mirror/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2026-02-07 14:11:51 -05:00
Code Issues Packages Projects Releases Wiki Activity
9,449 Commits 1 Branch 70 Tags
master
Commit Graph

479 Commits

Author SHA1 Message Date
Hans-Christoph Steiner
b8819ebc92 makebuildserver: switch to debian/trixie64 box 2026-01-21 22:20:21 +01:00
linsui
54a1bceff8 docker: update to trixie 2026-01-19 21:53:43 +08:00
Licaon_Kter
a9d8d21f53 buildserver: update to trixie 2026-01-18 17:01:47 +08:00
Hans-Christoph Steiner
1bffcff5d9 buildserver: set fs.inotify.max_user_watches globally 
Some builds need to track a lot of files, so this needs to be set for
them to succeed.
 2025-11-26 11:52:04 +00:00
Hans-Christoph Steiner
9f3f912e9c buildserver: remove /opt/gradle/bin from PATH, it is no more 2025-11-26 11:50:58 +00:00
Hans-Christoph Steiner
171cf77cc3 rm config.buildserver.yml, ANDROID_HOME set in /etc/profile.d/bsenv.sh 
`fdroid build_local_run` has been running without this for a long time.
 2025-11-26 11:50:58 +00:00
linsui
dc09482d8e link gradlew-fdroid to gradle 2025-11-19 00:11:29 +08:00
linsui
b47ceb648b Remove /opt/gradle related code 2025-11-18 00:32:08 +08:00
Hans-Christoph Steiner
5049645003 make gradlew-fdroid a standalone project 
https://gitlab.com/fdroid/gradlew-fdroid
 2025-07-25 17:46:31 +00:00
Hans-Christoph Steiner
7988c54d00 buildserver: always use HTTPS for apt connections in Docker image 
This configuration has been in use in .gitlab-ci.yml scripts for a while
now and has proven reliable.  This is a "low hanging fruit" improvement.
It provides an extra layer of protection for when their are apt vulns.  And
it makes it much harder to profile what a server/laptop is doing based on
the internet traffic.  The network observer will no longer be able to see
which packages are being downloaded since apt uses HTTP pipelining so size
attacks are not really possible. And HTTPS hides the URLs, filenames,
download contents, etc.
 2025-07-23 16:09:20 +00:00
Hans-Christoph Steiner
894fdb641e buildserver: androguard res0/res1 fixes from bookworm-backports 2025-06-20 10:34:27 +00:00
Hans-Christoph Steiner
9b2a4a90a7 buildserver/provision-apt-get-install: 
This was forgotten in !1543

ansible-role-install-fdroidserver-dependencies!11
 2024-11-25 19:21:07 +01:00
relan
7661518775 Vagrantfile: fix undefined method `exists?' error 
This method has been deprecated for a long time, now it's gone.
 2024-11-18 21:09:12 +00:00
relan
5b57ced0a6 Fix warning from "chown" about the syntax 
The warning:

    chown: warning: '.' should be ':': ‘vagrant.vagrant’
 2024-11-14 21:45:46 +03:00
Hans-Christoph Steiner
afb9b7570e buildserver: use sdkmanager from backports 2024-05-20 18:36:33 +00:00
proletarius101
2fc9564ebe use full base docker image 2024-03-14 13:14:40 +01:00
Licaon_Kter
5733545972 fine tune purge 2024-03-14 13:14:40 +01:00
Licaon_Kter
27206162d4 Upgrade Buildserver VM to latest Debian (Bookworm) 2024-03-14 13:14:39 +01:00
Licaon_Kter
d31856b6c7 Upgrade Buildserver VM to latest Debian (Bookworm) 2024-03-14 13:14:35 +01:00
Licaon_Kter
f30dcf5069 Upgrade Buildserver VM to latest Debian (Bookworm) 2024-03-14 13:14:34 +01:00
Andrew Gunnerson
f4f1de941c buildserver: Add python3-packaging dependency 
Signed-off-by: Andrew Gunnerson <accounts+gitlab@chiller3.com>
 2023-11-15 18:43:58 -05:00
Hans-Christoph Steiner
8aad2dd0c3 allow gradle/sdkmanager to install extras;android;m2repository 
closes #1169
 2023-11-09 12:25:33 +00:00
Hans-Christoph Steiner
48be7c3b25 buildserver: fix apt Acquire::Retries syntax 
Acquire is its own group, not a subgroup of APT:
https://manpages.debian.org/buster/apt/apt.conf.5.en.html#THE_ACQUIRE_GROUP
 2023-04-11 16:33:14 +02:00
Hans-Christoph Steiner
c1342ab9d6 stop pre-installing the ndk 2022-11-15 13:25:19 +00:00
Jochen Sprickerhof
5b7c186e4a Fix locale on buildserver to C.UTF-8 
Regression of 817a156ea.
 2022-11-14 16:06:31 +01:00
Jochen Sprickerhof
a2050a72fa Disable man-db auto-update (as done by sbuild) 2022-11-03 17:21:16 +00:00
Hans-Christoph Steiner
2bf706ebe6 buildserver: clean up dirs from purged packages 2022-11-03 13:27:20 +01:00
Hans-Christoph Steiner
d6008cdb2a convert examples/makebuildserver.config.py to Vagrantfile.yaml 
Also, tests/androguard_test.py was removed long ago
 2022-11-03 13:27:18 +01:00
Hans-Christoph Steiner
abf535aabe buildserver: move config to buildserver/Vagrantfile.yaml 2022-11-03 13:27:16 +01:00
Hans-Christoph Steiner
e2fcd633fc buildserver: hard code basebox name and version 
This is not user-configurable, so it should not be setup to be.  This
process is only tested on the one basebox, and devs can just edit
Vagrantfile directly to test other base boxes.

