Add Debian packaging via cargo-deb

* Add the required metadata to `Cargo.toml` * Add a systemd unit file * Use `Rocket.toml.example` as the default configuration
2022-05-20 16:54:09 +02:00 · 2022-05-20 16:54:09 +02:00 · c6789d51fb
parent ff36880e4f
commit c6789d51fb
2 changed files with 70 additions and 0 deletions
--- a/Cargo.toml
+++ b/Cargo.toml
@ -16,3 +16,28 @@ rocket = { version = "0.5.0-rc.2", features = ["json"] }
 rss = "2.0.1"
 tempfile = "3"
 tokio = { version = "1.6.1", features = ["process"] }
+
+[package.metadata.deb]
+maintainer = "Paul van Tilburg <paul@luon.net>"
+copyright = "2022, Paul van Tilburg"
+depends = "$auto, systemd"
+extended-description = """\
+Podbringer is a web service that provides podcasts for services that don't
+offer them (anymore). It provides a way to get the RSS feed for your podcast
+client and it facilites the downloads of the pods (enclosures).
+ 
+It currently only supports [Mixcloud](https://mixcloud.com).
+Other back-ends might be added in the future.
+"""
+section = "net"
+priority = "optional"
+assets = [
+  ["README.md", "usr/share/doc/podbringer/", "664"],
+  ["Rocket.toml.example", "/etc/podbringer.toml", "644"],
+  ["target/release/podbringer", "usr/sbin/podbringer", "755"]
+]
+conf-files = [
+  "/etc/podbringer.toml"
+]
+maintainer-scripts = "debian/"
+systemd-units = { unit-name = "podbringer" }
--- a/debian/podbringer.service
+++ b/debian/podbringer.service
@ -0,0 +1,45 @@
+[Unit]
+Description=Podbringer web server
+After=network.target
+ 
+[Service]
+Type=simple
+ 
+AmbientCapabilities=
+CapabilityBoundingSet=
+DynamicUser=yes
+LockPersonality=yes
+MemoryDenyWriteExecute=yes
+NoNewPrivileges=yes
+ProtectClock=yes
+ProtectControlGroups=yes
+ProtectHome=yes
+ProtectHostname=yes
+ProtectKernelLogs=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+ProtectSystem=strict
+PrivateDevices=yes
+PrivateMounts=yes
+PrivateTmp=yes
+PrivateUsers=yes
+RemoveIPC=yes
+RestrictAddressFamilies=AF_INET AF_INET6
+RestrictNamespaces=yes
+RestrictRealtime=yes
+RestrictSUIDSGID=yes
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+SystemCallErrorNumber=EPERM
+UMask=0077
+ 
+ExecStart=/usr/sbin/podbringer
+Restart=on-failure
+RestartSec=10
+StartLimitInterval=1m
+StartLimitBurst=5
+
+Environment="ROCKET_CONFIG=/etc/podbringer.toml"
+ 
+[Install]
+WantedBy=multi-user.target