Alpine Linux - User contributions [en]

Include:Abuild-keygen

2021-02-19T05:46:21Z

EvanCarroll:

For abuild a public/private rsa key pair is needed. <tt>abuild-keygen</tt> does the generation of those keys for you.

{{Cmd|abuild-keygen -a -i}}

'''abuild-keygen options'''

* '''-a''' Set PACKAGER_PRIVKEY=<generated key> in abuild.conf
* '''-i''' Install public key into /etc/apk/keys using sudo
* '''-h''' Show this help
* '''-n''' Non-interactive. Use defaults
* '''-q''' Quiet mode

==== Creating keys manually ====

In older versions of Alpine, we had to manually create keys for signing packages and indexes. This explains how. Nowadays you can just use <code>abuild-keygen</code>.

Since the public key needs to be unique for each developer, the email address should be used as name for the public key.

Create the private key:
{{cmd|openssl genrsa -out ''emailaddress.priv'' 2048}}

{{tip|Append ''-aes256'' if you want it encrypted, but then you'll need to enter the password for every package you sign}}

Create the public key:
{{cmd|openssl rsa -in ''emailaddress.priv'' -pubout -out /etc/apk/keys/''emailaddress''}}

The public key should be distributed and installed into {{Path|/etc/apk/keys}} on the alpine box that will install the packages. The private key, when created by <code>abuild</code>, is installed into {{Path|~/.abuild/$something.rsa}}. This basically means that the main developer's public keys should be in {{Path|/etc/apk/keys}} on all Alpine boxes.

[[Category:Development]]

Include:Abuild-keygen

2021-02-19T05:45:41Z

EvanCarroll: added note about the default for private key

For abuild a public/private rsa key pair is needed. <tt>abuild-keygen</tt> does the generation of those keys for you.

{{Cmd|abuild-keygen -a -i}}

'''abuild-keygen options'''

* '''-a''' Set PACKAGER_PRIVKEY=<generated key> in abuild.conf
* '''-i''' Install public key into /etc/apk/keys using sudo
* '''-h''' Show this help
* '''-n''' Non-interactive. Use defaults
* '''-q''' Quiet mode

==== Creating keys manually ====

In older versions of Alpine, we had to manually create keys for signing packages and indexes. This explains how. Nowadays you can just use <code>abuild-keygen</code>.

Since the public key needs to be unique for each developer, the email address should be used as name for the public key.

Create the private key:
{{cmd|openssl genrsa -out ''emailaddress.priv'' 2048}}

{{tip|Append ''-aes256'' if you want it encrypted, but then you'll need to enter the password for every package you sign}}

Create the public key:
{{cmd|openssl rsa -in ''emailaddress.priv'' -pubout -out /etc/apk/keys/''emailaddress''}}

The public key should be distributed and installed into {{Path|/etc/apk/keys}} on the alpine box that will install the packages. The private key, when created by {{cmd|abuild}}, is installed into {{Path|~/.abuild/$something.rsa}}. This basically means that the main developer's public keys should be in {{Path|/etc/apk/keys}} on all Alpine boxes.

[[Category:Development]]

Include:Setup your system and account for building packages

2021-02-18T19:37:12Z

EvanCarroll: That's what sudo -e is for.

The {{Pkg|alpine-sdk}} is a metapackage that pulls in the most essential packages used to build new packages. Install those packages now:

{{Cmd|apk add alpine-sdk sudo}}

This would be a good time to create a normal user account for you to work in. (You weren't going to develop as root now, were you!) To create the user:

{{Cmd|adduser <yourusername>}}

To make life easier later, it's a good idea to add this user to {{Path|/etc/sudoers}}. Append the line

<yourusername> ALL=(ALL) ALL

using the command:

{{Cmd|visudo}}

Now logout of the root account, and login as <yourusername>. From here on everything can be done in a normal user account, and operations that require superuser privileges can be done with sudo.

The [[Aports_tree|aports tree]] is in git so before we clone the it, let's configure git.

{{Cmd|git config --global user.name "Your Full Name"
git config --global user.email "your@email.address"}}

Read carefully [[Development using git]] to grasp basic Git operations and how to configure for sending email patches.

Now we can clone the [[Aports_tree|aports tree]].

{{Cmd|git clone https://gitlab.alpinelinux.org/alpine/aports}}

Before we start creating or modifying [[APKBUILD_Reference|APKBUILD]] files, we need to setup abuild for our system and user. Edit the file {{Path|abuild.conf}} to your requirements:

{{Cmd|sudo -e /etc/abuild.conf}}

Most of the defaults can be left alone, unless you are developing for a custom platform, in which case the comments in the file should guide you. The one field to edit is PACKAGER, so that you can get credit (or blame) for packages you create.

To use 'abuild -r' command to install dependency packages automatically.
{{Cmd|sudo addgroup <yourusername> abuild}}

We also need to prepare the location where the build process caches files when they are downloaded. By default this is {{Path|/var/cache/distfiles/}}. To create this directory and ensure that it is writeable, enter the following commands:

{{Cmd|sudo mkdir -p /var/cache/distfiles
sudo chmod a+w /var/cache/distfiles}}

As an alternative to the second command, you can add yourself to the abuild group:

{{Cmd|sudo chgrp abuild /var/cache/distfiles
sudo chmod g+w /var/cache/distfiles}}

{{Note|Remember to logout and login again for the group change to have effect.}}

The last step is to configure the security keys with the [[Abuild-keygen|abuild-keygen]] script for [[Abuild|abuild]] with the command:

{{Cmd|abuild-keygen -a -i}}

[[Category:Development]]