From 4822ded5a9df542cf536857361b242364502025f Mon Sep 17 00:00:00 2001 From: Sam Willcocks Date: Mon, 1 May 2023 01:22:25 +0100 Subject: [PATCH] initial working disaster --- .envrc | 1 + .gitignore | 1 + backend.go | 154 ++++++++++++++++++++++++++++++++++++++++++++++++++ cmd/main.go | 99 ++++++++++++++++++++++++++++++++ flake.lock | 109 +++++++++++++++++++++++++++++++++++ flake.nix | 36 ++++++++++++ go.mod | 25 ++++++++ go.sum | 81 ++++++++++++++++++++++++++ package.go | 160 ++++++++++++++++++++++++++++++++++++++++++++++++++++ release.go | 16 ++++++ 10 files changed, 682 insertions(+) create mode 100644 .envrc create mode 100644 .gitignore create mode 100644 backend.go create mode 100644 cmd/main.go create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 go.mod create mode 100644 go.sum create mode 100644 package.go create mode 100644 release.go diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..3550a30 --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use flake diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..92b2793 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.direnv diff --git a/backend.go b/backend.go new file mode 100644 index 0000000..37a38da --- /dev/null +++ b/backend.go @@ -0,0 +1,154 @@ +package debanator + +import ( + "crypto/md5" + "crypto/sha1" + "crypto/sha256" + "fmt" + "io" + "io/fs" + "os" + "path" + "strconv" + "strings" + + log "github.com/sirupsen/logrus" + "pault.ag/go/debian/control" + "pault.ag/go/debian/deb" + "pault.ag/go/debian/dependency" + "pault.ag/go/debian/version" + + "golang.org/x/exp/maps" +) + +// A backend to search for packages in +type Backend interface { + GetPackages() +} + + +type FileBackend struct { + path string +} + + +func NewFileBackend(path string) FileBackend { + return FileBackend{path} +} + +func BinaryIndexFromDeb(p string, basePath string) (*control.BinaryIndex, error) { + f, err := os.Open(p) + if err != nil { + return nil, fmt.Errorf("open file: %w", err) + } + defer f.Close() + debFile, err := deb.Load(f, p) + if err != nil { + return nil, fmt.Errorf("read deb: %w", err) + } + md5sum := md5.New() + sha1sum := sha1.New() + sha256sum := sha256.New() + hashWriter := io.MultiWriter(md5sum, sha1sum, sha256sum) + size, err := io.Copy(hashWriter, f) + if err != nil { + return nil, fmt.Errorf("hash file: %w", err) + } + bi := control.BinaryIndex{ + Paragraph: control.Paragraph{ + Values: make(map[string]string), + }, + Package: debFile.Control.Package, + Source: debFile.Control.Source, + Version: debFile.Control.Version, + InstalledSize: fmt.Sprintf("%d", debFile.Control.InstalledSize), + Size: strconv.Itoa(int(size)), + Maintainer: debFile.Control.Maintainer, + Architecture: debFile.Control.Architecture, + MultiArch: debFile.Control.MultiArch, + Description: debFile.Control.Description, + Homepage: debFile.Control.Homepage, + Section: debFile.Control.Section, + // FIXME: gross, make this more centrally managed somehow + Filename: path.Join("pool/main", strings.TrimPrefix(p, basePath)), + Priority: debFile.Control.Priority, + MD5sum: fmt.Sprintf("%x", md5sum.Sum(nil)), + SHA1: fmt.Sprintf("%x", sha1sum.Sum(nil)), + SHA256: fmt.Sprintf("%x", sha256sum.Sum(nil)), + } + if debFile.Control.Depends.String() != "" { + bi.Paragraph.Set("Depends", debFile.Control.Depends.String()) + } + if debFile.Control.Recommends.String() != "" { + bi.Paragraph.Set("Recommends", debFile.Control.Recommends.String()) + } + if debFile.Control.Suggests.String() != "" { + bi.Paragraph.Set("Suggests", debFile.Control.Suggests.String()) + } + if debFile.Control.Breaks.String() != "" { + bi.Paragraph.Set("Breaks", debFile.Control.Breaks.String()) + } + if