diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8cf3ec427..dca01d819 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -78,6 +78,7 @@ jobs: outputs: semVerNum: ${{ steps.versions.outputs.semVerNum }} semVerStr: ${{ steps.versions.outputs.semVerStr }} + ppaVerStr: ${{ steps.versions.outputs.ppaVerStr }} revNum: ${{ steps.versions.outputs.revNum }} steps: - uses: actions/checkout@v2 @@ -86,15 +87,19 @@ jobs: - id: versions run: | if [[ $GITHUB_REF == refs/tags/* ]]; then - VERSION_NUM=`echo ${GITHUB_REF##*/} | sed -E 's/([0-9]+\.[0-9]+\.[0-9]+).*/\1/'` - echo "::set-output name=semVerStr::${GITHUB_REF##*/}" - echo "::set-output name=semVerNum::${VERSION_NUM}" + SEM_VER_STR=${GITHUB_REF##*/} else - VERSION_NUM=`echo "${{ github.event.inputs.semver }}" | sed -E 's/([0-9]+\.[0-9]+\.[0-9]+).*/\1/'` - echo "::set-output name=semVerStr::${{ github.event.inputs.semver }}" - echo "::set-output name=semVerNum::${VERSION_NUM}" + SEM_VER_STR=${{ github.event.inputs.semver }} fi - echo "::set-output name=revNum::`git rev-list --count HEAD`" + SEM_VER_NUM=`echo ${SEM_VER_STR} | sed -E 's/([0-9]+\.[0-9]+\.[0-9]+).*/\1/'` + REVCOUNT=`git rev-list --count HEAD` + echo "::set-output name=semVerStr::${SEM_VER_STR}" + echo "::set-output name=semVerNum::${SEM_VER_NUM}" + echo "::set-output name=ppaVerStr::${SEM_VER_STR/-/\~}-${REVCOUNT}" + echo "::set-output name=revNum::${REVCOUNT}" + - uses: rubenesp87/semver-validation-action@0.0.6 + with: + version: ${{ steps.versions.outputs.semVerStr }} # # Application Directory @@ -195,6 +200,69 @@ jobs: path: appdir.tar if-no-files-found: error +# +# Linux PPA Source Package +# + ppa: + name: Upload source package to PPA + needs: [buildkit, metadata] + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: install build tools + run: | + sudo apt-get update + sudo apt-get install debhelper devscripts dput + - name: Download linux-buildkit + uses: actions/download-artifact@v2 + with: + name: linux-buildkit + path: pkgdir + - name: create orig.tar.gz + run: tar -cJf cryptomator_${{ needs.metadata.outputs.ppaVerStr }}.orig.tar.xz -C pkgdir . + - name: patch and rename pkgdir + run: | + cp -r dist/linux/debian/ pkgdir + cp -r dist/linux/resources/ pkgdir + export RFC2822_TIMESTAMP=`date --rfc-2822` + envsubst '${VERSION_STR} ${VERSION_NUM} ${REVISION_NUM}' < dist/linux/debian/rules > pkgdir/debian/rules + envsubst '${VERSION_STR}' < dist/linux/debian/org.cryptomator.Cryptomator.desktop > pkgdir/debian/org.cryptomator.Cryptomator.desktop + envsubst '${PPA_VERSION} ${RFC2822_TIMESTAMP}' < dist/linux/debian/changelog > pkgdir/debian/changelog + find . -name "*.jar" >> pkgdir/debian/source/include-binaries + mv pkgdir cryptomator_${{ needs.metadata.outputs.ppaVerStr }} + env: + VERSION_STR: ${{ needs.metadata.outputs.semVerStr }} + VERSION_NUM: ${{ needs.metadata.outputs.semVerNum }} + REVISION_NUM: ${{ needs.metadata.outputs.revNum }} + PPA_VERSION: ${{ needs.metadata.outputs.ppaVerStr }}-0ppa1 + - name: import gpg key 615D449FE6E6A235 + run: | + echo "${GPG_PRIVATE_KEY}" | gpg --batch --quiet --import + echo "${GPG_PASSPHRASE}" | gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 615D449FE6E6A235 --dry-run --sign dist/linux/debian/rules + env: + GPG_PRIVATE_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }} + GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }} + - name: debuild + run: debuild -S -sa -d + env: + DEBSIGN_PROGRAM: gpg --batch --pinentry-mode loopback + DEBSIGN_KEYID: 615D449FE6E6A235 + working-directory: cryptomator_${{ needs.metadata.outputs.ppaVerStr }} + - name: Upload artifacts + uses: actions/upload-artifact@v2 + with: + name: linux-deb-source-package + path: | + cryptomator_*.dsc + cryptomator_*.orig.tar.xz + cryptomator_*.debian.tar.xz + cryptomator_*_source.changes + cryptomator_*_source.buildinfo + - name: dput to beta repo + run: dput ppa:sebastian-stenzel/cryptomator-beta cryptomator_${PPA_VERSION}_source.changes + env: + PPA_VERSION: ${{ needs.metadata.outputs.ppaVerStr }}-0ppa1 + # # Linux Cryptomator.AppImage # diff --git a/.github/workflows/tmp.yml b/.github/workflows/tmp.yml deleted file mode 100644 index 068d1f1c8..000000000 --- a/.github/workflows/tmp.yml +++ /dev/null @@ -1,15 +0,0 @@ -name: Tmp Playground # committed on develop to make `workflow_dispatch` work. Will be removed, once PPA uploads work - -on: - workflow_dispatch: - -jobs: - -# -# Dummy -# - dummy: - name: Basically noop - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 \ No newline at end of file diff --git a/dist/linux/debian/changelog b/dist/linux/debian/changelog new file mode 100644 index 000000000..84a9756f9 --- /dev/null +++ b/dist/linux/debian/changelog @@ -0,0 +1,5 @@ +cryptomator (${PPA_VERSION}) focal; urgency=low + + * Full changelog can be found on https://github.com/cryptomator/cryptomator/releases + + -- Cryptobot ${RFC2822_TIMESTAMP} diff --git a/dist/linux/debian/compat b/dist/linux/debian/compat new file mode 100644 index 000000000..f599e28b8 --- /dev/null +++ b/dist/linux/debian/compat @@ -0,0 +1 @@ +10 diff --git a/dist/linux/debian/control b/dist/linux/debian/control new file mode 100644 index 000000000..2f9e94ac1 --- /dev/null +++ b/dist/linux/debian/control @@ -0,0 +1,23 @@ +Source: cryptomator +Maintainer: Cryptobot +Section: utils +Priority: optional +Build-Depends: debhelper (>=10), openjdk-16-jdk +Standards-Version: 4.5.0 +Homepage: https://cryptomator.org +Vcs-Git: https://github.com/cryptomator/cryptomator.git +Vcs-browser: https://github.com/cryptomator/cryptomator + +Package: cryptomator +Architecture: any +Section: utils +Priority: optional +Depends: ${shlibs:Depends}, ${misc:Depends}, libfuse2, xdg-utils, libjffi-jni +Recommends: gvfs-backends, gvfs-fuse, gnome-keyring +XB-AppName: Cryptomator +XB-Category: Utility;Security;FileTools; +Homepage: https://cryptomator.org +Description: Multi-platform client-side encryption of your cloud files. + Cryptomator provides free client-side AES encryption for your cloud files. + Create encrypted vaults, which get mounted as virtual volumes. Whatever + you save on one of these volumes will end up encrypted inside your vault. diff --git a/dist/linux/debian/copyright b/dist/linux/debian/copyright new file mode 100644 index 000000000..ba6980bb8 --- /dev/null +++ b/dist/linux/debian/copyright @@ -0,0 +1,39 @@ +Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: cryptomator +Upstream-Contact: Cryptomator +Source: https://cryptomator.org + +Files: * +Copyright: 2016-2021 Skymatic GmbH +License: GPL-3+ + +Files: debian/org.cryptomator.Cryptomator.appdata.xml +Copyright: 2016-2021 Skymatic GmbH +License: FSFAP + +License: GPL-3+ + This program is free software: you can redistribute it + and/or modify it under the terms of the GNU General Public + License as published by the Free Software Foundation, either + version 3 of the License, or (at your option) any later + version. + . + This program is distributed in the hope that it will be + useful, but WITHOUT ANY WARRANTY; without even the implied + warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR + PURPOSE. See the GNU General Public License for more + details. + . + You should have received a copy of the GNU General Public + License along with this program. If not, see + . + . + On Debian systems, the full text of the GNU General Public + License version 3 can be found in the file + `/usr/share/common-licenses/GPL-3'. + +License: FSFAP + Copying and distribution of this file, with or without modification, are + permitted in any medium without royalty provided the copyright notice and + this notice are preserved. This file is offered as-is, without any + warranty. \ No newline at end of file diff --git a/dist/linux/debian/cryptomator-vault.xml b/dist/linux/debian/cryptomator-vault.xml new file mode 100644 index 000000000..eeb4bc537 --- /dev/null +++ b/dist/linux/debian/cryptomator-vault.xml @@ -0,0 +1,7 @@ + + + + Cryptomator Vault Metadata + + + diff --git a/dist/linux/debian/cryptomator.install b/dist/linux/debian/cryptomator.install new file mode 100644 index 000000000..0d5e0b31c --- /dev/null +++ b/dist/linux/debian/cryptomator.install @@ -0,0 +1,7 @@ +cryptomator usr/lib +debian/cryptomator.sh usr/lib/cryptomator/bin +debian/org.cryptomator.Cryptomator.desktop usr/share/applications +debian/org.cryptomator.Cryptomator.svg usr/share/icons/hicolor/scalable/apps +debian/org.cryptomator.Cryptomator.png usr/share/icons/hicolor/512x512/apps +debian/org.cryptomator.Cryptomator.appdata.xml usr/share/metainfo +debian/cryptomator-vault.xml usr/share/mime/packages \ No newline at end of file diff --git a/dist/linux/debian/cryptomator.links b/dist/linux/debian/cryptomator.links new file mode 100644 index 000000000..8cc4cd0d4 --- /dev/null +++ b/dist/linux/debian/cryptomator.links @@ -0,0 +1 @@ +usr/lib/cryptomator/bin/cryptomator.sh usr/bin/cryptomator diff --git a/dist/linux/debian/cryptomator.sh b/dist/linux/debian/cryptomator.sh new file mode 100644 index 000000000..b8cea3cfe --- /dev/null +++ b/dist/linux/debian/cryptomator.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +# fix for https://github.com/cryptomator/cryptomator/issues/1370 +export LD_PRELOAD=/usr/lib/x86_64-linux-gnu/jni/libjffi-1.2.so + +/usr/lib/cryptomator/bin/cryptomator \ No newline at end of file diff --git a/dist/linux/debian/org.cryptomator.Cryptomator.appdata.xml b/dist/linux/debian/org.cryptomator.Cryptomator.appdata.xml new file mode 100644 index 000000000..ad4af6c70 --- /dev/null +++ b/dist/linux/debian/org.cryptomator.Cryptomator.appdata.xml @@ -0,0 +1,69 @@ + + + + org.cryptomator.Cryptomator + FSFAP + GPL-3.0-or-later + Cryptomator + Multi-platform client-side encryption tool optimized for cloud storages + +

