANGELOG.md

@@ -0,0 +1,4 @@
+# Changelog
+
+## [Unreleased]
+

debian/changelog

@@ -0,0 +1,14 @@
+ogcore (1.0.5+develop20250310-1) unstable; urgency=medium
+
+  * Modified changelog
+  * Some improvements. Fixed multi select actions
+  * refs #1644. Cancel deployImage action
+  * Updated test phunit.xml
+  * Updated test
+  * Merge branch 'main' into develop
+  * Fixed phpxml
+  * Fixed phpxml
+  * Changed test
+  * Changed repoClient funcionality. New filters added
+
+ -- Tu Nombre <tuemail@example.com>  Mon, 10 Mar 2025 10:59:14 +0000

debian/compat

@@ -0,0 +1 @@
+12

debian/control

@@ -0,0 +1,16 @@
+Source: ogcore
+Section: web
+Priority: optional
+Maintainer: Nicolas Arenas <nicolas.arenas@qindel.com>
+Build-Depends: debhelper (>= 12), composer, php-cli, php-mysql, nginx, php-fpm, libzip-dev, zip, unzip
+Standards-Version: 4.5.0
+
+Package: ogcore
+Architecture: all
+Depends: ${misc:Depends}, mariadb-server, systemd, nginx, libzip-dev, zip, unzip,
+    php8.3-opcache, php8.3-bcmath, php8.3-cli, php8.3-curl, php8.3-fpm,
+    php8.3-gd, php8.3-ldap, php8.3-mbstring, php8.3-mysql, php8.3-common, 
+    php8.3-xml, php8.3-zip, mercure
+Description: OpenGnsys Core
+ This is a longer description of the ogcore package.
+ OpenGnsys Core is a platform for system management.

debian/convert.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+set -x
+INPUT_FILE="changelog"
+OUTPUT_FILE="CHANGELOG.md"
+
+echo "# Changelog" > "$OUTPUT_FILE"
+echo -e "\n## [Unreleased]\n" >> "$OUTPUT_FILE"
+
+# Procesar el changelog de Debian
+awk '
+/^ogcore/ {
+    version = $2
+    gsub(/[()]/, "", version)  # Eliminar paréntesis de la versión
+    printf "\n## [%s] - %s\n\n", version, $NF
+}
+/^\s*\*/ {
+    gsub(/^\s*\*\s*/, "- ", $0)  # Convertir a lista de viñetas
+    print $0 >> "'"$OUTPUT_FILE"'"
+}
+' "$INPUT_FILE"

debian/copyright

@@ -0,0 +1,43 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Source: <url://example.com>
+Upstream-Name: ogcore
+Upstream-Contact: <preferred name and address to reach the upstream project>
+
+Files:
+ *
+Copyright:
+ <years> <put author's name and email here>
+ <years> <likewise for another author>
+License: GPL-3.0+
+
+Files:
+ debian/*
+Copyright:
+ 2025 root <root@build>
+License: GPL-3.0+
+
+License: GPL-3.0+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+ .
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <https://www.gnu.org/licenses/>.
+Comment:
+ On Debian systems, the complete text of the GNU General
+ Public License version 3 can be found in "/usr/share/common-licenses/GPL-3".
+
+# Please also look if there are files or directories which have a
+# different copyright/license attached and list them here.
+# Please avoid picking licenses with terms that are more restrictive than the
+# packaged work, as it may make Debian's contributions unacceptable upstream.
+#
+# If you need, there are some extra license texts available in two places:
+#   /usr/share/debhelper/dh_make/licenses/
+#   /usr/share/common-licenses/

debian/debhelper-build-stamp

@@ -0,0 +1 @@
+ogcore

debian/files

@@ -0,0 +1,2 @@
+ogcore_1.0.5+develop20250310-1_all.deb web optional
+ogcore_1.0.5+develop20250310-1_amd64.buildinfo web optional

