DCRM - Darwin Cydia Repository Manager (Version 4)
DO NOT USE DCRM FOR DISTRIBUTING PIRATED PACKAGES. 请勿使用 DCRM 分发盗版软件包.
- SUMMARY
- DEMO
- DOCKER DEPLOY 自动部署
- PUBLISH REPOSITORY 发布软件源
- MANUALLY DEPLOY 手动部署
- CONTRIBUTORS
- LICENSE 版权声明
DCRM means Darwin Cydia Repo (APT) Manager, which is designed for Jay Freeman's Cydia. Cydia is an universal package manager for jailbroken devices.
- full featured dashboard powered by Django and Django Suit
- restful APIs with full documentation powered by Django REST framework
- import Debian package (.deb) via http or ftp upload
- manage packages, versions, sections and icons
- sync control fields between db and the
control
file inside package automatically - auto generated depiction pages, mobile optimized
- threaded comments & screenshots gallery
- iOS version / product type compatibility check
- version history & downgrade support
- download count & statistics
- scheduled tasks
- multiple users / groups
- CDN/OSS friendly
- GPG signature
- supports Docker
- apt pdiff feature
- support for commercial packages
- more themes
This demo is deployed using Container Optimized OS on Google Cloud.
- Username:
root
- Password:
dcrmpass
Watch the guide video: https://youtu.be/dvNCRckm2Cc
以下步骤能完整部署 DCRM 最新副本, 启用了任务队列及页面缓存支持, 你可以根据需要调整自己的配置.
- 如果你还没有下载此项目, 建议使用
git
克隆该仓库:
# download this project or clone this git repo:
git clone --depth 1 https://github.com/82Flex/DCRM.git && cd DCRM
- 构建并启动 DCRM 容器:
# build and launch DCRM via `docker-compose`
docker-compose up --build --detach
- 先附加到容器中:
# attach to `dcrm_app` container
docker exec -i -t dcrm_app /bin/bash
- execute in container: 在容器中执行命令:
# collect static files
python manage.py collectstatic --no-input
# create required database structures
python manage.py migrate
# create super user in database
python manage.py createsuperuser
- access admin panel via
http://127.0.0.1/admin/
, you can upload packages via HTTP or FTP: 现在可以尝试访问 DCRM 后台了, 你可以通过 HTTP 或 FTP 方式上传软件包:
- Default FTP username:
dcrm
- Default FTP password:
dcrm_ftp_password
- 重新构建并在后台启动 DCRM (仅当代码发生变动, 不会影响数据)
# build and launch DCRM in background (when source code changed)
docker-compose up --build --detach
- 仅在后台启动 DCRM
# launch DCRM in background
docker-compose up --detach
- 在前台启动 DCRM
# launch DCRM in foreground to see what happens
docker-compose up
- 停止 DCRM
# shutdown DCRM
docker-compose down
here are a few steps you need to follow:
edit docker/nginx/conf.d/default.conf
:
- set
server_name
to your domain - configure your https server
edit DCRM/.env
:
DCRM_HOST
DCRM_DEBUG
: set it to0
if you're providing subscription to othersDCRM_SECURE_SSL
: set it to1
if you have https certs and properly configuredDCRM_SECRET_KEY
: set it to a random, unique stringDCRM_TIME_ZONE
edit docker-compose.yml
:
- change default FTP username and password in
services:pure-ftpd:environment
,FTP_USER_NAME
andFTP_USER_PASS
, enable FTP over TLS if you want
# 1. attach to `dcrm_app` container
docker exec -i -t dcrm_app /bin/bash
# 2. generate new GPG key
gpg --gen-key --homedir .gnupg
# or
# gpg --allow-secret-key-import --import private.key --homedir .gnupg
# 3. enable GPG feature and configure passphrase in `WEIPDCRM -> Settings -> Security`
# 4. create APT verification package in `WEIPDCRM -> Sections -> Action -> Generate icon package for selected sections`, which will install GPG public key to user's device
Before you publish your repository, there are a few steps you should follow: 部署完成后, 你还需要一些步骤来发布你的软件源:
Sites
Set domains and site names. 在 Sites 中设置域名和站点名称
WEIPDCRM -> Settings
WEIPDCRM -> Releases
Add a new release and set it as an active release. 添加新的 Release 并将其设置为活跃状态
WEIPDCRM -> Sections
WEIPDCRM -> Upload -> New Package
Upload your debian package via HTTP or FTP. 上传你的 deb 包
WEIPDCRM -> Versions
Enable package versions and assign them into sections. 记得启用你的 deb 包 (默认不启用), 并且将它们分配到源分类当中