+ Cryptomator offers multi-platform transparent client-side encryption of your files in the cloud. +

+

+ Features: +

    +
  • Works with Dropbox, Google Drive, OneDrive, ownCloud, Nextcloud and any other cloud storage service which synchronizes with a local directory
    • +
  • Open Source means: No backdoors, control is better than trust
    • +
  • Client-side: No accounts, no data shared with any online service
    • +
  • Totally transparent: Just work on the virtual drive as if it were a USB flash drive
    • +
  • AES encryption with 256-bit key length
    • +
  • File names get encrypted
    • +
  • Folder structure gets obfuscated
    • +
  • Use as many vaults in your Dropbox as you want, each having individual passwords
    • +
  • One thousand commits for the security of your data!! :tada:
    • +
+

+

+ Privacy: +

    +
  • 256-bit keys (unlimited strength policy bundled with native binaries)
    • +
  • Scrypt key derivation
    • +
  • Cryptographically secure random numbers for salts, IVs and the masterkey of course
    • +
  • Sensitive data is wiped from the heap asap
    • +
  • Lightweight: Complexity kills security
    • +
+

+

+ Consistency: +

    +
  • HMAC over file contents to recognize changed ciphertext before decryption
    • +
  • I/O operations are transactional and atomic, if the filesystems support it
    • +
  • Each file contains all information needed for decryption (except for the key of course), no common metadata means no Single Point of Failure
    • +
+

