diff --git a/.github/workflows.cfg b/.github/workflows.cfg index b0a61760a..08b7bcd42 100644 --- a/.github/workflows.cfg +++ b/.github/workflows.cfg @@ -6,3 +6,4 @@ do_FuncTest=true do_Fuzzing=true do_Glitch=true do_MinBuild=true +do_DebianPackage=true diff --git a/.github/workflows/.jobs_configure.yml b/.github/workflows/.jobs_configure.yml index f38fd2c15..3e1ca6188 100644 --- a/.github/workflows/.jobs_configure.yml +++ b/.github/workflows/.jobs_configure.yml @@ -21,6 +21,9 @@ on: do_MinBuild: description: "Whether the current workflow should continue" value: ${{ jobs.check_disabled_actions.outputs.do_MinBuild }} + do_DebianPackage: + description: "Whether the current workflow should continue" + value: ${{ jobs.check_disabled_actions.outputs.do_DebianPackage }} jobs: check_disabled_actions: @@ -33,6 +36,7 @@ jobs: do_Fuzzing: ${{ steps.check_status.outputs.do_Fuzzing }} do_Glitch: ${{ steps.check_status.outputs.do_Glitch }} do_MinBuild: ${{ steps.check_status.outputs.do_MinBuild }} + do_DebianPackage: ${{ steps.check_status.outputs.do_DebianPackage }} steps: - name: Checkout code uses: actions/checkout@v4 diff --git a/.github/workflows/rtpproxy_ci.yml b/.github/workflows/rtpproxy_ci.yml index 9fe8c54d4..be1061e28 100644 --- a/.github/workflows/rtpproxy_ci.yml +++ b/.github/workflows/rtpproxy_ci.yml @@ -99,6 +99,81 @@ jobs: - name: build run: sh -x ./scripts/do-build.sh cleanbuild + DebianPackage: + name: Debian Package Build + needs: [LoadJobs_conf, FullBuild] + if: needs.LoadJobs_conf.outputs.do_DebianPackage == 'true' + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v4 + with: + submodules: 'recursive' + - name: Install build tools + run: | + sudo apt-get update + sudo apt-get install -y build-essential devscripts debhelper pkg-config libssl-dev libbcg729-dev libgsm1-dev libsndfile1-dev libunwind-dev libsrtp2-dev libsystemd-dev fakeroot zip + - name: Build Debian package + env: + DEB_BUILD_OPTIONS: nocheck + run: | + dpkg-buildpackage -us -uc -b + + - name: Collect Debian packages + run: | + set -euo pipefail + mkdir -p debian-artifacts + shopt -s nullglob + for artifact in ../*.deb ../*.ddeb ../*.buildinfo ../*.changes; do + [ -e "${artifact}" ] || continue + base=$(basename "${artifact}") + mv "${artifact}" "debian-artifacts/${base}" + done + + - name: Test install Debian packages + run: | + set -euo pipefail + shopt -s nullglob + pkgs=(./debian-artifacts/*.deb) + if [ "${#pkgs[@]}" -eq 0 ]; then + echo "No Debian packages produced" >&2 + exit 1 + fi + sudo apt-get install -y "${pkgs[@]}" + + - name: Exercise systemd service + run: | + set -euo pipefail + trap 'status=$?; sudo journalctl -xeu rtpproxy.service || true; exit $status' ERR + trap 'sudo systemctl disable --now rtpproxy.socket || true' EXIT + sudo systemctl daemon-reload + sudo systemctl enable --now rtpproxy.socket + sudo systemctl start rtpproxy.service + sudo systemctl status --no-pager rtpproxy.service + sudo systemctl restart rtpproxy.service + sudo systemctl status --no-pager rtpproxy.service + sudo systemctl stop rtpproxy.service + sudo systemctl status --no-pager rtpproxy.service || true + + - name: Setup GitHub Actions artifact client + uses: lhotari/gh-actions-artifact-client@v2 + + - name: Upload Debian artifacts + run: | + set -euo pipefail + shopt -s nullglob + uploaded=0 + for file in debian-artifacts/*.deb debian-artifacts/*.ddeb debian-artifacts/*.buildinfo debian-artifacts/*.changes; do + [ -e "$file" ] || continue + uploaded=1 + name=$(basename "$file") + echo "Uploading $name, file: $file" + zip - "$file" | gh-actions-artifact-client.js upload "$name" --retentionDays=7 + done + if [ "$uploaded" -eq 0 ]; then + echo "No Debian artifacts found for upload" >&2 + exit 1 + fi + FullBuild: name: Full Build needs: [LoadJobs_conf, MinBuild] @@ -550,7 +625,8 @@ jobs: run: sh -x docker/update_description.sh docker/README.md roll_release: - needs: [LoadJobs_conf, Docker] + name: Roll Release + needs: [LoadJobs_conf, Docker, DebianPackage] permissions: contents: write uses: sippy/cimagic/.github/workflows/RollReleaseDraft.yml@v1 diff --git a/debian/README.source b/debian/README.source new file mode 100644 index 000000000..ba4fe6b8f --- /dev/null +++ b/debian/README.source @@ -0,0 +1,13 @@ +Building the Debian packaging helpers locally requires the Debian helper tools. + +Before invoking commands such as `debian/rules clean` or `dpkg-buildpackage`, +install the packaging toolchain, for example: + +``` +sudo apt-get update +sudo apt-get install debhelper +``` + +The packaging workflow in CI already provisions these dependencies. When +working on the packaging locally you need to provision them once per build +environment. diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 000000000..c6b486b8e --- /dev/null +++ b/debian/changelog @@ -0,0 +1,5 @@ +rtpproxy (3.1+dev1) unstable; urgency=medium + + * Initial release of Debian packaging skeleton. + + -- Maxim Sobolev Wed, 15 May 2024 00:00:00 +0000 diff --git a/debian/control b/debian/control new file mode 100644 index 000000000..29eeba7db --- /dev/null +++ b/debian/control @@ -0,0 +1,48 @@ +Source: rtpproxy +Section: net +Priority: optional +Maintainer: Maxim Sobolev +Build-Depends: debhelper-compat (= 13), + pkg-config, + libssl-dev, + libbcg729-dev, + libgsm1-dev, + libsndfile1-dev, + libunwind-dev, + libsrtp2-dev, + libsystemd-dev +Standards-Version: 4.6.2 +Homepage: https://github.com/sippy/rtpproxy +Vcs-Git: https://github.com/sippy/rtpproxy.git +Vcs-Browser: https://github.com/sippy/rtpproxy +Rules-Requires-Root: no + +Package: rtpproxy +Architecture: any +Depends: ${misc:Depends}, ${shlibs:Depends}, adduser +Description: High-performance SIP RTP media proxy + RTPProxy is a high-performance, scalable media relay designed for + SIP-based applications. It supports advanced media handling features + such as secure RTP, codec transcoding modules, and high availability + deployments. + +Package: rtpproxy-debug +Section: debug +Architecture: any +Depends: ${misc:Depends}, rtpproxy (= ${binary:Version}) +Multi-Arch: same +Description: Debug helpers and modules for RTPProxy + This package provides the debugging-friendly binaries and modules for + RTPProxy, including the rtpproxy_debug control tool, UDP contention + tester, and the *_debug.so plugin variants. + +Package: rtpproxy-dev +Section: libdevel +Architecture: any +Depends: ${misc:Depends}, rtpproxy (= ${binary:Version}) +Multi-Arch: same +Description: Development files for librtpproxy instrumentation library + librtpproxy exposes the internal RTPProxy engine to external tooling + for instrumentation and advanced control. This development package + ships the static archive and public header needed to link against the + library. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 000000000..58176f9e1 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,30 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: rtpproxy +Upstream-Contact: Maxim Sobolev +Source: https://github.com/sippy/rtpproxy + +Files: * +Copyright: 2004-2006 Maxim Sobolev + 2006-2025 Sippy Software, Inc. +License: BSD-2-Clause + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + . + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + . + 2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. diff --git a/debian/dirs b/debian/dirs new file mode 100644 index 000000000..fac29b400 --- /dev/null +++ b/debian/dirs @@ -0,0 +1,2 @@ +etc/sysconfig +var/lib/rtpproxy diff --git a/debian/rtpproxy-debug.install b/debian/rtpproxy-debug.install new file mode 100644 index 000000000..73993ff55 --- /dev/null +++ b/debian/rtpproxy-debug.install @@ -0,0 +1,7 @@ +usr/bin/rtpproxy_debug +usr/bin/udp_contention +usr/lib/*/rtpproxy/rtpp_acct_csv_debug.so +usr/lib/*/rtpproxy/rtpp_acct_rtcp_hep_debug.so +usr/lib/*/rtpproxy/rtpp_catch_dtmf_debug.so +usr/lib/*/rtpproxy/rtpp_dtls_gw_debug.so +usr/lib/*/rtpproxy/rtpp_ice_lite_debug.so diff --git a/debian/rtpproxy-dev.install b/debian/rtpproxy-dev.install new file mode 100644 index 000000000..6d50d166a --- /dev/null +++ b/debian/rtpproxy-dev.install @@ -0,0 +1,2 @@ +usr/include/librtpproxy.h +usr/lib/*/librtpproxy.a diff --git a/debian/rtpproxy.examples b/debian/rtpproxy.examples new file mode 100644 index 000000000..d113092de --- /dev/null +++ b/debian/rtpproxy.examples @@ -0,0 +1 @@ +doc/rtpproxy.conf.sample diff --git a/debian/rtpproxy.install b/debian/rtpproxy.install new file mode 100644 index 000000000..027309080 --- /dev/null +++ b/debian/rtpproxy.install @@ -0,0 +1,10 @@ +usr/bin/makeann +usr/bin/extractaudio +usr/bin/rtpproxy +usr/lib/*/rtpproxy/rtpp_acct_csv.so +usr/lib/*/rtpproxy/rtpp_acct_rtcp_hep.so +usr/lib/*/rtpproxy/rtpp_catch_dtmf.so +usr/lib/*/rtpproxy/rtpp_dtls_gw.so +usr/lib/*/rtpproxy/rtpp_ice_lite.so +rpm/rtpproxy.service usr/lib/systemd/system/ +rpm/rtpproxy.socket usr/lib/systemd/system/ diff --git a/debian/rtpproxy.manpages b/debian/rtpproxy.manpages new file mode 100644 index 000000000..3952ce28b --- /dev/null +++ b/debian/rtpproxy.manpages @@ -0,0 +1 @@ +rtpproxy.8 diff --git a/debian/rtpproxy.postinst b/debian/rtpproxy.postinst new file mode 100755 index 000000000..a984bac5b --- /dev/null +++ b/debian/rtpproxy.postinst @@ -0,0 +1,19 @@ +#!/bin/sh +set -e + +case "$1" in + configure) + if ! getent group rtpproxy >/dev/null; then + addgroup --system rtpproxy + fi + if ! getent passwd rtpproxy >/dev/null; then + adduser --system --ingroup rtpproxy --home /var/lib/rtpproxy \ + --shell /usr/sbin/nologin --no-create-home rtpproxy + fi + install -d -o rtpproxy -g rtpproxy -m 0750 /var/lib/rtpproxy + ;; +esac + +#DEBHELPER# + +exit 0 diff --git a/debian/rtpproxy.postrm b/debian/rtpproxy.postrm new file mode 100755 index 000000000..3f606dfef --- /dev/null +++ b/debian/rtpproxy.postrm @@ -0,0 +1,17 @@ +#!/bin/sh +set -e + +case "$1" in + purge) + if command -v deluser >/dev/null 2>&1; then + deluser --system --quiet rtpproxy || true + fi + if command -v delgroup >/dev/null 2>&1; then + delgroup --quiet rtpproxy || true + fi + ;; +esac + +#DEBHELPER# + +exit 0 diff --git a/debian/rules b/debian/rules new file mode 100755 index 000000000..2c0eebb55 --- /dev/null +++ b/debian/rules @@ -0,0 +1,28 @@ +#!