WEIPDCRM -> Builds
Build the repository to apply all the changes, thus you cannot add this repo in Cydia. 构建全源, 让所有更改生效 (第一次构建前, Cydia 中是无法添加该源的)
- gzip, bzip2, xz (xz-devel)
- Python 3.7 (CentOS: if compiled from source, make sure package
xz-devel
is installed) - Django 1.11+
- MySQL (or MariaDB)
- Redis (optional)
- memcached (optional)
- uwsgi, Nginx (production only)
- vsftpd (or pure-ftpd, optional)
- install dependencies: 安装依赖:
apt-get update
apt-get upgrade
apt-get install git mysql-server libmysqlclient-dev python3-dev python3-pip libjpeg-dev tzdata
- configure mysql: 安装完成后, 登录到 mysql:
service mysql start
mysql_secure_installation
mysql -uroot -p
- create a database for this DCRM instance: 新建 DCRM 数据库:
CREATE DATABASE `DCRM` DEFAULT CHARSET UTF8;
- create mysql user
dcrm
and grant privileges: 新建 dcrm 用户并设置密码:
CREATE USER 'dcrm'@'localhost' IDENTIFIED BY 'thisisthepassword';
GRANT ALL PRIVILEGES ON `DCRM`.* TO 'dcrm'@'localhost';
FLUSH PRIVILEGES;
- clone this git repo: 在合适的位置克隆 DCRM:
mkdir -p /wwwdata
cd /wwwdata
git clone --depth 1 https://github.com/82Flex/DCRM.git
cd /wwwdata/DCRM
- install python modules,
virtualenv
is recommended if you want: 安装必要的 python 模块:
pip3 install -r requirements.txt
mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -D mysql -u root -p
- enable redis support (task queue): 如果你还需要开启 Redis 支持 (用于任务队列):
apt-get install redis-server
service redis-server start
- enable memcached support (page caching): 如果你还需要开启页面缓存, 你可能还需要自行启动 memcached 服务:
apt-get install memcached
service memcached start
- modify
DCRM/.env
:
DCRM_DEBUG=1
for debugging,DCRM_DEBUG=0
for productionDCRM_HOST
: add your domainDCRM_SECRET_KEY
: set it to a random, unique stringDCRM_MYSQL_*
: your mysql configurations, you may use different 'DATABASE' across DCRM instancesDCRM_REDIS_*
: your redis configurations, you may use different 'DB' numbers across DCRM instancesDCRM_MEMCACHED_*
: your memcached configurationsDCRM_LANGUAGE_CODE
andDCRM_TIME_ZONE
- optional features:
DCRM_ENABLE_REDIS
,DCRM_ENABLE_CACHE
,DCRM_ENABLE_API
- collect static files: 同步静态文件:
python3 manage.py collectstatic
- migrate database and create new super user: 同步数据库结构并创建超级用户:
python3 manage.py migrate
python3 manage.py createsuperuser
- run debug server: 启动测试服务器:
python3 manage.py runserver
- access admin panel via
http://127.0.0.1:8000/admin/
生产环境的配置需要有一定的服务器运维经验, 如果你在生产环境的配置过程中遇到困难, 我们提供付费的疑难解答.
We assumed that nginx uses www-data
as its user and group.
假设 nginx 使用 www-data
用作其用户名和用户组名.
here is an example of uwsgi.ini
:
[uwsgi]
chdir = /home/DCRM
module = DCRM.wsgi
master = true
processes = 4
enable-threads = true
threads = 2
thunder-lock = true
socket = :8001
vaccum = true
uid = www-data
gid = www-data
safe-pidfile = /home/run/uwsgi-apt.pid
; daemonize = /dev/null
# test
uwsgi --ini uwsgi.ini
# run
uwsgi --ini uwsgi.ini --daemonize=/dev/null
# kill
kill -INT `cat /home/run/uwsgi-apt.pid`
here is an example of nginx https site configuration file:
upstream django {
server 127.0.0.1:8001; # to match your uwsgi configuration
}
server {
listen 80;
server_name apt.82flex.com; # your domain
rewrite ^/(.*)$ https://apt.82flex.com/$1 permanent; # redirect to https
}
server {
listen 443 ssl;
ssl_certificate /wwwdata/ssl/1_apt.82flex.com_bundle.crt; # your ssl cert
ssl_certificate_key /wwwdata/ssl/2_apt.82flex.com.key; # your ssl key
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
ssl_prefer_server_ciphers on;
server_name apt.82flex.com; # your domain
root /wwwdata/wwwroot; # specify a web root, not the DCRM directory
error_page 497 https://$host$uri?$args;
server_name_in_redirect off;
index index.html;
location = / {
# only enable this section if you want to use DCRM as your home page
rewrite ^ /index/ last;
}
location / {
# only enable this section if you want to use DCRM as your default pages
try_files $uri $uri/ @djangosite;