debian/ogcore.install

@@ -0,0 +1,18 @@
+bin/* /opt/opengnsys/ogcore/api/bin/
+config/* /opt/opengnsys/ogcore/api/config/
+migrations/* /opt/opengnsys/ogcore/api/migrations/
+public/* /opt/opengnsys/ogcore/api/public/
+src/* /opt/opengnsys/ogcore/api/src/
+swagger-assets/* /opt/opengnsys/ogcore/api/swagger-assets/
+templates/* /opt/opengnsys/ogcore/api/templates/
+translations/* /opt/opengnsys/ogcore/api/translations/
+var/* /opt/opengnsys/ogcore/api/var/
+vendor/* /opt/opengnsys/ogcore/api/vendor/
+composer.json /opt/opengnsys/ogcore/api/
+composer.lock /opt/opengnsys/ogcore/api/
+symfony.lock /opt/opengnsys/ogcore/api/
+.env.local.php /opt/opengnsys/ogcore/api/
+env.json /opt/opengnsys/ogcore/api/
+etc /opt/opengnsys/ogcore/
+docker/certs/* /opt/opengnsys/ogcore/etc/nginx/certs/
+

debian/ogcore.postinst

@@ -0,0 +1,112 @@
+#!/bin/bash
+
+set -e
+set -x
+. /usr/share/debconf/confmodule
+
+USER="opengnsys"
+
+# Detectar si es una instalación nueva o una actualización
+if [ "$1" = "configure" ] && [ -z "$2" ]; then
+    echo ">>> Instalación nueva detectada."
+
+    # Solicitar credenciales solo en instalación nueva
+    db_input high opengnsys/ogcore_adminUser || true
+    db_go
+    db_get opengnsys/ogcore_adminUser
+    ADMIN_USER="$RET"
+
+    db_input high opengnsys/ogcore_adminPass || true
+    db_go
+    db_get opengnsys/ogcore_adminPass
+    ADMIN_PASS="$RET"
+
+    cd /opt/opengnsys/ogcore/api
+
+    # Configuración inicial
+    echo ">>> Configurando base de datos y permisos"
+    mariadb -e "GRANT ALL ON *.* to 'root'@'localhost' IDENTIFIED BY 'root' WITH GRANT OPTION;"
+
+    echo ">>> Creando par de claves para JWT"
+    php bin/console lexik:jwt:generate-keypair --overwrite
+
+    echo ">>> Creando base de datos"
+    php bin/console doctrine:database:create --if-not-exists
+    php bin/console doctrine:migrations:migrate --no-interaction
+
+    echo ">>> Cargando datos iniciales"
+    php bin/console opengnsys:load-default-user
+    php bin/console app:load-default-user-groups
+    php bin/console app:load-default-commands
+    php bin/console opengnsys:load-default-menu
+
+    echo ">>> Configurando servidor web y servicios"
+    ln -s /opt/opengnsys/ogcore/etc/nginx/sites-available/ogcore.conf /etc/nginx/sites-enabled/ogcore.conf
+    ln -s /opt/opengnsys/ogcore/etc/php/8.3/fpm/pool.d/ogcore-fpm.conf /etc/php/8.3/fpm/pool.d/ogcore-fpm.conf
+    ln -s /opt/opengnsys/ogcore/etc/systemd/system/og-mercure.service /etc/systemd/system/og-mercure.service
+
+    echo ">>> Configurando permisos de archivos"
+    chown opengnsys:www-data /opt/opengnsys/
+    chown -R opengnsys:www-data /opt/opengnsys/ogcore
+    systemctl daemon-reload
+    systemctl enable og-mercure
+    systemctl restart og-mercure
+    systemctl restart nginx
+    systemctl restart php8.3-fpm
+    # Solo gestionar credenciales en instalación nueva
+    if [ "$ADMIN_USER" == "ogadmin" ]; then
+        BEARER=$(curl -sk -X 'POST' 'https://localhost:8443/auth/login' \
+            -H 'accept: application/json' \
+            -H 'Content-Type: application/json' \
+            -d '{ "username": "ogadmin", "password": "12345678" }' | jq -r .token)
+
+        echo ">>> Cambiando contraseña de ogadmin"
+
+        OGADMIN_UUID=$(curl -skL "https://localhost:8443/users/?username=ogadmin" \
+            -H 'accept: application/json' \
+            -H "Authorization: Bearer $BEARER" | jq -r '.[0].uuid')
+
+        curl -skL -X PUT "https://localhost:8443/users/$OGADMIN_UUID/reset-password" \
+            -H 'accept: application/ld+json' \
+            -H 'Content-Type: application/ld+json' \
+            -H "Authorization: Bearer $BEARER" \
+            -d "{ \"currentPassword\": \"12345678\", \"newPassword\": \"$ADMIN_PASS\", \"repeatNewPassword\": \"$ADMIN_PASS\" }"
+
+        echo ">>> Contraseña de ogadmin cambiada."
+    else
+        echo ">>> Creando nuevo usuario administrador: $ADMIN_USER"
+
+        curl -skL --location 'https://localhost:8443/users' \
+            --header 'Content-Type: application/json' \
+            --header "Authorization: Bearer $BEARER" \
+            --data "{ \"username\": \"$ADMIN_USER\", \"password\": \"$ADMIN_PASS\", \"roles\": [\"ROLE_SUPER_ADMIN\"] }"
+
+        echo ">>> Usuario administrador $ADMIN_USER creado."
+    fi
+
+
+elif [ "$1" = "configure" ] && [ -n "$2" ]; then
+    echo ">>> Actualización detectada desde la versión $2"
+    
+    cd /opt/opengnsys/ogcore/api
+
+    echo ">>> Aplicando migraciones de base de datos"
+    php bin/console doctrine:migrations:migrate --no-interaction
+    echo ">>> Configurando servidor web y servicios"
+    ln -s /opt/opengnsys/ogcore/etc/nginx/sites-available/ogcore.conf /etc/nginx/sites-enabled/ogcore.conf
+    ln -s /opt/opengnsys/ogcore/etc/php/8.3/fpm/pool.d/ogcore-fpm.conf /etc/php/8.3/fpm/pool.d/ogcore-fpm.conf
+    ln -s /opt/opengnsys/ogcore/etc/systemd/system/og-mercure.service /etc/systemd/system/og-mercure.service
+    echo ">>> Configurando permisos de archivos"
+    chown opengnsys:www-data /opt/opengnsys/
+    chown -R opengnsys:www-data /opt/opengnsys/ogcore
+    systemctl daemon-reload
+    systemctl enable og-mercure
+    systemctl restart og-mercure
+    systemctl restart nginx
+    systemctl restart php8.3-fpm
+fi
+
+# Recargar systemd y reiniciar servicios en ambos casos
+
+
+exit 0