/usr/bin/make -f + +export DEB_CFLAGS_MAINT_APPEND = -ffat-lto-objects +export DEB_CXXFLAGS_MAINT_APPEND = -ffat-lto-objects + +%: + dh $@ + +override_dh_auto_configure: + dh_auto_configure -- --enable-librtpproxy --enable-systemd --enable-lto=yes + +override_dh_update_autotools_config: + @echo "Skipping autotools config update" + +override_dh_autoreconf: + @echo "Skipping autoreconf; using bundled configure script" + +override_dh_shlibdeps: + dh_shlibdeps --dpkg-shlibdeps-params=--ignore-missing-info + +execute_after_dh_auto_install: + install -D -m 0644 rpm/rtpproxy.sysconfig debian/rtpproxy/etc/sysconfig/rtpproxy + rm -f debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/rtpproxy/*.la + rm -f debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/librtpproxy.la + rm -f debian/tmp/usr/share/man/man8/rtpproxy.8 + +override_dh_auto_test: + @echo "Skipping upstream tests for package build" diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 000000000..89ae9db8f --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (native) diff --git a/debian/watch b/debian/watch new file mode 100644 index 000000000..421b4b0d0 --- /dev/null +++ b/debian/watch @@ -0,0 +1,3 @@ +version=4 +opts=filenamemangle=s/.+\/v?(\d[^/]+)\.tar\.gz/rtpproxy-$1\.tar.gz/ \ + https://github.com/sippy/rtpproxy/releases .*/archive/refs/tags/v?(\d[^/]+)\.tar\.gz diff --git a/doc/rtpproxy.conf.sample b/doc/rtpproxy.conf.sample new file mode 100644 index 000000000..9dcff869a --- /dev/null +++ b/doc/rtpproxy.conf.sample @@ -0,0 +1,18 @@ +# Example rtpproxy configuration file in UCL format. +# +# Enable accounting modules shipped with the Debian rtpproxy package. +# Comment or remove any modules you do not plan to use. The runtime will +# automatically load the shared object that matches each module name. +modules { + acct_csv { + logfile = /var/log/rtpproxy/rtpproxy.csv + } + + # Forward RTCP reports to a HEP collector. + acct_rtcp_hep { + capt_host = 127.0.0.1 + capt_port = 9060 + capt_ptype = udp + capt_id = 101 + } +} diff --git a/rpm/rtpproxy.service b/rpm/rtpproxy.service index f7f8c7371..eecb7530b 100644 --- a/rpm/rtpproxy.service +++ b/rpm/rtpproxy.service @@ -1,14 +1,21 @@ [Unit] -Description=A symmetric RTP proxy -After=network.target +Description=RTPProxy media relay +Documentation=man:rtpproxy(8) +Requires=rtpproxy.socket +After=network.target rtpproxy.socket [Service] Type=notify User=rtpproxy Group=rtpproxy -EnvironmentFile=/etc/sysconfig/rtpproxy -PIDFile=/var/run/rtpproxy/rtpproxy.pid -ExecStart=/usr/bin/rtpproxy -f -p /var/run/rtpproxy/rtpproxy.pid $OPTIONS +EnvironmentFile=-/etc/sysconfig/rtpproxy +Sockets=rtpproxy.socket +PIDFile=/run/rtpproxy/rtpproxy.pid +RuntimeDirectory=rtpproxy +RuntimeDirectoryMode=0755 +ExecStart=/usr/bin/rtpproxy -f -s systemd: -p /run/rtpproxy/rtpproxy.pid $OPTIONS +ExecReload=/bin/kill -HUP $MAINPID +Restart=on-failure [Install] Also=rtpproxy.socket diff --git a/rpm/rtpproxy.socket b/rpm/rtpproxy.socket index b4632e897..6751decc0 100644 --- a/rpm/rtpproxy.socket +++ b/rpm/rtpproxy.socket @@ -2,7 +2,7 @@ Description=RTPproxy controlling socket [Socket] -ListenStream=127.0.0.1:22222 +ListenStream=/run/rtpproxy.sock Accept=false [Install] diff --git a/rpm/rtpproxy.sysconfig b/rpm/rtpproxy.sysconfig index 9186ef794..e7d7eed79 100644 --- a/rpm/rtpproxy.sysconfig +++ b/rpm/rtpproxy.sysconfig @@ -1 +1,10 @@ -OPTIONS="" +# Command-line options passed to rtpproxy by the systemd unit. +# +# The service already enables foreground operation and manages the runtime +# directory, so typically only the control socket and advertised addresses +# need to be provided here. For example: +# OPTIONS="-s udp:127.0.0.1:7722 -l 203.0.113.10/198.51.100.10" +# +# Leave the value empty to accept the built-in defaults. +# The packaged default listens on all available addresses. +OPTIONS="-l *"