openpkg
/
openpkg-packages
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

improve packaging

master
Dr. Ralf S. Engelschall 10 years ago
parent
82e9f2da8f
commit
771651a1d7
5 changed files with 156 additions and 28 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 56
      cockroach/cockroach-cert.sh
  2. 23
      cockroach/cockroach-sql.sh
  3. 18
      cockroach/cockroach-user.sh
  4. 81
      cockroach/cockroach.spec
  5. 6
      cockroach/rc.cockroach

56
cockroach/cockroach-cert.sh
Unescape View File

@ -0,0 +1,56 @@
#!/bin/sh
usage () {
echo "USAGE: cockroach-cert ca" 1>&2
echo "USAGE: cockroach-cert server <host-name> [<ip-address>]" 1>&2
echo "USAGE: cockroach-cert client <user-name>" 1>&2
exit 1
}
if [ $# -lt 1 ]; then
usage
fi
cmd="$1"
shift
if [ ".$cmd" = .ca ]; then
if [ $# -ne 0 ]; then
usage
fi
echo "++ generating CA certificate/key pair"
echo "-- generating: @l_prefix@/etc/cockroach/cockroach-ca.crt"
echo "-- generating: @l_prefix@/etc/cockroach/cockroach-ca.key"
su - @l_rusr@ -c \
"@l_prefix@/bin/cockroach cert create-ca \
--ca-cert=@l_prefix@/etc/cockroach/cockroach-ca.crt \
--ca-key=@l_prefix@/etc/cockroach/cockroach-ca.key"
elif [ ".$cmd" = .server ]; then
if [ $# -lt 1 ]; then
usage
fi
echo "++ generating server certificate/key pair"
echo "-- generating: @l_prefix@/etc/cockroach/cockroach-server.crt"
echo "-- generating: @l_prefix@/etc/cockroach/cockroach-server.key"
su - @l_rusr@ -c \
"@l_prefix@/bin/cockroach cert create-node \
--ca-cert=@l_prefix@/etc/cockroach/cockroach-ca.crt \
--ca-key=@l_prefix@/etc/cockroach/cockroach-ca.key \
--cert=@l_prefix@/etc/cockroach/cockroach-server.crt \
--key=@l_prefix@/etc/cockroach/cockroach-server.key \
$*"
elif [ ".$cmd" = .client ]; then
if [ $# -lt 1 ]; then
usage
fi
username="$1"
shift
echo "++ generating client certificate/key pair"
echo "-- generating: @l_prefix@/etc/cockroach/cockroach-client-$username.crt"
echo "-- generating: @l_prefix@/etc/cockroach/cockroach-client-$username.key"
su - @l_rusr@ -c \
"@l_prefix@/bin/cockroach cert create-client \
--ca-cert=@l_prefix@/etc/cockroach/cockroach-ca.crt \
--ca-key=@l_prefix@/etc/cockroach/cockroach-ca.key \
--cert=@l_prefix@/etc/cockroach/cockroach-client-$username.crt \
--key=@l_prefix@/etc/cockroach/cockroach-client-$username.key \
$username $*"
fi

23
cockroach/cockroach-sql.sh
Unescape View File

@ -1,8 +1,25 @@
#!/bin/sh
if [ $# -lt 3 ]; then
echo "USAGE: cockroach-sql <username> <hostname> <database> [...]" 1>&2
exit 1
fi
username="$1"; shift
hostname="$1"; shift
database="$1"; shift
if [ ! -f @l_prefix@/etc/cockroach/cockroach-client-$username.crt ]; then
echo "ERROR: no certificate/key pair found for user \"$username\"" 1>&2
exit 1
fi
exec @l_prefix@/bin/cockroach sql \
--ca-cert=@l_prefix@/etc/cockroach/ca.crt \
--cert=@l_prefix@/etc/cockroach/client.crt \
--key=@l_prefix@/etc/cockroach/client.key \
--user=$username \
--host=$hostname \
--database=$database \
--ca-cert=@l_prefix@/etc/cockroach/cockroach-ca.crt \
--cert=@l_prefix@/etc/cockroach/cockroach-client-$username.crt \
--key=@l_prefix@/etc/cockroach/cockroach-client-$username.key \
${1+"$@"}

