summaryrefslogtreecommitdiff
path: root/debian
diff options
context:
space:
mode:
Diffstat (limited to 'debian')
-rw-r--r--debian/anastasis-httpd.config14
-rw-r--r--debian/anastasis-httpd.install9
-rw-r--r--debian/anastasis-httpd.postinst38
-rw-r--r--debian/anastasis-httpd.postrm11
-rw-r--r--debian/anastasis-httpd.preinst29
-rw-r--r--debian/anastasis-httpd.prerm11
-rw-r--r--debian/anastasis-httpd.service2
-rw-r--r--debian/changelog60
-rw-r--r--debian/control57
-rwxr-xr-xdebian/db/install/pgsql38
-rw-r--r--debian/etc/anastasis/anastasis.conf4
-rw-r--r--debian/etc/anastasis/secrets/anastasis-db.secret.conf2
-rwxr-xr-xdebian/rules8
13 files changed, 147 insertions, 136 deletions
diff --git a/debian/anastasis-httpd.config b/debian/anastasis-httpd.config
index 97f57bc..97d5101 100644
--- a/debian/anastasis-httpd.config
+++ b/debian/anastasis-httpd.config
@@ -6,17 +6,3 @@ set -e
_USERNAME=anastasis-httpd
_GROUPNAME=www-data
-
-# For now, we only support postgres
-dbc_dbtypes=pgsql
-dbc_dbuser=${_USERNAME}
-
-dbc_authmethod_user=ident
-dbc_authmethod_admin=ident
-
-if [ -f /usr/share/dbconfig-common/dpkg/config.pgsql ]; then
- . /usr/share/dbconfig-common/dpkg/config.pgsql
- dbc_go anastasis-httpd "$@"
-fi
-
-db_stop
diff --git a/debian/anastasis-httpd.install b/debian/anastasis-httpd.install
index 652caa0..6594f28 100644
--- a/debian/anastasis-httpd.install
+++ b/debian/anastasis-httpd.install
@@ -3,7 +3,9 @@ usr/lib/*/anastasis/
usr/lib/*/libanastasisauthorization.*
usr/lib/*/libanastasisdb.*
usr/lib/*/libanastasiseufin.so.*
-usr/share/man/man5/*
+usr/share/man/man5/anastasis.conf.5
+usr/share/man/man1/anastasis-dbconfig.1
+usr/share/man/man1/anastasis-dbinit.1
usr/share/man/man1/anastasis-httpd.1
usr/share/man/man1/anastasis-helper-authorization-iban.1
usr/share/man/man1/anastasis-config.1
@@ -11,4 +13,7 @@ usr/share/anastasis/*
usr/share/anastasis/sql/*
usr/share/anastasis/config.d/*
debian/etc/* /etc/
-debian/db/install/* usr/share/dbconfig-common/scripts/anastasis/install/
+# Terms of service / privacy policy templates
+usr/share/anastasis/terms/*.rst
+# Translations of ToS/PP
+usr/share/locale/*/LC_MESSAGES/*.po
diff --git a/debian/anastasis-httpd.postinst b/debian/anastasis-httpd.postinst
index 994b06b..1dd41f4 100644
--- a/debian/anastasis-httpd.postinst
+++ b/debian/anastasis-httpd.postinst
@@ -2,37 +2,43 @@
set -e
-TALER_HOME="/var/lib/taler/"
+if [ -d /run/systemd/system ]; then
+ systemctl --system daemon-reload >/dev/null || true
+fi
+if [ "$1" = "remove" ]; then
+ if [ -x "/usr/bin/deb-systemd-helper" ]; then
+ deb-systemd-helper mask 'anastasis-httpd.service' >/dev/null || true
+ fi
+fi
+
+if [ "$1" = "purge" ]; then
+ if [ -x "/usr/bin/deb-systemd-helper" ]; then
+ deb-systemd-helper purge 'anastasis-httpd.service' >/dev/null || true
+ deb-systemd-helper unmask 'anastasis-httpd.service' >/dev/null || true
+ fi
+fi
+
+ANASTASIS_HOME="/var/lib/anastasis/"
_USERNAME=anastasis-httpd
_GROUPNAME=www-data
