Hello community, here is the log from the commit of package rmt-server for openSUSE:Factory checked in at 2018-04-11 13:59:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rmt-server (Old) and /work/SRC/openSUSE:Factory/.rmt-server.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rmt-server" Wed Apr 11 13:59:56 2018 rev:7 rq:594894 version:0.0.5 Changes: -------- --- /work/SRC/openSUSE:Factory/rmt-server/rmt-server.changes 2018-03-02 21:11:24.817576271 +0100 +++ /work/SRC/openSUSE:Factory/.rmt-server.new/rmt-server.changes 2018-04-11 14:02:16.474188989 +0200 @@ -1,0 +2,40 @@ +Mon Apr 9 14:40:39 UTC 2018 - [email protected] + +- Only enable free modules in migrations for SLE 15 + https://github.com/SUSE/rmt/pull/132 + +------------------------------------------------------------------- +Mon Apr 9 09:58:02 UTC 2018 - [email protected] + +- version 0.0.5 +- Allow access to the API only via HTTPS, add directories to store SSL + keys & certificates, add clientSetup4RMT.sh script + https://github.com/SUSE/rmt/pull/122 + +------------------------------------------------------------------- +Fri Apr 6 13:45:21 UTC 2018 - [email protected] + +- Add the offline migration endpoint for upgrading major SLES versions. + https://github.com/SUSE/rmt/pull/121 +- Use the recommended systemd service type ("simple" instead of + "forking"). + https://github.com/SUSE/rmt/pull/129 +- Don't create a local licenses directory if the repo has no licenses. + Closes bsc#1087707. + https://github.com/SUSE/rmt/pull/126 +- Don't allow duplicate activations to exist in the DB. + https://github.com/SUSE/rmt/pull/119 + +------------------------------------------------------------------- +Fri Mar 23 10:51:14 UTC 2018 - [email protected] + +- Version 0.0.4 +- Fix nginx config to point to correct root location + See: https://github.com/SUSE/rmt/issues/113 +- Add message to help output about collecting feedback from users +- Only allow one activation to exist for a given system-service + combination. +- Update loofah and rails-html-sanitizer gems due to CVEs. +- Add proper foreign key constraints where applicable. + +------------------------------------------------------------------- Old: ---- rmt-server-0.0.3.tar.bz2 rmt-server.conf New: ---- nginx-http.conf nginx-https.conf rmt-server-0.0.5.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rmt-server.spec ++++++ --- /var/tmp/diff_new_pack.eOOeYo/_old 2018-04-11 14:02:18.598112222 +0200 +++ /var/tmp/diff_new_pack.eOOeYo/_new 2018-04-11 14:02:18.602112078 +0200 @@ -27,20 +27,20 @@ %define rmt_group nginx Name: rmt-server -Version: 0.0.3 +Version: 0.0.5 Release: 0 Summary: Repository mirroring tool and registration proxy for SCC -License: GPL-2.0+ +License: GPL-2.0-or-later Group: Productivity/Networking/Web/Proxy Url: https://software.opensuse.org/package/rmt -# Does not build for i586 and s390 and is not supported on that architectures +# Does not build for i586 and s390 and is not supported on those architectures ExcludeArch: %ix86 s390 Source0: %{name}-%{version}.tar.bz2 Source1: rmt-server-rpmlintrc Source2: rmt.conf Source3: rmt.8.gz -Source4: rmt-server.conf +Source4: nginx-http.conf Source5: rmt-server-mirror.service Source6: rmt-server-mirror.timer Source7: rmt-server-sync.service @@ -50,6 +50,7 @@ Source11: rmt-migration.service Source12: rmt-server-sync-sles12.timer Source13: rmt-server-mirror-sles12.timer +Source14: nginx-https.conf Patch0: use-ruby-2.5-in-rmt-cli.patch Patch1: use-ruby-2.5-in-rails.patch @@ -103,15 +104,15 @@ mkdir -p %{buildroot}%{lib_dir} mkdir -p %{buildroot}%{app_dir} -mv log %{buildroot}%{data_dir} mv tmp %{buildroot}%{data_dir} -mv public %{buildroot}%{data_dir} +mkdir %{buildroot}%{data_dir}/public +mv public/repo %{buildroot}%{data_dir}/public/ mv vendor %{buildroot}%{lib_dir} +mv ssl %{buildroot}%{app_dir} cp -ar . %{buildroot}%{app_dir} -ln -s %{data_dir}/log %{buildroot}%{app_dir}/log ln -s %{data_dir}/tmp %{buildroot}%{app_dir}/tmp -ln -s %{data_dir}/public %{buildroot}%{app_dir}/public +ln -s %{data_dir}/public/repo %{buildroot}%{app_dir}/public/repo mkdir -p %{buildroot}%{_bindir} ln -s %{app_dir}/bin/rmt-cli %{buildroot}%{_bindir} install -D -m 644 %_sourcedir/rmt.8.gz %{buildroot}%_mandir/man8/rmt.8.gz @@ -142,7 +143,8 @@ mv %{_builddir}/rmt.conf %{buildroot}%{_sysconfdir}/rmt.conf # nginx -install -D -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/nginx/vhosts.d/rmt-server.conf +install -D -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/nginx/vhosts.d/rmt-server-http.conf +install -D -m 644 %{SOURCE14} %{buildroot}%{_sysconfdir}/nginx/vhosts.d/rmt-server-https.conf sed -i -e '/BUNDLE_PATH: .*/cBUNDLE_PATH: "\/usr\/lib64\/rmt\/vendor\/bundle\/"' \ -e 's/^BUNDLE_JOBS: .*/BUNDLE_JOBS: "1"/' \ @@ -181,7 +183,8 @@ %attr(-,%{rmt_user},%{rmt_group}) %{app_dir} %attr(-,%{rmt_user},%{rmt_group}) %{data_dir} %config(noreplace) %{_sysconfdir}/rmt.conf -%config(noreplace) %{_sysconfdir}/nginx/vhosts.d/rmt-server.conf +%config(noreplace) %{_sysconfdir}/nginx/vhosts.d/rmt-server-http.conf +%config(noreplace) %{_sysconfdir}/nginx/vhosts.d/rmt-server-https.conf %doc %{_mandir}/man8/rmt.8.gz %{_sysconfdir}/nginx %{_sysconfdir}/nginx/vhosts.d ++++++ nginx-http.conf ++++++ server { listen 80 default; server_name rmt; access_log /var/log/nginx/rmt_http_access.log; error_log /var/log/nginx/rmt_http_error.log; root /usr/share/rmt/public; location / { autoindex off; } location /repo { autoindex on; } } ++++++ nginx-https.conf ++++++ upstream rmt { server localhost:4224; } server { listen 443 ssl; server_name rmt; access_log /var/log/nginx/rmt_https_access.log; error_log /var/log/nginx/rmt_https_error.log; root /usr/share/rmt/public; ssl_certificate /usr/share/rmt/ssl/rmt-server.crt; ssl_certificate_key /usr/share/rmt/ssl/rmt-server.key; ssl_protocols TLSv1.2 TLSv1.3; location / { try_files $uri/index.html $uri.html $uri @rmt_app; autoindex off; } location /repo { autoindex on; } location @rmt_app { proxy_pass http://rmt; proxy_redirect off; proxy_read_timeout 600; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Ssl on; proxy_set_header X-Real-IP $remote_addr; } # An alias to RMT CA certificate, so that it can be downloaded to client machines. location /rmt.crt { alias /usr/share/rmt/ssl/rmt-ca.crt; } } ++++++ rmt-server-0.0.3.tar.bz2 -> rmt-server-0.0.5.