Initial setup of build

.github/workflows/packaging.yml

@@ -0,0 +1,30 @@
+name: packaging
+
+permissions:
+  contents: read
+
+on:
+  push:
+    branches:
+      - 'release/**'
+  workflow_dispatch:
+
+jobs:
+  package:
+    uses: NLnetLabs/ploutos/.github/workflows/pkg-rust.yml@v7
+    with:
+      workspace_package: statime-linux
+
+      package_build_rules: |
+        pkg: statime
+        image:
+          - "rockylinux:8"
+          - "ubuntu:xenial"
+        target: x86_64
+
+      package_test_scripts_path: pkg/test-scripts/test-statime.sh
+
+      rpm_scriptlets_path: pkg/rpm/scriptlets.toml
+
+      rpm_extra_build_packages: git
+      deb_extra_build_packages: git

COPYING

@@ -0,0 +1,6 @@
+Copyright (c) 2022-2023 Tweede Golf and Contributors
+
+Except as otherwise noted (below and/or in individual files), ntpd-rs is
+licensed under the Apache License, Version 2.0 <LICENSE-APACHE> or
+<http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+<LICENSE-MIT> or <http://opensource.org/licenses/MIT>, at your option.

LICENSE-MIT

@@ -1,5 +1,4 @@
-The MIT License (MIT)
-Copyright (c) 2022 tweede golf b.v.
+Copyright (c) 2022-2023 Tweede Golf and Contributors
 
 Permission is hereby granted, free of charge, to any person obtaining a copy of
 this software and associated documentation files (the "Software"), to deal in

docs/examples/conf/statime.preset

@@ -0,0 +1 @@
+enable statime.service

docs/examples/conf/statime.service

@@ -0,0 +1,19 @@
+[Unit]
+Description=Statime linux
+Documentation=https://github.com/pendulum-project/statime
+After=network-online.target
+Wants=network-online.target
+Conflicts=
+
+[Service]
+Type=simple
+Restart=no
+ExecStart=/usr/bin/statime
+Environment="RUST_LOG=info"
+RuntimeDirectory=statime
+User=statime
+Group=statime
+AmbientCapabilities=CAP_SYS_TIME CAP_NET_BIND_SERVICE
+
+[Install]
+WantedBy=multi-user.target

docs/examples/conf/statime.toml.default

@@ -0,0 +1,49 @@
+[observability]
+# You can configure ntpd-rs with different output levels of logging information
+# Basic values for this are `trace`, `debug`, `info`, `warn` and `error`.
+log-level = "info"
+## Using the observe socket you can retrieve statistical information about the
+## daemon while it is running. You can use the `ntp-ctl` or prometheus based
+## `ntp-metrics-exporter` binaries for some default options to read from the
+## observe socket.
+observation-path = "/var/run/ntpd-rs/observe"
+
+## The sources section allows configuring sources, you may configure multiple of
+## these blocks to add more sources to your configuration.
+## Our default configuration spawns a pool of sources (by default this attempts
+## to discover 4 distinct sources).
+[[source]]
+mode = "pool"
+address = "ntpd-rs.pool.ntp.org"
+count = 4
+
+## If you have an NTS server, you can configure a source that connects using NTS
+## by adding a configuration such as the one below
+#[[source]]
+#mode = "nts"
+# NTS service from NETNOD: https://www.netnod.se/nts/network-time-security
+#address = "nts.netnod.se"
+
+## A source in server mode will only create a single source in contrast to the
+## multiple sources of a pool. This is the recommended source mode if you only
+## have an IP address for your source.
+#[[source]]
+#mode = "server"
+#address = "ntpd-rs.pool.ntp.org"
+
+## If you want to provide time to other machines, the configuration below
+## enables serving time on port 123 of all network interfaces.
+#[[server]]
+#listen = "[::]:123"
+
+## Below are configured various thresholds beyond which ntpd-rs will not
+## change the system clock. CHANGE THESE TO MATCH YOUR SECURITY NEEDS!
+[synchronization]
+# The maximum step size (in seconds) of a single step during normal operation
+single-step-panic-threshold = 1800
+# On startup a larger jump may occur, this sets limits for that initial jump
+startup-step-panic-threshold = { forward="inf", backward = 86400 }
+# If, during the lifetime of the ntp-daemon the combined time of time jumps
+# exceeds this value, then the NTP daemon will stop, this is disabled by default
+#accumulated-threshold = 1800
+#minimum-agreeing-sources = 3

pkg/deb/COPYRIGHT-debian

@@ -0,0 +1,7 @@
+Copyright (c) 2022-2023 Tweede Golf and Contributors
+
+Except as otherwise noted (below and/or in individual files), ntpd-rs is
+licensed under the Apache License, Version 2.0 <LICENSE-APACHE> or
+<http://www.apache.org/licenses/LICENSE-2.0> or
+</usr/share/common-licenses/Apache-2.0> or the MIT license <LICENSE-MIT> or
+<http://opensource.org/licenses/MIT>, at your option.

