From 4e64ab0ff03142c87e33ea268be57a4bfcfcab51 Mon Sep 17 00:00:00 2001 From: Otto Moerbeek Date: Mon, 26 May 2025 15:08:18 +0200 Subject: [PATCH] Rec debian/ubuntu packges using meson --- .../debian/recursor/debian-buster/control | 2 + .../debian/recursor/debian-buster/rules | 60 ++++++++++++------- .../dockerfiles/Dockerfile.authoritative | 2 +- .../dockerfiles/Dockerfile.debbuild-prepare | 9 ++- .../dockerfiles/Dockerfile.dnsdist | 2 +- .../Dockerfile.target.debian-bookworm | 2 +- .../Dockerfile.target.debian-bullseye | 2 +- .../Dockerfile.target.debian-trixie | 2 +- .../dockerfiles/Dockerfile.target.sdist | 2 +- .../Dockerfile.target.ubuntu-jammy | 2 +- .../Dockerfile.target.ubuntu-noble | 2 +- .../Dockerfile.target.ubuntu-oracular | 2 +- pdns/recursordist/meson.build | 2 + 13 files changed, 59 insertions(+), 32 deletions(-) diff --git a/builder-support/debian/recursor/debian-buster/control b/builder-support/debian/recursor/debian-buster/control index db119a1c69..81d067f2ee 100644 --- a/builder-support/debian/recursor/debian-buster/control +++ b/builder-support/debian/recursor/debian-buster/control @@ -5,6 +5,7 @@ Priority: optional Standards-Version: 4.5.1 Build-Depends: debhelper (>= 10), dh-autoreconf, + clang, libboost-context-dev, libboost-dev, libboost-filesystem-dev, @@ -21,6 +22,7 @@ Build-Depends: debhelper (>= 10), libsodium-dev, libssl-dev, libsystemd-dev, + lld, pkgconf | pkg-config, protobuf-compiler, ragel, diff --git a/builder-support/debian/recursor/debian-buster/rules b/builder-support/debian/recursor/debian-buster/rules index 36503a365e..87d979e8fa 100755 --- a/builder-support/debian/recursor/debian-buster/rules +++ b/builder-support/debian/recursor/debian-buster/rules @@ -1,41 +1,61 @@ #!/usr/bin/make -f +include /usr/share/dpkg/architecture.mk +include /usr/share/dpkg/pkg-info.mk # Turn on all hardening flags, as we're a networked daemon. # Note: blhc (build log hardening check) will find these false positives: CPPFLAGS 2 missing, LDFLAGS 1 missing -export DEB_BUILD_MAINT_OPTIONS = hardening=+all +export DEB_BUILD_MAINT_OPTIONS = hardening=+bindnow,+pie optimize=-lto # see EXAMPLES in dpkg-buildflags(1) and read /usr/share/dpkg/* DPKG_EXPORT_BUILDFLAGS = 1 include /usr/share/dpkg/default.mk -CONFIGURE_ARGS = +# Only enable systemd integration on Linux operating systems +ifeq ($(DEB_HOST_ARCH_OS),linux) +MESON_ARGS += -Dsystemd-service=enabled +DH_ARGS += --with systemd +else +MESON_ARGS += -Dsystemd-service=disabled +endif -# Workaround for debbug #1078413 https://github.com/PowerDNS/pdns/issues/14084 -CONFIGURE_ARGS += --with-libcrypto=/usr +# Only disable luajit on arm64 +#ifneq ($(DEB_HOST_ARCH),arm64) +#MESON_ARGS += -Dlua=luajit +#else +MESON_ARGS += -Dlua=auto +#endif %: - dh $@ + dh $@ --buildsystem=meson \ + $(DH_ARGS) override_dh_auto_clean: dh_auto_clean rm -f dnslabeltext.cc chmod +x mkpubsuffixcc || true +# We need clang (LLVM) to link the Rust static library and the C++ code with LTO enabled +# build-id SHA1 prevents an issue with the debug symbols ("export: `-Wl,--build-id=sha1': not a valid identifier") + override_dh_auto_configure: - PATH=debian/configure-helpers/:$$PATH dh_auto_configure -- \ - --sysconfdir=/etc/powerdns \ - --enable-systemd --with-systemd=/lib/systemd/system \ - --enable-unit-tests \ - --disable-silent-rules \ - --with-service-user=pdns \ - --with-service-group=pdns \ - --with-libcap \ - --with-libsodium \ - --with-lua \ - --with-net-snmp \ - --enable-dns-over-tls \ - --enable-dnstap \ - --enable-nod \ - $(CONFIGURE_ARGS) + LDFLAGS="-latomic -fuse-ld=lld -Wl,--build-id=sha1" \ + CC=clang \ + CXX=clang++ \ + PKG_CONFIG_PATH=/opt/lib/pkgconfig dh_auto_configure -- \ + --sysconfdir=%{_sysconfdir}/%{name} \ + -Db_lto=true \ + -Db_lto_mode=thin \ + -Db_pie=true \ + -Dunit-tests=true \ + -Ddns-over-tls=enabled \ + -Ddnstap=enabled \ + -Dlibcap=enabled \ + -Dsigners-libsodium=enabled \ + -Dsnmp=enabled \ + -Dnod=enabled \ + $(MESON_ARGS) + +override_dh_auto_build-arch: + dh_auto_build # Stop installing the Lua config files once we fully moved to YAML configuration override_dh_auto_install: diff --git a/builder-support/dockerfiles/Dockerfile.authoritative b/builder-support/dockerfiles/Dockerfile.authoritative index b9318faa85..93aed05028 100644 --- a/builder-support/dockerfiles/Dockerfile.authoritative +++ b/builder-support/dockerfiles/Dockerfile.authoritative @@ -1,4 +1,4 @@ -FROM alpine:3.18 as pdns-authoritative +FROM alpine:3.21 AS pdns-authoritative ARG BUILDER_CACHE_BUSTER= RUN apk add --no-cache gcc g++ make tar autoconf automake protobuf-dev lua-dev \ diff --git a/builder-support/dockerfiles/Dockerfile.debbuild-prepare b/builder-support/dockerfiles/Dockerfile.debbuild-prepare index bd84111fb3..3f4a0810a6 100644 --- a/builder-support/dockerfiles/Dockerfile.debbuild-prepare +++ b/builder-support/dockerfiles/Dockerfile.debbuild-prepare @@ -1,4 +1,4 @@ -FROM dist-base as package-builder +FROM dist-base AS package-builder ARG APT_URL RUN DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends devscripts dpkg-dev build-essential python3-venv equivs curl jq @@ -11,6 +11,9 @@ ADD builder-support/helpers/ /pdns/builder-support/helpers/ @IF [ -n "$M_recursor$M_all" ] COPY --from=pdns-recursor /tmp/rust* /tmp RUN cd /pdns/builder-support/helpers/ && ./install_rust.sh +RUN DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends git cmake clang +RUN DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends python3-pip ninja-build +RUN cd /pdns/builder-support/helpers/ && ./install_meson.sh @ENDIF @IF [ -n "$M_dnsdist$M_all" ] @@ -36,9 +39,9 @@ RUN cp /sdist/pdns-${BUILDER_VERSION}.tar.bz2 pdns_${BUILDER_VERSION}.orig.tar.b @ENDIF @IF [ -n "$M_recursor$M_all" ] -RUN tar xvf /sdist/pdns-recursor-${BUILDER_VERSION}.tar.bz2 +RUN tar xvf /sdist/pdns-recursor-${BUILDER_VERSION}.tar.xz # create copy of source tarball with name that dpkg-source requires -RUN cp /sdist/pdns-recursor-${BUILDER_VERSION}.tar.bz2 pdns-recursor_${BUILDER_VERSION}.orig.tar.bz2 +RUN cp /sdist/pdns-recursor-${BUILDER_VERSION}.tar.xz pdns-recursor_${BUILDER_VERSION}.orig.tar.xz @ENDIF @IF [ -n "$M_dnsdist$M_all" ] diff --git a/builder-support/dockerfiles/Dockerfile.dnsdist b/builder-support/dockerfiles/Dockerfile.dnsdist index 4c5f7ac568..0c39b90afb 100644 --- a/builder-support/dockerfiles/Dockerfile.dnsdist +++ b/builder-support/dockerfiles/Dockerfile.dnsdist @@ -1,4 +1,4 @@ -FROM alpine:3.21 as dnsdist +FROM alpine:3.21 AS dnsdist ARG BUILDER_CACHE_BUSTER= RUN apk add --no-cache gcc g++ make tar autoconf automake protobuf-dev lua-dev \ diff --git a/builder-support/dockerfiles/Dockerfile.target.debian-bookworm b/builder-support/dockerfiles/Dockerfile.target.debian-bookworm index d134ec0739..c087b9940d 100644 --- a/builder-support/dockerfiles/Dockerfile.target.debian-bookworm +++ b/builder-support/dockerfiles/Dockerfile.target.debian-bookworm @@ -1,7 +1,7 @@ # First do the source builds @INCLUDE Dockerfile.target.sdist -FROM debian:bookworm as dist-base +FROM debian:bookworm AS dist-base ARG BUILDER_CACHE_BUSTER= ARG