Skip to content

Commit

Permalink
Merge branch 'zrok_copy_p1' of github.com:openziti/zrok into zrok_cop…
Browse files Browse the repository at this point in the history 
…y_p1
  • Loading branch information
@michaelquigley
michaelquigley committed Nov 27, 2023
2 parents ac4b5b9 + 92d751b commit 3f817de
Show file tree
Hide file tree
Showing 17 changed files with 727 additions and 29 deletions.
77 changes: 77 additions & 0 deletions .goreleaser-linux-arm64.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,3 +57,80 @@ nfpms:
- src: /opt/openziti/bin/zrok
dst: /usr/bin/zrok
type: "symlink"

- package_name: zrok-share
id: zrok-share
vendor: NetFoundry
homepage: https://zrok.io/
maintainer: [email protected]
description: |-
This package provides zrok-share.service. To enable, edit the "/opt/openziti/etc/zrok/zrok-share.env" file with the
desired target for sharing, and run "systemctl enable --now zrok-share.service".
license: Apache 2.0

# do not bundle the built binaries, only supporting files
meta: true

# Formats to be generated.
formats:
- deb
- rpm

# {{ .ConventionalFileName }} satisfies the RPM name convention.
file_name_template: "{{ .ConventionalFileName }}"

# Umask to be used on files without explicit mode set. (overridable)
umask: 0o002

# Package version within this release version.
release: 1

# Section.
section: default

# Priority.
priority: optional

# GoReleaser will automatically add the binaries here
dependencies:
- zrok

# this allows users to satisfy the requirement for jq another way, not with the package manager, e.g.
# apt install --no-recommends zrok-share
recommends:
- jq

overrides:
# yum and dnf do not automatically install "weak deps" aka "recommends", so we need to add them as a dependency
rpm:
dependencies:
- zrok
- jq

# Contents to add to the package.
contents:
- dst: /lib/systemd/system/
src: ./nfpm/zrok-share.service

- dst: /opt/openziti/etc/zrok
type: dir
file_info:
mode: 0755

- dst: /opt/openziti/bin/
src: ./nfpm/zrok-share.bash
file_info:
mode: 0755

- dst: /opt/openziti/bin/
src: ./nfpm/zrok-enable.bash
file_info:
mode: 0755

- dst: /opt/openziti/etc/zrok/
src: ./nfpm/zrok-share.env
type: config|noreplace

- dst: /opt/openziti/etc/zrok/
src: ./etc/caddy/multiple_upstream.Caddyfile
type: config|noreplace
77 changes: 77 additions & 0 deletions .goreleaser-linux-armhf.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,3 +57,80 @@ nfpms:
- src: /opt/openziti/bin/zrok
dst: /usr/bin/zrok
type: "symlink"

- package_name: zrok-share
id: zrok-share
vendor: NetFoundry
homepage: https://zrok.io/
maintainer: [email protected]
description: |-
This package provides zrok-share.service. To enable, edit the "/opt/openziti/etc/zrok/zrok-share.env" file with the
desired target for sharing, and run "systemctl enable --now zrok-share.service".
license: Apache 2.0

# do not bundle the built binaries, only supporting files
meta: true

# Formats to be generated.
formats:
- deb
- rpm

# {{ .ConventionalFileName }} satisfies the RPM name convention.
file_name_template: "{{ .ConventionalFileName }}"

# Umask to be used on files without explicit mode set. (overridable)
umask: 0o002

# Package version within this release version.
release: 1

# Section.
section: default

# Priority.
priority: optional

# GoReleaser will automatically add the binaries here
dependencies:
- zrok

# this allows users to satisfy the requirement for jq another way, not with the package manager, e.g.
# apt install --no-recommends zrok-share
recommends:
- jq

overrides:
# yum and dnf do not automatically install "weak deps" aka "recommends", so we need to add them as a dependency
rpm:
dependencies:
- zrok
- jq

# Contents to add to the package.
contents:
- dst: /lib/systemd/system/
src: ./nfpm/zrok-share.service

- dst: /opt/openziti/etc/zrok
type: dir
file_info:
mode: 0755

- dst: /opt/openziti/bin/
src: ./nfpm/zrok-share.bash
file_info:
mode: 0755

- dst: /opt/openziti/bin/
src: ./nfpm/zrok-enable.bash
file_info:
mode: 0755

- dst: /opt/openziti/etc/zrok/
src: ./nfpm/zrok-share.env
type: config|noreplace

- dst: /opt/openziti/etc/zrok/
src: ./etc/caddy/multiple_upstream.Caddyfile
type: config|noreplace
77 changes: 77 additions & 0 deletions .goreleaser-linux.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,3 +53,80 @@ nfpms:
- src: /opt/openziti/bin/zrok
dst: /usr/bin/zrok
type: "symlink"

