diff --git a/.github/workflows/run-setup.yml b/.github/workflows/run-setup.yml new file mode 100644 index 00000000..e5442c2d --- /dev/null +++ b/.github/workflows/run-setup.yml @@ -0,0 +1,21 @@ +name: setup + +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + +jobs: + run-setup: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + - name: setup the service in arch linux container + run: | + docker run \ + -v ${{ github.workspace }}:/build -w /build \ + archlinux:latest \ + .github/workflows/setup.sh diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 5b72a0ac..584fcde6 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -18,9 +18,4 @@ jobs: docker run \ -v ${{ github.workspace }}:/build -w /build \ archlinux:latest \ - /bin/bash -c "pacman --noconfirm -Syu base-devel python-argparse-manpage python-pip && \ - pip install -e .[web] && \ - pip install -e .[check] && \ - pip install -e .[s3] && \ - pip install -e .[test] && \ - make check tests" + .github/workflows/tests.sh diff --git a/.github/workflows/setup.sh b/.github/workflows/setup.sh new file mode 100755 index 00000000..59fc80cf --- /dev/null +++ b/.github/workflows/setup.sh @@ -0,0 +1,47 @@ +#!/bin/bash +# Install the package and run main install commands + +set -ex + +# install dependencies +echo -e '[arcanisrepo]\nServer = http://repo.arcanis.me/$arch\nSigLevel = Never' | tee -a /etc/pacman.conf +# main dependencies +pacman --noconfirm -Sy base-devel devtools git pyalpm python-aur python-passlib python-srcinfo sudo +# make dependencies +pacman --noconfirm -Sy python-pip +# optional dependencies +# VCS support +pacman --noconfirm -Sy breezy darcs mercurial subversion +# web server +pacman --noconfirm -Sy python-aioauth-client python-aiohttp python-aiohttp-debugtoolbar python-aiohttp-jinja2 python-aiohttp-security python-aiohttp-session python-cryptography python-jinja +# additional features +pacman --noconfirm -Sy gnupg python-boto3 rsync + +# create fresh tarball +make VERSION=1.0.0 archlinux # well, it does not really matter which version we will put here +# run makepkg +mv ahriman-*-src.tar.xz package/archlinux +chmod +777 package/archlinux # because fuck you that's why +cd package/archlinux +sudo -u nobody makepkg -cf --skipchecksums --noconfirm +pacman --noconfirm -U ahriman-1.0.0-1-any.pkg.tar.zst + +# special thing for the container, because /dev/log interface is not available there +sed -i 's/handlers = syslog_handler/handlers = console_handler/g' /etc/ahriman.ini.d/logging.ini +# initial setup command as root +sudo -u ahriman ahriman -a x86_64 init +ahriman -a x86_64 repo-setup --packager "ahriman bot " --repository "github" --web-port 8080 +# enable services +systemctl enable ahriman-web@x86_64 +systemctl enable ahriman@x86_64.timer +# run web service (detached) +sudo -u ahriman ahriman -a x86_64 web & +WEBPID=$! +sleep 15s # wait for the web service activation +# add the first package +# the build itself does not really work in the container because it requires procfs +sudo -u ahriman ahriman package-add yay +# run package check +sudo -u ahriman ahriman repo-update +# stop web service lol +kill $WEBPID diff --git a/.github/workflows/tests.sh b/.github/workflows/tests.sh new file mode 100755 index 00000000..01af64ee --- /dev/null +++ b/.github/workflows/tests.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Install dependencies and run test in container + +set -ex + +# install dependencies +pacman --noconfirm -Syu base-devel python-pip + +# install python packages +pip install -e .[web] +pip install -e .[check] +pip install -e .[s3] +pip install -e .