+ + + Office + Security + FileTools + Java + + http://cryptomator.org + https://github.com/cryptomator/cryptomator/issues + https://community.cryptomator.org/c/kb/faq + https://community.cryptomator.org/ + https://cryptomator.org/ + + none + none + none + none + mild + + Cryptomator + + cryptomator + + org.cryptomator.Cryptomator.desktop + diff --git a/dist/linux/debian/org.cryptomator.Cryptomator.desktop b/dist/linux/debian/org.cryptomator.Cryptomator.desktop new file mode 100644 index 000000000..d8a5925bd --- /dev/null +++ b/dist/linux/debian/org.cryptomator.Cryptomator.desktop @@ -0,0 +1,11 @@ +[Desktop Entry] +Name=Cryptomator +Version=${VERSION_STR} +Comment=Cloud Storage Encryption Utility +Exec=/usr/bin/cryptomator %f +Icon=org.cryptomator.Cryptomator +Terminal=false +Type=Application +Categories=Utility;Security;FileTools; +StartupWMClass=org.cryptomator.launcher.Cryptomator +MimeType=application/vnd.cryptomator.encrypted;application/x-vnd.cryptomator.vault-metadata; \ No newline at end of file diff --git a/dist/linux/debian/org.cryptomator.Cryptomator.png b/dist/linux/debian/org.cryptomator.Cryptomator.png new file mode 100644 index 000000000..9c8635111 Binary files /dev/null and b/dist/linux/debian/org.cryptomator.Cryptomator.png differ diff --git a/dist/linux/debian/org.cryptomator.Cryptomator.svg b/dist/linux/debian/org.cryptomator.Cryptomator.svg new file mode 100644 index 000000000..19d80d49c --- /dev/null +++ b/dist/linux/debian/org.cryptomator.Cryptomator.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/dist/linux/debian/postinst b/dist/linux/debian/postinst new file mode 100644 index 000000000..2af574c6b --- /dev/null +++ b/dist/linux/debian/postinst @@ -0,0 +1,44 @@ +#!/bin/sh +# postinst script for Cryptomator +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-remove' +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + +case "$1" in + configure) + echo Adding shortcut to the menu + if [ ! -d "/usr/share/desktop-directories" ]; then + mkdir -p /usr/share/desktop-directories + fi + xdg-desktop-menu install --novendor /usr/share/applications/org.cryptomator.Cryptomator.desktop + xdg-mime install /usr/share/mime/packages/cryptomator-vault.xml + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/dist/linux/debian/prerm b/dist/linux/debian/prerm new file mode 100644 index 000000000..cace6816e --- /dev/null +++ b/dist/linux/debian/prerm @@ -0,0 +1,42 @@ +#!/bin/sh +# prerm script for Cryptomator +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `upgrade' +# * `failed-upgrade' +# * `remove' `in-favour' +# * `deconfigure' `in-favour' +# `removing' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + remove|upgrade|deconfigure) + echo Removing shortcut + + xdg-desktop-menu uninstall --novendor /usr/share/applications/org.cryptomator.Cryptomator.desktop + xdg-mime uninstall /usr/share/mime/packages/cryptomator-vault.xml + ;; + + failed-upgrade) + ;; + + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/dist/linux/debian/rules b/dist/linux/debian/rules new file mode 100755 index 000000000..b36819f8b --- /dev/null +++ b/dist/linux/debian/rules @@ -0,0 +1,53 @@ +#!/usr/bin/make -f +# -*- makefile -*- + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +%: + dh $@ + +override_dh_auto_clean: + rm -rf runtime + rm -rf cryptomator + rm -rf debian/cryptomator + +override_dh_auto_build: + jlink \ + --output runtime \ + --add-modules java.base,java.desktop,java.logging,java.naming,java.net.http,java.scripting,java.sql,java.xml,jdk.unsupported,jdk.crypto.ec,jdk.accessibility \ + --no-header-files \ + --no-man-pages \ + --strip-debug \ + --compress=2 + jpackage \ + --type app-image \ + --runtime-image runtime \ + --input libs \ + --module-path mods \ + --module org.cryptomator.desktop/org.cryptomator.launcher.Cryptomator \ + --dest . \ + --name cryptomator \ + --vendor "Skymatic GmbH" \ + --copyright "(C) 2016 - 2021 Skymatic GmbH" \ + --java-options "-Xss5m" \ + --java-options "-Xmx256m" \ + --java-options "-Dfile.encoding=\"utf-8\"" \ + --java-options "-Dcryptomator.logDir=\"~/.local/share/Cryptomator/logs\"" \ + --java-options "-Dcryptomator.pluginDir=\"~/.local/share/Cryptomator/plugins\"" \ + --java-options "-Dcryptomator.settingsPath=\"~/.config/Cryptomator/settings.json:~/.Cryptomator/settings.json\"" \ + --java-options "-Dcryptomator.ipcSocketPath=\"~/.config/Cryptomator/ipc.socket\"" \ + --java-options "-Dcryptomator.mountPointsDir=\"~/.local/share/Cryptomator/mnt\"" \ + --java-options "-Dcryptomator.showTrayIcon=false" \ + --java-options "-Dcryptomator.buildNumber=\"ppa-${REVISION_NUM}\"" \ + --java-options "-Dcryptomator.appVersion=\"${VERSION_STR}\"" \ + --app-version "${VERSION_NUM}.${REVISION_NUM}" \ + --resource-dir resources \ + --verbose + +override_dh_fixperms: + dh_fixperms + chmod +x debian/cryptomator/usr/lib/cryptomator/bin/cryptomator.sh + +# override_dh_strip: + # no-op diff --git a/dist/linux/debian/source/format b/dist/linux/debian/source/format new file mode 100644 index 000000000..163aaf8d8 --- /dev/null +++ b/dist/linux/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/dist/linux/debian/source/include-binaries b/dist/linux/debian/source/include-binaries new file mode 100644 index 000000000..adc7cabd8 --- /dev/null +++ b/dist/linux/debian/source/include-binaries @@ -0,0 +1,2 @@ +debian/org.cryptomator.Cryptomator.png +resources/cryptomator.png diff --git a/dist/linux/resources/Cryptomator.png b/dist/linux/resources/cryptomator.png similarity index 100% rename from dist/linux/resources/Cryptomator.png rename to dist/linux/resources/cryptomator.png