Add debian support

2025-02-14 21:49:34 +08:00 · 2025-02-14 21:49:34 +08:00 · f72a4416e3
commit f72a4416e3
parent 80604075d0
11 changed files with 153 additions and 2 deletions
--- a/9
+++ b/9
@ -26,7 +26,7 @@ ifneq ($(GIT_TAG),)
 endif

 .PHONY: all
-all: mod build
+all: mod build deb

 # ------------------------------------------------------------------------------
 #  build
@ -38,6 +38,10 @@ $(BINDIR)/$(BINNAME): $(SRC)
 	go build $(GOFLAGS) -trimpath -tags '$(TAGS)' -ldflags '$(LDFLAGS)' -o '$(BINDIR)'/$(BINNAME) ./cmd/rdpgw
 	go build $(GOFLAGS) -trimpath -tags '$(TAGS)' -ldflags '$(LDFLAGS)' -o '$(BINDIR)'/$(BINNAME2) ./cmd/auth

+.PHONY: deb
+deb:clean mod build
+	dpkg-buildpackage -b -us -uc
+
 # ------------------------------------------------------------------------------
 #  install

@ -50,7 +54,7 @@ install: build

 .PHONY: mod
 mod:
-	go mod tidy -compat=1.22
+	go mod tidy -compat=1.23

 # ------------------------------------------------------------------------------
 #  test
@ -64,6 +68,7 @@ test:
 .PHONY: clean
 clean:
 	@rm -rf '$(BINDIR)' ./_dist
+	dh_clean

 .PHONY: info
 info:
--- a/debian/changelog
+++ b/debian/changelog
@ -0,0 +1,5 @@
+rdpgw (2.0.2) UNSTABLE; urgency=medium
+   
+  * init
+
+ -- Jiangcuo <Jiangcuo@lierfang.com>  Mon, 03 Feb 2025 13:56:49 +0800
--- a/debian/control
+++ b/debian/control
@ -0,0 +1,21 @@
+Source: rdpgw
+Section: admin
+Priority: optional
+Maintainer: Lierfang <it_support@lierfang.com>
+Homepage: https://github.com/bolkedebruin/rdpgw
+Build-Depends: debhelper-compat (= 12),
+               golang ( >= 1.23.5-1~bpo12+1 ),
+               build-essential,
+               libpam0g-dev,
+               dh-golang
+
+Package: rdpgw
+Architecture: any
+Depends: dbus,
+         openssl,
+         ${misc:Depends},
+         ${shlibs:Depends},
+Description: rdpgw
+ RDPGW is an implementation of the Remote Desktop Gateway protocol. 
+ This allows you to connect with the official Microsoft clients to remote desktops over HTTPS.
+ These desktops could be, for example, XRDP desktops running in containers on Kubernetes.
--- a/debian/copyright
+++ b/debian/copyright
@ -0,0 +1,11 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Source: https://github.com/bolkedebruin/rdpgw
+
+
+Files: *
+Copyright: bolkedebruin
+License: Apache-2.0
+
+Files: debian/*
+Copyright: Lierfang <service@lierfang.com>
+License: Apache-2.0
--- a/debian/install
+++ b/debian/install
@ -0,0 +1,5 @@
+bin/rdpgw usr/bin/
+bin/rdpgw-auth usr/sbin/
+debian/rdpgw.yaml etc/rdpgw/
+debian/rdpgw-auth.yaml etc/rdpgw/
+debian/rdpgw-auth.service lib/systemd/system/
--- a/debian/postinst
+++ b/debian/postinst
@ -0,0 +1,21 @@
+#!/bin/sh
+
+set -e
+
+#DEBHELPER#
+
+case "$1" in
+  configure)
+    if [ ! -f "/etc/rdpgw/server.pem" ]; then
+        random=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
+        openssl genrsa -des3 -passout pass:$random -out /tmp/server.pass.key 2048 
+        openssl rsa -passin pass:$random -in /tmp/server.pass.key -out /etc/rdpgw/key.pem
+        rm /tmp/server.pass.key
+        openssl req -new -sha256 -key /etc/rdpgw/key.pem -out /etc/rdpgw/server.csr -subj "/C=US/ST=VA/L=SomeCity/O=MyCompany/OU=MyDivision/CN=rdpgw"
+        openssl x509 -req -days 365 -in /etc/rdpgw/server.csr -signkey /etc/rdpgw/key.pem -out /etc/rdpgw/server.pem
+    fi
+    deb-systemd-invoke reload-or-try-restart rdpgw-auth.service || true 
+    deb-systemd-invoke reload-or-try-restart rdpgw.service || true 
+    ;;
+
+esac
--- a/debian/rdpgw-auth.service
+++ b/debian/rdpgw-auth.service
@ -0,0 +1,16 @@
+[Unit]
+Description=RDP Gateway Auth Service
+After=network.target
+StartLimitBurst=5
+StartLimitInterval=10s
+
+[Service]
+Type=simple
+User=root
+ExecStart=/usr/sbin/rdpgw-auth -c /etc/rdpgw/rdpgw-auth.yaml -s /run/rdpgw-auth.sock
+Restart=on-failure
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
--- a/debian/rdpgw-auth.yaml
+++ b/debian/rdpgw-auth.yaml
@ -0,0 +1,2 @@
+Users:
+ - {Username: "debian-rdpgw-start", Password: "debian-rdpgw-password"} 
--- a/debian/rdpgw.service
+++ b/debian/rdpgw.service
@ -0,0 +1,16 @@
+[Unit]
+Description=RDP Gateway Service
+After=network.target
+StartLimitBurst=5
+StartLimitInterval=10s
+
+[Service]
+Type=simple
+User=root
+ExecStart=/usr/bin/rdpgw -c /etc/rdpgw/rdpgw.yaml
+Restart=on-failure
+Restart=on-failure
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
--- a/debian/rdpgw.yaml
+++ b/debian/rdpgw.yaml
@ -0,0 +1,30 @@
+Server:
+  Authentication:
+    - ntlm
+  BasicAuthTimeout: 5
+  AuthSocket: /run/rdpgw-auth.sock
+  GatewayAddress: localhost
+  Port: 443
+  Hosts:
+    - localhost:3389
+  HostSelection: any
+  Tls: enable
+  CertFile: /etc/rdpgw/server.pem 
+  KeyFile: /etc/rdpgw/key.pem
+Caps:
+  SmartCardAuth: false
+  TokenAuth: false
+  IdleTimeout: 10
+  EnablePrinter: true
+  EnablePort: true
+  EnablePnp: true
+  EnableDrive: true
+  EnableClipboard: true
+Client:
+  UsernameTemplate: "{{ username }}"
+  SplitUserDomain: false
+Security:
+  PAATokenSigningKey: thisisasessionkeyreplacethisjetzt
+  UserTokenEncryptionKey: thisisasessionkeyreplacethisjetzt
+  EnableUserToken: false
+  VerifyClientIp: trufalsee
--- a/debian/rules
+++ b/debian/rules
@ -0,0 +1,19 @@
+#!/usr/bin/make -f
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+include /usr/share/dpkg/pkg-info.mk
+
+%:
+	dh $@
+
+override_dh_auto_build:
+
+override_dh_auto_test:
+
+override_dh_auto_install:
+
+override_dh_auto_clean:
+
+override_dh_dwz: