refactor: standardize Dockerfile and build script structure

Standardize all RPM packages to use a consistent build pattern:
- Simple Dockerfiles that copy resources/ and call build.sh
- Move all build logic to resources/build.sh scripts
- Consolidate nfpm.yaml and scripts into resources/ directory
- Update base image to almalinux9-rpmbuilder for consistency

Changes:
- Refactored 37 packages total (simple + complex)
- HashiCorp tools: consul, vault, terraform, terragrunt, packer, nomad, nomad-autoscaler
- Development tools: g10k, etcd, nfpm, ruff, uv, unrar, nzbget, boilerplate
- VictoriaMetrics: vlutils, vmutils, victoria-logs
- Network tools: cni-plugins, consul-cni, unkin-ca-certificates
- Jellyfin suite: jellyfin-web, jellyfin-server, jellyfin-ffmpeg-bin
- System packages: puppet-initial, incus

This standardization improves maintainability and consistency across
the entire RPM build system while preserving all existing functionality.
This commit is contained in:
2025-09-28 22:17:46 +10:00
parent 20952727ba
commit 325b830952
85 changed files with 389 additions and 269 deletions
+7
View File
@@ -0,0 +1,7 @@
#!/usr/bin/bash
# Download the CA certificate from vault
curl -o /app/UNKIN_ROOTCA_2024.crt https://vault.query.consul:8200/v1/pki_root/ca/pem
# Build the RPM
nfpm pkg --config /app/resources/nfpm.yaml --target /app/dist --packager rpm
@@ -0,0 +1,38 @@
# nfpm.yaml
name: unkin-ca-certificates
version: ${PACKAGE_VERSION}
release: ${PACKAGE_RELEASE}
arch: amd64
platform: linux
section: default
priority: extra
description: "ca-certificates for the unkin site"
maintainer: Unkin
homepage: https://vault.query.consul:8200
license: Apache-2.0
disable_globbing: false
depends:
- ca-certificates
replaces:
- unkin-ca-certificates
# Files to include in the package
contents:
- src: /app/UNKIN_ROOTCA_2024.crt
dst: /etc/pki/ca-trust/source/anchors/UNKIN_ROOTCA_2024.crt
file_info:
mode: 0755
owner: root
group: root
# Scripts to run during installation/removal (optional)
scripts:
postinstall: ./scripts/postinstall.sh
# preinstall: ./scripts/preinstall.sh
# preremove: ./scripts/preremove.sh
# postremove: ./scripts/postremove.sh
@@ -0,0 +1,2 @@
#!/usr/bin/env bash
/usr/bin/update-ca-trust extract