debian/ogcore.postrm.debhelper

@@ -0,0 +1,6 @@
+# Automatically added by dh_installdebconf/13.14.1ubuntu5
+if [ "$1" = purge ] && [ -e /usr/share/debconf/confmodule ]; then
+	. /usr/share/debconf/confmodule
+	db_purge
+fi
+# End automatically added section

debian/ogcore.preinst

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+set -e
+
+# Asegurarse de que el usuario exista
+USER="opengnsys"
+HOME_DIR="/opt/opengnsys"
+if id "$USER" &>/dev/null; then
+    echo "El usuario $USER ya existe."
+else
+    echo "Creando el usuario $USER con home en $HOME_DIR."
+    useradd -m -d "$HOME_DIR" -s /bin/bash "$USER"
+fi
+
+exit 0

debian/ogcore.prerm

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+set -e
+set -x
+
+if [ "$1" = "remove" ] || [ "$1" = "upgrade" ]; then
+    # Eliminar enlaces simbólicos creados en postinst
+    rm -f /etc/nginx/sites-enabled/ogcore.conf
+    rm -f /etc/php/8.3/fpm/pool.d/ogcore-fpm.conf
+    # Deshabilitar el servicio antes de eliminarlo
+    systemctl disable og-mercure || true
+    systemctl stop og-mercure || true
+    systemctl restart nginx || true
+    systemctl restart php8.3-fpm || true
+    rm -f /etc/systemd/system/og-mercure.service
+    systemctl daemon-reload
+fi
+
+exit 0

