Merge #1164

bors[bot] · Alexhuszagh · web-flow · commit 36d9ce1ee153 · 2022-11-29T22:56:05.000Z
1164: Add package site mirrors for FreeBSD. r=Emilgardis a=Alexhuszagh Closes #1162. Co-authored-by: Alex Huszagh <ahuszagh@gmail.com>
diff --git a/.changes/1164.json b/.changes/1164.json
@@ -0,0 +1,5 @@
+{
+    "type": "internal",
+    "description": "add fallback mirrors for FreeBSD packages.",
+    "issues": [1162]
+}
diff --git a/docker/freebsd-common.sh b/docker/freebsd-common.sh
@@ -6,57 +6,14 @@ set -euo pipefail
 # shellcheck disable=SC1091
 . freebsd-arch.sh
 
-export BSD_ARCH=
+export FREEBSD_ARCH=
 case "${ARCH}" in
     x86_64)
-        BSD_ARCH=amd64
+        FREEBSD_ARCH=amd64
         ;;
     i686)
-        BSD_ARCH=i386
+        FREEBSD_ARCH=i386
         ;;
 esac
 
-# we prefer those closer in geography to the US. they're triaged in
-# order of ease of use, reliability, and then geography. the mirror
-# list is at https://docs.freebsd.org/en/books/handbook/mirrors/.
-# these mirrors were known to work as of 2022-11-27. this does
-# not include any mirrors that are known to be rate-limited or
-# commercial.
-export BSD_HOME=(
-    # these do not return HTML, and only list the directories
-    "ftp.freebsd.org/pub/FreeBSD/releases"
-    # these return HTML output, and therefore are lower priority
-    "ftp11.freebsd.org/pub/FreeBSD/releases"
-    "ftp3.br.freebsd.org/pub/FreeBSD/releases"
-    "ftp2.uk.freebsd.org/pub/FreeBSD/releases"
-    "ftp2.nl.freebsd.org/pub/FreeBSD/releases"
-    "ftp6.fr.freebsd.org/pub/FreeBSD/releases"
-    "ftp1.de.freebsd.org/pub/FreeBSD/releases"
-    "ftp2.de.freebsd.org/pub/FreeBSD/releases"
-    "ftp5.de.freebsd.org/pub/FreeBSD/releases"
-    "ftp2.ru.freebsd.org/pub/FreeBSD/releases"
-    "ftp2.gr.freebsd.org/pub/FreeBSD/releases"
-    "ftp4.za.freebsd.org/pub/FreeBSD/releases"
-    "ftp2.za.freebsd.org/pub/FreeBSD/releases"
-    "ftp4.tw.freebsd.org/pub/FreeBSD/releases"
-    "ftp3.jp.freebsd.org/pub/FreeBSD/releases"
-    "ftp6.jp.freebsd.org/pub/FreeBSD/releases"
-    # these only support HTTP, and not implicit
-    # FTP as well, and have HTML output
-    "http://ftp.uk.freebsd.org/pub/FreeBSD/releases"
-    "http://ftp.nl.freebsd.org/pub/FreeBSD/releases"
-    "http://ftp.fr.freebsd.org/pub/FreeBSD/releases"
-    "http://ftp.at.freebsd.org/pub/FreeBSD/releases"
-    "http://ftp.dk.freebsd.org/FreeBSD/releases"
-    "http://ftp.cz.freebsd.org/pub/FreeBSD/releases"
-    "http://ftp.se.freebsd.org/pub/FreeBSD/releases"
-    "http://ftp.lv.freebsd.org/freebsd/releases"
-    "http://ftp.pl.freebsd.org/pub/FreeBSD/releases"
-    "http://ftp.ua.freebsd.org/pub/FreeBSD/releases"
-    "http://ftp.gr.freebsd.org/pub/FreeBSD/releases"
-    "http://ftp.ru.freebsd.org/pub/FreeBSD/releases"
-    "http://ftp.nz.freebsd.org/pub/FreeBSD/releases"
-    "http://ftp.kr.freebsd.org/pub/FreeBSD/releases"
-    "http://ftp.jp.freebsd.org/pub/FreeBSD/releases"
-)
-export BSD_MAJOR=12
+export FREEBSD_MAJOR=12
diff --git a/docker/freebsd-extras.sh b/docker/freebsd-extras.sh
@@ -11,8 +11,16 @@ set -euo pipefail
 . freebsd-install.sh
 
