Skip to content

Commit

Permalink
chore: cleanup deb/rpm support
Browse files Browse the repository at this point in the history
  • Loading branch information
tprasadtp committed Mar 17, 2024
1 parent a400e07 commit 236f871
Show file tree
Hide file tree
Showing 14 changed files with 111 additions and 309 deletions.
3 changes: 3 additions & 0 deletions .goreleaser.yml
Original file line number Diff line number Diff line change
Expand Up @@ -177,6 +177,9 @@ docker_manifests:
- 'ghcr.io/tprasadtp/protonvpn:{{ .Version }}-amd64'
- 'ghcr.io/tprasadtp/protonvpn:{{ .Version }}-arm64'

checksum:
disable: true

release:
mode: replace
prerelease: auto
Expand Down
7 changes: 4 additions & 3 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,11 @@ FROM base

# hadolint ignore=DL3008,DL3009
RUN --mount=type=tmpfs,target=/var/lib/apt/lists \
--mount=type=cache,sharing=private,target=/var/cache/apt \
--mount=type=tmpfs,target=/var/cache/apt \
apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install \
--yes \
--no-install-recommends \
--option 'Binary::apt::APT::Keep-Downloaded-Packages=true' \
ca-certificates \
netcat-openbsd \
curl \
Expand All @@ -33,4 +32,6 @@ COPY --chown=root:root --chmod=0755 protonwire /usr/bin/protonwire

RUN ln -s /usr/bin/protonwire /usr/bin/protonvpn

CMD [ "/usr/bin/protonwire", "connect", "--container" ]
ENTRYPOINT [ "/usr/bin/protonwire" ]

CMD [ "connect", "--container" ]
46 changes: 3 additions & 43 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ endif
export REPO_ROOT := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))

ifeq ($(SHELLCHECK_VERSION),)
SHELLCHECK_VERSION := v0.9.0
SHELLCHECK_VERSION := v0.10.0
endif

# Set default goal to help
Expand All @@ -28,6 +28,7 @@ shellcheck: ## Runs shellcheck
-v $(REPO_ROOT)/protonwire:/protonwire:ro \
koalaman/shellcheck:$(SHELLCHECK_VERSION) \
--color=always \
--extended-analysis=true \
/protonwire

.PHONY: docker
Expand Down Expand Up @@ -55,47 +56,6 @@ release: ## Build release
release-prod: ## Build release and publish
goreleaser release --clean

.PHONY: install
install: ## Install protonwire
@if [[ ! -e /etc/polkit-1/localauthority/10-vendor.d ]]; then install -g root -o root -m 755 -d /etc/polkit-1/localauthority/10-vendor.d; fi
install -g root -o root -m 644 systemd/polkit/protonwire.pkla /etc/polkit-1/localauthority/10-vendor.d/protonwire.pkla

@if [[ ! -e /etc/sysctl.d ]]; then install -g root -o root -m 755 -d /etc/sysctl.d; fi
install -g root -o root -m 644 systemd/sysctl.d/protonwire.conf /etc/sysctl.d/protonwire.conf

@if [[ ! -e /etc/systemd/system ]]; then install -g root -o root -m 755 -d /etc/systemd/system; fi
install -g root -o root -m 644 systemd/system/protonwire.service /etc/systemd/system/protonwire.service

@if [[ ! -e /etc/sysusers.d ]]; then install -g root -o root -m 755 -d /etc/sysusers.d; fi
install -g root -o root -m 644 systemd/sysusers.d/protonwire.conf /etc/sysusers.d/protonwire.conf

@if [[ ! -e /etc/tmpfiles.d ]]; then install -g root -o root -m 755 -d /etc/tmpfiles.d; fi
install -g root -o root -m 644 systemd/tmpfiles.d/protonwire.conf /etc/tmpfiles.d/protonwire.conf

@if [[ ! -e /usr/local/bin ]]; then install -g root -o root -m 755 -d /usr/local/bin; fi
install -g root -o root -m 755 protonwire /usr/local/bin/protonwire

@if [[ ! -e /usr/local/man/man1 ]]; then install -g root -o root -m 755 -d /usr/local/man/man1; fi
help2man --no-info --manual="ProtonWire - ProtonVPN Wireguard Client" ./protonwire | install -g root -o root -m 644 /dev/stdin /usr/local/man/man1/protonwire.1

systemd-sysusers protonwire.conf
/usr/lib/systemd/systemd-sysctl protonwire.conf
systemd-tmpfiles --create protonwire.conf
systemctl daemon-reload