debFile.Control.Replaces.String() != "" { + bi.Paragraph.Set("Replaces", debFile.Control.Replaces.String()) + } + if debFile.Control.BuiltUsing.String() != "" { + bi.Paragraph.Set("BuiltUsing", debFile.Control.BuiltUsing.String()) + } + return &bi, nil +} + +func ScanDebs(debpath string) Repo { + var debs []string + fs.WalkDir(os.DirFS(debpath), ".", func(path string, dir fs.DirEntry, err error) error { + if err != nil { + log.WithFields(log.Fields{ + "path": path, + "error": err, + }).Warn("Error scanning for debs") + return nil + } + if !dir.IsDir() && strings.HasSuffix(dir.Name(), ".deb"){ + debs = append(debs, path) + } + return nil + }) + packs := make(map[string]LogicalPackage) + for _, d := range debs { + p := path.Join(debpath, d) + bi, err := BinaryIndexFromDeb(p, debpath) + if err != nil { + log.WithFields(log.Fields{ + "path": p, + "error": err, + }).Error("Error processing deb file") + continue + } + + packageName := bi.Package + if _, ok := packs[packageName]; !ok { + packs[packageName] = LogicalPackage{ + Name: packageName, + Arches: make(map[dependency.Arch]map[version.Version]control.BinaryIndex), + } + } + pack := packs[packageName] + if _, ok := pack.Arches[bi.Architecture]; !ok { + pack.Arches[bi.Architecture] = make(map[version.Version]control.BinaryIndex) + } + arch := pack.Arches[bi.Architecture] + if _, ok := arch[bi.Version]; !ok { + arch[bi.Version] = *bi + } else { + log.WithFields(log.Fields{ + "package": packageName, + "arch": arch, + "version": bi.Version.String(), + }).Warn("Duplicate package/arch/version found, ignoring...") + } + } + + return Repo{ + packages: maps.Values(packs), + cache: make(map[string]hashedFile), + } +} diff --git a/cmd/main.go b/cmd/main.go new file mode 100644 index 0000000..8310e40 --- /dev/null +++ b/cmd/main.go @@ -0,0 +1,99 @@ +package main + +import ( + "encoding/json" + "flag" + "io" + "net/http" + "os" + + "github.com/ProtonMail/gopenpgp/v2/crypto" + "github.com/go-chi/chi/v5" + "github.com/go-chi/chi/v5/middleware" + log "github.com/sirupsen/logrus" + "github.com/wlcx/debanator" +) + +type responseRecorder struct { + http.ResponseWriter + status int +} + +func (r responseRecorder) WriteHeader(statusCode int) { + r.status = statusCode + r.ResponseWriter.WriteHeader(statusCode) +} + +func logMiddleware(h http.HandlerFunc) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + rec := responseRecorder{ResponseWriter: w} + h.ServeHTTP(rec, r) + log.WithFields(log.Fields{ + "remote": r.RemoteAddr, + "method": r.Method, + "url": r.URL, + "status": rec.status, + }).Info("Got request") + } +} + +func md(err error) { + if err != nil { + log.Fatal(err) + } +} + +func unwrap[T any](val T, err error) T { + md(err) + return val +} + +func main() { + listenAddr := *flag.String("listen", ":1612", "HTTP listen address") + debPath := *flag.String("debpath", "debs", "Path to directory containing deb files.") + flag.Parse() + log.Info("Starting...") + var ecKey *crypto.Key + kb, err := os.ReadFile("privkey.gpg") + if err != nil { + log.Infof("Generating new key...") + ecKey = unwrap(crypto.GenerateKey("Debanator", "packager@example.com", "x25519", 0)) + f := unwrap(os.Create("privkey.gpg")) + defer f.Close() + armored := unwrap(ecKey.Armor()) + f.WriteString(armored) + } else { + log.Infof("Using existing key...") + ecKey = unwrap(crypto.NewKeyFromArmored(string(kb))) + } + + signingKeyRing, err := crypto.NewKeyRing(ecKey) + if err != nil { + log.Fatal(err) + } + + repo := debanator.ScanDebs(debPath) + if err := repo.GenerateFiles(); err != nil { + log.Fatal(err) + } + log.Infof("Listening on %s", listenAddr) + r := chi.NewRouter() + r.Use(middleware.Logger) + r.Get("/", func(w http.ResponseWriter, r *http.Request) { + w.Header().Add("Content-Type", "application/json") + enc := json.NewEncoder(w) + if err := enc.Encode(repo); err != nil { + log.Errorf("encoding json: %v", err) + } + }) + r.Get("/pubkey.gpg", func(w http.ResponseWriter, r *http.Request) { + pub, err := ecKey.GetArmoredPublicKey() + if err != nil { + log.Fatal(err) + } + io.WriteString(w, pub) + }) + r.Mount("/dists/stable", repo.GetHandler(signingKeyRing)) + r.Get("/pool/main/*", http.StripPrefix("/pool/main/", http.FileServer(http.Dir(debPath))).ServeHTTP) + http.ListenAndServe(listenAddr, r) +} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..5704a35 --- /dev/null +++ b/flake.lock @@ -0,0 +1,109 @@ +{ + "nodes": { + "devshell": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1678957337, + "narHash": "sha256-Gw4nVbuKRdTwPngeOZQOzH/IFowmz4LryMPDiJN/ah4=", + "owner": "numtide", + "repo": "devshell", + "rev": "3e0e60ab37cd0bf7ab59888f5c32499d851edb47", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "devshell", + "type": "github" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1642700792, + "narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "846b2ae0fc4cc943637d3d1def4454213e203cba", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1677383253, + "narHash": "sha256-UfpzWfSxkfXHnb4boXZNaKsAcUrZT9Hw+tao1oZxd08=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9952d6bc395f5841262b006fbace8dd7e143b634", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1678101631, + "narHash": "sha256-vuuvWBNGhNSPPbFCjp2XZmBqJOvsFF1T0hyleRnHZlc=", + "path": "/nix/store/9hi0ykjc2h1hzldcqdfmjgw2hp0lld2v-source", + "rev": "934e613c31cf7af0624dcf088b9e2d9b802d0717", + "type": "path" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "root": { + "inputs": { + "devshell": "devshell", + "nixpkgs": "nixpkgs_2", + "utils": "utils" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..ec83545 --- /dev/null +++ b/flake.nix @@ -0,0 +1,36 @@ +{ + description = "Another cool golang abhorration from samw"; + + inputs.utils.url = "github:numtide/flake-utils"; + inputs.devshell.url = "github:numtide/devshell"; + + outputs = { + self, + nixpkgs, + utils, + devshell, + }: + utils.lib.eachDefaultSystem (system: let + pkgs = import nixpkgs { + inherit system; + overlays = [devshell.overlays.default]; + }; + in rec { + packages.default = pkgs.buildGoModule { + name = "my-project"; + src = self; + vendorSha256 = ""; + + # Inject the git version if you want + #ldflags = '' + # -X main.version=${if self ? rev then self.rev else "dirty"} + #''; + }; + + apps.default = utils.lib.mkApp {drv = packages.default;}; + + devShells.default = + pkgs.devshell.mkShell {packages = with pkgs; [go gopls];}; + formatter = pkgs.alejandra; + }); +} diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..9ecefd7 --- /dev/null +++ b/go.mod @@ -0,0 +1,25 @@ +module github.com/wlcx/debanator + +go 1.19 + +require ( + github.com/ProtonMail/gopenpgp/v2 v2.7.1 + github.com/go-chi/chi/v5 v5.0.8 + github.com/sirupsen/logrus v1.9.0 + golang.org/x/exp v0.0.0-20230420155640-133eef4313cb + pault.ag/go/debian v0.12.0 +) + +require ( + github.com/DataDog/zstd v1.4.8 // indirect + github.com/ProtonMail/go-crypto v0.0.0-20230321155629-9a39f2531310 // indirect + github.com/ProtonMail/go-mime v0.0.0-20230322103455-7d82a3887f2f // indirect + github.com/cloudflare/circl v1.1.0 // indirect + github.com/kjk/lzma v0.0.0-20161016003348-3fd93898850d // indirect + github.com/pkg/errors v0.9.1 // indirect + github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect + golang.org/x/crypto v0.7.0 // indirect + golang.org/x/sys v0.6.0 // indirect + golang.org/x/text v0.8.0 // indirect + pault.ag/go/topsort v0.0.0-20160530003732-f98d2ad46e1a // indirect +) diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..0b0b853 --- /dev/null +++ b/go.sum @@ -0,0 +1,81 @@ +github.com/DataDog/zstd v1.4.8 h1:Rpmta4xZ/MgZnriKNd24iZMhGpP5dvUcs/uqfBapKZY= +github.com/DataDog/zstd v1.4.8/go.mod h1:g4AWEaM3yOg3HYfnJ3YIawPnVdXJh9QME85blwSAmyw= +github.com/ProtonMail/go-crypto v0.0.0-20230321155629-9a39f2531310 h1:dGAdTcqheKrQ/TW76sAcmO2IorwXplUw2inPkOzykbw= +github.com/ProtonMail/go-crypto v0.0.0-20230321155629-9a39f2531310/go.mod h1:8TI4H3IbrackdNgv+92dI+rhpCaLqM0IfpgCgenFvRE= +github.com/ProtonMail/go-mime v0.0.0-20230322103455-7d82a3887f2f h1:tCbYj7/299ekTTXpdwKYF8eBlsYsDVoggDAuAjoK66k= +github.com/ProtonMail/go-mime v0.0.0-20230322103455-7d82a3887f2f/go.mod h1:gcr0kNtGBqin9zDW9GOHcVntrwnjrK+qdJ06mWYBybw= +github.com/ProtonMail/gopenpgp/v2 v2.7.1 h1:Awsg7MPc2gD3I7IFac2qE3Gdls0lZW8SzrFZ3k1oz0s= +github.com/ProtonMail/gopenpgp/v2 v2.7.1/go.mod h1:/BU5gfAVwqyd8EfC3Eu7zmuhwYQpKs+cGD8M//iiaxs= +github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= +github.com/cloudflare/circl v1.1.0 h1:bZgT/A+cikZnKIwn7xL2OBj012Bmvho/o6RpRvv3GKY= +github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/go-chi/chi/v5 v5.0.8 h1:lD+NLqFcAi1ovnVZpsnObHGW4xb4J8lNmoYVfECH1Y0= +github.com/go-chi/chi/v5 v5.0.8/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8= +github.com/kjk/lzma v0.0.0-20161016003348-3fd93898850d h1:RnWZeH8N8KXfbwMTex/KKMYMj0FJRCF6tQubUuQ02GM= +github.com/kjk/lzma v0.0.0-20161016003348-3fd93898850d/go.mod h1:phT/jsRPBAEqjAibu1BurrabCBNTYiVI+zbmyCZJY6Q= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= +github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 h1:nIPpBwaJSVYIxUFsDv3M8ofmx9yWTog9BfvIu0q41lo= +github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8/go.mod h1:HUYIGzjTL3rfEspMxjDjgmT5uz5wzYJKVo23qUhYTos= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.7.0 h1:AvwMYaRytfdeVt3u6mLaxYtErKYjxA2OXjJ1HHq6t3A= +golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= +golang.org/x/exp v0.0.0-20230420155640-133eef4313cb h1:rhjz/8Mbfa8xROFiH+MQphmAmgqRM0bOMnytznhWEXk= +golang.org/x/exp v0.0.0-20230420155640-133eef4313cb/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68= +golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +pault.ag/go/debian v0.12.0 h1:b8ctSdBSGJ98NE1VLn06aSx70EUpczlP2qqSHEiYYJA= +pault.ag/go/debian v0.12.0/go.mod h1:UbnMr3z/KZepjq7VzbYgBEfz8j4+Pyrm2L5X1fzhy/k= +pault.ag/go/topsort v0.0.0-20160530003732-f98d2ad46e1a h1:WwS7vlB5H2AtwKj1jsGwp2ZLud1x6WXRXh2fXsRqrcA= +pault.ag/go/topsort v0.0.0-20160530003732-f98d2ad46e1a/go.mod h1:INqx0ClF7kmPAMk2zVTX8DRnhZ/yaA/Mg52g8KFKE7k= diff --git a/package.go b/package.go new file mode 100644 index 0000000..f69d865 --- /dev/null +++ b/package.go @@ -0,0 +1,160 @@ +package debanator + +import ( + "bytes" + "fmt" + "io" + "net/http" + "time" + + "github.com/ProtonMail/gopenpgp/v2/crypto" + "github.com/go-chi/chi/v5" + log "github.com/sirupsen/logrus" + "golang.org/x/exp/maps" + "pault.ag/go/debian/control" + "pault.ag/go/debian/dependency" + "pault.ag/go/debian/hashio" + "pault.ag/go/debian/version" +) + +// A group of debs of a package for different arches/version +type LogicalPackage struct { + Name string + // arch:version:package + Arches map[dependency.Arch]map[version.Version]control.BinaryIndex +} + +type hashedFile struct { + buf []byte + md5Hash control.MD5FileHash + sha1Hash control.SHA1FileHash + sha256Hash control.SHA256FileHash +} + +type Repo struct { + packages []LogicalPackage + cache map[string]hashedFile + release []byte +} + +func (r *Repo) GetArches() []dependency.Arch { + arches := make(map[dependency.Arch]struct{}) + for _, lp := range r.packages { + for arch := range