-# Set permissions for sqlite3 file
-# (for when we support sqlite3 in the future)
-dbc_dbfile_owner="${_USERNAME}:${_GROUPNAME}"
-dbc_dbfile_perms="0600"
-
. /usr/share/debconf/confmodule
case "${1}" in
configure)
# Creating taler users if needed
- if ! getent passwd ${_USERNAME} >/dev/null; then
- adduser --quiet --system --ingroup ${_GROUPNAME} --no-create-home --home ${TALER_HOME} ${_USERNAME}
+ if ! getent passwd ${_USERNAME} >/dev/null
+ then
+ adduser --quiet --system --ingroup ${_GROUPNAME} --no-create-home --home ${ANASTASIS_HOME} ${_USERNAME}
fi
- if ! dpkg-statoverride --list /etc/anastasis/secrets/anastasis-db.secret.conf >/dev/null 2>&1; then
+ if ! dpkg-statoverride --list /etc/anastasis/secrets/anastasis-db.secret.conf >/dev/null 2>&1
+ then
dpkg-statoverride --add --update \
anastasis-httpd root 460 \
/etc/anastasis/secrets/anastasis-db.secret.conf
fi
- # Setup postgres database (needs dbconfig-pgsql package)
- if [ -f /usr/share/dbconfig-common/dpkg/postinst.pgsql ]; then
- . /usr/share/dbconfig-common/dpkg/postinst.pgsql
- dbc_pgsql_createdb_encoding="UTF8"
- dbc_go anastasis-httpd "$@"
- fi
-
;;
abort-upgrade | abort-remove | abort-deconfigure) ;;
diff --git a/debian/anastasis-httpd.postrm b/debian/anastasis-httpd.postrm
index 9954a33..ee84d38 100644
--- a/debian/anastasis-httpd.postrm
+++ b/debian/anastasis-httpd.postrm
@@ -2,18 +2,19 @@
set -e
+_USERNAME=anastasis-httpd
+
if [ -f /usr/share/debconf/confmodule ]; then
. /usr/share/debconf/confmodule
fi
-if [ -f /usr/share/dbconfig-common/dpkg/postrm.pgsql ]; then
- . /usr/share/dbconfig-common/dpkg/postrm.pgsql
- dbc_go anastasis-httpd "$@"
-fi
-
case "${1}" in
purge)
rm -rf /var/lib/anastasis/httpd/
+ rm -f /etc/anastasis/override.conf
+ deluser --system --quiet ${_USERNAME} || true
+ dpkg-statoverride --remove \
+ /etc/anastasis/secrets/anastasis-db.secret.conf || true
;;
remove | upgrade | failed-upgrade | abort-install | abort-upgrade | disappear)
;;
diff --git a/debian/anastasis-httpd.preinst b/debian/anastasis-httpd.preinst
deleted file mode 100644
index 2d6c261..0000000
--- a/debian/anastasis-httpd.preinst
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/bash
-
-# We prevent a few questions from being asked
-# upon installation by specifying defaults. Namely,
-# we want the database to be accessed via Unix domain
-# sockets and password-less.
-
-set -e
-
-# When purging this package after the selections in the preinst have been made,
-# the debconf database is left in an inconsistent state and the package cannot
-# be installed again. This happens because dbconf-common will create a
-# template for these questions with a shared owner. Purging will only delete
-# one of the two templates, leading to a DB state where debconf-set-selections
-# fails. We work around this by manually fixing up the debconf database.
-#
-# Unfortunately we can't do this in "postrm", because during "postrm"
-# the configuration database is locked (even after db_stop).