[test] + +# run test and check targets +make check tests diff --git a/README.md b/README.md index 792129dd..c3d087c4 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,7 @@ # ArcH Linux ReposItory MANager -[![build status](https://github.com/arcan1s/ahriman/actions/workflows/run-tests.yml/badge.svg)](https://github.com/arcan1s/ahriman/actions/workflows/run-tests.yml) +[![tests status](https://github.com/arcan1s/ahriman/actions/workflows/run-tests.yml/badge.svg)](https://github.com/arcan1s/ahriman/actions/workflows/run-tests.yml) +[![setup status](https://github.com/arcan1s/ahriman/actions/workflows/run-setup.yml/badge.svg)](https://github.com/arcan1s/ahriman/actions/workflows/run-setup.yml) [![CodeFactor](https://www.codefactor.io/repository/github/arcan1s/ahriman/badge)](https://www.codefactor.io/repository/github/arcan1s/ahriman) Wrapper for managing custom repository inspired by [repo-scripts](https://github.com/arcan1s/repo-scripts). @@ -24,8 +25,9 @@ For installation details please refer to the [documentation](docs/setup.md). For ```shell $ ahriman --help -usage: ahriman [-h] [-a ARCHITECTURE] [-c CONFIGURATION] [--force] [-l LOCK] [--no-log] [--no-report] [--unsafe] [-v] - {add,check,clean,config,create-user,init,key-import,rebuild,remove,remove-unknown,report,search,setup,sign,status,status-update,sync,update,web} ... +usage: ahriman [-h] [-a ARCHITECTURE] [-c CONFIGURATION] [--force] [-l LOCK] [--no-report] [-q] [--unsafe] [-v] + {aur-search,search,key-import,package-add,add,package-remove,remove,package-status,status,package-status-remove,package-status-update,status-update,patch-add,patch-list,patch-remove,repo-check,check,repo-clean,clean,repo-config,config,repo-init,init,repo-rebuild,rebuild,repo-remove-unknown,remove-unknown,repo-report,report,repo-setup,setup,repo-sign,sign,repo-sync,sync,repo-update,update,user-add,user-remove,web} + ... ArcH Linux ReposItory MANager @@ -37,33 +39,48 @@ optional arguments: configuration path (default: /etc/ahriman.ini) --force force run, remove file lock (default: False) -l LOCK, --lock LOCK lock file (default: /tmp/ahriman.lock) - --no-log redirect all log messages to stderr (default: False) --no-report force disable reporting to web service (default: False) + -q, --quiet force disable any logging (default: False) --unsafe allow to run ahriman as non-ahriman user (default: False) -v, --version show program's version number and exit command: - {add,check,clean,config,create-user,init,key-import,rebuild,remove,remove-unknown,report,search,setup,sign,status,status-update,sync,update,web} + {aur-search,search,key-import,package-add,add,package-remove,remove,package-status,status,package-status-remove,package-status-update,status-update,patch-add,patch-list,patch-remove,repo-check,check,repo-clean,clean,repo-config,config,repo-init,init,repo-rebuild,rebuild,repo-remove-unknown,remove-unknown,repo-report,report,repo-setup,setup,repo-sign,sign,repo-sync,sync,repo-update,update,user-add,user-remove,web} command to run - add add package - check check for updates - clean clean local caches - config dump configuration - create-user create user for web services - init create repository tree + aur-search (search) + search for package key-import import PGP key - rebuild rebuild repository - remove remove package - remove-unknown remove unknown packages - report generate report - search search for package - setup initial service configuration - sign sign packages - status get package status - status-update update package status - sync sync repository - update update packages - web start web server + package-add (add) add package + package-remove (remove) + remove package + package-status (status) + get package status + package-status-remove + remove package status + package-status-update (status-update) + update package status + patch-add patches control + patch-list patches control + patch-remove patches control + repo-check (check) check for updates + repo-clean (clean) clean local caches + repo-config (config) + dump configuration + repo-init (init) create repository tree + repo-rebuild (rebuild) + rebuild repository + repo-remove-unknown (remove-unknown) + remove unknown packages + repo-report (report) + generate report + repo-setup (setup) initial service configuration + repo-sign (sign) sign packages + repo-sync (sync) sync repository + repo-update (update) + update packages + user-add create or update user for web services + user-remove remove user for web services + web web server ``` Subcommands have own help message as well. diff --git a/docs/ahriman.1 b/docs/ahriman.1 index cc6aba2c..b1c5c15a 100644 --- a/docs/ahriman.1 +++ b/docs/ahriman.1 @@ -3,7 +3,7 @@ ahriman .SH SYNOPSIS .B ahriman -[-h] [-a ARCHITECTURE] [-c CONFIGURATION] [--force] [-l LOCK] [--no-log] [--no-report] [--unsafe] [-v] {add,check,clean,config,init,key-import,rebuild,remove,remove-unknown,report,search,setup,sign,status,status-update,sync,update,user,web} ... +[-h] [-a ARCHITECTURE] [-c CONFIGURATION] [--force] [-l LOCK] [--no-report] [-q] [--unsafe] [-v] {aur-search,search,key-import,package-add,add,package-remove,remove,package-status,status,package-status-remove,package-status-update,status-update,patch-add,patch-list,patch-remove,repo-check,check,repo-clean,clean,repo-config,config,repo-init,init,repo-rebuild,rebuild,repo-remove-unknown,remove-unknown,repo-report,report,repo-setup,setup,repo-sign,sign,repo-sync,sync,repo-update,update,user-add,user-remove,web} ... .SH DESCRIPTION ArcH Linux ReposItory MANager .SH OPTIONS @@ -24,14 +24,14 @@ force run, remove file lock \fB\-l\fR \fI\,LOCK\/\fR, \fB\-\-lock\fR \fI\,LOCK\/\fR lock file -.TP -\fB\-\-no\-log\fR -redirect all log messages to stderr - .TP \fB\-\-no\-report\fR force disable reporting to web service +.TP +\fB\-q\fR, \fB\-\-quiet\fR +force disable any logging + .TP \fB\-\-unsafe\fR allow to run ahriman as non\-ahriman user @@ -43,64 +43,115 @@ show program's version number and exit .SS \fBSub-commands\fR .TP -\fBahriman\fR \fI\,add\/\fR -add package -.TP -\fBahriman\fR \fI\,check\/\fR -check for updates -.TP -\fBahriman\fR \fI\,clean\/\fR -clean local caches -.TP -\fBahriman\fR \fI\,config\/\fR -dump configuration -.TP -\fBahriman\fR \fI\,init\/\fR -create repository tree +\fBahriman\fR \fI\,aur-search\/\fR +search for package .TP \fBahriman\fR \fI\,key-import\/\fR import PGP key .TP -\fBahriman\fR \fI\,rebuild\/\fR -rebuild repository +\fBahriman\fR \fI\,package-add\/\fR +add package .TP -\fBahriman\fR \fI\,remove\/\fR +\fBahriman\fR \fI\,package-remove\/\fR remove package .TP -\fBahriman\fR \fI\,remove-unknown\/\fR -remove unknown packages -.TP -\fBahriman\fR \fI\,report\/\fR -generate report -.TP -\fBahriman\fR \fI\,search\/\fR -search for package -.TP -\fBahriman\fR \fI\,setup\/\fR -initial service configuration -.TP -\fBahriman\fR \fI\,sign\/\fR -sign packages -.TP -\fBahriman\fR \fI\,status\/\fR +\fBahriman\fR \fI\,package-status\/\fR get package status .TP -\fBahriman\fR \fI\,status-update\/\fR +\fBahriman\fR \fI\,package-status-remove\/\fR +remove package status +.TP +\fBahriman\fR \fI\,package-status-update\/\fR update package status .TP -\fBahriman\fR \fI\,sync\/\fR +\fBahriman\fR \fI\,patch-add\/\fR +patches control +.TP +\fBahriman\fR \fI\,patch-list\/\fR +patches control +.TP +\fBahriman\fR \fI\,patch-remove\/\fR +patches control +.TP +\fBahriman\fR \fI\,repo-check\/\fR +check for updates +.TP +\fBahriman\fR \fI\,repo-clean\/\fR +clean local caches +.TP +\fBahriman\fR \fI\,repo-config\/\fR +dump configuration +.TP +\fBahriman\fR \fI\,repo-init\/\fR +create repository tree +.TP +\fBahriman\fR \fI\,repo-rebuild\/\fR +rebuild repository +.TP +\fBahriman\fR \fI\,repo-remove-unknown\/\fR +remove unknown packages +.TP +\fBahriman\fR \fI\,repo-report\/\fR +generate report +.TP +\fBahriman\fR \fI\,repo-setup\/\fR +initial service configuration +.TP +\fBahriman\fR \fI\,repo-sign\/\fR +sign packages +.TP +\fBahriman\fR \fI\,repo-sync\/\fR sync repository .TP -\fBahriman\fR \fI\,update\/\fR +\fBahriman\fR \fI\,repo-update\/\fR update packages .TP -\fBahriman\fR \fI\,user\/\fR -manage users for web services +\fBahriman\fR \fI\,user-add\/\fR +create or update user for web services +.TP +\fBahriman\fR \fI\,user-remove\/\fR +remove user for web services .TP \fBahriman\fR \fI\,web\/\fR -start web server -.SH OPTIONS 'ahriman add' -usage: ahriman add [-h] [--now] [--source {PackageSource.Auto,PackageSource.Archive,PackageSource.Directory,PackageSource.AUR}] [--without-dependencies] package [package ...] +web server +.SH OPTIONS 'ahriman aur-search' +usage: ahriman aur-search [-h] search [search ...] + +search for package in AUR using API + +.TP +\fBsearch\fR +search terms, can be specified multiple times + + +.SH OPTIONS 'ahriman search' +usage: ahriman aur-search [-h] search [search ...] + +search for package in AUR using API + +.TP +\fBsearch\fR +search terms, can be specified multiple times + + +.SH OPTIONS 'ahriman key-import' +usage: ahriman key-import [-h] [--key-server KEY_SERVER] key + +import PGP key from public sources to repository user + +.TP +\fBkey\fR +PGP key to import from public server + +.TP +\fB\-\-key\-server\fR \fI\,KEY_SERVER\/\fR +key server for key import + +.SH OPTIONS 'ahriman package-add' +usage: ahriman package-add [-h] [-n] + [-s {PackageSource.Auto,PackageSource.Archive,PackageSource.Directory,PackageSource.AUR}] + [--without-dependencies] + package [package ...] add package @@ -109,19 +160,174 @@ add package package base/name or archive path .TP -\fB\-\-now\fR +\fB\-n\fR, \fB\-\-now\fR run update function after .TP -\fB\-\-source\fR {PackageSource.Auto,PackageSource.Archive,PackageSource.Directory,PackageSource.AUR} +\fB\-s\fR {PackageSource.Auto,PackageSource.Archive,PackageSource.Directory,PackageSource.AUR}, \fB\-\-source\fR {PackageSource.Auto,PackageSource.Archive,PackageSource.Directory,PackageSource.AUR} package source .TP \fB\-\-without\-dependencies\fR do not add dependencies -.SH OPTIONS 'ahriman check' -usage: ahriman check [-h] [--no-vcs] [package ...] +.SH OPTIONS 'ahriman add' +usage: ahriman package-add [-h] [-n] + [-s {PackageSource.Auto,PackageSource.Archive,PackageSource.Directory,PackageSource.AUR}] + [--without-dependencies] + package [package ...] + +add package + +.TP +\fBpackage\fR +package base/name or archive path + +.TP +\fB\-n\fR, \fB\-\-now\fR +run update function after + +.TP +\fB\-s\fR {PackageSource.Auto,PackageSource.Archive,PackageSource.Directory,PackageSource.AUR}, \fB\-\-source\fR {PackageSource.Auto,PackageSource.Archive,PackageSource.Directory,PackageSource.AUR} +package source + +.TP +\fB\-\-without\-dependencies\fR +do not add dependencies + +.SH OPTIONS 'ahriman package-remove' +usage: ahriman package-remove [-h] package [package ...] + +remove package + +.TP +\fBpackage\fR +package name or base + + +.SH OPTIONS 'ahriman remove' +usage: ahriman package-remove [-h] package [package ...] + +remove package + +.TP +\fBpackage\fR +package name or base + + +.SH OPTIONS 'ahriman package-status' +usage: ahriman package-status [-h] [--ahriman] + [-s {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success}] + [package ...] + +request status of the package + +.TP +\fBpackage\fR +filter status by package base + +.TP +\fB\-\-ahriman\fR +get service status itself + +.TP +\fB\-s\fR {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success}, \fB\-\-status\fR {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success} +filter packages by status + +.SH OPTIONS 'ahriman status' +usage: ahriman package-status [-h] [--ahriman] + [-s {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success}] + [package ...] + +request status of the package + +.TP +\fBpackage\fR +filter status by package base + +.TP +\fB\-\-ahriman\fR +get service status itself + +.TP +\fB\-s\fR {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success}, \fB\-\-status\fR {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success} +filter packages by status + +.SH OPTIONS 'ahriman package-status-remove' +usage: ahriman package-status-remove [-h] package [package ...] + +remove the package from the status page + +.TP +\fBpackage\fR +remove specified packages + + +.SH OPTIONS 'ahriman package-status-update' +usage: ahriman package-status-update [-h] + [-s {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success}] + [package ...] + +update package status on the status page + +.TP +\fBpackage\fR +set status for specified packages. If no packages supplied, service status will be updated + +.TP +\fB\-s\fR {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success}, \fB\-\-status\fR {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success} +new status + +.SH OPTIONS 'ahriman status-update' +usage: ahriman package-status-update [-h] + [-s {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success}] + [package ...] + +update package status on the status