Setting up a compile vserver
This document describes how to set up a new vserver for compilation of the official packages, with a buildozer sudo account for autobuilding a git branch.
There is a different page on Setting up a compile vserver for third party packages.
We will do the following:
- install the vserver guest
- install and configure openssh for remote access
- install the alpine-sdk
- create a buildozer user and give it sudo access
- copy the needed files from old buildozer
- set up autobuilding from git commit hooks
- A vserver host
- An IP address
- The private and public key for signing the packages
- An Alpine 1.9 vserver template
In this document we will use the following:
- Hostname: build-edge
- IP address: 10.65.67.12/24
- Context: 10012 (The vserver context can be anything, but it must be unique for the vserver host)
Creating the vserver guest
Create the guest from the template. Here the template was named template.tar.gz.
Configure the DNS resolving.
You might want share the
/var/cache/distfiles with other vserver hosts. To do so change the
/etc/vservers/buildozer/fstab: (whie there set up the /tmp size to 512 MB)
none /proc proc defaults 0 0 none /tmp tmpfs size=64m,mode=1777 0 0 none /dev/pts devpts gid=5,mode=620 0 0 none /run tmpfs size=1m,mode=0755 0 0 /vservers/.shared/distfiles /var/cache/distfiles none bind 0 0
Disable the single_ip feature (it breaks some perl module tests):
Start the vserver. If your vserver host is 64 bit you need the linux32 prefix.
Set up SSH for remote logins
Enter the guest (I could not enter on my arch linux host for some reason. I installed ssh from chroot, restarted the vserver guest with sshd, logged in via ssh and continued from there)
Set up the repositories so we can install packages
Install OpenSSH and the alpine-sdk
Set ListenAddress to the IP address of the guest
Also disable DNS incase you need to log in from a network without reverse DNS.
Make sshd start at boot
Exit the vserver and copy the
authorized_keys file so you can log in with ssh.
Restart the vserver guest and log in
Create user account with sudo access
Create user buildozer
Add the user to the groups wheel and abuild.
Enable sudo without password for everyone in wheel group.
Uncomment line for %wheel, save and exit.
# Same thing without a password %wheel ALL=(ALL) NOPASSWD: ALL
Copy the ssh keys and update the permissions
Now you should be able to log out and log in as buildozer
Copy files from old buildozer
We need the following from the old build server to do auto-building.
- abuild signing keys
- previously build packages (saves you from rebuilding alot)
- misc scripts to do the autobuilding
Make sure you are logged out from you vserver guest and copy the needed files. In this case we just create hardlinks to save some time and space.
(if you dont have any previous buildozer you might want to log in as buildozer and run abuild-keygen -i -a to generate signing keys)
Sometimes you may wish to perform an archive-wide rebuild, such as when creating a new buildozer for a previously unreleased branch. In that case, instead of performing the above copy, do:
- Either copy /home/buildozer/.abuild from an existing buildozer (to key signing keys) or create a new one using abuild-keys -i -a
- mkdir /home/packages/main
- mkdir -p /home/packages/main/x86_64
- mkdir -p /home/packages/testing/x86_64
Log in as buildozer and make sure that the ownership is correct for those files.
Set up the auto building
The idea with the autobuilding is that we have a git hook on the public git server that posts a message on IRC. the build server has a user logged on the IRC channel, pick up the commit messages and runs a rebuild of the repositories. We use sircbot for this.
Install sircbot on the build server
Edit the /etc/conf.d/sircbot:
sircbot_user=buildozer sircbot_group=buildozer sircbot_channels="#alpine-devel" sircbot_opts="-n build-edge"
We also need a hook that picks up the notifications for rebuilds. This is /etc/sircbot.d/#alpine-devel/update-repos that we get from git:
This should create the following scripts (if they aren't present, copy from /home/buildozer/autobuilder/):
Feel free to customize the logurl variable in the update-repos script (line 15) to point to your buildbox. This is the link that sircbot will send on build failure.
Create an /etc/autobuilder.conf with the correct git_branch and upload release dir:
Fix permissions on some dirs:
Setting up abuild
In /etc/abuild.conf set:
SRCDEST=/var/cache/distfiles PACKAGER="Buildozer <firstname.lastname@example.org>"
Also double-check that CARCH is set correctly for your build-server.
Then it should just be to log on to the build-edge clone the repo and start building
Setting periodic cleanup
It might be an idea to delete the src and pkg subdirs used when building after a week. Create /etc/periodic/daily/clean-aports with the following contents:
#!/bin/sh aports=/home/bulidozer/aports find $aports -maxdepth 3 -type d \( -name src -o -name pkg \) -mtime +7 \ | xargs rm -r
Make it executable
Make sure cron runs.