-#
-# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487300
-if [ -x /usr/share/debconf/fix_db.pl ]; then
- /usr/share/debconf/fix_db.pl || true
-fi
-
-echo anastasis-httpd anastasis-httpd/pgsql/method select Unix socket | debconf-set-selections
-echo anastasis-httpd anastasis-httpd/pgsql/authmethod-user select ident | debconf-set-selections
-echo anastasis-httpd anastasis-httpd/pgsql/app-pass password | debconf-set-selections
-
-exit 0
diff --git a/debian/anastasis-httpd.prerm b/debian/anastasis-httpd.prerm
index 24625c0..951f5ac 100644
--- a/debian/anastasis-httpd.prerm
+++ b/debian/anastasis-httpd.prerm
@@ -2,15 +2,8 @@
set -e
-if [ -f /usr/share/debconf/confmodule ]; then
- . /usr/share/debconf/confmodule
+if [ -d /run/systemd/system ] && [ "$1" = remove ]; then
+ deb-systemd-invoke stop 'anastasis-httpd.service' >/dev/null || true
fi
-. /usr/share/dbconfig-common/dpkg/prerm
-if [ -f /usr/share/dbconfig-common/dpkg/prerm.pgsql ]; then
- . /usr/share/dbconfig-common/dpkg/prerm.pgsql
- dbc_go anastasis-httpd "$@"
-fi
-
-db_stop
exit 0
diff --git a/debian/anastasis-httpd.service b/debian/anastasis-httpd.service
index bd6919e..372e824 100644
--- a/debian/anastasis-httpd.service
+++ b/debian/anastasis-httpd.service
@@ -5,7 +5,7 @@ Description=Anastasis key recovery backend
User=anastasis-httpd
Type=simple
Restart=on-failure
-ExecStart=/usr/bin/anastasis-httpd -c /etc/anastasis/anastasis.conf
+ExecStart=/usr/bin/anastasis-httpd -c /etc/anastasis/anastasis.conf -L INFO
[Install]
WantedBy=multi-user.target
diff --git a/debian/changelog b/debian/changelog
index d972a47..d3231da 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,63 @@
+anastasis (0.4.1) unstable; urgency=low
+
+ * Actual v0.4.1 release.
+
+ -- Christian Grothoff <grothoff@gnu.org> Sat, 10 Feb 2024 03:50:12 +0200
+
+anastasis (0.4.0-2) unstable; urgency=low
+
+ * Updates for packaging with GNU Taler v0.9.4.
+
+ -- Christian Grothoff <grothoff@gnu.org> Sun, 21 Jan 2024 23:50:12 +0200
+
+anastasis (0.4.0-1) unstable; urgency=low
+
+ * Actual v0.4.0 release.
+
+ -- Christian Grothoff <grothoff@gnu.org> Wed, 27 Sep 2023 03:50:12 +0200
+
+anastasis (0.4.0) unstable; urgency=low
+
+ * First work towards packaging v0.4.0.
+
+ -- Christian Grothoff <grothoff@gnu.org> Thu, 7 Sep 2023 23:50:12 +0200
+
+anastasis (0.3.2) unstable; urgency=low
+
+ * Official Anastasis 0.3.2 release.
+
+ -- Christian Grothoff <grothoff@gnu.org> Tue, 21 Feb 2023 09:50:12 +0200
+
+anastasis (0.3.1) unstable; urgency=low
+
+ * Official Anastasis 0.3.1 release.
+
+ -- Christian Grothoff <grothoff@gnu.org> Tue, 17 Jan 2023 09:50:12 +0200
+
+anastasis (0.3.0) unstable; urgency=low
+
+ * Official Anastasis 0.3.0 release.
+
+ -- Christian Grothoff <grothoff@gnu.org> Mon, 26 Sep 2022 09:50:12 +0200
+
+anastasis (0.2.99-2) unstable; urgency=low
+
+ * Close to Anastasis 0.3.0, but testing package details.
+
+ -- Christian Grothoff <grothoff@gnu.org> Mon, 20 Jun 2022 14:02:10 +0100
+
+anastasis (0.2.99-1) unstable; urgency=low
+
+ * Close to Anastasis 0.3.0, but a preview release for UX testing.
