Support #740
Updated by Daniel Curtis about 8 years ago
This is a guide on how I set up poudriere to build packages on FreeBSD 9.
h2. Prepare the Environment
* Make sure the system is up to date:
<pre>
pkg update && pkg upgrade
</pre>
* Update the ports tree:
<pre>
portsnap fetch extract
</pre>
h2. Install Nginx
* Install nginx:
<pre>
pkg install nginx
</pre>
* Start and enable nginx at boot:
<pre>
echo 'nginx_enable="YES"' >> /etc/rc.conf
service nginx start
</pre>
* Create a configuration directory to make managing individual server blocks easier
<pre>
mkdir /usr/local/etc/nginx/conf.d
</pre>
* Edit the main nginx config file:
<pre>
vi /usr/local/etc/nginx/nginx.conf
</pre>
#* And strip down the config file and add the include statement at the end to make it easier to handle various server blocks:
<pre>
worker_processes 1;
error_log /var/log/nginx-error.log;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
# nginx may need to resolve domain names at run time
resolver 208.67.222.222 208.67.220.220;
# Load config files from the /etc/nginx/conf.d directory
include /usr/local/etc/nginx/conf.d/*.conf;
}
</pre>
h2. SSL Certificate
* Generate a strong SSL key and a CSR to send for signing by a CA:
<pre>
cd /usr/local/etc/nginx
openssl req -sha512 -out build.example.com.csr -new -newkey rsa:4096 -nodes -keyout build.example.com.key
</pre>
* Next, generate a 4096 bit key called @poudriere.key@:
<pre>
openssl genrsa -out /usr/local/etc/poudriere.key 4096
</pre>
* After the key is generated, create a public cert from it by typing:
<pre>
openssl rsa -in /usr/local/etc/poudriere.key -pubout -out /usr/local/etc/poudriere.crt
</pre>
h2. Install Poudriere
* Install poudriere and portmaster:
<pre>
pkg install poudriere portmaster screen
</pre>
* Edit the main poudriere configuration file:
<pre>
vi /usr/local/etc/poudriere.conf
</pre>
#* We are using UFS, and must set the @NO_ZFS@ flag to "yes". Find and uncomment this option within the file:
<pre>
NO_ZFS=yes
#ZPOOL=tank
#ZROOTFS=/poudriere
</pre>
#* Change the to the default @FREEBSD_HOST@ location or use a closer mirror if you know of one:
<pre>
FREEBSD_HOST=ftp://ftp.freebsd.org
</pre>
#* Next, make sure that the data directory within the poudriere root with the POUDRIERE_DATA option:
<pre>
POUDRIERE_DATA=${BASEFS}/data
</pre>
#* Then uncomment the @CHECK_CHANGED_OPTIONS@ and @CHECK_CHANGED_DEPS@ options. The first option tells poudriere to rebuild packages when the options for it have changed. The second option tells tells poudriere to rebuild packages when dependencies have changed since the last compilation:
<pre>
CHECK_CHANGED_OPTIONS=verbose
CHECK_CHANGED_DEPS=yes
</pre>
#* Point poudriere to the SSL key that we created so that it can sign packages as it builds. The option used to specify this is called @PKG_REPO_SIGNING_KEY@:
<pre>
PKG_REPO_SIGNING_KEY=/usr/local/etc/poudriere.key
</pre>
#* Finally, set the @URL_BASE@ string to the domain name or IP address where your server can be reached:
<pre>
URL_BASE=http://build.example.com URL_BASE=http://build.example.com/
</pre>
h2. Create the Build Environment
h3. Create FreeBSD 9.3 RELEASE Jail
* Create the FreeBSD 9.3 jail:
<pre>
poudriere jail -c -j freebsd_9-3x64 -v 9.3-RELEASE
</pre>
* This will take awhile to complete, so be patient. When you are finished, you can see the installed jail by typing:
<pre>
poudriere jail -l
</pre>
* Create the list of ports to build:
<pre>
vi /usr/local/etc/poudriere.d/port-list
</pre>
#* And add ports to build:
<pre>
www/nginx
www/rubygem-passenger
php56
</pre>
* Use a custom @make.conf@ file for the freebsd_9-3x64 jail:
<pre>
vi /usr/local/etc/poudriere.d/freebsd_9-3x64-make.conf
</pre>
#* You can put any options you would like to use when building your ports. For instance, if you do not want to build any documentation, native language support, or X11 support you can set and set passenger:
<pre>
OPTIONS_UNSET+= APACHE22 DOCS NLS X11 EXAMPLES
OPTIONS_SET+= PASSENGER SYMLINK NGINX
</pre>
h2. Running the Build Process
* Update the jail:
<pre>
poudriere jail -u -j freebsd_9-3x64
</pre>
* Create a default ports tree:
<pre>
poudriere ports -c
</pre>
* To start the build, use the bulk command and point to all of our individual pieces that we have been configuring:
<pre>
sudo poudriere bulk -j freebsd_9-3x64 -p default -f /usr/local/etc/poudriere.d/port-list
</pre>
* At any time during the build process, you can get information about the progress by holding the CTRL key and hitting t:
<pre>
CTRL-t
</pre>
* If you need to step away, you can detach the screen session by hitting CTRL with a to move control to screen, followed by the d key to detach the session:
<pre>
CTRL-a d
</pre>
* When you wish to return to the session you can type:
<pre>
screen -r
</pre>
h2. Configure Poudriere Web Frontend
* Add a default site server block:
vi /usr/local/etc/nginx/conf.d/poudriere.example.com.conf
#* Add the following:
<pre>
server {
listen 80 default_server;
server_name poudriere.example.com;
access_log /var/log/poudriere.example.com.log main;
root /usr/local/share/poudriere/html;
location /data {
alias /usr/local/poudriere/data/logs/bulk;
autoindex on;
}
location /packages {
root /usr/local/poudriere/data;
autoindex on;
}
}
</pre>
* Restart nginx:
<pre>
service nginx restart
</pre>
h2. Resources
* https://www.freebsd.org/doc/handbook/ports-poudriere.html
* https://www.digitalocean.com/community/tutorials/how-to-set-up-a-poudriere-build-system-to-create-packages-for-your-freebsd-servers