}
location ~^/static/(.*)$ {
# static files for DCRM, you can change its path in settings.py
alias /wwwdata/DCRM/static/$1; # make an alias for static files
}
location ~^/resources/(.*)$ {
# resources for DCRM, including debian packages and icons, you can change it in WEIPDCRM > Settings in admin panel
alias /wwwdata/DCRM/resources/$1; # make an alias for resources
# Aliyun CDN/OSS:
# you can mount '/wwwdata/DCRM/resources' to oss file system
# then rewrite this path to oss/cdn url for a better performance
}
location ~^/((CydiaIcon.png)|(Release(.gpg)?)|(Packages(.gz|.bz2)?))$ {
# Cydia meta resources, including Release, Release.gpg, Packages and CydiaIcon
# Note:
# 'releases/(\d)+/$1' should contain `active_release.id`, which is set in Settings tab.
alias /wwwdata/DCRM/resources/releases/1/$1; # make an alias for Cydia meta resources
}
location @djangosite {
uwsgi_pass django;
include /etc/nginx/uwsgi_params;
}
location ~* .(ico|gif|bmp|jpg|jpeg|png|swf|js|css|mp3|m4a|m4v|mp4|ogg|aac)$ {
expires 7d;
}
location ~* .(gz|bz2)$ {
expires 12h;
}
}
here is an example of apache virtual host configuration file:
Alias /static /home/DCRM/static
Alias /resources /home/DCRM/resources
Alias /CydiaIcon.png /home/DCRM/resources/releases/1/CydiaIcon.png
Alias /Release /home/DCRM/resources/releases/1/Release
Alias /Release.gpg /home/DCRM/resources/releases/1/Release.gpg
Alias /Packages /home/DCRM/resources/releases/1/Packages
Alias /Packages.gz /home/DCRM/resources/releases/1/Packages.gz
Alias /Packages.bz2 /home/DCRM/resources/releases/1/Packages.bz2
<IfModule mod_proxy_uwsgi.c>
ProxyPreserveHost On
ProxyPass /static !
ProxyPass /resources !
ProxyPass /CydiaIcon.png !
ProxyPass /Release !
ProxyPass /Release.gpg !
ProxyPass /Packages !
ProxyPass /Packages.gz !
ProxyPass /Packages.bz2 !
ProxyPass / uwsgi://127.0.0.1:8001/
</IfModule>
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/png "access 7 days"
ExpiresByType image/gif "access 7 days"
ExpiresByType image/jpeg "access 7 days"
ExpiresByType text/javascript "access 2 weeks"
ExpiresByType text/css "access 2 weeks"
ExpiresByType text/html "modification 4 hours"
ExpiresDefault "access 2 hours"
</IfModule>
# install Nginx
apt-get install nginx
# launch Nginx
service nginx start
# test Nginx configuration
nginx -t
# reload configuration
nginx -s reload
# launch nginx if it is down
sudo /etc/init.d/nginx start
# launch task queue with the same nginx working user (www/www-data)
su www-data
# if you cannot switch to user `www-data`, remember to change its login prompt in `/etc/passwd`. launch some workers for DCRM background queue
nohup ./manage.py rqworker high > /dev/null &
nohup ./manage.py rqworker default > /dev/null &
# you need at least one worker for each queue
worker 的数量以你的具体需求为准, 但是各队列中至少要有一个活跃 worker, 否则队列中的任务将一直保持挂起.
# 1. install `gnupg2`
apt-get install gnupg2
# 2. make sure to launch background queue with the same nginx working user (www/www-data)
su www-data
# 3. generate new GPG key
gpg --gen-key --homedir .gnupg
# or
# gpg --allow-secret-key-import --import private.key --homedir .gnupg
# 4. enable GPG feature and configure passphrase in `WEIPDCRM -> Settings -> Security`
# 5. create APT verification package in `WEIPDCRM -> Sections -> Action -> Generate icon package for selected sections`, which will install GPG public key to user's device
- Py: Lessica
- Py: Hintay
- Web: 0xJacky
- Translation (Arabic): Albirkawi
- Translation (Simplified Chinese): Lessica
As long as you do not use the DCRM in a business or money-making venture, it is free for your own personal use. If you use DCRM in commercial projects (e.g. hosting commercial packages), please consider buy a commercial license.
PayPal receipt is valid proof of purchase of DCRM licence.
SINGLE: Use DCRM in one commercial project
UNLIMITED: Use DCRM in unlimited commercial projects
Copyright © 2013-2020 Lessica, Hintay, 0xJacky and all DCRM contributors
The program is distributed under the terms of the GNU Affero General Public License.
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with this program. If not, see http://www.gnu.org/licenses/.