 main() {
-    setup_packagesite
-    install_freebsd_package openssl sqlite3
+    apt-get update && apt-get install --assume-yes --no-install-recommends \
+        curl \
+        dnsutils \
+        jq \
+        xz-utils
+
+    local url=
+    url=$(fetch_best_freebsd_mirror)
+    FREEBSD_MIRROR="${url}" setup_freebsd_packagesite
+    FREEBSD_MIRROR="${url}" install_freebsd_package openssl sqlite3
 
     rm "${0}"
 }
diff --git a/docker/freebsd-install.sh b/docker/freebsd-install.sh
@@ -6,35 +6,147 @@ set -euo pipefail
 # shellcheck disable=SC1091
 . freebsd-common.sh
 
-export PACKAGESITE=/opt/freebsd-packagesite/packagesite.yaml
-export PKG_SOURCE="https://pkg.freebsd.org/FreeBSD:${BSD_MAJOR}:${BSD_ARCH}/quarterly"
-export TARGET="${ARCH}-unknown-freebsd${BSD_MAJOR}"
+# list of SRV records to query if the default mirror fails
+FREEBSD_HTTP_TCP_SOURCES=(
+    # these return all mirrors, including local ones
+    "_http._tcp.pkg.all.freebsd.org"
+    # this only returns geodns mirrors
+    "_http._tcp.pkg.freebsd.org"
+)
+FREEBSD_PACKAGEDIR="/opt/freebsd-packagesite"
+FREEBSD_PACKAGESITE="${FREEBSD_PACKAGEDIR}/packagesite.yaml"
+FREEBSD_TARGET="${ARCH}-unknown-freebsd${FREEBSD_MAJOR}"
+FREEBSD_DEFAULT_MIRROR="pkg.freebsd.org"
+# NOTE: these mirrors were known to work as of 2022-11-28.
+# no availability guarantees are made for any of them.
+FREEBSD_BACKUP_MIRRORS=(
+    "pkg0.syd.freebsd.org"
+    "pkg0.bme.freebsd.org"
+    "pkg0.bra.freebsd.org"
+    "pkg0.fra.freebsd.org"
+    "pkg0.jinx.freebsd.org"
+    "pkg0.kul.freebsd.org"
+    "pkg0.kwc.freebsd.org"
+    "pkg0.nyi.freebsd.org"
+    "pkg0.tuk.freebsd.org"
+    "pkg0.twn.freebsd.org"
+)
 
-setup_packagesite() {
-    apt-get update && apt-get install --assume-yes --no-install-recommends \
-        curl \
-        jq \
-        xz-utils
+# NOTE: out of convention, we use `url` for mirrors with the scheme,
+# and `mirror` for those without the scheme for consistent naming.
+freebsd_package_source() {
+    local url="${1}"
+    echo "${url}/FreeBSD:${FREEBSD_MAJOR}:${FREEBSD_ARCH}/quarterly"
+}
+
+freebsd_mirror_works() {
+    local mirror="${1}"
+    local scheme="${2}"
+    local pkg_source=
+
+    # meta.conf is a small file for quick confirmation the mirror works
+    pkg_source=$(freebsd_package_source "${scheme}://${mirror}")
+    local path="${pkg_source}/meta.conf"
+
+    timeout 20s curl --retry 3 -sSfL "${path}" >/dev/null 2>&1
+}
 
