adoralaura/go-template
Template
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

first commit

Browse source
This commit is contained in:
Adora Laura Kalb 2024-08-03 14:56:35 +02:00
commit 6f4c7387e8
Signed by: adoralaura
SSH key fingerprint: SHA256:3XrkbR8ikAZJVtYfaUliX1MhmJYVAe/ocIb/MiDHBJ8
12 changed files with 289 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
.gitignore vendored Normal file
View file

@ -0,0 +1,28 @@
# Allowlisting gitignore template for GO projects prevents us
# from adding various unwanted local files, such as generated
# files, developer configurations or IDE-specific files etc.
#
# Recommended: Go.AllowList.gitignore
# Ignore everything
*
# But not these files...
!/.gitignore
!*.go
!go.sum
!go.mod
!examples/*
!*.md
!LICENSE
!Makefile
# Woodpecker CI
!.woodpecker/*
# ...even if they are in subdirectories
!*/

57
.woodpecker/build-and-deploy.yml Normal file
View file

@ -0,0 +1,57 @@
when:
event: tag
matrix:
include:
- GOOS: linux
GOARCH: amd64
- GOOS: linux
GOARCH: arm
GOARM: 6
- GOOS: linux
GOARCH: arm64
steps:
build:
secrets:
- FORGEJO_APIKEY
image: golang:1.22-alpine
environment:
- APP_NAME=app-name
- FORGE=https://code.lila.network
commands:
- apk add --update --no-cache xz curl jq make git
- make build
- cd bin/
- mv $APP_NAME $APP_NAME-${GOOS}-${GOARCH}${GOARM}
- xz --keep --compress $APP_NAME-${GOOS}-${GOARCH}${GOARM}
- sha256sum $APP_NAME-${GOOS}-${GOARCH}${GOARM} >> $APP_NAME-${GOOS}-${GOARCH}${GOARM}.sha256
- sha256sum $APP_NAME-${GOOS}-${GOARCH}${GOARM}.xz >> $APP_NAME-${GOOS}-${GOARCH}${GOARM}.xz.sha256
- |-
export RELEASE_ID=`curl --location "$FORGE/api/v1/repos/$CI_REPO/releases?limit=10" \
--header 'Accept: application/json' -s -S \
--fail-with-body | jq -r ".[] | select (.tag_name==\"$CI_COMMIT_TAG\").id"`
- |-
curl --location "$FORGE/api/v1/repos/$CI_REPO/releases/$RELEASE_ID/assets" \
--header "Authorization: token $FORGEJO_APIKEY" \
--header 'Content-Type: multipart/form-data' -s -S \
--form "attachment=@$APP_NAME-${GOOS}-${GOARCH}${GOARM};type=application/octet-stream" \
--fail-with-body
- |-
curl --location "$FORGE/api/v1/repos/$CI_REPO/releases/$RELEASE_ID/assets" \
--header "Authorization: token $FORGEJO_APIKEY" \
--header 'Content-Type: multipart/form-data' -s -S \
--form "attachment=@$APP_NAME-${GOOS}-${GOARCH}${GOARM}.xz;type=application/octet-stream" \
--fail-with-body
- |-
curl --location "$FORGE/api/v1/repos/$CI_REPO/releases/$RELEASE_ID/assets" \
--header "Authorization: token $FORGEJO_APIKEY" \
--header 'Content-Type: multipart/form-data' -s -S \
--form "attachment=@$APP_NAME-${GOOS}-${GOARCH}${GOARM}.sha256;type=application/octet-stream" \
--fail-with-body
- |-
curl --location "$FORGE/api/v1/repos/$CI_REPO/releases/$RELEASE_ID/assets" \
--header "Authorization: token $FORGEJO_APIKEY" \
--header 'Content-Type: multipart/form-data' -s -S \
--form "attachment=@$APP_NAME-${GOOS}-${GOARCH}${GOARM}.xz.sha256;type=application/octet-stream" \
--fail-with-body

38
.woodpecker/deploy-docs.yml Normal file
View file

@ -0,0 +1,38 @@
when:
- event: push
branch: main
path:
include:
- 'docs/**'
- '.woodpecker/deploy-docs.yml'
ignore_message: '[ALL]'
steps:
build:
image: golang:1.22-bookworm
environment:
- HUGO_VERSION=0.128.1
- TZ=Europe/Berlin
commands:
- cd docs/
- wget https://github.com/gohugoio/hugo/releases/download/v$${HUGO_VERSION}/hugo_extended_$${HUGO_VERSION}_linux-amd64.deb && apt install ./hugo_extended_$${HUGO_VERSION}_linux-amd64.deb && rm -f hugo_extended_$${HUGO_VERSION}_linux-amd64.deb
- hugo --minify --destination ./public
upload:
image: alpine:latest
secrets:
- RSYNC_SSHKEY
- RSYNC_TARGET_SERVER
- RSYNC_TARGET_USER
environment:
- TARGET_PATH=/webroot/app-name.adora.codes
- RSYNC_TARGET_PORT=2003
commands:
- cd docs/
- apk add --update --no-cache openssh rsync git
- mkdir -p $HOME/.ssh
- echo "$RSYNC_SSHKEY" > $HOME/.ssh/id_ed25519
- chmod 0600 $HOME/.ssh/id_ed25519
- ssh-keyscan -t ed25519 -p $RSYNC_TARGET_PORT $RSYNC_TARGET_SERVER >> $HOME/.ssh/known_hosts
- rsync -avh -e "ssh -p $RSYNC_TARGET_PORT" --delete ./public/ $RSYNC_TARGET_USER@$RSYNC_TARGET_SERVER:$TARGET_PATH