18
cockroach/cockroach-user.sh
Unescape View File

@ -0,0 +1,18 @@
#!/bin/sh
if [ $# -lt 1 ]; then
echo "USAGE: cockroach-user <username> <command> [...]" 1>&2
exit 1
fi
username="$1"
shift
if [ ! -f @l_prefix@/etc/cockroach/cockroach-client-$username.crt ]; then
echo "ERROR: no certificate/key pair found for user \"$username\"" 1>&2
exit 1
fi
exec @l_prefix@/bin/cockroach user \
--ca-cert=@l_prefix@/etc/cockroach/cockroach-ca.crt \
--cert=@l_prefix@/etc/cockroach/cockroach-client-$username.crt \
--key=@l_prefix@/etc/cockroach/cockroach-client-$username.key \
${1+"$@"}

81
cockroach/cockroach.spec
Unescape View File

@ -22,8 +22,8 @@
##
# package version
%define V_cockroach_base 20160514
%define V_cockroach_snap 20160514
%define V_cockroach_base 20160515
%define V_cockroach_snap 20160515
# package information
Name: cockroach
@ -42,6 +42,9 @@ Release: 20160515
Source0: http://download.openpkg.org/components/versioned/cockroach/cockroach-%{V_cockroach_snap}.tar.xz
Source1: rc.cockroach
Source2: cockroach-sql.sh
Source3: cockroach-psql.sh
Source4: cockroach-cert.sh
Source5: cockroach-user.sh
Patch0: cockroach.patch
# build information
@ -106,10 +109,19 @@ PreReq: OpenPKG, openpkg >= 20140101
src/github.com/cockroachdb/cockroach/cockroach \
$RPM_BUILD_ROOT%{l_prefix}/bin/cockroach
# install wrapper script
# install wrapper scripts
%{l_shtool} install -c -m 755 %{l_value -s -a} \
%{SOURCE cockroach-sql.sh} \
$RPM_BUILD_ROOT%{l_prefix}/bin/cockroach-sql
%{l_shtool} install -c -m 755 %{l_value -s -a} \
%{SOURCE cockroach-psql.sh} \
$RPM_BUILD_ROOT%{l_prefix}/bin/cockroach-psql
%{l_shtool} install -c -m 755 %{l_value -s -a} \
%{SOURCE cockroach-cert.sh} \
$RPM_BUILD_ROOT%{l_prefix}/bin/cockroach-cert
%{l_shtool} install -c -m 755 %{l_value -s -a} \
%{SOURCE cockroach-user.sh} \
$RPM_BUILD_ROOT%{l_prefix}/bin/cockroach-user
# install manual pages
%{l_shtool} install -c -m 644 \
@ -140,24 +152,48 @@ PreReq: OpenPKG, openpkg >= 20140101
if [ $1 -eq 1 ]; then
# on initial installation, create database and certs/keys
echo "Generating Certificates/Keys" | %{l_rpmtool} msg -b -t notice
su - %{l_rusr} -c \
"$RPM_INSTALL_PREFIX/bin/cockroach cert create-ca \
--ca-cert=$RPM_INSTALL_PREFIX/etc/cockroach/ca.crt \
--ca-key=$RPM_INSTALL_PREFIX/etc/cockroach/ca.key"
su - %{l_rusr} -c \
"$RPM_INSTALL_PREFIX/bin/cockroach cert create-node \
--ca-cert=$RPM_INSTALL_PREFIX/etc/cockroach/ca.crt \
--ca-key=$RPM_INSTALL_PREFIX/etc/cockroach/ca.key \
--cert=$RPM_INSTALL_PREFIX/etc/cockroach/server.crt \
--key=$RPM_INSTALL_PREFIX/etc/cockroach/server.key \
127.0.0.1 localhost"
su - %{l_rusr} -c \
"$RPM_INSTALL_PREFIX/bin/cockroach cert create-client \
--ca-cert=$RPM_INSTALL_PREFIX/etc/cockroach/ca.crt \
--ca-key=$RPM_INSTALL_PREFIX/etc/cockroach/ca.key \
--cert=$RPM_INSTALL_PREFIX/etc/cockroach/client.crt \
--key=$RPM_INSTALL_PREFIX/etc/cockroach/client.key \
root"
$RPM_INSTALL_PREFIX/bin/cockroach-cert ca
$RPM_INSTALL_PREFIX/bin/cockroach-cert server localhost 127.0.0.1
$RPM_INSTALL_PREFIX/bin/cockroach-cert client root
# display some initial hints, too
( echo "An initial CockroachDB was configured with the standard"
echo "certificate/key pairs. You can start CockroachDB and connect"