page + +.TP +\fBpackage\fR +set status for specified packages. If no packages supplied, service status will be updated + +.TP +\fB\-s\fR {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success}, \fB\-\-status\fR {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success} +new status + +.SH OPTIONS 'ahriman patch-add' +usage: ahriman patch-add [-h] [-t TRACK] package + +create/update for sources + +.TP +\fBpackage\fR +path to directory with changed files for patch addition/update + +.TP +\fB\-t\fR \fI\,TRACK\/\fR, \fB\-\-track\fR \fI\,TRACK\/\fR +files which has to be tracked + +.SH OPTIONS 'ahriman patch-list' +usage: ahriman patch-list [-h] package + +list available patches for the package + +.TP +\fBpackage\fR +package base + + +.SH OPTIONS 'ahriman patch-remove' +usage: ahriman patch-remove [-h] package + +remove patches for the package + +.TP +\fBpackage\fR +package base + + +.SH OPTIONS 'ahriman repo-check' +usage: ahriman repo-check [-h] [--no-vcs] [package ...] check for updates. Same as update \-\-dry\-run \-\-no\-manual @@ -133,8 +339,21 @@ filter check by package base \fB\-\-no\-vcs\fR do not check VCS packages -.SH OPTIONS 'ahriman clean' -usage: ahriman clean [-h] [--no-build] [--no-cache] [--no-chroot] [--no-manual] [--no-packages] +.SH OPTIONS 'ahriman check' +usage: ahriman repo-check [-h] [--no-vcs] [package ...] + +check for updates. Same as update \-\-dry\-run \-\-no\-manual + +.TP +\fBpackage\fR +filter check by package base + +.TP +\fB\-\-no\-vcs\fR +do not check VCS packages + +.SH OPTIONS 'ahriman repo-clean' +usage: ahriman repo-clean [-h] [--no-build] [--no-cache] [--no-chroot] [--no-manual] [--no-packages] clear local caches @@ -159,35 +378,62 @@ do not clear directory with manually added packages \fB\-\-no\-packages\fR do not clear directory with built packages -.SH OPTIONS 'ahriman config' -usage: ahriman config [-h] +.SH OPTIONS 'ahriman clean' +usage: ahriman repo-clean [-h] [--no-build] [--no-cache] [--no-chroot] [--no-manual] [--no-packages] + +clear local caches + + +.TP +\fB\-\-no\-build\fR +do not clear directory with package sources + +.TP +\fB\-\-no\-cache\fR +do not clear directory with package caches + +.TP +\fB\-\-no\-chroot\fR +do not clear build chroot + +.TP +\fB\-\-no\-manual\fR +do not clear directory with manually added packages + +.TP +\fB\-\-no\-packages\fR +do not clear directory with built packages + +.SH OPTIONS 'ahriman repo-config' +usage: ahriman repo-config [-h] dump configuration for specified architecture -.SH OPTIONS 'ahriman init' -usage: ahriman init [-h] +.SH OPTIONS 'ahriman config' +usage: ahriman repo-config [-h] + +dump configuration for specified architecture + + + +.SH OPTIONS 'ahriman repo-init' +usage: ahriman repo-init [-h] create empty repository tree. Optional command for auto architecture support -.SH OPTIONS 'ahriman key-import' -usage: ahriman key-import [-h] [--key-server KEY_SERVER] key +.SH OPTIONS 'ahriman init' +usage: ahriman repo-init [-h] -import PGP key from public sources to repository user +create empty repository tree. Optional command for auto architecture support -.TP -\fBkey\fR -PGP key to import from public server -.TP -\fB\-\-key\-server\fR \fI\,KEY_SERVER\/\fR -key server for key import -.SH OPTIONS 'ahriman rebuild' -usage: ahriman rebuild [-h] [--depends-on DEPENDS_ON] +.SH OPTIONS 'ahriman repo-rebuild' +usage: ahriman repo-rebuild [-h] [--depends-on DEPENDS_ON] rebuild whole repository @@ -196,18 +442,18 @@ rebuild whole repository \fB\-\-depends\-on\fR \fI\,DEPENDS_ON\/\fR only rebuild packages that depend on specified package -.SH OPTIONS 'ahriman remove' -usage: ahriman remove [-h] package [package ...] +.SH OPTIONS 'ahriman rebuild' +usage: ahriman repo-rebuild [-h] [--depends-on DEPENDS_ON] + +rebuild whole repository -remove package .TP -\fBpackage\fR -package name or base +\fB\-\-depends\-on\fR \fI\,DEPENDS_ON\/\fR +only rebuild packages that depend on specified package - -.SH OPTIONS 'ahriman remove-unknown' -usage: ahriman remove-unknown [-h] [--dry-run] +.SH OPTIONS 'ahriman repo-remove-unknown' +usage: ahriman repo-remove-unknown [-h] [--dry-run] remove packages which are missing in AUR @@ -216,8 +462,18 @@ remove packages which are missing in AUR \fB\-\-dry\-run\fR just perform check for packages without removal -.SH OPTIONS 'ahriman report' -usage: ahriman report [-h] [target ...] +.SH OPTIONS 'ahriman remove-unknown' +usage: ahriman repo-remove-unknown [-h] [--dry-run] + +remove packages which are missing in AUR + + +.TP +\fB\-\-dry\-run\fR +just perform check for packages without removal + +.SH OPTIONS 'ahriman repo-report' +usage: ahriman repo-report [-h] [target ...] generate report @@ -226,19 +482,20 @@ generate report target to generate report -.SH OPTIONS 'ahriman search' -usage: ahriman search [-h] search [search ...] +.SH OPTIONS 'ahriman report' +usage: ahriman repo-report [-h] [target ...] -search for package in AUR using API +generate report .TP -\fBsearch\fR -search terms, can be specified multiple times +\fBtarget\fR +target to generate report -.SH OPTIONS 'ahriman setup' -usage: ahriman setup [-h] [--build-command BUILD_COMMAND] [--from-configuration FROM_CONFIGURATION] [--no-multilib] --packager PACKAGER --repository REPOSITORY [--sign-key SIGN_KEY] - [--sign-target {SignSettings.Packages,SignSettings.Repository}] [--web-port WEB_PORT] +.SH OPTIONS 'ahriman repo-setup' +usage: ahriman repo-setup [-h] [--build-command BUILD_COMMAND] [--from-configuration FROM_CONFIGURATION] [--no-multilib] + --packager PACKAGER --repository REPOSITORY [--sign-key SIGN_KEY] + [--sign-target {SignSettings.Packages,SignSettings.Repository}] [--web-port WEB_PORT] create initial service configuration, requires root @@ -275,8 +532,48 @@ sign options \fB\-\-web\-port\fR \fI\,WEB_PORT\/\fR port of the web service -.SH OPTIONS 'ahriman sign' -usage: ahriman sign [-h] [package ...] +.SH OPTIONS 'ahriman setup' +usage: ahriman repo-setup [-h] [--build-command BUILD_COMMAND] [--from-configuration FROM_CONFIGURATION] [--no-multilib] + --packager PACKAGER --repository REPOSITORY [--sign-key SIGN_KEY] + [--sign-target {SignSettings.Packages,SignSettings.Repository}] [--web-port WEB_PORT] + +create initial service configuration, requires root + + +.TP +\fB\-\-build\-command\fR \fI\,BUILD_COMMAND\/\fR +build command prefix + +.TP +\fB\-\-from\-configuration\fR \fI\,FROM_CONFIGURATION\/\fR +path to default devtools pacman configuration + +.TP +\fB\-\-no\-multilib\fR +do not add multilib repository + +.TP +\fB\-\-packager\fR \fI\,PACKAGER\/\fR +packager name and email + +.TP +\fB\-\-repository\fR \fI\,REPOSITORY\/\fR +repository name + +.TP +\fB\-\-sign\-key\fR \fI\,SIGN_KEY\/\fR +sign key id + +.TP +\fB\-\-sign\-target\fR {SignSettings.Packages,SignSettings.Repository} +sign options + +.TP +\fB\-\-web\-port\fR \fI\,WEB_PORT\/\fR +port of the web service + +.SH OPTIONS 'ahriman repo-sign' +usage: ahriman repo-sign [-h] [package ...] (re\-)sign packages and repository database @@ -285,42 +582,18 @@ usage: ahriman sign [-h] [package ...] sign only specified packages -.SH OPTIONS 'ahriman status' -usage: ahriman status [-h] [--ahriman] [--status {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success}] [package ...] +.SH OPTIONS 'ahriman sign' +usage: ahriman repo-sign [-h] [package ...] -request status of the package +(re\-)sign packages and repository database .TP \fBpackage\fR -filter status by package base +sign only specified packages -.TP -\fB\-\-ahriman\fR -get service status itself -.TP -\fB\-\-status\fR {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success} -filter packages by status - -.SH OPTIONS 'ahriman status-update' -usage: ahriman status-update [-h] [--status {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success}] [--remove] [package ...] - -request status of the package - -.TP -\fBpackage\fR -set status for specified packages. If no packages supplied, service status will be updated - -.TP -\fB\-\-status\fR {BuildStatusEnum.Unknown,BuildStatusEnum.Pending,BuildStatusEnum.Building,BuildStatusEnum.Failed,BuildStatusEnum.Success} -new status - -.TP -\fB\-\-remove\fR -remove package status page - -.SH OPTIONS 'ahriman sync' -usage: ahriman sync [-h] [target ...] +.SH OPTIONS 