58
CHANGELOG.md Normal file
View file

@ -0,0 +1,58 @@
# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
## [0.2.2] - 2024-07-30
### Changed
- changed the way the version string is handled internally
- CI pipeline changed
- documentation is now more sophisticated and has a new theme
### Added
- Makefile
## [0.2.1] - 2024-07-12
### Fixed
- Configuration validation did not work as intended
### Changed
- updated example config file
## [0.2.0] - 2024-07-11
### ⚠️ Breaking Changes
- Config file syntax was changed to accomodate both private and public key deployment for certificates.
This change is __NOT__ backwards compatible!
The following yaml keys were changed/added:
- `api_key`: changed to `cert_secret`
- `file_path`: changed to `cert_path`
- added keys: `key_secret`, `key_path`
### Changed
- config file syntax to enable deployment of private keys too
- refactor code
## [0.1.1] - 2024-07-03
### Fixed
- Fixed handling of the post certificate action
## [0.1.0] - 2024-07-03
### Added
- Minimal viable application
- some documentation
[unreleased]: https://code.lila.network/adoralaura/app-name/compare/0.2.2...HEAD
[0.2.2]: https://code.lila.network/adoralaura/app-name/compare/0.2.1...0.2.2
[0.2.1]: https://code.lila.network/adoralaura/app-name/compare/0.2.0...0.2.1
[0.2.0]: https://code.lila.network/adoralaura/app-name/compare/0.1.1...0.2.0
[0.1.1]: https://code.lila.network/adoralaura/app-name/compare/0.1.0...0.1.1
[0.1.0]: https://code.lila.network/adoralaura/app-name/releases/tag/0.1.0

17
CONTRIBUTING.md Normal file
View file

@ -0,0 +1,17 @@
# Contributing
I use my own [Forgejo Instance](https://code.lila.network) to manage issues and pull requests.
* If you have a trivial fix or improvement, go ahead and create a pull request,
addressing (with `@...`) the maintainer of this repository (see
[MAINTAINERS.md](MAINTAINERS.md)) in the description of the pull request.
* If you plan to do something more involved, first please [send me a mail]( mailto:dev@lauka.net?subject=%5Bapp-name%5D).
# What to contribute
The best way to help without speaking a lot of Go would be to share your
configuration, alerts, dashboards, and recording rules. If you have something
that works and is not in the repository, please pay it forward and
share what works.

9
LICENSE Normal file
View file

@ -0,0 +1,9 @@
MIT License
Copyright © 2024 Adora Laura Kalb <dev@lauka.net>
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

1
MAINTAINERS.md Normal file
View file

@ -0,0 +1 @@
* Adora Laura Kalb <dev@lauka.net> @adoralaura

13
Makefile Normal file
View file

@ -0,0 +1,13 @@
# Set the default Go build flags
GOFLAGS = -ldflags='-w -s -X constants.Version=$(VERSION)'
# Build the application
build:
go build $(GOFLAGS) -o bin/app-name cmd/app-name/main.go
# Clean the build artifacts
clean:
rm -rf bin
# Set a version for the build
VERSION := $(shell git describe --tags --always)

9
cmd/app-name/main.go Normal file
View file

@ -0,0 +1,9 @@
/*
Copyright © 2024 Laura Kalb <dev@lauka.net>
The code of this project is available under the MIT license. See the LICENSE file for more info.
*/
package main
func main() {
// do stuff
}

13
examples/certwarden-deploy.service Normal file
View file

@ -0,0 +1,13 @@
[Unit]
Description=CertWarden Deployer binary
Documentation=https://code.lila.network/adoralaura/app-name
[Service]
# uncomment if you want to use a different user than root
# User=app-name
# Group=app-name
ExecStart=/usr/local/bin/app-name
[Install]
WantedBy=multi-user.target

10
examples/certwarden-deploy.timer Normal file
View file

@ -0,0 +1,10 @@
[Unit]
Description=Timer for app-name
[Timer]
Persistent=true
OnCalendar=Sat *-*-* 04:00:00
RandomizedDelaySec=2h
[Install]
WantedBy=timers.target

36
examples/config.yaml Normal file
View file

@ -0,0 +1,36 @@
# Base URL of the CertWarden instance
# required
base_url: "https://certwarden.example.com"
# Set this to true if your CertWarden instance does not have a publicly trusted
# TLS certificate (e.g. it has a self signed one)
# default is false
disable_certificate_validation: false
# define all managed certificates here
certificates:
# name is a unique identifier that must start and end with an alphanumeric character,
# and can contain the following characters: a-zA-Z0-9._-
# required
- name: test-certificate.example.com
# Contains the API-Key to fetch the certificate from the server
# required
cert_secret: examplekey_notvalid_hrzjGDDw8z
# path where to save the certificate
# required
cert_path: "/path/to/test-certificate.example.com-cert.pem"
# Contains the API-Key to fetch the private key from the server
# required
key_secret: examplekey_notvalid_hrzbbDDw8z
# path where to save the private key
# required
key_path: "/path/to/test-certificate.example.com-key.pem"
# action to run when certificate was updated or --force is on
action: "/usr/bin/systemd reload caddy"