- package_name: zrok-share
id: zrok-share
vendor: NetFoundry
homepage: https://zrok.io/
maintainer: [email protected]
description: |-
This package provides zrok-share.service. To enable, edit the "/opt/openziti/etc/zrok/zrok-share.env" file with the
desired target for sharing, and run "systemctl enable --now zrok-share.service".
license: Apache 2.0

# do not bundle the built binaries, only supporting files
meta: true

# Formats to be generated.
formats:
- deb
- rpm

# {{ .ConventionalFileName }} satisfies the RPM name convention.
file_name_template: "{{ .ConventionalFileName }}"

# Umask to be used on files without explicit mode set. (overridable)
umask: 0o002

# Package version within this release version.
release: 1

# Section.
section: default

# Priority.
priority: optional

# GoReleaser will automatically add the binaries here
dependencies:
- zrok

# this allows users to satisfy the requirement for jq another way, not with the package manager, e.g.
# apt install --no-recommends zrok-share
recommends:
- jq

overrides:
# yum and dnf do not automatically install "weak deps" aka "recommends", so we need to add them as a dependency
rpm:
dependencies:
- zrok
- jq

# Contents to add to the package.
contents:
- dst: /lib/systemd/system/
src: ./nfpm/zrok-share.service

- dst: /opt/openziti/etc/zrok
type: dir
file_info:
mode: 0755

- dst: /opt/openziti/bin/
src: ./nfpm/zrok-share.bash
file_info:
mode: 0755

- dst: /opt/openziti/bin/
src: ./nfpm/zrok-enable.bash
file_info:
mode: 0755

- dst: /opt/openziti/etc/zrok/
src: ./nfpm/zrok-share.env
type: config|noreplace

- dst: /opt/openziti/etc/zrok/
src: ./etc/caddy/multiple_upstream.Caddyfile
type: config|noreplace
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
# CHANGELOG

## v0.4.16

FEATURE: Publish Linux packages for `zrok` CLI and a systemd service for running a reserved public share (`zrok-share`).

## v0.4.15

CHANGE: Updated the code signing and notarization process for macos binaries. The previous release process used the `gon` utility to handle both code signing and notarization. Apple changed the requirements and the `gon` utility no longer properly functions as of 2023-11-01. The `goreleaser` process has been adjusted to use the `notarytool` utility that ships with XCode to sign and notarize the binary (https://github.com/openziti/zrok/issues/435)
Expand Down
2 changes: 1 addition & 1 deletion docker/compose/zrok-private-share/compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ services:

zrok-share:
image: ${ZROK_CONTAINER_IMAGE:-docker.io/openziti/zrok}
command: share private --headless --backend-mode proxy ${ZROK_BACKEND:-http://zrok-test:9090/}
command: share private --headless --backend-mode proxy ${ZROK_TARGET:-http://zrok-test:9090/}
depends_on:
zrok-enable:
condition: service_completed_successfully
Expand Down
28 changes: 14 additions & 14 deletions docker/compose/zrok-public-reserved/compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ services:
- sh
- -euc
- |
ZROK_UPSTREAM_URL="${ZROK_BACKEND:-http://zrok-test:9090}"
ZROK_UPSTREAM_URL="${ZROK_TARGET:-http://zrok-test:9090}"
ZROK_UPSTREAM_HOST="$(echo $${ZROK_UPSTREAM_URL}|sed -E 's#^https?://([^/:]+).*#\1#')"
mkdir -p /mnt/.zrok
cat <<CADDYFILE >| /mnt/.zrok/Caddyfile
Expand Down Expand Up @@ -90,12 +90,12 @@ services:
- -euc
- |
if [[ -s ~/.zrok/reserved.json ]]; then
ZROK_RESERVE_TOKEN="$(jq '.token' ~/.zrok/reserved.json 2>/dev/null)"
if [[ -z "$${ZROK_RESERVE_TOKEN}" || "$${ZROK_RESERVE_TOKEN}" == null ]]; then
ZROK_RESERVED_TOKEN="$(jq '.token' ~/.zrok/reserved.json 2>/dev/null)"
if [[ -z "$${ZROK_RESERVED_TOKEN}" || "$${ZROK_RESERVED_TOKEN}" == null ]]; then
echo "ERROR: invalid reserved.json: $(jq -c . ~/.zrok/reserved.json)" >&2
exit 1
else
echo "INFO: zrok backend is already reserved: $${ZROK_RESERVE_TOKEN}"
else
echo "INFO: zrok backend is already reserved: $${ZROK_RESERVED_TOKEN}"
exit 0
fi
else
Expand All @@ -108,7 +108,7 @@ services:
ZROK_CMD+=" --oauth-provider ${ZROK_OAUTH_PROVIDER}"
fi
if [[ -n "${ZROK_BACKEND_MODE:-}" && "${ZROK_BACKEND_MODE}" != caddy ]]; then
ZROK_CMD+=" --backend-mode ${ZROK_BACKEND_MODE} ${ZROK_BACKEND:-http://zrok-test:9090}"
ZROK_CMD+=" --backend-mode ${ZROK_BACKEND_MODE} ${ZROK_TARGET:-http://zrok-test:9090}"
else
ZROK_CMD+=" --backend-mode caddy /mnt/.zrok/Caddyfile"
fi
Expand Down Expand Up @@ -138,21 +138,21 @@ services:
if [[ -z "$${ZROK_PUBLIC_URLS}" || "$${ZROK_PUBLIC_URLS}" == null ]]; then
echo "ERROR: frontend endpoints not defined" >&2
exit 1
else
else
echo "INFO: zrok public URLs: $${ZROK_PUBLIC_URLS}"
fi
ZROK_RESERVE_TOKEN=$(jq -r '.token' ~/.zrok/reserved.json 2>/dev/null)
if [[ -z "$${ZROK_RESERVE_TOKEN}" && "$${ZROK_RESERVE_TOKEN}" == null ]]; then
ZROK_RESERVED_TOKEN=$(jq -r '.token' ~/.zrok/reserved.json 2>/dev/null)
if [[ -z "$${ZROK_RESERVED_TOKEN}" && "$${ZROK_RESERVED_TOKEN}" == null ]]; then
echo "ERROR: zrok reservation token not defined" >&2
exit 1
else
echo "INFO: zrok reservation token: $${ZROK_RESERVE_TOKEN}"
else
echo "INFO: zrok reservation token: $${ZROK_RESERVED_TOKEN}"
fi
echo "INFO: running: zrok $${@} $${ZROK_RESERVE_TOKEN}"
exec zrok "$${@}" $${ZROK_RESERVE_TOKEN}
echo "INFO: running: zrok $${@} $${ZROK_RESERVED_TOKEN}"
exec zrok "$${@}" $${ZROK_RESERVED_TOKEN}
fi
command: -- share reserved --headless
command: -- share reserved --headless
depends_on:
zrok-reserve:
condition: service_completed_successfully
Expand Down
2 changes: 1 addition & 1 deletion docker/compose/zrok-public-share/compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ services:
if [[ -n "${ZROK_OAUTH_PROVIDER:-}" ]]; then
ZROK_CMD+=" --oauth-provider ${ZROK_OAUTH_PROVIDER}"
fi
ZROK_CMD+=" --backend-mode proxy ${ZROK_BACKEND:-http://zrok-test:9090/}"
ZROK_CMD+=" --backend-mode proxy ${ZROK_TARGET:-http://zrok-test:9090/}"
echo "INFO: running: zrok $${ZROK_CMD}"
exec zrok $${ZROK_CMD}
depends_on:
Expand Down
4 changes: 2 additions & 2 deletions docs/guides/docker-share/docker_public_share_guide.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,10 +54,10 @@ This concludes sharing the demo web server. Read on to learn how to pivot to sha

## Proxy Any Web Server

The simplest way to share your web server is to set `ZROK_BACKEND` (e.g. `https://example.com`) in the environment of the `docker compose up` command. When you restart the share will auto-configure for that upstream server URL. This applies to both temporary and reserved public shares.
The simplest way to share your web server is to set `ZROK_TARGET` (e.g. `https://example.com`) in the environment of the `docker compose up` command. When you restart the share will auto-configure for that upstream server URL. This applies to both temporary and reserved public shares.

```bash title=".env"
ZROK_BACKEND="http://example.com:8080"
ZROK_TARGET="http://example.com:8080"
```

## Require Authentication
Expand Down
Loading

0 comments on commit 3f817de

Please sign in to comment.