'ahriman repo-sync' +usage: ahriman repo-sync [-h] [target ...] sync packages to remote server @@ -329,8 +602,18 @@ sync packages to remote server target to sync -.SH OPTIONS 'ahriman update' -usage: ahriman update [-h] [--dry-run] [--no-aur] [--no-manual] [--no-vcs] [package ...] +.SH OPTIONS 'ahriman sync' +usage: ahriman repo-sync [-h] [target ...] + +sync packages to remote server + +.TP +\fBtarget\fR +target to sync + + +.SH OPTIONS 'ahriman repo-update' +usage: ahriman repo-update [-h] [--dry-run] [--no-aur] [--no-manual] [--no-vcs] [package ...] run updates @@ -354,10 +637,37 @@ do not include manual updates \fB\-\-no\-vcs\fR do not check VCS packages -.SH OPTIONS 'ahriman user' -usage: ahriman user [-h] [--as-service] [-a {UserAccess.Safe,UserAccess.Read,UserAccess.Write}] [--no-reload] [-p PASSWORD] [-r] [--secure] username +.SH OPTIONS 'ahriman update' +usage: ahriman repo-update [-h] [--dry-run] [--no-aur] [--no-manual] [--no-vcs] [package ...] -manage users for web services with password and role. In case if password was not entered it will be asked interactively +run updates + +.TP +\fBpackage\fR +filter check by package base + +.TP +\fB\-\-dry\-run\fR +just perform check for updates, same as check command + +.TP +\fB\-\-no\-aur\fR +do not check for AUR updates. Implies \-\-no\-vcs + +.TP +\fB\-\-no\-manual\fR +do not include manual updates + +.TP +\fB\-\-no\-vcs\fR +do not check VCS packages + +.SH OPTIONS 'ahriman user-add' +usage: ahriman user-add [-h] [--as-service] [--no-reload] [-p PASSWORD] + [-r {UserAccess.Safe,UserAccess.Read,UserAccess.Write}] [-s] + username + +update user for web services with the given password and role. In case if password was not entered it will be asked interactively .TP \fBusername\fR @@ -368,23 +678,37 @@ username for web service add user as service user .TP -\fB\-a\fR {UserAccess.Safe,UserAccess.Read,UserAccess.Write}, \fB\-\-access\fR {UserAccess.Safe,UserAccess.Read,UserAccess.Write} +\fB\-\-no\-reload\fR +do not reload authentication module + +.TP +\fB\-p\fR \fI\,PASSWORD\/\fR, \fB\-\-password\fR \fI\,PASSWORD\/\fR +user password. Blank password will be treated as empty password, which is in particular must be used for OAuth2 +authorization type. + +.TP +\fB\-r\fR {UserAccess.Safe,UserAccess.Read,UserAccess.Write}, \fB\-\-role\fR {UserAccess.Safe,UserAccess.Read,UserAccess.Write} user access level +.TP +\fB\-s\fR, \fB\-\-secure\fR +set file permissions to user\-only + +.SH OPTIONS 'ahriman user-remove' +usage: ahriman user-remove [-h] [--no-reload] [-s] username + +remove user from the user mapping and write the configuration + +.TP +\fBusername\fR +username for web service + .TP \fB\-\-no\-reload\fR do not reload authentication module .TP -\fB\-p\fR \fI\,PASSWORD\/\fR, \fB\-\-password\fR \fI\,PASSWORD\/\fR -user password - -.TP -\fB\-r\fR, \fB\-\-remove\fR -remove user from configuration - -.TP -\fB\-\-secure\fR +\fB\-s\fR, \fB\-\-secure\fR set file permissions to user\-only .SH OPTIONS 'ahriman web' diff --git a/docs/setup.md b/docs/setup.md index b302d977..c03c3f98 100644 --- a/docs/setup.md +++ b/docs/setup.md @@ -2,59 +2,66 @@ 1. Install package as usual. 2. Change settings if required, see [configuration reference](configuration.md) for more details. -3. Create `/var/lib/ahriman/.makepkg.conf` with `makepkg.conf` overrides if required (at least you might want to set `PACKAGER`): +3. TL;DR - ```shell - echo 'PACKAGER="John Doe "' | sudo -u ahriman tee -a /var/lib/ahriman/.makepkg.conf - ``` + ```shell + sudo -u ahriman ahriman -a x86_64 repo-init + sudo ahriman -a x86_64 repo-setup ... + ``` + + `repo-init` subcommand is required to create the repository tree with correct rights. `repo-setup` literally does the following steps: -4. Configure build tools (it is required for correct dependency management system): + 1. Create `/var/lib/ahriman/.makepkg.conf` with `makepkg.conf` overrides if required (at least you might want to set `PACKAGER`): - 1. Create build command, e.g. `ln -s /usr/bin/archbuild /usr/local/bin/ahriman-x86_64-build` (you can choose any name for command, basically it should be `{name}-{arch}-build`). - 2. Create configuration file, e.g. `cp /usr/share/devtools/pacman-{extra,ahriman}.conf` (same as previous `pacman-{name}.conf`). - 3. Change configuration file, add your own repository, add multilib repository etc; - 4. Set `build_command` option to point to your command. - 5. Configure `/etc/sudoers.d/ahriman` to allow running command without a password. + ```shell + echo 'PACKAGER="John Doe "' | sudo -u ahriman tee -a /var/lib/ahriman/.makepkg.conf + ``` - ```shell - ln -s /usr/bin/archbuild /usr/local/bin/ahriman-x86_64-build - cp /usr/share/devtools/pacman-{extra,ahriman}.conf + 2. Configure build tools (it is required for correct dependency management system): - echo '[multilib]' | tee -a /usr/share/devtools/pacman-ahriman.conf - echo 'Include = /etc/pacman.d/mirrorlist' | tee -a /usr/share/devtools/pacman-ahriman.conf + 1. Create build command, e.g. `ln -s /usr/bin/archbuild /usr/local/bin/ahriman-x86_64-build` (you can choose any name for command, basically it should be `{name}-{arch}-build`). + 2. Create configuration file, e.g. `cp /usr/share/devtools/pacman-{extra,ahriman}.conf` (same as previous `pacman-{name}.conf`). + 3. Change configuration file, add your own repository, add multilib repository etc; + 4. Set `build_command` option to point to your command. + 5. Configure `/etc/sudoers.d/ahriman` to allow running command without a password. - echo '[aur-clone]' | tee -a /usr/share/devtools/pacman-ahriman.conf - echo 'SigLevel = Optional TrustAll' | tee -a /usr/share/devtools/pacman-ahriman.conf - echo 'Server = file:///var/lib/ahriman/repository/$arch' | tee -a /usr/share/devtools/pacman-ahriman.conf + ```shell + ln -s /usr/bin/archbuild /usr/local/bin/ahriman-x86_64-build + cp /usr/share/devtools/pacman-{extra,ahriman}.conf - echo '[build]' | tee -a /etc/ahriman.ini.d/build.ini - echo 'build_command = ahriman-x86_64-build' | tee -a /etc/ahriman.ini.d/build.ini + echo '[multilib]' | tee -a /usr/share/devtools/pacman-ahriman.conf + echo 'Include = /etc/pacman.d/mirrorlist' | tee -a /usr/share/devtools/pacman-ahriman.conf - echo 'Cmnd_Alias CARCHBUILD_CMD = /usr/local/bin/ahriman-x86_64-build *' | tee -a /etc/sudoers.d/ahriman - echo 'ahriman ALL=(ALL) NOPASSWD: CARCHBUILD_CMD' | tee -a /etc/sudoers.d/ahriman - chmod 400 /etc/sudoers.d/ahriman - ``` + echo '[aur-clone]' | tee -a /usr/share/devtools/pacman-ahriman.conf + echo 'SigLevel = Optional TrustAll' | tee -a /usr/share/devtools/pacman-ahriman.conf + echo 'Server = file:///var/lib/ahriman/repository/$arch' | tee -a /usr/share/devtools/pacman-ahriman.conf -5. Start and enable `ahriman@.timer` via `systemctl`: + echo '[build]' | tee -a /etc/ahriman.ini.d/build.ini + echo 'build_command = ahriman-x86_64-build' | tee -a /etc/ahriman.ini.d/build.ini + + echo 'Cmnd_Alias CARCHBUILD_CMD = /usr/local/bin/ahriman-x86_64-build *' | tee -a /etc/sudoers.d/ahriman + echo 'ahriman ALL=(ALL) NOPASSWD: CARCHBUILD_CMD' | tee -a /etc/sudoers.d/ahriman + chmod 400 /etc/sudoers.d/ahriman + ``` + +4. Start and enable `ahriman@.timer` via `systemctl`: ```shell systemctl enable --now ahriman@x86_64.timer ``` -6. Start and enable status page: +5. Start and enable status page: ```shell systemctl enable --now ahriman-web@x86_64 ``` -7. Add packages by using `ahriman add {package}` command: +6. Add packages by using `ahriman package-add {package}` command: ```shell - sudo -u ahriman ahriman -a x86_64 add yay --now + sudo -u ahriman ahriman -a x86_64 package-add yay --now ``` -Note that initial service configuration can be done by running `ahriman setup` with specific arguments. - ## User creation -`create-user` subcommand is recommended for new user creation. \ No newline at end of file +`user-add` subcommand is recommended for new user creation. \ No newline at end of file diff --git a/package/archlinux/ahriman.tmpfiles b/package/archlinux/ahriman.tmpfiles index 1fd57a94..8ecb3e2a 100644 --- a/package/archlinux/ahriman.tmpfiles +++ b/package/archlinux/ahriman.tmpfiles @@ -1 +1,2 @@ +d /var/lib/ahriman 0755 ahriman ahriman d /var/log/ahriman 0755 ahriman ahriman \ No newline at end of file