M README.md => README.md +1 -0
@@ 8,6 8,7 @@ It should be easy to get things working on another build system.
|Images |Tags |Fully qualified name of the default image|
|:------|:----|:----------------------------------------|
+|[apkbuilder](/~dricottone/container-images/tree/dev/item/apkbuilder/README.md)|latest|`registry.intra.dominic-ricottone.com/apkbuilder:latest`|
|[dnsmasq](/~dricottone/container-images/tree/dev/item/dnsmasq/README.md)|latest|`registry.intra.dominic-ricottone.com/dnsmasq:latest`|
|[fcgi](/~dricottone/container-images/tree/dev/item/fcgi/README.md)|latest|`registry.intra.dominic-ricottone.com/fcgi:latest`|
|[haproxy](/~dricottone/container-images/tree/dev/item/haproxy/README.md)|latest|`registry.intra.dominic-ricottone.com/haproxy:latest`|
A apkbuilder/.gitignore => apkbuilder/.gitignore +1 -0
A apkbuilder/Dockerfile => apkbuilder/Dockerfile +27 -0
@@ 0,0 1,27 @@
+FROM docker.io/library/alpine:3.17
+
+RUN adduser -D builder && addgroup builder abuild
+
+# packaging script
+COPY --chown=builder:builder build.sh /home/builder/build.sh
+RUN chmod 755 /home/builder/build.sh
+
+# packaging configuration
+COPY --chown=builder:builder abuild /home/builder/.abuild
+RUN chmod 600 /home/builder/.abuild/*
+
+RUN apk add --no-cache abuild sudo
+RUN echo "builder ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers
+COPY abuild/*.rsa.pub /etc/apk/keys/
+RUN chmod 644 /etc/apk/keys/*.rsa.pub
+RUN mv /etc/apk/repositories /etc/apk/repositories.bak
+RUN echo "https://pkg.intra.dominic-ricottone.com/alpine/v3.17" | cat - /etc/apk/repositories.bak >/etc/apk/repositories
+
+USER builder
+WORKDIR /home/builder
+RUN mkdir -p /home/builder/packages
+VOLUME /home/builder/packages/src
+VOLUME /home/builder/src
+ENTRYPOINT ["/home/builder/build.sh"]
+CMD ["non_existant_package_name"]
+
A apkbuilder/Makefile => apkbuilder/Makefile +13 -0
@@ 0,0 1,13 @@
+CONMAN=sudo docker
+
+REGISTRY=registry.intra.dominic-ricottone.com
+IMAGE=apkbuilder
+TAG=latest
+
+image:
+ $(CONMAN) buildx build --push \
+ --platform linux/arm64,linux/amd64 \
+ --tag $(REGISTRY)/$(IMAGE):$(TAG) \
+ .
+
+.PHONY: image
A apkbuilder/README.md => apkbuilder/README.md +77 -0
@@ 0,0 1,77 @@
+# apkbuilder
+
+
+## Build and Deploy
+
+```
+make image
+```
+
+
+### Tags
+
+ + `latest`
+
+----
+
+## Use
+
+Builds APK packages.
+Not meant for humans.
+See https://git.dominic-ricottone.com/~dricottone/simple-builder .
+
+Create an abuild folder containing:
+
+ * an `abuild.conf` file
+ * packaging keys
+
+For the former, try a configuration like:
+
+```
+export CFLAGS="-Os -fomit-frame-pointer"
+export CXXFLAGS="$CFLAGS"
+export CPPFLAGS="$CFLAGS"
+export LDFLAGS="-Wl,--as-needed,-O1,--sort-common"
+export GOFLAGS="-buildmode=pie -modcacherw -trimpath -buildvcs=false"
+# Do note that these should work with at least GDC and LDC
+export DFLAGS="-Os"
+
+export JOBS=$(nproc)
+export MAKEFLAGS=-j$JOBS
+export SAMUFLAGS=-j$JOBS
+export CARGO_BUILD_JOBS=$JOBS
+
+export CARGO_PROFILE_RELEASE_OPT_LEVEL="s"
+export CARGO_PROFILE_RELEASE_PANIC="abort"
+export CARGO_PROFILE_RELEASE_CODEGEN_UNITS=1
+export CARGO_PROFILE_RELEASE_LTO="true"
+
+#USE_COLORS=1
+
+#USE_CCACHE=1
+
+SRCDEST=/var/cache/distfiles
+
+# uncomment line below to store built packages in other location
+# The package will be stored as $REPODEST/$repo/$pkgname-$pkgver-r$pkgrel.apk
+# where $repo is the name of the parent directory of $startdir.
+REPODEST=$HOME/packages
+
+PACKAGER="Dominic Ricottone <me@dominic-ricottone.com>"
+PACKAGER_PRIVKEY="/home/builder/.abuild/me@dominic-ricottone.com.rsa"
+MAINTAINER="$PACKAGER"
+
+# what to clean up after a successful build
+CLEANUP="srcdir bldroot pkgdir deps"
+
+# what to cleanup after a failed build
+ERROR_CLEANUP="bldroot deps"
+```
+
+For the latter, try:
+
+```
+openssl genrsa -out abuild/me@dominic-ricottone.com.rsa 2048
+openssl rsa -in abuild/me@dominic-ricottone.com.rsa -pubout -out abuild/me@dominic-ricottone.com.rsa.pub
+```
+
A apkbuilder/build.sh => apkbuilder/build.sh +8 -0
@@ 0,0 1,8 @@
+#!/bin/sh
+cd src/$1 || exit 1
+sudo apk update
+. APKBUILD
+abuild checksum || exit 1
+ulimit -n 1024
+abuild -r || exit 1
+