commit containers-systemd for openSUSE:Factory

root Fri, 28 Aug 2020 12:21:32 -0700

Hello community,

here is the log from the commit of package containers-systemd for 
openSUSE:Factory checked in at 2020-08-28 21:19:09
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/containers-systemd (Old)
 and      /work/SRC/openSUSE:Factory/.containers-systemd.new.3399 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "containers-systemd"

Fri Aug 28 21:19:09 2020 rev:13 rq:830274 version:0.0+git20200828.7cc6e97

Changes:
--------
--- /work/SRC/openSUSE:Factory/containers-systemd/containers-systemd.changes    
2020-06-05 20:02:24.520372503 +0200
+++ 
/work/SRC/openSUSE:Factory/.containers-systemd.new.3399/containers-systemd.changes
  2020-08-28 21:21:13.740320352 +0200
@@ -1,0 +2,19 @@
+Fri Aug 28 12:27:44 UTC 2020 - ku...@suse.com
+
+- Update to version 0.0+git20200828.7cc6e97:
+  * Add support for postfix container
+
+-------------------------------------------------------------------
+Tue Aug 25 11:50:22 UTC 2020 - ku...@suse.com
+
+- Update to version 0.0+git20200825.e6c35ce:
+  * Allow extra args for podman for the ldap container
+
+-------------------------------------------------------------------
+Mon Aug 24 14:16:49 UTC 2020 - ku...@suse.com
+
+- Update to version 0.0+git20200824.8ed78c3:
+  * New files to support OpenLDAP
+  * Adjust documentation
+
+-------------------------------------------------------------------

Old:
----
  containers-systemd-0.0+git20200602.25da9c0.tar.xz

New:
----
  containers-systemd-0.0+git20200828.7cc6e97.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ containers-systemd.spec ++++++
--- /var/tmp/diff_new_pack.sQsm6p/_old  2020-08-28 21:21:15.512321211 +0200
+++ /var/tmp/diff_new_pack.sQsm6p/_new  2020-08-28 21:21:15.512321211 +0200
@@ -16,8 +16,8 @@
 #
 
 
-%define containers bind dhcp-server haproxy mariadb nginx squid
-%define container_services container-bind.service 
container-dhcp-server.service container-dhcp6-server.service 
container-haproxy.service container-mariadb.service container-nginx.service 
container-image-prune.timer squid.service
+%define containers bind dhcp-server haproxy mariadb nginx openldap postfix 
squid
+%define container_services container-bind.service 
container-dhcp-server.service container-dhcp6-server.service 
container-haproxy.service container-mariadb.service container-nginx.service 
container-openldap.service container-postfix.service container-squid.service 
container-image-prune.timer
 
 %if %{undefined service_del_postun_without_restart}
 %define service_del_postun_without_restart() \
@@ -26,7 +26,7 @@
 %endif
 
 Name:           containers-systemd
-Version:        0.0+git20200602.25da9c0
+Version:        0.0+git20200828.7cc6e97
 Release:        0
 Summary:        Systemd service files and config files for openSUSE container
 License:        MIT
@@ -65,6 +65,14 @@
 for i in MYSQL_ROOT_PASSWORD MYSQL_ROOT_HOST MYSQL_DATABASE MYSQL_USER 
MYSQL_PASSWORD; do
   touch %{buildroot}%{_sysconfdir}/mariadb-secrets/$i
 done
+mkdir -p %{buildroot}%{_sysconfdir}/openldap-secrets
+for i in LDAP_ADMIN_PASSWORD LDAP_CONFIG_PASSWORD; do
+  touch %{buildroot}%{_sysconfdir}/openldap-secrets/$i
+done
+mkdir -p %{buildroot}%{_sysconfdir}/postfix-secrets
+for i in SMTP_PASSWORD LDAP_MAIL_READER_PASSWORD; do
+  touch %{buildroot}%{_sysconfdir}/postfix-secrets/$i
+done
 
