diff options
Diffstat (limited to '')
88 files changed, 2064 insertions, 0 deletions
diff --git a/distro/arch/PKGBUILD b/distro/arch/PKGBUILD new file mode 100644 index 0000000..7b3cfe4 --- /dev/null +++ b/distro/arch/PKGBUILD @@ -0,0 +1,69 @@ +# Maintainer: Tomas Krizek <tomas.krizek@nic.cz> +# Contributor: Ondřej Surý <ondrej@sury.org> +# SPDX-License-Identifier: GPL-3.0-or-later + +pkgname=knot-resolver +pkgver=__VERSION__ +pkgrel=1 +pkgdesc='Caching DNSSEC-validating DNS resolver' +arch=('x86_64' 'armv7h') +url='https://www.knot-resolver.cz/' +license=('GPL3') +depends=( + 'dnssec-anchors' + 'gnutls' + 'knot' + 'libedit' + 'libuv' + 'lmdb' + 'luajit' + 'systemd' + 'libcap-ng' + 'libnghttp2' +) +makedepends=( + 'cmocka' + 'meson' + 'systemd-libs' +) +optdepends=( + 'lua51-basexx: experimental_dot_auth module' + 'lua51-cqueues: http and dns64 module, policy.rpz() function' + 'lua51-http: http and prefill modules, trust_anchors bootstrap' + 'lua51-psl: policy.slice_randomize_psl() function' +) +backup=('etc/knot-resolver/kresd.conf') +options=(debug strip) +source=("knot-resolver_${pkgver}.orig.tar.xz") +sha256sums=('SKIP') + +build() { + cd "${srcdir}/${pkgname}-${pkgver}" + meson build \ + --buildtype=release \ + --prefix=/usr \ + --sbindir=bin \ + -D keyfile_default=/etc/trusted-key.key \ + -D systemd_files=enabled \ + -D client=enabled \ + -D install_kresd_conf=enabled \ + -D unit_tests=enabled + ninja -C build +} + +check() { + cd "${srcdir}/${pkgname}-${pkgver}" + meson test -C build +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + DESTDIR=${pkgdir} ninja -C build install + + # add kresd.target to multi-user.target.wants to support enabling kresd services + install -d -m 0755 "${pkgdir}/usr/lib/systemd/system/multi-user.target.wants" + ln -s ../kresd.target "${pkgdir}/usr/lib/systemd/system/multi-user.target.wants/kresd.target" + + # remove modules with missing dependencies + rm "${pkgdir}/usr/lib/knot-resolver/kres_modules/etcd.lua" +} diff --git a/distro/deb/changelog b/distro/deb/changelog new file mode 100644 index 0000000..4d6f28b --- /dev/null +++ b/distro/deb/changelog @@ -0,0 +1,6 @@ +knot-resolver (__VERSION__-cznic.1) unstable; urgency=medium + + * move changelog to OBS + * see NEWS or https://knot-resolver.cz + + -- Tomas Krizek <tomas.krizek@nic.cz> Tue, 20 Feb 2018 19:36:45 +0100 diff --git a/distro/deb/clean b/distro/deb/clean new file mode 100644 index 0000000..3c2f3ba --- /dev/null +++ b/distro/deb/clean @@ -0,0 +1,3 @@ +build_deb/ +doc/doxyxml/ +doc/html/ diff --git a/distro/deb/compat b/distro/deb/compat new file mode 100644 index 0000000..ec63514 --- /dev/null +++ b/distro/deb/compat @@ -0,0 +1 @@ +9 diff --git a/distro/deb/control b/distro/deb/control new file mode 100644 index 0000000..1fbc93c --- /dev/null +++ b/distro/deb/control @@ -0,0 +1,141 @@ +Source: knot-resolver +Section: net +Priority: optional +Maintainer: Knot Resolver <knot-resolver@labs.nic.cz> +Uploaders: + Tomas Krizek <tomas.krizek@nic.cz> +Build-Depends: + debhelper (>= 9~), + libcmocka-dev (>= 1.0.0), + libedit-dev, + libfstrm-dev, + libgnutls28-dev, + libknot-dev (>= 2.9), + liblmdb-dev, + libluajit-5.1-dev, + libnghttp2-dev, + libprotobuf-c-dev, + libsystemd-dev (>= 227) [linux-any], + libcap-ng-dev, + libuv1-dev, + luajit, + pkg-config, + meson (>= 0.49), + doxygen, + protobuf-c-compiler, + python3-breathe, + python3-sphinx, + python3-sphinx-rtd-theme, + texinfo, + libssl-dev, +Homepage: https://www.knot-resolver.cz/ + +Package: knot-resolver +Architecture: any +Depends: + adduser, + dns-root-data, + systemd, + ${misc:Depends}, + ${shlibs:Depends}, +Replaces: + libkres9 (<< 3.2.1-2), +Breaks: + libkres9 (<< 3.2.1-2), +Recommends: + lua-basexx, + lua-cqueues, + lua-http, + lua-psl, +Suggests: + knot-resolver-module-http, +Description: caching, DNSSEC-validating DNS resolver + The Knot Resolver is a caching full resolver implementation + written in C and LuaJIT, including both a resolver library and a + daemon. Modular architecture of the library keeps the core tiny and + efficient, and provides a state-machine like API for + extensions. There are three built-in modules - iterator, cache, + validator, and many external. + . + The Lua modules, switchable and shareable cache, and fast FFI + bindings makes it great to tap into resolution process, or be used + for your recursive DNS service. It's the OpenResty of DNS. + . + The server adopts a different scaling strategy than the rest of the + DNS recursors - no threading, shared-nothing architecture (except + MVCC cache that may be shared). You can start and stop additional + nodes depending on the contention without downtime. + +Package: knot-resolver-dbg +Architecture: any +Depends: knot-resolver (= ${binary:Version}), + ${misc:Depends} +Recommends: gdb +Section: debug +Priority: extra +Description: Debug symbols for Knot Resolver + This package provides the debug symbols for Knot Resolver needed + for properly debugging errors in Knot Resolver with gdb. + +Package: knot-resolver-module-dnstap +Architecture: any +Multi-Arch: same +Depends: + knot-resolver (= ${binary:Version}), + libfstrm0, + libprotobuf-c1, + ${misc:Depends}, + ${shlibs:Depends}, +Description: dnstap module for Knot Resolver + The Knot Resolver is a caching full resolver implementation + written in C and LuaJIT, including both a resolver library and a + daemon. Modular architecture of the library keeps the core tiny and + efficient, and provides a state-machine like API for + extensions. There are three built-in modules - iterator, cache, + validator, and many external. + . + This package contains dnstap module for logging DNS responses + to a unix socket in dnstap format. + +Package: knot-resolver-module-http +Architecture: all +Depends: + knot-resolver (= ${binary:Version}), + libjs-bootstrap, + libjs-d3, + libjs-jquery, + lua-cqueues (>= 20171014), + lua-http, + lua-mmdb, + systemd, + ${misc:Depends}, + ${shlibs:Depends}, +Breaks: + knot-resolver-module-tinyweb (<< 1.1.0~git20160713-1~), +Description: HTTP module for Knot Resolver + The Knot Resolver is a caching full resolver implementation + written in C and LuaJIT, including both a resolver library and a + daemon. Modular architecture of the library keeps the core tiny and + efficient, and provides a state-machine like API for + extensions. There are three built-in modules - iterator, cache, + validator, and many external. + . + This package contains HTTP/2 module for local visualization of the + resolver cache and queries. + +Package: knot-resolver-doc +Architecture: all +Section: doc +Depends: + libjs-jquery, + libjs-underscore, + ${misc:Depends}, +Description: Documentation for Knot Resolver + The Knot Resolver is a caching full resolver implementation + written in C and LuaJIT, including both a resolver library and a + daemon. Modular architecture of the library keeps the core tiny and + efficient, and provides a state-machine like API for + extensions. There are three built-in modules - iterator, cache, + validator, and many external. + . + This package contains Knot Resolver Documentation. diff --git a/distro/deb/copyright b/distro/deb/copyright new file mode 100644 index 0000000..8b8bf2b --- /dev/null +++ b/distro/deb/copyright @@ -0,0 +1,447 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: knot-resolver +Source: https://www.knot-resolver.cz/ + +Files: * +Copyright: 2015-2018 CZ.NIC +License: GPL-3.0+ + +Files: contrib/ccan/asprintf/* +Copyright: Rusty Russell +License: Expat + +Files: contrib/ccan/compiler/* +Copyright: Rusty Russell +License: CC0 + +Files: tests/config/tapered/* +Copyright: 2012-2017, Peter Aronoff +License: BSD-3-clause + +Files: contrib/lmdb/* +Copyright: 1999-2003 The OpenLDAP Foundation +License: OpenLDAP + +Files: tests/deckard/contrib/libfaketime/* +Copyright: 2003-2017 Wolfgang Hommel +License: GPL-2 + +Files: tests/deckard/contrib/libswrap/* +Copyright: 2005,2008 Jelmer Vernooij <jelmer@samba.org> + 2006-2009 Stefan Metzmacher <metze@samba.org> + 2013 Andreas Schneider <asn@samba.org> +License: BSD-3-clause + +Files: contrib/murmurhash3/* +Copyright: Austin Appleby +License: CC0-1.0 + +Files: debian/missing-sources/dygraph-combined.js + modules/http/static/dygraph-combined.js +Copyright: 2006-2014 Dan Vanderkam <danvdk@gmail.com> + 2016 Paul Miller + 2011 Robert Konigsberg <konigsberg@google.com> + 2013 David Eberlein <david.eberlein@ch.sauter-bc.com> +License: MIT + +Files: contrib/ucw/* +Copyright: 1997-2015 Martin Mares + 2005-2014 Tomas Valla + 2006 Robert Spalek + 2007-2015 Pavel Charvat +License: LGPL-2.1 + +Files: contrib/ccan/json/* +Copyright: 2011 Joey Adams +License: Expat + +Files: lib/generic/map.c lib/generic/map.h +Copyright: Dan Bernstein + Jonas Gehring + Adam Langley + Marek Vavrusa +License: public-domain + +Files: modules/policy/lua-aho-corasick/* +Copyright: 2013 CloudFlare, Inc. +License: BSD-3-CloudFlare + +Files: modules/http/static/jquery.js +Copyright: 2005-2011 John Resig, Brandon Aaron & Jörn Zaefferer +License: GPL-2 or Expat + +Files: modules/http/static/d3.js + modules/http/static/topojson.js +Copyright: 2010-2015 Michael Bostock +License: BSD-3-clause + +Files: modules/http/static/epoch.* + debian/missing-sources/epoch/* + debian/missing-sources/epoch.