Add Debian packaging via cargo-deb
* Add the required metadata to `Cargo.toml` * Add a systemd unit file * Use `Rocket.toml.example` as the default configuration
This commit is contained in:
parent
4db8e4ac03
commit
9e9955fb58
36
Cargo.toml
36
Cargo.toml
|
@ -16,3 +16,39 @@ geocoding = "0.3.1"
|
|||
image = "0.24.0"
|
||||
reqwest = { version = "0.11.9", features = ["json"] }
|
||||
rocket = { version = "0.5.0-rc.1", features = ["json"] }
|
||||
|
||||
[package.metadata.deb]
|
||||
maintainer = "Paul van Tilburg <paul@luon.net>"
|
||||
copyright = "2022, Paul van Tilburg"
|
||||
depends = "$auto, systemd"
|
||||
extended-description = """\
|
||||
Sinoptik is a (REST) API service that provides an API for today's weather
|
||||
forecast. It can provide you with a specific set or all available metrics that
|
||||
it supports.
|
||||
|
||||
Currently supported metrics are:
|
||||
|
||||
* Air quality index (per hour, from Luchtmeetnet)
|
||||
* NO₂ concentration (per hour, from Luchtmeetnet)
|
||||
* O₃ concentration (per hour, from Luchtmeetnet)
|
||||
* Particulate matter (PM10) concentration (per hour, from Luchtmeetnet)
|
||||
* Pollen (per hour, from Buienradar)
|
||||
* Pollen/air quality index (per hour, from Buienradar)
|
||||
* Precipitation (per 5 minutes, from Buienradar)
|
||||
* UV index (per day, from Buienradar)
|
||||
|
||||
Because of the currently supported data providers, only data for The
|
||||
Netherlands can be queried.
|
||||
"""
|
||||
section = "net"
|
||||
priority = "optional"
|
||||
assets = [
|
||||
["README.md", "usr/share/doc/sinoptik/", "664"],
|
||||
["Rocket.toml.example", "/etc/sinoptik.toml", "644"],
|
||||
["target/release/sinoptik", "usr/sbin/sinoptik", "755"]
|
||||
]
|
||||
conf-files = [
|
||||
"/etc/sinoptik.toml"
|
||||
]
|
||||
maintainer-scripts = "debian/"
|
||||
systemd-units = { unit-name = "sinoptik" }
|
||||
|
|
|
@ -0,0 +1,45 @@
|
|||
[Unit]
|
||||
Description=Sinoptik API web server
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
|
||||
AmbientCapabilities=
|
||||
CapabilityBoundingSet=
|
||||
DynamicUser=yes
|
||||
LockPersonality=yes
|
||||
MemoryDenyWriteExecute=yes
|
||||
NoNewPrivileges=yes
|
||||
ProtectClock=yes
|
||||
ProtectControlGroups=yes
|
||||
ProtectHome=yes
|
||||
ProtectHostname=yes
|
||||
ProtectKernelLogs=yes
|
||||
ProtectKernelModules=yes
|
||||
ProtectKernelTunables=yes
|
||||
ProtectSystem=strict
|
||||
PrivateDevices=yes
|
||||
PrivateMounts=yes
|
||||
PrivateTmp=yes
|
||||
PrivateUsers=yes
|
||||
RemoveIPC=yes
|
||||
RestrictAddressFamilies=AF_INET AF_INET6
|
||||
RestrictNamespaces=yes
|
||||
RestrictRealtime=yes
|
||||
RestrictSUIDSGID=yes
|
||||
SystemCallArchitectures=native
|
||||
SystemCallFilter=@system-service
|
||||
SystemCallErrorNumber=EPERM
|
||||
UMask=0077
|
||||
|
||||
ExecStart=/usr/sbin/sinoptik
|
||||
Restart=on-failure
|
||||
RestartSec=10
|
||||
StartLimitInterval=1m
|
||||
StartLimitBurst=5
|
||||
|
||||
Environment="ROCKET_CONFIG=/etc/sinoptik.toml"
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
Loading…
Reference in New Issue