 %pre
 %service_add_pre %{container_services}
@@ -110,6 +118,20 @@
 %{_distconfdir}/default/container-nginx
 %{_sbindir}/rccontainer-nginx
 %ghost %dir /srv/nginx
+%{_unitdir}/container-openldap.service
+%{_distconfdir}/default/container-openldap
+%{_sbindir}/rccontainer-openldap
+%ghost %dir /srv/openldap
+%dir %attr(0700,root,root) %{_sysconfdir}/openldap-secrets
+%config(noreplace) %attr(0600,root,root) 
%{_sysconfdir}/openldap-secrets/LDAP_ADMIN_PASSWORD
+%config(noreplace) %attr(0600,root,root) 
%{_sysconfdir}/openldap-secrets/LDAP_CONFIG_PASSWORD
+%{_unitdir}/container-postfix.service
+%{_distconfdir}/default/container-postfix
+%{_sbindir}/rccontainer-postfix
+%ghost %dir /srv/postfix
+%dir %attr(0700,root,root) %{_sysconfdir}/postfix-secrets
+%config(noreplace) %attr(0600,root,root) 
%{_sysconfdir}/postfix-secrets/SMTP_PASSWORD
+%config(noreplace) %attr(0600,root,root) 
%{_sysconfdir}/postfix-secrets/LDAP_MAIL_READER_PASSWORD
 %{_unitdir}/container-squid.service
 %{_distconfdir}/default/container-squid
 %{_sbindir}/rccontainer-squid

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.sQsm6p/_old  2020-08-28 21:21:15.556321233 +0200
+++ /var/tmp/diff_new_pack.sQsm6p/_new  2020-08-28 21:21:15.556321233 +0200
@@ -1,5 +1,5 @@
 <servicedata>
   <service name="tar_scm">
     <param 
name="url">git://github.com/kubic-project/containers-systemd.git</param>
- <param 
name="changesrevision">25da9c0a7b741f97a2bac78dfa3891206b26afe0</param></service>
+ <param 
name="changesrevision">7cc6e97636ca821a55550cda96ecbb8b5be188c4</param></service>
 </servicedata>
\ No newline at end of file

++++++ containers-systemd-0.0+git20200602.25da9c0.tar.xz -> 
containers-systemd-0.0+git20200828.7cc6e97.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/containers-systemd-0.0+git20200602.25da9c0/README.md 
new/containers-systemd-0.0+git20200828.7cc6e97/README.md
--- old/containers-systemd-0.0+git20200602.25da9c0/README.md    2020-06-02 
14:43:14.000000000 +0200
+++ new/containers-systemd-0.0+git20200828.7cc6e97/README.md    2020-08-28 
14:26:37.000000000 +0200
@@ -10,6 +10,7 @@
   * haproxy
   * mariadb
   * nginx
+  * openldap
   * squid
 
 Additional, there is the `container-image-prune.timer` to cleanup
@@ -17,20 +18,24 @@
 
 ## bind
 
-  * /etc/sysconfig/container-bind contains generic settings
+  * /usr/etc/default/container-bind contains generic settings
+  * /etc/default/container-bind is for the admin to overwrite them
 
 ## dhcp-server/dhcp6-server
 
-  * /etc/sysconfig/container-dhcp contains generic settings for the dhcpd4 and 
dhcpd6 daemons. It is required to set DHCPD_INTERFACES. During the first start, 
example ${CONFIG_DIR}/dhcpd.conf or ${CONFIG_DIR}/dhcpd6.conf are created.
+  * /usr/etc/default/container-dhcp contains generic settings for the dhcpd4 
and dhcpd6 daemons. It is required to set DHCPD_INTERFACES. During the first 
start, example ${CONFIG_DIR}/dhcpd.conf or ${CONFIG_DIR}/dhcpd6.conf are 
created.
+  * /etc/default/container-dhcp is for the admin to overwrite them
 
 ## haproxy
 
-  * /etc/sysconfig/container-haproxy contains generic settings
+  * /usr/etc/default/container-haproxy contains generic settings
+  * /etc/default/container-haproxy is for the admin to overwrite them
 
 ## mariadb
 
-  * /etc/sysconfig/container-mariadb contains generic settings
-  * /etc/mariadb-secrets contain files for the first start to setup the 
mariadb database and can be changed via SECRETS_DIR in the 
/etc/sysconfig/container-mariadb file. They are only read if mariadb needs to 
initialize the data the first time. They should not be readable and deleted 
after the initialization was successfull, so that nobody can steal them.
+  * /usr/etc/default/container-mariadb contains generic settings
+  * /etc/default/container-mariadb is for the admin to overwrite them
+  * /etc/mariadb-secrets contain files for the first start to setup the 
mariadb database and can be changed via SECRETS_DIR in the 
/etc/default/container-mariadb file. They are only read if mariadb needs to 
initialize the data the first time. They should not be readable and deleted 
after the initialization was successfull, so that nobody can steal them.
     * ${SECRETS_DIR}/MYSQL_ROOT_PASSWORD (required)
     * ${SECRETS_DIR}/MYSQL_ROOT_HOST
     * ${SECRETS_DIR}/MYSQL_DATABASE
@@ -39,9 +44,25 @@
 