pkg/deb/postinst

@@ -0,0 +1,48 @@
+#!/bin/sh
+
+set -e
+
+STATIME_HOME="/var/lib/statime/"
+STATIME_USER="statime"
+
+create_user() {
+    if ! id ${STATIME_USER} > /dev/null 2>&1; then
+        adduser --system --home "${STATIME_HOME}" --group ${STATIME_USER}
+    fi
+}
+
+case "$1" in
+configure)
+    create_user
+    ;;
+esac
+
+if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then
+    # This will only remove masks created by d-s-h on package removal.
+    deb-systemd-helper unmask statime.service >/dev/null || true
+
+    # was-enabled defaults to true, so new installations run enable.
+    if deb-systemd-helper --quiet was-enabled statime.service; then
+        # Enables the unit on first installation, creates new
+        # symlinks on upgrades if the unit file has changed.
+        deb-systemd-helper enable statime.service >/dev/null || true
+    else
+        # Update the statefile to add new symlinks (if any), which need to be
+        # cleaned up on purge. Also remove old symlinks.
+        deb-systemd-helper update-state statime.service >/dev/null || true
+    fi
+fi
+
+if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then
+	if [ -d /run/systemd/system ]; then
+		systemctl --system daemon-reload >/dev/null || true
+		if [ -n "$2" ]; then
+			_dh_action=restart
+		else
+			_dh_action=start
+		fi
+		deb-systemd-invoke $_dh_action statime.service >/dev/null || true
+	fi
+fi
+
+#DEBHELPER#

pkg/deb/postrm

@@ -0,0 +1,34 @@
+#!/bin/sh
+set -e
+
+STATIME_CONF_DIR="/etc/statime"
+
+case "$1" in
+purge)
+    # Per https://www.debian.org/doc/debian-policy/ch-files.html#behavior
+    # "configuration files must be preserved when the package is removed, and
+    #  only deleted when the package is purged."
+    if [ -d ${STATIME_CONF_DIR} ]; then
+        rm -r ${STATIME_CONF_DIR}
+    fi
+    ;;
+esac
+
+if [ -d /run/systemd/system ]; then
+	systemctl --system daemon-reload >/dev/null || true
+fi
+
+if [ "$1" = "remove" ]; then
+    if [ -x "/usr/bin/deb-systemd-helper" ]; then
+        deb-systemd-helper mask statime.service >/dev/null || true
+    fi
+fi
+
+if [ "$1" = "purge" ]; then
+    if [ -x "/usr/bin/deb-systemd-helper" ]; then
+        deb-systemd-helper purge statime.service >/dev/null || true
+        deb-systemd-helper unmask statime.service >/dev/null || true
+    fi
+fi
+
+#DEBHELPER#

pkg/deb/prerm

@@ -0,0 +1,6 @@
+#!/bin/sh
+set -e
+
+if [ -d /run/systemd/system ] && [ "$1" = remove ]; then
+    deb-systemd-invoke stop statime.service >/dev/null || true
+fi

pkg/rpm/scriptlets.toml

@@ -0,0 +1,67 @@
+post_install_script = '''
+#!/bin/bash -e
+#RPM_SYSTEMD_MACROS#
+
+if [ $EUID -ne 0 ]; then
+    echo >&2 "ERROR: statime postinst script must be run as root"
+    exit 1
+fi
+
+STATIME_USER=statime
+STATIME_HOME_DIR="/var/lib/statime"
+STATIME_HOME_DIR_PERMS=700
+
+create_user() {
+    if ! id ${STATIME_USER} > /dev/null 2>&1; then
+        # According to the CentOS 7 useradd man page:
+        # --user-group causes a group by the same name as the user to be created
+        # --create-home should force creation of a home dir even for a system account.
+        useradd --home-dir ${STATIME_HOME_DIR} --system --create-home --user-group ${STATIME_USER}
+    fi
+    # Ensure that the home directory has the correct ownership
+    chown -R ${STATIME_USER}:${STATIME_USER} ${STATIME_HOME_DIR}
+    # Ensure that the home directory has the correct permissions
+    chmod ${STATIME_HOME_DIR_PERMS} ${STATIME_HOME_DIR}
+}
+
+init_systemd_service() {
+    systemd_post statime.service
+    systemd_triggers
+}
+
+link_man_page() {
+#    if [ ! -f "/usr/share/man/man5/statime.toml.5" ]; then
+#        (cd "/usr/share/man/man5" && ln -s "statime-toml.5" "statime.toml.5")
+#    fi
+}
+
+if [ $1 -eq 1 ] ; then
+    # Initial installation
+    create_user
+    link_man_page
+    init_systemd_service
+fi
+'''
+
+pre_uninstall_script = '''
+#!/bin/bash -e
+#RPM_SYSTEMD_MACROS#
+
+if [ $1 -eq 0 ] ; then
+    # Package removal, not upgrade
+    # Run commands equivalent to what the RPM systemd macros would do
+    systemd_preun statime.service
+    systemd_triggers
+fi
+'''
+
+post_uninstall_script = '''
+#!/bin/bash -e
+#RPM_SYSTEMD_MACROS#
+
+if [ $1 -ge 1 ] ; then
+    # Run commands equivalent to what the RPM systemd macros would do
+    systemd_postun_with_restart statime.service
+    systemd_triggers
+fi
+'''