* +Copyright: 2014 Fastly, Inc. +License: Expat + +Files: modules/http/static/datamaps.world.min.js +Copyright: 2012 Mark DiMarco +License: Expat + +Files: modules/http/static/bootstrap.min.css + modules/http/static/bootstrap.min.js + modules/http/static/bootstrap-theme.min.css + modules/http/static/glyphicons-halflings-regular.woff2 +Copyright: 2012-2016 Thomas Park + 2011-2015 Twitter, Inc. +License: Expat + +Files: modules/http/static/selectize.bootstrap3.min.css + modules/http/static/selectize.min.css + modules/http/static/selectize.min.js +Copyright: 2013–2015 Brian Reavis & contributors +License: Apache-2.0 + +Files: debian/* +Copyright: 2015 Ondřej Surý <ondrej@debian.org> +License: GPL-3.0+ + +License: LGPL-2.1 + This library is free software; you can redistribute it and/or modify + it under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of the + License, or (at your option) any later version. + . + This library is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + . + You should have received a copy of the GNU Lesser General Public + License along with this library. If not, see <https://www.gnu.org/licenses/>. + . + On Debian systems, the complete text of the GNU General + Public License version 3 can be found in "/usr/share/common-licenses/LGPL-2.1". + +License: GPL-3.0+ + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + . + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see <https://www.gnu.org/licenses/>. + . + On Debian systems, the complete text of the GNU General + Public License version 3 can be found in "/usr/share/common-licenses/GPL-3". + +License: Expat + Permission is hereby granted, free of charge, to any person obtaining + a copy of this software and associated documentation files (the + "Software"), to deal in the Software without restriction, including + without limitation the rights to use, copy, modify, merge, publish, + distribute, sublicense, and/or sell copies of the Software, and to + permit persons to whom the Software is furnished to do so, subject to + the following conditions: + . + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + SOFTWARE. + +License: CC0 + Statement of Purpose + . + The laws of most jurisdictions throughout the world automatically + confer exclusive Copyright and Related Rights (defined below) upon + the creator and subsequent owner(s) (each and all, an "owner") of an + original work of authorship and/or a database (each, a "Work"). + . + Certain owners wish to permanently relinquish those rights to a Work + for the purpose of contributing to a commons of creative, cultural + and scientific works ("Commons") that the public can reliably and + without fear of later claims of infringement build upon, modify, + incorporate in other works, reuse and redistribute as freely as + possible in any form whatsoever and for any purposes, including + without limitation commercial purposes. These owners may contribute + to the Commons to promote the ideal of a free culture and the further + production of creative, cultural and scientific works, or to gain + reputation or greater distribution for their Work in part through the + use and efforts of others. + . + For these and/or other purposes and motivations, and without any + expectation of additional consideration or compensation, the person + associating CC0 with a Work (the "Affirmer"), to the extent that he + or she is an owner of Copyright and Related Rights in the Work, + voluntarily elects to apply CC0 to the Work and publicly distribute + the Work under its terms, with knowledge of his or her Copyright and + Related Rights in the Work and the meaning and intended legal effect + of CC0 on those rights. + . + 1. Copyright and Related Rights. A Work made available under CC0 may + be protected by copyright and related or neighboring rights + ("Copyright and Related Rights"). Copyright and Related Rights + include, but are not limited to, the following: + . + i. the right to reproduce, adapt, distribute, perform, display, + communicate, and translate a Work; + ii. moral rights retained by the original author(s) and/or + performer(s); + iii. publicity and privacy rights pertaining to a person's image or + likeness depicted in a Work; + iv. rights protecting against unfair competition in regards to a + Work, subject to the limitations in paragraph 4(a), below; + v. rights protecting the extraction, dissemination, use and reuse + of data in a Work; + vi. database rights (such as those arising under Directive 96/9/EC + of the European Parliament and of the Council of 11 March 1996 + on the legal protection of databases, and under any national + implementation thereof, including any amended or successor + version of such directive); and + vii. other similar, equivalent or corresponding rights throughout + the world based on applicable law or treaty, and any national + implementations thereof. + . + 2. Waiver. To the greatest extent permitted by, but not in + contravention of, applicable law, Affirmer hereby overtly, fully, + permanently, irrevocably and unconditionally waives, abandons, and + surrenders all of Affirmer's Copyright and Related Rights and + associated claims and causes of action, whether now known or + unknown (including existing as well as future claims and causes of + action), in the Work (i) in all territories worldwide, (ii) for + the maximum duration provided by applicable law or treaty + (including future time extensions), (iii) in any current or future + medium and for any number of copies, and (iv) for any purpose + whatsoever, including without limitation commercial, advertising + or promotional purposes (the "Waiver"). Affirmer makes the Waiver + for the benefit of each member of the public at large and to the + detriment of Affirmer's heirs and successors, fully intending that + such Waiver shall not be subject to revocation, rescission, + cancellation, termination, or any other legal or equitable action + to disrupt the quiet enjoyment of the Work by the public as + contemplated by Affirmer's express Statement of Purpose. + . + 3. Public License Fallback. Should any part of the Waiver for any + reason be judged legally invalid or ineffective under applicable + law, then the Waiver shall be preserved to the maximum extent + permitted taking into account Affirmer's express Statement of + Purpose. In addition, to the extent the Waiver is so judged + Affirmer hereby grants to each affected person a royalty-free, non + transferable, non sublicensable, non exclusive, irrevocable and + unconditional license to exercise Affirmer's Copyright and Related + Rights in the Work (i) in all territories worldwide, (ii) for the + maximum duration provided by applicable law or treaty (including + future time extensions), (iii) in any current or future medium and + for any number of copies, and (iv) for any purpose whatsoever, + including without limitation commercial, advertising or + promotional purposes (the "License"). The License shall be deemed + effective as of the date CC0 was applied by Affirmer to the + Work. Should any part of the License for any reason be judged + legally invalid or ineffective under applicable law, such partial + invalidity or ineffectiveness shall not invalidate the remainder + of the License, and in such case Affirmer hereby affirms that he + or she will not (i) exercise any of his or her remaining Copyright + and Related Rights in the Work or (ii) assert any associated + claims and causes of action with respect to the Work, in either + case contrary to Affirmer's express Statement of Purpose. + . + 4. Limitations and Disclaimers. + . + a. No trademark or patent rights held by Affirmer are waived, + abandoned, surrendered, licensed or otherwise affected by this + document. + b. Affirmer offers the Work as-is and makes no representations or + warranties of any kind concerning the Work, express, implied, + statutory or otherwise, including without limitation warranties + of title, merchantability, fitness for a particular purpose, non + infringement, or the absence of latent or other defects, + accuracy, or the present or absence of errors, whether or not + discoverable, all to the greatest extent permissible under + applicable law. + c. Affirmer disclaims responsibility for clearing rights of other + persons that may apply to the Work or any use thereof, including + without limitation any person's Copyright and Related Rights in + the Work. Further, Affirmer disclaims responsibility for + obtaining any necessary consents, permissions or other rights + required for any use of the Work. + d. Affirmer understands and acknowledges that Creative Commons is + not a party to this document and has no duty or obligation with + respect to this CC0 or use of the Work. + +License: BSD-3-CloudFlare + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + . + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + . + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + . + 3. Neither the name of CloudFlare, Inc. nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +License: BSD-3-clause + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + . + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + . + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + . + 3. Neither the name of the author nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + SUCH DAMAGE. + + +License: GPL-2 + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + . + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + . + On Debian systems, the complete text of the GNU General Public + License version 2 can be found in "/usr/share/common-licenses/GPL-2". + +License: Apache-2.0 + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + . + https://www.apache.org/licenses/LICENSE-2.0 + . + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + . + On Debian systems, the full text of the Apache Software License version 2 can + be found in the file `/usr/share/common-licenses/Apache-2.0'. + +License: MIT + Permission is hereby granted, free of charge, to any person obtaining + a copy of this software and associated documentation files (the + "Software"), to deal in the Software without restriction, including + without limitation the rights to use, copy, modify, merge, publish, + distribute, sublicense, and/or sell copies of the Software, and to + permit persons to whom the Software is furnished to do so, subject to + the following conditions: + . + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + SOFTWARE. + +License: OpenLDAP + Redistribution and use of this software and associated documentation + ("Software"), with or without modification, are permitted provided + that the following conditions are met: + . + 1. Redistributions in source form must retain copyright statements + and notices, + . + 2. Redistributions in binary form must reproduce applicable copyright + statements and notices, this list of conditions, and the following + disclaimer in the documentation and/or other materials provided + with the distribution, and + . + 3. Redistributions must contain a verbatim copy of this document. + . + The OpenLDAP Foundation may revise this license from time to time. + Each revision is distinguished by a version number. You may use + this Software under terms of this license revision or under the + terms of any subsequent revision of the license. + . + THIS SOFTWARE IS PROVIDED BY THE OPENLDAP FOUNDATION AND ITS + CONTRIBUTORS ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT + SHALL THE OPENLDAP FOUNDATION, ITS CONTRIBUTORS, OR THE AUTHOR(S) + OR OWNER(S) OF THE SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT, + INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN + ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + . + The names of the authors and copyright holders must not be used in + advertising or otherwise to promote the sale, use or other dealing + in this Software without specific, written prior permission. Title + to copyright in this Software shall at all times remain with copyright + holders. + . + OpenLDAP is a registered trademark of the OpenLDAP Foundation. + +License: CC0-1.0 + This work is licensed under the "Creative Commons Zero" license. + . + On debian systems, a copy of the Creative Commons Zero license may be + found at /usr/share/common-licenses/CC0-1.0. + +License: public-domain + This work has been released into the public domain. The map + implementation builds off of prior public domain work from Dan + Bernstein (qhasm) and Adam Langley (critbit). diff --git a/distro/deb/knot-resolver-doc.doc-base b/distro/deb/knot-resolver-doc.doc-base new file mode 100644 index 0000000..9cd0fdf --- /dev/null +++ b/distro/deb/knot-resolver-doc.doc-base @@ -0,0 +1,11 @@ +Document: knot-resolver +Title: Knot Resolver documentation +Author: CZ.NIC labs +Abstract: Documentation for the Knot Resolver, + including building from source, using the library, + and configuration and operation of the daemon. +Section: Network/Communication + +Format: HTML +Index: /usr/share/doc/knot-resolver/html/index.html +Files: /usr/share/doc/knot-resolver/html/*.html diff --git a/distro/deb/knot-resolver-doc.docs b/distro/deb/knot-resolver-doc.docs new file mode 100644 index 0000000..baa81f7 --- /dev/null +++ b/distro/deb/knot-resolver-doc.docs @@ -0,0 +1 @@ +debian/tmp/usr/share/doc/knot-resolver/html/* diff --git a/distro/deb/knot-resolver-doc.info b/distro/deb/knot-resolver-doc.info new file mode 100644 index 0000000..2283d88 --- /dev/null +++ b/distro/deb/knot-resolver-doc.info @@ -0,0 +1,2 @@ +debian/tmp/usr/share/info/knot-resolver.info +debian/tmp/usr/share/info/knot-resolver-figures/* diff --git a/distro/deb/knot-resolver-doc.links b/distro/deb/knot-resolver-doc.links new file mode 100644 index 0000000..25e9584 --- /dev/null +++ b/distro/deb/knot-resolver-doc.links @@ -0,0 +1,2 @@ +usr/share/javascript/jquery/jquery.min.js usr/share/doc/knot-resolver/html/_static/jquery.js +usr/share/javascript/underscore/underscore.min.js usr/share/doc/knot-resolver/html/_static/underscore.js diff --git a/distro/deb/knot-resolver-module-dnstap.install b/distro/deb/knot-resolver-module-dnstap.install new file mode 100644 index 0000000..ae5404e --- /dev/null +++ b/distro/deb/knot-resolver-module-dnstap.install @@ -0,0 +1 @@ +usr/lib/knot-resolver/kres_modules/dnstap.so diff --git a/distro/deb/knot-resolver-module-http.install b/distro/deb/knot-resolver-module-http.install new file mode 100644 index 0000000..ffa04d0 --- /dev/null +++ b/distro/deb/knot-resolver-module-http.install @@ -0,0 +1,7 @@ +usr/lib/knot-resolver/kres_modules/http*.lua +usr/lib/knot-resolver/kres_modules/prometheus.lua +usr/lib/knot-resolver/kres_modules/http/*.css +usr/lib/knot-resolver/kres_modules/http/*.ico +usr/lib/knot-resolver/kres_modules/http/*.js +usr/lib/knot-resolver/kres_modules/http/*.tpl +usr/lib/knot-resolver/kres_modules/http/*.woff2 diff --git a/distro/deb/knot-resolver-module-http.links b/distro/deb/knot-resolver-module-http.links new file mode 100644 index 0000000..4963c5c --- /dev/null +++ b/distro/deb/knot-resolver-module-http.links @@ -0,0 +1,5 @@ +usr/share/javascript/bootstrap/css/bootstrap-theme.min.css usr/lib/knot-resolver/kres_modules/http/bootstrap-theme.min.css +usr/share/javascript/bootstrap/css/bootstrap.min.css usr/lib/knot-resolver/kres_modules/http/bootstrap.min.css +usr/share/javascript/bootstrap/js/bootstrap.min.js usr/lib/knot-resolver/kres_modules/http/bootstrap.min.js +usr/share/javascript/d3/d3.min.js usr/lib/knot-resolver/kres_modules/http/d3.js +usr/share/javascript/jquery/jquery.min.js usr/lib/knot-resolver/kres_modules/http/jquery.js diff --git a/distro/deb/knot-resolver-module-http.preinst b/distro/deb/knot-resolver-module-http.preinst new file mode 100644 index 0000000..c2bd87d --- /dev/null +++ b/distro/deb/knot-resolver-module-http.preinst @@ -0,0 +1,26 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-3.0-or-later +set -e + +# upgrade-4-to-5 +if [ -f /lib/systemd/system/kresd-doh.socket ] ; then + export UPG_DIR=/var/lib/knot-resolver/.upgrade-4-to-5 + mkdir -p ${UPG_DIR} + touch ${UPG_DIR}/.unfinished + + for sock in kresd-webmgmt.socket kresd-doh.socket ; do + if systemctl is-enabled ${sock} 2>/dev/null | grep -qv masked ; then + systemctl show ${sock} -p Listen > ${UPG_DIR}/${sock} + case "$(systemctl show ${sock} -p BindIPv6Only)" in + *ipv6-only) + touch ${UPG_DIR}/${sock}.v6only + ;; + *default) + if cat /proc/sys/net/ipv6/bindv6only | grep -q 1 ; then + touch ${UPG_DIR}/${sock}.v6only + fi + ;; + esac + fi + done +fi diff --git a/distro/deb/knot-resolver.dirs b/distro/deb/knot-resolver.dirs new file mode 100644 index 0000000..f8981d8 --- /dev/null +++ b/distro/deb/knot-resolver.dirs @@ -0,0 +1,2 @@ +/var/lib/knot-resolver +/var/cache/knot-resolver diff --git a/distro/deb/knot-resolver.docs b/distro/deb/knot-resolver.docs new file mode 100644 index 0000000..8e919d0 --- /dev/null +++ b/distro/deb/knot-resolver.docs @@ -0,0 +1,4 @@ +debian/tmp/usr/share/doc/knot-resolver/AUTHORS +debian/tmp/usr/share/doc/knot-resolver/COPYING +debian/tmp/usr/share/doc/knot-resolver/NEWS +debian/tmp/usr/share/doc/knot-resolver/examples diff --git a/distro/deb/knot-resolver.install b/distro/deb/knot-resolver.install new file mode 100644 index 0000000..1e770bb --- /dev/null +++ b/distro/deb/knot-resolver.install @@ -0,0 +1,37 @@ +etc/knot-resolver/kresd.conf +usr/lib/systemd/system/kresd@.service lib/systemd/system/ +usr/lib/systemd/system/kres-cache-gc.service lib/systemd/system/ +usr/lib/systemd/system/kresd.target lib/systemd/system/ +usr/lib/*.so.* +usr/lib/tmpfiles.d/knot-resolver.conf +usr/lib/knot-resolver/*.so +usr/lib/knot-resolver/*.lua +usr/lib/knot-resolver/kres_modules/bogus_log.so +usr/lib/knot-resolver/kres_modules/edns_keepalive.so +usr/lib/knot-resolver/kres_modules/hints.so +usr/lib/knot-resolver/kres_modules/nsid.so +usr/lib/knot-resolver/kres_modules/refuse_nord.so +usr/lib/knot-resolver/kres_modules/stats.so +usr/lib/knot-resolver/kres_modules/daf.lua +usr/lib/knot-resolver/kres_modules/daf/* +usr/lib/knot-resolver/kres_modules/detect_time_jump.lua +usr/lib/knot-resolver/kres_modules/detect_time_skew.lua +usr/lib/knot-resolver/kres_modules/dns64.lua +usr/lib/knot-resolver/kres_modules/experimental_dot_auth.lua +usr/lib/knot-resolver/kres_modules/graphite.lua +usr/lib/knot-resolver/kres_modules/policy.lua +usr/lib/knot-resolver/kres_modules/predict.lua +usr/lib/knot-resolver/kres_modules/prefill.lua +usr/lib/knot-resolver/kres_modules/priming.lua +usr/lib/knot-resolver/kres_modules/rebinding.lua +usr/lib/knot-resolver/kres_modules/renumber.lua +usr/lib/knot-resolver/kres_modules/serve_stale.lua +usr/lib/knot-resolver/kres_modules/ta_sentinel.lua +usr/lib/knot-resolver/kres_modules/ta_signal_query.lua +usr/lib/knot-resolver/kres_modules/ta_update.lua +usr/lib/knot-resolver/kres_modules/view.lua +usr/lib/knot-resolver/kres_modules/watchdog.lua +usr/lib/knot-resolver/kres_modules/workarounds.lua +usr/sbin/kresc +usr/sbin/kresd +usr/sbin/kres-cache-gc diff --git a/distro/deb/knot-resolver.links b/distro/deb/knot-resolver.links new file mode 100644 index 0000000..8196524 --- /dev/null +++ b/distro/deb/knot-resolver.links @@ -0,0 +1,2 @@ +dev/null lib/systemd/system/kresd.service +lib/systemd/system/kresd.target lib/systemd/system/multi-user.target.wants/kresd.target diff --git a/distro/deb/knot-resolver.manpages b/distro/deb/knot-resolver.manpages new file mode 100644 index 0000000..101a4ac --- /dev/null +++ b/distro/deb/knot-resolver.manpages @@ -0,0 +1,2 @@ +debian/tmp/usr/share/man/man8/kresd.8* +debian/tmp/usr/share/man/man7/kresd.systemd.7* diff --git a/distro/deb/knot-resolver.postinst b/distro/deb/knot-resolver.postinst new file mode 100644 index 0000000..fb2bce2 --- /dev/null +++ b/distro/deb/knot-resolver.postinst @@ -0,0 +1,38 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-3.0-or-later +set -e + +# upgrade-4-to-5 +export UPG_DIR=/var/lib/knot-resolver/.upgrade-4-to-5 +if [ -f ${UPG_DIR}/.unfinished ] ; then + rm -f ${UPG_DIR}/.unfinished + kresd -c /usr/lib/knot-resolver/upgrade-4-to-5.lua >/dev/null 2>/dev/null + echo "\n !!! WARNING !!!" + echo "Knot Resolver configuration file requires manual upgrade.