APT_URL diff --git a/builder-support/dockerfiles/Dockerfile.target.debian-bullseye b/builder-support/dockerfiles/Dockerfile.target.debian-bullseye index af6d17f241..be9ee6570a 100644 --- a/builder-support/dockerfiles/Dockerfile.target.debian-bullseye +++ b/builder-support/dockerfiles/Dockerfile.target.debian-bullseye @@ -1,7 +1,7 @@ # First do the source builds @INCLUDE Dockerfile.target.sdist -FROM debian:bullseye as dist-base +FROM debian:bullseye AS dist-base ARG BUILDER_CACHE_BUSTER= ARG APT_URL diff --git a/builder-support/dockerfiles/Dockerfile.target.debian-trixie b/builder-support/dockerfiles/Dockerfile.target.debian-trixie index 21759e0b61..117ac53fa4 100644 --- a/builder-support/dockerfiles/Dockerfile.target.debian-trixie +++ b/builder-support/dockerfiles/Dockerfile.target.debian-trixie @@ -1,7 +1,7 @@ # First do the source builds @INCLUDE Dockerfile.target.sdist -FROM debian:trixie as dist-base +FROM debian:trixie AS dist-base ARG BUILDER_CACHE_BUSTER= ARG APT_URL diff --git a/builder-support/dockerfiles/Dockerfile.target.sdist b/builder-support/dockerfiles/Dockerfile.target.sdist index 0d220eb426..45fe6630d0 100644 --- a/builder-support/dockerfiles/Dockerfile.target.sdist +++ b/builder-support/dockerfiles/Dockerfile.target.sdist @@ -10,7 +10,7 @@ @INCLUDE Dockerfile.dnsdist @ENDIF -FROM alpine:3.18 AS sdist +FROM alpine:3.21 AS sdist ARG BUILDER_CACHE_BUSTER= @IF [ -z "$M_authoritative$M_recursor$M_dnsdist$M_all" ] diff --git a/builder-support/dockerfiles/Dockerfile.target.ubuntu-jammy b/builder-support/dockerfiles/Dockerfile.target.ubuntu-jammy index ef53fbfa39..656b66a770 100644 --- a/builder-support/dockerfiles/Dockerfile.target.ubuntu-jammy +++ b/builder-support/dockerfiles/Dockerfile.target.ubuntu-jammy @@ -1,7 +1,7 @@ # First do the source builds @INCLUDE Dockerfile.target.sdist -FROM ubuntu:jammy as dist-base +FROM ubuntu:jammy AS dist-base ARG BUILDER_CACHE_BUSTER= ARG APT_URL diff --git a/builder-support/dockerfiles/Dockerfile.target.ubuntu-noble b/builder-support/dockerfiles/Dockerfile.target.ubuntu-noble index bc1b8dcd71..84b97333ff 100644 --- a/builder-support/dockerfiles/Dockerfile.target.ubuntu-noble +++ b/builder-support/dockerfiles/Dockerfile.target.ubuntu-noble @@ -1,7 +1,7 @@ # First do the source builds @INCLUDE Dockerfile.target.sdist -FROM ubuntu:noble as dist-base +FROM ubuntu:noble AS dist-base ARG BUILDER_CACHE_BUSTER= ARG APT_URL diff --git a/builder-support/dockerfiles/Dockerfile.target.ubuntu-oracular b/builder-support/dockerfiles/Dockerfile.target.ubuntu-oracular index 4734567e21..2af8721dc7 100644 --- a/builder-support/dockerfiles/Dockerfile.target.ubuntu-oracular +++ b/builder-support/dockerfiles/Dockerfile.target.ubuntu-oracular @@ -1,7 +1,7 @@ # First do the source builds @INCLUDE Dockerfile.target.sdist -FROM ubuntu:oracular as dist-base +FROM ubuntu:oracular AS dist-base ARG BUILDER_CACHE_BUSTER= ARG APT_URL diff --git a/pdns/recursordist/meson.build b/pdns/recursordist/meson.build index b466a5ad12..4e8401acc5 100644 --- a/pdns/recursordist/meson.build +++ b/pdns/recursordist/meson.build @@ -78,6 +78,7 @@ subdir('meson' / 'libresolv') # res_query subdir('meson' / 'dnstap') # DNSTAP through libfstream subdir('meson' / 'libcurl') # Curl subdir('meson' / 'libcap') # Capabilities +subdir('meson' / 'dlopen') # our Rust static library needs dlopen subdir('rec-rust-lib') @@ -306,6 +307,7 @@ deps = [ dep_pdns, dep_no_config_in_source, dep_rust_recrust, + dep_dlopen, dep_boost, dep_boost_context, dep_threads, -- 2.47.2