Using private packages for app deployments?

M

mariachi

I'm starting to move more of my company's internals to my FreeBSD server and I'm wondering about deployments.
The specific application I'm working on now is a Clojure app which I build into an uberjar and launch with java -jar my-app.jar inside a jail fronted by a caddy jail.

I could build a new jar whenever a new version is ready for release and then scp into the jail and write an rc script using daemon to run it. But I'm wondering if folks take advantage of the ports structure (makefile, etc) to have a reproducible and quick way to install updates and if so how did you set it up in practice e.g., are the package files living alongside your code? in a separate repo? something else?

The appeal of this idea for me is that it provides some reproducibility (sets up users, directories, files, etc) without having to buy into something like Ansible.
 
Yes, custom ports. In a separate ports tree (only contains my custom ports). Same repository where everything else comes from.

Building a custom port takes a bit of effort at first (getting things correct), but in the long run it's easier to maintain.
 
SirDice do you have any docs/posts bookmarked you could share about this? My ideal scenario was having my CI (forgejo runner in a jail) build the app, then "make package" and then install it somehow over ssh? Sounds unsafe.
 

Custom Poudriere Packages in Your Own Repository | FreeBSD Foundation

By Benedict Reuschling I’m forever grateful for the people who made ports and package installations on FreeBSD so easy. Whereas other Unix-like systems need to either manually install a bunch of libraries or dependencies, let alone package origins as text files, the BSDs typically don’t need any...
freebsdfoundation.org freebsdfoundation.org
This article of building a private package repository may help.
 
I've used two approaches:
Custom port pros are that there are tons of examples of porting; it fits into existing infrastructure you may already have; it's repeatable / easy to verify a clean build environment with poudriere-testport(8). Main con is that ports are based around distfiles - so if you want a CI/CD "package the most recent commit" workflow, you're kind of fighting the structure. It's certainly doable, but fiddly.

pkg-create(8) main pro is that you can build some stuff and create a package from it, no need to worry about distfiles, commit versions, checksums, etc. Main con is that there's not a ton of information out there, you'll have to figure out how to build the manifest yourself, and you're responsible for verifying clean build environment (if you want).

I wrote an elixir package a while back to turn a mix release into a freebsd package with rc-based service. You'll have to dig through some elixir to work out the steps needed but it's a working example.

Probably would be a good idea to get a barebones example of how to use pkg-create in the FreeBSD repo if there's not one already.
 
You must log in or register to reply here.
Back
Top