\n" + cat ${UPG_DIR}/kresd.conf.net 2>/dev/null +fi + +if [ "$1" = "configure" ]; then + adduser --quiet --system --group --no-create-home --home /var/cache/knot-resolver knot-resolver +fi + +# Restart any running kresd instances if the root key is updated. +# Note: if knot-resolver upstream watches this file and reloads it +# upon a change, we can and should remove this trigger. +if [ "$1" = "triggered" ]; then + if [ "$2" = "/usr/share/dns/root.key" ]; then + # use daemon-reload to load any unit changes + systemctl daemon-reload || true + # systemctl of the sub-services is the preferred method to restart + systemctl try-restart 'kresd@*.service' kres-cache-gc.service || true + fi + exit 0 +fi + +if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then + systemctl daemon-reload || true + systemd-tmpfiles --create /usr/lib/tmpfiles.d/knot-resolver.conf + systemctl try-restart 'kresd@*.service' kres-cache-gc.service || true +fi + +#DEBHELPER# diff --git a/distro/deb/knot-resolver.postrm b/distro/deb/knot-resolver.postrm new file mode 100644 index 0000000..4c8a1ea --- /dev/null +++ b/distro/deb/knot-resolver.postrm @@ -0,0 +1,9 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-3.0-or-later +set -e + +if [ "$1" = "remove" ]; then + systemctl stop system-kresd.slice || true +fi + +#DEBHELPER# diff --git a/distro/deb/knot-resolver.preinst b/distro/deb/knot-resolver.preinst new file mode 100644 index 0000000..1f8f589 --- /dev/null +++ b/distro/deb/knot-resolver.preinst @@ -0,0 +1,26 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-3.0-or-later +set -e + +# upgrade-4-to-5 +if [ -f /lib/systemd/system/kresd.socket ] ; then + export UPG_DIR=/var/lib/knot-resolver/.upgrade-4-to-5 + mkdir -p ${UPG_DIR} + touch ${UPG_DIR}/.unfinished + + for sock in kresd.socket kresd-tls.socket ; do + if systemctl is-enabled ${sock} 2>/dev/null | grep -qv masked ; then + systemctl show ${sock} -p Listen > ${UPG_DIR}/${sock} + case "$(systemctl show ${sock} -p BindIPv6Only)" in + *ipv6-only) + touch ${UPG_DIR}/${sock}.v6only + ;; + *default) + if cat /proc/sys/net/ipv6/bindv6only | grep -q 1 ; then + touch ${UPG_DIR}/${sock}.v6only + fi + ;; + esac + fi + done +fi diff --git a/distro/deb/knot-resolver.triggers b/distro/deb/knot-resolver.triggers new file mode 100644 index 0000000..e8d8246 --- /dev/null +++ b/distro/deb/knot-resolver.triggers @@ -0,0 +1 @@ +interest-noawait /usr/share/dns/root.key diff --git a/distro/deb/not-installed b/distro/deb/not-installed new file mode 100644 index 0000000..f527e79 --- /dev/null +++ b/distro/deb/not-installed @@ -0,0 +1,7 @@ +usr/lib/knot-resolver/kres_modules/http/LICENSE +usr/lib/knot-resolver/kres_modules/etcd.lua +debian/tmp/usr/share/doc/knot-resolver/html/.buildinfo +usr/include/libkres/*.h +usr/lib/*.so +usr/lib/pkgconfig/libkres.pc +usr/lib/sysusers.d/knot-resolver.conf diff --git a/distro/deb/rules b/distro/deb/rules new file mode 100755 index 0000000..3445b8c --- /dev/null +++ b/distro/deb/rules @@ -0,0 +1,50 @@ +#!/usr/bin/make -f +# SPDX-License-Identifier: GPL-3.0-or-later + +# see FEATURE AREAS in dpkg-buildflags(1) +export DEB_BUILD_MAINT_OPTIONS = hardening=+all,-pie + +# see ENVIRONMENT in dpkg-buildflags(1) +# package maintainers to append CFLAGS +export DEB_CFLAGS_MAINT_APPEND = -Wall -pedantic -fno-omit-frame-pointer +# package maintainers to append LDFLAGS +export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed + +# see EXAMPLES in dpkg-buildflags(1) and read /usr/share/dpkg/* +DPKG_EXPORT_BUILDFLAGS = 1 +include /usr/share/dpkg/default.mk + +export ARCH=$(DEB_HOST_GNU_CPU) + +%: + dh $@ + +override_dh_auto_build: + meson build_deb \ + --buildtype=plain \ + --prefix=/usr \ + --libdir=lib \ + -Ddoc=enabled \ + -Dsystemd_files=enabled \ + -Dclient=enabled \ + -Ddnstap=enabled \ + -Dkeyfile_default=/usr/share/dns/root.key \ + -Droot_hints=/usr/share/dns/root.hints \ + -Dinstall_kresd_conf=enabled \ + -Dunit_tests=enabled \ + -Dc_args="$${CFLAGS}" \ + -Dc_link_args="$${LDFLAGS}" + ninja -v -C build_deb + ninja -v -C build_deb doc + +override_dh_auto_install: + DESTDIR="${PWD}/debian/tmp" ninja -v -C build_deb install + +override_dh_auto_test: + meson test -C build_deb + +override_dh_missing: + dh_missing --fail-missing + +override_dh_strip: + dh_strip --dbg-package=knot-resolver-dbg diff --git a/distro/deb/source/format b/distro/deb/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/distro/deb/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/distro/rpm/knot-resolver.spec b/distro/rpm/knot-resolver.spec new file mode 100644 index 0000000..ef4c867 --- /dev/null +++ b/distro/rpm/knot-resolver.spec @@ -0,0 +1,383 @@ +# SPDX-License-Identifier: GPL-3.0-or-later + +%global _hardened_build 1 +%{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}} + +%define GPG_CHECK 0 +%define VERSION __VERSION__ +%define repodir %{_builddir}/%{name}-%{version} +%define NINJA ninja-build + +Name: knot-resolver +Version: %{VERSION} +Release: cznic.1%{?dist} +Summary: Caching full DNS Resolver + +License: GPL-3.0-or-later +URL: https://www.knot-resolver.cz/ +Source0: knot-resolver_%{version}.orig.tar.xz + +# LuaJIT only on these arches +%if 0%{?rhel} == 7 +# RHEL 7 does not have aarch64 LuaJIT +ExclusiveArch: %{ix86} x86_64 +%else +ExclusiveArch: %{arm} aarch64 %{ix86} x86_64 +%endif + +%if 0%{GPG_CHECK} +Source1: knot-resolver-%{version}.tar.xz.asc +# PGP keys used to sign upstream releases +# Export with --armor using command from https://fedoraproject.org/wiki/PackagingDrafts:GPGSignatures +# Don't forget to update %%prep section when adding/removing keys +Source100: gpgkey-B6006460B60A80E782062449E747DF1F9575A3AA.gpg.asc +Source101: gpgkey-BE26EBB9CBE059B3910CA35BCE8DD6A1A50A21E4.gpg.asc +Source102: gpgkey-4A8BA48C2AED933BD495C509A1FBA5F7EF8C4869.gpg.asc +BuildRequires: gnupg2 +%endif + +BuildRequires: gcc +BuildRequires: gcc-c++ +BuildRequires: meson +BuildRequires: pkgconfig(cmocka) +BuildRequires: pkgconfig(gnutls) +BuildRequires: pkgconfig(libedit) +BuildRequires: pkgconfig(libknot) >= 2.9 +BuildRequires: pkgconfig(libzscanner) >= 2.9 +BuildRequires: pkgconfig(libdnssec) >= 2.9 +BuildRequires: pkgconfig(libnghttp2) +BuildRequires: pkgconfig(libsystemd) +BuildRequires: pkgconfig(libcap-ng) +BuildRequires: pkgconfig(libuv) +BuildRequires: pkgconfig(luajit) >= 2.0 + +Requires: systemd +Requires(post): systemd + +# dnstap module dependencies +# SUSE is missing protoc-c protobuf compiler +%if "x%{?suse_version}" == "x" +BuildRequires: pkgconfig(libfstrm) +BuildRequires: pkgconfig(libprotobuf-c) +%endif + +# Distro-dependent dependencies +%if 0%{?rhel} == 7 +BuildRequires: lmdb-devel +# Lua 5.1 version of the libraries have different package names +Requires: lua-basexx +Requires: lua-psl +Requires: lua-http +Requires(pre): shadow-utils +%endif +%if 0%{?fedora} || 0%{?rhel} > 7 +BuildRequires: pkgconfig(lmdb) +BuildRequires: python3-sphinx +Requires: lua5.1-basexx +Requires: lua5.1-cqueues +Requires: lua5.1-http +Recommends: lua5.1-psl +Requires(pre): shadow-utils +%endif + +# we do not build HTTP module on SuSE so the build requires is not needed +%if "x%{?suse_version}" == "x" +BuildRequires: openssl-devel +%endif + +%if 0%{?suse_version} +%define NINJA ninja +BuildRequires: lmdb-devel +BuildRequires: python3-Sphinx +Requires(pre): shadow +%endif + +%if "x%{?rhel}" == "x" +# dependencies for doc package +# NOTE: doc isn't possible to build on CentOS 7, 8 +# python2-sphinx is too old and python36-breathe is broken on CentOS 7 +# python3-breathe isn't available for CentOS 8 (yet? rhbz#1808766) +BuildRequires: doxygen +BuildRequires: python3-breathe +BuildRequires: python3-sphinx_rtd_theme +BuildRequires: texinfo +%endif + +%description +The Knot Resolver is a DNSSEC-enabled caching full resolver implementation +written in C and LuaJIT, including both a resolver library and a daemon. +Modular architecture of the library keeps the core tiny and efficient, and +provides a state-machine like API for extensions. + +The package is pre-configured as local caching resolver. +To start using it, start a single kresd instance: +$ systemctl start kresd@1.service + +%package devel +Summary: Development headers for Knot Resolver +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description devel +The package contains development headers for Knot Resolver. + +%if "x%{?rhel}" == "x" +%package doc +Summary: Documentation for Knot Resolver +BuildArch: noarch +Requires: %{name} = %{version}-%{release} + +%description doc +Documentation for Knot Resolver +%endif + +%if "x%{?suse_version}" == "x" +%package module-dnstap +Summary: dnstap module for Knot Resolver +Requires: %{name} = %{version}-%{release} + +%description module-dnstap +dnstap module for Knot Resolver supports logging DNS responses to a unix socket +in dnstap format using fstrm framing library. This logging is useful if you +need effectivelly log all DNS traffic. +%endif + +%if "x%{?suse_version}" == "x" +%package module-http +Summary: HTTP module for Knot Resolver +Requires: %{name} = %{version}-%{release} +%if 0%{?fedora} || 0%{?rhel} > 7 +Requires: lua5.1-http +Requires: lua5.1-mmdb +%else +Requires: lua-http +Requires: lua-mmdb +%endif + +%description module-http +HTTP module for Knot Resolver can serve as API endpoint for other modules or +provide a web interface for local visualization of the resolver cache and +queries. It can also serve DNS-over-HTTPS, but it is deprecated in favor of +native C implementation, which doesn't require this package. +%endif + +%prep +%if 0%{GPG_CHECK} +export GNUPGHOME=./gpg-keyring +mkdir ${GNUPGHOME} +gpg2 --import %{SOURCE100} %{SOURCE101} %{SOURCE102} +gpg2 --verify %{SOURCE1} %{SOURCE0} +%endif +%setup -q -n %{name}-%{version} + +%build +CFLAGS="%{optflags}" LDFLAGS="%{?