.PHONY: uninstall
uninstall: ## Uninstall protonwire
protonwire disable-killswitch || true
systemctl disable --now protonwire || true
rm -f /etc/polkit-1/localauthority/10-vendor.d/protonwire.pkla
rm -f /etc/sysctl.d/protonwire.conf
rm -f /etc/systemd/system/protonwire.service
rm -f /etc/sysusers.d/protonwire.conf
rm -f /etc/tmpfiles.d/protonwire.conf
rm -f /usr/local/man/man1/protonwire.1
rm -f /usr/local/bin/protonwire
systemctl daemon-reload

.PHONY: clean
clean: ## clean
rm -rf $(REPO_ROOT)/dist/
Expand All @@ -104,4 +64,4 @@ clean: ## clean
.PHONY: update-readme
update-readme: ## Update README
sed -i '/<!--diana::dynamic:protonwire-help:begin-->/,/<!--diana::dynamic:protonwire-help:end-->/!b;//!d;/<!--diana::dynamic:protonwire-help:end-->/e echo "<pre>" && ./protonwire --help && echo "</pre>"' README.md
sed -i '/<!--diana::dynamic:protonwire-sample-compose-file:begin-->/,/<!--diana::dynamic:protonwire-sample-compose-file:end-->/!b;//!d;/<!--diana::dynamic:protonwire-sample-compose-file:end-->/e echo "\\\`\\\`\\\`yaml" && cat docs/examples/docker-compose-demo.yml && echo "\\\`\\\`\\\`"' README.md
sed -i '/<!--diana::dynamic:protonwire-sample-compose-file:begin-->/,/<!--diana::dynamic:protonwire-sample-compose-file:end-->/!b;//!d;/<!--diana::dynamic:protonwire-sample-compose-file:end-->/e echo "\\\`\\\`\\\`yaml" && cat docs/examples/docker/docker-compose.yml && echo "\\\`\\\`\\\`"' README.md
75 changes: 0 additions & 75 deletions docs/examples/container-protonwire-example-app.service

This file was deleted.

88 changes: 0 additions & 88 deletions docs/examples/container-protonwire.service

This file was deleted.

File renamed without changes.
1 change: 1 addition & 0 deletions docs/examples/podman/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
# Podman Systemd Examples
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,18 @@
Description=Example application using protonwire VPN container
Documentation=https://github.com/tprasadtp/protonvpn-docker

# Ensure protonwire container is started and healthy.
Requires=protonwire.service
After=protonwire.service

# If protonwire container is stopped, this will be stopped as well.
BindsTo=protonwire.service

[Container]
Pod=protonwire.pod
Image=docker.io/library/caddy:latest
Timezone=local
RunInit=true
Network=container:protonwire
Exec=caddy reverse-proxy --change-host-header --from :8000 --to https://ip.me:443

[Install]
Expand Down
63 changes: 63 additions & 0 deletions docs/examples/podman/protonwire.container
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
[Unit]
Description=ProtonVPN Container
Documentation=https://github.com/tprasadtp/protonvpn-docker

[Container]
# Enable protonwire itself to handle systemd readiness protocol.
# For podman 5.0 or later it might be tempting to use Notify=healthy
# but container also posts status information like connected server and
# exit IP which might be important.
Notify=true

# Container Name.
#
# Alternatively, pod can be used. But pod files are only supported on
# podman 5.0 or later and require using PodmanArgs as Sysctl is not
# recognized by the generator.
ContainerName=protonwire

# Runtime configuration
Image=ghcr.io/tprasadtp/protonwire:7
Timezone=local
RunInit=true

# Server Configuration.
Environment=PROTONVPN_SERVER=node-nl-03.protonvpn.net
Environment=KILL_SWITCH=1
Environment=DEBUG=1

# Private Key
#
# This MUST be created before enabling the service.
Secret=protonwire-private-key,mode=600

# Image specific extra permissions.
AddCapability=NET_ADMIN
Sysctl=net.ipv4.conf.all.rp_filter=2
Sysctl=net.ipv6.conf.all.disable_ipv6=1

# Mounts
Tmpfs=/tmp

# Healthcheck
HealthCmd=protonwire check --container --quiet
HealthInterval=2m
HealthRetries=3
HealthStartPeriod=30s
HealthTimeout=20s

# Ports
#
# This example only publishes a single port. port 8000 both on host and container.
# Add as many ports as your applications require.
#
# Try to setup a reverse proxy which understands podman/docker and only expose ports
# 443 and 80 (should redirect to 443). This ensures that you can reach hosted applications
# using reverse proxy without re-configuring protonwire container every time a new service
# is added. This is only a recommendation and not a requirement.
# Do note that binding to ports < 1024 may require additional work if running in rootless mode.
# See https://github.com/containers/podman/blob/master/rootless.md
PublishPort=8000

[Install]
WantedBy=default.target
40 changes: 0 additions & 40 deletions docs/examples/protonwire.container

This file was deleted.

Loading

0 comments on commit 236f871

Please sign in to comment.