 ## nginx
 
-  * /etc/sysconfig/container-nginx contains generic settings
+  * /usr/etc/default/container-nginx contains generic settings
+  * /etc/default/container-nginx is for the admin to overwrite them
+
+## openldap
+
+  * /usr/etc/default/container-openldap contains generic settings
+  * /etc/default/container-openldap is for the admin to overwrite them
+  * /etc/openldap-secrets contain files for the first start to setup the 
openldap database and can be changed via SECRETS_DIR in the 
/etc/default/container-openldap file. They are only read if database needs to 
be initialized the first time. They should not be readable and deleted after 
the initialization was successfull, so that nobody can steal them.
+    * ${SECRETS_DIR}/LDAP_ADMIN_PASSWORD (required)
+    * ${SECRETS_DIR}/LDAP_CONFIG_PASSWORD (required)
+
+## postfix
+
+  * /usr/etc/default/container-postfix contains generic settings
+  * /etc/default/container-postfix is for the admin to overwrite them
 
 ## squid
 
- * /etc/sysconfig/container-squid contains generic settings
+  * /usr/etc/default/container-squid contains generic settings
+  * /etc/default/container-squid is for the admin to overwrite them
+
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/containers-systemd-0.0+git20200602.25da9c0/container-openldap.default 
new/containers-systemd-0.0+git20200828.7cc6e97/container-openldap.default
--- old/containers-systemd-0.0+git20200602.25da9c0/container-openldap.default   
1970-01-01 01:00:00.000000000 +0100
+++ new/containers-systemd-0.0+git20200828.7cc6e97/container-openldap.default   
2020-08-28 14:26:37.000000000 +0200
@@ -0,0 +1,25 @@
+# Variables of this file can be overwritten with
+# /etc/default/container-openldap
+
+# Name of the image path to pull the openldap image from
+OPENLDAP_IMAGE_PATH=registry.opensuse.org/opensuse/openldap:latest
+
+# Name of the path where the database will be stored
+LDAP_DB_DIR="/srv/openldap/db"
+
+# Name of the path where slapd will stores it configuration
+LDAP_ETC_DIR="/srv/openldap/slapd.d"
+
+# Directory, where certificates can be found or self signed
+# autogenerated certificates will be stored
+LDAP_CERTS_DIR="/srv/openldap/certs"
+
+# Name of the path where the files with the passwords for
+# LDAP_ADMIN_PASSWORD and LDAP_CONFIG_PASSWORD can be found. The file
+# names needs to be the ones of the variable names and should not
+# be readable for anybody else.
+SECRETS_DIR="/etc/openldap-secrets"
+
+# Extra arguments for podman to start the container
+# This can e.g. be the hostname: "--hostname <host.domain>"
+PODMAN_EXTRA_ARGS=""
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/containers-systemd-0.0+git20200602.25da9c0/container-openldap.service 
new/containers-systemd-0.0+git20200828.7cc6e97/container-openldap.service
--- old/containers-systemd-0.0+git20200602.25da9c0/container-openldap.service   
1970-01-01 01:00:00.000000000 +0100
+++ new/containers-systemd-0.0+git20200828.7cc6e97/container-openldap.service   
2020-08-28 14:26:37.000000000 +0200
@@ -0,0 +1,21 @@
+[Unit]
+Description=openSUSE OpenLDAP container