echo "to it on \"localhost\" with database user \"root\":"
echo " \$ $RPM_INSTALL_PREFIX/bin/openpkg rc cockroach start"
echo " \$ $RPM_INSTALL_PREFIX/bin/cockroach-sql root 127.0.0.1 system"
echo ""
echo "For production use, you can reconfigure it to listen on external"
echo "IP address. But for this the server certificate has to be regenerated:"
echo " \$ vi $RPM_INSTALL_PREFIX/etc/rc.conf"
echo " | cockroach_flags=\"--host=<ipaddress> --port=26257 --http-port=8080\""
echo " \$ $RPM_INSTALL_PREFIX/bin/cockroach-cert server <ipaddress>"
echo " \$ $RPM_INSTALL_PREFIX/bin/openpkg rc cockroach stop start"
echo "Then you have to connect through the external IP address from now on:"
echo " \$ $RPM_INSTALL_PREFIX/bin/cockroach-sql root <ipaddress> system"
echo ""
echo "For production use, you usually also want to establish a non-privileged"
echo "user with a dedicated database:"
echo " \$ $RPM_INSTALL_PREFIX/bin/cockroach-cert client <username>"
echo " \$ $RPM_INSTALL_PREFIX/bin/cockroach-user root set <username>"
echo " | Enter password: <password>"
echo " | Confirm password: <password>"
echo " \$ $RPM_INSTALL_PREFIX/bin/cockroach-sql root <ipaddress> system"
echo " | CREATE DATABASE <database>;"
echo " | GRANT ALL ON DATABASE <database> TO <username>;"
echo " | \\q"
echo "After this, the user <username> will be able to connect with:"
echo " \$ $RPM_INSTALL_PREFIX/bin/cockroach-sql <username> <ipaddress> <database>"
echo "Alternatively, you can also use the covenient PostgreSQL psql(1) CLI:"
echo " \$ $RPM_INSTALL_PREFIX/bin/cockroach-psql <username> <ipaddress> <database>"
echo ""
echo "The CockroachDB admin interface you can reach under URL:"
echo " https://<ipaddress>:8080/"
echo "CockroachDB uses the PostgreSQL protocol. The connection string is:"
echo " postgresql://<username>@<ipaddress>:26257/<database>?sslmode=require&%{l_nil}"
echo " sslcert=$RPM_INSTALL_PREFIX/etc/cockroach/cockroach-client-root.crt&%{l_nil}"
echo " sslkey=$RPM_INSTALL_PREFIX/etc/cockroach/cockroach-client-root.key"
) | %{l_rpmtool} msg -b -t notice
elif [ $1 -eq 2 ]; then
# after upgrade, restart service
eval `%{l_rc} cockroach status 2>/dev/null`
@ -169,7 +205,8 @@ PreReq: OpenPKG, openpkg >= 20140101
# before erase, stop service and remove log files
if [ $1 -eq 0 ]; then
%{l_rc} cockroach stop 2>/dev/null
rm -f $RPM_INSTALL_PREFIX/etc/cockroach/* >/dev/null 2>&1 || true
rm -f $RPM_INSTALL_PREFIX/etc/cockroach/*.crt >/dev/null 2>&1 || true
rm -f $RPM_INSTALL_PREFIX/etc/cockroach/*.key >/dev/null 2>&1 || true
rm -f $RPM_INSTALL_PREFIX/var/cockroach/log/* >/dev/null 2>&1 || true
rm -f $RPM_INSTALL_PREFIX/var/cockroach/run/* >/dev/null 2>&1 || true
rm -rf $RPM_INSTALL_PREFIX/var/cockroach/db/* >/dev/null 2>&1 || true

6
cockroach/rc.cockroach
Unescape View File

@ -37,9 +37,9 @@
( GOMAXPROCS=32
export GOMAXPROCS
nohup @l_prefix@/bin/cockroach start \
--ca-cert=$cockroach_cfgdir/ca.crt \
--cert=$cockroach_cfgdir/server.crt \
--key=$cockroach_cfgdir/server.key \
--ca-cert=$cockroach_cfgdir/cockroach-ca.crt \
--cert=$cockroach_cfgdir/cockroach-server.crt \
--key=$cockroach_cfgdir/cockroach-server.key \
--store=path=$cockroach_datdir,attrs=ssd \
--log-dir=$cockroach_logdir \
$cockroach_flags \

Write Preview
Loading…
Cancel
Save