debian/ogcore.templates

@@ -0,0 +1,10 @@
+Template: opengnsys/ogcore_adminUser
+Type: string
+Default: ogadmin
+Description: Introduzca el nombre de usuario para la configuración
+
+Template: opengnsys/ogcore_adminPass
+Type: password
+Default: 12345678
+Description: Introduzca la contraseña
+

debian/rules

@@ -0,0 +1,12 @@
+#!/usr/bin/make -f
+
+%:
+	dh $@
+
+# Ejecutar composer install durante la fase de construcción
+override_dh_auto_build:
+	export COMPOSER_ALLOW_SUPERUSER=1
+	export APP_ENV=prod
+	dh_auto_build
+	composer dump-env prod
+	composer install --no-dev --no-interaction --no-progress --optimize-autoloader

debian/source/format

@@ -0,0 +1 @@
+3.0 (native)

etc/mercure/mercure-og.env

@@ -0,0 +1,4 @@
+SERVER_NAME=":3000"
+MERCURE_PUBLISHER_JWT_KEY="!ChangeThisMercureHubJWTSecretKey!"
+MERCURE_SUBSCRIBER_JWT_KEY="!ChangeThisMercureHubJWTSecretKey!"
+MERCURE_EXTRA_DIRECTIVES="cors_origins *"

etc/mercure/mercure.orig.conf

@@ -0,0 +1,44 @@
+# Learn how to configure the Mercure.rocks Hub on https://mercure.rocks/docs/hub/config
+{
+        {$GLOBAL_OPTIONS}
+}
+
+{$CADDY_EXTRA_CONFIG}
+
+{$SERVER_NAME:localhost} {
+        log {
+                format filter {
+                        fields {
+                                request>uri query {
+                                        replace authorization REDACTED
+                                }
+                        }
+                }
+        }
+
+        encode zstd gzip
+
+        mercure {
+                # Publisher JWT key
+                publisher_jwt {env.MERCURE_PUBLISHER_JWT_KEY} {env.MERCURE_PUBLISHER_JWT_ALG}
+                # Subscriber JWT key
+                subscriber_jwt {env.MERCURE_SUBSCRIBER_JWT_KEY} {env.MERCURE_SUBSCRIBER_JWT_ALG}
+                # Permissive configuration for the development environment
+                cors_origins *
+                publish_origins *
+                demo
+                anonymous
+                subscriptions
+                # Extra directives
+                {$MERCURE_EXTRA_DIRECTIVES}
+        }
+
+        {$CADDY_SERVER_EXTRA_DIRECTIVES}
+
+        redir / /.well-known/mercure/ui/
+
+        respond /healthz 200
+        respond /robots.txt `User-agent: *
+        Disallow: /`
+        respond "Not Found" 404
+}

etc/systemd/system/og-mercure.service

@@ -0,0 +1,27 @@
+[Unit]
+Description=Mercure Hub
+After=network.target
+Wants=network-online.target
+
+[Service]
+Type=simple
+User=opengnsys
+Group=opengnsys
+WorkingDirectory=/opt/opengnsys/ogcore/
+
+# Cargar variables de entorno desde archivo
+EnvironmentFile=/opt/opengnsys/ogcore/etc/mercure/mercure-og.env
+
+# Validar configuración antes de arrancar
+ExecStartPre=/bin/sh -c '/usr/bin/mercure adapt -c /opt/opengnsys/ogcore/etc/mercure/mercure.orig.conf --envfile /opt/opengnsys/ogcore/etc/mercure/mercure-og.env > /opt/opengnsys/ogcore/etc/mercure/mercure.config'
+ExecStartPre=/bin/sh -c '/usr/bin/mercure fmt --overwrite -c /opt/opengnsys/ogcore/etc/mercure/mercure.config'
+
+# Iniciar y detener el servicio con la configuración generada
+ExecStart=/usr/bin/mercure run -c /opt/opengnsys/ogcore/etc/mercure/mercure.config --envfile /opt/opengnsys/ogcore/etc/mercure/mercure-og.env
+ExecStop=/usr/bin/mercure stop -c /opt/opengnsys/ogcore/etc/mercure/mercure.config 
+
+Restart=always
+RestartSec=5s
+
+[Install]
+WantedBy=multi-user.target