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/rmt-server/rmt-server-0.0.3.tar.bz2 /work/SRC/openSUSE:Factory/.rmt-server.new/rmt-server-0.0.5.tar.bz2 differ: char 11, line 1 ++++++ rmt.8.gz ++++++ --- /var/tmp/diff_new_pack.eOOeYo/_old 2018-04-11 14:02:18.870102392 +0200 +++ /var/tmp/diff_new_pack.eOOeYo/_new 2018-04-11 14:02:18.878102102 +0200 @@ -1,7 +1,7 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "README" "" "February 2018" "" "RMT" +.TH "README" "" "April 2018" "" "RMT" \fIhttps://travis\-ci\.org/SUSE/rmt\fR \fIhttps://gemnasium\.com/SUSE/rmt\fR \fIhttps://codeclimate\.com/github/SUSE/rmt\fR \fIhttps://coveralls\.io/github/SUSE/rmt?branch=master\fR . .P @@ -20,7 +20,21 @@ After installation configure your RMT instance: . .IP "\(bu" 4 -You can create a MySQL/MariaDB user with the following command: \fBmysql \-u root \-p <<EOFF GRANT ALL PRIVILEGES ON \e`rmt\e`\.* TO rmt@localhost IDENTIFIED BY \'rmt\'; FLUSH PRIVILEGES; EOFF\fR +. +.IP "\(bu" 4 +Start MySQL/MariaDB by running \fBsystemctl start mysql\fR +. +.IP "\(bu" 4 +Set database \fBroot\fR user password by running \fBmysqladmin \-u root password\fR +. +.IP "\(bu" 4 +Make sure you can access to the database console as \fBroot\fR user by running \fBmysql \-u root \-p\fR +. +.IP "\(bu" 4 +Create a MySQL/MariaDB user with the following command: \fBmysql \-u root \-p <<EOFF GRANT ALL PRIVILEGES ON \e`rmt\e`\.* TO rmt@localhost IDENTIFIED BY \'rmt\'; FLUSH PRIVILEGES; EOFF\fR +. +.IP "" 0 + . .IP "\(bu" 4 See the "Configuration" section for how to configure the options in \fB/etc/rmt\.conf\fR\. @@ -120,22 +134,13 @@ . .IP "" 0 . -.SS "openSUSE and other RPM based products" -To mirror repositories that are not delivered via SCC, you can run for example: -. -.P -\fBrmt\-cli mirror custom https://download\.opensuse\.org/repositories/systemsmanagement:/SCC:/RMT/openSUSE_Leap_42\.3/ foo/bar\fR -. -.P -This will mirror the repository content to \fBpublic/repo/foo/bar\fR and make it available at http://hostname:4224/repo/foo/bar\. -. .SH "Configuration" Available configuration options can be found in the \fBetc/rmt\.conf\fR file\. . .SS "Mirroring settings" . .IP "\(bu" 4 -\fBmirroring\.mirror_src\fR \- whether to mirror source (arch = \fBsrc\fR) repos or not\. +\fBmirroring\.mirror_src\fR \- whether to mirror source (arch = \fBsrc\fR) RPM packages or not\. . .IP "" 0 . @@ -300,4 +305,15 @@ The web server will be accessible at \fIhttp://localhost:8080/\fR, this URL can be used for registering clients\. . .IP "" 0 - +. +.SH "Is it any good?" +Yes\. \fIhttps://news\.ycombinator\.com/item?id=3067434\fR +. +.SH "Feedback" +Do you have suggestions for improvement? Let us know! +. +.P +Go to Issues \fIhttps://github\.com/SUSE/rmt/issues/new\fR, create a new issue and describe what you think could be improved\. +. +.P +Feedback is always welcome! ++++++ rmt.service ++++++ --- /var/tmp/diff_new_pack.eOOeYo/_old 2018-04-11 14:02:18.922100512 +0200 +++ /var/tmp/diff_new_pack.eOOeYo/_new 2018-04-11 14:02:18.922100512 +0200 @@ -2,15 +2,16 @@ Description=RMT API server Requires=mysql.service Requires=rmt-migration.service +Requires=nginx.service After=rmt-migration.service [Service] -Type=forking +Type=simple User=_rmt +PrivateTmp=yes +Environment=RAILS_LOG_TO_STDOUT=1 WorkingDirectory=/usr/share/rmt -ExecStart=/usr/share/rmt/bin/rails server -e production --daemon -ExecStop=/usr/bin/kill -15 $MAINPID -PIDFile=/usr/share/rmt/tmp/pids/server.pid +ExecStart=/usr/share/rmt/bin/rails server -e production Restart=always [Install]