+
+ -- Christian Grothoff <grothoff@gnu.org> Tue, 01 Feb 2022 14:02:10 +0100
+
+anastasis (0.2.0) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Christian Grothoff <grothoff@gnu.org> Thu, 30 Sep 2021 14:02:10 +0100
+
anastasis (0.1.0-5) unstable; urgency=low
* Fix amount check for payments (upstream fix).
diff --git a/debian/control b/debian/control
index 0252c0d..e9e618e 100644
--- a/debian/control
+++ b/debian/control
@@ -8,19 +8,16 @@ Build-Depends:
autopoint,
debhelper-compat (= 12),
gettext,
- libgnunet-dev,
- libtalerexchange-dev (>= 0.8.5),
- libtalermerchant-dev (>= 0.8.4),
- libpq-dev (>=9.5),
+ libgnunet-dev (>=0.21),
+ libtalerexchange-dev (>= 0.9.4),
+ libtalermerchant-dev (>= 0.9.4),
+ libpq-dev (>=14),
libsqlite3-dev (>=3.8),
pkg-config,
po-debconf,
libqrencode-dev,
uuid-dev,
zlib1g-dev
-Build-Conflicts:
- autoconf2.13,
- automake1.4
Standards-Version: 4.5.0
Vcs-Git: https://salsa.debian.org/debian/anastasis.git
Vcs-browser: https://salsa.debian.org/debian/anastasis
@@ -35,44 +32,66 @@ Depends:
netbase,
${misc:Depends},
${shlibs:Depends}
-Description: libraries to talk to an Anastasis provider.
+Description: libraries to talk to a GNU Anastasis provider.
+ .
+ GNU Anastasis allows users to make backups of their
+ private key material to multiple providers while ensuring that
+ individual providers cannot learn the secret key material.
+ The libraries contained in this package implement the
+ client-side of the Anastasis backup and recovery protocol.
Package: anastasis-httpd
Architecture: any
Pre-Depends:
${misc:Pre-Depends}
Depends:
- libtalerexchange (>= 0.8.5),
+ libtalerexchange (>= 0.9.4),
libgnutls30 (>= 3.7.1),
adduser,
lsb-base,
netbase,
- apache2 | nginx | httpd,
- postgresql,
- dbconfig-pgsql | dbconfig-no-thanks,
${misc:Depends},
${shlibs:Depends}
+Recommends:
+ apache2 | nginx | httpd,
+ postgresql (>=14.0)
Description: GNU's key escrow provider.
+ .
+ GNU Anastasis allows users to make backups of their
+ private key material to multiple providers while ensuring that
+ individual providers cannot learn the secret key material.
+ This package contains the backend logic that must be run by
+ an Anastasis backup provider.
Package: anastasis-cli
Architecture: any
Pre-Depends:
${misc:Pre-Depends}
Depends:
- libanastasis (>= 0.0.0),
+ libanastasis,
${misc:Depends},
${shlibs:Depends}
-Description: Command-line interface for the Anastasis key escrow provider service.
+Description: Command-line interface for the GNU Anastasis key escrow provider service.
+ .
+ GNU Anastasis allows users to make backups of their
+ private key material to multiple providers while ensuring that
+ individual providers cannot learn the secret key material.
+ This package contains a command-line interface to the
+ Anastasis logic. Please note that we do not expect the CLI to
+ be useful to end-users. It may be useful for integration of
+ Anastasis into applications (and for testing).
+ If you are looking for a stand-alone Anastasis client, please
+ use anastasis-gtk.
Package: libanastasis-dev
Section: libdevel
Architecture: any
Depends:
- libtalermerchant-dev (>= 0.8.3),
- libtalerexchange-dev (>= 0.8.5),
- libgnunet-dev (>=0.15.3),
+ libtalermerchant-dev (>= 0.9.4),
+ libtalerexchange-dev (>= 0.9.4),
+ libgnunet-dev (>=0.21),
${misc:Depends},
${shlibs:Depends}
-Description: libraries to talk to a GNU Anastasis provider (development)
+Description: libraries to talk to a GNU Anastasis provider (development).
.
- This package contains the development files.
