code_public/ja4sentinel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
71011a786d6267353ab92b9d1991cf42097babf3
ja4sentinel/packaging/build-deb.sh
Jacquin Antoine c62101a08e fix: Support Debian Bookworm et Ubuntu pour le package .deb 
Cible: Debian Bookworm (12) et Ubuntu 22.04+

Changes:
- packaging/Dockerfile.deb: Build via Docker avec Go 1.24
- packaging/build-deb.sh: Ajout paramètre distribution (debian/ubuntu)
- packaging/test/Dockerfile.deb: Test sur Debian Bookworm
- packaging/test/test-*.sh: Tests spécifiques Debian/Ubuntu
- .github/workflows/build-deb.yml:
  * Nom du job: 'Build DEB Package (Debian/Ubuntu)'
  * TARGET_DIST: debian:bookworm
  * Build simplifié via Docker
- Makefile: package-deb utilise Docker (cohérent avec RPM)

Compatibilité:
- Debian 11 (Bullseye)
- Debian 12 (Bookworm)
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
2026-02-25 21:25:45 +01:00

112 lines
3.8 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Build script for .deb package
# Usage: ./build-deb.sh [version] [architecture] [distribution]
# distribution: debian, ubuntu (default: debian)
set -e
# Sanitize version for Debian package (must start with digit)
VERSION="${1:-1.0.0}"
ARCH="${2:-amd64}"
DIST="${3:-debian}"
PACKAGE_NAME="ja4sentinel"
# Convert git version to Debian-compatible format
if [[ "$VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+ ]]; then
DEB_VERSION="$VERSION"
elif [[ "$VERSION" =~ ^v([0-9]+\.[0-9]+\.[0-9]+) ]]; then
DEB_VERSION="${BASH_REMATCH[1]}"
else
DEB_VERSION="0.0.0+${VERSION//[^a-zA-Z0-9+.-]/_}"
fi
echo "=== Building ${PACKAGE_NAME} ${DEB_VERSION} for ${DIST} (${ARCH}) ==="
# Directories
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(dirname "$SCRIPT_DIR")"
BUILD_DIR="${PROJECT_ROOT}/build/deb"
PACKAGE_DIR="${BUILD_DIR}/${PACKAGE_NAME}_${DEB_VERSION}_${ARCH}"
# Clean and create build directory
rm -rf "${BUILD_DIR}"
mkdir -p "${PACKAGE_DIR}"
# Create package structure
mkdir -p "${PACKAGE_DIR}/usr/bin"
mkdir -p "${PACKAGE_DIR}/etc/ja4sentinel"
mkdir -p "${PACKAGE_DIR}/var/lib/ja4sentinel"
mkdir -p "${PACKAGE_DIR}/var/log/ja4sentinel"
mkdir -p "${PACKAGE_DIR}/var/run/ja4sentinel"
mkdir -p "${PACKAGE_DIR}/usr/lib/systemd/system"
mkdir -p "${PACKAGE_DIR}/usr/share/ja4sentinel"
mkdir -p "${PACKAGE_DIR}/DEBIAN"
# Copy binary (build if not exists)
if [ ! -f "${PROJECT_ROOT}/dist/ja4sentinel-linux-amd64" ]; then
echo "Building binary..."
cd "${PROJECT_ROOT}"
make build-linux
fi
cp "${PROJECT_ROOT}/dist/ja4sentinel-linux-amd64" "${PACKAGE_DIR}/usr/bin/ja4sentinel"
chmod 755 "${PACKAGE_DIR}/usr/bin/ja4sentinel"
# Copy systemd service
cp "${SCRIPT_DIR}/systemd/ja4sentinel.service" "${PACKAGE_DIR}/usr/lib/systemd/system/ja4sentinel.service"
chmod 644 "${PACKAGE_DIR}/usr/lib/systemd/system/ja4sentinel.service"
# Copy default config
cp "${SCRIPT_DIR}/systemd/config.yml" "${PACKAGE_DIR}/etc/ja4sentinel/config.yml.default"
cp "${SCRIPT_DIR}/systemd/config.yml" "${PACKAGE_DIR}/usr/share/ja4sentinel/config.yml"
chmod 640 "${PACKAGE_DIR}/etc/ja4sentinel/config.yml.default"
chmod 640 "${PACKAGE_DIR}/usr/share/ja4sentinel/config.yml"
# Copy maintainer scripts
cp "${SCRIPT_DIR}/deb/postinst" "${PACKAGE_DIR}/DEBIAN/postinst"
cp "${SCRIPT_DIR}/deb/prerm" "${PACKAGE_DIR}/DEBIAN/prerm"
cp "${SCRIPT_DIR}/deb/postrm" "${PACKAGE_DIR}/DEBIAN/postrm"
chmod 755 "${PACKAGE_DIR}/DEBIAN/postinst"
chmod 755 "${PACKAGE_DIR}/DEBIAN/prerm"
chmod 755 "${PACKAGE_DIR}/DEBIAN/postrm"
# Create control file
cat > "${PACKAGE_DIR}/DEBIAN/control" << EOF
Package: ${PACKAGE_NAME}
Version: ${DEB_VERSION}
Section: net
Priority: optional
Architecture: ${ARCH}
Depends: systemd, libpcap0.8
Maintainer: JA4Sentinel Team <team@example.com>
Description: JA4 TLS fingerprinting daemon
JA4Sentinel is a Go-based tool for capturing network traffic on Linux servers,
extracting client-side TLS handshakes, generating JA4 signatures, enriching
with IP/TCP metadata, and logging results to configurable outputs.
.
Features:
- Network packet capture with BPF filters
- TLS ClientHello extraction
- JA4/JA3 fingerprint generation
- IP/TCP metadata enrichment
- Multiple output formats (stdout, file, UNIX socket)
- Structured JSON logging for systemd/journald
Homepage: https://github.com/your-repo/ja4sentinel
EOF
# Create conffiles
echo "/etc/ja4sentinel/config.yml.default" > "${PACKAGE_DIR}/DEBIAN/conffiles"
# Build the package
echo "Building .deb package..."
cd "${BUILD_DIR}"
dpkg-deb --build "${PACKAGE_NAME}_${DEB_VERSION}_${ARCH}"
# Calculate checksum
cd "${BUILD_DIR}"
sha256sum "${PACKAGE_NAME}_${DEB_VERSION}_${ARCH}.deb" > "${PACKAGE_NAME}_${DEB_VERSION}_${ARCH}.deb.sha256"
echo ""
echo "=== Build complete ==="
echo "Package: ${BUILD_DIR}/${PACKAGE_NAME}_${DEB_VERSION}_${ARCH}.deb"
echo "Checksum: $(cat ${PACKAGE_NAME}_${DEB_VERSION}_${ARCH}.deb.sha256)"
Reference in New Issue View Git Blame Copy Permalink