buildserver: support HTTPS Debian mirrors
The ever troublesome gpjenkins box needs to use HTTPS mirrors. Plus it improves the security of the buildserver, since there have been CVEs that HTTPS would protect against: https://www.debian.org/security/2016/dsa-3733
This commit is contained in:
Hans-Christoph Steiner
parent
64ea4caac1
commit
580a9eb058
|
|
@ -6,14 +6,19 @@ set -x
|
|||
|
||||
debian_mirror=$1
|
||||
|
||||
sed -i "s,http://ftp.uk.debian.org/debian/,${debian_mirror},g" /etc/apt/sources.list
|
||||
|
||||
printf 'APT::Install-Recommends "0";\nAPT::Install-Suggests "0";\n' \
|
||||
> /etc/apt/apt.conf.d/99no-install-recommends
|
||||
|
||||
printf 'APT::Acquire::Retries "20";\n' \
|
||||
> /etc/apt/apt.conf.d/99acquire-retries
|
||||
|
||||
if echo $debian_mirror | grep '^https' 2>&1 > /dev/null; then
|
||||
apt-get -y update
|
||||
apt-get -y install apt-transport-https
|
||||
fi
|
||||
|
||||
sed -i "s,http://ftp.uk.debian.org/debian/,${debian_mirror},g" /etc/apt/sources.list
|
||||
|
||||
if grep --quiet jessie /etc/apt/sources.list; then
|
||||
echo "deb $debian_mirror jessie-backports main" > /etc/apt/sources.list.d/backports.list
|
||||
echo "deb $debian_mirror testing main" > /etc/apt/sources.list.d/testing.list
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@ export VAGRANT_HOME=$WORKSPACE/vagrant.d
|
|||
mkdir $VAGRANT_HOME
|
||||
|
||||
cd $WORKSPACE
|
||||
echo "debian_mirror = 'http://ftp.uk.debian.org/debian/'" > $WORKSPACE/makebuildserver.config.py
|
||||
echo "debian_mirror = 'https://deb.debian.org/debian/'" > $WORKSPACE/makebuildserver.config.py
|
||||
echo "boot_timeout = 1200" >> $WORKSPACE/makebuildserver.config.py
|
||||
echo "apt_package_cache = True" >> $WORKSPACE/makebuildserver.config.py
|
||||
./makebuildserver --verbose --clean
|
||||
|
|
|
|||
Loading…
Reference in New Issue