johan
/
vault1984
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vault1984/Makefile

119 lines
3.5 KiB
Makefile
Raw Blame History

# vault1984 — build pipeline
# FIPS 140-3: BoringCrypto via GOEXPERIMENT=boringcrypto
# Requires Go 1.24+ (verified: go1.24.0)
#
# Usage:
# make deploy — build + test + restart everything
# make deploy-app — build + test + restart app only
# make deploy-web — build + restart website only
# make status — check what's running
GOEXPERIMENT := boringcrypto
export GOEXPERIMENT
APP_DIR := app
WEB_DIR := website
CLI_DIR := cli
APP_BIN := $(APP_DIR)/vault1984
WEB_BIN := $(WEB_DIR)/vault1984-web
CLI_BIN := $(CLI_DIR)/vault1984-cli
APP_ENTRY := ./cmd/vault1984
WEB_ENTRY := .
LDFLAGS := -s -w
GOFLAGS := -trimpath
.PHONY: all app website cli test clean deploy deploy-app deploy-web \
restart restart-app restart-web stop stop-app stop-web status verify-fips
# --- build ---
all: app website
app:
cp crypto/*.js $(APP_DIR)/cmd/vault1984/web/
cd $(APP_DIR) && go build $(GOFLAGS) -ldflags '$(LDFLAGS)' -o vault1984 $(APP_ENTRY)
@echo "built $(APP_BIN) (FIPS)"
website:
cd $(WEB_DIR) && go build $(GOFLAGS) -ldflags '$(LDFLAGS)' -o vault1984-web $(WEB_ENTRY)
@echo "built $(WEB_BIN) (FIPS)"
cli:
$(MAKE) -C $(CLI_DIR)
@strip $(CLI_BIN) 2>/dev/null || true
@echo "built $(CLI_BIN) ($$(wc -c < $(CLI_BIN)) bytes, stripped)"
# --- test ---
test:
cd $(APP_DIR) && go test ./api/... -v
# --- deploy ---
deploy: all test verify-fips restart
@echo "--- deployed ---"
deploy-app: app test verify-fips-app restart-app
@echo "--- app deployed ---"
deploy-web: website verify-fips-web restart-web
@echo "--- website deployed ---"
# --- verify ---
verify-fips: verify-fips-app verify-fips-web
verify-fips-app:
@go version -m $(APP_BIN) | grep -q 'GOEXPERIMENT=boringcrypto' && echo "app: FIPS 140-3 (BoringCrypto) ✓" || { echo "app: BoringCrypto NOT linked ✗"; exit 1; }
verify-fips-web:
@go version -m $(WEB_BIN) | grep -q 'GOEXPERIMENT=boringcrypto' && echo "web: FIPS 140-3 (BoringCrypto) ✓" || { echo "web: BoringCrypto NOT linked ✗"; exit 1; }
# --- process management ---
stop-app:
@pkill -f './vault1984$$' 2>/dev/null || pkill -f 'vault1984/vault1984$$' 2>/dev/null || true
@sleep 0.5
stop-web:
@pkill -f 'vault1984-web$$' 2>/dev/null || true
@sleep 0.5
stop: stop-app stop-web
restart-app: stop-app
cd $(APP_DIR) && set -a && . ./.env && set +a && nohup ./vault1984 > /tmp/vault1984.log 2>&1 &
@sleep 1
@ss -tlnp | grep -q ':1984' && echo "app running on :1984 ✓" || { echo "app failed to start ✗"; cat /tmp/vault1984.log; exit 1; }
restart-web: stop-web
cd $(WEB_DIR) && nohup ./vault1984-web > /tmp/vault1984-web.log 2>&1 &
@sleep 1
@ss -tlnp | grep -q ':8099' && echo "website running on :8099 ✓" || { echo "website failed to start ✗"; cat /tmp/vault1984-web.log; exit 1; }
restart: restart-app restart-web
status:
@echo "--- processes ---"
@ps aux | grep -E 'vault1984(-web)?$$' | grep -v grep || echo "nothing running"
@echo "--- ports ---"
@ss -tlnp | grep -E ':1984|:8099' || echo "no ports open"
@echo "--- fips ---"
@go version -m $(APP_BIN) 2>/dev/null | grep -q 'GOEXPERIMENT=boringcrypto' && echo "app: FIPS ✓" || echo "app: not built or no FIPS"
@go version -m $(WEB_BIN) 2>/dev/null | grep -q 'GOEXPERIMENT=boringcrypto' && echo "web: FIPS ✓" || echo "web: not built or no FIPS"
# --- logs ---
logs-app:
@tail -f /tmp/vault1984.log
logs-web:
@tail -f /tmp/vault1984-web.log
# --- clean ---
clean:
rm -f $(APP_BIN) $(WEB_BIN)
$(MAKE) -C $(CLI_DIR) clean
Reference in New Issue View Git Blame Copy Permalink