From 204818066d51e9aed278af8425f5b849b20431f4 Mon Sep 17 00:00:00 2001 From: rtista Date: Sun, 25 Aug 2019 00:02:05 +0100 Subject: [PATCH 1/2] Added Docker support via dockerfile and makefile. --- Dockerfile | 58 +++++++++++++++++++++++++++++++++++++++++++++++++++++ Makefile.am | 8 ++++++++ 2 files changed, 66 insertions(+) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..25efc56d --- /dev/null +++ b/Dockerfile @@ -0,0 +1,58 @@ +# Use latest CentOS image +FROM centos:latest + +# Build Arguments +ARG KEYFILE="none" +ARG DOMAIN="example.com" +ARG SELECTOR="example.com-domainkey" + +# Set root password +RUN echo -e "openarctest\nopenarctest" | passwd + +# Install SSH server +RUN yum install -y openssh-server monit + +# SSH Configurations +RUN sed -i 's/#PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config +RUN ssh-keygen -A + +# Install build dependencies +RUN yum -y install epel-release +RUN yum install -y git make automake rpm-build rpmdevtools libtool libbsd-devel openssl openssl-devel sendmail-milter sendmail-devel opendkim + +# Change into root directory and create RPM Build Tree +RUN cd /root/ && rpmdev-setuptree + +# Clone the repository +RUN git clone https://github.com/trusteddomainproject/OpenARC.git /root/OpenARC/ + +# Build the RPM +RUN cd /root/OpenARC/ \ + && autoreconf -fvi \ + && ./configure \ + && make \ + && make rpm + +# Install openarc and libopenarc RPM packages +RUN yum install -y $(find /root/rpmbuild/RPMS/x86_64/ -type f | grep -Ev "(devel|debug)") + +# Create openarc configuration directory, generate example.com private key and TXT record +RUN mkdir -p /etc/openarc \ + && echo "Mode sv" >> /etc/openarc.conf \ + && echo "Keyfile is: ${KEYFILE}" \ + && /bin/sed -i \ + -e "s|#[ ]*Domain.*|Domain ${DOMAIN}|" \ + -e "s|#[ ]*Selector.*|Selector ${SELECTOR}|" \ + -e "s|#[ ]*KeyFile.*|KeyFile /etc/openarc/$(basename ${KEYFILE})|" \ + /etc/openarc.conf + +# Copy KEYFILE onto the openarc key directory and make openarc own it +RUN echo "Copying ${KEYFILE} onto /etc/openarc/$(basename ${KEYFILE})" +COPY ${KEYFILE} /etc/openarc +RUN chown openarc:openarc -R /etc/openarc/ ; chmod 0600 /etc/openarc/$(basename ${KEYFILE}) + +# Expose SSHD and OpenARC default port +EXPOSE 22 8894 + +# Start SSHD +CMD /usr/sbin/sshd -p 22 ; openarc -c /etc/openarc.conf ; sleep infinity diff --git a/Makefile.am b/Makefile.am index a65d3d1b..f05e8fb2 100644 --- a/Makefile.am +++ b/Makefile.am @@ -43,4 +43,12 @@ dist-hook: rpm: dist-gzip rpmbuild -ta $(distdir).tar.gz +docker: + @if [[ ! -f /var/run/docker.pid ]]; then echo "Error: Docker is not installed or not running!" ; exit 1 ; fi + @if [[ ! -f $(keyfile) ]]; then echo "Error: $(keyfile) does not exist!" ; exit 1 ; fi + docker -v \ + && docker rm -f openarc \ + ; docker build . -t openarc --build-arg KEYFILE=$(keyfile) --build-arg SELECTOR=$(selector) --build-arg DOMAIN=$(domain) \ + && docker run --name openarc -p 22:22 -p 8894:8894 -dit openarc + .PHONY: push From 0707333a437ce5894e82b96a608f9e6502a4f035 Mon Sep 17 00:00:00 2001 From: rtista Date: Sun, 25 Aug 2019 00:02:47 +0100 Subject: [PATCH 2/2] Added installation instructions MD file. --- INSTALL.md | 104 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 104 insertions(+) create mode 100644 INSTALL.md diff --git a/INSTALL.md b/INSTALL.md new file mode 100644 index 00000000..2c715df3 --- /dev/null +++ b/INSTALL.md @@ -0,0 +1,104 @@ +# OpenARC Installation + +This document provides instructions on how to install OpenARC from source. + +* [Developing](#development-installation) +* [Deploying](#deploy-installation) +* [Docker](#docker-support) + +## Development Installation + +If you want to start developing OpenARC you should know how to fully build the project. + +1. Start by installing its dependencies: +```bash +# DNF package manager +dnf install -y git automake make libtool libbsd-devel sendmail-milter sendmail-devel + +# YUM package manager +yum install -y git automake make libtool libbsd-devel sendmail-milter sendmail-devel + +# APT package manager +apt-get install -y git automake make libtool libbsd-dev libmilter-dev libmilter +``` + +2. Clone the project onto your computer and change into the clone directory +``` +git clone https://github.com/trusteddomainproject/OpenARC.git OpenARC/ && cd OpenARC/ +``` + +3. Run autoreconf to generate the configure script: +```bash +autoreconf -fvi +``` + +4. Execute the configure script: +```bash +./configure +``` + +5. Now that the Makefile has been generated, execute make: +```bash +make +``` + +The project is now built and you may start testing and developing, the Makefile will be useful to several actions: +* make install: Will install OpenARC on your system. +* make rpm: Will use rpmbuild and create an RPM using your system architecture and operating system details. + +## Deploy Installation + +In order to make it easier to install, the Makefile in the project contains a "make rpm" directive which generates an RPM useful for installing OpenARC into RPM packages based systems such as CentOS, RHEL or FEDORA. + +1. Start by installing its dependencies: +```bash +# DNF package manager +dnf install -y git make automake rpm-build rpmdevtools libtool libbsd-devel openssl openssl-devel sendmail-milter sendmail-devel + +# YUM package manager +yum -y install epel-release +yum install -y git make automake rpm-build rpmdevtools libtool libbsd-devel openssl openssl-devel sendmail-milter sendmail-devel +``` + +2. Setup the RPM-build tree: +```bash +cd /root/ ; rpmdev-setuptree +``` + +3. Clone the project onto your computer and change into the clone directory +``` +git clone https://github.com/trusteddomainproject/OpenARC.git OpenARC/ && cd OpenARC/ +``` + +4. Run autoreconf to generate the configure script: +```bash +autoreconf -fvi +``` + +5. Execute the configure script: +```bash +./configure +``` + +6. Now that the Makefile has been generated, execute make: +```bash +make +``` + +7. The project is now built and an RPM compatible with the system can be generated by the following command: +```bash +make rpm +``` + +The RPM will be generated in the /root/RPMS/ and the source RPMs will be at /root/SRPMS/, these can then be installed through yum, dnf or rpm. + +## Docker Support + +There is a Dockerfile at the repository root which deploys a CentOS7 docker running OpenARC (in SV mode) and SSHD which you may use to help in your development or even to generate the RPMs for you. The docker exposes port 22 for SSH access and 8894 to allow you to use the running OpenARC as a milter. + +To create the docker, make sure your system has docker installed, your user has access to docker and that you have built the project and so have access to the Makefile: +```bash +make docker domain=example.com selector=example.com keyfile=./example.com.private +``` + +This command will take a domain, selector and a private key file which are used to configure OpenARC. If the domain you provided has a TXT record which matches the given private key and selector your the signature provided by OpenARC should be correct. \ No newline at end of file