+ This package contains the development files for the libanastasis libraries.
diff --git a/debian/db/install/pgsql b/debian/db/install/pgsql
deleted file mode 100755
index f695fed..0000000
--- a/debian/db/install/pgsql
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/bin/bash
-
-set -eu
-
-conf_anastasis_db=/etc/anastasis/secrets/anastasis-db.secret.conf
-conf_override=/etc/anastasis/override.conf
-
-# Get database settings from dbconfig-common and write anastasis configuration files.
-if [ -f /etc/dbconfig-common/anastasis-httpd.conf ]; then
- . /etc/dbconfig-common/anastasis-httpd.conf
- case "$dbc_dbtype" in
- pgsql)
- echo -e "# Config file auto-generated by Debian.\n[anastasis]\nDB=postgres\n\n" > \
- $conf_override
- # We assume ident auth here. We might support password auth later.
- echo -e "[stasis-postgres]\nCONFIG=postgres:///${dbc_dbname}\n\n" > \
- $conf_anastasis_db
-
- # Allow the taler-merchant-httpd user to create schemas, needed by dbinit
- echo "GRANT CREATE on database \"$dbc_dbname\" to \"anastasis-httpd\";" | sudo -u postgres psql -f -
- # Run database initialization logic
- sudo -u anastasis-httpd anastasis-dbinit -c /etc/anastasis/anastasis.conf
- ;;
- sqlite3)
- # Later: use something like:
- # sqlite:///$DATA_DIR/anastasis.db
- # But for now, sqlite is unsupported:
- echo "Unsupported database type $dbc_type."
- exit 1
- ;;
- "") ;;
-
- *)
- echo "Unsupported database type $dbc_type."
- exit 1
- ;;
- esac
-fi
diff --git a/debian/etc/anastasis/anastasis.conf b/debian/etc/anastasis/anastasis.conf
index 9938438..9b85754 100644
--- a/debian/etc/anastasis/anastasis.conf
+++ b/debian/etc/anastasis/anastasis.conf
@@ -14,7 +14,7 @@ SERVE = unix
# Name of your business
#BUSINESS_NAME = ""
-# Random server salt. Use output of 'uuidgen'
+# Random server salt. Use output of 'uuidgen'. Make a backup of the value.
#SERVER_SALT = ""
# How high is the per key share insurance offered
@@ -32,7 +32,7 @@ PAYMENT_BACKEND_URL = http://backend.demo.taler.net/instances/Tutorial/
[taler]
-# Currency accepted by anastasis via GNU Taler payments.
+# Currency accepted by GNU Anastasis via GNU Taler payments.
CURRENCY = KUDOS
[paths]
diff --git a/debian/etc/anastasis/secrets/anastasis-db.secret.conf b/debian/etc/anastasis/secrets/anastasis-db.secret.conf
index 8f9fb54..512366d 100644
--- a/debian/etc/anastasis/secrets/anastasis-db.secret.conf
+++ b/debian/etc/anastasis/secrets/anastasis-db.secret.conf
@@ -1,3 +1,3 @@
[stasis-postgres]
#The connection string the plugin has to use for connecting to the database
-CONFIG = postgres:///anastasis
+# CONFIG = postgres:///anastasis
diff --git a/debian/rules b/debian/rules
index 0307145..3a1911d 100755
--- a/debian/rules
+++ b/debian/rules
@@ -7,6 +7,9 @@ include /usr/share/dpkg/architecture.mk
%:
dh ${@}
+override_dh_builddeb:
+ dh_builddeb -- -Zgzip
+
override_dh_auto_configure-arch:
dh_auto_configure -- --disable-rpath --with-microhttpd=yes $(shell dpkg-buildflags --export=configure)
@@ -30,6 +33,11 @@ override_dh_auto_install-indep:
override_dh_auto_clean:
dh_auto_clean
+override_dh_installsystemd:
+ dh_installsystemd -panastasis-httpd --name=anastasis-httpd --no-start --no-enable
+ # final invocation to generate daemon reload
+ dh_installsystemd
+
override_dh_install:
dh_install
# Done manually for debhelper-compat<13