diff --git a/Makefile b/Makefile index b2a106e..349182b 100644 --- a/Makefile +++ b/Makefile @@ -26,7 +26,7 @@ ifneq ($(GIT_TAG),) endif .PHONY: all -all: mod build +all: mod build deb # ------------------------------------------------------------------------------ # build @@ -38,6 +38,10 @@ $(BINDIR)/$(BINNAME): $(SRC) go build $(GOFLAGS) -trimpath -tags '$(TAGS)' -ldflags '$(LDFLAGS)' -o '$(BINDIR)'/$(BINNAME) ./cmd/rdpgw go build $(GOFLAGS) -trimpath -tags '$(TAGS)' -ldflags '$(LDFLAGS)' -o '$(BINDIR)'/$(BINNAME2) ./cmd/auth +.PHONY: deb +deb:clean mod build + dpkg-buildpackage -b -us -uc + # ------------------------------------------------------------------------------ # install @@ -50,7 +54,7 @@ install: build .PHONY: mod mod: - go mod tidy -compat=1.22 + go mod tidy -compat=1.23 # ------------------------------------------------------------------------------ # test @@ -64,6 +68,7 @@ test: .PHONY: clean clean: @rm -rf '$(BINDIR)' ./_dist + dh_clean .PHONY: info info: diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..5def382 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,5 @@ +rdpgw (2.0.2) UNSTABLE; urgency=medium + + * init + + -- Jiangcuo Mon, 03 Feb 2025 13:56:49 +0800 \ No newline at end of file diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..15bab7f --- /dev/null +++ b/debian/control @@ -0,0 +1,21 @@ +Source: rdpgw +Section: admin +Priority: optional +Maintainer: Lierfang +Homepage: https://github.com/bolkedebruin/rdpgw +Build-Depends: debhelper-compat (= 12), + golang ( >= 1.23.5-1~bpo12+1 ), + build-essential, + libpam0g-dev, + dh-golang + +Package: rdpgw +Architecture: any +Depends: dbus, + openssl, + ${misc:Depends}, + ${shlibs:Depends}, +Description: rdpgw + RDPGW is an implementation of the Remote Desktop Gateway protocol. + This allows you to connect with the official Microsoft clients to remote desktops over HTTPS. + These desktops could be, for example, XRDP desktops running in containers on Kubernetes. \ No newline at end of file diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..d89b893 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,11 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Source: https://github.com/bolkedebruin/rdpgw + + +Files: * +Copyright: bolkedebruin +License: Apache-2.0 + +Files: debian/* +Copyright: Lierfang +License: Apache-2.0 diff --git a/debian/install b/debian/install new file mode 100644 index 0000000..3217db3 --- /dev/null +++ b/debian/install @@ -0,0 +1,5 @@ +bin/rdpgw usr/bin/ +bin/rdpgw-auth usr/sbin/ +debian/rdpgw.yaml etc/rdpgw/ +debian/rdpgw-auth.yaml etc/rdpgw/ +debian/rdpgw-auth.service lib/systemd/system/ diff --git a/debian/postinst b/debian/postinst new file mode 100644 index 0000000..b59e70c --- /dev/null +++ b/debian/postinst @@ -0,0 +1,21 @@ +#!/bin/sh + +set -e + +#DEBHELPER# + +case "$1" in + configure) + if [ ! -f "/etc/rdpgw/server.pem" ]; then + random=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) + openssl genrsa -des3 -passout pass:$random -out /tmp/server.pass.key 2048 + openssl rsa -passin pass:$random -in /tmp/server.pass.key -out /etc/rdpgw/key.pem + rm /tmp/server.pass.key + openssl req -new -sha256 -key /etc/rdpgw/key.pem -out /etc/rdpgw/server.csr -subj "/C=US/ST=VA/L=SomeCity/O=MyCompany/OU=MyDivision/CN=rdpgw" + openssl x509 -req -days 365 -in /etc/rdpgw/server.csr -signkey /etc/rdpgw/key.pem -out /etc/rdpgw/server.pem + fi + deb-systemd-invoke reload-or-try-restart rdpgw-auth.service || true + deb-systemd-invoke reload-or-try-restart rdpgw.service || true + ;; + +esac \ No newline at end of file diff --git a/debian/rdpgw-auth.service b/debian/rdpgw-auth.service new file mode 100644 index 0000000..74468dc --- /dev/null +++ b/debian/rdpgw-auth.service @@ -0,0 +1,16 @@ +[Unit] +Description=RDP Gateway Auth Service +After=network.target +StartLimitBurst=5 +StartLimitInterval=10s + +[Service] +Type=simple +User=root +ExecStart=/usr/sbin/rdpgw-auth -c /etc/rdpgw/rdpgw-auth.yaml -s /run/rdpgw-auth.sock +Restart=on-failure +Restart=on-failure +RestartSec=5 + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/debian/rdpgw-auth.yaml b/debian/rdpgw-auth.yaml new file mode 100644 index 0000000..2706f41 --- /dev/null +++ b/debian/rdpgw-auth.yaml @@ -0,0 +1,2 @@ +Users: + - {Username: "debian-rdpgw-start", Password: "debian-rdpgw-password"} \ No newline at end of file diff --git a/debian/rdpgw.service b/debian/rdpgw.service new file mode 100644 index 0000000..481aef3 --- /dev/null +++ b/debian/rdpgw.service @@ -0,0 +1,16 @@ +[Unit] +Description=RDP Gateway Service +After=network.target +StartLimitBurst=5 +StartLimitInterval=10s + +[Service] +Type=simple +User=root +ExecStart=/usr/bin/rdpgw -c /etc/rdpgw/rdpgw.yaml +Restart=on-failure +Restart=on-failure +RestartSec=5 + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/debian/rdpgw.yaml b/debian/rdpgw.yaml new file mode 100644 index 0000000..bd96378 --- /dev/null +++ b/debian/rdpgw.yaml @@ -0,0 +1,30 @@ +Server: + Authentication: + - ntlm + BasicAuthTimeout: 5 + AuthSocket: /run/rdpgw-auth.sock + GatewayAddress: localhost + Port: 443 + Hosts: + - localhost:3389 + HostSelection: any + Tls: enable + CertFile: /etc/rdpgw/server.pem + KeyFile: /etc/rdpgw/key.pem +Caps: + SmartCardAuth: false + TokenAuth: false + IdleTimeout: 10 + EnablePrinter: true + EnablePort: true + EnablePnp: true + EnableDrive: true + EnableClipboard: true +Client: + UsernameTemplate: "{{ username }}" + SplitUserDomain: false +Security: + PAATokenSigningKey: thisisasessionkeyreplacethisjetzt + UserTokenEncryptionKey: thisisasessionkeyreplacethisjetzt + EnableUserToken: false + VerifyClientIp: trufalsee \ No newline at end of file diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..8d6cc17 --- /dev/null +++ b/debian/rules @@ -0,0 +1,19 @@ +#!/usr/bin/make -f + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +include /usr/share/dpkg/pkg-info.mk + +%: + dh $@ + +override_dh_auto_build: + +override_dh_auto_test: + +override_dh_auto_install: + +override_dh_auto_clean: + +override_dh_dwz: \ No newline at end of file