-    mkdir /opt/freebsd-packagesite
-    curl --retry 3 -sSfL "${PKG_SOURCE}/packagesite.txz" -O
-    tar -C /opt/freebsd-packagesite -xJf packagesite.txz
+_fetch_best_freebsd_mirror() {
+    # in case if the default mirror is down, we can use various known
+    # fallbacks, or at worst, SRV fallbacks to find the ideal package
+    # site. no individual mirror other than the default mirror is
+    # guaranteed to exist, so we use a tiered approach. only
+    # the default mirror supports https.
+    if freebsd_mirror_works "${FREEBSD_DEFAULT_MIRROR}" "https"; then
+        echo "https://${FREEBSD_DEFAULT_MIRROR}"
+        return 0
+    fi
+
+    # if we've gotten here, it could be a DNS issue, so using a DNS
+    # resolver to fetch SRV fallbacks may not work. let's first try
+    # a few previously tested mirrors and see if any work.
+    local mirror=
+    for mirror in "${FREEBSD_BACKUP_MIRRORS[@]}"; do
+        if freebsd_mirror_works "${mirror}" "http"; then
+            echo "http://${mirror}"
+            return 0
+        fi
+    done
+
+    local http_tcp_source=
+    local response=
+    local lines=
+    # shellcheck disable=SC2016
+    local regex='/\d+\s+\d+\s+\d+\s+(.*)\./; print $1'
+    for http_tcp_source in "${FREEBSD_HTTP_TCP_SOURCES[@]}"; do
+        # the output will have the following format, but we only want the
+        # target and ignore everything else:
+        #   $priority $port $weight $target.
+        #
+        # some output may not match, so we skip those lines, for example:
+        #   96.47.72.71
+        response=$(dig +short srv "${http_tcp_source}")
+        readarray -t lines <<< "${response}"
+        for line in "${lines[@]}"; do
+            mirror=$(echo "${line}" | perl -nle "${regex}")
+            if [[ -n "${mirror}" ]]; then
+                if freebsd_mirror_works "${mirror}" "http"; then
+                    echo "http://${mirror}"
+                    return 0
+                fi
+            fi
+        done
+    done
+
+    echo -e "\e[31merror:\e[0m could not find a working FreeBSD package mirror." 1>&2
+    exit 1
+}
+
+fetch_best_freebsd_mirror() {
+    set +e
+    _fetch_best_freebsd_mirror
+    code=$?
+    set -e
+
+    return "${code}"
+}
+
+setup_freebsd_packagesite() {
+    local url="${FREEBSD_MIRROR:-}"
+    local pkg_source=
+
+    if [[ -z "${url}" ]]; then
+        url=$(fetch_best_freebsd_mirror)
+    fi
+    pkg_source=$(freebsd_package_source "${url}")
+
+    mkdir -p "${FREEBSD_PACKAGEDIR}"
+    curl --retry 3 -sSfL "${pkg_source}/packagesite.txz" -O
+    tar -C "${FREEBSD_PACKAGEDIR}" -xJf packagesite.txz
 
     rm packagesite.txz
 }
 
+# don't provide the mirror as a positional argument, so it can be optional
 install_freebsd_package() {
+    local url="${FREEBSD_MIRROR:-}"
+    local pkg_source=
     local name
     local path
     local pkg
     local td
-    local destdir="/usr/local/${TARGET}"
+    local destdir="/usr/local/${FREEBSD_TARGET}"
+
+    if [[ -z "${url}" ]]; then
+        url=$(fetch_best_freebsd_mirror)
+    fi
+    pkg_source=$(freebsd_package_source "${url}")
 
     td="$(mktemp -d)"
     pushd "${td}"
 
     for name in "${@}"; do
-        path=$(jq -c '. | select ( .name == "'"${name}"'" ) | .repopath' "${PACKAGESITE}")
+        path=$(jq -c '. | select ( .name == "'"${name}"'" ) | .repopath' "${FREEBSD_PACKAGESITE}")
         if [[ -z "${path}" ]]; then
             echo "Unable to find package ${name}" >&2
             exit 1
@@ -43,7 +155,7 @@ install_freebsd_package() {
         pkg=$(basename "${path}")
 
         mkdir "${td}"/package
-        curl --retry 3 -sSfL "${PKG_SOURCE}/${path}" -O
+        curl --retry 3 -sSfL "${pkg_source}/${path}" -O
         tar -C "${td}/package" -xJf "${pkg}"
         cp -r "${td}/package/usr/local"/* "${destdir}"/
 
diff --git a/docker/freebsd.sh b/docker/freebsd.sh
@@ -8,6 +8,47 @@ set -euo pipefail
 # shellcheck disable=SC1091
 . lib.sh
 