+Documentation=https://build.opensuse.org/package/show/openSUSE:Factory/opensuse-openldap-image
+After=network-online.target
+
+[Service]
+Restart=on-failure
+EnvironmentFile=/usr/etc/default/container-openldap
+EnvironmentFile=-/etc/default/container-openldap
+ExecStartPre=-/usr/bin/mkdir -p ${LDAP_DB_DIR} ${LDAP_ETC_DIR} 
${LDAP_CERTS_DIR}
+ExecStartPre=-/usr/bin/podman stop openldap
+ExecStartPre=-/usr/bin/podman rm openldap
+ExecStartPre=-/usr/bin/podman pull ${OPENLDAP_IMAGE_PATH}
+ExecStart=/bin/sh -c "/usr/bin/podman run -d --conmon-pidfile /%t/%n-pid --rm 
${PODMAN_EXTRA_ARGS} -v ${LDAP_DB_DIR}:/var/lib/ldap:Z -v 
${LDAP_ETC_DIR}:/etc/openldap/slapd.d:Z -v 
${SECRETS_DIR}:/etc/openldap-secrets:Z -v 
${LDAP_CERTS_DIR}:/etc/openldap/certs:z -p 389:389 -p 636:636 --env 
LDAP_ADMIN_PASSWORD_FILE=/etc/openldap-secrets/LDAP_ADMIN_PASSWORD --env 
LDAP_CONFIG_PASSWORD_FILE=/etc/openldap-secrets/LDAP_CONFIG_PASSWORD -e 
LDAP_DOMAIN=${LDAP_DOMAIN} -e LDAP_BASE_DN=${LDAP_BASE_DN} -e 
LDAP_ORGANISATION=${LDAP_ORGANISATION} -e 
LDAP_SEED_LDIF_PATH=${LDAP_SEED_LDIF_PATH} -e 
LDAP_SEED_SCHEMA_PATH=${LDAP_SEED_SCHEMA_PATH} -e LDAP_TLS=${LDAP_TLS} -e 
LDAP_TLS_CA_CRT=${LDAP_TLS_CA_CRT} -e LDAP_TLS_CA_KEY=${LDAP_TLS_CA_KEY} -e 
LDAP_TLS_CRT=${LDAP_TLS_CRT} -e LDAP_TLS_KEY=${LDAP_TLS_KEY} -e 
LDAP_TLS_ENFORCE=${LDAP_TLS_ENFORCE} -e LDAP_NOFILE=${LDAP_NOFILE} -e 
LDAP_UID=${LDAP_UID} -e LDAP_GID=${LDAP_GID} -e 
SLAPD_LOG_LEVEL=${SLAPD_LOG_LEVEL} -e DEBUG=${DEBUG} --name openldap 
${OPENLDAP_IMAGE_PATH}"
+ExecStop=/usr/bin/podman stop openldap
+KillMode=none
+Type=forking
+PIDFile=/%t/%n-pid
+
+[Install]
+WantedBy=multi-user.target
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/containers-systemd-0.0+git20200602.25da9c0/container-postfix.default 
new/containers-systemd-0.0+git20200828.7cc6e97/container-postfix.default
--- old/containers-systemd-0.0+git20200602.25da9c0/container-postfix.default    
1970-01-01 01:00:00.000000000 +0100
+++ new/containers-systemd-0.0+git20200828.7cc6e97/container-postfix.default    
2020-08-28 14:26:37.000000000 +0200
@@ -0,0 +1,40 @@
+# Variables of this file can be overwritten with
+# /etc/default/container-postfix
+# This file only contains the variables with default
+# values, for a full list of supported environment variables
+# please look at the postfix container image documentation and
+# container-postfix.service file.
+
+# Name of the image path to pull the postfix image from
+POSTFIX_IMAGE_PATH=registry.opensuse.org/opensuse/postfix:latest
+
+# Name of the path where the postfix spool directory will be stored
+POSTFIX_SPOOL_DIR="/srv/postfix/spool"
+
+# Name of the path where the virtual user mail will be stored
+VMAIL_SPOOL_DIR="/srv/postfix/vmail"
+
+# Directory, where certificates can be found or self signed
+# autogenerated certificates will be stored
+LDAP_CERTS_DIR="/srv/postfix/certs"
+
+# Name of the path where the files with the passwords for
+# LDAP_ADMIN_PASSWORD and LDAP_CONFIG_PASSWORD can be found. The file
+# names needs to be the ones of the variable names and should not
+# be readable for anybody else.