lp.Arches { + arches[arch] = struct{}{} + } + } + return maps.Keys(arches) +} + +// Find the latest versions of all packages for the given arch +func (r *Repo) GetPackagesForArch(a dependency.Arch) []control.BinaryIndex { + out := []control.BinaryIndex{} + for _, p := range r.packages { + if versions, ok := p.Arches[a]; ok { + var latest version.Version + for v := range versions { + if version.Compare(v, latest) > 0 { + latest = v + } + } + out = append(out, p.Arches[a][latest]) + } + } + return out +} + +func (r *Repo) makePackagesFileForArch(arch dependency.Arch) error { + var b bytes.Buffer + w, hashers, err := hashio.NewHasherWriters([]string{"md5", "sha256", "sha1"}, &b) + enc, _ := control.NewEncoder(w) + for _, d := range r.GetPackagesForArch(arch) { + if err = enc.Encode(d); err != nil { + return fmt.Errorf("encoding package %s: %w", d.Package, err) + } + } + fname := fmt.Sprintf("main/binary-%s/Packages", arch) + hashes := make(map[string]control.FileHash) + for _, h := range hashers { + hashes[h.Name()] = control.FileHashFromHasher(fname, *h) + } + r.cache[fname] = hashedFile{ + buf: b.Bytes(), + sha256Hash: control.SHA256FileHash{hashes["sha256"]}, + sha1Hash: control.SHA1FileHash{hashes["sha1"]}, + md5Hash: control.MD5FileHash{hashes["md5"]}, + } + return nil +} + +// Generate and cache all the Package/Repo files +func (r *Repo) GenerateFiles() error { + for _, arch := range r.GetArches() { + if err := r.makePackagesFileForArch(arch); err != nil { + return fmt.Errorf("generating files for arch %s: %w", arch, err) + } + } + r.makeRelease() + return nil +} + +func (r *Repo) makeRelease() { + var rel bytes.Buffer + enc, _ := control.NewEncoder(&rel) + const dateFmt = "Mon, 02 Jan 2006 15:04:05 MST" + var md5s []control.MD5FileHash + var sha1s []control.SHA1FileHash + var sha256s []control.SHA256FileHash + for _, f := range r.cache { + md5s = append(md5s, f.md5Hash) + sha1s = append(sha1s, f.sha1Hash) + sha256s = append(sha256s, f.sha256Hash) + } + if err := enc.Encode(Release{ + Suite: "stable", + Architectures: r.GetArches(), + Components: "main", + Date: time.Now().UTC().Format(dateFmt), + MD5Sum: md5s, + SHA1: sha1s, + SHA256: sha256s, + }); err != nil { + log.Fatal(err) + } + r.release = rel.Bytes() + return + } + + +// Handle a deb/apt repository http request +func (r *Repo) GetHandler(keyring *crypto.KeyRing) http.Handler { + router := chi.NewRouter() + router.Get("/Release", func(w http.ResponseWriter, req *http.Request) { + if _, err := w.Write(r.release); err != nil { + log.Fatal(err) + } + }) + router.Get("/Release.gpg", func(w http.ResponseWriter, req *http.Request) { + msg := crypto.NewPlainMessage(r.release) + sig, err := keyring.SignDetached(msg) + if err != nil { + log.Fatal(err) + } + sigStr, err := sig.GetArmored() + if err != nil { + log.Fatal(err) + } + io.WriteString(w, sigStr) + }) + router.Get("/main/{arch}/Packages", func(w http.ResponseWriter, req *http.Request) { + h, ok := r.cache[fmt.Sprintf("main/%s/Packages", chi.URLParam(req, "arch"))] + if !ok { + w.WriteHeader(http.StatusBadRequest) + return + } + _, err := w.Write(h.buf); if err != nil { + log.Error(err) + } + }) + return router +} diff --git a/release.go b/release.go new file mode 100644 index 0000000..8c5a75a --- /dev/null +++ b/release.go @@ -0,0 +1,16 @@ +package debanator + +import ( + "pault.ag/go/debian/control" + "pault.ag/go/debian/dependency" +) + +type Release struct { + Suite string + Architectures []dependency.Arch + Components string + Date string + SHA1 []control.SHA1FileHash `delim:"\n" strip:"\n\r\t "` + SHA256 []control.SHA256FileHash`delim:"\n" strip:"\n\r\t "` + MD5Sum []control.MD5FileHash`delim:"\n" strip:"\n\r\t "` +}