+# we prefer those closer in geography to the US. they're triaged in
+# order of ease of use, reliability, and then geography. the mirror
+# list is at https://docs.freebsd.org/en/books/handbook/mirrors/.
+# these mirrors were known to work as of 2022-11-27. this does
+# not include any mirrors that are known to be rate-limited or
+# commercial. everything returns HTML output.
+MIRRORS=(
+    # this is a guaranteed mirror, unlike those below.
+    "http://ftp.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp11.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp3.br.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp2.uk.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp2.nl.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp6.fr.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp1.de.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp2.de.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp5.de.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp2.ru.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp2.gr.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp4.za.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp2.za.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp4.tw.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp3.jp.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp6.jp.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp.uk.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp.nl.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp.fr.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp.at.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp.dk.freebsd.org/FreeBSD/releases"
+    "http://ftp.cz.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp.se.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp.lv.freebsd.org/freebsd/releases"
+    "http://ftp.pl.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp.ua.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp.gr.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp.ru.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp.nz.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp.kr.freebsd.org/pub/FreeBSD/releases"
+    "http://ftp.jp.freebsd.org/pub/FreeBSD/releases"
+)
+
 max_freebsd() {
     local best=
     local minor=0
@@ -18,13 +59,13 @@ max_freebsd() {
         version=$(echo "${release}" | cut -d '-' -f 1)
         release_major=$(echo "${version}"| cut -d '.' -f 1)
         release_minor=$(echo "${version}"| cut -d '.' -f 2)
-        if [ "${release_major}" == "${BSD_MAJOR}" ] && [ "${release_minor}" -gt "${minor}" ]; then
+        if [ "${release_major}" == "${FREEBSD_MAJOR}" ] && [ "${release_minor}" -gt "${minor}" ]; then
             best="${release}"
             minor="${release_minor}"
         fi
     done
     if [[ -z "$best" ]]; then
-        echo -e "\e[31merror:\e[0m could not find best release for FreeBSD ${BSD_MAJOR}." 1>&2
+        echo -e "\e[31merror:\e[0m could not find best release for FreeBSD ${FREEBSD_MAJOR}." 1>&2
         exit 1
     fi
     echo "${best}"
@@ -38,9 +79,9 @@ latest_freebsd() {
     local releases=
     local max_release=
 
-    response=$(curl --silent --list-only --location "${mirror}/${BSD_ARCH}/" | grep RELEASE)
+    response=$(curl --retry 3 -sSfL "${mirror}/${FREEBSD_ARCH}/" | grep RELEASE)
     if [[ "${response}" != *RELEASE* ]]; then
-        echo -e "\e[31merror:\e[0m could not find a candidate release for FreeBSD ${BSD_MAJOR}." 1>&2
+        echo -e "\e[31merror:\e[0m could not find a candidate release for FreeBSD ${FREEBSD_MAJOR}." 1>&2
         exit 1
     fi
     readarray -t lines <<< "${response}"
@@ -66,43 +107,45 @@ latest_freebsd() {
     echo "${max_release//-RELEASE/}"
 }
 
-freebsd_mirror() {
-    local home=
+_freebsd_mirror() {
+    local mirror=
     local code=
 
-    set +e
-    for home in "${BSD_HOME[@]}"; do
+    for mirror in "${MIRRORS[@]}"; do
         # we need a timeout in case the server is down to avoid
         # infinitely hanging. timeout error code is always 124
         # these mirrors can be quite slow, so have a long timeout
-        timeout 20s curl --silent --list-only --location "${home}/${BSD_ARCH}/" >/dev/null
+        timeout 20s curl --retry 3 -sSfL "${mirror}/${FREEBSD_ARCH}/" >/dev/null
         code=$?
         if [[ "${code}" == 0 ]]; then
-            echo "${home}"
+            echo "${mirror}"
             return 0
         elif [[ "${code}" != 124 ]]; then
-            echo -e "\e[1;33mwarning:\e[0m mirror ${home} does not seem to work." 1>&2
+            echo -e "\e[1;33mwarning:\e[0m mirror ${mirror} does not seem to work." 1>&2
         fi
     done
-    set -e
 
     echo -e "\e[31merror:\e[0m could not find a working FreeBSD mirror." 1>&2
     exit 1
 }
 
+freebsd_mirror() {
+    set +e
+    _freebsd_mirror
+    code=$?
+    set -e
+
+    return "${code}"
+}
+
 mirror=$(freebsd_mirror)
 base_release=$(latest_freebsd "${mirror}")
-bsd_base_url="${mirror}/${BSD_ARCH}/${base_release}-RELEASE"
-if [[ "${bsd_base_url}" == "http"* ]]; then
-    bsd_url="${bsd_base_url}"
-else
-    bsd_url="http://${bsd_base_url}"
-fi
+bsd_url="${mirror}/${FREEBSD_ARCH}/${base_release}-RELEASE"
 
 main() {
     local binutils=2.32 \
         gcc=6.4.0 \
-        target="${ARCH}-unknown-freebsd${BSD_MAJOR}"
+        target="${ARCH}-unknown-freebsd${FREEBSD_MAJOR}"
 
     install_packages ca-certificates \
         curl \
