chiark / gitweb /
~ianmdlvl / fdroidserver.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1f59d6f)
makebuildserver: add workaround to Ubuntu/trusty's old paramiko
authorHans-Christoph Steiner <hans@eds.org>
Thu, 4 Feb 2016 07:42:53 +0000 (08:42 +0100)
committerHans-Christoph Steiner <hans@eds.org>
Thu, 11 Feb 2016 19:27:30 +0000 (20:27 +0100)
Ubuntu trusty 14.04's paramiko does not work with jessie's openssh's
default settings, so they need to be tweaked in order to provide working
ssh to the instance.

https://stackoverflow.com/questions/7286929/paramiko-incompatible-ssh-peer-no-acceptable-kex-algorithm/32691055#32691055

buildserver/cookbooks/fdroidbuild-general/recipes/default.rb patch | blob | history
makebuildserver patch | blob | history

diff --git a/buildserver/cookbooks/fdroidbuild-general/recipes/default.rb b/buildserver/cookbooks/fdroidbuild-general/recipes/default.rb
index 8b61c3fc046cc6ab88020ed69035d6d38f1ea1d2..27a271a34c72cfbdf233565a35c435e1a4b563f8 100644 (file)
--- a/buildserver/cookbooks/fdroidbuild-general/recipes/default.rb
+++ b/buildserver/cookbooks/fdroidbuild-general/recipes/default.rb
@@ -105,3 +105,11 @@ execute "set-default-java" do
   command "update-java-alternatives --set java-1.7.0-openjdk-i386"
 end
 
+# Ubuntu trusty 14.04's paramiko does not work with jessie's openssh's default settings
+# https://stackoverflow.com/questions/7286929/paramiko-incompatible-ssh-peer-no-acceptable-kex-algorithm/32691055#32691055
+execute "support-ubuntu-trusty-paramiko" do
+  only_if { node[:settings][:ubuntu_trusty] == 'true' }
+  command "echo Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes128-ctr >> /etc/ssh/sshd_config"
+  command "echo MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,hmac-sha1 >> /etc/ssh/sshd_config"
+  command "echo KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 >> /etc/ssh/sshd_config"
+end
diff --git a/makebuildserver b/makebuildserver
index 0ec3eebed45101cba12c92df93fa302ff657b4f5..a4fbd6d91b448da5776b6cab0484cffc0f078388 100755 (executable)
--- a/makebuildserver
+++ b/makebuildserver
@@ -392,6 +392,7 @@ vagrantfile += """
         :sdk_loc => "/home/vagrant/android-sdk",
         :ndk_loc => "/home/vagrant/android-ndk",
         :debian_mirror => "%s",
+        :ubuntu_trusty => "%s",
         :user => "vagrant"
       }
     }
@@ -402,7 +403,8 @@ vagrantfile += """
     chef.add_recipe "kivy"
   end
 end
-""" % (config['debian_mirror'])
+""" % (config['debian_mirror'],
+       str('14.04' in os.uname()[3]).lower())
 
 # Check against the existing Vagrantfile, and if they differ, we need to
 # create a new box:
Unnamed repository; edit this file 'description' to name the repository.