__global_ldflags}" meson build_rpm \ +%if "x%{?rhel}" == "x" + -Ddoc=enabled \ +%endif + -Dsystemd_files=enabled \ + -Dclient=enabled \ +%if "x%{?suse_version}" == "x" + -Ddnstap=enabled \ +%endif + -Dunit_tests=enabled \ + -Dmanaged_ta=enabled \ + -Dkeyfile_default="%{_sharedstatedir}/knot-resolver/root.keys" \ + -Dinstall_root_keys=enabled \ + -Dinstall_kresd_conf=enabled \ + --buildtype=plain \ + --prefix="%{_prefix}" \ + --sbindir="%{_sbindir}" \ + --libdir="%{_libdir}" \ + --includedir="%{_includedir}" \ + --sysconfdir="%{_sysconfdir}" \ + +%{NINJA} -v -C build_rpm +%if "x%{?rhel}" == "x" +%{NINJA} -v -C build_rpm doc +%endif + +%check +meson test -C build_rpm + +%install +DESTDIR="${RPM_BUILD_ROOT}" %{NINJA} -v -C build_rpm install + +# add kresd.target to multi-user.target.wants to support enabling kresd services +install -m 0755 -d %{buildroot}%{_unitdir}/multi-user.target.wants +ln -s ../kresd.target %{buildroot}%{_unitdir}/multi-user.target.wants/kresd.target + +# remove modules with missing dependencies +rm %{buildroot}%{_libdir}/knot-resolver/kres_modules/etcd.lua + +# remove unused sysusers +rm %{buildroot}%{_prefix}/lib/sysusers.d/knot-resolver.conf + +%if 0%{?suse_version} +rm %{buildroot}%{_libdir}/knot-resolver/kres_modules/experimental_dot_auth.lua +rm -r %{buildroot}%{_libdir}/knot-resolver/kres_modules/http +rm %{buildroot}%{_libdir}/knot-resolver/kres_modules/http*.lua +rm %{buildroot}%{_libdir}/knot-resolver/kres_modules/prometheus.lua +%endif + +# rename doc directory for centos 7, opensuse +%if 0%{?suse_version} || 0%{?rhel} == 7 +install -m 755 -d %{buildroot}/%{_pkgdocdir} +mv %{buildroot}/%{_datadir}/doc/%{name}/* %{buildroot}/%{_pkgdocdir}/ +%endif + +%pre +getent group knot-resolver >/dev/null || groupadd -r knot-resolver +getent passwd knot-resolver >/dev/null || useradd -r -g knot-resolver -d %{_sysconfdir}/knot-resolver -s /sbin/nologin -c "Knot Resolver" knot-resolver + +%if "x%{?rhel}" == "x" +# upgrade-4-to-5 +if [ -f %{_unitdir}/kresd.socket ] ; then + export UPG_DIR=%{_sharedstatedir}/knot-resolver/.upgrade-4-to-5 + mkdir -p ${UPG_DIR} + touch ${UPG_DIR}/.unfinished + + for sock in kresd.socket kresd-tls.socket kresd-webmgmt.socket kresd-doh.socket ; do + if systemctl is-enabled ${sock} 2>/dev/null | grep -qv masked ; then + systemctl show ${sock} -p Listen > ${UPG_DIR}/${sock} + case "$(systemctl show ${sock} -p BindIPv6Only)" in + *ipv6-only) + touch ${UPG_DIR}/${sock}.v6only + ;; + *default) + if cat /proc/sys/net/ipv6/bindv6only | grep -q 1 ; then + touch ${UPG_DIR}/${sock}.v6only + fi + ;; + esac + fi + done +fi +%endif + + +%post +# upgrade-4-to-5 +%if "x%{?rhel}" == "x" +export UPG_DIR=%{_sharedstatedir}/knot-resolver/.upgrade-4-to-5 +if [ -f ${UPG_DIR}/.unfinished ] ; then + rm -f ${UPG_DIR}/.unfinished + kresd -c %{_libdir}/knot-resolver/upgrade-4-to-5.lua &>/dev/null + echo -e "\n !!! WARNING !!!" + echo -e "Knot Resolver configuration file requires manual upgrade.\n" + cat ${UPG_DIR}/kresd.conf.net 2>/dev/null +fi +%endif + +# 5.0.1 fix to force restart of kres-cache-gc.service, which was missing in systemd_postun_with_restart +# TODO: remove once most users upgrade to 5.0.1+ +systemctl daemon-reload >/dev/null 2>&1 || : +if [ $1 -ge 2 ] ; then + systemctl try-restart kres-cache-gc.service >/dev/null 2>&1 || : +fi + +# systemd_post macro is not needed for anything (calls systemctl preset) +%tmpfiles_create %{_tmpfilesdir}/knot-resolver.conf +%if "x%{?fedora}" == "x" +/sbin/ldconfig +%endif + +%preun +%systemd_preun kres-cache-gc.service kresd.target + +%postun +%systemd_postun_with_restart 'kresd@*.service' kres-cache-gc.service +%if "x%{?fedora}" == "x" +/sbin/ldconfig +%endif + +%files +%dir %{_pkgdocdir} +%license %{_pkgdocdir}/COPYING +%doc %{_pkgdocdir}/AUTHORS +%doc %{_pkgdocdir}/NEWS +%doc %{_pkgdocdir}/examples +%dir %{_sysconfdir}/knot-resolver +%config(noreplace) %{_sysconfdir}/knot-resolver/kresd.conf +%config(noreplace) %{_sysconfdir}/knot-resolver/root.hints +%{_sysconfdir}/knot-resolver/icann-ca.pem +%attr(750,knot-resolver,knot-resolver) %dir %{_sharedstatedir}/knot-resolver +%attr(640,knot-resolver,knot-resolver) %{_sharedstatedir}/knot-resolver/root.keys +%{_unitdir}/kresd@.service +%{_unitdir}/kres-cache-gc.service +%{_unitdir}/kresd.target +%dir %{_unitdir}/multi-user.target.wants +%{_unitdir}/multi-user.target.wants/kresd.target +%{_mandir}/man7/kresd.systemd.7.gz +%{_tmpfilesdir}/knot-resolver.conf +%ghost /run/%{name} +%ghost %{_localstatedir}/cache/%{name} +%attr(750,knot-resolver,knot-resolver) %dir %{_libdir}/%{name} +%{_sbindir}/kresd +%{_sbindir}/kresc +%{_sbindir}/kres-cache-gc +%{_libdir}/libkres.so.* +%dir %{_libdir}/knot-resolver +%{_libdir}/knot-resolver/*.so +%{_libdir}/knot-resolver/*.lua +%dir %{_libdir}/knot-resolver/kres_modules +%{_libdir}/knot-resolver/kres_modules/bogus_log.so +%{_libdir}/knot-resolver/kres_modules/edns_keepalive.so +%{_libdir}/knot-resolver/kres_modules/hints.so +%{_libdir}/knot-resolver/kres_modules/nsid.so +%{_libdir}/knot-resolver/kres_modules/refuse_nord.so +%{_libdir}/knot-resolver/kres_modules/stats.so +%{_libdir}/knot-resolver/kres_modules/daf +%{_libdir}/knot-resolver/kres_modules/daf.lua +%{_libdir}/knot-resolver/kres_modules/detect_time_jump.lua +%{_libdir}/knot-resolver/kres_modules/detect_time_skew.lua +%{_libdir}/knot-resolver/kres_modules/dns64.lua +%if "x%{?suse_version}" == "x" +%{_libdir}/knot-resolver/kres_modules/experimental_dot_auth.lua +%endif +%{_libdir}/knot-resolver/kres_modules/graphite.lua +%{_libdir}/knot-resolver/kres_modules/policy.lua +%{_libdir}/knot-resolver/kres_modules/predict.lua +%{_libdir}/knot-resolver/kres_modules/prefill.lua +%{_libdir}/knot-resolver/kres_modules/priming.lua +%{_libdir}/knot-resolver/kres_modules/rebinding.lua +%{_libdir}/knot-resolver/kres_modules/renumber.lua +%{_libdir}/knot-resolver/kres_modules/serve_stale.lua +%{_libdir}/knot-resolver/kres_modules/ta_sentinel.lua +%{_libdir}/knot-resolver/kres_modules/ta_signal_query.lua +%{_libdir}/knot-resolver/kres_modules/ta_update.lua +%{_libdir}/knot-resolver/kres_modules/view.lua +%{_libdir}/knot-resolver/kres_modules/watchdog.lua +%{_libdir}/knot-resolver/kres_modules/workarounds.lua +%{_mandir}/man8/kresd.8.gz + +%files devel +%{_includedir}/libkres +%{_libdir}/pkgconfig/libkres.pc +%{_libdir}/libkres.so + +%if "x%{?rhel}" == "x" +%files doc +%dir %{_pkgdocdir} +%doc %{_pkgdocdir}/html +%doc %{_datadir}/info/knot-resolver.info* +%dir %{_datadir}/info/knot-resolver-figures +%doc %{_datadir}/info/knot-resolver-figures/* +%endif + +%if "x%{?suse_version}" == "x" +%files module-dnstap +%{_libdir}/knot-resolver/kres_modules/dnstap.so +%endif + +%if "x%{?suse_version}" == "x" +%files module-http +%{_libdir}/knot-resolver/debug_opensslkeylog.so +%{_libdir}/knot-resolver/kres_modules/http +%{_libdir}/knot-resolver/kres_modules/http*.lua +%{_libdir}/knot-resolver/kres_modules/prometheus.lua +%endif + +%changelog +* Fri Feb 16 2018 Tomas Krizek <tomas.krizek@nic.cz> - 2.1.0-1 +- see NEWS or https://www.knot-resolver.cz/ +- move spec file to upstream diff --git a/distro/tests/.ansible.cfg b/distro/tests/.ansible.cfg new file mode 100644 index 0000000..eef2015 --- /dev/null +++ b/distro/tests/.ansible.cfg @@ -0,0 +1,8 @@ +# SPDX-License-Identifier: GPL-3.0-or-later + +[defaults] + +# additional paths to search for roles in, colon separated +roles_path = ../ansible-roles +interpreter_python = auto +stdout_callback=debug diff --git a/distro/tests/README.md b/distro/tests/README.md new file mode 100644 index 0000000..08a951d --- /dev/null +++ b/distro/tests/README.md @@ -0,0 +1,42 @@ +Requirements +------------ + +- ansible +- vagrant +- libvirt (+vagrant-libvirt) / virtualbox + +Usage +----- + +`vagrant up` command is configured to trigger ansible provisioning +which configures OBS repository, installs the knot-resolver package, +starts the kresd@1 service and finally attempts to use it to resolve +a domain name. It also tests that DNSSEC validation is turned on. + +By default, the *knot-resolver-devel* repo (for knot-resolver) along +with *knot-resoler-latest* (for knot) is used. To test only the +*knot-resolver-latest* repo, set it in `repos.yaml` (or use the +test-distro.sh script which overwrites this file). If you're running +tests in parallel, they all HAVE TO use the same repo(s). + +Run the following command for every distro (aka directory with +Vagrantfile): + +``` +./test-distro.sh knot-resolver-devel debian9 +``` + +or + +``` +./test-distro.sh knot-resolver-testing debian9 +``` + +or + +``` +./test-distro.sh knot-resolver-latest debian9 +``` + +At the end of the test, the package version that was tested is +printed out. Make sure you're testing what you intended to. diff --git a/distro/tests/ansible-roles/knot_resolver/defaults/main.yaml b/distro/tests/ansible-roles/knot_resolver/defaults/main.yaml new file mode 100644 index 0000000..0860c26 --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/defaults/main.yaml @@ -0,0 +1,6 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +repos: + - knot-resolver-latest +distro: "{{ ansible_distribution | replace(' ', '_') }}" +update_packages: false diff --git a/distro/tests/ansible-roles/knot_resolver/tasks/configure_dnstap.yaml b/distro/tests/ansible-roles/knot_resolver/tasks/configure_dnstap.yaml new file mode 100644 index 0000000..817b117 --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/tasks/configure_dnstap.yaml @@ -0,0 +1,10 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: dnstap_config set up kresd.conf + blockinfile: + marker: -- {mark} ANSIBLE MANAGED BLOCK + block: | + modules.load('dnstap') + assert(dnstap) + path: /etc/knot-resolver/kresd.conf + insertbefore: BOF diff --git a/distro/tests/ansible-roles/knot_resolver/tasks/configure_doh.yaml b/distro/tests/ansible-roles/knot_resolver/tasks/configure_doh.yaml new file mode 100644 index 0000000..1da1789 --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/tasks/configure_doh.yaml @@ -0,0 +1,10 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: doh_config set up kresd.conf + blockinfile: + marker: -- {mark} ANSIBLE MANAGED BLOCK + block: | + net.listen('127.0.0.1', 44353, { kind = 'doh' }) + modules.load('http') + path: /etc/knot-resolver/kresd.conf + insertbefore: BOF diff --git a/distro/tests/ansible-roles/knot_resolver/tasks/configure_doh2.yaml b/distro/tests/ansible-roles/knot_resolver/tasks/configure_doh2.yaml new file mode 100644 index 0000000..eebca20 --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/tasks/configure_doh2.yaml @@ -0,0 +1,8 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: doh2_config set up kresd.conf + blockinfile: + marker: -- {mark} ANSIBLE MANAGED BLOCK + block: | + net.listen('127.0.0.1', 