projekte/edgeguard-native
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1b2c0d74110e3bb5223d75f449b08ad04b4702dd
edgeguard-native/packaging/debian/edgeguard-api/DEBIAN/control
Debian f0589e5628 feat(deploy): (d) end-to-end .deb install on 89.163.205.6 grün 
Box (Debian 13 Trixie, amd64): apt install ./edgeguard-{api,ui,meta}.deb
zieht postgresql-17, haproxy 3.0, certbot, openssl, etc. nach.
postinst flow läuft sauber: migrate check → initdb → migrate up
(8 migrations) → render-config → install HAProxy drop-in → restart
haproxy → enable api+scheduler. Self-register in ha_nodes nach
Setup-Wizard funktioniert.

End-to-end smoke gegen 89.163.205.6:
* :80  → 301 Moved Permanently → https://
* :443 → TLS termination (self-signed _default.pem aus postinst)
        → JSON envelope vom api_backend (HTTP/2 + HSTS)
* /    → React index.html aus /usr/share/edgeguard/ui/

Änderungen:
* control: keydb-server von Depends nach Recommends — single-node v1
  installiert ohne KeyDB. Phase-3.1 multi-node bringt es zurück nach
  Depends sobald ein eigenes APT-Repo das Paket bereitstellt.
* postinst: render-config (--no-reload) + HAProxy-Drop-in installen +
  systemctl restart haproxy als zusätzliche Schritte.
* postrm: drop-in auf remove + purge entfernen, daemon-reload, ggf.
  haproxy auf distro-default zurückreloaden.
* deploy/systemd/haproxy-edgeguard.conf: Drop-in lenkt HAProxy-Unit
  auf /etc/edgeguard/haproxy/haproxy.cfg statt /etc/haproxy/haproxy.cfg.
  After=edgeguard-api.service vermeidet 503-Race in den ersten 5s.
* scripts/apt-repo/build-package.sh: shippt Drop-in unter
  /etc/edgeguard/systemd/haproxy-edgeguard.conf in der edgeguard-api.deb.
* haproxy.cfg.tpl: http-request redirect vor use_backend → keine
  HAProxy-Warning beim Parsen mehr.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-09 14:02:14 +02:00

20 lines
945 B
Plaintext
Raw Blame History

Package: edgeguard-api
Version: __VERSION__
Architecture: __ARCH__
Maintainer: NetCell IT <support@netcell-it.de>
Homepage: https://edgeguard.netcell-it.de
Description: EdgeGuard — native Reverse-Proxy / LB / Forward-Proxy / VPN / Firewall
EdgeGuard is a native Debian/Ubuntu edge gateway combining HAProxy
(TLS termination + L7 routing + LB), Squid, WireGuard, Unbound and
nftables, configured from a PostgreSQL single-source-of-truth via
a Go management API.
Deployable as a cluster of symmetric peers (KeyDB Active-Active +
PG Streaming Replication + provider Floating-IP for HTTP ingress).
.
This package ships the management API, scheduler and CLI.
Depends: postgresql-16 | postgresql-17, haproxy (>= 2.8), squid, wireguard-tools, unbound, nftables, certbot, openssl, sudo, adduser, systemd, ca-certificates
Recommends: edgeguard-keydb (>= 6.3.4-edgeguard1), apparmor, fail2ban
Section: admin
Priority: optional
Installed-Size: 0
Reference in New Issue View Git Blame Copy Permalink