# Conflicts:
#	makebuildserver
 2022-11-03 13:27:15 +01:00
Hans-Christoph Steiner
21ea1c1c89 makebuildserver: purge apt_package_cache feature 
This is unmaintained, lightly used, a tangled mess, and can be replaced by
things like the vagrant-cachier plugin or #418
 2022-11-03 13:27:11 +01:00
Hans-Christoph Steiner
7976ecc12a buildserver: mark fdroidserver deps as manual 
This lets build steps use `apt-get autoremove` and still have a working
fdroidserver.
 2022-10-25 19:48:27 +02:00
Hans-Christoph Steiner
817a156ea5 buildserver: strip extraneous packages installed in Vagrant base box 
The official Debian Vagrant box seems to be a "batteries included" kind of
thing.  The buildserver should be as small as possible, so this removes all
the extraneous packages I could find in the Vagrant basebox.
 2022-10-25 19:47:31 +02:00
Hans-Christoph Steiner
1dd480405e buildserver: let vagrant package handle insecure private key 
This script was overwriting the provisioning that `vagrant package` does
already, and breaking `vagrant ssh`.  It should have been removed in !1099

closes #990
    fdroid-bootstrap-buildserver#12
    !1012
    !1099
c6f5956537
 2022-10-20 17:42:53 +02:00
Hans-Christoph Steiner
9089750277 buildserver: show informative message if Vagrant is not configed 2022-10-13 13:56:56 +00:00
Hans-Christoph Steiner
bdc10caa57 add missing build-tools and platforms 2022-10-12 20:57:55 +02:00
Hans-Christoph Steiner
daa5ad152e buildserver: install default SDK packages using fdroid/sdkmanager 
fdroid/sdkmanager provides a root of trust to verify all the packages it
downloads, so it fully replaces what makebuildserver was doing.

closes #927
 2022-10-12 20:57:55 +02:00
Jochen Sprickerhof
300278e7c2 remove transitional apt-transport-https package 2022-10-12 18:57:23 +00:00
Hans-Christoph Steiner
fd9b911a42 Dockerfile: apt-mark manual fdroidserver dependencies 
Then apt-get does not warn about unneeded deps that could be autoremoved.
 2022-10-12 18:57:23 +00:00
Hans-Christoph Steiner
759fa3b40a buildserver: fix apksigner install 
Adding /bullseye-backports confuses things apparently.  Without it, apt
will look in bullseye-backports automatically, including for deps.  But it
will not look for deps in bullseye-backports if /bullseye-backports is used.

!1205
 2022-10-11 16:23:45 +02:00
linsui
47cbc47346 Pre-install git-svn and mercurial 2022-10-11 13:31:51 +00:00
Hans-Christoph Steiner
b58eaa224b buildserver: include apksigner for Binaries: verification 
Verification of Binaries: happens in the buildserver VM first, so it needs
a matching version of apksigner as the rest of the process.  This fixes:
https://gitlab.com/fdroid/fdroidserver/-/jobs/3154772374
 2022-10-11 12:03:55 +00:00
Hans-Christoph Steiner
e192eb4a32 buildserver: prevent fdroidserver deps from being purged in Docker 2022-10-11 10:52:54 +02:00
Hans-Christoph Steiner
a0ea27632e buildserver: use HTTPS for security.debian.org 
It is now officially supported:
https://guardianproject.info/2021/12/08/debian-over-https/
 2022-10-10 21:22:59 +02:00
Hans-Christoph Steiner
c6f5956537 install Vagrant insecure_private_key into buildserver box 
Vagrant uses the "insecure private key" to establish the first SSH
connection to a new VM based on a clean public box.  In theory, the
`vagrant package` command should do that automatically.  This process
is still using custom code instead of `vagrant package`, hence this
script.

This public key can be generated on any Vagrant install using:
  ssh-keygen -y -f  ~/.vagrant.d/insecure_private_key

https://www.vagrantup.com/docs/vagrantfile/ssh_settings#config-ssh-private_key_path
fdroid-bootstrap-buildserver#12
!1012
!1099
 2022-10-10 21:22:59 +02:00
Jochen Sprickerhof
046d3c8dcf Use ssh_config.d 2022-10-10 21:22:59 +02:00
Jochen Sprickerhof
c208582e75 Drop old java_paths 2022-10-10 21:22:59 +02:00
Hans-Christoph Steiner
dbaa3f6ec2 Stop installing ConstraintLayout 
sdkmanager does not work anymore with Java 11 and these can be installed in
the app's build metadata.
 2022-10-10 21:22:59 +02:00
Jochen Sprickerhof
f03e812a13 Drop obsolete apt-transport-https 2022-10-10 21:22:59 +02:00
Jochen Sprickerhof
d762f423ce Install patch and rsync (required by fdroidserver) 2022-10-10 21:22:59 +02:00