44354, { kind = 'doh2' }) + path: /etc/knot-resolver/kresd.conf diff --git a/distro/tests/ansible-roles/knot_resolver/tasks/main.yaml b/distro/tests/ansible-roles/knot_resolver/tasks/main.yaml new file mode 100644 index 0000000..921df1b --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/tasks/main.yaml @@ -0,0 +1,69 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: Include distribution specific vars + include_vars: "{{ distro }}.yaml" + +- name: Update all packages + package: + name: '*' + state: latest + when: update_packages|bool + +- name: Install packages + package: + name: "{{ packages }}" + state: latest + +- name: Always print package version at the end + block: + + - include: restart_kresd.yaml + + - include: test_udp.yaml + - include: test_tcp.yaml + - include: test_tls.yaml + - include: test_dnssec.yaml + + - include: test_kres_cache_gc.yaml + + - name: Test DoH (new implementation) + block: + - include: configure_doh2.yaml + - include: restart_kresd.yaml + - include: test_doh2.yaml + + - name: Test DoH (legacy) + block: + - name: Install knot-resolver-module-http + package: + name: knot-resolver-module-http + state: latest + + - include: configure_doh.yaml + when: ansible_distribution in ["CentOS", "Fedora", "Debian", "Ubuntu"] + + - include: restart_kresd.yaml + - include: test_doh.yaml + when: distro in ["Fedora", "Debian", "CentOS"] or (distro == "Ubuntu" and ansible_distribution_major_version|int >= 18) + + - name: Test dnstap module + block: + - name: Install knot-resolver-module-dnstap + package: + name: knot-resolver-module-dnstap + state: latest + - include: configure_dnstap.yaml + - include: restart_kresd.yaml + when: distro in ["Fedora", "Debian", "CentOS", "Ubuntu"] + + always: + + - name: Get installed package version + shell: "{{ show_package_version }}" + args: + warn: false + register: package_version + + - name: Show installed version + debug: + var: package_version.stdout diff --git a/distro/tests/ansible-roles/knot_resolver/tasks/restart_kresd.yaml b/distro/tests/ansible-roles/knot_resolver/tasks/restart_kresd.yaml new file mode 100644 index 0000000..00dbf5d --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/tasks/restart_kresd.yaml @@ -0,0 +1,16 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- block: + - name: Restart kresd@1.service + service: + name: kresd@1.service + state: restarted + rescue: + - name: Get kresd@1.service journal + shell: journalctl -u kresd@1 --since -20s + register: journal + - name: Print journal + debug: + var: journal + - name: Restart kresd@*.service failed, see log above + shell: /bin/false diff --git a/distro/tests/ansible-roles/knot_resolver/tasks/test_dnssec.yaml b/distro/tests/ansible-roles/knot_resolver/tasks/test_dnssec.yaml new file mode 100644 index 0000000..52bbbb2 --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/tasks/test_dnssec.yaml @@ -0,0 +1,15 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: dnssec_test bogussig.bad-dnssec.wb.sidnlabs.nl. +cd returns NOERROR + tags: + - test + shell: kdig +cd @127.0.0.1 bogussig.bad-dnssec.wb.sidnlabs.nl. + register: res + failed_when: '"status: NOERROR" not in res.stdout' + +- name: dnssec_test bogussig.bad-dnssec.wb.sidnlabs.nl. returns SERVFAIL + tags: + - test + shell: kdig @127.0.0.1 bogussig.bad-dnssec.wb.sidnlabs.nl. + register: res + failed_when: '"status: SERVFAIL" not in res.stdout' diff --git a/distro/tests/ansible-roles/knot_resolver/tasks/test_doh.yaml b/distro/tests/ansible-roles/knot_resolver/tasks/test_doh.yaml new file mode 100644 index 0000000..2c200e1 --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/tasks/test_doh.yaml @@ -0,0 +1,9 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: doh_test query localhost. A + get_url: + url: https://127.0.0.1:44353/doh?dns=1Y0BAAABAAAAAAAACWxvY2FsaG9zdAAAAQAB + sha256sum: e5c2710e6ecb78c089ab608ad5861b87be0d1c623c4d58b4eee3b21c06aa2008 + dest: /tmp/doh_test + mode: 0644 + validate_certs: false diff --git a/distro/tests/ansible-roles/knot_resolver/tasks/test_doh2.yaml b/distro/tests/ansible-roles/knot_resolver/tasks/test_doh2.yaml new file mode 100644 index 0000000..32cf295 --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/tasks/test_doh2.yaml @@ -0,0 +1,24 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: doh2_test check kdig https support + shell: kdig --help | grep -q '+\S*https' + register: kdig_https + ignore_errors: true + +- name: doh2_test query localhost. A + # use curl instead of ansible builtins (get_url/uri) + # because they currently use unsupported HTTP/1.1 + shell: | + curl -k -o /tmp/doh_test https://127.0.0.1:44354/doh?dns=1Y0BAAABAAAAAAAACWxvY2FsaG9zdAAAAQAB + echo "e5c2710e6ecb78c089ab608ad5861b87be0d1c623c4d58b4eee3b21c06aa2008 /tmp/doh_test" > /tmp/doh_test.sha256 + sha256sum --check /tmp/doh_test.sha256 + args: + # disable warning about using curl - we know what we're doing + warn: false + when: kdig_https is failed + +- name: doh2_test kdig localhost. A + shell: | + kdig @127.0.0.1 -p 44354 +https nic.cz || exit 1 + kdig @127.0.0.1 -p 44354 +https-get nic.cz || exit 2 + when: kdig_https is succeeded diff --git a/distro/tests/ansible-roles/knot_resolver/tasks/test_kres_cache_gc.yaml b/distro/tests/ansible-roles/knot_resolver/tasks/test_kres_cache_gc.yaml new file mode 100644 index 0000000..3a7c9c9 --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/tasks/test_kres_cache_gc.yaml @@ -0,0 +1,4 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: check kres-cache-gc.service is active + shell: systemctl is-active -q kres-cache-gc.service diff --git a/distro/tests/ansible-roles/knot_resolver/tasks/test_tcp.yaml b/distro/tests/ansible-roles/knot_resolver/tasks/test_tcp.yaml new file mode 100644 index 0000000..1af18fd --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/tasks/test_tcp.yaml @@ -0,0 +1,8 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: tcp_test resolve nic.cz + tags: + - test + shell: kdig +tcp @127.0.0.1 nic.cz + register: res + failed_when: '"status: NOERROR" not in res.stdout' diff --git a/distro/tests/ansible-roles/knot_resolver/tasks/test_tls.yaml b/distro/tests/ansible-roles/knot_resolver/tasks/test_tls.yaml new file mode 100644 index 0000000..c780657 --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/tasks/test_tls.yaml @@ -0,0 +1,8 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: tls_test resolve nic.cz + tags: + - test + shell: kdig +tls @127.0.0.1 nic.cz + register: res + failed_when: '"status: NOERROR" not in res.stdout' diff --git a/distro/tests/ansible-roles/knot_resolver/tasks/test_udp.yaml b/distro/tests/ansible-roles/knot_resolver/tasks/test_udp.yaml new file mode 100644 index 0000000..64023ff --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/tasks/test_udp.yaml @@ -0,0 +1,8 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: udp_test resolve nic.cz + tags: + - test + shell: kdig @127.0.0.1 nic.cz + register: res + failed_when: '"status: NOERROR" not in res.stdout' diff --git a/distro/tests/ansible-roles/knot_resolver/vars/CentOS.yaml b/distro/tests/ansible-roles/knot_resolver/vars/CentOS.yaml new file mode 100644 index 0000000..d69cb13 --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/vars/CentOS.yaml @@ -0,0 +1,6 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +show_package_version: rpm -qi knot-resolver | grep '^Version' +packages: + - knot-resolver + - knot-utils diff --git a/distro/tests/ansible-roles/knot_resolver/vars/Debian.yaml b/distro/tests/ansible-roles/knot_resolver/vars/Debian.yaml new file mode 100644 index 0000000..bcdc37a --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/vars/Debian.yaml @@ -0,0 +1,6 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +show_package_version: dpkg -s knot-resolver | grep '^Version' +packages: + - knot-resolver + - knot-dnsutils diff --git a/distro/tests/ansible-roles/knot_resolver/vars/Fedora.yaml b/distro/tests/ansible-roles/knot_resolver/vars/Fedora.yaml new file mode 100644 index 0000000..d69cb13 --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/vars/Fedora.yaml @@ -0,0 +1,6 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +show_package_version: rpm -qi knot-resolver | grep '^Version' +packages: + - knot-resolver + - knot-utils diff --git a/distro/tests/ansible-roles/knot_resolver/vars/Ubuntu.yaml b/distro/tests/ansible-roles/knot_resolver/vars/Ubuntu.yaml new file mode 100644 index 0000000..bcdc37a --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/vars/Ubuntu.yaml @@ -0,0 +1,6 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +show_package_version: dpkg -s knot-resolver | grep '^Version' +packages: + - knot-resolver + - knot-dnsutils diff --git a/distro/tests/ansible-roles/knot_resolver/vars/openSUSE_Leap.yaml b/distro/tests/ansible-roles/knot_resolver/vars/openSUSE_Leap.yaml new file mode 100644 index 0000000..d69cb13 --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/vars/openSUSE_Leap.yaml @@ -0,0 +1,6 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +show_package_version: rpm -qi knot-resolver | grep '^Version' +packages: + - knot-resolver + - knot-utils diff --git a/distro/tests/ansible-roles/knot_resolver/vars/openSUSE_Tumbleweed.yaml b/distro/tests/ansible-roles/knot_resolver/vars/openSUSE_Tumbleweed.yaml new file mode 100644 index 0000000..39d5ef0 --- /dev/null +++ b/distro/tests/ansible-roles/knot_resolver/vars/openSUSE_Tumbleweed.yaml @@ -0,0 +1,7 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +show_package_version: rpm -qi knot-resolver | grep '^Version' +update_packages: true +packages: + - knot-resolver + - knot-utils diff --git a/distro/tests/ansible-roles/obs_repos/defaults/main.yaml b/distro/tests/ansible-roles/obs_repos/defaults/main.yaml new file mode 100644 index 0000000..05ffcb6 --- /dev/null +++ b/distro/tests/ansible-roles/obs_repos/defaults/main.yaml @@ -0,0 +1,4 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +obs_distro: "{{ ansible_distribution | replace(' ', '_') }}" +obs_repofile_url: "https://download.opensuse.org/repositories/home:CZ-NIC:{{ item }}/{{ obs_repo_version }}/home:CZ-NIC:{{ item }}.repo" diff --git a/distro/tests/ansible-roles/obs_repos/tasks/CentOS.yaml b/distro/tests/ansible-roles/obs_repos/tasks/CentOS.yaml new file mode 100644 index 0000000..fecfbea --- /dev/null +++ b/distro/tests/ansible-roles/obs_repos/tasks/CentOS.yaml @@ -0,0 +1,13 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: Install EPEL + yum: + name: epel-release + state: present + +- name: Download repo file(s) + get_url: + url: "{{ obs_repofile_url }}" + dest: /etc/yum.repos.d/home:CZ-NIC:{{ item }}.repo + mode: 0644 + with_items: "{{ repos }}" diff --git a/distro/tests/ansible-roles/obs_repos/tasks/Debian.yaml b/distro/tests/ansible-roles/obs_repos/tasks/Debian.yaml new file mode 100644 index 0000000..6220f89 --- /dev/null +++ b/distro/tests/ansible-roles/obs_repos/tasks/Debian.yaml @@ -0,0 +1,15 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: Add upstream package signing key + get_url: + url: https://gitlab.nic.cz/knot/knot-resolver-release/raw/master/cznic-obs.gpg.asc + dest: /etc/apt/trusted.gpg.d/cznic-obs.gpg.asc + mode: 0644 + +- name: Add OBS repo(s) + apt_repository: + repo: > + deb http://download.opensuse.org/repositories/home:/CZ-NIC:/{{ item }}/{{ obs_repo_version }}/ / + state: present + update_cache: true + with_items: "{{ repos }}" diff --git a/distro/tests/ansible-roles/obs_repos/tasks/Fedora.yaml b/distro/tests/ansible-roles/obs_repos/tasks/Fedora.yaml new file mode 100644 index 0000000..520e057 --- /dev/null +++ b/distro/tests/ansible-roles/obs_repos/tasks/Fedora.yaml @@ -0,0 +1,8 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: Download repo file(s) + get_url: + url: "{{ obs_repofile_url }}" + dest: "/etc/yum.repos.d/home:CZ-NIC:{{ item }}.repo" + mode: 0644 + with_items: "{{ repos }}" diff --git a/distro/tests/ansible-roles/obs_repos/tasks/Ubuntu.yaml b/distro/tests/ansible-roles/obs_repos/tasks/Ubuntu.yaml new file mode 100644 index 0000000..ba424c4 --- /dev/null +++ b/distro/tests/ansible-roles/obs_repos/tasks/Ubuntu.yaml @@ -0,0 +1,14 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: Add upstream package signing key + apt_key: + url: https://gitlab.nic.cz/knot/knot-resolver-release/raw/master/cznic-obs.gpg.asc + state: present + +- name: Add OBS repo(s) + apt_repository: + repo: > + deb http://download.opensuse.org/repositories/home:/CZ-NIC:/{{ item }}/{{ obs_repo_version }}/ / + state: present + update_cache: true + with_items: "{{ repos }}" diff --git a/distro/tests/ansible-roles/obs_repos/tasks/main.yaml b/distro/tests/ansible-roles/obs_repos/tasks/main.yaml new file mode 100644 index 0000000..47976f9 --- /dev/null +++ b/distro/tests/ansible-roles/obs_repos/tasks/main.yaml @@ -0,0 +1,12 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: Include Debian specific vars + include_vars: "{{ obs_distro }}_{{ ansible_distribution_major_version }}.yaml" + when: obs_distro == "Debian" + +- name: Include distribution specific vars + include_vars: "{{ obs_distro }}.yaml" + when: obs_distro != "Debian" + +- name: Configure upstream reporitories + include: "{{ obs_distro }}.yaml" diff --git a/distro/tests/ansible-roles/obs_repos/tasks/openSUSE_Leap.yaml b/distro/tests/ansible-roles/obs_repos/tasks/openSUSE_Leap.yaml new file mode 100644 index 0000000..84ab5a9 --- /dev/null +++ b/distro/tests/ansible-roles/obs_repos/tasks/openSUSE_Leap.yaml @@ -0,0 +1,19 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: Install python-xml dependency for zypper_repository + shell: zypper install -y python-xml + args: + warn: false + +- name: Add upstream repo(s) + zypper_repository: + repo: "{{ obs_repofile_url }}" + state: present + disable_gpg_check: true # auto_import_keys is broken + with_items: "{{ repos }}" + +- name: Refresh all repositories + zypper_repository: + repo: '*' + runrefresh: true + failed_when: false diff --git a/distro/tests/ansible-roles/obs_repos/tasks/openSUSE_Tumbleweed.yaml b/distro/tests/ansible-roles/obs_repos/tasks/openSUSE_Tumbleweed.yaml new file mode 100644 index 0000000..c063014 --- /dev/null +++ b/distro/tests/ansible-roles/obs_repos/tasks/openSUSE_Tumbleweed.yaml @@ -0,0 +1,13 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- name: Add upstream repo(s) + zypper_repository: + repo: "{{ obs_repofile_url }}" + state: present + disable_gpg_check: true # auto_import_keys is broken + with_items: "{{ repos }}" + +- name: Refresh all repositories + zypper_repository: + repo: '*' + runrefresh: true diff --git a/distro/tests/ansible-roles/obs_repos/vars/CentOS.yaml b/distro/tests/ansible-roles/obs_repos/vars/CentOS.yaml new file mode 100644 index 0000000..22b4795 --- /dev/null +++ b/distro/tests/ansible-roles/obs_repos/vars/CentOS.yaml @@ -0,0 +1,3 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +obs_repo_version: "{{ obs_distro }}_{{ ansible_distribution_major_version }}_EPEL" diff --git a/distro/tests/ansible-roles/obs_repos/vars/Debian_10.yaml b/distro/tests/ansible-roles/obs_repos/vars/Debian_10.yaml new file mode 100644 index 0000000..5db857e --- /dev/null +++ b/distro/tests/ansible-roles/obs_repos/vars/Debian_10.yaml @@ -0,0 +1,3 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +obs_repo_version: "{{ obs_distro }}_{{ ansible_distribution_major_version }}" diff --git a/distro/tests/ansible-roles/obs_repos/vars/Debian_9.yaml b/distro/tests/ansible-roles/obs_repos/vars/Debian_9.yaml new file mode 100644 index 0000000..21cce25 --- /dev/null +++ b/distro/tests/ansible-roles/obs_repos/vars/Debian_9.yaml @@ -0,0 +1,3 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +obs_repo_version: "{{ obs_distro }}_{{ ansible_distribution_major_version }}.0" diff --git a/distro/tests/ansible-roles/obs_repos/vars/Fedora.yaml b/distro/tests/ansible-roles/obs_repos/vars/Fedora.yaml new file mode 100644 index 0000000..5db857e --- /dev/null +++ b/distro/tests/ansible-roles/obs_repos/vars/Fedora.yaml @@ -0,0 +1,3 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +obs_repo_version: "{{ obs_distro }}_{{ ansible_distribution_major_version }}" diff --git a/distro/tests/ansible-roles/obs_repos/vars/Ubuntu.yaml b/distro/tests/ansible-roles/obs_repos/vars/Ubuntu.yaml new file mode 100644 index 0000000..4e5cd2c --- /dev/null +++ b/distro/tests/ansible-roles/obs_repos/vars/Ubuntu.yaml @@ -0,0 +1,3 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +obs_repo_version: "x{{ obs_distro }}_{{ ansible_distribution_version }}" diff --git a/distro/tests/ansible-roles/obs_repos/vars/openSUSE_Leap.yaml b/distro/tests/ansible-roles/obs_repos/vars/openSUSE_Leap.yaml new file mode 100644 index 0000000..7dbd7d8 --- /dev/null +++ b/distro/tests/ansible-roles/obs_repos/vars/openSUSE_Leap.yaml @@ -0,0 +1,3 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +obs_repo_version: "{{ obs_distro }}_{{ ansible_distribution_version }}" diff --git a/distro/tests/ansible-roles/obs_repos/vars/openSUSE_Tumbleweed.yaml b/distro/tests/ansible-roles/obs_repos/vars/openSUSE_Tumbleweed.yaml new file mode 100644 index 0000000..d875db7 --- /dev/null +++ b/distro/tests/ansible-roles/obs_repos/vars/openSUSE_Tumbleweed.yaml @@ -0,0 +1,3 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +obs_repo_version: "{{ obs_distro }}" diff --git a/distro/tests/centos7/Vagrantfile b/distro/tests/centos7/Vagrantfile new file mode 100644 index 0000000..2358be3 --- /dev/null +++ b/distro/tests/centos7/Vagrantfile @@ -0,0 +1,30 @@ +# SPDX-License-Identifier: GPL-3.0-or-later +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + config.vm.box = "centos/7" + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "centos7_knot-resolver" do |machine| + machine.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-pkgtest.yaml" + ansible.extra_vars = { + ansible_python_interpreter: "/usr/bin/python2" + } + end + end + + config.vm.provider :libvirt do |libvirt| + libvirt.cpus = 1 + libvirt.memory = 1024 + end + + config.vm.provider :virtualbox do |vbox| + vbox.cpus = 1 + vbox.memory = 1024 + end + +end diff --git a/distro/tests/centos7/ansible.cfg b/distro/tests/centos7/ansible.cfg new file mode 120000 index 0000000..f80698e --- /dev/null +++ b/distro/tests/centos7/ansible.cfg @@ -0,0 +1 @@ +../.ansible.cfg
\ No newline at end of file diff --git a/distro/tests/centos8/Vagrantfile b/distro/tests/centos8/Vagrantfile new file mode 100644 index 0000000..e5b8f01 --- /dev/null +++ b/distro/tests/centos8/Vagrantfile @@ -0,0 +1,30 @@ +# SPDX-License-Identifier: GPL-3.0-or-later +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + config.vm.box = "centos/8" + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "centos8_knot-resolver" do |machine| + machine.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-pkgtest.yaml" + ansible.extra_vars = { + ansible_python_interpreter: "/usr/libexec/platform-python" + } + end + end + + config.vm.provider :libvirt do |libvirt| + libvirt.cpus = 1 + libvirt.memory = 1024 + end + + config.vm.provider :virtualbox do |vbox| + vbox.cpus = 1 + vbox.memory = 1024 + end + +end diff --git a/distro/tests/centos8/ansible.cfg b/distro/tests/centos8/ansible.cfg new file mode 120000 index 0000000..f80698e --- /dev/null +++ b/distro/tests/centos8/ansible.cfg @@ -0,0 +1 @@ +../.ansible.cfg
\ No newline at end of file diff --git a/distro/tests/debian10/Vagrantfile b/distro/tests/debian10/Vagrantfile new file mode 100644 index 0000000..7f51f1a --- /dev/null +++ b/distro/tests/debian10/Vagrantfile @@ -0,0 +1,28 @@ +# SPDX-License-Identifier: GPL-3.0-or-later +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + # debian/buster64 requires manual intervention for apt update as of 2019-07-18 + config.vm.box = "generic/debian10" + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "debian10_knot-resolver" do |machine| + machine.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-pkgtest.yaml" + end + end + + config.vm.provider :libvirt do |libvirt| + libvirt.cpus = 1 + libvirt.memory = 1024 + end + + config.vm.provider :virtualbox do |vbox| + vbox.cpus = 1 + vbox.memory = 1024 + end + +end diff --git a/distro/tests/debian10/ansible.cfg b/distro/tests/debian10/ansible.cfg new file mode 120000 index 0000000..f80698e --- /dev/null +++ b/distro/tests/debian10/ansible.cfg @@ -0,0 +1 @@ +../.ansible.cfg