pkg/test-scripts/test-statime.sh

@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+
+set -eo pipefail
+set -x
+
+case $1 in
+  post-install|post-upgrade)
+      # Ensure users are created
+      id statime
+
+      # Ensure deamon is present
+      echo -e "\nSTATIME HELP OUTPUT:"
+      /usr/bin/statime --help
+
+      # # Ensure that the systemd service is running
+      # systemctl is-active statime.service --quiet
+    ;;
+esac

statime-linux/Cargo.toml

@@ -21,6 +21,50 @@ tokio = { version = "1.33", features = ["net", "rt-multi-thread", "time", "macro
 rand = { version = "0.8.5", default-features = false, features = ["std", "std_rng"] }
 serde = { version = "1.0.192", features = ["derive"] }
 
-
 clock-steering = { git = "https://github.com/pendulum-project/clock-steering.git", rev = "716a540" }
 timestamped-socket = { git =  "https://github.com/pendulum-project/timestamped-socket.git", rev = "d0e4ed7", features = ["serde"] }
+
+[package.metadata.deb]
+name = "statime"
+priority = "optional"
+section = "net"
+copyright = "Copyright (c) 2022-2023 Tweede Golf and Contributors"
+license-file = "../pkg/deb/COPYRIGHT-debian"
+maintainer = "Statime Maintainers <[email protected]>"
+maintainer-scripts = "../pkg/deb/"
+assets = [
+  ["target/release/statime", "/usr/bin/statime", "755"],
+  ["docs/precompiled/man/statime.8", "/usr/share/man/man8/statime.8", "644"],
+#  ["docs/precompiled/man/statime.toml.5", "/usr/share/man/man5/statime.toml.5", "644"],
+  ["docs/examples/conf/statime.toml.default", "/usr/share/doc/statime/statime.toml.default", "644"],
+  ["docs/examples/conf/statime.toml.default", "/etc/statime/statime.toml", "644"],
+  ["docs/examples/conf/statime.preset", "/lib/systemd/system-preset/50-statime.preset", "644"],
+  ["docs/examples/conf/statime.service", "/lib/systemd/system/statime.service", "644"],
+  ["../COPYING", "/usr/share/doc/statime/COPYING", "644"],
+  ["../LICENSE-APACHE", "/usr/share/doc/statime/LICENSE-APACHE", "644"],
+  ["../LICENSE-MIT", "/usr/share/doc/statime/LICENSE-MIT", "644"],
+  ["../CHANGELOG.md", "/usr/share/doc/statime/CHANGELOG.md", "644"],
+  ["../README.md", "/usr/share/doc/statime/README.md", "644"],
+]
+conf-files = [
+  "/etc/statime/statime.toml",
+]
+
+[package.metadata.generate-rpm]
+name = "statime"
+# See: https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing#Good_Licenses
+license = "MIT or ASL 2.0"
+assets = [
+  { source = "target/release/statime", dest = "/usr/bin/statime", mode = "755" },
+  { source = "docs/precompiled/man/statime.8", dest = "/usr/share/man/man8/statime.8", mode = "644", doc = true },
+#  { source = "docs/precompiled/man/statime.toml.5", dest = "/usr/share/man/man5/statime-toml.5", mode = "644", doc = true },
+  { source = "docs/examples/conf/statime.toml.default", dest = "/usr/share/doc/statime/statime.toml.default", mode = "644", doc = true },
+  { source = "docs/examples/conf/statime.toml.default", dest = "/etc/statime/statime.toml", mode = "644", config = true },
+  { source = "docs/examples/conf/statime.preset", dest = "/lib/systemd/system-preset/50-statime.preset", mode = "644" },
+  { source = "docs/examples/conf/statime.service", dest = "/lib/systemd/system/statime.service", mode = "644" },
+  { source = "../COPYING", dest = "/usr/share/doc/statime/COPYING", mode = "644", doc = true },
+  { source = "../LICENSE-APACHE", dest = "/usr/share/doc/statime/LICENSE-APACHE", mode = "644", doc = true },
+  { source = "../LICENSE-MIT", dest = "/usr/share/doc/statime/LICENSE-MIT", mode = "644", doc = true },
+  { source = "../CHANGELOG.md", dest = "/usr/share/doc/statime/CHANGELOG.md", mode = "644", doc = true },
+  { source = "../README.md", dest = "/usr/share/doc/statime/README.md", mode = "644", doc = true },
+]