summaryrefslogtreecommitdiff
path: root/docker/Makefile
blob: 5fd51211207890235844cdf62665ce114a902711 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
#########################################################################
# Docker build environment for BitmaskVPN
# (c) LEAP Encryption Access Project, 2019-2020
#########################################################################

IMAGE=bitmask-vpn
REGISTRY=registry.0xacab.org/leap/docker

PROVIDER=riseup
PRODUCT=$(shell echo $(PROVIDER) | sed -e "s/\b\(.\)/\u\1/g")VPN

UNINSTALLER_NSIS="../deploy/produce-bitmask-uninstaller.exe"
UNINSTALLER_WINE=".wine/drive_c/bitmask-uninstall.exe"
UNINSTALLER_STAGING="../build/windows/staging/uninstall.exe"
UNINSTALLER_SIGNED="../build/windows/staging/uninstall-signed.exe"
SIGNCODE=osslsigncode
SECRETS="leap/secrets/windoze"

build:
	mkdir -p mods && cp ../go.mod ../go.sum mods/ && cp -r ../packages mods/
	docker build -t $(REGISTRY)/$(IMAGE):latest .
deps:
	sudo apt install osslsigncode
push:
	docker push $(REGISTRY)/$(IMAGE):latest
prune:
	docker system prune
login:
	docker login $(REGISTRY)

package_win: clean_win package_win_stage_1 sign_win_uninstaller_in_host package_win_stage_2 sign_win_installer_in_host

clean_win:
	@rm -f ../deploy/*.exe

package_win_stage_1:
	docker run \
	    -e PROVIDER=$(PROVIDER) \
	    -e XBUILD=win \
	    -e STAGE=1 \
	    -v `python3 -c 'import os; print(os.path.abspath(".."))'`:/bitmask-vpn.host \
	    --cpus="4" \
	    -it --rm \
	    $(REGISTRY)/$(IMAGE):latest  \
	    /builder.sh

sign_win_uninstaller_in_host:
	@rm -f $(UNINSTALLER_STAGING)
	@rm -f $(UNINSTALLER_WINE)
	@echo "[+] running nsis uninstaller under wine..."
	@wine $(UNINSTALLER_NSIS) || echo "[+] wine finished (it exits badly)"
	@cp ~/$(UNINSTALLER_WINE) $(UNINSTALLER_STAGING) && echo "[+] copied uninstaller to staging dir:" $(UNINSTALLER_STAGING)
	@$(SIGNCODE) sign \
	    -certs ~/$(SECRETS)/win.crt \
	    -key ~/$(SECRETS)/key.pem \
	    -pass `gpg --decrypt ~/$(SECRETS)/../windoze.gpg` \
	    -n "$(PRODUCT) Uninstaller" -i "https://leap.se/" \
	    -in $(UNINSTALLER_STAGING) \
	    -out $(UNINSTALLER_SIGNED)
	@echo "[+] signed uninstaller in:" $(UNINSTALLER_SIGNED)

package_win_stage_2:
	docker run \
	    -e PROVIDER=$(PROVIDER) \
	    -e XBUILD=win \
	    -e STAGE=2 \
	    -v `python3 -c 'import os; print(os.path.abspath(".."))'`:/bitmask-vpn.host \
	    --cpus="4" \
	    -it --rm \
	    $(REGISTRY)/$(IMAGE):latest  \
	    /builder.sh

sign_win_installer_in_host:
	$(eval INSTALLER := $(shell ls -tr ../deploy/$(PRODUCT)*.exe | tail -n 1))
	$(eval INSTALLER_SIGNED := $(shell echo $(INSTALLER) | sed 's/\.exe/-signed.exe/'))
	@$(SIGNCODE) sign \
	    -certs ~/$(SECRETS)/win.crt \
	    -key ~/$(SECRETS)/key.pem \
	    -pass `gpg --decrypt ~/$(SECRETS)/../windoze.gpg` \
	    -n "$(PRODUCT) Installer" -i "https://leap.se/" \
	    -in $(INSTALLER) \
	    -out ../deploy/$(INSTALLER_SIGNED)
	@echo "[+] signed installer in:" $(INSTALLER_SIGNED)

shell:
	docker run -v `python3 -c 'import os; print(os.path.abspath(".."))'`:/bitmask-vpn.host -it --rm $(REGISTRY)/$(IMAGE):latest  /bin/bash