+SECRETS_DIR="/etc/postfix-secrets"
+
+# Extra arguments for podman to start the container
+PODMAN_EXTRA_ARGS=""
+
+# Disable mailboxes for virtual users by default
+VIRTUAL_MBOX=0
+
+# User/group ID of the user owning the virtual mailboxes
+VMAIL_UID=5000
+
+# If the virtual users are provided by LDAP 
+USE_LDAP=0
+
+# If we use LDAP, use a TLS secured connection
+LDAP_USE_TLS=1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/containers-systemd-0.0+git20200602.25da9c0/container-postfix.service 
new/containers-systemd-0.0+git20200828.7cc6e97/container-postfix.service
--- old/containers-systemd-0.0+git20200602.25da9c0/container-postfix.service    
1970-01-01 01:00:00.000000000 +0100
+++ new/containers-systemd-0.0+git20200828.7cc6e97/container-postfix.service    
2020-08-28 14:26:37.000000000 +0200
@@ -0,0 +1,22 @@
+[Unit]
+Description=openSUSE postfix container
+Documentation=https://build.opensuse.org/package/show/openSUSE:Factory/opensuse-postfix-image
+After=network-online.target
+After=container-openldap.service
+
+[Service]
+Restart=on-failure
+EnvironmentFile=/usr/etc/default/container-postfix
+EnvironmentFile=-/etc/default/container-postfix
+ExecStartPre=-/usr/bin/mkdir -p ${POSTFIX_SPOOL_DIR} ${POSTFIX_VMAIL_DIR}
+ExecStartPre=-/usr/bin/podman stop postfix
+ExecStartPre=-/usr/bin/podman rm postfix
+ExecStartPre=-/usr/bin/podman pull ${POSTFIX_IMAGE_PATH}
+ExecStart=/bin/sh -c "/usr/bin/podman run -d --conmon-pidfile /%t/%n-pid --rm 
${PODMAN_EXTRA_ARGS} -v ${POSTFIX_SPOOL_DIR}:/var/spool/postfix:Z -v 
${VMAIL_SPOOL_DIR}:/var/spool/vmail:z -v ${SECRETS_DIR}:/etc/postfix-secrets:Z 
-p 25:25 -p 587:587 -e SERVER_HOSTNAME=${SERVER_HOSTNAME} -e 
SERVER_DOMAIN=${SERVER_DOMAIN} -e SMTP_RELAYHOST=${SMTP_RELAYHOST} -e 
SMTP_USERNAME=${SMTP_USERNAME} -e 
SMTP_PASSWORD_FILE=/etc/postfix-secrets/SMTP_PASSWORD -e 
SMTP_NETWORKS=${SMTP_NETWORKS} -e MASQUERADE_DOMAINS=${MASQUERADE_DOMAINS} -e 
MYDESTINATION=${MYDESTINATION} -e VIRTUAL_MBOX=${VIRTUAL_MBOX} -e 
VMAIL_UID=${VMAIL_UID} -e VIRTUAL_DOMAINS=${VIRTUAL_DOMAINS} -e 
VIRTUAL_USERS=${VIRTUAL_USERS} -e USE_LDAP=${USE_LDAP} -e 
LDAP_BASE_DN=${LDAP_BASE_DN} -e LDAP_SERVER_URL=${LDAP_SERVER_URL} -e 
LDAP_MAIL_READER_PASSWORD_FILE=/etc/postfix-secrets/LDAP_MAIL_READER_PASSWORD 
-e LDAP_USE_TLS=${LDAP_USE_TLS} -e LDAP_TLS_CA_CRT=${LDAP_TLS_CA_CRT} -e 
TZ=${TZ} -e DEBUG=${DEBUG} --name postfix ${POSTFIX_IMAGE_PATH}"
+ExecStop=/usr/bin/podman stop postfix
+KillMode=none
+Type=forking
+PIDFile=/%t/%n-pid
+
+[Install]
+WantedBy=multi-user.target

++++++ containers-systemd.rpmlintrc ++++++
--- /var/tmp/diff_new_pack.sQsm6p/_old  2020-08-28 21:21:15.628321268 +0200
+++ /var/tmp/diff_new_pack.sQsm6p/_new  2020-08-28 21:21:15.628321268 +0200
@@ -1,5 +1,7 @@
 # This files needs to be empty be default
 addFilter("zero-length /etc/mariadb-secrets/MYSQL_.*")
+addFilter("zero-length /etc/openldap-secrets/LDAP_.*")
+addFilter("zero-length /etc/postfix-secrets/.*")
 # We don't install /sbin/service to build the package
 addFilter("dangling-symlink /usr/sbin/rccontainer-.*")

commit containers-systemd for openSUSE:Factory

Reply via email to