\ No newline at end of file diff --git a/distro/tests/debian9/Vagrantfile b/distro/tests/debian9/Vagrantfile new file mode 100644 index 0000000..c4b6a24 --- /dev/null +++ b/distro/tests/debian9/Vagrantfile @@ -0,0 +1,27 @@ +# SPDX-License-Identifier: GPL-3.0-or-later +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + config.vm.box = "debian/stretch64" + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "debian9_knot-resolver" do |machine| + machine.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-pkgtest.yaml" + end + end + + config.vm.provider :libvirt do |libvirt| + libvirt.cpus = 1 + libvirt.memory = 1024 + end + + config.vm.provider :virtualbox do |vbox| + vbox.cpus = 1 + vbox.memory = 1024 + end + +end diff --git a/distro/tests/debian9/ansible.cfg b/distro/tests/debian9/ansible.cfg new file mode 120000 index 0000000..f80698e --- /dev/null +++ b/distro/tests/debian9/ansible.cfg @@ -0,0 +1 @@ +../.ansible.cfg
\ No newline at end of file diff --git a/distro/tests/fedora32/Vagrantfile b/distro/tests/fedora32/Vagrantfile new file mode 100644 index 0000000..c784c65 --- /dev/null +++ b/distro/tests/fedora32/Vagrantfile @@ -0,0 +1,30 @@ +# SPDX-License-Identifier: GPL-3.0-or-later +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + config.vm.box = "fedora/32-cloud-base" + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "fedora32_knot-resolver" do |machine| + machine.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-pkgtest.yaml" + ansible.extra_vars = { + ansible_python_interpreter: "/usr/bin/python3", + } + end + end + + config.vm.provider :libvirt do |libvirt| + libvirt.cpus = 1 + libvirt.memory = 1024 + end + + config.vm.provider :virtualbox do |vbox| + vbox.cpus = 1 + vbox.memory = 1024 + end + +end diff --git a/distro/tests/fedora32/ansible.cfg b/distro/tests/fedora32/ansible.cfg new file mode 120000 index 0000000..f80698e --- /dev/null +++ b/distro/tests/fedora32/ansible.cfg @@ -0,0 +1 @@ +../.ansible.cfg
\ No newline at end of file diff --git a/distro/tests/fedora33/Vagrantfile b/distro/tests/fedora33/Vagrantfile new file mode 100644 index 0000000..7971439 --- /dev/null +++ b/distro/tests/fedora33/Vagrantfile @@ -0,0 +1,30 @@ +# SPDX-License-Identifier: GPL-3.0-or-later +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + config.vm.box = "fedora/33-cloud-base" + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "fedora33_knot-resolver" do |machine| + machine.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-pkgtest.yaml" + ansible.extra_vars = { + ansible_python_interpreter: "/usr/bin/python3", + } + end + end + + config.vm.provider :libvirt do |libvirt| + libvirt.cpus = 1 + libvirt.memory = 1024 + end + + config.vm.provider :virtualbox do |vbox| + vbox.cpus = 1 + vbox.memory = 1024 + end + +end diff --git a/distro/tests/fedora33/ansible.cfg b/distro/tests/fedora33/ansible.cfg new file mode 120000 index 0000000..f80698e --- /dev/null +++ b/distro/tests/fedora33/ansible.cfg @@ -0,0 +1 @@ +../.ansible.cfg
\ No newline at end of file diff --git a/distro/tests/knot-resolver-pkgtest.yaml b/distro/tests/knot-resolver-pkgtest.yaml new file mode 100644 index 0000000..83545bb --- /dev/null +++ b/distro/tests/knot-resolver-pkgtest.yaml @@ -0,0 +1,13 @@ +--- +# SPDX-License-Identifier: GPL-3.0-or-later +- hosts: all + + remote_user: root + become: true + + vars_files: + - repos.yaml + + roles: + - obs_repos + - knot_resolver diff --git a/distro/tests/leap15/Vagrantfile b/distro/tests/leap15/Vagrantfile new file mode 100644 index 0000000..a2f7646 --- /dev/null +++ b/distro/tests/leap15/Vagrantfile @@ -0,0 +1,29 @@ +# SPDX-License-Identifier: GPL-3.0-or-later +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + config.vm.box = "generic/opensuse15" + + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "leap15_knot-resolver" do |machine| + machine.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-pkgtest.yaml" + end + end + + config.vm.provider :libvirt do |libvirt| + libvirt.cpus = 1 + libvirt.memory = 1024 + libvirt.disk_bus = "sata" + end + + config.vm.provider :virtualbox do |vbox| + vbox.cpus = 1 + vbox.memory = 1024 + end + +end diff --git a/distro/tests/leap15/ansible.cfg b/distro/tests/leap15/ansible.cfg new file mode 120000 index 0000000..f80698e --- /dev/null +++ b/distro/tests/leap15/ansible.cfg @@ -0,0 +1 @@ +../.ansible.cfg
\ No newline at end of file diff --git a/distro/tests/repos.yaml b/distro/tests/repos.yaml new file mode 100644 index 0000000..bd4bedd --- /dev/null +++ b/distro/tests/repos.yaml @@ -0,0 +1,4 @@ +# SPDX-License-Identifier: GPL-3.0-or-later +repos: + - knot-resolver-latest + - knot-resolver-devel diff --git a/distro/tests/test-distro.sh b/distro/tests/test-distro.sh new file mode 100755 index 0000000..55b75d0 --- /dev/null +++ b/distro/tests/test-distro.sh @@ -0,0 +1,26 @@ +#!/bin/bash -x +# SPDX-License-Identifier: GPL-3.0-or-later + +# ./test-distro.sh {obs_repo} {distro} +# Example usage: ./test-distro.sh knot-resolver-devel debian9 + +pkgtestdir="$(dirname ${0})" +repofile="$pkgtestdir/repos.yaml" + +distro=$2 +repo=$1 + +# Select repos +echo -e "repos:\n - $repo" > $repofile +if [ "$repo" == "knot-resolver-devel" ]; then + # get Knot DNS from knot-resolver-latest + echo -e ' - knot-resolver-latest' >> $repofile +fi + +pushd "$pkgtestdir/$distro" +vagrant destroy -f &>/dev/null +vagrant up +ret=$? +vagrant destroy -f &>/dev/null +popd +exit $ret diff --git a/distro/tests/ubuntu1604/Vagrantfile b/distro/tests/ubuntu1604/Vagrantfile new file mode 100644 index 0000000..6d22501 --- /dev/null +++ b/distro/tests/ubuntu1604/Vagrantfile @@ -0,0 +1,30 @@ +# SPDX-License-Identifier: GPL-3.0-or-later +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + config.vm.box = "generic/ubuntu1604" + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "ubuntu1604_knot-resolver" do |machine| + machine.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-pkgtest.yaml" + ansible.extra_vars = { + ansible_python_interpreter: "/usr/bin/python3" + } + end + end + + config.vm.provider :libvirt do |libvirt| + libvirt.cpus = 1 + libvirt.memory = 1024 + end + + config.vm.provider :virtualbox do |vbox| + vbox.cpus = 1 + vbox.memory = 1024 + end + +end diff --git a/distro/tests/ubuntu1604/ansible.cfg b/distro/tests/ubuntu1604/ansible.cfg new file mode 120000 index 0000000..f80698e --- /dev/null +++ b/distro/tests/ubuntu1604/ansible.cfg @@ -0,0 +1 @@ +../.ansible.cfg
\ No newline at end of file diff --git a/distro/tests/ubuntu1804/Vagrantfile b/distro/tests/ubuntu1804/Vagrantfile new file mode 100644 index 0000000..5c53895 --- /dev/null +++ b/distro/tests/ubuntu1804/Vagrantfile @@ -0,0 +1,30 @@ +# SPDX-License-Identifier: GPL-3.0-or-later +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + config.vm.box = "generic/ubuntu1804" + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "ubuntu1804_knot-resolver" do |machine| + machine.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-pkgtest.yaml" + ansible.extra_vars = { + ansible_python_interpreter: "/usr/bin/python3" + } + end + end + + config.vm.provider :libvirt do |libvirt| + libvirt.cpus = 1 + libvirt.memory = 1024 + end + + config.vm.provider :virtualbox do |vbox| + vbox.cpus = 1 + vbox.memory = 1024 + end + +end diff --git a/distro/tests/ubuntu1804/ansible.cfg b/distro/tests/ubuntu1804/ansible.cfg new file mode 120000 index 0000000..f80698e --- /dev/null +++ b/distro/tests/ubuntu1804/ansible.cfg @@ -0,0 +1 @@ +../.ansible.cfg
\ No newline at end of file diff --git a/distro/tests/ubuntu2004/Vagrantfile b/distro/tests/ubuntu2004/Vagrantfile new file mode 100644 index 0000000..3d5c40a --- /dev/null +++ b/distro/tests/ubuntu2004/Vagrantfile @@ -0,0 +1,30 @@ +# SPDX-License-Identifier: GPL-3.0-or-later +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + config.vm.box = "generic/ubuntu2004" + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "ubuntu2004_knot-resolver" do |machine| + machine.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-pkgtest.yaml" + ansible.extra_vars = { + ansible_python_interpreter: "/usr/bin/python3" + } + end + end + + config.vm.provider :libvirt do |libvirt| + libvirt.cpus = 1 + libvirt.memory = 1024 + end + + config.vm.provider :virtualbox do |vbox| + vbox.cpus = 1 + vbox.memory = 1024 + end + +end diff --git a/distro/tests/ubuntu2004/ansible.cfg b/distro/tests/ubuntu2004/ansible.cfg new file mode 120000 index 0000000..f80698e --- /dev/null +++ b/distro/tests/ubuntu2004/ansible.cfg @@ -0,0 +1 @@ +../.ansible.cfg
\ No newline at end of file diff --git a/distro/tests/ubuntu2010/Vagrantfile b/distro/tests/ubuntu2010/Vagrantfile new file mode 100644 index 0000000..c9020a3 --- /dev/null +++ b/distro/tests/ubuntu2010/Vagrantfile @@ -0,0 +1,31 @@ +# SPDX-License-Identifier: GPL-3.0-or-later +# -*- mode: ruby -*- +# vi: set ft=ruby : +# + +Vagrant.configure(2) do |config| + + # TODO: switch to generic/ubuntu2010 when available (has libvirt box) + config.vm.box = "ubuntu/groovy64" + config.vm.synced_folder ".", "/vagrant", disabled: true + + config.vm.define "ubuntu2010_knot-resolver" do |machine| + machine.vm.provision "ansible" do |ansible| + ansible.playbook = "../knot-resolver-pkgtest.yaml" + ansible.extra_vars = { + ansible_python_interpreter: "/usr/bin/python3" + } + end + end + + config.vm.provider :libvirt do |libvirt| + libvirt.cpus = 1 + libvirt.memory = 1024 + end + + config.vm.provider :virtualbox do |vbox| + vbox.cpus = 1 + vbox.memory = 1024 + end + +end diff --git a/distro/tests/ubuntu2010/ansible.cfg b/distro/tests/ubuntu2010/ansible.cfg new file mode 120000 index 0000000..f80698e --- /dev/null +++ b/distro/tests/ubuntu2010/ansible.cfg @@ -0,0 +1 @@ +../.ansible.cfg
\ No newline at end of file |